diff --git a/.gitignore b/.gitignore index 1df46bb..a7cc171 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ +group_vars/all.yml work/image.qcow2 work/inventory.yaml \ No newline at end of file diff --git a/group_vars/all.yml b/group_vars/all.yml index 6d7cab5..67b8603 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,38 +1,13 @@ ## # Global configuration server: - domain: mrdev023.test - ssh_port: 22 - backup: - folder: /backup - cron_expression: "* * * * *" - retention_days: 7 - filename_date_format: "%Y-%m-%d" + domain: mrdev023.fr + ssh_port: 7943 + work_dir: /mnt/work acme: email: florian.richer.97@outlook.com debug: true # Other protonmail: - initialized: false - -restore: - cloud: - nextcloud_archive: false - db_archive: false - home_assistant: - home_assistant_config_archive: false - matrix: - db_archive: false - matrix_archive: false - mautrix_facebook_archive: false - mautrix_instagram_archive: false - mautrix_discord_archive: false - n8n: - n8n_archive: false - db_archive: false - protonmail: - protonmail_archive: false - traefik: - prometheus_archive: false - grafana_archive: false + initialized: true diff --git a/group_vars/all.yml.sample b/group_vars/all.yml.sample new file mode 100644 index 0000000..5220c1b --- /dev/null +++ b/group_vars/all.yml.sample @@ -0,0 +1,13 @@ +## +# Global configuration +server: + domain: mrdev023.test + ssh_port: 22 + work_dir: /mnt/test +acme: + email: test@test.fr + debug: true + +# Other +protonmail: + initialized: false diff --git a/playbook.yml b/playbook.yml index 6f314a9..7c184d1 100644 --- a/playbook.yml +++ b/playbook.yml @@ -4,14 +4,13 @@ roles: - { role: docker, tags: ["docker"] } - - { role: volume_restore, tags: ["volume_restore"] } - { role: ssh, tags: ["ssh"] } - - { role: traefik, tags: ["traefik"] } - - { role: whoami, tags: ["whoami"] } - - { role: protonmail, tags: ["protonmail"] } - - { role: cloud, tags: ["cloud"] } - - { role: home_assistant, tags: ["home_assistant"] } - - { role: n8n, tags: ["n8n"] } - - { role: matrix, tags: ["matrix"] } - - { role: iptables, tags: ["iptables"] } - - { role: clean, tags: ["clean"] } +# - { role: traefik, tags: ["traefik"] } +# - { role: whoami, tags: ["whoami"] } +# - { role: protonmail, tags: ["protonmail"] } +# - { role: cloud, tags: ["cloud"] } +# - { role: home_assistant, tags: ["home_assistant"] } +# - { role: n8n, tags: ["n8n"] } +# - { role: matrix, tags: ["matrix"] } +# - { role: iptables, tags: ["iptables"] } +# - { role: clean, tags: ["clean"] } diff --git a/roles/cloud/tasks/main.yml b/roles/cloud/tasks/main.yml index 555d6af..5282607 100644 --- a/roles/cloud/tasks/main.yml +++ b/roles/cloud/tasks/main.yml @@ -4,8 +4,4 @@ name: base - ansible.builtin.import_tasks: cron.yml - name: cron - -- ansible.builtin.import_tasks: restore.yml - name: restore - when: restore.cloud.nextcloud_archive and restore.cloud.db_archive \ No newline at end of file + name: cron \ No newline at end of file diff --git a/roles/cloud/tasks/restore.yml b/roles/cloud/tasks/restore.yml deleted file mode 100644 index 26909bd..0000000 --- a/roles/cloud/tasks/restore.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- - -- name: Copy archives - ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - loop: - - { src: '{{ restore.cloud.nextcloud_archive }}', dest: 'cloud_nextcloud.tar.gz' } - - { src: '{{ restore.cloud.db_archive }}', dest: 'cloud_db.tar.gz' } - -- name: Stop nextcloud container - community.docker.docker_compose: - project_src: cloud - state: absent - become: true - -- name: Restore backup - community.docker.docker_container: - name: volume_restore - image: volume_restore:latest - auto_remove: yes - tty: true - volumes: - - "{{ item.path }}:/backup/archive.tar.gz" - - "{{ item.volume }}:/backup/dest" - loop: - - { path: './cloud_nextcloud.tar.gz', volume: 'cloud_nextcloud' } - - { path: './cloud_db.tar.gz', volume: 'cloud_db' } - become: true - -- name: Start nextcloud container - community.docker.docker_compose: - project_src: cloud - state: present - become: true - -- name: Remove archive - ansible.builtin.file: - path: "{{ item.path }}" - state: absent - loop: - - { path: 'cloud_nextcloud.tar.gz' } - - { path: 'cloud_db.tar.gz' } \ No newline at end of file diff --git a/roles/cloud/templates/docker-compose.yml.j2 b/roles/cloud/templates/docker-compose.yml.j2 index 222e5dc..5446e08 100644 --- a/roles/cloud/templates/docker-compose.yml.j2 +++ b/roles/cloud/templates/docker-compose.yml.j2 @@ -58,33 +58,6 @@ services: - POSTGRES_HOST=db - OVERWRITEPROTOCOL=https - # BACKUP - backup_nextcloud: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-nextcloud.tar.gz" - BACKUP_LATEST_SYMLINK: nextcloud.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - nextcloud:/backup:ro - - {{ server.backup.folder }}/cloud:/archive - - backup_db: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-db.tar.gz" - BACKUP_LATEST_SYMLINK: db.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - db:/backup:ro - - {{ server.backup.folder }}/cloud:/archive - volumes: nextcloud: db: diff --git a/roles/docker/tasks/debian.yml b/roles/docker/tasks/debian.yml new file mode 100644 index 0000000..99d25ed --- /dev/null +++ b/roles/docker/tasks/debian.yml @@ -0,0 +1,35 @@ +--- +- name: Install required packages + ansible.builtin.apt: + name: + - apt-transport-https + - ca-certificates + - curl + - gnupg + - lsb-release + state: present + update_cache: yes + +- name: Add Docker GPG key + ansible.builtin.apt_key: + url: https://download.docker.com/linux/{{ mydistribution }}/gpg + state: present + +- name: Add Docker repository + ansible.builtin.apt_repository: + repo: "deb [arch=amd64] https://download.docker.com/linux/{{ mydistribution }} {{ ansible_distribution_release }} stable" + state: present + update_cache: yes + +- name: Install Docker Engine + ansible.builtin.apt: + name: + - docker-ce + - docker-ce-cli + - containerd.io + - docker-buildx-plugin + - docker-compose-plugin + - docker-compose + - python3-docker + state: latest + update_cache: true diff --git a/roles/docker/tasks/install.yml b/roles/docker/tasks/fedora.yml similarity index 72% rename from roles/docker/tasks/install.yml rename to roles/docker/tasks/fedora.yml index 93463c0..d247bab 100644 --- a/roles/docker/tasks/install.yml +++ b/roles/docker/tasks/fedora.yml @@ -1,7 +1,4 @@ --- -- name: set mydistribution - ansible.builtin.set_fact: - mydistribution: "{{ 'rhel' if (ansible_distribution == 'Red Hat Enterprise Linux') else (ansible_distribution | lower) }}" - name: Add signing key ansible.builtin.rpm_key: @@ -29,9 +26,3 @@ - python-docker state: latest update_cache: true - -- name: Start Docker - ansible.builtin.service: - name: "docker" - enabled: true - state: started \ No newline at end of file diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index ff8f890..56f4d2b 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,4 +1,20 @@ --- -- ansible.builtin.import_tasks: install.yml +- name: set mydistribution + ansible.builtin.set_fact: + mydistribution: "{{ ansible_distribution | lower }}" + +- ansible.builtin.import_tasks: fedora.yml name: base become: true + when: mydistribution == "fedora" + +- ansible.builtin.import_tasks: debian.yml + name: base + become: true + when: mydistribution == "debian" + +- name: Start Docker + ansible.builtin.service: + name: "docker" + enabled: true + state: started diff --git a/roles/home_assistant/tasks/main.yml b/roles/home_assistant/tasks/main.yml index d0a3a57..c4e7ea2 100644 --- a/roles/home_assistant/tasks/main.yml +++ b/roles/home_assistant/tasks/main.yml @@ -2,7 +2,3 @@ - ansible.builtin.import_tasks: base.yml name: base - -- ansible.builtin.import_tasks: restore.yml - name: restore - when: restore.home_assistant.home_assistant_config_archive \ No newline at end of file diff --git a/roles/home_assistant/tasks/restore.yml b/roles/home_assistant/tasks/restore.yml deleted file mode 100644 index 9ce998a..0000000 --- a/roles/home_assistant/tasks/restore.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- - -- name: Copy archives - ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - loop: - - { src: '{{ restore.home_assistant.home_assistant_config_archive }}', dest: 'home_assistant_home_assistant_config.tar.gz' } - -- name: Stop nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: absent - become: true - -- name: Restore backup - community.docker.docker_container: - name: volume_restore - image: volume_restore:latest - auto_remove: yes - tty: true - volumes: - - "{{ item.path }}:/backup/archive.tar.gz" - - "{{ item.volume }}:/backup/dest" - loop: - - { path: './home_assistant_home_assistant_config.tar.gz', volume: 'home_assistant_home_assistant_config' } - become: true - -- name: Start nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: present - become: true - -- name: Remove archive - ansible.builtin.file: - path: "{{ item.path }}" - state: absent - loop: - - { path: 'home_assistant_home_assistant_config.tar.gz' } \ No newline at end of file diff --git a/roles/home_assistant/templates/docker-compose.yml.j2 b/roles/home_assistant/templates/docker-compose.yml.j2 index 6e96dac..e033599 100644 --- a/roles/home_assistant/templates/docker-compose.yml.j2 +++ b/roles/home_assistant/templates/docker-compose.yml.j2 @@ -22,19 +22,5 @@ services: # - "traefik.http.routers.homeassistant-secure.service=homeassistant" - "traefik.http.services.homeassistant.loadbalancer.server.port=8123" - # BACKUP - backup_home_assistant_config: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-home-assistant-config.tar.gz" - BACKUP_LATEST_SYMLINK: home-assistant-config.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - home_assistant_config:/backup:ro - - {{ server.backup.folder }}/home_assistant:/archive - volumes: home_assistant_config: \ No newline at end of file diff --git a/roles/matrix/tasks/main.yml b/roles/matrix/tasks/main.yml index fa0b2bb..c4e7ea2 100644 --- a/roles/matrix/tasks/main.yml +++ b/roles/matrix/tasks/main.yml @@ -2,7 +2,3 @@ - ansible.builtin.import_tasks: base.yml name: base - -- ansible.builtin.import_tasks: restore.yml - name: restore - when: restore.matrix.db_archive and restore.matrix.matrix_archive and restore.matrix.mautrix_facebook_archive and restore.matrix.mautrix_instagram_archive and restore.matrix.mautrix_discord_archive \ No newline at end of file diff --git a/roles/matrix/tasks/restore.yml b/roles/matrix/tasks/restore.yml deleted file mode 100644 index 17b6cbb..0000000 --- a/roles/matrix/tasks/restore.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- - -- name: Copy archives - ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - loop: - - { src: '{{ restore.matrix.db_archive }}', dest: 'matrix_db.tar.gz' } - - { src: '{{ restore.matrix.matrix_archive }}', dest: 'matrix_matrix.tar.gz' } - - { src: '{{ restore.matrix.mautrix_facebook_archive }}', dest: 'matrix_mautrix_facebook.tar.gz' } - - { src: '{{ restore.matrix.mautrix_instagram_archive }}', dest: 'matrix_mautrix_instagram.tar.gz' } - - { src: '{{ restore.matrix.mautrix_discord_archive }}', dest: 'matrix_mautrix_discord.tar.gz' } - -- name: Stop nextcloud container - community.docker.docker_compose: - project_src: matrix - state: absent - become: true - -- name: Restore backup - community.docker.docker_container: - name: volume_restore - image: volume_restore:latest - auto_remove: yes - tty: true - volumes: - - "{{ item.path }}:/backup/archive.tar.gz" - - "{{ item.volume }}:/backup/dest" - loop: - - { path: './matrix_db.tar.gz', volume: 'matrix_db' } - - { path: './matrix_matrix.tar.gz', volume: 'matrix_matrix' } - - { path: './matrix_mautrix_facebook.tar.gz', volume: 'matrix_mautrix_facebook' } - - { path: './matrix_mautrix_instagram.tar.gz', volume: 'matrix_mautrix_instagram' } - - { path: './matrix_mautrix_discord.tar.gz', volume: 'matrix_mautrix_discord' } - become: true - -- name: Start nextcloud container - community.docker.docker_compose: - project_src: matrix - state: present - become: true - -- name: Remove archive - ansible.builtin.file: - path: "{{ item.path }}" - state: absent - loop: - - { path: 'matrix_db.tar.gz' } - - { path: 'matrix_matrix.tar.gz' } - - { path: 'matrix_mautrix_facebook.tar.gz' } - - { path: 'matrix_mautrix_instagram.tar.gz' } - - { path: 'matrix_mautrix_discord.tar.gz' } \ No newline at end of file diff --git a/roles/matrix/templates/docker-compose.yml.j2 b/roles/matrix/templates/docker-compose.yml.j2 index d996328..3410511 100644 --- a/roles/matrix/templates/docker-compose.yml.j2 +++ b/roles/matrix/templates/docker-compose.yml.j2 @@ -56,100 +56,6 @@ services: - "traefik.http.routers.matrix-wellknown.middlewares=cors-headers@docker" - "traefik.docker.network=proxy" - # BRIDGE - mautrix-facebook: - container_name: mautrix-facebook - image: dock.mau.dev/mautrix/facebook:v0.4.1 - restart: unless-stopped - networks: - - internal - volumes: - - mautrix_facebook:/data - - mautrix-instagram: - container_name: mautrix-instagram - image: dock.mau.dev/mautrix/instagram:v0.2.3 - restart: unless-stopped - networks: - - internal - volumes: - - mautrix_instagram:/data - - mautrix-discord: - container_name: mautrix-discord - image: dock.mau.dev/mautrix/discord:v0.2.0 - restart: unless-stopped - networks: - - internal - volumes: - - mautrix_discord:/data - - # BACKUP - backup_db: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-db.tar.gz" - BACKUP_LATEST_SYMLINK: db.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - db:/backup:ro - - {{ server.backup.folder }}/matrix:/archive - - backup_matrix: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-matrix.tar.gz" - BACKUP_LATEST_SYMLINK: matrix.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - matrix:/backup:ro - - {{ server.backup.folder }}/matrix:/archive - - backup_mautrix_facebook: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-mautrix-facebook.tar.gz" - BACKUP_LATEST_SYMLINK: mautrix-facebook.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - mautrix_facebook:/backup:ro - - {{ server.backup.folder }}/matrix:/archive - - backup_mautrix_instagram: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-mautrix-instagram.tar.gz" - BACKUP_LATEST_SYMLINK: mautrix-instagram.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - mautrix_instagram:/backup:ro - - {{ server.backup.folder }}/matrix:/archive - - backup_mautrix_discord: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-mautrix-discord.tar.gz" - BACKUP_LATEST_SYMLINK: mautrix-discord.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - mautrix_discord:/backup:ro - - {{ server.backup.folder }}/matrix:/archive - volumes: db: matrix: diff --git a/roles/n8n/tasks/main.yml b/roles/n8n/tasks/main.yml index b26c897..9e592da 100644 --- a/roles/n8n/tasks/main.yml +++ b/roles/n8n/tasks/main.yml @@ -3,6 +3,3 @@ - ansible.builtin.import_tasks: base.yml name: base -- ansible.builtin.import_tasks: restore.yml - name: restore - when: restore.n8n.n8n_archive and restore.n8n.db_archive diff --git a/roles/n8n/tasks/restore.yml b/roles/n8n/tasks/restore.yml deleted file mode 100644 index 345da99..0000000 --- a/roles/n8n/tasks/restore.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- - -- name: Copy archives - ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - loop: - - { src: '{{ restore.n8n.n8n_archive }}', dest: 'n8n_n8n.tar.gz' } - - { src: '{{ restore.n8n.db_archive }}', dest: 'n8n_db.tar.gz' } - -- name: Stop nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: absent - become: true - -- name: Restore backup - community.docker.docker_container: - name: volume_restore - image: volume_restore:latest - auto_remove: yes - tty: true - volumes: - - "{{ item.path }}:/backup/archive.tar.gz" - - "{{ item.volume }}:/backup/dest" - loop: - - { path: './n8n_n8n.tar.gz', volume: 'n8n_n8n' } - - { path: './n8n_db.tar.gz', volume: 'n8n_db' } - become: true - -- name: Start nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: present - become: true - -- name: Remove archive - ansible.builtin.file: - path: "{{ item.path }}" - state: absent - loop: - - { path: 'n8n_n8n.tar.gz' } - - { path: 'n8n_db.tar.gz' } \ No newline at end of file diff --git a/roles/n8n/templates/docker-compose.yml.j2 b/roles/n8n/templates/docker-compose.yml.j2 index e222e38..2d35442 100644 --- a/roles/n8n/templates/docker-compose.yml.j2 +++ b/roles/n8n/templates/docker-compose.yml.j2 @@ -40,33 +40,6 @@ services: - DB_POSTGRESDB_USER=n8n - DB_POSTGRESDB_PASSWORD=n8n - # BACKUP - backup_n8n: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-n8n.tar.gz" - BACKUP_LATEST_SYMLINK: n8n.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - n8n:/backup:ro - - {{ server.backup.folder }}/n8n:/archive - - backup_db: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-db.tar.gz" - BACKUP_LATEST_SYMLINK: db.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - db:/backup:ro - - {{ server.backup.folder }}/n8n:/archive - volumes: n8n: db: diff --git a/roles/protonmail/tasks/main.yml b/roles/protonmail/tasks/main.yml index 464309a..c4e7ea2 100644 --- a/roles/protonmail/tasks/main.yml +++ b/roles/protonmail/tasks/main.yml @@ -2,7 +2,3 @@ - ansible.builtin.import_tasks: base.yml name: base - -- ansible.builtin.import_tasks: restore.yml - name: restore - when: restore.protonmail.protonmail_archive \ No newline at end of file diff --git a/roles/protonmail/tasks/restore.yml b/roles/protonmail/tasks/restore.yml deleted file mode 100644 index 07c056c..0000000 --- a/roles/protonmail/tasks/restore.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- - -- name: Copy archives - ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - loop: - - { src: '{{ restore.protonmail.protonmail_archive }}', dest: 'protonmail_protonmail.tar.gz' } - -- name: Stop nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: absent - become: true - -- name: Restore backup - community.docker.docker_container: - name: volume_restore - image: volume_restore:latest - auto_remove: yes - tty: true - volumes: - - "{{ item.path }}:/backup/archive.tar.gz" - - "{{ item.volume }}:/backup/dest" - loop: - - { path: './protonmail_protonmail.tar.gz', volume: 'protonmail_protonmail' } - become: true - -- name: Start nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: present - become: true - -- name: Remove archive - ansible.builtin.file: - path: "{{ item.path }}" - state: absent - loop: - - { path: 'protonmail_protonmail.tar.gz' } \ No newline at end of file diff --git a/roles/ssh/tasks/base.yml b/roles/ssh/tasks/base.yml index 74998e1..1cabede 100644 --- a/roles/ssh/tasks/base.yml +++ b/roles/ssh/tasks/base.yml @@ -7,7 +7,7 @@ group: root mode: u=rwx,g=rx,o=rx loop: - - { src: 'port.conf.j2', dest: '/etc/ssh/ssh_config.d/99-port.conf' } + - { src: 'port.conf.j2', dest: '/etc/ssh/sshd_config.d/99-port.conf' } register: iptables_templates_results become: yes diff --git a/roles/ssh/templates/port.conf.j2 b/roles/ssh/templates/port.conf.j2 index 045bc16..59f2788 100644 --- a/roles/ssh/templates/port.conf.j2 +++ b/roles/ssh/templates/port.conf.j2 @@ -1,3 +1,4 @@ # Change default port of ssh config +ListenAddress 0.0.0.0 Port {{ server.ssh_port }} diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml index 669109c..c4e7ea2 100644 --- a/roles/traefik/tasks/main.yml +++ b/roles/traefik/tasks/main.yml @@ -2,7 +2,3 @@ - ansible.builtin.import_tasks: base.yml name: base - -- ansible.builtin.import_tasks: restore.yml - name: restore - when: restore.traefik.prometheus_archive and restore.traefik.grafana_archive diff --git a/roles/traefik/tasks/restore.yml b/roles/traefik/tasks/restore.yml deleted file mode 100644 index 4369c66..0000000 --- a/roles/traefik/tasks/restore.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- - -- name: Copy archives - ansible.builtin.copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - loop: - - { src: '{{ restore.traefik.prometheus_archive }}', dest: 'traefik_prometheus.tar.gz' } - - { src: '{{ restore.traefik.grafana_archive }}', dest: 'traefik_grafana.tar.gz' } - -- name: Stop nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: absent - become: true - -- name: Restore backup - community.docker.docker_container: - name: volume_restore - image: volume_restore:latest - auto_remove: yes - tty: true - volumes: - - "{{ item.path }}:/backup/archive.tar.gz" - - "{{ item.volume }}:/backup/dest" - loop: - - { path: './traefik_prometheus.tar.gz', volume: 'traefik_prometheus' } - - { path: './traefik_grafana.tar.gz', volume: 'traefik_grafana' } - become: true - -- name: Start nextcloud container - community.docker.docker_compose: - project_src: home_assistant - state: present - become: true - -- name: Remove archive - ansible.builtin.file: - path: "{{ item.path }}" - state: absent - loop: - - { path: 'traefik_prometheus.tar.gz' } - - { path: 'traefik_grafana.tar.gz' } \ No newline at end of file diff --git a/roles/traefik/templates/docker-compose.yml.j2 b/roles/traefik/templates/docker-compose.yml.j2 index dfa3212..7a128d6 100644 --- a/roles/traefik/templates/docker-compose.yml.j2 +++ b/roles/traefik/templates/docker-compose.yml.j2 @@ -115,33 +115,6 @@ services: volumes: - ./config/dynamic_conf.yaml:/usr/local/apache2/htdocs/dynamic_conf.yaml - # BACKUP - backup_prometheus: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-prometheus.tar.gz" - BACKUP_LATEST_SYMLINK: prometheus.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - prometheus:/backup:ro - - {{ server.backup.folder }}/traefik:/archive - - backup_grafana: - image: offen/docker-volume-backup:latest - restart: always - environment: - BACKUP_CRON_EXPRESSION: "{{ server.backup.cron_expression }}" - BACKUP_FILENAME: "{{ server.backup.filename_date_format }}-grafana.tar.gz" - BACKUP_LATEST_SYMLINK: grafana.latest.tar.gz - BACKUP_EXCLUDE_REGEXP: "\\.log$$" - BACKUP_RETENTION_DAYS: "{{ server.backup.retention_days }}" - volumes: - - grafana:/backup:ro - - {{ server.backup.folder }}/traefik:/archive - networks: providers: internal: diff --git a/roles/volume_restore/files/Dockerfile b/roles/volume_restore/files/Dockerfile deleted file mode 100644 index 9a6da22..0000000 --- a/roles/volume_restore/files/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -FROM alpine:latest - -RUN apk add --update --no-cache tar - -RUN mkdir -p /backup/dest - -COPY ./extract.sh /usr/bin/extract - -RUN chmod +x /usr/bin/extract - -CMD ["restore"] \ No newline at end of file diff --git a/roles/volume_restore/files/README.md b/roles/volume_restore/files/README.md deleted file mode 100644 index 11b62d6..0000000 --- a/roles/volume_restore/files/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# HOW TO USE IT - -``` -docker run -v [PATH_TO_ARCHIVE]:/backup/archive.tar.gz -v [DIST_VOLUME]:/backup/dest volume_restore:latest -``` \ No newline at end of file diff --git a/roles/volume_restore/files/extract.sh b/roles/volume_restore/files/extract.sh deleted file mode 100644 index 5cc231f..0000000 --- a/roles/volume_restore/files/extract.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -rm -rf /backup/dest* -tar -xf /backup/archive.tar.gz --strip-components=1 -C /backup/dest \ No newline at end of file diff --git a/roles/volume_restore/tasks/base.yml b/roles/volume_restore/tasks/base.yml deleted file mode 100644 index 9b10068..0000000 --- a/roles/volume_restore/tasks/base.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -- name: Copy conf - ansible.builtin.copy: - backup: true - src: . - dest: volume_restore/ - register: volume_restore_copy - -- name: Build image - community.docker.docker_image: - name: volume_restore - tag: latest - build: - path: volume_restore - source: build - become: yes - when: volume_restore_copy.changed \ No newline at end of file diff --git a/roles/volume_restore/tasks/main.yml b/roles/volume_restore/tasks/main.yml deleted file mode 100644 index 3f670ac..0000000 --- a/roles/volume_restore/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -- ansible.builtin.import_tasks: base.yml - name: base \ No newline at end of file