ansible/charlesreid1-ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

merge into: ansible:master
Branches Tags
ansible:master ansible:feature/mastodon ansible:main ansible:gh-pages ansible:new-app-ini
...
pull from: ansible:feature/mastodon
Branches Tags
ansible:feature/mastodon ansible:main ansible:master ansible:gh-pages ansible:new-app-ini

77 Commits
master ... feature/ma

Author SHA1 Message Date
Charles Reid
97f50bf4e2 no solarized color scheme 2021-01-20 19:41:31 -08:00
Charles Reid
5dd9e21593 update dockprom playbook to use machine_name var (still hard-coding vpn ip addr) 2021-01-20 19:41:16 -08:00
Charles Reid
18b143c82f run commands as regular user, not root 2021-01-20 19:40:46 -08:00
Charles Reid
434d1acc24 update firewall 2021-01-20 19:39:57 -08:00
Charles Reid
2579bb8aab update group_vars 2021-01-20 19:39:41 -08:00
Charles Reid
61c286d1e0 expand on ssh role, set system and user configuration 2021-01-20 19:39:30 -08:00
Charles Reid
ac6334eff5 add firewall role 2021-01-20 19:38:34 -08:00
Charles Reid
b137995503 scrub local and linode hosts 2021-01-20 19:38:14 -08:00
Charles Reid
ce1e9af2f1 update local cfg file 2020-12-31 13:34:57 -08:00
Charles Reid
e9f70d71f3 update localhosts 2020-12-31 13:34:32 -08:00
Charles Reid
b551f68def update linodehosts 2020-12-31 13:34:08 -08:00
Charles Reid
9fc34261db add dockprom playbook 2020-12-31 13:32:41 -08:00
Charles Reid
2a8356d118 add pod-dockprom role 2020-12-31 13:32:29 -08:00
Charles Reid
a948092be2 update grup vars for pod-dockprom role 2020-12-31 13:32:17 -08:00
Charles Reid
937a266fe7 remove unused port numbers 2020-12-31 13:31:15 -08:00
Charles Reid
463411de88 fix domain in postfix 2020-06-25 21:33:03 -07:00
Charles Reid
6ca3ea3ecf move vim-go to goenv role 2020-06-25 21:32:41 -07:00
Charles Reid
124a791c16 add dotfiles to barebones 2020-06-25 21:32:28 -07:00
Charles Reid
70140fb353 update ansible vault command 2020-06-25 21:07:43 -07:00
Charles Reid
d4b8948474 finally turn off the docker-compose syslog firehose once and for all 2020-06-18 20:37:12 -07:00
Charles Reid
c6e8081406 mention bot playbook in readme 2020-06-18 20:36:53 -07:00
Charles Reid
9938adfabc update vault 2020-06-18 20:36:40 -07:00
Charles Reid
3cd11712b0 add bots playbook info to ansible playbooks docs page 2020-06-18 20:36:25 -07:00
Charles Reid
3f010d9090 smol 2020-06-18 20:36:02 -07:00
Charles Reid
3c7689c398 add a barebones playbook that only creates nonroot user 2020-06-18 20:35:45 -07:00
Charles Reid
f5e6d4a5f6 fix typo 2020-06-09 18:58:12 -07:00
Charles Reid
3f9b78468b fix unzip command 2020-05-30 20:23:17 -07:00
Charles Reid
a1f4cd4948 add encrypted secrets 2020-05-30 20:10:10 -07:00
Charles Reid
4209b797f4 fix commands and paths 2020-05-30 20:09:42 -07:00
Charles Reid
50c50ad305 add memo with notes on what to update in docs 2020-05-30 15:18:00 -07:00
Charles Reid
ec10c1559c split uptime into separate playbook 2020-05-30 15:14:38 -07:00
Charles Reid
8ebf1094e6 typo fix 2020-05-30 15:14:22 -07:00
Charles Reid
62c27441fe update uptime variable names 2020-05-30 15:14:09 -07:00
Charles Reid
873d95ecd4 update uptime var names 2020-05-30 15:13:51 -07:00
Charles Reid
fec7e737b7 add git tag to clone tasks in pod-charlesreid1 role 2020-05-30 15:13:37 -07:00
Charles Reid
4d14872994 use machine_name to run base.yml on select hosts 2020-05-30 15:13:19 -07:00
Charles Reid
f8ea8078bb move dorylus to postfix, cut out 2020-05-30 15:13:02 -07:00
Charles Reid
e94d281cad update bot install paths 2020-05-30 15:12:23 -07:00
Charles Reid
159bda1ae7 fix var name in bot task 2020-05-30 15:11:20 -07:00
Charles Reid
effdb54247 add "target" param to base.yml 2020-05-30 14:56:56 -07:00
Charles Reid
f8406b2c74 add bots playbook and notes 2020-05-30 14:28:49 -07:00
Charles Reid
8c506f015b update apollo, ginsberg and milton bot tasks 2020-05-30 14:28:16 -07:00
Charles Reid
a6ccad8b09 flesh out apollo bot flock task 2020-05-30 14:20:31 -07:00
Charles Reid
738b2ff5c1 add non-encrypted contents of secrets folder to gitignore 2020-05-30 13:48:21 -07:00
Charles Reid
ed1f5b77a4 add notes on secrets 2020-05-30 13:48:07 -07:00
Charles Reid
341b1657a5 add bots role 2020-05-16 23:00:40 -07:00
Charles Reid
b2a516a32d update uptime template variables 2020-05-05 14:23:33 -07:00
Charles Reid
a06a266616 specify pyenv vars in main group_vars file 2020-05-05 04:07:55 -07:00
Charles Reid
ae42b8aec4 update pyenv invocation 2020-05-05 04:07:37 -07:00
Charles Reid
6a66b46bfb service scripts should not be executable 2020-05-05 04:07:17 -07:00
Charles Reid
e86d4384fc fix path to python - use pyenv python 2020-05-05 04:07:00 -07:00
Charles Reid
0160ee59d4 update uptime tags, add virtualenv task 2020-05-05 02:13:39 -07:00
Charles Reid
26a6af122f updaate uptime playbooks and vars 2020-05-05 01:39:47 -07:00
Charles Reid
17e2da3439 fixup comments 2020-05-05 01:15:06 -07:00
Charles Reid
f303a750e2 rename and expand on postfix role to dorylus 2020-05-05 01:14:25 -07:00
Charles Reid
0f104ab562 add uptime readme 2020-05-05 01:14:17 -07:00
Charles Reid
c7efdfe66d add var defaults to uptime role 2020-05-05 01:13:53 -07:00
Charles Reid
a0ed839a4a add config portion to uptime role 2020-05-05 01:13:06 -07:00
Charles Reid
30fe175d09 add safe linodehosts 2020-05-04 18:35:57 -07:00
Charles Reid
6526e90691 update server names that podcharlesreid1.yml playbook applies to 2020-05-04 18:34:47 -07:00
Charles Reid
c79cc877df update vault/default vars with uptime vars 2020-05-04 18:34:28 -07:00
Charles Reid
824b930034 fix and tag machine-name tasks 2020-05-04 18:17:40 -07:00
Charles Reid
dd960cd5e7 apply hash function to system password 2020-05-04 18:17:22 -07:00
Charles Reid
6e26443266 add postfix playbook 2020-05-04 18:16:59 -07:00
Charles Reid
2fb416d3d7 add postfix role 2020-05-04 18:16:13 -07:00
Charles Reid
fe76fa5999 remove go setup from base.yml 2020-05-03 12:04:07 -07:00
Charles Reid
c1522a8602 swap init-nonroot and docker steps in base.yml 2020-05-03 12:03:37 -07:00
Charles Reid
34cb10ec7a add an apt-get update to the provision step 2020-05-03 12:03:10 -07:00
Charles Reid
03f4a0cc48 better use of variables in roles 2020-05-03 12:02:57 -07:00
Charles Reid
3019cf244e update vars in group_vars to remove unused vars 2020-05-03 12:02:44 -07:00
Charles Reid
b670144aa0 update init-root and init-nonroot: create temp dir 2020-05-03 10:25:03 -07:00
Charles Reid
e1f967e946 update readme 2020-05-02 12:01:28 -07:00
Charles Reid
f46afced7f disable nginx service first, enable pod-charlesreid1 service first 2020-05-02 10:10:12 -07:00
Charles Reid
e0f39de77d add a systemctl enable command for pod-charlesreid1 service 2020-05-01 22:44:22 -07:00
Charles Reid
3708983a3c split pod-charlesreid1 tasks 2020-04-28 18:36:04 -07:00
Charles Reid
0c0d74a837 the way it ought to be 2020-04-27 20:49:30 -07:00
Charles Reid
bbe109fdc1 udpate todo list 2020-04-27 20:49:16 -07:00
87 changed files with 3535 additions and 814 deletions
Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -3,3 +3,6 @@
*.log
*.retry
site/
secrets/*
!secrets/*.enc

3
.gitmodules vendored
View File

@@ -1,3 +1,6 @@
[submodule "mkdocs-material"]
path = mkdocs-material
url = https://git.charlesreid1.com/charlesreid1/mkdocs-material.git
[submodule "roles/ansible-postfix"]
path = roles/postfix
url = https://github.com/Oefenweb/ansible-postfix.git

29
Readme.md
View File

@@ -21,8 +21,6 @@ are ready to run these docker pods.
| Pod | Link |
|------------------|------------------------------------------------------|
| pod-charlesreid1 | <https://git.charlesreid1.com/docker/pod-charlesreid1> |
| pod-webhooks | <https://git.charlesreid1.com/docker/pod-webhooks> |
| pod-bots | <https://git.charlesreid1.com/docker/pod-bots> |
## Playbooks
@@ -32,8 +30,7 @@ and a provision playbook.
| Playbook | Description |
|------------------------|----------------------------------------------------------------------------------------------------------------------|
| `podcharlesreid1.yml` | Playbook to install and run the charlesreid1.com docker pod (<https://git.charlesreid1.com/docker/pod-charlesreid1>) |
| `podwebhooks.yml` | (TBA) Playbook to install and run the webhooks pod (<https://git.charlesreid1.com/docker/pod-webhooks>) |
| `podbots.yml` | (TBA) Playbook to install and run the bot pod (<https://git.charlesreid1.com/docker/pod-bots>) |
| `bots.yml` | Playbook to install and run the apollo, ginsberg, and milton bot flocks. See <https://bots.charlesreid1.com>. |
| `base.yml` | Base playbook run by all of the pod playbooks above. |
| `provision.yml` | Playbook to provision new Ubuntu machines with `/usr/bin/python`. |
@@ -41,33 +38,33 @@ and a provision playbook.
## Roles
### Base Playbook Roles
### Playbook Roles
The following roles carry out groups of tasks for setting up the base machine
to run charlesreid1.com infrastructure.
**Base roles:**
| Role Name | Description |
|-----------------------|-----------------------------------------------------------|
| init-root | Prepare root user account |
| init-nonroot | Prepare nonroot user account(s) |
| dotfiles | Install and configure dotfiles for nonroot user |
| install-stuff | Install stuff with aptitude |
| letsencrypt | Install letsencrypt |
| postfix | Install postfix mail server |
| pyenv | Install pyenv for nonroot user |
| goenv | Install goenv for nonroot user |
| sshkeys | Set up ssh keys for all users |
| vim | Set up vim for nonroot user |
| dotfiles | Install and configure dotfiles for nonroot user |
**Machine-specific roles:**
### Pod-Specific Roles
The following roles are run by playbooks specific to the
respective docker pod.
| Role Name | Description |
|-----------------------|--------------------------------------------------------------|
| pod-charlesreid1 | Role specific to the charlesreid1.com docker pod |
| pod-webhooks | Role specific to \{hooks,pages\}.charlesreid1.com docker pod |
| pod-bots | Role specific to bots docker pod |
| Role Name | Description |
|-----------------------|-------------------------------------------------------------------------|
| bots | Install and run the apollo, ginsberg, and milton bot flocks. See <https://bots.charlesreid1.com>. |
| pod-charlesreid1 | Install the charlesreid1.com pod <https://github.com/charlesreid1-docker/pod-charlesreid1>). |
| uptime | Install the uptime bot (<https://github.com/charlesreid1-bots/uptime>). |
## Getting Started with Playbooks

20
Secrets.md Normal file
View File

@@ -0,0 +1,20 @@
# Secrets
Two kinds of secrets:
- secret variables (in secrets vault)
- secret files (encrypted and kept in `secrets/` directory)
## Secret Variables
Use `ansible-vault edit` command.
## Secret Files
Encrypt a file using `ansible-vault encrypt` command.
Standard procedure is to add .enc extension to filename.
```
$ ansible-vault encrypt --vault-password-file .vault_secret hello.txt --output hello.txt.enc
```

47
TODO
View File

@@ -1,46 +1,20 @@
mediawiki skin:
- we made it templatable already
- actually template it
- charlesreid1-config git repo
captain hook config:
- need to have a template
- requires us to set a secret
- have been using "charles@charlesreid1.com"
- md5
charlesreid1 theme:
- make links templatable
letsencrypt:
- set up script to renew the stupid letsencrypt every month
captain hook canary setup:
- install service script that checks for the canary file every 10 seconds
- it should run a script in the captain hook install dir
- if it finds the canary file, it should use a docker pod scripts dir script to update captain hook
pod-webhooks:
- need to install captain hook canary and captain hook pull host
- debian/dotfiles/bluebear_scripts/captain_hook_canary.sh
- debian/dotfiles/bluebear_scripts/captain_hook_pull_host.py
- debian/dotfiles/service/captain-hook-canary.service
making domain swappable:
- submodules of pod-charlesreid1 would need to be reviewed in detail...
- need to template more files than we are currently templating
- the jinja copy from, copy to approach works well
- gitea
- mediawiki
- nginx
- letsencrypt
more letsencrypt:
- the pod-charlesreid1 role defaults has a top_domain set to charlesreid1.com
- it says, "check for letsencrypt certs to this domain (top level domain of entire pod)"
- this does not match up with the nginx config files... which is how things are REALLY set
- top domain is used by gitea...
subdomains/domains approach needs to be:
- specify a list of top level domains
- subdomains are fixed, but needs to be eg pages.${TOP_DOMAIN}
pod-charlesreid1 /www setup
https://git.charlesreid1.com/charlesreid1/charlesreid1.com
@@ -48,9 +22,6 @@ https://git.charlesreid1.com/charlesreid1/charlesreid1.com
/www/charlesreid1.com/
charlesreid1.com-src/ <-- clone of charlesreid1.com repo, src branch
git/ <-- .git dir for charlesreid1.com repo gh-pages branch
git.data/ <-- .git dir for charlesreid1-data
htdocs/ <-- clone of charlesreid1.com repo gh-pages branch
data/ <-- clone of charlesreid1-data

21
barebones.yml Normal file
View File

@@ -0,0 +1,21 @@
---
# barebones playbook
- name: Initial setup root
hosts: "{{ machine_name }}"
roles:
- role: init-root
tags: init-root
become: yes
- name: Initial setup non-root
hosts: "{{ machine_name }}"
roles:
- role: init-nonroot
tags: init-nonroot
- name: Set up dotfiles
hosts: "{{ machine_name }}"
roles:
- role: dotfiles
tags: dotfiles

75
base.yml
View File

@@ -1,10 +1,10 @@
---
# main playbook for
# all charlesreid1 nodes
# all nodes
- name: Initial setup root
hosts: servers
hosts: "{{ machine_name }}"
roles:
- role: init-root
tags: init-root
@@ -12,71 +12,84 @@
- name: Install packages with aptitude
hosts: servers
hosts: "{{ machine_name }}"
roles:
- role: install-stuff
tags: install-stuff
become: yes
- name: Install docker and docker-compose
hosts: servers
roles:
- role: docker
become: yes
- name: Initial setup non-root
hosts: servers
hosts: "{{ machine_name }}"
roles:
- role: init-nonroot
tags: init-nonroot
- name: Install docker and docker-compose
hosts: "{{ machine_name }}"
roles:
- role: docker
become: yes
- name: Set up SSH keys
hosts: servers
hosts: "{{ machine_name }}"
roles:
- role: sshkeys
tags: sshkeys
- name: Install firewall
hosts: "{{ machine_name }}"
vars:
- firewall_allowed_tcp_ports:
- "{{ ssh_port }}"
- "80"
- "443"
- "8080" # cadvisor
- "9100" # nodeexporter
- "3100" # loki
- "9113" # nginxexporter
roles:
- role: firewall
become: yes
- name: Set up dotfiles
hosts: servers
hosts: "{{ machine_name }}"
roles:
- role: dotfiles
tags: dotfiles
- name: Set up vim
hosts: servers
hosts: "{{ machine_name }}"
roles:
- role: vim
tags: vim
- name: Install pyenv
hosts: servers
hosts: "{{ machine_name }}"
roles:
- role: pyenv
tags: pyenv
become: yes
- name: Install goenv
hosts: servers
roles:
- role: goenv
tags: goenv
become: yes
#- name: Install AWS credentials and tools
# hosts: servers
# roles:
# - role: aws
# tags: aws
# aws_secret_access_key: "{{ charlesreid1_aws_secret_access_key }}"
# aws_access_key_id: "{{ charlesreid1_aws_access_key_id }}"
#- name: Install goenv
# hosts: servers
# roles:
# - role: goenv
# tags: goenv
# become: yes
#- name: Install AWS credentials and tools
# hosts: servers
# roles:
# - role: aws
# tags: aws
# aws_secret_access_key: "{{ charlesreid1_aws_secret_access_key }}"
# aws_access_key_id: "{{ charlesreid1_aws_access_key_id }}"

26
bots.md Normal file
View File

@@ -0,0 +1,26 @@
strategy for dealing with bot keys:
step 1: encrypt file with ansible-vault
```
$ ansible-vault encrypt server.key
```
step 2: refer to the encrypted file in the copy module
```
---
- hosts: all
tasks:
- name: Copy server private key
copy:
src: server.key
dest: /etc/env/server.key
decrypt: yes
owner: root
group: root
mode: 400
backup: no
```

10
bots.yml Normal file
View File

@@ -0,0 +1,10 @@
---
# Playbook for installing bot flocks
- name: Install bot flock
hosts: dorky
become: yes
roles:
- role: bots

11
dockprom.yml Normal file
View File

@@ -0,0 +1,11 @@
---
# deploy dockprom pod to dev stage
- name: Install dockprom docker pod
hosts: "{{ machine_name }}"
vars:
- install_client_service: "true"
- dockprom_bind_ip: "192.168.30.40"
roles:
- role: pod-dockprom
become: yes

29
docs/ansible_playbooks.md
View File

@@ -10,6 +10,7 @@ Table of Contents
* [provision\.yml: Provision Your Remote Node](#provisionyml-provision-your-remote-node)
* [base\.yml: the base plays](#baseyml-the-base-plays)
* [podcharlesreid1\.yml: charlesreid1 docker pod play](#podcharlesreid1yml-charlesreid1-docker-pod-play)
* [bots\.yml: bot play](#botsyml-charlesreid1-bots-play)
* [List of Tags](#list-of-tags)
@@ -134,6 +135,34 @@ ANSIBLE_CONFIG="do.cfg" \
```
## bots.yml: charlesreid1 bots play
The bot playbook installs the following bot flocks:
- [apollo bot flock](https://github.com/charlesreid1-bots/apollo-space-junk)
- [ginsberg bot flock](https://github.com/charlesreid1-bots/ginsberg-bot-flock)
- [milton bot flock](https://github.com/charlesreid1-bots/milton-bot-flock)
It also installs the Twitter keys these bots require using the Ansible
vault, which stores an encrypted zip file with keys for each bot flock.
```plain
ANSIBLE_CONFIG="vagrant.cfg" \
ansible-playbook \
--vault-password-file=.vault_secret \
bots.yml
```
**Linode Example:**
```plain
ANSIBLE_CONFIG="linode.cfg" \
ansible-playbook \
--vault-password-file=.vault_secret \
bots.yml
```
## List of Tags
(Incomplete)

12
docs/ansible_vault.md
View File

@@ -15,6 +15,7 @@ Table of Contents
* [How to edit the vault file?](#how-to-edit-the-vault-file)
* [How to use the vault file?](#how-to-use-the-vault-file)
* [Adding new secret variables](#adding-new-secret-variables)
* [Adding new encrypted files](#adding-new-encrypted-files)
## What is Ansible Vault?
@@ -166,3 +167,14 @@ This is where you put the real API key:
vault_api_key: "ABCXYZ123456"
```
## Adding new encrypted files
Encrypt a file using `ansible-vault encrypt` command.
Standard procedure is to add .enc extension to filename.
```
$ ansible-vault encrypt --vault-password-file .vault_secret hello.txt --output hello.txt.enc
```

