Compare commits
15 Commits
17aabc49a3
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
66fe2f1ac8 | ||
|
|
2837778cdb | ||
|
|
d42ed225cf | ||
|
|
fed89c6df2 | ||
|
|
6ddc21457a | ||
|
|
9a5df739de | ||
|
|
56add97c5e | ||
|
|
ffdd96c52f | ||
|
|
829e5d4a03 | ||
|
|
e5e4715020 | ||
|
|
5b7200538c | ||
|
|
051816c04b | ||
|
|
21aa8658ce | ||
|
|
be56d27b5e | ||
|
|
f182e8ead7 |
@@ -1,6 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Install docker
|
||||
hosts: dockerservers
|
||||
roles:
|
||||
- docker
|
||||
6
playbooks/podman.yml
Normal file
6
playbooks/podman.yml
Normal file
@@ -0,0 +1,6 @@
|
||||
---
|
||||
|
||||
- name: Install podman
|
||||
hosts: podmanservers
|
||||
roles:
|
||||
- podman
|
||||
@@ -54,8 +54,8 @@
|
||||
import_playbook: peertube.yml
|
||||
- name: Run elasticsearch playbook
|
||||
import_playbook: elasticsearch.yml
|
||||
- name: Run docker playbook
|
||||
import_playbook: docker.yml
|
||||
- name: Run podman playbook
|
||||
import_playbook: podman.yml
|
||||
- name: Run gitea playbook
|
||||
import_playbook: gitea.yml
|
||||
- name: Run vaultwarden playbook
|
||||
|
||||
@@ -1,14 +1,7 @@
|
||||
---
|
||||
|
||||
- name: Create act_runner user
|
||||
ansible.builtin.user:
|
||||
name: "{{ act_runner_user }}"
|
||||
state: present
|
||||
system: true
|
||||
create_home: true
|
||||
home: "{{ act_runner_home }}"
|
||||
groups:
|
||||
- docker
|
||||
- name: Configure act_runner user
|
||||
ansible.builtin.include_tasks: user.yml
|
||||
|
||||
- name: Download act_runner executable
|
||||
ansible.builtin.get_url:
|
||||
|
||||
33
roles/act_runner/tasks/user.yml
Normal file
33
roles/act_runner/tasks/user.yml
Normal file
@@ -0,0 +1,33 @@
|
||||
---
|
||||
|
||||
- name: Create act_runner user
|
||||
ansible.builtin.user:
|
||||
name: "{{ act_runner_user }}"
|
||||
state: present
|
||||
system: true
|
||||
create_home: true
|
||||
home: "{{ act_runner_home }}"
|
||||
register: _act_runner_user
|
||||
|
||||
- name: Configure subuid/subgid
|
||||
ansible.builtin.lineinfile:
|
||||
path: "/etc/{{ item }}"
|
||||
state: present
|
||||
line: "{{ act_runner_user }}:100000:65536"
|
||||
loop:
|
||||
- subuid
|
||||
- subgid
|
||||
|
||||
- name: Enable linger
|
||||
ansible.builtin.command:
|
||||
cmd: "/usr/bin/loginctl enable-linger {{ act_runner_user }}"
|
||||
creates: "/var/lib/systemd/linger/{{ act_runner_user }}"
|
||||
|
||||
- name: Ensure podman is started
|
||||
ansible.builtin.systemd_service:
|
||||
name: podman.socket
|
||||
state: started
|
||||
enabled: true
|
||||
scope: user
|
||||
become: true
|
||||
become_user: "{{ act_runner_user }}"
|
||||
@@ -11,6 +11,7 @@ TimeoutSec=0
|
||||
RestartSec=10
|
||||
Restart=always
|
||||
User={{ act_runner_user }}
|
||||
Environment=DOCKER_HOST="unix:///run/user/{{ _act_runner_user.uid }}/podman/podman.sock"
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
act_runner_version: "0.2.13"
|
||||
act_runner_url: "https://gitea.com/gitea/act_runner/releases/download/v{{ act_runner_version }}/act_runner-{{ act_runner_version }}-linux-amd64"
|
||||
act_runner_home: "/var/lib/act_runner"
|
||||
act_runner_home: "/srv/act_runner"
|
||||
act_runner_bin: "/usr/local/bin/act_runner"
|
||||
act_runner_user: "act_runner"
|
||||
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Install prerequired packages
|
||||
ansible.builtin.package:
|
||||
name: fuse-overlayfs
|
||||
state: present
|
||||
update_cache: true
|
||||
|
||||
- name: Download gpg key
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ docker_key_url }}"
|
||||
dest: "{{ docker_key_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0o644"
|
||||
|
||||
- name: Set docker source repo
|
||||
ansible.builtin.copy:
|
||||
content: "deb [arch=amd64 signed-by={{ docker_key_path }}] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
|
||||
dest: /etc/apt/sources.list.d/docker.list
|
||||
mode: "0o644"
|
||||
|
||||
- name: Install docker packages
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
- docker-buildx-plugin
|
||||
- docker-compose-plugin
|
||||
state: present
|
||||
update_cache: true
|
||||
|
||||
- name: Ensure docker is started
|
||||
ansible.builtin.systemd:
|
||||
name: docker
|
||||
state: started
|
||||
enabled: true
|
||||
daemon_reload: true
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
|
||||
docker_key_url: "https://download.docker.com/linux/debian/gpg"
|
||||
docker_key_path: "/etc/apt/keyrings/docker.asc"
|
||||
@@ -1,62 +1,72 @@
|
||||
# 2.2.13: /etc/dovecot/dovecot.conf
|
||||
# ajout de lmtp (service pour déterminer la socket, protocol pour récupérer les mêmes fonctions que le LDA)
|
||||
# ajout de auth_username_format = %Ln pour vérifier que l'utilisateur est bien dans la base locale en passant par son nom et non par autre chose…
|
||||
# 2018-08-20 mortal réintégration du fichier séparé 15-mailbox.conf + nettoyage/réorganisation + réécriture sieve globale
|
||||
# OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.0
|
||||
dovecot_config_version = "2.4.1"
|
||||
dovecot_storage_version = "2.4.1"
|
||||
|
||||
listen = *,[::]
|
||||
|
||||
protocols = imap lmtp
|
||||
|
||||
ssl_cert = </etc/x509/imap.libertus.eu/fullchain.cer
|
||||
ssl_key = </etc/x509/imap.libertus.eu/imap.libertus.eu.key
|
||||
ssl = required
|
||||
ssl_server_cert_file = /etc/x509/imap.libertus.eu/fullchain.cer
|
||||
ssl_server_key_file = /etc/x509/imap.libertus.eu/imap.libertus.eu.key
|
||||
|
||||
#auth_debug=yes
|
||||
#auth_debug_passwords=yes
|
||||
|
||||
auth_username_format = %Ln
|
||||
auth_username_format = %{ user | username | lower }
|
||||
|
||||
passdb {
|
||||
mail_driver = maildir
|
||||
mail_path = %{home}/Maildir
|
||||
|
||||
passdb pam {
|
||||
driver = pam
|
||||
}
|
||||
|
||||
userdb {
|
||||
userdb passwd {
|
||||
driver = passwd
|
||||
}
|
||||
|
||||
plugin {
|
||||
sieve = ~/sieve/default.sieve
|
||||
sieve_dir = ~/sieve
|
||||
sieve_before = /etc/dovecot/before.sieve
|
||||
sieve_script personal {
|
||||
path = ~/sieve
|
||||
active_path = ~/sieve/default.sieve
|
||||
}
|
||||
|
||||
sieve_script before {
|
||||
type = before
|
||||
path = /etc/dovecot/before.sieve
|
||||
bin_path = ~/sieve
|
||||
}
|
||||
|
||||
service auth {
|
||||
inet_listener {
|
||||
address = * [::]
|
||||
inet_listener auth {
|
||||
port = 26
|
||||
}
|
||||
}
|
||||
|
||||
protocol sieve {
|
||||
mail_location = maildir:~/Maildir
|
||||
}
|
||||
|
||||
service lmtp {
|
||||
inet_listener ltmp {
|
||||
address = 127.0.0.1 ::1
|
||||
port = 24
|
||||
}
|
||||
}
|
||||
|
||||
protocol sieve {
|
||||
}
|
||||
|
||||
protocol imap {
|
||||
mail_plugins {
|
||||
imap_sieve = yes
|
||||
}
|
||||
}
|
||||
|
||||
protocol lmtp {
|
||||
mail_location = maildir:~/Maildir
|
||||
mail_plugins = sieve
|
||||
mail_plugins {
|
||||
sieve = yes
|
||||
}
|
||||
}
|
||||
|
||||
protocol lda {
|
||||
mail_location = maildir:~/Maildir
|
||||
mail_plugins = sieve
|
||||
mail_plugins {
|
||||
sieve = yes
|
||||
}
|
||||
postmaster_address = postmaster@example.com
|
||||
}
|
||||
|
||||
@@ -83,4 +93,3 @@ namespace inbox {
|
||||
special_use = \Sent
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
|
||||
firefly3_version: "6.4.8"
|
||||
firefly3_version: "6.4.9"
|
||||
firefly3_url: "https://github.com/firefly-iii/firefly-iii/releases/download/v{{ firefly3_version }}/FireflyIII-v{{ firefly3_version }}.tar.gz"
|
||||
|
||||
firefly3_access_url: "{{ web_hostname | selectattr('type', 'defined') | selectattr('type', '==', 'firefly3') | map(attribute='host') | first }}"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
|
||||
gitea_version: "1.25.1"
|
||||
gitea_version: "1.25.2"
|
||||
gitea_url: "https://dl.gitea.com/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64"
|
||||
gitea_bin: "/usr/local/bin/gitea"
|
||||
gitea_path: "/srv/gitea"
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
---
|
||||
|
||||
jackett_version: "v0.24.306"
|
||||
jackett_version: "v0.24.387"
|
||||
jackett_download_url: "https://github.com/Jackett/Jackett/releases/download/{{ jackett_version }}/Jackett.Binaries.LinuxAMDx64.tar.gz"
|
||||
jackett_home: "/opt/Jackett"
|
||||
|
||||
@@ -22,7 +22,7 @@ if [ ! -d $backup_dump_path ] ; then mkdir -p $backup_dump_path ; fi
|
||||
# On se deplace dans le dossier, et on purge les fichiers plus vieux que backup_max_age
|
||||
cd $backup_dump_path
|
||||
|
||||
mysqlcheck --all-databases > /var/lib/mysql/check
|
||||
mariadb-check --all-databases > /var/lib/mysql/check
|
||||
|
||||
# Pour chaque base a sauvegarder
|
||||
for backup_db_name in $backup_db_list
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
|
||||
- name: Download oolatoocs exec
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ oolatoocs_url }}.{{ oolatoocs_version }}"
|
||||
url: "{{ oolatoocs_url }}"
|
||||
dest: "{{ oolatoocs_local_bin_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
|
||||
oolatoocs_db_dir: /var/lib/oolatoocs
|
||||
oolatoocs_url: https://r.mateu.be/oolatoocs/oolatoocs
|
||||
oolatoocs_version: v4.3.1
|
||||
oolatoocs_version: v4.5.3
|
||||
oolatoocs_url: "https://giteu.be/dojo/oolatoocs/releases/download/{{ oolatoocs_version }}/oolatoocs"
|
||||
oolatoocs_local_bin_path: /usr/local/bin/oolatoocs
|
||||
|
||||
9
roles/podman/tasks/main.yml
Normal file
9
roles/podman/tasks/main.yml
Normal file
@@ -0,0 +1,9 @@
|
||||
---
|
||||
|
||||
- name: Install podman
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- podman
|
||||
- podman-docker
|
||||
- podman-compose
|
||||
state: present
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
|
||||
wordpress_version: "6.8.3"
|
||||
wordpress_version: "6.9"
|
||||
wordpress_url: "https://fr.wordpress.org/wordpress-{{ wordpress_version }}-fr_FR.tar.gz"
|
||||
|
||||
wordpress_access_url: "{{ web_hostname | selectattr('type', 'defined') | selectattr('type', '==', 'wordpress') | map(attribute='host') | first }}"
|
||||
|
||||
Reference in New Issue
Block a user