Merge pull request 'fixed wrong volume paths' (#2) from bugfix/wrong_volume_paths into main

Reviewed-on: https://git.local.zernis.ch/simon/homeserver.zernis.ch/pulls/2

ansible.cfg

@@ -4,4 +4,6 @@ inventory = hosts.yml
 vault_password_file = ~/.ansible/vault_pass.txt
 private_key_file=~/.ssh/ansible
 fact_caching = jsonfile
-fact_caching_connection = facts/
+fact_caching_connection = facts/
+host_key_checking = False
+roles_path = ~/dev/ansible/roles

host_vars/10.11.12.35/vars

@@ -4,6 +4,8 @@ domain: "{{ vault_domain }}"
 
 system_user_name: '{{ vault_system_user_name }}'
 system_user_password: '{{ vault_system_user_password }}'
+system_user_uid: '1000'
+system_user_gid: '1000'
 
 admin_mail: '{{ vault_admin_mail }}'
 sender_address: '{{ vault_sender_address }}'
@@ -35,6 +37,7 @@ borg_pass: '{{ vault_pass }}'
 # Gitea
 GITEA_DB_TYPE: '{{ vault_GITEA_DB_TYPE }}'
 GITEA_DB_HOST: '{{ vault_GITEA_DB_HOST }}'
+GITEA_DB_PORT: ' {{ vault_GITEA_DB_PORT }}'
 GITEA_DB_ROOT_PASS: '{{ vault_GITEA_DB_ROOT_PASS }}'
 GITEA_DB_USER: '{{ vault_GITEA_DB_USER }}'
 GITEA_DB_PASS: '{{ vault_GITEA_DB_PASS }}'
@@ -49,6 +52,13 @@ NEXTCLOUD_MYSQL_USER: '{{ vault_NEXTCLOUD_MYSQL_USER }}'
 NEXTCLOUD_MYSQL_PASS: '{{ vault_NEXTCLOUD_MYSQL_PASS }}'
 NEXTCLOUD_MYSQL_ROOT_PASS: '{{ vault_NEXTCLOUD_MYSQL_ROOT_PASS }}'
 
+# Paperless
+PAPERLESS_POSTGRES_DB: "{{ vault_PAPERLESS_POSTGRES_DB }}"
+PAPERLESS_POSTGRES_USER: "{{ vault_PAPERLESS_POSTGRES_USER }}"
+PAPERLESS_POSTGRES_PASS: "{{ vault_PAPERLESS_POSTGRES_PASS }}"
+PAPERLESS_POSTGRES_PORT: "5432"
+PAPERLESS_URL: "https://dms.zernis.ch"
+
 # Nginx Proxy Manager
 NPM_MYSQL_HOST: '{{ vault_NPM_MYSQL_HOST }}'
 NPM_MYSQL_PORT: '{{ vault_NPM_MYSQL_PORT }}'
@@ -67,3 +77,85 @@ WIKI_JS_DB_PORT: '{{ vault_WIKI_JS_DB_PORT }}'
 WIKI_JS_POSTGRES_DB: '{{ vault_WIKI_JS_POSTGRES_DB }}'
 WIKI_JS_POSTGRES_USER: '{{ vault_WIKI_JS_POSTGRES_USER }}'
 WIKI_JS_POSTGRES_PASS: '{{ vault_WIKI_JS_POSTGRES_PASS }}'
+
+# Stirling PDF
+
+stirling_pdf_description: '{{ vault_stirling_pdf_description }}'
+stirling_pdf_name: '{{ vault_stirling_pdf_name }}'
+
+# OpensourcePOS
+
+OPENSOURCEPOS_CI_ENV: '{{ vault_OPENSOURCEPOS_CI_ENV }}'
+OPENSOURCEPOS_FORCE_HTTPS: '{{ vault_OPENSOURCEPOS_FORCE_HTTPS }}'
+OPENSOURCEPOS_PHP_TIMEZONE: '{{ vault_OPENSOURCEPOS_PHP_TIMEZONE }}'
+OPENSOURCEPOS_DB_USER: '{{ vault_OPENSOURCEPOS_DB_USER }}'
+OPENSOURCEPOS_DB_PASS: '{{ vault_OPENSOURCEPOS_DB_PASS }}'
+OPENSOURCEPOS_DB_NAME: '{{ vault_OPENSOURCEPOS_DB_NAME }}'
+OPENSOURCEPOS_DB_HOST: '{{ vault_OPENSOURCEPOS_DB_HOST }}'
+OPENSOURCEPOS_DB_ROOT_PASS: '{{ vault_OPENSOURCEPOS_DB_ROOT_PASS }}'
+
+# Wordpress
+
+WORDPRESS_DB_USER: '{{ vault_WORDPRESS_DB_USER }}'
+WORDPRESS_DB_PASS: '{{ vault_WORDPRESS_DB_PASS }}'
+WORDPRESS_DB_NAME: '{{ vault_WORDPRESS_DB_NAME }}'
+WORDPRESS_DB_HOST: '{{ vault_WORDPRESS_DB_HOST }}'
+WORDPRESS_DB_ROOT_PASS: '{{ vault_WORDPRESS_DB_ROOT_PASS }}'
+
+### Borgmatic ###
+borg_source_directories:
+  - /home/{{ system_user_name }}/docker
+
+borgmatic_bin_dir: '/home/{{ system_user_name }}/.local/bin'
+#local_backup_path: '/backups/borgmatic'
+borgbase_ssh_repo_url: '{{ vault_borgbase_ssh_repo_url }}'
+borgbase_hostname: "{{ borgbase_ssh_repo_url.split('@')[1].split('/')[0] }}"
+ssh_backup_keyfile: '/home/simon/.ssh/id_ed25519'
+borgmatic_passphrase: '{{ vault_borgmatic_passphrase }}'
+backup_user_name: '{{ vault_backup_user_name }}'
+
+borg_exlcude_patterns:
+    - /home/{{ system_user_name }}/docker/*/db
+    - /home/{{ system_user_name }}/docker/gitea/data/ssh/*
+    - /home/{{ system_user_name }}/docker/npm/letsencrypt/*
+
+BORGMATIC_BACKUP_HOST: '127.0.0.1'
+BORGMATIC_GITEA_DB_PORT: '33306'
+BORGMATIC_NEXTCLOUD_MYSQL_PORT: '33307'
+BORGMATIC_NPM_MYSQL_PORT: '33308'
+BORGMATIC_WIKI_JS_DB_PORT: '33309'
+BORGMATIC_PAPERLESS_POSTGRES_PORT: '33310'
+
+mysql_databases:
+
+  - name: '{{ GITEA_DB_NAME }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_GITEA_DB_PORT }}'
+    username: 'root'
+    password: '{{ GITEA_DB_ROOT_PASS }}'
+
+mariadb_databases:
+
+  - name: '{{ NEXTCLOUD_MYSQL_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_NEXTCLOUD_MYSQL_PORT }}'
+    username: '{{ NEXTCLOUD_MYSQL_USER }}'
+    password: '{{ NEXTCLOUD_MYSQL_PASS }}'
+
+  - name: '{{ NPM_MYSQL_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_NPM_MYSQL_PORT }}'
+    username: '{{ NPM_MYSQL_USER }}'
+    password: '{{ NPM_MYSQL_PASS }}'
+
+postgresql_databases:
+  - name: '{{ WIKI_JS_POSTGRES_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_WIKI_JS_DB_PORT }}'
+    username: '{{ WIKI_JS_POSTGRES_USER }}'
+    password: '{{ WIKI_JS_POSTGRES_PASS }}'
+  - name: '{{ PAPERLESS_POSTGRES_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_PAPERLESS_POSTGRES_PORT }}'
+    username: '{{ PAPERLESS_POSTGRES_USER }}'
+    password: '{{ PAPERLESS_POSTGRES_PASS }}'

host_vars/10.11.12.35/vault

@@ -1,97 +1,146 @@
 $ANSIBLE_VAULT;1.1;AES256
-31313238646530346634656533383963323935343161376466376532653330366266306162613665
+62363039313461363031633062353466326637326665653939353964383036333565306639663965
-3235633636663738363132623438346265323438643665330a643062373330313038303131356430
+3836313239333761323835643366633538663565363335390a613233663337306230393936646463
-63303036303839626264333163313135643932636263306535393363393065343235306162643636
+64316439363634313062333664613363303539396537666166323765663434333665656335393636
-6366636261383837370a636662396437636363353566376134633733373738656331383762333735
+6234393733633262360a396634663065653537333032383361353133633737376335363563386364
-32333963333935636265393963323536386561323464663132363331653562616466623263326561
+38613561306234636461333861396237343936633131636164383034623736316661313963396466
-36663936636664633030353734303861643566303364663834666161313830386630646133643336
+30343064626434303061313365663833313334383334386239306339346464323538623763383832
-30626562326133656666393939646332346561316430333234643837616435636334323662396361
+36376535633864663537623662663562393537316238356239356262383833366164653565306165
-62393566356363366664623637323266653066616634653430346133393139353333616236633261
+64373036383938313166373134613664363831363862373761616364376137356366343162353733
-37333865656163316230373631363334323835636637613239363763646638313834326231336665
+30626464333630303330623666343739326632633665376261613263653732356235393065663165
-65666630383636633762626636323363613230373662653733353132356461653137666636663835
+38346133323139323765306536613361336436323935316266343630306363646236316165613461
-39613330366135316439326665633733383761323563353139396331613236306137396564386537
+37643936376339633664313738303738393431366133336431613833383162623061613666636265
-37396665613863336564363466356438376538353636363634616131343239326532663439323939
+33393066653463636364643634663863316662356631353166343536313930303435353735353166
-36613138643962366330663563346266323231316436313832323735626662356533616532636134
+65313133373766646163393262383631333262306166343039343639653139636338663238303962
-30343731333331323132366432633739333736396436653835616438363837303634623234363334
+39353233396238383366643637336131663931343530323937363531353538633662386638663833
-66656534336334303136336662333534353137363062356233613331356238333132396562643033
+35323138333063316431666436336434313936666139386665626233623835626332336263303165
-35656332636333376330333964393038656261626166336536663066333237616630313164623136
+33323866646335326433643464626639346630636133343634323032613132363232646163316266
-61613066313266643761383835363834343530393062363064303331636238333436613363396634
+63336662336638383430616233613137346535623138663435303131363165656235356338653631
-30616133666261326461313332346665313238383034343733303363643132333633633737646538
+63613131663166636233356130653639366135343435363266626530366337633932633766333764
-33633739623436346530623661333939623564373733373731323365633537373963376635386136
+36643336346239613763616562383438346165633434336632393532313237613164646665363339
-30663035643539363966396632663432656230613330313438393438323764656339363362383464
+31363332643331316437313464633139356631326436373261393533323265613365383530373030
-38663230383063353332343761643038353133373066363839653038656664653630383066313063
+63363163376338363738373930646363326636616639363431333135616361393165323334353963
-36613730656139346264353363366536336461383866666263613761656561333132313166396330
+36386130356534653937356238313336333135363135363637386239613361356237323865656331
-31653161373432343864633333356536393931636138313430616363383662663937393034623461
+64623538663361326334646635373830373736663463313163353331343064373032623235663261
-63363837383637363335623938633836346539633238303662613737373736643630333461353039
+65396634366334346662373636336532393434373265376232363734333831656466666433623764
-66633764666134633562343461326163663135313335643861663730636338386134386266623363
+64623838303637643134376562626639643139656537333163663261383333343864333639393436
-66623161366463646632353861633432653830323136323435346533643866636630613763643630
+63646335343639626230376436303065346232626261363131643631353731323733396232663230
-66326366353937313334646238363330326236623563303832346266663830383266373539636131
+35363530343336383866353639353066333836343363623438316134393261366630663237316230
-64343936653332613830616463373437626462346564313363653133313531393966373063653962
+66633563333466656361643266356134623634643066643264363830373536616264613331643464
-32633265343137646636653437366632306161653662383366373361643536323664656238643463
+64323837666330316364633234636633373139303530396664623066373037616530623661326335
-31383339656539613032656165666363313763666131363336633065303038396536383434346637
+39356666396231343665336438336233633936333135653966656465333762303461373335386233
-66666335363832343466336330643662366433363031313965393664333634346636653461353236
+65666264313837666538363435643762393938616435323761393366663833353266616266653135
-63356363646564343165346136636536356535613066666364663332646565666631306630626330
+62316364366333653363613737383238336633666333333963326261366166666337333230666262
-65626262623061306264613362366262623766613430353163333039613866323436343332353865
+35356638656432383164656663303133323062623435653331356631323762306231366134623236
-63326631356437346235646564623266643361353631646331333233393762613136333436333965
+64663263653161323862613334376363333438353261316138343234376337383565316566623035
-31383161303266646532653266323637373730343434666533643739386131383365336536326131
+63386234646239363535333832313533313661646635323334383463633533316432333765643830
-62386565356133303462356161303936356635393238323831303832633165363464363461653862
+38336636616530646336633831373836626430303266373835363266663335363830373938636431
-37343632346632383133343434333332616666396361663031333761336436643336636361643766
+34313030336536643438346539336365386435643834303139623238343635323030613232363136
-66303633656130396362623664313833313934633862303435643236356663663737373831663030
+30646337396366356164373734323431323935626537643338646334346562633735663661646536
-63663166623836383564373964643435353863373262376434313331386330383736373332353433
+37373830633638303361346465343361323461393364363963383030663232373533393362313864
-62663034633139323566663133393731306361323939373634346236396336383737303966663035
+35623965303766343265346161343939353138346361386561316662656562626239663866323833
-31316162303937393539323437643961616665646537646135346532313462336238303234393636
+37313361626431373833396364653239336561363739663133323332323339343866336264333736
-39336361393339306664306539643834303061373432373630336431306630396438623432346433
+31633539646439326164363437633765303062343836656165616639663964653331356161326362
-35386136656531353261656564366261626166343235353231393561333239623365323230386632
+38373539353665303562346361613830306461616231313839646530323665323231633539613466
-65636234353935616566656437613833363863616562353334366465343732303530613335623362
+33346139653763623266616136363833633032326365343836613630643664313630323030356638
-65663965646463343239636431613433363732333733643865336535393936666562623637643063
+65613062323630396137363764663730383237333136396634316663613237623730663865356163
-35653636386633363531313737323331356530666563323964636263383831613432303164663731
+39323061383965373233393434336363386366343630386339663838323565313837656131313230
-38383230353064376335326230616332393134623938383465643562613639356266303533636336
+61623863343065303736356230663933646437383039396437313034303234356564333338303733
-38356235616535326662326235666133363832653536643936646264636135333263656661313931
+39633663643461656132346538303434643565316165346563656565616539303964376334366335
-61356262623564376632323330313330396534323730663736656339663937386339616664346530
+39393139386464383166396165303861373634323530613434373363336333303433613330333330
-38666566663737383661363263363065613230313866353933643837616665643738363862633435
+38303334626336646635356566666238383334623635313464323932353832366539336366323862
-64663065303265316465343862386338346663303264616661623039636162613866343166316165
+38303236656664306131306638633433343434386265353332313532643364336335343863306661
-66346361333234353732616162313332336435373662623363613937653234626334633932623239
+65626464313564643966386333626366613732633235633961353136353537366166393266653765
-62666138613931376662343565333664656666323962666163376263653131353461393566663232
+36666266386664393134303665366263623262306662633262613063633566303533613733636462
-65316432633231363035363162336632653362633962363633366261633738336338393439383831
+61653563303938313633306136383164616361313334636531376436383030356633343737316531
-35366163663835313364353665633239326132626639633061376338353231613237633432313765
+66656431363133373438613631326362346333376332353238653733633961386330336233613730
-34626530356134313662303164373662386630613833633034636366353562343665373766343264
+35373361623331353531363062306331323234326438366463373337363731313330373962393330
-63313466653166303237643561316330353635656566653635653035333430636336393066396238
+34343032303034666630343634313566333233333732626133306135316464336537393038383133
-39656466656264626663343837333362353962633162383233373462353834663634663037666330
+63336663363633396339616137306530393863316266346462353232333061386331343832366162
-35653632353237636338623866656635353163626562653332373837313731616662383336303535
+33363938346661646362353331656262623730306438373135316634323137386134623366653135
-63366432656239336230613336653939343862356635363230363638376566326163626666616465
+35326531653331626165656634643064363866333062323634316533633930306235646131396530
-33383732363764326364663363386436616264363964363230313463343438633139663439306566
+64613535623536396532383532356161663439376130613432656431363734643934316164346465
-39633936316265663063643266643038636533393163373162613036623961303166623962646139
+32333961336438363838626564633161656437653963333162313362633365346334373564386530
-64373462343364313765633135653539316533326666363437376565633534366264363238306564
+66663932663239323238643333306461356564616634643236636233376666626335633662653365
-63346431616535653236666333356538376639343962383464643362353362633563313531373935
+34353931333063623266646265653064383839393461656230353661656365393737613331323664
-32376262373338353439616234333432646233346234653162336331313232383131623065376336
+33313963303833666532386463663335346331626237346532613261393763363166376563346632
-66393561316366656533316332363263656565653562316636396435633633306463643532313463
+61383765633461313932326264646334326563303035353537363466633636396635393237623737
-38636635663935343766353537356365353265313065663265643033333130666231346663306262
+63623131633266616562633261333235633465633065336133353763363534383138613438626330
-62323433306430386261346632316339393731653635613666333739323236393864323462656261
+63383939316630373165343462393335323061666134663435373930343132663365653861656431
-33626263316231323436303161306666663838353934663130636338383931386330613539376430
+66346534353864663862386534626332653333363461666163313038656430383261306639326535
-37393664393334653761653230663339616530316236303333666138393134366235343236663539
+64653630396465373034353831613635363735613363383563633362656430383437343733636239
-63666163363462643636343934613237336534656132386538323338663166353264346338376662
+30366237333163663135393635306533636362643238383364396535333639323133396363623630
-66383966643561333565633333366336656331663238396339643535393931626437316535633439
+32333763646231323365646161363734373635633266353364663032373738363362303666376137
-61363532313439343361633565306534353561666432643033396335386365373262373462373233
+65383339653666393230626164383031653863323665656463356366353036323535626265613335
-38663734353562626239363230656466643733326132396230363765323732323039353166633030
+31303837393763656639393761633831653134633731316232643462626234623837306261343937
-63363236623132356662626439356438333137343235336337343131346435343236636337653837
+31646331303237646161663535333366376233636430666539653961333038663833333938346463
-36303834396136656637636266626665323939333361303666386533386230333733346339663930
+34326135633061396261333064616233353435346266313264653665666566353336353164323164
-63346537336637313831326162663766316230303164623061383034333131303330336264303535
+36363531383663636331326630346630336635306230366337613938643230386363343236613965
-33366537336664633466396235353535363162363835333138333532396336356561336261386631
+34306138343964396133313937656430373131393933623338386632343165376230633166306565
-37376565653131623662633135383931396264303231303233633765333539326262393730356565
+31336236346131383135313430666161343963383430383733363466636266323066666162363566
-62393731626539303266626535393637333931393334326236623234636364663564326231366130
+36343963366361376538633861313265636132376432353533623563613864633164613462616161
-31313466376365356162386139363865303635663966343462323764323732323566323734363237
+39353966613237643834366365613836633433636530346166643436363864366138356338646331
-30383935303533633566633635623535356130336330386264373962306437376439333830303931
+31356239393264343862663138393435393265663766616463323730663433656237663965613839
-33643166633065643762313664623764363938613733633632633635356334383464333938366438
+62396463643461326633383332316566366231343332373163643662373831366266393433353438
-34313238666535316132386534383034373034623163336630393434666535386264616536353862
+38626131346535306361366539323335636666393261306233373232653233303430633539613930
-38366133386561333734383838303136613731643239613039306462313463306362363264663865
+37653366656238616631376562336362343933393835306261303463363263653836393430333936
-31363438633135616636646464393861313431316434363964333934373164663537393566333835
+35363536316664356462656533636361323661306162613630656164326135303363336563326264
-39613864653165336663316230333234656538613461393631313339383031646539303337333936
+66323665623535663135313236323062666131323135393134323532316638626535323633363035
-34396532383066363562333939376561623832363634376637316566336231666136353037363561
+39383330636135663737363065366530373466363161353265666239616632613733393038643236
-30346238643138363137393033646135623965636536376639386661613636323139323337633366
+61323062666539333765336530363761666365373535356537613030313731396638663064346334
-33353662323130343065316161386331626539316337326136653362623862336161643861326233
+30326431323132656331373232393133373261636135363761653266383631363530393935363865
-62363334656464663430313733373937323865323930653430343231323435343235396338343736
+63376265373132393435636463306532303437343539636230616234626232383637623063343234
-63363561353536353631626633646439333035356238323966316561623833353836363337313339
+65313266376563663063366138376361306339343030616265303730646630666430646233353336
-62646566323030653366363438396461353433323033333731396163663531623265336537653631
+33333961356439623930323661313839376438396139303239346237653264626366313166333964
-36373331393137653632376163336664613339616636383963303165656161663937373064303562
+33636132376164653739303738613163383234326563306432396661656632633038353133336530
-30643238393963626363313662306138383039333537386365303433663262353534653334656434
+39393437373832333961613532653265633938393639626337386362363932366561323532343336
-38393430343265353336
+64303262373766643931323939663730656466393430366339323361323636303861616463663065
+32383630303532323634643233636464386234373065343839393233313163303566663963656661
+37306539353033656662316639316266643862626334663766383735396332653135333235366363
+37393937376336353837653737366262306162363435616232323165633632636363623739363430
+35353536383664343339396439636261656137316332376566366138616632666431666632633963
+62623965643439343131646631353032616131346338303161363038623634336532633363396333
+31323634376130363030333164616465623730666637306338626366656262343930663131393934
+38373432646266356133663039323030366535383939663534316634316665646637653564303062
+38313031343835306266303161326461333463653265376264376334663835653333626333613261
+38376339326430353861626631633461333934313435623262633964303939386361613862386564
+66373339326333623233326462386535353730626634656261323235353534366163353161303633
+38613463306136336635363833366565313465363463353532316533366665613765336430313835
+30353032643263636435326263626136666466346161373330376663346461656666353335663333
+31393366333366333831383636333766353938663534343766383937613939323365366132323037
+63633866343034626162643039623935313263373061346130303231376563353933313762363237
+35363134353364653832616165323236333233303338623835343438643566373732303166353765
+32623238346631363331356131313561626535303032346133636636383466633931346462613035
+34353438363832656637393233613263366136323332353031356234373739373263393138626562
+63633364623961616237393231643237386336313833656362313939386336366330346165616464
+30356337646566353666613265386662623030373839316365393339393463343731666535353731
+37306665343532326138346231386634626333616639336237316634323438353635363365613834
+38363330616262333766323633386665316137363731356339343736333462313034363436386630
+32633764646665383836613838373630353435613234373832656339663138646663383037643364
+61616332623439313232316663663266343962663065363939396632646465313064353838613662
+61373034336136343230353235346164626434363237323931633661303062376365653134376563
+31396536393866323330363061623261313266303064303437376633313030646237666630666438
+36313234346264626262353536356166326565326538363761633539356362343533636636396237
+66393537343436396436616535633738333062343439366261373836316237323165663435383437
+35313430663334626337353766363737363332313537623637323634306363663033623264396261
+37346338633831356165383333393764633734633434323664363562396165386532306463626433
+31643835363936353034636162623137623035623165313937323866373034386432393263363235
+37623632666331376539616435316238356536303934386538313032346432396366643430323763
+39616563373962633735313634393435623966306333313337393234376534366664326664656362
+66383938623461303361323331303039636339313238353332393333363830663034633766613861
+63346663373132346365316239316264366665396666636138373435343938616462623961323733
+64323331393066313666353831633731323537313365383561666363353539626333663134613262
+61373064373966346362623030663936343435366266386634326235376664363335333038383939
+63623564633133636665383564356465363763373832386633656233663764653935333464666138
+31356131313463356231396466633630363430316636653437386436373230353963383836316331
+66336231376661366463356231336662356338323831643164313764343431323661373761613562
+32646237346164373463643464623235343166363532383965373333396339666361353137343239
+35336334633033613462613334656465666263363764363835383638393065303261323239326437
+31306436383566643563613933356463366664656134393935663666623863656637613764626565
+62343665383362376132623137633431393033396234616635376165393538396233636264663461
+62313531383039396333346139303764623133353765323666626465646336613566633464623138
+61313966383666363261336363323934666161643638326634303534376237636533333666333438
+65373234653532303533383161313164366464386530613230373663336331303336373262636131
+61346364323730316564636462363333353336323065616130393238323737366234656135626338
+64326437383138393631613963396163646263353436393064313763373231383333346137336534
+66663365633333353431343934303830386363663939666139633030326433376333