25
firewall.yml Normal file
View File

@@ -0,0 +1,25 @@
---
# Playbook for firewall role
- name: Set up SSH keys
hosts: "{{ machine_name }}"
roles:
- role: sshkeys
tags: sshkeys
- name: Install firewall
hosts: "{{ machine_name }}"
vars:
- firewall_allowed_tcp_ports:
- "{{ ssh_port }}"
- "80"
- "443"
- "8080" # cadvisor
- "9100" # nodeexporter
- "3100" # loki
- "9113" # nginxexporter
roles:
- role: firewall
become: yes

60
group_vars/all/main.yml
View File

@@ -22,35 +22,66 @@ ssh_key_email: "charlesreid1@gmail.com"
charlesreid1_admin_email: "charles@charlesreid1.com"
# nginx variables
charlesreid1_port_default: "80"
charlesreid1_port_gitea: "80"
charlesreid1_port_ssl_default: "443"
charlesreid1_port_ssl_gitea: "443"
# pyenv variables
pyenv_root: "/home/{{ username }}/.pyenv"
pyenv_versions:
- 3.7.9
# - miniconda3-4.3.30
# - 3.7.5
# - 3.8.0
pyenv_global_version: 3.7.9
pyenv_python: "{{ pyenv_root }}/versions/{{ pyenv_global_version }}/bin/python"
pyenv_pip: "{{ pyenv_root }}/versions/{{ pyenv_global_version }}/bin/pip"
# ports
ssh_port: 5778
########################
# vault variables
####################
# dockprom
charlesreid1_dockprom_admin_user: "{{ vault_dockprom_admin_user }}"
charlesreid1_dockprom_admin_pass: "{{ vault_dockprom_admin_pass }}"
####################
# base vault vars
# unix system password
charlesreid1_system_password: "{{ vault_system_password }}"
base_system_password: "{{ vault_system_password }}"
####################
# uptime vault vars
# uptime details
charlesreid1_uptime_user: "{{ username }}"
charlesreid1_uptime_gmail_email: "{{ vault_uptime_gmail_email }}"
charlesreid1_uptime_gmail_password: "{{ vault_uptime_gmail_password }}"
charlesreid1_uptime_recipient_name: "{{ vault_uptime_recipient_name }}"
charlesreid1_uptime_recipient_email: "{{ vault_uptime_recipient_email }}"
charlesreid1_uptime_slack_apikey: "{{ vault_uptime_slack_apikey }}"
charlesreid1_uptime_slack_channel: "{{ vault_uptime_slack_channel }}"
####################
# charlesreid1 vault vars
# AWS credentials:
charlesreid1_aws_secret_access_key: "{{ vault_aws_secret_access_key }}"
charlesreid1_aws_access_key_id: "{{ vault_aws_access_key_id }}"
# set the IP address of our two servers
#
# pod-charlesreid
charlesreid1_nginx_charlesreid1_ip: "{{ vault_nginx_charlesreid1_ip }}"
#
# pod-webhooks
charlesreid1_nginx_subdomains_ip: "{{ vault_nginx_subdomains_ip }}"
# Secrets and stuff
# pod-charlesreid1 requires a mysql password
@@ -62,8 +93,3 @@ charlesreid1_gitea_internal_token: "{{ vault_gitea_internal_token }}"
# mediawiki secret key for web sessions
charlesreid1_mediawiki_secretkey: "{{ vault_mediawiki_secretkey }}"
# pod-webhooks requires a secret to be sent
# with the webhook.
charlesreid1_captain_hook_secret: "{{ vault_captain_hook_secret }}"

103
group_vars/all/vault
View File

@@ -1,46 +1,59 @@
$ANSIBLE_VAULT;1.1;AES256
66323230386436663663343339376232383737666330323161643535323434363962366336663061
6264653564626462323934633730326535643935393233370a323031333835616137666634343934
32613038323132376566353837373337393931633239373332653063333838333633373831653938
6139316565646531650a663864383930383038373763363236653634373832613931643139313432
38356133356635356637646132313631623834326331333362623932363363313030633533633361
33666162613931636238646136366466633933336233326236636139613266613735633832383463
64366435343138366136663433363332663633643963626633646361343566623461393437396632
33353366336330383164646438656237363532366563333066323838633539663331613866346161
39346166393064333230623235323432333235396637356432656132343833323336623633616235
38393430613039333232353339356665373132366235333438383562393066313537646338323236
34366431636435366438333236623330613565343033663839316562616330303365383233396334
66333831643162653631643062616535353965393837336264613938383636633664653935383064
66396536663065303438663932616435313061643930326533316530383234393230666332616233
66333366316634313861396330303561616136316562613530303364643639353366363937356537
38376266376237646662656232333532303532373832633630663530326361623131626631363035
36313264626334373136323461623339363730653636393939373562356130656564613964373334
31326131323465663861333063613132363838396630616236386166336164353262326335356138
64636264633232623864383431616364303465316662353337333632346238633136633933643234
37383731333133363139643835376563653462346138646663636537346331363864306536623139
63626239643561383363313764363435376666666533323664386565376435383361306634633239
34653637303338646634643965363235633635633736386435373334326461663464616637646236
62303139623738646432356337626464346136396536356538643736303137626438633362356332
33306564333131636530666534316136386534623962633438663639663235316164346136383262
30363234396564663438373463653164656434656661356530616639663533386231396462656234
32663133366130376135353664653036376161633063353237323033376662643265396235623339
36633434613732346437303837393164626538316336616437303566353936623863313561666238
30663263386663376263313139653737666135306237353737323862636565666566343034643133
36653066316633343837623432393561336663646432363965393463613330313935663934623030
66653066396664393765363536376336353962373466373163366331353835316561313533333536
63346331633337343766393335313836366336656533653233636162636534363261356366336432
66323035386430653230646539623765333134383136306634646136333235636635336337356465
61626265613565346437656233306438333939323132396437643034636531303763373932393935
63633731643436376630373662613461383333623162323534626131336438313961333431656636
63383733633166646230663762373466303732616437636265646266626238636463313732316661
39653734626463313065313064383631356565613463323465393836613962653438336666313066
65316333623061396436366136643365653563376337653463613565336231623534633831656639
65616462363738323935393334653162613562633239326634643533303565643764646236353936
37353930383566373364376132383861393835613738386562393365316439373665393535356435
39396564646138323865333063336563636163356637363065316433393733613262643232663564
64366539653262386334363766346162373037623033626439316464616636376461643034633464
62616130383630613864353432313432326464353866623132383963323438396266656566303331
64613732393662386633656263333861663738313530303361313464316337346261336563363334
65663336333735316134636262643037373134373461633466613233343135336130626430396334
33366330326662313163636362633532333437616537363335393133363065626235373830356131
64303639656534326130333234643338346436356533636465356437653366663764
62626164613766613162653233616565393064366366303463653761626435663236366237663931
3938316262353261666435313766306438656330653561330a303036313536363263633635636435
33363266643233363838616239333061316432346362383063326630623532363862666331373137
6161643632353730350a656335663536366264633634323263386461646161386233646639393862
32663162613130343463646363653663363237303436623138633366316163323164623366616538
31306336383434656536383339383535646461326539653934363436333363633963313239383938
30666333373537653338316633643436313732346261656330643162343230636163343136353464
33646237663338636134613832623338316463366338623662363665633561316565306664663533
62336636626136613465346533316237626335656632373535383137353264306337633637653762
34366561386462306464373263363537303465306533303935383130393161343030323337343932
33323839326665643734643064353838643436626363643733363232386665323761303165383236
33393533333361383566616335343336303730656432306632326134653239306334306438646437
65323339303038656239333230323037343466393134353731643033643065333431623333663264
61306132636637353734373064343965386233663031313836306639313533303130306663316666
30626564373066333561633363383733313063346564336338653737346130313432653231353732
64636661346434616536636638623265396330343639613139623965373131336363376333626162
65386562613362613266336565303065663132336263636535623639383035343131336532393466
66666563623863653566336464363738366566343462366263653434303364623237633763333864
34313362643665613834303533653533326531396132613539363434363463303263643433363866
35353331633436346238616231656166343030613935343332363132363135353063386563366438
61653739373534313164373262326233613032353835616334396332643262616665326130386462
37363734633964363937633336326361313561373066643766356462333562373565643138333065
66613165393539663239396561393235653236646537656637356430323731643761613061393665
32636262343861386264326666613230373966316561653637336465653831343531363439323433
65343430303361663437666230383236656538326466636366373366326637633063383538643461
64643431656535623961313164623764376130633839306632376237633734343635393164356363
39636261666639626261313962386434626533313538393463623365643065633432386630386434
34313164313366353862653838356431323764633133303962346663303836333361613333666463
34633032393861386332383236366432396337353539616132336537326663303263613464346235
37373163383164306233653265356136393364316637626361353432333436306634643462333530
63623330666237636138633131646232663531326462303837393236656662666233316532373162
62353366326238313131366234646532626565666563393139376536643936313736626166313466
61383461383538386566356333396464373636626266373239623266356263323532646366343966
39666566623964303834326330303437626431356261396663373031306164636131383338313661
38373034663266663763656436666137336235646635326664326633616662383039386139616266
61306630373838333234613566386431633534653961633234653364326437356233343965666465
65326266656665633331356665363435343438613134343339393762373762643530376363343930
35333735386331343530343239393864323838633364363338373734323434393736333837373363
38383464303434316436343764373934643162616237333930383239353862366532316263303461
66333031323563626461363134656636393734323531343163373736353965323865613963646332
32653363336366643261323063323662326239346135316664393366623532333865343461666532
34343761636135363035313338353934653533366165633361653738333836336630383538336264
61633538623663313136363636393332616335626137326332613131363934373235306662356163
65643334376634626665316136393236313437376233333963316134613861623035666132386136
63363062653235663136383665356661306538373566313136336564356563326138656635353466
31646333373334623931353037663863636366386530383435623139336630353261633339323961
65646332623336616536343063643666646634326462366131613930653538613433373230326633
38353733656561353938306235303231623438396366356235666131323366633061313361656533
38646331336636303138623962646464363062313462366664653466326335393437333336366133
37383462303635316661343935353762666633366334343430326562663434313239373235356235
32303962653437366363363739646263663264376665353362383033383466336435303736313731
35646361306535373532393038383030336634353737343534663461393830346464386138623139
61623664626164386630623633363237643161656434343465633530653836373439376339313831
39343739336461333535663264626230393737306137653864323734626639313133626132626436
66616465386333626332663064396137666561663162383337333634303037366234633632623538
36356464323333613861383432356263636438316133333531393331323262316438343633643333
39363130376562373163663633363363306133643161313063303165643934633266613330616130
6633313739623562656533376639346132333338373030303561

2
linode.cfg
View File

@@ -1,6 +1,6 @@
[defaults]
inventory = linodehosts
remote_user = root
remote_user = charles
private_key_file = ~/.ssh/id_rsa
host_key_checking = False
vault_password_file = .vault_secret

14
linodehosts
View File

@@ -1,5 +1,13 @@
[servers:children]
linodeservers
bear
dorky
dracaena
[linodeservers]
linode ansible_host=50.116.7.163 ansible_port=22 ansible_python_interpreter=/usr/bin/python3
[bear]
linode_bear ansible_host=300.300.300.300 ansible_port=22 ansible_python_interpreter=/usr/bin/python3
[dorky]
linode_dorky ansible_host=400.400.400.400 ansible_port=22 ansible_python_interpreter=/usr/bin/python3
[dracaena]
linode_dracaena ansible_host=500.500.500.500 ansible_port=22 ansible_python_interpreter=/usr/bin/python3

8
local.cfg Normal file
View File

@@ -0,0 +1,8 @@
[defaults]
inventory = localhosts
remote_user = charles
private_key_file = ~/.ssh/id_rsa
host_key_checking = False
vault_password_file = .vault_secret
log_path = ansible_linode.log
command_warnings = raise

5
localhosts Normal file
View File

@@ -0,0 +1,5 @@
[servers:children]
bespin
[bespin]
localhost_bespin ansible_host=192.168.0.0 ansible_port=22 ansible_python_interpreter=/usr/bin/python3

7
memo Normal file
View File

@@ -0,0 +1,7 @@
changes:
- base uses machine name
- postfix is separate playbook
- uptime is separate playbook
- bots playbook
- pod charlesreid1 playbook

12
podcharlesreid1.yml
View File

@@ -4,24 +4,24 @@
- name: Install SSL certificates for charlesreid1 docker pod
hosts: servers
hosts: bear
become: yes
roles:
- role: letsencrypt
tags: letsencrypt
site_email: "charles@charlesreid1.com"
domains:
- "charlesreid1.red"
- "www.charlesreid1.red"
- "git.charlesreid1.red"
- "charlesreid1.com"
- "www.charlesreid1.com"
- "git.charlesreid1.com"
- name: Install charlesreid1 docker pod
hosts: servers
hosts: bear
become: yes
roles:
- role: pod-charlesreid1
tags: pod-charlesreid1
charlesreid1_server_name_default: "charlesreid1.red"
charlesreid1_server_name_default: "charlesreid1.com"

15
postfix.yml Normal file
View File

@@ -0,0 +1,15 @@
---
# Playbook for postfix server
- name: Install postfix
hosts: dorky
roles:
- postfix
vars:
postfix_raw_options:
- |
append_dot_mydomain = yes
myorigin = /etc/mailname
postfix_hostname: "charlesreid1.party"
postfix_mailname: "charlesreid1.party"

2
provision.yml
View File

@@ -10,6 +10,8 @@
gather_facts: no
remote_user: root
pre_tasks:
- name: "Update aptitude"
raw: sudo apt-get -y update
- name: "Install python2"
raw: sudo apt-get -y install python
- name: Add the non-root user

38
roles/bots/README.md Normal file
View File

@@ -0,0 +1,38 @@
Role Name
=========
A brief description of the role goes here.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

12
roles/bots/defaults/main.yml Normal file
View File

@@ -0,0 +1,12 @@
---
# variables for installing bots
apollo_user: "{{ nonroot_user }}"
apollo_path: "/home/{{ apollo_user }}/apollo"
ginsberg_user: "{{ nonroot_user }}"
ginsberg_path: "/home/{{ apollo_user }}/ginsberg"
milton_user: "{{ nonroot_user }}"
milton_path: "/home/{{ milton_user }}/milton"

183
roles/bots/tasks/apollo.yml Normal file
View File

@@ -0,0 +1,183 @@
---
# apollo bot flock
#
# Process:
# - clone repo
# - install api keys
# - install bot keys
# - install startup service
# - enable startup service
# - start startup service
# #####################################
# CLONE APOLLO SPACE JUNK
- name: Check if apollo repo is already cloned
stat:
path: "{{ apollo_path }}"
register: apollo_clone_check
tags:
- bots
- apollo
- git
- name: Clone apollo repo
become: yes
become_user: "{{ username }}"
git:
repo: "https://github.com/charlesreid1-bots/apollo-space-junk.git"
dest: "{{ apollo_path }}"
recursive: yes
when:
- "not apollo_clone_check.stat.exists"
tags:
- bots
- apollo
- git
- name: Pull apollo
become: yes
become_user: "{{ username }}"
command: "git pull"
args:
chdir: "{{ apollo_path }}"
when:
- "apollo_clone_check.stat.exists"
tags:
- bots
- apollo
- git
# #####################################
# SET UP BOT KEYS
- name: "Install API keys"
become: yes
become_user: "{{ username }}"
copy:
src: "../../../secrets/apikeys.json.enc"
dest: "{{ apollo_path }}/bot/apikeys.json"
decrypt: yes
tags:
- bots
- apollo
- keys
- name: "Install zipped Apollo Twitter keys"
become: yes
become_user: "{{ username }}"
copy:
src: "../../../secrets/apollo_keys.zip.enc"
dest: "{{ apollo_path }}/bot/apollo_keys.zip"
decrypt: yes
tags:
- bots
- apollo
- keys
- name: "Unzip Apollo Twitter keys"
become: yes
become_user: "{{ username }}"
command: "unzip -o {{ apollo_path }}/bot/apollo_keys.zip -d {{ apollo_path }}/bot"
tags:
- bots
- apollo
- keys
# #####################################
# SET UP VIRTUALENV
#
# Procedure:
# - install virtualenv package
# - create the virtual env dir
# - source the activate script
# - pip install requirements.txt
- name: Pip install virtualenv
become: yes
become_user: "{{ username }}"
command: "/home/{{ username }}/.pyenv/shims/pip install virtualenv"
tags:
- bots
- apollo
- bot-virtualenv
- name: Create apollo virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ pyenv_python }} -m virtualenv -p python3.6 {{ apollo_path }}/vp"
tags:
- bots
- apollo
- bot-virtualenv
- name: Pip install apollo requirements.txt into the uptime virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ apollo_path }}/vp/bin/pip install -r {{ apollo_path }}/requirements.txt"
tags:
- bots
- apollo
- bot-virtualenv
# #####################################
# INSTALL STARTUP SERVICES
#
# Check if bot startup service is installed.
# If not, install it.
- name: Check if apollo startup service is installed
stat:
path: /etc/systemd/system/apollo.service
register: apollo_service_check
tags:
- bots
- apollo
- bot-services
- name: Fetch the apollo startup service jinja template
fetch:
src: "{{ apollo_path }}/service/apollo.service.j2"
dest: "/tmp/apollo.service.j2"
flat: yes
fail_on_missing: yes
tags:
- bots
- apollo
- bot-services
- name: Install the apollo startup service file
become: yes
template:
src: "/tmp/apollo.service.j2"
dest: "/etc/systemd/system/apollo.service"
mode: 0774
when:
- "not apollo_service_check.stat.exists"
tags:
- bots
- apollo
- bot-services
- name: Enable apollo startup service
become: yes
command: "systemctl enable apollo"
when:
- "apollo_service_check.stat.exists"
tags:
- bots
- apollo
- bot-services

177
roles/bots/tasks/ginsberg.yml Normal file
View File

@@ -0,0 +1,177 @@
---
# ginsberg bot flock
#
# Process:
# - clone repo
# - install api keys
# - install bot keys
# - install startup service
# - enable startup service
# - start startup service
# #####################################
# CLONE GINSBERG BOT FLOCK
- name: Check if ginsberg repo is already cloned
stat:
path: "{{ ginsberg_path }}"
register: ginsberg_clone_check
tags:
- bots
- ginsberg
- git
- name: Clone ginsberg repo
become: yes
become_user: "{{ username }}"
git:
repo: "https://github.com/charlesreid1-bots/ginsberg-bot-flock.git"
dest: "{{ ginsberg_path }}"
recursive: yes
when:
- "not ginsberg_clone_check.stat.exists"
tags:
- bots
- ginsberg
- git
- name: Pull ginsberg
become: yes
become_user: "{{ username }}"
command: "git pull"
args:
chdir: "{{ ginsberg_path }}"
when:
- "ginsberg_clone_check.stat.exists"
tags:
- bots
- ginsberg
- git
# #####################################
# SET UP BOT KEYS
- name: "Install API keys"
copy:
src: "../../../secrets/apikeys.json.enc"
dest: "{{ ginsberg_path }}/bot/apikeys.json"
decrypt: yes
tags:
- bots
- ginsberg
- keys
- name: "Install zipped ginsberg Twitter keys"
copy:
src: "../../../secrets/ginsberg_keys.zip.enc"
dest: "{{ ginsberg_path }}/bot/ginsberg_keys.zip"
decrypt: yes
tags:
- bots
- ginsberg
- keys
- name: "Unzip ginsberg Twitter keys"
command: "unzip -o {{ ginsberg_path }}/bot/ginsberg_keys.zip -d {{ ginsberg_path }}/bot"
tags:
- bots
- ginsberg
- keys
# #####################################
# SET UP VIRTUALENV
#
# Procedure:
# - install virtualenv package
# - create the virtual env dir
# - source the activate script
# - pip install requirements.txt
- name: Pip install virtualenv
become: yes
become_user: "{{ username }}"
command: "/home/{{ username }}/.pyenv/shims/pip install virtualenv"
tags:
- bots
- ginsberg
- bot-virtualenv
- name: Create ginsberg virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ pyenv_python }} -m virtualenv -p python3.6 {{ ginsberg_path }}/vp"
tags:
- bots
- ginsberg
- bot-virtualenv
- name: Pip install ginsberg requirements.txt into the uptime virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ ginsberg_path }}/vp/bin/pip install -r {{ ginsberg_path }}/requirements.txt"
tags:
- bots
- ginsberg
- bot-virtualenv
# #####################################
# INSTALL STARTUP SERVICES
#
# Check if bot startup service is installed.
# If not, install it.
- name: Check if ginsberg startup service is installed
stat:
path: /etc/systemd/system/ginsberg.service
register: ginsberg_service_check
tags:
- bots
- ginsberg
- bot-services
- name: Fetch the ginsberg startup service jinja template
fetch:
src: "{{ ginsberg_path }}/service/ginsberg.service.j2"
dest: "/tmp/ginsberg.service.j2"
flat: yes
fail_on_missing: yes
tags:
- bots
- ginsberg
- bot-services
- name: Install the ginsberg startup service file
become: yes
template:
src: "/tmp/ginsberg.service.j2"
dest: "/etc/systemd/system/ginsberg.service"
mode: 0774
when:
- "not ginsberg_service_check.stat.exists"
tags:
- bots
- ginsberg
- bot-services
- name: Enable ginsberg startup service
become: yes
command: "systemctl enable ginsberg"
when:
- "ginsberg_service_check.stat.exists"
tags:
- bots
- ginsberg
- bot-services

