Enhance Ansible playbooks and scripts:

- Add '--skip-check' option to update.py to skip dotfiles update checks. - Update playbook.yml and symlinks.yml to use 'inventory_hostname' for host checks. - Refactor service task inclusions in server.yml for better readability and maintainability. - Add new Home Assistant service with corresponding docker-compose configuration. - Update various service YAML files to use dynamic paths based on inventory_hostname. - Add tags for service tasks to improve organization and execution control. - Remove obsolete services.yml file.
2025-07-11 03:04:50 +00:00
parent a349923d8e
commit 2eb5ab5387
27 changed files with 281 additions and 159 deletions
--- a/bin/actions/update.py
+++ b/bin/actions/update.py
@@ -28,6 +28,7 @@ def help_message():
        "green",
        "  --full-speed, -F  Upgrade packages and use all available cores for compilation. (Default: 8 cores)",
    )
    printfe("green", "  --skip-check, -s  Skip checking for dotfiles updates.")
    printfe("green", "  --help, -h        Display this help message.")
    return 0
@@ -236,6 +237,10 @@ def main():
        "--help", "-h", action="store_true", help="Display help message"
    )
    parser.add_argument(
        "--skip-check", "-s", action="store_true", help="Skip checking for dotfiles updates"
    )
    args = parser.parse_args()
    if args.help:
@@ -250,10 +255,13 @@ def main():
    if args.ansible_verbose:
        args.ansible = True
-    # Always check git repository first
+    # Always check git repository first unless skip-check is set
    if not args.skip_check:
        if not check_git_repository():
            printfe("red", "Failed to check or update dotfiles repository.")
            return 1
    else:
        printfe("yellow", "Skipping dotfiles repository update check (--skip-check).")
    # Set cores and jobs based on full-speed flag
    if args.full_speed:
--- a/config/ansible/playbook.yml
+++ b/config/ansible/playbook.yml
@@ -12,8 +12,8 @@
    - name: Include workstation tasks
      ansible.builtin.import_tasks: tasks/workstations/workstation.yml
-      when: hostname in ['mennos-laptop', 'mennos-cosmic-laptop', 'mennos-desktop']
+      when: inventory_hostname in ['mennos-laptop', 'mennos-cosmic-laptop', 'mennos-desktop']
    - name: Include server tasks
      ansible.builtin.import_tasks: tasks/servers/server.yml
-      when: hostname in ['mennos-server', 'mennos-cloud-server', 'mennos-hobbypc', 'mennos-vm', 'dotfiles-test']
+      when: inventory_hostname in ['mennos-server', 'mennos-cloud-server', 'mennos-hobbypc', 'mennos-vm', 'dotfiles-test']
--- a/config/ansible/tasks/global/symlinks.yml
+++ b/config/ansible/tasks/global/symlinks.yml
@@ -19,7 +19,7 @@
 - name: Create gitconfig symlink
  ansible.builtin.file:
-    src: "{{ gitconfig_mapping[hostname] | replace('~', user_home) | replace('$DOTFILES_PATH', lookup('env', 'DOTFILES_PATH')) }}"
+    src: "{{ gitconfig_mapping[inventory_hostname] | replace('~', user_home) | replace('$DOTFILES_PATH', lookup('env', 'DOTFILES_PATH')) }}"
    dest: "{{ user_home }}/.gitconfig"
    state: link
    force: true
@@ -37,7 +37,7 @@
 - name: Create SSH authorized_keys symlink
  ansible.builtin.file:
-    src: "{{ authorized_keys_mapping[hostname] | replace('~', user_home) | replace('$DOTFILES_PATH', lookup('env', 'DOTFILES_PATH')) }}"
+    src: "{{ authorized_keys_mapping[inventory_hostname] | replace('~', user_home) | replace('$DOTFILES_PATH', lookup('env', 'DOTFILES_PATH')) }}"
    dest: "{{ user_home }}/.ssh/authorized_keys"
    state: link
    force: true
--- a/config/ansible/tasks/servers/server.yml
+++ b/config/ansible/tasks/servers/server.yml
@@ -11,14 +11,21 @@
    - name: Include JuiceFS tasks
      ansible.builtin.include_tasks: juicefs.yml
-    - name: Include services tasks
+    - name: Include service tasks
-      ansible.builtin.include_tasks: services/services.yml
+      ansible.builtin.include_tasks: "services/{{ item.name }}/{{ item.name }}.yml"
      loop: "{{ services }}"
      when: item.enabled|bool and (inventory_hostname in item.hosts)
      loop_control:
        label: "{{ item.name }}"
      tags:
        - services
  vars:
    services:
      - name: caddy
        enabled: true
        hosts:
          - mennos-cloud-server
          - mennos-server
      - name: karakeep
        enabled: true
        hosts:
@@ -39,6 +46,7 @@
        enabled: true
        hosts:
          - mennos-cloud-server
          # - mennos-server
      - name: seafile
        enabled: true
        hosts:
@@ -71,7 +79,12 @@
        enabled: true
        hosts:
          - mennos-cloud-server
          - mennos-server
      - name: arr-stack
        enabled: false
        hosts:
          - mennos-cloud-server
      - name: home-assistant
        enabled: true
        hosts:
          - mennos-server
--- a/config/ansible/tasks/servers/services/arr-stack/arr-stack.yml
+++ b/config/ansible/tasks/servers/services/arr-stack/arr-stack.yml
@@ -32,3 +32,6 @@
    - name: Start ArrStack service
      ansible.builtin.command: docker compose -f "{{ arr_stack_service_dir }}/docker-compose.yml" up -d
      when: arr_stack_template_result.changed
  tags:
    - services
    - arr_stack
--- a/config/ansible/tasks/servers/services/beszel/beszel.yml
+++ b/config/ansible/tasks/servers/services/beszel/beszel.yml
@@ -32,3 +32,6 @@
    - name: Start Beszel service
      ansible.builtin.command: docker compose -f "{{ beszel_service_dir }}/docker-compose.yml" up -d
      when: beszel_compose.changed
  tags:
    - services
    - beszel
--- a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2
+++ b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2
@@ -28,6 +28,7 @@
 }
 {% endif %}
 {% if inventory_hostname == 'mennos-cloud-server' %}
 photos.mvl.sh {
   import country_block
   reverse_proxy immich:2283
@@ -135,3 +136,16 @@ http://ip.mvl.sh {
       header_up X-Forwarded-Host {host}
   }
 }
 {% elif inventory_hostname == 'mennos-server' %}
 home.vleeuwen.me {
   import country_block
   reverse_proxy host.docker.internal:8123 {
       header_up Host {upstream_hostport}
       header_up X-Real-IP {http.request.remote.host}
       header_up X-Forwarded-For {http.request.remote.host}
       header_up X-Forwarded-Proto {scheme}
       header_up X-Forwarded-Host {host}
   }
   tls {{ caddy_email }}
 }
 {% endif %}
--- a/config/ansible/tasks/servers/services/caddy/caddy.yml
+++ b/config/ansible/tasks/servers/services/caddy/caddy.yml
@@ -4,18 +4,19 @@
      - name: Set Caddy directories
        ansible.builtin.set_fact:
            caddy_service_dir: "{{ ansible_env.HOME }}/services/caddy"
-            caddy_data_dir: "/mnt/object_storage/services/caddy"
+            caddy_data_dir: "{{ '/mnt/services/caddy' if inventory_hostname == 'mennos-server' else '/mnt/object_storage/services/caddy' }}"
            geoip_db_path: "{{ '/mnt/services/echoip' if inventory_hostname == 'mennos-server' else '/mnt/object_storage/services/echoip' }}"
            caddy_email: "{{ lookup('community.general.onepassword', 'qwvcr4cuumhqh3mschv57xdqka', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='email') }}"
      - name: Setup country blocking
        ansible.builtin.include_tasks: country-blocking.yml
      - name: Create Caddy directory
        ansible.builtin.file:
            path: "{{ caddy_service_dir }}"
            state: directory
            mode: "0755"
      - name: Setup country blocking
        ansible.builtin.include_tasks: country-blocking.yml
      - name: Copy Dockerfile for custom Caddy build
        ansible.builtin.copy:
            src: Dockerfile
--- a/config/ansible/tasks/servers/services/caddy/country-blocking.yml
+++ b/config/ansible/tasks/servers/services/caddy/country-blocking.yml
@@ -10,7 +10,7 @@
      - name: Check if MaxMind Country database is available
        ansible.builtin.stat:
-            path: "/mnt/object_storage/services/echoip/GeoLite2-Country.mmdb"
+            path: "{{ geoip_db_path }}/GeoLite2-Country.mmdb"
        register: maxmind_country_db
        when: enable_country_blocking | default(false)
@@ -36,7 +36,7 @@
        ansible.builtin.debug:
            msg:
                - "⚠️  WARNING: MaxMind Country database not found!"
-                - "Expected location: /mnt/object_storage/services/echoip/GeoLite2-Country.mmdb"
+                - "Expected location: {{ geoip_db_path }}/GeoLite2-Country.mmdb"
                - "Country blocking will not work until EchoIP service is deployed"
                - "Run: dotf update --ansible --tags echoip"
        when:
--- a/config/ansible/tasks/servers/services/caddy/docker-compose.yml.j2
+++ b/config/ansible/tasks/servers/services/caddy/docker-compose.yml.j2
@@ -11,7 +11,7 @@ services:
      - {{ caddy_data_dir }}/data:/data
      - {{ caddy_data_dir }}/config:/config
      - {{ caddy_service_dir }}/Caddyfile:/etc/caddy/Caddyfile
-      - /mnt/object_storage/services/echoip:/etc/caddy/geoip:ro
+      - {{ geoip_db_path }}:/etc/caddy/geoip:ro
      - {{ caddy_data_dir }}/logs:/var/log/caddy
    environment:
      - TZ=Europe/Amsterdam
--- a/config/ansible/tasks/servers/services/downloaders/downloaders.yml
+++ b/config/ansible/tasks/servers/services/downloaders/downloaders.yml
@@ -27,3 +27,6 @@
    - name: Start Downloaders service
      ansible.builtin.command: docker compose -f "{{ downloaders_service_dir }}/docker-compose.yml" up -d
      when: downloaders_compose.changed
  tags:
    - services
    - downloaders
--- a/config/ansible/tasks/servers/services/dozzle/dozzle.yml
+++ b/config/ansible/tasks/servers/services/dozzle/dozzle.yml
@@ -32,3 +32,6 @@
    - name: Start Dozzle service
      ansible.builtin.command: docker compose -f "{{ dozzle_service_dir }}/docker-compose.yml" up -d
      when: dozzle_compose.changed
  tags:
    - services
    - dozzle
--- a/config/ansible/tasks/servers/services/echoip/echoip.yml
+++ b/config/ansible/tasks/servers/services/echoip/echoip.yml
@@ -4,7 +4,7 @@
    - name: Set EchoIP directories
      ansible.builtin.set_fact:
        echoip_service_dir: "{{ ansible_env.HOME }}/services/echoip"
-        echoip_data_dir: "/mnt/object_storage/services/echoip"
+        echoip_data_dir: "{{ '/mnt/services/echoip' if inventory_hostname == 'mennos-server' else '/mnt/object_storage/services/echoip' }}"
        maxmind_account_id: "{{ lookup('community.general.onepassword', 'finpwvqp6evflzjcsnwge74n34',
          vault='j7nmhqlsjmp2r6umly5t75hzb4', field='account_id') | regex_replace('\\s+', '') }}"
        maxmind_license_key: "{{ lookup('community.general.onepassword', 'finpwvqp6evflzjcsnwge74n34',
@@ -141,3 +141,6 @@
    - name: Start EchoIP service
      ansible.builtin.command: docker compose -f "{{ echoip_service_dir }}/docker-compose.yml" up -d
      when: echoip_compose.changed
  tags:
    - services
    - echoip
--- a/config/ansible/tasks/servers/services/factorio/factorio.yml
+++ b/config/ansible/tasks/servers/services/factorio/factorio.yml
@@ -26,3 +26,6 @@
    - name: Start Factorio service
      ansible.builtin.command: docker compose -f "{{ factorio_service_dir }}/docker-compose.yml" up -d
      when: factorio_compose.changed
  tags:
    - services
    - factorio
--- a/config/ansible/tasks/servers/services/gitea/gitea.yml
+++ b/config/ansible/tasks/servers/services/gitea/gitea.yml
@@ -38,3 +38,7 @@
    - name: Start Gitea service
      ansible.builtin.command: docker compose -f "{{ gitea_service_dir }}/docker-compose.yml" up -d
      when: gitea_compose.changed or gitea_act_runner_config.changed
  tags:
    - services
    - gitea
--- a/config/ansible/tasks/servers/services/golink/golink.yml
+++ b/config/ansible/tasks/servers/services/golink/golink.yml
@@ -31,3 +31,6 @@
    - name: Start GoLink service
      ansible.builtin.command: docker compose -f "{{ golink_service_dir }}/docker-compose.yml" up -d
      when: golink_compose.changed
  tags:
    - services
    - golink
--- a/config/ansible/tasks/servers/services/home-assistant/docker-compose.yml.j2
+++ b/config/ansible/tasks/servers/services/home-assistant/docker-compose.yml.j2
@@ -0,0 +1,17 @@
 services:
  homeassistant:
    container_name: homeassistant
    image: "ghcr.io/home-assistant/home-assistant:stable"
    volumes:
      - "/var/run/dbus:/run/dbus:ro"
      - {{ homeassistant_data_dir }}:/config
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - TZ=Europe/Amsterdam
      - PUID=1000
      - PGID=1000
    restart: unless-stopped
    privileged: true
    network_mode: host
    devices:
      - /dev/ttyUSB0:/dev/ttyUSB0
--- a/config/ansible/tasks/servers/services/home-assistant/home-assistant.yml
+++ b/config/ansible/tasks/servers/services/home-assistant/home-assistant.yml
@@ -0,0 +1,36 @@
 ---
 - name: Deploy Home Assistant service
  block:
    - name: Set Home Assistant directories
      ansible.builtin.set_fact:
        homeassistant_data_dir: "/mnt/services/homeassistant"
        homeassistant_service_dir: "{{ ansible_env.HOME }}/services/homeassistant"
    - name: Create Home Assistant directories
      ansible.builtin.file:
        path: "{{ homeassistant_dir }}"
        state: directory
        mode: "0755"
      loop:
        - "{{ homeassistant_data_dir }}"
        - "{{ homeassistant_service_dir }}"
      loop_control:
        loop_var: homeassistant_dir
    - name: Deploy Home Assistant docker-compose.yml
      ansible.builtin.template:
        src: docker-compose.yml.j2
        dest: "{{ homeassistant_service_dir }}/docker-compose.yml"
        mode: "0644"
      register: homeassistant_compose
    - name: Stop Home Assistant service
      ansible.builtin.command: docker compose -f "{{ homeassistant_service_dir }}/docker-compose.yml" down --remove-orphans
      when: homeassistant_compose.changed
    - name: Start Home Assistant service
      ansible.builtin.command: docker compose -f "{{ homeassistant_service_dir }}/docker-compose.yml" up -d
      when: homeassistant_compose.changed
  tags:
    - services
    - homeassistant
--- a/config/ansible/tasks/servers/services/immich/immich.yml
+++ b/config/ansible/tasks/servers/services/immich/immich.yml
@@ -39,3 +39,6 @@
    - name: Start Immich service
      ansible.builtin.command: docker compose -f "{{ immich_service_dir }}/docker-compose.yml" up -d
      when: immich_compose.changed
  tags:
    - services
    - immich
--- a/config/ansible/tasks/servers/services/jellyfin/docker-compose.yml.j2
+++ b/config/ansible/tasks/servers/services/jellyfin/docker-compose.yml.j2
@@ -8,10 +8,10 @@ services:
      - TZ=Europe/Amsterdam
      - JELLYFIN_PublishedServerUrl=https://jellyfin.mvl.sh
    volumes:
-      - {{jellyfin_data_dir}}/jellyfin-config:/config
+      - {{ jellyfin_data_dir }}/jellyfin-config:/config
-      - /mnt/object_storage/movies:/movies
+      - {{ '/mnt/movies' if inventory_hostname == 'mennos-server' else '/mnt/object_storage/movies' }}:/movies
-      - /mnt/object_storage/tvshows:/tvshows
+      - {{ '/mnt/tv_shows' if inventory_hostname == 'mennos-server' else '/mnt/object_storage/tvshows' }}:/tvshows
-      - /mnt/object_storage/music:/music
+      - {{ '/mnt/music' if inventory_hostname == 'mennos-server' else '/mnt/object_storage/music' }}:/music
    ports:
      - 8096:8096
      - 8920:8920
--- a/config/ansible/tasks/servers/services/jellyfin/jellyfin.yml
+++ b/config/ansible/tasks/servers/services/jellyfin/jellyfin.yml
@@ -3,7 +3,7 @@
  block:
    - name: Set Jellyfin directories
      ansible.builtin.set_fact:
-        jellyfin_data_dir: "/mnt/object_storage/services/jellyfin"
+        jellyfin_data_dir: "{{ '/mnt/services/jellyfin' if inventory_hostname == 'mennos-server' else '/mnt/object_storage/services/jellyfin' }}"
        jellyfin_service_dir: "{{ ansible_env.HOME }}/services/jellyfin"
    - name: Create Jellyfin directories
@@ -31,3 +31,6 @@
    - name: Start Jellyfin service
      ansible.builtin.command: docker compose -f "{{ jellyfin_service_dir }}/docker-compose.yml" up -d
      when: jellyfin_compose.changed
  tags:
    - services
    - jellyfin
--- a/config/ansible/tasks/servers/services/karakeep/karakeep.yml
+++ b/config/ansible/tasks/servers/services/karakeep/karakeep.yml
@@ -38,3 +38,6 @@
    - name: Start Karakeep service
      ansible.builtin.command: docker compose -f "{{ karakeep_service_dir }}/docker-compose.yml" up -d
      when: karakeep_compose.changed
  tags:
    - services
    - redis
--- a/config/ansible/tasks/servers/services/redis/redis.yml
+++ b/config/ansible/tasks/servers/services/redis/redis.yml
@@ -75,3 +75,6 @@
      register: docker_restart
      changed_when: docker_restart.rc == 0
      when: redis_compose.changed
  tags:
   - services
   - redis
--- a/config/ansible/tasks/servers/services/seafile/seafile.yml
+++ b/config/ansible/tasks/servers/services/seafile/seafile.yml
@@ -70,3 +70,6 @@
    - name: Start Seafile service
      ansible.builtin.command: docker compose -f "{{ seafile_service_dir }}/docker-compose.yml" up -d
      when: seafile_configs.changed
  tags:
    - services
    - seafile
--- a/config/ansible/tasks/servers/services/services.yml
+++ b/config/ansible/tasks/servers/services/services.yml
@@ -1,13 +0,0 @@
 ---
 - name: Include service cleanup tasks
  ansible.builtin.include_tasks: service_cleanup.yml
 - name: Include service tasks
  ansible.builtin.include_tasks: "{{ item.name }}/{{ item.name }}.yml"
  loop: "{{ services }}"
  when: item.enabled|bool and (inventory_hostname in item.hosts)
  loop_control:
      label: "{{ item.name }}"
  tags:
      - "{{ item.name }}"
      - services
--- a/config/ansible/tasks/servers/services/uptime-kuma/uptime-kuma.yml
+++ b/config/ansible/tasks/servers/services/uptime-kuma/uptime-kuma.yml
@@ -26,3 +26,6 @@
    - name: Start Uptime Kuma service
      ansible.builtin.command: docker compose -f "{{ uptime_kuma_service_dir }}/docker-compose.yml" up -d
      when: uptime_kuma_compose.changed or uptime_kuma_start | default(false) | bool
  tags:
    - services
    - uptime_kuma
--- a/config/ansible/tasks/servers/services/wireguard/wireguard.yml
+++ b/config/ansible/tasks/servers/services/wireguard/wireguard.yml
@@ -26,3 +26,6 @@
    - name: Start WireGuard service
      ansible.builtin.command: docker compose -f "{{ wireguard_service_dir }}/docker-compose.yml" up -d
      when: wireguard_compose.changed
  tags:
    - services
    - wireguard