jannik
/
ansible-role-server
1
1
Fork 0
Code Issues 3 Releases Activity
ansible-role-server/README.md

2.4 KiB
Raw Blame History

Server

Essential server setup tasks, like sshd config, ddns cronjobs (+ mail output), etc used by Jannik Beyerstedt.

Requirements

none

Role Variables

There are several variables, that should be set per host (e.g. in the inventory).

Some of the tasks listed below, will not run, if the corresponding variables are not set. Therefore you can use the same playbook for multiple servers and activate the needed features with host variables.

Borgbakup

If you want to configure borgbackup backups, these variables need to be set:

  • borgbackup_host: Hostname used by the borgbackup script
  • borgbackup_sub: Sub-Account ID used by the borgbackup script

Attention: You still need to setup the borgbackup repository manually.

Telegraf

Telegraf is configured with basic host telemetry by default. You can add more features, if you like:

  • telegraf_docker: Set to true, if docker telemetry should be collected
  • telegraf_snmp_fra80: Set to true, if SNMP telemetry of the fra80 network should be collected

Dependencies

none

Example Playbook

The different tasks should be used on a case-by-case basis:

- name: Common Server Configuration
  hosts: servers
  tasks:
  - name: Servers - Generic setup tasks
    import_role:
      name: server
      tasks_from: setup
  - name: Servers - Setup cronjob mails
    import_role:
      name: server
      tasks_from: cronmails
  - name: Servers - Setup dyndns cronjob
    import_role:
      name: server
      tasks_from: dyndns
  - name: Servers - Setup monitoring
    import_role:
      name: server
      tasks_from: telegraf
  - name: Servers - Setup backups (if variables are set)
    import_role:
      name: server
      tasks_from: borgbackup

  # Docker
  - name: Servers - Install docker
    import_role:
      name: server
      tasks_from: docker
  - name: Servers - Add telegraf to docker group
    become: yes
    user:
      name: telegraf
      groups: docker
      append: yes

  # Caddy Webserver
  - name: Servers - Install and setup caddy
    import_role:
      name: server
      tasks_from: caddyserver
  - name: Servers - Start caddy service
    become: yes
    service:
      name: caddy
      enabled: yes
      state: started

  # UFW Firewall
  - name: Servers - Install UFW
    become: yes
    apt:
      name: ufw
      state: present

License

GPLv3