7
roles/bots/tasks/main.yml Normal file
View File

@@ -0,0 +1,7 @@
---
# tasks file for installing bots
- include: apollo.yml
- include: ginsberg.yml
- include: milton.yml

178
roles/bots/tasks/milton.yml Normal file
View File

@@ -0,0 +1,178 @@
---
# milton bot flock
#
# Process:
# - clone repo
# - install api keys
# - install bot keys
# - install startup service
# - enable startup service
# - start startup service
# #####################################
# CLONE MILTON BOT FLOCK
- name: Check if milton repo is already cloned
stat:
path: "{{ milton_path }}"
register: milton_clone_check
tags:
- bots
- milton
- git
- name: Clone milton repo
become: yes
become_user: "{{ username }}"
git:
repo: "https://github.com/charlesreid1-bots/milton-bot-flock.git"
dest: "{{ milton_path }}"
recursive: yes
when:
- "not milton_clone_check.stat.exists"
tags:
- bots
- milton
- git
- name: Pull milton
become: yes
become_user: "{{ username }}"
command: "git pull"
args:
chdir: "{{ milton_path }}"
when:
- "milton_clone_check.stat.exists"
tags:
- bots
- milton
- git
# #####################################
# SET UP BOT KEYS
- name: "Install API keys"
copy:
src: "../../../secrets/apikeys.json.enc"
dest: "{{ milton_path }}/bot/apikeys.json"
decrypt: yes
tags:
- bots
- milton
- keys
- name: "Install zipped milton Twitter keys"
copy:
src: "../../../secrets/milton_keys.zip.enc"
dest: "{{ milton_path }}/bot/milton_keys.zip"
decrypt: yes
tags:
- bots
- milton
- keys
- name: "Unzip milton Twitter keys"
command: "unzip -o {{ milton_path }}/bot/milton_keys.zip -d {{ milton_path }}/bot"
tags:
- bots
- milton
- keys
# #####################################
# SET UP VIRTUALENV
#
# Procedure:
# - install virtualenv package
# - create the virtual env dir
# - source the activate script
# - pip install requirements.txt
- name: Pip install virtualenv
become: yes
become_user: "{{ username }}"
command: "/home/{{ username }}/.pyenv/shims/pip install virtualenv"
tags:
- bots
- milton
- bot-virtualenv
- name: Create milton virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ pyenv_python }} -m virtualenv -p python3.6 {{ milton_path }}/vp"
tags:
- bots
- milton
- bot-virtualenv
- name: Pip install milton requirements.txt into the uptime virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ milton_path }}/vp/bin/pip install -r {{ milton_path }}/requirements.txt"
tags:
- bots
- milton
- bot-virtualenv
# #####################################
# INSTALL STARTUP SERVICES
#
# Check if bot startup service is installed.
# If not, install it.
- name: Check if milton startup service is installed
stat:
path: /etc/systemd/system/milton.service
register: milton_service_check
tags:
- bots
- milton
- bot-services
- name: Fetch the milton startup service jinja template
fetch:
src: "{{ milton_path }}/service/milton.service.j2"
dest: "/tmp/milton.service.j2"
flat: yes
fail_on_missing: yes
tags:
- bots
- milton
- bot-services
- name: Install the milton startup service file
become: yes
template:
src: "/tmp/milton.service.j2"
dest: "/etc/systemd/system/milton.service"
mode: 0774
when:
- "not milton_service_check.stat.exists"
tags:
- bots
- milton
- bot-services
- name: Enable milton startup service
become: yes
command: "systemctl enable milton"
when:
- "milton_service_check.stat.exists"
tags:
- bots
- milton
- bot-services
#

3
roles/firewall/.gitignore vendored Normal file
View File

@@ -0,0 +1,3 @@
*.retry
*/__pycache__
*.pyc

20
roles/firewall/LICENSE Normal file
View File

@@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

4
roles/firewall/README.md Normal file
View File

@@ -0,0 +1,4 @@
# Firewall Ansible Role
Source: <https://github.com/geerlingguy/ansible-role-firewall>

22
roles/firewall/defaults/main.yml Normal file
View File

@@ -0,0 +1,22 @@
---
firewall_state: started
firewall_enabled_at_boot: true
firewall_flush_rules_and_chains: true
firewall_allowed_tcp_ports:
- "22"
- "80"
- "443"
firewall_allowed_udp_ports: []
firewall_forwarded_tcp_ports: []
firewall_forwarded_udp_ports: []
firewall_additional_rules: []
firewall_enable_ipv6: true
firewall_ip6_additional_rules: []
firewall_log_dropped_packets: true
# Set to true to ensure other firewall management software is disabled.
firewall_disable_firewalld: true
firewall_disable_ufw: true

3
roles/firewall/handlers/main.yml Normal file
View File

@@ -0,0 +1,3 @@
---
- name: restart firewall
service: name=firewall state=restarted

52
roles/firewall/tasks/main.yml Normal file
View File

@@ -0,0 +1,52 @@
---
- name: Ensure iptables is present.
package: name=iptables state=present
- name: Flush iptables the first time playbook runs.
command: >
iptables -F
creates=/etc/firewall.bash
- name: Copy firewall script into place.
template:
src: firewall.bash.j2
dest: /etc/firewall.bash
owner: root
group: root
mode: 0744
notify: restart firewall
- name: Copy firewall init script into place.
template:
src: firewall.init.j2
dest: /etc/init.d/firewall
owner: root
group: root
mode: 0755
when: "ansible_service_mgr != 'systemd'"
- name: Copy firewall systemd unit file into place (for systemd systems).
template:
src: firewall.unit.j2
dest: /etc/systemd/system/firewall.service
owner: root
group: root
mode: 0644
when: "ansible_service_mgr == 'systemd'"
- name: Configure the firewall service.
service:
name: firewall
state: "restarted"
#state: "{{ firewall_state }}"
enabled: "{{ firewall_enabled_at_boot }}"
- name: Stop the docker service.
service:
name: docker
state: stopped
- name: Start the docker service.
service:
name: docker
state: started

138
roles/firewall/templates/firewall.bash.j2 Executable file
View File

@@ -0,0 +1,138 @@
#!/bin/bash
# iptables firewall.
#
# This file should be located at /etc/firewall.bash, and is meant to work with
# the `geerlingguy.firewall` Ansible role.
#
# Common port reference:
# 22: SSH
# 25: SMTP
# 80: HTTP
# 123: NTP
# 443: HTTPS
# 2222: SSH alternate
# 8080: HTTP alternate
#
# @author Jeff Geerling
# No spoofing.
if [ -e /proc/sys/net/ipv4/conf/all/rp_filter ]
then
for filter in /proc/sys/net/ipv4/conf/*/rp_filter
do
echo 1 > $filter
done
fi
# Set the default rules.
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
{% if firewall_flush_rules_and_chains %}
# Remove all rules and chains.
iptables -t nat -F
iptables -t mangle -F
iptables -F
iptables -X
{% endif %}
# Accept traffic from loopback interface (localhost).
iptables -A INPUT -i lo -j ACCEPT
# Forwarded ports.
{# Add a rule for each forwarded port #}
{% for forwarded_port in firewall_forwarded_tcp_ports %}
iptables -t nat -I PREROUTING -p tcp --dport {{ forwarded_port.src }} -j REDIRECT --to-port {{ forwarded_port.dest }}
iptables -t nat -I OUTPUT -p tcp -o lo --dport {{ forwarded_port.src }} -j REDIRECT --to-port {{ forwarded_port.dest }}
{% endfor %}
{% for forwarded_port in firewall_forwarded_udp_ports %}
iptables -t nat -I PREROUTING -p udp --dport {{ forwarded_port.src }} -j REDIRECT --to-port {{ forwarded_port.dest }}
iptables -t nat -I OUTPUT -p udp -o lo --dport {{ forwarded_port.src }} -j REDIRECT --to-port {{ forwarded_port.dest }}
{% endfor %}
# Open ports.
{# Add a rule for each open port #}
{% for port in firewall_allowed_tcp_ports %}
iptables -A INPUT -p tcp -m tcp --dport {{ port }} -j ACCEPT
{% endfor %}
{% for port in firewall_allowed_udp_ports %}
iptables -A INPUT -p udp -m udp --dport {{ port }} -j ACCEPT
{% endfor %}
# Accept icmp ping requests.
iptables -A INPUT -p icmp -j ACCEPT
# Allow NTP traffic for time synchronization.
iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
iptables -A INPUT -p udp --sport 123 -j ACCEPT
# Additional custom rules.
{% for rule in firewall_additional_rules %}
{{ rule }}
{% endfor %}
# Allow established connections:
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Log EVERYTHING (ONLY for Debug).
# iptables -A INPUT -j LOG
{% if firewall_log_dropped_packets %}
# Log other incoming requests (all of which are dropped) at 15/minute max.
iptables -A INPUT -m limit --limit 15/minute -j LOG --log-level 7 --log-prefix "Dropped by firewall: "
{% endif %}
# Drop all other traffic.
iptables -A INPUT -j DROP
{% if firewall_enable_ipv6 %}
# Configure IPv6 if ip6tables is present.
if [ -x "$(which ip6tables 2>/dev/null)" ]; then
{% if firewall_flush_rules_and_chains %}
# Remove all rules and chains.
ip6tables -F
ip6tables -X
{% endif %}
# Accept traffic from loopback interface (localhost).
ip6tables -A INPUT -i lo -j ACCEPT
# Open ports.
{# Add a rule for each open port #}
{% for port in firewall_allowed_tcp_ports %}
ip6tables -A INPUT -p tcp -m tcp --dport {{ port }} -j ACCEPT
{% endfor %}
{% for port in firewall_allowed_udp_ports %}
ip6tables -A INPUT -p udp -m udp --dport {{ port }} -j ACCEPT
{% endfor %}
# Accept icmp ping requests.
ip6tables -A INPUT -p icmpv6 -j ACCEPT
# Allow NTP traffic for time synchronization.
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT
ip6tables -A INPUT -p udp --sport 123 -j ACCEPT
# Additional custom rules.
{% for rule in firewall_ip6_additional_rules %}
{{ rule }}
{% endfor %}
# Allow established connections:
ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Log EVERYTHING (ONLY for Debug).
# ip6tables -A INPUT -j LOG
{% if firewall_log_dropped_packets %}
# Log other incoming requests (all of which are dropped) at 15/minute max.
ip6tables -A INPUT -m limit --limit 15/minute -j LOG --log-level 7 --log-prefix "Dropped by firewall: "
{% endif %}
# Drop all other traffic.
ip6tables -A INPUT -j DROP
fi
{% endif %}

52
roles/firewall/templates/firewall.init.j2 Normal file
View File

@@ -0,0 +1,52 @@
#! /bin/sh
# /etc/init.d/firewall
#
# Firewall init script, to be used with /etc/firewall.bash by Jeff Geerling.
#
# @author Jeff Geerling
### BEGIN INIT INFO
# Provides: firewall
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start firewall at boot time.
# Description: Enable the firewall.
### END INIT INFO
# Carry out specific functions when asked to by the system
case "$1" in
start)
echo "Starting firewall."
/etc/firewall.bash
;;
stop)
echo "Stopping firewall."
iptables -F
if [ -x "$(which ip6tables 2>/dev/null)" ]; then
ip6tables -F
fi
;;
restart)
echo "Restarting firewall."
/etc/firewall.bash
;;
status)
echo -e "`iptables -L -n`"
EXIT=4 # program or service status is unknown
NUMBER_OF_RULES=$(iptables-save | grep '^\-' | wc -l)
if [ 0 -eq $NUMBER_OF_RULES ]; then
EXIT=3 # program is not running
else
EXIT=0 # program is running or service is OK
fi
exit $EXIT
;;
*)
echo "Usage: /etc/init.d/firewall {start|stop|status|restart}"
exit 1
;;
esac
exit 0

12
roles/firewall/templates/firewall.unit.j2 Normal file
View File

@@ -0,0 +1,12 @@
[Unit]
Description=Firewall
After=syslog.target network.target
[Service]
Type=oneshot
ExecStart=/etc/firewall.bash
ExecStop=/sbin/iptables -F
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target

3
roles/goenv/tasks/main.yml
View File

@@ -4,6 +4,9 @@
# Install any system packages required by goenv
- include: packages.yml
# Configure vim-go
- include: vim.yml
# Install profile environment variables
- include: envvars.yml

12
roles/goenv/tasks/vim.yml Normal file
View File

@@ -0,0 +1,12 @@
#############################
# install vim-go
- name: Clone vim-go to ~/.vim/bundle
become: yes
become_user: "{{ username }}"
git:
repo: "https://github.com/fatih/vim-go.git"
dest: "/home/{{ username }}/.vim/bundle/vim-go"

1
roles/init-nonroot/defaults/main.yml
View File

@@ -2,3 +2,4 @@
# variables for init-nonroot
username: "{{ nonroot_user }}"
system_password: "{{ base_system_password }}"

20
roles/init-nonroot/tasks/main.yml
View File

@@ -1,14 +1,30 @@
---
# tasks file for init-charles
# tasks file for init-nonroot
###################
# Make the user
- name: "Add the user {{ username }}"
become: yes
user:
name: "{{ username }}"
password: "{{ charlesreid1_system_password }}"
password: "{{ system_password | password_hash('sha512') }}"
shell: /bin/bash
groups: wheel
append: yes
state: present
createhome: yes
###################
# Make temp dir
- name: Make ~/tmp dir
become: yes
file:
path: "/home/{{ username }}/temp"
state: directory
owner: "{{ username }}"
group: "{{ username }}"
mode: 0700

16
roles/init-root/tasks/main.yml
View File

@@ -8,11 +8,20 @@
- name: Set machine name with hostname command
become: yes
command: "hostname {{ machine_name }}"
tags:
- machine-name
- name: Create new /etc/hostname
become: yes
command: "echo {{ machine_name }} > /etc/hostname"
copy:
dest: /etc/hostname
content: "{{ machine_name }}"
owner: root
group: root
mode: u=rw,g=r,o=r
tags:
- machine-name
- name: Set hostname entry to 127.0.0.1 in /etc/hosts
@@ -22,6 +31,8 @@
regexp: "^127.0.0.1"
line: "127.0.0.1 {{ machine_name }}"
create: yes
tags:
- machine-name
############
@@ -52,8 +63,6 @@
state: present
############
# System
@@ -71,4 +80,3 @@
path: /temp
state: directory
mode: 0777

1
roles/install-stuff/tasks/main.yml
View File

@@ -17,6 +17,7 @@
- build-essential
- curl
- wget
- unzip
- graphviz
- openssh-server
- ncdu

45
roles/pod-charlesreid1/tasks/certs.yml Normal file
View File

@@ -0,0 +1,45 @@
---
# #####################################
# CHECK SSL CERTIFICATES
#
# LetsEncrypt role will install certs as needed,
# but should probably check certs anyway.
- name: Check if LetsEncrypt cert for default server name is present
tags:
- pod-charlesreid1
- pod-charlesreid1-certs
- letsencrypt
stat:
path: "/etc/letsencrypt/live/{{ server_name_default }}"
register: register_letsencrypt_livecert_default
- name: Check if LetsEncrypt cert for gitea server name is present
tags:
- letsencrypt
- pod-charlesreid1
- pod-charlesreid1-certs
stat:
path: "/etc/letsencrypt/live/git.{{ server_name_default }}"
register: register_letsencrypt_livecert_gitea
# If top level and subdomain certs are present, start/restart the
# pod-charlesreid1 service.
- name: Enable pod-charlesreid1 service
become: yes
service:
name: pod-charlesreid1
enabled: yes
state: restarted
when:
- "pod_register_docker_compose.stat.executable"
- "register_letsencrypt_livecert_default.stat.exists"
- "register_letsencrypt_livecert_gitea.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-certs
- pod-charlesreid1-services

30
roles/pod-charlesreid1/tasks/docker_checks.yml Normal file
View File

@@ -0,0 +1,30 @@
---
# #####################################
# DOCKER/DOCKER COMPOSE
# The docker role, in the base playbook,
# will install docker-compose, but we want
# to double check that the executable exists
- name: Check that docker compose executable is available
stat:
path: "/usr/local/bin/docker-compose"
register: pod_register_docker_compose
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
# Also make sure the docker daemon is running
- name: Enable docker service
become: yes
service:
name: docker
enabled: yes
state: restarted
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
- pod-charlesreid1-services

44
roles/pod-charlesreid1/tasks/gitea_prep.yml Normal file
View File

@@ -0,0 +1,44 @@
---
# #####################################
# GITEA PREP
#
# We have to create an app.ini file,
# use a jinja template in the pod-charlesreid1
# repository
- name: Fetch the app.ini jinja template
fetch:
src: "{{ pod_install_dir }}/d-gitea/custom/conf/app.ini.j2"
dest: "/tmp/app.ini.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-gitea
- name: Install the app.ini file
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/app.ini.j2"
dest: "{{ pod_install_dir }}/d-gitea/custom/conf/app.ini"
owner: "{{ username }}"
group: "{{ username }}"
mode: 0640
tags:
- pod-charlesreid1
- pod-charlesreid1-gitea
- name: Fix ownership of all custom dirs for gitea
become: yes
command: "chown -R {{ username }}:{{ username }} {{pod_install_dir }}/d-gitea/custom"
tags:
- pod-charlesreid1
- pod-charlesreid1-gitea

627
roles/pod-charlesreid1/tasks/main.yml
View File

@@ -1,10 +1,6 @@
---
###########################
# Set up charlesreid1.com docker pod
#
# git.charlesreid1.com/docker/pod-charlesreid1
# git.charlesreid1.com/docker/d-nginx-charlesreid1
#
# tasks file for pod-charlesreid1
#
# Tasks:
# ------
#
@@ -21,611 +17,36 @@
# (port mapping in Dockerfile)
# (letsencrypt cert check)
# enable service
#
###########################
# clone pod contents
- include: pod_clone.yml
# #####################################
# CLONE POD-CHARLESREID1
# /www setup
- include: www_setup.yml
# docker and docker compose checks
- include: docker_checks.yml
# Check if we already cloned it
- name: Check if pod-charlesreid1 repo is already cloned
stat:
path: "{{ pod_install_dir }}"
register: pod_charlesreid1_clone_check
tags:
- pod-charlesreid1
# nginx
- include: nginx_prep.yml
# mediawiki
- include: mw_prep.yml
# Clone it
- name: Clone pod-charlesreid1
become: yes
become_user: "{{ username }}"
git:
repo: 'https://github.com/charlesreid1-docker/pod-charlesreid1.git'
dest: "{{ pod_install_dir }}"
recursive: yes
when:
- "not pod_charlesreid1_clone_check.stat.exists"
tags:
- pod-charlesreid1
# gitea
- include: gitea_prep.yml
# construct pod
- include: pod_construct.yml
# Pull it
- name: Pull pod-charlesreid1
become: yes
become_user: "{{ username }}"
command: "git pull"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_charlesreid1_clone_check.stat.exists"
tags:
- pod-charlesreid1
# install pod service
- include: pod_services.yml
# certs
- include: certs.yml
# Init submodules
- name: Initialize pod-charlesreid1 submodules
become: yes
become_user: "{{ username }}"
command: "git submodule update --init"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_charlesreid1_clone_check.stat.exists"
tags:
- pod-charlesreid1
# Pull submodules
- name: Pull pod-charlesreid1 submodules
become: yes
become_user: "{{ username }}"
command: "git submodule update --remote"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_charlesreid1_clone_check.stat.exists"
tags:
- pod-charlesreid1
# #####################################
# BUILD DOCKER-COMPOSE FILE FROM TEMPLATE
#
# Note: Don't use sed to replace the MySQL password placeholder.
# Use the fetch module to copy the template from the remote machine
# (i.e., the one in the git repo) to the local directory.
# Then use the template module to use the template.
- name: Fetch the docker-compose template from the remote machine
fetch:
src: "{{ pod_install_dir }}/docker-compose.yml.j2"
dest: "/tmp/pod-charlesreid1-docker-compose.yml.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
- name: Install the docker-compose file
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/pod-charlesreid1-docker-compose.yml.j2"
dest: "{{ pod_install_dir }}/docker-compose.yml"
mode: 0640
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
# #####################################
# SET UP /WWW DIRECTORY
#
#
# Create /www directory
# for main domain content
- name: Create the /www directory
become: yes
file:
path: "/www"
state: directory
recurse: yes
owner: "{{ username }}"
group: "{{ username }}"
tags:
- pod-charlesreid1
- pod-charlesreid1-content
# Template scripts to populate /www
# with content is done in the
# rules below...
# #####################################
# MAIN DOMAIN PAGE SETUP (ALL)
#
# /www/<domain>/
# git/ <-- .git dir for charlesreid1.com repo gh-pages branch
# htdocs/ <-- clone of charlesreid1.com repo gh-pages branch
# -------------
# Install and run the clone www script
- name: "Fetch the charlesreid1.com clone www script template"
fetch:
src: "{{ pod_install_dir }}/scripts/git_clone_www.py.j2"
dest: "/tmp/git_clone_www.py.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Install the charlesreid1.com clone www script"
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/git_clone_www.py.j2"
dest: "{{ pod_install_dir }}/scripts/git_clone_www.py"
mode: 0755
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Run the charlesreid1.com clone www script to set up {{ server_name_default }}"
command: "python {{ pod_install_dir }}/scripts/git_clone_www.py"
become: yes
become_user: "{{ username }}"
tags:
- pod-charlesreid1
- pod-charlesreid1-content
# ------------------
# Install and run the pull www script
- name: "Fetch the charlesreid1.com pull www script template"
fetch:
src: "{{ pod_install_dir }}/scripts/git_pull_www.py.j2"
dest: "/tmp/git_pull_www.py.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Install the charlesreid1.com pull www script"
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/git_pull_www.py.j2"
dest: "{{ pod_install_dir }}/scripts/git_pull_www.py"
mode: 0755
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Run the charlesreid1.com pull www script to update {{ server_name_default }}"
command: "python {{ pod_install_dir }}/scripts/git_pull_www.py"
become: yes
become_user: "{{ username }}"
tags:
- pod-charlesreid1
- pod-charlesreid1-content
# #####################################
# DOCKER/DOCKER COMPOSE
# The docker role, in the base playbook,
# will install docker-compose, but we want
# to double check that the executable exists
- name: Check that docker compose executable is available
stat:
path: "/usr/local/bin/docker-compose"
register: pod_register_docker_compose
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
# Also make sure the docker daemon is running
- name: Enable docker service
become: yes
service:
name: docker
enabled: yes
state: restarted
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
- pod-charlesreid1-services
# #####################################
# NGIX CONFIG PREP
#
# prepare the config files for the
# charlesreid1.com nginx server:
# - copy templates from remote machine
# - clean conf.d directory
# - copy rendered templates to remote machine
- name: Clean d-nginx-charlesreid1 conf.d directory
become: yes
become_user: "{{ username }}"
command: "python {{ pod_install_dir }}/d-nginx-charlesreid1/scripts/clean_config.py"
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
# Install the d-nginx-charlesreid1 configuration templates
#
# -------------
# HTTP
- name: Fetch d-nginx-charlesreid1 http configuration templates from remote machine
fetch:
src: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d_templates/http.DOMAIN.conf.j2"
dest: "/tmp/http.DOMAIN.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
- name: Install the d-nginx-charlesreid1 http configuration templates
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/http.DOMAIN.conf.j2"
dest: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d/http.{{ server_name_default }}.conf"
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
# -------------
# HTTPS
- name: Fetch d-nginx-charlesreid1 https configuration templates from remote machine
fetch:
src: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d_templates/https.DOMAIN.conf.j2"
dest: "/tmp/https.DOMAIN.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
- name: Install the d-nginx-charlesreid1 https configuration templates
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/https.DOMAIN.conf.j2"
dest: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d/https.{{ server_name_default }}.conf"
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
# -------------
# HTTPS subdomains
- name: Fetch d-nginx-charlesreid1 https subdomains configuration templates from remote machine
fetch:
src: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d_templates/https.DOMAIN.subdomains.conf.j2"
dest: "/tmp/https.DOMAIN.subdomains.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
- name: Install the d-nginx-charlesreid1 https subdomains configuration templates
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/https.DOMAIN.subdomains.conf.j2"
dest: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d/https.{{ server_name_default }}.subdomains.conf"
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
# #####################################
# MEDIAWIKI PREP
#
# We have to build the extensions dir for the MediaWiki container
# /pod-charlesreid1/d-mediawiki/charlesreid1-config/mediawiki/build_extensions_dir.sh
#
# Then we have to use the LocalSettings.php and
# Apache config file templates to configure
# the mediawiki container to run correctly.
- name: Check if extensions dir already exists
stat:
path: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/extensions"
register: extensions_dir_exists
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Make mediawiki extensions dir build script executable
become: yes
become_user: "{{ username }}"
file:
path: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/build_extensions_dir.sh"
mode: "u+x"
when:
- "not extensions_dir_exists.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Build the mediawiki extensions dir
become: yes
become_user: "{{ username }}"
command: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/build_extensions_dir.sh"
args:
chdir: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki"
when:
- "not extensions_dir_exists.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
# Deal with MediaWiki configuration templates:
# - LocalSettings.php
# - Apache config file
- name: Fetch the LocalSettings.php jinja template
fetch:
src: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/LocalSettings.php.j2"
dest: "/tmp/LocalSettings.php.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Install the LocalSettings.php file
become: yes
template:
src: "/tmp/LocalSettings.php.j2"
dest: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/LocalSettings.php"
owner: "{{ username }}"
group: "{{ username }}"
mode: 0640
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Fetch the Apache config jinja template
fetch:
src: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/apache/charlesreid1.wiki.conf.j2"
dest: "/tmp/charlesreid1.wiki.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Install the Apache config file
become: yes
template:
src: "/tmp/charlesreid1.wiki.conf.j2"
dest: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/apache/charlesreid1.wiki.conf"
owner: "{{ username }}"
group: "{{ username }}"
mode: 0640
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
# #####################################
# GITEA PREP
#
# We have to create an app.ini file,
# use a jinja template in the pod-charlesreid1
# repository
- name: Fetch the app.ini jinja template
fetch:
src: "{{ pod_install_dir }}/d-gitea/custom/conf/app.ini.j2"
dest: "/tmp/app.ini.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-gitea
- name: Install the app.ini file
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/app.ini.j2"
dest: "{{ pod_install_dir }}/d-gitea/custom/conf/app.ini"
owner: "{{ username }}"
group: "{{ username }}"
mode: 0640
tags:
- pod-charlesreid1
- pod-charlesreid1-gitea
- name: Fix ownership of all custom dirs for gitea
become: yes
command: "chown -R {{ username }}:{{ username }} {{pod_install_dir }}/d-gitea/custom"
tags:
- pod-charlesreid1
- pod-charlesreid1-gitea
# #####################################
# CONSTRUCT THE POD
#
# This task is very time-consuming.
- name: Build pod-charlesreid1 from scratch
become: yes
become_user: "{{ username }}"
command: "/usr/local/bin/docker-compose build --no-cache"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_register_docker_compose.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
# #####################################
# INSTALL STARTUP SERVICE
#
# Check if the charlesreid1 docker pod service
# is installed. If not, install it.
- name: Check if pod-charlesreid1 service is installed
stat:
path: /etc/systemd/system/pod-charlesreid1.service
register: pod_charlesreid1_service_check
tags:
- pod-charlesreid1
- pod-charlesreid1-services
- name: Install pod-charlesreid1 service
become: yes
template:
src: pod-charlesreid1.service.j2
dest: /etc/systemd/system/pod-charlesreid1.service
mode: 0774
when:
- "not pod_charlesreid1_service_check.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-services
# #####################################
# CHECK SSL CERTIFICATES
#
# LetsEncrypt role will install certs as needed,
# but should probably check certs anyway.
- name: Check if LetsEncrypt cert for default server name is present
tags:
- pod-charlesreid1
- pod-charlesreid1-certs
- letsencrypt
stat:
path: "/etc/letsencrypt/live/{{ server_name_default }}"
register: register_letsencrypt_livecert_default
- name: Check if LetsEncrypt cert for gitea server name is present
tags:
- letsencrypt
- pod-charlesreid1
- pod-charlesreid1-certs
stat:
path: "/etc/letsencrypt/live/git.{{ server_name_default }}"
register: register_letsencrypt_livecert_gitea
# If top level and subdomain certs are present, start/restart the
# pod-charlesreid1 service.
- name: Enable pod-charlesreid1 service
become: yes
service:
name: pod-charlesreid1
enabled: yes
state: restarted
when:
- "pod_register_docker_compose.stat.executable"
- "register_letsencrypt_livecert_default.stat.exists"
- "register_letsencrypt_livecert_gitea.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-certs
- pod-charlesreid1-services
# See the pod-charlesreid1 documentation
# pages for what to do from here.
#
# Specifically, restore:
# - mediawiki database backups
# - mediawiki files backups
# - gitea dump zip file
# - gitea avatars zip file
#
# Restore scripts are located in the
# pod-charlesreid1 repository:
# - database restore script: utils-mysql
# - mediawiki image restore script: utils-mw
# - gitea database and avatar: utils-gitea
- name: Wait for 10 seconds
command: "sleep 15"
- name: Run fix_skins.sh script
become: yes
become_user: "{{ username }}"
command: "bash {{ pod_install_dir }}/d-mediawiki/fix_skins.sh"
args:
chdir: "{{ pod_install_dir }}/d-mediawiki"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Run fix_LocalSettings.sh script
become: yes
become_user: "{{ username }}"
command: "bash {{ pod_install_dir }}/d-mediawiki/fix_LocalSettings.sh"
args:
chdir: "{{ pod_install_dir }}/d-mediawiki"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
# mediawiki fixes
- include: mw_fixes.yml
# enable pod service
- include: pod_enable.yml

29
roles/pod-charlesreid1/tasks/mw_fixes.yml Normal file
View File

@@ -0,0 +1,29 @@
---
# #####################################
# MEDIAWIKI FIXES
#
# Install and set up the Mediawiki skin,
# LocalSettings.php file, etc.
- name: Wait for 10 seconds
command: "sleep 15"
- name: Run fix_skins.sh script
become: yes
become_user: "{{ username }}"
command: "bash {{ pod_install_dir }}/d-mediawiki/fix_skins.sh"
args:
chdir: "{{ pod_install_dir }}/d-mediawiki"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Run fix_LocalSettings.sh script
become: yes
become_user: "{{ username }}"
command: "bash {{ pod_install_dir }}/d-mediawiki/fix_LocalSettings.sh"
args:
chdir: "{{ pod_install_dir }}/d-mediawiki"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw

99
roles/pod-charlesreid1/tasks/mw_prep.yml Normal file
View File

@@ -0,0 +1,99 @@
---
# #####################################
# MEDIAWIKI PREP
#
# We have to build the extensions dir for the MediaWiki container
# /pod-charlesreid1/d-mediawiki/charlesreid1-config/mediawiki/build_extensions_dir.sh
#
# Then we have to use the LocalSettings.php and
# Apache config file templates to configure
# the mediawiki container to run correctly.
- name: Check if extensions dir already exists
stat:
path: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/extensions"
register: extensions_dir_exists
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Make mediawiki extensions dir build script executable
become: yes
become_user: "{{ username }}"
file:
path: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/build_extensions_dir.sh"
mode: "u+x"
when:
- "not extensions_dir_exists.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Build the mediawiki extensions dir
become: yes
become_user: "{{ username }}"
command: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/build_extensions_dir.sh"
args:
chdir: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki"
when:
- "not extensions_dir_exists.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
# Deal with MediaWiki configuration templates:
# - LocalSettings.php
# - Apache config file
- name: Fetch the LocalSettings.php jinja template
fetch:
src: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/LocalSettings.php.j2"
dest: "/tmp/LocalSettings.php.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Install the LocalSettings.php file
become: yes
template:
src: "/tmp/LocalSettings.php.j2"
dest: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/mediawiki/LocalSettings.php"
owner: "{{ username }}"
group: "{{ username }}"
mode: 0640
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Fetch the Apache config jinja template
fetch:
src: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/apache/charlesreid1.wiki.conf.j2"
dest: "/tmp/charlesreid1.wiki.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-mw
- name: Install the Apache config file
become: yes
template:
src: "/tmp/charlesreid1.wiki.conf.j2"
dest: "{{ pod_install_dir }}/d-mediawiki/charlesreid1-config/apache/charlesreid1.wiki.conf"
owner: "{{ username }}"
group: "{{ username }}"
mode: 0640
tags:
- pod-charlesreid1
- pod-charlesreid1-mw

100
roles/pod-charlesreid1/tasks/nginx_prep.yml Normal file
View File

@@ -0,0 +1,100 @@
---
# #####################################
# NGIX CONFIG PREP
#
# prepare the config files for the
# charlesreid1.com nginx server:
# - copy templates from remote machine
# - clean conf.d directory
# - copy rendered templates to remote machine
- name: Clean d-nginx-charlesreid1 conf.d directory
become: yes
become_user: "{{ username }}"
command: "python {{ pod_install_dir }}/d-nginx-charlesreid1/scripts/clean_config.py"
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
# Install the d-nginx-charlesreid1 configuration templates
#
# -------------
# HTTP
- name: Fetch d-nginx-charlesreid1 http configuration templates from remote machine
fetch:
src: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d_templates/http.DOMAIN.conf.j2"
dest: "/tmp/http.DOMAIN.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
- name: Install the d-nginx-charlesreid1 http configuration templates
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/http.DOMAIN.conf.j2"
dest: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d/http.{{ server_name_default }}.conf"
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
# -------------
# HTTPS
- name: Fetch d-nginx-charlesreid1 https configuration templates from remote machine
fetch:
src: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d_templates/https.DOMAIN.conf.j2"
dest: "/tmp/https.DOMAIN.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
- name: Install the d-nginx-charlesreid1 https configuration templates
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/https.DOMAIN.conf.j2"
dest: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d/https.{{ server_name_default }}.conf"
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
# -------------
# HTTPS subdomains
- name: Fetch d-nginx-charlesreid1 https subdomains configuration templates from remote machine
fetch:
src: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d_templates/https.DOMAIN.subdomains.conf.j2"
dest: "/tmp/https.DOMAIN.subdomains.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx
- name: Install the d-nginx-charlesreid1 https subdomains configuration templates
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/https.DOMAIN.subdomains.conf.j2"
dest: "{{ pod_install_dir }}/d-nginx-charlesreid1/conf.d/https.{{ server_name_default }}.subdomains.conf"
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-nginx

105
roles/pod-charlesreid1/tasks/pod_clone.yml Normal file
View File

@@ -0,0 +1,105 @@
---
# #####################################
# CLONE POD-CHARLESREID1
# Check if we already cloned it
- name: Check if pod-charlesreid1 repo is already cloned
stat:
path: "{{ pod_install_dir }}"
register: pod_charlesreid1_clone_check
tags:
- git
- pod-charlesreid1
# Clone it
- name: Clone pod-charlesreid1
become: yes
become_user: "{{ username }}"
git:
repo: 'https://github.com/charlesreid1-docker/pod-charlesreid1.git'
dest: "{{ pod_install_dir }}"
recursive: yes
when:
- "not pod_charlesreid1_clone_check.stat.exists"
tags:
- git
- pod-charlesreid1
# Pull it
- name: Pull pod-charlesreid1
become: yes
become_user: "{{ username }}"
command: "git pull"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_charlesreid1_clone_check.stat.exists"
tags:
- git
- pod-charlesreid1
# Init submodules
- name: Initialize pod-charlesreid1 submodules
become: yes
become_user: "{{ username }}"
command: "git submodule update --init"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_charlesreid1_clone_check.stat.exists"
tags:
- git
- pod-charlesreid1
# Pull submodules
- name: Pull pod-charlesreid1 submodules
become: yes
become_user: "{{ username }}"
command: "git submodule update --remote"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_charlesreid1_clone_check.stat.exists"
tags:
- git
- pod-charlesreid1
# #####################################
# BUILD DOCKER-COMPOSE FILE FROM TEMPLATE
#
# Note: Don't use sed to replace the MySQL password placeholder.
# Use the fetch module to copy the template from the remote machine
# (i.e., the one in the git repo) to the local directory.
# Then use the template module to use the template.
- name: Fetch the docker-compose template from the remote machine
fetch:
src: "{{ pod_install_dir }}/docker-compose.yml.j2"
dest: "/tmp/pod-charlesreid1-docker-compose.yml.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-docker
- name: Install the docker-compose file
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/pod-charlesreid1-docker-compose.yml.j2"
dest: "{{ pod_install_dir }}/docker-compose.yml"
mode: 0640
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-docker

18
roles/pod-charlesreid1/tasks/pod_construct.yml Normal file
View File

@@ -0,0 +1,18 @@
---
# #####################################
# CONSTRUCT THE POD
#
# This task is very time-consuming.
- name: Build pod-charlesreid1 from scratch
become: yes
become_user: "{{ username }}"
command: "/usr/local/bin/docker-compose build --no-cache"
args:
chdir: "{{ pod_install_dir }}"
when:
- "pod_register_docker_compose.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-docker

59
roles/pod-charlesreid1/tasks/pod_services.yml Normal file
View File

@@ -0,0 +1,59 @@
---
# Services related to pod-charlesreid
#######################################
# DISABLE STARTUP SERVICES
#
# Disable annoying services like nginx.
- name: Disable nginx service (annoying)
become: yes
command: "systemctl disable nginx"
tags:
- pod-charlesreid1
- pod-charlesreid1-services
- name: Stop nginx service
become: yes
command: "systemctl stop nginx"
tags:
- pod-charlesreid1
- pod-charlesreid1-services
# #####################################
# INSTALL STARTUP SERVICES
#
# Check if the charlesreid1 docker pod service
# is installed. If not, install it.
- name: Check if pod-charlesreid1 service is installed
stat:
path: /etc/systemd/system/pod-charlesreid1.service
register: pod_charlesreid1_service_check
tags:
- pod-charlesreid1
- pod-charlesreid1-services
- name: Install pod-charlesreid1 service
become: yes
template:
src: pod-charlesreid1.service.j2
dest: /etc/systemd/system/pod-charlesreid1.service
mode: 0774
when:
- "not pod_charlesreid1_service_check.stat.exists"
tags:
- pod-charlesreid1
- pod-charlesreid1-services
- name: Enable pod-charlesreid1 service
become: yes
command: "systemctl enable pod-charlesreid1"
tags:
- pod-charlesreid1
- pod-charlesreid1-services

101
roles/pod-charlesreid1/tasks/www_setup.yml Normal file
View File

@@ -0,0 +1,101 @@
---
# #####################################
# SET UP /WWW DIRECTORY
#
#
# Create /www directory
# for main domain content
- name: Create the /www directory
become: yes
file:
path: "/www"
state: directory
recurse: yes
owner: "{{ username }}"
group: "{{ username }}"
tags:
- pod-charlesreid1
- pod-charlesreid1-content
# Template scripts to populate /www
# with content is done in the
# rules below...
# #####################################
# MAIN DOMAIN PAGE SETUP (ALL)
#
# /www/<domain>/
# git/ <-- .git dir for charlesreid1.com repo gh-pages branch
# htdocs/ <-- clone of charlesreid1.com repo gh-pages branch
# -------------
# Install and run the clone www script
- name: "Fetch the charlesreid1.com clone www script template"
fetch:
src: "{{ pod_install_dir }}/scripts/git_clone_www.py.j2"
dest: "/tmp/git_clone_www.py.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Install the charlesreid1.com clone www script"
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/git_clone_www.py.j2"
dest: "{{ pod_install_dir }}/scripts/git_clone_www.py"
mode: 0755
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Run the charlesreid1.com clone www script to set up {{ server_name_default }}"
command: "{{ pyenv_python }} {{ pod_install_dir }}/scripts/git_clone_www.py"
become: yes
become_user: "{{ username }}"
tags:
- pod-charlesreid1
- pod-charlesreid1-content
# ------------------
# Install and run the pull www script
- name: "Fetch the charlesreid1.com pull www script template"
fetch:
src: "{{ pod_install_dir }}/scripts/git_pull_www.py.j2"
dest: "/tmp/git_pull_www.py.j2"
flat: yes
fail_on_missing: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Install the charlesreid1.com pull www script"
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/git_pull_www.py.j2"
dest: "{{ pod_install_dir }}/scripts/git_pull_www.py"
mode: 0755
force: yes
tags:
- pod-charlesreid1
- pod-charlesreid1-content
- name: "Run the charlesreid1.com pull www script to update {{ server_name_default }}"
command: "{{ pyenv_python }} {{ pod_install_dir }}/scripts/git_pull_www.py"
become: yes
become_user: "{{ username }}"
tags:
- pod-charlesreid1
- pod-charlesreid1-content

2
roles/pod-charlesreid1/templates/pod-charlesreid1.service.j2
View File

@@ -5,6 +5,8 @@ After=docker.service
[Service]
Restart=always
StandardError=null
StandardOutput=null
ExecStart=/usr/local/bin/docker-compose -f {{ pod_install_dir }}/docker-compose.yml up
ExecStop=/usr/local/bin/docker-compose -f {{ pod_install_dir }}/docker-compose.yml stop

5
roles/pod-dockprom/README.md Normal file
View File

@@ -0,0 +1,5 @@
pod-dockprom ansible role
=============================
This ansible role installs pod-dockprom, a pod for monitoring instances via a dashboard.

