diff --git a/TODO.md b/TODO.md index 1302708..0ba2116 100644 --- a/TODO.md +++ b/TODO.md @@ -2,6 +2,11 @@ Stuff that I should do but will probably never do. +## Base + +- Add sudo configuration role +- Add hostname/hosts configuration role that works on Ubuntu and Debian + ## Polish the user role The role is fine, but could use some default filter, like for the shell value. @@ -37,4 +42,8 @@ setup: - disable cloud init - remove cloud init account and change the connenction variable for the vm +## Matrix + +- Potgres role should be redone, it is currently called too many times that could be globalized I think. Also the setting of timezone and locale is not idempotent + good luck diff --git a/books/dns.yml b/books/dns.yml deleted file mode 100755 index d56493d..0000000 --- a/books/dns.yml +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env ansible-playbook ---- - -# Reverse proxy -- hosts: proxy - roles: - - configure_resolved - - reverse_proxy_stream diff --git a/books/gitea.yml b/books/gitea.yml deleted file mode 100755 index c300b70..0000000 --- a/books/gitea.yml +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env ansible-playbook ---- - -- hosts: gitea_host - roles: - - install_docker - - generate_self_signed_certificate - - install_gitea diff --git a/books/keycloak.yml b/books/keycloak.yml deleted file mode 100755 index 5a895c1..0000000 --- a/books/keycloak.yml +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env ansible-playbook ---- - -- hosts: keycloak_host - roles: - - install_docker - - generate_self_signed_certificate - - install_keycloak diff --git a/books/matrix.yml b/books/matrix.yml index 6458b34..94c47e4 100755 --- a/books/matrix.yml +++ b/books/matrix.yml @@ -1,6 +1,6 @@ #!/usr/bin/env ansible-playbook --- -- hosts: matrix +- hosts: synapse roles: - synapse - matrix-bridge-discord diff --git a/books/monitoring.yml b/books/monitoring.yml index 31f80a2..a680dd8 100755 --- a/books/monitoring.yml +++ b/books/monitoring.yml @@ -1,11 +1,11 @@ #!/usr/bin/env ansible-playbook --- -- hosts: prometheus - roles: - - prometheus - - prometheus-alert-manager - - grafana - - prometheus-blackbox-exporter +#- hosts: prometheus +# roles: +# - prometheus +# - prometheus-alert-manager +# - grafana +# - prometheus-blackbox-exporter - hosts: server roles: diff --git a/books/update.yaml b/books/update.yaml new file mode 100755 index 0000000..0a711a0 --- /dev/null +++ b/books/update.yaml @@ -0,0 +1,22 @@ +#!/usr/bin/env ansible-playbook +--- +- name: Update + hosts: all + gather_facts: true + tasks: + - name: Update all packages with apt + apt: + name: "*" + state: latest + register: apt + when: ansible_os_family == "Debian" + - debug: msg={{ apt.stdout.split('\n')[:-1] }} + when: ansible_os_family == "Debian" + - name: Update all packages with pacamn + pacman: + update_cache: yes + upgrade: yes + register: pacman + when: ansible_os_family == "Archlinux" + - debug: msg={{ pacman.msg }} + when: ansible_os_family == "Archlinux" diff --git a/group_vars/all/ca.yml b/group_vars/all/ca.yml index 6c4c46a..52c50bf 100644 --- a/group_vars/all/ca.yml +++ b/group_vars/all/ca.yml @@ -1,6 +1,5 @@ --- -ca_passphrase: "{{ vault_ca_passphrase }}" -ca_key: "{{ vault_ca_key }}" + ca_cert: | -----BEGIN CERTIFICATE----- MIIFhzCCA2+gAwIBAgIUP+ptXLNUBVsZm5oYpynQd5mhB60wDQYJKoZIhvcNAQEL diff --git a/group_vars/all/generate_self_signed_certificate.yml b/group_vars/all/generate_self_signed_certificate.yml deleted file mode 100644 index 0ed0244..0000000 --- a/group_vars/all/generate_self_signed_certificate.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -country_name: FR -organization_name: Pains-Perdus diff --git a/group_vars/all/install_gitea b/group_vars/all/install_gitea deleted file mode 100644 index 979514a..0000000 --- a/group_vars/all/install_gitea +++ /dev/null @@ -1,3 +0,0 @@ ---- -gitea_ssh_port: 2222 -gitea_https_port: 8443 diff --git a/group_vars/all/install_keycloak b/group_vars/all/install_keycloak deleted file mode 100644 index 8ad462f..0000000 --- a/group_vars/all/install_keycloak +++ /dev/null @@ -1,2 +0,0 @@ ---- -keycloak_https_port: 7443 diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml new file mode 100644 index 0000000..1d07ad2 --- /dev/null +++ b/group_vars/all/main.yml @@ -0,0 +1,13 @@ +--- + +# Default prometheus serveur, to overide in host_vars or something +appointed_prometheus_server: hindley + +## DNS Servers +dns_server: 1.1.1.1 +dns_server_fallback: 1.0.0.1 + +## Self Signed certificates +country_name: FR +organization_name: Pains-Perdus + diff --git a/group_vars/all/matrix.yml b/group_vars/all/matrix.yml deleted file mode 100644 index 3e7bf0b..0000000 --- a/group_vars/all/matrix.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -matrix_server_name: pains-perdus.fr -matrix_local_server_name: synapse.pp.intra -matrix_enable_registration: False -synapse_postgre_user_pwd: "{{ vault_synapse_postgre_user_pwd }}" -matrix_max_upload_size: 50M -matrix_registration_shared_secret: "{{ vault_matrix_registration_shared_secret }}" -matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}" -matrix_form_secret: "{{ vault_matrix_form_secret }}" - -matrix_apps_services: - - discord - - facebook - - signal - - instagram - - telegram - -# bridge discord -matrix_bridge_discord_postgre_user_pwd: "{{ vault_matrix_bridge_discord_postgre_user_pwd }}" -matrix_bridge_discord_client_ID: "{{ vault_matrix_bridge_discord_client_ID }}" -matrix_bridge_discord_botToken: "{{ vault_matrix_bridge_discord_botToken }}" - -# bridge facebook -matrix_bridge_facebook_postgre_user_pwd: "{{ vault_matrix_bridge_facebook_postgre_user_pwd }}" -# Those values are generated by the bridge the first time the bridge is launched. -# we copied the values generated from our test config -matrix_bridge_facebook_integration_manager_shared_secret: "{{ vault_matrix_bridge_facebook_integration_manager_shared_secret }}" -# matrix_bridge_facebook_as_token: "{{ vault_matrix_bridge_facebook_as_token }}" -# matrix_bridge_facebook_hs_token: "{{ vault_matrix_bridge_facebook_hs_token }}" -matrix_bridge_facebook_admins: - - g33kex - - histausse -matrix_bridge_facebook_allowed_external_user: - - '@dorianx:matrix.rezel.net' - -# bridge signal -matrix_bridge_signal_postgre_user_pwd: "{{ vault_matrix_bridge_signal_postgre_user_pwd }}" -matrix_bridge_signal_admins: - - g33kex - - histausse -matrix_bridge_signal_allowed_external_user: - - '@dorianx:matrix.rezel.net' - -# bridge instagram -matrix_bridge_instagram_postgre_user_pwd: "{{ vault_matrix_bridge_instagram_postgre_user_pwd }}" -matrix_bridge_instagram_admins: - - g33kex - - histausse -matrix_bridge_instagram_allowed_external_user: - - '@dorianx:matrix.rezel.net' - -# bridge telegram -matrix_bridge_telegram_postgre_user_pwd: "{{ vault_matrix_bridge_telegram_postgre_user_pwd }}" -matrix_bridge_telegram_admins: - - g33kex - - histausse -matrix_bridge_telegram_allowed_external_user: - - '@dorianx:matrix.rezel.net' -matrix_bridge_telegram_api_id: "{{ vault_matrix_bridge_telegram_api_id }}" -matrix_bridge_telegram_api_hash: "{{ vault_matrix_bridge_telegram_api_hash }}" -matrix_bridge_telegram_bot_token: "{{ vault_matrix_bridge_telegram_bot_token }}" - -# Not configured for now -matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push - diff --git a/group_vars/all/reverse_proxy_stream.yml b/group_vars/all/reverse_proxy_stream.yml deleted file mode 100644 index 5addcdf..0000000 --- a/group_vars/all/reverse_proxy_stream.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -reverse_proxy_stream: - - {from_port: 2222, type: "tcp", to: "azerty.fil.sand.auro.re:2222"} diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml deleted file mode 100644 index cfe8aed..0000000 --- a/group_vars/all/vars.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -dns_resolve_server: 1.1.1.1 - -# Default prometheus serveur, to overide in host_vars or something -appointed_prometheus_server: hindley - -grafana_admin_password: "{{ vault_grafana_admin_password }}" -grafana_domain_name: monitoring.deso-palaiseau.fr - -kassandra_username: cassandre -kassandra_password: "{{ vault_kassandra_password }}" -alert_rooms: - - "#monitoring:pains-perdus.fr" diff --git a/group_vars/all/vault b/group_vars/all/vault deleted file mode 100644 index dfe2425..0000000 --- a/group_vars/all/vault +++ /dev/null @@ -1,298 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -34386463633536616463363239343662653835336363636534393539363036636266363430653338 -3038303961656137316232323138313831346562653436630a383935336134393730353636616561 -35316461623438643438633566373439373030623664313735306233356161333462633266323131 -3063633139366539320a303138373264333762303235633566643236313530663838316335366633 -66393266356239623239336436666138633339346630383466373531356338653764633266333865 -33646363656564313737613833656139666537376464656233383965306463653465653731303237 -31653530363265313535636538346434646335663932323163303261316632366136646263316538 -36613438333135623661316130376131653733316633636566323530303031313235353536343561 -31643964393965333437633339366339303035323933346362376665626331616533343561613061 -35356164336139316266336636373363373662653237316636343964333133656438366539333637 -64646634306632383631346665336535316532643836663464636530313534663265343932346232 -33343465336663613434366135623131306136623361396331643062626563343437353839383230 -66643737316232383338623630343765633761343665306266666366343436376162366430613334 -65313664623634663635643162313063623239633332303138303964303030613439333264313539 -62346261643962386634356663613362646563323761643833393464656166363530373865376238 -37636166653464623164336165656530303532333738356664343664656637626239626363313265 -32643261626339663736303639316231623137326437653762343964633038663037326530343238 -33366631393664666236626664373736346666393462353165386538313462636330643166643335 -38306136353161393837643961386361666334656362643339383839303266616235383564373165 -63316564663037633234373835393138646161633632626563616330393934313531326438303133 -61663665386266363739623062643739313631356231633537666531333561633631633166353239 -63323131376231343236336463633839303463386138336436363634346539326435303466316337 -66636136663063666137653638353161646238613562366433373562323265643464316536623034 -33653138396438363863666538393837353035613561333532356239643231386133636130613832 -31396132643830323138616339383437623766653166386538383834646135313335396332323466 -38383434613134663435376238356239623433653632383137653565633032393735373465633130 -63393333646532396262313736343765666439656162666535656639613065343139336637323965 -61353866663961666335636262306561663864373637333365343035363138616635323366376363 -64636237346465373564333061366630393838326331343963346434643663643637653434373766 -61336161303332653836333332383063373330333939623132333332343862393661333962386431 -33376264613533616561313632626664616461303762613463616139366138353965633261653336 -63343462613233353231343136613937643937353866383637663739626433386334373531346535 -37393662343437373331313731613132633161323932323433373737303839373362343034663937 -64313830613436333364626136613033363632306466373465646366386663646437313232326635 -34393065616563663539623733353237323763343063326361363038616163336561653830313461 -37376366613162356133663762613763323863643737663163303364663066396263386632386664 -34353035663038646264353734613430363034643933316530376462623839323739653537343737 -65656130616563653137396635383162663537373463373037306662323362353336343139373639 -30386364323866336435666631653037633761623238663533626462393465633739393732396261 -63333135323562393632623966366534663564623464646432613134316161323338336330376435 -63653332643335396365356530666439343934616263333536353032383136343462626233383131 -36616162323739383063666462313666316630326238383037383463343566643764613934353833 -63653261373865356530343634323264323430323738623030663664323537383232623963333834 -62626436623061313366353832623231356563643164613466383864643961303933666661366531 -65313563336333326130373932356537623738306262306636343562373530353435323362613135 -61383761346665376666386463636265326564663033306365333230646639376133326464633235 -38383939613832646235616232323839323338373136393038643864306233653335306664613037 -33343733393036633236656538356237316139353033393163366539336462323165626638613331 -31383764306166373834363134376637363532323934333337383639663665323563346266633130 -37353362616366616435303137663839343139666537376563316562643739623763616534656639 -36306134333633633361306465366363633134393831663134396166343034663636316336653230 -35373266616264656264343232336634353238346338313434313539613830656638356565323263 -31363662373437346563623061366434613861376533376362633637313536313862343637623032 -30306436373830626631373432313463346333643635396464623631346133663961663266313264 -32306636316665613733646165356565613733313964653262643933616462643863646234366236 -65343234393965323365373633663839383164326234373265613261326665353363326632643234 -39353037336535656333333636306332353434316434623631316361336232336639303238353362 -37626465643430346562393930626166376436343363306238646361633337383033386639353535 -61656339643532643133333930656235643566323962346564373866633235313462316530393961 -31613532306532636366306134313334633266303635373134383661643464663935326566656534 -34643334633162333435323264656566633365663038633537363635326532326562323631356264 -32326336313261333165313338613734663333616431326430356631623365636339386265396432 -33653036663336356530316461653534306636373739393032353664656462376630303961656164 -62383261303135626238613665353034333130623136663066366531613334306530303633616262 -66653839376265353937656435323735343932613462613431666138616364313938623638656561 -35373064626333366264626336303933323466623334656231633462626130323661393964323038 -32373864363833666437623136396261363666643334323730353438656534643937653138323632 -39633639353938353664663539653437333534373936316565313265383065376161666130323965 -61363562363637353330306165336432346232383030353631303662383232643662336238333634 -65623533666433623733643832646561316135323964363366616237633361666463363562313765 -32313231633437643738316264373666383338326135373765326462313237393663366132356366 -36386365326335343933653436313034333637303936313335626436666466623362326362306432 -66616530333939356462656361663938633239386231646435643735363065373439646664626239 -39303662623936333136613239616361316332323735333333383766613732643631633164646230 -65383263323032373231393239346133313737613965373964393139386437333064363331616631 -65633562323464386461326435383864363361323761356633343232613965386539393938376436 -38363732383031643561343366336633303635343161383637373165306562393536386237356161 -32323035323763646535393064343465366236323432646135663361306634366639663661616135 -34393464663865363735333238306234366165663939613930363864393831376239303361386662 -36303966303431396430303235623538343663356561616635373434646164373663353338373731 -30386630396532346436636436626666663937613062626230633033653933353266643232376230 -36373565326435306530383930303536636364376231393438333766343264306431323763336536 -61366361393037643463616636373963643061373935346561363833323866616237616639386536 -31323065396464333839326565376431646662386230613165316262313861613563643032353036 -32623865326263383465623733373565666463316334396536303139393431336436363639336366 -35353432313738616632643264613361653833363039356431373234383435393933653333623638 -34643265313561653662396364643030396138396238636632623466303134643466626134626565 -30633538353439323661306436663632363463613336306131353035363130633666333130636534 -34306135653566633739376336663065636233376463343166326436656236656462663864386662 -38616164356661393565383763623161303636356533666537663734336434643563613932313637 -65663732376434386361646231383139366135623264316132356264393037306266333063626636 -63376564303861623833626139393232363236383437346165396463363965383166636433613364 -31643536623837383839386332336361643364383735303231663133303934363133366531313066 -36663834656333663062663838613966303062343661306138346139383134663835376362323239 -37666164343063623364636235303331626134353565363764663036623838373463306330653963 -35383333386665663161623338636463366563323565393330323565343338336165333766663738 -35366534393538643462616363363739386331353563636135373932353466323762353131373739 -39326639343238663737386138363566326434633137363535326134323535326332646438336330 -36623762306162666162366539663961643335306430633166313364633433303235396365373133 -35326634636432623735333163653335656439326464313336316637396436306463303564326162 -34366464623631393730323939306561383066643733373639633566336466656531373637343733 -33353563303866393533343363323838336363373565343161366335346333333435363438666565 -35366365343363353636616662326439306161646465336365393061386530336464666632376266 -66386663623131613462626562336339306336303439343132353466623864613530353239303232 -66363230303033323162363265343530616639326566313532623566623430353563623539666165 -37393334313766356234393231323133336663336261633636383363363334313462373862653535 -36613037386534303338666463623830313636613030333136616161386161666236613036653133 -32666266313162363865326634353032646163646361623766383632626634363665376330373337 -65393938313935366636366562323432393038396230613862656534363462376230633638343239 -30366164363334313034313735306461653434356661333064326466663466356265396334636431 -37613361363537363464613365643962366230346631643939343836316438643862316631313539 -61616438313837313764643663393364393961373036333363393733363766373264353433633530 -30663861323238306366373836643862386332333164333965353431383165663036303836383538 -30653838633062623335386266363735393032643532363235333730626162396362343662646137 -61643839316464656234313463666534323038373733643666366231386636333536643032383132 -39653265386633386637393962373431306637666434656334306662613132383835363365643831 -36303635356432313038366361633164363937326333656131333032353363313931373065626138 -36363936663664333639653032636239343537623239663033366630373935353565383639666432 -63643939303236653962646261663766633264333566393264383032353063383938656233623163 -38373334376134623630633630623535343764356637313132303266336666323932363861343334 -38343039343636363337343531326537386166613063333331633030306137633134626365623830 -38373330376331383865303731323735323136663930316464396437646635326461343136626532 -64663462653331353930316432633263393930393237383466326339353834336430313365653533 -30643530383734363532623566353739323261616338356162613366666166306439376536653166 -64386437333333376330323032326664326361393162653262386163393639656266363163323936 -66333034353262623131356264353936313265336432613130643330343033363066663934623166 -65333538643564306330626432643135333164363566613237653939613836643361386130353330 -32336637623561633532653133303938353433306366373363666264363338613335656639643335 -62316462303466313435336166386635323865326237356266353063666363626462623039613239 -37336431343865643533653337613634386139626134343238386636623832393737643330386331 -33653834303465646433643733633461626263666466663936316561333439646438646439316235 -38623137363562363662303463666431663031623333616134633464356563303731343233363335 -32626231666234656361326538386265636365633539323765656565373661643766303234323863 -32653366323666663034386238316139653932633266353536326639353738353539333333373038 -35323131373637326564336638313865646666643837653165396437326130326562383166666533 -64393132313335333462323533373162313065643839613264393762346539386239313332646464 -31396431383763356662643663363733313537366662363833363538356431643438323635363032 -32613461316663643661386431383766313066386430353139653862623938643361366439633633 -37663461306365306334356631346332386331386331663862366634343564326131643534383666 -39313865653038653861623535326366303866336539633464306266376436383231326464343661 -61336436353663616236636632356535366361616131366161333931343331613534356538666630 -66343366386561623131633230316131616364663565353035613333663934353532643237646635 -31313436666464636463343336346337636131356532636635646164326363383737353861633563 -36383237333635616461636265653362386331393234393530313562333739383732323962386464 -66303466316439353565623061323065333835643664623862383634376331313936306536653135 -32306130396639373938346162323535346564326361343234663733376333306239303133636638 -33383233633337623431613464653831306538353462383231303533623632653434326536653930 -64643433313734333337643966376132336333663834386564336231356136333732303935366236 -66333332643433623764633030636166313936306362326132346234633137396534393731643762 -65643535653839313761623830313765326439333134386232393438643233626334663565666137 -65386532656162303939346162336263346234333635646364303232616165363138386166383437 -30313938393434653666363533633732623561386161356465343938633639633936666430646337 -34353737353236323066313136353933643162343266386632353063303164616438613066326330 -37623235333032363965343962343539333830343131646266656163616233356333346136616230 -65623730643261303862303233616163333364316631313838386262623637393565323736643435 -35623336343933396231383561663564626664623766613236623066616334323434363862633636 -61323333376338373334353061646161613964363733356563393236623634356565363037633832 -66656565633038373736663930346639396664373437666639383532376330653931373766336539 -32373365643065313935623566313037323764306230383737663031656138386538303666613731 -66616463356636393062613466646461323030343464656236323966663631626438346336343562 -33326666303037623634346339303161393566356632383938613861653130646232626133616162 -33313637316664323939313936393764653130393437653330353334646363393536353031646262 -38383963633639663134626334323662363635363338646332393535366534633765303963393266 -35323935303662303634346335653566326335626332346334383937626437393461353263316134 -66346265383532326530646336643433643062356130386333366665646438333232343963313761 -33303033636138653331323334346234306264373462613065633266613931633065323265643165 -37323561343036643931663734613938363131306537396537393335626537336563323064646363 -39633861656237663139363837363731366366653733353833306266643234646130616132383664 -30623464346235393962353966363339356435383633343364616230643433636132326231633861 -65663831663836623266666134353665363532323266623766323064383638356632313662666336 -34316266303235623330363537613438393335383839393330643630633763616462376661623064 -35373037303434343265363563346439633965336131373535323131363134396532663138636438 -63323562313538373638316134353262303632646461343631306561633337333861666332373961 -33366631633562666238373735376535316634623462316436393363356361643134343435373139 -34613765623839333735303338373765393031373361653638313866343137326664346166333931 -36323361653133613439333135386433303966373863353336623338623464653731333339616231 -38373962376535653037366261363061323636303631366465646631356332623734323163373339 -62396539313666373732326537663661336235646638326331333265303439613739363034303233 -63326535383835313562616666323461303930306430623662366331306333306432353132313536 -62356230336264653739393662633533663165363531326435656361633432336663393631666233 -33613638363835303130313362343034323935303966656563396239346131363462353765626631 -65323062306333393032663761656336356665313730336234376237393631626632663661366534 -61316636363262363835386535333537383030303764303439303165363465366333386636386163 -61376538633037356464666463386132643234613366303135663039333065383633373835333935 -36633135366563343135643764663033663730343336346333653838653435633330336663353765 -31666135663461623161373435663565376363316337363034396335316633366463346530613464 -32356164656164353936333436663835643565613532323332353266376237636434323539363466 -33373065323136343964636633616661633436623861363362336565656539363133616163333563 -39346238323961613537396234663333663861363933633632633535653166663239353264393139 -38316162656332383434313034626564653030323362663131353335643666306134306364316162 -39373937383339666534333833393866663766373265306562353361363731313338636436393933 -65616438356266303863366530303436613232303939643166353831663265393364653035343439 -35633236613434636631386166323938373831336434306164343933633330653564313761373831 -64633061633431393731633638376434303066313630346334643334333832363938313134326530 -64346464653163666630356630316334313139663132363931313534623564643935336132623538 -34353962333437623437643662356465336437653563633939336233336463613232333037343731 -35343663646366353266643239333832663465333164373337653134336564376661306133326565 -34323035316334393839366536316533393333303330313831363566373136653737326537633833 -34656335376439383661333162366264623234393765616232373066626236623230346465613962 -66623531643436336465663237346233343731313064636561396537623633313138646238333161 -66313236303634333831383263616632303066313731646339636438643530636333626565363462 -35313339653765663935336361663362383831653365633766303963386335643235316230373839 -38316436653463323361323335636663623266653033343433363761313237303033613139623434 -38386439643233333935333462383865663737346631303532323539326239333139346332363933 -34383132396534626564366662386463613432333632303864336438346164363232353232623663 -63653637646164373062393832373866326636353435316338646132303033356336663533393430 -30663539323963316434313030666637303266396434323637336666393839343030383465653637 -33383438313864323562313437313139356135636235613863343634333366316132303661373636 -38353531393038303165396562326339333264313338373030356162656461336665303236343161 -31643837383232356332356562356462313230313233323162393139623461393732393034623330 -31633335626430666534373464306364333733326361393632326465663265356335616139383364 -31373162666134343336313031326665303033366163366563303465383834336636623730353433 -33613265356139353066616632316634333262316662306262393636376633326361386633306339 -33646465326162623137393630626666353961363236613936303434343530373131613564336361 -39373362643465346531636136636366663966393235393366326432383331656134626138643137 -35383339653637636162346330343462383436313138666234623933663763376334376530366232 -65633633633034323766343031333233363239663133366531346265303465643762383530663631 -65343934636232353261303962393663393839326162333838616538373861623335333465373739 -63343531386537666335663732376239363963383162656665646436336430666666333736333432 -62353131363766663766346135643935363337656364363635396362626538366230326163646433 -33313435653133653361376664643663643463373262396364653934363061383462393639653835 -64643136363433616339313438663330623836353037646534656561636538663163366136303533 -33643131376365623236396238336130663039376562303562646465656366616630393563663261 -63363064616162376163363464303735363166623865626530646239613963663538323434613963 -63343830393732633131316564363237623366616132663532356633643935386266343330653831 -37623866353264366539393538633232333066633435313662343635393636313231373835633165 -39336230623465346661613839356134363833633333643335373861646135373439653166353830 -30303661636461373861336536623335633533653433633361376366326136323235636663626534 -36633465383065353730306636383936336264626366633437336632356232666462336661353762 -65636339353531623234303561626535616362343332343463373031653939643266396232306433 -33326438366263623033333262323761363962616130303138346336633230666336316465663935 -62376334613763373339633063333833376139623762363564356165373861306563323934373331 -34363930653565633562386630393764336135613038373035626633326335633762643033346536 -64613233353063313239356633353132343436393938336164333966646330323738393063303936 -65316330613335623034386464383636353364656234323631656136333236636430643535633565 -62656233386235336265336264343865396537393437303638373234323636353433613333656532 -38343734313361623733393538373961623164316537626462306261353238653332353531373031 -30613062656162643230636431333039313030653032343262643330376461313739636239333163 -37343131363138353432326264646232626639653231643339353863346332373761623033626437 -35636464383962313462623533616434343938346536373164333139393331653663613133653361 -37633139303533616637616430323232393634363066303731353534313762346434353363323231 -36306534396364666266383064363036393836306630356338616133346231393832653363333638 -39653766656631633333373836613331663766356633333731313437386239333165333832666434 -66316461383264326266346536646237303038366632666335343939376532353666363232383763 -30666263353566613730363133376561386630306236363363626663363134646434303239333438 -31323436313431623361376138313530343064383139373434336265613833656266353663326636 -65646564333732383231636637386461623661316131353132363061383634376338646533623862 -37663765306565313536363331653464613635383961376632333434316338623534633938393534 -65373438343135613934306562336639343530626538313738613636323430316666306162626661 -32313537636162613636643362616465316233326666633666343565393333616533333834623964 -63373064313639653834323332636463653431383733646531356239386535303831613762663837 -36336161323466653964316230313863373534373338366366626530373531666130303564343364 -62353062356439663462383462383863336433313661663161346438623263646432626531616138 -65663364636537366466303739616261373565636461653433336431626534613534306431373730 -65623939643138346664646439393633613133326538353465396665633662303938376430626463 -39656165666334336666326263623439373435306239646661346638356166326538633535613030 -30656630333666666430363636306262656163376465633966623662303932313031636461366166 -36323265336134613630663831646533633735393762373965313064383962393639313634303030 -32303038363362373036613237653231323237373466623931346166306366373161653464633433 -66616361393638353561393665383832666438343865623964336433336235646532393863383532 -62633537623062663533666531393339336565313031353334646466343134633536613333663235 -66396364373061373763396430646632303061616166363964373363386338313430343261363836 -66393838653835663731623030376563306237663736353461343137643432613761353832326136 -31393663346339646464313764343535383763303837623539613862666563393166393131303030 -62336535313937313031636434313738666533346634336639623430373633666261326230666532 -61313162336462373961313532656465383966663632376432643632613161323162626237626131 -65616137353739313864633436306362356438373231386639656530323634376133303465323062 -37343066306530646662306436373134363735336463323364383361323034353134363133303532 -63343936393962383633363831666434303465656462346536663161643231313862396635656133 -66363239383531306263646433613763383166653832346232373231646635326631633261633961 -64656263636134616137623333663631633533353666353265623862316562356432316164393264 -34313365363165313161663334303562303762363738376362373764346564306139383036346639 -36363463336532376232613731353630653236386165393130343561343665383534326132643666 -33373132656262386336626463386333376239646361623937636434363334356330626333343639 -33323164363939376332346165306638646332323736393632356661333838646237356436383032 -38653333326637376565386261326461613430306162376663313735636237666164356431346663 -63383738393564313262376234393130623137633634333236356363376533326137306130316437 -63616365613937393931313262383037346638346430613666653463636430626538376332663665 -63373833376465643461303863316462623637646235616430646638333363343835663234313561 -32313933373165376263393835326366306536653966663965616364643833643962363866363762 -37316133336437366634333631323465386166626436663661616232333363376334323264333161 -39313032643233353534663136636564343331353931313230343633656131346131666635313161 -39623431653734336637613139663731306434353334303234323864383163643966363163333431 -30623031386264313866663637326436383332353939636666326131626264313736656463663933 -37663131356435323762626635353233623132303230393464393366666433623032306638666237 -65366336623565623137363464313432633238363762363961333638343764633365623265333262 -38323066356431303938633164306439383161363936303765663737306564666338666633666337 -61653634343431323934623931623831666334646362383061613861653736353962366139666664 -31626430666165363936303161323735663335616164626166626232363132613034353932336238 -31643338303131643237316633653539633830323634623764333038333732636263343266343334 -30656430393664333637323064383430653834323836323237336334343638376337393936656530 -66356364346239346465303261373065313932306530353264636266643462386332303532336162 -66663535663833383262633237643661316530636561633332323937663066653137333036663666 -62636133326333333735356532353462353166396338373731393431646438316330343033373333 -31626331313638656438363235353436383736613735356233626166393866316532313432663463 -31626237623435613138653833366463396365376462363531376564373363656361306566383231 -6630 diff --git a/group_vars/all/vault.example b/group_vars/all/vault.example deleted file mode 100644 index 198225f..0000000 --- a/group_vars/all/vault.example +++ /dev/null @@ -1,5 +0,0 @@ -vault_email: user@example.com - -# keycloak -vault_admin_keycloak: admin -vault_mdp_admin_keycloak: my_password diff --git a/group_vars/all/web_services.yml b/group_vars/all/web_services.yml deleted file mode 100644 index 9397b85..0000000 --- a/group_vars/all/web_services.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- - -reverse_proxy_sites: - - {from: hindley.pains-perdus.fr, to: "http://127.0.0.1:5000"} - -sharing_sites: - - {from: share.deso-palaiseau.fr, folder: "/home/histausse/www", user: histausse, group: histausse} - - {from: wiki.deso-palaiseau.fr, folder: "/home/histausse/wiki/public", user: histausse, group: histausse} diff --git a/group_vars/apt_proxy/secrets.yml b/group_vars/apt_proxy/secrets.yml index c21269f..865fc66 100644 --- a/group_vars/apt_proxy/secrets.yml +++ b/group_vars/apt_proxy/secrets.yml @@ -1,12 +1,15 @@ $ANSIBLE_VAULT;1.1;AES256 -38363934386234643266663261656436346165636561613134646532303533383064306637346138 -6161393066393430653537393866613433386138396164380a326434313036373362663563396664 -31326630303565616634623462306234613438383430386364323938663065663166653266636139 -6162646665663666650a363737383736313662353062303766333963616133613634623634343062 -64393536663762343437663334323338373063333461333664353266653461626362356435636166 -33323061636562323434393735383936663463653364623333633138373761633364633864386666 -63666137353562633265616363343435376365363762663865396161373731353062656261326665 -64313537386534366361396134626462333865363666623139666661366634393530393933303636 -35623161373866343438343737656134356364383866313732353864623331393633326438656637 -61633964623836653735393264336236663732663130663838653530646363346362343935646163 -396561613834653532366531373339646165 +30323236643561306338313061343932636537636639393739633834393033346366316339393865 +3661363066636462363234386661333831306534343332340a313261633732313435313634393161 +62323666376565386237643066626363366630643936666566393534376432386166356431326437 +3438393866366232310a666161646462666539356432633539356336376536616261353962373430 +65336564343862343536396362643032313961643561393634643461333236626661623065626436 +32303831336430376162353131316164306264613733396130353966346638633465306165626361 +65616563633065366562346130303561366166343935396630366364636637376430326431363364 +39663565613930333431363838636535313966353362396662653933666138646339343965613035 +34343965363761633835323339366339386462656261353463326333326563666664303863383530 +66646433636235333264336634303164336263376264666362643835656364636563653234346537 +33366232363736636234653733363135323161623564646166316363366137333161663266346534 +30353436633933666363393730393763313739636433316233376533653231393435353032306564 +32396434336364643431333361653937366361623338666431663436303965643635666335653939 +3132663337386166616336653961343335656232616238623631 diff --git a/group_vars/matrix/main.yml b/group_vars/matrix/main.yml new file mode 100644 index 0000000..1a00996 --- /dev/null +++ b/group_vars/matrix/main.yml @@ -0,0 +1,6 @@ +--- + +matrix_server_name: pains-perdus.fr +matrix_local_server_name: synapse.pp.intra +matrix_max_upload_size: 50M + diff --git a/group_vars/prometheus/main.yml b/group_vars/prometheus/main.yml new file mode 100644 index 0000000..ec233e8 --- /dev/null +++ b/group_vars/prometheus/main.yml @@ -0,0 +1,11 @@ +--- + +## Grafana +grafana_domain_name: monitoring.deso-palaiseau.fr + +## Kassandra +kassandra_username: cassandre +alert_rooms: + - "#monitoring:pains-perdus.fr" + + diff --git a/group_vars/prometheus/secrets.yml b/group_vars/prometheus/secrets.yml new file mode 100644 index 0000000..c1650e3 --- /dev/null +++ b/group_vars/prometheus/secrets.yml @@ -0,0 +1,195 @@ +$ANSIBLE_VAULT;1.1;AES256 +65306634353938626165666434636535366339323261666331623065303464613835663338303432 +3732313031393264346335333832343764393733376665610a346330363963373830613034633732 +34306534633733303334333765376262616138376132636633636539306232333037393439313463 +6236393237666564610a636535636333306361663633373263393730393835313635653839333239 +65353237656534663533666163383231393961323531393435373062366633343833666138333532 +31303162393261373839656535313735316361346264636161623237386430326138303964386664 +30373730666438663030306261356661353263643661613762656438303761363736356139663939 +34323665353762386533623565356532643337373066366530636361656233393136303963376537 +36326366643431303036373261333733663461653636353032313464626566613666343336363162 +30343935616538376630333434393138316131636561366264326165393530663336326464356531 +30623831343964306231336330326237313633323933323233313731663538663136343735393032 +36306361646434356263633433643438663730663961336533363264616339336536333462373839 +62383564663563653966366139663065316663356663383033653834363831356433393835366133 +37646561623339386464333761653166613063393739376330323734383139373437303337653933 +32356234366164316561366565326261373837316262363137616637623139346562396638323963 +39336466373338366463616337613239366131623635623461383565313662393565353839383265 +34323665626461643663313932656334623632363062313838363934306637323335656266653436 +39336439343132346633613562353366386338613164306262373032306166326430376165336537 +38623439306135643438643930323966633962633261653266613461633836386439633536303937 +65373862383263313833376438386436633563303233373466393335623239393731663834383933 +36333438663931613335383132343235636534663637323735653339386662356366306339336365 +38343763636638383337313564386564386535383736316331626531666238663337333238303935 +39636436393232306431663963616430646131616364383862653233353131396265393836366131 +33303762633533356332636139373661616436306366303430623864336435333363343663656533 +30316261663932393437626133386364326362636262366538623732373961306366356133323964 +35623635316264346635356266303237323535376362343738616564633865303236353861303636 +65393038616662653966616230393830323964336633656565313639616630613832303133636635 +31636436636432333739643133386236363039643430646232363632366664623866623963646431 +31373061636563393035343035393238653562623063366530363461613934666337376232626364 +35336161323234386666613136303935656635653631366339383863383635343566323561336537 +61643336623936393465623664666566623039636162346563333866386531356537643737363437 +39303530396331383536613762323636623235376238666434383635656461313636633130643732 +33333034656264623233373137303333656335323434353732343634333733316532643134653437 +39323762663535643563633163303435323264343031623764343930653138363433323162303866 +39393662333136633466343832326661623831313535363435323764303035636337653731336361 +31356231346562666430313062633935636432633238333034323437313935396266303039636234 +30653331313461386334616161663736303036386534306164653834346230363636613036656238 +38356564666166346439643836623237613832626432303833663866333564363830366634303466 +64626364333531343434373633373835643562633836343232633834373165366434396465663062 +33623932616461613233626664626539646435633964646237626263376361343934633166306265 +65626130376165383766373830383931303930366631633135323835653635633135616535333734 +62613532623066363363623933306666303265336134643739366230393139376361306530353832 +36643733346538376330353861646339623266613261613936663131663830313961373634303230 +30626132356335363064366663623734396365633366316239616263643062303538636432666633 +66663064616538626630346330316530303666633531653965663463333334386538656634356661 +38653266366638663164343865353230393663666430316661653565303839303061363639303063 +30666364626136633963396433326530313462613637346136396233373433623766643239383263 +34643139653239653661356265343330663736303563346536653037343833663364626562333361 +38343438393037326433646337663666343665336236373335613563623261383861313236346536 +34366630346164363038373130626537343938666264363136666665343561613630376131396261 +39653561306334343961346239343035633266326332353563353935306431396463303030373561 +38656134353539303466356635373039623730363862653930626465663763663165373639306461 +30653730366634356662396136376134616237343430396531343637363663313334666539306664 +34333266633335643366343531343865313863313761343661316566663235396235616263373032 +39316635363931616266613134663435313463643164373962616535393435366361323830346464 +34393431383866336664393262636666346561636335393661303264313065653264623966353766 +34393137386536343939353733626232373538623137393832326562376637313162353463653534 +35633761346164393838326239643036343536333532393536663134323965653964313632306366 +34313465356432613332653661383938366566616463323565386564366264613937626634343061 +31633365646438623565623964356362303033323765633434653563363362393036666139353530 +64353734313661613530626130616661616265353964353061373037386461356163643430306639 +39656138613233613164366332363162333339363361383437306562323530643430623363366264 +32343439656639663766333663343533663361303134383535653339373730343836653035643638 +33363033303965346632336665623364336539626361333162653837356562326161303432316637 +35346536666463373961616461383061663863616532646535623835333737396166616537313537 +65326231303464343936313636343666393738316139396238313337656333613863363361326435 +64653630666138666134633362313431353363303863376237316366346430303763616164356534 +37363833626562306638393866313537383661396131313837633430386361386136383837396166 +64373235353831323439343538376362373538366633386164663735353562353764313331363364 +37646232643861363833356137346261623232393566396461363139623030303738303266333737 +32396431383361396134653735383737653462613037663235383466303964396565633666633332 +36313364306330376464363465646632313531353863656665623531613563316530623461653334 +39373061633134363765316131653738383164643131643664323334656537353963623237626634 +31636565363334393266386365636338616666323464633336613536386434373339386537386235 +35333137383761663635656132333263336235356261373465323137316362353731653736366663 +61383864633930643862663062333336633863373434626435663635656630363438323831386533 +37646532613831336463343737653066316531323764323135626264373030626434633233623237 +35316135396330346135613731326535333961313331653736663266333836386464643261646533 +61376530616130303364343265303333336333656538653064643164316530306162326238303738 +61616635373430616432666362643536333633373638393663313838633434366566353530396532 +66353562353937646466633439313331353931333636393362356335656231633835323364316365 +37656465626539373562646334363839313331633563306434383663633531626663333930353133 +32613936333865396466373263643933623333633565653130373566323766666433316661636162 +64346366376437653961306564356236663136333935393336366639303831623133333236666539 +36393230663735613163336164626164633131653965333962653364393361366462323636656432 +33336634663664623132636437373138636539373538383466623064613266353862376530353835 +62303732656532373465616531376232626161356230653635396135383561396438373266656263 +30316637313563643539386435373462663334636631366633386633646135303039306663613635 +63313462373266663462656539353233623961353832346335333432633230636534323064326463 +64633336323032636236366138343862303534653330626431326334356535323235613631613636 +31306632363130626465306531356464306164383966306632363031636533393666656530623337 +31383231333463643864313863303032663034383635336436303733626534393165653530643861 +66663037326330363962373161633037383437646365643538646635616237633563303133316563 +31363932623534643034663264363466636531626262396561383137626235383864306364663865 +33373136656564623332366436336330343034323664646434616339343461336335613365653034 +33356165616261303561353934643630656563353133353733333961366362633136386532643166 +65333839366437633538313963636238303135633131326334663734623935353439646436373930 +34363162653333356264336566613837343139366666343338383266646637613835356537393839 +61343431613236653834306438306262323937343464633262346637616336383063333735303332 +31346632393334633037653164643937333761633936616461636331373164666337643536333430 +62363431373362653461616662636565666332623132643333353937343332326534306666396231 +37653832626333303635323364373163653837613631396437343434376532633331623431623663 +33353431306664316332626662396438393962623833386335653330636631306130636631633434 +31366661643033653962613938616233653433336462326538643930666362336663333237323164 +34343735663038336232336134353432626439316339393430623266333563666165326237626264 +64336365333461323361656665653537643966326362373338393864663363313930313565656165 +64613761616136366162333231383464663930663761306466643933386135613936303664643639 +61366231643433303733373934363965623261633961366232656135313462363265633334653234 +66616536616138313064316436333262323466363533313930303862663565313134636564636631 +62666336646263316530383632326635643838373632303263613637646332626638353136653439 +31653139383732653663653066373865613139373633636137353337303336626136303036396337 +38643232633736343666626363666431393462643166616434356237623634393263386337353132 +35373639323061373666626433343534303065346534393233643730396333626334303861306132 +33316666343035373365366638366463316464303233333733333661373139383035326363393431 +63633663373261373565616337313131303737353961373235333635323063353164383438626362 +63663965613733663065386437646562313230623261643237636362386535396264363062323738 +32616630373064356239386136343231313631326635633233653831393736636364636431356433 +61313866393165336133363738383131356466333136613635306364633139323935303038343663 +66636139346336303832613763363966393734356463373863316437663163346335333237376633 +35306639653936316430646264646437303132316432316437656536643734353263303062353233 +34663038323236333435306262313934386630396461633462383339666638616633316338326231 +36343338623161356431316363653734383039393133383839626532643630333737386163623164 +39353865643933306330636130326132663135386165633939383561306563663033356334663236 +37316566343561616130613062343166336132383039656465323562616364373035313139303338 +35613764643061623265393537663639393165636663613337343633613164623466393734623864 +64373565333132373264366534353864633432383631633531373061353135333365663762323032 +35366166356261616633383263343035353132313732626262383630353539303232623930633031 +37616638653731653965346566396233386539626534393666353762303565386432393162333064 +66333336383434303065373236383664663335316566326361303530666432666565666662383063 +66626631303565646166636334626539363164616166303234383339326632663838343235393037 +63353763366566323538366361376233376537303063386264643831353463386632313436393231 +38333838393832313531383937666137316132366339666634303061663133663733336636333435 +30363936356564636137613337643831306135366462663835643065646530363534363965653738 +61393530343037666231386334323363376262376265313462656366653535393038303962366166 +64656131623435323534353461386632643266623435666433313538663631653532303737303963 +63653931633131633461613933333437623665626537646136346232626630343737383136343331 +36316136303364343134653630643763353933616436643036313731336637653965366433343938 +34306337393530623339373364353465313063393537303136306632313537623564303937326333 +37383139643564393438303539656165306562343731366630353934663363313036636630653036 +30373432366362313834613339653935303434613936393938336461623933333935353965623739 +30313630393865316131386131346139346664626230636531336362393965383466356161333439 +66636432666432356638623437666362613935323134346137386536386133666336323534663262 +34336539643337616434333438643136313661636165356562633863343435613263323639326164 +39663738363462366239396438623037663235623562656135393866663534613731623761373034 +64663237383330643565393034636530336362636462623439323339373136333330666235316438 +35383461393032383663653532353636346137386363636362363765663865396133333333383731 +61613763633139303833373337323536306632373562346634356262313363323566646535616433 +37393864643637353035626665303435613733343133653064633033623861376365326431613332 +63333238666130313466333061633337383465666138393838613830656439383364393133303964 +39623233636665356165626534326163656436363831316334326238343638333931313464656237 +31656433616530363635653963613833613031346236636365396631316236323664346661653464 +31633537613732333165633965663037343338323538626535646537313330636462653063346235 +38633833643765346638636434356536313339303865636366346462666331306637653366386531 +61353938363662663030393039373536386332346433313565376564373135666566376238303932 +66663830356530313161646139643864313838373632613665666430663430656164323734636666 +34346633613932653863613830383933306232376636396230313862373532363039623061343338 +39623732653932336230663239373539323564313538363633623663363265333230653530363265 +35386661626631636336306637386630623564363733353330396232353931333032316262353133 +65616462376665343539343666643361626464666362386662316134626266336665353163346536 +38633532346366313339343733333962303535623534633931373331646433343033343535376466 +64383666373531363736653333383839386464653462613662633466663432633361376134343464 +37633166656531646261373262336334663065623532376161613132666637386334626239626236 +32323833353338393662613164326434666462626633383834386535313462643766343362326637 +36353239633938316563656564343538386231376464333837653430613634643834313533376232 +34623336366361383330643061643165353838613362643161393032656536376534353035623066 +36333430653034373561646234373238313739663035366261373961376132336666313539383163 +63383237393361633966626466656566613432316633376261353466333062323764323731626333 +62323334303237653136353166616337373762653564626262653233633435343838353239376261 +34353035316537383933623466313531333330363838313766373737346666376337323037636637 +32373937666638646539323762656431353866626236383534643130333166383363646637306335 +61313465363632623237333136326636383238646563366232623837316638313538313066396461 +35343739386237323137343964666639373433623338633738333832653565373936386431666164 +35313164303034663935313330313438353331303863613266386166303938616631343234663030 +33613535643334656638383663643133613935373734633935626332326536613963366464653230 +36613764386136316239333462303861326263323164353063666665636139653666653562393131 +37333062353164323530643439396662323666316262313266353831643362393864323739616363 +35626363353732663663353662376462363035303835323834383935396664616130623037663461 +62626135623562323963303830346233326662636166636162373263643231343634613632653930 +63333837383135646132393739333039306565353166323737666533663136306233373030373061 +39326136313631316665383561396564313830613464383165316130633438316637643330613361 +63353537633762353731366537386235356631653336363364393763356431643032656435613739 +36383835363135636162666366393035653034376466376433613266653031393463396239383065 +37326336633631373233346430363137386638333334363361313336386666353565396633373038 +35336663636262633263666265613163363666646164323334626137643432383564616235616562 +39336564383335313335653465643864633064393037386363373566323764366533326630333733 +31653137623261313263316631623531373831313564363936326431313633386166373032393161 +63363166336230376130633265666130396235353635336161643362343063326564613561383962 +36393830353030396566373736376333666536383236353361393365343137316130303965633630 +36306237663831336232633163393032653535396565333666373438643131616639383436353461 +39313263343964363838313737653065336335326535306231353266623830303232313365336466 +37303638303663643964623830343166393834326339376132643862383662386262636365303461 +64396462656632626436343966656131633732616563326130663730326137363262396530623430 +37616638313661313366353737663234343264653434313838656264636262643535316164373130 +3065323635386233366533373733323234393165643633626335 diff --git a/group_vars/all/in_memoriam.yml b/group_vars/proxy/in_memoriam.yml similarity index 100% rename from group_vars/all/in_memoriam.yml rename to group_vars/proxy/in_memoriam.yml diff --git a/group_vars/all/revers_proxy.yml b/group_vars/proxy/main.yml similarity index 70% rename from group_vars/all/revers_proxy.yml rename to group_vars/proxy/main.yml index 34aea68..685f861 100644 --- a/group_vars/all/revers_proxy.yml +++ b/group_vars/proxy/main.yml @@ -1,9 +1,9 @@ --- reverse_proxy_sites: - - {from: wiki.pains-perdus.fr, to: "https://azerty.fil.sand.auro.re:2443"} - {from: hindley.pains-perdus.fr, to: "http://127.0.0.1:5000"} - {from: "{{ grafana_domain_name }}", to: "http://127.0.0.1:3000"} sharing_sites: - {from: share.deso-palaiseau.fr, folder: "/home/histausse/www", user: histausse, group: histausse} + - {from: wiki.deso-palaiseau.fr, folder: "/home/histausse/wiki/public", user: histausse, group: histausse} diff --git a/group_vars/synapse/main.yml b/group_vars/synapse/main.yml new file mode 100644 index 0000000..34bb740 --- /dev/null +++ b/group_vars/synapse/main.yml @@ -0,0 +1,43 @@ +--- + +## Synapse +matrix_enable_registration: False + +matrix_apps_services: + - discord + - facebook + - signal + - instagram + - telegram + +# Not configured for now +matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push + +## Bridge facebook +matrix_bridge_facebook_admins: + - g33kex + - histausse +matrix_bridge_facebook_allowed_external_user: + - '@dorianx:matrix.rezel.net' + +## Bridge signal +matrix_bridge_signal_admins: + - g33kex + - histausse +matrix_bridge_signal_allowed_external_user: + - '@dorianx:matrix.rezel.net' + +## Bridge instagram +matrix_bridge_instagram_admins: + - g33kex + - histausse +matrix_bridge_instagram_allowed_external_user: + - '@dorianx:matrix.rezel.net' + +## Bridge telegram +matrix_bridge_telegram_admins: + - g33kex + - histausse +matrix_bridge_telegram_allowed_external_user: + - '@dorianx:matrix.rezel.net' + diff --git a/group_vars/synapse/secrets.example b/group_vars/synapse/secrets.example new file mode 100644 index 0000000..938593c --- /dev/null +++ b/group_vars/synapse/secrets.example @@ -0,0 +1,34 @@ +--- + +## TODO: replace this example file with proper documentation +## Synapse +synapse_postgre_user_pwd: +matrix_registration_shared_secret: +matrix_macaroon_secret: +matrix_form_secret: + +## Bridge discord +matrix_bridge_discord_postgre_user_pwd: +matrix_bridge_discord_client_ID: +matrix_bridge_discord_botToken: + +## Bridge facebook +matrix_bridge_facebook_postgre_user_pwd: +# Those values are generated by the bridge the first time the bridge is launched. +# we copied the values generated from our test config +matrix_bridge_facebook_integration_manager_shared_secret: + +## Bridge signal +matrix_bridge_signal_postgre_user_pwd: + +## Bridge instagram +matrix_bridge_instagram_postgre_user_pwd: + +## Bridge telegram +matrix_bridge_telegram_postgre_user_pwd: +matrix_bridge_telegram_api_id: +matrix_bridge_telegram_api_hash: +matrix_bridge_telegram_bot_token: + + + diff --git a/group_vars/synapse/secrets.yml b/group_vars/synapse/secrets.yml new file mode 100644 index 0000000..5889687 --- /dev/null +++ b/group_vars/synapse/secrets.yml @@ -0,0 +1,95 @@ +$ANSIBLE_VAULT;1.1;AES256 +63613062313131653261643433653535326438363161343337326234353165393065663066653938 +3362356639356131643030643264663136373764663933330a386138363330363636326266653936 +66333866353330386163643964626232363166353439363461626230363437306330386162653638 +3263323861623834660a326530633963666139323431393434333038336435303363393432616130 +64373938393430396665663035313937396632396332343434353361626636353636316134383130 +31363131353633613563666437646262373132363366363836616231306137323134326562383337 +39633161386132666162373831373036656632393737653937636164636437336366336338383030 +34313434336230623135643531316164613962623765333131653135663131613338396461386261 +66363137663935653734306461616366313636393633313765613764646535613938666664353932 +63643833323335356538366434393363373463646632306232623230663735626235653434306137 +31353034386162393431363938316261666431653766636464373735363661363338343861313564 +65613963616438323961333639613332663531663834636166653439666461353261383731343862 +31636535323932363539383034363535653865653366346432656332626665633766353363303738 +61653231663565613266363564316237323834373330626333623638343639343763393062396531 +37383833353839356563623034373737663436386130333932313835306437623065363166633635 +62653030313131636638323137383031623363663061376333616438343239353332333636626230 +35373034373830306165363235386263376130623065333037663366653937383935373666323661 +31303235376562643037316134326664353864386436316665633031363163623265306339313866 +63303936353434326234343363383139626265323132373638313064643665373065613162326635 +30313063376266383632626332343037633233366165636131363736303532326662663865343432 +31363366623032663233306333666635646366386433643066613336366532326266316634383765 +31363166626636333363643737313831326664613462663631313164386130373536653561303238 +62646362643937363339626265356132383966646231356462623831663736643763623665353763 +37313234363135396335313637613030313539396336333562303065613739353238663135386663 +62313536306263383232633232633639333461643039393739636235663761313230626532343934 +63623136326638646633303663363430396232376630306339343037663364336166353133366361 +65383732383033613633376265343362613864346230613733333130356566376537393934616630 +35656136356136353830636332616133623031613165353530666533613362633637343335633635 +37323033656533633936316366613965323532646538386264393234386431393364653763653763 +61626438636364623632646364633733366636376433336366346663383831303766303739653362 +39613265396232343435353065323361656635636336373637306163303730626536363166333364 +37623732383733633564623162623861373733323037643535663833383161313262636337613033 +62303033396237633530353031356232336533616432366232616262343335643536316437623430 +39373765313137376264656633646437346266316632356535376236396237363934396537623333 +30356433333339363164316437393233643337356439373634336466653466303136333531633630 +39313765356633353163376466666230633266383833623364383238323863663937356532653734 +62363266633235616662663166366136356532653932376636613466396330613234343766663530 +64353536383232353131313235383738333136666130356537646231346561373639373438656231 +30323032646431323436303231663935323330393230373762336631316236366462373433616365 +31396335353666393233653137393936303562663131643265326235306538326635363463343364 +37373064666335666563666332613132363431376230366163626132306134633831373632623765 +62613633323739393437366135396164383339356536663066636433393562396131393839386461 +37623231613566396436616439613263373366643534353965656562663834633937343633343565 +64303165313833613034613965356637633761633862633964316264323138383238366163643366 +66666461613066313638363432636666313166306363383636653361666565383035613161393333 +39376338636438343532376134363434666465363332653534363434663565653736613663323263 +66386361633230626331326638636161626331663233363365326665616637623962643233353436 +65306235346531636435313038313739643737303036326238353065663930626361316262653362 +65376565323038333466376366373430383138666631363465303134373561373131333533656233 +37383138343062306330396265373334386139623235323833323533613636373333363165303434 +31616336336434633834353963643330386565336565353533623532316664626665663936613231 +62666439386663393339373235623733383233653364623662666635306461656233323835393163 +30306261386362653134316537326238663634623830623466316438343862353131326361623035 +31346164376137616237333539333766333964366435343234333165656666643231333466646635 +63343337323336386661663862383034363865643565643131323932623737376231313235643939 +31323831363534633965623864326236626636376433633334326466643138636263356262373962 +62383937623439643364633832313663326231616463656266303530343835363236313239386164 +30363963383435336438366263313064653633393737623666616239353336643331303435323335 +31633562636339613363376236376135353735653331666132323033613666356535313834636330 +64363366383266303136313738633931383032666339653132656431646332306463353562326561 +36373764306361613761353163356430666363343561313864623963303166356437376136333732 +62303337346663636439616431306234353362353838333331636363626138303033373238656137 +37326432666164323262366637323162326364303665333431653537343932643465356332633433 +32663263653437316137636263356363366565656538373261333336336332313536363930336134 +34336435326531333037636133646639643564333934356431303737373731666433353061666539 +62663862343233393063353932633366653538643662393266343834626236353366363936396166 +34636139623533306366623061316266393062356562333134653236326365656161303962383061 +32643363386335363366636239343435303830653638333530363362323439373838656265366531 +36373031613962656632373839663431343338353465653535393861383965336232363731373533 +66623535653364333664373363636532323137643461326661353961303762343366323533636363 +38353436393137326235656434363332623565306362616561643837333034383266316362303230 +66303735353435393031663232363161333964303538633336663365393966636161376335306264 +36326435636162353664353161373037313437373765373231363434346530373739356137396133 +37383733346435666634633832373064303163656565393334646162313462356235383764353633 +35363738616162303239383964323135616232653562356233366262353533336131393231353332 +36646139356339386137323764336665346534623964613865646330323762666135326361336632 +38653935633933313762643565613332346364396462303366663064313966626262643430323766 +61333135616131643065613763666331653730386339343766303035613065343136616163386631 +35346234316361366464636464633431633039363631623863653630313262623030646666376664 +33656331383536643463663236393430373564373865396134633461373534616435333564396537 +37396664303363393036633537323334363339393230623463376235343234356666633162396362 +66333631616665663931616438333531633333356532343135633564626162613331663239333966 +64323235393764383639326236353439643934616564656432386537613934343537613330323463 +61656634383338653632383232393135323836616461333437363666376661353933306639656465 +35643333393435313330333134383866626530623730313230333437356435613335393835363734 +32616561643737623835326531373164393061353934656638643436643838363865336239616463 +35346563613630313534343864336234663838363638653230646464653765633162303231353532 +30643536333763353662353662653532636539396461373864303664313834343132343636636533 +37653637623630646461343433373232343863316234336339333466346238363863616161613036 +36353738393966366138383666626161366332633534306230316632326637393865353665356664 +33613737303638373461313462303565386664376238636262313638613161363233346661326531 +62643831363164336266363436356638383661343164376562656265363361353234323835313534 +37626461333639623739306634306131643334353335353465646363326537666431303537396634 +6134346232656665323561353433323661636262306232643735 diff --git a/hosts b/hosts index 8813170..67b13dc 100644 --- a/hosts +++ b/hosts @@ -30,9 +30,6 @@ bismuth technetium # Groups -[proxy] -hindley - [apt_proxy:children] vpn apt_cacher_ng @@ -42,14 +39,21 @@ hindley sulfur technetium +[matrix:children] +proxy +synapse + [apt_cacher_ng] hindley -[prometheus] +[synapse] +sulfur + +[proxy] hindley -[matrix] -sulfur +[prometheus] +hindley [proxmox] vanadium diff --git a/roles/configure_resolved/handlers/main.yml b/roles/configure_resolved/handlers/main.yml deleted file mode 100644 index 2937480..0000000 --- a/roles/configure_resolved/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Reload systemd-resolve - systemd: - name: systemd-resolved - state: restart diff --git a/roles/configure_resolved/tasks/main.yml b/roles/configure_resolved/tasks/main.yml deleted file mode 100644 index a3eff0f..0000000 --- a/roles/configure_resolved/tasks/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Change the DNS server - lineinfile: - path: /etc/systemd/resolved.conf - insertafter: '[Resolve]' - regexp: '^#?DNS=' - line: "DNS={{ dns_resolve_server }}" - notify: Reload systemd-resolve - -- name: Remove the stub listener - lineinfile: - path: /etc/systemd/resolved.conf - insertafter: '[Resolve]' - regexp: '^#?DNSStubListener=' - line: "DNSStubListener=no" - notify: Reload systemd-resolve - -- name: Link resolve conf - file: - src: /run/systemd/resolve/resolv.conf - dest: /etc/resolv.conf - state: link - force: yes diff --git a/roles/generate_self_signed_certificate/tasks/main.yml b/roles/generate_self_signed_certificate/tasks/main.yml index 3fc83bf..334635b 100644 --- a/roles/generate_self_signed_certificate/tasks/main.yml +++ b/roles/generate_self_signed_certificate/tasks/main.yml @@ -4,9 +4,6 @@ name: python3-openssl state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Ensure the cert directory exists file: @@ -25,7 +22,7 @@ privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem" country_name: "{{ country_name }}" organization_name: "{{ organization_name }}" - email_address: "{{ vault_email }}" + email_address: "{{ certificate_email }}" common_name: "{{ server_hostname }}" - name: Generate a Self Signed OpenSSL certificate diff --git a/roles/grafana/tasks/main.yml b/roles/grafana/tasks/main.yml index 5f4be5b..cbd05c2 100644 --- a/roles/grafana/tasks/main.yml +++ b/roles/grafana/tasks/main.yml @@ -5,9 +5,6 @@ - apt-transport-https state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Add Graphana Repo Key apt_key: @@ -25,9 +22,6 @@ - grafana state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Configure Grafana template: diff --git a/roles/install_docker/tasks/main.yml b/roles/install_docker/tasks/main.yml deleted file mode 100644 index d9de1fa..0000000 --- a/roles/install_docker/tasks/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: Add the docker repo key - apt_key: - url: https://download.docker.com/linux/debian/gpg - state: present - -- name: Add docker repo - apt_repository: - repo: deb [arch=amd64] https://download.docker.com/linux/debian buster stable - # TODO replace by "... /linux/debian $(lsb_release -cs) stable" - state: present - -- name: Install docker - apt: - update_cache: true - name: - - docker-ce - - docker-ce-cli - - containerd.io - state: latest - register: apt_result - retries: 3 - until: apt_result is succeeded - -# Official methode for docker compose, redundant with pip -#- name: Install docker-compose -# get_url: -# url: https://github.com/docker/compose/releases/download/1.28.0/docker-compose-Linux-x86_64 -# # TODO: replace by "...1.28.0/docker-compose-$(uname -s)-$(uname -m)" -# dest: /usr/local/bin/docker-compose -# mode: '0755' - -# Methode requiered by ansible docker_compose module -- name: Install docker and docker-compose - pip: - name: - - docker - - docker-compose>=1.28.0 diff --git a/roles/install_gitea/handlers/main.yml b/roles/install_gitea/handlers/main.yml deleted file mode 100644 index 3fbdb12..0000000 --- a/roles/install_gitea/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: restart gitea - docker_compose: - project_src: /var/local/gitea - restarted: yes diff --git a/roles/install_gitea/tasks/main.yml b/roles/install_gitea/tasks/main.yml deleted file mode 100644 index 524540b..0000000 --- a/roles/install_gitea/tasks/main.yml +++ /dev/null @@ -1,74 +0,0 @@ ---- -- name: Ensure the directory exist - file: - path: /var/local/gitea - state: directory - -- name: Ensure the user gitea exists - user: - name: gitea - create_home: no - password_lock: yes - -- name: Retrieve info about users - getent: - database: passwd - -- name: Warning - debug: - msg: This is a test server, do not use in production - -- name: Copy docker-compose.yml - template: - src: docker-compose.yml.j2 - dest: /var/local/gitea/docker-compose.yml - mode: 0644 - owner: root - group: staff - -- name: Start the container - docker_compose: - project_src: /var/local/gitea - -- name: Copy key - copy: - src: /var/certificates/{{ server_hostname }}_privkey.pem - dest: /var/local/gitea/gitea/key.pem - owner: gitea - group: gitea - mode: 0600 - remote_src: yes - notify: restart gitea - -- name: Copy certificate - copy: - src: /var/certificates/{{ server_hostname }}_cert.pem - dest: /var/local/gitea/gitea/cert.pem - owner: gitea - group: gitea - remote_src: yes - notify: restart gitea - -- name: Specify the link the private key - lineinfile: - path: /var/local/gitea/gitea/gitea/conf/app.ini - insertafter: '^\[server\]' - regexp: '^KEY_FILE' - line: KEY_FILE = /data/key.pem - notify: restart gitea - -- name: Specify the link the private key - lineinfile: - path: /var/local/gitea/gitea/gitea/conf/app.ini - insertafter: '^\[server\]' - regexp: '^CERT_FILE' - line: CERT_FILE = /data/cert.pem - notify: restart gitea - -- name: Use https - lineinfile: - path: /var/local/gitea/gitea/gitea/conf/app.ini - insertafter: '^\[server\]' - regexp: '^PROTOCOL' - line: PROTOCOL = https - notify: restart gitea diff --git a/roles/install_gitea/templates/docker-compose.yml.j2 b/roles/install_gitea/templates/docker-compose.yml.j2 deleted file mode 100644 index 9f670c9..0000000 --- a/roles/install_gitea/templates/docker-compose.yml.j2 +++ /dev/null @@ -1,43 +0,0 @@ -# {{ ansible_managed }} -# version: "3.8" - -networks: - gitea: - external: false - -services: - server: - image: gitea/gitea:1.13.1 - container_name: gitea - environment: - - USER_UID={{ getent_passwd["gitea"].1 }} - - USER_GID={{ getent_passwd["gitea"].2 }} - - DB_TYPE=postgres - - DB_HOST=db:5432 - - DB_NAME=gitea - - DB_USER=gitea - - DB_PASSWD=gitea - restart: always - networks: - - gitea - volumes: - - ./gitea:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - ports: - - "{{ gitea_https_port }}:3000" - - "{{ gitea_ssh_port }}:22" - depends_on: - - db - - db: - image: postgres:9.6 - restart: always - environment: - - POSTGRES_USER=gitea - - POSTGRES_PASSWORD=gitea - - POSTGRES_DB=gitea - networks: - - gitea - volumes: - - ./postgres:/var/lib/postgresql/data diff --git a/roles/install_keycloak/tasks/main.yml b/roles/install_keycloak/tasks/main.yml deleted file mode 100644 index b291cbc..0000000 --- a/roles/install_keycloak/tasks/main.yml +++ /dev/null @@ -1,66 +0,0 @@ ---- -- name: Ensure the directory exist - file: - path: /var/local/keycloak - state: directory - -- name: Ensure the user keycloak exists - user: - name: keycloak - create_home: no - password_lock: yes - -- name: Retrieve info about users - getent: - database: passwd - -- name: Warning - debug: - msg: This is a test server, do not use in production - -- name: Copy env variables - template: - src: dot_env.j2 - dest: /var/local/keycloak/.env - mode: 0400 - owner: root - group: staff - -- name: Ensure the certificate directory exist - file: - path: /var/local/keycloak/certificates - state: directory - -- name: Copy key - copy: - src: /var/certificates/{{ server_hostname }}_privkey.pem - dest: /var/local/keycloak/certificates/tls.key - remote_src: yes - owner: keycloak - group: keycloak - mode: 0644 # 0600 -# I wanted to limite read access to the private key to one "keycloak" user, -# but It doesn't works because the user running some script inside the container -# has a fix uid (1000) and obviously this uid is taken on the host by the first -# user created... I hope you're serveur is well protected... - -- name: Copy certificate - copy: - src: /var/certificates/{{ server_hostname }}_cert.pem - dest: /var/local/keycloak/certificates/tls.crt - remote_src: yes - owner: keycloak - group: keycloak - -- name: Copy docker-compose.yml - template: - src: docker-compose.yml.j2 - dest: /var/local/keycloak/docker-compose.yml - mode: 0644 - owner: root - group: staff - -- name: Start the container - docker_compose: - project_src: /var/local/keycloak - diff --git a/roles/install_keycloak/templates/docker-compose.yml.j2 b/roles/install_keycloak/templates/docker-compose.yml.j2 deleted file mode 100644 index a102919..0000000 --- a/roles/install_keycloak/templates/docker-compose.yml.j2 +++ /dev/null @@ -1,18 +0,0 @@ -# {{ ansible_managed }} -# version: "3.8" - -services: - server: - image: jboss/keycloak - container_name: keycloak - restart: always - environment: - - USER_UID={{ getent_passwd["keycloak"].1 }} - - USER_GID={{ getent_passwd["keycloak"].2 }} - - "KEYCLOAK_USER=${USERNAME}" - - "KEYCLOAK_PASSWORD=${PASSWORD}" - volumes: - - ./certificates:/etc/x509/https - - /etc/localtime:/etc/localtime:ro - ports: - - "{{ keycloak_https_port }}:8443" diff --git a/roles/install_keycloak/templates/dot_env.j2 b/roles/install_keycloak/templates/dot_env.j2 deleted file mode 100644 index dd648b0..0000000 --- a/roles/install_keycloak/templates/dot_env.j2 +++ /dev/null @@ -1,4 +0,0 @@ -# {{ ansible_managed }} - -USERNAME={{ vault_admin_keycloak }} -PASSWORD={{ vault_mdp_admin_keycloak }} diff --git a/roles/install_nginx/tasks/main.yml b/roles/install_nginx/tasks/main.yml index 218ca39..fe31967 100644 --- a/roles/install_nginx/tasks/main.yml +++ b/roles/install_nginx/tasks/main.yml @@ -4,9 +4,6 @@ update_cache: true name: nginx state: latest - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Add wasm to mime type lineinfile: diff --git a/roles/postgre b/roles/postgre index 3e6d419..f774bc0 160000 --- a/roles/postgre +++ b/roles/postgre @@ -1 +1 @@ -Subproject commit 3e6d4199b531bd328ad51e577b0c6b7be0eaa76b +Subproject commit f774bc096487cba7fec6ed9e196032e169cfbb4a diff --git a/roles/prometheus-alert-manager/tasks/kassandra.yml b/roles/prometheus-alert-manager/tasks/kassandra.yml index bdad442..fb117f3 100644 --- a/roles/prometheus-alert-manager/tasks/kassandra.yml +++ b/roles/prometheus-alert-manager/tasks/kassandra.yml @@ -6,9 +6,6 @@ - python3.9-venv state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Create the kassandra user user: diff --git a/roles/prometheus-alert-manager/tasks/main.yml b/roles/prometheus-alert-manager/tasks/main.yml index be60549..6bb246b 100644 --- a/roles/prometheus-alert-manager/tasks/main.yml +++ b/roles/prometheus-alert-manager/tasks/main.yml @@ -5,9 +5,6 @@ - prometheus-alertmanager state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Setup the arguments for alertmanager template: diff --git a/roles/prometheus-blackbox-exporter/tasks/main.yml b/roles/prometheus-blackbox-exporter/tasks/main.yml index 5b3af82..cc580ce 100644 --- a/roles/prometheus-blackbox-exporter/tasks/main.yml +++ b/roles/prometheus-blackbox-exporter/tasks/main.yml @@ -5,9 +5,6 @@ - prometheus-blackbox-exporter state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Copy the CA cert copy: diff --git a/roles/prometheus-node-exporter/tasks/local_x509_collector.yml b/roles/prometheus-node-exporter/tasks/local_x509_collector.yml index e7c896b..0c82583 100644 --- a/roles/prometheus-node-exporter/tasks/local_x509_collector.yml +++ b/roles/prometheus-node-exporter/tasks/local_x509_collector.yml @@ -5,9 +5,6 @@ - moreutils state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Ensure /usr/share/prometheus-node-exporter exist file: diff --git a/roles/prometheus-node-exporter/tasks/main.yml b/roles/prometheus-node-exporter/tasks/main.yml index db8b2a8..1b2cc1c 100644 --- a/roles/prometheus-node-exporter/tasks/main.yml +++ b/roles/prometheus-node-exporter/tasks/main.yml @@ -1,27 +1,27 @@ --- -- name: Use a newer version of Node exporter for ubuntu 20.04 - block: - - name: Set the default release - lineinfile: - path: /etc/apt/apt.conf.d/01-vendor-ubuntu - regexp: '^APT::Default-Release ' - line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";" - - name: Pin node exporter - copy: - dest: /etc/apt/preferences.d/pin-prometheus-node-exporter - content: | - Package: prometheus-node-exporter - Pin: release n={{ ansible_facts['lsb']['codename'] }} - Pin-Priority: -10 - - Package: prometheus-node-exporter - Pin: release n=groovy - Pin-Priority: 900 - - name: Add the repo from groovy - apt_repository: - repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe - state: present - when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal' +#- name: Use a newer version of Node exporter for ubuntu 20.04 +# block: +# - name: Set the default release +# lineinfile: +# path: /etc/apt/apt.conf.d/01-vendor-ubuntu +# regexp: '^APT::Default-Release ' +# line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";" +# - name: Pin node exporter +# copy: +# dest: /etc/apt/preferences.d/pin-prometheus-node-exporter +# content: | +# Package: prometheus-node-exporter +# Pin: release n={{ ansible_facts['lsb']['codename'] }} +# Pin-Priority: -10 + +# Package: prometheus-node-exporter +# Pin: release n=groovy +# Pin-Priority: 900 +# - name: Add the repo from groovy +# apt_repository: +# repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe +# state: present +# when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal' - name: Install Prometheus Node exporter apt: @@ -31,9 +31,6 @@ state: latest update_cache: true install_recommends: false # Do not install smartmontools - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Install the local_x509 exporter diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml index e5c0efd..eb6318c 100644 --- a/roles/prometheus/tasks/main.yml +++ b/roles/prometheus/tasks/main.yml @@ -6,9 +6,6 @@ - prometheus-pushgateway state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Ensure the alert folder exist file: diff --git a/roles/reverse_proxy_http/tasks/main.yml b/roles/reverse_proxy_http/tasks/main.yml index 5ebf7fb..db4bf5f 100644 --- a/roles/reverse_proxy_http/tasks/main.yml +++ b/roles/reverse_proxy_http/tasks/main.yml @@ -6,9 +6,6 @@ - certbot - python3-certbot-nginx state: latest - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Ensure the cert directory exists file: @@ -38,7 +35,7 @@ loop: "{{ reverse_proxy_sites }}" - name: Generate Certificate for Domains - shell: certbot certonly --standalone -d {{ item.from }} -m {{ vault_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" + shell: certbot certonly --standalone -d {{ item.from }} -m {{ certificate_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" args: creates: "/etc/letsencrypt/live/{{ item.from }}/cert.pem" loop: "{{ reverse_proxy_sites }}" diff --git a/roles/reverse_proxy_stream/meta/main.yml b/roles/reverse_proxy_stream/meta/main.yml deleted file mode 100644 index ff0926f..0000000 --- a/roles/reverse_proxy_stream/meta/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -dependencies: - - role: install_nginx diff --git a/roles/reverse_proxy_stream/tasks/main.yml b/roles/reverse_proxy_stream/tasks/main.yml deleted file mode 100644 index 549aa0c..0000000 --- a/roles/reverse_proxy_stream/tasks/main.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- - -- name: Ensure the stream proxy conf available directory exists - file: - path: /etc/nginx/stream-available - state: directory - -- name: Ensure the stream proxy conf enabled directory exists - file: - path: /etc/nginx/stream-enabled - state: directory - -- name: Include the stream proxy configuration files - blockinfile: - path: /etc/nginx/nginx.conf - block: | - stream { - include /etc/nginx/stream-enabled/*; - } - -- name: Copy reverse proxy stream - template: - src: "nginx/stream-available/reverse_proxy" - dest: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}" - loop: "{{ reverse_proxy_stream }}" - -- name: Activate stream - file: - src: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}" - dest: "/etc/nginx/stream-enabled/stream_{{ item.type }}_{{ item.from_port }}" - state: link - force: yes - loop: "{{ reverse_proxy_stream }}" - notify: Reload nginx diff --git a/roles/reverse_proxy_stream/templates/nginx/stream-available/reverse_proxy b/roles/reverse_proxy_stream/templates/nginx/stream-available/reverse_proxy deleted file mode 100644 index fd86921..0000000 --- a/roles/reverse_proxy_stream/templates/nginx/stream-available/reverse_proxy +++ /dev/null @@ -1,12 +0,0 @@ -{{ ansible_managed | comment }} - -server { - {% if item.type == "udp" %} - listen {{ item.from_port }} udp; - {% else %} - listen {{ item.from_port }}; - {% endif %} - - proxy_pass {{ item.to }}; -} - diff --git a/roles/rp_synapse/tasks/main.yml b/roles/rp_synapse/tasks/main.yml index 1837c75..c6d66f8 100644 --- a/roles/rp_synapse/tasks/main.yml +++ b/roles/rp_synapse/tasks/main.yml @@ -10,9 +10,6 @@ - certbot - python3-certbot-nginx state: latest - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Ensure the cert directory exists file: @@ -20,7 +17,7 @@ state: directory - name: Generate Certificate for Domains - shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ vault_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" + shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ certificate_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" args: creates: "/etc/letsencrypt/live/{{ matrix_server_name }}/cert.pem" diff --git a/roles/rp_synapse/templates/reverse_proxy b/roles/rp_synapse/templates/reverse_proxy index 8ba5916..7b24f66 100644 --- a/roles/rp_synapse/templates/reverse_proxy +++ b/roles/rp_synapse/templates/reverse_proxy @@ -4,6 +4,9 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; + listen 8448 ssl http2; + listen [::]:8448 ssl http2; + server_name {{ matrix_server_name }}; ssl_certificate /etc/nginx/certs/{{ matrix_server_name }}.crt; diff --git a/roles/share_file_web/tasks/main.yml b/roles/share_file_web/tasks/main.yml index 3692806..33cf759 100644 --- a/roles/share_file_web/tasks/main.yml +++ b/roles/share_file_web/tasks/main.yml @@ -6,9 +6,6 @@ - certbot - python3-certbot-nginx state: latest - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Ensure the cert directory exists file: @@ -46,7 +43,7 @@ loop: "{{ sharing_sites }}" - name: Generate Certificate for Domains - shell: certbot certonly --standalone -d {{ item.from }} -m {{ vault_email }} --noninteractive --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" + shell: certbot certonly --standalone -d {{ item.from }} -m {{ certificate_email }} --noninteractive --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" args: creates: "/etc/letsencrypt/live/{{ item.from }}/cert.pem" loop: "{{ sharing_sites }}" diff --git a/roles/synapse/tasks/main.yml b/roles/synapse/tasks/main.yml index ce0538e..21ddc44 100644 --- a/roles/synapse/tasks/main.yml +++ b/roles/synapse/tasks/main.yml @@ -23,9 +23,6 @@ - debconf-utils state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Install the pgp key for the synapse repo copy: @@ -51,9 +48,6 @@ - matrix-synapse-py3 state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Configure synapse template: @@ -68,9 +62,6 @@ name: nginx state: latest update_cache: true - register: apt_result - retries: 3 - until: apt_result is succeeded - name: Generate self signed cert include_role: