Raspberry-Pi-IaC

Author	SHA1	Message	Date
Thomas Kleinendorst	462e202737	Register actual container as systemd service This service is scoped to the user only but ensures that the container is started on system boot.	2024-04-16 17:04:45 +02:00
Thomas Kleinendorst	6a2c50686b	Use FQDN for inventory file Note the comment, this will only work when the Pi is setup.	2024-04-15 20:56:23 +02:00
Thomas Kleinendorst	77f20aad28	Set hostname in pi-hole container The hostname is reported in the pi-hole dashboard, this looks a bit nicer than a randomly generated id.	2024-04-15 20:56:02 +02:00
Thomas Kleinendorst	606a26a008	Add link for starting containers on system boot As mentioned in the comment; this behavior is different in Podman than how it is in Docker.	2024-04-15 20:35:57 +02:00
Thomas Kleinendorst	16a0dc1e20	Enable all roles	2024-04-15 19:20:57 +02:00
Thomas Kleinendorst	9365ce9258	Fix Podman warnings for sudo login users	2024-04-15 19:01:45 +02:00
Thomas Kleinendorst	f23093d8dc	Add UDP forwarding from Nginx This is working locally, I can resolve addresses. But there still seems to be another problem in that Windows is timing out when setting the Pi as the DNS server.	2024-04-15 10:20:02 +02:00
Thomas Kleinendorst	690b2d56d8	Comment out ufw rules	2024-04-15 09:50:33 +02:00
Thomas Kleinendorst	2502d034d9	Add failing firewall configuration	2024-04-15 09:46:00 +02:00
Thomas Kleinendorst	e06547e25c	Rearange existing roles to make more sense	2024-04-14 12:29:17 +02:00
Thomas Kleinendorst	bec00118c0	Add a non working setup for ip forwarding	2024-04-14 10:58:41 +02:00
Thomas Kleinendorst	abd99b179e	Fix missing git on new install I locked myself out and had to rerun the scripting. It failed on the user role since git wasn't installed. The dependency is now correctly added.	2024-04-13 18:24:49 +02:00
Thomas Kleinendorst	77c9614321	Change actual role user > username	2024-04-13 15:26:58 +02:00
Thomas Kleinendorst	21237b64c0	Install Pi-hole with some existing problems There is an error telling that dnsmasq doesn't start, this might have to do with the user having to be root. The DNS service also isn't exposed yet as it needs some ufw forwarding (there's a TODO in the code mentioning this).	2024-04-13 15:26:45 +02:00
Thomas Kleinendorst	22376928e2	Fix invalid variable naming for user role According to the linter variables used within rules should start with the role's prefix.	2024-04-13 13:54:49 +02:00
Thomas Kleinendorst	6c0425418e	Install actual on Raspberry Pi	2024-04-12 13:34:45 +02:00
Thomas Kleinendorst	64fa1562dd	Add whitelist for squashfs filesystem	2024-04-12 12:21:45 +02:00
Thomas Kleinendorst	c7a20e14a1	Add certbot installation with root cert renew	2024-04-12 11:49:45 +02:00
Thomas Kleinendorst	a08eb939b6	Install Nginx (with default page running)	2024-04-12 09:33:14 +02:00
Thomas Kleinendorst	3ba044d1a2	Extract cloudflare_ddns user to a variable	2024-04-12 09:10:43 +02:00
Thomas Kleinendorst	5c5f1e4a93	Add timestamp to public IP change log file	2024-04-12 08:48:32 +02:00
Thomas Kleinendorst	04671f7d31	Add DDNS service to the Pi	2024-04-12 08:39:41 +02:00
Thomas Kleinendorst	04c8038733	Improve some minor parts of the code	2024-04-11 11:13:29 +02:00
Thomas Kleinendorst	90855de87a	Update custom user role	2024-04-11 10:39:03 +02:00
Thomas Kleinendorst	fb017565f4	Add user creation for ddns script	2024-04-10 20:09:34 +02:00
Thomas Kleinendorst	f29cd352bd	Move ddns scripting to new role	2024-04-10 20:08:19 +02:00
Thomas Kleinendorst	47e5cb4062	Allow multiple domain ddns updates	2024-04-10 19:29:40 +02:00
Thomas Kleinendorst	ca501f9b26	Print server response on Cloudflare errors	2024-04-10 19:20:36 +02:00
Thomas Kleinendorst	d88904e105	Split Python methods in own files	2024-04-10 19:14:52 +02:00
Thomas Kleinendorst	6409f8c31c	Add address change logging to ddns script	2024-04-10 18:33:26 +02:00
Thomas Kleinendorst	d1cf27d277	Properly add hostname and FQDN	2024-04-10 17:53:34 +02:00
Thomas Kleinendorst	8d27bd892c	Add TODO stub of Pi Hole setup See the TODO comment in /roles/pi-hole/tasks/main.yml. We'll probably need to install other software first.	2024-04-10 16:56:01 +02:00
Thomas Kleinendorst	bb8d31c555	Add ansible.cfg with vault functionality	2024-04-10 16:08:08 +02:00
Thomas Kleinendorst	a19763d154	Add documentation on ZSH setup	2024-04-10 15:35:48 +02:00
Thomas Kleinendorst	acb1e34b5c	Move zsh tasks to a new role	2024-04-10 15:29:17 +02:00
Thomas Kleinendorst	8d92b97aa3	Ignore .vscode/settings.json	2024-04-09 21:49:52 +02:00
Thomas Kleinendorst	f20f3aba24	Add scripting for installing and configuring zsh	2024-04-09 20:17:25 +02:00
Thomas Kleinendorst	3a0e231bf3	Configure the SSH hardening role This one is also disabled since it's not super useful to run more than once. This role however doesn't report changes on reruns (as we've seen for the os_hardening role).	2024-04-09 17:57:38 +02:00
Thomas Kleinendorst	ce995083c6	Add and configure OS hardening role This role was run but is commented out as rerunning it shouldn't add much whilst also being a time hog.	2024-04-09 17:49:51 +02:00
Thomas Kleinendorst	7a42119d1a	Update apt as first step in playbook	2024-04-09 17:12:27 +02:00
Thomas Kleinendorst	511de6edfd	Add a simple playbook for testing	2024-04-09 17:03:04 +02:00
Thomas Kleinendorst	a0cb9b0024	Add final step for seting up public keys	2024-04-09 15:53:31 +02:00
Thomas Kleinendorst	13530f01b1	Add Raspberry Pi setup instructions	2024-04-09 15:46:40 +02:00
Thomas Kleinendorst	f3677cd314	Add test for existing DNS entry The actions will only be performed now when the record actually needs to be changed.	2024-04-07 23:40:58 +02:00
Thomas Kleinendorst	ef1dd3f49b	Add launch.json configuration	2024-04-07 23:17:35 +02:00
Thomas Kleinendorst	785bd92402	Add DDNS script	2024-04-07 23:17:22 +02:00
Thomas Kleinendorst	dd6d352513	Add environmental prerequisites to readme	2024-04-07 13:20:46 +02:00
Thomas Kleinendorst	2adf1ae6bd	Add Ansible installation instructions	2024-04-07 13:04:03 +02:00
Thomas Kleinendorst	2df5772b07	Update README.md with distro/wsl info	2024-04-07 12:48:11 +02:00
Thomas Kleinendorst	ca5e0cdd16	Initial commit	2024-04-07 12:37:40 +02:00

50 commits