From 209609fa4097388197a30bd357a9c5d9ee98a391 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 28 Jan 2022 21:46:12 +0100 Subject: ele-media: re-install based on debian bullseye --- inventory/group_vars/chaos-at-home/network.yml | 1 + inventory/host_vars/ele-media.yml | 169 ++++++++++++++----------- inventory/hosts.ini | 1 - 3 files changed, 97 insertions(+), 74 deletions(-) (limited to 'inventory') diff --git a/inventory/group_vars/chaos-at-home/network.yml b/inventory/group_vars/chaos-at-home/network.yml index 7b4f220d..9f54395c 100644 --- a/inventory/group_vars/chaos-at-home/network.yml +++ b/inventory/group_vars/chaos-at-home/network.yml @@ -23,6 +23,7 @@ network_zones: ch-hpws-mini1: 31 ch-alix1d: 32 ch-raspi-ntp: 33 + ele-media: 99 ch-prometheus: 200 ch-epimetheus: 201 ch-phoebe: 202 diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml index 24d13946..67bb93e5 100644 --- a/inventory/host_vars/ele-media.yml +++ b/inventory/host_vars/ele-media.yml @@ -1,89 +1,112 @@ --- install: + efi: true disks: primary: /dev/disk/by-id/ata-Samsung_SSD_840_Series_S14GNEACC92243K + kernel_cmdline: + - "consoleblank=0" network: - nameservers: "{{ network_zones.lan.dns }}" + # nameservers: "{{ network_zones.lan.dns }}" + nameservers: + - 1.1.1.1 domain: "{{ host_domain }}" primary: &_network_primary_ name: eno1 - address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ network_zones.lan.gateway }}" + # address: "{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + # gateway: "{{ network_zones.lan.gateway }}" + address: "192.168.28.99/24" + gateway: "192.168.28.254" interfaces: - *_network_primary_ -network_setup: elevate-festival - - -dyndns: - server: ch-pan - admin_users_host: - equinox - -nginx_pkg_variant: nginx - - -docker_daemon_config: - bridge: "none" - iptables: false - -docker_storage: - type: lvm - vg: "{{ host_name }}" - lv: docker - size: 20G - fs: ext4 - -acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" - -nextcloud_hostnames: - - media.elevate.at - - media.elev8.at - -nextcloud_db: - db: nextcloud - user: nextcloud - password: "{{ vault_nextcloud_db.password }}" - -nextcloud_admin: - username: admin - password: "{{ vault_nextcloud_admin.password }}" - -nextcloud_lvm: - system: - vg: "{{ host_name }}" - lv: nextcloud - size: 20G - fs: ext4 - data: - vg: "{{ host_name }}" - lv: ncdata - size: 150G - fs: ext4 - - -wireguard_keys: - gwhetzner: - pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg=" - priv: "{{ vault_wireguard_priv_keys.gwhetzner }}" - -wireguard_gateway_tunnels: - wg-gwhetzner: - priv_key: "{{ wireguard_keys.gwhetzner.priv }}" - addresses: - - 192.168.254.2/30 - default_gateway: - outer: 178.63.180.138 - inner: 192.168.254.1 - peers: - - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}" - endpoint: - host: 178.63.180.138 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}" - port: 51820 - keepalive_interval: 15 - allowed_ips: - - 0.0.0.0/0 +apt_repo_components: + - main + - contrib + - non-free ## for microcode updates + +spreadspace_apt_repo_components: + - container + + +zfs_arc_size: + min: 2GB + max: 8GB + +zfs_pools: + storage: + mountpoint: /srv/storage + create_vdevs: raidz /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N2AYHY8E /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4ND0PVLUE /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N6PJ1CSJ /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N3YN09NC + + +# dyndns: +# server: ch-pan + +# network_setup: elevate-festival + +# nginx_pkg_variant: nginx + +# docker_daemon_config: +# bridge: "none" +# iptables: false + +# docker_storage: +# type: lvm +# vg: "{{ host_name }}" +# lv: docker +# size: 20G +# fs: ext4 + +# acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" + +# nextcloud_hostnames: +# - media.elevate.at +# - media.elev8.at + +# nextcloud_db: +# db: nextcloud +# user: nextcloud +# password: "{{ vault_nextcloud_db.password }}" + +# nextcloud_admin: +# username: admin +# password: "{{ vault_nextcloud_admin.password }}" + +# nextcloud_lvm: +# system: +# vg: "{{ host_name }}" +# lv: nextcloud +# size: 20G +# fs: ext4 +# data: +# vg: "{{ host_name }}" +# lv: ncdata +# size: 150G +# fs: ext4 + + +# wireguard_keys: +# gwhetzner: +# pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg=" +# priv: "{{ vault_wireguard_priv_keys.gwhetzner }}" + +# wireguard_gateway_tunnels: +# wg-gwhetzner: +# priv_key: "{{ wireguard_keys.gwhetzner.priv }}" +# addresses: +# - 192.168.254.2/30 +# default_gateway: +# outer: 178.63.180.138 +# inner: 192.168.254.1 +# peers: +# - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}" +# endpoint: +# host: 178.63.180.138 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}" +# port: 51820 +# keepalive_interval: 15 +# allowed_ips: +# - 0.0.0.0/0 diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 44d89a04..09c65ee6 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -313,7 +313,6 @@ sk-tomnext sk-tomnext-nc sk-tomnext-hp sk-torrent -ele-media ele-gwhetzner -- cgit v1.2.3