2022-12-07 21:36:08 +01:00
|
|
|
---
|
2022-12-20 16:53:32 +01:00
|
|
|
- name: "system : all"
|
|
|
|
hosts: "all"
|
|
|
|
|
|
|
|
tasks:
|
|
|
|
- name: "block domains"
|
|
|
|
ansible.builtin.lineinfile:
|
|
|
|
path: "/etc/hosts"
|
2022-12-28 21:17:33 +01:00
|
|
|
line: "{{ address }} {{ item }}"
|
|
|
|
vars:
|
|
|
|
- address: "{{ hostvars[item.split('.')[0]].ansible_default_ipv4.address |
|
|
|
|
default('127.0.0.1') }}"
|
2022-12-20 18:56:02 +01:00
|
|
|
loop: "{{ [system_mail_smtp_server | default([])] |
|
|
|
|
union( [vpn_wireguard_server_address | default([])] ) |
|
2023-02-21 00:06:41 +01:00
|
|
|
union( [backups_restic_user_aws_bucket_endpoint | default([])] ) |
|
2022-12-20 18:56:02 +01:00
|
|
|
flatten }}"
|
2022-12-20 16:53:32 +01:00
|
|
|
when: not (the_nine_worlds_production | bool)
|
|
|
|
tags: "always"
|
|
|
|
|
2022-12-08 23:27:25 +01:00
|
|
|
- name: "system : ups"
|
2022-12-07 21:36:08 +01:00
|
|
|
hosts: "ups"
|
|
|
|
roles:
|
2022-12-18 19:36:21 +01:00
|
|
|
- role: "system/ups"
|
2022-12-07 21:36:08 +01:00
|
|
|
tags: "system:ups"
|
|
|
|
|
2022-12-08 23:27:25 +01:00
|
|
|
- name: "system : smart"
|
2022-12-07 21:36:08 +01:00
|
|
|
hosts: "smart"
|
|
|
|
roles:
|
2022-12-18 19:36:21 +01:00
|
|
|
- role: "system/smart"
|
2022-12-07 21:36:08 +01:00
|
|
|
vars:
|
2022-12-18 19:36:21 +01:00
|
|
|
system_base_smartd_conf_file: "files/system/smart/smartd.conf"
|
2022-12-07 21:36:08 +01:00
|
|
|
tags: "system:smart"
|
|
|
|
|
2022-12-08 23:27:25 +01:00
|
|
|
- name: "system : zfs"
|
2022-12-07 21:36:08 +01:00
|
|
|
hosts: "zfs"
|
|
|
|
roles:
|
2022-12-18 19:36:21 +01:00
|
|
|
- role: "system/zfs"
|
2022-12-07 21:36:08 +01:00
|
|
|
tags: "system:zfs"
|
|
|
|
|
2022-12-08 23:27:25 +01:00
|
|
|
- name: "system : all"
|
2022-12-07 21:36:08 +01:00
|
|
|
hosts: "all"
|
|
|
|
roles:
|
2022-12-20 17:31:37 +01:00
|
|
|
- role: "system/base/nftables"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:nftables"
|
|
|
|
- role: "system/base/mail"
|
2022-12-20 18:26:18 +01:00
|
|
|
vars:
|
|
|
|
system_base_mail_disable_dns: "{{ not (the_nine_worlds_production | bool) }}"
|
2022-12-20 17:31:37 +01:00
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:mail"
|
|
|
|
- role: "system/base/sshd"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:sshd"
|
|
|
|
- role: "system/base/ntp"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:ntp"
|
|
|
|
- role: "system/base/fail2ban"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:fail2ban"
|
|
|
|
- role: "system/base/fstrim"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:fstrim"
|
|
|
|
- role: "system/base/unattended_upgrades"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:unattended_upgrades"
|
|
|
|
- role: "system/base/logs"
|
2022-12-21 11:37:56 +01:00
|
|
|
vars:
|
2022-12-28 18:16:37 +01:00
|
|
|
system_base_logs_ignore_dir: "files/system/base/logs"
|
2022-12-20 17:31:37 +01:00
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:logs"
|
|
|
|
- role: "system/base/systemd_mail"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:systemd_mail"
|
|
|
|
- role: "system/base/utils"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:utils"
|
|
|
|
- role: "system/base/motd"
|
2022-12-07 21:36:08 +01:00
|
|
|
vars:
|
2022-12-18 19:36:21 +01:00
|
|
|
system_base_motd_dir: "files/system/base/motd"
|
2022-12-20 17:31:37 +01:00
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:motd"
|
|
|
|
- role: "system/base/root"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:root"
|
|
|
|
- role: "system/base/user"
|
|
|
|
tags:
|
|
|
|
- "system:base"
|
|
|
|
- "system:base:user"
|
2023-02-27 21:10:28 +01:00
|
|
|
vars:
|
|
|
|
system_base_user_become_user: "{{ system_base_ssh_user }}"
|
2023-02-19 17:49:35 +01:00
|
|
|
|
|
|
|
- name: "system : asgard:&zfs"
|
|
|
|
hosts: "asgard:&zfs"
|
|
|
|
roles:
|
|
|
|
- role: "system/datasets"
|
|
|
|
tags: "system:datasets"
|
2023-03-19 19:17:18 +01:00
|
|
|
vars:
|
|
|
|
_zvol_volsize: "21474836480" # 20G
|
|
|
|
system_datasets_var_containers_zvol_properties: "\
|
|
|
|
{% set _zvol_properties = {} %}\
|
|
|
|
{{ _zvol_properties.update({ 'volsize': _zvol_volsize }) }}\
|
|
|
|
{{ _zvol_properties.update({ 'com.sun:auto-snapshot': 'false' }) }}\
|
|
|
|
{% if not (the_nine_worlds_production | bool) %}\
|
|
|
|
{{ _zvol_properties.update({ 'refreservation': '0' }) }}\
|
|
|
|
{% endif %}\
|
|
|
|
{{ _zvol_properties }}"
|
2023-02-19 17:49:35 +01:00
|
|
|
|
|
|
|
- name: "system : asgard"
|
|
|
|
hosts: "asgard"
|
|
|
|
roles:
|
|
|
|
- role: "system/directories"
|
|
|
|
tags: "system:directories"
|