From b86d856b733a97c57663cfc7f49a5744140b006e Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Sun, 29 Nov 2020 01:35:11 +0100 Subject: [PATCH] Add hatoria and move some services to hatoria From nvak: - banananet.work - drop.banananet.work - cloud.banananet.work - debug instance of forumderschan.de - forwarding of www.forumderschan.de From third-party: - mc.wg.banananet.work --- hosts.yml | 7 ++ playbooks/dns.yml | 6 - playbooks/host_hatoria.banananet.work.yml | 139 ++++++++++++++++++++++ playbooks/host_nvak.banananet.work.yml | 105 +--------------- site.yml | 6 +- 5 files changed, 151 insertions(+), 112 deletions(-) create mode 100644 playbooks/host_hatoria.banananet.work.yml diff --git a/hosts.yml b/hosts.yml index 9a5081e..04fdaac 100644 --- a/hosts.yml +++ b/hosts.yml @@ -1,5 +1,12 @@ # Public Servers +hatoria.banananet.work: + - hetzner_server + - os_debian + - bootstrap + - public_available + - wireguard_backbones + nvak.banananet.work: - contabo_vserver - os_debian diff --git a/playbooks/dns.yml b/playbooks/dns.yml index 9dc392d..e594d51 100644 --- a/playbooks/dns.yml +++ b/playbooks/dns.yml @@ -29,15 +29,9 @@ - type: CAA data: 0 issue "letsencrypt.org" # other entries - - domain: mc.wg - type: A - data: 5.83.168.74 - domain: _minecraft._tcp.wg type: SRV data: "10 10 10110 mc.wg.{{ domain }}." - - domain: _minecraft._tcp.mc.wg - type: SRV - data: "10 10 10110 mc.wg.{{ domain }}." - role: dns/master domain: forumderschan.de responsible_mail_name: hostmaster.banananet.work diff --git a/playbooks/host_hatoria.banananet.work.yml b/playbooks/host_hatoria.banananet.work.yml new file mode 100644 index 0000000..d5e8201 --- /dev/null +++ b/playbooks/host_hatoria.banananet.work.yml @@ -0,0 +1,139 @@ +- name: Configure hatoria.banananet.work + hosts: hatoria.banananet.work + roles: + - role: nginx/default_server # Would not be configurable otherwise + # Banananet.work + - role: server/static + tags: + - banananet.work + domain: banananet.work + repo: git@git.banananet.work:banananetwork/main-static.git + - role: nginx/forward + tags: + - banananet.work + domain: www.banananet.work + dest: banananet.work + # Linx Server + - role: server/linx + tags: + - drop.banananet.work + domain: drop.banananet.work + bind_port: 12840 + use_hdd_directory: yes + site_name: "BananaNetwork Drop Server" +# # Admin Panel +# - role: server/php +# domain: nvak.banananet.work +# repo: PHPMYADMIN # TODO + # BananaNetwork Keys +# - role: server/node +# domain: keys.banananet.work +# repo: https://git.banananet.work/banananetwork/keys.git +# bind_port: 12822 +# system_user: keys-banananet-work + # Nextcloud Server + - role: server/nextcloud + tags: + - cloud.banananet.work + domain: cloud.banananet.work + nextcloud_admin_user: "{{ global_username }}" + enabled_apps_list: + - accessibility + - activity + - admin_audit + - apporder + - bruteforcesettings + - calendar + - checksum + - cloud_federation_api + - comments + - contacts + - contactsinteraction + - cospend + - dav + - deck + - external + - federatedfilesharing + - federation + - files + - files_automatedtagging + - files_external + - files_markdown + - files_pdfviewer + - files_rightclick + - files_sharing + - files_trashbin + - files_versions + - files_videoplayer + - firstrunwizard + - logreader + - lookup_server_connector + - mail + - metadata + - nextcloud_announcements + - notes + - notifications + - oauth2 + - ocdownloader + - password_policy + - phonetrack + - photos + - polls + - privacy + - provisioning_api + - quota_warning + - ransomware_protection + - serverinfo + - settings + - sharebymail + - sociallogin + - socialsharing_email + - support + - suspicious_login + - systemtags + - tasks + - text + - theming + - twofactor_admin + - twofactor_backupcodes + - twofactor_gateway + - twofactor_nextcloud_notification + - twofactor_totp + - twofactor_u2f + - updatenotification + - viewer + - workflowengine + disabled_apps_list: + - encryption + - files_readmemd + - recommendations + - spreed + - survey_client + - user_ldap + # Forum der Schande + - role: server/php + tags: + - forumderschan.de + domain: forumderschan.de + is_debug_instance: yes + repo: git@git.banananet.work:strichliste/strichliste-php.git + root: html + installation_includes: + - includes + - role: nginx/forward + tags: + - forumderschan.de + domain: www.forumderschan.de + dest: forumderschan.de + # WG Minecraft + - role: server/minecraft + tags: + - mc.wg.banananet.work + domain: mc.wg.banananet.work + minecraft_version: "1.16.1" + minecraft_ram: "16G" + minecraft_port: 25566 + config: + difficulty: normal + motd: ChaosCraft + view-distance: 16 diff --git a/playbooks/host_nvak.banananet.work.yml b/playbooks/host_nvak.banananet.work.yml index 4cd7ba3..eacc301 100644 --- a/playbooks/host_nvak.banananet.work.yml +++ b/playbooks/host_nvak.banananet.work.yml @@ -9,25 +9,6 @@ domain: git.banananet.work gitea_system_user: git database_user: gitea - # Banananet.work - - role: server/static - tags: - - banananet.work - domain: banananet.work - repo: git@git.banananet.work:banananetwork/main-static.git - - role: nginx/forward - tags: - - banananet.work - domain: www.banananet.work - dest: banananet.work - # Linx Server - - role: server/linx - tags: - - drop.banananet.work - domain: drop.banananet.work - system_user: drop-banananet-work - bind_port: 12840 - site_name: "BananaNetwork Drop Server" # SpotMe Server - role: server/spotme tags: @@ -45,86 +26,6 @@ # repo: https://git.banananet.work/banananetwork/keys.git # bind_port: 12822 # system_user: keys-banananet-work - # Nextcloud Server - - role: server/nextcloud - tags: - - cloud.banananet.work - domain: cloud.banananet.work - system_user: nextcloud - nextcloud_admin_user: "{{ global_username }}" - enabled_apps_list: - - accessibility - - activity - - admin_audit - - apporder - - bruteforcesettings - - calendar - - checksum - - cloud_federation_api - - comments - - contacts - - contactsinteraction - - cospend - - dav - - deck - - external - - federatedfilesharing - - federation - - files - - files_automatedtagging - - files_external - - files_markdown - - files_pdfviewer - - files_rightclick - - files_sharing - - files_trashbin - - files_versions - - files_videoplayer - - firstrunwizard - - logreader - - lookup_server_connector - - mail - - metadata - - nextcloud_announcements - - notes - - notifications - - oauth2 - - ocdownloader - - password_policy - - phonetrack - - photos - - polls - - privacy - - provisioning_api - - quota_warning - - ransomware_protection - - serverinfo - - settings - - sharebymail - - sociallogin - - socialsharing_email - - support - - suspicious_login - - systemtags - - tasks - - text - - theming - - twofactor_admin - - twofactor_backupcodes - - twofactor_gateway - - twofactor_nextcloud_notification - - twofactor_totp - - twofactor_u2f - - updatenotification - - viewer - - workflowengine - disabled_apps_list: - - encryption - - files_readmemd - - recommendations - - spreed - - survey_client - - user_ldap # Firefox Sync Server - role: server/firefox-sync tags: @@ -149,16 +50,12 @@ tags: - forumderschan.de domain: forumderschan.de + has_debug_instance: yes system_user: forumderschan-de repo: git@git.banananet.work:strichliste/strichliste-php.git root: html installation_includes: - includes - - role: nginx/forward - tags: - - forumderschan.de - domain: www.forumderschan.de - dest: forumderschan.de # WG Nextcloud - role: server/nextcloud tags: diff --git a/site.yml b/site.yml index c33ecd4..0344dc4 100644 --- a/site.yml +++ b/site.yml @@ -40,12 +40,14 @@ # Topic specific configurations - name: Include dns configuration import_playbook: playbooks/dns.yml -- name: Include wireguard network configuration - import_playbook: playbooks/wireguard.yml +#- name: Include wireguard network configuration +# import_playbook: playbooks/wireguard.yml # Host specific configurations - name: Include configuration of nvak.banananet.work import_playbook: playbooks/host_nvak.banananet.work.yml +- name: Include configuration of hatoria.banananet.work + import_playbook: playbooks/host_hatoria.banananet.work.yml - name: Include configuration of rurapenthe.banananet.work import_playbook: playbooks/host_rurapenthe.banananet.work.yml