From 7cc41b532a82360bc39fecde2590fec67d78b32b Mon Sep 17 00:00:00 2001 From: mg Date: Thu, 3 Nov 2022 21:12:54 +0100 Subject: [PATCH] Aufbau PVE5 (#421) Co-authored-by: Michael Grote Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/421 --- docker-compose/homer/assets/mgmt.yml | 5 + docker-compose/munin/docker-compose.yml.j2 | 1 + group_vars/all.yml | 4 + host_vars/pve2.grote.lan.yml | 169 ----------------- host_vars/pve5.grote.lan.yml | 210 +++++++++++++++++++++ inventory | 17 +- roles/mgrote.motd/tasks/systemctl.yml | 1 + 7 files changed, 225 insertions(+), 182 deletions(-) create mode 100644 host_vars/pve5.grote.lan.yml diff --git a/docker-compose/homer/assets/mgmt.yml b/docker-compose/homer/assets/mgmt.yml index 7ae4ddf4..9f1e4f0e 100644 --- a/docker-compose/homer/assets/mgmt.yml +++ b/docker-compose/homer/assets/mgmt.yml @@ -52,6 +52,11 @@ services: url: "https://pve2.grote.lan:8006" target: "_blank" subtitle: "Selbstbau" + - name: "ProxMox Virtual Environment" + logo: "assets/icons/pve.png" + url: "https://pve5.grote.lan:8006" + target: "_blank" + subtitle: "Selbstbau Mini" - name: "Apt-Cacher-NG" logo: "assets/icons/acng.jpg" url: "http://acng.grote.lan:9999/acng-report.html" diff --git a/docker-compose/munin/docker-compose.yml.j2 b/docker-compose/munin/docker-compose.yml.j2 index 4fd6230e..4e31aa24 100644 --- a/docker-compose/munin/docker-compose.yml.j2 +++ b/docker-compose/munin/docker-compose.yml.j2 @@ -21,6 +21,7 @@ services: acng.grote.lan:acng.grote.lan ansible2.grote.lan:ansible2.grote.lan pve2.grote.lan:pve2.grote.lan + pve5.grote.lan:pve5.grote.lan dokuwiki2.grote.lan:dokuwiki2.grote.lan gitea.grote.lan:gitea.grote.lan docker10.grote.lan:docker10.grote.lan diff --git a/group_vars/all.yml b/group_vars/all.yml index c42cebe4..01435178 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -64,6 +64,10 @@ - name: ntp # verursacht zu viele dns ptr request - name: hddtempd # ersetzt durch hddtemp_smartctl - name: mt_system_crs309 # switch ausgebaut + - name: squid_cache # proxmox + - name: squid_objectsize # proxmox + - name: squid_requests # proxmox + - name: squid_traffic # proxmox munin_node_plugins: - name: timesync src: https://git.mgrote.net/mg/mirror-munin-contrib/raw/branch/master/plugins/systemd/timesync_status diff --git a/host_vars/pve2.grote.lan.yml b/host_vars/pve2.grote.lan.yml index e7bc0d95..526bf5b2 100644 --- a/host_vars/pve2.grote.lan.yml +++ b/host_vars/pve2.grote.lan.yml @@ -27,177 +27,8 @@ state: present - dataset: rpool/vm/zvol state: present - # hdd_data_raidz - - dataset: hdd_data_raidz - state: present - compression: zstd - sync: disabled - xattr: sa - dnodesize: auto - atime: on - snapdir: hidden - reservation: 1G - - dataset: hdd_data_raidz/papa_backup - state: present - - dataset: hdd_data_raidz/pve_backup - state: present - recordsize: 1M - - dataset: hdd_data_raidz/videos - state: present - recordsize: 1M - - dataset: hdd_data_raidz/music - state: present - recordsize: 1M - - dataset: hdd_data_raidz/tmp - state: present - - dataset: hdd_data_raidz/archiv - state: present - - dataset: hdd_data_raidz/bilder - state: present - recordsize: 1M - - dataset: hdd_data_raidz/hm - state: present - - dataset: hdd_data_raidz/scans - state: present - - dataset: hdd_data_raidz/restic - state: present - - dataset: hdd_data_raidz/backup - state: present - - dataset: hdd_data_raidz/buecher - state: present - - dataset: hdd_data_raidz/programme - state: present - - dataset: hdd_data_raidz/vm - state: present zfs_extra_arc_max_size: "8589934592" # 8GB in Bytes zfs_extra_zfs_pools: - name: "rpool" systemd_timer_schedule: "*-01,04,07,10-01 23:00" # jeden ersten eines jeden Quartals - - name: "hdd_data_raidz" - systemd_timer_schedule: "*-01,04,07,10-01 23:00" - - ### mgrote.zfs_sanoid - sanoid_datasets: - - path: 'hdd_data_raidz/videos' - template: '3tage' - recursive: 'yes' - snapshots: true - - path: 'hdd_data_raidz/music' - template: '14tage' - recursive: 'yes' - snapshots: true - - path: 'hdd_data_raidz/papa_backup' - template: '14tage' - recursive: 'yes' - snapshots: true - - path: 'hdd_data_raidz/tmp' - template: '3tage' - recursive: 'yes' - snapshots: true - - path: 'hdd_data_raidz/pve_backup' - template: '3tage' - recursive: 'yes' - snapshots: true - - path: 'hdd_data_raidz/archiv' - template: '14tage' - recursive: 'yes' - snapshots: true - - path: hdd_data_raidz/bilder - recursive: 'no' - snapshots: true - template: '14tage' - - path: hdd_data_raidz/hm - recursive: 'no' - snapshots: true - template: '14tage' - - path: hdd_data_raidz/scans - recursive: 'no' - snapshots: true - template: '3tage' - - path: hdd_data_raidz/backup - recursive: 'no' - snapshots: true - template: '31tage' - - path: hdd_data_raidz/restic - recursive: 'no' - snapshots: true - template: '3tage' - - path: hdd_data_raidz/programme - recursive: 'no' - snapshots: true - template: '14tage' - - path: hdd_data_raidz/buecher - recursive: 'no' - snapshots: true - template: '14tage' - - path: hdd_data_raidz/vm - recursive: 'no' - snapshots: true - template: '3tage' - - ### mgrote.cv4pve-autosnap - cv4pve_api_user: root@pam!cv4pve-autosnap - cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token_pve2', 'password') }}" - cv4pve_vmid: all,-127,-112,-116 - cv4pve_keep_snapshots: 5 - cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.10.0/cv4pve-autosnap-linux-x64.zip" - - ### mgrote.proxmox_bind_mounts - pve_bind_mounts: - - vmid: 127 - mp_nr: 0 - mp_path_host: /hdd_data_raidz/videos - mp_path_guest: /shares_videos - - vmid: 127 - mp_nr: 2 - mp_path_host: /hdd_data_raidz/pve_backup - mp_path_guest: /shares_pve_backup - - vmid: 127 - mp_nr: 3 - mp_path_host: /hdd_data_raidz/papa_backup - mp_path_guest: /shares_papa_backup - - vmid: 127 - mp_nr: 4 - mp_path_host: /hdd_data_raidz/music - mp_path_guest: /shares_music - - vmid: 127 - mp_nr: 5 - mp_path_host: /hdd_data_raidz/tmp - mp_path_guest: /shares_tmp - - vmid: 127 - mp_nr: 6 - mp_path_host: /hdd_data_raidz/archiv - mp_path_guest: /shares_archiv - - vmid: 127 - mp_nr: 7 - mp_path_host: /hdd_data_raidz/bilder - mp_path_guest: /shares_bilder - - vmid: 127 - mp_nr: 8 - mp_path_host: /hdd_data_raidz/hm - mp_path_guest: /shares_hm - - vmid: 127 - mp_nr: 9 - mp_path_host: /hdd_data_raidz/scans - mp_path_guest: /shares_scans - - vmid: 127 - mp_nr: 10 - mp_path_host: /hdd_data_raidz/restic - mp_path_guest: /shares_restic - - vmid: 127 - mp_nr: 12 - mp_path_host: /hdd_data_raidz/backup - mp_path_guest: /shares_backup - - vmid: 127 - mp_nr: 14 - mp_path_host: /hdd_data_raidz/buecher - mp_path_guest: /shares_buecher - - vmid: 127 - mp_nr: 15 - mp_path_host: /hdd_data_raidz/programme - mp_path_guest: /shares_programme - - vmid: 127 - mp_nr: 16 - mp_path_host: /hdd_data_raidz/vm - mp_path_guest: /shares_vm diff --git a/host_vars/pve5.grote.lan.yml b/host_vars/pve5.grote.lan.yml new file mode 100644 index 00000000..4b71df8f --- /dev/null +++ b/host_vars/pve5.grote.lan.yml @@ -0,0 +1,210 @@ +--- + # rpool ist unverschlüsselt als Boot-Medium + # der Speicherort fur die VMs ist verschlüsselt + # zfs create -o encryption=aes-256-gcm -o keyformat=passphrase rpool/vm + # entschlüsseln nach Boot mit: sudo zfs mount -a -l + + + # mgrote.zfs_manage_datasets + ### mgrote.zfs_extra + # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_* + zfs_datasets: # DatenPools werden hier nicht verwaltet + # rpool - System-Datasets + - dataset: rpool + state: present + compression: zstd + sync: disabled + xattr: sa + dnodesize: auto + atime: on + snapdir: hidden + reservation: 1G + refreservation: 10G + - dataset: rpool/ROOT + state: present + refreservation: 10G + - dataset: rpool/ROOT/pve-1 + state: present + refreservation: 10G + + # rpool - VMs + - dataset: rpool/vm + state: present + - dataset: rpool/vm/zvol + state: present + - dataset: rpool/vm/lxc + state: present + # hdd_data_raidz + - dataset: hdd_data_raidz + state: present + compression: zstd + sync: disabled + xattr: sa + dnodesize: auto + atime: on + snapdir: hidden + reservation: 1G + - dataset: hdd_data_raidz/papa_backup + state: present + - dataset: hdd_data_raidz/pve_backup + state: present + recordsize: 1M + - dataset: hdd_data_raidz/videos + state: present + recordsize: 1M + - dataset: hdd_data_raidz/music + state: present + recordsize: 1M + - dataset: hdd_data_raidz/tmp + state: present + - dataset: hdd_data_raidz/archiv + state: present + - dataset: hdd_data_raidz/bilder + state: present + recordsize: 1M + - dataset: hdd_data_raidz/hm + state: present + - dataset: hdd_data_raidz/scans + state: present + - dataset: hdd_data_raidz/restic + state: present + - dataset: hdd_data_raidz/backup + state: present + - dataset: hdd_data_raidz/buecher + state: present + - dataset: hdd_data_raidz/programme + state: present + - dataset: hdd_data_raidz/vm + state: present + + zfs_extra_arc_max_size: "8589934592" # 8GB in Bytes + zfs_extra_zfs_pools: + - name: "rpool" + systemd_timer_schedule: "*-01,04,07,10-01 23:00" # jeden ersten eines jeden Quartals + - name: "hdd_data_raidz" + systemd_timer_schedule: "*-01,04,07,10-01 23:00" + + ### mgrote.zfs_sanoid + sanoid_datasets: + - path: 'hdd_data_raidz/videos' + template: '3tage' + recursive: 'yes' + snapshots: true + - path: 'hdd_data_raidz/music' + template: '14tage' + recursive: 'yes' + snapshots: true + - path: 'hdd_data_raidz/papa_backup' + template: '14tage' + recursive: 'yes' + snapshots: true + - path: 'hdd_data_raidz/tmp' + template: '3tage' + recursive: 'yes' + snapshots: true + - path: 'hdd_data_raidz/pve_backup' + template: '3tage' + recursive: 'yes' + snapshots: true + - path: 'hdd_data_raidz/archiv' + template: '14tage' + recursive: 'yes' + snapshots: true + - path: hdd_data_raidz/bilder + recursive: 'no' + snapshots: true + template: '14tage' + - path: hdd_data_raidz/hm + recursive: 'no' + snapshots: true + template: '14tage' + - path: hdd_data_raidz/scans + recursive: 'no' + snapshots: true + template: '3tage' + - path: hdd_data_raidz/backup + recursive: 'no' + snapshots: true + template: '31tage' + - path: hdd_data_raidz/restic + recursive: 'no' + snapshots: true + template: '3tage' + - path: hdd_data_raidz/programme + recursive: 'no' + snapshots: true + template: '14tage' + - path: hdd_data_raidz/buecher + recursive: 'no' + snapshots: true + template: '14tage' + - path: hdd_data_raidz/vm + recursive: 'no' + snapshots: true + template: '3tage' + + ### mgrote.cv4pve-autosnap + cv4pve_api_user: root@pam!cv4pve-autosnap + cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token_pve2', 'password') }}" + cv4pve_vmid: all,-127 + cv4pve_keep_snapshots: 5 + cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.10.0/cv4pve-autosnap-linux-x64.zip" + + ### mgrote.proxmox_bind_mounts + pve_bind_mounts: + - vmid: 127 + mp_nr: 0 + mp_path_host: /hdd_data_raidz/videos + mp_path_guest: /shares_videos + - vmid: 127 + mp_nr: 2 + mp_path_host: /hdd_data_raidz/pve_backup + mp_path_guest: /shares_pve_backup + - vmid: 127 + mp_nr: 3 + mp_path_host: /hdd_data_raidz/papa_backup + mp_path_guest: /shares_papa_backup + - vmid: 127 + mp_nr: 4 + mp_path_host: /hdd_data_raidz/music + mp_path_guest: /shares_music + - vmid: 127 + mp_nr: 5 + mp_path_host: /hdd_data_raidz/tmp + mp_path_guest: /shares_tmp + - vmid: 127 + mp_nr: 6 + mp_path_host: /hdd_data_raidz/archiv + mp_path_guest: /shares_archiv + - vmid: 127 + mp_nr: 7 + mp_path_host: /hdd_data_raidz/bilder + mp_path_guest: /shares_bilder + - vmid: 127 + mp_nr: 8 + mp_path_host: /hdd_data_raidz/hm + mp_path_guest: /shares_hm + - vmid: 127 + mp_nr: 9 + mp_path_host: /hdd_data_raidz/scans + mp_path_guest: /shares_scans + - vmid: 127 + mp_nr: 10 + mp_path_host: /hdd_data_raidz/restic + mp_path_guest: /shares_restic + - vmid: 127 + mp_nr: 12 + mp_path_host: /hdd_data_raidz/backup + mp_path_guest: /shares_backup + - vmid: 127 + mp_nr: 14 + mp_path_host: /hdd_data_raidz/buecher + mp_path_guest: /shares_buecher + - vmid: 127 + mp_nr: 15 + mp_path_host: /hdd_data_raidz/programme + mp_path_guest: /shares_programme + - vmid: 127 + mp_nr: 16 + mp_path_host: /hdd_data_raidz/vm + mp_path_guest: /shares_vm diff --git a/inventory b/inventory index 26a1c959..5cffc334 100644 --- a/inventory +++ b/inventory @@ -18,24 +18,19 @@ all: docker: hosts: docker10.grote.lan: - vmtest: - hosts: - vm-test2.grote.lan: - bastelstube-gui.grote.lan: proxmox: hosts: - pve2-test2.grote.lan: pve2.grote.lan: + pve5.grote.lan: children: proxmoxprod: hosts: pve2.grote.lan: - proxmoxtest: - hosts: - pve2-test2.grote.lan: + pve5.grote.lan: physical: hosts: pve2.grote.lan: + pve5.grote.lan: gitea: hosts: gitea.grote.lan: @@ -47,11 +42,7 @@ all: acng.grote.lan: ansible2.grote.lan: pve2.grote.lan: + pve5.grote.lan: gitea.grote.lan: dnsmasq.grote.lan: docker10.grote.lan: - test: - hosts: - vm-test2.grote.lan: - pve2-test2.grote.lan: - bastelstube-gui.grote.lan: diff --git a/roles/mgrote.motd/tasks/systemctl.yml b/roles/mgrote.motd/tasks/systemctl.yml index b92cb478..36727804 100644 --- a/roles/mgrote.motd/tasks/systemctl.yml +++ b/roles/mgrote.motd/tasks/systemctl.yml @@ -7,3 +7,4 @@ state: stopped enabled: no daemon_reload: yes + ignore_errors: true