You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
56 lines
3.6 KiB
Markdown
56 lines
3.6 KiB
Markdown
# Playbook for BananaNetwork
|
|
|
|
This playbook defines the configuration for all servers / devices controlled by the BananaNetwork.
|
|
|
|
## Roles
|
|
|
|
Following roles have been defined to make creating a server configuration easy:
|
|
|
|
- **account** installs an user account preconfigured with tmux, vim and zsh.
|
|
- **acme** defines roles for handling the automatic handling of certificates with *acme.sh*
|
|
- **application** installs main application
|
|
- **certificate** issues a given certificate
|
|
- **bootstrap** defines a way to connect to a server which has not been configured yet
|
|
- **common** defines the installation of common packages and common configurations like firewall
|
|
- **dns** defines roles for handling dns authorities and slaves, uses *bind9*
|
|
- **application** installs main application
|
|
- **master** configures a dns authority with support of DNSSEC for a domain
|
|
- **slave** configures an automatic cloning slave for a domain
|
|
- **git_auto_update** adds an auto update mechanism for a git repository based on signed release tags
|
|
- **hostname** configures the hostname for a given host
|
|
- **misc** contains some required but small roles
|
|
- **deb_unstable** enables debian unstable on low priority
|
|
- **handlers** contains some handlers used by other roles
|
|
- **ip_discover** configures a server to automatically send its ip addresses to a supported service
|
|
- **system_user** creates a system user
|
|
- **mysql** defines roles for handling mysql databases and users, uses *MariaDB*
|
|
- **application** installs the main application with automatic backup
|
|
- **database** configures a database for an external application with its own user
|
|
- **nginx** defines roles to set up virtual servers, certificates will be requested by default
|
|
- **application** installs and configures the main requirements
|
|
- **forward** sets up a forwarding from one domain to another
|
|
- **php-fpm** installs php-fpm and requirements
|
|
- **php-pool** sets up a php-fpm pool running its own user account
|
|
- **php** sets up a PHP webpage with files at the given directory
|
|
- **proxy** sets up a reverse proxy to a local port / proxy
|
|
- **server** sets up a nginx server with custom directives
|
|
- **static** sets up a static web root
|
|
- **upstream** sets up an upstream accessible to nginx servers
|
|
- **node** defines roles for setting up node applications
|
|
- **application** installs the main application
|
|
- **server** defines roles using different kind of server applications, applications will be configured using separated system users
|
|
- **firefox-sync** sets up a Firefox sync server for bookmarks, history, etc.
|
|
- **gitea** sets up a git repository using *Gitea* as web overlay
|
|
- **minecraft** sets up a Minecraft server at the given version (AppArmor, no Web UI)
|
|
- **nextcloud** sets up a cloud storage using *NextCloud*
|
|
- **node** sets up a *Node.js* server from a repository with a database expecting it can be configured by command arguments
|
|
- **spotme** sets up a SpotMe server
|
|
- **static** sets up a static virtual server with files from a repository
|
|
- **tt-rss** sets up a Tiny Tiny RSS Feed Reader Server
|
|
- **wireguard** defines roles to handle a *WireGuard* configuration across different servers
|
|
- **application** installs and configures the main application
|
|
- **backbone** configures a system to allow all other *WireGuard* systems to connect to this server
|
|
- **client** configures a system to connect to *WireGuard* backbones
|
|
- **handlers** contains special handlers effecting all *WireGuard* backbones and clients
|
|
- **special_client** creates a configuration for a device not configurable by Ansible and stores it locally
|