simplify everything
parent
62a78c89ce
commit
9230db5a16
161
ansible/main.yml
161
ansible/main.yml
|
@ -166,138 +166,8 @@
|
||||||
user: root
|
user: root
|
||||||
when: gandi_api_key is defined
|
when: gandi_api_key is defined
|
||||||
|
|
||||||
# Custom repo config
|
# docker
|
||||||
- hosts: compute
|
- hosts: irc,compute
|
||||||
become: yes
|
|
||||||
handlers:
|
|
||||||
- import_tasks: handlers.yml
|
|
||||||
tasks:
|
|
||||||
- name: Install compute packages
|
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- podman
|
|
||||||
- sshfs
|
|
||||||
force_apt_get: yes
|
|
||||||
update_cache: yes
|
|
||||||
|
|
||||||
- name: Mount bigdummy /bigdata via NFS
|
|
||||||
mount:
|
|
||||||
src: root@10.42.0.202:/bigdata
|
|
||||||
path: /bigdata
|
|
||||||
fstype: fuse.sshfs
|
|
||||||
opts: reconnect,allow_other,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
|
|
||||||
state: mounted
|
|
||||||
|
|
||||||
- name: Mount vtluug /media via sshfs
|
|
||||||
mount:
|
|
||||||
src: pew-media@dirtycow.vtluug.org:/nfs/cistern/share/media
|
|
||||||
path: /media-vtluug
|
|
||||||
fstype: fuse.sshfs
|
|
||||||
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
|
|
||||||
state: mounted
|
|
||||||
|
|
||||||
# /home/paul/.ssh/id_rsa_fast must exist
|
|
||||||
- name: Install sshtunnel systemd service
|
|
||||||
copy:
|
|
||||||
src: files/fogcutter/sshtunnel.service
|
|
||||||
dest: /etc/systemd/system/sshtunnel.service
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
notify: Load, start, and enable sshtunnel service
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: Start podman services manually
|
|
||||||
|
|
||||||
# NFS core config
|
|
||||||
# ASSUMES /bigdata IS CONFIGURED (make sure dir is 755)
|
|
||||||
- hosts: nfs
|
|
||||||
become: yes
|
|
||||||
handlers:
|
|
||||||
- import_tasks: handlers.yml
|
|
||||||
tasks:
|
|
||||||
- name: Install zfs-zed, and nfs-kernel-server
|
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- beets
|
|
||||||
- nfs-kernel-server
|
|
||||||
- zfs-auto-snapshot
|
|
||||||
- zfs-zed
|
|
||||||
force_apt_get: yes
|
|
||||||
update_cache: yes
|
|
||||||
|
|
||||||
- name: Configure zfs-zed
|
|
||||||
copy:
|
|
||||||
src: files/zed.rc
|
|
||||||
dest: /etc/zfs/zed.d/zed.rc
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
notify: Restart zfs-zed
|
|
||||||
|
|
||||||
- name: Install weekly bigdata scrub cron job
|
|
||||||
cron:
|
|
||||||
name: 'Weekly zfs pool status check'
|
|
||||||
special_time: weekly
|
|
||||||
job: '/usr/sbin/zpool status | mail -s "ZFS STATUS" paulsw.pw+alerts@gmail.com'
|
|
||||||
user: root
|
|
||||||
|
|
||||||
- name: Install rclone
|
|
||||||
apt:
|
|
||||||
deb: https://github.com/rclone/rclone/releases/download/v1.49.2/rclone-v1.49.2-linux-amd64.deb
|
|
||||||
force_apt_get: yes
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: Manually configure rclone remote drive
|
|
||||||
|
|
||||||
- name: Export /bigdata
|
|
||||||
copy:
|
|
||||||
src: files/exports
|
|
||||||
dest: /etc/exports
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
notify: Re-export exportfs
|
|
||||||
|
|
||||||
# Proxy config
|
|
||||||
- hosts: proxy
|
|
||||||
become: yes
|
|
||||||
tasks:
|
|
||||||
## Changes will take effect during next reboot
|
|
||||||
- name: Configure sysctl to reject RA acceptance
|
|
||||||
template:
|
|
||||||
src: templates/disablera.conf.j2
|
|
||||||
dest: /etc/sysctl.d/disablera.conf
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
|
|
||||||
- name: Add HAProxy GPG key
|
|
||||||
apt_key:
|
|
||||||
url: https://haproxy.debian.net/bernat.debian.org.gpg
|
|
||||||
|
|
||||||
- name: Add HAProxy APT repository
|
|
||||||
apt_repository:
|
|
||||||
repo: deb http://haproxy.debian.net buster-backports-2.2 main
|
|
||||||
|
|
||||||
- name: Install HAProxy
|
|
||||||
apt:
|
|
||||||
name: haproxy
|
|
||||||
state: present
|
|
||||||
force_apt_get: yes
|
|
||||||
update_cache: yes
|
|
||||||
|
|
||||||
- name: Install HAProxy proxy config
|
|
||||||
copy:
|
|
||||||
src: files/{{ inventory_hostname }}/haproxy.cfg
|
|
||||||
dest: /etc/haproxy/haproxy.cfg
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: '0644'
|
|
||||||
notify: Restart haproxy
|
|
||||||
|
|
||||||
# IRC config
|
|
||||||
- hosts: irc
|
|
||||||
become: yes
|
become: yes
|
||||||
handlers:
|
handlers:
|
||||||
- import_tasks: handlers.yml
|
- import_tasks: handlers.yml
|
||||||
|
@ -319,6 +189,33 @@
|
||||||
force_apt_get: yes
|
force_apt_get: yes
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
|
|
||||||
|
# Custom repo config
|
||||||
|
- hosts: compute
|
||||||
|
become: yes
|
||||||
|
handlers:
|
||||||
|
- import_tasks: handlers.yml
|
||||||
|
tasks:
|
||||||
|
- name: Install compute packages
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- sshfs
|
||||||
|
force_apt_get: yes
|
||||||
|
update_cache: yes
|
||||||
|
|
||||||
|
- name: Mount vtluug /media via sshfs
|
||||||
|
mount:
|
||||||
|
src: pew-media@dirtycow.vtluug.org:/nfs/cistern/share/media
|
||||||
|
path: /media-vtluug
|
||||||
|
fstype: fuse.sshfs
|
||||||
|
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
|
||||||
|
state: mounted
|
||||||
|
|
||||||
|
# IRC config
|
||||||
|
- hosts: irc
|
||||||
|
become: yes
|
||||||
|
handlers:
|
||||||
|
- import_tasks: handlers.yml
|
||||||
|
tasks:
|
||||||
- name: Add joe to docker group
|
- name: Add joe to docker group
|
||||||
user:
|
user:
|
||||||
name: joe
|
name: joe
|
||||||
|
|
Loading…
Reference in New Issue