Move baldur and valkyrie var directory
This commit is contained in:
parent
b384410eb0
commit
33e80ca13e
10
README.md
10
README.md
@ -126,7 +126,7 @@ not being accessed/modified during this process. It is easy to access `yggdrasil
|
||||
1. Create a VM on `yggdrasil` and install the same OS that is running on `yggdrasil`.
|
||||
- Install the OS on a zvol on `rpool`.
|
||||
- Prepare a zvol on `hpool` of size that's larger than what `yggdrasil` estimates for
|
||||
`rpool/var/lib/yggdrasil/data` and mount at `/var/lib/baldur/data`.
|
||||
`rpool/var/lib/yggdrasil/data` and mount at `/var/lib/the-nine-worlds/data`.
|
||||
- Create non-root user `wojtek` with `sudo` privileges.
|
||||
2. Configure SSH to use `yggdrasil` as a jump server.
|
||||
3. Service testing can then be done directly from the VM. To achieve that `/etc/hosts` needs to be
|
||||
@ -143,10 +143,10 @@ not being accessed/modified during this process. It is easy to access `yggdrasil
|
||||
/usr/local/sbin/restic-batch --config-dir /etc/restic-batch.d restore
|
||||
```
|
||||
3. Once restore has completed, `chown -R <user>:<user>` all the restored directories in
|
||||
`/var/lib/<hostname>/data`. Restic restores the UID information of the host from which the backup
|
||||
was performed which may not match that of the new target machine. Note that permissions and
|
||||
ownership are restored as a second step once all the content is restored. Therefore, the files
|
||||
will list `root` as owner during the restoration.
|
||||
`/var/lib/the-nine-worlds/data`. Restic restores the UID information of the host from which the
|
||||
backup was performed which may not match that of the new target machine. Note that permissions
|
||||
and ownership are restored as a second step once all the content is restored. Therefore, the
|
||||
files will list `root` as owner during the restoration.
|
||||
4. Start all the pod services with:
|
||||
```sh
|
||||
ansible-playbook --vault-id @vault-keyring-client.py -i inventory/baldur_production playbooks/services_start.yml
|
||||
|
@ -2,7 +2,7 @@
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# system:var
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
system_var_root_directory: "/var/lib/{{ system_var_hostname }}"
|
||||
system_var_root_directory: "/var/lib/the-nine-worlds"
|
||||
system_var_home_directory: "{{ system_var_root_directory }}/home"
|
||||
system_var_data_directory: "{{ system_var_root_directory }}/data"
|
||||
system_var_containers_directory: "{{ system_var_root_directory }}/containers"
|
||||
|
@ -4,11 +4,6 @@
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
system_base_ssh_user: "{{ vault_system_base_ssh_user }}"
|
||||
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# system:var
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
system_var_hostname: "baldur"
|
||||
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# vpn
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
|
@ -39,7 +39,7 @@ system_base_unattended_upgrades_blacklist:
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
# system:var
|
||||
# --------------------------------------------------------------------------------------------------
|
||||
system_var_hostname: "yggdrasil"
|
||||
system_var_root_directory: "/var/lib/yggdrasil"
|
||||
|
||||
system_var_root_dataset: "rpool{{ system_var_root_directory }}"
|
||||
system_var_home_dataset: "rpool{{ system_var_home_directory }}"
|
||||
|
@ -56,6 +56,7 @@
|
||||
git.wojciechkozlowski.eu/wojtek/wojciechkozlowski.eu.git"
|
||||
dest: "{{ services_service_user_home }}/.config/service/wojciechkozlowski.eu"
|
||||
recursive: true
|
||||
ignore_errors: true
|
||||
register: services_deploy_www_webiste_git
|
||||
|
||||
- name: "generate static page using hugo"
|
||||
|
@ -1,4 +0,0 @@
|
||||
---
|
||||
dependencies:
|
||||
- role: "system/base/nftables"
|
||||
- role: "vpn/bridge"
|
@ -10,7 +10,7 @@
|
||||
- name: "{{ services_service_name }} : setup : set default shell"
|
||||
ansible.builtin.user:
|
||||
name: "{{ services_service_user_name }}"
|
||||
shell: "{{ services_setup_user_shell[services_service_name] | default('/usr/sbin/nologin') }}"
|
||||
shell: "/usr/sbin/nologin"
|
||||
|
||||
- block:
|
||||
|
||||
|
@ -1,3 +0,0 @@
|
||||
---
|
||||
services_setup_user_shell:
|
||||
rproxy: "/usr/bin/rbash"
|
2
roles
2
roles
@ -1 +1 @@
|
||||
Subproject commit 9acf33085d86371353916589d1ee6bf5602067e4
|
||||
Subproject commit 2d94cd14ee9ea5b002012d2c2020fb70585114ed
|
Loading…
Reference in New Issue
Block a user