---
##################################################
# Globale Konfiguration für alle Server
##################################################
- hosts: all
remote_user: root
roles:
- { role: all/hostname, tags: common }
- { role: all/common, tags: common }
- { role: all/sysctl, tags: sysctl }
##################################################
# Test Server
##################################################
##################################################
# Produktive Server
##################################################
- hosts: tiffany
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/cronapt, tags: cronapt }
- hosts: weatherwax
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/prometheus-node, tags: prometheus-node }
- { role: common/cronapt, tags: cronapt }
- hosts: carrot
remote_user: root
roles:
- { role: common/cronapt, tags: cronapt }
- { role: common/prometheus-node, tags: prometheus-node }
- { role: common/wireguard, tags: wireguard }
- hosts: ogg
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: dockerstats,
servicename: dockerstats,
basedir: /srv/dockerstats
}
- {
role: common/docker_traefik, tags: traefik,
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.lan",
domain_default: "services.warpzone.lan",
selfSignedCN: "warpzone.lan",
selfSignedDomain: "*.warpzone.lan"
}
- {
role: intern/docker_esphome, tags: esphome,
servicename: esphome,
basedir: /srv/esphome,
domain: "esphome.warpzone.lan"
}
- {
role: intern/docker_esphome-dev, tags: esphome-dev,
servicename: esphome-dev,
basedir: /srv/esphome-dev,
domain: "esphome-dev.warpzone.lan"
}
- {
role: intern/docker_grafana, tags: grafana,
servicename: grafana,
basedir: /srv/grafana,
domain: "grafana.warpzone.lan",
mqtt_influxdb_port: 18086
}
- {
role: intern/docker_heimdall, tags: heimdall,
servicename: heimdall,
basedir: /srv/heimdall,
domain: "services.warpzone.lan"
}
- {
role: intern/docker_homeassistant, tags: homeassistant,
servicename: homeassistant,
basedir: /srv/homeassistant,
domain: "ha.warpzone.lan",
influxdb_port: 38086
}
- {
role: intern/docker_mqtt, tags: mqtt,
servicename: mqtt,
basedir: /srv/mqtt,
mqtt_port: 1883,
influxdb_port: 18086
}
- {
role: intern/docker_nodered, tags: nodered,
servicename: nodered,
basedir: /srv/nodered,
domain: "nodered.warpzone.lan"
}
- {
role: intern/docker_omada, tags: omada,
servicename: omada,
basedir: /srv/omada,
domain: "omada.warpzone.lan",
certFile: "/srv/traefik/warpzone+internal+services.pem",
keyFile: "/srv/traefik/warpzone+internal+services.key",
omada_port_http: 8088,
omada_port_https: 8043,
omada_portal_https: 8843
}
- {
role: intern/docker_graylog, tags: graylog,
servicename: graylog,
basedir: /srv/graylog,
domain: "graylog.warpzone.lan"
}
- {
role: intern/docker_tasmoadmin, tags: tasmoadmin,
servicename: tasmoadmin,
basedir: /srv/tasmoadmin,
domain: "tasmoadmin.warpzone.lan"
}
- {
role: intern/docker_fridgeserver, tags: fridgeserver,
servicename: fridgeserver,
basedir: /srv/fridgeserver,
domain: "fridgeserver.warpzone.lan"
}
- hosts: webserver
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/kvm-guest, tags: kvm-guest }
- { role: common/openvpn, tags: openvpn }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: dockerstats,
servicename: dockerstats,
basedir: /srv/dockerstats
}
- {
role: common/docker_ldap, tags: ldap,
servicename: ldap,
basedir: /srv/ldap,
domain: "ldap.warpzone.ms"
}
- {
role: common/docker_traefik, tags: traefik,
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.ms",
domain_default: "www.warpzone.ms",
matrix_federation: true
}
- {
role: webserver/docker_coturn, tags: coturn,
servicename: "coturn",
domain: "turn.warpzone.ms"
}
- {
role: webserver/docker_dokuwiki, tags: dokuwiki,
servicename: "dokuwiki",
domain: "wiki.warpzone.ms",
basedir: /srv/dokuwiki,
healthchecks_url: "https://hc-ping.com/038adcfe-05bf-45b4-919b-88b69aab8844"
}
- {
role: webserver/docker_gitlab, tags: gitlab,
servicename: "gitlab",
domain: "gitlab.warpzone.ms",
domain_registry: "gitlab-registry.warpzone.ms"
}
- {
role: webserver/docker_icinga, tags: icinga,
servicename: icinga,
basedir: /srv/icinga,
domain: icinga.warpzone.ms,
api_port: 5665,
mysql_port: 33306,
matrix_notification_domain: "matrix.warpzone.ms",
matrix_notification_room: "!iYefxbySFEfFQfUGEK:matrix.warpzone.ms"
}
- {
role: webserver/docker_hackmd, tags: hackmd,
servicename: "hackmd",
basedir: /srv/hackmd,
domain: "md.warpzone.ms"
}
- {
role: webserver/docker_keycloak, tags: keycloak,
servicename: "keycloak",
basedir: /srv/keycloak,
domain: "keycloak.warpzone.ms"
}
- {
role: webserver/docker_mail, tags: mail,
servicename: mail,
basedir: /srv/mail,
domain: "warpzone.ms",
mailserver: "mailserver.warpzone.ms",
listserver: "listserver.warpzone.ms"
}
- {
role: webserver/docker_matterbridge, tags: matterbridge,
servicename: matterbridge,
basedir: /srv/matterbridge,
domain: "www.warpzone.ms"
}
- {
role: webserver/docker_matrix, tags: matrix,
servicename: "matrix",
basedir: /srv/matrix,
domain: "matrix.warpzone.ms"
}
- {
role: webserver/docker_vpnserver, tags: vpnserver,
servicename: "vpnserver",
basedir: /srv/vpnserver,
domain: "vpn.warpzone.ms"
}
- {
role: webserver/docker_warpapi, tags: warpapi,
servicename: "warpapi",
basedir: /srv/warpapi,
domain: "api.warpzone.ms"
}
- {
role: webserver/docker_wordpress, tags: wordpress,
servicename: "wordpress",
basedir: /srv/wordpress,
domain: "www.warpzone.ms"
}
- {
role: webserver/docker_workadventure, tags: workadventure,
servicename: "workadventure",
basedir: /srv/workadventure,
domain: "workadventure.warpzone.ms"
}
- hosts: verwaltung
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/kvm-guest, tags: kvm-guest }
- { role: common/openvpn, tags: openvpn }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: dockerstats,
servicename: dockerstats,
basedir: /srv/dockerstats
}
- {
role: common/docker_traefik, tags: traefik,
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.ms",
domain_default: "www.warpzone.ms"
}
- {
role: verwaltung/docker_gitea, tags: gitea,
servicename: "gitea",
domain: "verwaltung-git.warpzone.ms"
}
- {
role: verwaltung/cryptdata, tags: cryptdata,
}
- {
role: verwaltung/docker_jameica, tags: jameicavnc,
servicename: "jameicavnc",
domain: "verwaltung-jameica.warpzone.ms"
}
- {
role: verwaltung/docker_nextcloud, tags: nextcloud,
servicename: "nextcloud",
domain: "verwaltung.warpzone.ms"
}
- {
role: verwaltung/docker_mysql, tags: mysql
}
- {
role: verwaltung/user, tags: user
}
- {
role: verwaltung/jameica, tags: jameica
}
- {
role: verwaltung/x2goserver, tags: x2goserver
}
##################################################
# warpzone.remote Server für Veranstaltungen / Camps
##################################################
- hosts: hex
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/cronapt, tags: cronapt }
- { role: common/prometheus-node, tags: prometheus-node }
- hosts: hix
remote_user: root
roles:
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: dockerstats,
servicename: dockerstats,
basedir: /srv/dockerstats
}
- {
role: common/docker_traefik, tags: traefik,
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.remote",
domain_default: "ha.warpzone.remote",
selfSignedCN: "warpzone.remote",
selfSignedDomain: "*.warpzone.remote"
}
- {
role: intern/docker_mqtt, tags: mqtt,
servicename: mqtt,
basedir: /srv/mqtt,
mqtt_port: 1883,
influxdb_port: 18086
}
- {
role: remote/docker_netdata, tags: netdata,
servicename: netdata,
basedir: /srv/netdata,
domain: "netdata.warpzone.remote"
}
- {
role: remote/docker_prometheus, tags: prometheus,
servicename: prometheus,
basedir: /srv/prometheus,
domain: "prometheus.warpzone.remote",
prometheus_port: 9090
}
- {
role: intern/docker_grafana, tags: grafana,
servicename: grafana,
basedir: /srv/grafana,
domain: "grafana.warpzone.remote",
mqtt_influxdb_port: 18086
}
- {
role: remote/docker_homeassistant, tags: homeassistant,
servicename: homeassistant,
basedir: /srv/homeassistant,
domain: "ha.warpzone.remote",
influxdb_port: 38086
}
- {
role: intern/docker_tasmoadmin, tags: tasmoadmin,
servicename: tasmoadmin,
basedir: /srv/tasmoadmin,
domain: "tasmoadmin.warpzone.remote"
}
- {
role: remote/docker_unifi, tags: unifi,
servicename: unifi,
basedir: /srv/unifi,
domain: "unifi.warpzone.remote"
}