diff --git a/inventories/vagrant/host_vars/backend/homarr.yml b/inventories/vagrant/host_vars/backend/homarr.yml new file mode 100644 index 0000000..6244c57 --- /dev/null +++ b/inventories/vagrant/host_vars/backend/homarr.yml @@ -0,0 +1,11 @@ +homarr_domain: "home.local.test" + +homarr_secret_dir: "{{ playbook_dir }}/secrets/{{ inventory_hostname }}" +homarr_secret_file: "homarr_secret_encryption_key" +homarr_secret_length: 64 + +homarr_secret_encryption_key: >- + {{ lookup('ansible.builtin.password', + homarr_secret_dir ~ '/' ~ homarr_secret_file, + length=homarr_secret_length, + chars='hexdigits') }} diff --git a/inventories/vagrant/host_vars/backend/traefik.yml b/inventories/vagrant/host_vars/backend/traefik.yml index e123dc1..3e1e5b7 100644 --- a/inventories/vagrant/host_vars/backend/traefik.yml +++ b/inventories/vagrant/host_vars/backend/traefik.yml @@ -16,7 +16,7 @@ traefik_dmz_exposed_services: domain: nextcloud.local.test port: 443 protocol: https - - name: collabora + - name: nextcloud-collabora domain: office.local.test port: 443 protocol: https @@ -24,12 +24,8 @@ traefik_dmz_exposed_services: domain: authentik.local.test port: 443 protocol: https - - name: opencloud - domain: opencloud.local.test - port: 443 - protocol: https - - name: drawio - domain: drawio.local.test + - name: homarr + domain: home.local.test port: 443 protocol: https # Example: Add more services as you deploy them diff --git a/inventories/vagrant/hosts.yml b/inventories/vagrant/hosts.yml index 68c5f62..5f438b8 100644 --- a/inventories/vagrant/hosts.yml +++ b/inventories/vagrant/hosts.yml @@ -49,18 +49,10 @@ all: hosts: backend: - ds389_servers: - hosts: - backend: - authentik_servers: hosts: backend: - authentik_outpost_ldap_servers: - hosts: - backend: - garage_servers: hosts: backend: @@ -69,14 +61,6 @@ all: hosts: backend: - collabora_servers: - hosts: - backend: - - drawio_servers: - hosts: - backend: - - opencloud_servers: + homarr_servers: hosts: backend: \ No newline at end of file diff --git a/playbooks/site.yml b/playbooks/site.yml index db16227..8749439 100644 --- a/playbooks/site.yml +++ b/playbooks/site.yml @@ -5,8 +5,8 @@ roles: - digitalboard.core.base -- name: Configure reverse proxies - hosts: traefik_servers +- name: Configure reverse proxy on application servers + hosts: traefik_servers_backend become: yes roles: - digitalboard.core.traefik @@ -17,12 +17,6 @@ roles: - digitalboard.core.httpbin -- name: Deploy 389ds LDAP service - hosts: ds389_servers - become: yes - roles: - - digitalboard.core.389ds - - name: Deploy keycloak service hosts: keycloak_servers become: yes @@ -35,11 +29,11 @@ roles: - digitalboard.core.garage -- name: Deploy collabora service - hosts: collabora_servers +- name: Deploy nextcloud service + hosts: nextcloud_servers become: yes roles: - - digitalboard.core.collabora + - digitalboard.core.nextcloud - name: Deploy authentik service hosts: authentik_servers @@ -47,26 +41,14 @@ roles: - digitalboard.core.authentik -- name: Deploy authentik LDAP outpost - hosts: authentik_outpost_ldap_servers +- name: Deploy homarr service + hosts: homarr_servers become: yes roles: - - digitalboard.core.authentik_outpost_ldap + - digitalboard.core.homarr -- name: Deploy nextcloud service - hosts: nextcloud_servers +- name: Configure reverse proxy on DMZ servers + hosts: traefik_servers_dmz become: yes roles: - - digitalboard.core.nextcloud - -- name: Deploy drawio service - hosts: drawio_servers - become: yes - roles: - - digitalboard.core.drawio - -- name: Deploy opencloud service - hosts: opencloud_servers - become: yes - roles: - - digitalboard.core.opencloud \ No newline at end of file + - digitalboard.core.traefik