This repository contains a collection of Ansible roles for self-hosting free software.
The collection primarily targets individuals and small businesses, and is built to professional quality standards.
These roles are designed with the following goals in mind:
- Up-to-date and fully featured software
- Security
- Minimal maintenance
To meet the first two goals, Fedora is used as the base OS because it provides up-to-date software and advanced security features such as SELinux by default. To further improve security, optional system-wide hardening can be applied and many security-related configurations are available. To minimize maintenance, automatic updates (with automatic reboot when required) are enabled daily for all packages.
All choices come with trade-offs. Here, the main risk is that an update could break something and temporarily make a service unavailable.
If you require a perfectly stable service with 99.99% availability, consider other roles based on LTS operating systems and software versions. No guarantee is provided when using these roles.
For more information on the roles, please refer to the documentation.
- common: Perform common machine initialization tasks such as configuring auto-updates, firewall, NTP server, SSH, and OS security hardening.
- nextcloud: Install a Nextcloud server.
- musicplayer: Install a standalone music player, by default Lollypop.
- kodi: Install a Kodi home theater PC.
- mail: Install a mail server using Postfix and Dovecot.
- mpd: Install a Music Player Daemon server.
- squid: Install a Squid caching proxy server.
The common role is intended to be used with all other roles and may be required by some of them.
These roles are used as dependencies of the main roles, but can also be used directly:
- clamav: Install the ClamAV antivirus.
- coturn: Install the CoTURN TURN/STUN server.
- nginx: Install an Nginx web server.
- postgresql: Install a PostgreSQL database.
- php_fpm: Install a PHP-FPM server.
- valkey: Install the Valkey in-memory data store.
- rpmfusion: Enable the RPMFusion repositories.
This collection is available on Ansible Galaxy.
ansible-galaxy collection install jgoutin.home---
- hosts: all
become: true
collections:
- jgoutin.home
roles:
- common
- kodi