Ansible Playbooks

Collection of Ansible playbooks and roles.

Roles

docker - Install Docker for Ubuntu and CentOS.
docker-network - Configure Docker network.
docker-volume - Configure Docker volume.
postgres - Deploy PostgreSQL database container.
openldap - Deploy OpenLDAP Docker container.
odoo - Deploy Odoo container.
odoo-scripts - Install Odoo scripts.
debug - Debug Ansible variables.
certbot - Deploy Let's Encrypt certificates.
nginx - Deploy Nginx proxy with Certbot.
clean - Cleanup Ansible roles.
mysql - Deploy MySQL database container.
bookstack - Deploy BookStack container.
nextcloud - Deploy Nextcloud container.
moodle - Deploy Moodle container.
iam - Configures users and groups.
restic-client - Configure Restic client backup jobs.
restic-server - Deploy Restic server container.
elasticsearch - Deploy ElasticSearch Docker cluster.
kibana - Deploy Kibana Docker container.
logstash - Deploy Logstash Docker container.
metricbeat - Deploy Metricbeat Docker container.
cadvisor - Deploy cAdvisor Docker container.
node-exporter - Deploy Node exporter container and install custom metric script.
prometheus - Deploy Prometheus Docker container.
grafana - Deploy Grafana Docker container.
keycloak - Deploy Keycloak Docker container.
update - Install system and package updates.
package - Set env vars and install packages.
odoo-apps - Install Odoo apps.
nginx-waf - Deploy Nginx with ModSecurity and Core Rule Set.
maintenance - Maintain operating system and disk space.
commento - Deploy Commento container.
ufw - Configure UFW rules.
remark42 - Deploy Remark42 container.
odoo-enterprise - Checkout the Odoo Enterprise git repository.
onlyoffice-documentserver - Deploy OnlyOffice Document Server container.
nextcloud-exporter - Deploy Nextcloud exporter container.
pgadmin - Install pgAdmin container.
bigbluebutton - Install BigBlueButton with https and greenlight.
bigbluebutton-exporter - Deploy BigBlueButton exporter container.
vercel - Manage vercel domain and dns entries.
locale - Set system locale.
postgres-exporter - Deploy PostgreSQL exporter container.

WIP:

synapse - Deploy Matrix Synapse container.
coturn - Deploy Coturn container.
collabora-code - Deploy Collabora Code container.

Usage

Clone this repository.

git clone https://github.com/MaxPeal/Ansible-Playbooks-Mod && cd Ansible-Playbooks-Mod

Setup

Install Ansible.

Navigate to the playbook folder.

cd Ansible-Playbooks

Set a password to encry the Ansible vault.

export VAULTPASSWORD=PASSWORD

Create a password file.

echo "$VAULTPASSWORD" > .vault_pass

Make it executable.

chmod 600 .vault_pass

Create a log file and own it.

sudo touch /var/log/ansible.log && sudo chown $USER: /var/log/ansible.log

Install jmespath and dnspython with pip.

pip install jmespath dnspython

Install the ansible community package.

ansible-galaxy collection install community.general

Create an inventory and configure a role.

Deployment

List inventory

ansible-inventory --list -y -i inventories/setup | grep -E 'ansible_host'

Test connection

ansible all -m ping -i inventories/odoo

Deploy multiple inventories

ansible-playbook -i inventories/setup -i inventories/odoo -i inventories/proxy odoo.yml

Deploy Odoo stack

ansible-playbook -i inventories/odoo odoo.yml

Deploy role only

ansible-playbook -i inventories/odoo odoo.yml -t postgres

Deploy without dependencies

ansible-playbook -i inventories/odoo odoo.yml --skip-tags depends

Deploy role to specific host

ansible-playbook -i inventories/odoo odoo.yml -t docker -l host.example.com

Deploy role to specific group with non-default user

ansible-playbook -i inventories/odoo docker.yml -t docker -l europe -u username

Clean Odoo stack

ansible-playbook -i inventories/odoo clean.yml -t odoo,odoo-volume,odoo-data-dir,postgres,postgres-volume

Clean role only

ansible-playbook -i inventories/odoo clean.yml -t docker-network

Clean dry run

ansible-playbook -i inventories/odoo odoo.yml -t odoo --check

Install odoo-scripts and odoo-apps locally

ansible-playbook -i inventories/odoo localhost.yml --skip-tags depends

List all Odoo databses.

ansible all -i inventories/odoo -a "docker-odoo-list -c {{ odoo_hostname }}"

Docs

Quality

Lint the project using Ansible lint.

ansible-lint *.yml

Config

Whenever possible use env variables to configure the container.

Env Config

    env:
      POSTGRES_USER: "{{ postgres_user }}"
      POSTGRES_PASSWORD: "{{ postgres_password }}"
      POSTGRES_DB: "{{ postgres_db }}"

Data

To persist data use Docker volumes.

Volume Mount

Mount the folder without subfolder.

    volumes:
      - "{{ postgres_volume_name }}:/var/lib/postgresql/data"

For Ansible config files use file mounts.

Bind Mount

    volumes:
      - "{{ nginx_data_dir }}/:/etc/nginx/conf.d/:ro"

Guidelines

Every role folder must contain a README.md file.

Mark fix-me-comments with # FIXME: <your text>.

Naming

Template for role vars:

# Basics:
# Url to Docker repsitory
ROLENAME_image: URL
ROLENAME_hostname: SHORTNAME + COUNTER
ROLENAME_port:
ROLENAME_volume_name: SHORTNAME_data + COUNTER
ROLENAME_data_dir: /usr/share/SHORTNAME + COUNTER
# Database connection:
ROLENAME_db_type: mysql
ROLENAME_db_user:
ROLENAME_db_password: "{{ vault_ROLENAME_db_password }}"
ROLENAME_db_hostname:
ROLENAME_db_name:
# Credentials user:
ROLENAME_user:
ROLENAME_password: "{{ vault_ROLENAME_password }}"
# Credentials admin:
ROLENAME_admin_user:
ROLENAME_admin_password: "{{ vault_ROLENAME_admin_password }}"
# Named database connection:
ROLENAME_postgres_hostname:
ROLENAME_postgres_user:
ROLENAME_postgres_password: "{{ vault_ROLENAME_postgres_password }}"
# SMTP
ROLENAME_smtp_hostname:
ROLENAME_smtp_auth:
ROLENAME_smtp_secure:
ROLENAME_smtp_port:
ROLENAME_smtp_domain:
ROLENAME_smtp_from:
ROLENAME_smtp_username:
ROLENAME_smtp_password:

Role names must be lower case and may contain a -.

Role and Tags

Roles can have multiple tags.

example one tag

To define a Postgres role, you would:

Create role postges
Assign the tag postgres
Create a task file postgres.yml

example multiple tags

To define a Nginx role with a config tag, you would:

Create role nginx
Assign the tags nginx and nginx-config
Create the task files nginx.yml and nginx-config.yml

In the main.yml you would include the tasks as followed:

- name: "Include {{ role_name }} config tasks"
  include_tasks: "{{ role_name }}-config.yml"
  when: nginx_data_dir is defined
  tags:
    - nginx
    - nginx-config

- name: "Include {{ role_name }} tasks"
  include_tasks: "{{ role_name }}.yml"
  when: nginx_image is defined
  tags:
    - nginx

https://github.com/MaxPeal/Ansible-Playbooks-Mod

Name		Name	Last commit message	Last commit date
Latest commit History 341 Commits
.github/workflows		.github/workflows
inventories		inventories
library		library
roles		roles
.ansible-lint		.ansible-lint
.gitignore		.gitignore
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
LICENSE		LICENSE
README.md		README.md
all.yml		all.yml
ansible.cfg		ansible.cfg
bigbluebutton.yml		bigbluebutton.yml
clean.yml		clean.yml
localhost.yml		localhost.yml
monitor.yml		monitor.yml
nextcloud.yml		nextcloud.yml
odoo.yml		odoo.yml
proxy.yml		proxy.yml
setup.yml		setup.yml

License

MaxPeal/Ansible-Playbooks-Mod

Folders and files

Latest commit

History

Repository files navigation

Ansible Playbooks

Roles

Usage

Setup

Deployment

Docs

Quality

Config

Data

Guidelines

Naming

Role and Tags

About

Resources

License

Code of conduct

Stars

Watchers

Forks

Languages