cuqmbr/homelab
1
0
Fork 0
Code

Compare commits

base: cuqmbr:570a2ca85ac8059f729f0932df2880effd00aa69
Branches Tags
cuqmbr:main
...
compare: cuqmbr:ba6507e57c88636e52d0a50de1e31c198ed73a6e
Branches Tags
cuqmbr:main

2 Commits
570a2ca85a ... ba6507e57c

Author SHA1 Message Date
cuqmbr
ba6507e57c
flatten hugo role settings dict 2025-06-24 13:24:52 +03:00
cuqmbr
6c1faffb65
add init role to bastion playbook to create gitea-actions user 2025-06-24 13:24:02 +03:00
5 changed files with 44 additions and 16 deletions
Show Stats Expand all files Collapse all files

1
ansible/05_bastion.yml
View File

@ -10,5 +10,6 @@
cache_valid_time: 86400 cache_valid_time: 86400
roles: roles:
- role: roles/init
- role: roles/fluent_bit - role: roles/fluent_bit
- role: roles/prometheus_node_exporter - role: roles/prometheus_node_exporter

29
ansible/inventories/dev/group_vars/bastion.yml
View File

@ -1,5 +1,34 @@
--- ---
users:
- name: admin
password_hash: !vault |
$ANSIBLE_VAULT;1.1;AES256
30623138653735643561343061356531373430393662383764633038383238383837626636393432
3138653539356430306266663864343563616332656131310a343632323363653665646363366437
66643430626437333461656231303339656435346261336238313036306431396333643965666631
3665393163623266320a373838313538626438623330393533353931336331623464613664633430
32303734396634376431383936643431313561303864343930393363623130663236666636353637
63613237383666656263316661333031643032323266636464313839653065316138343035346161
64313037336666353136383462333832373031623637636630326330313832333265386632343139
30306638356434376635346637346134653064613236326333656566383137353166393063333563
32623638343263313463313062303465626439356461613235656661623364656138
ssh_public_keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDKNzJdo6/c7uXrg0lqVwyXOhcNxO/BnylyJeqoBe4rAO5fhjwWLsvMAeCEmYa/3i8ITSvurFEou7BELo25vM58dNfGQHig52LrA/GU/jwDAhHyTXP3AvqqgIFa0ysMaHasYny6oqXi+eb2w/KimtgOhe5/oUdNBe/KgqZ+hP3qlTchxBl5MEzZIKgXTXQeYJpYYrnFb0l/R8qSkFBJv2xzxVJxEamN71SG7OIsi9m14D6hd2pNDHDDqHgKBVbN5irxDuJAzHN5upzfziXiYCOusud23tX6/nNv8t03CbB7FW0OxaCGhAjbavTFAf164L9GM7j76BGsLwWSh2HhG9G9lKs2bEI3IQudllMc6p9N6j2FhMOCKK6YYekdAOVc3ozTFc73VLkXtN8pnTC8OCSavthSt5jOUd0qTsQGH91lWlEkVe0bWi+s9nggfeWFM7HMVmqsR1jYlOXoi5s7xYwKLUdeUjRk3/rkzIFoOxquE5sVVuNDRNCaqcpPVY4k0gE= openpgp:0x8880F3E0"
opendoas_settings: "permit persist admin as root"
- name: ansible
password_hash: ""
ssh_public_keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDKNzJdo6/c7uXrg0lqVwyXOhcNxO/BnylyJeqoBe4rAO5fhjwWLsvMAeCEmYa/3i8ITSvurFEou7BELo25vM58dNfGQHig52LrA/GU/jwDAhHyTXP3AvqqgIFa0ysMaHasYny6oqXi+eb2w/KimtgOhe5/oUdNBe/KgqZ+hP3qlTchxBl5MEzZIKgXTXQeYJpYYrnFb0l/R8qSkFBJv2xzxVJxEamN71SG7OIsi9m14D6hd2pNDHDDqHgKBVbN5irxDuJAzHN5upzfziXiYCOusud23tX6/nNv8t03CbB7FW0OxaCGhAjbavTFAf164L9GM7j76BGsLwWSh2HhG9G9lKs2bEI3IQudllMc6p9N6j2FhMOCKK6YYekdAOVc3ozTFc73VLkXtN8pnTC8OCSavthSt5jOUd0qTsQGH91lWlEkVe0bWi+s9nggfeWFM7HMVmqsR1jYlOXoi5s7xYwKLUdeUjRk3/rkzIFoOxquE5sVVuNDRNCaqcpPVY4k0gE= openpgp:0x8880F3E0"
opendoas_settings: "permit nopass ansible"
- name: gitea-actions
password_hash: ""
ssh_public_keys:
- "ssh-ed25519 \
AAAAC3NzaC1lZDI1NTE5AAAAIJv1DR3s3q6MOpe8S1FWZ/+TLok4AwNfu/h3Ugmh6lIa \
cuqmbr.xyz_gitea-actions"
opendoas_settings: ""
fluentbit_settings: fluentbit_settings:
service: service:
flush: 1 flush: 1

7
ansible/inventories/dev/group_vars/main_page.yml
View File

@ -29,11 +29,10 @@ users:
cuqmbr.xyz_gitea-actions" cuqmbr.xyz_gitea-actions"
opendoas_settings: "permit nopass gitea-actions" opendoas_settings: "permit nopass gitea-actions"
hugo_settings:
hugo_version: 0.147.9 hugo_version: 0.147.9
homedir: /opt/hugo hugo_homedir: /opt/hugo
git_repo: https://gitea.cuqmbr.xyz/cuqmbr/cuqmbr.xyz.git hugo_git_repo: https://gitea.cuqmbr.xyz/cuqmbr/cuqmbr.xyz.git
git_commit: 5b894854d47b41996b1901fa257f8c2cad9224f9 hugo_git_commit: 5b894854d47b41996b1901fa257f8c2cad9224f9
nginx_settings: nginx_settings:
server_tokens: false server_tokens: false

7
ansible/roles/hugo/defaults/main.yml
View File

@ -1,7 +1,6 @@
--- ---
hugo_settings:
hugo_version: 0.147.9 hugo_version: 0.147.9
homedir: /opt/hugo hugo_homedir: /opt/hugo
git_repo: https://gitea.cuqmbr.xyz/cuqmbr/cuqmbr.xyz.git hugo_git_repo: https://gitea.cuqmbr.xyz/cuqmbr/cuqmbr.xyz.git
git_commit: 5b894854d47b41996b1901fa257f8c2cad9224f9 hugo_git_commit: 5b894854d47b41996b1901fa257f8c2cad9224f9

12
ansible/roles/hugo/tasks/main.yml
View File

@ -3,8 +3,8 @@
- name: Install hugo deb package from github. - name: Install hugo deb package from github.
ansible.builtin.apt: ansible.builtin.apt:
deb: "https://github.com/gohugoio/hugo/releases/download\ deb: "https://github.com/gohugoio/hugo/releases/download\
/v{{ hugo_settings.hugo_version}}/\ /v{{ hugo_version}}/\
hugo_{{ hugo_settings.hugo_version }}_linux-amd64.deb" hugo_{{ hugo_version }}_linux-amd64.deb"
state: present state: present
- name: Install dependencies using apt. - name: Install dependencies using apt.
@ -14,20 +14,20 @@
- name: Set hugo_source, hugo_compiled and hugo_deploy variables. - name: Set hugo_source, hugo_compiled and hugo_deploy variables.
ansible.builtin.set_fact: ansible.builtin.set_fact:
hugo_source: "{{ hugo_settings.homedir }}/src" hugo_source: "{{ hugo_homedir }}/src"
hugo_compiled: "{{ hugo_settings.homedir }}/compiled" hugo_compiled: "{{ hugo_homedir }}/compiled"
hugo_deploy: /var/www/hugo hugo_deploy: /var/www/hugo
- name: Clone hugo site git repository. - name: Clone hugo site git repository.
ansible.builtin.git: ansible.builtin.git:
clone: true clone: true
repo: "{{ hugo_settings.git_repo }}" repo: "{{ hugo_git_repo }}"
force: true force: true
recursive: true recursive: true
single_branch: true single_branch: true
depth: 1 depth: 1
dest: "{{ hugo_source }}" dest: "{{ hugo_source }}"
version: "{{ hugo_settings.git_commit }}" version: "{{ hugo_git_commit }}"
- name: Create hugo site build directory. - name: Create hugo site build directory.
ansible.builtin.file: ansible.builtin.file: