Pains-Perdus/ansible
3
1
Fork 0
Code Issues Pull requests 1 Releases Wiki Activity

Big Cleanup #1

Open
g33kex wants to merge 19 commits from big_cleanup into master
pull from: big_cleanup
merge into: Pains-Perdus:master
Conversation 0 Commits 19 Files changed 115 +1155 -1360
115 changed files with 1155 additions and 1360 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -43,3 +43,8 @@ The user managment role allows to manage user.
Especially, it generate the described users on each hosts. Especially, it generate the described users on each hosts.
The password are stored in the variables in there hash form. The script `hash_passwd.py` can give you the hash of a password. The password are stored in the variables in there hash form. The script `hash_passwd.py` can give you the hash of a password.
## Passwords
`keyring set ansible-painsperdus vault-default the_vault_password`
`keyring set ansible-painsperdus become your_password`

9
TODO.md
View file

@ -2,6 +2,11 @@
Stuff that I should do but will probably never do. Stuff that I should do but will probably never do.
## Base
- Add sudo configuration role
- Add hostname/hosts configuration role that works on Ubuntu and Debian
## Polish the user role ## Polish the user role
The role is fine, but could use some default filter, like for the shell value. The role is fine, but could use some default filter, like for the shell value.
@ -37,4 +42,8 @@ setup:
- disable cloud init - disable cloud init
- remove cloud init account and change the connenction variable for the vm - remove cloud init account and change the connenction variable for the vm
## Matrix
- Potgres role should be redone, it is currently called too many times that could be globalized I think. Also the setting of timezone and locale is not idempotent
good luck good luck

9
ansible.cfg
View file

@ -1,7 +1,6 @@
# Ansible configuration # Ansible configuration
[defaults] [defaults]
# Do not create .retry files # Do not create .retry files
retry_files_enabled = False retry_files_enabled = False
@ -23,18 +22,14 @@ forks = 15
# Some SSH connection will take time # Some SSH connection will take time
timeout = 60 timeout = 60
vault_identity_list = main_vault@.main_vault_password , user_vault@.user_vault_password, vpn_vault@.vpn_vault_password vault_password_file: vault-client.sh
vault_identity = default
[privilege_escalation] [privilege_escalation]
# Use sudo to get priviledge access # Use sudo to get priviledge access
become = True become = True
# Ask for password
become_ask_pass = True
[diff] [diff]
# TO know what changed # TO know what changed
always = yes always = yes

8
books/all.yml Executable file
View file

@ -0,0 +1,8 @@
#!/usr/bin/env ansible-playbook
---
- import_playbook: base.yml
- import_playbook: apt_proxy.yml
- import_playbook: web_services.yml
- import_playbook: matrix.yml
- import_playbook: monitoring.yml

8
books/apt_proxy.yml
View file

@ -1,5 +1,11 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- hosts: apt_proxies - hosts: apt_cacher_ng
roles: roles:
- apt_cacher_ng - apt_cacher_ng
- import_playbook: vpn.yml
- hosts: vpn
roles:
- client_apt_proxy

19
books/base.yml
View file

@ -1,18 +1,11 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- hosts: vpn, !tests, - hosts: server
roles:
- vpn
- client_apt_proxy
- hosts: all, !tests,
roles: roles:
- networking - networking
- base_config - users
- prometheus-node-exporter - ssh
- base
- hosts: all, !tests, !no_user, - hosts: vm
roles: roles:
- create_users - guest_agent
- ssh_totp

8
books/dns.yml
View file

@ -1,8 +0,0 @@
#!/usr/bin/env ansible-playbook
---
# Reverse proxy
- hosts: proxy
roles:
- configure_resolved
- reverse_proxy_stream

8
books/gitea.yml
View file

@ -1,8 +0,0 @@
#!/usr/bin/env ansible-playbook
---
- hosts: gitea_host
roles:
- install_docker
- generate_self_signed_certificate
- install_gitea

8
books/keycloak.yml
View file

@ -1,8 +0,0 @@
#!/usr/bin/env ansible-playbook
---
- hosts: keycloak_host
roles:
- install_docker
- generate_self_signed_certificate
- install_keycloak

2
books/matrix.yml
View file

@ -1,6 +1,6 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- hosts: matrix - hosts: synapse
roles: roles:
- synapse - synapse
- matrix-bridge-discord - matrix-bridge-discord

4
books/monitoring.yml
View file

@ -1,12 +1,12 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- hosts: prometheus_servers - hosts: prometheus
roles: roles:
- prometheus - prometheus
- prometheus-alert-manager - prometheus-alert-manager
- grafana - grafana
- prometheus-blackbox-exporter - prometheus-blackbox-exporter
- hosts: all, !tests, - hosts: monitoring
roles: roles:
- prometheus-node-exporter - prometheus-node-exporter

22
books/update.yaml Executable file
View file

@ -0,0 +1,22 @@
#!/usr/bin/env ansible-playbook
---
- name: Update
hosts: all
gather_facts: true
tasks:
- name: Update all packages with apt
apt:
name: "*"
state: latest
register: apt
when: ansible_os_family == "Debian"
- debug: msg={{ apt.stdout.split('\n')[:-1] }}
when: ansible_os_family == "Debian"
- name: Update all packages with pacamn
pacman:
update_cache: yes
upgrade: yes
register: pacman
when: ansible_os_family == "Archlinux"
- debug: msg={{ pacman.msg }}
when: ansible_os_family == "Archlinux"

7
books/users.yml
View file

@ -1,7 +0,0 @@
#!/usr/bin/env ansible-playbook
---
- hosts: all, !tests, !no_user
roles:
- create_users
- base_totp

3
books/vpn.yml
View file

@ -1,6 +1,5 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- hosts: vpn, !tests - hosts: vpn
roles: roles:
- vpn - vpn
- networking

5
group_vars/all/ansible.yml Normal file
View file

@ -0,0 +1,5 @@
# Use python 3
ansible_python_interpreter: /usr/bin/python3
# Set your become password with `keyring set ansible-painsperdus become`
ansible_become_password: "{{lookup('community.general.keyring','ansible-painsperdus become')}}"

3
group_vars/all/ca.yml
View file

@ -1,6 +1,5 @@
--- ---
ca_passphrase: "{{ vault_ca_passphrase }}"
ca_key: "{{ vault_ca_key }}"
ca_cert: | ca_cert: |
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIFhzCCA2+gAwIBAgIUP+ptXLNUBVsZm5oYpynQd5mhB60wDQYJKoZIhvcNAQEL MIIFhzCCA2+gAwIBAgIUP+ptXLNUBVsZm5oYpynQd5mhB60wDQYJKoZIhvcNAQEL

3
group_vars/all/generate_self_signed_certificate.yml
View file

@ -1,3 +0,0 @@
---
country_name: FR
organization_name: Pains-Perdus

3
group_vars/all/install_gitea
View file

@ -1,3 +0,0 @@
---
gitea_ssh_port: 2222
gitea_https_port: 8443

2
group_vars/all/install_keycloak
View file

@ -1,2 +0,0 @@
---
keycloak_https_port: 7443

13
group_vars/all/main.yml Normal file
View file

@ -0,0 +1,13 @@
---
# Default prometheus serveur, to overide in host_vars or something
appointed_prometheus_server: hindley
## DNS Servers
dns_server: 1.1.1.1
dns_server_fallback: 1.0.0.1
## Self Signed certificates
country_name: FR
organization_name: Pains-Perdus

65
group_vars/all/matrix.yml
View file

@ -1,65 +0,0 @@
---
matrix_server_name: pains-perdus.fr
matrix_local_server_name: synapse.pp.intra
matrix_enable_registration: False
synapse_postgre_user_pwd: "{{ vault_synapse_postgre_user_pwd }}"
matrix_max_upload_size: 50M
matrix_registration_shared_secret: "{{ vault_matrix_registration_shared_secret }}"
matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}"
matrix_form_secret: "{{ vault_matrix_form_secret }}"
matrix_apps_services:
- discord
- facebook
- signal
- instagram
- telegram
# bridge discord
matrix_bridge_discord_postgre_user_pwd: "{{ vault_matrix_bridge_discord_postgre_user_pwd }}"
matrix_bridge_discord_client_ID: "{{ vault_matrix_bridge_discord_client_ID }}"
matrix_bridge_discord_botToken: "{{ vault_matrix_bridge_discord_botToken }}"
# bridge facebook
matrix_bridge_facebook_postgre_user_pwd: "{{ vault_matrix_bridge_facebook_postgre_user_pwd }}"
# Those values are generated by the bridge the first time the bridge is launched.
# we copied the values generated from our test config
matrix_bridge_facebook_integration_manager_shared_secret: "{{ vault_matrix_bridge_facebook_integration_manager_shared_secret }}"
# matrix_bridge_facebook_as_token: "{{ vault_matrix_bridge_facebook_as_token }}"
# matrix_bridge_facebook_hs_token: "{{ vault_matrix_bridge_facebook_hs_token }}"
matrix_bridge_facebook_admins:
- g33kex
- histausse
matrix_bridge_facebook_allowed_external_user:
- '@dorianx:matrix.rezel.net'
# bridge signal
matrix_bridge_signal_postgre_user_pwd: "{{ vault_matrix_bridge_signal_postgre_user_pwd }}"
matrix_bridge_signal_admins:
- g33kex
- histausse
matrix_bridge_signal_allowed_external_user:
- '@dorianx:matrix.rezel.net'
# bridge instagram
matrix_bridge_instagram_postgre_user_pwd: "{{ vault_matrix_bridge_instagram_postgre_user_pwd }}"
matrix_bridge_instagram_admins:
- g33kex
- histausse
matrix_bridge_instagram_allowed_external_user:
- '@dorianx:matrix.rezel.net'
# bridge telegram
matrix_bridge_telegram_postgre_user_pwd: "{{ vault_matrix_bridge_telegram_postgre_user_pwd }}"
matrix_bridge_telegram_admins:
- g33kex
- histausse
matrix_bridge_telegram_allowed_external_user:
- '@dorianx:matrix.rezel.net'
matrix_bridge_telegram_api_id: "{{ vault_matrix_bridge_telegram_api_id }}"
matrix_bridge_telegram_api_hash: "{{ vault_matrix_bridge_telegram_api_hash }}"
matrix_bridge_telegram_bot_token: "{{ vault_matrix_bridge_telegram_bot_token }}"
# Not configured for now
matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push

5
group_vars/all/networking.yml
View file

@ -28,6 +28,11 @@ intranet:
ipv4: 172.20.1.5 ipv4: 172.20.1.5
netmaskv4: 32 netmaskv4: 32
comment: Matrix server comment: Matrix server
technetium:
domaine: technetium
ipv4: 172.20.1.99
netmaskv4: 32
comment: Test VM
guest_hellman: guest_hellman:
domaine: hllm domaine: hllm
ipv4: 172.20.198.0 ipv4: 172.20.198.0

4
group_vars/all/reverse_proxy_stream.yml
View file

@ -1,4 +0,0 @@
---
reverse_proxy_stream:
- {from_port: 2222, type: "tcp", to: "azerty.fil.sand.auro.re:2222"}

4
group_vars/all/totp.yml
View file

@ -1,4 +0,0 @@
---
totp_periode: 60
totp_digits: 6
totp_machine: "pains-perdus"

162
group_vars/all/user_vault
View file

@ -1,162 +0,0 @@
$ANSIBLE_VAULT;1.2;AES256;user_vault
66646139353961656263643538333430306336343661306434346136646234336534393663333732
6265656462333262363466366232313434643739616235660a323232393330383037636664303162
66343861653038663534313139653266376563613030633934323335383431623538643135643637
6634656439313233390a316435623232376135323666656332323038646565353733393039373533
64663035613930303631313536636130333363633362383934623863333631633538393231633531
30646430346634346433323339343461323430643938613634613164393461613863356633346638
33396463303162333338623731646431663839623034613664616166383237323435623631393737
32316336393330633330616530306538353136623737346530343838313634386535376633393134
36306438393531613464326561356633373139663863666564323433353161656266616638626436
66316363663631646562333566356638343830626437643666306335393364353165313939323363
39323362333364323531353330343164643938346636333865626630363431663130373161353263
34366131333362396634326336396635343961393239333665626632343533363263653535306438
66343430343734653261386230653738373436313432393839313765333062363165373762303536
34303939663837333531626437653263383662326238306162356361333362353863313466343031
65646537323762373234633134323737333137316161343539663065386538653762616236396133
33313637316331326432363132643462666438663037613537363263306564316530396433383662
34356464353562336331623934316138376662396466626430383162656430653935626537303138
61663033353961303061646364363865653135346362373433666531363432366566396638376139
32656265636163326632356133653639623633663934353636396365356662666563623735353830
33386166326564656135386161653032646635663832383662323162343039323665326165613263
38613732373962363264373237643239383961383639393832616631613535316332306330353637
39613638656434393039613362383738383039343030393761666534393633666630656632613739
65376461323363643462613064336566353463363031303436616335633632623838306565313464
61323431363635356431333336323434353334666539323233666132333931633636633632626461
39366335613739393634636637663535643663353035663731613939323864613965663632616136
61613133316636336336623563373564333533343062333262336539363962623739373233633462
66643664616438383030303764313038613133353535636130643531623564373639396563333934
32353663343533616262323165373564303239356635633136306133326666313037363062633132
62363364623465353435386461623062373836353531616361346533626266623961393166323639
35613261666533363436386438656232653732396631626638356532306163656661633738326361
38353961323135383439326331663139613730303362326233363436353532373865656633633462
32326339323865666531393565333633386234663463663133386463323730323230646533393535
35356336326235333536663165393938353730653862356161356137666532653231396265663336
63633330336264383765356661303431353239346433326138383565396663643638666330633161
65323338646436323237613235343936636333653332666435373461346632643462383961356233
62373066616239303437383637323838613666353465383035303230386565366138663933653838
33626665663562353137316561303863333862376537303831316665653164656336323461666436
33323165393762616664356561633138383836316433623635383664353564353664383566313561
38623631356432316431343934306334633532383034383432323562313033356238323736316239
31653261333035663631666362366231303237656630656435373636383164306266646164363265
30653064306132393330376561616431343765656637356336306565306135336664373837353566
65323636646235386661616132316461376531653738343632393638663938626564333235643238
61653164616331653933336138393763613837353030653239626532633562396530373736316462
63643930313264393363613564316637306562643336373536353036306233343266653066343832
35306231383866613439636333623039376465386463653266663365646332336335326564323939
65386630336131343964653037646365616631663466323036623661363836363135363636623361
65613831653164393732623031613234323437383136636466353362313966656661623861373532
64653063373933373730386363353939373062386637303936646566646137353238633765326132
62393239386264346133623039616630636139646261366132623765613439303836336266323930
64623861386131613239323261306636373065343233353566353565643532643031346332336331
35663564353433383966633961383061613739373039643265653661666139363735313131363637
62383539643433633164313563366161393133333433656131656331383861393566366631656136
32653131363836366330313239383635336662633838363734366234343533353035356334303662
66613833653930653836663137333064656564376464633435636431326336316339336533613866
31373962333134653863316339623838333439386433663937306539343635363134633062306237
64663834613937663733666662343933633839343532376662366561326535316530363466663432
33626332303032386232363165653439666233616362306665656133656561306564363561633138
34393237316239643462613931633530643062373130386162333537663136666131623263363534
34333164376238353534623038333532343266636535366532633837633161393363393734613765
37333438613332653466653231303361623439376465343231383135316230323337616330613262
31613235356137313233616637333733633437376262383862323566343865313138633538333136
35356261336263323330653664306635656332646365646630373437386536363538376636323533
63383531336261626463613265386337346639616130613333363061643065313766326262313635
30396438653535653739316264346531646438323862346438633339613563383930306230663932
39653564336531376234373364306462396433633738313565363335303435353736616264313131
38363738303431653963363765666238613435386261613037353465303337613933353430353131
38653366643866303863616366383339653631666466646332323463616663376139636632393434
35376537646236623339346366613066383061353535303036383732616337643331616263373131
32633336303963653562386664313532373666346132663334313065336564346362373433326532
65396532356238326237353034333264393233343138363739383830653230643665646362663630
39333537353832616331363534326164323133373761306630623130383465663636636464313539
61646363626434393530333465316333623139626433326337383766343730323963353731333930
35646535376531656262326536306536633137636138663732366330656565633565313533306465
34383464326330353133303731303534663834393837323965393363303635343236313666656264
33633735653135643062313664663432363231653230636339386438386339623363323336393566
62353037346564633535376638363037363861366263323766333961303534393539356530633562
61616664633236613865626663636632323066643534393630393033626635663336366632393134
32326565303031333566346461633136326566306461323436393539353533313033333061383032
34326337616338626630316661663237333831616363346130653663663861353562366164643730
34656638303531353861386437646662346132346662336164616232623839303934383166623532
63343538656130306636313337646238663663636432376237353738303864303835646433353137
61653931383837353934663536663266636636373936376230353836636134653531353031363938
65333361303361363334393733666466643063653266363262306233633834353331666565353266
38666431643139316139623263663864386534376566393437373965346530343433366535323732
65626336396362393331623564656436383135636539333934633233666330643465633531316166
62306637323739346639306630623132346665373630343566656437303630626664333465383766
62303365653332653162336230336634333232663732653237386533646531643839643465366637
65303964626463363130383164633938636538316461366335356664613138336463653539393465
35353637616462613833636137333139356538386162616538613562333337383233313038313035
31303065663630353865303338643533393839373665373231383666646634353035316261613662
34663661323235383331643634636534363238353934303837666531376630643830323863343932
32333934376332646537373064346666343535303038383234356165303635633732373939656438
30326463396631376538346366373135373164666631323036623066613664376334353331386463
32346132643361646136376362356266316231336162333834646232353935656363373766323338
63616337343631383963343165303938333665333731373163383264656537356130343536626661
63663236643539313436636531623232643163643036363438616230306264373166336630363833
39396530643765336436386639323533643638336566636135613438643936623531613436653733
62326536663538376266393233373135333231613161613335323562613734653639633137383364
39313263303036396635663431356363663964393231333663396433653263333337653763613738
66653636653436326636353361623637346562303465303034356561663964666139623630366261
34656338363863393861323735613739366339363063633762363235626264666561373334376135
33396663306131313530663763393137313264383335373830333939636238393163303065323731
33636630363033646530383438343465623462346666333131626434616138363435623732663030
65616632393866633466363837383238386264363536633439366661313265316333666435333536
33376661663733343136353061623065393061306435396338623961623466376532613163353739
64343033626666646130663861383236613961663335623134313063376436383666636338633332
65643365656161373631633232353930343533653134346566643066376265626661366234303439
33386539386536663932636238626234646266643432626162633534376161633262366631356662
63643066383631326632643732616432343733306134616432636561393333326431626230643935
32663232373331643335356562336563653837656164653531323561623432303334333330656263
35303237663131616133643235646634373931313831313965346661356334396266356437613362
63393136353762636666343538663134336138353661663161663936366531316662373666363035
65363333393464303933646230396230363238313264373665623465393434346638663837366364
65633536633464306138663033323132653436663461646432636161353038663836393735316663
32316130383234633664663163663965313436656461353835633439303239663038646464653662
63636261653263373337356433353935323563616438363964653036633139393836366537343562
35323935396461303136623961633730623361663631393036633635663564306139353139646230
32333731643838613465343064633638663738333666653637393331373033383834346134396261
62393564633630353065646563336439623735636461313231343864326132323935633235643637
33353935383665613162663364356232356661393565386231396534633865303938663239353137
36323364346438386231643664306637333039353330616232356536323361356332643564323065
64373137316131643631333331353062643930323265663935656532613430333537663038666337
30656636666233386564663362386366353634613261393261303738643762656266653463633534
35643537376639633563363266663534633662363432373032613738613130313065643134613635
33336236346231346534363064356461653330383763626133386663616661306330393438333139
63326264623864623463333937303338383061393835386132383336666234396437313165373634
37346363616237666337613335313432386563323434333031626261373031343662376430336638
30316466633362623663353037353863633037383631653233616334383562333236386633326464
37336134663563656233623639643665343633323965613136613536633161353835363636663863
34376234633364323534616465633762643033396433326436316435663533653639303536303931
33643261623935363032346233393462653136346461383334336462613735633836663732323735
61353538623534313564643037333162396562373836383763373861343361373164646564343537
34326230393730333766356663343831616663666564613237636661353237313162623237313565
38343239336561343435326535363363313739353165663835363865333164623332346234346430
36336333626434343964383635363864386535343230313036663331666538363433363639346634
65356534343432643064356332343337633034323735623531303638366461383137383038663833
35373262356462666136313564643932663534396366386161326662316166626336353334313333
64326238383962386534396466636235616464633166636134313162646663356438393331633066
37333532373137646139653535623938386364613331346437626537646637366565653038633563
63643431653538396363333566343339326632626566383035356631323931643135303830316162
35336563396534633136343166623638643661623662366466613432616332313133663366323735
63663533383735623262643963353530643330353130356131623733373937623662336536613565
62306535353738613139326337326130333234373036646663633932366532336463616162343936
33373764336530383439333133646339646330376265396639393063623761386464303532376338
30306630626262333839613533663766613730653764373939306437613032323536623531353363
32316464636231386634356534616162373064653066326637636533393230643263633635303263
31663939393236306362616534646136643038666436306137313139366162303163333366323231
33313763623839306162373134623361626263363365633834636331313030313635353932313165
61666364646435643233303862613238373333303130333465643561656634663531303231323936
37626565366334386536343637366162666464613639356139353761656563313532343764653064
31396139373337353363643436666634623037613136333637313931323539383833316338623164
63633562313536396462613437373031396137396532616466343034333839316461663632366365
39396663366536373833363533353039623833613436393065366163383566303537316334343064
31356334343034356431303533633236646334376136666665326365373239376233636436666337
35333731366133616365303365396338653031343432373966356633313136303063653033643462
36653566363630646564303531336330343566383861313431633933386265343661393965653439
65636262393335373038643432633236646134356135323835616336323737373738353636323036
35396363613565633431333434376530666662316434313938653338316163303033623931373932
38363538303561646161636662633136313536633634366133316166366631663732633162663130
33313038383230313464656131623039396230613661626534303563353033623365663765363936
38396234356563373465366134646165633464323166333832393465393433363361

10
group_vars/all/user_vault.example
View file

@ -1,10 +0,0 @@
---
uservault_users:
- {
name: lorem,
groups: sudo,
shell: "/bin/bash",
password_hash: "$6$lvbzekjvbzejbvzvzvbzvbzhvbzbv....aezrfv/", # the string betwenn the first and second `:` in /etc/shadow
ssh_key: "ssh-rsa azrekgnbmoienbzrinoien...aoeuzn user@host",
totp: "daeae8ce486f6636d68c37c21ce002" # the hex value
}

8
group_vars/all/users.example Normal file
View file

@ -0,0 +1,8 @@
---
user_dict:
lorem:
shell: "/bin/bash",
password_hash: "$6$lvbzekjvbzejbvzvzvbzvbzhvbzbv....aezrfv/", # the string betwenn the first and second `:` in /etc/shadow
ssh_keys:
- "ssh-rsa azrekgnbmoienbzrinoien...aoeuzn lorem@host1",
- "ssh-ed25519 azrekgnbmoienbzrinoien...aoeuzn lorem@host2",

142
group_vars/all/users.yml Normal file
View file

@ -0,0 +1,142 @@
$ANSIBLE_VAULT;1.1;AES256
61636436366131323962383930303537366139383363383134643432386435616663653239623962
3061313236386134333165353762313361643834336637660a313035623736366236383663353363
61366139636330323332373331656433393066636135353038333134613530323634356230353130
6234646531646636380a346132343965663164646465636666353236666232633339373766393664
31393538653262386234636435316632656661613236333139326137346631346436346163346139
33633339393237663234646133386564353234383636376231366637663435656239633561303861
33343131383935643531313437663833333261373538626236393536303263376136353735633332
30663065663337646336623262366233306531343038613863366136323237626533616338633161
61323662333439343164666161363366303865353637383765336463356364663232343732663862
37386633326336343263313531376663393038626562393133653630316137376363666530623734
37616334396630303135346536363437636262343936393034303864653036623865653362646430
65333733653231646337323836626331626130386663393738346333396261313133346636353766
33343962616634323564623863613966366534376539363065656330653132663563663032316131
64633162623262333035653436313265396337643662636465306361643635333834383032376637
61393663363631633861363661376362333061626666396461653566316363613163646132366237
65393661653532613731383537656530323461366666373962616666343666343437393039623464
31666261323635346234326366633834333731316363303230616438383165616335326132333563
61316364633237613832346165636664656462626538656462323332373633616132663361343232
64376132373661306362613362363430316463636436393433303962393436646531356361353531
35396162633039396362313065643431383538663330366535633036663136376566626464653835
65316439636664333537663330623733616234643434396134323765373338653264333865393139
37323561633030366134316633343036396437376265616261643239316461383638636265623230
63396563653862343465613465623866666465346530303334353561343135366564393533303566
38306532663536626532313539663737373838636432343961356134323431333330626566306563
39346339363136343135356562306431326233643565353862343066376661313066636139323530
63623131623238656132653966373863373466656565346461373233336135653337343863666335
61613139303933313531346565393631373638616336313331633566663335326562366431386263
38396530326165356366613564656432356365323566623865313763356539613134306239343035
31356664396136373561316634616433643237303463626662646538313164333330393639313531
62613434363137393430313934303266656265393636313165313637623430373339383265656665
65656265396130373931346634613635636661333331323661346462336134383765643038383938
66316566323366353363653230656431393239343237373663373632333338373939356137633361
37613132376463366536623238396639666132333234363937616638343364303436373238666333
33313839326339366131333835643464363461316262363234386564643238666464356561303362
66343936353336313666633537666532323462666533386632633665303932366366323633623763
36636637343562333161386330366337303863393333663261626138333631356366313464326163
30653265326163623435333561626534303166646531636235666266643330636133303063333834
30353134336531646639363438393566383465376136653561646165333633373765613065663565
66616432353162323163623231613064346233373330643832393062346261386232333436396365
35353562323639333236623037613534616338323130623332306234613465363532613564323162
63316466323463636134326664393838356230313566383031353033343665303463393938356266
30626639303166316636633465346338396632353932346533306332653636663464353865303463
33313636623137353562663533343231376338303335313330653164613661666161376537643565
65636532623033643065363665633538636138306439643139636538316262643132666366643034
30623639333162363138636534643430396662616265303362653833383865343262383563623233
62393261616563666635646564353534663132316230343163636665633730383039313633656663
39376466316336623161316330343036333631343539353832333037346636653831633464333564
64363564633565663932346665643535636438613732303163616663393835353166323763633030
30646465393366343932326332386335393033616262643136383537613536326430646135383936
34336164336231623930616236623839393434613034333432383565393266363439363537666236
30386363346465366465373562303165383937336436393533323765383862386265393361323034
64633361643365316434393665316134643163623465633963353035326363393133323565393463
32373965656366353139393165643232343263623537613937393339353463386330663931323930
65333238313364313132333930663466306335653933356335376131636639323038383131333965
39336165626463323366316334626364376162623866666437653635306466393165336234316432
34366138343239353336633135633665396666656236636639363861656532646364323132646231
30646461333331623939653339646665653364373734373532343738383766643062613366623830
39616462643637343735623433383139333437326337313161626131326634303966643237636463
62306365346263383035353164323464363365653464383762306532356363663262643634633239
63333034373964383963663837386136623164313561643836313731353932666631303331663132
31383134646432626230373564383531366139313462333432363836616138316365656465613137
35323364356237393661626437353432646665396330303966363137373066353137616265636537
37383537396564396639373361336336646334313731633733313639393431393065343130663237
62333264313435393736623062303330366636356635343830633238393732343564306430353864
63376465633338613036353734613361383239393538323261323166393230366535396666616631
30633039346636383135396131393337366333313132366532333033393538376433656134393537
36666564666239663137333263666362396362643165666466623639613331626439663230653537
63343838663338353461613738656361636362336638313761386166653036373937333366643536
62343833326264323033643832636630636337666234343064663234373030343938386232613665
63323834366334633232623333646561323564626232343231366261333962313037306561306430
31623235343635313039646338323661376464363335656633313330303935353330396134366263
37636537343739353535336233346536353830383532356162633330623138383233643339336135
36666236643535333739623035313830343563623039376561323735633161343132373263383862
35623238326238623464623839336632396563643938643465336136316434323738616565383335
36353362633230663236623730623738326264626161336637666662386165383631353530333937
39353761373239636665656537646332376464623632323563613130383464643932376162343061
32633730393834316566366262623832343237306161653032313665653164346438666139383838
62336662613732356239373833336131656165343435613431326536333832623033386663323163
65306464333631323063616264656336323065373539346231316438373838626330356331366365
62373437623761396334383662373434613364363530393862373238626436346434666532643563
37393365346533643837383334643964346537353263633136323639353131323837336163343365
66306631366162373238326237666438346162323565313633663534383236353037353939393230
30633030613234326138343862386333653632326538396165663137373464326366383839323262
39663636633831653066336436386336663366343031663038363732653231626666356164346338
61303062316637653462636134393538623561323563663663636666623163393466386538643039
62363437366138356161633531666331663133653261323261613838353835643566353335363165
65643930656136336366616436656633656266303864643434656539363965666334313061643637
33666236313730633239306561333765336563653564663864656265313137656565636434313431
36353139323563636330376338363833613337646331666432646266373736623033303164333462
38333930323461303333353137356330366237633763633663326333336539396261373932336437
38396230326630666535386362383637626263366539326630336433663665363661306263633839
64613561383066356561633064633233376637313131613633613561353330316534636261636136
30653332306535623161393236653662623966393933326337653835633634366364653264356436
33663534623766366461393835343936613034346132373366326661326132396333653863653665
36396638363931623664663334306433353665356239373466383533636363356164333131623432
30326433643033393333323739333866336539643864333065643639623333326238313766653134
61613432613962346135373565346366376666656336316639373931346234623432333665666136
30353533356561373364303265333836313932303966616164616261636561633664303465313236
64616632336234343566306335306532373434643130366436643862343462643332386264333633
30383363666135333566613065306164643536333933666434653030653466623332376565626234
35306537616235666338323532633261643035626166646436656139393462663831373966636130
30633236346131616133633137306430363933383036376136383831313466326631376532623934
65666636326163393738633062366131373434346262616237633438313636663439643466343861
61623335626330343031633737323738383231386432376161663261346162626565363563653238
31393666623762663538653936343464303661396531383539663831623463366664653535323032
31323264373234383539666263373236663132313338343039373264383961343162383837306464
37666436313335376463363530623139653663623430393431646636653731333634306535336534
35666131613266303263663339633432666134653235633664663939356334323139383130383632
30303664386634376437333464393539323063306433356663343539353733373765373436643232
39653737653239303365363739303964363065666664333262666134333134626438306635356537
31393863383339383030653733646363373034666233373736396137353030323834373436343365
64663938646265663431643339356565333265313938323265613963333262303630333332393663
66646632386536393366623139303138616264613261346662393533643264373365333665356431
37333261303838643232663331343266626366366637353831343736306461383037383535383235
35323039306462323461393961393730646137646663346664316662373332613263613561396562
32613665396538646336643439343061333933626239393765326139346135366439346138643130
61393662336366626634666231346332326265346465353462336535666132656131303362303332
62646163326137663139356539323939663165623233323339356438376366303330616333653239
36393130656639366239633134656264646662336437623264653266613561393931303736383266
38386639306631313936346265303237383266616431393838303264393632653138636136363938
35633330383161616466343031643036323862643836346337306265336333666231633235316133
63343032396435386131396561653933373165323231653633356365366636663335383661636432
34326632353030633436353737373637353134646530343833626335346339646432393732623238
63636136373737353963333438326130366239383435643038666331376265366431323662373361
63376637373864646338626661336537663036313362663135393430623831663536653537343430
64633337343561363637386436373536643239323862666431306262626265343335616330613266
31313831386636376561303834366435333834363339623661376664636233666262626631666530
38303961383062613230386136303361396131326237633434393361663061613436346631333064
38633036383330303962313561306233326165373832303436613530383634653737656233383438
37386464396330383935306365343461656530613862316665626632383732363032343436633636
64376131623738306565346537643763316331663038613934313635323937626633363231653832
30303933386632636637666162343039316432656164313839313030316162323666366338613430
37393961393137313630303039323263356536363864373936313538393863326631623234663836
30336239326466623666636235623031393631303838326564353835646666373234383637646364
31633162393534323333373836353461363865353665613737653766343638663161386465376430
33663165613163633535383931636137373034383365333764366138363765663962316461396334
64656238613737633735353364313238303137346664643432323239653830356630623335346639
39393033303038633438666232623764366665366634636433363439633833333133326538353931
37646566353965626137363930666436616239323330626161336635383336643133643838353134
64646563623264343931616239303130313165636266663539363638333438623831383933353264
30306563313762336332643131663463363066376363623538663162656636323831

15
group_vars/all/vars.yml
View file

@ -1,15 +0,0 @@
---
# Use python 3
ansible_python_interpreter: /usr/bin/python3
dns_resolve_server: 1.1.1.1
# Default prometheus serveur, to overide in host_vars or something
appointed_prometheus_server: hindley
grafana_admin_password: "{{ vault_grafana_admin_password }}"
grafana_domain_name: monitoring.deso-palaiseau.fr
kassandra_username: cassandre
kassandra_password: "{{ vault_kassandra_password }}"
alert_rooms:
- "#monitoring:pains-perdus.fr"

305
group_vars/all/vault
View file

@ -1,305 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
66396364626137653230336236313132366334386632383339303335333062323833373534643931
3035323936343830646136386237623565303262616366320a303665383565613936323763383538
32373832626130636665313664356636623339353266656433366563366439363764386136616537
6230376436363463620a663761633130383262353661313461343839656361356238376433396639
36643034376539383136633937613031343862653739396536346130303164346465356530323564
38396130343031343862383237383566333661623466353538343462343565373765316132666430
32393635623834343566303932343734653566326231303531346662303436653437663034333865
65666230623861393161353339336663616131393830333136373366626233363966613064656630
65663362636566323263353838393932343036613337383533393838636338393738303835666538
34373266393237326465613064656231616562626531353937653565346634646162653038356566
37643364336562643439616464636536353335666162623831313035663039386637323639623035
66653538646665306130393934333732346366366439396637313932366463343935303264613033
64633162373062373534643938646633306332303064356662366163366366326561656266636234
36613630346162353061313532386330653939373663616534653263306339633139653935663565
31316237373766653865326632306232346234613237643038613334353737323930636365303562
63333261646638633031313032386239383938386439376333613762346237313463643663336133
36353833333661323632633461333064313263323937613263356264366539313036366637646138
63373761626566613732623365643065626234643032323263623965316464343734386532333165
37626561616334396561333930326461393863346139663738393536626135386463366366396336
36306538373331616562373263653636643938643031386435633234666561353164386463323339
63353761653538663264333762613731336333656139313434613563343061386462643535346533
65366263383735306336386430636338396561346236333837336465323866333933333337626235
39653030326430663332636263333938326536356366643734346362643430336366623164633330
65383838383830306133626461643632656637336264666638383636376565666231373331393834
38663939633137363236303632616638646238313431653262346437313237356263616530656339
34336634386133383434623739326234313339333265636364373963343334363836313934653565
64336132376336323063663765643365336366303732666137376631323231343631656439383666
36383535316232636434653238313738653166633836303461376232333933316332326462656432
39313166396234613162623361343037383131663465383438356438663130306138356266656561
37306232653730653962656336373634643937333633623361343132393964623739623161373233
35373461303833343666623261616534323435663634363639316466613761616533646531616635
37663038396537343361393635343264613635666564343065313930376365393361363934643234
34663830386664613062626465633666616430646566633435303837623536646466616337376162
39376431643738336163653333333638663564356237393630636537306564333531336330333039
61386261316335323866353637626536363939346564373333633561323361396264373034353063
33613835393064393363326263623964353131326566353938623431396566663961633863313465
37373264343331333839356538346436336561656435643434353532626539333538343261616336
66623432653930633334363266316339373830643631316432303633633337666537373039323037
62316333356438346364663734613863316334636365316565336561626563373266386636366164
62346536313965643661356433383538646532633234313137353035633732356366643934663661
63373735323138356565613131373938613338653061383734643633636363353438373533313765
65393665616139343137643565626437373033363737633061386362376332353739313861623339
66333538666563636264303239353535306166656530346363396338373963653536333066383035
39633938353932303164306236626564306235326237646238393461306464386536616463376132
38666237376533353965656131373639353533333532396430616165383037303266653033633432
36666535616633333736653033386263616434343361383066663163363936386435626130303836
66623833323735643435653261323437386338663137653633663261336434636234623232356664
39376338303433303534636632376136656366633165616638623934666362666638653730343564
38303566653464383231633464306139306635386136336634643732623237643961643636333761
66326136633434346262343364633732303831323337663566613833646537346237643761616236
36373966356330333233336330663063663966633337373835656334326330326630353261666437
65316362643165353166656330313839623562633562373161356561663163636437633133323131
30373462336532353063663164303837653332383565663436383436396265373966653036316661
62663534383061656363643439633032383735376237653832616563383865613733356633323633
65326631353265383433346130636364656533333736653834333661623733333966666638326437
37353833663432613133336566663337313833323334393065303633396464613333393663643732
39666235353664323036306531306462653161613937313633623333306663333834303763623362
34613362396331383636626237376433303966626463633364353265356637653533623538653630
35393766306639633431373530363633306635663666373137653932663963363939616134643366
37363436336535663861336463653639653536303634363661666335666633306530633934363466
31386437363765633938633966343535386335323735623739656131623232393238316161353634
38633338643937623663346561383239313933613330626166636334333838333531666233356233
65343439373233353463663462333036376362643066613762303963383065633337326139353638
39373461386664313935393463313231353833663133663930323435353332373562396638343138
33636465626238663534313765363333326561386164346139396432336431376234383238333530
66356535353966633132626161343661643465633730633164666465366332623061386261383164
39313433663237633166343033353063613733383130636237393063623962613938373164653630
66343031613439316434666364366662373838626164653637636232643737376637633863616330
30326233323137323865643262363837353162363634333336353465373264336337383066323939
35336462336462613634363831343266336364646334386239373832653863323832303766643435
34356339653964373532326138303132616530663362303664633861373931373061393566313765
66343937343532386162346431623166366262623163306633393933663266616135663961643436
37653663303337623662393761336632356534663430316264343437653763656635323437646637
38393661306362313064613434396331613366373037613464356565373461393663636138633532
64343561346463316532366361646438323731383963646337623165383663666266316139656166
37336463633834636435343761613837666635653166326163346539626139613562396439306130
33363230626633346138303538373439626161623163626135643665613932666535343532303036
35373431343635393665616366643332643035623133613666396234353338623636663762636336
35346431303536613962323861336539396333346234393763396438383539383036333636353637
39646333383633326238393164333835393237623734383537376230353264346237353866333264
38643231343536356339373531633165393334353365336261656665336230373266633938343134
37646266383438633835323233306363643765653833666363376338356265663831636431646637
39633532353130396635383965643531363564373766323064616165376134613834303666306231
38643366333166633238626335313463623935373233353236393663353561383763636131383862
34623536343664623962326237326532643830636533636361666432333261363530373464356233
64373865653035613363373832653163326165363061623531373337663765653937303036656663
66636463346139663962393431633162303664313031306331323865313739323661303538336238
65313639663663393962396333666438633432323533613064313765353362326532613834373136
65326265646136613030353862326233646331396238343634323534626136376136356561316635
66333662666437613339396563323531396261366138323938303834393865633439313965613463
38343961646664626663346464393061396234356237663339323462623864663864383939353862
34313266373138346235626236303433613062306332343638663538356431663930303863306461
63386262333663393262623364343864376437616237313537343839656632363436613933376438
65346137313732316639353937336162313661386536383339633938613763336532353634373935
64393635366435666639346537386661383362623565623365636136316363336337663738356463
32333466363366336337653739313166396435323434376662356165643662353332306431383839
61613331313164336537313037393166356537656530616336663138316532323164346266353831
65666238306135346235376237376561333063373163633433386461383834633762646431396462
65313637623266646332336332363139376265363037383533613763373734313664343835396335
35323230326463356333653833326561306236336238373539653938653933636239626661376436
35303639643832343364393439386631616632313830363461326665303162383839653762366630
34656330393539636564346461316638396230323566376431636236306632616331323132623962
35666466326136633166323466666361326137306335353565326232373363323965373261636235
32363935323865303630383836303964326138393632333234643261386361393961336161636664
36393163343634633033396561313535663534623936323564373430396238356635356231386365
64313331633231336361613333313532626439393562356430386238396430393861396136633339
34303962343336356331663530613031636361333836646132316131343839623235356561633266
31343733353631653266353631376161613632373063323765663932646633653964366563363531
31313363393136643036366531333138353135666235303335393531353833313231386364393934
63653566616235303835393136646562626562353830653663386564366633343061613034383634
33363238303661313034636562356235393861356563333039313136396232343964613437356232
36346239303732333462613838653232326234353737633236396165616433656531393332663433
62366161373231646235656562323765653662343161383031613461643138303462386236666339
33623037366431353462346534636565393234626434613134343135343466623662386537386535
62306533386532353962626532613839346236303963646265333235336363653037373961663236
34366162353466373265643765356236313732353830303934376538343833343065363562356362
61623364386366396366353037393434626530326231623165376337306261373164343030383533
39353633656332363130326361636233363739333662663362366534396331353330343633313130
61326266343235396461353637333630333133326339303431376234356433623631316132633632
34653365623632613630306134643666373961623137393135393163383666326232633933393630
34666430316266326638613537373337386138383261643564313564666663666664363363323463
38366633346563343964653561316533323965366662663965623661613735366333313133663730
63626432306132356138623762366432613064326138646238643766313737653531653530663337
62393136356331636131303163313236386436663261613935353532666534386265313964656235
62633135643630313032666134393638663136373162646365343163353432333232613733346539
36666664613461343831373733393231303962356461383632303539633862633630636331613236
65376464363235326338366262323535646636316438356161316333663134613865326465626639
34633834376130663235316563333936633036623031326232636436363563633432323930383636
36383538333162623836306339613236623632353063366332636366376231353132663163623737
66373563663166666235313364383761383730346233363466623133386530313265383962333130
61313064316264613466626131616162376563346363323639303630343361613230333434613836
39303065626232393663626562376239356531613931323530323666353734396132613461643133
66356564626666303836326262666466623431373933303435616461653837383765393363623635
63386335313835366139633761613539366539356536663763396530356230353138633833316337
62343434323330393439656236626336323439333063376131643964376631376564306339323066
39666433663438306266393430303538316435336238383934323439323261373936326666623539
39633035313633313563663366666231383865333032333162386365633163366635393766366162
35663334303061303862346337376435616337663130633864383439653764366262323539666433
61306432626635323730373964353338323030656437656364663035336531353537653839623133
66363934333866356635383930383036326638326534333164383034613730383861303439383632
30343434623834366162366564356131356139363432353864646535623537656137383166303262
33313433303561333932333832383465366633336262386163363137353731393135636632323931
37373233663336333332326238323338373639346333663366383966653337623132653537356632
66366462336133613735666631366661643432333037383536303736333432663338623165653834
36383930303664313432363433333130396236343332303561373261353561303331356333393330
38613037383038376335313836363337313633346539626532383132323766613838303237333766
62623235343232663566616233653764323132613634316263373330356635396232656264346333
31333339336630373934353130353464373962656264613938366132646665646531646633646536
37373639393030303161373032373638656566316666393239326338353164626434393235366264
63343864646336376538323235313333363531303563316634373338393137656663323132333533
35343062373534376531383531313835303738376439636630336161303539346363633064383435
38656434666239396539353338396662343035626333633862323739366136393063646431363531
33643566343736616665666361633961336163306632383632616264636165366165396132303237
32643436613034623062616463623038313061356364303235656439323430366430623339386339
66383130323530333963666431306130633565353833336464626331313030616239336138343035
31343833613631666461313631336565376264333336353561386233626234623730323561373134
61616236333962386231343532323464646235633530333062343663373830656130636665623865
36643633323539376165616238646139336365316532643565656266353539366433366330323330
62663735396233386463653437616639313331623736613562343236613564306139336233656263
65646534643762336435323232373062306434393463623662323963333232373631373530353237
35373131356538646462303961663862656533643162383436303361306639643134383436343739
66393238663837353164333662653933353530376433633930663336373634383036393637663934
39336337313264366135386464363061356664303638333866303562316664336636333566623366
32306639303963336233386365373562366466303930303931643266373235343366336163303930
30386337393966633135326164646532376637636265663762326562336565383935613062323462
62353536663936633837316363653366356231323664363439393866393133336261346134333863
64643832306236666636333939326531346163346335356636643566333362643533333034643739
36373736353464653531316262636231343963376633653239633037336133373130643762626461
35346637653434656339323861316233303863393263373638353664326430303731643439613430
65313161336137656536346435356132343835326636616164366266373561323864386366366432
66613039663836626161643336316432343436333130383935306638393564303838373938313930
37393633343562646461653339626135303262626434343132303462353662323066633639346433
64336239663733613234333738633730306337313936343865323030626566323066306266336334
33393332373163353130623132633264656137386163373662613965343162646433653263393566
39356464393962636233306462323730333837656363643164376438363565303138666564656633
33343933313138386539303837306365373639373464306537663439376637303134626262656264
64336663663238376231323030306438616434626466616566303135363333366564346636323562
32343765353931663261633338356161383734303764356465616136643862393266343031353534
37393030656663613764323831353839616466633664623530663962666466383562663464353334
37376435363230366362633939613764383863653438303933633962653937643332633063353937
36613434306634623362643233313164333832663639653066313137336565333138363864306363
31643366393733316236353263316537396336656139643435373365313965383235376166353862
62363438613163626564383966343331316338343835656236303565303631313733353265396537
38316463633931633431653837633134383563366133373362326664323731326363326137326232
30373536386435353236313330373537303239313538303361396330663837383166393536383966
34313466623333623466326365643664383737363363623731316565353366373864636135656333
64633132613138313564336337383338656639666330313939376234343839386438636433373832
37653366633238663266383565346564396135356163326566313665343339346333323765336631
35643762313662636662376331336139373866373437623631363636326135346536363765613936
32306166306135313638643633353131643939366465346233636639663961303563643162366133
32316634383963653038613037366266346634323361313337666262343432386239326337326334
65653461626264353564323161656631373865666433353139363639393338376661353064353966
33663064613665326564333737303733633433333735303461613933353435303461333033623433
62356236323735653338333861656435616661386339303439653531643065643030393536663963
64613730343036353636616462633365326661333038383264616336633839346466393665393465
30316465323466633234376466383538613539313239353937353531316462636463316238356634
38346439363033336363396165376162633536363361386564633362623864316339623233313235
36646161323832346332386261623837663135646237343864333564653533623835333834343333
33333739633130386131316537386636363234333466623730303061336136633330646361366632
37386336623862373561386663353063616635326131663535313337623232376164316631346436
65656536313761653739623130313766366662613630396337373034323562343633333234373031
63383861656461336333303436353739646461623333616236333962356564623566363031353334
38636165646632346633353766393230343736313966333564313730353262636135633164393334
32373063393964656365333164623165326532643633313563643337653062363566393636653934
63383533326337393762343462313732323561316532303137336133616634373339633864306334
64333032356531313763313838353730633939393536383165376130663163643339393439616163
35363162313063663765616332613834306134393731633662306130656464336132303130303165
32303261333162303438366436653963326162626334613030653038343834336232333733643461
62326632373832623863333536613339373539396533393639326463633837306439383439643437
61326261373064313733636566316631343132656663376234323339383464363537643266383238
63353366383664653837326637376537616266346161653038306331353938373230386131333032
36653461633134373034656534623262383335626539623939313936396136376565643332353230
62643633323835376563653337306631376664336464646234666336626532356562613864626464
64323135373835613239613830616134303561363630623435346562633466323462643839303536
62303634386563313565663837393761666532303834623063343431343364363338663838313961
39643431366661333465313066643939356336643264613133653738666438653630353239386465
32363739663566616431623665363763613531346134343933333963623033313762346438343937
31306262353364353434663231656538376262393235346432383936663065316165376364326134
61396563636462396438623262343537636131636339636566393138666565356438333562613461
64313139326365393439366138623366646435333132326638656438396161386139393036656439
32646535663564663462343862366666386633623730336333346335666436623866613564636665
64316230343332306266303831373139353934353633323032646135376632303631616533663534
31656539353538653539306331373233333337653864323433393038636232373439326462336337
65356565633835333939373736383134373963396132306638323664363639663262393232383335
30386231353535643139363536653065326663353665353932376533363634373164333061326634
33343330626136363465313132363563326666323335383239376133633161623033386231616332
66636566353337356433333266336565646133346637386366353239623937626431633039663734
31656466383362666333393165306561323164313164363030393639363435656262643461613033
30303466623230643330313164663535663836363536353238663136373133356663323062336438
33393935353161633536356134363064646235323339663730383464636134636433353062353537
30613135626264366566623339613037383636353334363530653732626165323738643461613337
35383138323336616563333965643630353836383032363034623963373733626232353365643536
32303761613033353563333531396630646261343966393662336661313336626662306538636633
30346430653736346636646264633936353562313537323863363462316561333865353563363630
37326336363234313933363333396336626436343936623535316665366437656637386539303862
34336330316430626563623331656464313663633432396263346564376532306364353566363664
61653131643837633639356533376163643465326166636436646165336635323838386265316264
38393433346262626365303261303533653931366531303565623165376661323834333535376364
30633034346635663262653835326131396165306632663161366138376631366364356162626338
65666465336365313535376637313365653632346432393937326334633861313562323564663638
36623462653539356339623666643234363361656639313133313635306362373738636264646531
32313063393731373666373266326661623562633935656233383339383161316564393130643932
39336163306462336638646138626236396237363939323461633330633762616561343432613937
66636663623063333333376666646334306662303561656231333365626164366336653237396236
63323531333139646336393033633731653437313230376465616663623734623339623238313863
35366639613930303166393739393163313635663063326432323434333363613930653937653136
65663766616465383736333164346533643236326561323335653331623931326130616236306462
63336434326464613335356333666237303261326432396361376534326566346435376461613933
39313537323939373264333064356166386339356131396466376437323638313366336336653766
63613365303032373939326463383463303136396239333236303437326331636637356133353135
63666430386631626139626664376264333833386437316563383830666135663431383162383366
33343463633462333263613965383034666336396564376635313666343434346366376434313830
38613638656439343465363261653737333362316433353964653530366562613137303231633464
33656364363032396566353830656634613434636561633063643261396334613935343133653830
37386634653166636561646163623964313465616163343661646464313036356435636338313237
39323266623861366562323238316666613237353236363235333436303333653561316635373233
61323233346330643431333866623861656632376164616533653765393866623432363130653331
36323937393138616162326438323463363438633437303665313630643432353633316337613537
33623130303738623763383936653333386631333135616637393731346665626634633238326537
36336539306166333062313465653630393134363936616237643866313264306531363163616136
30616166643439643034616562646464316662666539653439626461636537333639383636643630
38353266303831396630653261643536376633633430616365303866366132343062306539346530
65353836313464333833623364326661356164313963383462623138306534613934373366646535
38646630363564343865613035383130666663373333643530643237323030643432633139646239
61623136663139343866636663313731633530363033666536666137303861643339306331313233
30633665306333653734383731396663396433353862326162643463326365363565303634396661
36663832626636333936336131383236323538306131613237393835663235313636373330633164
32383331636561386164373964373664643436663830623361393965656265646137666263666632
33653736363232373838653235343665663465333562653861646436633061393430333133613735
33343238373633383966366365383333373263343139646533356439333763663462343263383631
35663666656562383230333065376439643132313734316166313430386661313234396164356338
39653265306637376239343537626237323332313234373862393862653265386266323161316135
64353139613530323264326639333464333366323437633932363334633635343436353462343130
32623337663533666334323965656435636561333865303461326163653061316137306339626136
64363166623962346366353732633865373037636563373338333061303263636363393632633337
61633833646466626663613063663131323139663263356663356538623536313230623361363332
35343630353637376636663762323564323033393834336261333838326332333966383266333363
66626436323566623866333462333832323536363465373265333830353265306263343731343662
37663036356330353537333434313165313662303038326335653761343432383639663365613334
63376239373638343432616665336437373266376463623330393238396138393734633934626661
34333164643330313531346636636432656230633264396130636338613564306337353337653030
39623466373732336435343738383539663833356233666165616638356436373231656661613138
31353062393463383035323962633330393733346237666366363939333437396163353433336638
65393433613337373935353338613630666539303231633139376235376162373932646338333436
65663363613831363538336233616666393836316237653432343137376262636632646234363230
39373133333931393963363339376166623563633733363137363361653463333066666465613432
39316662613734636462393936613338346361323438396634313234393335323462666632653938
65626464393733666431366161653238373266646266376463633366336332303133633738343165
32616239653230646565316463373139373933323365366430663463653631343837376232613666
63336134316536353962396430326166306339656137333765306233336234393233646136633833
31623861303530313739666636373138353339393434396335646535613932343666643261383639
39386135356463663335616466633137623035376639623635613765303732326232303937366262
34326464336666613566333562316164333339303636613265323538373263363866333932656532
33306163343437343861363861666533393462373561303562386135306133363664313638336163
61666239636535326634393437656536333034313139383961353062326138373463323361613533
61376264616361393262306237336363386237383665383839373637346535663639323065636135
33363436383031373232323936653163383535633436623936653766666231343838656533643532
64623961613837363362393563353438656631666336653861666233636437363632376365363630
66636536343365653761353235353435383132366464306432323434386135356631653538306134
65616630323833373732323535633932633563386233353062333739393562353338663663343734
62616333366630303833313131313633346539316163633665633438323237396533636232396661
63333432636166646433366138356263343535613334623538396335303739356135313566353265
34313936393436356334396139643863383561616130376466643533336363323163386437636138
34663961313534646439

5
group_vars/all/vault.example
View file

@ -1,5 +0,0 @@
vault_email: user@example.com
# keycloak
vault_admin_keycloak: admin
vault_mdp_admin_keycloak: my_password

36
group_vars/all/vpn_vault
View file

@ -1,36 +0,0 @@
$ANSIBLE_VAULT;1.2;AES256;vpn_vault
63336164323763623961373136616238363832356135343764343966356631333766396265653566
6139626665393664343961363966363339346636376431340a343730653565383265616365386366
32333533666333373663373037653731666361343737356261636532303562663063343633346537
3337643137653839320a346236613362393636363935373162643237343831333535393461633963
37343039383931613031663733666538383735383064356532373232633661386237366433396236
63666134376463313637643061623934653666353364353235323431633930373663636137313462
30666263386237303563393936373566386563386631656162303634306466656663666330313937
32313431343536666437626130646231333237343734303538363639383933633661323565353661
32343065383433623730346664643361306539623937656331333764346336396231656465373561
33343034303263303833373936383936366131663962613961666161303134316134316635626639
36666334393961306662626162393433643961646339323934653335613933383131633635623763
34656538336434303339613032623432613239303239373937643361306535383137643239646134
33336461613034303362353837313362643934666239363036333432373631336162646330333532
36303332306333623765653838373361353435646366323462383237343134643736376230353434
35333738313030636339363538656130643163353238666638383830316665646438366164636138
30643031336164323862633135313630666561656335626464336162386564306261396532396238
36666139386236663736613936633964363166343765626366323566613733353233313862646165
33373264633763386166373739313136343362383864343866323231373536633130633032616334
30383930333130646636666134363661316236323937373861343333333833616633346161323965
31343966396635626465613630333732353335373264646464373764363433393439656635636430
31303930333731656339633032366166386265653632633638323932626161623966613761636236
61303134663931636139336436313637333739626336643838663861626539323336393239643131
37383665326332393663323166643338353135363831306561623639643663326364343639316665
38343337323633353066653666366238633932393836396338336261663331656565653532613438
36323462326431333235376566343134663734373534663834316133333236636166386439633766
31323931363066343334363764356630383764346332353162316461333762613366663130393831
36633430383131326335333130303832666430366134393462616163326239383538616531373166
37383130616339343832313335636364623434636434393430383566376433363565626336303064
63376234613835666338373662373735386561643431633037336231643033393563316363613131
61656232363035333635636464656465613763613032376666623238613362343032613465313331
62353035313862323631653766393463383565336535616630383839376135393037363038343639
39646531666130626638666535623533373766386531343236313962636539373233363462363032
61373938373139376236633062353063643037333062363464383638333635643331616465643533
34646238663731616635313131313438376536633862346165666631326632623534306666396264
636139633664356536626239303631643864

4
group_vars/all/vpn_vault.example
View file

@ -1,4 +0,0 @@
---
vpn_vault_hindley_key: "AAAAAcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
vpn_vault_azerty_key: "BBBBBcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
vpn_vault_hellman_key: "CCCCCcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="

8
group_vars/all/web_services.yml
View file

@ -1,8 +0,0 @@
---
reverse_proxy_sites:
- {from: hindley.pains-perdus.fr, to: "http://127.0.0.1:5000"}
sharing_sites:
- {from: share.deso-palaiseau.fr, folder: "/home/histausse/www", user: histausse, group: histausse}
- {from: wiki.deso-palaiseau.fr, folder: "/home/histausse/wiki/public", user: histausse, group: histausse}

2
group_vars/all/apt_proxy.yml → group_vars/apt_proxy/main.yml
View file

@ -1,7 +1,7 @@
--- ---
apt_proxy_port: 3142 apt_proxy_port: 3142
apt_proxy_admin_user: admin apt_proxy_admin_user: admin
apt_proxy_admin_mdp: "{{ vault_apt_proxy_admin_mdp }}" apt_proxy_admin_mdp: "{{ apt_proxy_admin_mdp }}"
apt_proxy_allowed_clients: apt_proxy_allowed_clients:
- "{{ intranet['ipv4'] }}/{{ intranet['netmaskv4'] }}" - "{{ intranet['ipv4'] }}/{{ intranet['netmaskv4'] }}"

15
group_vars/apt_proxy/secrets.yml Normal file
View file

@ -0,0 +1,15 @@
$ANSIBLE_VAULT;1.1;AES256
30323236643561306338313061343932636537636639393739633834393033346366316339393865
3661363066636462363234386661333831306534343332340a313261633732313435313634393161
62323666376565386237643066626363366630643936666566393534376432386166356431326437
3438393866366232310a666161646462666539356432633539356336376536616261353962373430
65336564343862343536396362643032313961643561393634643461333236626661623065626436
32303831336430376162353131316164306264613733396130353966346638633465306165626361
65616563633065366562346130303561366166343935396630366364636637376430326431363364
39663565613930333431363838636535313966353362396662653933666138646339343965613035
34343965363761633835323339366339386462656261353463326333326563666664303863383530
66646433636235333264336634303164336263376264666362643835656364636563653234346537
33366232363736636234653733363135323161623564646166316363366137333161663266346534
30353436633933666363393730393763313739636433316233376533653231393435353032306564
32396434336364643431333361653937366361623338666431663436303965643635666335653939
3132663337386166616336653961343335656232616238623631

6
group_vars/matrix/main.yml Normal file
View file

@ -0,0 +1,6 @@
---
matrix_server_name: pains-perdus.fr
matrix_local_server_name: synapse.pp.intra
matrix_max_upload_size: 50M

56
group_vars/monitoring/main.yml Normal file
View file

@ -0,0 +1,56 @@
---
ca_cert: |
-----BEGIN CERTIFICATE-----
MIIFhzCCA2+gAwIBAgIUP+ptXLNUBVsZm5oYpynQd5mhB60wDQYJKoZIhvcNAQEL
BQAwUzELMAkGA1UEBhMCRlIxEzARBgNVBAgMClNvbWUtU3RhdGUxFTATBgNVBAoM
DFBhaW5zLVBlcmR1czEYMBYGA1UEAwwPQ0EgUGFpbnMtUGVyZHVzMB4XDTIxMDky
MTE0NDUxNloXDTMxMDkxOTE0NDUxNlowUzELMAkGA1UEBhMCRlIxEzARBgNVBAgM
ClNvbWUtU3RhdGUxFTATBgNVBAoMDFBhaW5zLVBlcmR1czEYMBYGA1UEAwwPQ0Eg
UGFpbnMtUGVyZHVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4jG+
8N5YN91KghYjYTOBQ+lRYJ45X5S9mfcwwf8OIMGe+NyNkXx2GX4uYpZOitYOApI4
rGnAjhll7tdZevzfdqpUDCYUDT6iR4BzL32k22mIN+iW6zQPaZetOU7VIA9V5TsM
WbDsftqh6fj3N4SwVMpHiuiajMkX8CIELxoXDAJULvwyreWOONlwDMObtVCHBIhM
uf1Jbx2DfRNS/w6lbHPCrZefMCea1FrSaotOANXxNgQfptX3fLZbhH5RiZQLDU8k
ZChAUoW9hE4+uiSOUMd2hl9XgCWHcGEMcKyWG+/lx8UUw3Zl+oOrfb+IWo5IByVZ
8nV5aiTMCuRlcTcMHUuedRaPcWfl5ZaEOVzhYXIYM4Oa8ShqXuWqW0WZ8oIhI2ya
hTE03mIPV1nX3ucE9GsDZpnrj7t+qd8etiZXFGVihKEqVFfhzKRsPh4wgUKH/gwG
AJshPA9NyJ0JpzUaWQ2acUjo3Hg9WPSTaMb46FS7hUdZUcZZiwSq9JjHDNAUKjNY
zudKjTyqJXkqwhNvMfKWFIGYjldvZgQXzuT8XmSHYSKuLfH9Ko28FX0Aujye1TTH
MPljXruyO04Q7NUg/jqtxdsWRpH/qCt12PmRuIiXsNCAeLjSuc75H+AOPbNudJLT
w2AUTkfn3mw/XTwEBfemHAo6GAdtCDKo6GxBqvcCAwEAAaNTMFEwHQYDVR0OBBYE
FIh4sxxlmesmbVKPWKo81BXMFVqVMB8GA1UdIwQYMBaAFIh4sxxlmesmbVKPWKo8
1BXMFVqVMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAKipx6Nu
QwnYmwYPd3kUVBOj9ia0PVeE4LoUSRapzRTF2HilSIo9Sa7qD1HVxbWrghUPLjW/
Ru04k82hxvAm26gc1XeqIBzpgZmxwF0QibCeuj1vDXsndACXVHd6Atvnl0rW4bEI
pVCqerXNu0T4STk2V/xNqndGMRp/vZX67BlyHAHD4el957R9RYlyxW6fADrHDKqk
tC1eTeQtEi5W7v9X3dNGdtFS+exDrYpUTHPDwM81u25oCGUFGsH3RlG7LUEQ5mYW
SsJ3EKpIkMxSZB3/GqttCIHi+yEMtwDDL3dN8UnVaTkRjVNQxraOUwe66QByGqnJ
9YeQNpUfZxWFW/GW2fBAvD/RaLrLZ4ywhUze38ks4jsLnAIduawjQ8GlNg9i2MqD
zvDat41LWSCDjRUOfCp7fc9lMlI5blTafozrAddMV8YUs3bQ6XD0H31pP59jb7nc
5kmwqH6RivbFZZYBquQVujiiI7d+9m+X9OfTZJTCpRPCGYZcLuqH7txyPhixxrZd
a8lWJ+5jHOdncV/ZWSB5JnjKbaMMEPcaTo3puEPt/yl74CR7UOJXr5oM0bVFKjas
90hY5U+jPAcneCk2oc44R4NWuQ7qbsjPRfcxxi27DoLbhlmPp9jQwYQEqmdflcZ0
zCTEq81KO2mAbJgTc/ahhcvAV/huJ5d8c9R1
-----END CERTIFICATE-----
crl_distribution_points:
- full_name: "URI:https://ca.deso-palaiseau.fr/revocations.crl"
reasons:
- key_compromise
- ca_compromise
- affiliation_changed
- superseded
- cessation_of_operation
- certificate_hold
- privilege_withdrawn
- aa_compromise
- full_name: "URI:https://ca-pains-perdus.intra/revocations.crl"
reasons:
- key_compromise
- ca_compromise
- affiliation_changed
- superseded
- cessation_of_operation
- certificate_hold
- privilege_withdrawn
- aa_compromise

183
group_vars/monitoring/secrets.yml Normal file
View file

@ -0,0 +1,183 @@
$ANSIBLE_VAULT;1.1;AES256
35306430386637386563313131333565633136653435623965623463336130646566623139393861
3264326634623533373663356438323334393466653162320a366339643733333062366165386263
31613232356138663465323362333437313835616361346363316639313665393637303536613730
3130386639343132300a376230643466616338333131616538313061663765626539396361336564
61346433663339343235393935623663323739346539636431346334326366366266303937643435
65616530643330363331343564373738633763366131323862353966363264383237366230663839
65383162346330313231386439353238386163333662316135363564626132646333333936643834
35346135336530656137636538616536343261306264336562363732343264326139663538616163
34373730626262316531343336646236643333616136333231313864383336383839663534376263
36636362373062316137376639616436363361393130353262653662316261616666346430373861
61623031396365646538653036373232643465353766616332633535356230373661386538643234
31656634313564316361373031383230383664646233656161323561636266346335316632316465
32666131393066373233386437353738663937346638626463386434323234353738386630663063
33316164326234666239643366393638363138633466623733326534376439323732303736613564
36356432663738653862343461653030353230616566383261633431386336336637333064356362
64373039633436353230613865346365373063376132643732633836323963336264633536643266
36616361373939366132663035336364633238613731323531383564383636306264633561643931
34333838366665316331363638373934313364356563373366363434666638343635323536383335
31373661386135393338363337613839356232303730636137616561616636323732353238316365
31396562313632373964653531656464396531663130313633363165306331356261303837643237
35636661306234633662616166316539656433353064343665393964626437613965666234656132
66333939343939333763373264343461353064313831626162666163313833343239376639653732
38386631383662386538343537653061363466306430633836653538646166396465626434353836
62346239336331333764373338633137313335386234376465353930376337373039373735323736
39653936613964323462306433633833666337323065333663653639633363626537613539663138
37383763356237323436633335383632393965376663653061383762356334346335663133393666
39646235363639303536643133653862343236393939353733393632663830356662373332386435
35656632613766343138613139626563653536383437326131333664666437396238333661313363
30343838393334633235373462346665653538383165616534343165373339346437666332303365
39633135363266396536346434333738613435616337333535316534366234356363353735633838
64356532373631333564346232393734623638666135383138313237343730313565643538386665
37653362623863366338313237363663316364666332373434363532613164333433376165613564
38303561353165633763613434623266336334303264346231353439316536386263636135376264
32356162343561373839653435653264663739346132656239323837616337393238663465393436
65353134346663653237373731643232643733323464323239663534336335313038633939313732
33656161616338326663396636386233666166623731383565326264373637646534383934633336
32363534343538346461363639653864393939353432623336303732303935663831383337633461
30333261396364656332343737353938363835613934303062666262653638353134363038393232
34363433306433633331306237313765366234643939363331316337333261613336303136326338
65373064646332353831656634343165363637383734313734383738653531373533393430666431
34393230336562613561646432636132383537346161643362633337323538663038313834306637
36316130316337333063343530376538653866333865626531633861366235633635666236613032
36383933623463386131666133313036323030303533313863313863353639393135343264656536
30636535356431623733656665653162663362666532393561343963646161636435663762643737
31393833323534316466316163653231386138653663306365373561393533346636663233333163
34323031383130343164633231383333373332653435626135343333303232663962666163633161
30653333313430343831663937333462386162386165333835303261396333343664663538313931
33663439663930323766333861393361316366656132666235616366653431623038363738313465
66363165323735353539346431323435323865613833333166336631393463316332353335343839
62383261393438303639323132393765363134623235323139663432373664383538626136303033
36306631646135303165636436326538653134653332653134346466663031623735316131383261
64313132323735666533306537303466623033323665656538306261623839383538363165333866
39343235346566366333316361333639356238663833363236613065396232396338363539646461
66653335376432636635613037383634383438653664633133636363356466366566653139376635
64396365323861376631623838343465323036386538336431393834613336366230383263336364
61323962353262646632653335386239653561343366313661333736316138303764333238333437
32376332373234353538346232656234356634333032313661383762616637386539353465643139
31383430333631313161353534626164316662656335396635663564366136633866353232623237
63646136613764663261636264653162333563373061316539383133366165663932336536313136
32343433343238383363336535333064623537383735326632636638333037353335613862333939
66376666343438316332386334316134623033373166333435373064356366636262303237316662
38316532656238633165373739636333643431373266616331626465666237323366656535396539
37383633383032313134343332333839396334633431353239613338633634626538373465656665
39303535653230306132303461626437636166336434376532653031653065353762383561363230
65373430383031636464303236323063656336376364353137353135306137633835383363386262
63643566663037386430303965343639653663636632343665323765343761383833373961356332
65346466653334323239316161376435386135646531303264306430613237613836323939653433
33653862313863363734616532643637343833646434623238646332383665306236613734376530
38633935356164373937386163643961663861663665373332656561393965326464623065663631
39656166633065356533373563376532383966653730613366643930333232356430653061323430
34623262613939666336336265393763366638303162633232366232643566323239623135333364
38666561396632313234666566376234663365356365346136383631386131393264626562336536
32353264633133633435356263356261386665333032633035366236396637353433366464353035
66383238613464383266343538643433366534313638366162633739383532343931313535313663
33333365646636623135366265313432373762643635623736663364343838663063313862626239
31396230336631343562333135376437613063613531323761383662313737373633313735626136
62633035346636306535633866653033393930323465386438306636653131303465633837643839
30343566613337333837656436383731333763353266646238376135623031306439656133333663
66356134393438653335313435396463373338636164656336366161643737646237616165393837
35386536633465666630616661393536376532373033336565373630643461643764663564656238
63653330333938376362636562363530663866323865376362643938623764353063333933366266
30643235643939323937393239636238346433326336303761333166326166363935383564613834
38353030636133346432633761313036623566323962343436323165336137666366393835623163
32623734326431656365356532326339663136356663623939313537343934373133353134396238
61656163313934353039373739393630333832346439336133333936626135373638363138366463
38616165613730323136386334653337313736343536333039373063393334646665623036323035
66663162306231373266346237663431393464386631373862363562346536313866313239663239
33353030636464386662366637626138393565383239613166303231633538343038323032353434
62353138633961373930333239636263313463396537613933333261313632393939333562636636
37336137623234623663663334623239646464333935636634313062333139616661666532386533
39373864323030623834333337353565383834313837373334316334663835333362373439303466
63316337353965396531373631363965313539303536666261376639373933353234643038326236
62366535343535353833373531333838346466656538323235383339623566303031623630396630
63363331666636316466666461306561343531346162353234386534646437383762386236376364
30366431326132383964633565653866386265396263383539313063306537616166636337623639
32653032653462366162666634626662613962646663336562383661366363643532636537336538
63393831653032313866623462636364343466343331383166653233353666653262386436393366
32613663666638386565346631653864373237353366333561303266646439316531663138626264
33343833356663636162656663643963666266336265353532613331643266323764363138376237
31653264386363373661336437616264633530386335663239353639626261383036386566313335
33633335366566656434636361666566336436303539626538653632363864663134366635326634
32373736396361333562646265333932633438643666363437323834313331646635323630333239
66313763323334373839386232623332383162393162333733613136613031346336313239386236
63653331626439636532613434383131373038663962326535663739356438336563343837393065
39623838653036626332623661646337666462623734366331333766326566616233376465306464
36663864653930303934396661303830613762643366376133666366343936323937366330356339
62373061393363373065663565613064616463646233613164323633333463303065313264316432
64663062386333396334623533386333323835646435616634613265326436303430616330663034
61663936333935383237363733303164333766366136386131343762656232316336366237323331
38333834376664656535376263393664316533353839393366623766663134623639663861386464
32393831326334623534643232653961646363333861386463666431383035663465306130643937
65356563326330383736636562356436363965356237343061666262386232663939636364396630
39643131666332363333373537353735383165356539636434356234353239633333316561626362
37323230613239316531346531633463376632333266656165316566363866623835336464346230
63656530376339326165333761663239356238623933653762346430653832396435623730656466
65333463353065346435333438336433616139313239326261376130616335633263366335333865
62656362376432613137656163633833393962393934383766373262376537636532643164313662
39653639623562303862646434366639626239346163616361626336666631303862643930393132
30353766363461396465643335356530646365613132646637353738393363353033363462336434
38633634383237653763303765336131666337323037386330363535336563313461303234343963
33393265313736653165333330323964333862396331323837613432393361363863333064386463
33383036373533376266363731646437376434613930393562643765353032636265323765363039
61663939306432303266663634666437303931363835666339356563393365393034376138303132
30663833326464663230613266636366613336633064396261333833633834383636396435316438
39646539323562393163366138363364306334336463313566363464343037653333333834656231
64656236363062356464613333346436636532346265653037373631353836383266663339323466
66306235306462623936316261333336336661366138373937313531626339343161323131333931
35633564633535663833623765656466356435303762663863373231396663326161623366333737
61343534623331623238623334623961396634333630393366316135303238303864373365643766
34326235313435366133336536376337623938366235633135346333653866326265363932663565
39663939636665313333363936306533356564653739633139613435653563626466303137343064
62346230353135306130306235356631643038336431323566326666643030306261393532383366
37386562323232663038383661333561366264646662383738363562613631666665633930313335
38343963616664306137623362393436383166613936353830393564346563373963663130653937
30653932346436616238636537656364313538353561326162326139373032386432626632663461
34623735373338303733323034333931383161313133346266396364373032313662663731376135
64666133383566373462333066646634636631363963636436383936633963383766623236306439
31393738646363306334353464333161373031373265653964326663626531363463333639373039
33623734636433396566326436316638643638633739383739626639623136663266633133623264
66333931653930333565356438636334613032363333326137623064306136386134666130383938
62633931653366613331626332396538383536666562353533323265653533376133663461623732
34326364363333363563353266626463626464396461333531303736336266646238353163333438
65343432353332613264313638326431613963363635313963346637333034653565346561633935
62346362653162656263356433316262386438396638636266613766313038336534376339643239
31623934376465333763393665336661343866376337666666356433393765343532383936346432
36636564313861323861323034613037626639356465323230313565386137616531363530326239
31396661306130323465663631333636643934626530636339653162663430653332653764386565
63653463353861383635323539633433383839356431326262343064323430333163636363386139
31316132393362386261336262613263363261333931363637646630643530366266663264396532
34643831663536616365633961623932336131303064333861636263323565363764346431306231
36313831636436613239353665333638393762396163616566353932376431656666623838346363
36613061346135303066643332336163393534363938663537383961363834613536666537613339
37626336613464613433363863326261373235643535366661323930663866636135343330393830
38633234663038666530383334613032646634643434613064363564373536386566666635363462
33366233303636653435313934613063353337633131623236393831386433393564333533393237
35396436346538373532653662646161653264383233666336623035656662633161323530376365
31313534396336326438356433366466663934663135636531346537366265303135313038613531
39313838313533663861626630666431343066336535653561313463323665633131393063393064
33636536316365663937363932613838353234653236623634363439663362336631636264356664
63386461613164613639626530376337313530343230663032393639323832303733623433623564
39336430643961323761346539623165663635386338306337616637666438343561663364383539
31386636643836343233383264656234616361613166633735353330383862626331643363656332
65353730363038626636636537303335383937646135633363653134306361376364316362653731
30363837333234386366393631363833316361313132343865376666636364643833356363663932
35313362623166643461626133363730653737363839303139623662303264656362336331383030
62303430623533623030383262346563613361396130396136376132383264633838656463646332
39623333306539326337333638363137306235313539346238613732646233633430626130333138
36313937653433373137323335393639633737333664636238653739353138373264643562613463
34643661643538373037346433336237356334323731326163323836343332666338663663613436
66376536323464353138303230323133366562363862353363386636396665353032643437653633
65343832623636346565386134633763303261306263383336353936343162366663623265656639
39383661623838643165646531356136316564646232643537373662386439343533356164326134
36373335333733633435616132353963373130343038363965343166383835373131303435393031
33653532313237623736323636353635313234343930663039353562633034373961376162623766
37393965396635383936666565353336316433396632353738333833366134643433316438613134
30333563656165333335643366343636623938383737333535386235383634356431333035613232
37353433323730643361316337653735373862633030303764633331663836373837323662636134
36383535616165323332636134303462653065336461393264656634393366666139663337393136
61383566303762386531666364356433326434326632633766646664373661636434383033366138
35363338626666313631343962326532376634633564656137363236613838346436376266323838
35333166653930623166643861636562353831626432393536666535333435643765393066366339
6135633232653265376433363338366662396266303261393232

11
group_vars/prometheus/main.yml Normal file
View file

@ -0,0 +1,11 @@
---
## Grafana
grafana_domain_name: monitoring.deso-palaiseau.fr
## Kassandra
kassandra_username: cassandre
alert_rooms:
- "#monitoring:pains-perdus.fr"

18
group_vars/prometheus/secrets.yml Normal file
View file

@ -0,0 +1,18 @@
$ANSIBLE_VAULT;1.1;AES256
32373765643939613231393031333062613064343062616361633265393733366638626363663263
3261633230383735643663303334313338666364613236340a393839333730386439353732303634
39663536346132316634383837336530306661613963396664323436353034376539386162396666
6562653730663434610a636133623133303830653830623565393734306161303439396637313536
35313637393734326637333437336233643966383636663565623366666463393261303164313162
31346137633165306261633034653234386263303239353332653762366163366630353630316464
66336234633435626563386164656133353433393637633937663432303637653635633465663830
34363565663039383366363433626531313737323333316465346165633338633735323663343734
32376233323434663630333462666631633437643830363663376438623334336238636132653232
62643462323735353462363536383262666663353964343532316130366232393232656364373832
61363466336539356166373063306335363161363566383466323336313139386364323435313834
37366432666430333036326439396539343664313261633261363465383666363364346231313461
61323931343364633137303539343763663337343762313561336432613838323861396564326235
38666436663236363463396261363430643032386435356665303438363239313263623364653639
34653934623232613665346535383163383837353762626635633434663230343565336432303136
33333962613339656566353833663037396133623466313932313064306466336630316331303235
3363

0
group_vars/all/in_memoriam.yml → group_vars/proxy/in_memoriam.yml
View file

2
group_vars/all/revers_proxy.yml → group_vars/proxy/main.yml
View file

@ -1,9 +1,9 @@
--- ---
reverse_proxy_sites: reverse_proxy_sites:
- {from: wiki.pains-perdus.fr, to: "https://azerty.fil.sand.auro.re:2443"}
- {from: hindley.pains-perdus.fr, to: "http://127.0.0.1:5000"} - {from: hindley.pains-perdus.fr, to: "http://127.0.0.1:5000"}
- {from: "{{ grafana_domain_name }}", to: "http://127.0.0.1:3000"} - {from: "{{ grafana_domain_name }}", to: "http://127.0.0.1:3000"}
sharing_sites: sharing_sites:
- {from: share.deso-palaiseau.fr, folder: "/home/histausse/www", user: histausse, group: histausse} - {from: share.deso-palaiseau.fr, folder: "/home/histausse/www", user: histausse, group: histausse}
- {from: wiki.deso-palaiseau.fr, folder: "/home/histausse/wiki/public", user: histausse, group: histausse}

43
group_vars/synapse/main.yml Normal file
View file

@ -0,0 +1,43 @@
---
## Synapse
matrix_enable_registration: False
matrix_apps_services:
- discord
- facebook
- signal
- instagram
- telegram
# Not configured for now
matrix_stats_endpoint: https://127.0.0.1/report-usage-stats/push
## Bridge facebook
matrix_bridge_facebook_admins:
- g33kex
- histausse
matrix_bridge_facebook_allowed_external_user:
- '@dorianx:matrix.rezel.net'
## Bridge signal
matrix_bridge_signal_admins:
- g33kex
- histausse
matrix_bridge_signal_allowed_external_user:
- '@dorianx:matrix.rezel.net'
## Bridge instagram
matrix_bridge_instagram_admins:
- g33kex
- histausse
matrix_bridge_instagram_allowed_external_user:
- '@dorianx:matrix.rezel.net'
## Bridge telegram
matrix_bridge_telegram_admins:
- g33kex
- histausse
matrix_bridge_telegram_allowed_external_user:
- '@dorianx:matrix.rezel.net'

34
group_vars/synapse/secrets.example Normal file
View file

@ -0,0 +1,34 @@
---
## TODO: replace this example file with proper documentation
## Synapse
synapse_postgre_user_pwd:
matrix_registration_shared_secret:
matrix_macaroon_secret:
matrix_form_secret:
## Bridge discord
matrix_bridge_discord_postgre_user_pwd:
matrix_bridge_discord_client_ID:
matrix_bridge_discord_botToken:
## Bridge facebook
matrix_bridge_facebook_postgre_user_pwd:
# Those values are generated by the bridge the first time the bridge is launched.
# we copied the values generated from our test config
matrix_bridge_facebook_integration_manager_shared_secret:
## Bridge signal
matrix_bridge_signal_postgre_user_pwd:
## Bridge instagram
matrix_bridge_instagram_postgre_user_pwd:
## Bridge telegram
matrix_bridge_telegram_postgre_user_pwd:
matrix_bridge_telegram_api_id:
matrix_bridge_telegram_api_hash:
matrix_bridge_telegram_bot_token:

95
group_vars/synapse/secrets.yml Normal file
View file

@ -0,0 +1,95 @@
$ANSIBLE_VAULT;1.1;AES256
63613062313131653261643433653535326438363161343337326234353165393065663066653938
3362356639356131643030643264663136373764663933330a386138363330363636326266653936
66333866353330386163643964626232363166353439363461626230363437306330386162653638
3263323861623834660a326530633963666139323431393434333038336435303363393432616130
64373938393430396665663035313937396632396332343434353361626636353636316134383130
31363131353633613563666437646262373132363366363836616231306137323134326562383337
39633161386132666162373831373036656632393737653937636164636437336366336338383030
34313434336230623135643531316164613962623765333131653135663131613338396461386261
66363137663935653734306461616366313636393633313765613764646535613938666664353932
63643833323335356538366434393363373463646632306232623230663735626235653434306137
31353034386162393431363938316261666431653766636464373735363661363338343861313564
65613963616438323961333639613332663531663834636166653439666461353261383731343862
31636535323932363539383034363535653865653366346432656332626665633766353363303738
61653231663565613266363564316237323834373330626333623638343639343763393062396531
37383833353839356563623034373737663436386130333932313835306437623065363166633635
62653030313131636638323137383031623363663061376333616438343239353332333636626230
35373034373830306165363235386263376130623065333037663366653937383935373666323661
31303235376562643037316134326664353864386436316665633031363163623265306339313866
63303936353434326234343363383139626265323132373638313064643665373065613162326635
30313063376266383632626332343037633233366165636131363736303532326662663865343432
31363366623032663233306333666635646366386433643066613336366532326266316634383765
31363166626636333363643737313831326664613462663631313164386130373536653561303238
62646362643937363339626265356132383966646231356462623831663736643763623665353763
37313234363135396335313637613030313539396336333562303065613739353238663135386663
62313536306263383232633232633639333461643039393739636235663761313230626532343934
63623136326638646633303663363430396232376630306339343037663364336166353133366361
65383732383033613633376265343362613864346230613733333130356566376537393934616630
35656136356136353830636332616133623031613165353530666533613362633637343335633635
37323033656533633936316366613965323532646538386264393234386431393364653763653763
61626438636364623632646364633733366636376433336366346663383831303766303739653362
39613265396232343435353065323361656635636336373637306163303730626536363166333364
37623732383733633564623162623861373733323037643535663833383161313262636337613033
62303033396237633530353031356232336533616432366232616262343335643536316437623430
39373765313137376264656633646437346266316632356535376236396237363934396537623333
30356433333339363164316437393233643337356439373634336466653466303136333531633630
39313765356633353163376466666230633266383833623364383238323863663937356532653734
62363266633235616662663166366136356532653932376636613466396330613234343766663530
64353536383232353131313235383738333136666130356537646231346561373639373438656231
30323032646431323436303231663935323330393230373762336631316236366462373433616365
31396335353666393233653137393936303562663131643265326235306538326635363463343364
37373064666335666563666332613132363431376230366163626132306134633831373632623765
62613633323739393437366135396164383339356536663066636433393562396131393839386461
37623231613566396436616439613263373366643534353965656562663834633937343633343565
64303165313833613034613965356637633761633862633964316264323138383238366163643366
66666461613066313638363432636666313166306363383636653361666565383035613161393333
39376338636438343532376134363434666465363332653534363434663565653736613663323263
66386361633230626331326638636161626331663233363365326665616637623962643233353436
65306235346531636435313038313739643737303036326238353065663930626361316262653362
65376565323038333466376366373430383138666631363465303134373561373131333533656233
37383138343062306330396265373334386139623235323833323533613636373333363165303434
31616336336434633834353963643330386565336565353533623532316664626665663936613231
62666439386663393339373235623733383233653364623662666635306461656233323835393163
30306261386362653134316537326238663634623830623466316438343862353131326361623035
31346164376137616237333539333766333964366435343234333165656666643231333466646635
63343337323336386661663862383034363865643565643131323932623737376231313235643939
31323831363534633965623864326236626636376433633334326466643138636263356262373962
62383937623439643364633832313663326231616463656266303530343835363236313239386164
30363963383435336438366263313064653633393737623666616239353336643331303435323335
31633562636339613363376236376135353735653331666132323033613666356535313834636330
64363366383266303136313738633931383032666339653132656431646332306463353562326561
36373764306361613761353163356430666363343561313864623963303166356437376136333732
62303337346663636439616431306234353362353838333331636363626138303033373238656137
37326432666164323262366637323162326364303665333431653537343932643465356332633433
32663263653437316137636263356363366565656538373261333336336332313536363930336134
34336435326531333037636133646639643564333934356431303737373731666433353061666539
62663862343233393063353932633366653538643662393266343834626236353366363936396166
34636139623533306366623061316266393062356562333134653236326365656161303962383061
32643363386335363366636239343435303830653638333530363362323439373838656265366531
36373031613962656632373839663431343338353465653535393861383965336232363731373533
66623535653364333664373363636532323137643461326661353961303762343366323533636363
38353436393137326235656434363332623565306362616561643837333034383266316362303230
66303735353435393031663232363161333964303538633336663365393966636161376335306264
36326435636162353664353161373037313437373765373231363434346530373739356137396133
37383733346435666634633832373064303163656565393334646162313462356235383764353633
35363738616162303239383964323135616232653562356233366262353533336131393231353332
36646139356339386137323764336665346534623964613865646330323762666135326361336632
38653935633933313762643565613332346364396462303366663064313966626262643430323766
61333135616131643065613763666331653730386339343766303035613065343136616163386631
35346234316361366464636464633431633039363631623863653630313262623030646666376664
33656331383536643463663236393430373564373865396134633461373534616435333564396537
37396664303363393036633537323334363339393230623463376235343234356666633162396362
66333631616665663931616438333531633333356532343135633564626162613331663239333966
64323235393764383639326236353439643934616564656432386537613934343537613330323463
61656634383338653632383232393135323836616461333437363666376661353933306639656465
35643333393435313330333134383866626530623730313230333437356435613335393835363734
32616561643737623835326531373164393061353934656638643436643838363865336239616463
35346563613630313534343864336234663838363638653230646464653765633162303231353532
30643536333763353662353662653532636539396461373864303664313834343132343636636533
37653637623630646461343433373232343863316234336339333466346238363863616161613036
36353738393966366138383666626161366332633534306230316632326637393865353665356664
33613737303638373461313462303565386664376238636262313638613161363233346661326531
62643831363164336266363436356638383661343164376562656265363361353234323835313534
37626461333639623739306634306131643334353335353465646363326537666431303537396634
6134346232656665323561353433323661636262306232643735

0
group_vars/all/vpn.yml → group_vars/vpn/main.yml
View file

6
host_vars/barium/main.yml Normal file
View file

@ -0,0 +1,6 @@
---
ansible_host: "barium.lan"
## Users
users:
- g33kex: sudo

15
host_vars/bismuth/main.yml Normal file
View file

@ -0,0 +1,15 @@
---
ansible_host: "bismuth.lan"
## Users
users:
g33kex: sudo
antoine: sudo
## Network
interfaces:
ens18:
type: dhcp
ipv4_forwarding: false
ipv6_forwarding: false

2
host_vars/hindley/ansible.yml
View file

@ -1,2 +0,0 @@
---
ansible_host: "hindley.adh.auro.re"

3
host_vars/hindley/apt_proxy.yml
View file

@ -1,3 +0,0 @@
---
proxy_apt_interfaces:
- "{{ interfaces['wg0'].ipv4 }}"

54
host_vars/hindley/main.yml Normal file
View file

@ -0,0 +1,54 @@
---
ansible_host: "hindley.adh.auro.re"
## Users
users:
histausse: sudo
g33kex: sudo
thomyrock: sudo
dorian: sudo
## Networking
interfaces:
enp2s0:
ipv4: 45.66.110.3
type: dhcp
wg0:
ipv4: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
netmaskv4: "{{ intranet.netmaskv4 }}"
type: wireguard
ipv4_forwarding: true
ipv6_forwarding: false
lan_address: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
## VPN
vpn_interfaces:
wg0:
ip: "{{ interfaces.wg0.ipv4 }}"
private_key: "{{ vpn_key }}"
public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
keepalive: false
peers:
- public_key: "jvjOCj5xVTLwyQ8o7QsYvF2ep1HbD/GKnmjpqJuztB8="
allowed_ips:
- "{{ intranet.subnets.physical.subnets.router_hellman.ipv4 }}/{{ intranet.subnets.physical.subnets.router_hellman.netmaskv4 }}"
- "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}"
comment: "Router hosted on Hellman"
- public_key: "{{ vpn_guest_keys.knuth }}"
allowed_ips:
- "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
comment: "Client laptop: knuth"
- public_key: "{{ hostvars['sulfur'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['sulfur'].vpn_interfaces.wg0.ip }}/32"
comment: "matrix VM, hosted on g33kex's server"
- public_key: "{{ hostvars['technetium'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['technetium'].vpn_interfaces.wg0.ip }}/32"
comment: "test VM"
# apt proxy
proxy_apt_interfaces:
- "{{ interfaces['wg0'].ipv4 }}"

14
host_vars/hindley/networking.yml
View file

@ -1,14 +0,0 @@
---
interfaces:
enp2s0:
ipv4: 45.66.110.3
type: dhcp
wg0:
ipv4: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
netmaskv4: "{{ intranet.netmaskv4 }}"
type: wireguard
ipv4_forwarding: true
ipv6_forwarding: false
lan_address: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"

9
host_vars/hindley/secrets.yml Normal file
View file

@ -0,0 +1,9 @@
$ANSIBLE_VAULT;1.1;AES256
61376264343163613261623830323664633639366466666462626538616634633233326664326462
3663363361316438306162343163326364323937626430310a326566636131646534336536303130
63393162363830323761313132633032616339653062666136363164323132643037316562613633
6166366135323962650a353433346361643638613434653137396337663432303361656361633835
36303965343635386130653230663330633361306665633861626163663264303761303235316639
62613134353661373061383836633935343938623464333739643963386634663536353335616536
62363838643832613662386630666334623931646536323035313531303139616639613839363137
36333933353538613165

27
host_vars/hindley/vpn.yml
View file

@ -1,27 +0,0 @@
---
vpn_interfaces:
wg0:
ip: "{{ interfaces.wg0.ipv4 }}"
private_key: "{{ vpn_vault_hindley_key }}"
public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
keepalive: false
peers:
- endpoint: ""
public_key: "jvjOCj5xVTLwyQ8o7QsYvF2ep1HbD/GKnmjpqJuztB8="
allowed_ips:
- "{{ intranet.subnets.physical.subnets.router_hellman.ipv4 }}/{{ intranet.subnets.physical.subnets.router_hellman.netmaskv4 }}"
- "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}"
comment: "Router hosted on Hellman"
- endpoint: ""
public_key: "{{ vpn_guest_keys.knuth }}"
allowed_ips:
- "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
comment: "Client laptop: knuth"
- endpoint: ""
public_key: "{{ hostvars['matrix_server'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['matrix_server'].vpn_interfaces.wg0.ip }}/32"
comment: "matrix VM, hosted on g33kex's server"

6
host_vars/krypton/main.yml Normal file
View file

@ -0,0 +1,6 @@
---
ansible_host: "krypton.lan"
## Users
users:
- g33kex: sudo

4
host_vars/matrix_server/ansible.yml
View file

@ -1,4 +0,0 @@
---
#ansible_host: "172.20.1.5"
ansible_host: "nyx.ovh"
ansible_port: "4502"

13
host_vars/matrix_server/networking.yml
View file

@ -1,13 +0,0 @@
---
interfaces:
ens18:
type: dhcp
wg0:
ipv4: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
netmaskv4: "{{ intranet.netmaskv4 }}"
type: wireguard
ipv4_forwarding: false
ipv6_forwarding: false
lan_address: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"

25
host_vars/matrix_server/vpn.yml → host_vars/sulfur/main.yml
View file

@ -1,8 +1,30 @@
--- ---
ansible_host: sulfur.lan
## Users
users:
g33kex: sudo
histausse: sudo
## Networking
interfaces:
ens18:
type: dhcp
wg0:
ipv4: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
netmaskv4: "{{ intranet.netmaskv4 }}"
type: wireguard
ipv4_forwarding: false
ipv6_forwarding: false
lan_address: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
## VPN
vpn_interfaces: vpn_interfaces:
wg0: wg0:
ip: "{{ interfaces.wg0.ipv4 }}" ip: "{{ interfaces.wg0.ipv4 }}"
private_key: "{{ vpn_vault_matrix_key }}" private_key: "{{ vpn_key }}"
public_key: "oQH8CBofxNSOGevaz1HZlz3ZW+H3ndb/TmqM0pCiRR8=" public_key: "oQH8CBofxNSOGevaz1HZlz3ZW+H3ndb/TmqM0pCiRR8="
keepalive: true keepalive: true
peers: peers:
@ -11,3 +33,4 @@ vpn_interfaces:
allowed_ips: allowed_ips:
- "{{ hostvars['hindley'].vpn_interfaces.wg0.ip }}/{{ interfaces.wg0.netmaskv4 }}" - "{{ hostvars['hindley'].vpn_interfaces.wg0.ip }}/{{ interfaces.wg0.netmaskv4 }}"
comment: "hindley" comment: "hindley"

9
host_vars/sulfur/secrets.yml Normal file
View file

@ -0,0 +1,9 @@
$ANSIBLE_VAULT;1.1;AES256
65636333393239393537363163356565376535366136633266643165393662306533613137396262
3263333334636263383162623533333637303466383139660a356161616138353764326166383566
39383038613361616663646166626335396537343466336133356135633130643532373165633233
3437613237656666630a346263643330343336633431313264373365633439623235396236353133
63623733363935663035393666343739643461393263393966356336346563306434623833303139
63653036343662333062393936316138613236326332363336326561316131356239646266643936
30366265636138366239626633363562613330623432626266386135313537643030366534613237
65633430346337643331

37
host_vars/technetium/main.yml Normal file
View file

@ -0,0 +1,37 @@
---
ansible_host: technetium.lan
## Users
users:
g33kex: sudo, video
histausse: sudo, video
antoine:
## Networking
interfaces:
eth0:
type: dhcp
wg0:
ipv4: "{{ intranet.subnets.physical.subnets.technetium.ipv4 }}"
netmaskv4: "{{ intranet.netmaskv4 }}"
type: wireguard
ipv4_forwarding: false
ipv6_forwarding: false
lan_address: "{{ intranet.subnets.physical.subnets.technetium.ipv4 }}"
## VPN
vpn_interfaces:
wg0:
ip: "{{ interfaces.wg0.ipv4 }}"
private_key: "{{ vpn_key }}"
public_key: "sBk95X1alesUr7EhbJ04SfQ3HXHhnE4mm9PGYNa1xmc="
keepalive: true
peers:
- endpoint: "{{ hostvars['hindley'].interfaces.enp2s0.ipv4 }}"
public_key: "{{ hostvars['hindley'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['hindley'].vpn_interfaces.wg0.ip }}/{{ interfaces.wg0.netmaskv4 }}"
comment: "hindley"

9
host_vars/technetium/secrets.yml Normal file
View file

@ -0,0 +1,9 @@
$ANSIBLE_VAULT;1.1;AES256
62353537323135663839356464396361646432303638653765616663363432613266383739343835
6435313938393332396537613031316333643835666164650a396464396632353031303662386332
65643437616137383837623566316438376334363634653061383334356530366261343865323631
3466653030623239390a363765386362323563333861353964343161613732626565633666343430
61353266623033643030346238303562313864653161623436666463363761336532346137656138
38316439663361363930656162633232396237343165396463626633633837346335643038653131
36323039663333346131303735316539333335383565623061646634613861303630356563633238
63393034323136663861

26
host_vars/vanadium/main.yml Normal file
View file

@ -0,0 +1,26 @@
---
ansible_host: "vanadium.lan"
## Users
users:
g33kex: sudo
## Network
interfaces:
eno4:
type: manual
eno3:
type: manual
vmbr0:
type: dhcp
bridge: yes
interfaces:
- eno4
vmbr1:
type: manual
bridge: yes
interfaces:
- eno3
ipv4_forwarding: false
ipv6_forwarding: false

87
hosts
View file

@ -1,28 +1,59 @@
# Servers and VMs inventory # Inventory
all: # Meta group containing everything except test servers
children: [server:children]
ubuntu: vm
hosts: container
hindley: physical
debian_bullseye:
hosts: [vm]
matrix_server: bismuth # BigBlueButton
proxy: sulfur # Synapse
hosts: technetium # Test
hindley:
vpn: [container]
hosts:
hindley: [physical]
matrix_server: hindley # Various
apt_proxies: vanadium # Proxmox
hosts: barium # Backup
hindley:
prometheus_servers: [cloudinit]
hosts: bismuth
hindley: technetium
matrix:
hosts: # Groups
matrix_server: [monitoring]
no_user: hindley
hosts: technetium
matrix_server: sulfur
[apt_proxy:children]
vpn
apt_cacher_ng
[vpn]
hindley
sulfur
technetium
[matrix:children]
proxy
synapse
[apt_cacher_ng]
hindley
[synapse]
sulfur
[proxy]
hindley
[prometheus]
hindley
[proxmox]
vanadium
[backup]
barium

49
roles/apt_cacher_ng/tasks/main.yml
View file

@ -1,27 +1,27 @@
--- ---
- name: Use a newer version of apt cacher nc for ubuntu 20.04 #- name: Use a newer version of apt cacher nc for ubuntu 20.04
block: # block:
- name: Set the default release # - name: Set the default release
lineinfile: # lineinfile:
path: /etc/apt/apt.conf.d/01-vendor-ubuntu # path: /etc/apt/apt.conf.d/01-vendor-ubuntu
regexp: '^APT::Default-Release ' # regexp: '^APT::Default-Release '
line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";" # line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
- name: Pin node exporter # - name: Pin node exporter
copy: # copy:
dest: /etc/apt/preferences.d/pin-apt-cacher-nc # dest: /etc/apt/preferences.d/pin-apt-cacher-nc
content: | # content: |
Package: apt-cacher-nc # Package: apt-cacher-nc
Pin: release n={{ ansible_facts['lsb']['codename'] }} # Pin: release n={{ ansible_facts['lsb']['codename'] }}
Pin-Priority: -10 # Pin-Priority: -10
Package: apt-cacher-nc # Package: apt-cacher-nc
Pin: release n=groovy # Pin: release n=groovy
Pin-Priority: 900 # Pin-Priority: 900
- name: Add the repo from groovy # - name: Add the repo from groovy
apt_repository: # apt_repository:
repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe # repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
state: present # state: present
when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal' # when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'
- name: Install apt-cacher-ng - name: Install apt-cacher-ng
apt: apt:
@ -29,9 +29,6 @@
- apt-cacher-ng - apt-cacher-ng
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Create config files - name: Create config files
template: template:
@ -50,7 +47,7 @@
group: apt-cacher-ng group: apt-cacher-ng
mode: '640' mode: '640'
notify: Restart apt-cacher-ng notify: Restart apt-cacher-ng
no_log: true no_log: "{{ enable_no_log | default('true') }}"
# This is uggly, and overkill # This is uggly, and overkill
- name: Set cron job to clear the cache - name: Set cron job to clear the cache

0
roles/base_config/files/update-motd.d/01-logo → roles/base/files/update-motd.d/01-logo
View file

11
roles/base_config/tasks/main.yml → roles/base/tasks/main.yml
View file

@ -19,9 +19,6 @@
- acl - acl
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Customize motd - name: Customize motd
copy: copy:
@ -31,3 +28,11 @@
loop: loop:
- 01-logo - 01-logo
- name: Check for cloud init
stat:
path: /etc/cloud
register: cloudinit_folder
- include_role:
name: cloudinit
when: cloudinit_folder.stat.exists

22
roles/base_totp/tasks/main.yml
View file

@ -1,22 +0,0 @@
---
- name: Install the PAM lib
apt:
name:
- libpam-oath
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Add the totp secret for users
lineinfile:
path: /etc/users.oath
regexp: "{{ item.name }}"
line: "HOTP/T{{ totp_periode }}/{{ totp_digits }} {{ item.name }} - {{item.totp}}"
create: true
group: root
owner: root
mode: '600'
loop: "{{ uservault_users }}"
no_log: true

21
roles/cloudinit/tasks/main.yml Normal file
View file

@ -0,0 +1,21 @@
---
- name: Remove cloudinit sudoers file
file:
path: "/etc/sudoers.d/90-cloud-init-users"
state: absent
- name: Remove cloudinit netplan
file:
path: "/etc/netplan/50-cloud-init.yaml"
state: absent
when: ansible_facts["lsb"]["id"] == "Ubuntu"
- name: Disable cloudinit
file:
path: "/etc/cloud/cloud-init.disabled"
owner: root
group: root
mode: "0644"
state: touch
modification_time: preserve
access_time: preserve

5
roles/configure_resolved/handlers/main.yml
View file

@ -1,5 +0,0 @@
---
- name: Reload systemd-resolve
systemd:
name: systemd-resolved
state: restart

23
roles/configure_resolved/tasks/main.yml
View file

@ -1,23 +0,0 @@
---
- name: Change the DNS server
lineinfile:
path: /etc/systemd/resolved.conf
insertafter: '[Resolve]'
regexp: '^#?DNS='
line: "DNS={{ dns_resolve_server }}"
notify: Reload systemd-resolve
- name: Remove the stub listener
lineinfile:
path: /etc/systemd/resolved.conf
insertafter: '[Resolve]'
regexp: '^#?DNSStubListener='
line: "DNSStubListener=no"
notify: Reload systemd-resolve
- name: Link resolve conf
file:
src: /run/systemd/resolve/resolv.conf
dest: /etc/resolv.conf
state: link
force: yes

17
roles/create_users/tasks/main.yml
View file

@ -1,17 +0,0 @@
---
- name: Generate user
user:
name: "{{ item.name }}"
groups: "{{ item.groups }}"
shell: "{{ item.shell }}"
password: "{{ item.password_hash }}"
loop: "{{ uservault_users }}"
no_log: true
- name: Add ssh key
authorized_key:
key: "{{ item.ssh_key }}"
user: "{{ item.name }}"
loop: "{{ uservault_users }}"
no_log: true

4
roles/generate-cert/tasks/main.yml
View file

@ -79,7 +79,7 @@
dest: "/tmp/ansible_hacky_pki_ca.key" dest: "/tmp/ansible_hacky_pki_ca.key"
mode: u=rw,g=,o= mode: u=rw,g=,o=
delegate_to: localhost delegate_to: localhost
no_log: yes no_log: "{{ enable_no_log | default('true') }}"
- name: Sign the certificate - name: Sign the certificate
become: false become: false
@ -100,7 +100,7 @@
owner: "{{ owner | default('root') }}" owner: "{{ owner | default('root') }}"
group: "{{ group | default('root') }}" group: "{{ group | default('root') }}"
mode: "{{ key_mode | default('u=rw,g=,o=') }}" mode: "{{ key_mode | default('u=rw,g=,o=') }}"
no_log: yes no_log: "{{ enable_no_log | default('true') }}"
- name: Send certificate to the server - name: Send certificate to the server
copy: copy:

5
roles/generate_self_signed_certificate/tasks/main.yml
View file

@ -4,9 +4,6 @@
name: python3-openssl name: python3-openssl
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Ensure the cert directory exists - name: Ensure the cert directory exists
file: file:
@ -25,7 +22,7 @@
privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem" privatekey_path: "/var/certificates/{{ server_hostname }}_privkey.pem"
country_name: "{{ country_name }}" country_name: "{{ country_name }}"
organization_name: "{{ organization_name }}" organization_name: "{{ organization_name }}"
email_address: "{{ vault_email }}" email_address: "{{ certificate_email }}"
common_name: "{{ server_hostname }}" common_name: "{{ server_hostname }}"
- name: Generate a Self Signed OpenSSL certificate - name: Generate a Self Signed OpenSSL certificate

8
roles/grafana/tasks/main.yml
View file

@ -5,9 +5,6 @@
- apt-transport-https - apt-transport-https
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Add Graphana Repo Key - name: Add Graphana Repo Key
apt_key: apt_key:
@ -25,9 +22,6 @@
- grafana - grafana
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Configure Grafana - name: Configure Grafana
template: template:
@ -36,7 +30,7 @@
owner: grafana owner: grafana
group: grafana group: grafana
mode: u=rw,g=r,o= mode: u=rw,g=r,o=
no_log: true no_log: "{{ enable_no_log | default('true') }}"
notify: Restart Grafana notify: Restart Grafana
- name: Copy the CA cert - name: Copy the CA cert

5
roles/guest_agent/tasks/main.yml Normal file
View file

@ -0,0 +1,5 @@
# Setup QEMU Guest Agent
- name: Install QEMU Guest Agent
package:
name: qemu-guest-agent
state: present

38
roles/install_docker/tasks/main.yml
View file

@ -1,38 +0,0 @@
---
- name: Add the docker repo key
apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
- name: Add docker repo
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/debian buster stable
# TODO replace by "... /linux/debian $(lsb_release -cs) stable"
state: present
- name: Install docker
apt:
update_cache: true
name:
- docker-ce
- docker-ce-cli
- containerd.io
state: latest
register: apt_result
retries: 3
until: apt_result is succeeded
# Official methode for docker compose, redundant with pip
#- name: Install docker-compose
# get_url:
# url: https://github.com/docker/compose/releases/download/1.28.0/docker-compose-Linux-x86_64
# # TODO: replace by "...1.28.0/docker-compose-$(uname -s)-$(uname -m)"
# dest: /usr/local/bin/docker-compose
# mode: '0755'
# Methode requiered by ansible docker_compose module
- name: Install docker and docker-compose
pip:
name:
- docker
- docker-compose>=1.28.0

5
roles/install_gitea/handlers/main.yml
View file

@ -1,5 +0,0 @@
---
- name: restart gitea
docker_compose:
project_src: /var/local/gitea
restarted: yes

