site.yml 7.52 KiB
---
##################################################
# Globale Konfiguration für alle Server
##################################################
- hosts: all
remote_user: root
roles:
- { role: all/hostname, tags: common }
- { role: all/common, tags: common }
- { role: all/sysctl, tags: sysctl }
##################################################
# Produktive Server
##################################################
- hosts: tiffany
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/cronapt, tags: cronapt }
- hosts: weatherwax
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/cronapt, tags: cronapt }
- hosts: ogg
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: dockerstats,
servicename: dockerstats,
basedir: /srv/dockerstats
}
- {
role: common/docker_traefik, tags: traefik,
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.lan",
domain_default: "services.warpzone.lan",
certFile: "warpzone+internal+services.pem",
keyFile: "warpzone+internal+services.key"
}
- {
role: intern/docker_esphome, tags: esphome,
servicename: esphome,
basedir: /srv/esphome,
domain: "esphome.warpzone.lan"
}
- {
role: intern/docker_esphome-dev, tags: esphome-dev,
servicename: esphome-dev,
basedir: /srv/esphome-dev,
domain: "esphome-dev.warpzone.lan"
}
- {
role: intern/docker_heimdall, tags: heimdall,
servicename: heimdall,
basedir: /srv/heimdall,
domain: "services.warpzone.lan"
} - {
role: intern/docker_homeassistant, tags: homeassistant,
servicename: homeassistant,
basedir: /srv/homeassistant,
domain: "ha.warpzone.lan",
influxdb_port: 38086
}
- {
role: intern/docker_mqtt, tags: mqtt,
servicename: mqtt,
basedir: /srv/mqtt,
mqtt_port: 1883,
influxdb_port: 18086
}
- {
role: intern/docker_nodered, tags: nodered,
servicename: nodered,
basedir: /srv/nodered,
domain: "nodered.warpzone.lan"
}
- {
role: intern/docker_omada, tags: omada,
servicename: omada,
basedir: /srv/omada,
domain: "omada.warpzone.lan",
certFile: "/srv/traefik/warpzone+internal+services.pem",
keyFile: "/srv/traefik/warpzone+internal+services.key"
}
- {
role: intern/docker_graylog, tags: graylog,
servicename: graylog,
basedir: /srv/graylog,
domain: "graylog.warpzone.lan"
}
- hosts: webserver
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/kvm-guest, tags: kvm-guest }
- { role: common/openvpn, tags: openvpn }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: dockerstats,
servicename: dockerstats,
basedir: /srv/dockerstats
}
- {
role: common/docker_ldap, tags: ldap,
servicename: "ldap",
domain: "ldap.warpzone.ms"
}
- {
role: common/docker_traefik, tags: traefik,
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.ms",
domain_default: "www.warpzone.ms",
matrix_federation: true
}
- {
role: webserver/docker_autodiscover, tags: autodiscover,
servicename: autodiscover,
basedir: /srv/autodiscover
}
- {
role: webserver/docker_coturn, tags: coturn, servicename: "coturn",
domain: "turn.warpzone.ms"
}
- {
role: webserver/docker_dokuwiki, tags: dokuwiki,
servicename: "dokuwiki",
domain: "wiki.warpzone.ms"
}
- {
role: webserver/docker_gitlab, tags: gitlab,
servicename: "gitlab",
domain: "gitlab.warpzone.ms",
domain_registry: "gitlab-registry.warpzone.ms"
}
- {
role: webserver/docker_icinga, tags: icinga,
servicename: icinga,
basedir: /srv/icinga,
domain: icinga.warpzone.ms,
api_port: 5665,
mysql_port: 33306,
}
- {
role: webserver/docker_hackmd, tags: hackmd,
servicename: "hackmd",
basedir: /srv/hackmd,
domain: "md.warpzone.ms"
}
- {
role: webserver/docker_keycloak, tags: keycloak,
servicename: "keycloak",
basedir: /srv/keycloak,
domain: "keycloak.warpzone.ms"
}
- {
role: webserver/docker_mail, tags: mail,
basedir: /srv/mail,
}
- {
role: webserver/docker_matterbridge, tags: matterbridge,
basedir: /srv/matterbridge,
domain: "www.warpzone.ms"
}
- {
role: webserver/docker_matrix, tags: matrix,
servicename: "matrix",
basedir: /srv/matrix,
domain: "matrix.warpzone.ms"
}
- {
role: webserver/docker_vpnserver, tags: vpnserver,
servicename: "vpnserver",
basedir: /srv/vpnserver,
domain: "vpn.warpzone.ms"
}
- {
role: webserver/docker_warpapi, tags: warpapi,
servicename: "warpapi",
basedir: /srv/warpapi,
domain: "api.warpzone.ms"
}
- {
role: webserver/docker_wordpress, tags: wordpress,
servicename: "wordpress",
basedir: /srv/wordpress,
domain: "www.warpzone.ms"
}
- {
role: webserver/docker_workadventure, tags: workadventure,
servicename: "workadventure", basedir: /srv/workadventure,
domain: "workadventure.warpzone.ms"
}
- hosts: verwaltung
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/kvm-guest, tags: kvm-guest }
- { role: common/openvpn, tags: openvpn }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: dockerstats,
servicename: dockerstats,
basedir: /srv/dockerstats
}
- {
role: common/docker_traefik, tags: traefik,
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.ms",
domain_default: "www.warpzone.ms"
}
- {
role: verwaltung/docker_gitea, tags: gitea,
servicename: "gitea",
domain: "verwaltung-git.warpzone.ms"
}
- {
role: verwaltung/cryptdata, tags: cryptdata,
}
- {
role: verwaltung/docker_jameica, tags: jameicavnc,
servicename: "jameicavnc",
domain: "verwaltung-jameica.warpzone.ms"
}
- {
role: verwaltung/docker_nextcloud, tags: nextcloud,
servicename: "nextcloud",
domain: "verwaltung.warpzone.ms"
}
- {
role: verwaltung/docker_mysql, tags: mysql
}
- {
role: verwaltung/user, tags: user
}
- {
role: verwaltung/jameica, tags: jameica
}
- {
role: verwaltung/x2goserver, tags: x2goserver
}