---
##################################################
# Globale Konfiguration für alle Server
##################################################
- hosts: all
remote_user: root
roles:
- { role: all/common, tags: common }
- { role: all/hostname, tags: hostname }
- { role: all/mount, tags: mount}
- { role: all/sysctl, tags: sysctl }
##################################################
# Test Server
##################################################
- hosts: test-warpzone-de
remote_user: root
roles:
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- {
role: testserver/docker_traefik, tags: [ test_traefik, docker_services ],
servicename: traefik,
basedir: /srv/traefik,
domain: "test-warpzone.de",
domain_default: "www.test-warpzone.de",
}
- {
role: testserver/docker_mail, tags: [ test_mail, docker_services ],
servicename: mail,
basedir: "/srv/{{ servicename }}",
domain: "test-warpzone.de",
mailserver: "mailserver.test-warpzone.de",
listserver: "listserver.test-warpzone.de"
}
- {
role: testserver/docker_uffd, tags: [ test_uffd, docker_services ],
servicename: uffd,
basedir: "/srv/{{ servicename }}",
domain: "uffd.test-warpzone.de",
}
- {
role: testserver/docker_icinga, tags: [ test_icinga, docker_services ],
servicename: icinga,
basedir: "/srv/{{ servicename }}",
domain: "icinga.test-warpzone.de",
api_port: 5665,
mysql_port: 33306
}
- {
role: testserver/docker_gitlab, tags: [ test_gitlab, docker_services ],
servicename: "gitlab",
basedir: "/srv/{{ servicename }}",
domain: "gitlab.test-warpzone.de",
domain_registry: "gitlab-registry.test-warpzone.de",
git_ssh_port: 444
}
- {
role: testserver/docker_gitea, tags: [ test_gitea, docker_services ],
servicename: "gitea",
basedir: "/srv/{{ servicename }}",
domain: "verwaltung-git.test-warpzone.de",
git_ssh_port: 555
}
- {
role: testserver/docker_grafana, tags: [ test_grafana, docker_services ],
servicename: "grafana",
basedir: "/srv/{{ servicename }}",
domain: "grafana.test-warpzone.de"
}
- {
role: testserver/docker_hackmd, tags: [ test_hackmd, docker_services ],
servicename: "hackmd",
basedir: "/srv/{{ servicename }}",
domain: "md.test-warpzone.de"
}
- {
role: testserver/docker_matrix, tags: [ test_matrix, docker_services ],
servicename: "matrix",
basedir: "/srv/{{ servicename }}",
domain: "matrix.test-warpzone.de"
}
- {
role: testserver/docker_nextcloud, tags: [ test_nextcloud, docker_services ],
servicename: "nextcloud",
basedir: "/srv/{{ servicename }}",
domain: "verwaltung.test-warpzone.de"
}
- {
role: testserver/docker_paperless, tags: [ test_paperless, docker_services ],
servicename: "paperless",
basedir: "/srv/{{ servicename }}",
domain: "docs.test-warpzone.de"
}
- {
role: testserver/docker_tandoor, tags: [ test_tandoor, docker_services ],
servicename: "tandoor",
basedir: "/srv/{{ servicename }}",
domain: "tandoor.test-warpzone.de"
}
- {
role: testserver/docker_vpnserver, tags: [ test_vpnserver, docker_services ],
servicename: "vpnserver",
basedir: "/srv/{{ servicename }}",
domain: "vpn.test-warpzone.de"
}
- {
role: testserver/docker_wordpress, tags: [ test_wordpress, docker_services ],
servicename: "wordpress",
basedir: "/srv/{{ servicename }}",
domain: "www.test-warpzone.de"
}
- {
role: testserver/docker_jameica, tags: [ test_jameicavnc, docker_services ],
servicename: "jameicavnc",
domain: "verwaltung-jameica.test-warpzone.de",
basedir: "/srv/{{servicename}}"
}
- {
role: testserver/docker_dokuwiki, tags: [ test_dokuwiki, docker_services ],
servicename: "dokuwiki",
domain: "wiki.test-warpzone.de",
basedir: /srv/dokuwiki,
}
##################################################
# Produktive Server
##################################################
- hosts: tiffany
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/cronapt, tags: cronapt }
- hosts: weatherwax
remote_user: root
roles:
- { role: common/proxmox, tags: proxmox }
- { role: common/prometheus-node, tags: prometheus-node }
- { role: common/cronapt, tags: cronapt }
- hosts: carrot
remote_user: root
roles:
- { role: common/cronapt, tags: cronapt }
- { role: common/prometheus-node, tags: prometheus-node }
- { role: common/wireguard, tags: wireguard }
- hosts: ogg
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: [ dockerstats, docker_services ],
servicename: dockerstats,
basedir: /srv/dockerstats,
metrics_port: 9487
}
- {
role: common/docker_watchtower, tags: [ watchtower, docker_services ],
servicename: watchtower,
basedir: /srv/watchtower,
}
- {
role: common/docker_traefik, tags: [ traefik, docker_services ],
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.lan",
domain_default: "services.warpzone.lan",
selfSignedCN: "warpzone.lan",
selfSignedDomain: "*.warpzone.lan"
}
- {
role: intern/docker_esphome, tags: [ esphome, docker_services ],
servicename: esphome,
basedir: /srv/esphome,
domain: "esphome.warpzone.lan"
}
- {
role: intern/docker_grafana, tags: [ grafana, docker_services ],
servicename: grafana,
basedir: /srv/grafana,
domain: "grafana.warpzone.lan",
mqtt_influxdb_port: 18086
}
- {
role: intern/docker_heimdall, tags: [ heimdall, docker_services ],
servicename: heimdall,
basedir: /srv/heimdall,
domain: "services.warpzone.lan"
}
- {
role: intern/docker_homeassistant, tags: [ homeassistant, docker_services ],
servicename: homeassistant,
basedir: /srv/homeassistant,
domain: "ha.warpzone.lan",
homematic_callback_port: 8060,
influxdb_port: 38086
}
- {
role: intern/docker_mqtt, tags: [ mqtt, docker_services ],
servicename: mqtt,
basedir: /srv/mqtt,
domain: "mqtt.warpzone.lan",
mqtt_port: 1883,
influxdb_port: 18086
}
- {
role: intern/docker_nodered, tags: [ nodered, docker_services ],
servicename: nodered,
basedir: /srv/nodered,
domain: "nodered.warpzone.lan"
}
- {
role: intern/docker_omada, tags: [ omada, docker_services ],
servicename: omada,
basedir: /srv/omada,
domain: "omada.warpzone.lan",
certFile: "/srv/traefik/warpzone+internal+services.pem",
keyFile: "/srv/traefik/warpzone+internal+services.key",
omada_port_http: 8088,
omada_port_https: 8043,
omada_portal_https: 8843
}
- {
role: intern/docker_pihole, tags: pihole,
servicename: pihole,
basedir: /srv/pihole,
domain: "pihole.warpzone.lan"
}
- {
role: intern/docker_tasmoadmin, tags: [ tasmoadmin, docker_services ],
servicename: tasmoadmin,
basedir: /srv/tasmoadmin,
domain: "tasmoadmin.warpzone.lan"
}
- {
role: intern/docker_fridgeserver, tags: [ fridgeserver, docker_services ],
servicename: fridgeserver,
basedir: /srv/fridgeserver,
domain: "fridgeserver.warpzone.lan"
}
- {
role: intern/docker_zigbee2mqtt, tags: [ zigbee2mqtt, docker_services ],
servicename: zigbee2mqtt,
basedir: /srv/zigbee2mqtt,
domain: "zigbee2mqtt.warpzone.lan"
}
- hosts: webserver
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/kvm-guest, tags: kvm-guest }
- { role: common/openvpn, tags: openvpn }
