- name: Set up static IP hosts: emma become: yes roles: - role: any.common.static-ip vars: interface: "enp2s0" static_ip: "192.168.0.2" broadcast_ip: "192.168.0.255" router_ip: "192.168.0.1" - any.common.ssh - any.tools.ufw tags: networking - name: Configure BTRFS RAID hosts: emma become: yes roles: - any.common.raid tags: raid - name: Set up backup systems hosts: emma become: true tags: backups roles: - role: any.tools.restic vars: restic_version: "0.18.1" - role: any.tools.otel-cli vars: otel_cli_version: "0.4.5" # TODO restic-rest subvolumes - role: any.software.restic-rest vars: restic_rest_data_dir: "/mnt/data1/restic-rest" restic_rest_version: "0.12.1" - name: Set up OTEL collector hosts: emma tags: [otel-collector, otel] become: true roles: - any.software.otel-collector - name: Set up Jellyfin hosts: emma become: yes roles: - any.software.jellyfin tags: jellyfin - name: Set up Miniflux hosts: emma tags: miniflux roles: - role: any.common.btrfs-subvolumes become: true vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/miniflux/postgres" - role: any.software.miniflux-podman vars: postgres_data_dir: '/data/miniflux/postgres' - role: any.tools.backup-scripts become: true vars: backups: - name: "miniflux-postgres" type: "podman-postgres" user: "debian" container: "systemd-miniflux-postgres" pg_user: "miniflux" database: "miniflux" - name: Set up WebDAV hosts: emma become: true tags: webdav roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/webdav/data" - role: any.software.webdav vars: webdav_version: "5.7.4" data_dir: "{{ btrfs_raid.path }}/webdav/data" webdav_user: "{{ vault_webdav_user }}" webdav_password: "{{ vault_webdav_password }}" webdav_password_bcrypt: "{{ vault_webdav_password_bcrypt }}" - role: any.tools.backup-scripts vars: backups: - name: "webdav-data" type: "btrfs-subvolume" path: "{{ btrfs_raid.path }}/webdav/data" - name: Set up Forgejo hosts: emma tags: forgejo roles: - role: any.common.btrfs-subvolumes become: yes vars: subvolumes: # Data files and LFS are placed on RAID - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/forgejo/data" - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/forgejo/lfs" # Repositories and database are stored in NVME - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/forgejo/repositories" - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/forgejo/postgres" - role: any.software.forgejo-podman vars: # General forgejo_version: '11.0.11' forgejo_postgres_version: '14.8' # Networking forgejo_http_port: 8027 forgejo_ssh_port: 8016 forgejo_domain: 'git.rustybever.be' forgejo_root_url: 'https://git.rustybever.be/' # Secrets forgejo_lfs_jwt_secret: "{{ vault_gitea_lfs_jwt_secret }}" forgejo_secret_key: "{{ vault_gitea_secret_key }}" forgejo_internal_token: "{{ vault_gitea_internal_token }}" forgejo_jwt_secret: "{{ vault_gitea_jwt_secret }}" # Data forgejo_data_dir: "{{ btrfs_raid.path }}/forgejo/data" forgejo_repositories_dir: "{{ btrfs_nvme.path }}/data/forgejo/repositories" forgejo_lfs_dir: "{{ btrfs_raid.path }}/forgejo/lfs" forgejo_postgres_dir: "{{ btrfs_nvme.path }}/data/forgejo/postgres" - role: any.tools.backup-scripts become: true vars: backups: - name: "forgejo-postgres" type: "podman-postgres" user: "debian" container: "systemd-forgejo-postgres" pg_user: "forgejo" database: "forgejo" - name: "forgejo-repositories" type: "btrfs-subvolume" path: "/data/forgejo/repositories" - name: "forgejo-data" type: "btrfs-subvolume" path: "{{ btrfs_raid.path }}/forgejo/data" - name: "forgejo-lfs" type: "btrfs-subvolume" path: "{{ btrfs_raid.path }}/forgejo/lfs" - name: Set up Otter hosts: emma become: yes tags: otter roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/otter/data" - role: any.software.otter vars: data_dir: "{{ btrfs_nvme.path }}/data/otter/data" - role: any.tools.backup-scripts vars: backups: - name: 'otter-data' type: 'btrfs-subvolume' path: '/data/otter/data' - name: Set up Nefarious hosts: emma become: yes tags: nefarious roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/nefarious/nefarious" - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/nefarious/jackett" - role: any.software.nefarious-podman vars: host_download_dir: "/mnt/data1/media" transmission_settings_path: "/etc/nefarious/transmission-settings.json" nefarious_config_dir: "/mnt/data1/nefarious/nefarious" jackett_data_dir: "/mnt/data1/nefarious/jackett" nefarious_admin_user: "{{ vault_nefarious_admin_user }}" nefarious_admin_pass: "{{ vault_nefarious_admin_pass }}" - name: Set up Actual hosts: emma tags: actual roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/actual/data" become: true - role: any.software.actual-podman vars: data_dir: '/data/actual/data' - role: any.tools.backup-scripts become: true vars: backups: - name: 'actual-data' type: 'btrfs-subvolume' path: '/data/actual/data' - name: Set up Baikal hosts: emma tags: baikal roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/baikal/config" become: true - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/baikal/Specific" become: true - role: any.software.baikal-podman vars: baikal_config_dir: "/data/baikal/config" baikal_specific_dir: "/data/baikal/Specific" - role: any.tools.backup-scripts become: true vars: backups: - name: 'baikal-config' type: 'btrfs-subvolume' path: '/data/baikal/config' - name: 'baikal-Specific' type: 'btrfs-subvolume' path: '/data/baikal/Specific' - name: Set up Syncthing hosts: emma tags: syncthing become: true roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/syncthing/data" - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/syncthing/config" - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/syncthing/home" - role: any.software.syncthing vars: syncthing_data_dir: "/mnt/data1/syncthing/data" syncthing_home_dir: "/mnt/data1/syncthing/home" syncthing_config_dir: "/mnt/data1/syncthing/config" - name: Set up Monica hosts: emma tags: monica roles: - role: any.common.btrfs-subvolumes become: true vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/monica/data" - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/monica/mariadb" - role: any.software.monica-podman vars: monica_data_dir: "/data/monica/data" mariadb_data_dir: "/data/monica/mariadb" - role: any.tools.backup-scripts become: true vars: backups: - name: 'monica-data' type: 'btrfs-subvolume' path: '/data/monica/config' - name: 'monica-mariadb' type: 'podman-mysql' user: 'debian' container: 'systemd-monica-mariadb' mysql_user: 'monica' mysql_password: 'monica' database: 'monica' - name: Set up Recipya hosts: emma tags: recipya roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/recipya/data" become: true - role: any.software.recipya-podman vars: data_dir: "/data/recipya/data" - role: any.tools.backup-scripts become: true vars: backups: - name: "recipya-data" type: "btrfs-subvolume" path: "/data/recipya/data" - name: Set up Immich hosts: emma tags: immich roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/immich/postgres" - filesystem_uuid: "{{ btrfs_raid.uuid }}" filesystem_path: "{{ btrfs_raid.path }}" name: "/photos/immich-upload" - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/immich/model-cache" become: true - role: any.software.immich-podman vars: immich_postgres_dir: "/data/immich/postgres" immich_upload_dir: "/mnt/data1/photos/immich-upload" immich_model_cache_dir: "/data/immich/model-cache" immich_libraries: - path: "/mnt/data1/photos/jef" name: "jef" - path: "/mnt/data1/photos/lambroek" name: "lambroek" - role: any.tools.backup-scripts become: true vars: backups: - name: "immich-postgres" type: "podman-postgres" user: "debian" container: "systemd-immich-postgres" pg_user: "immich" database: "immich" - name: Set up Tuwunel hosts: emma tags: tuwunel become: true roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/matrix-tuwunel/data" - role: any.software.tuwunel vars: tuwunel_data_dir: '/data/matrix-tuwunel/data' - role: any.tools.backup-scripts vars: backups: - name: "tuwunel-data" type: "btrfs-subvolume" path: "/data/matrix-tuwunel/data" - name: Set up GreptimeDB hosts: emma tags: [greptimedb, otel] roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/greptimedb/data" become: true - role: any.software.greptimedb-podman vars: greptimedb_data_dir: "/data/greptimedb/data" - name: Set up Grafana hosts: emma tags: [grafana, otel] roles: - role: any.common.btrfs-subvolumes vars: subvolumes: - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/grafana/data" - filesystem_uuid: "{{ btrfs_nvme.uuid }}" filesystem_path: "{{ btrfs_nvme.path }}" name: "/@rootfs/data/grafana/logs" - role: any.software.grafana vars: grafana_data_dir: "/data/grafana/data" grafana_logs_dir: "/data/grafana/logs" - role: any.tools.backup-scripts vars: backups: - name: "grafana-data" type: "btrfs-subvolume" path: "/data/grafana/data" become: true