Einbau neue Proxmox Server + Test

This commit is contained in:
Michael Grote 2021-02-12 10:32:22 +01:00
parent 216f6fdc35
commit 1f402ff5bd
18 changed files with 299 additions and 80 deletions

View file

@ -62,10 +62,10 @@ sudo chmod 400 vault-pass.yml
### Einrichtung
Das Plugin wird bei einer Installation mit dem Playbook "ansible" mit eingerichtet.
Die "Secrets" liegen in der KeepassDB die mit dem Kennwort aus "vault-pass.yml" verschlüsselt ist.
"vault-pass.yml" steht mit in der .gitignore
Die Variable "vault_password_file" ist mit " ~/ansible/vault-pass.yml" in der ansible.cfg gesetzt.
Diese Datei enthält das Passwort mit dem die KeePassDb verschlüsselt ist.
Die "Secrets" liegen in der KeepassDB die mit dem Kennwort aus `vault-pass.yml` verschlüsselt ist.
`vault-pass.yml` steht mit in der .gitignore
Die Variable `vault_password_file` ist mit `~/ansible/vault-pass.yml` in der `ansible.cfg` gesetzt.
Diese Datei enthält das Passwort mit dem die KeePassDB verschlüsselt ist.
Das vault-secret für die GroupVars wird mit `ansible-vault encrypt_string <password>` erstellt.
### Erklärung
@ -77,7 +77,7 @@ Das vault-secret für die GroupVars wird mit `ansible-vault encrypt_string <pass
62383737XXXXXX531
```
1. mit vault-pass.yml wird das Kennwort an ansible-vault übergeben
1. mit `vault-pass.yml` wird das Kennwort an ansible-vault übergeben
2. ansible-vault entschlüsselt hiermit die Variable `keepass_psw`
3. der Inhalt der Variable wird dann an das KeePass-Lookup-Plugin übergeben was damit die KeePass-Datei öffnet

View file

@ -9,34 +9,6 @@
- .bash_aliases
- .tmux.conf
- .gitconfig
### mgrote.zfs_sanoid
sanoid_datasets:
- path: 'hdd_data_raidz/videos'
template: 'hourly' # muss in Templates angelegt sein
recursive: ' yes'
- path: 'hdd_data_raidz/data_crypt'
template: 'fiveminutes'
recursive: ' yes'
sanoid_templates:
- name: 'fiveminutes'
keep_hourly: '24' # Aufheben (Stunde)
keep_daily: '31' # Aufheben (Tage)
keep_monthly: '6' # Aufheben (Monate)
keep_yearly: '0' # Aufheben (Jahre)
frequently: '36' # Aufheben (Minuten)
frequent_period: '5' # Intervall (alle 5 Minuten)
autosnap: 'yes' # Automatisches erstellen von Snapshots
autoprune: 'yes'
- name: 'hourly'
keep_hourly: '24'
keep_daily: '31'
keep_monthly: '6'
keep_yearly: '1'
frequently: '0'
frequent_period: '0'
autosnap: 'yes'
autoprune: 'yes'
### mgrote.smart
smart_smartctlmail_cron_minutes: "15"
smart_smartctlmail_cron_hours: "6"
@ -45,42 +17,7 @@
tmux_conf_destination: "/root/.tmux.conf"
tmux_bashrc_destination: "/root/.bashrc"
tmux_standardsession_name: "default"
### mgrote.zfs_tools_cron
zfs_arc_max: "12884901888"
zfs_pools:
- name: "ssd_vm_mirror"
type: "ssd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "22"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
- name: "hdd_vm_mirror"
type: "hdd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "23"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "22"
- name: "hdd_data_raidz"
type: "hdd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "24"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
### mgrote.cv4pve-autosnap
cv4pve_api_user: root@pam!cv4pve-autosnap
cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}"
cv4pve_vmid: all,-109,-158,-123,-131
cv4pve_keed_snapshots: 3
cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.9.10/cv4pve-autosnap-linux-x64.zip"
# Ansible Variablen
### sudo

View file

@ -29,4 +29,25 @@
snapdir: hidden
### mgrote.apcupsd
apcupsd_nis_master: true
apcupsd_nis_master_hostname: pve-test.grote.lan
apcupsd_nis_master_hostname: pve2-test.grote.lan
### mgrote.zfs_tools_cron
zfs_arc_max: "12884901888"
zfs_pools:
- name: "ssd_vm_mirror"
type: "ssd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "22"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
- name: "hdd_vm_mirror"
type: "hdd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "23"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "22"

View file

@ -30,3 +30,66 @@
### mgrote.apcupsd
apcupsd_nis_master: true
apcupsd_nis_master_hostname: pve2.grote.lan
### mgrote.zfs_tools_cron
zfs_arc_max: "12884901888"
zfs_pools:
- name: "ssd_vm_mirror"
type: "ssd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "22"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
- name: "hdd_vm_mirror"
type: "hdd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "23"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "22"
- name: "hdd_data_raidz"
type: "hdd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "24"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
### mgrote.zfs_sanoid
sanoid_datasets:
- path: 'hdd_data_raidz/videos'
template: 'hourly' # muss in Templates angelegt sein
recursive: ' yes'
- path: 'hdd_data_raidz/data_crypt'
template: 'fiveminutes'
recursive: ' yes'
sanoid_templates:
- name: 'fiveminutes'
keep_hourly: '24' # Aufheben (Stunde)
keep_daily: '31' # Aufheben (Tage)
keep_monthly: '6' # Aufheben (Monate)
keep_yearly: '0' # Aufheben (Jahre)
frequently: '36' # Aufheben (Minuten)
frequent_period: '5' # Intervall (alle 5 Minuten)
autosnap: 'yes' # Automatisches erstellen von Snapshots
autoprune: 'yes'
- name: 'hourly'
keep_hourly: '24'
keep_daily: '31'
keep_monthly: '6'
keep_yearly: '1'
frequently: '0'
frequent_period: '0'
autosnap: 'yes'
autoprune: 'yes'
### mgrote.cv4pve-autosnap
cv4pve_api_user: root@pam!cv4pve-autosnap
cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}"
cv4pve_vmid: all,-109,-158,-123,-131
cv4pve_keed_snapshots: 3
cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.9.10/cv4pve-autosnap-linux-x64.zip"

View file

@ -0,0 +1,26 @@
---
### mgrote.zfs_manage_datasets
# rppol wird von pve bei installation erstellt
zfs_datasets:
- dataset: rpool/vm
state: present
compression: lz4
sync: disabled
xattr: sa
dnodesize: auto
atime: on
snapdir: hidden
### mgrote.zfs_tools_cron
zfs_arc_max: "12884901888"
zfs_pools:
- name: "rpool"
type: "ssd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "22"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
### mgrote.apcupsd
apcupsd_nis_master: false

View file

@ -0,0 +1,26 @@
---
### mgrote.zfs_manage_datasets
# rppol wird von pve bei installation erstellt
zfs_datasets:
- dataset: rpool/vm
state: present
compression: lz4
sync: disabled
xattr: sa
dnodesize: auto
atime: on
snapdir: hidden
### mgrote.zfs_tools_cron
zfs_arc_max: "12884901888"
zfs_pools:
- name: "rpool"
type: "ssd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "22"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
### mgrote.apcupsd
apcupsd_nis_master: false

View file

@ -0,0 +1,26 @@
---
### mgrote.zfs_manage_datasets
# rppol wird von pve bei installation erstellt
zfs_datasets:
- dataset: rpool/vm
state: present
compression: lz4
sync: disabled
xattr: sa
dnodesize: auto
atime: on
snapdir: hidden
### mgrote.zfs_tools_cron
zfs_arc_max: "12884901888"
zfs_pools:
- name: "rpool"
type: "ssd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "22"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
### mgrote.apcupsd
apcupsd_nis_master: false

View file

@ -0,0 +1,26 @@
---
### mgrote.zfs_manage_datasets
# rppol wird von pve bei installation erstellt
zfs_datasets:
- dataset: rpool/vm
state: present
compression: lz4
sync: disabled
xattr: sa
dnodesize: auto
atime: on
snapdir: hidden
### mgrote.zfs_tools_cron
zfs_arc_max: "12884901888"
zfs_pools:
- name: "rpool"
type: "ssd"
cron_minute_zfs_trim: "5"
cron_hour_zfs_trim: "22"
cron_month_zfs_trim: "4,8,12"
cron_day_zfs_trim: "2"
cron_weekday_zfs_scrub: "6"
cron_minutes_zfs_scrub: "0"
cron_hour_zfs_scrub: "23"
### mgrote.apcupsd
apcupsd_nis_master: false

View file

@ -34,8 +34,22 @@ all:
lxc-test2.grote.lan:
proxmox:
hosts:
pve-test.grote.lan:
pve2-test.grote.lan:
pve3-test.grote.lan:
pve4-test.grote.lan:
pve2.grote.lan:
pve3.grote.lan:
pve4.grote.lan:
proxmoxprod:
hosts:
pve2.grote.lan:
pve3.grote.lan:
pve4.grote.lan:
proxmoxtest:
hosts:
pve2-test.grote.lan:
pve3-test.grote.lan:
pve4-test.grote.lan:
gitlab:
hosts:
gitlab-test.grote.lan:
@ -59,6 +73,8 @@ all:
gitlab.grote.lan:
gitlab-runner.grote.lan:
gitlab-runner2.grote.lan:
pve3.grote.lan:
pve4.grote.lan:
test:
hosts:
wireguard-test.grote.lan:
@ -70,6 +86,8 @@ all:
docker-test.grote.lan:
vm-test.grote.lan:
lxc-test2.grote.lan:
pve-test.grote.lan:
pve2-test.grote.lan:
pve3-test.grote.lan:
pve4-test.grote.lan:
gitlab-test.grote.lan:
gitlab-runner-test.grote.lan:

View file

@ -0,0 +1,10 @@
---
- hosts: all
become: yes
tasks:
- name: remove Packages
become: yes
ansible.builtin.file:
path: /etc/apt/sources.list.d/debian.list.list
state: absent

View file

@ -0,0 +1,62 @@
---
- hosts: all
become: yes
tasks:
- name: Create Sanoid Directory
become: true
ansible.builtin.file:
path: "{{ item }}"
state: absent
owner: root
group: root
# recurse: true
with_items:
- /etc/sanoid
- name: Install Sanoid Binary
become: true
ansible.builtin.file:
dest: /usr/local/bin/sanoid
state: absent
- name: Install Sanoid Defaults Configuration
become: true
ansible.builtin.file:
dest: /etc/sanoid/sanoid.defaults.conf
state: absent
- name: Generate Sanoid Configuration
become: true
ansible.builtin.file:
dest: /etc/sanoid/sanoid.conf
state: absent
- name: Create Sanoid Log
become: true
ansible.builtin.file:
path: /var/log/sanoid-cron.log
state: absent
- name: Add Sanoid Log to be Rotated
become: true
ansible.builtin.file:
path: /etc/logrotate.d/sanoid
state: absent
- name: Generate Sanoid Cron Scripts
become: true
ansible.builtin.file:
dest: /usr/local/bin/sanoid-cron.sh
state: absent
- name: Configure Sanoid Cron Job
become: true
ansible.builtin.cron:
name: sanoid-cron
job: /usr/local/bin/sanoid-cron.sh
state: absent

View file

@ -7,9 +7,13 @@
- { role: mgrote.smart, tags: "smart" }
- { role: mgrote.zfs_tools_cron, tags: "zfs_tools" }
- { role: mgrote.postfix, tags: "postfix" }
- { role: mgrote.zfs_sanoid, tags: "sanoid" }
- { role: mgrote.zfs_sanoid,
tags: "sanoid",
when: "'pve2.grote.lan' in inventory_hostname" }
- { role: mgrote.ecc-rasdaemon,
tags: "ecc",
when: "'pve2.grote.lan' in inventory_hostname" }
- { role: mgrote.cv4pve-autosnap, tags: "cv4pve" }
- { role: mgrote.cv4pve-autosnap,
tags: "cv4pve",
when: "'pve2.grote.lan' in inventory_hostname" }
- { role: mgrote.proxmox, tags: "pve" }

View file

@ -1,2 +1,2 @@
#!/bin/bash
watch --interval 10 --differences --color --no-title "hddtemp /dev/disk/by-id/ata-* | grep -v "part" | sed -r 's#(/dev/disk/by-id/ata-)([^:]+).*: ([0-9]{1,3}°C)#\3\t\2#g' | sort -n -r"
watch --interval 10 --differences --color --no-title "sudo hddtemp /dev/disk/by-id/ata-* | grep -v "part" | sed -r 's#(/dev/disk/by-id/ata-)([^:]+).*: ([0-9]{1,3}°C)#\3\t\2#g' | sort -n -r"

View file

@ -48,4 +48,4 @@ manage_sources_proxmox_base_repos: # welche debian standard repos sollen gesetzt
##### Proxmox: Pfad lokal für Basis-Repositories
```yaml
manage_sources_debian_repo_path: /etc/apt/sources.list.d/debian.list # , wo sollen die standard-repos gespeichert werden; nicht auf /etc/apt/sources setzen, diese datei wird gelöscht```
manage_sources_debian_repo_path: /etc/apt/sources.list.d/debian # , wo sollen die standard-repos gespeichert werden; nicht auf /etc/apt/sources setzen, diese datei wird gelöscht```

