ctucx.git: ansible-configs

My personal ansible roles and playbooks [deprecated in favor of nixos]

commit 7f0f83f93be798041bb877c91917be4e3a0d7e83
parent 91c41579ea6fcf524830ef8e00254e5adefadc0e
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 13 Jan 2022 13:54:20 +0100

remove joguhrtbecher
3 files changed, 0 insertions(+), 203 deletions(-)
D
configuration/joguhrtbecher.yml
|
175
-------------------------------------------------------------------------------
M
inventory
|
7
-------
M
playbook.yml
|
21
---------------------
diff --git a/configuration/joguhrtbecher.yml b/configuration/joguhrtbecher.yml
@@ -1,175 +0,0 @@
-system:
-  hostname: joguhrtbecher
-  domain: ctu.cx
-  timezone: Europe/Berlin
-  enableOwnRepos: true
-  enableSudo: true
-  useNTP: true
-  extraPackages:
-    - iftop
-    - iotop
-    - htop
-    - rsync
-    - mtr
-    - traceroute
-    - dnsutils
-    - tar
-    - unzip
-    - wget
-    - curl
-    - hdparm
-  users:
-    - name: root
-      allowedSshKeys:
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161
-    - name: leah
-      groups: "wheel"
-      password: "{{ lookup('diskcache', 'passwordstore', 'Server/leah.password')}}"
-      allowedSshKeys:
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161
-
-network:
-  nftables:
-    enable: true
-    configFile: config-files/nftables/joguhrtbecher.nft
-
-networkd:
-  networkd_resolv_conf_content:
-    - nameserver 1.1.1.1
-    - nameserver 8.8.8.8
-  networkd_apply_action: "restart"
-  netdev:
-    - name: wg-pbb
-      priority: 30
-      content:
-        - NetDev:
-          - Name: wg-pbb
-          - Kind: wireguard
-        - WireGuard:
-          - PrivateKey: "{{ lookup('diskcache', 'passwordstore', 'Server/joguhrtbecher/wireguard.privkey returnall=true') }}"
-          - FirewallMark: 0x8888
-        - WireGuardPeer:
-          - PublicKey: "{{ lookup('diskcache', 'passwordstore', 'Server/desastro/wireguard.pubkey returnall=true') }}"
-          - AllowedIPs:  "0.0.0.0/0, ::/0"
-          - Endpoint: "195.39.247.172:51820"
-          - PersistentKeepalive: 10
-  network:
-    - name: enp0s25
-      priority: 20
-      content:
-        - Match:
-          - Name: enp0s25
-        - Network:
-          - DHCP: yes
-    - name: wg-pbb
-      priority: 30
-      content:
-        - Match:
-          - Name: wg-pbb
-        - Network:
-          - Address: 195.39.247.49/32
-          - Address: 2a0f:4ac0:acab:1234::49/128
-          - DNS: 8.8.8.8
-          - DNSDefaultRoute: true
-          - Domains: ~.
-        - Link:
-          - MTUBytes: 1472
-        - RoutingPolicyRule:
-          - FirewallMark: 0x8888
-          - InvertRule: true
-          - Table: 1000
-          - Priority: 10
-        - Route:
-          - Destination: 0.0.0.0/0
-          - Table: 1234
-        - Route:
-          - Destination: ::/0
-          - Table: 1234
-        - RoutingPolicyRule:
-          - From: 195.39.247.49/32
-          - Table: 1234
-          - Priority: 2000
-        - RoutingPolicyRule:
-          - From: 2a0f:4ac0:acab:1234::49/128
-          - Table: 1234
-          - Priority: 2000
-
-files:
-  /etc/udev/rules.d/69-hdparm-disable-spindown.rules:
-    state:   "file"
-    content: 'ACTION=="add", SUBSYSTEM=="block", KERNEL=="sda", RUN+="/usr/bin/hdparm -B 254 -S 0 /dev/sda"'
-    mode:    "0755"
-    owner:   "root"
-    group:   "root"
-
-services:
-  openssh:
-    enable: true
-    port: 22
-    permitRootLogin: true
-    passwordAuthentication: false
-
-  prometheus_node_exporter:
-    enable: true
-
-  vnstat:
-    enable: true
-
-  mariadb:
-    enable: true
-    databases:
-      - name: db1
-      - name: db2
-    users:
-      - username: test1
-        password: test1
-        state: present
-        privileges:
-          "db1.*": "ALL,GRANT"
-          "db2.*": "ALL,GRANT"
-      - username: test2
-        password: test2
-        state: present
-        privileges:
-         "db2.*": "ALL,GRANT"
-
-  syncthing:
-    enable: true
-    user: leah
-    nginx:
-      enable: true
-      domain: "syncthing.lollo.ctu.cx"
-      sslOnly: true
-      ssl:
-        enable: true
-        cert: "/var/lib/acme-redirect/live/syncthing.joguhrtbecher.ctu.cx/fullchain"
-        privkey: "/var/lib/acme-redirect/live/syncthing.joguhrtbecher.ctu.cx/privkey"
-
-
-  acme_redirect:
-    enable: true
-    email: lets-encrypt@ctu.cx
-    certs:
-      joguhrtbecher.ctu.cx:
-        renew_tasks:
-          - systemctl restart nginx
-      syncthing.joguhrtbecher.ctu.cx:
-        renewTasks:
-          - systemctl restart nginx
-
-
-  nginx:
-    enable: true
-    sslOnly: true
-    vhosts:
-      joguhrtbecher.ctu.cx:
-        defaultserver: true
-        ssl:
-          enable: true
-          cert: "/var/lib/acme-redirect/live/joguhrtbecher.ctu.cx/fullchain"
-          privkey: "/var/lib/acme-redirect/live/joguhrtbecher.ctu.cx/privkey"
-        locations:
-          - path: /node-exporter
-            proxy: http://127.0.0.1:9100/metrics
diff --git a/inventory b/inventory
@@ -19,13 +19,6 @@ lollo.ctu.cx
 [stasicontainer]
 stasicontainer.home.ctu.cx
 
-[joguhrtbecher]
-#10.10.0.78
-#c4y72xuu85nwkhkx.myfritz.net 
-joguhrtbecher.ctu.cx
-#[joguhrtbecher:vars]
-#ansible_ssh_port=2222
-
 [repo]
 repo.ctu.cx
 
diff --git a/playbook.yml b/playbook.yml
@@ -75,27 +75,6 @@
     - role: backup
       tags: backup
 
-- hosts: joguhrtbecher
-  name: Install joguhrtbecher
-  vars_files: configuration/joguhrtbecher.yml
-  roles:
-    - role: common
-      tags: common
-    - role: openssh
-      tags: [ openssh, common ]
-    - role: systemd-networkd
-      tags: systemd-networkd
-    - role: files
-      tags: files
-    - role: vnstat
-      tags: vnstat
-    - role: mariadb
-      tags: mariadb
-    - role: nginx
-      tags: nginx
-    - role: syncthing
-      tags: syncthing
-
 - hosts: lollo
   name:  Install lollo
   vars_files: configuration/lollo.yml