ilia/ansible
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add POTE app project support and improve IP conflict detection #3

Merged
ilia merged 6 commits from add-pote-support into master 2026-01-01 11:19:54 -05:00
Conversation 0 Commits 6 Files Changed 50 +89 -13
2 changed files with 89 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 38e1f9e86a - Show all commits

80
.gitea/workflows/ci.yml
View File

@ -8,7 +8,69 @@ on:
types: [opened, synchronize, reopened] types: [opened, synchronize, reopened]
jobs: jobs:
# Check if CI should be skipped based on branch name or commit message
skip-ci-check:
runs-on: ubuntu-latest
outputs:
should-skip: ${{ steps.check.outputs.skip }}
steps:
- name: Check out code (for commit message)
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Check if CI should be skipped
id: check
run: |
# Centralized skip patterns - add more here as needed
SKIP_PATTERNS="skip-ci,no-ci,skip ci,[skip ci],[ci skip]"
# Get branch name (works for both push and PR)
# For PRs, GITHUB_HEAD_REF contains the branch name
BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}"
# Get commit message (works for both push and PR)
# Try multiple sources for commit message
COMMIT_MSG="${GITHUB_EVENT_HEAD_COMMIT_MESSAGE:-}"
if [ -z "$COMMIT_MSG" ]; then
# For PRs, try pull request head commit
COMMIT_MSG="${GITHUB_EVENT_PULL_REQUEST_HEAD_COMMIT_MESSAGE:-}"
fi
if [ -z "$COMMIT_MSG" ]; then
# Fallback: try to get from git log (requires checkout)
COMMIT_MSG=$(git log -1 --pretty=%B 2>/dev/null || echo "")
fi
SKIP=0
# Check branch name (case-insensitive)
for pattern in $(echo $SKIP_PATTERNS | tr ',' ' '); do
if echo "$BRANCH_NAME" | grep -qi "$pattern"; then
echo "Skipping CI: branch name contains '$pattern'"
SKIP=1
break
fi
done
# Check commit message (case-insensitive)
if [ $SKIP -eq 0 ] && [ -n "$COMMIT_MSG" ]; then
for pattern in $(echo $SKIP_PATTERNS | tr ',' ' '); do
if echo "$COMMIT_MSG" | grep -qi "$pattern"; then
echo "Skipping CI: commit message contains '$pattern'"
SKIP=1
break
fi
done
fi
echo "skip=$SKIP" >> $GITHUB_OUTPUT
echo "Branch: $BRANCH_NAME"
echo "Commit: ${COMMIT_MSG:0:50}..."
echo "Skip CI: $SKIP"
lint-and-test: lint-and-test:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
# Skip push events for non-master branches (they'll be covered by PR events) # Skip push events for non-master branches (they'll be covered by PR events)
if: github.event_name == 'pull_request' || github.ref == 'refs/heads/master' if: github.event_name == 'pull_request' || github.ref == 'refs/heads/master'
@ -29,6 +91,8 @@ jobs:
continue-on-error: true continue-on-error: true
ansible-validation: ansible-validation:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
# Skip push events for non-master branches (they'll be covered by PR events) # Skip push events for non-master branches (they'll be covered by PR events)
if: github.event_name == 'pull_request' || github.ref == 'refs/heads/master' if: github.event_name == 'pull_request' || github.ref == 'refs/heads/master'
@ -65,6 +129,8 @@ jobs:
continue-on-error: true continue-on-error: true
secret-scanning: secret-scanning:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: zricethezav/gitleaks:latest image: zricethezav/gitleaks:latest
@ -83,6 +149,8 @@ jobs:
continue-on-error: true continue-on-error: true
dependency-scan: dependency-scan:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: aquasec/trivy:latest image: aquasec/trivy:latest
@ -98,6 +166,8 @@ jobs:
run: trivy fs --scanners vuln,secret --exit-code 0 . run: trivy fs --scanners vuln,secret --exit-code 0 .
sast-scan: sast-scan:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: ubuntu:22.04 image: ubuntu:22.04
@ -121,6 +191,8 @@ jobs:
continue-on-error: true continue-on-error: true
license-check: license-check:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: node:20-bullseye image: node:20-bullseye
@ -141,6 +213,8 @@ jobs:
continue-on-error: true continue-on-error: true
vault-check: vault-check:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: ubuntu:22.04 image: ubuntu:22.04
@ -187,6 +261,8 @@ jobs:
echo "All vault files are properly encrypted!" echo "All vault files are properly encrypted!"
playbook-test: playbook-test:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: ubuntu:22.04 image: ubuntu:22.04
@ -232,6 +308,8 @@ jobs:
continue-on-error: true continue-on-error: true
container-scan: container-scan:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: ubuntu:22.04 image: ubuntu:22.04
@ -302,6 +380,8 @@ jobs:
continue-on-error: true continue-on-error: true
sonar-analysis: sonar-analysis:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: ubuntu:22.04 image: ubuntu:22.04

22
inventories/production/hosts
View File

@ -7,23 +7,13 @@
# `playbooks/app/site.yml` (it uses `add_host` based on `app_projects`). # `playbooks/app/site.yml` (it uses `add_host` based on `app_projects`).
# You generally do NOT need to add project hosts here. # You generally do NOT need to add project hosts here.
[gitea]
giteaVM ansible_host=10.0.30.169 ansible_user=root
[portainer]
portainerVM ansible_host=10.0.30.69 ansible_user=ladmin
[homepage]
homepageVM ansible_host=10.0.30.12 ansible_user=homepage
[vaultwarden]
vaultwardenVM ansible_host=10.0.10.142 ansible_user=ladmin
[dev] [dev]
dev01 ansible_host=10.0.30.105 ansible_user=ladmin dev01 ansible_host=10.0.30.105 ansible_user=ladmin
bottom ansible_host=10.0.10.156 ansible_user=beast bottom ansible_host=10.0.10.156 ansible_user=beast
debianDesktopVM ansible_host=10.0.10.206 ansible_user=user skip_reboot=true debianDesktopVM ansible_host=10.0.10.206 ansible_user=user skip_reboot=true
devGPU ansible_host=10.0.30.63 ansible_user=root devGPU ansible_host=10.0.30.63 ansible_user=root
[qa]
git-ci-01 ansible_host=10.0.10.223 ansible_user=ladmin git-ci-01 ansible_host=10.0.10.223 ansible_user=ladmin
sonarqube-01 ansible_host=10.0.10.54 ansible_user=ladmin sonarqube-01 ansible_host=10.0.10.54 ansible_user=ladmin
dev02 ansible_host=10.0.10.100 ansible_user=ladmin dev02 ansible_host=10.0.10.100 ansible_user=ladmin
@ -40,8 +30,14 @@ caddy ansible_host=10.0.10.50 ansible_user=root
jellyfin ansible_host=10.0.10.232 ansible_user=root jellyfin ansible_host=10.0.10.232 ansible_user=root
listmonk ansible_host=10.0.10.149 ansible_user=root listmonk ansible_host=10.0.10.149 ansible_user=root
nextcloud ansible_host=10.0.10.25 ansible_user=root nextcloud ansible_host=10.0.10.25 ansible_user=root
actual ansible_host=10.0.10.159 ansible_user=root actual ansible_host=10.0.10.158 ansible_user=root
vikanjans ansible_host=10.0.10.159 ansible_user=root
n8n ansible_host=10.0.10.158 ansible_user=root n8n ansible_host=10.0.10.158 ansible_user=root
giteaVM ansible_host=10.0.30.169 ansible_user=root
portainerVM ansible_host=10.0.30.69 ansible_user=ladmin
homepageVM ansible_host=10.0.30.12 ansible_user=homepage
vaultwardenVM ansible_host=10.0.10.142 ansible_user=ladmin
qBittorrent ansible_host=10.0.10.91 ansible_user=root port=8080
[desktop] [desktop]
desktop-beast ansible_host=100.117.34.106 ansible_user=beast desktop-beast ansible_host=100.117.34.106 ansible_user=beast