forked from bitlair/ansible
merge common-bitlair into common
This commit is contained in:
parent
b210abc77e
commit
7d59c108d6
25 changed files with 93 additions and 42 deletions
|
|
@ -3,7 +3,6 @@
|
||||||
- hosts: bank
|
- hosts: bank
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- bank
|
- bank
|
||||||
vars:
|
vars:
|
||||||
bank_revbank_git: https://github.com/bitlair/revbank.git
|
bank_revbank_git: https://github.com/bitlair/revbank.git
|
||||||
|
|
|
||||||
2
bar.yaml
2
bar.yaml
|
|
@ -5,5 +5,5 @@
|
||||||
raspi_rotate_display: "2"
|
raspi_rotate_display: "2"
|
||||||
roles:
|
roles:
|
||||||
- raspi
|
- raspi
|
||||||
- common-bitlair
|
- common
|
||||||
- bank-terminal
|
- bank-terminal
|
||||||
|
|
|
||||||
|
|
@ -3,4 +3,3 @@
|
||||||
- hosts: debian
|
- hosts: debian
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
|
|
|
||||||
|
|
@ -3,5 +3,4 @@
|
||||||
- hosts: fotos
|
- hosts: fotos
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- photos
|
- photos
|
||||||
|
|
|
||||||
|
|
@ -3,5 +3,4 @@
|
||||||
- hosts: git-ci
|
- hosts: git-ci
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- git-ci
|
- git-ci
|
||||||
|
|
|
||||||
1
git.yaml
1
git.yaml
|
|
@ -3,6 +3,5 @@
|
||||||
- hosts: git
|
- hosts: git
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- acme
|
- acme
|
||||||
- git-server
|
- git-server
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
---
|
||||||
|
|
||||||
is_vm: true
|
is_vm: true
|
||||||
|
|
||||||
ansible_user: root
|
ansible_user: root
|
||||||
|
|
@ -31,3 +33,7 @@ root_access:
|
||||||
|
|
||||||
mqtt_internal_host: mqtt.bitlair.nl
|
mqtt_internal_host: mqtt.bitlair.nl
|
||||||
mqtt_public_host: bitlair.nl
|
mqtt_public_host: bitlair.nl
|
||||||
|
|
||||||
|
debian_repourl: "http://deb.debian.org/debian/"
|
||||||
|
debian_securityurl: "http://security.debian.org/debian-security"
|
||||||
|
|
||||||
|
|
|
||||||
36
inventory
36
inventory
|
|
@ -6,15 +6,49 @@ bank-pi.bitlair.nl
|
||||||
[kvm]
|
[kvm]
|
||||||
kvm4.bitlair.nl
|
kvm4.bitlair.nl
|
||||||
|
|
||||||
[debian]
|
[bank]
|
||||||
bank.bitlair.nl
|
bank.bitlair.nl
|
||||||
|
|
||||||
|
[fotos]
|
||||||
blockchain.bitlair.nl
|
blockchain.bitlair.nl
|
||||||
|
|
||||||
|
[git]
|
||||||
git.bitlair.nl
|
git.bitlair.nl
|
||||||
|
|
||||||
|
[git-ci]
|
||||||
git-ci.bitlair.nl
|
git-ci.bitlair.nl
|
||||||
|
|
||||||
|
[pad]
|
||||||
pad.bitlair.nl
|
pad.bitlair.nl
|
||||||
|
|
||||||
|
[lights]
|
||||||
lights.bitlair.nl
|
lights.bitlair.nl
|
||||||
|
|
||||||
|
[mqtt]
|
||||||
mqtt.bitlair.nl
|
mqtt.bitlair.nl
|
||||||
|
|
||||||
|
[monitoring]
|
||||||
dashboard.bitlair.nl
|
dashboard.bitlair.nl
|
||||||
|
|
||||||
|
[music]
|
||||||
music.bitlair.nl
|
music.bitlair.nl
|
||||||
|
|
||||||
|
[services]
|
||||||
service.bitlair.nl
|
service.bitlair.nl
|
||||||
|
|
||||||
|
[wiki]
|
||||||
wiki.bitlair.nl
|
wiki.bitlair.nl
|
||||||
|
|
||||||
|
[debian:children]
|
||||||
|
bank
|
||||||
|
fotos
|
||||||
|
git
|
||||||
|
git-ci
|
||||||
|
pad
|
||||||
|
lights
|
||||||
|
mqtt
|
||||||
|
monitoring
|
||||||
|
music
|
||||||
|
services
|
||||||
|
wiki
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,5 @@
|
||||||
- hosts: monitoring
|
- hosts: monitoring
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- acme
|
- acme
|
||||||
- monitoring
|
- monitoring
|
||||||
|
|
|
||||||
|
|
@ -3,5 +3,4 @@
|
||||||
- hosts: mqtt_internal
|
- hosts: mqtt_internal
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- mqtt-internal
|
- mqtt-internal
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,6 @@
|
||||||
- hosts: music
|
- hosts: music
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- acme
|
- acme
|
||||||
- go
|
- go
|
||||||
- music
|
- music
|
||||||
|
|
|
||||||
1
pad.yaml
1
pad.yaml
|
|
@ -6,6 +6,5 @@
|
||||||
- [ pad.bitlair.nl ]
|
- [ pad.bitlair.nl ]
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- acme
|
- acme
|
||||||
- etherpad
|
- etherpad
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Configure auto-upgrades
|
- name: Configure auto-upgrades
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: apt-minimal
|
src: apt-minimal
|
||||||
|
|
|
||||||
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
- name: Install backports source list
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: backports-source.list
|
|
||||||
dest: /etc/apt/sources.list.d/backports.list
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: apt update
|
|
||||||
|
|
||||||
- ansible.builtin.meta: flush_handlers
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Install source list
|
- name: Install source list
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: stable-sources.list
|
src: stable-sources.list
|
||||||
|
|
|
||||||
|
|
@ -6,15 +6,25 @@
|
||||||
when: ansible_facts['distribution_release'] != "bookworm"
|
when: ansible_facts['distribution_release'] != "bookworm"
|
||||||
tags: [ debian-upgrade, never ]
|
tags: [ debian-upgrade, never ]
|
||||||
|
|
||||||
- name: Import debian-backports.yaml
|
- name: Apt config and sources.list
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.template:
|
||||||
file: debian-backports.yaml
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ item.dest }}"
|
||||||
|
mode: "{{ item.mode | default('0644') }}"
|
||||||
|
owner: "{{ item.owner | default('root') }}"
|
||||||
|
group: "{{ item.group | default('root') }}"
|
||||||
|
with_items:
|
||||||
|
- { src: "apt.conf.j2", dest: "/etc/apt/apt.conf" }
|
||||||
|
- { src: "sources.list.j2", dest: "/etc/apt/sources.list" }
|
||||||
|
when:
|
||||||
|
- ansible_os_family == "Debian"
|
||||||
|
tags:
|
||||||
|
- sourceslist
|
||||||
|
|
||||||
tags: debian_backports
|
- name: Import unattended-updates
|
||||||
|
|
||||||
- tags: unattended_updates
|
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.import_tasks:
|
||||||
file: unattended-updates.yaml
|
file: unattended-updates.yaml
|
||||||
|
tags: unattended_updates
|
||||||
|
|
||||||
- tags: apt-minimal
|
- tags: apt-minimal
|
||||||
ansible.builtin.import_tasks:
|
ansible.builtin.import_tasks:
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Install node-exporter
|
- name: Install node-exporter
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: prometheus-node-exporter
|
name: prometheus-node-exporter
|
||||||
|
|
|
||||||
8
roles/common/templates/apt.conf.j2
Normal file
8
roles/common/templates/apt.conf.j2
Normal file
|
|
@ -0,0 +1,8 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
{% if proxy_host is defined and proxy_host != "" %}
|
||||||
|
Acquire::http::Proxy "http://{{ proxy_host }}:{{ proxy_port }}/";
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# Don't download translation-files
|
||||||
|
Acquire::Languages "none";
|
||||||
|
|
@ -1,4 +0,0 @@
|
||||||
# Managed by Ansible
|
|
||||||
|
|
||||||
deb http://ftp.nl.debian.org/debian/ {{ ansible_facts.distribution_release }}-backports main
|
|
||||||
deb-src http://ftp.nl.debian.org/debian/ {{ ansible_facts.distribution_release }}-backports main
|
|
||||||
24
roles/common/templates/sources.list.j2
Normal file
24
roles/common/templates/sources.list.j2
Normal file
|
|
@ -0,0 +1,24 @@
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
{% if debian_source_repos|default(false) %}
|
||||||
|
{% set SRC = "" %}
|
||||||
|
{% else %}
|
||||||
|
{% set SRC = "# " %}
|
||||||
|
{% endif %}
|
||||||
|
{% set components = "main contrib non-free-firmware" %}
|
||||||
|
|
||||||
|
deb {{ debian_repourl }} {{ ansible_distribution_release }} {{ components }}
|
||||||
|
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }} {{ components }}
|
||||||
|
#
|
||||||
|
# Updates
|
||||||
|
deb {{ debian_repourl }} {{ ansible_distribution_release }}-updates {{ components }}
|
||||||
|
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }}-updates {{ components }}
|
||||||
|
#
|
||||||
|
# Backports
|
||||||
|
deb {{ debian_repourl }} {{ ansible_distribution_release }}-backports {{ components }}
|
||||||
|
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }}-backports {{ components }}
|
||||||
|
#
|
||||||
|
# Security patches
|
||||||
|
deb {{ debian_securityurl }} {{ ansible_distribution_release }}-security {{ components }}
|
||||||
|
{{ SRC }}deb-src {{ debian_securityurl }} {{ ansible_distribution_release }}-security main contrib non- free
|
||||||
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
deb http://deb.debian.org/debian bookworm main non-free-firmware
|
|
||||||
deb-src http://deb.debian.org/debian bookworm main non-free-firmware
|
|
||||||
|
|
||||||
deb http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
|
|
||||||
deb-src http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
|
|
||||||
|
|
||||||
deb http://deb.debian.org/debian bookworm-updates main non-free-firmware
|
|
||||||
deb-src http://deb.debian.org/debian bookworm-updates main non-free-firmware
|
|
||||||
|
|
@ -3,5 +3,4 @@
|
||||||
- hosts: services
|
- hosts: services
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- services
|
- services
|
||||||
|
|
|
||||||
1
www.yaml
1
www.yaml
|
|
@ -3,6 +3,5 @@
|
||||||
- hosts: wiki
|
- hosts: wiki
|
||||||
roles:
|
roles:
|
||||||
- common
|
- common
|
||||||
- common-bitlair
|
|
||||||
- acme
|
- acme
|
||||||
- www
|
- www
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue