Compare commits
No commits in common. "3abdc7cbd3dbb60536d0c374e5b254ce6f5c7edf" and "94de67674c914d7bfe4a78c024d5f37892d97ea6" have entirely different histories.
3abdc7cbd3
...
94de67674c
|
@ -1,7 +1,7 @@
|
||||||
# All hosts are debian 10 or 11
|
# All hosts are debian 10 or 11
|
||||||
---
|
---
|
||||||
# Common
|
# Common
|
||||||
- hosts: daily,homelab,irc
|
- hosts: cloudlab,daily,homelab,irc
|
||||||
become: yes
|
become: yes
|
||||||
handlers:
|
handlers:
|
||||||
- import_tasks: handlers.yml
|
- import_tasks: handlers.yml
|
||||||
|
@ -150,7 +150,7 @@
|
||||||
msg: Manually get tor hostname
|
msg: Manually get tor hostname
|
||||||
|
|
||||||
# Common dynamic settings
|
# Common dynamic settings
|
||||||
- hosts: daily,homelab
|
- hosts: cloudlab,daily,homelab
|
||||||
become: yes
|
become: yes
|
||||||
handlers:
|
handlers:
|
||||||
- import_tasks: handlers.yml
|
- import_tasks: handlers.yml
|
||||||
|
@ -199,6 +199,56 @@
|
||||||
groups: docker
|
groups: docker
|
||||||
append: yes
|
append: yes
|
||||||
|
|
||||||
|
# Proxy config
|
||||||
|
- hosts: cloudlab
|
||||||
|
become: yes
|
||||||
|
handlers:
|
||||||
|
- import_tasks: handlers.yml
|
||||||
|
tasks:
|
||||||
|
## Changes will take effect during next reboot
|
||||||
|
- name: Configure sysctl to reject RA acceptance
|
||||||
|
template:
|
||||||
|
src: templates/disablera.conf.j2
|
||||||
|
dest: /etc/sysctl.d/disablera.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
|
||||||
|
- name: Add HAProxy GPG key
|
||||||
|
apt_key:
|
||||||
|
url: https://haproxy.debian.net/bernat.debian.org.gpg
|
||||||
|
|
||||||
|
- name: Add HAProxy APT repository
|
||||||
|
apt_repository:
|
||||||
|
repo: deb http://haproxy.debian.net buster-backports-2.2 main
|
||||||
|
|
||||||
|
- name: Install HAProxy
|
||||||
|
apt:
|
||||||
|
name: haproxy
|
||||||
|
state: present
|
||||||
|
force_apt_get: yes
|
||||||
|
update_cache: yes
|
||||||
|
|
||||||
|
- name: Install HAProxy proxy config
|
||||||
|
copy:
|
||||||
|
src: "files/{{ inventory_hostname.split('@')[1] }}/haproxy.cfg"
|
||||||
|
dest: /etc/haproxy/haproxy.cfg
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: Restart haproxy
|
||||||
|
|
||||||
|
- name: Sync data cronjob - Friday
|
||||||
|
cron:
|
||||||
|
name: 'Sync data'
|
||||||
|
minute: '0'
|
||||||
|
hour: '0'
|
||||||
|
day: '*'
|
||||||
|
month: '*'
|
||||||
|
weekday: '5'
|
||||||
|
user: pew
|
||||||
|
job: "/home/pew/scripts-private/{{ inventory_hostname.split('@')[1] }}/sync.sh"
|
||||||
|
|
||||||
# Compute config
|
# Compute config
|
||||||
- hosts: homelab
|
- hosts: homelab
|
||||||
become: yes
|
become: yes
|
||||||
|
@ -208,6 +258,7 @@
|
||||||
- name: Install samba, zfs stuff
|
- name: Install samba, zfs stuff
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
|
- samba
|
||||||
- zfs-auto-snapshot
|
- zfs-auto-snapshot
|
||||||
- zfs-zed
|
- zfs-zed
|
||||||
force_apt_get: yes
|
force_apt_get: yes
|
||||||
|
@ -237,6 +288,16 @@
|
||||||
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
|
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
|
||||||
state: mounted
|
state: mounted
|
||||||
|
|
||||||
|
# /home/paul/.ssh/id_rsa_fast must exist
|
||||||
|
- name: Install sshtunnel systemd service
|
||||||
|
copy:
|
||||||
|
src: "files/{{ inventory_hostname }}/sshtunnel.service"
|
||||||
|
dest: /etc/systemd/system/sshtunnel.service
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: Load, start, and enable sshtunnel service
|
||||||
|
|
||||||
- name: Install rclone
|
- name: Install rclone
|
||||||
apt:
|
apt:
|
||||||
deb: https://downloads.rclone.org/rclone-current-linux-amd64.deb
|
deb: https://downloads.rclone.org/rclone-current-linux-amd64.deb
|
||||||
|
@ -256,6 +317,18 @@
|
||||||
user: paul
|
user: paul
|
||||||
job: "/home/paul/scripts-private/{{ inventory_hostname }}/backup.sh"
|
job: "/home/paul/scripts-private/{{ inventory_hostname }}/backup.sh"
|
||||||
|
|
||||||
|
- name: Configure samba
|
||||||
|
copy:
|
||||||
|
src: files/smb.conf
|
||||||
|
dest: /etc/samba/smb.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: Restart smbd
|
||||||
|
|
||||||
|
- debug:
|
||||||
|
msg: Manually set samba password
|
||||||
|
|
||||||
# IRC config
|
# IRC config
|
||||||
- hosts: irc
|
- hosts: irc
|
||||||
become: yes
|
become: yes
|
||||||
|
|
Loading…
Reference in New Issue