From 43647d5eb2c2f252f268bdb9f662379ad181e8ef Mon Sep 17 00:00:00 2001
From: Ryan Toler <toler.ryan@gmail.com>
Date: Wed, 2 Oct 2024 01:29:06 -0500
Subject: [PATCH] Adding addtinal files

---
 .ansible.d/setup.sh             |   5 +++
 .ansible.d/setup.yml            |  46 +++++++++++++++++++++++
 .ansible.d/vault                |  30 +++++++++++++++
 ansible.cfg                     |   6 +++
 bookstack.tf                    |  42 +++++++++++++++++++++
 full-clone.tf                   |  49 ++++++++++++++++++++++++
 packages/setup.tar.gz           | Bin 0 -> 317 bytes
 roles/ind/bookstack-install.yml |  64 ++++++++++++++++++++++++++++++++
 roles/lib/install-docker.yml    |  53 ++++++++++++++++++++++++++
 roles/lib/setup-restic.yml      |   0
 roles/lib/upgrade-packages.yml  |  24 ++++++++++++
 11 files changed, 319 insertions(+)
 create mode 100755 .ansible.d/setup.sh
 create mode 100644 .ansible.d/setup.yml
 create mode 100644 .ansible.d/vault
 create mode 100644 ansible.cfg
 create mode 100644 bookstack.tf
 create mode 100644 full-clone.tf
 create mode 100644 packages/setup.tar.gz
 create mode 100644 roles/ind/bookstack-install.yml
 create mode 100644 roles/lib/install-docker.yml
 create mode 100644 roles/lib/setup-restic.yml
 create mode 100644 roles/lib/upgrade-packages.yml

diff --git a/.ansible.d/setup.sh b/.ansible.d/setup.sh
new file mode 100755
index 0000000..aef1197
--- /dev/null
+++ b/.ansible.d/setup.sh
@@ -0,0 +1,5 @@
+$!/bin/bash
+until timeout 5 bash -c '</dev/tcp/192.168.0.56/22'; do
+    ansible-playbook --key-file "~/.ssh/setuproot.key.priv" -i 192.168.0.56,  ./.ansible.d/setup.yml
+    sleep 1
+done
\ No newline at end of file
diff --git a/.ansible.d/setup.yml b/.ansible.d/setup.yml
new file mode 100644
index 0000000..b0c79ac
--- /dev/null
+++ b/.ansible.d/setup.yml
@@ -0,0 +1,46 @@
+---
+- name: Setup Ansible User and Environment
+  hosts: all
+  remote_user: root
+  become: yes
+
+  vars:
+
+  tasks:
+    - name: Install Python3
+      apt:
+        name: python3
+        state: present
+      
+    - name: Install sudo
+      apt:
+        name: sudo
+        state: present
+      
+    - name: Create ansible user
+      user:
+        name: ansible
+        state: present
+        create_home: yes
+        shell: /bin/bash
+        groups: ["users", "sudo"]
+        password: "$6$F.AQzOBfVmeadQ3N$QYqzkqZ0qQiet0TlfYsWQelTJaBIiWjSVGuahrhCN5Ir7qX6goUjariH0YiD0muqd9c9r9xUWbZm3xExfK3Ri1"
+
+    - name: Set ansible password
+      command: echo "ansible:$(cat ./ansible.pass)" | chpasswd
+      become: yes
+
+    - name: Create .ssh directory
+      file:
+        path: "/home/ansible/.ssh"
+        state: directory
+        owner: ansible
+        group: ansible
+        mode: '0700'
+
+    - name: Set Ansible authorized_keys
+      ansible.posix.authorized_key:
+        user: "ansible"
+        key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjMDDhinpnCPFUMERa/tLYymzRI8oJoAvXZnBH9wpA4 fake@gmail.com"
+        state: present
+
diff --git a/.ansible.d/vault b/.ansible.d/vault
new file mode 100644
index 0000000..7b7e32f
--- /dev/null
+++ b/.ansible.d/vault
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+31376333323862323764646330396335616231663032363037346437343333363961363832363063