View file

@ -8,4 +8,4 @@
- repo_url: deb http://ftp.de.debian.org/debian buster main contrib
- repo_url: deb http://ftp.de.debian.org/debian buster-updates main contrib
- repo_url: deb http://security.debian.org buster/updates main contrib
manage_sources_debian_repo_path: /etc/apt/sources.list.d/debian.list # , wol sollen die standard-repos gespeichert werden; nicht auf /etc/apt/sources setzen, diese datei wird gelöscht
manage_sources_debian_repo_path: /etc/apt/sources.list.d/debian # , wol sollen die standard-repos gespeichert werden; nicht auf /etc/apt/sources setzen, diese datei wird gelöscht

View file

@ -20,4 +20,4 @@ smart_smartctlmail_cron_hours
##### Wann sollen die SMART-Werte verschickt werden.(Wochentag)
smart_smartctlmail_cron_weekday
##### Pfad zu smartctl
telegraf_smart_pfad_zu_smartctl: "/usr/sbin/smartctl"
smart_smartctl_mail_pfad_smartctl: "/usr/sbin/smartctl"

View file

@ -2,4 +2,4 @@
smart_smartctlmail_cron_minutes: 15
smart_smartctlmail_cron_hours: 6
smart_smartctlmail_cron_weekday: 3
telegraf_smart_pfad_zu_smartctl: "/usr/sbin/smartctl"
smart_smartctl_mail_pfad_smartctl: "/usr/sbin/smartctl"

View file

@ -1,4 +1,4 @@
#!/bin/bash
for i in {a..z}; do
{{ telegraf_smart_pfad_zu_smartctl }} /dev/sd$i -a
{{ smart_smartctl_mail_pfad_smartctl }} /dev/sd$i -a
done