mash-playbook/templates/setup.yml

472 lines
12 KiB
YAML
Raw Normal View History

2023-03-15 10:58:12 +02:00
- name: "Set up a self-hosted server"
hosts: "{{ target if target is defined else 'mash_servers' }}"
become: true
roles:
# role-specific:playbook_help
- role: galaxy/playbook_help
tags:
- setup-all
- install-all
# /role-specific:playbook_help
2023-03-15 10:58:12 +02:00
# No role-specific checks here. Local roles are always installed.
- role: mash/playbook_base
- role: mash/playbook_migration
# role-specific:systemd_docker_base
2023-03-15 10:58:12 +02:00
# This role has no tasks at all
- role: galaxy/systemd_docker_base
# /role-specific:systemd_docker_base
2023-03-15 10:58:12 +02:00
# role-specific:docker
2023-03-15 10:58:12 +02:00
- when: mash_playbook_docker_installation_enabled | bool
role: galaxy/docker
2023-03-15 10:58:12 +02:00
vars:
docker_install_compose: false
docker_install_compose_plugin: false
2023-03-15 10:58:12 +02:00
tags:
- setup-docker
- setup-all
- install-docker
- install-all
# /role-specific:docker
2023-03-15 10:58:12 +02:00
# role-specific:docker_sdk_for_python
2023-03-15 10:58:12 +02:00
- when: devture_docker_sdk_for_python_installation_enabled | bool
role: galaxy/docker_sdk_for_python
2023-03-15 10:58:12 +02:00
tags:
- setup-docker
- setup-all
- install-docker
- install-all
# /role-specific:docker_sdk_for_python
2023-03-15 10:58:12 +02:00
# role-specific:timesync
2023-03-15 10:58:12 +02:00
- when: devture_timesync_installation_enabled | bool
role: galaxy/timesync
2023-03-15 10:58:12 +02:00
tags:
- setup-timesync
- setup-all
- install-timesync
- install-all
# /role-specific:timesync
2023-03-15 10:58:12 +02:00
# role-specific:swap
2023-03-18 13:24:46 +02:00
- role: galaxy/swap
# /role-specific:swap
2023-03-18 13:24:46 +02:00
2023-12-09 18:58:15 +02:00
# role-specific:cleanup
- role: galaxy/cleanup
# /role-specific:cleanup
# role-specific:ssh
- when: system_security_ssh_enabled | bool
role: galaxy/ssh
# /role-specific:ssh
2023-03-18 21:50:27 +02:00
# role-specific:fail2ban
- when: system_security_fail2ban_enabled | bool
role: galaxy/fail2ban
# /role-specific:fail2ban
2023-03-18 22:04:44 +02:00
# role-specific:postgres
2023-03-15 10:58:12 +02:00
# This role exposes various tags (setup-postgres, setup-all, upgrade-postgres, import-postgres, etc.), so we don't tag it here.
- role: galaxy/postgres
# /role-specific:postgres
2023-03-15 10:58:12 +02:00
# role-specific:postgres_backup
- role: galaxy/postgres_backup
# /role-specific:postgres_backup
2023-03-17 16:40:08 +02:00
# role-specific:mongodb
2023-06-02 17:25:58 +03:00
- role: galaxy/mongodb
# /role-specific:mongodb
2023-06-02 17:25:58 +03:00
# role-specific:container_socket_proxy
- role: galaxy/container_socket_proxy
# /role-specific:container_socket_proxy
2023-03-15 10:58:12 +02:00
# role-specific:traefik
- role: galaxy/traefik
# /role-specific:traefik
2023-03-15 10:58:12 +02:00
# role-specific:adguard_home
2023-03-24 18:01:21 +02:00
- role: galaxy/adguard_home
# /role-specific:adguard_home
2023-03-24 18:01:21 +02:00
# role-specific:appsmith
2023-04-17 09:42:47 +03:00
- role: galaxy/appsmith
# /role-specific:appsmith
2023-04-17 09:42:47 +03:00
2024-01-23 15:08:31 +02:00
# role-specific:apisix_dashboard
- role: galaxy/apisix_dashboard
# /role-specific:apisix_dashboard
2024-01-23 14:57:19 +02:00
# role-specific:apisix_gateway
- role: galaxy/apisix_gateway
# /role-specific:apisix_gateway
# role-specific:authelia
2023-09-12 13:26:38 +03:00
- role: galaxy/authelia
# /role-specific:authelia
2023-09-12 13:26:38 +03:00
# role-specific:authentik
2023-04-19 12:29:15 +02:00
- role: galaxy/authentik
# /role-specific:authentik
2023-04-19 12:29:15 +02:00
# role-specific:backup_borg
2023-05-01 09:12:29 +02:00
- role: galaxy/backup_borg
# /role-specific:backup_borg
2023-05-01 09:12:29 +02:00
# role-specific:changedetection
- role: galaxy/changedetection
# /role-specific:changedetection
# role-specific:wetty
- role: galaxy/wetty
# /role-specific:wetty
# role-specific:calibre-web
- role: galaxy/calibre-web
# /role-specific:calibre-web
# role-specific:clickhouse
2023-07-07 14:43:28 +03:00
- role: galaxy/clickhouse
# /role-specific:clickhouse
2023-07-07 14:43:28 +03:00
# role-specific:collabora_online
2023-03-17 14:25:31 +02:00
- role: galaxy/collabora_online
# /role-specific:collabora_online
2023-03-17 14:25:31 +02:00
2024-06-03 12:15:24 +02:00
# role-specific:couchdb
- role: galaxy/couchdb
# /role-specific:couchdb
# role-specific:docker_registry
2023-03-18 19:27:24 +02:00
- role: galaxy/docker_registry
# /role-specific:docker_registry
2024-03-07 00:03:16 +02:00
# role-specific:docker_registry_proxy
- role: galaxy/docker_registry_proxy
# /role-specific:docker_registry_proxy
# role-specific:docker_registry_browser
2023-03-19 09:14:12 +02:00
- role: galaxy/docker_registry_browser
# /role-specific:docker_registry_browser
# role-specific:docker_registry_purger
2023-03-19 10:04:10 +02:00
- role: galaxy/docker_registry_purger
# /role-specific:docker_registry_purger
2023-03-18 19:27:24 +02:00
# role-specific:echoip
- role: galaxy/echoip
# /role-specific:echoip
# role-specific:endlessh
- role: galaxy/endlessh
# /role-specific:endlessh
2024-01-23 14:28:36 +02:00
# role-specific:etcd
- role: galaxy/etcd
# /role-specific:etcd
2024-01-06 13:03:08 +02:00
# role-specific:exim_relay
- role: galaxy/exim_relay
# /role-specific:exim_relay
# role-specific:firezone
2023-03-24 09:58:39 +01:00
- role: galaxy/firezone
# /role-specific:firezone
2023-03-24 09:58:39 +01:00
# role-specific:focalboard
2023-03-20 08:40:15 +02:00
- role: galaxy/focalboard
# /role-specific:focalboard
2023-03-20 08:40:15 +02:00
# role-specific:freshrss
- role: galaxy/freshrss
# /role-specific:freshrss
# role-specific:funkwhale
2023-04-02 19:13:35 +02:00
- role: galaxy/funkwhale
# /role-specific:funkwhale
2023-04-02 18:19:58 +02:00
# role-specific:gitea
2023-03-16 18:26:06 +02:00
- role: galaxy/gitea
# /role-specific:gitea
2023-03-16 18:26:06 +02:00
# role-specific:gotosocial
2023-03-24 13:11:13 +01:00
- role: galaxy/gotosocial
# /role-specific:gotosocial
2023-03-24 13:11:13 +01:00
# role-specific:grafana
2023-03-20 19:14:45 +02:00
- role: galaxy/grafana
# /role-specific:grafana
2023-03-20 19:14:45 +02:00
# role-specific:mariadb
2023-04-10 13:44:48 +03:00
- role: galaxy/mariadb
# /role-specific:mariadb
2023-04-10 13:44:48 +03:00
2024-09-23 19:19:42 +03:00
# role-specific:freescout
- role: galaxy/freescout
# /role-specific:freescout
# role-specific:miniflux
2023-03-15 10:58:12 +02:00
- role: galaxy/miniflux
# /role-specific:miniflux
2023-03-15 10:58:12 +02:00
# role-specific:mrs
2023-04-12 13:49:51 +03:00
- role: galaxy/mrs
# /role-specific:mrs
2023-04-12 13:49:51 +03:00
# role-specific:n8n
2023-07-19 12:08:59 +02:00
- role: galaxy/n8n
# /role-specific:n8n
2023-07-19 12:08:59 +02:00
# role-specific:healthchecks
2023-04-11 17:39:02 +03:00
- role: galaxy/healthchecks
# /role-specific:healthchecks
2023-04-11 17:39:02 +03:00
# role-specific:infisical
2023-06-02 17:50:15 +03:00