- { role: common/prometheus-node, tags: prometheus-node }
- { role: common/wireguard, tags: wireguard }
- {
role: common/docker_dockerstats, tags: [ dockerstats, docker_services ],
servicename: dockerstats,
basedir: /srv/dockerstats,
metrics_port: 9487
}
- {
role: webserver/docker_uffd, tags: [ uffd, docker_services ],
servicename: uffd,
basedir: "/srv/{{ servicename }}",
domain: "uffd.warpzone.ms",
}
- {
role: common/docker_ldap, tags: [ ldap, docker_services ],
servicename: ldap,
basedir: /srv/ldap,
domain: "ldap.warpzone.ms"
}
- {
role: common/docker_traefik, tags: [ traefik, docker_services ],
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.ms",
domain_default: "www.warpzone.ms",
matrix_federation: true
}
- {
role: common/docker_watchtower, tags: [ watchtower, docker_services ],
servicename: watchtower,
basedir: /srv/watchtower,
}
- {
role: webserver/docker_coturn, tags: [ coturn, docker_services ],
servicename: "coturn",
domain: "turn.warpzone.ms"
}
- {
role: webserver/docker_dokuwiki, tags: [ dokuwiki, docker_services ],
servicename: "dokuwiki",
domain: "wiki.warpzone.ms",
basedir: /srv/dokuwiki,
healthchecks_url: "https://hc-ping.com/038adcfe-05bf-45b4-919b-88b69aab8844"
}
- {
role: webserver/docker_gitlab, tags: [ gitlab, docker_services ],
servicename: "gitlab",
domain: "gitlab.warpzone.ms",
domain_registry: "gitlab-registry.warpzone.ms"
}
- {
role: webserver/docker_icinga, tags: [ icinga, docker_services ],
servicename: icinga,
basedir: /srv/icinga,
domain: icinga.warpzone.ms,
api_port: 5665,
mysql_port: 33306
}
- {
role: webserver/docker_hackmd, tags: [ hackmd, docker_services ],
servicename: "hackmd",
basedir: /srv/hackmd,
domain: "md.warpzone.ms"
}
- {
role: webserver/docker_keycloak, tags: [ keycloak, docker_services ],
servicename: "keycloak",
basedir: /srv/keycloak,
domain: "keycloak.warpzone.ms"
}
- {
role: webserver/docker_mail, tags: [ mail, docker_services ],
servicename: mail,
basedir: /srv/mail,
domain: "warpzone.ms",
mailserver: "mailserver.warpzone.ms",
listserver: "listserver.warpzone.ms"
}
- {
role: webserver/docker_matterbridge, tags: [ matterbridge, docker_services ],
servicename: matterbridge,
basedir: /srv/matterbridge,
domain: "www.warpzone.ms"
}
- {
role: webserver/docker_matrix, tags: [ matrix, docker_services ],
servicename: "matrix",
basedir: /srv/matrix,
domain: "matrix.warpzone.ms"
}
- {
role: webserver/docker_warpapi, tags: [ warpapi, docker_services ],
servicename: "warpapi",
basedir: /srv/warpapi,
domain: "api.warpzone.ms"
}
- {
role: webserver/docker_wordpress, tags: [ wordpress, docker_services ],
servicename: "wordpress",
basedir: /srv/wordpress,
domain: "www.warpzone.ms"
}
# - {
# role: webserver/docker_workadventure, tags: [ workadventure, docker_services ],
# servicename: "workadventure",
# basedir: /srv/workadventure,
# domain: "workadventure.warpzone.ms"
# }
- hosts: verwaltung
remote_user: root
roles:
- { role: common/borgbackup, tags: borgbackup }
- { role: common/cronapt, tags: cronapt }
- { role: common/docker, tags: docker }
- { role: common/kvm-guest, tags: kvm-guest }
- { role: common/openvpn, tags: openvpn }
- { role: common/prometheus-node, tags: prometheus-node }
- {
role: common/docker_dockerstats, tags: [ dockerstats, docker_services ],
servicename: dockerstats,
basedir: /srv/dockerstats,
metrics_port: 9487
}
- {
role: common/docker_traefik, tags: [ traefik, docker_services ],
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.ms",
}
- {
role: common/docker_watchtower, tags: [ watchtower, docker_services ],
servicename: watchtower,
basedir: /srv/watchtower,
}
- {
role: verwaltung/docker_gitea, tags: [ gitea, docker_services ],
servicename: "gitea",
basedir: /srv/gitea,
domain: "verwaltung-git.warpzone.ms",
git_ssh_port: 444
}
- {
role: verwaltung/cryptdata, tags: cryptdata,
}
- {
role: verwaltung/docker_jameica, tags: [ jameicavnc, docker_services ],
servicename: "jameicavnc",
basedir: /srv/jameica-vnc,
domain: "verwaltung-jameica.warpzone.ms"
}
- {
role: verwaltung/docker_nextcloud, tags: [ nextcloud, docker_services ],
servicename: "nextcloud",
basedir: /srv/nextcloud,
domain: "verwaltung.warpzone.ms"
}
- {
role: verwaltung/docker_vaultwarden, tags: [ vaultwarden, docker_services ],
servicename: "vaultwarden",
basedir: /srv/vaultwarden,
domain: "vault.warpzone.ms"
}
- {
role: verwaltung/docker_mysql, tags: [ mysql, docker_services ],
}
- {
role: verwaltung/user, tags: user
}
- {
role: verwaltung/jameica, tags: jameica
}
- {
role: verwaltung/x2goserver, tags: x2goserver
}
##################################################
# warpzone.remote Server für Veranstaltungen / Camps
##################################################
- hosts: hex
remote_user: root
roles:
- { role: common/proxmox, tags: [ proxmox, remote ] }
- { role: common/cronapt, tags: [ cronapt, remote ] }
- { role: common/prometheus-node, tags: [ prometheus-node, remote ] }
- hosts: hix
remote_user: root
roles:
- { role: common/cronapt, tags: [ cronapt, remote ] }
- { role: common/docker, tags: [ docker, remote ] }
- { role: common/prometheus-node, tags: [ prometheus-node, remote ] }
- {
role: common/docker_dockerstats, tags: [ dockerstats, docker_services, remote ],
servicename: dockerstats,
basedir: /srv/dockerstats,
metrics_port: 9487
}
- {
role: common/docker_traefik, tags: [ traefik, docker_services, remote ],
servicename: traefik,
basedir: /srv/traefik,
domain: "warpzone.remote",
domain_default: "ha.warpzone.remote",
selfSignedCN: "warpzone.remote",
selfSignedDomain: "*.warpzone.remote"
}
- {
role: intern/docker_mqtt, tags: [ mqtt, docker_services, remote ],
servicename: mqtt,
basedir: /srv/mqtt,
mqtt_port: 1883,
influxdb_port: 18086
}
- {
role: remote/docker_netdata, tags: [ netdata, docker_services, remote ],
servicename: netdata,
basedir: /srv/netdata,
domain: "netdata.warpzone.remote"
}
- {
role: remote/docker_prometheus, tags: [ prometheus, docker_services, remote ],
servicename: prometheus,
basedir: /srv/prometheus,
domain: "prometheus.warpzone.remote",
prometheus_port: 9090
}
- {
role: intern/docker_grafana, tags: [ grafana, docker_services, remote ],
servicename: grafana,
basedir: /srv/grafana,
domain: "grafana.warpzone.remote",
mqtt_influxdb_port: 18086
}
- {
role: remote/docker_homeassistant, tags: [ homeassistant, docker_services, remote ],
servicename: homeassistant,
basedir: /srv/homeassistant,
domain: "ha.warpzone.remote",
influxdb_port: 38086
}
- {
role: intern/docker_tasmoadmin, tags: [ tasmoadmin, docker_services, remote ],
servicename: tasmoadmin,
basedir: /srv/tasmoadmin,
domain: "tasmoadmin.warpzone.remote"
}
- {
role: remote/docker_unifi, tags: [ unifi, docker_services, remote ],
servicename: unifi,
basedir: /srv/unifi,
domain: "unifi.warpzone.remote"
}