156 lines
2.0 KiB
YAML
156 lines
2.0 KiB
YAML
---
|
|
|
|
- name: mount rw
|
|
hosts:
|
|
- pikvm
|
|
become: true
|
|
pre_tasks:
|
|
- name: mount rw
|
|
command: /usr/local/bin/rw
|
|
|
|
- name: cryptoraid
|
|
hosts:
|
|
- suricata
|
|
become: true
|
|
roles:
|
|
- cryptoraid
|
|
tags: raid
|
|
|
|
- name: mounts
|
|
hosts:
|
|
- suricata
|
|
become: true
|
|
roles:
|
|
- mounts
|
|
|
|
- name: usercfg
|
|
hosts:
|
|
- suricata
|
|
become: true
|
|
roles:
|
|
- usercfg
|
|
|
|
- name: pi_fan_hwpwm
|
|
hosts:
|
|
- suricata
|
|
become: true
|
|
roles:
|
|
- pi_fan_hwpwm
|
|
|
|
- name: docker
|
|
hosts:
|
|
- suricata
|
|
- caladan
|
|
- narwhal
|
|
become: true
|
|
roles:
|
|
- docker
|
|
|
|
- name: common roles
|
|
hosts:
|
|
- caladan
|
|
- fugu
|
|
- narwhal
|
|
- snitch
|
|
- suricata
|
|
# - pikvm
|
|
become: true
|
|
roles:
|
|
- basic
|
|
- users
|
|
- repos
|
|
- sshd
|
|
vars:
|
|
users:
|
|
- rilla
|
|
- ansible
|
|
- builder
|
|
- gopass
|
|
- woodpecker
|
|
|
|
|
|
- name: quality of life tools
|
|
hosts:
|
|
- caladan
|
|
- fugu
|
|
- narwhal
|
|
- suricata
|
|
become: true
|
|
roles:
|
|
- quality_of_life
|
|
|
|
- name: wifi setup
|
|
hosts: snitch
|
|
become: true
|
|
roles:
|
|
- wifi
|
|
|
|
- name: caladan-specific things
|
|
hosts: caladan
|
|
become: true
|
|
roles:
|
|
- tinyproxy
|
|
|
|
- name: k3s
|
|
hosts:
|
|
- suricata
|
|
become: true
|
|
roles:
|
|
- k3s
|
|
tags: k3s
|
|
|
|
- name: wireguard
|
|
hosts:
|
|
- caladan
|
|
- fugu
|
|
become: true
|
|
roles:
|
|
- wireguard
|
|
|
|
- name: setup gopass
|
|
become: true
|
|
hosts:
|
|
- caladan
|
|
- fugu
|
|
- narwhal
|
|
# - pikvm
|
|
roles:
|
|
- gopass
|
|
|
|
- name: setup DAGs
|
|
become: true
|
|
hosts:
|
|
- pikvm
|
|
roles:
|
|
- dags
|
|
tags: dags
|
|
|
|
- name: set up pikvm's ssl certs
|
|
hosts:
|
|
- pikvm
|
|
become: true
|
|
vars:
|
|
domain: monotremata.xyz
|
|
|
|
- name: lbu commit
|
|
hosts:
|
|
- snitch
|
|
- suricata
|
|
become: true
|
|
post_tasks:
|
|
- name: lbu commit
|
|
lbu:
|
|
commit: true
|
|
when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]
|
|
|
|
- name: mount ro
|
|
hosts:
|
|
- pikvm
|
|
become: true
|
|
post_tasks:
|
|
- name: mount ro
|
|
command: /usr/local/bin/ro
|
|
|
|
# todo:
|
|
# setup-apkcache and setup-lbu to use /media/mmcblk0p2
|