kodi media services basic setup

ansible/inventory/host_vars/kodi00.balsillie.house/certbot.yaml

@@ -0,0 +1,11 @@
+certbot_rfc2136_server: '10.208.240.1'
+certbot_rfc2136_key_name: 'rndc-house'
+certbot_rfc2136_key_algorithm: 'hmac-sha256'
+
+certbot_webserver_type: 'nginx' # 'nginx' or 'apache'
+certbot_dns_plugin: 'rfc2136'
+certbot_email: "certbot.kodi00@balsillie.email"
+certbot_acme_server: "https://acme-v02.api.letsencrypt.org/directory"
+
+certbot_domains:
+  - kodi.balsillie.house

ansible/inventory/host_vars/kodi00.balsillie.house/nginx.yaml

@@ -0,0 +1,13 @@
+nginx_sites:
+  - name: tv.balsillie.house
+    upstream: 127.0.0.1:8080
+  - name: movies.balsillie.house
+    upstream: 127.0.0.1:8081
+  - name: index.balsillie.house
+    upstream: 127.0.0.1:8082
+  - name: torrent.balsillie.house
+    upstream: 127.0.0.1:9090
+  - name: jellyfin.balsillie.house
+    upstream: 127.0.0.1:8096
+  - name: kodi.balsillie.house
+    upstream: 127.0.0.1:8082

ansible/inventory/host_vars/kodi00.balsillie.house/sshd.yaml

@@ -0,0 +1,4 @@
+sshd:
+  auth:
+    password: 'no'
+    pubkey: 'yes'

ansible/inventory/host_vars/kodi00.balsillie.house/ufw.yaml

@@ -0,0 +1,21 @@
+ufw_enabled: true
+
+ufw_rules:
+  - name: "SSH from Local Subnet"
+    port: "22"
+    protocol: "tcp"
+    action: "allow"
+    source: "10.192.210.0/24"
+    destination: "10.192.210.169"
+  - name: "HTTP from Local Subnet"
+    port: "80"
+    protocol: "tcp"
+    action: "allow"
+    source: "10.192.210.0/24"
+    destination: "10.192.210.169"
+  - name: "HTTPS from Local Subnet"
+    port: "443"
+    protocol: "tcp"
+    action: "allow"
+    source: "10.192.210.0/24"
+    destination: "10.192.210.169"