Merge branch 'master' of ssh://gitlab.social.my-wan.de:22422/rene/ansible-pull

2022-03-07 14:41:39 +01:00
parent d1aaaabba5 5a43d1285f
commit 7eea9f8b4d
9 changed files with 67 additions and 21 deletions
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -15,7 +15,7 @@

  # Perform remaining tasks:
  - import_tasks: system_setup/clock.yml
-  # - import_tasks: system_setup/cron.yml
+  - import_tasks: system_setup/cron.yml
  - import_tasks: system_setup/locale.yml
  # - import_tasks: system_setup/logging.yml
  # - import_tasks: system_setup/memory.yml
--- a/roles/base/tasks/users/all.yml
+++ b/roles/base/tasks/users/all.yml
@@ -35,6 +35,19 @@
    owner: '{{ user }}'
    group: '{{ user }}'

+- name: users | {{ user }} | fill ssh config
+  blockinfile:
+    path: "{{ getent_passwd[user][4] }}/.ssh/config"
+    state: present
+    block: |
+      Host gitlab.social.my-wan.de
+        IdentityFile ~/.ssh/gitlab_read_ed25519
+        IdentitiesOnly Yes
+    create: True
+    backup: True
+    owner: '{{ user }}'
+    group: '{{ user }}'
+
 - name: users | {{ user }} | clone remote repos
  become: yes
  become_user: '{{ user }}'
@@ -43,6 +56,9 @@
    dest: '{{ getent_passwd[user][4] }}/{{ item.dir }}'
    key_file: '{{ getent_passwd[user][4] }}/.ssh/gitlab_read_ed25519'
    recursive: no
+    track_submodules: yes
+    force: yes
+
  with_items:
    - { repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/dotfiles.git', dir: 'dotfiles' }
    - { repo: 'https://github.com/romkatv/powerlevel10k.git', dir: 'powerlevel10k' }
--- a/roles/base/tasks/users/root.yml
+++ b/roles/base/tasks/users/root.yml
@@ -49,11 +49,11 @@
 #     state: directory
 #     mode: '0755'

-# - name: users | root | clone root_bins
-#   git:
-#     repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/root-bin.git'
-#     dest: "{{ root_home }}/bin"
-#     key_file: '/root/.ssh/gitlab_read_ed25519'
+- name: users | root | clone root_bins
+  git:
+    repo: 'ssh://git@gitlab.social.my-wan.de:22422/rene/root-bin.git'
+    dest: "{{ root_home }}/bin"
+    key_file: '/root/.ssh/gitlab_read_ed25519'

 # - name: users | root | link dotfiles
 #   become: yes
--- a/roles/jitsimeet/tasks/install_jitsimeet.yml
+++ b/roles/jitsimeet/tasks/install_jitsimeet.yml
@@ -85,15 +85,3 @@
    label: "{{ item.path }}"
  loop: "{{ files_to_change.files }}"
  notify: restart_jitsi
-
- name: jitsimeet | cron | schedule refresh of statistics
-  cron:
-    name: "Get statistics for Jitsi [{{ my_idx }}]"
-    user: root
-    job: "{{ item }}"
-  loop_control:
-    index_var: my_idx
-  loop:
-    - "/root/jitsi-statistics.sh"
-    - "sleep 20; /root/jitsi-statistics.sh"
-    - "sleep 40; /root/jitsi-statistics.sh"
--- a/roles/jitsimeet/tasks/main.yml
+++ b/roles/jitsimeet/tasks/main.yml
@@ -13,6 +13,7 @@
  # install software
  - include_tasks: prepare_system.yml
  - include_tasks: install_jitsimeet.yml
+  - include_tasks: system_setup/cron.yml

  rescue:
    - set_fact: task_failed=true
--- a/roles/jitsimeet/tasks/system_setup/cron.yml
+++ b/roles/jitsimeet/tasks/system_setup/cron.yml
@@ -0,0 +1,21 @@
+- name: jitsi | cron | schedule letsencrypt
+  tags: cron
+  cron:
+    name: "For Letsencrypt"
+    user: root
+    hour: 1
+    minute: 0
+    day: 1
+    job: "certbot renew -q"
+
+- name: jitsimeet | cron | schedule refresh of statistics
+  cron:
+    name: "Get statistics for Jitsi [{{ my_idx }}]"
+    user: root
+    job: "{{ item }}"
+  loop_control:
+    index_var: my_idx
+  loop:
+    - "/root/jitsi-statistics.sh"
+    - "sleep 20; /root/jitsi-statistics.sh"
+    - "sleep 40; /root/jitsi-statistics.sh"
--- a/roles/server/tasks/main.yml
+++ b/roles/server/tasks/main.yml
@@ -9,6 +9,7 @@
    when: netdata is defined and netdata == true
  - include_tasks: utilities/snmpd.yml
  - include_tasks: utilities/wireguard.yml
+  - include_tasks: system_setup/cron.yml
  - include_role:
      name: base
      tasks_from: users.yml
--- a/roles/server/tasks/system_setup/cron.yml
+++ b/roles/server/tasks/system_setup/cron.yml
@@ -0,0 +1,11 @@
+- name: server | system_setup | cron
+  tags: cron
+  cron:
+    name: "{{ item.title }}"
+    user: root
+    hour: "{{ item.hour }}"
+    minute: "{{ item.minute }}"
+    job: "{{ item.job }}"
+  loop:
+    - { title: "Send me a list of upgradeable packages", job: "apt list --upgradable", hour: 0, minute: 0 }
+    - { title: "Backup", job: "/root/bin/backup_vps.bash", hour: 1, minute: 0 }
--- a/roles/server/tasks/system_setup/mail.yml
+++ b/roles/server/tasks/system_setup/mail.yml
@@ -0,0 +1,8 @@
+- name: server | system_setup | create mail aliases
+  lineinfile:
+    path: "/etc/alias"
+    state: present
+    line: "root rene@tantooine.myfirewall.org" # not required. The line to insert/replace into the file. Required for C(state=present). If C(backrefs) is set, may contain backreferences that will get expanded with the C(regexp) capture groups if the regexp matches.
+
+- name: server | system setup | generate aliases db
+  command: newaliases