Split into two machines

paulbovbel · Nov 14, 2024 · c9bb163 · c9bb163
1 parent f3bd989
commit c9bb163
Show file tree

Hide file tree

Showing 12 changed files with 66 additions and 17 deletions.
diff --git a/.github/workflows/ansible-deploy.yaml b/.github/workflows/ansible-deploy.yaml
@@ -13,7 +13,7 @@ jobs:
       matrix:
         target:
           - media.bovbel.com
-          # - home.bovbel.com
+          - franklin.bovbel.com
 
     steps:
     - name: Cancel Previous Runs

diff --git a/README.md b/README.md
@@ -21,5 +21,5 @@ To deploy on the current machine:
 
 To deploy homelab:
 
-`./venv/bin/ansible-playbook -i inventory/bovbel playbooks/lab.yaml`
-`./venv/bin/ansible-playbook -i inventory/vedell playbooks/lab.yaml`
+`./venv/bin/ansible-playbook -i inventory/bovbel playbooks/lab.yaml --limit media.bovbel.com`
+`./venv/bin/ansible-playbook -i inventory/bovbel playbooks/lab.yaml --limit franklin.bovbel.com`
diff --git a/TODO b/TODO
@@ -0,0 +1,12 @@
+# dev deploy
+
+Remove gnome keybinds, conflict with vscode:
+
+gsettings set org.gnome.desktop.wm.keybindings move-to-workspace-down "['']"
+gsettings set org.gnome.desktop.wm.keybindings move-to-workspace-up "['']"
+gsettings set org.gnome.desktop.wm.keybindings switch-to-workspace-down "['']"
+gsettings set org.gnome.desktop.wm.keybindings switch-to-workspace-up "['']"
+
+Maybe disable workspaces entirely too?
+
+Vscode trim newlines and whitespace
diff --git a/inventory/bovbel/group_vars/server.yaml b/inventory/bovbel/group_vars/server.yaml
@@ -129,3 +129,16 @@ mam_id: !vault |
   66343838343435643833636265643866626537383366663334393262666665303435363837623563
   33633934306466616430386439306462373634376230363630323865303063336265623232383064
   626634366536346239323534306632623261
+
+caddy_extras:
+  users:
+    - email: [email protected]
+      roles: ['admin', 'share']
+    - email: [email protected]
+      roles: ['admin', 'share']
+    - email: [email protected]
+      roles: ['share']
+    - email: [email protected]
+      roles: ['share']
+    - email: [email protected]
+      roles: ['share']
diff --git a/inventory/bovbel/host_vars/franklin.bovbel.com.yaml b/inventory/bovbel/host_vars/franklin.bovbel.com.yaml
@@ -0,0 +1,8 @@
+---
+# Useful paths
+data_folder: "/home/{{ ansible_user }}"
+app_folder: "{{ data_folder }}/app"
+backup_folder: "{{ data_folder }}/backup"
+share_folder:  "{{ data_folder }}/share"
+
+
diff --git a/inventory/bovbel/host_vars/media.bovbel.com.yaml b/inventory/bovbel/host_vars/media.bovbel.com.yaml
@@ -58,6 +58,8 @@ docker_extras:
       x-systemd-requires: ['storage.mount']
     jackett:
       x-systemd-requires: ['storage.mount']
+    syncthing:
+      x-systemd-requires: ['storage.mount']
 
 # upnp_forwards_extras:
 #   enshrouded1: {from: 15636, to: 15636, proto: tcp}

diff --git a/inventory/bovbel/hosts.yaml b/inventory/bovbel/hosts.yaml
@@ -2,9 +2,13 @@
 all:
   children:
     server:
-      hosts:
-        # home.bovbel.com:
-        media.bovbel.com:
+      children:
+        media_server:
+          hosts:
+            media.bovbel.com:
+        home_server:
+          hosts:
+            franklin.bovbel.com:
     dell_xps:
       hosts:
         pbovbel-dell:
diff --git a/library/tailscale/tailscale.bash b/library/tailscale/tailscale.bash
@@ -1,6 +1,6 @@
 #!/bin/bash
-{
+if command -v tailscale &> /dev/null; then
     tailscale status --json | jq -cM '{ansible_facts: {tailscale: .} }'
-} || {
+else
     echo '{ "ansible_facts": {} }'
-}
+fi
diff --git a/playbooks/lab.yaml b/playbooks/lab.yaml
@@ -1,18 +1,27 @@
 ---
-- hosts: server
+- hosts: media_server
   roles:
     - base
     - aws-ddns
     - cockpit
     - caddy
-    - homeassistant
     - sync
     - upnp
     - media-server
+
+- hosts: home_server
+  roles:
+    - base
+    - aws-ddns
+    - cockpit
+    - caddy
+    - homeassistant
+    - sync
+    - upnp
     - miyoo-backup
 
 - hosts:
-    - server
+    - all
   tasks:
     - name: update all remaining packages
       apt:

diff --git a/roles/base/defaults/main.yaml b/roles/base/defaults/main.yaml
@@ -29,9 +29,9 @@ sshd_config:
   UsePAM: 'yes'
   X11Forwarding: 'no'
 
-# Disable port forwards. SSH should work over tailscale or LAN.
-upnp_forwards_base: {}
-  # ssh: {from: 22, to: 22, proto: tcp}
+# TODO(pbovbel) Disable port forwards. SSH should work over tailscale or LAN?
+upnp_forwards_base:
+  ssh: {from: 22, to: 22, proto: tcp}
 
 grafana_password: !vault |
   $ANSIBLE_VAULT;1.1;AES256

diff --git a/roles/docker/defaults/main.yaml b/roles/docker/defaults/main.yaml
@@ -1,4 +1,5 @@
 docker: {}
+docker_extras: {}
 
 docker_no_log: true
 
@@ -27,6 +28,8 @@ docker_defaults:
       volumes:
         - /var/run/docker.sock:/var/run/docker.sock
       restart: "no"
+      environment:
+        WATCHTOWER_CLEANUP: "true"
 
 docker_systemd_dir: /etc/docker/systemd
 

diff --git a/roles/sync/defaults/main.yaml b/roles/sync/defaults/main.yaml
@@ -18,8 +18,6 @@ docker_sync:
         PUID: "{{ ansible_user_uid }}"
         PGID: "{{ ansible_user_gid }}"
         TZ: America/Toronto
-      x-systemd-requires:
-        - storage.mount
 
 caddy_sync:
   endpoints: