You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ansible/playbooks/host_hatoria.banananet.work...

385 lines
10 KiB
YAML

- name: Configure hatoria.banananet.work
hosts: hatoria.banananet.work
vars:
bnet_cloud_domain: "cloud.banananet.work"
bnet_cloud_username: "{{ bnet_cloud_domain | domain_to_username }}"
roles:
- role: nginx/default_server # Would not be configurable otherwise
# Git Server
- role: server/gitea
tags:
- git.banananet.work
domain: git.banananet.work
gitea_system_user: git
database_user: gitea
- role: server/drone.io/server
domain: ci.git.banananet.work
bind_port: 12824
gitea_server_url: https://git.banananet.work
gitea_client_id: "{{ drone_ci_gitea_main_oauth2_client_id }}"
gitea_client_secret: "{{ drone_ci_gitea_main_oauth2_client_secret }}"
- role: server/drone.io/runner
drone_server_host: ci.git.banananet.work
# Banananet.work
- role: server/static
tags:
- banananet.work
domain: banananet.work
repo: git@git.banananet.work:banananetwork/main-static.git
- role: nginx/forward
tags:
- banananet.work
domain: www.banananet.work
dest: banananet.work
# SpotMe Server
- role: server/spotme
tags:
- spotme.banananet.work
domain: spotme.banananet.work
bind_port: 12820
# Firefox Sync Server
- role: server/firefox-sync
tags:
- firefox.banananet.work
domain: firefox.banananet.work
# RSS Server
# TODO Manual initialization of database required
- role: server/tt-rss
tags:
- rss.banananet.work
domain: rss.banananet.work
# Linx Server
- role: server/linx
tags:
- drop.banananet.work
domain: drop.banananet.work
bind_port: 12840
use_hdd_directory: yes
site_name: "BananaNetwork Drop Server"
# # Admin Panel
# - role: server/php
# domain: nvak.banananet.work
# repo: PHPMYADMIN # TODO
# BananaNetwork Keys
# - role: server/node
# domain: keys.banananet.work
# repo: https://git.banananet.work/banananetwork/keys.git
# bind_port: 12822
# system_user: keys-banananet-work
# Nextcloud Server
- role: server/nextcloud
tags:
- cloud.banananet.work
domain: "{{ bnet_cloud_domain }}"
system_user: "{{ bnet_cloud_username }}"
nextcloud_admin_user: "{{ global_username }}"
enabled_apps_list:
- accessibility
- activity
- admin_audit
- apporder
- bruteforcesettings
- calendar
- checksum
- cloud_federation_api
- comments
- contacts
- contactsinteraction
- cospend
- dav
- deck
- external
- federatedfilesharing
- federation
- files
- files_automatedtagging
- files_external
- files_markdown
- files_pdfviewer
- files_rightclick
- files_sharing
- files_trashbin
- files_versions
- files_videoplayer
- firstrunwizard
- logreader
- lookup_server_connector
- mail
- metadata
- nextcloud_announcements
- notes
- notifications
- oauth2
- ocdownloader
- password_policy
- phonetrack
- photos
- polls
- privacy
- provisioning_api
- quota_warning
- ransomware_protection
- serverinfo
- settings
- sharebymail
- sociallogin
- socialsharing_email
- support
- suspicious_login
- systemtags
- tasks
- text
- theming
- twofactor_admin
- twofactor_backupcodes
- twofactor_gateway
- twofactor_nextcloud_notification
- twofactor_totp
- twofactor_u2f
- updatenotification
- viewer
- workflowengine
disabled_apps_list:
- encryption
- files_readmemd
- recommendations
- spreed
- survey_client
- user_ldap
# Forum der Schande
- role: server/php
tags:
- forumderschan.de
domain: forumderschan.de
repo: git@git.banananet.work:strichliste/strichliste-php.git
root: html
installation_includes:
- includes
- role: nginx/forward
tags:
- forumderschan.de
domain: www.forumderschan.de
dest: forumderschan.de
# Monitors
- role: misc/tg_monitor_cmd
tags: tg-monitor-cmd
monitor_name: forumderschan.de-NS
description: "NS entries of forumderschan.de"
command_str: >-
/usr/bin/dig
@a.nic.de.
forumderschan.de. NS
| grep --only-matching --perl-regexp '(?<=\s)(\S+\.)+(?=$)'
| sort
use_shell: yes
# WG Nextcloud
- role: server/nextcloud
tags:
- wg.banananet.work
domain: wg.banananet.work
nextcloud_admin_user: felix
enabled_apps_list:
- accessibility
- activity
- apporder
- bruteforcesettings
- calendar
- checksum
- cloud_federation_api
- comments
- contacts
- cookbook
- cospend
- dav
- deck
- encryption
- external
- federatedfilesharing
- federation
- files
- files_automatedtagging
- files_external
- files_pdfviewer
- files_rightclick
- files_sharing
- files_trashbin
- files_versions
- files_videoplayer
- firstrunwizard
- logreader
- lookup_server_connector
- metadata
- nextcloud_announcements
- notes
- notifications
- oauth2
- ocdownloader
- password_policy
- photos
- polls
- privacy
- provisioning_api
- quota_warning
- ransomware_protection
- serverinfo
- settings
- sharebymail
- side_menu
- sociallogin
- socialsharing_email
- support
- suspicious_login
- systemtags
- tasks
- text
- theming
- twofactor_admin
- twofactor_backupcodes
- twofactor_gateway
- twofactor_nextcloud_notification
- twofactor_totp
- twofactor_u2f
- updatenotification
- viewer
- workflowengine
disabled_apps_list:
- admin_audit
- recommendations
- spreed
- survey_client
- user_ldap
# WG Minecraft
- role: server/minecraft
tags:
- mc.wg.banananet.work
domain: mc.wg.banananet.work
minecraft_version: "1.16.4"
minecraft_ram: "16G"
minecraft_port: 25566
config:
difficulty: normal
motd: ChaosCraft
view-distance: 16
# # Stadtpiraten
# - role: server/typo3
# domain: piraten.dev.banananet.work
# - role: server/php
# domain: forum.piraten.dev.banananet.work
# repo: PHPBB # TODO
# version: master
# # Stadtpiraten (prod)
# - role: nginx/forward
# domain: www.stadtpiraten-karlsruhe.de
# dest: stadtpiraten-karlsruhe.de
# SMD/SFC HST 2020
- role: nginx/forward
tags:
- proj-hst
- hst21.banananet.work
domain: hst20.banananet.work
dest: hst21.banananet.work
- role: server/nextcloud
tags:
- proj-hst
- hst21.banananet.work
domain: hst21.banananet.work
system_user: nc-hst21
nextcloud_admin_user: felix
enabled_apps_list:
- accessibility
- activity
- apporder
- bruteforcesettings
- calendar
- checksum
- cloud_federation_api
- comments
- contacts
- contactsinteraction
- cospend
- dav
- deck
- encryption
- external
- federatedfilesharing
- federation
- files
- files_automatedtagging
- files_linkeditor
- files_mindmap
- files_pdfviewer
- files_rightclick
- files_sharing
- files_trashbin
- files_versions
- files_videoplayer
- firstrunwizard
- forms
- logreader
- lookup_server_connector
- mail
- maps
- metadata
- nextcloud_announcements
- notes
- notifications
- oauth2
- password_policy
- photos
- polls
- privacy
- provisioning_api
- quota_warning
- ransomware_protection
- serverinfo
- settings
- sharebymail
- socialsharing_email
- spreed
- support
- suspicious_login
- systemtags
- tasks
- text
- theming
- twofactor_admin
- twofactor_backupcodes
- twofactor_gateway
- twofactor_totp
- twofactor_u2f
- updatenotification
- viewer
- whiteboard
- workflowengine
disabled_apps_list:
- admin_audit
- dashboard
- files_external
- recommendations
- sociallogin
- survey_client
- user_ldap
- user_status
- weather_status
tasks:
- name: Configure custom archive Nextcloud directory on hdd for personal usages
tags:
- cloud.banananet.work
- custom_archive_directory
vars:
archive_directory: "{{ global_hdd_directory }}/{{ bnet_cloud_domain }}~personal-archive"
block:
- name: Create archive directory
file:
state: directory
path: "{{ archive_directory }}"
owner: "{{ bnet_cloud_username }}"
group: "{{ bnet_cloud_username }}"
mode: "u=rwx,g=rx,o="
register: archive_directory_task
- name: Show message to user about path on changes
debug:
msg: >-
Changed custom archive directory: Please ensure you (re-)configure this directory properly on your Nextcloud instance: {{ archive_directory | quote }}
when: archive_directory_task.changed