Skip to content

Latest commit

 

History

History
83 lines (63 loc) · 3.06 KB

README.md

File metadata and controls

83 lines (63 loc) · 3.06 KB

Code lint

This is a collection of Ansible roles for free software self-hosting.

This collection mainly targets individuals or eventually small companies, but is done with professional quality standards.

These roles are done with in mind:

  • Up to date and fully featured software.
  • Security.
  • Minimal maintenance.

To achieve well the two first points, Fedora is used as the base OS because it always provides up-to-date versions of software and advanced security feature like SELinux by default. To again improve the security, optional system-wide hardening can be applied and many security-related configurations are available. To achieve the minimal maintenance, auto-updates (with auto-reboot, if required) are set for all packages every day.

Of course, there are always drawbacks with all choices. In that case, it is the risk of an update that breaks something and makes the service unavailable.

If you absolutely require a perfectly stable service with a 99.99% availability, use some other role based on LTS OS and software versions. No guarantee is provided with the use of these roles.

Roles

For more information on roles, please refer to the documentation.

Main roles

  • common: Perform common machine initialisation tasks like configuring: auto-updates, firewall, NTP server, SSH and OS security hardening,...
  • nextcloud: Install a Nextcloud server.
  • musicplayer: Install a standalone music player, by default Lollypop.
  • kodi: Install a Kodi home theater personal computer.
  • mail: Install a mail server using Postfix and Dovecot.
  • mpd: Install a Music Player Daemon server.
  • squid: Install Squid caching proxy server.

The common role is intended to be used with all other roles and may be required by some of them.

Dependencies roles

These roles are used as main roles dependencies, but is it also possible to use them directly:

  • clamav: Install ClamAV antivirus.
  • coturn: Install CoTURN TURN/STUN server.
  • nginx: Install a Nginx web server.
  • postgresql: Install a PostgreSQL database.
  • php_fpm: Install a PHP-FPM server.
  • valkey: Install Valkey in memory data store.
  • rpmfusion: Enable RPMFusion repositories.

Installation

This collection is available on Ansible Galaxy.

ansible-galaxy collection install jgoutin.home

Example Playbook

---
- hosts: all
  become: true
  collections:
    - jgoutin.home
  roles:
    - common
    - kodi