sascha/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

dns_resolver role, update-dns script, dns-deploy playbook, inventory updates

Browse source
This commit is contained in:
sascha 2026-04-03 19:42:50 +02:00
parent 152edb8345
commit 1509daad4c
26 changed files with 780 additions and 176 deletions
Download patch file Download diff file Expand all files Collapse all files

12
.kiro/context.md Normal file
View file

@ -0,0 +1,12 @@
# Kiro Kontext
Lies bei jeder neuen Session die Dokumentation:
- Lokale Doku: /app-config/kiro/doku/ (Markdown Dateien)
- Outline Wiki: http://10.1.1.100:3000 (API Key: ol_api_SzwSzFyxmK3Ff0FmQpAegdGC2rMaglJMTUcz2d)
- API Keys: /app-config/kiro/api/
Wichtige Regeln:
- NIEMALS Caddy, FRP oder Emby Container ohne Rücksprache ändern
- Compose-Dateien nie programmatisch überschreiben (yaml.dump etc.)
- .env Dateien NIEMALS in Git pushen
- Volumes immer unter /app-config/ — keine Docker Volumes

7
.kiro/settings/mcp.json Normal file
View file

@ -0,0 +1,7 @@
{
"mcpServers": {
"dockhand": {
"url": "http://10.4.1.116:8090/mcp"
}
}
}

11
dns-deploy.yml Normal file
View file

@ -0,0 +1,11 @@
---
- name: Deploy DNS resolver
hosts: all
become: true
gather_facts: true
pre_tasks:
- name: Gather package facts
package_facts:
manager: auto
roles:
- dns_resolver

6
docker-only.yml Normal file
View file

@ -0,0 +1,6 @@
---
- name: Docker auf automation1
hosts: automation1
become: yes
roles:
- docker

314
group_vars/all/vault.yml
View file

@ -1,154 +1,162 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
37383338316537366564323266376164623232323230633861636534373236633035333436336531 33363735653463326135306635613338363139363261663666346366616362363165626366303433
3937336563656166653061636538613331373166326137640a623362646631373264663939613436 3065653039376539346434383066366235663239643634660a626662633936626438653063643235
34343939636538383462316532656134396665616438336465366162643230353065343838366638 63343962626666643739373037626532353764323836383634373066313937366330356130646664
3934303464616538640a396337363262333135376264353736623734643836393632373730663864 3130646436343839620a323662653634393531663139613530663635363065343630666238353037
37346536623736663063623739323166636438643666366438356565343464306335343738373165 30643663346539336636366331376439653433383131353764373930326663663062663534376562
64393961636664306134313432393864393435616161383437363865663036386164613265383038 35656332356230633935303030313761316263663132623839386265326566663131333235333864
38633839373936366138306631336534666537376239323463653339366334623931356638373733 33323236663965366561366564373339646162636664366130336663383566376461356562336232
63366138303131363139666239616538313236353365356533653763326435313634613538626433 64626461363237363634633862363162643630353566333033313864326464326134623265633433
61623630326434336238646666373834386138623636313636613735616662323661303933623366 34343963306133353632323833323634653633366362613236633564366265323261323332613665
31303466306530646563626437623063356363303963393131646135323731373931326333613535 62663137316564353531643964336435333137373137663839653233663066303037343737326337
61376234643131356163643837663437396632306266623339336166623534646630623234316539 65313639363831643032646230666430303938313739316266313562613965326463643438326266
64373165343137343165366238656130663630343935333966386462373266313430623736333565 39353139303436653662653666663864643164326138303138386637636362373662343235636635
34666265383434646361306436306538383336303539316538656461656266633339663861613663 62393561376434363563643538353766646230393466653830646234333830383233316161356432
34303133613036643066396562613564353432613632366165613163313634643534396263393336 34323435316235396437313466363434373036613966343539303538363330356161376333343833
37373366623133366236613734623238363261363430613537613063613062356136373766653734 32303265353566343436313932623462333132373732343433643835386232386463663638303564
36313136383635343931376638613664373635633963626331366162313033356564333862666264 30353564353439353863393238386234633332396539323239393966386465313039646231323631
64653435393437353961656136363763363730373063313938386538323365303761616232656566 37353131396136356530353132396561623635623932333465346364343332306639326538366134
32313666366334346336383038383531656165333935636139346662633066643936323636306639 63366661326537393461353233616466383930343338326666646364623163663236663966643462
34346661303666656562373538313334303331383365366638326166333665326365363765316136 38633965636335626339613565313832343363343338353564663933636330353738656562373230
30336237613631366463383237366564333738316461653234373232623564326566363064666437 33346261323166346430356131356134346565383766333363303539623731376335346337666637
35663932326638613837306132636166356463353830396131663537313366633938633438383435 32393365636436353062653534613432373566636239316264613930366264323037353033663330
35376132313539333431666362376465336538383561356539313362616632363736343162316435 39616265633332366331303264656333663637316139336436303430343061646435353162313666
39653932623861363965626661393536346536356562343233306235396334353762333765363039 39643433633133653436393931343361613264346433306164646566383934623861363330633037
32303536613137633430333132346263323563363030353664653830646333326231313566363432 37353436666336386432386636353166623232636361306436326461663562666366363738353062
32623336643236356336323332363636323632326537636234623062343365643736373230616336 30633233396139303933363231646266383263393562383066373838336339616464663933346166
33363765363832333532633337373062303431343837346137626336363763636566633363656539 63376634323964623939643331626534376332633761323334643162643137623138376435363665
64653562333834346437383861323731653737356235383533363863646564636437616633363664 65346430656331316131656534356235356536663435636235643130396135383134313138346461
30366564623662383563663731366362353135623135663336343032316232643435373137353639 64376338303332633661323337313564303238353236393438656366663736313839383263313466
32303438363038616662636561393866653032333364623735376637396466373439646137646632 62353032636534663134633430646634353835666639653539623533326434663534653962336539
31313431616263396231383232646237663465333265366636373035633632303033323633323533 34393739386538663234666233353434393436626266366365316433373230666236386131313361
30343737626265353364623839336162643733616631323238663732373830643531646136306133 33633538616239383035336532343835333366313538306161626364343838326335336535616363
37656130393736663437656139643138363933363636643831373230623437653465666637326438 65323033363664633031643230653434626335643462303436326635323764663165366332636438
33393665336330333332323739383539353030323633343237376230333232633231393265373633 61383735663639633333343131336263663539373064303035323131303931313738373135303663
61343666663536613332386562663338333263366235353834393262373161346437633639643063 64323130356431316464343536613461363665366165386666663130323733623831313164383035
64613661636562333564376639646564623331656265323430313034326235323837353035656338 39336137613730303366386131393436316232343665623433306632373363633636373564393033
30336463353766633862663039636133326665326532613231666561653466616364333338656264 38633238306262666233373565396434636433346633633231663361313836343633613533613831
30393731373665333461346232313865376261393561323435626562316630633735396536366636 30666639666234656434666332313962333465356632626531326264663631373935386534323466
36636339353637636335376630343139303064336132373063643665333136383739313833386439 38323931653734626533663834646534313364386561623561303839383235643835666232383563
32353034653430323766303238336130306130353830356230623232356236393336373536346530 30383764373932666162623634333536646437386162666161633238343162396563316132373530
32393461656439643431313461316266313861303435613431313231353663393236663962393262 64356661613632333839316136636232666337633964613238356134356236656630616232323966
31346233356534653261386465323036616138623534313730616435356434386231383533376663 63643363326364336432306364326435323437336535626165396632336537626435663265363633
63303134643232663966613638386566386566333165623938313962313934373039613433643265 35306134613437306432396664633137616534633739396531636539363864326134656266613535
32613465383830343930373037643330613136633735306664613664303833633234636661376364 38366232646137383762636265343531333162356165663137326162663066316331313139393364
63303764386261336162666161393030363064613934373439383133363364306331353962363733 33326661616135313432653732653633313736383238666439626265346632663539396464653038
37366261623532613636353933623662336539363239653266646664353637663139393366663063 32626431373966626437666261623535323333376330363861393633316335313465363065386565
63333564313733313561666531663463386438366638343333363363383963373930323435656264 35313130633335343033663733393361343163376339353136646337636665633161363833326664
39616364626630653163613961366566386132643666663637336136663730346234323063626334 35303762393530613033343163393732633235306162636337616264366164366662336665396264
62313134383966336538393432313035326333666330346464653233306466346232323931356237 65366362373134396539663964343635643462306561366138313735623832636437343364303336
34343365303262616333383932393966303931653561336161663836623231653432633063336333 64666261386431616537373063386431643461636535626637326131363933313163373961336639
65636134653835616437626339393962356563633431396666353933623263316333366131356135 64633231633361613662396462323635333131363031616163393262346236303734656439353164
32323832346266613939373931646535666131303739323162646338363166313163653938376534 39376461353035326562653362316231623633666336656362653234393337663031353638363233
37336438613862643261613636356663333933633331616566653934376435633163353931383736 39323433373839663930623336623065613562633433313464656333323431306461636366303637
66653134626564653862653030393563363736326439653263306432346665356337306239633031 32383236626536333562363861323166313837336338653834376362643734666663656262633236
39306331346164633431343133346361636431356435626564313137666134653035633063383764 35663439373337336265626136656465613230626135313334363264623366323938383434656431
30633964326163326439393333666130366161306465643362336332393130303638353936346232 37636334376164643438353633633136616563636362643135666161343938366362336362626162
39663065663936613234373461613966303036383334653031646638633261386364636539366465 36303262356231303031616363656335663935353064316463613936366166623838316561623165
37326237353736626532303637346537663931626530623333613039313330306263653933636130 61303936363065373331613362353130656362313736336539636462653864376432356238653836
37363032633865623734656238323433353533663734343139663037343236343365333462353738 33393436623361616431623461656430363932636531363730666565613235393639626535366565
39643634316165396437313738373464613731323931656162366564396539643135613731643339 37393564353333656332303733643861653563353166623561386661356366393833643033666330
62373731613432653238613264323238393835663566396230393431363139306437666664303938 64613838306530383232653866356538333966643365393936316662616564353738623332316364
65663839663365303533376439323332323236643366333437326261396433623265653130643263 36633730636537373764643130363335643038366265623965613530623534316461653865363135
33333637303235383836356333623739646366393062316534336637333463643735333038373663 38663236376536356561323139666566363733356639653035393263363634396333306336623566
37333561663065363737363762643736633165636165393663323366343038386332333531653064 66313433366461303432373565656431336666346363633836316131343061613230653034343366
62663934346435386665363766633665643362366363666332613139613938313432376130336361 62633534353834396536643437363239393032663731613933646536623534396234343130666335
61613531376637636439386235646666373761353139613335393232353066306633313262343633 38356435613636306234333433306632343461643531383931313438616461306136363665386139
30323435326632643064373063346439666439643465313264353862636362663237386165646130 36363736376462336463643364626130636364643834386164636630366436366439373739386666
64326562336362386439353434313364343365323238653762313364633538656635346264303864 34353866633764663039326639656436353663376463303363363835336630653332376339376439
65616632376564356162616165616436653037616437666631303066383434346165316532613630 37346337623261333030633532616366343436653337386136303431633264666136613432383337
36363039633633343662303435383730646363373836656635313731376337313130346163333535 39353039373934393836636361643839626132383636663766666265316534656562633232303430
36393135306433633964373961613930653339303563393766303833376165626265323130313561 34353266343530333261386139636166656165366666323735373065353339363039636262373434
65656562663461356631626362323966396133383933393632386365336566373731623131376162 39376437333339626237636335383762613761653062636366393465376561653639623332393736
62313663373430383137306338643032656630613936636462633732336637363762323031343665 33313236326564616437633034333833333461643336353339626639646631306632376133306263
32356166373537343765653437333866323861633136613238663639376332363430623634636462 37326462643863373436656662306266633633643133663064616639303062373939346366393164
33323232663566633736366336396566303762343531343334376464666462653333356336333163 31303732656436383439623462633566633763356663643937343431626234656638396461363062
66623434316630343036383330383531333961313132313566396261326663353661636532313636 62633039663237613237663965393861343537646634623633396531383430376133633338383035
62663537363338386639396630356264303733356538366131643562373730373961333736656464 61353736313138656366343139316133363265386466356430656133346439636462303431393132
31343538383836353262653233383134343063366534343136646162623637393030633133316533 34636436366435363531653463353634376232363331656530393665376363343339623337373737
61643135626666623539613131663537353139376634356266363537326534656339353265636130 61316132616566643665303934396364656265316462303834393165653238656232613963336635
30623233393031323132383233376463316639616132333035643332386232663331326162316332 36633363373966616163643563393532303466643763666532396138383837643664303662396162
32303437653431626633643336613463373036393530663662336537663239656137306565653265 37323932623935373761653066343465393262373130626536613030383630323534333434656638
66613362396331376135336561613633666565363863363930383433393136626332383838356439 37346163376130363739636663666438373837303961313163613935666136303063616665363931
38343136353934386530343538646339323137343431353032386537653330656637343465323839 36306138383634333433333061393930383861346330613438663838643966613134613839336232
63323262303839303261336566386663316334363366346661323131376138626338633435623331 64313834316663396236393531653139336238376433623466653538343766656462613635313639
38643933663134303131373535376636323739333463383834343930336363346435376232363835 66336666663432663264323732333035373636633139336566656231663932393436393232373530
61636165316131623032393234333163643764663539633632393236636232356264623964333732 63373564353765323930356633306262333639313162333730636562373333613538656462653164
32653331313930636366323361346437303465646631623431313332336164303537326535393538 38626336323937333632626135333836316238313433653462356666636565666438623139626635
37623264376530663661613530643731336134626533383134356366393036343133326137396630 35383835613135376663643837376466363739356635343432643830396239373963353564356631
33326536643233346466663931386432653762613639333230663466393662386361663131633563 62333837626164643465333062626437653231653665313631303163643239393563363763653839
62393137643732623566613266323964663431303638663132636633373161333831613134633334 33356261616530363337313763373833623661396336303937663339616131646139333162356235
35383763363366366439396332613534356339326633393830333131333632396233306430343237 39653830303061626262666533643937646137653764363432666263653839363132336366643236
63303264396166393433366464303566316233393335396333393337363933373933343663663332 66363434343561343730343432636437396439343231613736353135366436666437646238393439
66323232626538366433303334633532393465356166333530376230363032323936353666636362 62643561363133316333386334393434313162613438373561373032393661656431313031356232
61363861626562373735633135366333363564663163626434643632323033306561616566396633 33353933393638366139323330306536333038623631393439623432383831653163626631336362
30393766613134316431363364336661323231313361636634326566363139343139623334613366 65313832633863643135633962626265363331623163666666373233393937646562383863343436
35653730626531366634636361393564366564656634303237653565663361343736313263636362 63663535346233363762316461303730623965353130616134643031396438646634663632313162
37316366363965616237306139326338663965373737383066326464383435393039646232303934 31336566386435666661373533393534613735633437656336303862343234316437613262353235
36633836383565643737396234343930323034376664653639393337363330636466626437623636 64336438353564373230663964346637363532313262666334353039633662653663633038623163
30643136323432653733363765363638363065656261383034663837616534346234356462346163 39633533383635366466633137396565373138303736353936613465393238633864383761316639
37316365343762306332313235373565663166316337383938613061666330383030666238343965 35366466366465316136313233336134363463323966636134353135306435323533303865353062
63313534383135306133663336343939386464636530636535666432393433346664656663623338 32383739396533353236376363306364343932303566353835646130646361376335336438643339
30666630633963303663336433303932366339613736636436373464383266636165666335613430 63376337626532663163323762623232666166653935633035313964356438663136353335386665
30343839346262356435393065383434353832623134333535646365353739336638396337356534 30613164613337326164373132616562393038613134373863643633303465336466653331633964
65356366656264373638343863353461383835363135306332636635376131346334613138653665 33616666623935643264313533373662373838653739386536316135323737653934386438356435
31336536656664346465343331643936666636346439353339373433643033363530343430313032 39646632353330303065343733626461386430363734383031386631306435383038373561373935
32343531306537313238623962366666623735613730663463643339323363613434633861343435 38373466303738326337376130343631333833313932353337363332643235636262393564383363
35353737646631376435343932613834363031643939363761633339333633633062383835613131 63356335613638663536303539643234633338346665386539656636653964303536396438313861
34326131373866333832343133616136306462663230386564306439376137373734326134306139 35316562383230646365656466616635313061326566373937353438316435613430313266393830
31326662346134316465616237353530356266356163366237626530343334316566353532653236 31306636393239363837346430666163653231333831336433373462376538656534336639313965
63656261366639323535396165366466306631616665336632396236313437623734643138333764 35383465326161336237333466376461323263353933646664336163353636396165383261316638
31643935643339306462646338343135663730656563373630303731623739663134373438613438 61303730656562393661626134356365323936323334373634383831393130383162313833653162
35666635336465616161653462393537363463366437313135343163386331363830663964373236 37616136666263353164333738363135313832376337336234353362656465663031663865633662
37356661336135343231326634343232643261386263373161303564623762353061306431313730 62663563313835633965376665333933636639326137376436343865356239356232316262393066
36346332346566636565356334653036633639323935386635656331626139316565323935343032 31623239616532343338333037323835383732643933396334623432643336646130336436326565
37666135396631616536643434663935613031643731313631393837313061303963626333343632 65303638653434366437316530633361383066356338363736343266636165306365336338323137
31356164376566656230393637626539666331653063373539333638643236616432343761636663 36383364393762643938643263303532386263323766376136666531633635356665613133313766
39646632333035303263663665623833613763656337616163663164303330323861366135373862 33366563663161653531373865636232386330303638626332623637616133376433386364323063
33346262643636316263383162366430393362626563613737636663366230636162633730383866 64353632303365616266343933366161613533333865373835303136363133653464656536623435
37643161306561613164656638623630333262336632313032313832396436636438663063323862 34393136363661383432366161326564636634376664336632326439303862383832363861306135
35376335346164333932383438376538663162393831323761313031643834303065663831633766 32343636383366616133343637616432383965323434626165626337643036613037326234356463
33386565353565616264386639303463306333396365303764613139326634356438663265373731 63653734396261373164663165323436363336363034646130316330363764396536646433356562
32383435383537353431656536383835396432356366623136353566333631306334643061313232 34373936393636393730336433633037623065636339653432343564376233373535633231343961
38323834633466613739393535633066333861343036633137396435303632636636306661356461 64613662323336386361376264646333303362656265663366306664326337326663663432333136
63646662646233303637326437366633633632623366393630396136633934636435376262323631 65636263636166356335343034346631386337323461336164623839653738666337383565653161
39323237383561313364373331396337356137656233633433646361333063633161666631636364 63326366393034353866343037393333363838616363666132353239393866613232396462343166
34653865383462663165313431373865393938653431396563373832313962616564366439373336 30326162343632616135346534366561353039323361333764633833646466323439373530366539
33303931386363333163666262323832353261386161393462643965333535326636656564383361 38323138653437623436313931663930353134613130613962643263313131353433316533613032
62396662656531626566633239383639363962353463623733616566623639323966613636373364 30323333363162326239326531663266326666613835363836383965316136356231313332383361
35653866656262346238363062353461336136666161386531666134383964626639346132663766 36663135653963326530623532666564623737326435616466656431323539313064393034616130
37333862666366336135373238326335356561366534323139653832353733313364333666383132 62376463306234636362616663323362393464353930383439666134383731323637643739613937
36353436343266346534393563366662623639626132393864653935356437356430356130623130 38643130396466623533383839623161343431323563373866386465303035366330646336326633
63323137663336393633386431643635666661646330356539306161313336376434646434343165 34303664613736323963663838346633613831653265316430353233363464356663323661336234
36653739393861353732613932333430373165633433646133363632303766353263643932626365 36316536633130643662623939333836333837643466616236316439623465323761633031623565
31376261616235343765393737313535616166353961393634386135613636613761623064386334 31346437323239613663356234353930343737343233393532666638346637336137323034613036
32326230373566616639663531336235336234313661323365343432623066613536616131343136 33363535303562366562646463653339326336326666303233316238323833313865666334356663
34643362643932393966393632666264623636313461383534333332623739646433383233383136 32376233393166373563363766313237616137386566353863393734323166343761353338343538
65313965376134323834393539333932643366666535666163363261613866373463653137383931 65633630303038303635653336376661303166623232346564313035623239656433626434323733
65623864326339353162663464643061653931396133393465313133353861333733373237646362 35346662633734393161303836633236376634303437366339613139656534303433353666643135
63663861643539336132306439303963323735643333393563343165626338663233366262386439 65643334383538306666616665386536303463323933623364633262396432346437336363346335
63313335383864663231373066653035343664656430313432376137623031626538663039613737 34666331623732643666313835306134653961373865373435623361363236393833383062303136
66633938353131656566623134323039363764396136303937333536386434663732343533643666 63353238663864613634326330363131376334353132326434393538316562666238386238353533
30306566363138363836663532663932346435353861663466336461333534636464313333663364 63666533303534616661623165643965613630646231323230306264306165643236613666366333
62363436336662386666396565623831366333353765646362373534323334633536663462646432 35653562376537636234373834613065313836636230306438633265303037306535326164633564
39323865613063313034616239666534343435623166313534323136663838316137623862663863 33346666366637383232613265643261623864333034643735653961613437313761383934633261
65393661636430616165656638646335313732656264326638643830663533626135323934303639 33313163326263646434323365316164363466316364393130333734616562353063356562373138
31383535383538343834303533313961353737346665663161613261383538333162376430316438 39326630626133396338366539373666303334323634343962623531393664653866323436653139
36303963346465316434633263616230633137353633393865393431326361393964366565386235 31326464343566383562336130616462346135343931343663373836643434346331616465353038
37366531336138653238653161666232303966326664643663613464306138333935663462313165 34333161373461353765336339323830356265663865626634616466313965623663663664653733
66396533343134616261663465373533333039393630656363663363643632646463626638346138 30323230336562303535366138356337373038363864383631313333386165383138643866636463
31303865333239353533323838363663343961643035343638306339306134396530623631333762 61316230396531616333373037646165653431363464393236313463343936313533363665616366
39333064646134386634643964656636626161366566343934626134666332356636343733623363 66353539393135306135363664346630356462313932353166313635336638363137366438353964
66393332633639383236653433616633316538396436343839396538633637333239346238376262 31323632326638363431356234653262656539326262313563316631343636643339326130373330
65373538656363373333323663623361366261613035393565656663646561313936643633363632 32326163616332623862343734326432333865626432653736346565613832616438386331323439
3565 62626332366261646539646631336466396135363033373735303663366162656636663664653963
31363036336637626563336138336161333032336535653462316639383761386436386138373637
35666534336237366139393039333235326662653337626435396131363837383933653632333634
32663037623534373737656265633530663933356563343262356234343363343437313135306132
39353134373733323430313736653239653531373333343632373133363534616561343731353832
37353235653134346138313830336566633732346135356339333637643166643866353832306630
33356432326466343166373132376339313338623761326338646163383664313237346135613261
39393636646530343636376638666234363562356365626366666536376566643339346135623736
66633265303733656633623232303330333161616563393034333633613237646663

10
group_vars/proxmox/borg.yml
View file

@ -1,2 +1,10 @@
--- ---
backup_source: "/etc/pve /etc/network /etc/wireguard /etc/crontab /etc/fstab /etc/systemd/system/ /etc/iptables /etc/telegraf" backup_sources:
- /etc/pve
- /etc/network
- /etc/wireguard
- /etc/crontab
- /etc/fstab
- /etc/systemd/system
- /etc/iptables
- /etc/telegraf

8
host_vars/immich/sshfs.yml Normal file
View file

@ -0,0 +1,8 @@
---
sshfs_mounts:
- src: "u457772@u457772.your-storagebox.de:immich"
dest: /storagebox
port: 23
identity_file: /root/.ssh/id_borg
uid: 1000
gid: 1000

3
host_vars/node2/tdarr.yml Normal file
View file

@ -0,0 +1,3 @@
---
# Tdarr Cleanup: Ordner < 50MB in complete/ und converted/ löschen
tdarr_cleanup_cron: true

2
host_vars/outline/vars.yml Normal file
View file

@ -0,0 +1,2 @@
---
ansible_become_method: sudo

13
pfannkuchen.ini
View file

@ -32,10 +32,10 @@ openclaw ansible_host=10.4.1.100
monitoring ansible_host=10.1.1.111 monitoring ansible_host=10.1.1.111
automation ansible_host=10.1.1.115 automation ansible_host=10.1.1.115
automation1 ansible_host=10.5.85.5 automation1 ansible_host=10.5.85.5
outline ansible_host=10.1.1.100
[communication] [communication]
matrix ansible_host=10.4.1.110 matrix ansible_host=10.4.1.110
pihole ansible_host=10.1.1.10
[hetzner] [hetzner]
pfannkuchen ansible_host=159.69.245.190 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519 pfannkuchen ansible_host=159.69.245.190 ansible_user=root ansible_ssh_private_key_file=~/.ssh/id_ed25519
@ -85,3 +85,14 @@ proxmox
hetzner hetzner
# Credentials liegen in group_vars/ (nicht im INI, da kein Jinja2-Support) # Credentials liegen in group_vars/ (nicht im INI, da kein Jinja2-Support)
[kubernetes]
kube-ctrl ansible_host=10.3.1.100
kube-work1 ansible_host=10.3.1.101
kube-work2 ansible_host=10.3.1.102
[kubernetes:vars]
ansible_user=sascha
ansible_become=true
ansible_ssh_extra_args='-o StrictHostKeyChecking=no'

16
pfannkuchen.sh
View file

@ -20,8 +20,10 @@ usage() {
echo -e " ${C}passthrough${N} [host] GPU PCI Passthrough vorbereiten" echo -e " ${C}passthrough${N} [host] GPU PCI Passthrough vorbereiten"
echo -e " ${C}telegraf${N} [host] Telegraf Monitoring deployen" echo -e " ${C}telegraf${N} [host] Telegraf Monitoring deployen"
echo -e " ${C}wstunnel${N} [host] wstunnel + WireGuard deployen" echo -e " ${C}wstunnel${N} [host] wstunnel + WireGuard deployen"
echo -e " ${C}sshfs${N} [host] SSHFS Mounts einrichten"
echo -e " ${C}tune${N} <host> Sysctl Netzwerk-Tuning" echo -e " ${C}tune${N} <host> Sysctl Netzwerk-Tuning"
echo -e " ${C}pvetune${N} [host] Proxmox Host Tuning (sysctl, resolv, hosts)" echo -e " ${C}pvetune${N} [host] Proxmox Host Tuning (sysctl, resolv, hosts)"
echo -e " ${C}pveexporter${N} [host] PVE Exporter (Prometheus Metriken)"
echo -e " ${C}update${N} [host] Dist-Upgrade (default: alle Hosts)" echo -e " ${C}update${N} [host] Dist-Upgrade (default: alle Hosts)"
echo -e " ${C}list${N} Inventory anzeigen" echo -e " ${C}list${N} Inventory anzeigen"
echo -e " ${C}ping${N} [host] Erreichbarkeit testen" echo -e " ${C}ping${N} [host] Erreichbarkeit testen"
@ -73,6 +75,13 @@ case "$CMD" in
[ -z "$HOST" ] && echo -e "${R}Fehler: Host angeben${N}" && exit 1 [ -z "$HOST" ] && echo -e "${R}Fehler: Host angeben${N}" && exit 1
run hawser.yml -l "$HOST" run hawser.yml -l "$HOST"
;; ;;
sshfs)
if [ -n "$HOST" ]; then
run sshfs.yml -l "$HOST"
else
run sshfs.yml
fi
;;
tune) tune)
[ -z "$HOST" ] && echo -e "${R}Fehler: Host angeben${N}" && exit 1 [ -z "$HOST" ] && echo -e "${R}Fehler: Host angeben${N}" && exit 1
run sysctl.yaml -l "$HOST" run sysctl.yaml -l "$HOST"
@ -84,6 +93,13 @@ case "$CMD" in
run sysctl-proxmox.yaml run sysctl-proxmox.yaml
fi fi
;; ;;
pveexporter)
if [ -n "$HOST" ]; then
run pve-exporter.yml -l "$HOST"
else
run pve-exporter.yml
fi
;;
pve) pve)
if [ -n "$HOST" ]; then if [ -n "$HOST" ]; then
run pve-postinstall.yml -l "$HOST" run pve-postinstall.yml -l "$HOST"

6
pve-exporter.yml Normal file
View file

@ -0,0 +1,6 @@
---
- name: PVE Exporter Setup
hosts: proxmox
become: yes
roles:
- pve_exporter

333
rke2-cluster.yml Normal file
View file

@ -0,0 +1,333 @@
---
# ============================================================
# RKE2 HA-Cluster Installation
# kube-ctrl (10.3.1.100) - erster Server
# kube-work1 (10.3.1.101) - zweiter Server
# kube-work2 (10.3.1.102) - dritter Server
# ============================================================
- name: "Phase 1 Basis-Vorbereitung auf allen Nodes"
hosts: kubernetes
become: true
vars:
rke2_token: "pfannkuchen-rke2-2026"
rke2_server1: "kube-ctrl"
rke2_server1_ip: "10.3.1.100"
tasks:
- name: /etc/hosts alle Cluster-Nodes eintragen
blockinfile:
path: /etc/hosts
marker: "# {mark} KUBERNETES CLUSTER"
block: |
10.3.1.100 kube-ctrl
10.3.1.101 kube-work1
10.3.1.102 kube-work2
- name: Swap deaktivieren (sofort)
command: swapoff -a
changed_when: false
- name: Swap permanent deaktivieren (fstab)
replace:
path: /etc/fstab
regexp: '^([^#].*\sswap\s.*)$'
replace: '# \1'
- name: Kernel-Parameter für Kubernetes setzen
copy:
dest: /etc/sysctl.d/99-kubernetes.conf
content: |
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
- name: br_netfilter Modul permanent laden
copy:
dest: /etc/modules-load.d/k8s.conf
content: |
br_netfilter
- name: br_netfilter Modul jetzt laden
modprobe:
name: br_netfilter
state: present
- name: sysctl neu laden
command: sysctl --system
changed_when: false
- name: Longhorn Abhängigkeiten installieren
apt:
name:
- open-iscsi
- nfs-common
- cryptsetup
- dmsetup
state: present
update_cache: true
- name: iscsi_tcp Modul persistent laden
copy:
dest: /etc/modules-load.d/longhorn.conf
content: "iscsi_tcp\n"
- name: iscsi_tcp Modul jetzt laden
modprobe:
name: iscsi_tcp
state: present
- name: open-iscsi Service starten
systemd:
name: open-iscsi
state: started
enabled: true
- name: RKE2 installieren
shell: curl -sfL https://get.rke2.io | sh -
args:
creates: /usr/local/bin/rke2
- name: RKE2 config-Verzeichnis anlegen
file:
path: /etc/rancher/rke2
state: directory
mode: '0755'
- name: config.yaml - erster Server kube-ctrl OHNE server-Zeile
copy:
dest: /etc/rancher/rke2/config.yaml
content: |
tls-san:
- kube-ctrl
- kube-work1
- kube-work2
- 10.3.1.100
- 10.3.1.101
- 10.3.1.102
kube-apiserver-arg:
- "service-node-port-range=1-32767"
cni: none
disable: rke2-ingress-nginx
token: {{ rke2_token }}
when: inventory_hostname == 'kube-ctrl'
- name: config.yaml - weitere Server MIT server-Zeile
copy:
dest: /etc/rancher/rke2/config.yaml
content: |
server: https://kube-ctrl:9345
tls-san:
- kube-ctrl
- kube-work1
- kube-work2
- 10.3.1.100
- 10.3.1.101
- 10.3.1.102
kube-apiserver-arg:
- "service-node-port-range=1-32767"
cni: none
disable: rke2-ingress-nginx
token: {{ rke2_token }}
when: inventory_hostname != 'kube-ctrl'
- name: kubectl Symlink erstellen
file:
src: /var/lib/rancher/rke2/bin/kubectl
dest: /usr/local/bin/kubectl
state: link
force: true
- name: "Phase 2 Ersten Server starten"
hosts: kube-ctrl
become: true
tasks:
- name: RKE2-Server auf kube-ctrl starten und enablen
systemd:
name: rke2-server
state: started
enabled: true
- name: Warten bis kubeconfig vorhanden ist (max 5 min)
wait_for:
path: /etc/rancher/rke2/rke2.yaml
timeout: 300
- name: Warten bis API-Server erreichbar ist
wait_for:
host: 127.0.0.1
port: 6443
timeout: 300
- name: Kubeconfig für root anlegen
shell: |
mkdir -p /root/.kube
cp /etc/rancher/rke2/rke2.yaml /root/.kube/config
args:
creates: /root/.kube/config
- name: Kubeconfig für sascha anlegen
shell: |
mkdir -p /home/sascha/.kube
cp /etc/rancher/rke2/rke2.yaml /home/sascha/.kube/config
chown -R sascha:sascha /home/sascha/.kube
args:
creates: /home/sascha/.kube/config
- name: Cilium CLI installieren
shell: |
CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt)
curl -L --fail --remote-name-all \
https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-amd64.tar.gz
tar xzvf cilium-linux-amd64.tar.gz -C /usr/local/bin
rm -f cilium-linux-amd64.tar.gz
args:
creates: /usr/local/bin/cilium
- name: Cilium installieren
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
cilium install \
--set kubeProxyReplacement=true \
--set k8sServiceHost=kube-ctrl \
--set k8sServicePort=6443 \
--set operator.replicas=1
args:
creates: /usr/local/bin/cilium-installed-marker
register: cilium_install_result
changed_when: "'already installed' not in cilium_install_result.stdout"
- name: Warten bis kube-ctrl Ready ist (Cilium braucht ~2 min)
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
kubectl wait node kube-ctrl --for=condition=Ready --timeout=300s
register: node_ready
retries: 3
delay: 30
- name: Helm installieren
shell: curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
args:
creates: /usr/local/bin/helm
- name: "Phase 3 Weitere Server joinen"
hosts: kube-work1,kube-work2
become: true
serial: 1 # nacheinander starten!
tasks:
- name: RKE2-Server starten und enablen
systemd:
name: rke2-server
state: started
enabled: true
- name: 45 Sekunden warten damit der Node dem Cluster beitreten kann
pause:
seconds: 45
- name: "Phase 4 Cluster-Tools installieren (auf kube-ctrl)"
hosts: kube-ctrl
become: true
tasks:
- name: Alle 3 Nodes auf Ready warten
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
kubectl wait nodes --all --for=condition=Ready --timeout=300s
retries: 5
delay: 30
register: all_ready
until: all_ready.rc == 0
- name: Kubeconfig für sascha aktualisieren (alle Nodes jetzt bekannt)
shell: |
mkdir -p /home/sascha/.kube
cp /etc/rancher/rke2/rke2.yaml /home/sascha/.kube/config
chown -R sascha:sascha /home/sascha/.kube
- name: Longhorn Helm Repo hinzufügen
shell: |
helm repo add longhorn https://charts.longhorn.io
helm repo update
changed_when: false
- name: Longhorn installieren
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
helm install longhorn longhorn/longhorn \
--namespace longhorn-system \
--create-namespace \
--version 1.11.1
register: longhorn_result
failed_when:
- longhorn_result.rc != 0
- '"already exists" not in longhorn_result.stderr'
changed_when: '"already exists" not in longhorn_result.stderr'
- name: Cert-Manager installieren
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
helm install cert-manager oci://quay.io/jetstack/charts/cert-manager \
--version v1.20.0 \
--namespace cert-manager \
--create-namespace \
--set crds.enabled=true
register: cm_result
failed_when:
- cm_result.rc != 0
- '"already exists" not in cm_result.stderr'
changed_when: '"already exists" not in cm_result.stderr'
- name: Reloader Helm Repo hinzufügen
shell: |
helm repo add stakater https://stakater.github.io/stakater-charts
helm repo update
changed_when: false
- name: Reloader installieren
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
helm install reloader stakater/reloader \
-n stakater-reloader \
--create-namespace
register: rl_result
failed_when:
- rl_result.rc != 0
- '"already exists" not in rl_result.stderr'
changed_when: '"already exists" not in rl_result.stderr'
- name: NGINX Ingress Helm Repo hinzufügen
shell: |
helm repo add nginx-stable https://helm.nginx.com/stable
helm repo update
changed_when: false
- name: NGINX Ingress Controller installieren
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
helm install nginx-ingress nginx-stable/nginx-ingress \
--namespace nginx-ingress \
--create-namespace
register: nginx_result
failed_when:
- nginx_result.rc != 0
- '"already exists" not in nginx_result.stderr'
changed_when: '"already exists" not in nginx_result.stderr'
- name: Finaler Cluster-Status
shell: |
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
echo "=== NODES ===" && kubectl get nodes -o wide
echo "=== NAMESPACES ===" && kubectl get ns
echo "=== STORAGECLASS ===" && kubectl get sc
register: final_status
changed_when: false
- name: Cluster-Status ausgeben
debug:
msg: "{{ final_status.stdout_lines }}"

3
roles/borg/defaults/main.yml
View file

@ -1,5 +1,6 @@
--- ---
backup_source: /app-config backup_sources:
- /app-config
borg_ssh_key: /root/.ssh/id_borg borg_ssh_key: /root/.ssh/id_borg
borg_passphrase: "{{ vault_borg_passphrase }}" borg_passphrase: "{{ vault_borg_passphrase }}"
borg_repo: "ssh://storagebox/home/{{ inventory_hostname }}" borg_repo: "ssh://storagebox/home/{{ inventory_hostname }}"

37
roles/borg/tasks/main.yml
View file

@ -1,7 +1,9 @@
--- ---
- name: Borg installieren - name: Borg und borgmatic installieren
apt: apt:
name: borgbackup name:
- borgbackup
- borgmatic
state: present state: present
update_cache: yes update_cache: yes
@ -44,24 +46,29 @@
failed_when: borg_init.rc != 0 and 'already exists' not in borg_init.stderr failed_when: borg_init.rc != 0 and 'already exists' not in borg_init.stderr
changed_when: borg_init.rc == 0 changed_when: borg_init.rc == 0
- name: Passphrase-Datei deployen - name: borgmatic Config-Verzeichnis
copy: file:
dest: /root/.borg-passphrase path: /etc/borgmatic
content: "{{ borg_passphrase }}" state: directory
mode: '0400'
- name: Backup-Script deployen
template:
src: borg-backup.sh.j2
dest: /usr/local/bin/borg-backup.sh
mode: '0700' mode: '0700'
- name: borgmatic Config deployen
template:
src: borgmatic.yml.j2
dest: /etc/borgmatic/config.yaml
mode: '0600'
- name: Altes Backup-Script entfernen
file:
path: /usr/local/bin/borg-backup.sh
state: absent
- name: Systemd Timer Unit - name: Systemd Timer Unit
copy: copy:
dest: /etc/systemd/system/borg-backup.timer dest: /etc/systemd/system/borg-backup.timer
content: | content: |
[Unit] [Unit]
Description=Borg Backup Timer Description=Borgmatic Backup Timer
[Timer] [Timer]
OnCalendar=*-*-* 03:00:00 OnCalendar=*-*-* 03:00:00
@ -76,13 +83,13 @@
dest: /etc/systemd/system/borg-backup.service dest: /etc/systemd/system/borg-backup.service
content: | content: |
[Unit] [Unit]
Description=Borg Backup Description=Borgmatic Backup
After=network-online.target After=network-online.target
Wants=network-online.target Wants=network-online.target
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/usr/local/bin/borg-backup.sh ExecStart=/usr/bin/borgmatic --verbosity 1
Nice=19 Nice=19
IOSchedulingClass=idle IOSchedulingClass=idle

3
roles/dns_resolver/handlers/main.yml Normal file
View file

@ -0,0 +1,3 @@
---
- name: update resolvconf
command: resolvconf -u

24
roles/dns_resolver/tasks/main.yml Normal file
View file

@ -0,0 +1,24 @@
---
- name: Set DNS resolver (resolvconf)
copy:
content: |
nameserver 10.5.85.5
nameserver 1.1.1.1
dest: /etc/resolvconf/resolv.conf.d/head
mode: '0644'
when: ansible_facts.packages is defined and 'resolvconf' in ansible_facts.packages
notify: update resolvconf
- name: Set DNS resolver (direct)
copy:
content: |
nameserver 10.5.85.5
nameserver 1.1.1.1
dest: /etc/resolv.conf
mode: '0644'
when: ansible_facts.packages is not defined or 'resolvconf' not in ansible_facts.packages
- name: Gather package facts
package_facts:
manager: auto
when: ansible_facts.packages is not defined

4
roles/pve_exporter/defaults/main.yml Normal file
View file

@ -0,0 +1,4 @@
---
pve_exporter_port: 9221
pve_exporter_user: "{{ vault_pve_exporter_user | default('root@pam') }}"
pve_exporter_password: "{{ vault_pve_exporter_password | default('') }}"

6
roles/pve_exporter/handlers/main.yml Normal file
View file

@ -0,0 +1,6 @@
---
- name: pve_exporter neustarten
systemd:
name: pve-exporter
state: restarted
daemon_reload: true

49
roles/pve_exporter/tasks/main.yml Normal file
View file

@ -0,0 +1,49 @@
---
- name: pip installieren
apt:
name: python3-pip
state: present
- name: pve_exporter installieren
pip:
name: prometheus-pve-exporter
state: present
extra_args: --break-system-packages
- name: Config-Verzeichnis
file:
path: /etc/pve_exporter
state: directory
mode: '0700'
- name: Config deployen
template:
src: pve.yml.j2
dest: /etc/pve_exporter/pve.yml
mode: '0600'
notify: pve_exporter neustarten
- name: Systemd Service
copy:
dest: /etc/systemd/system/pve-exporter.service
content: |
[Unit]
Description=Prometheus PVE Exporter
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/pve_exporter --config.file /etc/pve_exporter/pve.yml --web.listen-address 0.0.0.0:{{ pve_exporter_port }}
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.target
notify: pve_exporter neustarten
- name: Service aktivieren und starten
systemd:
name: pve-exporter
enabled: true
state: started
daemon_reload: true

4
roles/pve_exporter/templates/pve.yml.j2 Normal file
View file

@ -0,0 +1,4 @@
default:
user: {{ pve_exporter_user }}
password: {{ pve_exporter_password }}
verify_ssl: false

10
roles/sshfs_mount/defaults/main.yml Normal file
View file

@ -0,0 +1,10 @@
---
sshfs_mounts: []
# Beispiel:
# sshfs_mounts:
# - src: "u457772@u457772.your-storagebox.de:immich"
# dest: /storagebox
# port: 23
# identity_file: /root/.ssh/id_borg
# uid: 1000
# gid: 1000

29
roles/sshfs_mount/tasks/main.yml Normal file
View file

@ -0,0 +1,29 @@
---
- name: sshfs installieren
apt:
name: sshfs
state: present
update_cache: yes
- name: Mount-Verzeichnisse anlegen
file:
path: "{{ item.dest }}"
state: directory
loop: "{{ sshfs_mounts }}"
- name: fstab Einträge
lineinfile:
path: /etc/fstab
regexp: ".*{{ item.dest }}.*fuse.sshfs.*"
line: "{{ item.src }} {{ item.dest }} fuse.sshfs port={{ item.port }},IdentityFile={{ item.identity_file }},uid={{ item.uid }},gid={{ item.gid }},allow_other,reconnect,ServerAliveInterval=15,ServerAliveCountMax=3,_netdev,noauto,x-systemd.automount 0 0"
state: present
loop: "{{ sshfs_mounts }}"
- name: systemd reload für automount
systemd:
daemon_reload: true
- name: Mounts aktivieren
shell: "mountpoint -q {{ item.dest }} || mount {{ item.dest }}"
loop: "{{ sshfs_mounts }}"
changed_when: false

11
roles/telegraf/tasks/main.yml
View file

@ -1,9 +1,11 @@
--- ---
- name: InfluxData GPG Key hinzufuegen - name: InfluxData GPG Key hinzufuegen
get_url: shell: |
url: https://repos.influxdata.com/influxdata-archive_compat.key gpg --keyserver keyserver.ubuntu.com --recv-keys DA61C26A0585BD3B 2>/dev/null
dest: /etc/apt/keyrings/influxdata-archive-keyring.gpg gpg --export DA61C26A0585BD3B > /etc/apt/keyrings/influxdata-archive-keyring.gpg
mode: "0644" chmod 644 /etc/apt/keyrings/influxdata-archive-keyring.gpg
args:
creates: /etc/apt/keyrings/influxdata-archive-keyring.gpg
- name: InfluxData Repo hinzufuegen - name: InfluxData Repo hinzufuegen
copy: copy:
@ -15,7 +17,6 @@
- name: Apt Cache aktualisieren - name: Apt Cache aktualisieren
apt: apt:
update_cache: yes update_cache: yes
when: influx_repo.changed
- name: Telegraf installieren - name: Telegraf installieren
apt: apt:

29
scripts/update-dns.sh Executable file
View file

@ -0,0 +1,29 @@
#!/bin/bash
# Generiert /etc/dnsmasq.hosts aus dem Ansible Inventory
# Usage: ./update-dns.sh [--apply]
INI="/app-config/ansible/pfannkuchen.ini"
OUT="/etc/dnsmasq.hosts"
TMP=$(mktemp)
echo "# Auto-generated from pfannkuchen.ini" > "$TMP"
echo "# $(date)" >> "$TMP"
grep "ansible_host=" "$INI" | while read line; do
name=$(echo "$line" | awk '{print $1}')
ip=$(echo "$line" | grep -oP 'ansible_host=\K[0-9.]+')
[ -n "$ip" ] && echo "$ip $name" >> "$TMP"
done
if [ "$1" = "--apply" ]; then
sudo cp "$TMP" "$OUT"
sudo systemctl restart dnsmasq
COUNT=$(grep -cP '^\d' "$OUT")
echo "${COUNT} Hosts → dnsmasq aktualisiert"
else
echo "Preview:"
cat "$TMP"
echo ""
echo "→ Mit --apply übernehmen"
fi
rm -f "$TMP"

6
sshfs.yml Normal file
View file

@ -0,0 +1,6 @@
---
- name: SSHFS Mounts einrichten
hosts: all
become: yes
roles:
- sshfs_mount