20
roles/pod-dockprom/defaults/main.yml Normal file
View File

@@ -0,0 +1,20 @@
---
# defaults file for pod-golly
username: "{{ nonroot_user }}"
dockprom_install_dir: "/home/{{ username }}/pod-dockprom"
dockprom_branch_name: "main"
env_file: "environment"
# Boolean to determine whether the
# pod-dockprom service installed
# runs the master server pod,
# or the (monitored) client pod.
install_client_service: "true"
dockprom_bind_ip: "127.0.0.1"
dockprom_admin_user: "{{ default_dockprom_admin_user }}"
dockprom_admin_pass: "{{ default_dockprom_admin_pass }}"

76
roles/pod-dockprom/tasks/clone_pod.yml Normal file
View File

@@ -0,0 +1,76 @@
---
# #####################################
# CLONE GOLLY-API
# Check if we already cloned it
- name: Check if pod-dockprom is already cloned
stat:
path: "{{ dockprom_install_dir }}"
register: dockprom_clone_check
tags:
- git
- pod-dockprom
# Clone it
- name: Clone pod-dockprom
become: yes
become_user: "{{ username }}"
git:
repo: "https://git.charlesreid1.com/docker/pod-dockprom.git"
dest: "{{ dockprom_install_dir }}"
version: "{{ dockprom_branch_name }}"
when:
- "not dockprom_clone_check.stat.exists"
tags:
- git
- pod-dockprom
# Fetch
- name: Fetch from pod-dockprom remote
become: yes
become_user: "{{ username }}"
command: "git fetch --all"
args:
chdir: "{{ dockprom_install_dir }}"
when:
- "dockprom_clone_check.stat.exists"
tags:
- git
- pod-dockprom
# Git reset
- name: Reset hard to head
become: yes
become_user: "{{ username }}"
command: "git reset --hard HEAD"
args:
chdir: "{{ dockprom_install_dir }}"
tags:
- git
- pod-dockprom
# Clean it
- name: Clean the repo
become: yes
become_user: "{{ username }}"
command: "git clean -f -d"
args:
chdir: "{{ dockprom_install_dir }}"
tags:
- git
- pod-dockprom
# Git check out
- name: Check out the correct pod-dockprom branch
become: yes
become_user: "{{ username }}"
command: "git checkout -B {{ dockprom_branch_name }} --track origin/{{ dockprom_branch_name }}"
args:
chdir: "{{ dockprom_install_dir }}"
tags:
- git
- pod-dockprom

24
roles/pod-dockprom/tasks/docker_checks.yml Normal file
View File

@@ -0,0 +1,24 @@
---
# #####################################
# DOCKER/DOCKER COMPOSE
# The docker role, in the base playbook,
# will install docker-compose, but we want
# to double check that the executable exists
- name: Check that docker compose executable is available
stat:
path: "/usr/local/bin/docker-compose"
register: dockprom_register_docker_compose
tags:
- pod-dockprom
# Also make sure the docker daemon is running
- name: Enable docker service
become: yes
service:
name: docker
enabled: yes
state: restarted
tags:
- pod-dockprom

92
roles/pod-dockprom/tasks/dockprom_construct.yml Normal file
View File

@@ -0,0 +1,92 @@
---
# pod-dockprom construct the pod
#
# steps:
# - fetch docker-compose template from remote to local
# - install the docker-compose file from local to remote, applying variables
# ---------------------
# client pod
- name: Fetch pod-dockprom client compose template from remote machine
fetch:
src: "{{ dockprom_install_dir }}/docker-compose.exporters.yml.j2"
dest: "/tmp/pod-dockprom-docker-compose.exporters.yml.j2"
flat: yes
fail_on_missing: yes
when:
- "dockprom_register_docker_compose.stat.exists"
- install_client_service | lower == "true"
tags:
- pod-dockprom
- name: Install the pod-dockprom client compose file onto the remote machine
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/pod-dockprom-docker-compose.exporters.yml.j2"
dest: "{{ dockprom_install_dir }}/docker-compose.exporters.yml"
mode: 0640
force: yes
when:
- "dockprom_register_docker_compose.stat.exists"
- install_client_service | lower == "true"
tags:
- pod-dockprom
- name: Build pod-dockprom client pod from scratch
become: yes
become_user: "{{ username }}"
command: "/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.exporters.yml build --no-cache"
args:
chdir: "{{ dockprom_install_dir }}"
when:
- "dockprom_register_docker_compose.stat.exists"
- install_client_service | lower == "true"
tags:
- pod-dockprom
# None of this is tested... we're not worrying about it right now.
### # ------------------
### # master pod
###
### - name: Fetch pod-dockprom master compose template from remote machine
### fetch:
### src: "{{ dockprom_install_dir }}/docker-compose.yml.j2"
### dest: "/tmp/pod-dockprom-docker-compose.yml.j2"
### flat: yes
### fail_on_missing: yes
### when:
### - "dockprom_register_docker_compose.stat.exists"
### - install_master_service | lower == "true"
### tags:
### - pod-dockprom
###
### - name: Install the pod-dockprom master compose file onto the remote machine
### become: yes
### become_user: "{{ username }}"
### template:
### src: "/tmp/pod-dockprom-docker-compose.exporters.yml.j2"
### dest: "{{ dockprom_install_dir }}/docker-compose.exporters.yml"
### mode: 0640
### force: yes
### when:
### - "dockprom_register_docker_compose.stat.exists"
### - install_master_service | lower == "true"
### tags:
### - pod-dockprom
###
### - name: Build pod-dockprom master pod from scratch
### become: yes
### become_user: "{{ username }}"
### command: "/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.yml build --no-cache"
### args:
### chdir: "{{ dockprom_install_dir }}"
### when:
### - "dockprom_register_docker_compose.stat.exists"
### - install_master_service | lower == "true"
### tags:
### - pod-dockprom

27
roles/pod-dockprom/tasks/dockprom_enable.yml Normal file
View File

@@ -0,0 +1,27 @@
---
# If top level and subdomain certs are present,
# start the golly-api-pod service.
- name: Enable pod-dockprom client service
become: yes
service:
name: pod-dockprom-client
enabled: yes
state: restarted
when:
- "dockprom_register_docker_compose.stat.executable"
- install_client_service | lower == "true"
tags:
- golly-api
### - name: Enable pod-dockprom master service
### become: yes
### service:
### name: pod-dockprom-client
### enabled: yes
### state: restarted
### when:
### - "dockprom_register_docker_compose.stat.executable"
### - install_master_service | lower == "true"
### tags:
### - golly-api

26
roles/pod-dockprom/tasks/dockprom_services.yml Normal file
View File

@@ -0,0 +1,26 @@
---
# pod-dockprom startup services
- name: Install pod-dockprom client service
become: yes
template:
src: pod-dockprom-client.service.j2
dest: /etc/systemd/system/pod-dockprom-client.service
mode: 0774
when:
- install_client_service | lower == "true"
tags:
- pod-dockprom
- name: Install pod-dockprom master service
become: yes
template:
src: pod-dockprom-master.service.j2
dest: /etc/systemd/system/pod-dockprom-master.service
mode: 0774
when:
- install_client_service | lower != "true"
tags:
- pod-dockprom

24
roles/pod-dockprom/tasks/main.yml Normal file
View File

@@ -0,0 +1,24 @@
---
# tasks file for pod-dockprom
#
# clone pod contents
# render the docker-compose jinja template
# check docker and docker-compose are present
# construct the pod (docker-compose build)
# install service
# enable service
# clone/clean checkout out pod contents
- include: clone_pod.yml
# docker and docker compose checks
- include: docker_checks.yml
# render docker-compose templates and construct pod
- include: dockprom_construct.yml
# install pod service
- include: dockprom_services.yml
# enable pod service
- include: dockprom_enable.yml

15
roles/pod-dockprom/templates/pod-dockprom-client.service.j2 Normal file
View File

@@ -0,0 +1,15 @@
[Unit]
Description=Golly API docker pod service
Requires=docker.service
After=docker.service
[Service]
Restart=always
StandardError=null
StandardOutput=null
ExecStartPre=/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.exporters.yml build
ExecStart=/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.exporters.yml up
ExecStop=/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.exporters.yml stop
[Install]
WantedBy=default.target

15
roles/pod-dockprom/templates/pod-dockprom-master.service.j2 Normal file
View File

@@ -0,0 +1,15 @@
[Unit]
Description=Golly API docker pod service
Requires=docker.service
After=docker.service
[Service]
Restart=always
StandardError=null
StandardOutput=null
ExecStartPre=/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.yml build
ExecStart=/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.yml up
ExecStop=/usr/local/bin/docker-compose -f {{ dockprom_install_dir }}/docker-compose.yml stop
[Install]
WantedBy=default.target

1
roles/postfix Submodule

Submodule roles/postfix added at d0529a70c1

3
roles/pyenv/defaults/main.yml
View File

@@ -1,7 +1,8 @@
---
# defaults file for pyenv
pyenv_root: "/home/{{ nonroot_user }}/.pyenv"
username: "{{ nonroot_user }}"
pyenv_root: "/home/{{ username }}/.pyenv"
pyenv_versions:
- miniconda3-4.3.30

4
roles/pyenv/tasks/pyenv.yml
View File

@@ -3,14 +3,14 @@
- name: Install pyenv
become: yes
become_user: "{{ nonroot_user }}"
become_user: "{{ username }}"
git:
repo: https://github.com/pyenv/pyenv.git
dest: "{{ pyenv_root }}"
- name: Install pyenv plugins
become: yes
become_user: "{{ nonroot_user }}"
become_user: "{{ username }}"
become_flags: logon_type=interactive logon_flags=with_profile
git:
repo: "https://github.com/pyenv/{{ item }}.git"

4
roles/pyenv/tasks/python.yml
View File

@@ -4,7 +4,7 @@
- name: Install python versions
become: yes
become_user: "{{ nonroot_user }}"
become_user: "{{ username }}"
command: "{{ pyenv_root }}/bin/pyenv install -s {{ item }}"
args:
creates: "{{ pyenv_root }}/versions/{{ item }}"
@@ -17,7 +17,7 @@
- name: Set global python version
become: yes
become_user: "{{ nonroot_user }}"
become_user: "{{ username }}"
lineinfile:
path: "{{ pyenv_root }}/version"
regexp: "^{{ pyenv_global_version }}"

1
roles/sshkeys/defaults/main.yml
View File

@@ -7,3 +7,4 @@ username: "{{ nonroot_user }}"
# link it with this email.
ssh_key_email: ""
ssh_port: 22

2
roles/sshkeys/files/config Normal file
View File

@@ -0,0 +1,2 @@
Host *
StrictHostKeyChecking accept-new

6
roles/sshkeys/handlers/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
- name: restart ssh
service:
name: "ssh"
state: "restarted"

89
roles/sshkeys/tasks/main.yml
View File

@@ -12,6 +12,7 @@
path: /root/.ssh
state: directory
tags:
- ssh
- root-ssh
- name: Check if a root user SSH key already exists
@@ -20,6 +21,7 @@
path: "/root/.ssh/id_rsa"
register: root_key_check
tags:
- ssh
- root-ssh
- name: "Generate SSH keys for root user ({{ ssh_key_email }})"
@@ -28,6 +30,7 @@
when:
- "not root_key_check.stat.exists"
tags:
- ssh
- root-ssh
- name: Set permissions on root .ssh directory
@@ -40,22 +43,7 @@
when:
- "not root_key_check.stat.exists"
tags:
- root-ssh
###############################
# root: copy authorized keys
- name: Copy (overwrite) the authorized keys file into the root .ssh directory
become: yes
copy:
src: authorized_keys
dest: /root/.ssh/authorized_keys
mode: 0600
force: yes
tags:
- ssh
- root-ssh
@@ -72,6 +60,7 @@
owner: "{{ username }}"
group: "{{ username }}"
tags:
- ssh
- nonroot-ssh
- name: Check if a nonroot user SSH key already exists
@@ -81,6 +70,7 @@
path: "/home/{{ username }}/.ssh/id_rsa"
register: nonroot_key_check
tags:
- ssh
- nonroot-ssh
- name: "Generate SSH keys for nonroot user {{ username }} ({{ ssh_key_email }})"
@@ -90,6 +80,7 @@
when:
- "not nonroot_key_check.stat.exists"
tags:
- ssh
- nonroot-ssh
- name: Set permissions on nonroot .ssh directory
@@ -103,6 +94,7 @@
owner: "{{ username }}"
group: "{{ username }}"
tags:
- ssh
- nonroot-ssh
@@ -121,15 +113,74 @@
owner: "{{ username }}"
group: "{{ username }}"
tags:
- ssh
- nonroot-ssh
##################################
# nonroot: automatically accept new keys
# nonroot: copy ssh configuration
- name: Automatically accept new SSH keys
- name: Copy the ssh configuration to the nonroot user .ssh directory
become: yes
become_user: "{{ username }}"
command: "echo 'StrictHostKeyChecking=accept-new' > ~/.ssh/config"
copy:
src: config
dest: "/home/{{ username }}/.ssh/config"
mode: 0600
force: yes
owner: "{{ username }}"
group: "{{ username }}"
tags:
- ssh
- nonroot-ssh
##################################
# system ssh configuration
- name: Ensure SSH daemon is running.
service:
name: "ssh"
state: "started"
- name: Update SSH configuration to be more secure.
lineinfile:
dest: "/etc/ssh/sshd_config"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
validate: 'sshd -T -f %s'
mode: 0644
with_items:
- regexp: "^PasswordAuthentication"
line: "PasswordAuthentication no"
- regexp: "^PermitRootLogin"
line: "PermitRootLogin no"
- regexp: "^Port"
line: "Port {{ ssh_port }}"
- regexp: "^UseDNS"
line: "UseDNS no"
- regexp: "^PermitEmptyPasswords"
line: "PermitEmptyPasswords no"
- regexp: "^ChallengeResponseAuthentication"
line: "ChallengeResponseAuthentication no"
- regexp: "^GSSAPIAuthentication"
line: "GSSAPIAuthentication no"
- regexp: "^X11Forwarding"
line: "X11Forwarding no"
notify: restart ssh
tags:
- ssh
- root-ssh
##
## - name: Automatically accept new SSH keys
## become: yes
## become_user: "{{ username }}"
## command: "echo 'StrictHostKeyChecking=accept-new' > ~/.ssh/config"
## tags:
## - nonroot-ssh

38
roles/uptime/README.md Normal file
View File

@@ -0,0 +1,38 @@
Role Name
=========
**uptime** - installs <https://github.com/charlesreid1-bots/uptime>
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

15
roles/uptime/defaults/main.yml Normal file
View File

@@ -0,0 +1,15 @@
---
# defaults file for uptime
username: "{{ nonroot_user }"
# uptime details
uptime_user: "{{ charlesreid1_uptime_user }}"
uptime_path: "/home/{{ username }}/uptime"
uptime_gmail_email: "{{ charlesreid1_uptime_gmail_email }}"
uptime_gmail_password: "{{ charlesreid1_uptime_gmail_password }}"
uptime_recipient_name: "{{ charlesreid1_uptime_recipient_name }}"
uptime_recipient_email: "{{ charlesreid1_uptime_recipient_email }}"
uptime_slack_apikey: "{{ charlesreid1_uptime_slack_apikey }}"
uptime_slack_channel: "{{ charlesreid1_uptime_slack_channel }}"

11
roles/uptime/tasks/main.yml Normal file
View File

@@ -0,0 +1,11 @@
---
# tasks file for installing uptime and associated service
- include: uptime_clone.yml
- include: uptime_config.yml
- include: uptime_virtualenv.yml
- include: uptime_service.yml

41
roles/uptime/tasks/uptime_clone.yml Normal file
View File

@@ -0,0 +1,41 @@
---
# Clone the uptime repo/script/package
# Check if we already cloned the repo
- name: Check if charlesreid1-bots/uptime repo is already cloned
stat:
path: "{{ uptime_path }}"
register: uptime_clone_check
tags:
- uptime
- uptime-clone
# Clone it
- name: Clone charlesreid1-bots/uptime
become: yes
become_user: "{{ username }}"
git:
repo: 'https://github.com/charlesreid1-bots/uptime'
dest: "{{ uptime_path }}"
recursive: yes
when:
- "not uptime_clone_check.stat.exists"
tags:
- uptime
- uptime-clone
# Pull it
- name: Pull charlesreid1-bots/uptime
become: yes
become_user: "{{ username }}"
command: "git pull"
args:
chdir: "{{ uptime_path }}"
when:
- "uptime_clone_check.stat.exists"
tags:
- uptime
- uptime-clone

42
roles/uptime/tasks/uptime_config.yml Normal file
View File

@@ -0,0 +1,42 @@
---
# Configuration file from template
# Building from templates requires two steps:
# First, use fetch module to copy template from remote machine to local machine.
# Second, use template module to use the template.
- name: Fetch the uptime config template from the remote machine
fetch:
src: "{{ uptime_path }}/uptime.conf.j2"
dest: "/tmp/uptime.conf.j2"
flat: yes
fail_on_missing: yes
tags:
- uptime
- uptime-config
- name: Make uptime config directory
file:
path: "/home/{{ username }}/.config/uptime"
state: directory
recurse: yes
owner: "{{ username }}"
group: "{{ username }}"
tags:
- uptime
- uptime-config
- name: Install the uptime config file
become: yes
become_user: "{{ username }}"
template:
src: "/tmp/uptime.conf.j2"
dest: "/home/{{ username }}/.config/uptime/uptime.conf"
mode: 0600
force: yes
tags:
- uptime
- uptime-config

53
roles/uptime/tasks/uptime_service.yml Normal file
View File

@@ -0,0 +1,53 @@
---
# Install the uptime startup service
# Check if the uptime service is installed already.
# If not, install it.
#
# The strategy we use is a little convoluted, but has two steps:
# step 1: fetch the template file from remote machine to local machine
# step 2: apply the template from local machine and copy it to remote machine
- name: Check if uptime service is installed
stat:
path: /etc/systemd/system/uptime.service
register: uptime_service_check
tags:
- uptime
- uptime-service
- name: Fetch uptime service template
become: yes
fetch:
src: "{{ uptime_path }}/service/uptime.service.j2"
dest: "/tmp/uptime.service.j2"
flat: yes
fail_on_missing: yes
when:
- "uptime_clone_check.stat.exists"
- "not uptime_service_check.stat.exists"
tags:
- uptime
- uptime-service
- name: Install the uptime service template
become: yes
template:
src: "/tmp/uptime.service.j2"
dest: "/etc/systemd/system/uptime.service"
mode: 0664
when:
- "not uptime_service_check.stat.exists"
tags:
- uptime
- uptime-service
- name: Enable uptime service
become: yes
command: "systemctl enable uptime"
tags:
- uptime
- uptime-service

34
roles/uptime/tasks/uptime_virtualenv.yml Normal file
View File

@@ -0,0 +1,34 @@
---
# Set up a virtual environment to run uptime as a service
# Procedure:
# - install virtualenv package
# - create the virtual env dir
# - source the activate script
# - pip install requirements.txt
- name: Pip install virtualenv
become: yes
become_user: "{{ username }}"
command: "/home/{{ username }}/.pyenv/shims/pip install virtualenv"
tags:
- uptime
- uptime-virtualenv
- name: Create an uptime virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ pyenv_python }} -m virtualenv -p python3.6 {{ uptime_path }}/vp"
tags:
- uptime
- uptime-virtualenv
- name: Pip install uptime requirements.txt into the uptime virtual environment
become: yes
become_user: "{{ username }}"
command: "{{ uptime_path }}/vp/bin/pip install -r {{ uptime_path }}/requirements.txt"
tags:
- uptime
- uptime-virtualenv

24
roles/vim/tasks/main.yml
View File

@@ -82,27 +82,3 @@
mode: 0755
#############################
# install vim-go
- name: Clone vim-go to ~/.vim/bundle
become: yes
become_user: "{{ username }}"
git:
repo: "https://github.com/fatih/vim-go.git"
dest: "/home/{{ username }}/.vim/bundle/vim-go"
############################
# install solarized color scheme
- name: Download solarized color scheme to ~/.vim/colors
become: yes
become_user: "{{ username }}"
get_url:
url: "https://raw.githubusercontent.com/altercation/vim-colors-solarized/master/colors/solarized.vim"
dest: "/home/{{ username }}/.vim/colors/solarized.vim"
mode: 0755

12
secrets/apikeys.json.enc Normal file
View File

@@ -0,0 +1,12 @@
$ANSIBLE_VAULT;1.1;AES256
61633431646330396235626130643138646339373466343131636138323837343132366535316364
6232343234383762623531346536313837333166373331620a653239306639316539663064663937
37623866323462366664666363313961613939666131336134376163356234376231346331653063
6661323433383735340a356366303662666361393234623238306463316132336138383161633233
64653466396366333863396332343135396266313031666231656665393832393830613265393635
30373061336339383338616535363636616139363232653962303262666465643431653338376633
34373138353362616466613537313739663862646666656264343466633336396636636239366435
33313864633232616131616463386133313231313936333531343866643733393432323062323265
66383138636438316562306130303336356330366331663330653936303465643932326231326436
33653536656338323462303365326134646561663735643033333432396337633962626331333265
313739313466393730353831653032376663

165
secrets/apollo_keys.zip.enc Normal file
View File

@@ -0,0 +1,165 @@
$ANSIBLE_VAULT;1.1;AES256
37316537623930656666393032313566326466366432383166363436613863343764613339613439
3365636333303737373361663733663937616133313032610a623836323036396663383965373034
62316532396339643431313161356238316636383835383338363633363936313237353632356133
3636663137363431660a656132353635656230373935323136643336363135356235623038303338
39323338353532386661393739356231626465303339373566393765336235653262316133376534
32383237353735323134666164356137643837353332643138343039353237326563323961643536
65636535663734333066366137363936386239613661656434396439623834656635363763313466
64393739653464336133613638326338356537353562336462616538633861643138613433363438
37376661353162333163623563333766396362653531383536643164633966613636363035373438
38373762366261613130613263386364663630376262306462323432396636343634616438373234
61633436666630396339336461633866653333663966346361383138336437383630616130636634
37393934666632316562386334666362376339326266623665326265376331353931613664353935
64363463633063326264313162373130666161383032653965316166313033313532353061303536
38343465646263353437323237336361386261393664333866363764353038353264613261363264
65313434326261326361666135633434333466613565303837373135373561663133306565636138
36383561666364343037313533636534376263333665646432356334663531663432366666323538
32396163613563386236373037346437313835336336656636373139663134336132313662313831
62643761616435636135316530343231616239386564303061616164323438316139346237646265
30313033343631323735313366666335653836653931653161636165653662376539623332393933
61383462373666303133643664393661623262353465323461613464396634623261323833636135
32646132633530316337626162663661633539663466376633383336633864666664316263363930
39366136653738386665353137343530633061663131656363343032656636386632346433333561
66616336373734366131333233656130383536636534623634666334613735353465373431326531
33306634616438316637666233306536393334366461326630643664373733376235653961346331
65636366333636303237653061303866366666663731666633343938393333313735323038643138
30383664663634383462356264343437623332313139323339313434313563323938363463623833
62393132646665363963323362623438666461366131393164323935636164646337636438313462
38666362653339663630653635643331303038323032393862383863363065353364346338626165
39323365393536663662313761393831613832653335343035323935383761633464313237383237
31653235633936656335616435663939656332663430386661326366646534613365326530303833
38303862343165303334383264313637386631313238663834323136646238666139633430613362
33396264653333373564643532383734623437303738393464383233303136373939633961616466
32663761616438393965336334366636326666363235666234623834623534646635333332356664
38643066326562363464636130346662383463376537353636663632356335333464376533616438
63383930643637666438363639643961646561653066633334353637633361326634303230356539
66373531396437363632646238666631616562653962316634633833323862323738323037643933
61656663366364623066373462326661363163306364666637383130393839313966613533653235
66646432623132383966353065626337653563623339333463303863336463643365333962663338
66373162313366393561666661616230333261376265653436653261633265616364353765333236
63643030363839333535623265393534666465613165366238306263613436383730633765373533
36373231346162626437613230313030633436323136646130626364623737373839363038373539
37383538323066346161643935393037373837353331323162616236396264303266373932653832
38633033326664343534303464323861383863656663646537636165663938303133353438636537
63616166303932313039316366333236623536626632626339316435346264303634383231333362
64633638613335623430623639353035373037613666626565303234626261303261643565626430
63373738306532653830376262383136386632383439666265343233346433353032313766616164
30633966353130636333313864376365643866353036353133636664363861346462386665646564
66346130633137323333643430363435323834383466333461353334316431366239623434636238
34373663376363393933363466393936363362326535356137666431626632653966346339653531
35353439376165393238613039356531623334326338363633333634313233663662616230653861
37376530616262353338316364336333666237313536626339383165316435383738626531353235
39356164666335313932356333363839663564666666366162633836303137623336636330386238
32386239303661313436623364303666393337326235366130643433623135653137346135616332
65636531623031333361373839643437356131353662323832363036613466663334663364343761
64346132396463636637396166336232396566313936383338333966326562353037373837613536
38626662613334616538313662303038396362616532346336363630633334366462373664623261
64363964323139386132623431646163353537336237633334373338323966363361323231333734
38323063666263656634613634303834653866313266396633303163306130653835383737366133
30376562316237396231336462383837373932623835616165636331336234613239663231663463
30303764386130356663666130356165613162666166363532303163343965663133313636356161
31313435663634633163373431653065626463356166393634626139646566356664646162383033
61303366636633326539663866316565646538306630643264316366616262363439346638333630
34653839383766663932636163643834373631633138353837353665623830356331323233633161
64643239613336633933353833616234626564666435396332303964346462653639656235396361
36643064623062383739636539383130646335376266643434656434303538643838363430353366
61383066346361616336616632376562343537336661373162383434343066326366316632666466
35393939303536653166636234303761316138626538613762653663636161373261633438366563
36623638323565363562336235313638643838646139363466333064656632663364336662353662
61326665363764626133373466626465363164663461666532313665636232646230383734636630
34373864376434373839313265306433643664343231363237333261616634393838393230346434
33343438343437646664383032393766393331363631336136393630353338636264323438653432
30646561333561663537633433313938373035656564356265386430633031303738303761333639
31303162313034313832643932333939366132356566313532383061663234316535303138356661
34656239643264313632346465663034383064646235386331386235613162326339353432613366
30336133613232393433376432633764316436613035306237356234336239663535353265363434
32613439623737303365613932373134343162643830653731306230363735323962636239333563
66363265333530393136373166646438373762313439303062663437396464643039626661373937
61383633303636373065323830633434396164626334373137636266313264353736646131663538
32373263666233326266373837333531383131623133336235633965666638626161363431376565
63386632623332346639633330393833323333336137633164313932643036303063636430633364
66353662623062353164383466386261333739653839323338306638626637356461333263316161
36623539343930303037323561383935326265366639313437383663353337393233313830646636
30356639326537623332613766356566343864623134373734623239343136373435653435333336
61363062656136323563386161323462613333366135633339343965666565373639656330313136
61616432386564353735393231666531373239313634386666343362316236663866316665353066
32633362356630376335303963343965653736616132396338306534303230346562656163323664
38326635366133636162653930306435326534323063316634653432316637376361646662613834
37383263323831363630613666636335306632623738303835376332666262303063623333323262
38343666666232653465343032366165373439393133626133626361646633363762326537313364
37663237623138346333333537356230326537643462346337373862653936653264646465383462
33373037386330656338353432643737366231653037623337376362616563303832316631613064
64323264636335373561396538313763653763663135623637396432613534396130356561633566
35623034616262346533386362376436306463353261303033323561386663663334303836373365
33363935656135343333363464363430323661333562613434393931616363656439396461363561
37663035393665336136626164373436343566643566643963646437343761326631396664383233
39623532613062336430333238323532663138376664313363646562616462363830623134323433
66656435376465343965326438623730363338663463353432333734616334356439633966646538
31616337386165323465363561386137353030396231313665623166643065303831313735613032
31393938656430653761663333626237623635646333343664633035376134636438616563366332
39323534623963633532323239623134666135323861373935343533313437303661393932393735
61363463356562663733323430356265633364376463383362373339363433306431363732613031
38336531333863363765646534636565366564633531663866666462366166653830343461313733
39613261643939376331373630303632333339363036323336663766333264396138623334336263
63656264333462646438376436353265656139313233323363376339626462393664356162356534
65386635333165383233616233363562323663346161646630326532396235373830316439373461
65626630356537303733373465343233633963333734353634346564386465393339623836303663
37646436643937656235313938383536643734633930316464343236663762303435636332336334
38623332656237333431633037653231663366663333393039356138663930353164313261326335
65353933316130393934333364636264393433623536303737626234346131356336653130633065
61653938386665623938653966616237383035653039366666343336363036313232343235303364
31303937643130393133643061343038653333643162363065313531643037653931616362343065
31386265316262396133643263386363303666666431666531376134663564376233343038316665
31633234306661326435383337313163326530643130656364613438373337393266353938626164
34636566633038656464346532626362336134356436363731616666626666396338643734666537
36306466333662313035643664353638623736666136336166396462376561303561316662653462
33656262363264326433373439326137613435343239636138666534616632393063366435366263
35646439353266363262316662326165323462656264623164636562373739393038643362623661
31333933643839636335383261353830373831383131396661656231663565396531616635633139
36623838376239353161343635616532336331333539366134646131356535633233623334663031
33366366643335326166346238633263343536616166363239303239346666373438333062353164
37316331666434333161636339383639383532313630643962373838613936633863393530386635
34316637353630373465346235613534363966333339616436353433396333653666356534336133
39393366303339363539663466646162326432383161366530613438363231643662643336386231
63666465343530313661623434306634306362393736393738353462343135653062393538313762
34656532613134363639323761333963306661336631343438393937373337636563333331316331
39333735636130653535343431306335643362383630636262623737366339396466353464383037
66666231653931623637356532373361626566346137656562393233643637643630663932386135
35616434326663356536323834333565393866663732616331313562393930656366306633356138
36616266636630643833356230383539363664366433353839346666666538303962313366356666
34383133643936646564653436306134303364333838636538633666613232323364363133316563
33643439396362636631383931373438646463653839363637363633646561306530366137383532
37313563643136336166343666663361336635663836303665613237623934636433343431343265
32313439656166656464373864316263376137353932396137623036633439623032346637353632
63633332626334303465316333396236333965386163343139366137343865303463363265306535
33383936336231613661393439373964386563376466623538323135613565333037663933336261
61636430323232663036643336653532636639336139356164306366326639636362643430613837
36396165643464663732633135613931373134613038613564653864336638323462636639366432
33393362326138636331643537656333353330623566306162376433346336383934306137646139
64623265643963653730303736323464393036663062396463353937343432346133396262343033
34313737393131383961623665663562643064356238346361323937323165376330313263353361
64616633353337343836653262653465316430336433656532316662643233363762353335636538
65663162373661393661336639366366343937376163303266333135393830343038373166633834
34643639633832323564346634633664306532613737623665373561313937306130633638656438
35303336336666303935666133613362353335396135363336366330373832613065643266333632
37393038663636373837376539353931633539346165666331356230663834613431316336383962
34323965363763363536363037396139616161666536356436353163356335306437653633343061
30666166633531386533393533393564363434383531373261616666636164353262613466356336
38343132623033633862313435313532646230633661313765653837353864353737616239373135
34366162303935313363656430646536383638376138653365336166333730633734656666643164
33663361356562616531326334313630623930366238643632366261616231613439383938346331
39393363623136616661363138353732656238666136633766626535313830646239313535363164
33363732313333643333343037343265643333313430383034373032376662626365373561616537
62343864303536353335666533343730313836356130396132313235353164626538636564366533
33653765656434333761396331353964383133313238393064376331313531386661626166633132
66363266633231313861636534303739666361626333386637666162396531336235623966396631
37653139303332353064613938623430623564323633336437363438666135333865376335343731
36373036333065643566303364396139663330643132613065313630346136643832623939386466
61313264643863643830353263323633366561633735306666633862343661643732636239653962
33353066363730363963303762663066613335346133376632303436626434663938326232633366
35356139326233623930303833613033376261303836396339363036336532363137633862616632
38656331353161663866353064333266663438333830636266363262356137653035306362316562
30303738386632386438616139343337363065323061623831626136313035623864343632376236
39316631366130333334666530656336663666656465343937383435313839303036646336386639
39383465613633653465

438
secrets/ginsberg_keys.zip.enc Normal file
View File

@@ -0,0 +1,438 @@
$ANSIBLE_VAULT;1.1;AES256
33623462626665343863353932613633666230323662626536613136356530653234646662333162
3538393165613533366163376565656432626163653835390a666533643961366236663164333165
61393737346233623030616137313761313566616264323130643932643935343939323439333835
3562383135656232630a386632373739626631653135363936383732653464306635623463303337
61313436363236653830663330623033636163616265373565373334633130656566383639346432
31616561356631363936643562666237613335353166363063343737613264396534656631383936
37656531636334636333383931633465343139616632323962333439643634626665636132346166
64626565373462366437303562646636326564373332343931353436646565663632613366306639
61356233363135613761613130373862386536356434336631323331346563383931383561343966
66366431633966663065613864616161326166303638386466326237306531346563326332313530
34383638313962343563313534663930383266613062663933393537386630616164316663326238
32363131663364646631323262393339636436316461356632643065323931363833346339616166
37663234646332626638666564366630333865636134656633316136356364653536386636616330
34346132336563386230323435323533643065626663643564626263663466396534386266303235
34383734666336343063653661666364363834396239656531393536376164336161636639613565
35346266623265303235626466373936346136333439303630663139633566353161666536323065
32316165663965376231636364326562373261393530306532336332316165393731643839383934
36356562613339356366643231376237333563623661646133366563373932643930383432333431
39393163613439373231656632353166326532643033386531616231656465336336666664343330
33356165383063383263326334623434383533623133383562663765643462613530306439346430
36366266366365613234326336386431636263313533336434636661666631633766666261343665
37346261656562353636366662646239323963313066363865633839366461303138353039343131
36663837303535633265343636626564613632643636613439633065383636396265376133393963
63333666383237386436653861316464393336636438633664346166616165346363383161663437
34383634623335663534346534376437326330353131393035393630653864313164316430313035
34636538373539346538383461383662666138663937656366333966326338393866346335323832
37303537383939386139643136633362386433363965343939613634393235653561313233353636
36653839383932396533333736306236333465333363323139653463626561333665393831643437
61623832343663633366663030316337313237663631633565636333643435346335303835643264
66326263663239366434333565323239393836613231623535303034643832626364346166326634
31303534333839643237343966343632313763396365393962396262333139346664383365646636
65353561616433373833333062333231636434643830623264303566613136313233376661313665
64623764663635373661623435376430353931346131303435313737666533343331313434653837
30646162343733613163373731323135383366346339643335623431396238383962643863316363
30636438383266396630636536656233343536636166363633376537346538666234333036326630
33653633643862323439323061663730656264653339316161396635323761393533346663656635
64646663383865393331623536626330326161333664386562383139323561653234346661323736
32376435636163323332386261626132363361343436303138316531623564623438346538643933
32343936616432613364383136383231393231663738326132323564626261303335316630373533
35373165633130636238623232663864316234643965316638313437306365323035303539356336
63636436643031393034633933623338316635373130383031643036663830346239656334616537
63313433653231633637626262336161643334373533633734623239646233653634326337316134
36303533653163323836656338653838623361616465396463343865643262353063363230396162
37306163326463376338313335303564666631656463303532646266613764376338626436613932
64633830383130643433653066633262306433393866316232623535396661623633613037636465
31393165353438386163393061366531333031306130613736306332313235393263303630353037
65666166626534343039326162373262373737623231316638386639353866303462343537323032
35376132656432316564646635353037353435663837386266363266663739383130356261336139
31356261393538653466643965303134643030663539366263633031343864366366363630386138
65363132623935323739333830376135303865646666313464313633653930336666613833663033
66313861623063326230616665306364353931633838646433303166643661613062376636653933
66393665313737306536643063633034316137306661386331306138353936393134366136316338
36353935383439326634383134343831343537376263316563636134353436663961303032346139
63316531623139373334653534633130626165346237386566353636353138643636663735623862
32313830316333353962616535613763636531353836323462636532633164316334303466366337
32646261323165666131633566663634343664346536356336663266396633636133626334333730
63373637303739663466643666353133373634623932363332646231613735343633643035386239
34633637666661323133396135306337306461343435633631353733636166303731656436613234
35373831663136306366303734323131353432376230363733303635616234396165636532333533
31376538336561386135653533373763613436363665303335656636616238376235356135316135
36383734326463346535333138333036343533663564373262653232656562653562373939653338
37366562343665626432373661613861383662326130633336353130613466653837346662643736
37316538326631303632326430643836336262346231383536393661336433616465356338663035
38353434393661323933363032613531626266376562616336346330346636623734613032323366
38623634313630626530306433616134313163306664386166323134343961363336653739626361
34623839363938326230613263323966333130343037613761306633633663373065613662383836
31363332353130636566346132373637363061313465333131626361376237323539333439396536
36666232643233356163663262623535636337383764333134336464323135393932623534633461
65366435373330333963633239663531333738653337303232626430393265373133356632326538
65323438306463616439366130343261323134343166613231386532643534626635363331376438
38373736333363326537346566393732343335306166623334613233356335306333666662613062
66323265346135613935333563346636323434336464326535346235396463313962326438626436
31616565666462366535326632303532666266373865666131353034646432363638313135646262
63373039353138646665313636333432353238396564616662366139333235313338336331316137
61326533626538323035653063623832363633363835613563666463643936666166353563396434
39666361633335373562366638373464313730386635393463663035656233363133663435653534
37636232386633336438343132623032313665306432353437326237663031396636336663386664
39393039323232373132346332323761353461323330666130663837656137636237653239323634
63613032626161636638666563346636616633393863643364666139353235653166303365653836
36306565333335636466323132633232333864656464376363376133383533343130656134313839
36623836333161653162313662626137316461343635363366396639656162666435353033356566
62656130363931626232613332313638643539396261363264363234643738326463396137336363
65316430333334353261343332376537663936653436623635653639306161393832383634663636
39363931303030376638353039376538303134386339666662643561656565363938646462663931
33356331316264623864386561643131373831626666376537633161653062393061353534393263
36633935663830393132303338376662353664623439346539393839396639383237356337653365
36343139323030363962396437326636393532323039663538343136326230653264366233393532
35363866613463303264653464666331316639623436366234623032343632623530613932353135
30616537356264653430373365373539663365373439363764633465613964653933336431343665
32646265616661363861373461623664396637396333393431333834303636613335303037626138
66303236633433326466393934666236626331363865326535646134313962316563663039336531
62383732653730343835646439313032323762653436336632643730383239666631623962303761
34393736613862323633353531346666313763323032643631303630346137316134313064643235
64373237366131666463306335616432366230393335646263663865323339383836316362353463
39643533626137306339366532343166383963643731623436333163306236383930653132613538
37663266353439316535353132613032626464306633326430303363383563346130306436643162
62376166623264333838653635633263356332313138343630643738333830623539376232323361
65313066663661396663356362386231623161656466376133656531623831616136343563363662
35333334333935653736613762346333326532303433636638663938643161623264303338623639
35626132333965646431353735376662346537643233363264656537616661666135643437623334
65613030656237306362363265306665303065373734623839333232633436313165633939613835
63356335333564353830326233656462653132623739306336366533666139633636366637613335
62646336663934663330306534663232663239376464313164366261303338333965663264646531
34336261636564326530646134343736643731313134373163383063353637376261363337663435
34333838643464386232633762643666333463623134333434623465386537616634623464393462
62623763363062663363393030306433343466366433366561656537303832363765633937643338
36336130356636656166303833356232333537373163663338656430383530336135646263656133
38653366643665653862633163643461636633353435333538303538633536636430363465616334
34663733613361323066373165396662373462366537383433666564326366396139373437333439
39646531306435623161663530643663613865616637316435323361626565636237323266366563
63633337333365626262656633623766313861353236313365363934346133393433633661633335
39326365653936383738653865333363333763623366376366316362306433383364663765626630
36343335616236336363393762363966373464323263323631366430666230623764363534303436
34623063336234653030643437623931663965313334366361333761346362626234383566656661
39646563666537643331336531653566626131666439653739636561386330336338653539623962
63303738383738356564393665393834303765636334303932353132623537366564346562633336
63633937353063326363393163616631393837313039346162326631383863376130313436663936
33323936333563323961383234646534623430393166323365643135313231373534643230633966
64386239663437363936643431616466363130353761313937626434383962343937343062383238
33626538386637313530383338323738343462656233393637656365303665346130356131383430
62666466393862386237393866656235303862633032343666323731313939643661633565623566
62613134616536373634356563366434646532656138366537633733636362386239393261393337
37353862383461616138383239313138646563316534626330646266613030373463383934393438
31656334353666323132323761303866333963623431613239386261333165653564303435366638
35363366343564623934666338383639663637396437343431376439333337363432653235636230
32386531373365613763386431306364363033366237343635363131363062336538666464363039
39326330306138313936653763656134666536316633626133643164323434393066323133363537
63343636323732383664366634666130303536343763623437396135653432336634333135343762
35313033613734643639636133393637343362313336316266313437643061363432363662666665
30386134326434643530343636613435363866656138343238666436616333383237646536636330
33393436363762633665613461366135356237613937353061623030343362653163623233656361
62666331363139363130306534636332313730336237666336376564333230323430336666323932
64356138303638373638376539653837663962363739656437353337663639666266373432623764
61316635633939643239303235373363383735326431313164386232313538633065613837333633
35366133353565333137366338623738333962633761623036316139316536666263306533636561
33353565326635643561303665323230323539353961666339393836393639326632306333653433
33323535353661373736306438633835386138326532383563363632656630626463303463653837
66363137353265656466623339633336623632356265383432343063343838343562646433336538
30306138623561363238393639396130613034636137393733653939613337393437366138363566
65616633333262306134663362353363346239333763653062343839323531326432373462313764
36636261386530396238306635366631376430346332653565623539663635346638326234376137
32396162336664353437643764396530356131323939363138303334643030373134666462663061
35386132333266623136376462373039663234303862336662393736653732383462303735393635
30653636663432616363633662613365643434313864376530613439653434646133653234313238
38363038353731616139306465623830313633626634636264653132656664326233646631316230
66383532316364383939623637336265306636363262303030353839366630323539376563643561
63663130343631323362376238343265613464636634333461316231343536383937323233373064
31383363653264383132313833373231393530663562626565393461393138653565356162616563
37636266663435323262376530346239343238633264363763613935383566363862393134396338
30656430653038396338313337353061316263323065626430323966363535323136303531393138
65313935343430353838373761396132303831376132643861303539626331363763303335653838
35613532626238636631623935653464633831383530346532623439323935313663393931333866
62343761383732393463346463656630376164626664663262323163386530613830383734636365
38356434313837313837613062376438653235376162366561323830636564343538663233316637
63623731343061666261626361306634373936386131396334333465303639393663313334333130
36396635383064383863353737363431373638376333366135373738666263613039643062386365
36636430393464623664666136373432383466346639376437666332633230393434643562393535
34393166666461633838383734656664643438623731346161363534616336616435313432643334
64336633643736643234663433396135363263653136383133633538306634356339633133633732
35326430633963306336643163626434656562636434393234373234386366383335376535303663
37373938373439316332316531616464393032653964306237343034323738353964613466663664
32346563313563643138366533616437363864656163633935633834656562353833333664356538
62643536633765346139313233643531366265393565373363656230303732306434396634393132
37303933393039373666626266646531616234666234646432653961396637336263323163386131
39313730653266353064373334636163306632323062633935356537653161333865303966353038
63303063363961336631323063313437313838316363356632663238663130633936373739663231
61333637353235613832333332326239343632373037333636333766363632323739373933643166
37636239636335343561366666313633336432646137613636393530376364313031313761373033
62333037663764353566306533353638376133313634373631376130656434323035363131346234
64313561313935366338353231666532326631666434373163623566636364376339306634626461
38333937386465373037613939326138663733366665386232346631386566393432303034373863
33616337373535633666333030363635653030366135316333393734613038653062333539396238
38326364636464616432323532393964306139383333336333316638326561393833643632333833
31343165363566333362666261333132623338376235623532306235346130303865363561346365
61656336383534356666613661373738666430383965643163373238396266323537336462623965
32663838343434633933633863366136373233333839646332313939633938363533653731336662
64303535666361613530393037323031393837623633653864636633383465366334643834666636
64383166666434333562643337333431323965306266613037383166656232313236373838366633
62623566643032386661666530636135316639363563383334356662636235653033303762303463
64626464303366383336333932303463626164363035373032646366336362363634646539353265
31323662396439303737396363306334383864653338323261326234306334303330616238353030
61393430313431653239666431636536653761323636303965653538636464343662633163326537
64373936333765333162366437666262396465663032393739383861336231623863633932383738
33373432316662363835303961303036306135653665623836623639396562386139323631333831
30653166316535333039326130663864336361303631326662323936353063353532373233386263
36353566616239653962333438313730616264656136623938393865346437643764326666366337
32663430393330663431396338346464323331613161323461616338366163646665643839333464
33383865623239383335336263333730333035393337376236303666396334663431613236333531
62633862323838383566646238316666366430333063646337393264653064353939333732643833
65383737633331363064613866663462396365343432623165353635383238643734333634323461
62346265376366323436346166353464333862323438313065386432343833643663646566613962
34626162333962613832633733396266306138663165353830623137376430393166313266386434
65303438343538336238646132393635656439346131356165393131396362353637386239633838
38333233306337633738386433653634666434633861366563646234343533653735386333346234
63353264326638346263343462656565356432633333393463663136653332323337626234393739
61376637643932313535663865653037636333333831356165363530383032333830306235666137
30663563363162303636613533623465313564356130323836376631356431636638373130356435
66336630373562393631336332346532623236333539646163323064643563343231383433336233
62323862616438373434313065396131313437636362303131316338396533613933363130313133
39363635383330663133663737386130333863653435323232346330323162656639313462323435
63373361626131323864343363336161386136343366323132333963636162633539653032386534
38663863643631316238366264396331613265343862613564633963373235653136376430623462
65353734383433386530363932333630616538323139323165323533626562633932663138366134
65333536386237366361663836653738633837653533333830313463373735316334643231376663
31306366636438376532346464643064316437373664396434313532303731356230326630353461
38343834376534313062386333616434333438623863353033336463326532386164373937616233
34376534333232633337653436326464356665323039373666623832633164373030326366316439
39376135366230363536663066333637383335393934303431363433396232623838643037313437
33663130353432366332346339643439343766373737346365343262636235633661623836663730
66383261386438333635326663346533303466663465663132326631623361386438663637316362
63653634336437616339626533666639626338313561393761313030643234326631633230633230
63643662376263623261313639343538636563633830303861363334316261343134633163363939
62626466353161643030613962313061346563653830306636643631313934303136356563393138
38316136653438373636333336363938353865643233633932663064393236343766326462376534
63653062386561333461363863633836333537353733366631353866356466366233353663353363
30643533336534353461303737346538346237613939326336613439383133666431623534666665
39663231326532646336636333333035646564353133666365396366616665646465313965383137
32666135383335633732333561333535323639646461626462356238303130303535663432373537
36653036663765613439326531303264376665336565383765616635333738623362613461363635
33303864653031323339623439313832343263643930323462623538343431616439646138633131
38633532313136653531326236303234396236306266626266393564373266633931393866666266
64353137383730323237363532643362643537383731373735626238626364393430646362646564
31323739623963333366626130393966616232656137656537646264626638316334336666613936
31613031313331633465316137663364313638343665636664323565333062326630393530353764
33646564316361643965306336613033653534313536313236383132633038616666663363616362
63393233306135393938323161336630356635646430666163653961323830373535326265353963
38653733326434303933343031363636376262633137313863666538316665363661383764303263
32646136646462623266343365373230646234326436643634343764313030626237333237613434
30396536646463323038343232643432353330333131393730303636383661343536323965646338
64373836333234393731623132316537666237323561363162326561646664303264383438383332
32383364346630626636303632646162633839353463386362663463613764303164386331316562
33376436613761613336366138316239346266653263643262623863386135616332363635386534
35363535363834313166366538336661386536323366666335376135333834623634646234613137
37623561643932653964623065353038396562646433353337663937643631313539343363383263
35346466386636323563623162396134363134633963656238646236356633653731626365636235
37306636613038376236633632306163326566653861356632663166363566346235303565353563
63353937353130616630336339666662393064663337313734363563316535343635643662663339
62633736303264623465306161303531316465656334343639333132363465313632633833376536
38353566633065613737323438316133363133343236663765363436666232636535393635303635
33613037346563613961383138373562386430376335623036326561353333373233666531653461
33363966653066323730376364623261363863393162343339366233653866366438336363646438
62323962313333646161303630646537346539343566653864333865363138333361313536386233
32356362623363353533643239346638616633633330626539656563356136393063343363613263
36636630383230366363633965356466326565653766623737303765343239383830666132313238
36653237393862343162303834353036623661346463363036363532383866326330323837356561
37626439363936643832623932306339633261393233616639616465393132623466316161356330
61623464323038353534386132383334643761616161346630643031616565346362353233653234
36373738633932383039323335373535393066616461613438666263613363333533396631353963
35373663383937643463656531623135353130626133363437633963313338323361626166363632
34326338306139363632383534653865313163303235343530323263353435353232363162616532
66663639653636343065633035343666376434363739353363336264366665643964386666346536
36303933383236306139636263313034656538373036353964316362333439346337323034373061
38626263326363353237303162643065616262386536623336323266303737643166653464303865
39353535643730333661633737653564353033666139653163626132303664646335643432363432
34323430396466366362633431336266313733613030633431386134376161313464376163343265
39623463313633396233653237333237643364653038386134373937623863393963303365663738
31373236643764666663623432363338633264303365663635653339313162613034373361623937
36613964333330353964313532383062626139303365376534613337396333663532383037373963
65623763376262623966396130653033623462353732643963313864643337626334376166643033
31663764323765316331393933306231653132303833373131353134303032306532623162303936
38643136333562346137346237656164363863343136666438363331626134336230393334313465
64343066643834326566353339643061343762386335326261316536336565356132656138633461
30613234613332306462613233386138313938313633313337396234336230393462346133396333
30633966613861303663393938386139633038393438646563363637666166383465653831396431
32336134336366626661666432646164333835303238373036303530613064663430653336633834
34343631376136633864366165336339383662643234663133656362323134373966313738636461
61373163326163616131373037653938373964306137653463326130326538633039376339653961
61383735363338646465663863373339303334373565306233336438373937313831343563383833
39323365653235613661636637663632356339623630306361393338626332633037313931336137
36323633356661303737323335376530663933323632353635343035393634613930653530383135
35333639663462336565373536303464336265633263363639643162323438383165383065386132
64613936646534343933663064346336313037643331363564306630363934373730326565303664
34353566373235623635333966303065386137633836626261336264316134346665326461613039
63313961656238366466643532656165353932633637623538303466656535613266653566343533
61356264373362333833653066383536333438663332643035363935633030393364343132633934
66333134363565653965366664326234366434323034663535343432663438666234356333653863
31313135346436633634303330333338643337333065393764373435363462626138376636613265
38373535653239306165393233323431346133616164366163373534633034343538636435613531
33653064363264623638613461343666636664313734353535663862613433646538356236373166
37353132343163656436666637353338636135646236366563313264636139653763646132373936
64343132353930616231363665303363633663373166323236313664386166386266633261343762
33643064616134663439633330666235323163643666356461643531643935343661353136653930
38393232386535636534316331366238363134623837363235653261646438646133373030356665
30656530376631376563306362396439373338353230346533616262343561313331396436613164
36613532353833613836616234316561613537316665653139353830663036323634333630343361
66623130343365373665306233353261343939386435373136333733306138333732333539346336
33363264366231373933323336363534363863613164663462353566386532383837613334386465
32396639303934613231313866626138376330666265303533393232663034306439306436373633
64363932383566666164386631343263373633353437373836313834616362643630386264393863
38383632383763343331653561616230613366313965346631343539616638626233366366343863
34353635346165393365326135366530646538336638666466363362663030616636373766643963
66303230376539323439326436663964386137383338376363383937383933383932383737376433
33656361613932626466383365633031666461343663313039333430356232653838653030646432
64376263363533316330666433363330333164383735353631306532636634303532326563396537
61636162646635383464383638333564613336343739616138653465396465386335316632353231
61663066306435663338343766343761306635626465636536306133326235343536613938366136
33616233363561636130393564353234333565643638386334303538306634653230373762633037
35356537666539643337313835633861323231366463663964306536373638303030343238306562
34393231343535383033643837383032393331306631626235373539616663393764616464343235
32333062363766333737303136616438393930343266626462386530346332363664353062373466
30323264663933313933363333653332353531653636306563646233346264653261376566383632
61363834643062626265613933633835373035663362313131323731366331373231636631333331
30626439656334626361643566326530663035333738333533653236323535383334363535353738
32306531343731326531623338343936303039653634373736613930613739656135623633346130
36633065613032396136376364396635643131393739663239316463316365656462666233363238
31396433636265613363326234663364343430613665313361663639363838353731633063353661
64623665373536653835303836656137313032326238623334613831323232336639653537393535
64323565626330643031376137323966663438626137323533373762656538353462366434663336
61653539396136343734333432313239623833396331353039646666643432666130613865653562
33616432633965393039333766656430646633353161646365303434356539316261653034623663
37326338386563663666333238633537636361636361656165366562346137343462376164613561
61653937336536653030356561646362313733616561363161373239613030336435653839366366
33656263633965636362633336633765353739626166623766336532316636353465323563373131
36623235643362623432336164663332626630393835393435643138396466346664646134346365
32316362323038393561393636383838623234303331316462343935613638316431343963653637
63656435663965646364333634646136356236383433306261363164316162353639333066376535
30623035343164663335633036613036393630393235623133363864366637396538343561386238
61313662613132393161623239313631643737663363303363633364366239613930653261336131
66306263333561383862623130306232636462323538646364636236326565623739623430346665
30373766313366663964326632303431626462616664313335353338353034646235613833343632
37656437636566623166336466633264376534353862363763656535366665633134633638343665
63643237343566323630393531393364333833313263366137643339646431383832336439366233
35643863383934393565626363393535306432613963646433633139316339643931643637396637
32376564646430373963613637383861636663656666393363663532633163653733333535313433
32636338653366666330396234393564616266303961323033346533613365393266636132393832
35326535376634613562653732373365323638313066663561393966333830663237336338336166
35363164626664333830646162393731663639313931313461326337643330353362633733383661
66343965306362386363393964653538366662613439343438656332323837353031336332633238
61613739373436346531333138656561316663626663663165353164343962313039373464633966
33373664396637633432396163346136316361306564626364623465356431366430373539643433
31393232316637376163383335323735303036666431383566633062363033656430643733646337
65383766396665663331663439646663663262306435616363363837303764313837653837623433
37373532333335303039643336623432373162386462356261656435613962653661626636623461
31653165376631623065373030313635333734653832616364383434623461343937363735336431
33306333653461383032633132643133323831336534336133343763646234346537653965613365
30353264336238383934643338313131633037643532663764613339393831323030366461373763
34666166616238343662353636356564366332313737346331386330373431363462613334383133
30386634323266643131306564653235636561646532616435646537323732656362623364623439
32313465363264643638393734616139633134383238643239613739343661383665343063363932
62313138356364383739313365386638623631653130303762336164613863356162653366343762
37633330386662616261313430353764303563366334303139326261366565393532643637653466
32333562633635373037633438623463613766636337336232653931393266633335316131663431
35356665313762386537386261333633383138643965366365666634616535326365653538383765
38336162653632656638633830343232336631623932306431653936666263336236643536643734
61366539666332623662333062633065613666636664306463653864626436313865306532373965
66303835653633613463653236653766613030303031643435373065333561353465363734666663
32373638373031303430663466346338366438626334636565353334643235646463613933316533
66646365663761303033616533383837336435653563613862626339323765333234653665316538
62353737626638356233336663366266376635333933326137623234386235643135323138613030
62633562616665346431373436666332363632663735303634353563396631643735666330613334
33613761623165313936303034383239303262313038333037363632306666626664653636353161
31613362333934326530366331616337323835653531383964633536663733656633333838633463
66336136633630356232356536383066613433353761313937653538646537326134346632656433
35393064663265616431363165333331643661656136356530323931653533626139343433333565
39363730653031663238363933343765376131306265626133633530313437303064343430313264
30386532313132663264356636313433643732343238326339646263656136626564303439386230
31356436373161643364626538323437643666646237313334353139643038666533366235333936
30613362653864636432396434663935326164303736343866656439636539636264646631396634
38633439313839666136653436353463356164613038386633613139663037376534343562633034
64313738623466383930646631636565663661666334376238653930333636376639313534393633
39633632653330653136633462663635366634376161306338643162363639623863373530666331
37663634316332306133316362323661633732323866636661653930613430623466303631376338
39666165613738353136383535313837633630623964653537346165613931666535616166383865
39353866646632363434653635313266613033653834633562313739343236613839333839386134
32633239616537393565376266313139366232323637303634313435666231376462303461646631
35306435326631356539366265623865616130663635333630313765306565643736343037623837
32323966653935303838613631373665663366386363336233643662666639663162313962303639
34323064663838383831306330326636643735373364643737666332386539336237343862313365
64386631353839353436656136353361356433666638383364663639343464303866396265363331
62326334346561366234313834303337373365363436353565646463633633356232366664623734
33356634356333653265336134386334393039636435643838316563623038366231336664646630
31303136373435663234396131303461396665633535396566383935373638373161666437613935
37643632663130323165313363366439613566313664613261623237653530373363663337383562
38356331366266343335323365393439653537363832623835636531356138653065383563366363
62346666383834383438643635343262303563616466333963616539303339613238353135303539
30616231663039656432323635626137316639333536613930636439383062616538383434333363
35356638316363346434383233643031653332363439306531643964353438623739343333343366
61343164323765346335343766386565313739363836663136623330353066346565333635613266
35356231386334373432326636656633376331666366356134343533373030656633316334363933
34313465323533616666356633663035373536323430656630366264396464636331623337333034
32646632633761323965363431306536633636326535663834653930633937363538656563656363
65353338323961623738616434326261626466663830376361393431343863633638363561363332
33356631636130316231333634643238366136666439306263636331366330656262623339643633
30356564633330393238353262383430366238343035303764343165326364336335323966626666
33356132313035343037643830333130393731333132356330333237343430633633633938613534
34303236663739623539636337623832643166323432376662326330643662626664613336666136
36303161353266313036626164333266383965386133623863356437303264666237363961376231
61386530376333373561326537373937396466613838396562646234373764373239313139643739
39373263333664613438663062333466643965383165643930646338313737313863366131653466
36303231363465323262633664303264393166636562356636633139313039633062653739613536
34623837643537623632346137653164666139363962643036373837333635366162663838383733
34313661613434653535643463613363333066613831656137653333316132313261316335633966
33346639643465316133383538373439356663356630626161363763303166306231333037666435
37623161313431643034356134333238393332363061623130636137303233343030396236353662
38343565343832653762643039636533396536373162336239653930316639303331633534383037
38326663616632366530386563643063343961333431336130363138333738623563643732373530
65656462666231316530643663316562303533366161356665316231663934376338663435623164
31353233333465626438383436636535343338643563376434343339353266623432386532356532
37313831623939303138343664373437623364343430323935373466633735616335396235613339
38303930656433623664313533653235363466353032653333646134666635353031326666636537
39613731333332353866653466313864613332353464666531373261376561623162313432346363
32356365373733316432303033643238306464306435346330333434383139303438613533383263
65393866363631343939303465323965633236353432376665326635376638636263613861343166
38616332643063316130353431646461346430363639613831666535343037316536346133366234
32363333373164366639656638626138343332663030396230646635303233626166626539363830
64303432303365633232383235613337626533363965643733366436623638323035616462353963
34323836323731666332373036613564386435363439613231383436383435313861373665396433
34336438346137646638303639643538306264356433303938616639623935663364353735346161
31353331306633373766393865396538383666616631303236663335333135326164303230643838
38663162306534303333626331386334396361393762343965353865313065353162353162303461
63663138613361613832323464303239633563313534363835613264353962393163363532633530
37646131356131643830343436666261383037663631363738613761303164356330363662363962
66626365623563636266393636666536363963396339643765633936383566663164333862663632
33353561323338353338643234663233663662373939303134393066363735636631353230303834
39666231333132663864396130366337343337333134636661363462636166613765326263393930
37303530353431356639376361313335306436396637346138303863336231323634633132386234
39643136393661333435646432373732383766663964656363343737343962303838363133636439
31363431333362316362333663313663303535623331393834643963653936353863663462306263
34356139623836303762366530653430376661323037333238633332626463653834363066346566
36666530396431643633303631633261636334323430383335316330626535303533323732393861
63666363353363333566346436326261633566613830643839623933653561623732633633393464
66396264343863383064353264393435343238383530376364636637623238633431326435626430
32333864646161306561373932373632383436613661613461353535623336376161646464323335
39656465656436326338353731633333383365363430393830363237616665323434373935643031
33336561393331643366646132386166353037333135643734623062376132643836663533626531
39326364393038343133326138316232666465373934613334643665613361663566623734396565
36373662633732383736613038346531333463366263633539326436356238343735386337333033
66623438303831373639393536373362353336626534376136393536336236383363643762336532
64353462306336383833376131616563636564323234356237623962373263646162653330616434
38633439616230656134666634666438363835386662323139306261313531343432333633396666
63396539663133336132326235666331333235306566386230363838616564363836376535373866
33323065393331313865333539633165313039376366313333663062653337653735386638633137
31363837373332353661386565393261363336663337613935613462396465356535616264626331
34633732633032326132313330323932646635663631653961353265353461343235313562616438
64373461646337656162326137613466313765653366326232626535306232316361396436646339
64626666343535323361303664616335626661623334643031376264366664373438633566343837
38336138613131396134643461396131613032303436383562346638366430366536

280
secrets/milton_keys.zip.enc Normal file
View File

@@ -0,0 +1,280 @@
$ANSIBLE_VAULT;1.1;AES256
65316335653738346634306233313332316533303163623238646162343439303337306132396164
3038383636303665343864306261346335326330313137310a663461616565303264333361646130
34336165663963363532633030663364383733333030653339383261376433636362653230633130
3035666639646139300a386536316364363932656237346564633937336637616139613661616532
32353731663631346235623235303362383862373331333961636661383766646338343266363661
65643230363035363361663537646331393435363139306365626534633838663635396361376265
33343131616239653163353332633936366438343331343137386439653835333434643036623237
36626138646563313930663330623963336464616161626566333934316437363931323536646235
64646132613430366639653566383562383139653639363537373161626337623335363363653437
32356366643463386161343262653764663938386434386338303930303063613362306165613535
30353365383364623234333766326536643933343961333565633564383438363938336332336632
34636136333632373366353133343064363936663531303932326531396633366335336666373039
64623034316633356432316134623432313838613037313564666330353739626361356662323661
39363831663830613735303735313933336361333334623461303264663538386430653365313136
38646138343834313765326661353163613635346238303333376365386239656161383634633663
33303236623366363566333535396134306664653331353661323464323537323339306237666437
61383266303563663065316137623832636162343533303565643338306135363439386663663966
37656434346365366132343830383663623533393065343339326164353738666564653634653534
38336139303636643333333362633564306431303932393938383865363831383661623732316361
61333266346135616537316135376633613266386331303337666563663333326638633633336332
65656264643262633637616664613461623461303865333838323536313465373163623235336236
32653133643866313765353033393639663233656531356236396438646233376364373136666131
31363031303166616431333039323531653435393434303866383563616161643231313039346464
61633336326266393835313763653538336635393937386164336161613934303430373833336438
63386635666261653566376237623737353161623238653738353735353638373230383764313336
64343237323731623161326135323839363836313566306261353431616166393333666365653430
62373531643537623037306366306530396437353465346432396363646161353333623038386238
61346238336233343762613933613464383139633733323034613431653663373136653737383133
61666531616166306361656563356139653134643333666164323734613130306565376365366438
62323563643661633336323638306432333637366336303935393566613238303562666630303637
65633337376364326565623266633835346437646437386638326237626265626434303036393532
61303333366230623362373237633538623063363636623965383466613633313063353431643735
66663538313439653434373734373836653536376532623633656638623663303331356134303933
31373864383366623338643937333034383734333561396163303530353638316461653761303262
35336630656535306536666635643738373830316336333836636666373538663465636164333566
35633036343730623237613463643232303633663965653831343064646163616630643166663932
62613836616462343133663535363930346363616131333438313864613337313239623031303262
31323161643030306564386664633932303764363938393865653634626163663261396638373661
32663136363539343866646236653365636266666431653161633064366530636131633439333366
30343832366535303032623534303261646634616361396263633530656437343464316535343731
38343461643338353235383033633262653239623263616535613765376333616564656431336335
30313366393632346266316634333038623436653533636264386531386661346261396330353766
62363233356261656139333136646366626235366231666263333733386465343736386261306233
62636362313237353965613535306531306636346235313663643139353262663936623866383763
31376434346436663961363766626565313431353631646166613830323830646234396530323939
61616436393165646232376361373434393833643538336231316638636663386232333263396437
38646436383531336264373830366437346166356465333766313439386134363862636239623339
33363564373265336230616136663464386634366362313731373366633836646434366438623461
35303662373664343638316264663737396663383331376366323031373531323833613238616536
38366131353365663837313864376436376233363037323062393165323438366163386662363431
64326361373838303639643838616165333037303633306333363838396462613033306335353466
63613966653162373834343462303730623765633233616565356631303930623865653233396663
66626130646263323031666233626234666132376262373864646566613339626631376536643765
62663237366330313530333633303734656662373233653662646134653066623266613662346165
30623934383037663766323133303064643835396564663063376361633832666163343563303430
62633762366235616538333564666236646437313561386365393737346262663936373735353138
65343038373765346534653463633763636665653634633630316462303435393036346462366436
34313261393639643162616465666332326630326439333637383935646432383230303563626234
62326164383138306439306333383436353465353433646664623830356533363963383437653234
65663836633362356330323137333461663563313333373330306263613966376631353362396662
66336163343765366563613332343531326631646265663630306235353531653638383763386533
39313439306436663733643930636239353933643066353734363534313439633234333666346566
65336539363335303563633462343931633131333938363032333033643865633834363934313063
33643930646235326631333735383065383462356165313037643232366463376436333638643339
61623232303261323039373665613237373231323431356130663538636238393739306539396661
63333133313136393430356634346437636431373964623862313138366530306166663965336636
61623131653839386633396438333334326138373834313366343734323339326331363036386565
32346239316635633164383334303763643931623933653266623633666261346531626336643630
36303131386139646263616130336131353330383963633734373531343635313232646636633336
30383031316337323034356537623033613530333061373266663365356663366439613934646232
63653136306665313330613630393462613166636364393666343262393164653930666432323066
34366465313866643665626539393534633762633963336439626332356438343638643166633561
66323732376236303062336566353734306563363866363664326234663265616565646130643261
34613863623835346533643966643431613964336231343761383034376339303033396634393133
36613865383664396330376265636533613433376464306436643663373234316361343062613036
30376564376265616662326666323035623533616139343434373165346538663135353865333238
65656534313035653538313431393061353335666335346334376137326566613739333365343834
35623465343766656564353439373662636461346333656633666530363137306130363962666564
32353534616462336263363732323737373032613237656438326661303633326432383965326535
66346562633130383864306237353332646131643438373330326638313633643466303666633865
66313664653735393061313535373264656235323231626233653134643036383337336539343939
36613135353166326432393564383934353333366335646436653730353235336539383861313632
37303131316438353564353963383133343438333963313934643538616538306265363563393838
32303561383666393930383335656635613230386665373764623363316436663530376333616666
36613865303232303637343039346635663238376531336564613065303463646663396465633830
32363862646531353135623062356566663234343161643965346161623235383862663536323131
64373535636563313063353962656537323432346333643037313434353133303830373664373565
31626232343335393739303562313365656538616436373535623561616135316265666231323332
38363636656336336630666537396238663239303763326139646235386565656266623662343231
33396362306131373739313831353035646536653930363061373433323732653964323063306638
63393162363561313336636266353965656336393635653266393037393837623939613332653533
33303136653235336638633539353437663536313963393531383466373462383466633039363633
30333434303833366331323530323032333634323266616564653963623730333337653836356534
39303737653363366433313735353233313134623661363631633131306563656333333564343638
61316534393531373037333234323466626634383736646537323137343366666164626563326339
38343031656231306635653137646235616535396635626432366462626538383365663538626564
65303063663830633930383933643730663632643434656461343236613939303935303361636566
35313164333231343566386139656337393330643761346565313339653435633339646261323337
31383962393738663134653930633838363931353435393961383437613136303661343333313936
61633532633137376636623638663862643364643562353963303138366266336364623365653237
34336437633964616638626139633763396334333463326463633965623037383662303339633433
30353163393030653865303130323639393465316334373438653262666161363464383835643761
34393532633835363238376337386232653666623966313732623033316232636564346634663233
33636139363833666634343265356533356661356234616261363434393961656530333562343234
36393861393132366638326333353439363035396530646261346630656434303733666161396536
36633366336161383735643162353464616364343466613035633531616333326437616533386436
63653666353037363138366331666662313566613164336635656430633266363931303936343562
64373333636538663962363634623630646461623064623833653134343933633936366366653566
62326661383134643836336538336465663634356137316262333630323666373266393438316265
62356362386435396535666233663561663632663035333466626263663837656531306139663437
61313434323132663139323338623337383863333465326263643665636531306261336564333861
61666236393634613035323532373265313364643834316633383766313237663332616533666531
32376538346433313339363963393935393862623936383564616166633465663461663631643638
61646631373534373534396530326535353831316134666264313735373564383534613462303637
64636134616339663039386134336436353363626163323761376666636561643039313137353564
36623962343166396531316333336532343561623633613862303839653066626439353738653236
65373464343464376161666335316362613861383038353837343430663938653161616231393261
30643663616563363834366336366232336535633161376432616332653561303332383230653530
64613735386663333630333030343232396232363536363661323737313364613166326132333335
37656533616665343538356161626632633263303631396562363065336138383434373939363062
36616535643066316339626337353761326562653837366130366362303234663066646166633262
65613131306135626130663134303634356363313337653234656561616464363365653139363866
39313631396339656261353938383234353035306233326166373439343631366637383136613762
30383831306236336331613864393537383339383631373538366561376134663130666537313162
34393062656165343431386162646232343561303463663638373237393066353664643336356364
38616466313238613037343163376335353534353564326530653131383262323434343031663439
63653537613839393330326136666539366238633964616330313439386365343234626663626132
37623033393966306366373962663564333165366530353334666166373735373064396563643366
32653165646535303936326264323136353266363538376233303166623461393330343638646262
31313635633739643639626232653039663835376366356333393539623661373938613362316332
62326463333733336365346130646462366531326635393539626564626565653530363463303832
34343366383266386331393063323036636133646161333861336637346632663533323638313838
39366337346436626166353035306637623264623930653965303935643039303763626665383864
39643039616638343537613639616338333737363939653139653763333933376332373362316533
30323933343762316437343236323263663034323464656566343734393662303339633235303631
63663661363832653366333836663962366538653961373661363232366633303336666432303635
62616631656338303637336631353137653662633464303362333635643137383238363564663935
66343662616531396361303236636663616161623732346432313861353662356563616431613662
63653036306363663066353333646261373933313338666632666261363839653834386462373537
35333030613765383035306539316139313162663263373561303335363163323639643264666263
37306139313536663361393636393564376665653035306538386333653437363639353334316530
35646135623035386662313366623135633238623737373632666161353862383265336435363737
36326338353564613564343035666166623632313861616133346361333138396535333631633161
62353939623265356635333165616661616164343762656535613666643432353633626161363764
32666166616565663137333435346262373034316637653064346533306232623130356261386465
66613766396666383661393536393039636331653665376531313131633962316132616564653061
37663761336637363265646438373065653837663862633536653965613462316336663536663139
38373136633035663332376636343434323436396137643637353261333366356462396438376232
34643636313566393537346366363432633335643934363236613938383062303763623339343335
33373364356336313236346362353238366131633138393265666565326532646434633961623465
39343839653365333162306536373765623230346666643035383738356662333530643261643639
66656538373364373261623063363138636531623466393636373563623364393764323862303263
65656438636331373766616561663031313030643736616138633566383035633263343463356635
66623565333635363365663539323036316565663166623962383230343131613962306634366238
66303137663562346639376537653034656333373031336664393933343536366461656530393631
32363532636237666165336463376666373566626338393430386135393064393837613333653334
36303535643636363832613339306435633736376566376561333064393538393836613563376565
66623164323865646135613335313034666631376536306565363261316234366138363338653730
64393964303432313661653564653564393364383436353764663133386636313139316634626538
64323162383732393362373366313966636665653363373065373131623639316437646462653738
35353864623536366531363937623664333661326166623639343133663531663366353665343238
64383162343761363839633739383030643462306332383235323763643531333461613135303066
31653161326565303430383566373463623963366434346335316464373865353733626264343038
32363664636463386261303930623264643834633263613561656162333164646339346539653161
65373261643738613261323633386133306133663835353830383966636236626334623839373866
63633865393261636237663262666435333937363337383861663435663437646333303063323232
66663335366263376563336265323064383963623131313562363837366635666166623532643834
31303530383639376235636536623765373335373630646633663338653536303133386636623130
63306639343132363364653462333739366635326130333436323736363265343635383333613130
62366465323138643535366233356630303734336339393766323636633831653034376363323339
34323338303833663235656533396364633764343663373231633865666232356430623130323462
31386539663863376461613638376434616537343261633932316538303065636665366633393561
37303938353465313061333633623134303130643932336539616262383265663133313036663236
30393862316134346365313864313434393732346366356166383032616133396531373032316431
30336337303564303938643864386435636232343164356634393231356633643636616561653431
33636237366263656463663739663365626130386434356634336463643834343261393937386332
62356462386631643732636164336563373663383362393337636162396137353437653730653561
62613038393761363834363631633866376336306330623237353965626566626138356365663435
64386631333132646136636364396534356531383861633933656163626133656530363639303138
62336266633632636565396566663466653862373034363333353163646637366163363032633966
38386635633539313339363532373137343666623134633437383836313461613066333836633761
33396639323863636563333365333530306430396361623966316266323038333963333834323861
39393866303132613236346434353734333430633333376338303435356530393135333131323632
31343562623732363236396237656365373964383936303961313365393835353661383762663136
65353131613638346163383731356362363431653965386436653065656331656633383764666236
33373363653361353364353034633538626465343335346239373566313833633931383261303231
35636435663939336633663232316532316334353666383834666236353636613830653233613539
34613061386337346162383238613531666231613861373233383066353533643165656163393432
30366334653462633364313437666636366236373238383163656163383265353664386331393661
30613664306437393833313137633631306663323665386561623762626366306461666564656332
32303064393561663237386633383630303137613435666333383337376530326232373738336336
62333930373761643566326134303839663634643939636532333466656366616166313439303161
38666337663965353131636637373431656337363064623465353739373531653561373435613331
39316462373433396461393164323065653364643832626461653230376338613530646337363666
35613234626237316561663133366639613238653363306161343035303662653331316436346564
30613432373735653435626266376335373835366431333765373430366233356563366139386533
66323035336334623363616532333662363433386433313361633664373266303562653738623230
36386233653031313433353336383438313931336132393364333930363138343134393961366130
30373439376361623036623234386635636532646334363639653462303336376261346234663639
33623838303364346234316330303366363235353237393332643634653065393765373533643062
31323064656233396235353763343164366433343236653864313364636562653436646133336264
39666333663738333062636364663661643532306562643532633663626163386666303161326439
31643437373661353462613330343937613663383332633736396336393765656565333965386334
32326261386162303831323430663438373964323137633964613732643863333430303361623237
30653638393866613833303331633135313438376633643636653830383264323031616630653737
37656361343565346264323133306661356165646161626332386463613564643062393335356562
64623236376530633662323862346561383939306662316338346238636138623637653637626331
34373937323764386230613635343630383834343633313066383662386439636334623332393030
34626332663864333661316165636333326236636563343931666631646635313533646166396137
33303330326239656462656366323564633838663364633861326466383362323534373238333461
64653533613131383935616634346439373436393331366132393531333430323930643164313833
61336164633333343335346237383433636339303938643437353665393464613533353966656165
38653336353662373537303563363863393833643061343538613931633066646161396164333634
30306164323831366662323562303765376464373637633831303730633439356130616565353166
61383465303365336461623037346639363834633364646337303162663531353364653230386461
39623261303366343465373837663631303561393131613137343766643634383534613335366463
38666235326166386334653639353263613736323762666132663536373233613736636464316661
30643434656235343463313361333664646561396336343662386139343031343338326266353465
39653563316538303764646465373637353735663939633133333633336630613830376165373361
34613634333265366362393830346464346338323730643633303262616161396563363836366665
31306563393430393939343865346432666564313839623437306236326239646532396632626538
30323636376132306630323731363965353339363061313732323535396333393862633962656362
32623132343332643835396634653736333432306461646461663235376236303065383831653433
33646330363032616638363034633165366538326432393331396265363931303530383332336332
34353234343262663632643934646136663939333163346131346132613762653735653561356161
63626566646262623864333636653965613031326139306634616563316366323830306236633834
30666134323364643465653664653063393831386335333334353734333738356564653366643465
34373834366265653039396331616439333861633734303565366632623635636261333562326232
35376231376662343964666232343638383239633036396333323238316335316361353862313736
30383732373539376536623930313436336463366630396231306662343031376232343062353736
64326161303435393063656439616164356135633663363063643438363665396534313439346136
66353234363464363162356661626636393664303530323565326363393066376462313637633831
66383036313932656635636364333461633438313532623063636466336536663438656630303038
33383839346638613863353866333738363035353130333434313233376631636265663232326162
31333663643837656266663735643237393135333935653938333938643437616430653238623339
61326232376536393337623531343335663566633532623665613563663932663365613634633338
34313236643833393735393334613031633237623862393763643731333137656566376165303964
30323136653435336465366464613737653537663561626434373430363232323937623334323565
31633766353932633838626535356432613161376134303236633431633964343539303765346436
61383763383165316432383335653731346162633533376536393334343534653863623930323566
32396365346633383230313334326164393538633064386564383566386339383766326263326430
62353664666232616334363137643162623861376335613535323162626261666361633662343934
39623163383530653362636365353439303630623037646330383635646434333931626263623334
66343638303732663462343133386365383664336361376264313330366539663564303761386165
63623532333032343130376530363165383961336563306132336136353133663664353935363735
61343966393833616634313863313464666166383338383638643366653766363835343336303063
39316235643738363632633731383435376430303732383638646262306166373261623730393665
63383461646132393261383136316137353138663065323766303137623936393062616663656134
32393764346462623536323065663635346634373130316130626635313934363965666438303438
30613763646166363734376633623164363364393961623337323036383330303763356234653065
36633262613839616631353662613230613139663465633632383839313435373439366164633730
61623538626635336634323235363363343439383833663832626634303731663337396364396334
34366139663935633430316337363934343433343262616463303462386264306632623861366531
66653866643063316339373738646262333437333635643265333831333133383032313038346462
66343339343832346630643336633632346661616665623334386463386138633634303465363731
65383434396666643133663736663933613661363636313735323666663665316463643032323238
34613261613030343963636136396138373062366262613635336166323062383438646165303739
36663334663739316633346261653333633462343933613539333461356537636564383033343665
33383963623364383366303264363763653463376664653032376565363732396138393030333664
36623430613839636335356131373161383932366538336165663061306133353263326264643161
35643761666636633933373066393032613330356164303638343137306336623436643035633261
61616537363937313436616665323161653966653732656638396564323534323930656433333364
62326638633133633138346132373630343231666564316331633235343835396139343134393163
66313837353534643534626364653166393866666136323261626230653537363638646134633562
64363531376633653730353435663961613862346136393239366338346539303336333561333530
38636236306564343730623735653261343136633234623931366433616461306437333232636261
37376162353636306231626133393962356162366134313334646634626333386139613464666433
34356263646266653432303132636264373863646233396437613166663366303463616365663765
34653830373430353965333662376163313138323731633832336464386338353235313062356333
36663138623538343633613163306530643663653333353335333537393565643431393637663862
37653165363035643466346165663837316162623232666565356135616231636466663766306361
32666666396462613566633830343664643631366439323363356565626432353835346530353734
30386633613463636537303332333666393831373737383137343362383130623466373663323964
32303363343436623463633161346232633637363565343464643637613362306364333839653432
63393330613763363162343739386262393436633730626565346666343266643630626162613630
30633736313762396434663565323639646530383261383236313262326263316361356636383531
32393061383566356331386634383031316566353838343035623135626531633962643538633139
62313930643263633536353832393731323361313266343164353066616337333832663765376363
353635383862393331333164376461343863

10
uptime.yml Normal file
View File

@@ -0,0 +1,10 @@
---
# Playbook for installing uptime bot
- name: Install uptime bot
hosts: dorky
become: yes
roles:
- role: uptime
tags: uptime