Commit graph

278 commits

Author SHA1 Message Date
June 69edb75112 Use correct variable for initial config in zigbee2mqtt role 2023-07-29 01:16:49 +02:00
June 51c1b667f4 Provide secrets for keycloak VM from pass 2023-07-29 00:59:01 +02:00
Dario 8fa4e5af3e Merge branch 'feature/aes_lingo_patches' into 'main'
AES: patch code and l10n to add train drivers license

See merge request ccchh/thinkcccentre-ansible!3
2023-07-28 22:26:04 +00:00
Dario c3fc040751
AES: patch code and l10n to add train drivers license 2023-07-28 23:59:02 +02:00
June 727cd0bc74 Bump Keycloak to 22.0 2023-07-28 23:16:46 +02:00
June 2f7e3ae893 Build on docker compose up as well 2023-07-28 23:16:27 +02:00
yuri 18990b3b5f
Bump zigbee2mqtt to 1.32.1 2023-07-27 18:26:47 +02:00
yuri 1570b0c04e
Bump esphome to 2023.7.0 2023-07-27 18:22:58 +02:00
jtbx d5285a3fd2 deploy an engelsystem named AES 2023-07-09 01:57:55 +02:00
June b536e5c2fb Fix: Add necessary becomes 2023-07-09 00:26:20 +02:00
jtbx b2e9c22821 cert, nginx: Update for debian 12 2023-07-09 00:03:38 +02:00
jtbx 67483ece20 docker roles: Support debian 12 2023-07-08 23:47:04 +02:00
June 82b64e24c6 Fix variable name
Thanks jtbx for pointing that out!
2023-07-08 23:41:12 +02:00
June 8bc60e42a8 Extend distribution_check role to account for Ansible changes reg. facts
Somewhere between ansible [core 2.14.4] and ansible [core 2.15.0] the
logic for the distribution_version Ansible fact got changed. With the
newer Ansible version Debians distribution_version gets reported as 11.7
as opposed to getting reported as 11 with the old Ansible version. To
still allow for useful distribution checks, extend the
distribution_check role by allowing the specification of
distribution_major_versions and distribution_releases as well.
This way you can check for an Ubuntu version by using
distribution_version (which for example resolves to 18.04, while
distribution_major_version would resolve to 18 in that case) and check
for a Debian version by using distribution_major_version (which for
example resolves to 11, while distribution_version would resolve to 11.7
in that case).
2023-07-08 19:58:02 +02:00
June 0c62a8f3e0 Add role for deploying SSH config and also add mailserver-endpoint host 2023-06-06 23:37:42 +02:00
June ebfa591484 Use larger buf. size to fix 502s sometimes occur. when going through PVE 2023-05-26 03:27:56 +02:00
June 55506a003a Make Rspamd configs world-readable 2023-05-26 03:27:56 +02:00
Dario e37d84c60d
clean up foobazdmx role
make git repo url and version to check out a variable instead of a
hard-coded value the role, and update host_vars to match.
2023-05-21 15:12:42 +02:00
yuri 2d5f116ff3
Use access token with Reporter role for foobazdmx 2023-05-21 03:03:02 +02:00
yuri da710bcf8f
Reduce maximum AirPlay volume for Audio Pi 2023-05-21 01:29:25 +02:00
yuri 49bfcbc987 Merge branch 'foobazdmx-update' into 'main'
Update foobazdmx repository url and release target

See merge request ccchh/thinkcccentre-ansible!2
2023-05-20 21:19:47 +00:00
Dario a6db315138
Update foobazdmx repository url and release target
Update foobazdmx repository url in foobazdmx role to main repo.
Change commit to be checked out by ansible to latest commit on main.
2023-05-20 22:58:24 +02:00
yuri 0972ce1e24
Remove printserver from inventory 2023-05-10 18:02:10 +02:00
yuri 8d50e73888
Use chaos user as ansible user for VMs 2023-05-10 18:02:10 +02:00
yuri 544abc1c27
Rename automation host to mqtt 2023-05-10 18:02:10 +02:00
yuri 33d1cfca1f
Move become: true into esphome role
Move become: true into zigbee2mqtt role

Remove become: true from deploy_public_reverse_proxy playbook

Remove become: true from deploy_dokuwiki playbook

Move become: true from deploy_audio_pi and deploy_light playbooks into roles

Remove become: true from deploy_keycloak playbook

Move become: true from deploy_automation playbook to mosquitto role
2023-05-10 18:02:10 +02:00
June b56ca3899d Add send_only_mailserver role and deploy Send-Only-Mailserver with it
Co-authored-by: yuri <yuri@nekover.se>
2023-05-09 23:01:57 +02:00
June f4a79fb4e2 Make it possible to set custom permissions for certificate files
This is in preparation for a role using OpenSMTPD.
2023-05-09 22:07:44 +02:00
yuri 7bb741c8e3
Bump esphome to 2023.4.4 2023-05-09 21:03:03 +02:00
yuri 35ad23a44c
Bump zigbee2mqtt to 1.30.4 2023-05-09 21:02:34 +02:00
yuri 78023f5198
Use cert role to deploy a valid certificate for esphome.ccchh.net 2023-05-09 21:02:32 +02:00
yuri ca3a30360f
Use cert role to deploy a valid certificate for zigbee2mqtt.ccchh.net 2023-05-09 17:24:20 +02:00
yuri 1cd0700cf5
Fix filename for include_tasks 2023-05-09 17:20:24 +02:00
yuri 9dc77ad5a5
Only deploy zigbee2mqtt config when it doesn't exist 2023-05-09 14:39:50 +02:00
yuri 048e189828
Fix inventory path 2023-05-09 14:38:15 +02:00
yuri 1bcb77961b
Use the .yaml file extension for all YAML files 2023-05-08 19:55:08 +02:00
julian 9d0697f0d0 Use PROXY Protocol for Keycloak 2023-05-05 00:00:48 +02:00
Jannik Beyerstedt 7710bf384d Keycloak: Fix restart condition 2023-05-04 23:39:51 +02:00
julian 2dc4b6f5fd Add keycloak 2023-05-02 06:12:56 +02:00
julian 91274de823 Add my docker and docker_compose role
Do this in preparation for the keycloak deployment.
2023-05-01 01:45:15 +02:00
julian d4d2e973a1 Get certificate for wiki using cert role 2023-05-01 00:22:05 +02:00
julian 1a0636307b Use Certbot naming for certificate files 2023-05-01 00:18:59 +02:00
julian 29cb9f941c Add authoritative-dns to hosts.yml 2023-04-27 23:58:23 +02:00
julian aac049efb2 Use BIND 9 server instead of Cloudfl. for DNS-01 challenge via nsupdate
Co-authored-by: Jannik Beyerstedt <code@jannikbeyerstedt.de>
2023-04-27 23:38:14 +02:00
julian 4814ea8bda Use one ACME account key per host
This is nicer for us, since this avoids sharing a secret.
Also put certificate directories in `certs` sub-directory for better
organization.
2023-04-25 18:03:59 +02:00
julian f9c51842fd Make use of become in role 2023-04-25 17:13:10 +02:00
julian 6e9d07b6f6 Add some spacing between tasks 2023-04-25 16:59:02 +02:00
julian f8d89c9742 Use /etc/ansible_certs instead of /certs directory 2023-04-25 16:57:34 +02:00
yuri c407f93b0a
Add initial cert role 2023-04-25 13:49:45 +02:00
julian 9670b6494c Make the wiki publicly accessible and configure nginxs to give it https 2023-04-16 01:41:29 +02:00