giovanni-liboni/infrastructure-ansible

Collection of Ansible Playbooks and assets deployed on my servers at home and in the cloud (GCE, Oracle Cloud).

Infrastructure @home

Configuration for the home educational data-center with Ansible

Table of Contents

1. About The Project
   • Built With
2. Getting Started
   • Prerequisites
3. Playbooks
• Base Services
• Core Services
• Media Services
• Other Playbooks
4. Development guidelines
5. Ansible tips
6. Contributing
7. License
8. Contact
9. Acknowledgements

About The Project

This repository is a collection of Ansible Playbooks and assets deployed on my servers at home and in the cloud (GCE, Oracle Cloud). It includes home automation projects, movies and TV series management systems, 3D print manager and time-lapse servers, and more.

This project is for educational purposes.

Getting Started

Supported OSes

Tested for Ubuntu 20.04 and CentOS 8

Prerequisites

Let's first install the required Python dependencies:

• MacOS - homebrew

  1. Install python3 with brew run:

     brew install python3

  2. Update the PATH environment variable in ~/.zshrc if you're using zsh or ~/.bash_profile if you're using bash

     export PATH=/usr/local/share/python:$PATH

     Restart the terminal or run the following commands

     source ~/.zshrc

     or

     source ~/.bash_profile

  3. Install virtualenv

     pip3 install virtualenv

• MacOS - Default Python installation

  pip install virtualenv

Now it's time to install ansible into the virtual environment

1. Create the Python virtual environment

   virtualenv myansible

2. Activate the virtual environment

   source myansible/bin/activate

3. Install Ansible and the requirements with pip

   pip install -r requirements.txt

Playbooks

Base Services

• Authelia - An open-source authentication and authorization server
• Postgres - An open source database system
• Redis - An in-memory database that persists on disk
• Tecnativa - Proxy over your Docker socket to restrict which requests it accepts
• Traefik - The Cloud Native Edge Router
• Homer - A very simple static homepage for your server

Core Services

• Visual Studio Code - Modern integrated development environment
• OpenVPN Proxy - Service containg an OpenVPN Client and a Squid Proxy Server
• Transmission - BitTorrent Client with an integrated OpenVPN Client

Media Services

• Jackett - API Support for your favorite torrent trackers
• Bazarr - Bazarr is a companion application to Sonarr and Radarr that manages and downloads subtitles
• Calibre - Ebook manager
• Calibre Web - Web app providing a clean interface for browsing, reading and downloading eBooks using an existing Calibre database
• Photoprism - Personal Photo Management powered by Go and Google TensorFlow
• Tdarr - Audio/Video library analytics + transcode automation using FFmpeg/HandBrake + video health checking
• Radarr - A fork of Sonarr to work with movies à la Couchpotato
• Sonarr - Smart PVR for newsgroup and bittorrent users
• Jellyfin - The Free Software Media System

Other playbooks

• ansible-ssh-hardening - SSH hardening playbook to run against production servers
• common - Common settings for development and production servers
• cups - Print server

Development guidelines

Directory layout

Based on Ansible Best Practices

production                # inventory file for production servers
staging                   # inventory file for staging environment

group_vars/
   group1                 # here we assign variables to particular groups
   group2                 # ""
host_vars/
   hostname1              # if systems need specific variables, put them here
   hostname2              # ""

library/                  # if any custom modules, put them here (optional)
filter_plugins/           # if any custom filter plugins, put them here (optional)

site.yml                  # master playbook
webservers.yml            # playbook for webserver tier
dbservers.yml             # playbook for dbserver tier

roles/
    common/               # this hierarchy represents a "role"
        tasks/            #
            main.yml      #  <-- tasks file can include smaller files if warranted
        handlers/         #
            main.yml      #  <-- handlers file
        templates/        #  <-- files for use with the template resource
            ntp.conf.j2   #  <------- templates end in .j2
        files/            #
            bar.txt       #  <-- files for use with the copy resource
            foo.sh        #  <-- script files for use with the script resource
        vars/             #
            main.yml      #  <-- variables associated with this role
        defaults/         #
            main.yml      #  <-- default lower priority variables for this role
        meta/             #
            main.yml      #  <-- role dependencies

    webtier/              # same kind of structure as "common" was above, done for the webtier role
    monitoring/           # ""
    fooapp/               # ""

Ansible Tips

Generate empty role skeleton

In your roles directory, type ansible-galaxy init role_name in order to generate an empty skeleton for a new role you are working on.

Example:

ansible-galaxy init nginx

Check out Ansible Examples for example playbooks.

Upgrade all servers - Ubuntu only

ansible ubuntu -m apt -a "upgrade=yes update_cache=yes" -b

Contributing

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.

1. Fork the Project
2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
3. Commit your Changes (git commit -m 'Add some AmazingFeature')
4. Push to the Branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

License

Distributed under the MIT license. See LICENSE for more information.

Contact

Giovanni Liboni - giovanni@liboni.me

Project Link: https://github.com/giovanni-liboni/infrastructure-ansible

Acknowledgements

• X211 workbench
• Best-README-Template
• Choose an Open Source License