From 9e3069277d073622d66d7240c28c80d7e4b94e5a Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:40:07 +0200 Subject: [PATCH 1/8] format justfile, safely integrate agru --- justfile | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/justfile b/justfile index e4b69d7..5598216 100644 --- a/justfile +++ b/justfile @@ -1,44 +1,50 @@ # Shows help default: - @just --list --justfile {{ justfile() }} + @just --list --justfile {{ justfile() }} # Pulls external Ansible roles roles: - rm -rf roles/galaxy - ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force + #!/usr/bin/env bash + set -euo pipefail + if [ -x "$(command -v agru)" ]; then + agru + else + rm -rf roles/galaxy + ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force + fi # Runs ansible-lint against all roles in the playbook lint: - ansible-lint + ansible-lint # Runs the playbook with --tags=install-all,start and optional arguments install-all *extra_args: (run-tags "install-all,start" extra_args) # Runs installation tasks for a single service install-service service *extra_args: - just --justfile {{ justfile() }} run --tags=install-{{ service }},start-group --extra-vars=group={{ service }} {{ extra_args }} + just --justfile {{ justfile() }} run --tags=install-{{ service }},start-group --extra-vars=group={{ service }} {{ extra_args }} # Runs the playbook with --tags=setup-all,start and optional arguments setup-all *extra_args: (run-tags "setup-all,start" extra_args) # Runs the playbook with the given list of arguments run +extra_args: - time ansible-playbook -i inventory/hosts setup.yml {{ extra_args }} + time ansible-playbook -i inventory/hosts setup.yml {{ extra_args }} # Runs the playbook with the given list of comma-separated tags and optional arguments run-tags tags *extra_args: - just --justfile {{ justfile() }} run --tags={{ tags }} {{ extra_args }} + just --justfile {{ justfile() }} run --tags={{ tags }} {{ extra_args }} # Starts all services start-all *extra_args: (run-tags "start-all" extra_args) # Starts a specific service group start-group group *extra_args: - @just --justfile {{ justfile() }} run-tags start-group --extra-vars="group={{ group }}" {{ extra_args }} + @just --justfile {{ justfile() }} run-tags start-group --extra-vars="group={{ group }}" {{ extra_args }} # Stops all services stop-all *extra_args: (run-tags "stop-all" extra_args) # Stops a specific service group stop-group group *extra_args: - @just --justfile {{ justfile() }} run-tags stop-group --extra-vars="group={{ group }}" {{ extra_args }} + @just --justfile {{ justfile() }} run-tags stop-group --extra-vars="group={{ group }}" {{ extra_args }} From f8202aeb05dc31ddf62b152c641d4965ea0d7759 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:41:54 +0200 Subject: [PATCH 2/8] add just update --- justfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/justfile b/justfile index 5598216..4d96b55 100644 --- a/justfile +++ b/justfile @@ -13,6 +13,10 @@ roles: ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force fi +# Updates requirements.yml if there are any new tags available. Requires agru +update: + @agru -u + # Runs ansible-lint against all roles in the playbook lint: ansible-lint From 28a1bbe55a57f73ff73a13279d215b0fe38f9b4c Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:48:33 +0200 Subject: [PATCH 3/8] fix urls to avoid redirects --- requirements.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.yml b/requirements.yml index 7ee6e6a..d9dfc92 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,13 +4,13 @@ name: geerlingguy.docker version: 6.1.0 -- src: git+https://gitlab.com/etke.cc/roles/swap +- src: git+https://gitlab.com/etke.cc/roles/swap.git version: 843a0222b76a5ec361b35f31bf4dc872b6d7d54e -- src: git+https://gitlab.com/etke.cc/roles/ssh +- src: git+https://gitlab.com/etke.cc/roles/ssh.git version: 237adf859f9270db8a60e720bc4a58164806644e -- src: git+https://gitlab.com/etke.cc/roles/fail2ban +- src: git+https://gitlab.com/etke.cc/roles/fail2ban.git version: 09886730e8d3c061f22d1da4a542899063f97f0a - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git From ed613b386d5285f1606ad9dd512a6f9429a487e9 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:49:21 +0200 Subject: [PATCH 4/8] format requirements.yml using agru --- requirements.yml | 73 +++++++++++------------------------------------- 1 file changed, 16 insertions(+), 57 deletions(-) diff --git a/requirements.yml b/requirements.yml index d9dfc92..70f5cef 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,137 +1,96 @@ ---- - - src: git+https://github.com/geerlingguy/ansible-role-docker - name: geerlingguy.docker version: 6.1.0 - + name: geerlingguy.docker - src: git+https://gitlab.com/etke.cc/roles/swap.git version: 843a0222b76a5ec361b35f31bf4dc872b6d7d54e - - src: git+https://gitlab.com/etke.cc/roles/ssh.git version: 237adf859f9270db8a60e720bc4a58164806644e - - src: git+https://gitlab.com/etke.cc/roles/fail2ban.git version: 09886730e8d3c061f22d1da4a542899063f97f0a - - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git version: 129c8590e106b83e6f4c259649a613c6279e937a - - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git version: c1f40e82b4d6b072b6f0e885239322bdaaaf554f - - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git version: 327d2e17f5189ac2480d6012f58cf64a2b46efba - - src: git+https://github.com/devture/com.devture.ansible.role.timesync.git version: 3d5bb2976815958cdce3f368fa34fb51554f899b - - src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16 - - src: git+https://github.com/devture/com.devture.ansible.role.postgres.git version: 38764398bf82b06a1736c3bfedc71dfd229e4b52 - - src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git version: 8e9ec48a09284c84704d7a2dce17da35f181574d - - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.1.1-1 - - src: git+https://github.com/devture/com.devture.ansible.role.traefik.git version: v2.9.9-0 - - src: git+https://github.com/devture/com.devture.ansible.role.systemd_service_manager.git version: 6ccb88ac5fc27e1e70afcd48278ade4b564a9096 - - src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git version: 9b4b088c62b528b73a9a7c93d3109b091dd42ec6 - - src: git+https://github.com/devture/com.devture.ansible.role.woodpecker_ci_server.git version: v0.15.7-2 - - src: git+https://github.com/devture/com.devture.ansible.role.woodpecker_ci_agent.git version: v0.15.7-1 - - src: git+https://gitlab.com/etke.cc/roles/miniflux.git version: v2.0.43-2 - - src: git+https://gitlab.com/etke.cc/roles/grafana.git version: v9.4.7-0 - - src: git+https://gitlab.com/etke.cc/roles/radicale.git version: v3.1.8.1-2 - - src: git+https://gitlab.com/etke.cc/roles/uptime_kuma.git version: v1.21.0-0 - - src: git+https://gitlab.com/etke.cc/roles/redis.git version: v7.0.10-0 - - src: git+https://gitlab.com/etke.cc/roles/prometheus_node_exporter.git version: v1.5.0-7 - - src: git+https://gitlab.com/etke.cc/roles/prometheus_blackbox_exporter.git version: v0.23.0-3 - - src: git+https://gitlab.com/etke.cc/roles/redmine.git version: v5.0.5-1 - - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-adguard-home.git - name: adguard_home version: v0.107.26-0 - + name: adguard_home - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git + version: v1.0.0-0 name: aux - version: v1.0.0-0 - - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-collabora-online.git - name: collabora_online version: v22.05.12.1.1-0 - + name: collabora_online - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry.git - name: docker_registry version: v2.8.1-1 - + name: docker_registry - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry-browser.git - name: docker_registry_browser version: v1.6.0-0 - + name: docker_registry_browser - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry-purger.git - name: docker_registry_purger version: v1.0.0-0 - + name: docker_registry_purger - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-focalboard.git - name: focalboard version: v7.8.0-0 - + name: focalboard - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gitea.git - name: gitea version: v1.19.0-0 - + name: gitea - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-nextcloud.git - name: nextcloud version: v26.0.0-0 - + name: nextcloud - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-peertube.git - name: peertube version: v5.1.0-0 - + name: peertube - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git - name: prometheus version: v2.43.0-0 - + name: prometheus - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-syncthing.git - name: syncthing version: v1.23.2-0 - + name: syncthing - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-vaultwarden.git - name: vaultwarden version: v1.27.0-2 - + name: vaultwarden - src: git+https://github.com/moan0s/hubsite.git - name: hubsite version: da6fed398a9dd0761db941cb903b53277c341cc6 - + name: hubsite - src: git+https://github.com/moan0s/role-firezone.git - name: firezone version: ac8564d5e11a75107ba93aec6427b83be824c30a + name: firezone From b7d2bebd1392daf4f9dfe13a9886abbc0bb57dd2 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 16:15:08 +0200 Subject: [PATCH 5/8] just roles - replace bash with sh --- justfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/justfile b/justfile index 4d96b55..fd618e4 100644 --- a/justfile +++ b/justfile @@ -4,7 +4,7 @@ default: # Pulls external Ansible roles roles: - #!