renamed roles
This commit is contained in:
@@ -1,23 +0,0 @@
|
||||
---
|
||||
# Load distro specific variables
|
||||
- include_vars: "{{ ansible_distribution }}.yml"
|
||||
tags: always
|
||||
ignore_errors: True
|
||||
- include_vars: "{{ ansible_fqdn }}.yml"
|
||||
ignore_errors: True
|
||||
|
||||
- block:
|
||||
- include_tasks: utilities/mta.yml
|
||||
- include_tasks: utilities/netdata.yml
|
||||
when: netdata is defined and netdata == true
|
||||
- include_tasks: utilities/snmpd.yml
|
||||
- include_tasks: utilities/glusterfs.yml
|
||||
when:
|
||||
- glusterfs is defined
|
||||
- glusterfs == true
|
||||
- include_tasks: system_setup/cron.yml
|
||||
# - include_role:
|
||||
# name: base
|
||||
# tasks_from: users.yml
|
||||
|
||||
# vim: ts=2 sw=2
|
||||
@@ -1,17 +0,0 @@
|
||||
- name: server | system_setup | install cron (archlinux)
|
||||
package:
|
||||
name: "cronie"
|
||||
state: latest
|
||||
when: ansible_distribution == "Archlinux"
|
||||
|
||||
- name: server | system_setup | cron
|
||||
tags: cron
|
||||
cron:
|
||||
name: "{{ item.title }}"
|
||||
user: root
|
||||
hour: "{{ item.hour }}"
|
||||
minute: "{{ item.minute }}"
|
||||
job: "{{ item.job }}"
|
||||
loop:
|
||||
- { title: "Send me a list of upgradeable packages", job: "apt list --upgradable", hour: 0, minute: 0 }
|
||||
- { title: "Backup", job: "/root/bin/backup_vps.bash", hour: 1, minute: 0 }
|
||||
@@ -1,8 +0,0 @@
|
||||
- name: server | system_setup | create mail aliases
|
||||
lineinfile:
|
||||
path: "/etc/alias"
|
||||
state: present
|
||||
line: "root rene@tantooine.myfirewall.org"
|
||||
|
||||
- name: server | system setup | generate aliases db
|
||||
command: newaliases
|
||||
@@ -1,15 +0,0 @@
|
||||
- block:
|
||||
- name: server | system setup | create swapfile
|
||||
command: "fallocate -l {{ ansible_facts['memtotal_mb'] / 4 | round }} /swapfile"
|
||||
- name: server | system setup | format swapfile
|
||||
filesystem:
|
||||
fstype: swap
|
||||
dev: "/swapfile" # required. Target path to device or image file.
|
||||
- name: server | system setup | enable swap
|
||||
command: "swapon /swapfile"
|
||||
- name: server | system setup | edit fstab
|
||||
lineinfile:
|
||||
path: "/etc/fstab"
|
||||
state: present
|
||||
line: "/swapfile none swap sw 0 0"
|
||||
when: ansible_facts['memory_mb']['swap']['total'] == '0'
|
||||
@@ -1,9 +0,0 @@
|
||||
- name: server | system setup | sysctl
|
||||
sysctl:
|
||||
name: "{{ item.key }}"
|
||||
value: "{{ item.value }}"
|
||||
state: present
|
||||
reload: yes
|
||||
loop:
|
||||
- { key: "vm.swappiness", value: "10"}
|
||||
- { key: "vm.vfs_cache_pressure", value: "50"}
|
||||
@@ -1,10 +0,0 @@
|
||||
- name: server | glusterfs | install glusterfs
|
||||
package:
|
||||
state: latest
|
||||
name: "{{ item.package }}"
|
||||
with_items: "{{ glusterfs_packages }}"
|
||||
|
||||
- name: server | glusterfs | enable and start glusterd
|
||||
service:
|
||||
name: glusterd
|
||||
state: started
|
||||
@@ -1,17 +0,0 @@
|
||||
- name: server | utilities | install {{ mta_package }}
|
||||
package:
|
||||
name: "{{ mta_package }}"
|
||||
state: present
|
||||
when: postfix is not defined or postfix == false
|
||||
|
||||
- name: server | utitilies | configure {{ mta_package }}
|
||||
lineinfile:
|
||||
path: "/etc/ssmtp/ssmtp.conf" # required. The file to modify. Before Ansible 2.3 this option was only usable as I(dest), I(destfile) and I(name).
|
||||
regexp: "{{ item.regex }}"
|
||||
state: present
|
||||
line: "{{ item.line }}"
|
||||
loop:
|
||||
- { regex: "^root=.*$", line: "root=rene@tantooine.myfirewall.org"}
|
||||
- { regex: "^mailhub=.*", line: "mailhub=coruscant.universe.local"}
|
||||
- { regex: "^hostname=.*", line: "hostname={{ ansible_fqdn }}"}
|
||||
when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu"]
|
||||
@@ -1,13 +0,0 @@
|
||||
---
|
||||
- name: Install netdata
|
||||
package:
|
||||
name: netdata
|
||||
state: present
|
||||
|
||||
- name: Enable and start netdata service
|
||||
service:
|
||||
name: netdata
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
# vim: ts=2 sw=2
|
||||
@@ -1,115 +0,0 @@
|
||||
- include_vars: snmp_users.yml
|
||||
|
||||
- name: server | snmpd | install package
|
||||
package:
|
||||
name: "{{ snmpd_package }}"
|
||||
state: present
|
||||
|
||||
- name: server | snmpd | install sudoers file
|
||||
copy:
|
||||
dest: "/etc/sudoers.d/10-debian-snmp"
|
||||
src: "sudoers"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
mode: "0660"
|
||||
validate: "visudo -cf %s"
|
||||
when: ansible_distribution in ["Debian", "Ubuntu"]
|
||||
|
||||
- name: server | snmpd | create /etc/snmp
|
||||
file:
|
||||
path: "/etc/snmp"
|
||||
state: directory
|
||||
owner: "root"
|
||||
group: "root"
|
||||
|
||||
- name: server | snmpd | insert anchors to snmpd.conf
|
||||
blockinfile:
|
||||
path: "{{ snmpd_conf }}"
|
||||
create: true
|
||||
marker: "# {mark} ANSIBLE MANAGED BLOCK"
|
||||
block: |
|
||||
################################################################################
|
||||
# SECTION: custom settings
|
||||
|
||||
- name: server | snmpd | stop service
|
||||
service:
|
||||
name: "snmpd"
|
||||
state: stopped
|
||||
|
||||
- name: server | snmpd | setup monitoring user SNMPv3
|
||||
lineinfile:
|
||||
path: "{{ snmpd_user_file }}"
|
||||
create: true
|
||||
line: "createuser {{ snmp_user }} {{ snmp_auth_proto }} {{ snmp_auth_pass }} {{ snmp_priv_proto }} {{ snmp_priv_pass }}"
|
||||
|
||||
- name: server | snmpd | setup ACLs
|
||||
lineinfile:
|
||||
path: "{{ snmpd_conf }}" # required. The file to modify. Before Ansible 2.3 this option was only usable as I(dest), I(destfile) and I(name).
|
||||
line: "rouser {{ snmp_user }} authpriv"
|
||||
insertafter: "# SECTION: custom settings"
|
||||
|
||||
- name: server | snmpd | enable service on wireguard interface
|
||||
lineinfile:
|
||||
path: "{{ snmpd_conf }}"
|
||||
regexp: "^agentaddress.*$"
|
||||
state: present
|
||||
line: "agentaddress 127.0.0.1,{{ wg_local_ip | ipaddr('address') }},[::1]"
|
||||
when: wg_local_ip is defined
|
||||
|
||||
- name: server | snmpd | enable service on all interfaces
|
||||
lineinfile:
|
||||
path: "{{ snmpd_conf }}"
|
||||
regexp: "^agentaddress.*$"
|
||||
state: present
|
||||
line: "agentaddress udp:161,udp6:[::1]:161"
|
||||
when: wg_local_ip is not defined
|
||||
|
||||
- name: server | snmpd | copy distro script
|
||||
copy:
|
||||
dest: "/etc/snmp/distro"
|
||||
src: "distro"
|
||||
mode: "0755"
|
||||
|
||||
- name: server | snmpd | get os-updates script
|
||||
get_url:
|
||||
url: "https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/osupdate"
|
||||
dest: "/etc/snmp/osupdate"
|
||||
mode: "0755"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
|
||||
- name: server | snmpd | configure extends
|
||||
lineinfile:
|
||||
path: "{{ snmpd_conf }}"
|
||||
state: present
|
||||
line: "extend {{ item.service }} '{{ item.script }}'"
|
||||
insertafter: "# SECTION: custom settings"
|
||||
loop:
|
||||
- { service: "distro", script: "{{ sudo }} /etc/snmp/distro" }
|
||||
- { service: "osupdate", script: "{{ sudo }} /etc/snmp/osupdate" }
|
||||
- { service: "hardware", script: "/bin/cat /sys/devices/virtual/dmi/id/product_name" }
|
||||
- { service: "manufacturer", script: "/bin/cat /sys/devices/virtual/dmi/id/sys_vendor" }
|
||||
- { service: "serial", script: "/bin/cat /sys/devices/virtual/dmi/id/product_serial" }
|
||||
|
||||
- block:
|
||||
- name: server | snmpd | get proxmox script
|
||||
get_url:
|
||||
url: "https://raw.githubusercontent.com/librenms/librenms-agent/master/agent-local/proxmox"
|
||||
dest: "/usr/local/bin/proxmox"
|
||||
mode: "0755"
|
||||
owner: "root"
|
||||
group: "root"
|
||||
- name: server | snmpd | configure proxmox extends
|
||||
lineinfile:
|
||||
path: "{{ snmpd_conf }}"
|
||||
state: present
|
||||
line: "extend proxmox {{ sudo }} /usr/local/bin/proxmox"
|
||||
insertafter: "# SECTION: custom settings"
|
||||
when:
|
||||
- is_proxmox is defined
|
||||
- is_proxmox == true
|
||||
|
||||
- name: server | snmpd start service
|
||||
service:
|
||||
name: "snmpd"
|
||||
state: started
|
||||
Reference in New Issue
Block a user