diff --git a/README.md b/README.md index c502aef..4ed837d 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,7 @@ not being accessed/modified during this process. It is easy to access `yggdrasil 1. Create a VM on `yggdrasil` and install the same OS that is running on `yggdrasil`. - Install the OS on a zvol on `rpool`. - Prepare a zvol on `hpool` of size that's larger than what `yggdrasil` estimates for - `rpool/var/lib/yggdrasil/data` and mount at `/var/lib/baldur/data`. + `rpool/var/lib/yggdrasil/data` and mount at `/var/lib/the-nine-worlds/data`. - Create non-root user `wojtek` with `sudo` privileges. 2. Configure SSH to use `yggdrasil` as a jump server. 3. Service testing can then be done directly from the VM. To achieve that `/etc/hosts` needs to be @@ -143,10 +143,10 @@ not being accessed/modified during this process. It is easy to access `yggdrasil /usr/local/sbin/restic-batch --config-dir /etc/restic-batch.d restore ``` 3. Once restore has completed, `chown -R :` all the restored directories in - `/var/lib//data`. Restic restores the UID information of the host from which the backup - was performed which may not match that of the new target machine. Note that permissions and - ownership are restored as a second step once all the content is restored. Therefore, the files - will list `root` as owner during the restoration. + `/var/lib/the-nine-worlds/data`. Restic restores the UID information of the host from which the + backup was performed which may not match that of the new target machine. Note that permissions + and ownership are restored as a second step once all the content is restored. Therefore, the + files will list `root` as owner during the restoration. 4. Start all the pod services with: ```sh ansible-playbook --vault-id @vault-keyring-client.py -i inventory/baldur_production playbooks/services_start.yml diff --git a/inventory/group_vars/asgard/vars.yml b/inventory/group_vars/asgard/vars.yml index c472b5c..43a06f4 100644 --- a/inventory/group_vars/asgard/vars.yml +++ b/inventory/group_vars/asgard/vars.yml @@ -2,7 +2,7 @@ # -------------------------------------------------------------------------------------------------- # system:var # -------------------------------------------------------------------------------------------------- -system_var_root_directory: "/var/lib/{{ system_var_hostname }}" +system_var_root_directory: "/var/lib/the-nine-worlds" system_var_home_directory: "{{ system_var_root_directory }}/home" system_var_data_directory: "{{ system_var_root_directory }}/data" system_var_containers_directory: "{{ system_var_root_directory }}/containers" diff --git a/inventory/host_vars/baldur/vars.yml b/inventory/host_vars/baldur/vars.yml index 04ccb06..6ae33f6 100644 --- a/inventory/host_vars/baldur/vars.yml +++ b/inventory/host_vars/baldur/vars.yml @@ -4,11 +4,6 @@ # -------------------------------------------------------------------------------------------------- system_base_ssh_user: "{{ vault_system_base_ssh_user }}" -# -------------------------------------------------------------------------------------------------- -# system:var -# -------------------------------------------------------------------------------------------------- -system_var_hostname: "baldur" - # -------------------------------------------------------------------------------------------------- # vpn # -------------------------------------------------------------------------------------------------- diff --git a/inventory/host_vars/yggdrasil/vars.yml b/inventory/host_vars/yggdrasil/vars.yml index 9191446..38a4ae5 100644 --- a/inventory/host_vars/yggdrasil/vars.yml +++ b/inventory/host_vars/yggdrasil/vars.yml @@ -39,7 +39,7 @@ system_base_unattended_upgrades_blacklist: # -------------------------------------------------------------------------------------------------- # system:var # -------------------------------------------------------------------------------------------------- -system_var_hostname: "yggdrasil" +system_var_root_directory: "/var/lib/yggdrasil" system_var_root_dataset: "rpool{{ system_var_root_directory }}" system_var_home_dataset: "rpool{{ system_var_home_directory }}" diff --git a/playbooks/roles/services/deploy/www/tasks/main.yml b/playbooks/roles/services/deploy/www/tasks/main.yml index c088e78..24e4652 100644 --- a/playbooks/roles/services/deploy/www/tasks/main.yml +++ b/playbooks/roles/services/deploy/www/tasks/main.yml @@ -56,6 +56,7 @@ git.wojciechkozlowski.eu/wojtek/wojciechkozlowski.eu.git" dest: "{{ services_service_user_home }}/.config/service/wojciechkozlowski.eu" recursive: true + ignore_errors: true register: services_deploy_www_webiste_git - name: "generate static page using hugo" diff --git a/playbooks/roles/services/setup/system/meta/main.yml b/playbooks/roles/services/setup/system/meta/main.yml deleted file mode 100644 index 67d258d..0000000 --- a/playbooks/roles/services/setup/system/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -dependencies: - - role: "system/base/nftables" - - role: "vpn/bridge" diff --git a/playbooks/roles/services/setup/user/tasks/include/user.yml b/playbooks/roles/services/setup/user/tasks/include/user.yml index a4335fb..9049b1c 100644 --- a/playbooks/roles/services/setup/user/tasks/include/user.yml +++ b/playbooks/roles/services/setup/user/tasks/include/user.yml @@ -10,7 +10,7 @@ - name: "{{ services_service_name }} : setup : set default shell" ansible.builtin.user: name: "{{ services_service_user_name }}" - shell: "{{ services_setup_user_shell[services_service_name] | default('/usr/sbin/nologin') }}" + shell: "/usr/sbin/nologin" - block: diff --git a/playbooks/roles/services/setup/user/vars/main.yml b/playbooks/roles/services/setup/user/vars/main.yml deleted file mode 100644 index 181d9b2..0000000 --- a/playbooks/roles/services/setup/user/vars/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -services_setup_user_shell: - rproxy: "/usr/bin/rbash" diff --git a/roles b/roles index 9acf330..2d94cd1 160000 --- a/roles +++ b/roles @@ -1 +1 @@ -Subproject commit 9acf33085d86371353916589d1ee6bf5602067e4 +Subproject commit 2d94cd14ee9ea5b002012d2c2020fb70585114ed