You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
adc/ansible
josiah 4d045744ff
Deploy chat to mattermost in awful.club.
2 months ago
..
group_vars/all Test mattermost. 2 months ago
host_vars/larva.home.jowj.net Move to wg portal setup on larva. 4 years ago
inventory Deploy chat to mattermost in awful.club. 2 months ago
roles Deploy chat to mattermost in awful.club. 2 months ago
_deploy_abjure.yml Remove old home-services file, add new abjure deploy play. 7 months ago
_deploy_highsea.yml Rename deploy file to follow new standard. 7 months ago
_deploy_testchat.yml Deploy chat to mattermost in awful.club. 2 months ago
acme-all.yml Add role for creating new certs for the IRC service. 3 years ago
ansible.cfg Add several roles; restructure group vars; restructure inventory. 4 years ago
awfulAll.yml Add freshrss, update readme. 4 years ago
halo.yml Create halo role, VM. 2 years ago
open_the_vault.sh Easily handle ansible vault stuff! 4 years ago
readme.org Update readme. 3 years ago
requirements.yml Add several roles; restructure group vars; restructure inventory. 4 years ago
tailscale.yml Create tailscale role, add vars, basic skeleton. 3 years ago
vault_passphrase.gpg Fix stupid problems with mediaserver role; redo gpg. 3 years ago

readme.org

setup from scratch:

install dependencies

ansible-galaxy collection install -r requirements.yml

run a play

ansible-playbook -i hosts.yml all.yml --ask-vault-pass --ask-become-pass

preparing open_the_vault

wg

clients

you probably want to deploy clients individually most of the time. to do that, provide a tag, like: ansible-playbook -i hosts.yml client_matrix.yml --ask-vault-pass --ask-become-pass --tags matrix_client

adding a client

  • generate a new public/private keypair
  • umask 077
  • wg genkey | tee privatekey | wg pubkey > publickey
  • add the pubkey to the groupvars/main.yml
  • add the privkey to the groupvars/vault.yml
  • add a task referencing the new client
  • add a template with the groupvars embedded.

instructions on specific roles

awfulAll

awfulAll is a single server that's a catch all for services that don't need a dedicated vm. ansible-playbook -i hosts.yml awfulAll.yml --tags awfulAll

mediaserver

ansible-playbook awfulAll.yml --tags mediaserver

certs/letsencrypt/acme stuff

ansible-playbook acme-all.yml -v

  • right now for bouncer, syno