admin/it-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
91 Commits 1 Branch 0 Tags
main
Commit Graph

91 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jannik Kramer
6bcc8ebe4c ensures ll alias on host 2025-07-03 11:28:48 +02:00
Jannik Kramer
5a7032da89 adds restart options to services 2025-07-02 19:42:15 +02:00
Jannik Kramer
d73bb035c1 adds playbook to just run docker compose 2025-07-02 19:20:37 +02:00
Jannik Kramer
82614418a6 disables analytics in sterling pdf 2025-07-02 19:20:20 +02:00
Jannik Kramer
9cc7268745 adds .env to .gitignore 2025-07-02 19:20:05 +02:00
Jannik Kramer
6869a79562 adds n8n 2025-07-02 19:19:55 +02:00
Jannik Kramer
a16a19d670 removes test hosts 2025-07-02 18:32:43 +02:00
Jannik Kramer
52d6f8f866 adds 1password deploy key 2025-07-02 17:38:33 +02:00
Jannik Kramer
93c31b2d96 Update cit_authorized_keys 2025-06-11 11:55:49 +02:00
Jannik Kramer
c763201ff8 authorized_keys: removes Julian Schachers ssh key 2024-12-03 09:24:13 +01:00
Julian Schacher
5adc36b4d9 add play for cleaning up unused Docker data 2024-10-23 15:36:27 +02:00
Julian Schacher
c9542e2b38 authorized_keys: add Jannik Kramers ssh key to authorized keys 2024-10-23 15:22:54 +02:00
Julian Schacher
3557d33afb docs: add note on how to add a new Hetzner VM 2024-10-22 23:44:17 +02:00
Julian Schacher
e657a872e7 pdf: use correct project_data path for tessdata 2024-08-14 17:22:02 +02:00
Julian Schacher
cf1dbc046c pdf: switch to standard image to have pdf compression functionality 2024-08-14 16:29:19 +02:00
Julian Schacher
78fc83f927 Switch to stirling pdf ultra lite, since lite doesn't exist anymore 
See here:
https://github.com/Stirling-Tools/Stirling-PDF/pull/1012
 2024-07-12 15:59:10 +02:00
Julian Schacher
34f658b8c4 Don't run workflow on schedule anymore, only manually 
It broke once in a while, so better have an administrator manually start
it and be ready to deal with it.
 2024-04-05 19:41:58 +02:00
Julian Schacher
908a35cf20 Add link to Datenschutzerklärung to stirling-pdf description as well 2024-02-16 11:37:47 +01:00
Julian Schacher
4400ff9b93 Deploy customized stirling-pdf and fix reverse proxy 
Use "network_mode: host" to make the reverse proxy work.
 2024-02-15 19:12:27 +01:00
Julian Schacher
89fda37a38 Switch reverse-proxy to Caddy and let it handle the certs 
Do this to simply the entire deployment.
 2024-02-15 14:58:27 +01:00
Julian Schacher
bcd065f42d Enable pipelining for faster playbook execution 
Some quick tests show a massive improvement.
I ran the following: ansible-playbook playbooks/everything.yaml
And the execution times without setting the option were:
- 1m25.5s
- 1m25.1s
- 1m25.8s
And with the option set to true:
- 25.5s
- 24.1s

Also see:
https://www.redhat.com/sysadmin/faster-ansible-playbook-execution
https://www.ansible.com/blog/ansible-performance-tuning
https://docs.ansible.com/ansible/latest/reference_appendices/config.html#ansible-pipelining
 2024-02-07 21:04:09 +01:00
Julian Schacher
894785fb5c Add GitHub Actions Workflow for maintaining & deploying production hosts 
The workflow runs on a schedule and can also be triggered manually.
 2024-02-07 20:49:43 +01:00
Julian Schacher
076d53ab9c Add GitHub Actions Ansible Infra Deploy Key to authorized_keys 2024-02-07 20:46:58 +01:00
Julian Schacher
de568ceacd Add role for deploying SSH authorized_keys and add it to maint. playb. 
Having this role will enable us to easily manage SSH authorized_keys.
 2024-02-07 20:44:46 +01:00
Julian Schacher
58ea4d4729 Introduce Production_Hosts group 
Introduce this group in preparation for automatic maintenance and
deployment of production hosts.
Also add cit-docker-host to this group.
 2024-02-07 20:34:09 +01:00
Julian Schacher
8d869af388 Configure the hetzner inventory to be the default inventory 
This avoids the user needing to explicitly configure it using e.g. "-i
inventories/hetzner" every time.
 2024-02-07 19:22:29 +01:00
Julian Schacher
75830e445b Deploy a reverse proxy doing PROXY Protocol 
This is needed to be able to nicely host multiple services under a
single IPv4.
The reverse proxy also includes a configuration to pass requests for
acme challenge properly.
And lastly the reverse proxy is already configured for a stirling pdf,
which gets added once the DNS record for it is in place.
 2024-02-07 19:16:32 +01:00
Julian Schacher
013fec6f16 Add play to everything playb. for deploying Docker Compose applications 
Also introduce a new group for hosts, for which this play should be run,
called Docker_Compose_Hosts.
Finally add cit-ansible-test and cit-docker-host to this group with an
empty project list initially.
 2024-02-07 18:59:10 +01:00
Julian Schacher
2167849edf Specify that generally code was taken from the CCCHH/ansible-infra repo 
Do this in preparation for using more code from the CCCHH/ansible-infra
repo, not just for the docker role.
Also use the current name and repository URL.
 2024-02-07 17:53:27 +01:00
Julian Schacher
31f65d591c Add cit-docker-host to inventory 2024-01-31 17:07:19 +01:00
Julian Schacher
016f821c54 Introduce everything playbook, which runs all non-initial setup roles 
It runs the maintenance playbook and then all other non-initial setup
roles, which aren't covered by the maintenance playbook.
 2024-01-31 16:37:47 +01:00
Julian Schacher
298990d0a9 Define host groups correctly 2024-01-31 16:35:46 +01:00
Julian Schacher
d0884b52d6 Add requirements.yml listing docker_compose role as dependency 2024-01-18 18:38:26 +01:00
Julian Schacher
bbe8d3fe4e Make git ignore .DS_Store files using .gitignore 2024-01-11 02:13:02 +01:00
Julian Schacher
628c731a82 Add .editorconfig to ensure consistent general file style 2023-11-24 18:21:08 +01:00
Julian Schacher
75acd59ee8 Add docker role for making sure Docker is installed 
Add a docker role for making sure Docker is installed from the Docker
repositories.
Take the role from the ccchh-ansible repo, provide attribution in the
README and add the relevant license in a new licenses directory.
Modify the role by removing the distribution check and adjusting the
task names to be in line with other task names in this repo.
 2023-11-24 13:37:40 +01:00
Julian Schacher
7ddb91550f Add maintenance playbook for running all roles to do system maintenance 
Currently it just includes the system_update role, but it will be
exanded in the future, when new relevant roles get added.
 2023-11-24 13:08:17 +01:00
Julian Schacher
4b84472ac2 Add role for ensuring system is updated and potentially rebooted 
The role also cleans up the local repository of retrieved package files
that can no longer be downloaded.
 2023-11-24 12:59:42 +01:00
Julian Schacher
a921224e56 Add playbook for the initial basic deployment of a Hetzner VM 
This playbook does the following:
- Creates a cit user (which has root privileges) using the cit_user
  role.
- Sets the cit users ssh authorized_keys to the authorized_keys of the
  root user.
 2023-11-24 12:59:40 +01:00
Julian Schacher
97afdac16a Add role for ensuring a cit user, which has root privileges 2023-11-24 12:59:38 +01:00
Julian Schacher
96062d651d Initial commit. Create hetzner inventory with cit-ansible-test host 2023-11-24 12:59:11 +01:00