/usr/bin/env bash + #!/usr/bin/env sh set -euo pipefail if [ -x "$(command -v agru)" ]; then agru From 0a27d99b1ae81006f82385fa20df80509e27e7c4 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 16:50:46 +0200 Subject: [PATCH 6/8] justfile - fix formatting --- justfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/justfile b/justfile index fd618e4..bf4b02c 100644 --- a/justfile +++ b/justfile @@ -15,7 +15,7 @@ roles: # Updates requirements.yml if there are any new tags available. Requires agru update: - @agru -u + @agru -u # Runs ansible-lint against all roles in the playbook lint: From e87caadc2ad74430f26d4da142e1b3d7e6abb34c Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 18:57:31 +0200 Subject: [PATCH 7/8] update swap role --- docs/services/system.md | 7 +------ requirements.yml | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/docs/services/system.md b/docs/services/system.md index 430f3e5..d8bb491 100644 --- a/docs/services/system.md +++ b/docs/services/system.md @@ -25,12 +25,7 @@ system_swap_enabled: true A swap file will be created in `/var/swap` (configured using the `system_swap_path` variable) and enabled in your `/etc/fstab` file. -By default, the swap file will have the following size: - -- on systems with `<= 2GB` of RAM, swap file size = `total RAM * 2` -- on systems with `> 2GB` of RAM, swap file size = `1GB` - -To avoid these calculations and set your own size explicitly, set the `system_swap_size` variable in megabytes, example (4gb): +By default, the swap file will have `1GB` size, but you can set the `system_swap_size` variable in megabytes, example (4gb): ```yaml system_swap_size: 4096 diff --git a/requirements.yml b/requirements.yml index 70f5cef..462d24e 100644 --- a/requirements.yml +++ b/requirements.yml @@ -2,7 +2,7 @@ version: 6.1.0 name: geerlingguy.docker - src: git+https://gitlab.com/etke.cc/roles/swap.git - version: 843a0222b76a5ec361b35f31bf4dc872b6d7d54e + version: abfb18b6862108bbf24347500446203170324d7f - src: git+https://gitlab.com/etke.cc/roles/ssh.git version: 237adf859f9270db8a60e720bc4a58164806644e - src: git+https://gitlab.com/etke.cc/roles/fail2ban.git From a6550d6004cf4dffa878c6d4aa49b60a21b8849a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 25 Mar 2023 19:18:41 +0200 Subject: [PATCH 8/8] Add some helpful AdGuard Home after-installation tips --- docs/services/adguard-home.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/services/adguard-home.md b/docs/services/adguard-home.md index db06e2b..2b87121 100644 --- a/docs/services/adguard-home.md +++ b/docs/services/adguard-home.md @@ -76,3 +76,10 @@ After installation, you can go to the AdGuard Home URL, as defined in `adguard_h As mentioned in the [URL](#url) section above, you may hit some annoyances when hosting under a subpath. The first time you visit the AdGuard Home pages, you'll go through a setup wizard **make sure to set the HTTP port to `3000`**. This is the in-container port that our Traefik setup expects and uses for serving the install wizard to begin with. If you go with the default (`80`), the web UI will stop working after the installation wizard completes. + +Things you should consider doing later: + +- increasing the per-client Rate Limit (from the default of `20`) in the **DNS server configuration** section in **Settings** -> **DNS Settings** +- enabling caching in the **DNS cache configuration** section in **Settings** -> **DNS Settings** +- adding additional blocklists by discovering them on [Firebog](https://firebog.net/) or other sources and importing them from **Filters** -> **DNS blocklists** +- reading the AdGuard Home [README](https://github.com/AdguardTeam/AdGuardHome/blob/master/README.md) and [Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki)