Digitalboard/reference-ansible
6
1
Fork 0
Code Pull requests Activity Actions

Compare commits

base: Digitalboard:dde5a246aedfeddcd1f2b66d9c34ca981c708b98
Branches Tags
Digitalboard:main
Digitalboard:feature/hpb;signaling;turn
Digitalboard:feature/bookstack
Digitalboard:chore/demo-gymburgdorf-wip
..
compare: Digitalboard:56bff066f794ae7173f67dcb78d2bad5beef867f
Branches Tags
Digitalboard:main
Digitalboard:feature/hpb;signaling;turn
Digitalboard:feature/bookstack
Digitalboard:chore/demo-gymburgdorf-wip

No commits in common. "dde5a246aedfeddcd1f2b66d9c34ca981c708b98" and "56bff066f794ae7173f67dcb78d2bad5beef867f" have entirely different histories.
dde5a246ae ... 56bff066f7

4 changed files with 53 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

11
inventories/vagrant/host_vars/backend/homarr.yml
View file

@ -1,11 +0,0 @@
homarr_domain: "home.local.test"
homarr_secret_dir: "{{ playbook_dir }}/secrets/{{ inventory_hostname }}"
homarr_secret_file: "homarr_secret_encryption_key"
homarr_secret_length: 64
homarr_secret_encryption_key: >-
{{ lookup('ansible.builtin.password',
homarr_secret_dir ~ '/' ~ homarr_secret_file,
length=homarr_secret_length,
chars='hexdigits') }}

10
inventories/vagrant/host_vars/backend/traefik.yml
View file

@ -16,7 +16,7 @@ traefik_dmz_exposed_services:
domain: nextcloud.local.test
port: 443
protocol: https
- name: nextcloud-collabora
- name: collabora
domain: office.local.test
port: 443
protocol: https
@ -24,8 +24,12 @@ traefik_dmz_exposed_services:
domain: authentik.local.test
port: 443
protocol: https
- name: homarr
domain: home.local.test
- name: opencloud
domain: opencloud.local.test
port: 443
protocol: https
- name: drawio
domain: drawio.local.test
port: 443
protocol: https
# Example: Add more services as you deploy them

18
inventories/vagrant/hosts.yml
View file

@ -49,10 +49,18 @@ all:
hosts:
backend:
ds389_servers:
hosts:
backend:
authentik_servers:
hosts:
backend:
authentik_outpost_ldap_servers:
hosts:
backend:
garage_servers:
hosts:
backend:
@ -61,6 +69,14 @@ all:
hosts:
backend:
homarr_servers:
collabora_servers:
hosts:
backend:
drawio_servers:
hosts:
backend:
opencloud_servers:
hosts:
backend:

40
playbooks/site.yml
View file

@ -5,8 +5,8 @@
roles:
- digitalboard.core.base
- name: Configure reverse proxy on application servers
hosts: traefik_servers_backend
- name: Configure reverse proxies
hosts: traefik_servers
become: yes
roles:
- digitalboard.core.traefik
@ -17,6 +17,12 @@
roles:
- digitalboard.core.httpbin
- name: Deploy 389ds LDAP service
hosts: ds389_servers
become: yes
roles:
- digitalboard.core.389ds
- name: Deploy keycloak service
hosts: keycloak_servers
become: yes
@ -29,11 +35,11 @@
roles:
- digitalboard.core.garage
- name: Deploy nextcloud service
hosts: nextcloud_servers
- name: Deploy collabora service
hosts: collabora_servers
become: yes
roles:
- digitalboard.core.nextcloud
- digitalboard.core.collabora
- name: Deploy authentik service
hosts: authentik_servers
@ -41,14 +47,26 @@
roles:
- digitalboard.core.authentik
- name: Deploy homarr service
hosts: homarr_servers
- name: Deploy authentik LDAP outpost
hosts: authentik_outpost_ldap_servers
become: yes
roles:
- digitalboard.core.homarr
- digitalboard.core.authentik_outpost_ldap
- name: Configure reverse proxy on DMZ servers
hosts: traefik_servers_dmz
- name: Deploy nextcloud service
hosts: nextcloud_servers
become: yes
roles:
- digitalboard.core.traefik
- digitalboard.core.nextcloud
- name: Deploy drawio service
hosts: drawio_servers
become: yes
roles:
- digitalboard.core.drawio
- name: Deploy opencloud service
hosts: opencloud_servers
become: yes
roles:
- digitalboard.core.opencloud