ansible/playbooks/home_app.yml

132 lines
4.0 KiB
YAML
Executable File

#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
# Webservers
---
- hosts: vm-bot-1.home.mgmt.desu.ltd
gather_facts: no
module_defaults:
docker_container:
state: started
restart_policy: unless-stopped
pull: yes
tasks:
- name: include tasks for applications
include_tasks: tasks/{{ item }}
with_items:
- app/gulagbot.yml
- app/ddclient.yml
- app/ddns-route53.yml
tags: [ always ]
roles:
- role: backup
vars:
backup_s3backup_list_extra:
- /data
tags: [ backup ]
- hosts: vm-scan-1.home.mgmt.desu.ltd
gather_facts: no
module_defaults:
docker_container:
state: started
restart_policy: unless-stopped
pull: yes
pre_tasks:
- name: ensure docker network
docker_network: name=web
tags: [ docker ]
tasks:
- name: include tasks for applications
include_tasks: tasks/{{ item }}
with_items:
- app/gvm.yml
tags: [ always ]
roles:
- role: backup
vars:
backup_s3backup_list_extra:
- /data
tags: [ backup ]
- hosts: vm-syncthing-1.home.mgmt.desu.ltd
gather_facts: no
module_defaults:
docker_container:
state: started
restart_policy: unless-stopped
pull: yes
pre_tasks:
- name: ensure docker network
docker_network: name=web
tags: [ docker ]
tasks:
- name: assure nfs mount directory
file: path=/data/syncthing/data state=directory mode=0755
tags: [ storage ]
- name: assure nfs mount
mount: path=/data/syncthing/data src=192.168.190.1:/nfs/syncthing fstype=nfs4 opts="rsize=10248576,wsize=1048576,soft,timeo=600,retrans=2,_netdev" state=mounted
tags: [ storage ]
- name: include tasks for applications
include_tasks: tasks/{{ item }}
with_items:
- app/syncthing.yml
tags: [ always ]
- name: assure movement cronjobs
cron:
name: "{{ item.name }}"
minute: 0
hour: 5
job: "rsync -avHS --remove-source-files '/data/syncthing/data/{{ item.src }}/' '/data/syncthing/data/{{ item.dest }}/' && rmdir '/data/syncthing/data/{{ item.src }}' "
with_items:
# This works around a bug in my Android app lol
- name: husky test workaround
src: Pictures/Husky Test
dest: Pictures/Unsorted/Husky
- name: move messaging to unsorted
src: Pictures/Messaging
dest: Pictures/Unsorted/Messaging
- name: move discord to unsorted
src: Pictures/Discord
dest: Pictures/Unsorted/Discord
- name: move camera roll to unsorted
src: Pictures/Camera Roll
dest: Pictures/Unsorted/Camera Roll
- name: move cp2077 to screenshots
src: Pictures/Cyberpunk 2077
dest: Pictures/Screenshots/Vidya/Cyberpunk 2077
tags: [ cron ]
- name: assure zone identifier cleanup cronjob
cron:
name: cleanup zone.identtifier
minute: 0
hour: 3
job: 'find /data/syncthing/data/ -type f -iname "*:Zone.Identifier" -delete'
tags: [ cron ]
- name: assure filename sanitize cronjobs
cron:
name: "sanitize {{ item }}"
minute: 0
hour: 4
job: 'find /data/syncthing/data/ -type f -iname "*{{ item }}" | while read line; do mv "$line" "${line%{{ item }}}"; done'
with_items:
- ?name=orig.png
- ?name=orig.jpeg
tags: [ cron ]
roles:
- role: backup
vars:
backup_s3backup_list_extra:
- /data/syncthing/config
tags: [ backup ]
- role: ingress
vars:
ingress_container_image: "nginx:latest"
ingress_container_ports:
- 80:80
ingress_container_config_mount: /etc/nginx/conf.d
ingress_container_persist_dir: /data/nginx
ingress_listen_args: 80
ingress_listen_tls: no
ingress_servers:
- name: syncthing.local.desu.ltd
proxy_pass: http://syncthing:8384
tags: [ ingress ]