A => .gitignore +4 -0
@@ 1,4 @@
+hosts.yml
+group_vars/all/secret.yaml
+output/
+!output/README.org
A => .gitmodules +3 -0
@@ 1,3 @@
+[submodule "roles/infra"]
+ path = roles/infra
+ url = https://codeberg.org/comcloudway/infra
A => LICENSE +21 -0
@@ 1,21 @@
+MIT License
+
+Copyright (c) 2023 Jakob Meier <comcloudway@ccw.icu>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
A => README.org +66 -0
@@ 1,66 @@
+* anaNAS
+Ansible Playbook to provision an Alpine Linux bases NAS.
+
+Keep in mind, that this playbook is intended to be used with a home NAS,
+that is not necessarily exposed to the internet.
+
+[[https://de.wikipedia.org/wiki/Ananas][Ananas]] is the German name for pineapple,
+and as you might have noticed, contains the letters ~NAS~.
+
+* Requirements
+- ~ansible~ (~ansible-core~ is not enough, as I'm using ~community~ packages)
+- ~ssh~
+
+* Running
+As you might have noticed, from the ~.gitignore~,
+this repo does not contain the ~secret.yml~ nor the ~hosts.yml~,
+that is because they are meant to stay secret and you have to write your own.
+
+For more information on the ~hosts.yml~ file,
+see the [[https://docs.ansible.com/ansible/latest/inventory_guide/intro_inventory.html][How to build your inventory]] ansible wiki.
+
+To setup the secret store, run the following command:
+(and add the ~password:~ variable in there)
+#+begin_src bash
+ansible-vault create group_vars/all/secret.yaml
+#+end_src
+
+After creating the password store,
+you can run the playbook
+#+begin_src bash
+ansible-playbook run.yml -K --ask-vault-pass
+#+end_src
+
+To edit the password store at a later date,
+run the following command:
+#+begin_src bash
+ansible-vault edit group_vars/all/secret.yml
+#+end_src
+
+Additionally you have to install ~python3~ on the host machine.
+
+To avoid having to type your ssh password,
+you probably want to copy your ssh key to the machine as well:
+#+begin_src bash
+ ssh-copy-id root@<hostname>
+#+end_src
+
+*** Example hosts.yml
+#+begin_src yaml
+---
+homenas:
+ hosts:
+ ananas:
+ ansible_host: <ip>
+ ansible_user: {{ user }}
+ ansible_connection: ssh
+ ansible_ssh_private_key_file: /home/<your-user>/.ssh/id_rsa
+ ansible_python_interpreter: /usr/bin/python
+ ansible_become_method: doas
+#+end_src
+
+* Additional resources
+- [[https://www.youtube.com/watch?v=Z7p9-m4cimg][Ansible IaC Deep Dive (Wolfang's Channel)]]
+- [[https://www.redhat.com/sysadmin/ansible-templates-configuration][Ansible template guide]]
+- [[https://docs.ansible.com/ansible/latest/collections/community/docker/docker_container_module.html#ansible-collections-community-docker-docker-container-module][Ansible community docker container module]]
+- [[https://codeberg.org/comcloudway/infra][My VPS infrastructure]]
A => ansible.cfg +8 -0
@@ 1,8 @@
+[defaults]
+inventory = hosts.yml
+# disable cowsay - yes it looks beatiful, but is bloats the output
+nocows = True
+
+[ssh_connections]
+# significantly speed up ssh
+pipelining = true
A => group_vars/all/vars.yml +11 -0
@@ 1,11 @@
+---
+username: user
+base_packages:
+ - pfetch
+ - neovim
+ - exa
+ - htop
+ - doas
+shell: /bin/ash
+docker_subid: "100000:65536"
+container_dir: "/home/{{ username }}"
A => roles/infra +1 -0
@@ 1,1 @@
+Subproject commit bcd8089add031e07e977926488797bbc899647e0
A => run.yml +14 -0
@@ 1,14 @@
+---
+############################################
+# SETUP BASE SYSTEM
+# taken from my infra repo
+# has to run as root (and overwrite the user setting from the hosts.yml)
+############################################
+- name: Setup base system
+ hosts: all
+ remote_user: root
+ vars:
+ ansible_ssh_user: root
+ roles:
+ - role: infra/roles/system
+ tags: system