tobi/HomeCloudPlaybooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
HomeCloudPlaybooks/PLAN.md

2.3 KiB
Raw Blame History

Deployment Plan for Home Cloud

1. Goal

The goal is to set up a personal cloud environment on your two hosts, Mulder and Scully. This involves deploying Gitea (a self-hosted Git service) on Mulder, and Keycloak (an identity and access management solution) on Scully. All services should be accessible via HTTPS with Let's Encrypt certificates and subdomain-based routing. We will also set up a WireGuard VPN with a web interface for secure access to your network.

2. Phased Deployment Plan

Phase 1: Network Infrastructure on Scully (Completed)

  • Goal: Deploy the common and network roles on Scully. The network role will set up Nginx Proxy Manager (for HTTPS and subdomain routing) and WireGuard Easy (for VPN with web UI).
  • Host and Role Assignments:
    • Scully: common, podman, network
  • Configuration Files:
    • inventory/hosts.yml: Defines Mulder and Scully, their connection details, and role-specific variables.
    • playbooks/main.yml: Modified to execute the common, podman, and network roles on Scully.
    • group_vars/all.yml: Contains common variables like the domain name and service credentials.
  • Execution Plan:
    1. Run the playbook to deploy the common, podman, and network roles on Scully. (Podman and Portainer are now successfully installed).
    2. After successful execution, verify the network services.

Phase 2: Gitea and Keycloak Deployment (Next)

  • Goal: Deploy Gitea on Mulder and Keycloak on Scully, along with their respective PostgreSQL databases.
  • Host and Role Assignments:
    • Mulder: common, podman, postgres, gitea
    • Scully: common, podman, postgres, keycloak (in addition to network)
  • Dependencies: This phase depends on the successful completion of Phase 1 and the availability of the domain name.
  • Next Steps: Once Phase 1 is complete, we will update the playbooks/main.yml and group_vars/all.yml to include the postgres, gitea, and keycloak roles.

3. What We Still Need

  • Your Domain Name: Please provide the domain name you want to use for your personal cloud (e.g., my-cloud.com). (Already provided as ai-eifel.de).

4. Dry-Run

Dry runs will be performed where appropriate, but direct execution will be used for tasks that require actual changes to the system.