From f3b12234c0b896ac68fcdebda8ff8b1e0379eac6 Mon Sep 17 00:00:00 2001
From: Salt <rehashedsalt@cock.li>
Date: Tue, 9 Nov 2021 20:53:59 -0600
Subject: [PATCH] Start reorganizing to have pi-media-1 split into vms

---
 playbooks/home_fs.yml    | 35 +++++++++++++++++++
 playbooks/home_media.yml | 72 +++-------------------------------------
 site.yml                 |  1 +
 3 files changed, 40 insertions(+), 68 deletions(-)
 create mode 100755 playbooks/home_fs.yml

diff --git a/playbooks/home_fs.yml b/playbooks/home_fs.yml
new file mode 100755
index 0000000..9169de6
--- /dev/null
+++ b/playbooks/home_fs.yml
@@ -0,0 +1,35 @@
+#!/usr/bin/env ansible-playbook
+# vim:ft=ansible:
+---
+# Home media storage Pi
+- hosts: vm-fs-1.home.mgmt.desu.ltd
+  tasks:
+    - name: assure nfs directory
+      file: path=/nfs state=directory mode=0755
+  roles:
+    - role: backup
+      vars:
+        backup_s3backup_list_extra:
+          - /data
+        backup_time: "Mon *-*-* 02:00:00"
+      tags: [ backup ]
+    - role: geerlingguy.nfs
+      vars:
+        nfs_exports:
+          - "/nfs 192.168.0.0/16(ro,no_root_squash,sync) 172.23.0.0/16(ro,no_root_squash,sync)"
+      tags: [ storage, nfs ]
+    - role: bertvv.samba
+      vars:
+        samba_users:
+          - name: salt
+            password: "{{ samba_user_salt_password }}"
+        samba_shares:
+          - name: media
+            browseable: yes
+            comment: 'Mass storage for all the things'
+            group: salt
+            guest_ok: yes
+            owner: 911
+            public: yes
+            path: /nfs
+      tags: [ storage, samba, smb ]
diff --git a/playbooks/home_media.yml b/playbooks/home_media.yml
index 1f448de..3caf421 100755
--- a/playbooks/home_media.yml
+++ b/playbooks/home_media.yml
@@ -1,31 +1,18 @@
 #!/usr/bin/env ansible-playbook
 # vim:ft=ansible:
 ---
-# Home media storage Pi
-- hosts: pi-media-1.home.mgmt.desu.ltd
+- hosts: vm-media-1.home.mgmt.desu.ltd
   module_defaults:
     docker_container:
       state: started
       restart_policy: unless-stopped
       pull: yes
   tasks:
-    - name: assure mount directory
+    - name: assure nfs mount directory
       file: path=/data state=directory mode=0755
       tags: [ pis, storage ]
-    - name: assure mount
-      mount: path=/data src=LABEL=mass state=mounted fstype=ext4
-      tags: [ pis, storage ]
-    - name: assure directories in mount
-      file: path=/data/{{ item }} state=directory mode=0755
-      with_items:
-        - nfs
-        - postgresql
-      tags: [ pis, storage ]
-    - name: assure symlinks to directories in mount
-      file: path={{ item.path }} src=/data/{{ item.src }} state=link
-      with_items:
-        - { path: /var/lib/postgresql, src: postgresql }
-        - { path: /srv/nfs, src: nfs }
+    - name: assure nfs mount
+      mount: path=/data src=vm-fs-1.home.mgmt.desu.ltd:/nfs/media fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
       tags: [ pis, storage ]
     - name: ensure docker network
       docker_network: name=web
@@ -75,54 +62,3 @@
           - name: radarr.local.desu.ltd
             proxy_pass: http://radarr:7878
       tags: [ ingress ]
-    - role: geerlingguy.postgresql
-      vars:
-        postgresql_global_config_options:
-          - option: listen_addresses
-            value: 192.168.103.1,172.23.103.1,127.0.0.1
-        postgresql_hba_entries:
-          - { type: local, database: all, user: postgres, auth_method: peer }
-          - { type: local, database: all, user: all, auth_method: md5 }
-          - { type: host, database: all, user: all, address: '127.0.0.0/8', auth_method: md5 }
-          - { type: host, database: all, user: all, address: '::1/128', auth_method: md5 }
-            # Used for internal access from other nodes
-          - { type: host, database: all, user: all, address: '192.168.0.0/16', auth_method: md5 }
-            # Allow hosts over zerotier
-          - { type: host, database: all, user: all, address: '172.23.0.0/16', auth_method: md5 }
-        postgresql_users:
-          - name: grafana
-            password: "{{ secret_grafana_local_db_pass }}"
-          - name: gulagbot
-            password: "{{ secret_gulagbot_local_db_pass }}"
-          - name: firefly
-            password: "{{ secret_firefly_db_pass }}"
-          - name: nagios
-            password: "{{ secret_postgresql_monitoring_password }}"
-        postgresql_databases:
-          - name: gulagbot
-            owner: gulagbot
-          - name: grafana
-            owner: grafana
-          - name: firefly
-            owner: firefly
-      tags: [ pis, storage, psql ]
-    - role: geerlingguy.nfs
-      vars:
-        nfs_exports:
-          - "/data/shared/media    192.168.0.0/16(ro,no_root_squash,sync) 172.23.0.0/16(ro,no_root_squash,sync)"
-      tags: [ pis, storage, nfs ]
-    - role: bertvv.samba
-      vars:
-        samba_users:
-          - name: salt
-            password: "{{ samba_user_salt_password }}"
-        samba_shares:
-          - name: media
-            browseable: yes
-            comment: 'Media downloaded by that one Pi'
-            group: salt
-            guest_ok: yes
-            owner: 911
-            public: yes
-            path: /data/shared/media
-      tags: [ pis, storage, samba, smb ]
diff --git a/site.yml b/site.yml
index 1132f1c..b238430 100755
--- a/site.yml
+++ b/site.yml
@@ -18,6 +18,7 @@
 - import_playbook: playbooks/device_roles_workstation.yml
   # Home configuration
 - import_playbook: playbooks/home_db.yml
+- import_playbook: playbooks/home_fs.yml
 - import_playbook: playbooks/home_media.yml
 - import_playbook: playbooks/home_automation.yml
   # Production configuration