Compare commits

..

No commits in common. "3abdc7cbd3dbb60536d0c374e5b254ce6f5c7edf" and "94de67674c914d7bfe4a78c024d5f37892d97ea6" have entirely different histories.

1 changed files with 75 additions and 2 deletions

View File

@ -1,7 +1,7 @@
# All hosts are debian 10 or 11 # All hosts are debian 10 or 11
--- ---
# Common # Common
- hosts: daily,homelab,irc - hosts: cloudlab,daily,homelab,irc
become: yes become: yes
handlers: handlers:
- import_tasks: handlers.yml - import_tasks: handlers.yml
@ -150,7 +150,7 @@
msg: Manually get tor hostname msg: Manually get tor hostname
# Common dynamic settings # Common dynamic settings
- hosts: daily,homelab - hosts: cloudlab,daily,homelab
become: yes become: yes
handlers: handlers:
- import_tasks: handlers.yml - import_tasks: handlers.yml
@ -199,6 +199,56 @@
groups: docker groups: docker
append: yes append: yes
# Proxy config
- hosts: cloudlab
become: yes
handlers:
- import_tasks: handlers.yml
tasks:
## Changes will take effect during next reboot
- name: Configure sysctl to reject RA acceptance
template:
src: templates/disablera.conf.j2
dest: /etc/sysctl.d/disablera.conf
owner: root
group: root
mode: '0644'
- name: Add HAProxy GPG key
apt_key:
url: https://haproxy.debian.net/bernat.debian.org.gpg
- name: Add HAProxy APT repository
apt_repository:
repo: deb http://haproxy.debian.net buster-backports-2.2 main
- name: Install HAProxy
apt:
name: haproxy
state: present
force_apt_get: yes
update_cache: yes
- name: Install HAProxy proxy config
copy:
src: "files/{{ inventory_hostname.split('@')[1] }}/haproxy.cfg"
dest: /etc/haproxy/haproxy.cfg
owner: root
group: root
mode: '0644'
notify: Restart haproxy
- name: Sync data cronjob - Friday
cron:
name: 'Sync data'
minute: '0'
hour: '0'
day: '*'
month: '*'
weekday: '5'
user: pew
job: "/home/pew/scripts-private/{{ inventory_hostname.split('@')[1] }}/sync.sh"
# Compute config # Compute config
- hosts: homelab - hosts: homelab
become: yes become: yes
@ -208,6 +258,7 @@
- name: Install samba, zfs stuff - name: Install samba, zfs stuff
apt: apt:
name: name:
- samba
- zfs-auto-snapshot - zfs-auto-snapshot
- zfs-zed - zfs-zed
force_apt_get: yes force_apt_get: yes
@ -237,6 +288,16 @@
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
state: mounted state: mounted
# /home/paul/.ssh/id_rsa_fast must exist
- name: Install sshtunnel systemd service
copy:
src: "files/{{ inventory_hostname }}/sshtunnel.service"
dest: /etc/systemd/system/sshtunnel.service
owner: root
group: root
mode: '0644'
notify: Load, start, and enable sshtunnel service
- name: Install rclone - name: Install rclone
apt: apt:
deb: https://downloads.rclone.org/rclone-current-linux-amd64.deb deb: https://downloads.rclone.org/rclone-current-linux-amd64.deb
@ -256,6 +317,18 @@
user: paul user: paul
job: "/home/paul/scripts-private/{{ inventory_hostname }}/backup.sh" job: "/home/paul/scripts-private/{{ inventory_hostname }}/backup.sh"
- name: Configure samba
copy:
src: files/smb.conf
dest: /etc/samba/smb.conf
owner: root
group: root
mode: '0644'
notify: Restart smbd
- debug:
msg: Manually set samba password
# IRC config # IRC config
- hosts: irc - hosts: irc
become: yes become: yes