From f201aaef063be4d515e1873741543d2633876439 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Wed, 29 Nov 2023 21:15:50 +0100 Subject: [PATCH] housekeeping: comments (#619) Reviewed-on: https://git.mgrote.net/mg/homeserver/pulls/619 Co-authored-by: Michael Grote Co-committed-by: Michael Grote --- group_vars/all.yml | 18 +++++++++--------- group_vars/ansible.yml | 2 +- group_vars/blocky.yml | 4 ++-- group_vars/docker.yml | 8 ++++---- group_vars/fileserver.yml | 2 +- group_vars/gitea.yml | 2 +- group_vars/pbs.yml | 6 +++--- group_vars/pve.yml | 6 +++--- host_vars/docker10.mgrote.net.yml | 4 ++-- host_vars/fileserver3.mgrote.net.yml | 2 +- host_vars/pbs-test.mgrote.net.yml | 4 ++-- host_vars/pbs.mgrote.net.yml | 4 ++-- host_vars/pve5-test.mgrote.net.yml | 8 ++++---- host_vars/pve5.mgrote.net.yml | 8 ++++---- playbooks/1_bootstrap.yml | 2 +- roles/mgrote_zfs_sanoid/defaults/main.yml | 2 +- 16 files changed, 41 insertions(+), 41 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index e050e954..19cf380a 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -10,7 +10,7 @@ file_header: | ### mgrote_netplan netplan_configure: true -### mgrote.restic +### mgrote_restic restic_user: root restic_group: restic restic_conf_dir: /etc/restic @@ -33,7 +33,7 @@ restic_mount_user: restic restic_mount_password: "{{ lookup('keepass', 'fileserver_smb_user_restic', 'password') }}" restic_fail_mail: "{{ my_mail }}" -### mgrote.user +### mgrote_user users: - username: mg password: "{{ lookup('keepass', 'mg_linux_password_hash', 'password') }}" @@ -60,7 +60,7 @@ unattended_origins_patterns: - 'origin=Ubuntu,archive=${distro_codename}-security' - 'o=Ubuntu,a=${distro_codename}-updates' -### mgrote.ntp_chrony_client +### mgrote_ntp_chrony_client ntp_chrony_timezone: "Europe/Berlin" # Zeitzone in der sich der Computer befindet ntp_chrony_driftfile_directory: "/var/lib/chrony" # Ordner für das driftfile ntp_chrony_servers: # welche Server sollen befragt werden @@ -70,16 +70,16 @@ ntp_chrony_user: _chrony # Nutzer + Gruppe für den Dienst ntp_chrony_group: _chrony # Nutzer + Gruppe für den Dienst ntp_chrony_logging: false -### mgrote.postfix +### mgrote_postfix postfix_smtp_server: docker10.mgrote.net postfix_smtp_server_port: 1025 -### mgrote.tmux +### mgrote_tmux tmux_conf_destination: "/home/mg/.tmux.conf" tmux_bashrc_destination: "/home/mg/.bashrc" tmux_standardsession_name: "default" -### mgrote.fail2ban +### mgrote_fail2ban f2b_bantime: 300 f2b_findtime: 300 f2b_maxretry: 5 @@ -96,7 +96,7 @@ ufw_rules: ufw_default_incoming_policy: deny ufw_default_outgoing_policy: allow -### mgrote.apt_manage_packages +### mgrote_apt_manage_packages apt_packages_common: - locales - python3 @@ -142,7 +142,7 @@ apt_packages_absent: apt_packages_internet: - http://docker10.mgrote.net:3344/bash-helper-scripts-mgrote-latest.deb -### mgrote.zfs_sanoid +### mgrote_zfs_sanoid sanoid_templates: - name: '31tage' keep_hourly: '24' # Aufheben (Stunde) @@ -190,7 +190,7 @@ sanoid_templates: autosnap: 'yes' autoprune: 'yes' -### mgrote.zfs_sanoid +### mgrote_zfs_sanoid sanoid_deb_url: http://docker10.mgrote.net:3344/sanoid_3.0.4.deb # Ansible Variablen diff --git a/group_vars/ansible.yml b/group_vars/ansible.yml index 3cb92079..bee55a55 100644 --- a/group_vars/ansible.yml +++ b/group_vars/ansible.yml @@ -9,6 +9,6 @@ pip_install_packages: - name: ansible - name: docker-compose -### mgrote.apt_manage_packages +### mgrote_apt_manage_packages apt_packages_extra: - sshpass diff --git a/group_vars/blocky.yml b/group_vars/blocky.yml index 76a7a590..81a860cc 100644 --- a/group_vars/blocky.yml +++ b/group_vars/blocky.yml @@ -69,9 +69,9 @@ blocky_custom_lookups: # optional - name: fritz.box ip: 192.168.5.1 -### mgrote.apt_manage_packages +### mgrote_apt_manage_packages apt_packages_internet: - http://192.168.2.43:3344/bash-helper-scripts-mgrote-latest.deb -### mgrote.restic +### mgrote_restic restic_repository: "//192.168.2.54/restic" diff --git a/group_vars/docker.yml b/group_vars/docker.yml index 01fc8166..dd3ed129 100644 --- a/group_vars/docker.yml +++ b/group_vars/docker.yml @@ -15,10 +15,10 @@ lvm_groups: manage_lvm: true pvresize_to_max: true -### mgrote.restic +### mgrote_restic restic_folders_to_backup: "/ /var/lib/docker" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files -### mgrote.user +### mgrote_user users: - username: mg password: "{{ lookup('keepass', 'mg_linux_password_hash', 'password') }}" @@ -52,10 +52,10 @@ docker_users: docker_install_compose: true docker_add_repo: false # erstelle kein Repo-Eintrag unter /etc/apt/sources.list.d/, steht explizit unter "repos_override" -### mgrote.docker-compose-deploy +### mgrote_docker-compose-deploy docker_compose_base_dir: /home/docker-user -### mgrote.apt_manage_sources +### mgrote_apt_manage_sources repos_override: # mit docker-repos - deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable - "deb http://de.archive.ubuntu.com/ubuntu/ {{ ansible_distribution_release }} main restricted" diff --git a/group_vars/fileserver.yml b/group_vars/fileserver.yml index 24f7d4f9..9eeecaae 100644 --- a/group_vars/fileserver.yml +++ b/group_vars/fileserver.yml @@ -18,7 +18,7 @@ ufw_rules: comment: 'smb' from_ip: 0.0.0.0/0 -### mgrote.fileserver_smb +### mgrote_fileserver_smb smb_workgroup: WORKGROUP smb_min_protocol: "SMB2" smb_client_min_protocol: "SMB2" diff --git a/group_vars/gitea.yml b/group_vars/gitea.yml index 6c910533..6f81815e 100644 --- a/group_vars/gitea.yml +++ b/group_vars/gitea.yml @@ -15,7 +15,7 @@ lvm_groups: manage_lvm: true pvresize_to_max: true -### mgrote.restic +### mgrote_restic restic_folders_to_backup: "/ /var/lib/gitea" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files ### oefenweb.ufw diff --git a/group_vars/pbs.yml b/group_vars/pbs.yml index 4d4ca5f3..f2ff6c59 100644 --- a/group_vars/pbs.yml +++ b/group_vars/pbs.yml @@ -2,13 +2,13 @@ ### mgrote_netplan netplan_configure: false -### mgrote.postfix +### mgrote_postfix postfix_erlaubte_netzwerke: "127.0.0.0/8 192.168.2.0/24 192.168.3.0/24" -### mgrote.restic +### mgrote_restic restic_folders_to_backup: "/ /etc/proxmox-backup" -### mgrote.user +### mgrote_user users: - username: root password: "{{ lookup('keepass', 'root_linux_password_hash_proxmox', 'password') }}" diff --git a/group_vars/pve.yml b/group_vars/pve.yml index 1d50148a..770e8e40 100644 --- a/group_vars/pve.yml +++ b/group_vars/pve.yml @@ -2,10 +2,10 @@ ### mgrote_netplan netplan_configure: false -### mgrote.restic +### mgrote_restic restic_folders_to_backup: "/ /etc/pve" -### mgrote.user +### mgrote_user users: - username: root password: "{{ lookup('keepass', 'root_linux_password_hash_proxmox', 'password') }}" @@ -31,7 +31,7 @@ users: allow_sudo: true allow_passwordless_sudo: true -### mgrote.apt_manage_packages +### mgrote_apt_manage_packages apt_packages_extra: - ifupdown2 - bmon diff --git a/host_vars/docker10.mgrote.net.yml b/host_vars/docker10.mgrote.net.yml index fb106a69..b7cb2fd9 100644 --- a/host_vars/docker10.mgrote.net.yml +++ b/host_vars/docker10.mgrote.net.yml @@ -29,10 +29,10 @@ cifs_mounts: gid: 5000 extra_opts: ",ro" # komma am Anfang ist notwendig weil die Option hinten angehangen wird -### mgrote.restic +### mgrote_restic restic_folders_to_backup: "/ /var/lib/docker /mnt/oci-registry" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben -### mgrote.docker-compose-inline +### mgrote_docker-compose-inline compose_owner: "docker-user" compose_group: "docker-user" compose_file_permissions: "644" diff --git a/host_vars/fileserver3.mgrote.net.yml b/host_vars/fileserver3.mgrote.net.yml index caaa2c22..03460db7 100644 --- a/host_vars/fileserver3.mgrote.net.yml +++ b/host_vars/fileserver3.mgrote.net.yml @@ -1,5 +1,5 @@ --- -### mgrote.youtubedl +### mgrote_youtubedl ytdl_dl_url: "https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp" ytdl_timer: "Tue,Sat 03:00" ytdl_bin_path: /usr/local/bin/yt-dlp diff --git a/host_vars/pbs-test.mgrote.net.yml b/host_vars/pbs-test.mgrote.net.yml index d6899f8d..fcdea01c 100644 --- a/host_vars/pbs-test.mgrote.net.yml +++ b/host_vars/pbs-test.mgrote.net.yml @@ -33,7 +33,7 @@ pbs_users: ### sudo zpool create -o ashift=12 -o feature@encryption=enabled -O encryption=on -O keylocation=prompt -O keyformat=passphrase backup /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1 # mgrote.zfs_manage_datasets -### mgrote.zfs_extra +### mgrote_zfs_extra # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_* zfs_datasets: # DatenPools werden hier nicht verwaltet # rpool - System-Datasets @@ -68,7 +68,7 @@ zfs_extra_zfs_pools: - name: "backup" systemd_timer_schedule: "*-01,04,07,10-01 23:00" -### mgrote.zfs_sanoid +### mgrote_zfs_sanoid sanoid_snaps_enable: true ## syncoid diff --git a/host_vars/pbs.mgrote.net.yml b/host_vars/pbs.mgrote.net.yml index 1ec45d10..31fc5106 100644 --- a/host_vars/pbs.mgrote.net.yml +++ b/host_vars/pbs.mgrote.net.yml @@ -29,7 +29,7 @@ pbs_users: ### sudo zpool create -o ashift=12 -o feature@encryption=enabled -O encryption=on -O keylocation=prompt -O keyformat=passphrase backup /dev/disk/by-id/ata-TOSHIBA_MG09ACA18TE_Z1B0A28LFJDH # mgrote.zfs_manage_datasets -### mgrote.zfs_extra +### mgrote_zfs_extra # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_* zfs_datasets: # DatenPools werden hier nicht verwaltet # rpool - System-Datasets @@ -64,7 +64,7 @@ zfs_extra_zfs_pools: - name: "backup" systemd_timer_schedule: "*-01,04,07,10-01 23:00" -### mgrote.zfs_sanoid +### mgrote_zfs_sanoid sanoid_snaps_enable: true ## syncoid sanoid_syncoid_destination_host: true diff --git a/host_vars/pve5-test.mgrote.net.yml b/host_vars/pve5-test.mgrote.net.yml index 9a8e9bfd..da173aa8 100644 --- a/host_vars/pve5-test.mgrote.net.yml +++ b/host_vars/pve5-test.mgrote.net.yml @@ -7,7 +7,7 @@ ### sudo zpool create -o ashift=12 -o feature@encryption=enabled -O encryption=on -O keylocation=prompt -O keyformat=passphrase hdd_data_raidz mirror /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi3 /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi2 # mgrote.zfs_manage_datasets -### mgrote.zfs_extra +### mgrote_zfs_extra # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_* zfs_datasets: # DatenPools werden hier nicht verwaltet # rpool - System-Datasets @@ -83,7 +83,7 @@ zfs_extra_zfs_pools: - name: "hdd_data_raidz" systemd_timer_schedule: "*-01,04,07,10-01 23:00" -### mgrote.zfs_sanoid +### mgrote_zfs_sanoid sanoid_datasets: - path: 'hdd_data_raidz/videos' template: '3tage' @@ -150,14 +150,14 @@ sanoid_datasets: snapshots: true template: '3tage' -### mgrote.cv4pve-autosnap +### mgrote_cv4pve-autosnap cv4pve_api_user: root@pam!cv4pve-autosnap cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}" cv4pve_vmid: all cv4pve_keep_snapshots: 5 cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.10.0/cv4pve-autosnap-linux-x64.zip" -### mgrote.proxmox_bind_mounts +### mgrote_proxmox_bind_mounts pve_bind_mounts: - vmid: 100 mp_nr: 0 diff --git a/host_vars/pve5.mgrote.net.yml b/host_vars/pve5.mgrote.net.yml index 834e8c0d..5f28bc1b 100644 --- a/host_vars/pve5.mgrote.net.yml +++ b/host_vars/pve5.mgrote.net.yml @@ -7,7 +7,7 @@ ### sudo zpool create -o ashift=12 -o feature@encryption=enabled -O encryption=on -O keylocation=prompt -O keyformat=passphrase hdd_data_raidz mirror /dev/disk/by-id/ata-TOSHIBA_MG09ACA18TE_Z1B0A27KFJDH /dev/disk/by-id/ata-TOSHIBA_MG09ACA18TE_Z1B0A28LFJDH # mgrote.zfs_manage_datasets -### mgrote.zfs_extra +### mgrote_zfs_extra # Variablen für mgrote.zfs_health/trim/scrub/zed/arc_mem/ sind zusammengefasst unter zfs_extra_* zfs_datasets: # DatenPools werden hier nicht verwaltet # rpool - System-Datasets @@ -87,7 +87,7 @@ zfs_extra_zfs_pools: - name: "hdd_data_raidz" systemd_timer_schedule: "*-01,04,07,10-01 23:00" -### mgrote.zfs_sanoid +### mgrote_zfs_sanoid sanoid_snaps_enable: true ## enable sending snaps sanoid_syncoid_source_host: true @@ -160,14 +160,14 @@ sanoid_datasets: snapshots: true template: 'pve3tage' -### mgrote.cv4pve-autosnap +### mgrote_cv4pve-autosnap cv4pve_api_user: root@pam!cv4pve-autosnap cv4pve_api_token: "{{ lookup('keepass', 'cv4pve_api_token', 'password') }}" cv4pve_vmid: all,-115 cv4pve_keep_snapshots: 5 cv4pve_dl_link: "https://github.com/Corsinvest/cv4pve-autosnap/releases/download/v1.14.7/cv4pve-autosnap-linux-x64.zip" -### mgrote.proxmox_bind_mounts +### mgrote_proxmox_bind_mounts pve_bind_mounts: ### fileserver3 - vmid: 115 diff --git a/playbooks/1_bootstrap.yml b/playbooks/1_bootstrap.yml index a0bc6583..9d3558b2 100644 --- a/playbooks/1_bootstrap.yml +++ b/playbooks/1_bootstrap.yml @@ -34,7 +34,7 @@ ansible_password: hallowelt ansible_become_password: hallowelt ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'" - ### mgrote.user + ### mgrote_user users: - username: ansible-user password: "{{ lookup('keepass', 'ansible_user_linux_password_hash', 'password') }}" diff --git a/roles/mgrote_zfs_sanoid/defaults/main.yml b/roles/mgrote_zfs_sanoid/defaults/main.yml index 25d569ca..1cf026c5 100644 --- a/roles/mgrote_zfs_sanoid/defaults/main.yml +++ b/roles/mgrote_zfs_sanoid/defaults/main.yml @@ -44,7 +44,7 @@ sanoid_user_group: sanoid #sanoid_syncoid_ssh_privkey: "{{ lookup('keepass', 'sanoid_syncoid_private_key', 'notes') }}" #sanoid_syncoid_ssh_pubkey: "{{ lookup('keepass', 'sanoid_syncoid_public_key', 'notes') }}" -### mgrote.sanoid +### mgrote_sanoid #sanoid_syncoid_datasets_sync: # - source_host: pve5.mgrote.net # source_dataset: hdd_data_raidz/tmp