Merge pull request 'fixed wrong volume paths' (#2) from bugfix/wrong_volume_paths into main

Reviewed-on: https://git.local.zernis.ch/simon/homeserver.zernis.ch/pulls/2

ansible.cfg

@@ -6,3 +6,4 @@ private_key_file=~/.ssh/ansible
 fact_caching = jsonfile
 fact_caching_connection = facts/
 host_key_checking = False
+roles_path = ~/dev/ansible/roles

host_vars/10.11.12.35/vars

@@ -4,6 +4,8 @@ domain: "{{ vault_domain }}"
 
 system_user_name: '{{ vault_system_user_name }}'
 system_user_password: '{{ vault_system_user_password }}'
+system_user_uid: '1000'
+system_user_gid: '1000'
 
 admin_mail: '{{ vault_admin_mail }}'
 sender_address: '{{ vault_sender_address }}'
@@ -35,6 +37,7 @@ borg_pass: '{{ vault_pass }}'
 # Gitea
 GITEA_DB_TYPE: '{{ vault_GITEA_DB_TYPE }}'
 GITEA_DB_HOST: '{{ vault_GITEA_DB_HOST }}'
+GITEA_DB_PORT: ' {{ vault_GITEA_DB_PORT }}'
 GITEA_DB_ROOT_PASS: '{{ vault_GITEA_DB_ROOT_PASS }}'
 GITEA_DB_USER: '{{ vault_GITEA_DB_USER }}'
 GITEA_DB_PASS: '{{ vault_GITEA_DB_PASS }}'
@@ -49,6 +52,13 @@ NEXTCLOUD_MYSQL_USER: '{{ vault_NEXTCLOUD_MYSQL_USER }}'
 NEXTCLOUD_MYSQL_PASS: '{{ vault_NEXTCLOUD_MYSQL_PASS }}'
 NEXTCLOUD_MYSQL_ROOT_PASS: '{{ vault_NEXTCLOUD_MYSQL_ROOT_PASS }}'
 
+# Paperless
+PAPERLESS_POSTGRES_DB: "{{ vault_PAPERLESS_POSTGRES_DB }}"
+PAPERLESS_POSTGRES_USER: "{{ vault_PAPERLESS_POSTGRES_USER }}"
+PAPERLESS_POSTGRES_PASS: "{{ vault_PAPERLESS_POSTGRES_PASS }}"
+PAPERLESS_POSTGRES_PORT: "5432"
+PAPERLESS_URL: "https://dms.zernis.ch"
+
 # Nginx Proxy Manager
 NPM_MYSQL_HOST: '{{ vault_NPM_MYSQL_HOST }}'
 NPM_MYSQL_PORT: '{{ vault_NPM_MYSQL_PORT }}'
@@ -72,3 +82,80 @@ WIKI_JS_POSTGRES_PASS: '{{ vault_WIKI_JS_POSTGRES_PASS }}'
 
 stirling_pdf_description: '{{ vault_stirling_pdf_description }}'
 stirling_pdf_name: '{{ vault_stirling_pdf_name }}'
+
+# OpensourcePOS
+
+OPENSOURCEPOS_CI_ENV: '{{ vault_OPENSOURCEPOS_CI_ENV }}'
+OPENSOURCEPOS_FORCE_HTTPS: '{{ vault_OPENSOURCEPOS_FORCE_HTTPS }}'
+OPENSOURCEPOS_PHP_TIMEZONE: '{{ vault_OPENSOURCEPOS_PHP_TIMEZONE }}'
+OPENSOURCEPOS_DB_USER: '{{ vault_OPENSOURCEPOS_DB_USER }}'
+OPENSOURCEPOS_DB_PASS: '{{ vault_OPENSOURCEPOS_DB_PASS }}'
+OPENSOURCEPOS_DB_NAME: '{{ vault_OPENSOURCEPOS_DB_NAME }}'
+OPENSOURCEPOS_DB_HOST: '{{ vault_OPENSOURCEPOS_DB_HOST }}'
+OPENSOURCEPOS_DB_ROOT_PASS: '{{ vault_OPENSOURCEPOS_DB_ROOT_PASS }}'
+
+# Wordpress
+
+WORDPRESS_DB_USER: '{{ vault_WORDPRESS_DB_USER }}'
+WORDPRESS_DB_PASS: '{{ vault_WORDPRESS_DB_PASS }}'
+WORDPRESS_DB_NAME: '{{ vault_WORDPRESS_DB_NAME }}'
+WORDPRESS_DB_HOST: '{{ vault_WORDPRESS_DB_HOST }}'
+WORDPRESS_DB_ROOT_PASS: '{{ vault_WORDPRESS_DB_ROOT_PASS }}'
+
+### Borgmatic ###
+borg_source_directories:
+  - /home/{{ system_user_name }}/docker
+
+borgmatic_bin_dir: '/home/{{ system_user_name }}/.local/bin'
+#local_backup_path: '/backups/borgmatic'
+borgbase_ssh_repo_url: '{{ vault_borgbase_ssh_repo_url }}'
+borgbase_hostname: "{{ borgbase_ssh_repo_url.split('@')[1].split('/')[0] }}"
+ssh_backup_keyfile: '/home/simon/.ssh/id_ed25519'
+borgmatic_passphrase: '{{ vault_borgmatic_passphrase }}'
+backup_user_name: '{{ vault_backup_user_name }}'
+
+borg_exlcude_patterns:
+    - /home/{{ system_user_name }}/docker/*/db
+    - /home/{{ system_user_name }}/docker/gitea/data/ssh/*
+    - /home/{{ system_user_name }}/docker/npm/letsencrypt/*
+
+BORGMATIC_BACKUP_HOST: '127.0.0.1'
+BORGMATIC_GITEA_DB_PORT: '33306'
+BORGMATIC_NEXTCLOUD_MYSQL_PORT: '33307'
+BORGMATIC_NPM_MYSQL_PORT: '33308'
+BORGMATIC_WIKI_JS_DB_PORT: '33309'
+BORGMATIC_PAPERLESS_POSTGRES_PORT: '33310'
+
+mysql_databases:
+
+  - name: '{{ GITEA_DB_NAME }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_GITEA_DB_PORT }}'
+    username: 'root'
+    password: '{{ GITEA_DB_ROOT_PASS }}'
+
+mariadb_databases:
+
+  - name: '{{ NEXTCLOUD_MYSQL_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_NEXTCLOUD_MYSQL_PORT }}'
+    username: '{{ NEXTCLOUD_MYSQL_USER }}'
+    password: '{{ NEXTCLOUD_MYSQL_PASS }}'
+
+  - name: '{{ NPM_MYSQL_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_NPM_MYSQL_PORT }}'
+    username: '{{ NPM_MYSQL_USER }}'
+    password: '{{ NPM_MYSQL_PASS }}'
+
+postgresql_databases:
+  - name: '{{ WIKI_JS_POSTGRES_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_WIKI_JS_DB_PORT }}'
+    username: '{{ WIKI_JS_POSTGRES_USER }}'
+    password: '{{ WIKI_JS_POSTGRES_PASS }}'
+  - name: '{{ PAPERLESS_POSTGRES_DB }}'
+    host: '{{ BORGMATIC_BACKUP_HOST }}'
+    port: '{{ BORGMATIC_PAPERLESS_POSTGRES_PORT }}'
+    username: '{{ PAPERLESS_POSTGRES_USER }}'
+    password: '{{ PAPERLESS_POSTGRES_PASS }}'