hosts.yml

@@ -26,4 +26,17 @@ all:
         10.11.12.35:
     chatpad_hosts:
       hosts:
-        10.11.12.35:
+        10.11.12.35:
+    stirling_pdf_hosts:
+      hosts:
+        10.11.12.35:
+    borgmatic_hosts:
+      hosts:
+        10.11.12.35:
+    paperless_hosts:
+      hosts:
+        10.11.12.35:
+    opensourcepos_hosts:
+      hosts:
+    wordpress_hosts:
+      hosts:

main.yml

@@ -20,6 +20,13 @@
     - borgbackup
   tags: borgbackup
 
+- name: Configure Borgmatic Backup
+  hosts: all
+  become: false
+  roles: 
+    - borgmatic
+  tags: borgmatic
+
 - name: Update the system
   hosts: all
   become: true
@@ -76,4 +83,32 @@
   become: true
   roles:
     - chatpad
-  tags: chatpad  
+  tags: chatpad  
+
+- name: Configure Stirling-PDF
+  hosts: stirling_pdf_hosts
+  become: true
+  roles:
+    - stirling_pdf
+  tags: stirling_pdf
+
+- name: Configure OpensourcePOS
+  hosts: opensourcepos_hosts
+  become: true
+  roles:
+    - opensourcepos
+  tags: opensourcepos
+
+- name: Configure Wordpress
+  hosts: wordpress_hosts
+  become: true
+  roles:
+    - wordpress
+  tags: wordpress
+
+- name: Configure Paperless
+  hosts: paperless_hosts
+  become: true
+  roles:
+    - paperless_ngx
+  tags: paperless

roles/borgbackup/tasks/main.yml

@@ -52,7 +52,7 @@
     user: "{{ system_user_name }}"
     name: "borgbackup the docker dir to nfs share"
     minute: "30"
-    hour: "4"
+    hour: "2"
     job: "sudo /usr/local/bin/backup_to_nfs.sh > /dev/null 2>&1"
   notify: Restart cron
   when: backup_via_nfs == true

roles/borgbackup/templates/backup_to_nfs.sh

@@ -47,7 +47,7 @@ if [ "$mount_successful" -eq 1 ]; then
     done
 
     # Backup-Integrität überprüfen
-    borg_check_result=$(borg check --last 7 "$backup_repository" 2>&1)
+    borg_check_result=$(borg check --repository-only --max-duration 7200 "$backup_repository" 2>&1)
 
     # Backup-Status und Speicherauslastung prüfen
     if [ "$backup_status" -eq 0 ]; then

roles/borgbackup/templates/backup_to_smb.sh

@@ -48,7 +48,7 @@ if [ "$mount_successful" -eq 1 ]; then
     done
 
     # Backup-Integrität überprüfen
-    borg_check_result=$(borg check --last 7 "$backup_repository" 2>&1)
+    borg_check_result=$(borg check --repository-only --max-duration 7200 "$backup_repository" 2>&1)
 