+6661616138373738316565356561333863633435366331350a383866336130646139363461633862
+66653933363737616230356438663365383963656538633539663933633531613264343734313132
+3662616330666563340a656265393631393435666237613164656636646338636565373136333735
+39383031623361613634343033623332373131313961346637353333613234346164396562643166
+64396162373930656665303664346562383066646139383839353633383231653437376661633934
+63633764643832626566643862316364316334623931363032616561663330383538363731653237
+37643032326231363931623539333336653466343964346435626236633536363232376465613030
+61323334373261313861373239333963383163353737653232333336623734393665316133613063
+38393566386166613135353161613564643739626463366330306330633137666434393765623761
+33373066646630306264663365363631303864396561656237613263373261656361396562356232
+31303763656532393830653331633839643135646539333066613061326463373939643231383666
+32326233336235633430326639656163386636306532653166323335373863396266656331623232
+30363366663038373736643837386166396231643530306561616261623261363938666538343334
+34383236313561666661373937633732663261613264616531616566653837343637623136363066
+39303134643633663864396466366363653134326630316139323462613764336139303966653337
+39316636643238393836373932383866336234626263363263396438616334353534386263343061
+34336335646435346337376635303935633632636131346364306437633761623531623135366138
+30376438376438313162303932313838323430396466656239393838326266383535656434326565
+65303661333630633331336632326662333031343138386437666465643332633237373864396261
+63356333656665363139396261666661313035653364643361356332356236663739376339616162
+62366131333731343536373638303365373663663330373637346263663634326264303166383963
+30316363643966616162323032316439393862323032383436636334363262616464396461373165
+63656563313764613535353936306262343032306530303831616434366535616464643964616564
+35386661393864343361356366646262643634633332623734653163346338313863343030333330
+38393738313633373863386632383138666339666461633239326364653865373039346235323666
+33346530353564353865616265646238313565363439646364646362663435323861616363383761
+33396133623639623337636439313037613962363035663631396661343765356663336138623434
+6333
diff --git a/ansible.cfg b/ansible.cfg
new file mode 100644
index 0000000..b340ed0
--- /dev/null
+++ b/ansible.cfg
@@ -0,0 +1,6 @@
+[defaults]
+vault_password_file: ./.ansible.d/vault.pass
+#ansible_private_key_file: ./.ansible.d/ansible.key
+timeout = 30
+[ssh_connection]
+ssh_args = '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no'
diff --git a/bookstack.tf b/bookstack.tf
new file mode 100644
index 0000000..31b187a
--- /dev/null
+++ b/bookstack.tf
@@ -0,0 +1,42 @@
+resource "proxmox_lxc" "LXC" {
+    target_node = "pve"
+    hostname = "bookstack"
+    vmid = 217
+    ostemplate = "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst"
+    password = "terraform"
+    unprivileged = true
+    nesting = true
+    cores = 5
+    memory = 4096
+    swap = 1024
+    start = true
+    tags = "terraform"
+    nameserver = "192.168.0.24"
+    ssh_public_keys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINFw70PrMsilcsqCrwW1I6PAt3anQbhmVg+t/HUfomug ryan@mxDesktop"
+
+    rootfs {
+        storage = "nvme"
+        size = "32G"
+    }
+
+    mountpoint{
+        key = "0"
+        slot = 0
+        storage = "Cephtest"
+        mp      = "/data"
+        size    = "400G"
+    }
+
+    network {
+        name = "eth0"
+        bridge = "vmbr0"
+        ip = "192.168.0.56/24"
+        gw = "192.168.0.1"
+
+    }
+
+    provisioner "local-exec" {
+        command = "./.ansible.d/setup.sh"
+    }
+
+}
\ No newline at end of file
diff --git a/full-clone.tf b/full-clone.tf
new file mode 100644
index 0000000..25ca0cf
--- /dev/null
+++ b/full-clone.tf
@@ -0,0 +1,49 @@
+# Proxmox Full-Clone
+# ---
+# Create a new VM from a clone
+
+#resource "proxmox_vm_qemu" "your-vm" {
+#    
+#    # VM General Settings
+#    target_node = "your-proxmox-node"
+#    vmid = "100"
+#    name = "vm-name"
+#    desc = "Description"
+
+    # VM Advanced General Settings
+#    onboot = true 
+
+    # VM OS Settings
+#    clone = "your-clone"
+
+    # VM System Settings
+#    agent = 1
+    
+    # VM CPU Settings
+    #cores = 1
+    #sockets = 1
+    #cpu = "host"    
+    
+    # VM Memory Settings
+    #memory = 1024
+
+    # VM Network Settings
+    #network {
+    #    bridge = "vmbr0"
+    #    model  = "virtio"
+    #}
+
+    # VM Cloud-Init Settings
+    #os_type = "cloud-init"
+
+    # (Optional) IP Address and Gateway
+    # ipconfig0 = "ip=0.0.0.0/0,gw=0.0.0.0"
+    
+    # (Optional) Default User
+    # ciuser = "your-username"
+    
+    # (Optional) Add your SSH KEY
+    # sshkeys = <<EOF
+    # #YOUR-PUBLIC-SSH-KEY
+    # EOF
+#}
\ No newline at end of file
diff --git a/packages/setup.tar.gz b/packages/setup.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..5cf5a6e466fe52a8a882f68d0587f2863cbec84a
GIT binary patch
literal 317
zcmV-D0mA+tiwFR6P4Z>{1MSq$Z-Ous2XN2(D|%n%T4)guCR4z{CeE=LhqnqiKq!o=
z4F39IT#To=i~EuEb9u>YlfHNOmNFhKlAxVa&Rb^!AyhC1O+_67kLw<i5kOe!V2l+a
z6VNnd1-Ae^*FeWMd`*jHl%k^St9z%;_p5+I{U_*sVUzWvDcNBd+uF?3CW*;P=3c&y
zM$>6QJvX_XF{Y|j=H%S)p;M*$_CfYzM=!dv2@9^i55jsmiM3kg-cvbr%U<u|w-*z>
zg?{FL6;$nfvpCBeC-aXF`6rSDclqxqlF0v00Gx+cfiDq)x}e|C<Z(?kl+1Mtjh_v&
z>seN8>v|ZmoN1Hc)HWP?y&kz$T054S-DUml%bX3&ZkhKnSkhH+^P18qX?s~J{sBP{
Pgum$nx|>oO01N;CrG%Rg

literal 0
HcmV?d00001

diff --git a/roles/ind/bookstack-install.yml b/roles/ind/bookstack-install.yml
new file mode 100644
index 0000000..630585f
--- /dev/null
+++ b/roles/ind/bookstack-install.yml
@@ -0,0 +1,64 @@
+---
+- hosts: all
+  become: yes
+  remote_user: ansible
+  gather_facts: false
+
+  vars:
+    docker_compose_definition: |
+      services:
+        bookstack:
+          image: lscr.io/linuxserver/bookstack
+          container_name: bookstack
+          environment:
+            - PUID=2000
+            - PGID=996
+            - TZ=America/Chicago
+            - APP_URL=http://192.168.0.56:8080
+            - DB_HOST=bookstack_db
+            - DB_PORT=3306
+            - DB_USER=bookstack
+            - DB_PASS=Wp6DwHwFCAToFhEYDhcrMI3
+            - DB_DATABASE=bookstackapp
+          volumes:
+            - /data/app:/config
+          ports:
+            - 8080:80
+          restart: unless-stopped
+          depends_on:
+            - bookstack_db
+
+        bookstack_db:
+          image: lscr.io/linuxserver/mariadb
+          container_name: bookstack_db
+          environment:
+            - PUID=2000
+            - PGID=996
+            - TZ=America/Chicago
+            - MYSQL_ROOT_PASSWORD=yNTUxOQAAACADSWp6DwHwFCA
+            - MYSQL_DATABASE=bookstackapp
+            - MYSQL_USER=bookstack
+            - MYSQL_PASSWORD=Wp6DwHwFCAToFhEYDhcrMI3
+          volumes:
+            - /data/db:/config
+          restart: unless-stopped
+
+  tasks:
+    - name: Upgrade-packages.yml - update packages
+      include: ../lib/upgrade-packages.yml
+    
+    - name: Install-docker.yml - setting up docker
+      include: ../lib/install-docker.yml
+
+    - name: Write docker-compose.yml 
+      ansible.builtin.copy:
+        content: "{{ docker_compose_definition }}"
+        dest: /home/docker/docker-compose.yml
+        owner: docker
+        group: docker
+        mode: u=rw,g=r,o=r
+    
+    - name: Start services
+      community.docker.docker_compose_v2:
+        project_src: /home/docker/
+      register: output
\ No newline at end of file
diff --git a/roles/lib/install-docker.yml b/roles/lib/install-docker.yml
new file mode 100644
index 0000000..e9c05b9
--- /dev/null
+++ b/roles/lib/install-docker.yml
@@ -0,0 +1,53 @@
+
+  - name: Install required packages
+    apt:
+      name:
+        - apt-transport-https
+        - ca-certificates
+        - curl
+        - gnupg2
+        - software-properties-common
+      state: present
+      update_cache: yes
+
+  - name: Add Docker GPG key
+    apt_key:
+      url: https://download.docker.com/linux/debian/gpg
+      state: present
+
+  - name: Add Docker repository
+    apt_repository:
+      repo: deb [arch=amd64] https://download.docker.com/linux/debian bookworm stable
+      state: present
+
+  - name: Install Docker Engine
+    apt:
+      name:
+        - docker-ce
+        - docker-ce-cli
+        - containerd.io
+        - docker-compose-plugin
+      state: present
+      update_cache: yes
+
+  - name: Create docker user
+    user:
+      name: docker
+      uid: 2000
+      group: docker
+      state: present
+      create_home: yes
+      home: /home/docker
+      shell: /bin/bash
+
+  - name: Add key for docker user
+    ansible.posix.authorized_key:
+      user: docker
+      state: present
+      key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjMDDhinpnCPFUMERa/tLYymzRI8oJoAvXZnBH9wpA4 fake@gmail.com"
+
+  - name: Start Docker service
+    systemd:
+      name: docker
+      state: started
+      enabled: yes
\ No newline at end of file
diff --git a/roles/lib/setup-restic.yml b/roles/lib/setup-restic.yml
new file mode 100644
index 0000000..e69de29
diff --git a/roles/lib/upgrade-packages.yml b/roles/lib/upgrade-packages.yml
new file mode 100644
index 0000000..773bb4d
--- /dev/null
+++ b/roles/lib/upgrade-packages.yml
@@ -0,0 +1,24 @@
+  - name: Update apt cache
+    ansible.builtin.apt:
+      update_cache: yes
+      cache_valid_time: 3600
+
+  - name: Upgrade all packages
+    ansible.builtin.apt:
+      upgrade: dist
+      force_apt_get: yes
+
+  - name: Check if reboot is required
+    ansible.builtin.stat:
+      path: /var/run/reboot-required
+      get_checksum: no
+    register: reboot_required
+
+  - name: Reboot the system if required
+    ansible.builtin.reboot:
+      msg: "{{ reboot_message }}"
+    when: reboot_required.stat.exists
+
+  - name: Clean up old packages
+    ansible.builtin.apt:
+      autoclean: yes
\ No newline at end of file