Add server profile directory setup

2026-05-30 15:39:58 +00:00 · 2026-03-30 19:02:24 +02:00
parent 1b0319800e
commit d6b19cc7c4
2 changed files with 42 additions and 0 deletions
--- a/ansible/inventory/group_vars/server.yml
+++ b/ansible/inventory/group_vars/server.yml
@@ -34,6 +34,36 @@ server_templates:
    dest: .gitconfig
    mode: "0644"

+server_directories:
+  - path: /opt/navidrome/data
+    owner: "{{ server_username }}"
+    group: "{{ server_user_group }}"
+    mode: "0755"
+  - path: /opt/music
+    owner: "{{ server_username }}"
+    group: "{{ server_user_group }}"
+    mode: "0755"
+  - path: /opt/npm/data
+    owner: root
+    group: root
+    mode: "0755"
+  - path: /opt/npm/letsencrypt
+    owner: root
+    group: root
+    mode: "0755"
+  - path: /opt/postgres/data
+    owner: root
+    group: root
+    mode: "0755"
+  - path: /opt/gitea/data
+    owner: root
+    group: root
+    mode: "0755"
+  - path: /home/git/.ssh
+    owner: git
+    group: git
+    mode: "0700"
+
 server_ufw_rules:
  - rule: allow
    name: OpenSSH
--- a/ansible/roles/profile_server/tasks/main.yml
+++ b/ansible/roles/profile_server/tasks/main.yml
@@ -24,6 +24,18 @@
  loop_control:
    label: "{{ item.dest }}"

+- name: Ensure server directories exist
+  tags: [dotfiles, services]
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    state: directory
+    owner: "{{ item.owner }}"
+    group: "{{ item.group }}"
+    mode: "{{ item.mode }}"
+  loop: "{{ server_directories | default([]) }}"
+  loop_control:
+    label: "{{ item.path }}"
+
 - name: Disable SSH root login on server
  tags: [services]
  ansible.builtin.lineinfile: