Compartamentalise playbooks
This commit is contained in:
parent
0686e1fc9a
commit
593717d10f
5
.gitignore
vendored
5
.gitignore
vendored
@ -1,2 +1,3 @@
|
||||
group_vars/**
|
||||
host_vars/**
|
||||
group_vars/the_nine_worlds
|
||||
host_vars/valkyrie
|
||||
host_vars/yggdrasil
|
||||
|
@ -1,5 +1,3 @@
|
||||
# Set the variables and move to group_vars/<group> and host_vars/<host> as required and encrypt.
|
||||
|
||||
# Ansible variables
|
||||
ansible_port:
|
||||
ansible_become_password:
|
||||
@ -9,12 +7,13 @@ ssh_user:
|
||||
|
||||
# Machine variables
|
||||
domain:
|
||||
subnet_address:
|
||||
subnet_masklen:
|
||||
subnet:
|
||||
|
||||
# Postfix variables
|
||||
postfix_smtp_server:
|
||||
postfix_smtp_port:
|
||||
postfix_smtp_user:
|
||||
postfix_smtp_pass:
|
||||
|
||||
# VPN network variables
|
||||
vpn_wg0_port:
|
||||
vpn_wg0_netmask:
|
||||
vpn_wg0_preshared_key:
|
24
host_vars/.template
Normal file
24
host_vars/.template
Normal file
@ -0,0 +1,24 @@
|
||||
# Machine variables
|
||||
subnet_address:
|
||||
subnet_masklen:
|
||||
subnet:
|
||||
ethx:
|
||||
|
||||
# Postfix variables
|
||||
postfix_smtp_pass:
|
||||
|
||||
# VPN network variables
|
||||
vpn_subnet_id:
|
||||
vpn_remote_id:
|
||||
|
||||
vpn_br0_address:
|
||||
vpn_br0_broadcast:
|
||||
vpn_br0_netmask:
|
||||
|
||||
vpn_wg0_address:
|
||||
vpn_wg0_interface_private_key:
|
||||
vpn_wg0_peer_public_key:
|
||||
|
||||
vpn_remote_subnet:
|
||||
|
||||
vpn_reverse_proxy_address:
|
26
hosts.yml
26
hosts.yml
@ -1,26 +0,0 @@
|
||||
---
|
||||
- hosts: the_nine_worlds
|
||||
|
||||
tasks:
|
||||
- import_tasks: tasks/sshd.yml
|
||||
- import_tasks: tasks/firewall.yml
|
||||
- import_tasks: tasks/ntp.yml
|
||||
- import_tasks: tasks/mail.yml
|
||||
- import_tasks: tasks/unattended-upgrades.yml
|
||||
- import_tasks: tasks/fail2ban.yml
|
||||
- import_tasks: tasks/fstrim.yml
|
||||
- import_tasks: tasks/logs.yml
|
||||
- import_tasks: tasks/motd.yml
|
||||
- import_tasks: tasks/utils.yml
|
||||
- import_tasks: tasks/user.yml
|
||||
- import_tasks: tasks/root-shell.yml
|
||||
|
||||
- hosts: yggdrasil
|
||||
|
||||
tasks:
|
||||
- import_tasks: tasks/systemd-mail.yml
|
||||
- import_tasks: tasks/zfs-scrub.yml
|
||||
- import_tasks: tasks/zfs-trim.yml
|
||||
- import_tasks: tasks/zfsutils-cron.yml
|
||||
- import_tasks: tasks/ups.yml
|
||||
- import_tasks: tasks/smart.yml
|
26
playbooks/hosts.yml
Normal file
26
playbooks/hosts.yml
Normal file
@ -0,0 +1,26 @@
|
||||
---
|
||||
- hosts: the_nine_worlds
|
||||
|
||||
tasks:
|
||||
- import_tasks: tasks/hosts/sshd.yml
|
||||
- import_tasks: tasks/hosts/firewall.yml
|
||||
- import_tasks: tasks/hosts/ntp.yml
|
||||
- import_tasks: tasks/hosts/mail.yml
|
||||
- import_tasks: tasks/hosts/unattended-upgrades.yml
|
||||
- import_tasks: tasks/hosts/fail2ban.yml
|
||||
- import_tasks: tasks/hosts/fstrim.yml
|
||||
- import_tasks: tasks/hosts/logs.yml
|
||||
- import_tasks: tasks/hosts/motd.yml
|
||||
- import_tasks: tasks/hosts/utils.yml
|
||||
- import_tasks: tasks/hosts/user.yml
|
||||
- import_tasks: tasks/hosts/root-shell.yml
|
||||
|
||||
- hosts: yggdrasil
|
||||
|
||||
tasks:
|
||||
- import_tasks: tasks/hosts/systemd-mail.yml
|
||||
- import_tasks: tasks/hosts/zfs-scrub.yml
|
||||
- import_tasks: tasks/hosts/zfs-trim.yml
|
||||
- import_tasks: tasks/hosts/zfsutils-cron.yml
|
||||
- import_tasks: tasks/hosts/ups.yml
|
||||
- import_tasks: tasks/hosts/smart.yml
|
@ -4,7 +4,7 @@
|
||||
|
||||
- name: Smartd configuration
|
||||
copy:
|
||||
src: ./filesystem/yggdrasil/etc/smartd.conf
|
||||
src: ./filesystem/{{ ansible_hostname }}/etc/smartd.conf
|
||||
dest: /etc/smartd.conf
|
||||
mode: 0644
|
||||
register: smartd_conf
|
@ -1,12 +1,12 @@
|
||||
- name: SystemD mail script
|
||||
template:
|
||||
src: ./filesystem/yggdrasil/usr/local/sbin/systemd-mail-systemctl-status.j2
|
||||
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/systemd-mail-systemctl-status.j2
|
||||
dest: /usr/local/sbin/systemd-mail-systemctl-status
|
||||
mode: 0755
|
||||
|
||||
- name: SystemD mail service
|
||||
copy:
|
||||
src: ./filesystem/yggdrasil/etc/systemd/system/status-mail@.service
|
||||
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/status-mail@.service
|
||||
dest: /etc/systemd/system/status-mail@.service
|
||||
mode: 0644
|
||||
register: systemd_status_mail_service_file
|
@ -4,7 +4,7 @@
|
||||
|
||||
- name: Apcupsd configuration
|
||||
copy:
|
||||
src: ./filesystem/yggdrasil/etc/apcupsd/apcupsd.conf
|
||||
src: ./filesystem/{{ ansible_hostname }}/etc/apcupsd/apcupsd.conf
|
||||
dest: /etc/apcupsd/apcupsd.conf
|
||||
mode: 0644
|
||||
register: apcupsd_conf
|
@ -1,19 +1,19 @@
|
||||
- name: Zpool status mail script
|
||||
template:
|
||||
src: ./filesystem/yggdrasil/usr/local/sbin/systemd-mail-zpool-status.j2
|
||||
src: ./filesystem/{{ ansible_hostname }}/usr/local/sbin/systemd-mail-zpool-status.j2
|
||||
dest: /usr/local/sbin/systemd-mail-zpool-status
|
||||
mode: 0755
|
||||
|
||||
- name: Zfs scrub service file
|
||||
copy:
|
||||
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-scrub@.service
|
||||
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-scrub@.service
|
||||
dest: /etc/systemd/system/zfs-scrub@.service
|
||||
mode: 0644
|
||||
register: systemd_zfs_scrub_service_file
|
||||
|
||||
- name: Zfs scrub timer file
|
||||
copy:
|
||||
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-scrub-monthly@.timer
|
||||
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-scrub-monthly@.timer
|
||||
dest: /etc/systemd/system/zfs-scrub-monthly@.timer
|
||||
mode: 0644
|
||||
register: systemd_zfs_scrub_monthly_timer_file
|
@ -1,13 +1,13 @@
|
||||
- name: Zfs trim service file
|
||||
copy:
|
||||
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-trim@.service
|
||||
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-trim@.service
|
||||
dest: /etc/systemd/system/zfs-trim@.service
|
||||
mode: 0644
|
||||
register: systemd_zfs_trim_service_file
|
||||
|
||||
- name: Zfs trim timer file
|
||||
copy:
|
||||
src: ./filesystem/yggdrasil/etc/systemd/system/zfs-trim-monthly@.timer
|
||||
src: ./filesystem/{{ ansible_hostname }}/etc/systemd/system/zfs-trim-monthly@.timer
|
||||
dest: /etc/systemd/system/zfs-trim-monthly@.timer
|
||||
mode: 0644
|
||||
register: systemd_zfs_trim_monthly_timer_file
|
Loading…
Reference in New Issue
Block a user