Merge pull request #36 from lento234/debian

Debian default
lento234 · May 9, 2024 · 6fd88cf · 6fd88cf
2 parents 80e6958 + c59493e
commit 6fd88cf
Show file tree

Hide file tree

Showing 30 changed files with 262 additions and 315 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
diff --git a/.gitignore b/.gitignore
@@ -1,9 +1,6 @@
 .DS_Store
 
 .vagrant/
-hosts.ini
-hosts_debug.ini
-vault.yml
 pass.key
 
 venv/
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022-2023 Lento Manickathan
+Copyright (c) 2022-2024 Lento Manickathan
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/Makefile b/Makefile
@@ -0,0 +1,33 @@
+.PHONY: help
+help:
+	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-15s\033[0m %s\n", $$1, $$2}'
+
+PLAYBOOK=playbook.yml
+HOSTS=hosts.ini
+VAULT=group_vars/all/vault.yml
+VAULT_PASSWORD_FILE=pass.key
+
+.PHONY: run
+run: ## Run default playbook run
+	ansible-playbook --diff -K --vault-password-file $(VAULT_PASSWORD_FILE) $(PLAYBOOK)
+
+.PHONY: dry-run
+dry-run: ## Dry-run default playbook
+	ansible-playbook --diff --check -vv -K --vault-password-file $(VAULT_PASSWORD_FILE) $(PLAYBOOK) -i $(HOSTS)
+
+.PHONY: ping
+ping: ## Ping all hosts
+	ansible all --vault-password-file $(VAULT_PASSWORD_FILE) -m ping
+
+.PHONY: vault
+vault: ## Edit the secret vault file vault
+	ansible-vault edit --vault-password-file $(VAULT_PASSWORD_FILE) $(VAULT)
+
+
+.PHONY: vault-create
+vault-create: ## Create the secret vault file vault
+	ansible-vault create --vault-password-file $(VAULT_PASSWORD_FILE) $(VAULT)
+
+.PHONY: pre-commit
+pre-commit: ## Run pre-commit on all files
+	pre-commit run --all-files
diff --git a/README.md b/README.md
@@ -4,10 +4,7 @@
     <img width="500" align="center" src="assets/homelab-logo.svg">
 </h1>
 
-![Molecule CI](https://img.shields.io/github/actions/workflow/status/lento234/homelab/ci.yml?style=flat-square&labelColor=black)
 [![License](https://img.shields.io/badge/license-MIT-blue?style=flat-square&labelColor=000000)](#license)
-
-![Rocky Linux](https://img.shields.io/badge/-Rocky%20Linux-%2310B981?style=for-the-badge&logo=rockylinux&logoColor=white)
 ![Raspberry Pi](https://img.shields.io/badge/-RaspberryPi-C51A4A?style=for-the-badge&logo=Raspberry-Pi)
 
 ***`Ansible`-based personal homelab setup.***
@@ -16,10 +13,60 @@
 
 ## Description
 
-The project contains a set of ansible playbooks use to setup (and manage) a personal homelab infrastructure. The homelab runs on a Raspberry Pi 4 running on Rocky Linux. Currently using `nord` [theme](https://www.nordtheme.com/).
+The project contains a set of ansible playbooks use to setup (and manage) a
+personal homelab infrastructure. The homelab runs on a Raspberry Pi 4 running
+on Debian.
 
 ![Homepage](assets/homepage.png)
 
+## Setup
+
+1. Setup virtual environment using [uv](https://github.com/astral-sh/uv):
+
+```bash
+uv venv
+source .venv/bin/activate
+```
+
+2. Install python dependencies (incl. ansible):
+
+```bash
+uv pip install -r requirement.txt
+```
+
+3. Use the `make` command runner to setup the homelab:
+
+```bash
+$ make
+dry-run         Dry-run default playbook
+ping            Ping all hosts
+pre-commit      Run pre-commit on all files
+run             Run default playbook run
+vault-create    Create the secret vault file vault
+vault           Edit the secret vault file vault
+```
+
+4. Add hosts into the `hosts.ini` file (example):
+
+```
+[homelab]
+heimdall ansible_python_interpreter=/usr/libexec/platform-python
+```
+
+5. Modify group vars file `group_vars/all/vars.yml`
+
+6. Create and edit vault secrets:
+
+```bash
+$ make vault-create
+```
+
+7. Run `dry-run` or `run` to deploy the infrastructure.
+
+```bash
+$ make dry-run
+```
+
 ## Hosted services
 
 **Server management**
@@ -35,6 +82,7 @@ The project contains a set of ansible playbooks use to setup (and manage) a pers
 **Monitoring**
 
 * [x] [Glances](https://nicolargo.github.io/glances) - An *Eye* on your system.
+* [x] Munin
 
 **Media**
 
@@ -57,43 +105,10 @@ The project contains a set of ansible playbooks use to setup (and manage) a pers
 ## Hardware / software stack
 
 * [x] Raspberry Pi 4 Model B 8GB: [OKdo](https://www.okdo.com/p/okdo-raspberry-pi-4-8gb-model-b-starter-kit/)
-* [x] OS: Rocky Linux 8.5 [wiki](https://wiki.rockylinux.org/en/special-interest-groups/alt-arch/raspberry-pi)
+* [x] OS: Debian bookworm (12)
 * [x] Storage - (primary) Sandisk microSDXC 128GB (`/`, `ext4`)
 * [x] Storage - (data) ZFS pool ~40 TB (`/mnt/store/`)
 
-
-## Setup
-
-1. Use the `just` command runner to setup the homelab:
-
-```
-$ just
-
-Available recipes:
-    create     # Create/start a local development server
-    destroy    # Destroy the local development server
-    dry-run    # Dry-run default playbook
-    help       # display help information
-    login      # Login into the local development server
-    ping       # Ping all hosts
-    pre-commit # Run pre-commit on all files
-    run        # Run default playbook
-    test       # Test inside the local development server
-    vault      # Edit the secret vault file
-```
-
-2. Add hosts into the `hosts.ini` file (example):
-
-```
-[homelab]
-heimdall ansible_python_interpreter=/usr/libexec/platform-python
-```
-
-3. Modify group vars file `group_vars/all/vars.yml`
-
-4. Run `just dry-run` or `just run` to deploy the infrastructure.
-
-
 ## References
 
 ### Homelab / Self-hosted

diff --git a/Vagrantfile b/Vagrantfile
diff --git a/environment.yml b/environment.yml
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
@@ -23,9 +23,12 @@ packages:
   - neofetch
   - nmap
   - python3-pip
+  - python3-requests
   - rsync
+  - smbclient
   - tmux
   - tree
+  - vim
   - wget
   - zsh
 
@@ -43,49 +46,53 @@ python_user_packages:
 docker_users:
   - "{{ user }}"
 
+data_dir:
+  path: "/mnt/data"
+  uuid: "9a6577e3-57bb-44d4-b55e-3e02cc7876ed"
+
 # Docker volumes
-docker_dir: "/mnt/data/docker"
+docker_dir: "{{ data_dir.path }}/docker"
 
 # Media directories
-media_dir: "/mnt/data/media"
+media_dir: "{{ data_dir.path }}/media"
 tv_dir: "{{ media_dir }}/tv"
 movies_dir: "{{ media_dir }}/movies"
 
 # Ports (tcp, udp)
 ports:
   # - 22/tcp    # ssh (disabled)
-  - 53/tcp    # dns (pi-hole)
-  - 53/udp    # dns (pi-hole)
-  - 80/tcp    # http
-  - 81/tcp    # pi-hole dashboard
-  - 443/tcp   # https
-  - 1900/udp  # Plex DLNA Server
-  - 2342/tcp  # Photoprism
-  - 5353/udp  # bonjour / avahi network discovery
-  - 8000/tcp  # portainer
-  - 8001/tcp  # paperless-ngx
-  - 8008/tcp  # nextcloud dashboard
-  - 8080/tcp  # homer dashboard
-  - 8096/tcp  # jellyfin
-  - 8123/tcp  # home assistant
-  - 8324/tcp  # plex for roku (optional)
-  - 8384/tcp  # syncthing
-  - 8581/tcp  # homebridge
-  - 8888/tcp  # nginx dashboard
-  - 9000/tcp  # portainer dashboard
-  - 9091/tcp  # transmission
+  - 53/tcp # dns (pi-hole)
+  - 53/udp # dns (pi-hole)
+  - 80/tcp # http
+  - 81/tcp # pi-hole dashboard
+  - 443/tcp # https
+  - 1900/udp # Plex DLNA Server
+  - 2342/tcp # Photoprism
+  - 5353/udp # bonjour / avahi network discovery
+  - 8000/tcp # portainer
+  - 8001/tcp # paperless-ngx
+  - 8008/tcp # nextcloud dashboard
+  - 8080/tcp # homer dashboard
+  - 8096/tcp # jellyfin
+  - 8123/tcp # home assistant
+  - 8324/tcp # plex for roku (optional)
+  - 8384/tcp # syncthing
+  - 8581/tcp # homebridge
+  - 8888/tcp # nginx dashboard
+  - 9000/tcp # portainer dashboard
+  - 9091/tcp # transmission
   - 11111/tcp # freshrss
-  - 19999/tcp   # netdata dashboard
-  - 22000/tcp   # syncthing
-  - 22000/udp   # syncthing
-  - 21027/udp   # syncthing
-  - 32400/tcp   # Plex Media Server
-  - 32410/udp   # current GDM network discovery
-  - 32469/tcp   # Plex DLNA Server
-  - 51413/tcp   # transmission
-  - 51413/udp   # transmission
-  - 61208/tcp   # glances
-  - 61209/tcp   # glances
+  - 19999/tcp # netdata dashboard
+  - 22000/tcp # syncthing
+  - 22000/udp # syncthing
+  - 21027/udp # syncthing
+  - 32400/tcp # Plex Media Server
+  - 32410/udp # current GDM network discovery
+  - 32469/tcp # Plex DLNA Server
+  - 51413/tcp # transmission
+  - 51413/udp # transmission
+  - 61208/tcp # glances
+  - 61209/tcp # glances
 
 services:
   - dns
@@ -98,7 +105,6 @@ services:
   - rsyncd
   - ssh
   - transmission-client
-
 #### Secrets in vault.yml (add to vault.yml)
 
 # password: ""

diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml
@@ -0,0 +1,11 @@
+$ANSIBLE_VAULT;1.1;AES256
+63326633666533323037616466306330333633383735636137376232663465333737333936393035
+6663303232383533656538393234636266643636316262300a613262363032666339363537333235
+32646261356534323136316130313763303931663034666565633733643530333061353262626630
+6637626238393731310a396332366536663266306633366538353933376533363161656637653062
+34383463656533356264316233343763303735656264663766626462373937663538356532386363
+39303830653938623038313236313938353236313261386263376235333935393562363337663230
+39643237356264633930663833363734343262623530386165333734653165663836383266663365
+62646432373562643837663936393331336131303230366137343237643436333339663733323137
+39643235326264616131376462353131643635313934333038623464663830333963383431316665
+3866623838393139396566336464326665623635396338666638
diff --git a/hosts.ini b/hosts.ini
@@ -0,0 +1,2 @@
+[homelab]
+heimdall