Adguard updated, adguardhome-sync added
This commit is contained in:
parent
b829f66402
commit
e5443b7bc3
23 changed files with 156 additions and 58 deletions
|
|
@ -1,4 +1,4 @@
|
|||
an# Adhdgirl Minilab Ansible Project
|
||||
# Adhdgirl Minilab Ansible Project
|
||||
|
||||
## To Get Machines Added
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
tags: always
|
||||
with_first_found:
|
||||
- files:
|
||||
- "{{ ansible_distribution }}.yaml"
|
||||
- "{{ ansible_facts['distribution'] }}.yaml"
|
||||
skip: true
|
||||
|
||||
- name: Ensure AdGuard Home is running on this device
|
||||
|
|
@ -22,8 +22,8 @@
|
|||
- "confdir"
|
||||
- name: Ensure compose file is available on the server
|
||||
tags: docker,adguard,settings
|
||||
ansible.builtin.copy:
|
||||
src: docker-compose.yaml
|
||||
ansible.builtin.template:
|
||||
src: docker-compose.yaml.j2
|
||||
dest: /opt/adguard/docker-compose.yaml
|
||||
owner: root
|
||||
group: root
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
services:
|
||||
adguard:
|
||||
image: adguard/adguardhome:v0.107.59
|
||||
image: adguard/adguardhome:{{ adguardhome_version }}
|
||||
container_name: adguardhome
|
||||
volumes:
|
||||
- /opt/adguard/workdir:/opt/adguardhome/work
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
adguardhome_version: v0.107.71
|
||||
# code: language=ansible
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
services:
|
||||
adguardhome-sync:
|
||||
image: ghcr.io/bakito/adguardhome-sync:v0.8.2
|
||||
container_name: adguardhome-sync
|
||||
command: run --config /config/adguardhome-sync.yaml
|
||||
volumes:
|
||||
- /opt/adguardhome-sync/config/adguardhome-sync.yaml:/config/adguardhome-sync.yaml
|
||||
ports:
|
||||
- 8080:8080
|
||||
restart: unless-stopped
|
||||
|
|
@ -0,0 +1,45 @@
|
|||
---
|
||||
- name: Load distro-specific variables
|
||||
ansible.builtin.include_vars: '{{ item }}'
|
||||
tags: always
|
||||
with_first_found:
|
||||
- files:
|
||||
- "{{ ansible_facts['distribution'] }}.yaml"
|
||||
skip: true
|
||||
|
||||
- name: Ensure AdGuard Home is running on this device
|
||||
block:
|
||||
- name: Ensure presense of folders for AdGuard Home Sync
|
||||
tags: packages,docker,adguard
|
||||
ansible.builtin.file:
|
||||
path: "/opt/adguardhome-sync/config"
|
||||
state: directory
|
||||
recurse: true
|
||||
owner: root
|
||||
group: root
|
||||
- name: Ensure compose file is available on the server
|
||||
tags: docker,adguard,settings
|
||||
ansible.builtin.copy:
|
||||
src: docker-compose.yaml
|
||||
dest: /opt/adguardhome-sync/docker-compose.yaml
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,g=r,o=r
|
||||
- name: Ensure AdguardHome-Sync config is available
|
||||
tags: docker,adguard,settings
|
||||
ansible.builtin.template:
|
||||
src: adguardhome-sync.yaml.j2
|
||||
dest: /opt/adguardhome-sync/config/adguardhome-sync.yaml
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,g=r,o=r
|
||||
- name: Ensure docker containers are pulled and running
|
||||
tags: docker,adguard
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: /opt/adguardhome-sync
|
||||
pull: always
|
||||
|
||||
rescue:
|
||||
- name: Set that this task failed
|
||||
ansible.builtin.set_fact:
|
||||
task_failed: true
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
cron: "0 */2 * * *"
|
||||
runOnStart: true
|
||||
continueOnError: true
|
||||
origin:
|
||||
url: http://10.69.2.4:80
|
||||
username: {{ adguardhome_sync_user_name }}
|
||||
password: {{ adguardhome_sync_user_password }}
|
||||
replicas:
|
||||
- url: http://10.69.9.12:80
|
||||
username: {{ adguardhome_sync_user_name }}
|
||||
password: {{ adguardhome_sync_user_password}}
|
||||
autoSetup: true
|
||||
interfaceName: eth0
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
adguardhome_sync_user_name: adhdgirl
|
||||
adguardhome_sync_user_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
39313537373231343839663162373238343837626266323631316234333034343536636664336433
|
||||
3531626364383166383165613563373435623663366461360a613731663639633966353239303933
|
||||
63353537626461383332656265653634656530326133646361643365366665353562396536373834
|
||||
3866343531323237360a353737303766393338353436353864336538373166366637663566363166
|
||||
6364
|
||||
|
|
@ -4,7 +4,7 @@
|
|||
tags: always
|
||||
with_first_found:
|
||||
- files:
|
||||
- "{{ ansible_distribution }}.yaml"
|
||||
- "{{ ansible_facts['distribution'] }}.yaml"
|
||||
skip: true
|
||||
|
||||
- name: Ensure Authentik is running on this device
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
tags: always
|
||||
with_first_found:
|
||||
- files:
|
||||
- "{{ ansible_distribution }}.yaml"
|
||||
- "{{ ansible_facts['distribution'] }}.yaml"
|
||||
skip: true
|
||||
|
||||
- name: Ensure Caddy is running on this device
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ pve.local.cobb.lgbt {
|
|||
}
|
||||
|
||||
code.local.cobb.lgbt {
|
||||
reverse_proxy 10.69.11.51:8443
|
||||
reverse_proxy 10.69.2.51:8443
|
||||
}
|
||||
|
||||
guac.local.cobb.lgbt {
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
tags: always
|
||||
with_first_found:
|
||||
- files:
|
||||
- "{{ ansible_distribution }}.yaml"
|
||||
- "{{ ansible_facts['distribution'] }}.yaml"
|
||||
skip: true
|
||||
|
||||
- name: Ensure coder is installed on hosts
|
||||
|
|
|
|||
|
|
@ -23,4 +23,4 @@ coder_sudo_hashed_password: !vault |
|
|||
3762
|
||||
coder_proxy_domain: coder.local.cobb.lgbt
|
||||
coder_default_workspace: /workspace
|
||||
coder_version: 4.100.0
|
||||
coder_version: 4.106.3
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
ansible.builtin.apt:
|
||||
name: aptitude
|
||||
state: present
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
- name: Make sure sudo and ssh are available
|
||||
tags: packages,system,settings
|
||||
ansible.builtin.package:
|
||||
|
|
@ -18,19 +18,19 @@
|
|||
name:
|
||||
- python3
|
||||
state: present
|
||||
when: ansible_distribution == 'Alpine'
|
||||
when: ansible_facts["distribution"] == 'Alpine'
|
||||
- name: Ensure ssh is starting at boot (Alpine)
|
||||
tags: packages,system,settings
|
||||
ansible.builtin.service:
|
||||
name: sshd
|
||||
state: started
|
||||
enabled: true
|
||||
when: ansible_distribution == 'Alpine'
|
||||
when: ansible_facts["distribution"] == 'Alpine'
|
||||
- name: Ensure ssh is starting at boot (Debian)
|
||||
tags: package,system,settings
|
||||
ansible.builtin.systemd_service:
|
||||
name: ssh
|
||||
state: started
|
||||
enabled: true
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
# code: language=ansible
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: u=r,g=r,o-rwx
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
- name: Add doas file
|
||||
tags: ansible,settings,doas,system,users
|
||||
ansible.builtin.copy:
|
||||
|
|
@ -21,7 +21,7 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: u=r,g=r,o-rwx
|
||||
when: ansible_distribution == "Alpine"
|
||||
when: ansible_facts["distribution"] == "Alpine"
|
||||
- name: Set authorized key for ansible user
|
||||
tags: users,system,ansible
|
||||
ansible.posix.authorized_key:
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
tags: always
|
||||
with_first_found:
|
||||
- files:
|
||||
- "{{ ansible_distribution }}.yaml"
|
||||
- "{{ ansible_facts['distribution'] }}.yaml"
|
||||
skip: true
|
||||
|
||||
- name: Set up common functionality
|
||||
|
|
@ -29,18 +29,17 @@
|
|||
ansible.builtin.hostname:
|
||||
name: "{{ server_name }}"
|
||||
use: "alpine"
|
||||
when: ansible_distribution == "Alpine"
|
||||
when: ansible_facts["distribution"] == "Alpine"
|
||||
- name: Ensure the correct hostname is set for host (Debian)
|
||||
ansible.builtin.hostname:
|
||||
name: "{{ server_name }}"
|
||||
use: "debian"
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
|
||||
# Install software not specific to Ansible
|
||||
# - name: Ensure software wanted on all hosts is installed
|
||||
# ansible.builtin.import_tasks: general/software.yaml
|
||||
|
||||
|
||||
rescue:
|
||||
- name: Set that this task failed
|
||||
ansible.builtin.set_fact:
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
ansible.builtin.user:
|
||||
name: "{{ user_name }}"
|
||||
check_mode: true
|
||||
register: user_exists
|
||||
register: common_user_exists
|
||||
- name: Ensure group exists
|
||||
tags: groups,users
|
||||
ansible.builtin.group:
|
||||
|
|
@ -25,19 +25,19 @@
|
|||
ansible.builtin.user:
|
||||
name: "{{ user_name }}"
|
||||
password: "{{ common_user_password | string | password_hash('sha512') }}"
|
||||
when: user_exists.state is undefined or user_exists.state != 'present'
|
||||
when: common_user_exists.state is undefined or common_user_exists.state != 'present'
|
||||
- name: Adjust shell for Debian hosts
|
||||
tags: settings,users,debian
|
||||
ansible.builtin.user:
|
||||
name: "{{ user_name }}"
|
||||
shell: /bin/bash
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
- name: Adjust shell for Ansible hosts
|
||||
tags: settings,users,alpine
|
||||
ansible.builtin.user:
|
||||
name: "{{ user_name }}"
|
||||
shell: /bin/ash
|
||||
when: ansible_distribution == "Alpine"
|
||||
when: ansible_facts["distribution"] == "Alpine"
|
||||
- name: Ensure user sudoers file is in place for Debian hosts
|
||||
tags: settings,users,debian
|
||||
ansible.builtin.copy:
|
||||
|
|
@ -46,7 +46,7 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: u=r,g=r,o-rwx
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
- name: Ensure user doas config is in place for Alpine hosts
|
||||
tags: settings,users,alpine
|
||||
ansible.builtin.copy:
|
||||
|
|
@ -55,7 +55,7 @@
|
|||
owner: root
|
||||
group: root
|
||||
mode: u=r,g=r,o-rwx
|
||||
when: ansible_distribution == "Alpine"
|
||||
when: ansible_facts["distribution"] == "Alpine"
|
||||
- name: Ensure public keys are available for this user
|
||||
tags: settings,users,ssh
|
||||
ansible.posix.authorized_key:
|
||||
|
|
@ -68,12 +68,12 @@
|
|||
ansible.builtin.group:
|
||||
name: "docker"
|
||||
check_mode: true
|
||||
register: docker_group_exists
|
||||
register: common_docker_group_exists
|
||||
- name: If docker group exists, add {{ user_name }}
|
||||
ansible.builtin.user:
|
||||
name: "{{ user_name }}"
|
||||
append: true
|
||||
groups: docker
|
||||
when: docker_group_exists.state == 'present'
|
||||
when: common_docker_group_exists is defined and common_docker_group_exists.state == 'present'
|
||||
|
||||
# code: language=ansible
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@
|
|||
name: docker
|
||||
types: deb
|
||||
uris: https://download.docker.com/linux/debian
|
||||
suites: "{{ ansible_distribution_release }}"
|
||||
suites: "{{ ansible_facts['distribution_release'] }}"
|
||||
components:
|
||||
- stable
|
||||
signed_by: |-
|
||||
|
|
|
|||
|
|
@ -4,17 +4,17 @@
|
|||
tags: always
|
||||
with_first_found:
|
||||
- files:
|
||||
- "vars/{{ ansible_distribution }}.yaml"
|
||||
- "vars/{{ ansible_facts['distribution'] }}.yaml"
|
||||
skip: true
|
||||
|
||||
- name: Ensure dependencies for docker module are installed
|
||||
block:
|
||||
- name: Ensure debian hosts are properly configured
|
||||
ansible.builtin.import_tasks: ./debian.yaml
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
- name: Ensure alpine hosts are properly configured
|
||||
ansible.builtin.import_tasks: ./alpine.yaml
|
||||
when: ansible_distribution == 'Alpine'
|
||||
when: ansible_facts["distribution"] == 'Alpine'
|
||||
|
||||
rescue:
|
||||
- name: Set that this task failed
|
||||
|
|
|
|||
|
|
@ -5,5 +5,6 @@ debian_derivatives:
|
|||
- "Pop!_OS"
|
||||
- "Ubuntu"
|
||||
global_dns_servers:
|
||||
- 10.69.11.4
|
||||
- 10.69.2.4
|
||||
- 10.69.9.11
|
||||
# code: language=ansible
|
||||
|
|
|
|||
2
inventory/host_vars/adguardpi.yaml
Normal file
2
inventory/host_vars/adguardpi.yaml
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
server_name: adguardpi
|
||||
|
|
@ -2,25 +2,27 @@
|
|||
all:
|
||||
hosts:
|
||||
adguard:
|
||||
ansible_host: 10.69.11.4
|
||||
maxim:
|
||||
ansible_host: 10.69.10.50
|
||||
pump:
|
||||
ansible_host: 10.69.10.51
|
||||
fifi:
|
||||
ansible_host: 10.69.10.52
|
||||
knivi:
|
||||
ansible_host: 10.69.10.53
|
||||
ansible_host: 10.69.2.4
|
||||
adguardpi:
|
||||
ansible_host: 10.69.9.12
|
||||
# maxim:
|
||||
# ansible_host: 10.69.10.50
|
||||
# pump:
|
||||
# ansible_host: 10.69.10.51
|
||||
# fifi:
|
||||
# ansible_host: 10.69.10.52
|
||||
# knivi:
|
||||
# ansible_host: 10.69.1.50
|
||||
reir:
|
||||
ansible_host: 10.69.10.54
|
||||
ansible_host: 10.69.9.11
|
||||
trady:
|
||||
ansible_host: 10.69.11.11
|
||||
ansible_host: 10.69.2.11
|
||||
stephanie:
|
||||
ansible_host: 10.69.11.51
|
||||
ansible_host: 10.69.2.51
|
||||
nemetona:
|
||||
ansible_host: 10.69.11.52
|
||||
ansible_host: 10.69.2.52
|
||||
ida:
|
||||
ansible_host: 10.69.11.53
|
||||
ansible_host: 10.69.2.53
|
||||
children:
|
||||
alpine:
|
||||
hosts:
|
||||
|
|
@ -30,23 +32,29 @@ all:
|
|||
ida:
|
||||
debian:
|
||||
hosts:
|
||||
maxim:
|
||||
pump:
|
||||
fifi:
|
||||
knivi:
|
||||
adguardpi:
|
||||
# maxim:
|
||||
# pump:
|
||||
# fifi:
|
||||
# knivi:
|
||||
reir:
|
||||
trady:
|
||||
# trady:
|
||||
docker:
|
||||
hosts:
|
||||
adguard:
|
||||
pump:
|
||||
trady:
|
||||
adguardpi:
|
||||
# pump:
|
||||
# trady:
|
||||
stephanie:
|
||||
nemetona:
|
||||
unifi_controller:
|
||||
hosts:
|
||||
pump:
|
||||
# pump:
|
||||
adguard_servers:
|
||||
hosts:
|
||||
adguard:
|
||||
adguardpi:
|
||||
adguard_sync:
|
||||
hosts:
|
||||
adguard:
|
||||
coder:
|
||||
|
|
|
|||
12
minilab.yaml
12
minilab.yaml
|
|
@ -9,13 +9,13 @@
|
|||
tags: always
|
||||
community.general.apk:
|
||||
update_cache: true
|
||||
when: ansible_distribution == "Alpine"
|
||||
when: ansible_facts["distribution"] == "Alpine"
|
||||
- name: Update package cache (Debian, and derivatives)
|
||||
tags: always
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
changed_when: false
|
||||
when: ansible_distribution in debian_derivatives
|
||||
when: ansible_facts["distribution"] in debian_derivatives
|
||||
|
||||
- name: Common tasks for all hosts
|
||||
hosts: all
|
||||
|
|
@ -30,11 +30,17 @@
|
|||
roles:
|
||||
- adhdgirl.minilab.docker
|
||||
- name: Configure AdGuard home hosts
|
||||
hosts: pump
|
||||
hosts: adguard_servers
|
||||
tags: docker,adguard
|
||||
become: true
|
||||
roles:
|
||||
- adhdgirl.minilab.adguardhome
|
||||
- name: Configure AdguardHome-Sync hosts
|
||||
hosts: adguard_sync
|
||||
tags: docker,adguard
|
||||
become: true
|
||||
roles:
|
||||
- adhdgirl.minilab.adguardhome_sync
|
||||
- name: Configure Coder hosts
|
||||
hosts: coder
|
||||
tags: docker,coder
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue