cbalders/homelab-ansible-lxc-meridian
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8adecb417a69285d8a357b5a078a3a2fd3e2d627
homelab-ansible-lxc-meridian/site.yml
T
Your Name 8adecb417a site.yml: drop leftover node_exporter role refs 
Earlier Pass 2 cleanup sed only matched bare '- node_exporter' lines;
these used '{ role: ..., tags: [...] }' syntax which fell through.
Deploys via Semaphore were erroring with 'role node_exporter not found'.
2026-05-21 22:35:38 -04:00

48 lines
2.1 KiB
YAML
Raw Blame History

---
# ==============================================================================
# Meridian LXC — Site Playbook
# ==============================================================================
# Local Anthropic API powered by Chuck's Claude Max OAuth subscription.
# Bridges the Claude Code SDK to /v1/messages so HAOS's anthropic conversation
# integration (and any Anthropic-compatible client) can use the Max subscription
# instead of paid API tokens.
#
# Security:
# - Meridian itself has no auth layer; LAN-only reachability is the security model.
# - LiteLLM sits in front for clients that speak OpenAI (e.g. Pulse). It does
# require a master key (Infisical /meridian/vault_litellm_master_key).
#
# OAuth bootstrap is one-time, paste-code flow run directly on the LXC
# (see homelab-docs services/meridian.md). Don't scp ~/.claude/ from Mac —
# Mac stores the refresh token in Keychain, scp can't see it.
#
# Usage:
# ./deploy.sh # full deploy (pulls LITELLM_MASTER_KEY from Infisical)
# ./deploy.sh --tags meridian # meridian role only
# ./deploy.sh --tags litellm # litellm role only
# ==============================================================================
- name: Deploy Meridian LXC
hosts: all
become: true
vars_files:
- vars/main.yml
pre_tasks:
- name: Deploy banner
debug:
msg: "===== {{ ansible_play_name }} → {{ inventory_hostname }} ({{ ansible_host | default(inventory_hostname) }}) ====="
- name: Sanity-check LITELLM_MASTER_KEY is set
assert:
that: litellm_master_key is defined and litellm_master_key != 'CHANGE_ME' and (litellm_master_key | length) >= 24
fail_msg: |
LITELLM_MASTER_KEY env var not set on the controller.
Run via ./deploy.sh (which pulls it from Infisical), or pass:
-e litellm_master_key="$(infisical secrets get vault_litellm_master_key --env prod --path /meridian --plain)"
roles:
- { role: meridian, tags: ['meridian'] }
- { role: litellm, tags: ['litellm'] }
- { role: alloy, tags: ['alloy'] }
Reference in New Issue View Git Blame Copy Permalink