rene/ansible-pull
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of ssh://gitlab.social.my-wan.de:22422/rene/ansible-pull

Browse Source
This commit is contained in:
rene
2022-03-07 14:41:39 +01:00
parent d1aaaabba5 5a43d1285f
commit 7eea9f8b4d
9 changed files with 67 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/base/tasks/main.yml
View File

@@ -15,7 +15,7 @@
# Perform remaining tasks: # Perform remaining tasks:
- import_tasks: system_setup/clock.yml - import_tasks: system_setup/clock.yml
# - import_tasks: system_setup/cron.yml - import_tasks: system_setup/cron.yml
- import_tasks: system_setup/locale.yml - import_tasks: system_setup/locale.yml
# - import_tasks: system_setup/logging.yml # - import_tasks: system_setup/logging.yml
# - import_tasks: system_setup/memory.yml # - import_tasks: system_setup/memory.yml

20
roles/base/tasks/users/all.yml
View File

@@ -35,6 +35,19 @@
owner: '{{ user }}' owner: '{{ user }}'
group: '{{ user }}' group: '{{ user }}'
- name: users | {{ user }} | fill ssh config
blockinfile:
path: "{{ getent_passwd[user][4] }}/.ssh/config"
state: present
block: |
Host gitlab.social.my-wan.de
IdentityFile ~/.ssh/gitlab_read_ed25519
IdentitiesOnly Yes
create: True
backup: True
owner: '{{ user }}'
group: '{{ user }}'
- name: users | {{ user }} | clone remote repos - name: users | {{ user }} | clone remote repos
become: yes become: yes
become_user: '{{ user }}' become_user: '{{ user }}'
@@ -43,9 +56,12 @@
dest: '{{ getent_passwd[user][4] }}/{{ item.dir }}' dest: '{{ getent_passwd[user][4] }}/{{ item.dir }}'
key_file: '{{ getent_passwd[user][4] }}/.ssh/gitlab_read_ed25519' key_file: '{{ getent_passwd[user][4] }}/.ssh/gitlab_read_ed25519'
recursive: no recursive: no
track_submodules: yes
force: yes
with_items: with_items:
- {repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/dotfiles.git', dir: 'dotfiles'} - { repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/dotfiles.git', dir: 'dotfiles' }
- {repo: 'https://github.com/romkatv/powerlevel10k.git', dir: 'powerlevel10k'} - { repo: 'https://github.com/romkatv/powerlevel10k.git', dir: 'powerlevel10k' }
ignore_errors: yes ignore_errors: yes
- name: users | {{ user }} | link dotfiles - name: users | {{ user }} | link dotfiles

10
roles/base/tasks/users/root.yml
View File

@@ -49,11 +49,11 @@
# state: directory # state: directory
# mode: '0755' # mode: '0755'
# - name: users | root | clone root_bins - name: users | root | clone root_bins
# git: git:
# repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/root-bin.git' repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/root-bin.git'
# dest: "{{ root_home }}/bin" dest: "{{ root_home }}/bin"
# key_file: '/root/.ssh/gitlab_read_ed25519' key_file: '/root/.ssh/gitlab_read_ed25519'
# - name: users | root | link dotfiles # - name: users | root | link dotfiles
# become: yes # become: yes

12
roles/jitsimeet/tasks/install_jitsimeet.yml
View File

@@ -85,15 +85,3 @@
label: "{{ item.path }}" label: "{{ item.path }}"
loop: "{{ files_to_change.files }}" loop: "{{ files_to_change.files }}"
notify: restart_jitsi notify: restart_jitsi
- name: jitsimeet | cron | schedule refresh of statistics
cron:
name: "Get statistics for Jitsi [{{ my_idx }}]"
user: root
job: "{{ item }}"
loop_control:
index_var: my_idx
loop:
- "/root/jitsi-statistics.sh"
- "sleep 20; /root/jitsi-statistics.sh"
- "sleep 40; /root/jitsi-statistics.sh"

1
roles/jitsimeet/tasks/main.yml
View File

@@ -13,6 +13,7 @@
# install software # install software
- include_tasks: prepare_system.yml - include_tasks: prepare_system.yml
- include_tasks: install_jitsimeet.yml - include_tasks: install_jitsimeet.yml
- include_tasks: system_setup/cron.yml
rescue: rescue:
- set_fact: task_failed=true - set_fact: task_failed=true

21
roles/jitsimeet/tasks/system_setup/cron.yml Normal file
View File

@@ -0,0 +1,21 @@
- name: jitsi | cron | schedule letsencrypt
tags: cron
cron:
name: "For Letsencrypt"
user: root
hour: 1
minute: 0
day: 1
job: "certbot renew -q"
- name: jitsimeet | cron | schedule refresh of statistics
cron:
name: "Get statistics for Jitsi [{{ my_idx }}]"
user: root
job: "{{ item }}"
loop_control:
index_var: my_idx
loop:
- "/root/jitsi-statistics.sh"
- "sleep 20; /root/jitsi-statistics.sh"
- "sleep 40; /root/jitsi-statistics.sh"

1
roles/server/tasks/main.yml
View File

@@ -9,6 +9,7 @@
when: netdata is defined and netdata == true when: netdata is defined and netdata == true
- include_tasks: utilities/snmpd.yml - include_tasks: utilities/snmpd.yml
- include_tasks: utilities/wireguard.yml - include_tasks: utilities/wireguard.yml
- include_tasks: system_setup/cron.yml
- include_role: - include_role:
name: base name: base
tasks_from: users.yml tasks_from: users.yml

11
roles/server/tasks/system_setup/cron.yml Normal file
View File

@@ -0,0 +1,11 @@
- name: server | system_setup | cron
tags: cron
cron:
name: "{{ item.title }}"
user: root
hour: "{{ item.hour }}"
minute: "{{ item.minute }}"
job: "{{ item.job }}"
loop:
- { title: "Send me a list of upgradeable packages", job: "apt list --upgradable", hour: 0, minute: 0 }
- { title: "Backup", job: "/root/bin/backup_vps.bash", hour: 1, minute: 0 }

8
roles/server/tasks/system_setup/mail.yml Normal file
View File

@@ -0,0 +1,8 @@
- name: server | system_setup | create mail aliases
lineinfile:
path: "/etc/alias"
state: present
line: "root rene@tantooine.myfirewall.org" # not required. The line to insert/replace into the file. Required for C(state=present). If C(backrefs) is set, may contain backreferences that will get expanded with the C(regexp) capture groups if the regexp matches.
- name: server | system setup | generate aliases db
command: newaliases