Commit Graph

503 Commits

Author SHA1 Message Date
d657cccf05 Add a couple more packages 2020-02-22 16:35:01 -06:00
c82a60771b Add openvpn to desktop role 2020-02-20 20:23:59 -06:00
886ba76ea9 Fix ansiblehost role?
Hopefully?
2020-02-20 06:00:58 -06:00
08e81dea25 Minor semantic change in gitweb role 2020-02-20 05:31:11 -06:00
3ab2f9b425 Migrate gitweb 2020-02-20 05:29:27 -06:00
f2237a8e00 Migrate nextcloud 2020-02-20 05:28:39 -06:00
9f2d80ffdb Migrate dokuwiki role 2020-02-20 05:27:49 -06:00
b77975c199 Migrate redirect to new https behavior 2020-02-20 05:27:03 -06:00
85b0b2e139 Only attempt to fulfill the challenge if we have to 2020-02-20 05:25:46 -06:00
e5a5f5efcd Also maybe https should use a directory that actually exists
Holy fuck
2020-02-20 04:32:30 -06:00
092e9ae470 Use a more PATH-dependent mv command in https
Dude what
I get through all this complex ACME configuration and misplace fucking mv of all things
2020-02-20 04:28:29 -06:00
e44a6126c8 Have the https role do all the config changing
Hopefully this should cut down on erroneous changes
2020-02-20 04:19:03 -06:00
d41b4ebbdf Turn upgrade fields in apt modules into strings
This fixes a small but annoying warning
2020-02-20 04:02:01 -06:00
e8b77345f7 Have redirect clean up its webroot when it finishes 2020-02-20 03:58:18 -06:00
508d7889ba Fix permissions with https keys and certs 2020-02-20 03:56:51 -06:00
e8cd7dc58a Do the same for gitweb role 2020-02-20 03:51:13 -06:00
cb4cb59f32 Remove force from ansiblehost cloning
Really not required
2020-02-20 03:50:19 -06:00
75ae2367d4 Separate module enable tasks in apache-php, enable headers 2020-02-20 03:49:06 -06:00
0f8ed190b7 Fix dokuwiki role clobbering existing installs
WHOOPS THAT'S KINDA BAD OH FUCK
2020-02-20 03:21:04 -06:00
1a8b0ff6be Add another desktop program 2020-02-18 02:53:12 -06:00
9ad7a4b5ec Add DokuWiki role
It deploys without issue, naisu
2020-02-18 02:39:55 -06:00
b2c402b97e Try to fix ansiblehost cronjob by setting HOME 2020-02-17 21:51:27 -06:00
b5ca563b6e Add more programs to desktop role
See, this is why I have to make it a role
I lose track of all this shit over time
2020-02-17 21:10:11 -06:00
a6173db75f Add more packages to desktop role 2020-02-17 20:28:38 -06:00
c1d31742a8 Add desktop setup role
Assumes a Kubuntu full installation
2020-02-17 16:15:45 -06:00
4b4e0c81cb Separate vault passwords from the playbooks, fix ansibleupdate cronjob
Again
2020-02-14 15:40:31 -06:00
b54f52b47b Merge branch 'master' of gitlab.com:rehashedsalt/ansible 2020-02-14 03:18:24 -06:00
bbdaf54af1 Use absolute path on ansiblehost role cronjob
Ups
2020-02-14 03:18:11 -06:00
5034285ac2 Change ansiblehost role to rerun every 12 hours instead of 24
This renews certs at about the requested rate
Hopefully it doesn't break anything. I'm using LTS instances so it should be fine but you never know
2020-02-11 14:43:25 -06:00
9313f26fcb Add local Ansible setup role
Run with -K
2020-02-11 14:42:44 -06:00
bc1b618c05 More instances of bad variable naming 2020-02-11 04:25:42 -06:00
93fad9ab5c God fucking dammit 2020-02-11 04:22:50 -06:00
55cbc1eb2d Fix more bad variables from that copy
Oof
2020-02-11 04:20:25 -06:00
1ee8485b40 Remove leftovers from shamelessly copying a role
Whoops
2020-02-11 04:18:14 -06:00
728a6e4771 Add simple redirect role
And furnish that one, too
2020-02-11 04:16:57 -06:00
18627fbf39 Add simple git web deploy role
And, of course, furnish it
2020-02-11 04:06:29 -06:00
90fcbf7cbc Move Apache-PHP to its own role, set up dependencies 2020-02-10 01:19:59 -06:00
685a20bca6 Move SSL-required package into https role 2020-02-10 01:05:38 -06:00
0758ac1908 Remove key from MySql role 2020-02-10 01:02:36 -06:00
3e52a522f3 Generalize https setup into its own role 2020-02-10 00:50:56 -06:00
427804d68b Log cronjob on ansiblehost role 2020-02-08 01:44:06 -06:00
f8c152ebc1 Add fullchain to configs 2020-02-06 14:14:56 -06:00
ec2216a4cb Fix quoting on cronjob 2020-02-06 04:05:34 -06:00
ae29a7f870 Remove deprecated NameVirtualHost 2020-02-06 03:57:35 -06:00
7a1010f389 Fix typo in cronjob minute 2020-02-06 03:47:10 -06:00
96b7f55e63 Set up Nextcloud cronjob 2020-02-06 03:44:37 -06:00
cffd0b38bb Enable strict transport security 2020-02-06 03:22:38 -06:00
67373adcaf Add php configs, also add an unused mysql config 2020-02-06 03:17:15 -06:00
331005ab24 Change nextcloud db name 2020-02-06 01:42:12 -06:00
fc7f10a9e6 Let's uh... actually use the variable we set 2020-02-06 01:16:54 -06:00
777a9d86a0 Quote creds and modes in ansiblehost tasks 2020-02-06 01:01:18 -06:00
65ae3dd958 I guess we're installing both versions of pip and boto 2020-02-06 00:59:21 -06:00
e707695692 Create more appropriate Nextcloud directory 2020-02-06 00:53:47 -06:00
4e650f80c2 Prune unused files and the workstation role 2020-02-06 00:46:14 -06:00
ada9a5b8c1 Remove sizes from Nextcloud keys
They default to 4096, and I don't want to have to bump them up as necessary
2020-02-06 00:45:01 -06:00
34675072e8 Downgrade Python packages
I guess??
2020-02-06 00:43:43 -06:00
4f0908b245 Apply ansiblehost to inventory, fix syntax error 2020-02-06 00:38:04 -06:00
60acdbc9cb Use blocks to cut down on repeat code in user role 2020-02-06 00:35:06 -06:00
6eacfb3ba4 Remove cockpit user from common role 2020-02-06 00:34:01 -06:00
84949100f3 Remove cockpit role 2020-02-06 00:33:24 -06:00
129cc13848 Repurpose old ansiblehost role
It's now an automatic pullinator
2020-02-06 00:32:31 -06:00
9cf24c1acc Fix permissions on Nextcloud webroot 2020-02-06 00:20:43 -06:00
c2d9a3786f Correct some Apache configs 2020-02-06 00:01:26 -06:00
cbb84598b9 Set up a database for nextcloud 2020-02-05 23:56:41 -06:00
35fd9dd3ab Basic MySQL configuration 2020-02-05 23:43:22 -06:00
823b9bb060 Depend on it 2020-02-05 23:29:50 -06:00
3fa61ca850 Add barebones MySQL role
Which we are going to immediately flesh out
2020-02-05 23:29:39 -06:00
9781ad8426 Fix typo, only generate cert if necessary 2020-02-05 23:19:07 -06:00
67e428dd41 Whoops, got the keys mixed up 2020-02-05 23:01:06 -06:00
6612541a7b Copy over SSL configs after certification, fix using the wrong keys 2020-02-05 22:59:14 -06:00
230d8a2a92 Fix some bad Apache configs, set up ability for apache to nab its keys
Getting there, step by step
2020-02-05 22:48:21 -06:00
d0794d9abc Remove unnecessary directory 2020-02-05 22:35:15 -06:00
db2bf21579 Got modded mc on the brain; fixed two typos 2020-02-05 22:30:30 -06:00
8906a0ea1e Improve apache configs, enable modules 2020-02-05 22:28:03 -06:00
6b0a86128d Add execute bit for directories
Whups
2020-02-05 22:14:35 -06:00
ef7b4db3eb Fix removing the wrong archive file 2020-02-05 22:12:56 -06:00
9145796033 Fix typo 2020-02-05 22:10:25 -06:00
0a4eb939bd Refactor variable names, get SSL ready 2020-02-05 22:09:35 -06:00
2e28ff2dbc Use remote_src PROPERLY 2020-02-05 21:58:04 -06:00
fecd02cbba Use remote_src properly 2020-02-05 21:57:12 -06:00
4975ed3ffd Use an archive Nextcloud actually provides 2020-02-05 21:56:33 -06:00
f9d69fe220 Work a bit more on that Apache setup 2020-02-05 21:54:30 -06:00
96a9671052 Refactor a little bit 2020-02-05 21:26:03 -06:00
9e14dc5426 Create well-known directory
So close now
2020-02-05 21:13:04 -06:00
2437728f94 Maybe set up PKI fully? Probably not 2020-02-05 21:06:44 -06:00
02e5164eed Add disfunctional Nextcloud role 2020-02-05 20:23:20 -06:00
34ab9cc8d2 Fix another package name error for libnotify-bin
I'm on the fuckin ball today
2019-10-11 19:50:24 -05:00
f334d65d80 Fix apt_repository in workstation role
Whoops, that doesn't take a list
2019-10-11 19:49:08 -05:00
7599a1fddd Add blueman, correct pip package 2019-10-11 19:33:14 -05:00
258047afb7 Add local-workstation playbook and role 2019-10-11 19:12:00 -05:00
2bb29965bd Reorganize user salt creation
This now allows for easier home directory imports
Gonna whip up a playbook to initialize a fresh Ubuntu install on my workstations
2019-10-11 16:37:18 -05:00
86562b3ccc Reorganize, add cockpit role 2019-10-11 14:08:22 -05:00
52fd78e28b Disallow duplicates for all given roles 2019-10-03 03:54:46 -05:00
9ee50492c2 Force ansible repo clone
Changes on this host don't matter; it's not supposed to have commit rights so local changes are invalid anyway
2019-09-15 02:34:29 -05:00
4f5fe365fc Fix bootstrapping, use https URL for ansible scripts 2019-09-15 02:30:46 -05:00
8f7f53e96c Remove template yaml 2019-09-15 02:03:00 -05:00
1d3369fcb0 Split userlogon and ansible role tasks, switch apt packages to python3 2019-09-15 01:38:16 -05:00
cb3d94db94 Remove role interdependencies 2019-09-15 01:26:37 -05:00
4775944fc0 Install Ansible via pip for the Ansible host 2019-09-15 01:08:35 -05:00
963f43aeeb Add Ansible key to deployment
Kinda need that for an Ansible host
2019-09-15 00:49:01 -05:00
b8238a062d Lots: Add a new Ansible role, prepare for an EC2 inventory migration 2019-09-15 00:39:47 -05:00
3823f7a47f Babby's first playbooks 2019-09-14 11:49:23 -05:00
f462019c83 Actually add Ansible files 2019-08-30 14:13:34 -05:00