.gitignore

@@ -1 +0,0 @@
-.vscode

.vscode/settings.json

@@ -0,0 +1,6 @@
+{
+    "search.exclude": {
+        "/playbooks/roles/": true,
+        "/playbooks/resources/": true,
+    },
+}

README.md

@@ -3,13 +3,15 @@
 Folgende Geräte und Server werden duch dieses Ansible Repository verwaltet:
 
 * Diverse VMs auf dem ThinkCCCluster
+* Diverse VMs auf dem Chaosknoten
 
-Die Konfigurationsdateien liegen unter `playbooks/files/configs` bzw. `playbooks/templates/configs` und werden für Hosts jeweils in einer `host_vars`-Datei im Inventory geladen.
+Host-spezifische Konfigurationsdateien liegen unter `resources/` und werden für jeweils über eine `host_vars`-Datei im Inventory geladen.
 
 ## Galaxy-Collections und -Rollen installieren
 
 Für einige Aspekte verwenden wir Rollen aus Ansible Galaxy. Die müssen zunächst installiert werden:
-```
+
+```bash
 ansible-galaxy install -r requirements.yml
 ```
 
@@ -17,29 +19,29 @@ ansible-galaxy install -r requirements.yml
 
 Grundsätzlich sollten Secrets vermieden werden. (Also z.B.: Nutze SSH Keys statt Passwort.)
 
-Da Secrets aber durchaus doch gebraucht werden, werden diese dann in diesem Repo direkt aus dem [password-store](https://gitlab.hamburg.ccc.de/ccchh/password-store) (meist aus einem Sub-Eintrag des `noc/` Ordners) geladen.
+Da Secrets aber durchaus doch gebraucht werden, werden diese dann in diesem Repo direkt aus dem [password-store](https://git.hamburg.ccc.de/CCCHH/password-store) (meist aus einem Sub-Eintrag des `noc/` Ordners) geladen.
 Dies geschieht mit Hilfe des `community.general.passwordstore` lookup Plugins. 
 
-
 ## Playbook nur für einzelne Hosts ausführen
 
 Ein paar der Hosts haben den selben Namen, was es etwas schwieriger macht, das Playbook nur für einen der Hosts auszuführen, z. B. `public-reverse-proxy`. Die Kombination aus `--inventory` und `--limit` führt zum Erfolg:
-```
+
+```bash
 ansible-playbook playbooks/deploy.yaml --inventory inventories/chaosknoten/hosts.yaml --limit public-reverse-proxy
 ```
 
 ## Neuen Web-Service hinzufügen
 
-Wir deployen Web-Services hinter dem `public-reverse-proxy`. Der Service-Name `service.hamburg.ccc.de` ist ein CNAME für public-reverse-proxy.hamburg.ccc.de, und die Service-VM ist unter `service-intern.hamburg.ccc.de` mit einer `172.31.17.x`-Adresse erreichbar.
+Wir deployen Web-Services auf dem Chaosknoten hinter dem `public-reverse-proxy`. Der Service-Name `service.hamburg.ccc.de` sollte ein CNAME für `public-reverse-proxy.hamburg.ccc.de` und die Service-VM unter `service-intern.hamburg.ccc.de` mit einer `172.31.17.x`-Adresse erreichbar sein.
 
 Im Ansible-Repo müssen diese Sachen hinzugefügt werden:
 * `inventories/chaosknoten/hosts.yaml`: 
     * SSH-Config für die neue VM unter all/children/debian_12/hosts
     * Einträge für die Rollen, die dieser Host haben soll, min. `certbot_hosts`, `nginx_hosts`, ggf. `docker_compose_hosts`
 * `inventories/chaosknoten/host_vars/`*host*`.yaml`: config vars für den neuen Host
-* `playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/acme_challenge.conf`: Liste der Hostnamen um den neuen Host erweitern, die hinter dem Reverse-Proxy stehen
+* `resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf`: Liste der Hostnamen um den neuen Host erweitern, die hinter dem Reverse-Proxy stehen
-* `playbooks/files/chaosknoten/configs/public-reverse-proxy/nginx/nginx.conf`: Liste der Hostnamen um den neuen Host erweitern, die hinter dem Reverse-Proxy stehen
+* `resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf`: Liste der Hostnamen um den neuen Host erweitern, die hinter dem Reverse-Proxy stehen
-* `playbooks/files/chaosknoten/configs/cloud/nginx/`*host*`.hamburg.ccc.de.conf`: Server auf dem Service-Host
+* `resources/chaosknoten/`*host*`/nginx/`*host*`.hamburg.ccc.de.conf`: Server auf dem Service-Host
     * Individuelle Config für den Service. Wenn Docker Compose, hier weiterleiten auf den eigentlichen Dienst in Compose.
     * Cert-Dateinamen anpassen
-* `playbooks/templates/chaosknoten/configs/`*host*`/compose.yaml.j2`: Config für Docker Compose (wenn verwendet)
+* `resources/chaosknoten/`*host*`/docker_compose/compose.yaml.j2`: Config für Docker Compose (wenn verwendet)

ansible.cfg

@@ -1,5 +1,6 @@
 [defaults]
 inventory = ./inventories/z9/hosts.yaml
+pipelining = True
 
 [passwordstore_lookup]
 backend = pass

inventories/chaosknoten/host_vars/ccchoir.yaml

@@ -1,4 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/ccchoir/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/ccchoir/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files: [ ]
 
 certbot__version_spec: ""
@@ -12,4 +12,4 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: ccchoir.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/ccchoir/nginx/ccchoir.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/ccchoir/nginx/ccchoir.de.conf') }}"

inventories/chaosknoten/host_vars/cloud.yaml

@@ -3,9 +3,9 @@ nextcloud__postgres_version: 15.8
 nextcloud__fqdn: cloud.hamburg.ccc.de
 nextcloud__data_dir: /data/nextcloud
 nextcloud__admin_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/admin', create=false, missing='error') }}"
-nextcloud__extra_configuration: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/cloud/extra_configuration.config.php.j2') }}"
+nextcloud__extra_configuration: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/cloud/nextcloud/extra_configuration.config.php.j2') }}"
 nextcloud__use_custom_new_user_skeleton: true
-nextcloud__custom_new_user_skeleton_directory: "chaosknoten/cloud/new_user_skeleton_directory/"
+nextcloud__custom_new_user_skeleton_directory: "resources/chaosknoten/cloud/nextcloud/new_user_skeleton_directory/"
 nextcloud__postgres_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/cloud/DB_PASSWORD', create=false, missing='error') }}"
 nextcloud__proxy_protocol_reverse_proxy_ip: 172.31.17.140
 nextcloud__certbot_acme_account_email_address: le-admin@hamburg.ccc.de

inventories/chaosknoten/host_vars/grafana.yaml

@@ -1,17 +1,17 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/grafana/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files:
   - name: grafana.ini
-    content: "{{ lookup('ansible.builtin.template', 'templates/chaosknoten/configs/grafana/docker_compose/grafana.ini') }}"
+    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/grafana.ini.j2') }}"
   - name: grafana-datasource.yml
-    content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/grafana-datasource.yml') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/grafana-datasource.yml') }}"
   - name: prometheus.yml
-    content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/prometheus.yml') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus.yml') }}"
   - name: alertmanager.yaml
-    content: "{{ lookup('ansible.builtin.template', 'templates/chaosknoten/configs/grafana/docker_compose/alertmanager.yaml.j2') }}"
+    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/grafana/docker_compose/alertmanager.yaml.j2') }}"
   - name: prometheus_alerts.rules.yaml
-    content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/prometheus_alerts.rules.yaml') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/prometheus_alerts.rules.yaml') }}"
   - name: alertmanager_alert_templates.tmpl
-    content: "{{ lookup('ansible.builtin.file', 'files/chaosknoten/configs/grafana/docker_compose/alertmanager_alert_templates.tmpl') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/docker_compose/alertmanager_alert_templates.tmpl') }}"
 