     # Backup-Status und Speicherauslastung prüfen
     if [ "$backup_status" -eq 0 ]; then

roles/defaults/tasks/postfix.yml

@@ -57,10 +57,17 @@
     state: "{{ postfix_service_state }}"
     enabled: "{{ postfix_service_enabled }}"
 
-- name: Update /etc/aliases | set email adress
+- name: Update /etc/aliases for root user | set email adress
   become: true
   ansible.builtin.lineinfile:
     path: /etc/aliases
     regexp: '^root:'
     line: 'root: {{ admin_mail }}'
+  notify: New aliases
+
+- name: Update /etc/aliases for {{system_user_name}} | set email adress
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/aliases
+    line: '{{ system_user_name }}: {{ admin_mail }}'
   notify: New aliases

roles/docker/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Restart cron
+  ansible.builtin.service:
+    name: cron
+    state: restarted

roles/docker/tasks/main.yml

@@ -59,4 +59,13 @@
   ansible.builtin.file:
     path: /home/{{ system_user_name }}/docker/
     state: directory
-    mode: '0755'
+    mode: '0755'
+
+- name: Create cronjob to prune unused docker stuff
+  ansible.builtin.cron:
+    user: "{{ system_user_name }}"
+    name: "prune unused docker stuff every night at 00:15"
+    minute: "15"
+    hour: "00"
+    job: 'sudo docker system prune -af  --filter "until=$((30*24))h"'
+  notify: Restart cron

roles/gitea/tasks/main.yml

@@ -30,6 +30,8 @@
       - /home/{{ system_user_name }}/docker/gitea/db:/var/lib/mysql
     networks:
       - name: gitea_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_GITEA_DB_PORT }}:{{GITEA_DB_PORT}}"
 
 - name: Create Gitea Container
   community.docker.docker_container:
@@ -42,6 +44,8 @@
       - '11004:3000'
       - '222:22'
     env:
+      USER_UID: "{{ system_user_uid }}"
+      USER_GID: "{{ system_user_gid }}"
       GITEA__database__DB_TYPE: "{{ GITEA_DB_TYPE | string}}"
       GITEA__database__HOST: "{{ GITEA_DB_HOST | string}}"
       GITEA__database__NAME: "{{ GITEA_DB_NAME | string }}"

roles/nextcloud/tasks/main.yml

@@ -30,6 +30,8 @@
       - /home/{{ system_user_name }}/docker/nextcloud/db:/var/lib/mysql
     networks:
       - name: nextcloud_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_NEXTCLOUD_MYSQL_PORT }}:{{ NEXTCLOUD_MYSQL_PORT }}"
 
 - name: Create Nextcloud Redis Container
   community.docker.docker_container:

roles/npm/tasks/main.yml

@@ -30,6 +30,9 @@
       - /home/{{ system_user_name }}/docker/npm/db:/var/lib/mysql
     networks:
       - name: npm_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_NPM_MYSQL_PORT }}:{{ NPM_MYSQL_PORT }}"
+
 
 - name: Create NPM Container
   community.docker.docker_container:

roles/opensourcepos/defaults/main.yml

@@ -0,0 +1,4 @@
+opensourcepos_folder:
+  - uploads
+  - logs
+  - mysql

roles/opensourcepos/tasks/main.yml

@@ -0,0 +1,64 @@
+---
+- name: Create opensourcepos directories they do not exist
+  become: False
+  ansible.builtin.file:
+    path: /home/{{ system_user_name }}/docker/opensourcepos/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: '{{ opensourcepos_folder }}'
+
+- name: Create docker network 'opensourcepos_internal'
+  community.docker.docker_network:
+    name: opensourcepos_internal
+
+- name: Create docker network 'proxy'
+  community.docker.docker_network:
+    name: proxy
+
+- name: Create SQLscript Container
+  community.docker.docker_container:
+    name: sqlscript
+    image: jekkos/opensourcepos:sqlscript
+    command: /bin/sh -c 'exit 0'
+
+- name: Create opensourcepos DB Container
+  community.docker.docker_container:
+    name: opensourcepos_db
+    image: 'mariadb:10.5'
+    state: started
+    restart_policy: unless-stopped
+    env:
+      MYSQL_ROOT_PASSWORD: "{{ OPENSOURCEPOS_DB_ROOT_PASS | string }}"
+      MYSQL_USER: "{{ OPENSOURCEPOS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ OPENSOURCEPOS_DB_PASS | string }}"
+      MYSQL_DATABASE: "{{ OPENSOURCEPOS_DB_NAME | string }}"
+    volumes_from:
+      - sqlscript
+    volumes:
+      - /home/{{ system_user_name }}/docker/opensourcepos/mysql:/var/lib/mysql:rw
+    networks:
+      - name: opensourcepos_internal
+
+- name: Create opensourcepos Container
+  community.docker.docker_container:
+    name: opensourcepos_app
+    image: 'jekkos/opensourcepos:3.3.8'
+    pull: yes
+    state: started
+    restart_policy: unless-stopped
+    ports:
+      - '11007:80'
+    env:
+      CI_ENV: "{{ OPENSOURCEPOS_CI_ENV | string}}"
+      FORCE_HTTPS: "{{ OPENSOURCEPOS_FORCE_HTTPS | string}}"
+      PHP_TIMEZONE: "{{ OPENSOURCEPOS_PHP_TIMEZONE | string }}"
+      MYSQL_USERNAME: "{{ OPENSOURCEPOS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ OPENSOURCEPOS_DB_PASS | string }}"
+      MYSQL_DB_NAME: "{{ OPENSOURCEPOS_DB_NAME | string }}"
+      MYSQL_HOST_NAME: "{{ OPENSOURCEPOS_DB_HOST | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/opensourcepos/uploads:/app/public/uploads
+      - /home/{{ system_user_name }}/docker/opensourcepos/logs:/app/application/logs
+    networks:
+      - name: opensourcepos_internal
+      - name: proxy

roles/paperless_ngx/defaults/main.yml

@@ -0,0 +1,7 @@
+paperless_folder:
+ - data
+ - db
+ - redisdata
+ - media
+ - ./export
+ - ./consume

roles/paperless_ngx/tasks/main.yml

@@ -0,0 +1,71 @@
+---
+- name: Create Paperless directories if they do not exist
+  become: false
+  ansible.builtin.file:
+    path: /home/{{ system_user_name }}/docker/paperless/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: '{{ paperless_folder }}'
+
+- name: Create docker network 'paperless_internal'
+  community.docker.docker_network:
+    name: paperless_internal
+
+- name: Create docker network 'proxy'
+  community.docker.docker_network:
+    name: proxy
+
+- name: Create Paperless Postgres Container
+  community.docker.docker_container:
+    name: paperless_db
+    image: 'docker.io/library/postgres:16'
+    state: started
+    restart_policy: unless-stopped
+    env:
+      POSTGRES_DB: "{{ PAPERLESS_POSTGRES_DB | string }}"
+      POSTGRES_USER: "{{ PAPERLESS_POSTGRES_USER | string }}"
+      POSTGRES_PASSWORD: "{{ PAPERLESS_POSTGRES_PASS | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/paperless/db:/var/lib/postgresql/data
+    networks:
+      - name: paperless_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_PAPERLESS_POSTGRES_PORT }}:{{ PAPERLESS_POSTGRES_PORT }}"
+
+- name: Create Paperless Redis Container
+  community.docker.docker_container:
+    name: paperless_redis
+    image: 'docker.io/library/redis:7'
+    state: started
+    restart_policy: unless-stopped
+    volumes:
+      - /home/{{ system_user_name }}/docker/paperless/redisdata:/data
+    networks:
+      - name: paperless_internal
+
+- name: Create Paperless Container
+  community.docker.docker_container:
+    name: paperless_app
+    image: 'ghcr.io/paperless-ngx/paperless-ngx:latest'
+    pull: yes
+    state: started
+    restart_policy: unless-stopped
+    ports:
+      - '11007:8000'
+    env:
+      PAPERLESS_URL: "{{ PAPERLESS_URL }}"
+      PAPERLESS_DBENGINE: postgresql
+      PAPERLESS_REDIS: redis://paperless_redis:6379
+      PAPERLESS_DBHOST: paperless_db
+      PAPERLESS_DBNAME: "{{ PAPERLESS_POSTGRES_DB | string }}"
+      PAPERLESS_DBUSER: "{{ PAPERLESS_POSTGRES_USER | string }}"
+      PAPERLESS_DBPASS: "{{ PAPERLESS_POSTGRES_PASS | string }}"
+
+    volumes:
+      - /home/{{ system_user_name }}/docker/paperless/data:/usr/src/paperless/data
+      - /home/{{ system_user_name }}/docker/paperless/media:/usr/src/paperless/media
+      - /home/{{ system_user_name }}/docker/paperless/./export:/usr/src/paperless/export
+      - /home/{{ system_user_name }}/docker/paperless/./consume:/usr/src/paperless/consume
+    networks:
+      - name: paperless_internal
+      - name: proxy

roles/stirling_pdf/defaults/main.yml

@@ -0,0 +1,6 @@
+stirling_pdf_folder:
+  - config
+  - data
+
+stirling_pdf_locale: de_DE
+stirling_pdf_google_visibility: False

roles/stirling_pdf/tasks/main.yml

@@ -0,0 +1,33 @@
+---
+- name: Create Stirling-PDF directories if they do not exist
+  become: false
+  ansible.builtin.file:
+    path: /home/{{ system_user_name }}/docker/stirling_pdf/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: '{{ stirling_pdf_folder }}'
+
+- name: Create docker network 'proxy'
+  community.docker.docker_network:
+    name: proxy
+
+- name: Create Stirling-PDF Container
+  community.docker.docker_container:
+    name: stirling-pdf
+    image: 'frooodle/s-pdf:latest'
+    pull: yes
+    state: started
+    restart_policy: unless-stopped
+    ports:
+      - '11006:8080'
+    env:
+      APP_LOCALE: "{{ stirling_pdf_locale }}"
+      APP_HOME_NAME: "{{ stirling_pdf_name }}"
+      APP_HOME_DESCRIPTION: "{{ stirling_pdf_description }}"
+      APP_NAVBAR_NAME: "{{ stirling_pdf_name }}"
+      APP_ROOT_PATH: /
+      ALLOW_GOOGLE_VISIBILITY: "{{ stirling_pdf_google_visibility | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/stirling_pdf/config:/configs
+    networks:
+      - name: proxy

roles/wiki_js/tasks/main.yml

@@ -29,6 +29,8 @@
       - /home/{{ system_user_name }}/docker/wiki_js/db:/var/lib/postgresql/data
     networks:
       - name: wiki_js_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_WIKI_JS_DB_PORT }}:{{ WIKI_JS_DB_PORT }}"
 
 - name: Create Wiki_JS Container
   community.docker.docker_container:

roles/wordpress/defaults/main.yml

@@ -0,0 +1,3 @@
+wordpress_folder:
+  - data
+  - mysql

roles/wordpress/tasks/main.yml

@@ -0,0 +1,63 @@
+---
+- name: Create wordpress directories they do not exist
+  become: False
+  ansible.builtin.file:
+    path: /home/{{ system_user_name }}/docker/wordpress/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: '{{ wordpress_folder }}'
+
+- name: Create docker network 'wordpress_internal'
+  community.docker.docker_network:
+    name: wordpress_internal
+
+- name: Create docker network 'proxy'
+  community.docker.docker_network:
+    name: proxy
+
+- name: Create wordpress DB Container
+  community.docker.docker_container:
+    name: wordpress_db
+    image: 'mariadb:10.5'
+    state: started
+    restart_policy: unless-stopped
+    env:
+      MYSQL_ROOT_PASSWORD: "{{ WORDPRESS_DB_ROOT_PASS | string }}"
+      MYSQL_USER: "{{ WORDPRESS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ WORDPRESS_DB_PASS | string }}"
+      MYSQL_DATABASE: "{{ WORDPRESS_DB_NAME | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/wordpress/mysql:/var/lib/mysql:rw
+    networks:
+      - name: wordpress_internal
+
+- name: Create wordpress Container
+  community.docker.docker_container:
+    name: wordpress_app
+    image: 'wordpress:latest'
+    pull: yes
+    state: started
+    restart_policy: unless-stopped
+    ports:
+      - '11008:80'
+    env:
+      MYSQL_USERNAME: "{{ WORDPRESS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ WORDPRESS_DB_PASS | string }}"
+      MYSQL_DB_NAME: "{{ WORDPRESS_DB_NAME | string }}"
+      MYSQL_HOST_NAME: "{{ WORDPRESS_DB_HOST | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/wordpress/data:/var/www/html
+    networks:
+      - name: wordpress_internal
+      - name: proxy
+
+- name: Copy Wordpress Config Template
+  ansible.builtin.template:
+    src: wp-config.php.j2
+    dest: /home/{{ system_user_name }}/docker/wordpress/data/wp-config.php
+  
+- name: Restart Wordpress Container
+  community.docker.docker_container:
+    name: wordpress_app
+    state: started
+    restart: True

roles/wordpress/templates/wp-config.php.j2

@@ -0,0 +1,110 @@
+<?php
+/**
+ * The base configuration for WordPress
+ *
+ * The wp-config.php creation script uses this file during the installation.
+ * You don't have to use the web site, you can copy this file to "wp-config.php"
+ * and fill in the values.
+ *
+ * This file contains the following configurations:
+ *
+ * * Database settings
+ * * Secret keys
+ * * Database table prefix
+ * * ABSPATH
+ *
+ * @link https://wordpress.org/documentation/article/editing-wp-config-php/
+ *
+ * @package WordPress
+ */
+
+// ** Database settings - You can get this info from your web host ** //
+/** The name of the database for WordPress */
+define( 'DB_NAME', '{{ WORDPRESS_DB_NAME }}' );
+
+/** Database username */
+define( 'DB_USER', '{{ WORDPRESS_DB_USER }}' );
+
+/** Database password */
+define( 'DB_PASSWORD', '{{ WORDPRESS_DB_PASS }}' );
+
+/** Database hostname */
+define( 'DB_HOST', 'wordpress_db' );
+
+/** Database charset to use in creating database tables. */
+define( 'DB_CHARSET', 'utf8mb4' );
+
+/** The database collate type. Don't change this if in doubt. */
+define( 'DB_COLLATE', '' );
+
+define('.COOKIE_DOMAIN.', '{{ WORDPRESS_SITEURL }}');
+define('.SITECOOKIEPATH.', '.');
+
+if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+        $list = explode(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
+        $_SERVER['REMOTE_ADDR'] = $list[0];
+  }
+define( 'WP_HOME', 'https://{{ WORDPRESS_SITEURL }}' );
+define( 'WP_SITEURL', 'https://{{ WORDPRESS_SITEURL }}' );
+$_SERVER['HTTP_HOST'] = '{{ WORDPRESS_SITEURL }}';
+$_SERVER['REMOTE_ADDR'] = 'https://{{ WORDPRESS_SITEURL }}';
+$_SERVER[ 'SERVER_ADDR' ] = '{{ WORDPRESS_SITEURL }}';
+
+if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
+       $_SERVER['HTTPS']='on';
+
+/**#@+
+ * Authentication unique keys and salts.
+ *
+ * Change these to different unique phrases! You can generate these using
+ * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
+ *
+ * You can change these at any point in time to invalidate all existing cookies.
+ * This will force all users to have to log in again.
+ *
+ * @since 2.6.0
+ */
+define( 'AUTH_KEY',         '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'SECURE_AUTH_KEY',  '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'LOGGED_IN_KEY',    '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'NONCE_KEY',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'AUTH_SALT',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'SECURE_AUTH_SALT', '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'LOGGED_IN_SALT',   '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'NONCE_SALT',       '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+
+/**#@-*/
+
+/**
+ * WordPress database table prefix.
+ *
+ * You can have multiple installations in one database if you give each
+ * a unique prefix. Only numbers, letters, and underscores please!
+ */
+$table_prefix = 'wp_';
+
+/**
+ * For developers: WordPress debugging mode.
+ *
+ * Change this to true to enable the display of notices during development.
+ * It is strongly recommended that plugin and theme developers use WP_DEBUG
+ * in their development environments.
+ *
+ * For information on other constants that can be used for debugging,
+ * visit the documentation.
+ *
+ * @link https://wordpress.org/documentation/article/debugging-in-wordpress/
+ */
+define( 'WP_DEBUG', false );
+
+/* Add any custom values between this line and the "stop editing" line. */
+
+/* That's all, stop editing! Happy publishing. */
+
+/** Absolute path to the WordPress directory. */
+if ( ! defined( 'ABSPATH' ) ) {
+        define( 'ABSPATH', __DIR__ . '/' );
+}
+
+/** Sets up WordPress vars and included files. */
+require_once ABSPATH . 'wp-settings.php';