67 lines
2.7 KiB
Markdown
67 lines
2.7 KiB
Markdown
# Ansible
|
|
|
|
This directory contains host-level automation. It bootstraps machines, installs
|
|
K3s, prepares storage, and manages services that intentionally run outside the
|
|
cluster.
|
|
|
|
## Inventory
|
|
|
|
`inventory.yaml` defines three groups:
|
|
|
|
| Group | Host | Purpose |
|
|
| --- | --- | --- |
|
|
| `k3s_server` | `minisforum` | K3s server at `192.168.7.77` |
|
|
| `k3s_agents` | `debian` | K3s agent and NFS storage at `192.168.7.183` |
|
|
| `mac_mini` | `mac-mini` | Docker/Ollama host at `192.168.7.96` |
|
|
|
|
All hosts use the `nik` user and the SSH key configured in `inventory.yaml`.
|
|
|
|
## Common Playbooks
|
|
|
|
```bash
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/bootstrap-minisforum.yaml -K
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/setup-k3s.yaml -K
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/setup-nfs-debian.yaml -K
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/join-debian-agent.yaml -K
|
|
```
|
|
|
|
Additional services:
|
|
|
|
```bash
|
|
export GITEA_RUNNER_TOKEN=...
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/setup-monitoring.yaml -K
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/setup-gitea-runner.yaml -K
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/setup-glances-debian.yaml -K
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/setup-ollama.yaml -K
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/deploy-watch-party.yaml
|
|
ansible-playbook -i ansible/inventory.yaml ansible/playbooks/wireguard.yaml -K
|
|
```
|
|
|
|
## Roles
|
|
|
|
| Role | Responsibility |
|
|
| --- | --- |
|
|
| `common` | Packages, user setup, firewall, base data directories |
|
|
| `k3s-server` | K3s server install, kubeconfig fetch, Helm install, primary node label |
|
|
| `k3s-agent` | K3s agent join and storage node label |
|
|
| `nfs-server` | Export `/mnt/storage` from Debian to the K3s server |
|
|
| `monitoring` | Host directories and ownership for Prometheus/Loki |
|
|
| `gitea-runner` | Gitea Actions runner systemd service |
|
|
| `glances` | Host-level Glances service |
|
|
| `ollama` | Ollama service on the Mac Mini |
|
|
| `watch-party` | Watch Party Docker Compose deployment on the Mac Mini |
|
|
| `wireguard` | WireGuard server configuration |
|
|
| `homeassistant` | Legacy standalone Home Assistant deployment |
|
|
|
|
## Notes
|
|
|
|
- K3s version is set in `roles/k3s-server/defaults/main.yaml` and
|
|
`roles/k3s-agent/defaults/main.yaml`.
|
|
- `setup-gitea-runner.yaml` reads `GITEA_RUNNER_TOKEN` from the local
|
|
environment.
|
|
- The K3s role disables bundled Traefik because Traefik is managed by Argo CD.
|
|
- The Debian storage role exports `/mnt/storage`; several Kubernetes manifests
|
|
mount that export directly.
|
|
- Keep host automation idempotent where practical. These playbooks are meant to
|
|
be rerunnable during rebuilds.
|