From 6edff85e3f0782a4a744310aa5da2798200a4c2c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 8 Oct 2025 10:14:20 -0400 Subject: [PATCH] File permission tasks. --- app-configs/rinoa/argus/config.yml.j2 | 337 ------------------ app-configs/rinoa/librechat/librechat.yaml.j2 | 33 -- tar-valon_config_deploy.yml | 13 +- 3 files changed, 10 insertions(+), 373 deletions(-) delete mode 100644 app-configs/rinoa/argus/config.yml.j2 delete mode 100644 app-configs/rinoa/librechat/librechat.yaml.j2 diff --git a/app-configs/rinoa/argus/config.yml.j2 b/app-configs/rinoa/argus/config.yml.j2 deleted file mode 100644 index 5fd260c..0000000 --- a/app-configs/rinoa/argus/config.yml.j2 +++ /dev/null @@ -1,337 +0,0 @@ -settings: - log: - level: INFO - timestamps: true - data: - database_file: data/argus.db - web: - listen_host: 0.0.0.0 - listen_port: 8080 - route_prefix: / - basic_auth: - username: 'admin' - password: "{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['ARGUS_WEB_PASSWORD'] }}" - disabled_routes: [] - favicon: - png: '' - svg: '' -notify: - rinoa-gotify: - type: gotify - url_fields: - Host: gotify - Token: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['ARGUS_WEB_PASSWORD'] }} - params: - Title: Argus @ Rinoa -service: - AdguardTeam/AdGuardHome: - latest_version: - type: github - url: AdguardTeam/AdGuardHome - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://adguard.trez.wtf/control/status" - basic_auth: - username: admin - password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['ADGUARD_PASSWORD'] }} - json: version - regex: v([0-9.]+) - dashboard: - web_url: "https://github.com/AdguardTeam/AdGuardHome/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://avatars.githubusercontent.com/u/8361145?s=200&v=4" - advplyr/audiobookshelf: - latest_version: - type: github - url: advplyr/audiobookshelf - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - method: GET - url: "https://abs.trez.wtf/status" - json: serverVersion - dashboard: - icon: "https://raw.githubusercontent.com/advplyr/audiobookshelf/master/client/static/icon.svg" - web_url: "https://github.com/advplyr/audiobookshelf/releases/tag/v{% raw %}{{ version }}{% endraw %}" - dani-garcia/vaultwarden: - latest_version: - type: github - url: dani-garcia/vaultwarden - deployed_version: - url: "https://bitwarden.trez.wtf/api/version" - regex: ([0-9.]+) - dashboard: - web_url: "https://github.com/dani-garcia/vaultwarden/releases/{% raw %}{{ version }}{% endraw %}" - icon: "https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/src/static/images/vaultwarden-icon.png" - ellite/Wallos: - latest_version: - type: github - url: ellite/Wallos - deployed_version: - method: GET - url: http://wallos.com/api/status/version.php?api_key=xxx - json: version_number - dashboard: - icon: "https://github.com/ellite/Wallos/raw/main/images/siteicons/wallos.png" - web_url: "https://github.com/ellite/Wallos/releases" - FlareSolverr/FlareSolverr: - latest_version: - type: github - url: FlareSolverr/FlareSolverr - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - method: GET - url: "https://flaresolverr.trez.wtf" - json: version - dashboard: - icon: "https://raw.githubusercontent.com/FlareSolverr/FlareSolverr/master/resources/flaresolverr_logo.png" - web_url: "https://github.com/FlareSolverr/FlareSolverr/releases/tag/v{% raw %}{{ version }}{% endraw %}" - go-gitea/gitea: - latest_version: - type: github - url: go-gitea/gitea - url_commands: - - type: regex - regex: v([0-9.]+)$ - require: - regex_content: gitea-{% raw %}{{ version }}{% endraw %}-linux-amd64 - regex_version: ^[0-9.]+[0-9]$ - deployed_version: - url: "https://git.trez.wtf" - regex: 'Powered by Gitea\s+Version:\s+([0-9.]+) ' - dashboard: - web_url: "https://github.com/go-gitea/gitea/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://raw.githubusercontent.com/go-gitea/gitea/main/public/img/logo.png" - gohugoio/hugo: - latest_version: - type: github - url: gohugoio/hugo - url_commands: - - type: regex - regex: v([0-9.]+)$ - require: - regex_content: hugo_{% raw %}{{ version }}{% endraw %}_Linux-64bit\.deb - dashboard: - web_url: "https://github.com/gohugoio/hugo/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://raw.githubusercontent.com/gohugoio/hugo/master/docs/static/img/hugo.png" - gotify/server: - latest_version: - type: github - url: gotify/server - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://gotify.trez.wtf/version" - json: version - dashboard: - web_url: "https://github.com/gotify/server/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://github.com/gotify/logo/raw/master/gotify-logo.png" - hashicorp/vault: - latest_version: - type: github - url: hashicorp/vault - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://vault.trez.wtf/v1/sys/health" - json: version - dashboard: - web_url: "https://github.com/hashicorp/vault/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://raw.githubusercontent.com/hashicorp/vault/main/ui/public/vault-logo.svg" - immich-app/immich: - latest_version: - type: github - url: immich-app/immich - deployed_version: - url: "https://pics.trez.wtf/api/server/about" - json: version - regex: ^v([0-9.]+)$ - headers: - - key: x-api-key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['IMMICH_POWER_TOOLS_KEY'] }} - dashboard: - icon: "https://raw.githubusercontent.com/immich-app/immich/main/web/static/immich-logo.svg" - web_url: "https://github.com/immich-app/immich/releases/tag/v{% raw %}{{ version }}{% endraw %}" - influxdata/influxdb: - latest_version: - type: github - url: influxdata/influxdb - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://influxdb.trez.wtf/health" - json: version - dashboard: - web_url: "https://github.com/influxdata/influxdb/releases/tag/v{% raw %}{{ version }}{% endraw %}" - icon: "https://github.com/influxdata/ui/raw/master/src/writeData/graphics/influxdb.svg" - jellyfin/jellyfin: - latest_version: - type: github - url: jellyfin/jellyfin - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://jellyfin.trez.wtf/System/Info/Public" - json: Version - dashboard: - web_url: "https://github.com/jellyfin/jellyfin/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://avatars.githubusercontent.com/u/45698031?s=200&v=4" - Lidarr/Lidarr: - options: - semantic_versioning: false - latest_version: - type: github - url: Lidarr/Lidarr - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - method: GET - url: "https://lidarr.trez.wtf/api/v1/system/status" - headers: - - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['LIDARR_API_KEY'] }} - json: version - dashboard: - icon: "https://raw.githubusercontent.com/Lidarr/Lidarr/develop/Logo/1024.png" - web_url: "https://github.com/Lidarr/Lidarr/releases/v{% raw %}{{ version }}{% endraw %}" - louislam/uptime-kuma: - latest_version: - type: github - url: louislam/uptime-kuma - deployed_version: - url: "https://status.trez.wtf/metrics" - regex: app_version{version=\"([0-9.]+)\",major=\"[0-9]+\",minor=\"[0-9]+\",patch=\"[0-9]+\"} - dashboard: - web_url: "https://github.com/louislam/uptime-kuma/releases/{% raw %}{{ version }}{% endraw %}" - icon: "https://raw.githubusercontent.com/louislam/uptime-kuma/master/public/icon.png" - morpheus65535/bazarr: - latest_version: - type: github - url: morpheus65535/bazarr - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://bazarr.trez.wtf/api/system/status" - headers: - - key: X-API-KEY - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['BAZARR_API_KEY'] }} - json: data.bazarr_version - dashboard: - web_url: "https://github.com/morpheus65535/bazarr/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://raw.githubusercontent.com/morpheus65535/bazarr/master/frontend/public/images/logo128.png" - n8n-io/n8n: - latest_version: - type: url - url: "https://github.com/n8n-io/n8n/tags" - url_commands: - - type: regex - regex: n8n\%40([0-9.]+) - dashboard: - web_url: "https://github.com/n8n-io/n8n/blob/master/CHANGELOG.md" - icon: "https://raw.githubusercontent.com/n8n-io/n8n-docs/main/docs/_images/n8n-docs-icon.svg" - nextcloud/server: - latest_version: - type: github - url: nextcloud/server - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://cloud.trez.wtf/status.php" - json: versionstring - dashboard: - web_url: "https://nextcloud.com/changelog/" - icon: "https://github.com/nextcloud/server/raw/master/core/img/favicon.png" - Prowlarr/Prowlarr: - options: - semantic_versioning: false - latest_version: - type: github - url: Prowlarr/Prowlarr - url_commands: - - type: regex - regex: v([0-9.]+)$ - use_prerelease: true - deployed_version: - url: "https://prowlarr.trez.wtf/api/v1/system/status" - headers: - - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['PROWLARR_API_KEY'] }} - json: version - dashboard: - web_url: "https://github.com/Prowlarr/Prowlarr/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://avatars.githubusercontent.com/u/73049443?s=200&v=4" - Radarr/Radarr: - options: - semantic_versioning: false - latest_version: - type: github - url: Radarr/Radarr - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - url: "https://radarr.trez.wtf/api/v3/system/status" - headers: - - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['RADARR_API_KEY'] }} - json: version - dashboard: - web_url: "https://github.com/Radarr/Radarr/releases/v{% raw %}{{ version }}{% endraw %}" - icon: "https://avatars.githubusercontent.com/u/25025331?s=200&v=4" - Readarr/Readarr: - options: - semantic_versioning: false - latest_version: - type: github - url: Readarr/Readarr - use_prerelease: true - url_commands: - - type: regex - regex: v([0-9.]+)$ - deployed_version: - method: GET - url: "https://readarr.trez.wtf/api/v1/system/status" - headers: - - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['READARR_API_KEY'] }} - json: version - dashboard: - icon: "https://raw.githubusercontent.com/Readarr/Readarr/develop/Logo/1024.png" - web_url: "https://github.com/Readarr/Readarr/releases/v{% raw %}{{ version }}{% endraw %}" - Sonarr/Sonarr: - options: - semantic_versioning: false - latest_version: - type: url - url: "https://github.com/Sonarr/Sonarr/tags" - url_commands: - - type: regex - regex: \/releases\/tag\/v?([0-9.]+)\" - deployed_version: - url: "https://sonarr.trez.wtf/api/v3/system/status" - headers: - - key: X-Api-Key - value: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token)['secret']['SONARR_API_KEY'] }} - json: version - dashboard: - web_url: "https://sonarr.trez.wtf/system/updates" - icon: "https://raw.githubusercontent.com/Sonarr/Sonarr/develop/Logo/256.png" - release-argus/argus: - latest_version: - type: github - url: release-argus/argus - dashboard: - icon: "https://raw.githubusercontent.com/release-argus/Argus/master/web/ui/react-app/public/favicon.svg" - icon_link-to: "https://release-argus.io" - web_url: "https://github.com/release-argus/Argus/blob/master/CHANGELOG.md" diff --git a/app-configs/rinoa/librechat/librechat.yaml.j2 b/app-configs/rinoa/librechat/librechat.yaml.j2 deleted file mode 100644 index 64f00cb..0000000 --- a/app-configs/rinoa/librechat/librechat.yaml.j2 +++ /dev/null @@ -1,33 +0,0 @@ -version: 1.2.8 -endpoints: - custom: - - name: "rinoa-ollama" - apiKey: "ollama" - baseURL: "http://ollama:11434/v1/chat/completions" - models: - default: [ - "codellama:7b", - "deepseek-coder-v2:16b", - "deepseek-r1:1.5b", - "deepseek-v3:671b", - "dolphin-mistral:7b", - "llama2:7b", - "llama3.3:70b", - "mistral-openorca:7b", - "mistral:7b", - "orca-mini:3b", - "phi4:14b", - "qwen2.5", - "smollm2:1.7b", - "starcoder2:3b", - "tinyllama:1.1b", - ] -# fetching list of models is supported but the `name` field must start -# with `ollama` (case-insensitive), as it does in this example. - fetch: true - titleConvo: true - titleModel: "current_model" - summarize: false - summaryModel: "current_model" - forcePrompt: false - modelDisplayLabel: "Ollama" \ No newline at end of file diff --git a/tar-valon_config_deploy.yml b/tar-valon_config_deploy.yml index 36b7c1e..70b4aaf 100644 --- a/tar-valon_config_deploy.yml +++ b/tar-valon_config_deploy.yml @@ -10,17 +10,24 @@ default_owner: "1000" default_group: "1000" default_mode: "0644" + # file_metadata should be defined in host_vars/.yml: + # file_metadata: + # "configs/serviceA/config.yaml": + # owner: "999" + # group: "999" + # mode: "0640" pre_tasks: - name: Get remote user's UID and GID ansible.builtin.command: "id -u && id -g" register: remote_user_info changed_when: false + ignore_errors: true - name: Set remote user's UID and GID facts ansible.builtin.set_fact: - remote_uid: "{{ remote_user_info.stdout_lines[0] | int }}" - remote_gid: "{{ remote_user_info.stdout_lines[1] | int }}" + remote_uid: "{{ remote_user_info.stdout_lines[0] | default(default_owner) | int }}" + remote_gid: "{{ remote_user_info.stdout_lines[1] | default(default_group) | int }}" - name: Annotate file metadata with become requirement ansible.builtin.set_fact: @@ -97,7 +104,7 @@ {% endfor %} run_once: true - - name: Print concise become true list + - name: Print concise become: true list ansible.builtin.debug: msg: >- Files requiring become=true: