ctucx.git: ansible-configs

My personal ansible roles and playbooks [deprecated in favor of nixos]

commit f441878aaf30bb8ab8af4642b9c309b2870c7127
parent 4a7da3c538b9e5b2a3d78a3515d66ccd15f0a481
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 13 Jan 2022 13:56:18 +0100

remove wanderduene
3 files changed, 0 insertions(+), 169 deletions(-)
D
configuration/wanderduene.yml
|
125
-------------------------------------------------------------------------------
M
inventory
|
3
---
M
playbook.yml
|
41
-----------------------------------------
diff --git a/configuration/wanderduene.yml b/configuration/wanderduene.yml
@@ -1,125 +0,0 @@
-system:
-  hostname: wanderduene
-  domain: ctu.cx
-  timezone: Europe/Berlin
-  alpineVersion: v3.13
-  enableOwnRepos: true
-  enableSudo: true
-  useNTP: true
-  enableNFSMount: true
-  extraPackages:
-    - iftop
-    - iotop
-    - htop
-    - rsync
-    - mtr
-    - bind-tools
-    - tar
-    - unzip
-    - wget
-    - curl
-  fstab:
-    - device: UUID=fc06e9aa-37fc-45ab-ad89-4f04e8ed78ba
-      path: /
-      fstype: ext4
-      options: rw,relatime 
-      checks: 0 1
-    - device: UUID=e12f1d27-9fb6-4417-9e34-cad1e0fc3b34
-      path: /boot
-      fstype: ext4
-      options: rw,relatime
-      checks: 0 2
-  nameservers:
-    - 1.1.1.1
-    - 8.8.8.8
-  users:
-    - name: root
-      allowedSshKeys:
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161
-    - name: leah
-      groups: "wheel"
-      password: "{{ lookup('diskcache', 'passwordstore', 'Server/leah.password')}}"
-      allowedSshKeys:
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829
-        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161
-
-network:
-  nftables:
-    enable: true
-    configFile: config-files/nftables/wanderduene.nft
-  interfaces:
-    - name: lo
-      loopback: true
-    - name: eth0
-      ipv4:
-        address: 46.38.253.139
-        gateway: 46.38.253.1
-        netmask: 255.255.255.0
-      ipv6:
-        address: 2a03:4000:1:45d::1
-        gateway: fe80::1
-        netmask: 64
-    - name: eth1
-      ipv4:
-        address: 10.0.0.10
-        netmask: 255.255.255.0
-
-services:
-  openssh:
-    enable: true
-    port: 22
-    permitRootLogin: true
-    passwordAuthentication: false
-
-  prometheus_node_exporter:
-    enable: true
-
-  postgresql:
-    enable: false
-
-  vnstat:
-    enable: true
-
-  bind:
-    enable: true
-    zonesRepo: https://cgit.ctu.cx/dns-zones
-    serveDomains:
-      - ctu.cx
-      - ctucx.de
-      - thein.ovh
-      - antifa.jetzt
-      - oeffisear.ch
-      - trans-agenda.de
-
-  acme_redirect:
-    enable: true
-    email: lets-encrypt@ctu.cx
-    certs:
-      wanderduene.ctu.cx:
-        renewTasks:
-          - sudo rc-service nginx restart
-          - sudo rc-service maddy restart
-
-  nginx:
-    enable: true
-    enableXSLTFilter: true
-    user: nginx
-    group: nginx
-    sslOnly: true
-    vhosts:
-      wanderduene.ctu.cx:
-        defaultServer: true
-        ssl:
-          enable: true
-          cert: "/var/lib/acme-redirect/live/wanderduene.ctu.cx/fullchain"
-          privkey: "/var/lib/acme-redirect/live/wanderduene.ctu.cx/privkey"
-        locations:
-          - path: /node-exporter
-            proxy: http://127.0.0.1:9100/metrics
-
-  maddy:
-    enable: true
-    hostname: "wanderduene.ctu.cx"
-    ssl_cert: "/var/lib/acme-redirect/live/wanderduene.ctu.cx/fullchain"
-    ssl_privkey: "/var/lib/acme-redirect/live/wanderduene.ctu.cx/privkey"
diff --git a/inventory b/inventory
@@ -4,9 +4,6 @@ ansible_ssh_user=root
 [taurus]
 taurus.ctu.cx
 
-[wanderduene]
-wanderduene.ctu.cx
-
 [desastro]
 desastro.ctu.cx
 
diff --git a/playbook.yml b/playbook.yml
@@ -10,47 +10,6 @@
       changed_when: false
       raw: test -e /usr/bin/python || (test -e /usr/bin/pacman && pacman -Sy --noconfirm python; true)
 
-#- hosts: wanderduene
-#  name:  Install wanderduene
-#  vars_files: configuration/wanderduene.yml
-#  roles: 
-#    - role: common
-#      tags: common
-#    - role: openssh
-#      tags: [ openssh, common ]
-#    - role: files
-#      tags: files
-#    - role: bind
-#      tags: bind
-#    - role: vnstat
-#      tags: vnstat
-#    - role: nginx
-#      tags: nginx
-#    - role: maddy
-#      tags: maddy
-#    - role: pleroma
-#      tags: pleroma
-#    - role: backup
-#      tags: backup
-#    - role: frps
-#      tags: [ frp, frps ]
-#    - role: fritzboxExporter
-#      tags: fritzboxExporter
-#    - role: pleroma
-#      tags: pleroma
-#    - role: prometheus 
-#      tags: prometheus
-#    - role: grafana
-#      tags: grafana
-#    - role: synapse
-#      tags: synapse
-#    - role: oeffisearch
-#      tags: oeffisearch
-#    - role: oeffi-web
-#      tags: oeffi-web
-#    - role: cgit
-#      tags: cgit
-
 
 - hosts: taurus
   name: Install taurus