ai-workspace-infra/playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
86 Commits 14 Branches 1 Tag 1.5 MiB
Shell 71.3%
Jinja 24.5%
Python 3.4%
PowerShell 0.5%
Groovy 0.3%
a209041839
Go to file
Haitao Pan a209041839 Expose xworkmate bridge public root
2026-04-09 15:26:30 +08:00
deepflow/deepflow-agent-playbook feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
docs docs(playbooks): add cert-manager architecture 2026-04-04 11:25:22 +08:00
group_vars update 2025-12-31 23:24:02 +08:00
roles Expose xworkmate bridge public root 2026-04-09 15:26:30 +08:00
scripts feat(platform): refresh k3s bootstrap and release controls 2026-04-03 16:41:12 +08:00
skills/release-branch-policy feat(platform): refresh k3s bootstrap and release controls 2026-04-03 16:41:12 +08:00
vars Commit remaining local changes 2026-04-09 15:24:38 +08:00
.gitignore Commit remaining local changes 2026-04-09 15:24:38 +08:00
alicloud_dns_record.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
alicloud_dns_sync.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
ansible.cfg Migrate XRDP and Cloudflare playbooks 2026-04-05 16:54:48 +08:00
apply-branch-protection.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
common feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
common_setup.yml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
deploy_accounts_svc_plus.yml Add managed postgresql.svc.plus deployment 2026-04-05 19:09:25 +08:00
deploy_acp_codex_vhosts.yml Refactor ACP vhosts deployment layout 2026-04-09 14:16:05 +08:00
deploy_acp_gemini_vhosts.yml Refactor ACP vhosts deployment layout 2026-04-09 14:16:05 +08:00
deploy_acp_opencode_vhosts.yml Refactor ACP vhosts deployment layout 2026-04-09 14:16:05 +08:00
deploy_agent_svc_plus.yml Refactor ACP vhosts deployment layout 2026-04-09 14:16:05 +08:00
deploy_apisix_svc.plus.yaml feat: add acp bridge server deploy role 2026-04-09 06:20:07 +08:00
deploy_billing_service.yml Refactor ACP vhosts deployment layout 2026-04-09 14:16:05 +08:00
deploy_blackbox_exporters_vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_console_svc_plus.yml Commit remaining local changes 2026-04-09 15:24:38 +08:00
deploy_deepflow_agent feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_exporters_vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_grafana_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_monitor_server.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_neurapress_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_nginx_vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_nodejs_vhosts.yml feat(playbooks): rename root authorized key bootstrap playbook 2026-04-04 13:16:07 +08:00
deploy_OpenObserve_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_openresty_vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_otel_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_postgre_vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_postgres_vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_postgresql_svc_plus.yml Add managed postgresql.svc.plus deployment 2026-04-05 19:09:25 +08:00
deploy_redis_vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_Tempo_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_tiny_monitor_server_vhost.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_traffic_billing_stack.yml Handle immutable Caddyfile and Linux Gemini path 2026-04-09 14:51:41 +08:00
deploy_vhosts_otel-collector.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_VictoriaLogs_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_VictoriaMetrics_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_xcontrol_dashboard.yml update 2025-12-31 23:24:02 +08:00
deploy_xcontrol_server._vhosts.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy_xray_exporter.yml Refactor ACP vhosts deployment layout 2026-04-09 14:16:05 +08:00
deploy_xworkmate_bridge_vhosts.yml Finalize ACP bridge entrypoint and DNS inventory 2026-04-09 14:41:55 +08:00
deploy_zitadel_docker.yaml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy-docker-harbor.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
deploy-docker-keycloak.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
gnome_xrdp_minimal.yaml Migrate XRDP and Cloudflare playbooks 2026-04-05 16:54:48 +08:00
gpu_k8s_init.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
gpu_k8s_reset.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
harden_ssh_root_key_only.yml Migrate XRDP and Cloudflare playbooks 2026-04-05 16:54:48 +08:00
init_chaos_mesh feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_chartmuseum feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_deepflow feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_flagger-loadtester feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_gitlab feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_grafana_alloy feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_harbor_server feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_jenkins feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_k3s_cluster_agent feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_k3s_cluster_server feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_k3s_cluster_std feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_k3s_cluster_with_argo_server feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_observability-agent feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_observability-server feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_openldap feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_splunk-otel-collector feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_telegraf feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_vault feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init_vpn_gateway.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
init-harbor-server feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
inventory.ini Commit remaining local changes 2026-04-09 15:24:38 +08:00
k3s_platform_addon.yml refactor(platform): split addon step for external-dns 2026-04-04 06:11:44 +08:00
k3s_platform_bootstrap_with_gitops.yml refactor(platform): keep bootstrap playbook bootstrap-only 2026-04-04 06:38:10 +08:00
k3s_reset.yml feat(k3s): absorb bootstrap defaults and add reset entrypoint 2026-04-04 09:50:09 +08:00
k3s-cluster.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
keycloak_server feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
LICENSE feat(platform): refresh k3s bootstrap and release controls 2026-04-03 16:41:12 +08:00
plasma_xrdp_minimal.yaml Migrate XRDP and Cloudflare playbooks 2026-04-05 16:54:48 +08:00
pre_setup.sh feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
README.md Commit remaining local changes 2026-04-09 15:24:38 +08:00
renew_nodes_ssl_certs feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
setup-caddy.yml Add caddy vhost role and setup playbook 2026-01-12 11:07:25 +08:00
setup-docker.yml feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
setup-nextjs.yml Add Next.js vhost role 2026-01-12 11:24:58 +08:00
setup-nodejs.yml feat(playbooks): rename root authorized key bootstrap playbook 2026-04-04 13:16:07 +08:00
setup-python3.yml feat(playbooks): rename root authorized key bootstrap playbook 2026-04-04 13:16:07 +08:00
setup-root-authorized-key.yml feat(playbooks): rename root authorized key bootstrap playbook 2026-04-04 13:16:07 +08:00
update_cloudflare_dns.yml Migrate XRDP and Cloudflare playbooks 2026-04-05 16:54:48 +08:00
update_cloudflare_svc_plus_dns.yml Migrate XRDP and Cloudflare playbooks 2026-04-05 16:54:48 +08:00
vpn-overlay-dnat.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
vpn-overlay-vxlan-hub.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
vpn-overlay-vxlan-site.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
vpn-wireguard-hub.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
vpn-wireguard-site.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
vpn-xray-client.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
vpn-xray-hub.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
vpn-xray-tproxy.yaml feat(ansible): extract playbooks and roles into standalone repository 2025-12-21 19:09:46 +08:00
wireguard_ali_vpn_gw feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
wireguard_client feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
wireguard_gateway feat(playbooks): add comprehensive vhosts roles and ops scripts 2025-12-21 19:23:19 +08:00
xfce_xrdp_minimal.yaml feat(playbooks): add minimal xfce xrdp desktop role 2026-04-04 12:51:16 +08:00

README.md

playbooks

Traffic Billing Stack

The traffic billing stack now has a single aggregate playbook:

deploy_traffic_billing_stack.yml

It orchestrates these existing playbooks in dependency order:

  1. deploy_xray_exporter.yml
  2. deploy_billing_service.yml
  3. deploy_accounts_svc_plus.yml
  4. deploy_console_svc_plus.yml
  5. deploy_agent_svc_plus.yml

Full stack deploy

cd /Users/shenlan/workspaces/cloud-neutral-toolkit/playbooks
export INTERNAL_SERVICE_TOKEN=...
export DATABASE_URL=postgres://...
export FRONTEND_IMAGE=ghcr.io/x-evor/dashboard:latest
ansible-playbook -i inventory.ini deploy_traffic_billing_stack.yml

Deploy to one target host directly

Use STACK_TARGET_HOST to override all service host groups with one inventory host.

cd /Users/shenlan/workspaces/cloud-neutral-toolkit/playbooks
export STACK_TARGET_HOST=jp-xhttp-contabo.svc.plus
export INTERNAL_SERVICE_TOKEN=...
export DATABASE_URL=postgres://...
export FRONTEND_IMAGE=ghcr.io/x-evor/dashboard:latest
ansible-playbook -i inventory.ini deploy_traffic_billing_stack.yml

Deploy only selected services

Use STACK_SERVICES with a comma-separated list:

  • xray-exporter
  • billing-service
  • accounts
  • console
  • agent
cd /Users/shenlan/workspaces/cloud-neutral-toolkit/playbooks
export STACK_TARGET_HOST=jp-xhttp-contabo.svc.plus
export STACK_SERVICES=xray-exporter,billing-service,agent
export INTERNAL_SERVICE_TOKEN=...
export DATABASE_URL=postgres://...
ansible-playbook -i inventory.ini deploy_traffic_billing_stack.yml

Notes

  • accounts and console still use their existing role contracts.
  • console requires FRONTEND_IMAGE because the target host only does pull-only compose deployment.
  • console now writes a Caddy fragment named like <server-name>-<release_id>-<hostname>-<domain>.caddy instead of managing the Caddy service container itself.
  • billing-service requires DATABASE_URL.
  • xray-exporter and agent require INTERNAL_SERVICE_TOKEN.

Deploy console to a specific host and sync DNS

deploy_console_svc_plus.yml now accepts two useful overrides:

  • console_service_target_host: inventory host to deploy to, for example jp_xhttp_contabo_host
  • console_service_sync_dns=true: rebuild and reconcile DNS records for that target host after deployment

Example:

cd /Users/shenlan/workspaces/cloud-neutral-toolkit/playbooks
ansible-playbook -i inventory.ini deploy_console_svc_plus.yml \
  -e console_service_target_host=jp_xhttp_contabo_host \
  -e console_service_sync_dns=true \
  -e FRONTEND_IMAGE=ghcr.io/x-evor/dashboard:latest