Server
=========

Essential server setup tasks, like sshd config, ddns cronjobs (+ mail output), etc used by Jannik Beyerstedt.


Requirements
------------

none


Role Variables
--------------

There are several variables, that should be set per host (e.g. in the inventory).

Some of the tasks listed below, will not run, if the corresponding variables are not set.
Therefore you can use the same playbook for multiple servers and activate the needed features with host variables.

### Borgbakup
If you want to configure borgbackup backups, these variables need to be set:
- `borgbackup_host`: Hostname used by the borgbackup script
- `borgbackup_sub`: Sub-Account ID used by the borgbackup script

Attention: You still need to setup the borgbackup repository manually.  

### Telegraf
Telegraf is configured with basic host telemetry by default. You can add more features, if you like:
- `telegraf_docker`: Set to `true`, if docker telemetry should be collected
- `telegraf_snmp_fra80`: Set to `true`, if SNMP telemetry of the fra80 network should be collected


Dependencies
------------

none


Example Playbook
----------------

The different tasks should be used on a case-by-case basis:
```yml
- name: Common Server Configuration
  hosts: servers
  strategy: free
  tasks:
  - name: Servers - Generic setup tasks
    import_role:
      name: server
      tasks_from: setup
  - name: Servers - Setup cronjob mails
    import_role:
      name: server
      tasks_from: cronmails
  - name: Servers - Setup dyndns cronjob
    import_role:
      name: server
      tasks_from: dyndns
  - name: Servers - Setup monitoring
    import_role:
      name: server
      tasks_from: telegraf
  - name: Servers - Setup backups (if variables are set)
    import_role:
      name: server
      tasks_from: borgbackup

  # Docker
  - name: Servers - Install docker
    import_role:
      name: server
      tasks_from: docker
  - name: Servers - Add telegraf to docker group
    become: yes
    user:
      name: telegraf
      groups: docker
      append: yes

  # Caddy Webserver
  - name: Servers - Install and setup caddy
    import_role:
      name: server
      tasks_from: caddyserver
  - name: Servers - Start caddy service
    become: yes
    service:
      name: caddy
      enabled: yes
      state: started

  # UFW Firewall
  - name: Servers - Install UFW
    become: yes
    apt:
      name: ufw
      state: present
```


License
-------

GPLv3