- role: galaxy/infisical
# /role-specific:infisical
2023-06-02 17:50:15 +03:00
# role-specific:hubsite
- role: galaxy/hubsite
# /role-specific:hubsite
# role-specific:ilmo
2023-07-17 14:45:18 +02:00
- role: galaxy/ilmo
# /role-specific:ilmo
2023-07-17 14:45:18 +02:00
# role-specific:influxdb
2023-06-29 00:51:46 +02:00
- role: galaxy/influxdb
# /role-specific:influxdb
2023-06-29 00:51:46 +02:00
# role-specific:jitsi
2023-04-02 16:39:59 +03:00
- role: galaxy/jitsi
# /role-specific:jitsi
2023-04-02 16:39:59 +03:00
# role-specific:keycloak
2023-04-02 16:39:59 +03:00
- role: galaxy/keycloak
# /role-specific:keycloak
2023-04-02 16:39:59 +03:00
2024-03-26 17:45:51 +02:00
# role-specific:keydb
- role: galaxy/keydb
# /role-specific:keydb
# role-specific:lago
- role: galaxy/lago
# /role-specific:lago
2023-04-14 08:58:46 +03:00
# role-specific:languagetool
- role: galaxy/languagetool
# /role-specific:languagetool
# role-specific:linkding
2023-07-20 22:29:50 +02:00
- role: galaxy/linkding
# /role-specific:linkding
2023-07-20 22:29:50 +02:00
# role-specific:loki
- role: galaxy/loki
# /role-specific:loki
# role-specific:mobilizon
2023-04-05 17:01:58 +02:00
- role: galaxy/mobilizon
# /role-specific:mobilizon
2023-04-05 17:01:58 +02:00
# role-specific:mosquitto
2023-07-03 13:10:38 +02:00
- role: galaxy/mosquitto
# /role-specific:mosquitto
2023-07-03 13:10:38 +02:00
# role-specific:navidrome
2023-03-29 11:42:39 +03:00
- role: galaxy/navidrome
# /role-specific:navidrome
2023-03-29 11:42:39 +03:00
2024-06-25 17:29:48 +02:00
# role-specific:neko
- role: galaxy/neko
# /role-specific:neko
# role-specific:netbox
- role: galaxy/netbox
# /role-specific:netbox
# role-specific:nextcloud
2023-03-17 11:39:04 +02:00
- role: galaxy/nextcloud
# /role-specific:nextcloud
2023-03-17 11:39:04 +02:00
2024-06-03 21:57:30 +02:00
# role-specific:notfellchen
- role: galaxy/notfellchen
# /role-specific:notfellchen
2024-04-23 11:49:55 +03:00
# role-specific:oauth2_proxy
- role: galaxy/oauth2_proxy
# /role-specific:oauth2_proxy
# role-specific:owncast
2023-03-29 13:13:17 +02:00
- role: galaxy/owncast
# /role-specific:owncast
2023-03-29 13:13:17 +02:00
# role-specific:outline
2023-09-19 11:15:33 +03:00
- role: galaxy/outline
# /role-specific:outline
2023-09-19 11:15:33 +03:00
# role-specific:oxitraffic
2023-11-08 11:55:32 +01:00
- role: galaxy/oxitraffic
# /role-specific:oxitraffic
2023-11-08 11:55:32 +01:00
2024-04-27 08:27:28 +02:00
# role-specific:paperless
- role: galaxy/paperless
# /role-specific:paperless
# role-specific:peertube
2023-03-17 15:48:15 +02:00
- role: galaxy/peertube
# /role-specific:peertube
2023-03-17 15:43:45 +02:00
2024-06-08 21:49:57 +03:00
# role-specific:plausible
- role: galaxy/plausible
# /role-specific:plausible
# role-specific:postgis
2023-04-05 17:01:58 +02:00
- role: galaxy/postgis
# /role-specific:postgis
2023-04-05 17:01:58 +02:00
# role-specific:prometheus
2023-03-20 17:54:01 +02:00
- role: galaxy/prometheus
# /role-specific:prometheus
# role-specific:prometheus_node_exporter
2023-03-18 00:13:30 +02:00
- role: galaxy/prometheus_node_exporter
# /role-specific:prometheus_node_exporter
# role-specific:prometheus_blackbox_exporter
2023-03-20 17:54:01 +02:00
- role: galaxy/prometheus_blackbox_exporter
# /role-specific:prometheus_blackbox_exporter
# role-specific:prometheus_postgres_exporter
2023-05-17 10:32:47 +02:00
- role: galaxy/prometheus_postgres_exporter
# /role-specific:prometheus_postgres_exporter
# role-specific:prometheus_ssh_exporter
2023-09-05 23:44:04 +03:00
- role: galaxy/prometheus_ssh_exporter
# /role-specific:prometheus_ssh_exporter
2023-03-18 00:13:30 +02:00
# role-specific:promtail
- role: galaxy/promtail
# /role-specific:promtail
# role-specific:radicale
2023-03-15 10:58:12 +02:00
- role: galaxy/radicale
# /role-specific:radicale
# role-specific:readeck
- role: galaxy/readeck
# /role-specific:readeck
2023-03-15 10:58:12 +02:00
# role-specific:redmine
2023-03-17 23:27:52 +02:00
- role: galaxy/redmine
# /role-specific:redmine
2023-03-17 23:27:52 +02:00
# role-specific:redis
2023-03-17 15:43:45 +02:00
- role: galaxy/redis
# /role-specific:redis
2023-03-17 15:43:45 +02:00
# role-specific:rumqttd
2023-06-28 22:41:48 +02:00
- role: galaxy/rumqttd
# /role-specific:rumqttd
2023-06-28 22:41:48 +02:00
# role-specific:semaphore
- role: galaxy/semaphore
# /role-specific:semaphore
# role-specific:soft_serve
2023-03-28 16:02:22 +03:00
- role: galaxy/soft_serve
# /role-specific:soft_serve
2023-03-28 16:02:22 +03:00
# role-specific:stirling_pdf
- role: galaxy/stirling_pdf
# /role-specific:stirling_pdf
# role-specific:syncthing
2023-03-23 11:32:59 +02:00
- role: galaxy/syncthing
# /role-specific:syncthing
2023-03-23 11:32:59 +02:00
# role-specific:tandoor
- role: galaxy/tandoor
# /role-specific:tandoor
# role-specific:telegraf
2023-06-29 10:46:34 +02:00
- role: galaxy/telegraf
# /role-specific:telegraf
2023-06-29 10:46:34 +02:00
# role-specific:vaultwarden
- role: galaxy/vaultwarden
# /role-specific:vaultwarden
# role-specific:uptime_kuma
2023-03-15 10:58:12 +02:00
- role: galaxy/uptime_kuma
# /role-specific:uptime_kuma
2023-03-15 10:58:12 +02:00
# role-specific:wg_easy
2023-04-29 09:30:26 +03:00
- role: galaxy/wg_easy
# /role-specific:wg_easy
2023-04-29 09:30:26 +03:00
# role-specific:forgejo
- role: galaxy/forgejo
# /role-specific:forgejo
# role-specific:forgejo_runner
- role: galaxy/forgejo_runner
# /role-specific:forgejo_runner
# role-specific:woodpecker_ci_server
- role: galaxy/woodpecker_ci_server
# /role-specific:woodpecker_ci_server
# role-specific:versatiles
- role: galaxy/versatiles
# /role-specific:versatiles
# role-specific:woodpecker_ci_agent
- role: galaxy/woodpecker_ci_agent
# /role-specific:woodpecker_ci_agent
2023-03-16 18:26:06 +02:00
# role-specific:wordpress
- role: galaxy/wordpress
# /role-specific:wordpress
# role-specific:writefreely
- role: galaxy/writefreely
# /role-specific:writefreely
# role-specific:roundcube
- role: galaxy/roundcube
# /role-specific:roundcube
# role-specific:auxiliary
- role: galaxy/auxiliary
# /role-specific:auxiliary
2023-03-20 11:03:59 +02:00
# role-specific:matterbridge
- role: galaxy/matterbridge
# /role-specific:matterbridge
# role-specific:systemd_service_manager
2023-03-15 10:58:12 +02:00
- when: devture_systemd_service_manager_enabled | bool
role: galaxy/systemd_service_manager
# /role-specific:systemd_service_manager
2023-03-15 10:58:12 +02:00
# role-specific:playbook_state_preserver
2023-03-15 10:58:12 +02:00
# This is pretty much last, because we want it to better serve as a "last known good configuration".
# See: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2217#issuecomment-1301487601
- when: devture_playbook_state_preserver_enabled | bool
role: galaxy/playbook_state_preserver
2023-03-15 10:58:12 +02:00
tags:
- setup-all
- install-all
# /role-specific:playbook_state_preserver
2023-03-15 10:58:12 +02:00
# role-specific:playbook_runtime_messages
- role: galaxy/playbook_runtime_messages
# /role-specific:playbook_runtime_messages