Adguard updated, adguardhome-sync added

README.md

@@ -1,4 +1,4 @@
-an# Adhdgirl Minilab Ansible Project
+# Adhdgirl Minilab Ansible Project
 
 ## To Get Machines Added
 

collections/ansible_collections/adhdgirl/minilab/roles/adguardhome/tasks/main.yaml

@@ -4,7 +4,7 @@
   tags: always
   with_first_found:
     - files:
-        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_facts['distribution'] }}.yaml"
       skip: true
 
 - name: Ensure AdGuard Home is running on this device
@@ -22,8 +22,8 @@
         - "confdir"
     - name: Ensure compose file is available on the server
       tags: docker,adguard,settings
-      ansible.builtin.copy:
+      ansible.builtin.template:
-        src: docker-compose.yaml
+        src: docker-compose.yaml.j2
         dest: /opt/adguard/docker-compose.yaml
         owner: root
         group: root

collections/ansible_collections/adhdgirl/minilab/roles/adguardhome/templates/docker-compose.yaml.j2

@@ -1,7 +1,7 @@
 ---
 services:
   adguard:
-    image: adguard/adguardhome:v0.107.59
+    image: adguard/adguardhome:{{ adguardhome_version }}
     container_name: adguardhome
     volumes:
       - /opt/adguard/workdir:/opt/adguardhome/work

collections/ansible_collections/adhdgirl/minilab/roles/adguardhome/vars/main.yaml

@@ -0,0 +1,3 @@
+---
+adguardhome_version: v0.107.71
+# code: language=ansible

collections/ansible_collections/adhdgirl/minilab/roles/adguardhome_sync/files/docker-compose.yaml

@@ -0,0 +1,11 @@
+---
+services:
+  adguardhome-sync:
+    image: ghcr.io/bakito/adguardhome-sync:v0.8.2
+    container_name: adguardhome-sync
+    command: run --config /config/adguardhome-sync.yaml
+    volumes:
+      - /opt/adguardhome-sync/config/adguardhome-sync.yaml:/config/adguardhome-sync.yaml
+    ports:
+      - 8080:8080
+    restart: unless-stopped

collections/ansible_collections/adhdgirl/minilab/roles/adguardhome_sync/tasks/main.yaml

@@ -0,0 +1,45 @@
+---
+- name: Load distro-specific variables
+  ansible.builtin.include_vars: '{{ item }}'
+  tags: always
+  with_first_found:
+    - files:
+        - "{{ ansible_facts['distribution'] }}.yaml"
+      skip: true
+
+- name: Ensure AdGuard Home is running on this device
+  block:
+    - name: Ensure presense of folders for AdGuard Home Sync
+      tags: packages,docker,adguard
+      ansible.builtin.file:
+        path: "/opt/adguardhome-sync/config"
+        state: directory
+        recurse: true
+        owner: root
+        group: root
+    - name: Ensure compose file is available on the server
+      tags: docker,adguard,settings
+      ansible.builtin.copy:
+        src: docker-compose.yaml
+        dest: /opt/adguardhome-sync/docker-compose.yaml
+        owner: root
+        group: root
+        mode: u=rw,g=r,o=r
+    - name: Ensure AdguardHome-Sync config is available
+      tags: docker,adguard,settings
+      ansible.builtin.template:
+        src: adguardhome-sync.yaml.j2
+        dest: /opt/adguardhome-sync/config/adguardhome-sync.yaml
+        owner: root
+        group: root
+        mode: u=rw,g=r,o=r
+    - name: Ensure docker containers are pulled and running
+      tags: docker,adguard
+      community.docker.docker_compose_v2:
+        project_src: /opt/adguardhome-sync
+        pull: always
+
+  rescue:
+    - name: Set that this task failed
+      ansible.builtin.set_fact:
+        task_failed: true

collections/ansible_collections/adhdgirl/minilab/roles/adguardhome_sync/templates/adguardhome-sync.yaml.j2

@@ -0,0 +1,14 @@
+---
+cron: "0 */2 * * *"
+runOnStart: true
+continueOnError: true
+origin:
+  url: http://10.69.2.4:80
+  username: {{ adguardhome_sync_user_name }}
+  password: {{ adguardhome_sync_user_password }}
+replicas:
+  - url: http://10.69.9.12:80
+    username: {{ adguardhome_sync_user_name }}
+    password: {{ adguardhome_sync_user_password}}
+    autoSetup: true
+    interfaceName: eth0

collections/ansible_collections/adhdgirl/minilab/roles/adguardhome_sync/vars/main.yaml

@@ -0,0 +1,9 @@
+---
+adguardhome_sync_user_name: adhdgirl
+adguardhome_sync_user_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  39313537373231343839663162373238343837626266323631316234333034343536636664336433
+  3531626364383166383165613563373435623663366461360a613731663639633966353239303933
+  63353537626461383332656265653634656530326133646361643365366665353562396536373834
+  3866343531323237360a353737303766393338353436353864336538373166366637663566363166
+  6364

collections/ansible_collections/adhdgirl/minilab/roles/authentik/tasks/main.yaml

@@ -4,7 +4,7 @@
   tags: always
   with_first_found:
     - files:
-        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_facts['distribution'] }}.yaml"
       skip: true
 
 - name: Ensure Authentik is running on this device

collections/ansible_collections/adhdgirl/minilab/roles/caddy/tasks/main.yaml

@@ -4,7 +4,7 @@
   tags: always
   with_first_found:
     - files:
-        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_facts['distribution'] }}.yaml"
       skip: true
 
 - name: Ensure Caddy is running on this device

collections/ansible_collections/adhdgirl/minilab/roles/caddy/templates/Caddyfile.j2

@@ -18,7 +18,7 @@ pve.local.cobb.lgbt {
 }
 
 code.local.cobb.lgbt {
-  reverse_proxy 10.69.11.51:8443
+  reverse_proxy 10.69.2.51:8443
 }
 
 guac.local.cobb.lgbt {

collections/ansible_collections/adhdgirl/minilab/roles/coder/tasks/main.yaml

@@ -4,7 +4,7 @@
   tags: always
   with_first_found:
     - files:
-        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_facts['distribution'] }}.yaml"
       skip: true
 
 - name: Ensure coder is installed on hosts

collections/ansible_collections/adhdgirl/minilab/roles/coder/vars/main.yaml

@@ -23,4 +23,4 @@ coder_sudo_hashed_password: !vault |
           3762
 coder_proxy_domain: coder.local.cobb.lgbt
 coder_default_workspace: /workspace
-coder_version: 4.100.0
+coder_version: 4.106.3

collections/ansible_collections/adhdgirl/minilab/roles/common/tasks/ansible/software.yaml

@@ -4,7 +4,7 @@
   ansible.builtin.apt:
     name: aptitude
     state: present
-  when: ansible_distribution in debian_derivatives
+  when: ansible_facts["distribution"] in debian_derivatives
 - name: Make sure sudo and ssh are available
   tags: packages,system,settings
   ansible.builtin.package:
@@ -18,19 +18,19 @@
     name:
       - python3
     state: present
-  when: ansible_distribution == 'Alpine'
+  when: ansible_facts["distribution"] == 'Alpine'
 - name: Ensure ssh is starting at boot (Alpine)
   tags: packages,system,settings
   ansible.builtin.service:
     name: sshd
     state: started
     enabled: true
-  when: ansible_distribution == 'Alpine'
+  when: ansible_facts["distribution"] == 'Alpine'
 - name: Ensure ssh is starting at boot (Debian)
   tags: package,system,settings
   ansible.builtin.systemd_service:
     name: ssh
     state: started
     enabled: true
-  when: ansible_distribution in debian_derivatives
+  when: ansible_facts["distribution"] in debian_derivatives
 # code: language=ansible

collections/ansible_collections/adhdgirl/minilab/roles/common/tasks/ansible/user.yaml

@@ -12,7 +12,7 @@
     owner: root
     group: root
     mode: u=r,g=r,o-rwx
-  when: ansible_distribution in debian_derivatives
+  when: ansible_facts["distribution"] in debian_derivatives
 - name: Add doas file
   tags: ansible,settings,doas,system,users
   ansible.builtin.copy:
@@ -21,7 +21,7 @@
     owner: root
     group: root
     mode: u=r,g=r,o-rwx
-  when: ansible_distribution == "Alpine"
+  when: ansible_facts["distribution"] == "Alpine"
 - name: Set authorized key for ansible user
   tags: users,system,ansible
   ansible.posix.authorized_key:

collections/ansible_collections/adhdgirl/minilab/roles/common/tasks/main.yaml

@@ -4,7 +4,7 @@
   tags: always
   with_first_found:
     - files:
-        - "{{ ansible_distribution }}.yaml"
+        - "{{ ansible_facts['distribution'] }}.yaml"
       skip: true
 
 - name: Set up common functionality
@@ -29,18 +29,17 @@
       ansible.builtin.hostname:
         name: "{{ server_name }}"
         use: "alpine"
-      when: ansible_distribution == "Alpine"
+      when: ansible_facts["distribution"] == "Alpine"
     - name: Ensure the correct hostname is set for host (Debian)
       ansible.builtin.hostname:
         name: "{{ server_name }}"
         use: "debian"
-      when: ansible_distribution in debian_derivatives
+      when: ansible_facts["distribution"] in debian_derivatives
 
     # Install software not specific to Ansible
     # - name: Ensure software wanted on all hosts is installed
     #   ansible.builtin.import_tasks: general/software.yaml
 
-
   rescue:
     - name: Set that this task failed
       ansible.builtin.set_fact:

collections/ansible_collections/adhdgirl/minilab/roles/common/tasks/users.yaml

@@ -7,7 +7,7 @@
   ansible.builtin.user:
     name: "{{ user_name }}"
   check_mode: true
-  register: user_exists
+  register: common_user_exists
 - name: Ensure group exists
   tags: groups,users
   ansible.builtin.group:
@@ -25,19 +25,19 @@
   ansible.builtin.user:
     name: "{{ user_name }}"
     password: "{{ common_user_password | string | password_hash('sha512') }}"
-  when: user_exists.state is undefined or user_exists.state != 'present'
+  when: common_user_exists.state is undefined or common_user_exists.state != 'present'
 - name: Adjust shell for Debian hosts
   tags: settings,users,debian
   ansible.builtin.user:
     name: "{{ user_name }}"
     shell: /bin/bash
-  when: ansible_distribution in debian_derivatives
+  when: ansible_facts["distribution"] in debian_derivatives
 - name: Adjust shell for Ansible hosts
   tags: settings,users,alpine
   ansible.builtin.user:
     name: "{{ user_name }}"
     shell: /bin/ash
-  when: ansible_distribution == "Alpine"
+  when: ansible_facts["distribution"] == "Alpine"
 - name: Ensure user sudoers file is in place for Debian hosts
   tags: settings,users,debian
   ansible.builtin.copy:
@@ -46,7 +46,7 @@
     owner: root
     group: root
     mode: u=r,g=r,o-rwx
-  when: ansible_distribution in debian_derivatives
+  when: ansible_facts["distribution"] in debian_derivatives
 - name: Ensure user doas config is in place for Alpine hosts
   tags: settings,users,alpine
   ansible.builtin.copy:
@@ -55,7 +55,7 @@
     owner: root
     group: root
     mode: u=r,g=r,o-rwx
-  when: ansible_distribution == "Alpine"
+  when: ansible_facts["distribution"] == "Alpine"
 - name: Ensure public keys are available for this user
   tags: settings,users,ssh
   ansible.posix.authorized_key:
@@ -68,12 +68,12 @@
   ansible.builtin.group:
     name: "docker"
   check_mode: true
-  register: docker_group_exists
+  register: common_docker_group_exists
 - name: If docker group exists, add {{ user_name }}
   ansible.builtin.user:
     name: "{{ user_name }}"
     append: true
     groups: docker
-  when: docker_group_exists.state == 'present'
+  when: common_docker_group_exists is defined and common_docker_group_exists.state == 'present'
 
 # code: language=ansible

collections/ansible_collections/adhdgirl/minilab/roles/docker/tasks/debian.yaml

@@ -22,7 +22,7 @@
     name: docker
     types: deb
     uris: https://download.docker.com/linux/debian
-    suites: "{{ ansible_distribution_release }}"
+    suites: "{{ ansible_facts['distribution_release'] }}"
     components:
       - stable
     signed_by: |-

collections/ansible_collections/adhdgirl/minilab/roles/docker/tasks/main.yaml

@@ -4,17 +4,17 @@
   tags: always
   with_first_found:
     - files:
-        - "vars/{{ ansible_distribution }}.yaml"
+        - "vars/{{ ansible_facts['distribution'] }}.yaml"
       skip: true
 
 - name: Ensure dependencies for docker module are installed
   block:
     - name: Ensure debian hosts are properly configured
       ansible.builtin.import_tasks: ./debian.yaml
-      when: ansible_distribution in debian_derivatives
+      when: ansible_facts["distribution"] in debian_derivatives
     - name: Ensure alpine hosts are properly configured
       ansible.builtin.import_tasks: ./alpine.yaml
-      when: ansible_distribution == 'Alpine'
+      when: ansible_facts["distribution"] == 'Alpine'
 
   rescue:
     - name: Set that this task failed

inventory/group_vars/all.yaml

@@ -5,5 +5,6 @@ debian_derivatives:
   - "Pop!_OS"
   - "Ubuntu"
 global_dns_servers:
-  - 10.69.11.4
+  - 10.69.2.4
+  - 10.69.9.11
 # code: language=ansible

inventory/host_vars/adguardpi.yaml

@@ -0,0 +1,2 @@
+---
+server_name: adguardpi

inventory/hosts.yaml

@@ -2,25 +2,27 @@
 all:
   hosts:
     adguard:
-      ansible_host: 10.69.11.4
+      ansible_host: 10.69.2.4
-    maxim:
+    adguardpi:
-      ansible_host: 10.69.10.50
+      ansible_host: 10.69.9.12
-    pump:
+    # maxim:
-      ansible_host: 10.69.10.51
+    #   ansible_host: 10.69.10.50
-    fifi:
+    # pump:
-      ansible_host: 10.69.10.52
+    #   ansible_host: 10.69.10.51
-    knivi:
+    # fifi:
-      ansible_host: 10.69.10.53
+    #   ansible_host: 10.69.10.52
+    # knivi:
+    #   ansible_host: 10.69.1.50
     reir:
-      ansible_host: 10.69.10.54
+      ansible_host: 10.69.9.11
     trady:  
-      ansible_host: 10.69.11.11
+      ansible_host: 10.69.2.11
     stephanie:
-      ansible_host: 10.69.11.51
+      ansible_host: 10.69.2.51
     nemetona:
-      ansible_host: 10.69.11.52
+      ansible_host: 10.69.2.52
     ida:
-      ansible_host: 10.69.11.53
+      ansible_host: 10.69.2.53
   children:
     alpine:
       hosts:
@@ -30,23 +32,29 @@ all:
         ida:
     debian:
       hosts:
-        maxim:
+        adguardpi:
-        pump:
+        # maxim:
-        fifi:
+        # pump:
-        knivi:
+        # fifi:
+        # knivi:
         reir:
-        trady:
+        # trady:
     docker:
       hosts:
         adguard:
-        pump:
+        adguardpi:
-        trady:
+        # pump:
+        # trady:
         stephanie:
         nemetona:
     unifi_controller:
       hosts:
-        pump:
+        # pump:
     adguard_servers:
+      hosts:
+        adguard:
+        adguardpi:
+    adguard_sync:
       hosts:
         adguard:
     coder:

minilab.yaml

@@ -9,13 +9,13 @@
       tags: always
       community.general.apk:
         update_cache: true
-      when: ansible_distribution == "Alpine"
+      when: ansible_facts["distribution"] == "Alpine"
     - name: Update package cache (Debian, and derivatives)
       tags: always
       ansible.builtin.apt:
         update_cache: true
       changed_when: false
-      when: ansible_distribution in debian_derivatives
+      when: ansible_facts["distribution"] in debian_derivatives
 
 - name: Common tasks for all hosts
   hosts: all
@@ -30,11 +30,17 @@
   roles:
     - adhdgirl.minilab.docker
 - name: Configure AdGuard home hosts
-  hosts: pump
+  hosts: adguard_servers
   tags: docker,adguard
   become: true
   roles:
     - adhdgirl.minilab.adguardhome
+- name: Configure AdguardHome-Sync hosts
+  hosts: adguard_sync
+  tags: docker,adguard
+  become: true
+  roles:
+    - adhdgirl.minilab.adguardhome_sync
 - name: Configure Coder hosts
   hosts: coder
   tags: docker,coder