This is a collection of Ansible roles for Debian-based systems.
These are based on my own personal needs, and the needs of projects that I contribute to. Consequently, the selection of choices is still quite limited, but it will grow.
-
common - Configuration common to most Debian systems
Configures APT sources and preferences, but can also configure some hardware and system aspects of a target.
-
apache2 - Apache 2.x web server
Performs installation and basic configuration of the Apache 2 web server, including management of Let's Encrypt certificates.
-
approx - APT cache server
Sets up an APT cache server using approx.
-
debci_master - debci master server
Configures a host to server as the master within a debci CI instance. The master queues tests, collects results from workers, and published them via a web application.
-
debci_worker - debci worker
Configures a host to serve as a worker within a debci CI instance. A worker reads and executes jobs queued by the debci master.
-
rabbitmq - RabbitMQ server
Configures a host to run as a RabbitMQ server.
-
reprepro - reprepro APT repository
Sets up a reprepro repository, to which selected users can upload. The repository is made available via http/s, including signed Release files.
-
wireguard - WireGuard VPN
Configures a host for participation in a WireGuard VPN, including network interface and peer management.
If you want to use Ansible Vault together with a GnuPG-encrypted passphrase,
a helper is provided. You'll need to create the
file local/vault-passphrase.gpg
first. See bin.
Some roles may need custom certificates to communicate via TLS. To this end, the pki/ contains a utility and an OpenSSL configuration for quickly creating CA, server, and client certificates.