the-nine-worlds/ansible-edda
the-nine-worlds/ansible-edda
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Compartamentalise playbooks

Browse Source
This commit is contained in:
Wojciech Kozlowski 2022-09-22 23:01:27 +02:00
parent 0686e1fc9a
commit 593717d10f
50 changed files with 67 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -1,2 +1,3 @@
group_vars/**
host_vars/**
group_vars/the_nine_worlds
host_vars/valkyrie
host_vars/yggdrasil

11
vars → group_vars/.template
View File

@ -1,5 +1,3 @@
# Set the variables and move to group_vars/<group> and host_vars/<host> as required and encrypt.
# Ansible variables
ansible_port:
ansible_become_password:
@ -9,12 +7,13 @@ ssh_user:
# Machine variables
domain:
subnet_address:
subnet_masklen:
subnet:
# Postfix variables
postfix_smtp_server:
postfix_smtp_port:
postfix_smtp_user:
postfix_smtp_pass:
# VPN network variables
vpn_wg0_port:
vpn_wg0_netmask:
vpn_wg0_preshared_key:

24
host_vars/.template Normal file
View File

@ -0,0 +1,24 @@
# Machine variables
subnet_address:
subnet_masklen:
subnet:
ethx:
# Postfix variables
postfix_smtp_pass:
# VPN network variables
vpn_subnet_id:
vpn_remote_id:
vpn_br0_address:
vpn_br0_broadcast:
vpn_br0_netmask:
vpn_wg0_address:
vpn_wg0_interface_private_key:
vpn_wg0_peer_public_key:
vpn_remote_subnet:
vpn_reverse_proxy_address:

26
hosts.yml
View File

@ -1,26 +0,0 @@
---
- hosts: the_nine_worlds
tasks:
- import_tasks: tasks/sshd.yml
- import_tasks: tasks/firewall.yml
- import_tasks: tasks/ntp.yml
- import_tasks: tasks/mail.yml
- import_tasks: tasks/unattended-upgrades.yml
- import_tasks: tasks/fail2ban.yml
- import_tasks: tasks/fstrim.yml
- import_tasks: tasks/logs.yml
- import_tasks: tasks/motd.yml
- import_tasks: tasks/utils.yml
- import_tasks: tasks/user.yml
- import_tasks: tasks/root-shell.yml
- hosts: yggdrasil
tasks:
- import_tasks: tasks/systemd-mail.yml
- import_tasks: tasks/zfs-scrub.yml
- import_tasks: tasks/zfs-trim.yml
- import_tasks: tasks/zfsutils-cron.yml
- import_tasks: tasks/ups.yml
- import_tasks: tasks/smart.yml

0
filesystem/common/etc/aliases.j2 → playbooks/filesystem/common/etc/aliases.j2
View File

0
filesystem/common/etc/apt/apt.conf.d/20auto-upgrades → playbooks/filesystem/common/etc/apt/apt.conf.d/20auto-upgrades
View File

0
filesystem/common/etc/apt/apt.conf.d/50unattended-upgrades → playbooks/filesystem/common/etc/apt/apt.conf.d/50unattended-upgrades
View File

0
filesystem/common/etc/fail2ban/jail.d/sshd.local.j2 → playbooks/filesystem/common/etc/fail2ban/jail.d/sshd.local.j2
View File

0
filesystem/common/etc/fail2ban/jail.local.j2 → playbooks/filesystem/common/etc/fail2ban/jail.local.j2
View File

0
filesystem/common/etc/logcheck/ignore.d.server/hostname.j2 → playbooks/filesystem/common/etc/logcheck/ignore.d.server/hostname.j2
View File

0
filesystem/common/etc/logcheck/logcheck.conf → playbooks/filesystem/common/etc/logcheck/logcheck.conf
View File

0
filesystem/common/etc/mailname.j2 → playbooks/filesystem/common/etc/mailname.j2
View File

0
filesystem/common/etc/mailutils.conf.j2 → playbooks/filesystem/common/etc/mailutils.conf.j2
View File

0
filesystem/common/etc/nftables.conf.j2 → playbooks/filesystem/common/etc/nftables.conf.j2
View File

0
filesystem/common/etc/pam.d/su → playbooks/filesystem/common/etc/pam.d/su
View File

0
filesystem/common/etc/postfix/main.cf.j2 → playbooks/filesystem/common/etc/postfix/main.cf.j2
View File

0
filesystem/common/etc/postfix/sasl_passwd.j2 → playbooks/filesystem/common/etc/postfix/sasl_passwd.j2
View File

0
filesystem/common/etc/ssh/sshd_config.d/00-local.conf.j2 → playbooks/filesystem/common/etc/ssh/sshd_config.d/00-local.conf.j2
View File

0
filesystem/common/home/user/bashrc → playbooks/filesystem/common/home/user/bashrc
View File

0
filesystem/common/home/user/tmux.conf → playbooks/filesystem/common/home/user/tmux.conf
View File

0
filesystem/valkyrie/etc/motd → playbooks/filesystem/valkyrie/etc/motd
View File

0
filesystem/yggdrasil/etc/apcupsd/apcupsd.conf → playbooks/filesystem/yggdrasil/etc/apcupsd/apcupsd.conf
View File

0
filesystem/yggdrasil/etc/motd → playbooks/filesystem/yggdrasil/etc/motd
View File

0
filesystem/yggdrasil/etc/smartd.conf → playbooks/filesystem/yggdrasil/etc/smartd.conf
View File

0
filesystem/yggdrasil/etc/systemd/system/status-mail@.service → playbooks/filesystem/yggdrasil/etc/systemd/system/status-mail@.service
View File

0
filesystem/yggdrasil/etc/systemd/system/zfs-scrub-monthly@.timer → playbooks/filesystem/yggdrasil/etc/systemd/system/zfs-scrub-monthly@.timer
View File

0
filesystem/yggdrasil/etc/systemd/system/zfs-scrub@.service → playbooks/filesystem/yggdrasil/etc/systemd/system/zfs-scrub@.service
View File

0
filesystem/yggdrasil/etc/systemd/system/zfs-trim-monthly@.timer → playbooks/filesystem/yggdrasil/etc/systemd/system/zfs-trim-monthly@.timer
View File

0
filesystem/yggdrasil/etc/systemd/system/zfs-trim@.service → playbooks/filesystem/yggdrasil/etc/systemd/system/zfs-trim@.service
View File

0
filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2 → playbooks/filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2
View File

0
filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2 → playbooks/filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2
View File

26
playbooks/hosts.yml Normal file
View File

@ -0,0 +1,26 @@
---
- hosts: the_nine_worlds
tasks:
- import_tasks: tasks/hosts/sshd.yml
- import_tasks: tasks/hosts/firewall.yml
- import_tasks: tasks/hosts/ntp.yml
- import_tasks: tasks/hosts/mail.yml
- import_tasks: tasks/hosts/unattended-upgrades.yml
- import_tasks: tasks/hosts/fail2ban.yml
- import_tasks: tasks/hosts/fstrim.yml
- import_tasks: tasks/hosts/logs.yml
- import_tasks: tasks/hosts/motd.yml
- import_tasks: tasks/hosts/utils.yml
- import_tasks: tasks/hosts/user.yml
- import_tasks: tasks/hosts/root-shell.yml
- hosts: yggdrasil
tasks:
- import_tasks: tasks/hosts/systemd-mail.yml
- import_tasks: tasks/hosts/zfs-scrub.yml
- import_tasks: tasks/hosts/zfs-trim.yml
- import_tasks: tasks/hosts/zfsutils-cron.yml
- import_tasks: tasks/hosts/ups.yml
- import_tasks: tasks/hosts/smart.yml

0
tasks/fail2ban.yml → playbooks/tasks/hosts/fail2ban.yml
View File

0
tasks/firewall.yml → playbooks/tasks/hosts/firewall.yml
View File

0
tasks/fstrim.yml → playbooks/tasks/hosts/fstrim.yml
View File

0
tasks/logs.yml → playbooks/tasks/hosts/logs.yml
View File

0
tasks/mail.yml → playbooks/tasks/hosts/mail.yml
View File

0
tasks/motd.yml → playbooks/tasks/hosts/motd.yml
View File

0
tasks/ntp.yml → playbooks/tasks/hosts/ntp.yml
View File

0
tasks/root-shell.yml → playbooks/tasks/hosts/root-shell.yml
View File

2
tasks/smart.yml → playbooks/tasks/hosts/smart.yml
View File

@ -4,7 +4,7 @@
- name: Smartd configuration
copy:
src: ./filesystem/yggdrasil/etc/smartd.conf
src: ./filesystem/{{ ansible_hostname }}/etc/smartd.conf
dest: /etc/smartd.conf
mode: 0644
register: smartd_conf

0
tasks/sshd.yml → playbooks/tasks/hosts/sshd.yml
View File

4
tasks/systemd-mail.yml → playbooks/tasks/hosts/systemd-mail.yml
View File

@ -1,12 +1,12 @@
- name: SystemD mail script
template:
src: ./filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/systemd-mail-systemctl-status.j2
dest: /usr/local/sbin/systemd-mail-systemctl-status
mode: 0755
- name: SystemD mail service
copy:
src: ./filesystem/yggdrasil/etc/systemd/system/status-mail@.service
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/status-mail@.service
dest: /etc/systemd/system/status-mail@.service
mode: 0644
register: systemd_status_mail_service_file

0
tasks/unattended-upgrades.yml → playbooks/tasks/hosts/unattended-upgrades.yml
View File

2
tasks/ups.yml → playbooks/tasks/hosts/ups.yml
View File

@ -4,7 +4,7 @@
- name: Apcupsd configuration
copy:
src: ./filesystem/yggdrasil/etc/apcupsd/apcupsd.conf
src: ./filesystem/{{ ansible_hostname }}/etc/apcupsd/apcupsd.conf
dest: /etc/apcupsd/apcupsd.conf
mode: 0644
register: apcupsd_conf

0
tasks/user.yml → playbooks/tasks/hosts/user.yml
View File

0
tasks/utils.yml → playbooks/tasks/hosts/utils.yml
View File

6
tasks/zfs-scrub.yml → playbooks/tasks/hosts/zfs-scrub.yml
View File

@ -1,19 +1,19 @@
- name: Zpool status mail script
template:
src: ./filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/systemd-mail-zpool-status.j2
dest: /usr/local/sbin/systemd-mail-zpool-status
mode: 0755
- name: Zfs scrub service file
copy:
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-scrub@.service
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-scrub@.service
dest: /etc/systemd/system/zfs-scrub@.service
mode: 0644
register: systemd_zfs_scrub_service_file
- name: Zfs scrub timer file
copy:
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-scrub-monthly@.timer
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-scrub-monthly@.timer
dest: /etc/systemd/system/zfs-scrub-monthly@.timer
mode: 0644
register: systemd_zfs_scrub_monthly_timer_file

4
tasks/zfs-trim.yml → playbooks/tasks/hosts/zfs-trim.yml
View File

@ -1,13 +1,13 @@
- name: Zfs trim service file
copy:
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-trim@.service
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-trim@.service
dest: /etc/systemd/system/zfs-trim@.service
mode: 0644
register: systemd_zfs_trim_service_file
- name: Zfs trim timer file
copy:
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-trim-monthly@.timer
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-trim-monthly@.timer
dest: /etc/systemd/system/zfs-trim-monthly@.timer
mode: 0644
register: systemd_zfs_trim_monthly_timer_file

0
tasks/zfsutils-cron.yml → playbooks/tasks/hosts/zfsutils-cron.yml
View File