diff --git a/playbooks/00-hosts.yml b/playbooks/00-hosts.yml index 8bb7e18..d1d9c92 100644 --- a/playbooks/00-hosts.yml +++ b/playbooks/00-hosts.yml @@ -7,6 +7,7 @@ - import_tasks: tasks/hosts/firewall.yml - import_tasks: tasks/hosts/ntp.yml - import_tasks: tasks/hosts/mail.yml + - import_tasks: tasks/hosts/systemd-mail.yml - import_tasks: tasks/hosts/unattended-upgrades.yml - import_tasks: tasks/hosts/fail2ban.yml - import_tasks: tasks/hosts/fstrim.yml @@ -20,7 +21,6 @@ hosts: yggdrasil tasks: - - import_tasks: tasks/hosts/systemd-mail.yml - import_tasks: tasks/hosts/zfs-conf.yml - import_tasks: tasks/hosts/zfs-scrub.yml - import_tasks: tasks/hosts/zfs-trim.yml diff --git a/playbooks/filesystem/common/etc/systemd/system/connect-pod-service@.service b/playbooks/filesystem/common/etc/systemd/system/connect-pod-service@.service index 675f019..8bc42b0 100644 --- a/playbooks/filesystem/common/etc/systemd/system/connect-pod-service@.service +++ b/playbooks/filesystem/common/etc/systemd/system/connect-pod-service@.service @@ -1,6 +1,7 @@ [Unit] Description=Connect %i to root bridge After=network.target +OnFailure=status-mail@%n.service [Service] Type=oneshot diff --git a/playbooks/filesystem/yggdrasil/etc/systemd/system/status-mail@.service b/playbooks/filesystem/common/etc/systemd/system/status-mail@.service similarity index 100% rename from playbooks/filesystem/yggdrasil/etc/systemd/system/status-mail@.service rename to playbooks/filesystem/common/etc/systemd/system/status-mail@.service diff --git a/playbooks/filesystem/common/etc/systemd/user/status-mail@.service b/playbooks/filesystem/common/etc/systemd/user/status-mail@.service new file mode 100644 index 0000000..6fb82f9 --- /dev/null +++ b/playbooks/filesystem/common/etc/systemd/user/status-mail@.service @@ -0,0 +1,6 @@ +[Unit] +Description=Status email for %i + +[Service] +Type=oneshot +ExecStart=/usr/local/bin/systemd-mail-systemctl-status %i diff --git a/playbooks/filesystem/common/usr/local/bin/systemd-mail-systemctl-status.j2 b/playbooks/filesystem/common/usr/local/bin/systemd-mail-systemctl-status.j2 new file mode 100644 index 0000000..21f87a0 --- /dev/null +++ b/playbooks/filesystem/common/usr/local/bin/systemd-mail-systemctl-status.j2 @@ -0,0 +1,11 @@ +#!/bin/sh + +/usr/sbin/sendmail -t < +Subject: systemctl --user status $1 on {{ ansible_hostname }} +Content-Transfer-Encoding: 8bit +Content-Type: text/plain; charset=UTF-8 + +$(systemctl --user status --full "$1") +SYSTEMDMAIL diff --git a/playbooks/filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2 b/playbooks/filesystem/common/usr/local/sbin/systemd-mail-systemctl-status.j2 similarity index 100% rename from playbooks/filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2 rename to playbooks/filesystem/common/usr/local/sbin/systemd-mail-systemctl-status.j2 diff --git a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-certbot.service.j2 b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-certbot.service.j2 index bf3f65e..85ff2ce 100644 --- a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-certbot.service.j2 +++ b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-certbot.service.j2 @@ -1,6 +1,7 @@ [Unit] Description=Podman container-rproxy-certbot.service Documentation=man:podman-generate-systemd(1) +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-nginx.service.j2 b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-nginx.service.j2 index 75e9f7d..c54aaf1 100644 --- a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-nginx.service.j2 +++ b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/container-rproxy-nginx.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target BindsTo=pod-rproxy.service After=pod-rproxy.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/pod-rproxy.service.j2 b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/pod-rproxy.service.j2 index 2bfdd0a..99d7748 100644 --- a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/pod-rproxy.service.j2 +++ b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-rproxy/.config/systemd/user/pod-rproxy.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target Requires=container-rproxy-nginx.service Before=container-rproxy-nginx.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/container-www-nginx.service.j2 b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/container-www-nginx.service.j2 index 70540cb..2127abb 100644 --- a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/container-www-nginx.service.j2 +++ b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/container-www-nginx.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target BindsTo=pod-www.service After=pod-www.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/pod-www.service.j2 b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/pod-www.service.j2 index 4d48af9..cf6b36c 100644 --- a/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/pod-www.service.j2 +++ b/playbooks/filesystem/valkyrie/var/lib/valkyrie/home/pod-www/.config/systemd/user/pod-www.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target Requires=container-www-nginx.service Before=container-www-nginx.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/yggdrasil/etc/systemd/system/restic-volume-data.service.j2 b/playbooks/filesystem/yggdrasil/etc/systemd/system/restic-volume-data.service.j2 index 6f5b4c9..38bce0f 100644 --- a/playbooks/filesystem/yggdrasil/etc/systemd/system/restic-volume-data.service.j2 +++ b/playbooks/filesystem/yggdrasil/etc/systemd/system/restic-volume-data.service.j2 @@ -1,6 +1,7 @@ [Unit] Description=Backup volume snapshots using restic Documentation=man:restic(8) +OnFailure=status-mail@%n.service [Service] Type=oneshot diff --git a/playbooks/filesystem/yggdrasil/etc/systemd/system/syncoid-volume-data.service.j2 b/playbooks/filesystem/yggdrasil/etc/systemd/system/syncoid-volume-data.service.j2 index a03dc5c..1e2cbe0 100644 --- a/playbooks/filesystem/yggdrasil/etc/systemd/system/syncoid-volume-data.service.j2 +++ b/playbooks/filesystem/yggdrasil/etc/systemd/system/syncoid-volume-data.service.j2 @@ -3,6 +3,7 @@ Description=Replicate volume data snapshots Documentation=man:syncoid(8) After=sanoid.service Before=sanoid-prune.service +OnFailure=status-mail@%n.service [Service] Type=oneshot diff --git a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/container-database-postgres.service.j2 b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/container-database-postgres.service.j2 index 5598fba..a104e36 100644 --- a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/container-database-postgres.service.j2 +++ b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/container-database-postgres.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target BindsTo=pod-database.service After=pod-database.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/pod-database.service.j2 b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/pod-database.service.j2 index 27ab433..b9554d0 100644 --- a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/pod-database.service.j2 +++ b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-database/.config/systemd/user/pod-database.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target Requires=container-database-postgres.service Before=container-database-postgres.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/container-lrproxy-nginx.service.j2 b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/container-lrproxy-nginx.service.j2 index ace3008..a46220b 100644 --- a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/container-lrproxy-nginx.service.j2 +++ b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/container-lrproxy-nginx.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target BindsTo=pod-lrproxy.service After=pod-lrproxy.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/pod-lrproxy.service.j2 b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/pod-lrproxy.service.j2 index cb884a7..e12b1f6 100644 --- a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/pod-lrproxy.service.j2 +++ b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/pod-lrproxy.service.j2 @@ -5,6 +5,7 @@ Wants=network.target After=network-online.target Requires=container-lrproxy-nginx.service Before=container-lrproxy-nginx.service +OnFailure=status-mail@%n.service [Service] Environment=PODMAN_SYSTEMD_UNIT=%n diff --git a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/rsync-certificates.service.j2 b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/rsync-certificates.service.j2 index f521d81..acdcc70 100644 --- a/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/rsync-certificates.service.j2 +++ b/playbooks/filesystem/yggdrasil/var/lib/yggdrasil/home/pod-lrproxy/.config/systemd/user/rsync-certificates.service.j2 @@ -1,6 +1,7 @@ [Unit] Description=Podman rsync-certificates.service Documentation=man:rsync(1) +OnFailure=status-mail@%n.service [Service] Type=oneshot diff --git a/playbooks/tasks/hosts/systemd-mail.yml b/playbooks/tasks/hosts/systemd-mail.yml index 504722a..eb3cd6e 100644 --- a/playbooks/tasks/hosts/systemd-mail.yml +++ b/playbooks/tasks/hosts/systemd-mail.yml @@ -1,18 +1,32 @@ -- name: SystemD mail script +- name: SystemD mail root script template: - src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/systemd-mail-systemctl-status.j2 + src: ./filesystem/common/usr/local/sbin/systemd-mail-systemctl-status.j2 dest: /usr/local/sbin/systemd-mail-systemctl-status mode: 0755 -- name: SystemD mail service +- name: SystemD mail user script + template: + src: ./filesystem/common/usr/local/bin/systemd-mail-systemctl-status.j2 + dest: /usr/local/bin/systemd-mail-systemctl-status + mode: 0755 + +- name: SystemD mail root service copy: - src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/status-mail@.service + src: ./filesystem/common/etc/systemd/system/status-mail@.service dest: /etc/systemd/system/status-mail@.service mode: 0644 - register: systemd_status_mail_service_file + register: systemd_system_status_mail_service_file + +- name: SystemD mail user service + copy: + src: ./filesystem/common/etc/systemd/user/status-mail@.service + dest: /etc/systemd/user/status-mail@.service + mode: 0644 + register: systemd_user_status_mail_service_file - name: SystemD daemon reload systemd: daemon_reload: true when: - systemd_status_mail_service_file is changed + systemd_system_status_mail_service_file is changed or + systemd_user_status_mail_service_file is changed