Compare commits
No commits in common. "3abdc7cbd3dbb60536d0c374e5b254ce6f5c7edf" and "94de67674c914d7bfe4a78c024d5f37892d97ea6" have entirely different histories.
3abdc7cbd3
...
94de67674c
|
@ -1,7 +1,7 @@
|
|||
# All hosts are debian 10 or 11
|
||||
---
|
||||
# Common
|
||||
- hosts: daily,homelab,irc
|
||||
- hosts: cloudlab,daily,homelab,irc
|
||||
become: yes
|
||||
handlers:
|
||||
- import_tasks: handlers.yml
|
||||
|
@ -150,7 +150,7 @@
|
|||
msg: Manually get tor hostname
|
||||
|
||||
# Common dynamic settings
|
||||
- hosts: daily,homelab
|
||||
- hosts: cloudlab,daily,homelab
|
||||
become: yes
|
||||
handlers:
|
||||
- import_tasks: handlers.yml
|
||||
|
@ -199,6 +199,56 @@
|
|||
groups: docker
|
||||
append: yes
|
||||
|
||||
# Proxy config
|
||||
- hosts: cloudlab
|
||||
become: yes
|
||||
handlers:
|
||||
- import_tasks: handlers.yml
|
||||
tasks:
|
||||
## Changes will take effect during next reboot
|
||||
- name: Configure sysctl to reject RA acceptance
|
||||
template:
|
||||
src: templates/disablera.conf.j2
|
||||
dest: /etc/sysctl.d/disablera.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
|
||||
- name: Add HAProxy GPG key
|
||||
apt_key:
|
||||
url: https://haproxy.debian.net/bernat.debian.org.gpg
|
||||
|
||||
- name: Add HAProxy APT repository
|
||||
apt_repository:
|
||||
repo: deb http://haproxy.debian.net buster-backports-2.2 main
|
||||
|
||||
- name: Install HAProxy
|
||||
apt:
|
||||
name: haproxy
|
||||
state: present
|
||||
force_apt_get: yes
|
||||
update_cache: yes
|
||||
|
||||
- name: Install HAProxy proxy config
|
||||
copy:
|
||||
src: "files/{{ inventory_hostname.split('@')[1] }}/haproxy.cfg"
|
||||
dest: /etc/haproxy/haproxy.cfg
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: Restart haproxy
|
||||
|
||||
- name: Sync data cronjob - Friday
|
||||
cron:
|
||||
name: 'Sync data'
|
||||
minute: '0'
|
||||
hour: '0'
|
||||
day: '*'
|
||||
month: '*'
|
||||
weekday: '5'
|
||||
user: pew
|
||||
job: "/home/pew/scripts-private/{{ inventory_hostname.split('@')[1] }}/sync.sh"
|
||||
|
||||
# Compute config
|
||||
- hosts: homelab
|
||||
become: yes
|
||||
|
@ -208,6 +258,7 @@
|
|||
- name: Install samba, zfs stuff
|
||||
apt:
|
||||
name:
|
||||
- samba
|
||||
- zfs-auto-snapshot
|
||||
- zfs-zed
|
||||
force_apt_get: yes
|
||||
|
@ -237,6 +288,16 @@
|
|||
opts: reconnect,allow_other,ro,_netdev,IdentityFile=/home/paul/.ssh/id_rsa_fast
|
||||
state: mounted
|
||||
|
||||
# /home/paul/.ssh/id_rsa_fast must exist
|
||||
- name: Install sshtunnel systemd service
|
||||
copy:
|
||||
src: "files/{{ inventory_hostname }}/sshtunnel.service"
|
||||
dest: /etc/systemd/system/sshtunnel.service
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: Load, start, and enable sshtunnel service
|
||||
|
||||
- name: Install rclone
|
||||
apt:
|
||||
deb: https://downloads.rclone.org/rclone-current-linux-amd64.deb
|
||||
|
@ -256,6 +317,18 @@
|
|||
user: paul
|
||||
job: "/home/paul/scripts-private/{{ inventory_hostname }}/backup.sh"
|
||||
|
||||
- name: Configure samba
|
||||
copy:
|
||||
src: files/smb.conf
|
||||
dest: /etc/samba/smb.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: Restart smbd
|
||||
|
||||
- debug:
|
||||
msg: Manually set samba password
|
||||
|
||||
# IRC config
|
||||
- hosts: irc
|
||||
become: yes
|
||||
|
|
Loading…
Reference in New Issue