 certbot__version_spec: ""
 certbot__acme_account_email_address: le-admin@hamburg.ccc.de
@@ -23,4 +23,4 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: grafana.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/grafana/nginx/grafana.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/grafana/nginx/grafana.hamburg.ccc.de.conf') }}"

inventories/chaosknoten/host_vars/keycloak.yaml

@@ -1,4 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/keycloak/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/keycloak/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files: [ ]
 
 certbot__version_spec: ""
@@ -13,8 +13,8 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: id.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/keycloak/nginx/id.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/keycloak/nginx/id.hamburg.ccc.de.conf') }}"
   - name: keycloak-admin.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/keycloak/nginx/keycloak-admin.hamburg.ccc.de.conf') }}"
   - name: invite.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/keycloak/nginx/invite.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/keycloak/nginx/invite.hamburg.ccc.de.conf') }}"

inventories/chaosknoten/host_vars/lists.yaml

@@ -1,4 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/compose/compose.yaml') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/lists/docker_compose/compose.yaml') }}"
 docker_compose__configuration_files: [ ]
 
 certbot__version_spec: ""
@@ -12,6 +12,6 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: lists.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/nginx/lists.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/lists/nginx/lists.hamburg.ccc.de.conf') }}"
   - name: lists.c3lingo.org
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/nginx/lists.c3lingo.org.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/lists/nginx/lists.c3lingo.org.conf') }}"

inventories/chaosknoten/host_vars/mumble.yaml

@@ -1,6 +1,3 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/lists/compose/compose.yaml') }}"
-docker_compose__configuration_files: [ ]
-
 certbot__version_spec: ""
 certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
 certbot__certificate_domains:
@@ -11,4 +8,4 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: mumble.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/mumble/nginx/mumble.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/mumble/nginx/mumble.hamburg.ccc.de.conf') }}"

inventories/chaosknoten/host_vars/onlyoffice.yaml

@@ -1,7 +1,7 @@
 nginx__version_spec: ""
 nginx__configurations:
   - name: onlyoffice.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/onlyoffice/nginx/onlyoffice.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/onlyoffice/nginx/onlyoffice.hamburg.ccc.de.conf') }}"
 
 certbot__version_spec: ""
 certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
@@ -10,5 +10,5 @@ certbot__certificate_domains:
 certbot__new_cert_commands:
   - "systemctl reload nginx.service"
 
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/onlyoffice/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/onlyoffice/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files: [ ]

inventories/chaosknoten/host_vars/pad.yaml

@@ -1,4 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pad/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/pad/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files: [ ]
 
 certbot__version_spec: ""
@@ -11,4 +11,4 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: pad.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/pad/nginx/pad.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/pad/nginx/pad.hamburg.ccc.de.conf') }}"

inventories/chaosknoten/host_vars/pretalx.yaml

@@ -1,4 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pretalx/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/pretalx/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files: [ ]
 
 certbot__version_spec: ""
@@ -11,4 +11,4 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: pretalx.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/pretalx/nginx/pretalx.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/pretalx/nginx/pretalx.hamburg.ccc.de.conf') }}"

inventories/chaosknoten/host_vars/public-reverse-proxy.yaml

@@ -2,7 +2,7 @@ nginx__version_spec: ""
 nginx__deploy_redirect_conf: false
 nginx__configurations:
   - name: acme_challenge
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/public-reverse-proxy/nginx/acme_challenge.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/public-reverse-proxy/nginx/acme_challenge.conf') }}"
 nginx__use_custom_nginx_conf: true
 nginx__custom_nginx_conf: |
-  {{ lookup('file', 'chaosknoten/configs/public-reverse-proxy/nginx/nginx.conf') }}
+  {{ lookup('file', 'resources/chaosknoten/public-reverse-proxy/nginx/nginx.conf') }}

inventories/chaosknoten/host_vars/tickets.yaml

@@ -1,7 +1,7 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/tickets/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/tickets/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files:
   - name: pretix.cfg
-    content: "{{ lookup('ansible.builtin.template', 'templates/chaosknoten/configs/tickets/pretix.cfg.j2') }}"
+    content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/tickets/docker_compose/pretix.cfg.j2') }}"
 
 certbot__version_spec: ""
 certbot__acme_account_email_address: le-admin@hamburg.ccc.de
@@ -13,4 +13,4 @@ certbot__new_cert_commands:
 nginx__version_spec: ""
 nginx__configurations:
   - name: tickets.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/tickets/nginx/tickets.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/tickets/nginx/tickets.hamburg.ccc.de.conf') }}"

inventories/chaosknoten/host_vars/wiki.yaml

@@ -1,9 +1,9 @@
 nginx__version_spec: ""
 nginx__configurations:
   - name: wiki.ccchh.net
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/wiki/nginx/wiki.ccchh.net.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/wiki/nginx/wiki.ccchh.net.conf') }}"
   - name: wiki.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/wiki/nginx/wiki.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/wiki/nginx/wiki.hamburg.ccc.de.conf') }}"
 
 certbot__version_spec: ""
 certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz

inventories/chaosknoten/host_vars/zammad.yaml

@@ -1,4 +1,4 @@
-docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/zammad/compose.yaml.j2') }}"
+docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/zammad/docker_compose/compose.yaml.j2') }}"
 docker_compose__configuration_files: [ ]
 
 certbot__version_spec: ""
@@ -9,6 +9,6 @@ certbot__certificate_domains:
 nginx__version_spec: ""
 nginx__configurations:
   - name: zammad.hamburg.ccc.de
-    content: "{{ lookup('ansible.builtin.file', 'chaosknoten/configs/zammad/nginx/zammad.hamburg.ccc.de.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/zammad/nginx/zammad.hamburg.ccc.de.conf') }}"
 certbot__new_cert_commands:
   - "systemctl reload nginx.service"

inventories/z9/host_vars/light.yaml

@@ -3,57 +3,57 @@ foobazdmx_version: main
 foobazdmx_repo_url: "https://git.hamburg.ccc.de/CCCHH/foobazdmx.git"
 ola__configs:
   - name: ola-artnet
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-artnet.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-artnet.conf') }}"
   - name: ola-dummy
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-dummy.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-dummy.conf') }}"
   - name: ola-e131
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-e131.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-e131.conf') }}"
   - name: ola-espnet
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-espnet.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-espnet.conf') }}"
   - name: ola-ftdidmx
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-ftdidmx.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-ftdidmx.conf') }}"
   - name: ola-gpio
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-gpio.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-gpio.conf') }}"
   - name: ola-karate
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-karate.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-karate.conf') }}"
   - name: ola-kinet
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-kinet.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-kinet.conf') }}"
   - name: ola-milinst
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-milinst.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-milinst.conf') }}"
   - name: ola-opendmx
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-opendmx.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-opendmx.conf') }}"
   - name: ola-openpixelcontrol
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-openpixelcontrol.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-openpixelcontrol.conf') }}"
   - name: ola-osc
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-osc.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-osc.conf') }}"
   - name: ola-pathport
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-pathport.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-pathport.conf') }}"
   - name: ola-port
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-port.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-port.conf') }}"
   - name: ola-renard
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-renard.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-renard.conf') }}"
   - name: ola-sandnet
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-sandnet.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-sandnet.conf') }}"
   - name: ola-server
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-server.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-server.conf') }}"
   - name: ola-shownet
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-shownet.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-shownet.conf') }}"
   - name: ola-spi
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-spi.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-spi.conf') }}"
   - name: ola-stageprofi
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-stageprofi.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-stageprofi.conf') }}"
   - name: ola-uartdmx
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-uartdmx.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-uartdmx.conf') }}"
   - name: ola-universe
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-universe.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-universe.conf') }}"
   - name: ola-usbdmx
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-usbdmx.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-usbdmx.conf') }}"
   - name: ola-usbserial
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/ola/ola-usbserial.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/ola/ola-usbserial.conf') }}"
 nginx__version_spec: ""
 nginx__deploy_redirect_conf: false
 nginx__configurations:
   - name: light
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/nginx/light.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/nginx/light.conf') }}"
   - name: http_handler
-    content: "{{ lookup('ansible.builtin.file', 'z9/configs/light/nginx/http_handler.conf') }}"
+    content: "{{ lookup('ansible.builtin.file', 'resources/z9/light/nginx/http_handler.conf') }}"

playbooks/check.yaml

@@ -0,0 +1,31 @@
+---
+- name: Host information
+  hosts: all
+  tasks:
+    - name: Print OS distribution and version
+      ansible.builtin.debug:
+        msg: "{{ ansible_facts['distribution'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['distribution_release'] }})"
+
+    - name: Find all .dpkg-* files
+      ansible.builtin.find:
+        paths: /etc
+        file_type: file
+        recurse: true
+        use_regex: false
+        patterns:
+          - "*.dpkg-*"
+      become: true
+      register: check__dpkg_files
+
+    - name: Create variable for list of all .dpkg-* files
+      ansible.builtin.set_fact:
+        check__dpkg_files_list: [ ]
+
+    - name: Populate list of all .dpkg-* files
+      ansible.builtin.set_fact:
+        check__dpkg_files_list: "{{ check__dpkg_files_list + [item.path] }}"
+      loop: "{{ check__dpkg_files.files }}"
+
+    - name: Print .dpkg-* files list
+      ansible.builtin.debug:
+        var: check__dpkg_files_list

playbooks/resources

@@ -0,0 +1 @@
+../resources

playbooks/roles

@@ -0,0 +1 @@
+../roles

playbooks/templates/chaosknoten/configs/engelsystem/compose.yaml.j2

@@ -1,55 +0,0 @@
----
-services:
-  es_server:
-    image: es_server
-    restart: unless-stopped
-    build:
-      context: /home/chaos/engelsystem
-      dockerfile: /home/chaos/engelsystem/docker/Dockerfile
-    environment:
-      MYSQL_HOST: es_database
-      MYSQL_USER: engelsystem
-      MYSQL_PASSWORD: engelsystem
-      MYSQL_DATABASE: engelsystem
-      APP_NAME: CCCamp2023 Alternative Engelsystem
-      APP_URL: https://aes.ccchh.net
-      CONTACT_EMAIL: mailto:aes@hamburg.ccc.de
-      GOODIE_TYPE: none
-      ENABLE_VOUCHER: false
-      MAIL_DRIVER: smtp
-      MAIL_FROM_ADDRESS: aes@send-only-mail.ccchh.net
-      MAIL_HOST: send-only-mailserver.ccchh.net
-      MAIL_PORT: 465
-      MAIL_ENCRYPTION: tls
-      MAIL_USERNAME: aes
-      MAIL_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/engelsystem/MAIL_PASSWORD", create=false, missing="error") }}
-    ports:
-      - "5080:80"
-    networks:
-      - database
-      - internet
-    depends_on:
-      - es_database
-    extra_hosts:
-      - "send-only-mailserver.ccchh.net:185.161.129.132"
-
-  es_database:
-    image: mariadb:10.2
-    restart: unless-stopped
-    environment:
-      MYSQL_DATABASE: engelsystem
-      MYSQL_USER: engelsystem
-      MYSQL_PASSWORD: engelsystem
-      MYSQL_RANDOM_ROOT_PASSWORD: 1
-      MYSQL_INITDB_SKIP_TZINFO: "yes"
-    volumes:
-      - db:/var/lib/mysql
-    networks:
-      - database
-volumes:
-  db: {}
-
-networks:
-  database:
-    internal: true
-  internet: