/
/
/
This repo is destined for my server automations and setup.
1---
2# Runner Services Playbook
3# Comprehensive deployment for development and media services
4
5# PHASE 1: Setup NAS exports on storage server
6- name: Setup NAS exports for runner services
7 hosts: storage
8 become: yes
9 gather_facts: yes
10
11 vars:
12 # Enable runner exports on NAS
13 nas_enable_runner_exports: true
14
15 pre_tasks:
16 - name: Verify storage server requirements
17 assert:
18 that:
19 - nas_storage_base is defined
20 - ansible_default_ipv4.address is defined
21 fail_msg: "Storage server requirements not met. Check host variables."
22
23 - name: Display NAS export setup information
24 debug:
25 msg: |
26 Setting up NAS exports for runner services on: {{ inventory_hostname }}
27 Storage Base: {{ nas_storage_base }}
28 Runner Host IP: {{ groups['runner_servers'][0] | default('runner host') }}
29
30 Exports to create:
31 - /mnt/rstorage/cctv-data â Frigate video storage
32 - /mnt/rstorage/media/pictures â Immich photo library
33 - /mnt/rstorage/code-repo â Forgejo Git repositories
34 - /mnt/rstorage/registry-data â Harbor container registry
35
36 roles:
37 # Only run NAS role to setup exports
38 - role: nas
39 tags: ['nas', 'nfs-exports']
40
41 post_tasks:
42 - name: Verify NFS exports are active
43 command: exportfs -v
44 register: nfs_export_check
45 changed_when: false
46
47 - name: Display active NFS exports
48 debug:
49 msg: "Active NFS exports:\n{{ nfs_export_check.stdout }}"
50
51# PHASE 2: Deploy runner services
52- name: Runner Services Deployment
53 hosts: runner_servers
54 become: yes
55 gather_facts: yes
56
57 vars:
58 # Override defaults for runner-specific deployment
59 runner_enabled: true
60
61 pre_tasks:
62 - name: Verify runner server requirements
63 assert:
64 that:
65 - runner_docker_base_dir is defined
66 - storage_server_ip is defined
67 - ansible_default_ipv4.address is defined
68 fail_msg: "Runner server requirements not met. Check host variables."
69
70
71 - name: Display runner deployment information
72 debug:
73 msg: |
74 Deploying Runner Services to: {{ inventory_hostname }}
75 IP Address: {{ ansible_default_ipv4.address }}
76 Docker Base: {{ runner_docker_base_dir }}
77 Storage Server: {{ storage_server_ip }}
78 GPU Acceleration: {{ 'Enabled' if gpu_enabled | default(false) else 'Disabled' }}
79
80 Services to Deploy:
81 {% if frigate_enabled | default(true) %}
82 - Frigate CCTV System (Port {{ frigate_web_port | default(5000) }})
83 {% endif %}
84 {% if immich_enabled | default(true) %}
85 - Immich Photo Management (Port {{ immich_server_port | default(2283) }})
86 {% endif %}
87 {% if forgejo_enabled | default(true) %}
88 - Forgejo Git Server (Port {{ forgejo_http_port | default(3010) }})
89 {% endif %}
90 {% if stirling_pdf_enabled | default(true) %}
91 - Stirling-PDF Tools (Port {{ stirling_pdf_port | default(8090) }})
92 {% endif %}
93 {% if tandoor_enabled | default(true) %}
94 - Tandoor Recipe Manager (Port {{ tandoor_port | default(8085) }})
95 {% endif %}
96 {% if ghost_enabled | default(true) %}
97 - Ghost CMS (Port {{ ghost_port | default(2368) }})
98 {% endif %}
99
100 roles:
101 # Core prerequisites
102 - role: user
103 tags: ['core', 'user']
104
105 - role: system
106 tags: ['core', 'system']
107
108 - role: geerlingguy.docker
109 tags: ['core', 'docker']
110
111 - role: geerlingguy.security
112 tags: ['core', 'security']
113
114 - role: gpu
115 when: gpu_enabled | default(false)
116 tags: ['core', 'gpu', 'hardware-acceleration']
117
118 - role: docker-framework
119 tags: ['core', 'docker-setup']
120
121 # Runner-specific services
122 - role: runner
123 tags: ['runner', 'services', 'media', 'development']
124 vars:
125 # Auto-configure hardware acceleration based on gpu_enabled setting
126 frigate_hardware_acceleration: "{{ 'nvenc' if gpu_enabled | default(false) else 'none' }}"
127 immich_hardware_acceleration: "{{ 'nvenc' if gpu_enabled | default(false) else 'none' }}"
128
129 post_tasks:
130 - name: Verify core services are running
131 systemd:
132 name: "{{ item }}"
133 state: started
134 enabled: yes
135 loop:
136 - docker
137 tags: ['verification']
138
139 - name: Verify GPU runtime is available (when GPU role was executed)
140 command: docker run --rm --gpus all nvidia/cuda:12.3-base-ubuntu22.04 nvidia-smi
141 register: gpu_runtime_test
142 changed_when: false
143 failed_when: false
144 when: gpu_enabled | default(false)
145 tags: ['verification', 'gpu-validation']
146
147 - name: Wait for all runner services to be healthy
148 uri:
149 url: "http://{{ ansible_default_ipv4.address }}:{{ item.port }}{{ item.path | default('') }}"
150 method: GET
151 status_code: [200, 302, 401] # Some services redirect or require auth
152 loop:
153 - { port: "{{ frigate_web_port | default(5000) }}", path: "/" }
154 - { port: "{{ immich_server_port | default(2283) }}", path: "/" }
155 - { port: "{{ forgejo_http_port | default(3010) }}", path: "/api/healthz" }
156 - { port: "{{ stirling_pdf_port | default(8090) }}", path: "/" }
157 - { port: "{{ tandoor_port | default(8085) }}", path: "/" }
158 - { port: "{{ ghost_port | default(2368) }}", path: "/" }
159 retries: 12
160 delay: 10
161 when: item.port.split('|')[0] | regex_replace('[^0-9]', '') + '_enabled' | default(true)
162 ignore_errors: yes
163 tags: ['verification', 'health-check']
164
165 - name: Generate runner access summary
166 template:
167 src: "{{ role_path }}/templates/runner-access-summary.txt.j2"
168 dest: "{{ runner_docker_base_dir }}/runner-access-info.txt"
169 owner: "{{ runner_user | default(ansible_user) }}"
170 group: "{{ runner_group | default(ansible_user) }}"
171 mode: '0644'
172 vars:
173 role_path: "roles/runner"
174 tags: ['summary']
175
176 - name: Display deployment completion summary
177 debug:
178 msg: |
179 ð Runner Services Deployment Complete!
180
181 Server: {{ inventory_hostname }} ({{ ansible_default_ipv4.address }})
182 GPU Status: {{ 'NVIDIA GPU Ready' if (gpu_runtime_test.rc | default(1)) == 0 else ('GPU Enabled' if gpu_enabled | default(false) else 'CPU Only') }}
183 Hardware Acceleration: {{ 'NVIDIA (nvenc)' if gpu_enabled | default(false) else 'Disabled (CPU only)' }}
184
185 ð Service Access URLs:
186 {% if frigate_enabled | default(true) %}
187 - Frigate CCTV: http://{{ ansible_default_ipv4.address }}:{{ frigate_web_port | default(5000) }}
188 {% endif %}
189 {% if immich_enabled | default(true) %}
190 - Immich Photos: http://{{ ansible_default_ipv4.address }}:{{ immich_server_port | default(2283) }}
191 {% endif %}
192 {% if forgejo_enabled | default(true) %}
193 - Forgejo Git: http://{{ ansible_default_ipv4.address }}:{{ forgejo_http_port | default(3010) }}
194 {% endif %}
195 {% if stirling_pdf_enabled | default(true) %}
196 - Stirling-PDF: http://{{ ansible_default_ipv4.address }}:{{ stirling_pdf_port | default(8090) }}
197 - PDF API: http://{{ ansible_default_ipv4.address }}:{{ stirling_pdf_api_port | default(8088) }}
198 {% endif %}
199 {% if tandoor_enabled | default(true) %}
200 - Tandoor Recipes: http://{{ ansible_default_ipv4.address }}:{{ tandoor_port | default(8085) }}
201 {% endif %}
202 {% if ghost_enabled | default(true) %}
203 - Ghost CMS: http://{{ ansible_default_ipv4.address }}:{{ ghost_port | default(2368) }}
204 {% endif %}
205
206 ð File Locations:
207 - Docker Configs: {{ runner_docker_base_dir }}
208 - NFS Mounts: /mnt/docker/{frigate,immich,forgejo}
209 - Access Info: {{ runner_docker_base_dir }}/runner-access-info.txt
210 - Health Check: {{ runner_docker_base_dir }}/runner-health-check.sh
211
212 ð§ Management Commands:
213 - Health Check: {{ runner_docker_base_dir }}/runner-health-check.sh
214 - View All Logs: docker compose logs -f (in service directories)
215 - Restart Service: docker compose restart (in specific service directory)
216
217 â¡ Next Steps:
218 1. Configure camera settings in Frigate{% if gpu_enabled | default(false) %} (GPU acceleration enabled){% endif %}
219 2. Set up photo upload in Immich{% if gpu_enabled | default(false) %} (hardware acceleration active){% endif %}
220 3. Create Git repositories in Forgejo
221 4. Configure PDF processing templates
222 5. Import recipes to Tandoor
223 6. Set up Ghost CMS content
224 {% if gpu_enabled | default(false) and not (gpu_runtime_test.rc | default(1)) == 0 %}
225
226 ð§ GPU Configuration Notes:
227 - GPU enabled but runtime test failed
228 - Services configured for CPU fallback
229 - Check GPU driver installation if hardware acceleration needed
230 {% elif gpu_enabled | default(false) and (gpu_runtime_test.rc | default(1)) == 0 %}
231
232 ð GPU Acceleration Active:
233 - NVIDIA runtime validated and working
234 - Frigate and Immich configured for GPU acceleration
235 - Optimal performance for video/photo processing
236 {% endif %}
237 tags: ['always']
238