mash-playbook/setup.yml
Alejandro AR f738b24386
Adds FreshRSS service (#107)
* Adds FreshRSS service

* Adds comments to make it more clear
2023-10-10 18:06:11 +03:00

186 lines
4.1 KiB
YAML

- name: "Set up a self-hosted server"
hosts: "{{ target if target is defined else 'mash_servers' }}"
become: true
roles:
# This role has no tasks at all
- role: galaxy/com.devture.ansible.role.playbook_help
# This role has no tasks at all
- role: galaxy/com.devture.ansible.role.systemd_docker_base
- when: mash_playbook_docker_installation_enabled | bool
role: galaxy/geerlingguy.docker
vars:
docker_install_compose: false
docker_install_compose_plugin: false
tags:
- setup-docker
- setup-all
- install-docker
- install-all
- when: devture_docker_sdk_for_python_installation_enabled | bool
role: galaxy/com.devture.ansible.role.docker_sdk_for_python
tags:
- setup-docker
- setup-all
- install-docker
- install-all
- when: devture_timesync_installation_enabled | bool
role: galaxy/com.devture.ansible.role.timesync
tags:
- setup-timesync
- setup-all
- install-timesync
- install-all
- role: mash/playbook_base
- role: galaxy/swap
- when: system_security_ssh_enabled | bool
role: galaxy/ssh
- when: system_security_fail2ban_enabled | bool
role: galaxy/fail2ban
# This role exposes various tags (setup-postgres, setup-all, upgrade-postgres, import-postgres, etc.), so we don't tag it here.
- role: galaxy/com.devture.ansible.role.postgres
- role: galaxy/com.devture.ansible.role.postgres_backup
- role: galaxy/mongodb
- role: galaxy/com.devture.ansible.role.container_socket_proxy
- role: galaxy/com.devture.ansible.role.traefik
- role: galaxy/adguard_home
- role: galaxy/appsmith
- role: galaxy/authelia
- role: galaxy/authentik
- role: galaxy/backup_borg
- role: galaxy/changedetection
- role: galaxy/clickhouse
- role: galaxy/collabora_online
- role: galaxy/docker_registry
- role: galaxy/docker_registry_browser
- role: galaxy/docker_registry_purger
- role: galaxy/echoip
- role: galaxy/firezone
- role: galaxy/focalboard
- role: galaxy/freshrss
- role: galaxy/funkwhale
- role: galaxy/gitea
- role: galaxy/gotosocial
- role: galaxy/grafana
- role: galaxy/mariadb
- role: galaxy/miniflux
- role: galaxy/mrs
- role: galaxy/n8n
- role: galaxy/healthchecks
- role: galaxy/infisical
- role: galaxy/hubsite
- role: galaxy/ilmo
- role: galaxy/influxdb
- role: galaxy/jitsi
- role: galaxy/keycloak
- role: galaxy/lago
- role: galaxy/linkding
- role: galaxy/mobilizon
- role: galaxy/mosquitto
- role: galaxy/navidrome
- role: galaxy/netbox
- role: galaxy/nextcloud
- role: galaxy/owncast
- role: galaxy/outline
- role: galaxy/peertube
- role: galaxy/postgis
- role: galaxy/prometheus
- role: galaxy/prometheus_node_exporter
- role: galaxy/prometheus_blackbox_exporter
- role: galaxy/prometheus_postgres_exporter
- role: galaxy/prometheus_ssh_exporter
- role: galaxy/radicale
- role: galaxy/redmine
- role: galaxy/redis
- role: galaxy/rumqttd
- role: galaxy/soft_serve
- role: galaxy/syncthing
- role: galaxy/telegraf
- role: galaxy/vaultwarden
- role: galaxy/uptime_kuma
- role: galaxy/wg_easy
- role: galaxy/forgejo
- role: galaxy/com.devture.ansible.role.woodpecker_ci_server
- role: galaxy/com.devture.ansible.role.woodpecker_ci_agent
- role: galaxy/roundcube
- role: galaxy/auxiliary
- when: devture_systemd_service_manager_enabled | bool
role: galaxy/com.devture.ansible.role.systemd_service_manager
# This is pretty much last, because we want it to better serve as a "last known good configuration".
# See: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2217#issuecomment-1301487601
- when: devture_playbook_state_preserver_enabled | bool
role: galaxy/com.devture.ansible.role.playbook_state_preserver
tags:
- setup-all
- install-all
- role: galaxy/com.devture.ansible.role.playbook_runtime_messages