host_vars/10.11.12.35/vault

@@ -1,103 +1,146 @@
 $ANSIBLE_VAULT;1.1;AES256
-64623137356665323763613465653134636637366339626135336135653733386161653833333736
-3134396663623032373036663132313736616634313263360a316239303934653637643133376535
-35356531383534303863303462333837313637346533353738633665663337356539356530313765
-3564396565303433370a653330303963663636353366303062623031306235353637316133336661
-30643365666461376366326532646537376534386565636138636163383065623337643363373234
-32323965383036303435383961666163626335306636613931616163636537393334383564613934
-61626566323662333838353434366263373265316234396633623266356562656464653963623635
-65323765653139666462313432333266333364653038346135633066393037313464646461303532
-66333233343538343130333138343638613163346637656431666461393530316435323861386465
-66323838343136306437663936376336333061323361306362313931343634336430613435366533
-33383535663262356531343330333533356538353865363162303734383162626131336336313361
-66666137386530633466653630646338333861313237383161643339663864313661396132626632
-36643833636334646263633331643634623533643062616133306266366133346662356333343239
-61653265663533393162623030613938663765393264313665393431353433633065313933656365
-33363532666437303937633830396638633438386431656236623938313936643231663031663963
-31306636336464396364653534383364333238616432353066316363636466333237353635323264
-35346562653939373534363966626434626439363165376233646533623930333832396561616534
-33626262626132653863396632303266663538643931353138303863366131306366343564373432
-66313938383638383636333666626235656236303162383438333137323030316338656366306563
-32666666303366353164653139376634646130643362323664356166306131353266626632303631
-63366530303332353231343566363631386564663431656564653531343538666231626262346361
-39623563313533656134346431663662643338393365376562356230393138373539626530653137
-63623362656632383566663039653832663566656639343065643830636662313265336338623866
-35333764313033653662343964396334366332343439363036396664373330613634636639666136
-62616538613862653834356361383236303337303134626238336331356364616432333334643836
-33303963656631356438656266386637303534363166396466653137623431383766393534336664
-37316430323662356666643330333763636333323363323436336539323736396339343435643362
-35383037353339346365643830373861643232613263303037626435613061373764646231326364
-63393065303939316366363833383436613438623162356262346639666435373639623932386239
-38376636306539386635313935343032653838353238373762623631643133623738653761353261
-34326365393536356132373865653833636334353730386535633138383331613864373434613837
-38666465653964303033326564633038353833633838386137633433383165613939343532613263
-64396565623062366462303865356330663432653862323363643530653038333866333965343431
-31343138633031376636633034636530343034663465663532393264393766343936636133333563
-39343838343033353839333830353664646230383734643464373661663337636136396138393733
-35326163393461343336396565613934666463323362656361616165376264333431333732613033
-37623362653364623933306361383666303062323537643265636561363334323964326635663264
-32393865336365626565623032663364666130666230666235366532303736316338666239653063
-38303431363536333266376231656563663631653935636335373662363766306631626664373939
-64346665383234313134363931613437653231386165383764626138323931376637353966353738
-66383763343935613935353463333233653931646236363362333862363566393432396462613632
-35613833303962333039643439356466623165656230383762663664333832646238326239303463
-63303461626631306137613866636661343962613164316362626332363766316661393032646366
-33633065663030333933376666313936613963616261653261353664663063363363636664646232
-64313631646137653331356562646666323438343763623766313766383963633264616632346366
-36363235383835616263623366613263653862653063366566303566363835643263343465653564
-36666235373030643830363433333038363930386461396431383964333533653935393431336430
-62616434313061313334333130396162376630376661346235633230353965396137383836303838
-65346136323766313162646330376335643261353536303638373161366538303463373831386231
-39633037663637306134646165663464356438306336396434666439313562646565666136363033
-39636530633461616637333739323338663434316663343733363862306363363531313132393633
-30373532636630326631373435396638623932616137363038333161616363353839643331393065
-38333361343537656432356561373437363335613737383332366565323939356436613432613530
-36313364656361623236373631633564323162306436393263343538636438353862626139366537
-66396439653966366136633062616461336266343562336236663434653337323930633562393733
-61363439356334656432623264306437653738373861323031393561653035386163306633653366
-66393465383464616336306435356331333634346231363263653639636166363134613966623166
-32303332376333326563613865653037626637366132653062363336633964623534613334636665
-65323462343066343635306437643132366433656137626466663962383337626162663864623032
-63333066376537333331353434386639646365333733366565656333643333383664623531326264
-37653931393633643132636561353962633666336335653334306235363135353132646434613534
-31313830613464326563363332346431343438356435323138646265303262333735323332383432
-30386663646437336162316161626633366232663436626333663763323732613936643833376165
-62663138396563366333366464613232363461333832366333353138363662636234663231626531
-66333035616264336235383161343664333637386631643335313932383137336364643361613261
-31626536613737663366323735353965333361373638353738366139613234363339626635623766
-36643362323139353638633139633866613732663833306134636337316430623866653433396636
-39626632653338303136663266383536363633623131343133616638373266353461386138353531
-31343862343032623133393632303936333936653431626630633566333634376434636438613466
-62343531383261323235646238336131653265653737383738656163343832636232666166366630
-39643165623435653432333936616639343030306236613132303662303361313737643135663165
-61643766393636613966373132323165656566373335636335666639633937323432356538646630
-61623131363136646563313962326230366661356562613033346531336461636634353662326537
-38656235653736616162316338626330363035316636393636613739636231636332633139336661
-38643763653035346137303632303536383864393836623064356166383431626362326132306230
-31316339306631326136336463623438323433636666363139393035663035623964386332323664
-62626663306634643832366539643538373033346266306532363539663931323263353562363561
-62353362303162373639303836376437346264316439613233343066333639653062363461333431
-30343661623433666137333532636264323130636130376335313566653833653265303235613138
-34626232356166353334383130316464393066393036656331306231643931363837613965626163
-63653566303639623338616434323437613465616364373632636638643031663531633666313364
-33316365303138323966613764373636343139333365653935373266383231343564326461366138
-32643330333363356264653736653561316637623937353231363736333435373830656435366462
-62323437663236623732326333313835373530333233366435616432366630306662393539383637
-36613865396666336137636233343331373463663430633935646334663566626566343137346264
-37336664343536636462636138343666363661303734336539393262366333376433356363323632
-65393835333262653766396236633136393034343564343532326438656631613862303036343662
-66353861393730353138666562396439613433363236333432636636316636626661646436336366
-63393037633466306562313566366664343965353462633236343365373437336634656435613663
-34636162653566626261376339313935316266363265393362633863656661373131636534363839
-61373939363337353836326462343364356537303466343439353661373830666533336231643833
-36666436623932383666306463623164386462373234303863393262666134353134666330396139
-65623763643930646630633338643238333430623638653138633764633265303032656661323936
-34383732336366653533623735353639656264653936366664326133306333653263636636613234
-32373930623865303161323565363136356434333264343239343365356364353930316638366631
-38303236343566343133363034336266326638316230623534623232313734616164343636346233
-65623337373364356435333462303232333131663365386266396365386361653531316366656432
-31383530306232643962396365323630336131393634643330653336303537636238666162623933
-38346130623730613464376662633462313439613966386531336632613331333935346230663034
-39303036633436363532633132393061303533653665613233313039613536613432363162643830
-37383262663435373134313163353932613733633636623366633135373539613830343462323338
-3531633832663162396136363662373131373830643464653264
+62363039313461363031633062353466326637326665653939353964383036333565306639663965
+3836313239333761323835643366633538663565363335390a613233663337306230393936646463
+64316439363634313062333664613363303539396537666166323765663434333665656335393636
+6234393733633262360a396634663065653537333032383361353133633737376335363563386364
+38613561306234636461333861396237343936633131636164383034623736316661313963396466
+30343064626434303061313365663833313334383334386239306339346464323538623763383832
+36376535633864663537623662663562393537316238356239356262383833366164653565306165
+64373036383938313166373134613664363831363862373761616364376137356366343162353733
+30626464333630303330623666343739326632633665376261613263653732356235393065663165
+38346133323139323765306536613361336436323935316266343630306363646236316165613461
+37643936376339633664313738303738393431366133336431613833383162623061613666636265
+33393066653463636364643634663863316662356631353166343536313930303435353735353166
+65313133373766646163393262383631333262306166343039343639653139636338663238303962
+39353233396238383366643637336131663931343530323937363531353538633662386638663833
+35323138333063316431666436336434313936666139386665626233623835626332336263303165
+33323866646335326433643464626639346630636133343634323032613132363232646163316266
+63336662336638383430616233613137346535623138663435303131363165656235356338653631
+63613131663166636233356130653639366135343435363266626530366337633932633766333764
+36643336346239613763616562383438346165633434336632393532313237613164646665363339
+31363332643331316437313464633139356631326436373261393533323265613365383530373030
+63363163376338363738373930646363326636616639363431333135616361393165323334353963
+36386130356534653937356238313336333135363135363637386239613361356237323865656331
+64623538663361326334646635373830373736663463313163353331343064373032623235663261
+65396634366334346662373636336532393434373265376232363734333831656466666433623764
+64623838303637643134376562626639643139656537333163663261383333343864333639393436
+63646335343639626230376436303065346232626261363131643631353731323733396232663230
+35363530343336383866353639353066333836343363623438316134393261366630663237316230
+66633563333466656361643266356134623634643066643264363830373536616264613331643464
+64323837666330316364633234636633373139303530396664623066373037616530623661326335
+39356666396231343665336438336233633936333135653966656465333762303461373335386233
+65666264313837666538363435643762393938616435323761393366663833353266616266653135
+62316364366333653363613737383238336633666333333963326261366166666337333230666262
+35356638656432383164656663303133323062623435653331356631323762306231366134623236
+64663263653161323862613334376363333438353261316138343234376337383565316566623035
+63386234646239363535333832313533313661646635323334383463633533316432333765643830
+38336636616530646336633831373836626430303266373835363266663335363830373938636431
+34313030336536643438346539336365386435643834303139623238343635323030613232363136
+30646337396366356164373734323431323935626537643338646334346562633735663661646536
+37373830633638303361346465343361323461393364363963383030663232373533393362313864
+35623965303766343265346161343939353138346361386561316662656562626239663866323833
+37313361626431373833396364653239336561363739663133323332323339343866336264333736
+31633539646439326164363437633765303062343836656165616639663964653331356161326362
+38373539353665303562346361613830306461616231313839646530323665323231633539613466
+33346139653763623266616136363833633032326365343836613630643664313630323030356638
+65613062323630396137363764663730383237333136396634316663613237623730663865356163
+39323061383965373233393434336363386366343630386339663838323565313837656131313230
+61623863343065303736356230663933646437383039396437313034303234356564333338303733
+39633663643461656132346538303434643565316165346563656565616539303964376334366335
+39393139386464383166396165303861373634323530613434373363336333303433613330333330
+38303334626336646635356566666238383334623635313464323932353832366539336366323862
+38303236656664306131306638633433343434386265353332313532643364336335343863306661
+65626464313564643966386333626366613732633235633961353136353537366166393266653765
+36666266386664393134303665366263623262306662633262613063633566303533613733636462
+61653563303938313633306136383164616361313334636531376436383030356633343737316531
+66656431363133373438613631326362346333376332353238653733633961386330336233613730
+35373361623331353531363062306331323234326438366463373337363731313330373962393330
+34343032303034666630343634313566333233333732626133306135316464336537393038383133
+63336663363633396339616137306530393863316266346462353232333061386331343832366162
+33363938346661646362353331656262623730306438373135316634323137386134623366653135
+35326531653331626165656634643064363866333062323634316533633930306235646131396530
+64613535623536396532383532356161663439376130613432656431363734643934316164346465
+32333961336438363838626564633161656437653963333162313362633365346334373564386530
