merge common-bitlair into common

This commit is contained in:
Mark Janssen 2024-07-11 21:42:39 +02:00
parent b210abc77e
commit 7d59c108d6
25 changed files with 93 additions and 42 deletions

View file

@ -3,7 +3,6 @@
- hosts: bank
roles:
- common
- common-bitlair
- bank
vars:
bank_revbank_git: https://github.com/bitlair/revbank.git

View file

@ -5,5 +5,5 @@
raspi_rotate_display: "2"
roles:
- raspi
- common-bitlair
- common
- bank-terminal

View file

@ -3,4 +3,3 @@
- hosts: debian
roles:
- common
- common-bitlair

View file

@ -3,5 +3,4 @@
- hosts: fotos
roles:
- common
- common-bitlair
- photos

View file

@ -3,5 +3,4 @@
- hosts: git-ci
roles:
- common
- common-bitlair
- git-ci

View file

@ -3,6 +3,5 @@
- hosts: git
roles:
- common
- common-bitlair
- acme
- git-server

View file

@ -1,3 +1,5 @@
---
is_vm: true
ansible_user: root
@ -31,3 +33,7 @@ root_access:
mqtt_internal_host: mqtt.bitlair.nl
mqtt_public_host: bitlair.nl
debian_repourl: "http://deb.debian.org/debian/"
debian_securityurl: "http://security.debian.org/debian-security"

View file

@ -6,15 +6,49 @@ bank-pi.bitlair.nl
[kvm]
kvm4.bitlair.nl
[debian]
[bank]
bank.bitlair.nl
[fotos]
blockchain.bitlair.nl
[git]
git.bitlair.nl
[git-ci]
git-ci.bitlair.nl
[pad]
pad.bitlair.nl
[lights]
lights.bitlair.nl
[mqtt]
mqtt.bitlair.nl
[monitoring]
dashboard.bitlair.nl
[music]
music.bitlair.nl
[services]
service.bitlair.nl
[wiki]
wiki.bitlair.nl
[debian:children]
bank
fotos
git
git-ci
pad
lights
mqtt
monitoring
music
services
wiki

View file

@ -3,6 +3,5 @@
- hosts: monitoring
roles:
- common
- common-bitlair
- acme
- monitoring

View file

@ -3,5 +3,4 @@
- hosts: mqtt_internal
roles:
- common
- common-bitlair
- mqtt-internal

View file

@ -3,7 +3,6 @@
- hosts: music
roles:
- common
- common-bitlair
- acme
- go
- music

View file

@ -6,6 +6,5 @@
- [ pad.bitlair.nl ]
roles:
- common
- common-bitlair
- acme
- etherpad

View file

@ -1,4 +1,5 @@
---
- name: Configure auto-upgrades
ansible.builtin.template:
src: apt-minimal

View file

@ -1,11 +0,0 @@
---
- name: Install backports source list
ansible.builtin.template:
src: backports-source.list
dest: /etc/apt/sources.list.d/backports.list
owner: root
group: root
mode: 0644
notify: apt update
- ansible.builtin.meta: flush_handlers

View file

@ -1,4 +1,5 @@
---
- name: Install source list
ansible.builtin.template:
src: stable-sources.list

View file

@ -6,15 +6,25 @@
when: ansible_facts['distribution_release'] != "bookworm"
tags: [ debian-upgrade, never ]
- name: Import debian-backports.yaml
ansible.builtin.import_tasks:
file: debian-backports.yaml
- name: Apt config and sources.list
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode | default('0644') }}"
owner: "{{ item.owner | default('root') }}"
group: "{{ item.group | default('root') }}"
with_items:
- { src: "apt.conf.j2", dest: "/etc/apt/apt.conf" }
- { src: "sources.list.j2", dest: "/etc/apt/sources.list" }
when:
- ansible_os_family == "Debian"
tags:
- sourceslist
tags: debian_backports
- tags: unattended_updates
- name: Import unattended-updates
ansible.builtin.import_tasks:
file: unattended-updates.yaml
tags: unattended_updates
- tags: apt-minimal
ansible.builtin.import_tasks:

View file

@ -1,4 +1,5 @@
---
- name: Install node-exporter
ansible.builtin.apt:
name: prometheus-node-exporter

View file

@ -0,0 +1,8 @@
# {{ ansible_managed }}
{% if proxy_host is defined and proxy_host != "" %}
Acquire::http::Proxy "http://{{ proxy_host }}:{{ proxy_port }}/";
{% endif %}
# Don't download translation-files
Acquire::Languages "none";

View file

@ -1,4 +0,0 @@
# Managed by Ansible
deb http://ftp.nl.debian.org/debian/ {{ ansible_facts.distribution_release }}-backports main
deb-src http://ftp.nl.debian.org/debian/ {{ ansible_facts.distribution_release }}-backports main

View file

@ -0,0 +1,24 @@
# {{ ansible_managed }}
{% if debian_source_repos|default(false) %}
{% set SRC = "" %}
{% else %}
{% set SRC = "# " %}
{% endif %}
{% set components = "main contrib non-free-firmware" %}
deb {{ debian_repourl }} {{ ansible_distribution_release }} {{ components }}
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }} {{ components }}
#
# Updates
deb {{ debian_repourl }} {{ ansible_distribution_release }}-updates {{ components }}
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }}-updates {{ components }}
#
# Backports
deb {{ debian_repourl }} {{ ansible_distribution_release }}-backports {{ components }}
{{ SRC }}deb-src {{ debian_repourl }} {{ ansible_distribution_release }}-backports {{ components }}
#
# Security patches
deb {{ debian_securityurl }} {{ ansible_distribution_release }}-security {{ components }}
{{ SRC }}deb-src {{ debian_securityurl }} {{ ansible_distribution_release }}-security main contrib non- free

View file

@ -1,8 +0,0 @@
deb http://deb.debian.org/debian bookworm main non-free-firmware
deb-src http://deb.debian.org/debian bookworm main non-free-firmware
deb http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
deb-src http://deb.debian.org/debian-security/ bookworm-security main non-free-firmware
deb http://deb.debian.org/debian bookworm-updates main non-free-firmware
deb-src http://deb.debian.org/debian bookworm-updates main non-free-firmware

View file

@ -3,5 +3,4 @@
- hosts: services
roles:
- common
- common-bitlair
- services

View file

@ -3,6 +3,5 @@
- hosts: wiki
roles:
- common
- common-bitlair
- acme
- www