/
/
/
This repo is destined for my server automations and setup.
1---
2# Runner Services Playbook
3# Comprehensive deployment for development and media services
4
5# PHASE 1: Setup NAS exports on storage server
6- name: Setup NAS exports for runner services
7 hosts: storage
8 become: yes
9 gather_facts: yes
10
11 vars:
12 # Enable runner exports on NAS
13 nas_enable_runner_exports: true
14
15 pre_tasks:
16 - name: Verify storage server requirements
17 assert:
18 that:
19 - nas_storage_base is defined
20 - ansible_default_ipv4.address is defined
21 fail_msg: "Storage server requirements not met. Check host variables."
22
23 - name: Display NAS export setup information
24 debug:
25 msg: |
26 Setting up NAS exports for runner services on: {{ inventory_hostname }}
27 Storage Base: {{ nas_storage_base }}
28 Runner Host IP: {{ groups['runner_servers'][0] | default('runner host') }}
29
30 Exports to create:
31 - /mnt/rstorage/cctv-data â Frigate video storage
32 - /mnt/rstorage/media/pictures â Immich photo library
33 - /mnt/rstorage/code-repo â Forgejo Git repositories
34 - /mnt/rstorage/registry-data â Harbor container registry
35
36 roles:
37 # Only run NAS role to setup exports
38 - role: nas
39 tags: ['nas', 'nfs-exports']
40
41 post_tasks:
42 - name: Verify NFS exports are active
43 command: exportfs -v
44 register: nfs_export_check
45 changed_when: false
46
47 - name: Display active NFS exports
48 debug:
49 msg: "Active NFS exports:\n{{ nfs_export_check.stdout }}"
50
51# PHASE 2: Deploy runner services
52- name: Runner Services Deployment
53 hosts: runner_servers
54 become: yes
55 gather_facts: yes
56
57 vars:
58 # Override defaults for runner-specific deployment
59 runner_enabled: true
60
61 vars_files:
62 - group_vars/vault.yml
63
64 pre_tasks:
65 - name: Verify runner server requirements
66 assert:
67 that:
68 - runner_docker_base_dir is defined
69 - storage_server_ip is defined
70 - ansible_default_ipv4.address is defined
71 fail_msg: "Runner server requirements not met. Check host variables."
72
73
74 - name: Display runner deployment information
75 debug:
76 msg: |
77 Deploying Runner Services to: {{ inventory_hostname }}
78 IP Address: {{ ansible_default_ipv4.address }}
79 Docker Base: {{ runner_docker_base_dir }}
80 Storage Server: {{ storage_server_ip }}
81 GPU Acceleration: {{ 'Enabled' if gpu_enabled | default(false) else 'Disabled' }}
82
83 Services to Deploy:
84 {% if frigate_enabled | default(true) %}
85 - Frigate CCTV System (Port {{ frigate_web_port | default(5000) }})
86 {% endif %}
87 {% if immich_enabled | default(true) %}
88 - Immich Photo Management (Port {{ immich_server_port | default(2283) }})
89 {% endif %}
90 {% if forgejo_enabled | default(true) %}
91 - Forgejo Git Server (Port {{ forgejo_http_port | default(3010) }})
92 {% endif %}
93 {% if stirling_pdf_enabled | default(true) %}
94 - Stirling-PDF Tools (Port {{ stirling_pdf_port | default(8090) }})
95 {% endif %}
96 {% if tandoor_enabled | default(true) %}
97 - Tandoor Recipe Manager (Port {{ tandoor_port | default(8085) }})
98 {% endif %}
99 {% if ghost_enabled | default(true) %}
100 - Ghost CMS (Port {{ ghost_port | default(2368) }})
101 {% endif %}
102
103 roles:
104 # Core prerequisites
105 - role: user
106 tags: ['core', 'user']
107
108 - role: system
109 tags: ['core', 'system']
110
111 - role: geerlingguy.docker
112 tags: ['core', 'docker']
113
114 - role: geerlingguy.security
115 tags: ['core', 'security']
116
117 - role: gpu
118 when: gpu_enabled | default(false)
119 tags: ['core', 'gpu', 'hardware-acceleration']
120
121 - role: docker-framework
122 tags: ['core', 'docker-setup']
123
124 # Runner-specific services
125 - role: runner
126 tags: ['runner', 'services', 'media', 'development']
127 vars:
128 # Auto-configure hardware acceleration based on gpu_enabled setting
129 frigate_hardware_acceleration: "{{ 'nvenc' if gpu_enabled | default(false) else 'none' }}"
130 immich_hardware_acceleration: "{{ 'nvenc' if gpu_enabled | default(false) else 'none' }}"
131
132 post_tasks:
133 - name: Verify core services are running
134 systemd:
135 name: "{{ item }}"
136 state: started
137 enabled: yes
138 loop:
139 - docker
140 tags: ['verification']
141
142 - name: Verify GPU runtime is available (when GPU role was executed)
143 command: docker run --rm --gpus all nvidia/cuda:12.3-base-ubuntu22.04 nvidia-smi
144 register: gpu_runtime_test
145 changed_when: false
146 failed_when: false
147 when: gpu_enabled | default(false)
148 tags: ['verification', 'gpu-validation']
149
150 - name: Wait for all runner services to be healthy
151 uri:
152 url: "http://{{ ansible_default_ipv4.address }}:{{ item.port }}{{ item.path | default('') }}"
153 method: GET
154 status_code: [200, 302, 401] # Some services redirect or require auth
155 loop:
156 - { port: "{{ frigate_web_port | default(5000) }}", path: "/" }
157 - { port: "{{ immich_server_port | default(2283) }}", path: "/" }
158 - { port: "{{ forgejo_http_port | default(3010) }}", path: "/api/healthz" }
159 - { port: "{{ stirling_pdf_port | default(8090) }}", path: "/" }
160 - { port: "{{ tandoor_port | default(8085) }}", path: "/" }
161 - { port: "{{ ghost_port | default(2368) }}", path: "/" }
162 retries: 12
163 delay: 10
164 when: item.port.split('|')[0] | regex_replace('[^0-9]', '') + '_enabled' | default(true)
165 ignore_errors: yes
166 tags: ['verification', 'health-check']
167
168 - name: Generate runner access summary
169 template:
170 src: "{{ role_path }}/templates/runner-access-summary.txt.j2"
171 dest: "{{ runner_docker_base_dir }}/runner-access-info.txt"
172 owner: "{{ runner_user | default(ansible_user) }}"
173 group: "{{ runner_group | default(ansible_user) }}"
174 mode: '0644'
175 vars:
176 role_path: "roles/runner"
177 tags: ['summary']
178
179 - name: Display deployment completion summary
180 debug:
181 msg: |
182 ð Runner Services Deployment Complete!
183
184 Server: {{ inventory_hostname }} ({{ ansible_default_ipv4.address }})
185 GPU Status: {{ 'NVIDIA GPU Ready' if (gpu_runtime_test.rc | default(1)) == 0 else ('GPU Enabled' if gpu_enabled | default(false) else 'CPU Only') }}
186 Hardware Acceleration: {{ 'NVIDIA (nvenc)' if gpu_enabled | default(false) else 'Disabled (CPU only)' }}
187
188 ð Service Access URLs:
189 {% if frigate_enabled | default(true) %}
190 - Frigate CCTV: http://{{ ansible_default_ipv4.address }}:{{ frigate_web_port | default(5000) }}
191 {% endif %}
192 {% if immich_enabled | default(true) %}
193 - Immich Photos: http://{{ ansible_default_ipv4.address }}:{{ immich_server_port | default(2283) }}
194 {% endif %}
195 {% if forgejo_enabled | default(true) %}
196 - Forgejo Git: http://{{ ansible_default_ipv4.address }}:{{ forgejo_http_port | default(3010) }}
197 {% endif %}
198 {% if stirling_pdf_enabled | default(true) %}
199 - Stirling-PDF: http://{{ ansible_default_ipv4.address }}:{{ stirling_pdf_port | default(8090) }}
200 - PDF API: http://{{ ansible_default_ipv4.address }}:{{ stirling_pdf_api_port | default(8088) }}
201 {% endif %}
202 {% if tandoor_enabled | default(true) %}
203 - Tandoor Recipes: http://{{ ansible_default_ipv4.address }}:{{ tandoor_port | default(8085) }}
204 {% endif %}
205 {% if ghost_enabled | default(true) %}
206 - Ghost CMS: http://{{ ansible_default_ipv4.address }}:{{ ghost_port | default(2368) }}
207 {% endif %}
208
209 ð File Locations:
210 - Docker Configs: {{ runner_docker_base_dir }}
211 - NFS Mounts: /mnt/docker/{frigate,immich,forgejo}
212 - Access Info: {{ runner_docker_base_dir }}/runner-access-info.txt
213 - Health Check: {{ runner_docker_base_dir }}/runner-health-check.sh
214
215 ð§ Management Commands:
216 - Health Check: {{ runner_docker_base_dir }}/runner-health-check.sh
217 - View All Logs: docker compose logs -f (in service directories)
218 - Restart Service: docker compose restart (in specific service directory)
219
220 â¡ Next Steps:
221 1. Configure camera settings in Frigate{% if gpu_enabled | default(false) %} (GPU acceleration enabled){% endif %}
222 2. Set up photo upload in Immich{% if gpu_enabled | default(false) %} (hardware acceleration active){% endif %}
223 3. Create Git repositories in Forgejo
224 4. Configure PDF processing templates
225 5. Import recipes to Tandoor
226 6. Set up Ghost CMS content
227 {% if gpu_enabled | default(false) and not (gpu_runtime_test.rc | default(1)) == 0 %}
228
229 ð§ GPU Configuration Notes:
230 - GPU enabled but runtime test failed
231 - Services configured for CPU fallback
232 - Check GPU driver installation if hardware acceleration needed
233 {% elif gpu_enabled | default(false) and (gpu_runtime_test.rc | default(1)) == 0 %}
234
235 ð GPU Acceleration Active:
236 - NVIDIA runtime validated and working
237 - Frigate and Immich configured for GPU acceleration
238 - Optimal performance for video/photo processing
239 {% endif %}
240 tags: ['always']
241