+66663932663239323238643333306461356564616634643236636233376666626335633662653365
+34353931333063623266646265653064383839393461656230353661656365393737613331323664
+33313963303833666532386463663335346331626237346532613261393763363166376563346632
+61383765633461313932326264646334326563303035353537363466633636396635393237623737
+63623131633266616562633261333235633465633065336133353763363534383138613438626330
+63383939316630373165343462393335323061666134663435373930343132663365653861656431
+66346534353864663862386534626332653333363461666163313038656430383261306639326535
+64653630396465373034353831613635363735613363383563633362656430383437343733636239
+30366237333163663135393635306533636362643238383364396535333639323133396363623630
+32333763646231323365646161363734373635633266353364663032373738363362303666376137
+65383339653666393230626164383031653863323665656463356366353036323535626265613335
+31303837393763656639393761633831653134633731316232643462626234623837306261343937
+31646331303237646161663535333366376233636430666539653961333038663833333938346463
+34326135633061396261333064616233353435346266313264653665666566353336353164323164
+36363531383663636331326630346630336635306230366337613938643230386363343236613965
+34306138343964396133313937656430373131393933623338386632343165376230633166306565
+31336236346131383135313430666161343963383430383733363466636266323066666162363566
+36343963366361376538633861313265636132376432353533623563613864633164613462616161
+39353966613237643834366365613836633433636530346166643436363864366138356338646331
+31356239393264343862663138393435393265663766616463323730663433656237663965613839
+62396463643461326633383332316566366231343332373163643662373831366266393433353438
+38626131346535306361366539323335636666393261306233373232653233303430633539613930
+37653366656238616631376562336362343933393835306261303463363263653836393430333936
+35363536316664356462656533636361323661306162613630656164326135303363336563326264
+66323665623535663135313236323062666131323135393134323532316638626535323633363035
+39383330636135663737363065366530373466363161353265666239616632613733393038643236
+61323062666539333765336530363761666365373535356537613030313731396638663064346334
+30326431323132656331373232393133373261636135363761653266383631363530393935363865
+63376265373132393435636463306532303437343539636230616234626232383637623063343234
+65313266376563663063366138376361306339343030616265303730646630666430646233353336
+33333961356439623930323661313839376438396139303239346237653264626366313166333964
+33636132376164653739303738613163383234326563306432396661656632633038353133336530
+39393437373832333961613532653265633938393639626337386362363932366561323532343336
+64303262373766643931323939663730656466393430366339323361323636303861616463663065
+32383630303532323634643233636464386234373065343839393233313163303566663963656661
+37306539353033656662316639316266643862626334663766383735396332653135333235366363
+37393937376336353837653737366262306162363435616232323165633632636363623739363430
+35353536383664343339396439636261656137316332376566366138616632666431666632633963
+62623965643439343131646631353032616131346338303161363038623634336532633363396333
+31323634376130363030333164616465623730666637306338626366656262343930663131393934
+38373432646266356133663039323030366535383939663534316634316665646637653564303062
+38313031343835306266303161326461333463653265376264376334663835653333626333613261
+38376339326430353861626631633461333934313435623262633964303939386361613862386564
+66373339326333623233326462386535353730626634656261323235353534366163353161303633
+38613463306136336635363833366565313465363463353532316533366665613765336430313835
+30353032643263636435326263626136666466346161373330376663346461656666353335663333
+31393366333366333831383636333766353938663534343766383937613939323365366132323037
+63633866343034626162643039623935313263373061346130303231376563353933313762363237
+35363134353364653832616165323236333233303338623835343438643566373732303166353765
+32623238346631363331356131313561626535303032346133636636383466633931346462613035
+34353438363832656637393233613263366136323332353031356234373739373263393138626562
+63633364623961616237393231643237386336313833656362313939386336366330346165616464
+30356337646566353666613265386662623030373839316365393339393463343731666535353731
+37306665343532326138346231386634626333616639336237316634323438353635363365613834
+38363330616262333766323633386665316137363731356339343736333462313034363436386630
+32633764646665383836613838373630353435613234373832656339663138646663383037643364
+61616332623439313232316663663266343962663065363939396632646465313064353838613662
+61373034336136343230353235346164626434363237323931633661303062376365653134376563
+31396536393866323330363061623261313266303064303437376633313030646237666630666438
+36313234346264626262353536356166326565326538363761633539356362343533636636396237
+66393537343436396436616535633738333062343439366261373836316237323165663435383437
+35313430663334626337353766363737363332313537623637323634306363663033623264396261
+37346338633831356165383333393764633734633434323664363562396165386532306463626433
+31643835363936353034636162623137623035623165313937323866373034386432393263363235
+37623632666331376539616435316238356536303934386538313032346432396366643430323763
+39616563373962633735313634393435623966306333313337393234376534366664326664656362
+66383938623461303361323331303039636339313238353332393333363830663034633766613861
+63346663373132346365316239316264366665396666636138373435343938616462623961323733
+64323331393066313666353831633731323537313365383561666363353539626333663134613262
+61373064373966346362623030663936343435366266386634326235376664363335333038383939
+63623564633133636665383564356465363763373832386633656233663764653935333464666138
+31356131313463356231396466633630363430316636653437386436373230353963383836316331
+66336231376661366463356231336662356338323831643164313764343431323661373761613562
+32646237346164373463643464623235343166363532383965373333396339666361353137343239
+35336334633033613462613334656465666263363764363835383638393065303261323239326437
+31306436383566643563613933356463366664656134393935663666623863656637613764626565
+62343665383362376132623137633431393033396234616635376165393538396233636264663461
+62313531383039396333346139303764623133353765323666626465646336613566633464623138
+61313966383666363261336363323934666161643638326634303534376237636533333666333438
+65373234653532303533383161313164366464386530613230373663336331303336373262636131
+61346364323730316564636462363333353336323065616130393238323737366234656135626338
+64326437383138393631613963396163646263353436393064313763373231383333346137336534
+66663365633333353431343934303830386363663939666139633030326433376333

hosts.yml

@@ -30,3 +30,13 @@ all:
     stirling_pdf_hosts:
       hosts:
         10.11.12.35:
+    borgmatic_hosts:
+      hosts:
+        10.11.12.35:
+    paperless_hosts:
+      hosts:
+        10.11.12.35:
+    opensourcepos_hosts:
+      hosts:
+    wordpress_hosts:
+      hosts:

main.yml

@@ -20,6 +20,13 @@
     - borgbackup
   tags: borgbackup
 
+- name: Configure Borgmatic Backup
+  hosts: all
+  become: false
+  roles: 
+    - borgmatic
+  tags: borgmatic
+
 - name: Update the system
   hosts: all
   become: true
@@ -84,3 +91,24 @@
   roles:
     - stirling_pdf
   tags: stirling_pdf
+
+- name: Configure OpensourcePOS
+  hosts: opensourcepos_hosts
+  become: true
+  roles:
+    - opensourcepos
+  tags: opensourcepos
+
+- name: Configure Wordpress
+  hosts: wordpress_hosts
+  become: true
+  roles:
+    - wordpress
+  tags: wordpress
+
+- name: Configure Paperless
+  hosts: paperless_hosts
+  become: true
+  roles:
+    - paperless_ngx
+  tags: paperless

roles/borgbackup/tasks/main.yml

@@ -52,7 +52,7 @@
     user: "{{ system_user_name }}"
     name: "borgbackup the docker dir to nfs share"
     minute: "30"
-    hour: "4"
+    hour: "2"
     job: "sudo /usr/local/bin/backup_to_nfs.sh > /dev/null 2>&1"
   notify: Restart cron
   when: backup_via_nfs == true

roles/borgbackup/templates/backup_to_nfs.sh

@@ -47,7 +47,7 @@ if [ "$mount_successful" -eq 1 ]; then
     done
 
     # Backup-Integrität überprüfen
-    borg_check_result=$(borg check --repository-only --max-duration 43200 "$backup_repository" 2>&1)
+    borg_check_result=$(borg check --repository-only --max-duration 7200 "$backup_repository" 2>&1)
 
     # Backup-Status und Speicherauslastung prüfen
     if [ "$backup_status" -eq 0 ]; then

roles/borgbackup/templates/backup_to_smb.sh

@@ -48,7 +48,7 @@ if [ "$mount_successful" -eq 1 ]; then
     done
 
     # Backup-Integrität überprüfen
-    borg_check_result=$(borg check --repository-only --max-duration 43200 "$backup_repository" 2>&1)
+    borg_check_result=$(borg check --repository-only --max-duration 7200 "$backup_repository" 2>&1)
 
     # Backup-Status und Speicherauslastung prüfen
     if [ "$backup_status" -eq 0 ]; then

roles/defaults/tasks/postfix.yml

@@ -57,10 +57,17 @@
     state: "{{ postfix_service_state }}"
     enabled: "{{ postfix_service_enabled }}"
 
-- name: Update /etc/aliases | set email adress
+- name: Update /etc/aliases for root user | set email adress
   become: true
   ansible.builtin.lineinfile:
     path: /etc/aliases
     regexp: '^root:'
     line: 'root: {{ admin_mail }}'
   notify: New aliases
+
+- name: Update /etc/aliases for {{system_user_name}} | set email adress
+  become: true
+  ansible.builtin.lineinfile:
+    path: /etc/aliases
+    line: '{{ system_user_name }}: {{ admin_mail }}'
+  notify: New aliases

roles/docker/tasks/main.yml

@@ -67,5 +67,5 @@
     name: "prune unused docker stuff every night at 00:15"
     minute: "15"
     hour: "00"
-    job: "sudo docker system prune"
+    job: 'sudo docker system prune -af  --filter "until=$((30*24))h"'
   notify: Restart cron

roles/gitea/tasks/main.yml

@@ -30,6 +30,8 @@
       - /home/{{ system_user_name }}/docker/gitea/db:/var/lib/mysql
     networks:
       - name: gitea_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_GITEA_DB_PORT }}:{{GITEA_DB_PORT}}"
 
 - name: Create Gitea Container
   community.docker.docker_container:
@@ -42,6 +44,8 @@
       - '11004:3000'
       - '222:22'
     env:
+      USER_UID: "{{ system_user_uid }}"
+      USER_GID: "{{ system_user_gid }}"
       GITEA__database__DB_TYPE: "{{ GITEA_DB_TYPE | string}}"
       GITEA__database__HOST: "{{ GITEA_DB_HOST | string}}"
       GITEA__database__NAME: "{{ GITEA_DB_NAME | string }}"

roles/nextcloud/tasks/main.yml

@@ -30,6 +30,8 @@
       - /home/{{ system_user_name }}/docker/nextcloud/db:/var/lib/mysql
     networks:
       - name: nextcloud_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_NEXTCLOUD_MYSQL_PORT }}:{{ NEXTCLOUD_MYSQL_PORT }}"
 
 - name: Create Nextcloud Redis Container
   community.docker.docker_container:

roles/npm/tasks/main.yml

@@ -30,6 +30,9 @@
       - /home/{{ system_user_name }}/docker/npm/db:/var/lib/mysql
     networks:
       - name: npm_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_NPM_MYSQL_PORT }}:{{ NPM_MYSQL_PORT }}"
+
 
 - name: Create NPM Container
   community.docker.docker_container:

roles/opensourcepos/defaults/main.yml

@@ -0,0 +1,4 @@
+opensourcepos_folder:
+  - uploads
+  - logs
+  - mysql

roles/opensourcepos/tasks/main.yml

@@ -0,0 +1,64 @@
+---
+- name: Create opensourcepos directories they do not exist
+  become: False
+  ansible.builtin.file:
+    path: /home/{{ system_user_name }}/docker/opensourcepos/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: '{{ opensourcepos_folder }}'
+
+- name: Create docker network 'opensourcepos_internal'
+  community.docker.docker_network:
+    name: opensourcepos_internal
+
+- name: Create docker network 'proxy'
+  community.docker.docker_network:
+    name: proxy
+
+- name: Create SQLscript Container
+  community.docker.docker_container:
+    name: sqlscript
+    image: jekkos/opensourcepos:sqlscript
+    command: /bin/sh -c 'exit 0'
+
+- name: Create opensourcepos DB Container
+  community.docker.docker_container:
+    name: opensourcepos_db
+    image: 'mariadb:10.5'
+    state: started
+    restart_policy: unless-stopped
+    env:
+      MYSQL_ROOT_PASSWORD: "{{ OPENSOURCEPOS_DB_ROOT_PASS | string }}"
+      MYSQL_USER: "{{ OPENSOURCEPOS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ OPENSOURCEPOS_DB_PASS | string }}"
+      MYSQL_DATABASE: "{{ OPENSOURCEPOS_DB_NAME | string }}"
+    volumes_from:
+      - sqlscript
+    volumes:
+      - /home/{{ system_user_name }}/docker/opensourcepos/mysql:/var/lib/mysql:rw
+    networks:
+      - name: opensourcepos_internal
+
+- name: Create opensourcepos Container
+  community.docker.docker_container:
+    name: opensourcepos_app
+    image: 'jekkos/opensourcepos:3.3.8'
+    pull: yes
+    state: started
+    restart_policy: unless-stopped
+    ports:
+      - '11007:80'
+    env:
+      CI_ENV: "{{ OPENSOURCEPOS_CI_ENV | string}}"
+      FORCE_HTTPS: "{{ OPENSOURCEPOS_FORCE_HTTPS | string}}"
+      PHP_TIMEZONE: "{{ OPENSOURCEPOS_PHP_TIMEZONE | string }}"
+      MYSQL_USERNAME: "{{ OPENSOURCEPOS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ OPENSOURCEPOS_DB_PASS | string }}"
+      MYSQL_DB_NAME: "{{ OPENSOURCEPOS_DB_NAME | string }}"
+      MYSQL_HOST_NAME: "{{ OPENSOURCEPOS_DB_HOST | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/opensourcepos/uploads:/app/public/uploads
+      - /home/{{ system_user_name }}/docker/opensourcepos/logs:/app/application/logs
+    networks:
+      - name: opensourcepos_internal
+      - name: proxy

roles/paperless_ngx/defaults/main.yml

@@ -0,0 +1,7 @@
+paperless_folder:
+ - data
+ - db
+ - redisdata
+ - media
+ - ./export
+ - ./consume

roles/paperless_ngx/tasks/main.yml

@@ -0,0 +1,71 @@
+---
+- name: Create Paperless directories if they do not exist
+  become: false
+  ansible.builtin.file:
+    path: /home/{{ system_user_name }}/docker/paperless/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: '{{ paperless_folder }}'
+
+- name: Create docker network 'paperless_internal'
+  community.docker.docker_network:
+    name: paperless_internal
+
+- name: Create docker network 'proxy'
+  community.docker.docker_network:
+    name: proxy
+
+- name: Create Paperless Postgres Container
+  community.docker.docker_container:
+    name: paperless_db
+    image: 'docker.io/library/postgres:16'
+    state: started
+    restart_policy: unless-stopped
+    env:
+      POSTGRES_DB: "{{ PAPERLESS_POSTGRES_DB | string }}"
+      POSTGRES_USER: "{{ PAPERLESS_POSTGRES_USER | string }}"
+      POSTGRES_PASSWORD: "{{ PAPERLESS_POSTGRES_PASS | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/paperless/db:/var/lib/postgresql/data
+    networks:
+      - name: paperless_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_PAPERLESS_POSTGRES_PORT }}:{{ PAPERLESS_POSTGRES_PORT }}"
+
+- name: Create Paperless Redis Container
+  community.docker.docker_container:
+    name: paperless_redis
+    image: 'docker.io/library/redis:7'
+    state: started
+    restart_policy: unless-stopped
+    volumes:
+      - /home/{{ system_user_name }}/docker/paperless/redisdata:/data
+    networks:
+      - name: paperless_internal
+
+- name: Create Paperless Container
+  community.docker.docker_container:
+    name: paperless_app
+    image: 'ghcr.io/paperless-ngx/paperless-ngx:latest'
+    pull: yes
+    state: started
+    restart_policy: unless-stopped
+    ports:
+      - '11007:8000'
+    env:
+      PAPERLESS_URL: "{{ PAPERLESS_URL }}"
+      PAPERLESS_DBENGINE: postgresql
+      PAPERLESS_REDIS: redis://paperless_redis:6379
+      PAPERLESS_DBHOST: paperless_db
+      PAPERLESS_DBNAME: "{{ PAPERLESS_POSTGRES_DB | string }}"
+      PAPERLESS_DBUSER: "{{ PAPERLESS_POSTGRES_USER | string }}"
+      PAPERLESS_DBPASS: "{{ PAPERLESS_POSTGRES_PASS | string }}"
+
+    volumes:
+      - /home/{{ system_user_name }}/docker/paperless/data:/usr/src/paperless/data
+      - /home/{{ system_user_name }}/docker/paperless/media:/usr/src/paperless/media
+      - /home/{{ system_user_name }}/docker/paperless/./export:/usr/src/paperless/export
+      - /home/{{ system_user_name }}/docker/paperless/./consume:/usr/src/paperless/consume
+    networks:
+      - name: paperless_internal
+      - name: proxy

roles/wiki_js/tasks/main.yml

@@ -29,6 +29,8 @@
       - /home/{{ system_user_name }}/docker/wiki_js/db:/var/lib/postgresql/data
     networks:
       - name: wiki_js_internal
+    ports:
+      - "{{ BORGMATIC_BACKUP_HOST }}:{{ BORGMATIC_WIKI_JS_DB_PORT }}:{{ WIKI_JS_DB_PORT }}"
 
 - name: Create Wiki_JS Container
   community.docker.docker_container:

roles/wordpress/defaults/main.yml

@@ -0,0 +1,3 @@
+wordpress_folder:
+  - data
+  - mysql

roles/wordpress/tasks/main.yml

@@ -0,0 +1,63 @@
+---
+- name: Create wordpress directories they do not exist
+  become: False
+  ansible.builtin.file:
+    path: /home/{{ system_user_name }}/docker/wordpress/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: '{{ wordpress_folder }}'
+
+- name: Create docker network 'wordpress_internal'
+  community.docker.docker_network:
+    name: wordpress_internal
+
+- name: Create docker network 'proxy'
+  community.docker.docker_network:
+    name: proxy
+
+- name: Create wordpress DB Container
+  community.docker.docker_container:
+    name: wordpress_db
+    image: 'mariadb:10.5'
+    state: started
+    restart_policy: unless-stopped
+    env:
+      MYSQL_ROOT_PASSWORD: "{{ WORDPRESS_DB_ROOT_PASS | string }}"
+      MYSQL_USER: "{{ WORDPRESS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ WORDPRESS_DB_PASS | string }}"
+      MYSQL_DATABASE: "{{ WORDPRESS_DB_NAME | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/wordpress/mysql:/var/lib/mysql:rw
+    networks:
+      - name: wordpress_internal
+
+- name: Create wordpress Container
+  community.docker.docker_container:
+    name: wordpress_app
+    image: 'wordpress:latest'
+    pull: yes
+    state: started
+    restart_policy: unless-stopped
+    ports:
+      - '11008:80'
+    env:
+      MYSQL_USERNAME: "{{ WORDPRESS_DB_USER | string }}"
+      MYSQL_PASSWORD: "{{ WORDPRESS_DB_PASS | string }}"
+      MYSQL_DB_NAME: "{{ WORDPRESS_DB_NAME | string }}"
+      MYSQL_HOST_NAME: "{{ WORDPRESS_DB_HOST | string }}"
+    volumes:
+      - /home/{{ system_user_name }}/docker/wordpress/data:/var/www/html
+    networks:
+      - name: wordpress_internal
+      - name: proxy
+
+- name: Copy Wordpress Config Template
+  ansible.builtin.template:
+    src: wp-config.php.j2
+    dest: /home/{{ system_user_name }}/docker/wordpress/data/wp-config.php
+  
+- name: Restart Wordpress Container
+  community.docker.docker_container:
+    name: wordpress_app
+    state: started
+    restart: True

roles/wordpress/templates/wp-config.php.j2

@@ -0,0 +1,110 @@
+<?php
+/**
+ * The base configuration for WordPress
+ *
+ * The wp-config.php creation script uses this file during the installation.
+ * You don't have to use the web site, you can copy this file to "wp-config.php"
+ * and fill in the values.
+ *
+ * This file contains the following configurations:
+ *
+ * * Database settings
+ * * Secret keys
+ * * Database table prefix
+ * * ABSPATH
+ *
+ * @link https://wordpress.org/documentation/article/editing-wp-config-php/
+ *
+ * @package WordPress
+ */
+
+// ** Database settings - You can get this info from your web host ** //
+/** The name of the database for WordPress */
+define( 'DB_NAME', '{{ WORDPRESS_DB_NAME }}' );
+
+/** Database username */
+define( 'DB_USER', '{{ WORDPRESS_DB_USER }}' );
+
+/** Database password */
+define( 'DB_PASSWORD', '{{ WORDPRESS_DB_PASS }}' );
+
+/** Database hostname */
+define( 'DB_HOST', 'wordpress_db' );
+
+/** Database charset to use in creating database tables. */
+define( 'DB_CHARSET', 'utf8mb4' );
+
+/** The database collate type. Don't change this if in doubt. */
+define( 'DB_COLLATE', '' );
+
+define('.COOKIE_DOMAIN.', '{{ WORDPRESS_SITEURL }}');
+define('.SITECOOKIEPATH.', '.');
+
+if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+        $list = explode(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
+        $_SERVER['REMOTE_ADDR'] = $list[0];
+  }
+define( 'WP_HOME', 'https://{{ WORDPRESS_SITEURL }}' );
+define( 'WP_SITEURL', 'https://{{ WORDPRESS_SITEURL }}' );
+$_SERVER['HTTP_HOST'] = '{{ WORDPRESS_SITEURL }}';
+$_SERVER['REMOTE_ADDR'] = 'https://{{ WORDPRESS_SITEURL }}';
+$_SERVER[ 'SERVER_ADDR' ] = '{{ WORDPRESS_SITEURL }}';
+
+if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
+       $_SERVER['HTTPS']='on';
+
+/**#@+
+ * Authentication unique keys and salts.
+ *
+ * Change these to different unique phrases! You can generate these using
+ * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
+ *
+ * You can change these at any point in time to invalidate all existing cookies.
+ * This will force all users to have to log in again.
+ *
+ * @since 2.6.0
+ */
+define( 'AUTH_KEY',         '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'SECURE_AUTH_KEY',  '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'LOGGED_IN_KEY',    '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'NONCE_KEY',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'AUTH_SALT',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'SECURE_AUTH_SALT', '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'LOGGED_IN_SALT',   '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+define( 'NONCE_SALT',       '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
+
+/**#@-*/
+
+/**
+ * WordPress database table prefix.
+ *
+ * You can have multiple installations in one database if you give each
+ * a unique prefix. Only numbers, letters, and underscores please!
+ */
+$table_prefix = 'wp_';
+
+/**
+ * For developers: WordPress debugging mode.
+ *
+ * Change this to true to enable the display of notices during development.
+ * It is strongly recommended that plugin and theme developers use WP_DEBUG
+ * in their development environments.
+ *
+ * For information on other constants that can be used for debugging,
+ * visit the documentation.
+ *
+ * @link https://wordpress.org/documentation/article/debugging-in-wordpress/
+ */
+define( 'WP_DEBUG', false );
+
+/* Add any custom values between this line and the "stop editing" line. */
+
+/* That's all, stop editing! Happy publishing. */
+
+/** Absolute path to the WordPress directory. */
+if ( ! defined( 'ABSPATH' ) ) {
+        define( 'ABSPATH', __DIR__ . '/' );
+}
+
+/** Sets up WordPress vars and included files. */
+require_once ABSPATH . 'wp-settings.php';