From 720cd70e4fd5635794c1ab95a9f1ef4b65b9d358 Mon Sep 17 00:00:00 2001 From: polyfloyd Date: Tue, 29 Apr 2025 17:50:18 +0200 Subject: [PATCH 1/7] Move a few things over from GitHub --- roles/services/tasks/discord_bot.yaml | 2 +- roles/services/tasks/mastodon_spacestate.yaml | 2 +- roles/services/tasks/spacestated.yaml | 2 +- roles/services/tasks/wifi_mqtt.yaml | 2 +- roles/www/tasks/calendar.yaml | 2 +- roles/www/tasks/spaceapi.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/services/tasks/discord_bot.yaml b/roles/services/tasks/discord_bot.yaml index 1889db4..19a659f 100644 --- a/roles/services/tasks/discord_bot.yaml +++ b/roles/services/tasks/discord_bot.yaml @@ -21,7 +21,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/discord-bot.git + repo: https://git.bitlair.nl/bitlair/discord-bot.git version: main dest: /var/lib/discord-bot accept_hostkey: yes diff --git a/roles/services/tasks/mastodon_spacestate.yaml b/roles/services/tasks/mastodon_spacestate.yaml index 53f979e..9babbbd 100644 --- a/roles/services/tasks/mastodon_spacestate.yaml +++ b/roles/services/tasks/mastodon_spacestate.yaml @@ -7,7 +7,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/mastodon-spacestate.git + repo: https://git.bitlair.nl/bitlair/mastodon-spacestate.git version: main dest: /var/lib/mastodon-spacestate accept_hostkey: yes diff --git a/roles/services/tasks/spacestated.yaml b/roles/services/tasks/spacestated.yaml index 92a0ace..e35851e 100644 --- a/roles/services/tasks/spacestated.yaml +++ b/roles/services/tasks/spacestated.yaml @@ -21,7 +21,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/spacestated.git + repo: https://git.bitlair.nl/bitlair/spacestated.git version: main dest: /var/lib/spacestated/spacestated accept_hostkey: yes diff --git a/roles/services/tasks/wifi_mqtt.yaml b/roles/services/tasks/wifi_mqtt.yaml index 8bb8353..d69aa34 100644 --- a/roles/services/tasks/wifi_mqtt.yaml +++ b/roles/services/tasks/wifi_mqtt.yaml @@ -8,7 +8,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/wifi-mqtt.git + repo: https://git.bitlair.nl/bitlair/wifi-mqtt.git version: main dest: /var/lib/wifi-mqtt accept_hostkey: yes diff --git a/roles/www/tasks/calendar.yaml b/roles/www/tasks/calendar.yaml index f6513a8..16c027e 100644 --- a/roles/www/tasks/calendar.yaml +++ b/roles/www/tasks/calendar.yaml @@ -5,7 +5,7 @@ - name: Clone source ansible.builtin.git: - repo: https://github.com/bitlair/calendar-parser.git + repo: https://git.bitlair.nl/bitlair/wiki-calendar-exporter.git version: main dest: /usr/local/src/bitlair-calendar accept_hostkey: yes diff --git a/roles/www/tasks/spaceapi.yaml b/roles/www/tasks/spaceapi.yaml index 7c8a494..e6b7954 100644 --- a/roles/www/tasks/spaceapi.yaml +++ b/roles/www/tasks/spaceapi.yaml @@ -1,7 +1,7 @@ --- - name: Clone spaceapi source ansible.builtin.git: - repo: https://github.com/bitlair/spaceapi.git + repo: https://git.bitlair.nl/bitlair/spaceapi.git version: main dest: /opt/spaceapi accept_hostkey: true From cedacdec7dcd67e6bf53aadc6cb7fe1294595136 Mon Sep 17 00:00:00 2001 From: polyfloyd Date: Tue, 29 Apr 2025 18:47:52 +0200 Subject: [PATCH 2/7] bank: Increase git sync frequency --- roles/bank/templates/git.cron | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/bank/templates/git.cron b/roles/bank/templates/git.cron index b703657..b334260 100644 --- a/roles/bank/templates/git.cron +++ b/roles/bank/templates/git.cron @@ -1,4 +1,4 @@ SHELL=/bin/bash -#m h dom mon dow user command - 0 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) +#m h dom mon dow user command + */10 * * * * {{ bank_user }} (cd /home/{{ bank_user }}/data.git && git pull -r && git push && git gc --auto && cp revbank.products ../revbank.products) From efd0604c3aa9d3c9ff558fdfd36c666d050cd57e Mon Sep 17 00:00:00 2001 From: BlackDragon Date: Wed, 30 Apr 2025 18:44:08 +0200 Subject: [PATCH 3/7] Update roles/chat/templates/config.js.j2 --- roles/chat/templates/config.js.j2 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/chat/templates/config.js.j2 b/roles/chat/templates/config.js.j2 index ba12695..69b1727 100644 --- a/roles/chat/templates/config.js.j2 +++ b/roles/chat/templates/config.js.j2 @@ -3,7 +3,8 @@ module.exports = { public: false, port: 9000, - bind: "127.0.0.1", + bind: "0.0.0.0", + host: "127.0.0.1", reverseProxy: true, lockNetwork: true, maxHistory: 10000, From 6dfb60165ae04f2e756179b53065377f3b2c4eac Mon Sep 17 00:00:00 2001 From: polyfloyd Date: Wed, 30 Apr 2025 19:33:26 +0200 Subject: [PATCH 4/7] Add a distinct nodesource role --- chat.yaml | 1 + pad.yaml | 1 + roles/chat/tasks/main.yaml | 23 +----------- roles/chat/templates/nodejs-apt-pref | 5 --- roles/chat/templates/nodesource.list | 3 -- roles/etherpad/defaults/main.yaml | 1 - roles/etherpad/tasks/main.yaml | 37 +------------------ roles/nodesource/defaults/main.yaml | 2 + roles/nodesource/handlers/main.yaml | 3 ++ roles/nodesource/tasks/main.yaml | 33 +++++++++++++++++ .../templates/nodejs-apt-pref | 0 .../templates/nodesource.list | 2 +- 12 files changed, 44 insertions(+), 67 deletions(-) delete mode 100644 roles/chat/templates/nodejs-apt-pref delete mode 100644 roles/chat/templates/nodesource.list create mode 100644 roles/nodesource/defaults/main.yaml create mode 100644 roles/nodesource/handlers/main.yaml create mode 100644 roles/nodesource/tasks/main.yaml rename roles/{etherpad => nodesource}/templates/nodejs-apt-pref (100%) rename roles/{etherpad => nodesource}/templates/nodesource.list (56%) diff --git a/chat.yaml b/chat.yaml index a5b4c42..fdf3a9a 100644 --- a/chat.yaml +++ b/chat.yaml @@ -6,4 +6,5 @@ - { role: "nft", tags: [ "nft" ] } - { role: "nginx", tags: [ "nginx" ] } - { role: "acme", tags: [ "acme" ] } + - { role: "nodesource", tags: [ "nodesource" ] } - { role: "chat", tags: [ "chat" ] } diff --git a/pad.yaml b/pad.yaml index 380e790..1d35c0d 100644 --- a/pad.yaml +++ b/pad.yaml @@ -9,4 +9,5 @@ - { role: "nft", tags: [ "nft" ] } - { role: "acme", tags: [ "acme" ] } - { role: "nginx", tags: [ "nginx" ] } + - { role: "nodesource", tags: [ "nodesource" ] } - { role: "etherpad", tags: [ "etherpad" ] } diff --git a/roles/chat/tasks/main.yaml b/roles/chat/tasks/main.yaml index 7b74982..696d5e5 100644 --- a/roles/chat/tasks/main.yaml +++ b/roles/chat/tasks/main.yaml @@ -4,17 +4,8 @@ ansible.builtin.apt: state: present pkg: - - gpg - - apt-transport-https - build-essential - -- name: Import nodesource signing key - ansible.builtin.shell: - cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor - -o /usr/share/keyrings/nodesource.gpg - args: - creates: /usr/share/keyrings/nodesource.gpg - notify: Apt update + - nodejs - name: Ensure directories are present ansible.builtin.file: @@ -30,20 +21,8 @@ notify: - Restart thelounge -- name: Configure templates - ansible.builtin.template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - owner: "{{ item.owner | default( chat_user ) }}" - group: "{{ item.group | default( chat_group ) }}" - mode: "{{ item.mode | default('0640') }}" - with_items: - - { src: "nodesource.list", dest: "/etc/apt/sources.list.d/nodesource.list", owner: root, group: root } - - { src: "nodejs-apt-pref", dest: "/etc/apt/preferences.d/nodejs", owner: root, group: root } - - name: Install nodejs ansible.builtin.apt: - name: nodejs - name: Install yarn ansible.builtin.shell: diff --git a/roles/chat/templates/nodejs-apt-pref b/roles/chat/templates/nodejs-apt-pref deleted file mode 100644 index 6193912..0000000 --- a/roles/chat/templates/nodejs-apt-pref +++ /dev/null @@ -1,5 +0,0 @@ -# {{ ansible_managed }} - -Package: nodejs -Pin: origin deb.nodesource.com -Pin-Priority: 1000 diff --git a/roles/chat/templates/nodesource.list b/roles/chat/templates/nodesource.list deleted file mode 100644 index 6ac9322..0000000 --- a/roles/chat/templates/nodesource.list +++ /dev/null @@ -1,3 +0,0 @@ -# {{ ansible_managed }} - -deb [arch=amd64 signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodejs_version }} nodistro main diff --git a/roles/etherpad/defaults/main.yaml b/roles/etherpad/defaults/main.yaml index 7e1952a..4a05b97 100644 --- a/roles/etherpad/defaults/main.yaml +++ b/roles/etherpad/defaults/main.yaml @@ -1,4 +1,3 @@ -nodejs_version: 22.x etherpad_db_user: etherpad etherpad_db_password: "{{ lookup('password', '/tmp/etherpad_db_password length=32') }}" etherpad_db_name: etherpad diff --git a/roles/etherpad/tasks/main.yaml b/roles/etherpad/tasks/main.yaml index 38dc4d3..e19835c 100644 --- a/roles/etherpad/tasks/main.yaml +++ b/roles/etherpad/tasks/main.yaml @@ -3,43 +3,10 @@ - name: Install dependencies ansible.builtin.apt: state: present - pkg: - - gpg + pkg: + - nodejs - postgresql - python3-psycopg2 - - apt-transport-https - -- name: Import nodesource signing key - ansible.builtin.shell: - cmd: curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor - -o /usr/share/keyrings/nodesource.gpg - args: - creates: /usr/share/keyrings/nodesource.gpg - notify: apt update - -- name: Install nodesource source list - ansible.builtin.template: - src: nodesource.list - dest: /etc/apt/sources.list.d/nodesource.list - owner: root - group: root - mode: 0644 - notify: apt update - -- name: Install nodejs apt preference - ansible.builtin.template: - src: nodejs-apt-pref - dest: /etc/apt/preferences.d/nodejs - owner: root - group: root - mode: 0644 - notify: apt update - -- ansible.builtin.meta: flush_handlers - -- name: Install nodejs - ansible.builtin.apt: - name: nodejs - name: Add database user become: true diff --git a/roles/nodesource/defaults/main.yaml b/roles/nodesource/defaults/main.yaml new file mode 100644 index 0000000..6ab2293 --- /dev/null +++ b/roles/nodesource/defaults/main.yaml @@ -0,0 +1,2 @@ +--- +nodesource_version: 22.x diff --git a/roles/nodesource/handlers/main.yaml b/roles/nodesource/handlers/main.yaml new file mode 100644 index 0000000..e7a11ce --- /dev/null +++ b/roles/nodesource/handlers/main.yaml @@ -0,0 +1,3 @@ +--- +- ansible.builtin.import_tasks: + file: ../../common/handlers/main.yaml diff --git a/roles/nodesource/tasks/main.yaml b/roles/nodesource/tasks/main.yaml new file mode 100644 index 0000000..f35afde --- /dev/null +++ b/roles/nodesource/tasks/main.yaml @@ -0,0 +1,33 @@ +--- +- name: Install dependencies + ansible.builtin.apt: + state: present + pkg: + - apt-transport-https + - gpg + +- name: Import nodesource signing key + ansible.builtin.shell: + cmd: | + set -o pipefail + curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /usr/share/keyrings/nodesource.gpg + executable: /bin/bash + args: + creates: /usr/share/keyrings/nodesource.gpg + notify: apt update + +- name: Install nodesource apt files + ansible.builtin.template: + src: nodesource.list + dest: /etc/apt/sources.list.d/nodesource.list + owner: root + group: root + mode: 0644 + notify: apt update + with_items: + - src: nodesource.list + dest: /etc/apt/sources.list.d/nodesource.list + - src: nodejs-apt-pref + dest: /etc/apt/preferences.d/nodejs + +- ansible.builtin.meta: flush_handlers diff --git a/roles/etherpad/templates/nodejs-apt-pref b/roles/nodesource/templates/nodejs-apt-pref similarity index 100% rename from roles/etherpad/templates/nodejs-apt-pref rename to roles/nodesource/templates/nodejs-apt-pref diff --git a/roles/etherpad/templates/nodesource.list b/roles/nodesource/templates/nodesource.list similarity index 56% rename from roles/etherpad/templates/nodesource.list rename to roles/nodesource/templates/nodesource.list index 43defab..3600170 100644 --- a/roles/etherpad/templates/nodesource.list +++ b/roles/nodesource/templates/nodesource.list @@ -1,3 +1,3 @@ # {{ ansible_managed }} -deb [arch=$arch signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodejs_version }} nodistro main +deb [arch=$arch signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_{{ nodesource_version }} nodistro main From 33f7b0fc358331de65458a171f47886d97f0dce3 Mon Sep 17 00:00:00 2001 From: polyfloyd Date: Wed, 30 Apr 2025 20:47:29 +0200 Subject: [PATCH 5/7] git-server: Run update.sh as root --- roles/git-server/templates/cronjob | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/git-server/templates/cronjob b/roles/git-server/templates/cronjob index 9a71799..659b668 100644 --- a/roles/git-server/templates/cronjob +++ b/roles/git-server/templates/cronjob @@ -1,4 +1,4 @@ # {{ ansible_managed }} -#m h dom mon dow user command - 0 2 * * 1 {{ git_server_user }} {{ git_server_working_dir }}/update.sh +#m h dom mon dow user command + 0 2 * * 1 root {{ git_server_working_dir }}/update.sh From 46a28a9ead3e50abce6593e9240bf40bd5bd61d7 Mon Sep 17 00:00:00 2001 From: polyfloyd Date: Wed, 30 Apr 2025 20:59:31 +0200 Subject: [PATCH 6/7] Add ldap host --- bitlair.yaml | 4 ++++ inventory | 3 +++ 2 files changed, 7 insertions(+) diff --git a/bitlair.yaml b/bitlair.yaml index 19de646..b463ff7 100644 --- a/bitlair.yaml +++ b/bitlair.yaml @@ -71,3 +71,7 @@ - { role: "acme", tags: [ "acme" ] } - { role: "nginx", tags: [ "nginx" ] } - { role: "chat", tags: [ "chat" ] } + +- hosts: ldap + roles: + - { role: "common", tags: [ "common" ] } diff --git a/inventory b/inventory index 86d1bea..eca431d 100644 --- a/inventory +++ b/inventory @@ -50,6 +50,9 @@ homeassistant.bitlair.nl [chat] chat.bitlair.nl +[ldap] +ldap-new.bitlair.nl + [debian:children] bank fotos From 0a7dfab99fd4b1d495a9097653bccad81947e7ee Mon Sep 17 00:00:00 2001 From: Mark Janssen -- Sig-I/O Automatisering Date: Wed, 30 Apr 2025 21:43:16 +0200 Subject: [PATCH 7/7] Cleanup chat playbook --- roles/chat/tasks/main.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/roles/chat/tasks/main.yaml b/roles/chat/tasks/main.yaml index 696d5e5..cad172f 100644 --- a/roles/chat/tasks/main.yaml +++ b/roles/chat/tasks/main.yaml @@ -28,7 +28,8 @@ ansible.builtin.shell: cmd: npm install --global yarn -- stat: path=/opt/thelounge +- ansible.builtin.stat: + path: /opt/thelounge register: src_path - name: Retreive thelounge source @@ -67,14 +68,14 @@ state: present - name: Ensure JS and JSON syntax checking packages are installed - yarn: + community.general.yarn: name: "{{ item }}" global: yes - state: latest # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in + # state: latest # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in with_items: - esprima - jsonlint - changed_when: no # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in + # changed_when: no # FIXME: Remove when https://github.com/ansible/ansible/pull/39557 makes it in - name: Configure templates ansible.builtin.template: