-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.yml
110 lines (107 loc) · 2.61 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
---
- name: Pre-task
gather_facts: yes
become: true
hosts: all, localhost
connection: local
tasks:
- name: Add host to correct group
group_by:
key: "{{ ansible_hostname }}"
- name: Set up cactus
gather_facts: yes
become: true
hosts: cactus
vars_files:
- vars/vault_west.yml
vars:
timezone: "{{ vault.timezone }}"
iscsi:
server: "{{ vault.iscsi.server }}"
mount_device: "/dev/disk/by-label/iscsi-data"
certbot:
renew_command: "certbot renew --dns-cloudflare-propagation-seconds 30"
betterstack:
token: "{{ vault.betterstack.token }}"
plex:
claim_code: "{{ vault.plex.claim_code }}"
ddns:
cloudflare_api_key: "{{ vault.ddns.cloudflare_api_key }}"
zone: "{{ vault.ddns.zone }}"
subdomain: "{{ vault.ddns.subdomain }}"
pihole:
query_logging: "false"
password: "{{ vault.pihole.password }}"
hostname: "{{ vault.pihole.hostname }}"
haproxy:
tls_dir: "{{ vault.haproxy.tls_dir }}"
services_docker_network: "services"
tailscale:
routes: "{{ vault.tailscale.routes }}"
roles:
- core
- betterstack
- docker
- home
- downloaders
- plex
- router
- tailscale
pre_tasks:
- name: Connect to the only available iSCSI target on the NAS
open_iscsi:
portal: '{{ iscsi.server }}'
discover: yes
show_nodes: yes
login: yes
automatic: yes
notify:
- Mount data
handlers:
- name: Mount data
mount:
path: /data
src: '{{ iscsi.mount_device }}'
fstype: xfs
state: mounted
opts: 'inode64,_netdev'
- name: Set up klaxon
gather_facts: yes
become: true
hosts: klaxon
vars_files:
- vars/vault_east.yml
vars:
timezone: "{{ vault.timezone }}"
certbot:
renew_command: "certbot renew --dns-cloudflare-propagation-seconds 30"
betterstack:
token: "{{ vault.betterstack.token }}"
plex:
claim_code: "{{ vault.plex.claim_code }}"
ddns:
cloudflare_api_key: "{{ vault.ddns.cloudflare_api_key }}"
zone: "{{ vault.ddns.zone }}"
subdomain: "{{ vault.ddns.subdomain }}"
pihole:
query_logging: "false"
password: "{{ vault.pihole.password }}"
hostname: "{{ vault.pihole.hostname }}"
haproxy:
tls_dir: "{{ vault.haproxy.tls_dir }}"
services_docker_network: "services"
tailscale:
routes: "{{ vault.tailscale.routes }}"
roles:
- core
- betterstack
- docker
- downloaders
- plex
- router
- tailscale
pre_tasks:
- name: Ensure /data exists locally
file:
path: /data
state: directory