Housekeeping
This commit is contained in:
parent
bb85d8798d
commit
40500232da
12 changed files with 35 additions and 41 deletions
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
### wird in vielen Rollen verwendet
|
||||
empfaenger_mail: michael.grote@posteo.de
|
||||
### mgrote.postfix / werden auch bei gitlab verwendet
|
||||
postfix_absender_mailadresse: info@mgrote.net
|
||||
|
@ -11,7 +12,7 @@
|
|||
### mgrote.apt_manage_sources
|
||||
manage_sources_apt_proxy_url: "acng.grote.lan:9999"
|
||||
### mgrote.restic
|
||||
restic_folders_to_backup: "/usr/local /etc /root /var/www /home"
|
||||
restic_folders_to_backup: "/usr/local /etc /root /home"
|
||||
restic_cron_hours: "19"
|
||||
restic_repository: "//fileserver2.grote.lan/backup/restic"
|
||||
restic_repository_password: "{{ lookup('keepass', 'restic_repository_password', 'password') }}"
|
||||
|
@ -121,11 +122,9 @@
|
|||
apcupsd_slave_minutes_for_shutdown: 10
|
||||
apcupsd_slave_nologon_when_active: disable
|
||||
apcupsd_nis_master: on
|
||||
# apcupsd_nis_master_hostname: pve2.grote.lan # wird pro host gesetzt
|
||||
apcupsd_nis_master_listen_ip: 0.0.0.0
|
||||
apcupsd_nis_master_listen_port: 3551
|
||||
apcupsd_ups_name: APC-BX950U-GR
|
||||
# apcupsd_nis_master: false # wird pro host gesetzt
|
||||
|
||||
|
||||
# Ansible Variablen
|
||||
|
|
|
@ -39,6 +39,18 @@
|
|||
servers:
|
||||
- production
|
||||
- test
|
||||
- username: ansible-user
|
||||
password: "{{ lookup('keepass', 'ansible_user_linux_password_hash', 'password') }}"
|
||||
update_password: on_create
|
||||
ssh_key: "{{ lookup('keepass', 'ansible_user_ssh_pubkey', 'password') }}"
|
||||
use_sudo: yes
|
||||
use_sudo_nopass: yes
|
||||
user_state: present
|
||||
groups: ssh, sudo
|
||||
servers:
|
||||
- production
|
||||
- test
|
||||
|
||||
### mgrote.restic
|
||||
restic_folders_to_backup: /usr/local /etc /root /home /var/lib/docker
|
||||
restic_cron_hours: "*"
|
||||
|
@ -56,10 +68,3 @@
|
|||
/var/lib/docker/volumes/ocrmypdf-auto_scan_output/*
|
||||
# https://github.com/restic/restic/issues/1005
|
||||
# https://forum.restic.net/t/exclude-syntax-confusion/1531/12
|
||||
|
||||
### riemers.gitlab-runner
|
||||
gitlab_runner_coordinator_url: https://git.mgrote.net
|
||||
gitlab_runner_registration_token: "{{ lookup('keepass', 'gitlab_runner_registration_token', 'password') }}"
|
||||
gitlab_runner_runners:
|
||||
- name: "{{ ansible_hostname }}-docker"
|
||||
executor: docker
|
||||
|
|
|
@ -76,10 +76,10 @@
|
|||
ordnerpfad: '/shares_pve_backup'
|
||||
lese_nutzer: 'michaelgrote'
|
||||
schreibe_nutzer: 'pve'
|
||||
|
||||
smb_workgroup: WORKGROUP
|
||||
smb_nutzer_loeschen:
|
||||
- { name: 'airsonic' }
|
||||
- { name: '' }
|
||||
|
||||
### oefenweb.ufw
|
||||
ufw_rules:
|
||||
- rule: allow
|
|
@ -1,6 +1,16 @@
|
|||
---
|
||||
### geerlingguy.gitlab
|
||||
# nicht alle gitlab Einstellungen lassen sich als Variable festlegen!
|
||||
# nicht alle gitlab Einstellungen lassen sich als Variable festlegen! siehe unten:
|
||||
# Einstellungen
|
||||
### General
|
||||
# * sign up disabled
|
||||
# * Require all users to set up Two-factor authentication
|
||||
# * Gravatar enabled --> off
|
||||
### Network
|
||||
# * Enable unauthenticated request rate limit
|
||||
# * Default to Auto DevOps pipeline for all projects
|
||||
|
||||
|
||||
gitlab_domain: gitlab.grote.lan
|
||||
gitlab_external_url: "http://git.mgrote.net"
|
||||
gitlab_edition: "gitlab-ce"
|
||||
|
|
|
@ -8,7 +8,7 @@ all:
|
|||
hosts:
|
||||
dokuwiki2.grote.lan:
|
||||
dokuwiki-test.grote.lan:
|
||||
storage:
|
||||
fileserver:
|
||||
hosts:
|
||||
fileserver2.grote.lan:
|
||||
fileserver-test.grote.lan:
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
- import_playbook: 2_packages.yml
|
||||
- import_playbook: 3_base.yml
|
||||
- import_playbook: 4_create_user.yml
|
||||
- import_playbook: 5_personalisierung.yml
|
||||
- import_playbook: 6_haertung.yml
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
---
|
||||
- hosts: all
|
||||
roles:
|
||||
- { role: mgrote.apt_manage_sources,
|
||||
tags: "apt_sources" }
|
||||
- { role: mgrote.apt_update_packages,
|
||||
tags: "updates",
|
||||
serial: 3 }
|
||||
- { role: mgrote.apt_install_packages,
|
||||
tags: "install",
|
||||
serial: 3 }
|
||||
- { role: mgrote.apt_manage_sources, tags: "apt_sources" }
|
||||
- { role: mgrote.apt_update_packages, tags: "updates", serial: 3 }
|
||||
- { role: mgrote.apt_install_packages, tags: "install", serial: 3 }
|
||||
|
|
|
@ -3,3 +3,4 @@
|
|||
roles:
|
||||
- { role: mgrote.set_timezone, tags: "timezone" }
|
||||
- { role: mgrote.restic, tags: "restic" }
|
||||
- { role: ryandaniels.create_users, tags: "user", become: yes }
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
- hosts: all
|
||||
roles:
|
||||
- { role: ryandaniels.create_users, tags: "user", become: yes }
|
|
@ -2,10 +2,5 @@
|
|||
- hosts: all
|
||||
roles:
|
||||
- { role: mgrote.motd, tags: "motd" }
|
||||
- { role: mgrote.tmux,
|
||||
tags: "tmux",
|
||||
when: "not 'proxmox' in group_names" }
|
||||
- { role: geerlingguy.dotfiles,
|
||||
# become_user: "{{ dotfiles_user }}" ,
|
||||
become: true,
|
||||
tags: "dotfiles" }
|
||||
- { role: mgrote.tmux, tags: "tmux", when: "not 'proxmox' in group_names" }
|
||||
- { role: geerlingguy.dotfiles, become: true, tags: "dotfiles" }
|
||||
|
|
|
@ -4,9 +4,3 @@
|
|||
- { role: geerlingguy.pip, tags: "pip", become: true }
|
||||
- { role: geerlingguy.docker, tags: "docker", become: true }
|
||||
- { role: gantsign.ctop, tags: "ctop", become: true }
|
||||
|
||||
# tasks:
|
||||
# - git: # noqa 401 401 502 502
|
||||
# repo: 'https://github.com/quotengrote/docker' # noqa 401 401 502 502
|
||||
# dest: /home/mg/docker
|
||||
# become: yes
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
###############################################################################
|
||||
|
||||
---
|
||||
- hosts: storage
|
||||
- hosts: fileserver
|
||||
roles:
|
||||
- { role: mgrote.postfix, tags: "postfix" }
|
||||
- { role: mgrote.fileserver_smb, tags: "fileserver_smb" }
|
||||
|
|
Loading…
Reference in a new issue