Collection of Ansible playbooks and roles.
- docker - Install Docker for Ubuntu and CentOS.
- docker-network - Configure Docker network.
- docker-volume - Configure Docker volume.
- postgres - Deploy PostgreSQL database container.
- openldap - Deploy OpenLDAP Docker container.
- odoo - Deploy Odoo container.
- odoo-scripts - Install Odoo scripts.
- debug - Debug Ansible variables.
- certbot - Deploy Let's Encrypt certificates.
- nginx - Deploy Nginx proxy with Certbot.
- clean - Cleanup Ansible roles.
- mysql - Deploy MySQL database container.
- bookstack - Deploy BookStack container.
- nextcloud - Deploy Nextcloud container.
- moodle - Deploy Moodle container.
- iam - Configures users and groups.
- restic-client - Configure Restic client backup jobs.
- restic-server - Deploy Restic server container.
- elasticsearch - Deploy ElasticSearch Docker cluster.
- kibana - Deploy Kibana Docker container.
- logstash - Deploy Logstash Docker container.
- metricbeat - Deploy Metricbeat Docker container.
- cadvisor - Deploy cAdvisor Docker container.
- node-exporter - Deploy Node exporter container and install custom metric script.
- prometheus - Deploy Prometheus Docker container.
- grafana - Deploy Grafana Docker container.
- keycloak - Deploy Keycloak Docker container.
- update - Install system and package updates.
- package - Set env vars and install packages.
- odoo-apps - Install Odoo apps.
- nginx-waf - Deploy Nginx with ModSecurity and Core Rule Set.
- maintenance - Maintain operating system and disk space.
- commento - Deploy Commento container.
- ufw - Configure UFW rules.
- remark42 - Deploy Remark42 container.
- odoo-enterprise - Checkout the Odoo Enterprise git repository.
- onlyoffice-documentserver - Deploy OnlyOffice Document Server container.
- nextcloud-exporter - Deploy Nextcloud exporter container.
- pgadmin - Install pgAdmin container.
- bigbluebutton - Install BigBlueButton with https and greenlight.
- bigbluebutton-exporter - Deploy BigBlueButton exporter container.
- vercel - Manage vercel domain and dns entries.
- locale - Set system locale.
- postgres-exporter - Deploy PostgreSQL exporter container.
WIP:
- synapse - Deploy Matrix Synapse container.
- coturn - Deploy Coturn container.
- collabora-code - Deploy Collabora Code container.
Clone this repository.
git clone https://github.com/MaxPeal/Ansible-Playbooks-Mod && cd Ansible-Playbooks-Mod
Navigate to the playbook folder.
cd Ansible-Playbooks
Set a password to encry the Ansible vault.
export VAULTPASSWORD=PASSWORD
Create a password file.
echo "$VAULTPASSWORD" > .vault_pass
Make it executable.
chmod 600 .vault_pass
Create a log file and own it.
sudo touch /var/log/ansible.log && sudo chown $USER: /var/log/ansible.log
Install jmespath and dnspython with pip.
pip install jmespath dnspython
Install the ansible community package.
ansible-galaxy collection install community.general
Create an inventory and configure a role.
List inventory
ansible-inventory --list -y -i inventories/setup | grep -E 'ansible_host'
Test connection
ansible all -m ping -i inventories/odoo
Deploy multiple inventories
ansible-playbook -i inventories/setup -i inventories/odoo -i inventories/proxy odoo.yml
Deploy Odoo stack
ansible-playbook -i inventories/odoo odoo.yml
Deploy role only
ansible-playbook -i inventories/odoo odoo.yml -t postgres
Deploy without dependencies
ansible-playbook -i inventories/odoo odoo.yml --skip-tags depends
Deploy role to specific host
ansible-playbook -i inventories/odoo odoo.yml -t docker -l host.example.com
Deploy role to specific group with non-default user
ansible-playbook -i inventories/odoo docker.yml -t docker -l europe -u username
Clean Odoo stack
ansible-playbook -i inventories/odoo clean.yml -t odoo,odoo-volume,odoo-data-dir,postgres,postgres-volume
Clean role only
ansible-playbook -i inventories/odoo clean.yml -t docker-network
Clean dry run
ansible-playbook -i inventories/odoo odoo.yml -t odoo --check
Install odoo-scripts and odoo-apps locally
ansible-playbook -i inventories/odoo localhost.yml --skip-tags depends
List all Odoo databses.
ansible all -i inventories/odoo -a "docker-odoo-list -c {{ odoo_hostname }}"
Lint the project using Ansible lint.
ansible-lint *.yml
Whenever possible use env variables to configure the container.
Env Config
env:
POSTGRES_USER: "{{ postgres_user }}"
POSTGRES_PASSWORD: "{{ postgres_password }}"
POSTGRES_DB: "{{ postgres_db }}"
To persist data use Docker volumes.
Volume Mount
Mount the folder without subfolder.
volumes:
- "{{ postgres_volume_name }}:/var/lib/postgresql/data"
For Ansible config files use file mounts.
Bind Mount
volumes:
- "{{ nginx_data_dir }}/:/etc/nginx/conf.d/:ro"
Every role folder must contain a README.md
file.
Mark fix-me-comments with # FIXME: <your text>
.
Template for role vars:
# Basics:
# Url to Docker repsitory
ROLENAME_image: URL
ROLENAME_hostname: SHORTNAME + COUNTER
ROLENAME_port:
ROLENAME_volume_name: SHORTNAME_data + COUNTER
ROLENAME_data_dir: /usr/share/SHORTNAME + COUNTER
# Database connection:
ROLENAME_db_type: mysql
ROLENAME_db_user:
ROLENAME_db_password: "{{ vault_ROLENAME_db_password }}"
ROLENAME_db_hostname:
ROLENAME_db_name:
# Credentials user:
ROLENAME_user:
ROLENAME_password: "{{ vault_ROLENAME_password }}"
# Credentials admin:
ROLENAME_admin_user:
ROLENAME_admin_password: "{{ vault_ROLENAME_admin_password }}"
# Named database connection:
ROLENAME_postgres_hostname:
ROLENAME_postgres_user:
ROLENAME_postgres_password: "{{ vault_ROLENAME_postgres_password }}"
# SMTP
ROLENAME_smtp_hostname:
ROLENAME_smtp_auth:
ROLENAME_smtp_secure:
ROLENAME_smtp_port:
ROLENAME_smtp_domain:
ROLENAME_smtp_from:
ROLENAME_smtp_username:
ROLENAME_smtp_password:
Role names must be lower case and may contain a -
.
Roles can have multiple tags.
example one tag
To define a Postgres role, you would:
- Create role
postges
- Assign the tag
postgres
- Create a task file
postgres.yml
example multiple tags
To define a Nginx role with a config tag, you would:
- Create role
nginx
- Assign the tags
nginx
andnginx-config
- Create the task files
nginx.yml
andnginx-config.yml
In the main.yml
you would include the tasks as followed:
- name: "Include {{ role_name }} config tasks"
include_tasks: "{{ role_name }}-config.yml"
when: nginx_data_dir is defined
tags:
- nginx
- nginx-config
- name: "Include {{ role_name }} tasks"
include_tasks: "{{ role_name }}.yml"
when: nginx_image is defined
tags:
- nginx