74
roles/install_gitea/tasks/main.yml
View file

@ -1,74 +0,0 @@
---
- name: Ensure the directory exist
file:
path: /var/local/gitea
state: directory
- name: Ensure the user gitea exists
user:
name: gitea
create_home: no
password_lock: yes
- name: Retrieve info about users
getent:
database: passwd
- name: Warning
debug:
msg: This is a test server, do not use in production
- name: Copy docker-compose.yml
template:
src: docker-compose.yml.j2
dest: /var/local/gitea/docker-compose.yml
mode: 0644
owner: root
group: staff
- name: Start the container
docker_compose:
project_src: /var/local/gitea
- name: Copy key
copy:
src: /var/certificates/{{ server_hostname }}_privkey.pem
dest: /var/local/gitea/gitea/key.pem
owner: gitea
group: gitea
mode: 0600
remote_src: yes
notify: restart gitea
- name: Copy certificate
copy:
src: /var/certificates/{{ server_hostname }}_cert.pem
dest: /var/local/gitea/gitea/cert.pem
owner: gitea
group: gitea
remote_src: yes
notify: restart gitea
- name: Specify the link the private key
lineinfile:
path: /var/local/gitea/gitea/gitea/conf/app.ini
insertafter: '^\[server\]'
regexp: '^KEY_FILE'
line: KEY_FILE = /data/key.pem
notify: restart gitea
- name: Specify the link the private key
lineinfile:
path: /var/local/gitea/gitea/gitea/conf/app.ini
insertafter: '^\[server\]'
regexp: '^CERT_FILE'
line: CERT_FILE = /data/cert.pem
notify: restart gitea
- name: Use https
lineinfile:
path: /var/local/gitea/gitea/gitea/conf/app.ini
insertafter: '^\[server\]'
regexp: '^PROTOCOL'
line: PROTOCOL = https
notify: restart gitea

43
roles/install_gitea/templates/docker-compose.yml.j2
View file

@ -1,43 +0,0 @@
# {{ ansible_managed }}
# version: "3.8"
networks:
gitea:
external: false
services:
server:
image: gitea/gitea:1.13.1
container_name: gitea
environment:
- USER_UID={{ getent_passwd["gitea"].1 }}
- USER_GID={{ getent_passwd["gitea"].2 }}
- DB_TYPE=postgres
- DB_HOST=db:5432
- DB_NAME=gitea
- DB_USER=gitea
- DB_PASSWD=gitea
restart: always
networks:
- gitea
volumes:
- ./gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "{{ gitea_https_port }}:3000"
- "{{ gitea_ssh_port }}:22"
depends_on:
- db
db:
image: postgres:9.6
restart: always
environment:
- POSTGRES_USER=gitea
- POSTGRES_PASSWORD=gitea
- POSTGRES_DB=gitea
networks:
- gitea
volumes:
- ./postgres:/var/lib/postgresql/data

66
roles/install_keycloak/tasks/main.yml
View file

@ -1,66 +0,0 @@
---
- name: Ensure the directory exist
file:
path: /var/local/keycloak
state: directory
- name: Ensure the user keycloak exists
user:
name: keycloak
create_home: no
password_lock: yes
- name: Retrieve info about users
getent:
database: passwd
- name: Warning
debug:
msg: This is a test server, do not use in production
- name: Copy env variables
template:
src: dot_env.j2
dest: /var/local/keycloak/.env
mode: 0400
owner: root
group: staff
- name: Ensure the certificate directory exist
file:
path: /var/local/keycloak/certificates
state: directory
- name: Copy key
copy:
src: /var/certificates/{{ server_hostname }}_privkey.pem
dest: /var/local/keycloak/certificates/tls.key
remote_src: yes
owner: keycloak
group: keycloak
mode: 0644 # 0600
# I wanted to limite read access to the private key to one "keycloak" user,
# but It doesn't works because the user running some script inside the container
# has a fix uid (1000) and obviously this uid is taken on the host by the first
# user created... I hope you're serveur is well protected...
- name: Copy certificate
copy:
src: /var/certificates/{{ server_hostname }}_cert.pem
dest: /var/local/keycloak/certificates/tls.crt
remote_src: yes
owner: keycloak
group: keycloak
- name: Copy docker-compose.yml
template:
src: docker-compose.yml.j2
dest: /var/local/keycloak/docker-compose.yml
mode: 0644
owner: root
group: staff
- name: Start the container
docker_compose:
project_src: /var/local/keycloak

18
roles/install_keycloak/templates/docker-compose.yml.j2
View file

@ -1,18 +0,0 @@
# {{ ansible_managed }}
# version: "3.8"
services:
server:
image: jboss/keycloak
container_name: keycloak
restart: always
environment:
- USER_UID={{ getent_passwd["keycloak"].1 }}
- USER_GID={{ getent_passwd["keycloak"].2 }}
- "KEYCLOAK_USER=${USERNAME}"
- "KEYCLOAK_PASSWORD=${PASSWORD}"
volumes:
- ./certificates:/etc/x509/https
- /etc/localtime:/etc/localtime:ro
ports:
- "{{ keycloak_https_port }}:8443"

4
roles/install_keycloak/templates/dot_env.j2
View file

@ -1,4 +0,0 @@
# {{ ansible_managed }}
USERNAME={{ vault_admin_keycloak }}
PASSWORD={{ vault_mdp_admin_keycloak }}

3
roles/install_nginx/tasks/main.yml
View file

@ -4,9 +4,6 @@
update_cache: true update_cache: true
name: nginx name: nginx
state: latest state: latest
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Add wasm to mime type - name: Add wasm to mime type
lineinfile: lineinfile:

2
roles/matrix-bridge-discord

@ -1 +1 @@
Subproject commit 2358c022895b3ce2f2a08dea41580e4cf84d218f Subproject commit 3c96034b253012a07e10eb23c2bb2163effaf74e

2
roles/matrix-bridge-facebook

@ -1 +1 @@
Subproject commit 89fb99ebb7c35ec3c11ecd5e4fbb194817f9cae6 Subproject commit 950badac374e89e038e4076703b07068b2ba3e35

2
roles/matrix-bridge-instagram

@ -1 +1 @@
Subproject commit 70675bec04af6bf456857c30687c5e57fa5e812a Subproject commit 4166832cb237d08a6e697669be4df51f83d1e9e9

2
roles/matrix-bridge-signal

@ -1 +1 @@
Subproject commit b27360700e82dd14fc42de6bdffc3d80bf3fa975 Subproject commit cc98bfa0dbbf167bf40d54a85513516d7254abf5

2
roles/matrix-bridge-telegram

@ -1 +1 @@
Subproject commit c8e442e4a931acc2220e4406282925c2d4a48954 Subproject commit 79a1de19232417987652386aef575fb0910d0f81

82
roles/networking/tasks/main.yml
View file

@ -1,56 +1,4 @@
--- ---
- name: Install ifupdown2
apt:
name:
- ifupdown2
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
when: ansible_facts["lsb"]["id"] == "Debian"
- name: Install bridge-utils
apt:
name:
- bridge-utils
state: latest
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
when: (ansible_facts["lsb"]["id"] == "Debian") and
(lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
- name: Enable ipv4 forwarding
ansible.posix.sysctl:
name: net.ipv4.ip_forward
value: '1'
sysctl_set: true
when: ipv4_forwarding
- name: Enable ipv6 forwarding
ansible.posix.sysctl:
name: net.ipv6.conf.all.forwarding
value: '1'
sysctl_set: true
when: ipv6_forwarding
- name: Disable ipv4 forwarding
ansible.posix.sysctl:
name: net.ipv4.ip_forward
value: '0'
sysctl_set: true
when: not ipv4_forwarding
- name: Disable ipv6 forwarding
ansible.posix.sysctl:
name: net.ipv6.conf.all.forwarding
value: '0'
sysctl_set: true
when: not ipv6_forwarding
- name: Create interface config files - name: Create interface config files
ansible.builtin.template: ansible.builtin.template:
src: "debian_interfaces.j2" src: "debian_interfaces.j2"
@ -80,3 +28,33 @@
mode: '644' mode: '644'
notify: Apply netplan ubuntu notify: Apply netplan ubuntu
when: ansible_facts["lsb"]["id"] == "Ubuntu" when: ansible_facts["lsb"]["id"] == "Ubuntu"
#- name: Install ifupdown2
# apt:
# name:
# - ifupdown2
# state: latest
# update_cache: true
# when: ansible_facts["lsb"]["id"] == "Debian"
- name: Install bridge-utils
apt:
name:
- bridge-utils
state: latest
update_cache: true
when: (ansible_facts["lsb"]["id"] == "Debian") and
(lookup('dict', interfaces, wantlist=True) | selectattr('value.bridge', 'defined') | selectattr('value.bridge') | list)
- name: Set ipv4 forwarding
ansible.posix.sysctl:
name: net.ipv4.ip_forward
value: "{{ ipv4_forwarding | int | default(0) }}"
sysctl_set: true
- name: Set ipv6 forwarding
ansible.posix.sysctl:
name: net.ipv6.conf.all.forwarding
value: "{{ ipv6_forwarding | int | default(0) }}"
sysctl_set: true

2
roles/postgre

@ -1 +1 @@
Subproject commit e5ce16268f165be36d4f2f893caf47f9bdb6f332 Subproject commit f774bc096487cba7fec6ed9e196032e169cfbb4a

5
roles/prometheus-alert-manager/tasks/kassandra.yml
View file

@ -6,9 +6,6 @@
- python3.9-venv - python3.9-venv
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Create the kassandra user - name: Create the kassandra user
user: user:
@ -35,7 +32,7 @@
group: nogroup group: nogroup
mode: '0600' mode: '0600'
notify: Restart kassandra notify: Restart kassandra
no_log: true no_log: "{{ enable_no_log | default('true') }}"
- name: Copy the CA cert - name: Copy the CA cert
copy: copy:

3
roles/prometheus-alert-manager/tasks/main.yml
View file

@ -5,9 +5,6 @@
- prometheus-alertmanager - prometheus-alertmanager
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Setup the arguments for alertmanager - name: Setup the arguments for alertmanager
template: template:

5
roles/prometheus-blackbox-exporter/tasks/main.yml
View file

@ -5,9 +5,6 @@
- prometheus-blackbox-exporter - prometheus-blackbox-exporter
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Copy the CA cert - name: Copy the CA cert
copy: copy:
@ -42,7 +39,7 @@
group: prometheus group: prometheus
mode: '0640' mode: '0640'
notify: Restart blackbox-exporter notify: Restart blackbox-exporter
no_log: true no_log: "{{ enable_no_log | default('true') }}"
#- name: Copy the web-config folder #- name: Copy the web-config folder
# template: # template:

3
roles/prometheus-node-exporter/tasks/local_x509_collector.yml
View file

@ -5,9 +5,6 @@
- moreutils - moreutils
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Ensure /usr/share/prometheus-node-exporter exist - name: Ensure /usr/share/prometheus-node-exporter exist
file: file:

49
roles/prometheus-node-exporter/tasks/main.yml
View file

@ -1,27 +1,27 @@
--- ---
- name: Use a newer version of Node exporter for ubuntu 20.04 #- name: Use a newer version of Node exporter for ubuntu 20.04
block: # block:
- name: Set the default release # - name: Set the default release
lineinfile: # lineinfile:
path: /etc/apt/apt.conf.d/01-vendor-ubuntu # path: /etc/apt/apt.conf.d/01-vendor-ubuntu
regexp: '^APT::Default-Release ' # regexp: '^APT::Default-Release '
line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";" # line: "APT::Default-Release \"{{ ansible_facts['lsb']['codename'] }}\";"
- name: Pin node exporter # - name: Pin node exporter
copy: # copy:
dest: /etc/apt/preferences.d/pin-prometheus-node-exporter # dest: /etc/apt/preferences.d/pin-prometheus-node-exporter
content: | # content: |
Package: prometheus-node-exporter # Package: prometheus-node-exporter
Pin: release n={{ ansible_facts['lsb']['codename'] }} # Pin: release n={{ ansible_facts['lsb']['codename'] }}
Pin-Priority: -10 # Pin-Priority: -10
Package: prometheus-node-exporter # Package: prometheus-node-exporter
Pin: release n=groovy # Pin: release n=groovy
Pin-Priority: 900 # Pin-Priority: 900
- name: Add the repo from groovy # - name: Add the repo from groovy
apt_repository: # apt_repository:
repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe # repo: deb http://fr.archive.ubuntu.com/ubuntu groovy universe
state: present # state: present
when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal' # when: ansible_facts['lsb']['id'] == 'Ubuntu' and ansible_facts['lsb']['codename'] == 'focal'
- name: Install Prometheus Node exporter - name: Install Prometheus Node exporter
apt: apt:
@ -31,9 +31,6 @@
state: latest state: latest
update_cache: true update_cache: true
install_recommends: false # Do not install smartmontools install_recommends: false # Do not install smartmontools
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Install the local_x509 exporter - name: Install the local_x509 exporter
@ -115,7 +112,7 @@
- name: Put the new target list - name: Put the new target list
copy: copy:
content: "{{ new_server_node_target | to_nice_json }}" content: "{{ new_server_node_target | to_nice_json }}"
dest: /etc/prometheus/node-targets.json dest: /etc/prometheus/targets/node-targets.json
delegate_to: "{{ appointed_prometheus_server }}" delegate_to: "{{ appointed_prometheus_server }}"
when: (lan_address + '|' + ansible_facts['nodename']) not in server_node_target.0.targets when: (lan_address + '|' + ansible_facts['nodename']) not in server_node_target.0.targets

5
roles/prometheus/tasks/main.yml
View file

@ -6,9 +6,6 @@
- prometheus-pushgateway - prometheus-pushgateway
state: latest state: latest
update_cache: true update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Ensure the alert folder exist - name: Ensure the alert folder exist
file: file:
@ -59,7 +56,7 @@
group: prometheus group: prometheus
mode: '0640' mode: '0640'
notify: Restart prometheus notify: Restart prometheus
no_log: true no_log: "{{ enable_no_log | default('true') }}"
- name: Add node targets file - name: Add node targets file
template: template:

5
roles/reverse_proxy_http/tasks/main.yml
View file

@ -6,9 +6,6 @@
- certbot - certbot
- python3-certbot-nginx - python3-certbot-nginx
state: latest state: latest
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Ensure the cert directory exists - name: Ensure the cert directory exists
file: file:
@ -38,7 +35,7 @@
loop: "{{ reverse_proxy_sites }}" loop: "{{ reverse_proxy_sites }}"
- name: Generate Certificate for Domains - name: Generate Certificate for Domains
shell: certbot certonly --standalone -d {{ item.from }} -m {{ vault_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" shell: certbot certonly --standalone -d {{ item.from }} -m {{ certificate_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
args: args:
creates: "/etc/letsencrypt/live/{{ item.from }}/cert.pem" creates: "/etc/letsencrypt/live/{{ item.from }}/cert.pem"
loop: "{{ reverse_proxy_sites }}" loop: "{{ reverse_proxy_sites }}"

2
roles/reverse_proxy_stream/meta/main.yml
View file

@ -1,2 +0,0 @@
dependencies:
- role: install_nginx

34
roles/reverse_proxy_stream/tasks/main.yml
View file

@ -1,34 +0,0 @@
---
- name: Ensure the stream proxy conf available directory exists
file:
path: /etc/nginx/stream-available
state: directory
- name: Ensure the stream proxy conf enabled directory exists
file:
path: /etc/nginx/stream-enabled
state: directory
- name: Include the stream proxy configuration files
blockinfile:
path: /etc/nginx/nginx.conf
block: |
stream {
include /etc/nginx/stream-enabled/*;
}
- name: Copy reverse proxy stream
template:
src: "nginx/stream-available/reverse_proxy"
dest: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}"
loop: "{{ reverse_proxy_stream }}"
- name: Activate stream
file:
src: "/etc/nginx/stream-available/stream_{{ item.type }}_{{ item.from_port }}"
dest: "/etc/nginx/stream-enabled/stream_{{ item.type }}_{{ item.from_port }}"
state: link
force: yes
loop: "{{ reverse_proxy_stream }}"
notify: Reload nginx

Some files were not shown because too many files have changed in this diff Show more