first commit

2024-11-29 09:24:14 +01:00
commit 8c3b5f57b5
17 changed files with 407 additions and 0 deletions
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -0,0 +1,54 @@
+---
+# generic settings
+main_username: sbxadmin
+main_groupname: "{{ main_username }}"
+main_uid: "1000"
+main_gid: "{{ main_uid }}"
+
+# weareinteractive.environment
+environment_config: { "PUID": "{{ main_gid }}", "PGID": "{{ main_gid }}" }
+
+# geerlingguy.ntp
+ntp_timezone: "Europe/Berlin"
+
+# geerlingguy.nfs
+#nfs_exports: [ "/home/public    *(rw,sync,no_root_squash)" ]
+
+# geerlingguy.security
+security_ssh_port: 22
+security_ssh_password_authentication: "yes"
+security_ssh_permit_root_login: "no"
+security_ssh_usedns: "no"
+security_ssh_permit_empty_password: "no"
+security_ssh_challenge_response_auth: "no"
+security_ssh_gss_api_authentication: "no"
+security_ssh_x11_forwarding: "no"
+security_ssh_allowed_users:
+  - "{{ main_username }}"
+security_ssh_allowed_groups: []
+security_sudoers_passwordless:
+  - "{{ main_username }}"
+security_autoupdate_enabled: false
+security_autoupdate_blacklist: []
+security_autoupdate_reboot: false
+security_autoupdate_reboot_time: "03:00"
+security_autoupdate_mail_to: "service@softbox.de"
+security_autoupdate_mail_on_error: false
+security_fail2ban_enabled: false
+security_fail2ban_custom_configuration_template: "jail.local.j2"
+###
+#packages
+#package_list:
+#  - curl
+#  - htop
+#  - vim
+#  - bash-completion
+#  - apt-transport-https
+#  - network-manager
+#  - curl
+#  - xclip
+#  - net-tools
+#  - rsync
+#  - smartmontools
+#  - mlocate
+#  - parted
--- a/group_vars/snipeit.yml
+++ b/group_vars/snipeit.yml
@@ -0,0 +1,45 @@
+---
+main_username: root
+main_groupname: "{{ main_username }}"
+main_uid: "0"
+main_gid: "{{ main_uid }}"
+
+package_list:
+  - curl
+  - vim
+  - xclip
+  - rsync
+  - mlocate
+docker_compose_generator_output_path: "/root"
+containers:
+  - service_name: app
+    active: true
+    image: snipe/snipe-it:v7.0.13
+    restart: unless-stopped
+    volumes:
+      - ./storage:/var/lib/snipeit
+    ports:
+      - "8000:80"
+    depends_on:
+      db:
+        condition: service_healthy
+        restart: true
+    env_file:
+      - .env
+  - service_name: db
+    active: true
+    image: mariadb:11.5.2
+    restart: unless-stopped
+    volumes:
+      - ./db_data:/var/lib/mysql
+    environment:
+      - MYSQL_DATABASE={{ SNIPEIT_DB_DATABASE }}
+      - MYSQL_USER={{ SNIPEIT_DB_USERNAME }}
+      - MYSQL_PASSWORD={{ SNIPEIT_DB_PASSWD }}
+      - MYSQL_ROOT_PASSWORD={{ SNIPEIT_DB_ROOT_PASSWD }}
+    healthcheck:
+      # https://mariadb.com/kb/en/using-healthcheck-sh/#compose-file-example
+      test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
+      interval: 5s
+      timeout: 1s
+      retries: 5