chore: Deploy Homarr Service

waaaay better readability

.gitignore

@@ -14,3 +14,37 @@
 /.idea/
 # Ansible
 /collections/ansible_collections/
+/.vagrant/bundler/global.sol
+/.vagrant/machines/backend/libvirt/action_provision
+/.vagrant/machines/backend/libvirt/box_meta
+/.vagrant/machines/backend/libvirt/created_networks
+/.vagrant/machines/backend/libvirt/creator_uid
+/.vagrant/machines/backend/libvirt/id
+/.vagrant/machines/backend/libvirt/index_uuid
+/.vagrant/machines/backend/libvirt/private_key
+/.vagrant/machines/backend/libvirt/synced_folders
+/.vagrant/machines/backend/libvirt/vagrant_cwd
+/.vagrant/machines/backend2/libvirt/action_provision
+/.vagrant/machines/backend2/libvirt/box_meta
+/.vagrant/machines/backend2/libvirt/created_networks
+/.vagrant/machines/backend2/libvirt/creator_uid
+/.vagrant/machines/backend2/libvirt/id
+/.vagrant/machines/backend2/libvirt/index_uuid
+/.vagrant/machines/backend2/libvirt/private_key
+/.vagrant/machines/backend2/libvirt/synced_folders
+/.vagrant/machines/backend2/libvirt/vagrant_cwd
+/.vagrant/machines/dmz/libvirt/logs/ssh-forwarding-*_8080-192.168.121.139_80.log
+/.vagrant/machines/dmz/libvirt/logs/ssh-forwarding-*_8443-192.168.121.139_443.log
+/.vagrant/machines/dmz/libvirt/pids/ssh_8080.pid
+/.vagrant/machines/dmz/libvirt/pids/ssh_8443.pid
+/.vagrant/machines/dmz/libvirt/action_provision
+/.vagrant/machines/dmz/libvirt/box_meta
+/.vagrant/machines/dmz/libvirt/created_networks
+/.vagrant/machines/dmz/libvirt/creator_uid
+/.vagrant/machines/dmz/libvirt/id
+/.vagrant/machines/dmz/libvirt/index_uuid
+/.vagrant/machines/dmz/libvirt/private_key
+/.vagrant/machines/dmz/libvirt/synced_folders
+/.vagrant/machines/dmz/libvirt/vagrant_cwd
+/.vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory
+/.vagrant/rgloader/loader.rb

inventories/vagrant/group_vars/traefik_servers_backend.yml

@@ -3,8 +3,8 @@
 # These use Docker provider for local service discovery
 
 traefik_mode: backend
-use_ssl: true
+traefik_use_ssl: true
-cert_mode: "selfsigned"
+traefik_cert_mode: "selfsigned"
-enable_dashboard: true
+traefik_enable_dashboard: true
-log_level: DEBUG
+traefik_log_level: DEBUG
 traefik_network: proxy

inventories/vagrant/group_vars/traefik_servers_dmz.yml

@@ -3,23 +3,23 @@
 # These are public-facing proxies that route traffic to backend servers
 
 traefik_mode: dmz
-use_ssl: true
+traefik_use_ssl: true
-cert_mode: "selfsigned"  # Use 'acme' for production
+traefik_cert_mode: "selfsigned"  # Use 'acme' for production
-enable_dashboard: true
+traefik_enable_dashboard: true
-dashboard_domain: "traefik.dmz.local.test"
+traefik_dashboard_domain: "traefik.dmz.local.test"
-log_level: DEBUG
+traefik_log_level: DEBUG
 traefik_network: proxy
 
 # Backend servers to proxy (if empty, proxies to all backend_servers)
 # This allows multiple DMZ proxies to handle different backend servers
-# backend_servers_to_proxy:
+# traefik_backend_servers_to_proxy:
 #   - backend1
 #   - backend2
 
-# ACME configuration (uncomment for production with cert_mode: acme)
+# ACME configuration (uncomment for production with traefik_cert_mode: acme)
-# ssl_email: "admin@example.com"
+# traefik_ssl_email: "admin@example.com"
-# ssl_cert_resolver: "dns"
+# traefik_ssl_cert_resolver: "dns"
-# acme_dns_zone: "digitalboard._acme.digitalboard.ch."
+# traefik_acme_dns_zone: "digitalboard._acme.digitalboard.ch."
-# acme_dns_nameserver: "192.168.1.1:53"
+# traefik_acme_dns_nameserver: "192.168.1.1:53"
-# acme_tsig_key: "your-tsig-key-name"
+# traefik_acme_tsig_key: "your-tsig-key-name"
-# acme_tsig_secret: "your-tsig-secret"
+# traefik_acme_tsig_secret: "your-tsig-secret"

inventories/vagrant/host_vars/backend/traefik.yml

@@ -1,5 +1,5 @@
 # Services to be exposed through the DMZ reverse proxy
-traefik_services:
+traefik_dmz_exposed_services:
   - name: httpbin
     domain: httpbin.local.test
     port: 443
@@ -39,7 +39,7 @@ traefik_services:
   #   port: 80
   #   protocol: http
 
-use_ssl: false # disable SSL redirect for vagrant
+traefik_use_ssl: false # disable SSL redirect for vagrant
 
-use_ssl_dashboard: true  # still use SSL for dashboard
+traefik_use_ssl_dashboard: true  # still use SSL for dashboard
-dashboard_domain: "traefik.backend.local.test"
+traefik_dashboard_domain: "traefik.backend.local.test"

inventories/vagrant/host_vars/backend2/traefik.yml

@@ -1,8 +1,8 @@
 # Services to be exposed through the DMZ reverse proxy
-traefik_services:
+traefik_dmz_exposed_services:
   - name: httpbin-srv2
     domain: "{{ httpbin_domain }}"
     port: 443
     protocol: https
 
-dashboard_domain: "traefik.backend2.local.test"
+traefik_dashboard_domain: "traefik.backend2.local.test"

inventories/vagrant/hosts.ini

@@ -1,48 +0,0 @@
-# This file defines the group structure for vagrant VMs
-# Fixed IPs are defined in the Vagrantfile
-# Additional host-specific variables should go in host_vars/
-# Group-specific variables should go in group_vars/
-
-[all_servers]
-dmz ansible_host=192.168.56.10 ansible_ssh_private_key_file=.vagrant/machines/dmz/libvirt/private_key ansible_user=vagrant
-backend ansible_host=192.168.56.11 ansible_ssh_private_key_file=.vagrant/machines/backend/libvirt/private_key ansible_user=vagrant
-backend2 ansible_host=192.168.56.12 ansible_ssh_private_key_file=.vagrant/machines/backend2/libvirt/private_key ansible_user=vagrant
-
-# Backend servers that host application services
-[backend_servers]
-backend
-backend2
-
-# Reverse proxy servers in DMZ (public-facing, file provider mode)
-[traefik_servers_dmz]
-dmz
-
-# Reverse proxy servers on backend (docker provider mode)
-[traefik_servers_backend]
-backend
-backend2
-
-# All reverse proxy servers
-[traefik_servers:children]
-traefik_servers_dmz
-traefik_servers_backend
-
-# Application servers
-[httpbin_servers]
-backend
-backend2
-
-[keycloak_servers]
-backend
-
-[authentik_servers]
-backend
-
-[garage_servers]
-backend
-
-[nextcloud_servers]
-backend
-
-[homarr_servers]
-backend

inventories/vagrant/hosts.yml

@@ -0,0 +1,66 @@
+---
+all:
+  children:
+    all_servers:
+      hosts:
+        dmz:
+          ansible_host: 192.168.56.10
+          ansible_ssh_private_key_file: .vagrant/machines/dmz/libvirt/private_key
+          ansible_user: vagrant
+        backend:
+          ansible_host: 192.168.56.11
+          ansible_ssh_private_key_file: .vagrant/machines/backend/libvirt/private_key
+          ansible_user: vagrant
+        backend2:
+          ansible_host: 192.168.56.12
+          ansible_ssh_private_key_file: .vagrant/machines/backend2/libvirt/private_key
+          ansible_user: vagrant
+
+    # Backend servers that host application services
+    backend_servers:
+      hosts:
+        backend:
+        backend2:
+
+    # Reverse proxy servers
+    traefik_servers:
+      children:
+        traefik_servers_dmz:
+        traefik_servers_backend:
+
+    # DMZ reverse proxy (public-facing, file provider mode)
+    traefik_servers_dmz:
+      hosts:
+        dmz:
+
+    # Backend reverse proxy (docker provider mode)
+    traefik_servers_backend:
+      hosts:
+        backend:
+        backend2:
+
+    # Application servers
+    httpbin_servers:
+      hosts:
+        backend:
+        backend2:
+
+    keycloak_servers:
+      hosts:
+        backend:
+
+    authentik_servers:
+      hosts:
+        backend:
+
+    garage_servers:
+      hosts:
+        backend:
+
+    nextcloud_servers:
+      hosts:
+        backend:
+
+    homarr_servers:
+      hosts:
+        backend: