diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index cd27361..504dc38 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -15,7 +15,7 @@ # Perform remaining tasks: - import_tasks: system_setup/clock.yml - # - import_tasks: system_setup/cron.yml + - import_tasks: system_setup/cron.yml - import_tasks: system_setup/locale.yml # - import_tasks: system_setup/logging.yml # - import_tasks: system_setup/memory.yml diff --git a/roles/base/tasks/users/all.yml b/roles/base/tasks/users/all.yml index c4a0978..68c3734 100644 --- a/roles/base/tasks/users/all.yml +++ b/roles/base/tasks/users/all.yml @@ -35,6 +35,19 @@ owner: '{{ user }}' group: '{{ user }}' +- name: users | {{ user }} | fill ssh config + blockinfile: + path: "{{ getent_passwd[user][4] }}/.ssh/config" + state: present + block: | + Host gitlab.social.my-wan.de + IdentityFile ~/.ssh/gitlab_read_ed25519 + IdentitiesOnly Yes + create: True + backup: True + owner: '{{ user }}' + group: '{{ user }}' + - name: users | {{ user }} | clone remote repos become: yes become_user: '{{ user }}' @@ -43,9 +56,12 @@ dest: '{{ getent_passwd[user][4] }}/{{ item.dir }}' key_file: '{{ getent_passwd[user][4] }}/.ssh/gitlab_read_ed25519' recursive: no + track_submodules: yes + force: yes + with_items: - - {repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/dotfiles.git', dir: 'dotfiles'} - - {repo: 'https://github.com/romkatv/powerlevel10k.git', dir: 'powerlevel10k'} + - { repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/dotfiles.git', dir: 'dotfiles' } + - { repo: 'https://github.com/romkatv/powerlevel10k.git', dir: 'powerlevel10k' } ignore_errors: yes - name: users | {{ user }} | link dotfiles diff --git a/roles/base/tasks/users/root.yml b/roles/base/tasks/users/root.yml index afa0938..8390571 100644 --- a/roles/base/tasks/users/root.yml +++ b/roles/base/tasks/users/root.yml @@ -49,11 +49,11 @@ # state: directory # mode: '0755' -# - name: users | root | clone root_bins -# git: -# repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/root-bin.git' -# dest: "{{ root_home }}/bin" -# key_file: '/root/.ssh/gitlab_read_ed25519' +- name: users | root | clone root_bins + git: + repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/root-bin.git' + dest: "{{ root_home }}/bin" + key_file: '/root/.ssh/gitlab_read_ed25519' # - name: users | root | link dotfiles # become: yes diff --git a/roles/jitsimeet/tasks/install_jitsimeet.yml b/roles/jitsimeet/tasks/install_jitsimeet.yml index 02d7942..dc10227 100644 --- a/roles/jitsimeet/tasks/install_jitsimeet.yml +++ b/roles/jitsimeet/tasks/install_jitsimeet.yml @@ -84,16 +84,4 @@ loop_control: label: "{{ item.path }}" loop: "{{ files_to_change.files }}" - notify: restart_jitsi - -- name: jitsimeet | cron | schedule refresh of statistics - cron: - name: "Get statistics for Jitsi [{{ my_idx }}]" - user: root - job: "{{ item }}" - loop_control: - index_var: my_idx - loop: - - "/root/jitsi-statistics.sh" - - "sleep 20; /root/jitsi-statistics.sh" - - "sleep 40; /root/jitsi-statistics.sh" + notify: restart_jitsi \ No newline at end of file diff --git a/roles/jitsimeet/tasks/main.yml b/roles/jitsimeet/tasks/main.yml index e789976..e4d3a4b 100644 --- a/roles/jitsimeet/tasks/main.yml +++ b/roles/jitsimeet/tasks/main.yml @@ -13,6 +13,7 @@ # install software - include_tasks: prepare_system.yml - include_tasks: install_jitsimeet.yml + - include_tasks: system_setup/cron.yml rescue: - set_fact: task_failed=true diff --git a/roles/jitsimeet/tasks/system_setup/cron.yml b/roles/jitsimeet/tasks/system_setup/cron.yml new file mode 100644 index 0000000..b491b10 --- /dev/null +++ b/roles/jitsimeet/tasks/system_setup/cron.yml @@ -0,0 +1,21 @@ +- name: jitsi | cron | schedule letsencrypt + tags: cron + cron: + name: "For Letsencrypt" + user: root + hour: 1 + minute: 0 + day: 1 + job: "certbot renew -q" + +- name: jitsimeet | cron | schedule refresh of statistics + cron: + name: "Get statistics for Jitsi [{{ my_idx }}]" + user: root + job: "{{ item }}" + loop_control: + index_var: my_idx + loop: + - "/root/jitsi-statistics.sh" + - "sleep 20; /root/jitsi-statistics.sh" + - "sleep 40; /root/jitsi-statistics.sh" diff --git a/roles/server/tasks/main.yml b/roles/server/tasks/main.yml index 0ed88b9..6497d53 100644 --- a/roles/server/tasks/main.yml +++ b/roles/server/tasks/main.yml @@ -9,6 +9,7 @@ when: netdata is defined and netdata == true - include_tasks: utilities/snmpd.yml - include_tasks: utilities/wireguard.yml + - include_tasks: system_setup/cron.yml - include_role: name: base tasks_from: users.yml diff --git a/roles/server/tasks/system_setup/cron.yml b/roles/server/tasks/system_setup/cron.yml new file mode 100644 index 0000000..9e559c8 --- /dev/null +++ b/roles/server/tasks/system_setup/cron.yml @@ -0,0 +1,11 @@ +- name: server | system_setup | cron + tags: cron + cron: + name: "{{ item.title }}" + user: root + hour: "{{ item.hour }}" + minute: "{{ item.minute }}" + job: "{{ item.job }}" + loop: + - { title: "Send me a list of upgradeable packages", job: "apt list --upgradable", hour: 0, minute: 0 } + - { title: "Backup", job: "/root/bin/backup_vps.bash", hour: 1, minute: 0 } \ No newline at end of file diff --git a/roles/server/tasks/system_setup/mail.yml b/roles/server/tasks/system_setup/mail.yml new file mode 100644 index 0000000..ddaeb25 --- /dev/null +++ b/roles/server/tasks/system_setup/mail.yml @@ -0,0 +1,8 @@ +- name: server | system_setup | create mail aliases + lineinfile: + path: "/etc/alias" + state: present + line: "root rene@tantooine.myfirewall.org" # not required. The line to insert/replace into the file. Required for C(state=present). If C(backrefs) is set, may contain backreferences that will get expanded with the C(regexp) capture groups if the regexp matches. + +- name: server | system setup | generate aliases db + command: newaliases \ No newline at end of file