feat: Add Proxmox LXC container provisioning playbook, related secrets, and documentation.
This commit is contained in:
57
playbooks/README.md
Normal file
57
playbooks/README.md
Normal file
@@ -0,0 +1,57 @@
|
||||
# Ansible Playbooks
|
||||
|
||||
This directory contains automation playbooks for managing the homelab infrastructure.
|
||||
|
||||
## Provisioning & Setup
|
||||
|
||||
### `create_lxc.yml`
|
||||
**Creates and bootstraps a new LXC container on Proxmox.**
|
||||
- **Input**: Prompts for Container Name and IP Address.
|
||||
- **Actions**:
|
||||
1. Connects to Proxmox API to create a new unprivileged LXC container (Ubuntu 24.04).
|
||||
2. Starts the container and waits for connectivity.
|
||||
3. Temporarily adds the host to the inventory.
|
||||
4. Automatically triggers `lxc_setup_ubuntu.yml` to secure the new container.
|
||||
|
||||
### `lxc_setup_ubuntu.yml`
|
||||
**Secures a fresh Ubuntu installation.**
|
||||
- **Target**: Hosts in the `[new]` group (or fresh installs).
|
||||
- **Actions**:
|
||||
1. Creates the administrative user (`mbuz`).
|
||||
2. Sets up SSH public key authentication.
|
||||
3. Disables root login and password authentication for SSH.
|
||||
4. Configures passwordless `sudo` for the admin user.
|
||||
5. **Inventory Update**: Moves the host from the `[new]` group to the `[lxc]` group in `hosts.ini`.
|
||||
|
||||
### `lxc_setup_ubuntu_git.yml`
|
||||
**Provisions application dependencies on managed hosts.**
|
||||
- **Target**: Existing managed hosts (e.g., `[lxc]`).
|
||||
- **Actions**:
|
||||
1. Installs `git` and core utilities.
|
||||
2. Clones the central Docker configuration repository from the local Gitea server.
|
||||
3. Prepares the `/opt/docker` directory structure.
|
||||
|
||||
## Maintenance & Upgrades
|
||||
|
||||
### `apt_upgrade.yml`
|
||||
**Performs system-wide updates.**
|
||||
- **Target**: All Ubuntu hosts.
|
||||
- **Actions**:
|
||||
1. Updates `apt` cache.
|
||||
2. Performs `dist-upgrade`.
|
||||
3. Autoremoves unused packages.
|
||||
4. Checks for and notifies if a reboot is required.
|
||||
|
||||
### `zabbix_agent_upgrade.yml`
|
||||
**Updates Zabbix Agent.**
|
||||
- **Target**: `zagents` group.
|
||||
- **Actions**:
|
||||
1. Ensures `zabbix-agent2` is installed and updated to the latest available version.
|
||||
|
||||
### `zabbix_proxy_install.yml`
|
||||
**Installs Zabbix Proxy and Agent.**
|
||||
- **Target**: Specific Zabbix Proxy host.
|
||||
- **Actions**:
|
||||
1. Downloads and installs the Zabbix release package.
|
||||
2. Installs `zabbix-proxy-sqlite3` and `zabbix-agent2`.
|
||||
3. Configures PSK encryption and connection settings using `secrets.yml`.
|
||||
Reference in New Issue
Block a user