From be759e25cd35b0d3a8e493babbfc5a9ec8f7cf5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Mar 2023 13:30:15 +0100 Subject: [PATCH 01/13] Add to husbite * Add prometheus, radicale, syncthing, woodpecker, focalboard, docker registry browser and adguard --- group_vars/mash_servers | 79 +++++++++++++++++++++++++++++++++++++++++ requirements.yml | 2 +- 2 files changed, 80 insertions(+), 1 deletion(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 3ceb85f..c813d53 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -1267,6 +1267,30 @@ hubsite_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResol # Services ########## +# Adguard home +hubsite_service_adguard_home_enabled: "{{ adguard_home_enabled }}" +hubsite_service_adguard_home_name: Adguard Home +hubsite_service_adguard_home_url: "https://{{ adguard_home_hostname }}{{ adguard_home_path_prefix }}" +hubsite_service_adguard_home_logo_location: "{{ role_path }}/assets/shield.png" +hubsite_service_adguard_home_description: "A DNS based adblocker" +hubsite_service_adguard_home_priority: 1000 + +# Docker Registry Browser +hubsite_service_docker_registry_browser_enabled: "{{ docker_registry_browser_enabled }}" +hubsite_service_docker_registry_browser_name: Docker Registry Browser +hubsite_service_docker_registry_browser_url: "https://{{ docker_registry_browser_hostname }}{{ docker_registry_browser_path_prefix }}" +hubsite_service_docker_registry_browser_logo_location: "{{ role_path }}/assets/docker.png" +hubsite_service_docker_registry_browser_description: "Browse docker images" +hubsite_service_docker_registry_browser_priority: 1000 + +# Focalboard +hubsite_service_focalboard_enabled: "{{ focalboard_enabled }}" +hubsite_service_focalboard_name: Focalboard +hubsite_service_focalboard_url: "https://{{ focalboard_hostname }}{{ focalboard_path_prefix }}" +hubsite_service_focalboard_logo_location: "{{ role_path }}/assets/focalboard.png" +hubsite_service_focalboard_description: "A git service" +hubsite_service_focalboard_priority: 1000 + # Gitea hubsite_service_gitea_enabled: "{{ gitea_enabled }}" hubsite_service_gitea_name: Gitea @@ -1275,6 +1299,15 @@ hubsite_service_gitea_logo_location: "{{ role_path }}/assets/gitea.png" hubsite_service_gitea_description: "A git service" hubsite_service_gitea_priority: 1000 +# Grafana +hubsite_service_grafana_enabled: "{{ grafana_enabled }}" +hubsite_service_grafana_name: Grafana +hubsite_service_grafana_url: "https://{{ grafana_hostname }}{{ grafana_path_prefix }}" +hubsite_service_grafana_logo_location: "{{ role_path }}/assets/grafana.png" +hubsite_service_grafana_description: "Check how your server is doing" +hubsite_service_grafana_priority: 1000 + + # Miniflux hubsite_service_miniflux_enabled: "{{ miniflux_enabled }}" hubsite_service_miniflux_name: Miniflux @@ -1299,6 +1332,30 @@ hubsite_service_peertube_logo_location: "{{ role_path }}/assets/peertube.png" hubsite_service_peertube_description: "Watch and upload videos" hubsite_service_peertube_priority: 1000 +# Prometheus +hubsite_service_prometheus_enabled: "{{ prometheus_enabled }}" +hubsite_service_prometheus_name: prometheus +hubsite_service_prometheus_url: "https://{{ prometheus_hostname }}{{ prometheus_path_prefix }}" +hubsite_service_prometheus_logo_location: "{{ role_path }}/assets/prometheus.png" +hubsite_service_prometheus_description: "Collect monitoring data" +hubsite_service_prometheus_priority: 1000 + +# Radicale +hubsite_service_radicale_enabled: "{{ radicale_enabled }}" +hubsite_service_radicale_name: Radicale +hubsite_service_radicale_url: "https://{{ radicale_hostname }}{{ radicale_path_prefix }}" +hubsite_service_radicale_logo_location: "{{ role_path }}/assets/radicale.png" +hubsite_service_radicale_description: "" +hubsite_service_radicale_priority: 1000 + +# Syncthing +hubsite_service_syncthing_enabled: "{{ syncthing_enabled }}" +hubsite_service_syncthing_name: Syncthing +hubsite_service_syncthing_url: "https://{{ syncthing_hostname }}{{ syncthing_path_prefix }}" +hubsite_service_syncthing_logo_location: "{{ role_path }}/assets/syncthing.png" +hubsite_service_syncthing_description: "" +hubsite_service_syncthing_priority: 1000 + # Uptime Kuma hubsite_service_uptime_kuma_enabled: "{{ uptime_kuma_enabled }}" hubsite_service_uptime_kuma_name: Uptime Kuma @@ -1316,19 +1373,41 @@ hubsite_service_vaultwarden_logo_location: "{{ role_path }}/assets/vaultwarden.p hubsite_service_vaultwarden_description: "Securely access your passwords" hubsite_service_vaultwarden_priority: 1000 +# Woodpecker CI +hubsite_service_woodpecker_ci_enabled: "{{ woodpecker_ci_enabled }}" +hubsite_service_woodpecker_ci_name: Woodpecker CI +hubsite_service_woodpecker_ci_url: "https://{{ woodpecker_ci_hostname }}{{ woodpecker_ci_path_prefix }}" +hubsite_service_woodpecker_ci_logo_location: "{{ role_path }}/assets/woodpecker.png" +hubsite_service_woodpecker_ci_description: "Securely access your passwords" +hubsite_service_woodpecker_ci_priority: 1000 + hubsite_service_list_auto: | {{ + ([{'name': hubsite_service_adguard_home_name, 'url': hubsite_service_adguard_home_url, 'logo_location': hubsite_service_adguard_home_logo_location, 'description': hubsite_service_adguard_home_description, 'priority': hubsite_service_adguard_home_priority}] if hubsite_service_adguard_home_enabled else []) + + + ([{'name': hubsite_service_focalboard_name, 'url': hubsite_service_focalboard_url, 'logo_location': hubsite_service_focalboard_logo_location, 'description': hubsite_service_focalboard_description, 'priority': hubsite_service_focalboard_priority}] if hubsite_service_focalboard_enabled else []) + + ([{'name': hubsite_service_gitea_name, 'url': hubsite_service_gitea_url, 'logo_location': hubsite_service_gitea_logo_location, 'description': hubsite_service_gitea_description, 'priority': hubsite_service_gitea_priority}] if hubsite_service_gitea_enabled else []) + + ([{'name': hubsite_service_grafana_name, 'url': hubsite_service_grafana_url, 'logo_location': hubsite_service_grafana_logo_location, 'description': hubsite_service_grafana_description, 'priority': hubsite_service_grafana_priority}] if hubsite_service_grafana_enabled else []) + + ([{'name': hubsite_service_miniflux_name, 'url': hubsite_service_miniflux_url, 'logo_location': hubsite_service_miniflux_logo_location, 'description': hubsite_service_miniflux_description, 'priority': hubsite_service_miniflux_priority}] if hubsite_service_miniflux_enabled else []) + ([{'name': hubsite_service_nextcloud_name, 'url': hubsite_service_nextcloud_url, 'logo_location': hubsite_service_nextcloud_logo_location, 'description': hubsite_service_nextcloud_description, 'priority': hubsite_service_nextcloud_priority}] if hubsite_service_nextcloud_enabled else []) + ([{'name': hubsite_service_peertube_name, 'url': hubsite_service_peertube_url, 'logo_location': hubsite_service_peertube_logo_location, 'description': hubsite_service_peertube_description, 'priority': hubsite_service_peertube_priority}] if hubsite_service_peertube_enabled else []) + + ([{'name': hubsite_service_prometheus_name, 'url': hubsite_service_prometheus_url, 'logo_location': hubsite_service_prometheus_logo_location, 'description': hubsite_service_prometheus_description, 'priority': hubsite_service_prometheus_priority}] if hubsite_service_prometheus_enabled else []) + + + ([{'name': hubsite_service_radicale_name, 'url': hubsite_service_radicale_url, 'logo_location': hubsite_service_radicale_logo_location, 'description': hubsite_service_radicale_description, 'priority': hubsite_service_radicale_priority}] if hubsite_service_radicale_enabled else []) + + ([{'name': hubsite_service_uptime_kuma_name, 'url': hubsite_service_uptime_kuma_url, 'logo_location': hubsite_service_uptime_kuma_logo_location, 'description': hubsite_service_uptime_kuma_description, 'priority': hubsite_service_uptime_kuma_priority}] if hubsite_service_uptime_kuma_enabled else []) + + ([{'name': hubsite_service_syncthing_name, 'url': hubsite_service_syncthing_url, 'logo_location': hubsite_service_syncthing_logo_location, 'description': hubsite_service_syncthing_description, 'priority': hubsite_service_syncthing_priority}] if hubsite_service_syncthing_enabled else []) + + ([{'name': hubsite_service_vaultwarden_name, 'url': hubsite_service_vaultwarden_url, 'logo_location': hubsite_service_vaultwarden_logo_location, 'description': hubsite_service_vaultwarden_description, 'priority': hubsite_service_vaultwarden_priority}] if hubsite_service_vaultwarden_enabled else []) + + + ([{'name': hubsite_service_woodpecker_ci_name, 'url': hubsite_service_woodpecker_ci_url, 'logo_location': hubsite_service_woodpecker_ci_logo_location, 'description': hubsite_service_woodpecker_ci_description, 'priority': hubsite_service_woodpecker_ci_priority}] if hubsite_service_woodpecker_ci_enabled else []) }} ######################################################################## diff --git a/requirements.yml b/requirements.yml index 7ee6e6a..a7d1b16 100644 --- a/requirements.yml +++ b/requirements.yml @@ -130,7 +130,7 @@ - src: git+https://github.com/moan0s/hubsite.git name: hubsite - version: da6fed398a9dd0761db941cb903b53277c341cc6 + version: 6b20c472d36ce5765dc44675d42cce74cbcbd0fe - src: git+https://github.com/moan0s/role-firezone.git name: firezone From 9e3069277d073622d66d7240c28c80d7e4b94e5a Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:40:07 +0200 Subject: [PATCH 02/13] format justfile, safely integrate agru --- justfile | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/justfile b/justfile index e4b69d7..5598216 100644 --- a/justfile +++ b/justfile @@ -1,44 +1,50 @@ # Shows help default: - @just --list --justfile {{ justfile() }} + @just --list --justfile {{ justfile() }} # Pulls external Ansible roles roles: - rm -rf roles/galaxy - ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force + #!/usr/bin/env bash + set -euo pipefail + if [ -x "$(command -v agru)" ]; then + agru + else + rm -rf roles/galaxy + ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force + fi # Runs ansible-lint against all roles in the playbook lint: - ansible-lint + ansible-lint # Runs the playbook with --tags=install-all,start and optional arguments install-all *extra_args: (run-tags "install-all,start" extra_args) # Runs installation tasks for a single service install-service service *extra_args: - just --justfile {{ justfile() }} run --tags=install-{{ service }},start-group --extra-vars=group={{ service }} {{ extra_args }} + just --justfile {{ justfile() }} run --tags=install-{{ service }},start-group --extra-vars=group={{ service }} {{ extra_args }} # Runs the playbook with --tags=setup-all,start and optional arguments setup-all *extra_args: (run-tags "setup-all,start" extra_args) # Runs the playbook with the given list of arguments run +extra_args: - time ansible-playbook -i inventory/hosts setup.yml {{ extra_args }} + time ansible-playbook -i inventory/hosts setup.yml {{ extra_args }} # Runs the playbook with the given list of comma-separated tags and optional arguments run-tags tags *extra_args: - just --justfile {{ justfile() }} run --tags={{ tags }} {{ extra_args }} + just --justfile {{ justfile() }} run --tags={{ tags }} {{ extra_args }} # Starts all services start-all *extra_args: (run-tags "start-all" extra_args) # Starts a specific service group start-group group *extra_args: - @just --justfile {{ justfile() }} run-tags start-group --extra-vars="group={{ group }}" {{ extra_args }} + @just --justfile {{ justfile() }} run-tags start-group --extra-vars="group={{ group }}" {{ extra_args }} # Stops all services stop-all *extra_args: (run-tags "stop-all" extra_args) # Stops a specific service group stop-group group *extra_args: - @just --justfile {{ justfile() }} run-tags stop-group --extra-vars="group={{ group }}" {{ extra_args }} + @just --justfile {{ justfile() }} run-tags stop-group --extra-vars="group={{ group }}" {{ extra_args }} From f8202aeb05dc31ddf62b152c641d4965ea0d7759 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:41:54 +0200 Subject: [PATCH 03/13] add just update --- justfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/justfile b/justfile index 5598216..4d96b55 100644 --- a/justfile +++ b/justfile @@ -13,6 +13,10 @@ roles: ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force fi +# Updates requirements.yml if there are any new tags available. Requires agru +update: + @agru -u + # Runs ansible-lint against all roles in the playbook lint: ansible-lint From 28a1bbe55a57f73ff73a13279d215b0fe38f9b4c Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:48:33 +0200 Subject: [PATCH 04/13] fix urls to avoid redirects --- requirements.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.yml b/requirements.yml index 7ee6e6a..d9dfc92 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,13 +4,13 @@ name: geerlingguy.docker version: 6.1.0 -- src: git+https://gitlab.com/etke.cc/roles/swap +- src: git+https://gitlab.com/etke.cc/roles/swap.git version: 843a0222b76a5ec361b35f31bf4dc872b6d7d54e -- src: git+https://gitlab.com/etke.cc/roles/ssh +- src: git+https://gitlab.com/etke.cc/roles/ssh.git version: 237adf859f9270db8a60e720bc4a58164806644e -- src: git+https://gitlab.com/etke.cc/roles/fail2ban +- src: git+https://gitlab.com/etke.cc/roles/fail2ban.git version: 09886730e8d3c061f22d1da4a542899063f97f0a - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git From ed613b386d5285f1606ad9dd512a6f9429a487e9 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 15:49:21 +0200 Subject: [PATCH 05/13] format requirements.yml using agru --- requirements.yml | 73 +++++++++++------------------------------------- 1 file changed, 16 insertions(+), 57 deletions(-) diff --git a/requirements.yml b/requirements.yml index d9dfc92..70f5cef 100644 --- a/requirements.yml +++ b/requirements.yml @@ -1,137 +1,96 @@ ---- - - src: git+https://github.com/geerlingguy/ansible-role-docker - name: geerlingguy.docker version: 6.1.0 - + name: geerlingguy.docker - src: git+https://gitlab.com/etke.cc/roles/swap.git version: 843a0222b76a5ec361b35f31bf4dc872b6d7d54e - - src: git+https://gitlab.com/etke.cc/roles/ssh.git version: 237adf859f9270db8a60e720bc4a58164806644e - - src: git+https://gitlab.com/etke.cc/roles/fail2ban.git version: 09886730e8d3c061f22d1da4a542899063f97f0a - - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git version: 129c8590e106b83e6f4c259649a613c6279e937a - - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git version: c1f40e82b4d6b072b6f0e885239322bdaaaf554f - - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git version: 327d2e17f5189ac2480d6012f58cf64a2b46efba - - src: git+https://github.com/devture/com.devture.ansible.role.timesync.git version: 3d5bb2976815958cdce3f368fa34fb51554f899b - - src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16 - - src: git+https://github.com/devture/com.devture.ansible.role.postgres.git version: 38764398bf82b06a1736c3bfedc71dfd229e4b52 - - src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git version: 8e9ec48a09284c84704d7a2dce17da35f181574d - - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git version: v0.1.1-1 - - src: git+https://github.com/devture/com.devture.ansible.role.traefik.git version: v2.9.9-0 - - src: git+https://github.com/devture/com.devture.ansible.role.systemd_service_manager.git version: 6ccb88ac5fc27e1e70afcd48278ade4b564a9096 - - src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git version: 9b4b088c62b528b73a9a7c93d3109b091dd42ec6 - - src: git+https://github.com/devture/com.devture.ansible.role.woodpecker_ci_server.git version: v0.15.7-2 - - src: git+https://github.com/devture/com.devture.ansible.role.woodpecker_ci_agent.git version: v0.15.7-1 - - src: git+https://gitlab.com/etke.cc/roles/miniflux.git version: v2.0.43-2 - - src: git+https://gitlab.com/etke.cc/roles/grafana.git version: v9.4.7-0 - - src: git+https://gitlab.com/etke.cc/roles/radicale.git version: v3.1.8.1-2 - - src: git+https://gitlab.com/etke.cc/roles/uptime_kuma.git version: v1.21.0-0 - - src: git+https://gitlab.com/etke.cc/roles/redis.git version: v7.0.10-0 - - src: git+https://gitlab.com/etke.cc/roles/prometheus_node_exporter.git version: v1.5.0-7 - - src: git+https://gitlab.com/etke.cc/roles/prometheus_blackbox_exporter.git version: v0.23.0-3 - - src: git+https://gitlab.com/etke.cc/roles/redmine.git version: v5.0.5-1 - - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-adguard-home.git - name: adguard_home version: v0.107.26-0 - + name: adguard_home - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git + version: v1.0.0-0 name: aux - version: v1.0.0-0 - - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-collabora-online.git - name: collabora_online version: v22.05.12.1.1-0 - + name: collabora_online - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry.git - name: docker_registry version: v2.8.1-1 - + name: docker_registry - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry-browser.git - name: docker_registry_browser version: v1.6.0-0 - + name: docker_registry_browser - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-docker-registry-purger.git - name: docker_registry_purger version: v1.0.0-0 - + name: docker_registry_purger - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-focalboard.git - name: focalboard version: v7.8.0-0 - + name: focalboard - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gitea.git - name: gitea version: v1.19.0-0 - + name: gitea - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-nextcloud.git - name: nextcloud version: v26.0.0-0 - + name: nextcloud - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-peertube.git - name: peertube version: v5.1.0-0 - + name: peertube - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git - name: prometheus version: v2.43.0-0 - + name: prometheus - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-syncthing.git - name: syncthing version: v1.23.2-0 - + name: syncthing - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-vaultwarden.git - name: vaultwarden version: v1.27.0-2 - + name: vaultwarden - src: git+https://github.com/moan0s/hubsite.git - name: hubsite version: da6fed398a9dd0761db941cb903b53277c341cc6 - + name: hubsite - src: git+https://github.com/moan0s/role-firezone.git - name: firezone version: ac8564d5e11a75107ba93aec6427b83be824c30a + name: firezone From 2be8286d07bf67b5af26d79f8801641415af4c91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Mar 2023 14:49:55 +0100 Subject: [PATCH 06/13] Remove Prometheus It currently does not expose the web gui --- group_vars/mash_servers | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index c813d53..c8a81a0 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -1332,14 +1332,6 @@ hubsite_service_peertube_logo_location: "{{ role_path }}/assets/peertube.png" hubsite_service_peertube_description: "Watch and upload videos" hubsite_service_peertube_priority: 1000 -# Prometheus -hubsite_service_prometheus_enabled: "{{ prometheus_enabled }}" -hubsite_service_prometheus_name: prometheus -hubsite_service_prometheus_url: "https://{{ prometheus_hostname }}{{ prometheus_path_prefix }}" -hubsite_service_prometheus_logo_location: "{{ role_path }}/assets/prometheus.png" -hubsite_service_prometheus_description: "Collect monitoring data" -hubsite_service_prometheus_priority: 1000 - # Radicale hubsite_service_radicale_enabled: "{{ radicale_enabled }}" hubsite_service_radicale_name: Radicale @@ -1397,8 +1389,6 @@ hubsite_service_list_auto: | + ([{'name': hubsite_service_peertube_name, 'url': hubsite_service_peertube_url, 'logo_location': hubsite_service_peertube_logo_location, 'description': hubsite_service_peertube_description, 'priority': hubsite_service_peertube_priority}] if hubsite_service_peertube_enabled else []) + - ([{'name': hubsite_service_prometheus_name, 'url': hubsite_service_prometheus_url, 'logo_location': hubsite_service_prometheus_logo_location, 'description': hubsite_service_prometheus_description, 'priority': hubsite_service_prometheus_priority}] if hubsite_service_prometheus_enabled else []) - + ([{'name': hubsite_service_radicale_name, 'url': hubsite_service_radicale_url, 'logo_location': hubsite_service_radicale_logo_location, 'description': hubsite_service_radicale_description, 'priority': hubsite_service_radicale_priority}] if hubsite_service_radicale_enabled else []) + ([{'name': hubsite_service_uptime_kuma_name, 'url': hubsite_service_uptime_kuma_url, 'logo_location': hubsite_service_uptime_kuma_logo_location, 'description': hubsite_service_uptime_kuma_description, 'priority': hubsite_service_uptime_kuma_priority}] if hubsite_service_uptime_kuma_enabled else []) From 7cc031e5e62eae6dbaa03c6d22ebb86eec355323 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Mar 2023 14:50:35 +0100 Subject: [PATCH 07/13] Correct woordpecker hostname --- group_vars/mash_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index c8a81a0..329561a 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -1368,7 +1368,7 @@ hubsite_service_vaultwarden_priority: 1000 # Woodpecker CI hubsite_service_woodpecker_ci_enabled: "{{ woodpecker_ci_enabled }}" hubsite_service_woodpecker_ci_name: Woodpecker CI -hubsite_service_woodpecker_ci_url: "https://{{ woodpecker_ci_hostname }}{{ woodpecker_ci_path_prefix }}" +hubsite_service_woodpecker_ci_url: "https://{{ devture_woodpecker_ci_server_hostname }}" hubsite_service_woodpecker_ci_logo_location: "{{ role_path }}/assets/woodpecker.png" hubsite_service_woodpecker_ci_description: "Securely access your passwords" hubsite_service_woodpecker_ci_priority: 1000 From 8ea629324603a7a4dd7563dc0aff81ac9766a7ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Mar 2023 15:10:31 +0100 Subject: [PATCH 08/13] Add proper descriptions --- group_vars/mash_servers | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 329561a..03b5dc4 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -1272,7 +1272,7 @@ hubsite_service_adguard_home_enabled: "{{ adguard_home_enabled }}" hubsite_service_adguard_home_name: Adguard Home hubsite_service_adguard_home_url: "https://{{ adguard_home_hostname }}{{ adguard_home_path_prefix }}" hubsite_service_adguard_home_logo_location: "{{ role_path }}/assets/shield.png" -hubsite_service_adguard_home_description: "A DNS based adblocker" +hubsite_service_adguard_home_description: "A network-wide DNS software for blocking ads & tracking" hubsite_service_adguard_home_priority: 1000 # Docker Registry Browser @@ -1288,7 +1288,7 @@ hubsite_service_focalboard_enabled: "{{ focalboard_enabled }}" hubsite_service_focalboard_name: Focalboard hubsite_service_focalboard_url: "https://{{ focalboard_hostname }}{{ focalboard_path_prefix }}" hubsite_service_focalboard_logo_location: "{{ role_path }}/assets/focalboard.png" -hubsite_service_focalboard_description: "A git service" +hubsite_service_focalboard_description: "An open source, self-hosted alternative to Trello, Notion, and Asana." hubsite_service_focalboard_priority: 1000 # Gitea @@ -1337,7 +1337,7 @@ hubsite_service_radicale_enabled: "{{ radicale_enabled }}" hubsite_service_radicale_name: Radicale hubsite_service_radicale_url: "https://{{ radicale_hostname }}{{ radicale_path_prefix }}" hubsite_service_radicale_logo_location: "{{ role_path }}/assets/radicale.png" -hubsite_service_radicale_description: "" +hubsite_service_radicale_description: "Sync contacts and calendars" hubsite_service_radicale_priority: 1000 # Syncthing @@ -1345,7 +1345,7 @@ hubsite_service_syncthing_enabled: "{{ syncthing_enabled }}" hubsite_service_syncthing_name: Syncthing hubsite_service_syncthing_url: "https://{{ syncthing_hostname }}{{ syncthing_path_prefix }}" hubsite_service_syncthing_logo_location: "{{ role_path }}/assets/syncthing.png" -hubsite_service_syncthing_description: "" +hubsite_service_syncthing_description: "Sync your files" hubsite_service_syncthing_priority: 1000 # Uptime Kuma @@ -1370,7 +1370,7 @@ hubsite_service_woodpecker_ci_enabled: "{{ woodpecker_ci_enabled }}" hubsite_service_woodpecker_ci_name: Woodpecker CI hubsite_service_woodpecker_ci_url: "https://{{ devture_woodpecker_ci_server_hostname }}" hubsite_service_woodpecker_ci_logo_location: "{{ role_path }}/assets/woodpecker.png" -hubsite_service_woodpecker_ci_description: "Securely access your passwords" +hubsite_service_woodpecker_ci_description: "Check you CI" hubsite_service_woodpecker_ci_priority: 1000 hubsite_service_list_auto: | From b7d2bebd1392daf4f9dfe13a9886abbc0bb57dd2 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 16:15:08 +0200 Subject: [PATCH 09/13] just roles - replace bash with sh --- justfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/justfile b/justfile index 4d96b55..fd618e4 100644 --- a/justfile +++ b/justfile @@ -4,7 +4,7 @@ default: # Pulls external Ansible roles roles: - #!/usr/bin/env bash + #!/usr/bin/env sh set -euo pipefail if [ -x "$(command -v agru)" ]; then agru From 0a27d99b1ae81006f82385fa20df80509e27e7c4 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 16:50:46 +0200 Subject: [PATCH 10/13] justfile - fix formatting --- justfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/justfile b/justfile index fd618e4..bf4b02c 100644 --- a/justfile +++ b/justfile @@ -15,7 +15,7 @@ roles: # Updates requirements.yml if there are any new tags available. Requires agru update: - @agru -u + @agru -u # Runs ansible-lint against all roles in the playbook lint: From e87caadc2ad74430f26d4da142e1b3d7e6abb34c Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 25 Mar 2023 18:57:31 +0200 Subject: [PATCH 11/13] update swap role --- docs/services/system.md | 7 +------ requirements.yml | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/docs/services/system.md b/docs/services/system.md index 430f3e5..d8bb491 100644 --- a/docs/services/system.md +++ b/docs/services/system.md @@ -25,12 +25,7 @@ system_swap_enabled: true A swap file will be created in `/var/swap` (configured using the `system_swap_path` variable) and enabled in your `/etc/fstab` file. -By default, the swap file will have the following size: - -- on systems with `<= 2GB` of RAM, swap file size = `total RAM * 2` -- on systems with `> 2GB` of RAM, swap file size = `1GB` - -To avoid these calculations and set your own size explicitly, set the `system_swap_size` variable in megabytes, example (4gb): +By default, the swap file will have `1GB` size, but you can set the `system_swap_size` variable in megabytes, example (4gb): ```yaml system_swap_size: 4096 diff --git a/requirements.yml b/requirements.yml index 70f5cef..462d24e 100644 --- a/requirements.yml +++ b/requirements.yml @@ -2,7 +2,7 @@ version: 6.1.0 name: geerlingguy.docker - src: git+https://gitlab.com/etke.cc/roles/swap.git - version: 843a0222b76a5ec361b35f31bf4dc872b6d7d54e + version: abfb18b6862108bbf24347500446203170324d7f - src: git+https://gitlab.com/etke.cc/roles/ssh.git version: 237adf859f9270db8a60e720bc4a58164806644e - src: git+https://gitlab.com/etke.cc/roles/fail2ban.git From a6550d6004cf4dffa878c6d4aa49b60a21b8849a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 25 Mar 2023 19:18:41 +0200 Subject: [PATCH 12/13] Add some helpful AdGuard Home after-installation tips --- docs/services/adguard-home.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/services/adguard-home.md b/docs/services/adguard-home.md index db06e2b..2b87121 100644 --- a/docs/services/adguard-home.md +++ b/docs/services/adguard-home.md @@ -76,3 +76,10 @@ After installation, you can go to the AdGuard Home URL, as defined in `adguard_h As mentioned in the [URL](#url) section above, you may hit some annoyances when hosting under a subpath. The first time you visit the AdGuard Home pages, you'll go through a setup wizard **make sure to set the HTTP port to `3000`**. This is the in-container port that our Traefik setup expects and uses for serving the install wizard to begin with. If you go with the default (`80`), the web UI will stop working after the installation wizard completes. + +Things you should consider doing later: + +- increasing the per-client Rate Limit (from the default of `20`) in the **DNS server configuration** section in **Settings** -> **DNS Settings** +- enabling caching in the **DNS cache configuration** section in **Settings** -> **DNS Settings** +- adding additional blocklists by discovering them on [Firebog](https://firebog.net/) or other sources and importing them from **Filters** -> **DNS blocklists** +- reading the AdGuard Home [README](https://github.com/AdguardTeam/AdGuardHome/blob/master/README.md) and [Wiki](https://github.com/AdguardTeam/AdGuardHome/wiki) From 51eeb1b1acc15303f579f0cff89ae54ef4799016 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 25 Mar 2023 19:24:16 +0200 Subject: [PATCH 13/13] Fix incorrect variable usage Related to https://github.com/mother-of-all-self-hosting/mash-playbook/pull/21 --- group_vars/mash_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 03b5dc4..be647f6 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -1366,7 +1366,7 @@ hubsite_service_vaultwarden_description: "Securely access your passwords" hubsite_service_vaultwarden_priority: 1000 # Woodpecker CI -hubsite_service_woodpecker_ci_enabled: "{{ woodpecker_ci_enabled }}" +hubsite_service_woodpecker_ci_enabled: "{{ devture_woodpecker_ci_server_enabled }}" hubsite_service_woodpecker_ci_name: Woodpecker CI hubsite_service_woodpecker_ci_url: "https://{{ devture_woodpecker_ci_server_hostname }}" hubsite_service_woodpecker_ci_logo_location: "{{ role_path }}/assets/woodpecker.png"