set static MAC for infra network

deploy_monitoring.yaml

@@ -0,0 +1,5 @@
+- name: Deploy Gitea
+  hosts: monitoring
+  roles:
+    - prometheus
+    - grafana

grafana/tasks/main.yaml

@@ -0,0 +1,26 @@
+- name: Install dependencies
+  become: true
+  ansible.builtin.apt:
+    name: gpg
+    state: latest
+- name: Download Grafana GPG keys
+  become: true
+  ansible.builtin.get_url:
+    url: https://apt.grafana.com/gpg.key
+    dest: /etc/apt/keyrings/grafana.gpg
+- name: Add Grafana repository
+  become: true
+  ansible.builtin.apt_repository:
+    repo: "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main"
+    state: present
+- name: Install Grafana
+  become: true
+  ansible.builtin.apt:
+    name: grafana
+    state: latest
+- name: Start Grafana
+  become: true
+  ansible.builtin.systemd_service:
+    name: grafana-server
+    state: restarted
+    enabled: true

home_assistant.yaml

@@ -0,0 +1,99 @@
+- name: Setup Home Assistant
+  hosts: podman1
+  become: true
+  become_user: root
+  tasks:
+    - name: Pull Home Assistant image
+      containers.podman.podman_image:
+        name: ghcr.io/home-assistant/home-assistant:stable
+    - name: Pull Matter Server image
+      containers.podman.podman_image:
+        name: ghcr.io/matter-js/python-matter-server:stable
+    - name: Pull openthread image
+      containers.podman.podman_image:
+        name: docker.io/openthread/border-router:latest
+    - name: Create network for iot interface
+      containers.podman.podman_network:
+        name: iot
+        interface_name: br5
+        ipam_driver: "dhcp"
+        disable_dns: "true"
+        ipv6: true
+        opt:
+          mode: "unmanaged"
+    - name: Create network for infra interface
+      containers.podman.podman_network:
+        name: infra
+        interface_name: br2
+        ipam_driver: "dhcp"
+        disable_dns: "true"
+        opt:
+          mode: "unmanaged"
+    #- name: Create network for infra interface
+    #  containers.podman.podman_network:
+    #    name: access
+    #    interface_name: br4
+    #    ipam_driver: "dhcp"
+    #    disable_dns: "true"
+    #    opt:
+    #      mode: "unmanaged"
+    - name: Create config directories
+      ansible.builtin.file:
+        path: "{{item}}"
+        state: directory
+      loop:
+        - /var/homeassistant
+        - /var/matter_server
+        - /var/thread_router
+    - name: Create Home Assistant Container
+      containers.podman.podman_container:
+        name: homeassistant
+        image: ghcr.io/home-assistant/home-assistant:stable
+        recreate: true
+        restart_policy: "unless-stopped"
+        hostname: homeassistant1
+        network:
+          - "infra:mac=0a:a1:a2:9a:00:8c"
+          - iot
+        privileged: true
+        state: started
+        volumes:
+          - "/var/homeassistant:/config"
+    - name: Create Matter Server Container
+      containers.podman.podman_container:
+        name: matter
+        image: ghcr.io/matter-js/python-matter-server:stable
+        hostname: matter1
+        recreate: true
+        restart_policy: "unless-stopped"
+        network: host
+        privileged: true
+        state: started
+        volumes:
+          - "/var/matter_server:/data"
+    - name: Create OpenThread container
+      containers.podman.podman_container:
+        name: thread
+        image: docker.io/openthread/border-router:latest
+        hostname: openthread1
+        recreate: true
+        restart_policy: "unless-stopped"
+        network: host
+        cap_add:
+          - NET_ADMIN
+          - NET_RAW
+        device:
+          - "/dev/serial/by-id/usb-Nabu_Casa_ZBT-2_10B41DE60794-if00:/dev/ttyACM5"
+          - "/dev/net/tun"
+        state: started
+        volumes:
+          - "/var/thread_router:/data"
+        env:
+          OT_RCP_DEVICE: "spinel+hdlc+uart:///dev/ttyACM5?uart-baudrate=460800"
+          OT_INFRA_IF: "br5"
+          OT_THREAD_IF: "wpan0"
+          OT_LOG_LEVEL: "7"
+          OT_REST_LISTEN_ADDR: "0.0.0.0"
+          OT_REST_LISTEN_PORT: "8981"
+          OT_WEB_LISTEN_ADDR: "0.0.0.0"
+          OT_WEB_LISTEN_PORT: "8980"

inventory.yaml

@@ -8,7 +8,27 @@ devops_servers:
     devops_1:
       ansible_host: devops-1.malcolms.xyz
 
+hypervisors:
+  hosts:
+    PMX1:
+      ansible_host: 10.2.2.1
+      ansible_user: root
+    PMX2:
+      ansible_host: 10.2.2.2
+      ansible_user: root
+    PMX3:
+      ansible_host: 10.2.2.3
+      ansible_user: root
+
+container_servers:
+  hosts:
+    podman1:
+      ansible_host: podman1.malcolms.xyz
+
 all_servers:
   children:
     minecraft_servers:
     devops_servers:
+  hosts:
+    monitoring:
+      ansible_host: monitoring.malcolms.xyz

modded_minecraft_server/tasks/main.yaml

@@ -1,4 +1,3 @@
-
 - name: Setup directory
   become: true
   become_user: root
@@ -31,7 +30,7 @@
     owner: minecraft
     src: start.sh.j2
     dest: "/var/minecraft/{{mc_instance}}/start.sh"
-    mode: '550'
+    mode: "550"
 - name: Create mods directory
   ansible.builtin.file:
     path: "/var/minecraft/{{mc_instance}}/mods"
@@ -55,6 +54,4 @@
   ansible.builtin.systemd_service:
     name: "minecraft-{{mc_instance}}"
     enabled: true
-    state: started
+    state: restarted
-
-

prometheus/tasks/main.yaml

@@ -0,0 +1,29 @@
+- name: Create Groups
+  become: true
+  ansible.builtin.group:
+    name: prometheus
+    state: present
+- name: Create Users
+  become: true
+  ansible.builtin.group:
+    name: prometheus
+    state: present
+- name: Install Prometheus
+  become: true
+  become_user: root
+  ansible.builtin.apt:
+    name: prometheus
+    state: latest
+- name: Install config
+  become: true
+  become_user: root
+  ansible.builtin.template:
+    src: prometheus.yml.j2
+    dest: "/etc/prometheus/prometheus.yml"
+- name: Start service
+  become: true
+  become_user: root
+  ansible.builtin.systemd_service:
+    name: prometheus
+    enabled: true
+    state: restarted

prometheus/templates/prometheus.yml.j2

@@ -0,0 +1,21 @@
+global:
+  scrape_interval: 5s
+  evaluation_interval: 15s
+
+rule_files:
+  # - "first.rules"
+  # - "second.rules"
+
+scrape_configs:
+  - job_name: prometheus
+    static_configs:
+      - targets: ["localhost:9090"]
+  - job_name: gateway_ucode
+    static_configs:
+      - targets: ["10.1.1.1:9101"]
+  - job_name: gateway_lua
+    static_configs:
+      - targets: ["10.1.1.1:9100"]
+  - job_name: homeassistant
+    static_configs:
+      - targets: ["10.1.3.3"]

setup_minecraft_servers.yaml

@@ -32,8 +32,6 @@
         dest: "lithium.jar"
       - url: https://cdn.modrinth.com/data/P7dR8mSH/versions/gB6TkYEJ/fabric-api-0.140.2%2B1.21.11.jar
         dest: "fabric-api.jar"
-      - url: https://cdn.modrinth.com/data/TLtbk2Er/versions/ysmdOYj0/oxidizium-1.1.3.jar
-        dest: "oxidizium.jar"
     proxy_secret: "AVXMVzev80E6"
   roles:
     - modded_minecraft_server