boma/playbooks
sjat 0e8d448f2b feat(offsite): apply netbird_coordinator after reverse_proxy
NetBird joins the boma Docker network that reverse_proxy creates, so it's
ordered last. Carries its netbird_coordinator role-name tag (check-tags).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-15 18:05:12 +02:00
..
bootstrap.yml Add core Ansible scaffold, tooling, and pre-commit guards 2026-05-30 14:10:01 +02:00
dns.yml feat(public_dns): dns.yml play (control-node, Gandi LiveDNS) 2026-06-14 10:35:30 +02:00
offsite.yml feat(offsite): apply netbird_coordinator after reverse_proxy 2026-06-15 18:05:12 +02:00
README.md docs(review): 2026-06-14 repo audit — M4a doc drift + Traefik→Caddy lag 2026-06-14 18:37:54 +02:00
site.yml fix(O1): scaffold docker_host role so make lint passes on main 2026-06-11 14:53:55 +02:00
workstation.yml Add dev_env role: zsh/tmux/nvim for workstation-class hosts 2026-06-11 13:50:11 +02:00

playbooks/

Top-level orchestration playbooks. No inline vars — configuration comes from group_vars/ / host_vars/ (see CLAUDE.md).

  • site.yml — full standard state: applies base to all hosts and docker_host to docker hosts. Note: base is only partially built (its firewall + hardening concerns) and the cluster has no docker hosts yet, so this is incomplete — see STATUS.md.
  • workstation.yml — applies the dev_env role (interactive developer environment) to the control group; built and applied to ubongo (see STATUS.md).
  • dns.yml — manages the public DNS zone (wingu.me) at Gandi LiveDNS via the public_dns role; runs from the control node against an external API.
  • offsite.yml — off-site hosts (askari): docker_host (Docker engine) + reverse_proxy (Caddy). NetBird coordinator appended in M4b.
  • bootstrap.yml — first-run setup for a host that may not have Python yet; self-contained (does not depend on the roles).

Run via make check PLAYBOOK=<name> then make deploy PLAYBOOK=<name>.