simplify everything

master
Paul Walko 2022-03-09 08:47:10 -05:00
parent 62a78c89ce
commit 9230db5a16
1 changed files with 29 additions and 132 deletions

View File

@ -166,138 +166,8 @@
user: root user: root
when: gandi_api_key is defined when: gandi_api_key is defined
# Custom repo config # docker
- hosts: compute - hosts: irc,compute
become: yes
handlers:
- import_tasks: handlers.yml
tasks:
- name: Install compute packages
apt:
name:
- podman
- sshfs
force_apt_get: yes
update_cache: yes
- name: Mount bigdummy /bigdata via NFS
mount:
src: root@10.42.0.202:/bigdata
path: /bigdata
fstype: fuse.sshfs
opts: reconnect,allow_other,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
state: mounted
- name: Mount vtluug /media via sshfs
mount:
src: pew-media@dirtycow.vtluug.org:/nfs/cistern/share/media
path: /media-vtluug
fstype: fuse.sshfs
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
state: mounted
# /home/paul/.ssh/id_rsa_fast must exist
- name: Install sshtunnel systemd service
copy:
src: files/fogcutter/sshtunnel.service
dest: /etc/systemd/system/sshtunnel.service
owner: root
group: root
mode: '0644'
notify: Load, start, and enable sshtunnel service
- debug:
msg: Start podman services manually
# NFS core config
# ASSUMES /bigdata IS CONFIGURED (make sure dir is 755)
- hosts: nfs
become: yes
handlers:
- import_tasks: handlers.yml
tasks:
- name: Install zfs-zed, and nfs-kernel-server
apt:
name:
- beets
- nfs-kernel-server
- zfs-auto-snapshot
- zfs-zed
force_apt_get: yes
update_cache: yes
- name: Configure zfs-zed
copy:
src: files/zed.rc
dest: /etc/zfs/zed.d/zed.rc
owner: root
group: root
mode: '0644'
notify: Restart zfs-zed
- name: Install weekly bigdata scrub cron job
cron:
name: 'Weekly zfs pool status check'
special_time: weekly
job: '/usr/sbin/zpool status | mail -s "ZFS STATUS" paulsw.pw+alerts@gmail.com'
user: root
- name: Install rclone
apt:
deb: https://github.com/rclone/rclone/releases/download/v1.49.2/rclone-v1.49.2-linux-amd64.deb
force_apt_get: yes
- debug:
msg: Manually configure rclone remote drive
- name: Export /bigdata
copy:
src: files/exports
dest: /etc/exports
owner: root
group: root
mode: '0644'
notify: Re-export exportfs
# Proxy config
- hosts: proxy
become: yes
tasks:
## Changes will take effect during next reboot
- name: Configure sysctl to reject RA acceptance
template:
src: templates/disablera.conf.j2
dest: /etc/sysctl.d/disablera.conf
owner: root
group: root
mode: '0644'
- name: Add HAProxy GPG key
apt_key:
url: https://haproxy.debian.net/bernat.debian.org.gpg
- name: Add HAProxy APT repository
apt_repository:
repo: deb http://haproxy.debian.net buster-backports-2.2 main
- name: Install HAProxy
apt:
name: haproxy
state: present
force_apt_get: yes
update_cache: yes
- name: Install HAProxy proxy config
copy:
src: files/{{ inventory_hostname }}/haproxy.cfg
dest: /etc/haproxy/haproxy.cfg
owner: root
group: root
mode: '0644'
notify: Restart haproxy
# IRC config
- hosts: irc
become: yes become: yes
handlers: handlers:
- import_tasks: handlers.yml - import_tasks: handlers.yml
@ -319,6 +189,33 @@
force_apt_get: yes force_apt_get: yes
update_cache: yes update_cache: yes
# Custom repo config
- hosts: compute
become: yes
handlers:
- import_tasks: handlers.yml
tasks:
- name: Install compute packages
apt:
name:
- sshfs
force_apt_get: yes
update_cache: yes
- name: Mount vtluug /media via sshfs
mount:
src: pew-media@dirtycow.vtluug.org:/nfs/cistern/share/media
path: /media-vtluug
fstype: fuse.sshfs
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
state: mounted
# IRC config
- hosts: irc
become: yes
handlers:
- import_tasks: handlers.yml
tasks:
- name: Add joe to docker group - name: Add joe to docker group
user: user:
name: joe name: joe