README.md

@@ -1,7 +0,0 @@
-# os-upgrade-automation
-
-
-## Structure
-- playbook/ (roles, vars, inventories)
-- group_vars/vault.yml excluded (use sops/age)
-

container-caddy.service

@@ -1,39 +0,0 @@
-# container-caddy.service
-# autogenerated by Podman 4.9.5
-# Fri Aug  8 21:19:46 UTC 2025
-
-[Unit]
-Description=Podman container-caddy.service
-Documentation=man:podman-generate-systemd(1)
-Wants=network-online.target
-After=network-online.target
-RequiresMountsFor=%t/containers
-
-[Service]
-Environment=PODMAN_SYSTEMD_UNIT=%n
-Restart=on-failure
-TimeoutStopSec=70
-ExecStart=/usr/bin/podman run \
-	--cidfile=%t/%n.ctr-id \
-	--cgroups=no-conmon \
-	--rm \
-	--sdnotify=conmon \
-	--replace \
-	-d \
-	--name caddy \
-	--network host \
-	-v /srv/caddy/Caddyfile:/etc/caddy/Caddyfile:Z \
-	-v caddy-data:/data \
-	-v caddy-config:/config docker.io/caddy:2-alpine
-ExecStop=/usr/bin/podman stop \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-ExecStopPost=/usr/bin/podman rm \
-	-f \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-Type=notify
-NotifyAccess=all
-
-[Install]
-WantedBy=default.target

container-gitea.service

@@ -1,46 +0,0 @@
-# container-gitea.service
-# autogenerated by Podman 4.9.5
-# Fri Aug  8 21:19:46 UTC 2025
-
-[Unit]
-Description=Podman container-gitea.service
-Documentation=man:podman-generate-systemd(1)
-Wants=network-online.target
-After=network-online.target
-RequiresMountsFor=%t/containers
-
-[Service]
-Environment=PODMAN_SYSTEMD_UNIT=%n
-Restart=on-failure
-TimeoutStopSec=70
-ExecStart=/usr/bin/podman run \
-	--cidfile=%t/%n.ctr-id \
-	--cgroups=no-conmon \
-	--rm \
-	--sdnotify=conmon \
-	--replace \
-	-d \
-	--name gitea \
-	-p 3000:3000 \
-	-v /srv/gitea:/data:Z \
-	-e GITEA__server__ROOT_URL=https://git.pp1l.de/ \
-	-e GITEA__server__DISABLE_SSH=true \
-	-e GITEA__database__DB_TYPE=sqlite3 \
-	-e GITEA__database__PATH=/data/gitea/gitea.db \
-	-e GITEA__security__INSTALL_LOCK=true \
-	-e GITEA__security__INTERNAL_TOKEN=changeme-internal-token \
-	-e GITEA__security__SECRET_KEY=changeme-secret \
-	-e USER_UID=1000 \
-	-e USER_GID=1000 docker.io/gitea/gitea:1.21
-ExecStop=/usr/bin/podman stop \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-ExecStopPost=/usr/bin/podman rm \
-	-f \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-Type=notify
-NotifyAccess=all
-
-[Install]
-WantedBy=default.target

container-woodpecker-agent.service

@@ -1,41 +0,0 @@
-# container-woodpecker-agent.service
-# autogenerated by Podman 4.9.5
-# Fri Aug  8 21:19:47 UTC 2025
-
-[Unit]
-Description=Podman container-woodpecker-agent.service
-Documentation=man:podman-generate-systemd(1)
-Wants=network-online.target
-After=network-online.target
-RequiresMountsFor=%t/containers
-
-[Service]
-Environment=PODMAN_SYSTEMD_UNIT=%n
-Restart=on-failure
-TimeoutStopSec=70
-ExecStart=/usr/bin/podman run \
-	--cidfile=%t/%n.ctr-id \
-	--cgroups=no-conmon \
-	--rm \
-	--sdnotify=conmon \
-	--replace \
-	-d \
-	--name woodpecker-agent \
-	--network host \
-	-v /var/run/podman/podman.sock:/var/run/docker.sock \
-	-e WOODPECKER_SERVER=127.0.0.1:9000 \
-	-e WOODPECKER_AGENT_SECRET=changeme-agent-secret \
-	-e WOODPECKER_BACKEND=docker \
-	-e WOODPECKER_HEALTHCHECK_ADDR=:3001 docker.io/woodpeckerci/woodpecker-agent:latest
-ExecStop=/usr/bin/podman stop \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-ExecStopPost=/usr/bin/podman rm \
-	-f \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-Type=notify
-NotifyAccess=all
-
-[Install]
-WantedBy=default.target

container-woodpecker-server.service

@@ -1,50 +0,0 @@
-# container-woodpecker-server.service
-# autogenerated by Podman 4.9.5
-# Fri Aug  8 21:19:46 UTC 2025
-
-[Unit]
-Description=Podman container-woodpecker-server.service
-Documentation=man:podman-generate-systemd(1)
-Wants=network-online.target
-After=network-online.target
-RequiresMountsFor=%t/containers
-
-[Service]
-Environment=PODMAN_SYSTEMD_UNIT=%n
-Restart=on-failure
-TimeoutStopSec=70
-ExecStart=/usr/bin/podman run \
-	--cidfile=%t/%n.ctr-id \
-	--cgroups=no-conmon \
-	--rm \
-	--sdnotify=conmon \
-	--replace \
-	-d \
-	--name woodpecker-server \
-	-p 8000:8000 \
-	-p 9000:9000 \
-	-v /srv/woodpecker:/var/lib/woodpecker:Z \
-	-e WOODPECKER_OPEN=false \
-	-e WOODPECKER_ADMIN=automation,PurePowerPh1l \
-	-e WOODPECKER_HOST=https://ci.pp1l.de \
-	-e WOODPECKER_SERVER_ADDR=:8000 \
-	-e WOODPECKER_SERVER_HOST=ci.pp1l.de \
-	-e WOODPECKER_GITEA=true \
-	-e WOODPECKER_GITEA_URL=https://git.pp1l.de \
-	-e WOODPECKER_GITEA_CLIENT=bfc43bbd-77a0-4312-9e4b-c63660917b9a \
-	-e WOODPECKER_GITEA_SECRET=gto_km5pahwrtvdun7kxfp3mxmia5vkpemgzcgzxijlocvrjyax2lsnq \
-	-e WOODPECKER_AGENT_SECRET=changeme-agent-secret \
-	-e WOODPECKER_DATABASE_DRIVER=sqlite3 \
-	-e WOODPECKER_DATABASE_DATASOURCE=/var/lib/woodpecker/woodpecker.sqlite docker.io/woodpeckerci/woodpecker-server:latest
-ExecStop=/usr/bin/podman stop \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-ExecStopPost=/usr/bin/podman rm \
-	-f \
-	--ignore -t 10 \
-	--cidfile=%t/%n.ctr-id
-Type=notify
-NotifyAccess=all
-
-[Install]
-WantedBy=default.target

playbook/group_vars/vault.example.yml

@@ -1,10 +0,0 @@
-# Beispiel für geheime Variablen (nicht committen als vault.yml)
-# Kopiere diese Datei nach vault.yml und fülle Werte aus.
-# Empfohlen: Verschlüsselung (Ansible Vault oder sops/age).
----
-upgrade_api_token: "<token>"
-notification_webhook: "<url>"
-ssh_private_key: |
-  -----BEGIN OPENSSH PRIVATE KEY-----
-  <key>
-  -----END OPENSSH PRIVATE KEY-----