From 58440d920b90c4425b2ea724e7801d7aa54526ab Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 10:47:14 +0200 Subject: [PATCH 01/17] ss --- playbooks/1_bootstrap.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/1_bootstrap.yml b/playbooks/1_bootstrap.yml index e96d6ff4..84c298de 100644 --- a/playbooks/1_bootstrap.yml +++ b/playbooks/1_bootstrap.yml @@ -2,7 +2,7 @@ - hosts: all gather_facts: false roles: - - role: ansible-role-bootstrap + - role: robertdebock.bootstrap tags: "bootstrap" become: true - role: mgrote_apt_manage_sources -- 2.43.0 From df9d30b668811030371e94cb93e9a482a37eacee Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 10:52:38 +0200 Subject: [PATCH 02/17] ff --- roles/mgrote_ssh/handlers/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/mgrote_ssh/handlers/main.yml b/roles/mgrote_ssh/handlers/main.yml index 6b341078..4456bd14 100644 --- a/roles/mgrote_ssh/handlers/main.yml +++ b/roles/mgrote_ssh/handlers/main.yml @@ -2,6 +2,6 @@ - name: restart sshd become: true ansible.builtin.systemd: - name: sshd + name: ssh enabled: true state: restarted -- 2.43.0 From 8020f56b8179490f8ceeec56ea3c9bb575641609 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 15:57:38 +0200 Subject: [PATCH 03/17] dd --- roles/mgrote_user_setup/handlers/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/mgrote_user_setup/handlers/main.yml b/roles/mgrote_user_setup/handlers/main.yml index cf9bc9fe..78878747 100644 --- a/roles/mgrote_user_setup/handlers/main.yml +++ b/roles/mgrote_user_setup/handlers/main.yml @@ -2,7 +2,7 @@ - name: Vundle - PluginInstall # noqa no-changed-when risky-shell-pipe become: true become_user: "{{ item.user }}" - ansible.builtin.shell: yes | vim -c PluginInstall -c qall + ansible.builtin.shell: yes yes yes| vim -c PluginInstall -c qall args: chdir: "{{ item.home }}" loop: "{{ dotfiles }}" -- 2.43.0 From 73714122fde27feed6411e0760c057fec51a2a87 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 15:57:52 +0200 Subject: [PATCH 04/17] dd --- roles/mgrote_user_setup/handlers/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/mgrote_user_setup/handlers/main.yml b/roles/mgrote_user_setup/handlers/main.yml index 78878747..4e6ae4be 100644 --- a/roles/mgrote_user_setup/handlers/main.yml +++ b/roles/mgrote_user_setup/handlers/main.yml @@ -2,7 +2,7 @@ - name: Vundle - PluginInstall # noqa no-changed-when risky-shell-pipe become: true become_user: "{{ item.user }}" - ansible.builtin.shell: yes yes yes| vim -c PluginInstall -c qall + ansible.builtin.shell: yes yes yes | vim -c PluginInstall -c qall args: chdir: "{{ item.home }}" loop: "{{ dotfiles }}" -- 2.43.0 From 9f4dc5758e4f3a6e48cfbf84409b0ae90fdad9f3 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 20:52:04 +0200 Subject: [PATCH 05/17] dd --- docker-compose/traefik/file-provider.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose/traefik/file-provider.yml b/docker-compose/traefik/file-provider.yml index 49362c99..b6f6f9ae 100644 --- a/docker-compose/traefik/file-provider.yml +++ b/docker-compose/traefik/file-provider.yml @@ -21,8 +21,8 @@ http: middlewares: ratelimit: rateLimit: - average: 25 - burst: 50 + average: 40 + burst: 80 sourceCriterion: ipStrategy: depth: 2 -- 2.43.0 From 6caa0dc7c148d6c3a8296357ea68ccbed2dabf7a Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 21:07:05 +0200 Subject: [PATCH 06/17] dd --- roles/mgrote_pip_pre_tasks/tasks/main.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 roles/mgrote_pip_pre_tasks/tasks/main.yml diff --git a/roles/mgrote_pip_pre_tasks/tasks/main.yml b/roles/mgrote_pip_pre_tasks/tasks/main.yml new file mode 100644 index 00000000..1a2cd905 --- /dev/null +++ b/roles/mgrote_pip_pre_tasks/tasks/main.yml @@ -0,0 +1,13 @@ +--- +# Remove EXTERNALLY-MANAGED file if we're on Debian12 +# Related issue: https://github.com/geerlingguy/ansible-role-pip/issues/57 +- name: Get python3 version installed + ansible.builtin.command: python3 --version + register: py3ver + changed_when: false + +- name: Remove EXTERNALLY-MANAGED + ansible.builtin.file: + path: /usr/lib/python3.11/EXTERNALLY-MANAGED + state: absent + when: py3ver is defined and py3ver.stdout.find("3.11") != -1 -- 2.43.0 From 29edc222828e2a252c912c274e1f4bc05cffff61 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 21:07:40 +0200 Subject: [PATCH 07/17] dd --- playbooks/3_service/docker.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/playbooks/3_service/docker.yml b/playbooks/3_service/docker.yml index 05c423ec..f103c1bb 100644 --- a/playbooks/3_service/docker.yml +++ b/playbooks/3_service/docker.yml @@ -4,6 +4,9 @@ - role: mgrote_systemd_resolved tags: "dns" become: true + - role: mgrote_pip_pre_tasks + tags: "pip_pre" + become: true - role: geerlingguy.pip tags: "pip" become: true -- 2.43.0 From 51de5aa269a52e3141555507a83ad322b9e7576c Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 21:08:47 +0200 Subject: [PATCH 08/17] dd --- roles/mgrote_pip_pre_tasks/tasks/main.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/mgrote_pip_pre_tasks/tasks/main.yml b/roles/mgrote_pip_pre_tasks/tasks/main.yml index 1a2cd905..fb0bc76e 100644 --- a/roles/mgrote_pip_pre_tasks/tasks/main.yml +++ b/roles/mgrote_pip_pre_tasks/tasks/main.yml @@ -1,13 +1,7 @@ --- # Remove EXTERNALLY-MANAGED file if we're on Debian12 # Related issue: https://github.com/geerlingguy/ansible-role-pip/issues/57 -- name: Get python3 version installed - ansible.builtin.command: python3 --version - register: py3ver - changed_when: false - - name: Remove EXTERNALLY-MANAGED ansible.builtin.file: path: /usr/lib/python3.11/EXTERNALLY-MANAGED state: absent - when: py3ver is defined and py3ver.stdout.find("3.11") != -1 -- 2.43.0 From d0008f406cf78440172de7ac973ec57f28900771 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Thu, 3 Oct 2024 21:13:45 +0200 Subject: [PATCH 09/17] dd --- roles/mgrote_pip_pre_tasks/tasks/main.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/roles/mgrote_pip_pre_tasks/tasks/main.yml b/roles/mgrote_pip_pre_tasks/tasks/main.yml index fb0bc76e..1a242e3a 100644 --- a/roles/mgrote_pip_pre_tasks/tasks/main.yml +++ b/roles/mgrote_pip_pre_tasks/tasks/main.yml @@ -1,7 +1,15 @@ --- -# Remove EXTERNALLY-MANAGED file if we're on Debian12 -# Related issue: https://github.com/geerlingguy/ansible-role-pip/issues/57 -- name: Remove EXTERNALLY-MANAGED +# Remove EXTERNALLY-MANAGED file +# Related issue: https://github.com/geerlingguy/ansible-role-pip/issues/57 + https://www.jeffgeerling.com/blog/2023/how-solve-error-externally-managed-environment-when-installing-pip3 + +- name: Get Python 3.X version + ansible.builtin.command: python3 --version + register: pyver + changed_when: false + failed_when: pyver.rc != 0 + +- name: Ignore PEP 668 because it's silly. ansible.builtin.file: - path: /usr/lib/python3.11/EXTERNALLY-MANAGED state: absent + path: "/usr/lib/python{{ pyver.stdout.split()[1] | regex_search('([0-9]+\\.[0-9]+)') }}/EXTERNALLY-MANAGED" + when: pyver.stdout | regex_search('3\.[0-9]+') -- 2.43.0 From 100b9aa5dc4fc47106830c073e40c1f3ec00a252 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:07:44 +0200 Subject: [PATCH 10/17] dd --- host_vars/pve5.mgrote.net.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/host_vars/pve5.mgrote.net.yml b/host_vars/pve5.mgrote.net.yml index c6ca2e03..34e3adc6 100644 --- a/host_vars/pve5.mgrote.net.yml +++ b/host_vars/pve5.mgrote.net.yml @@ -173,55 +173,55 @@ sanoid_datasets: ### mgrote_proxmox_bind_mounts pve_bind_mounts: ### fileserver3 - - vmid: 115 + - vmid: 107 mp_nr: 0 mp_path_host: /hdd_data/videos mp_path_guest: /shares_videos - - vmid: 115 + - vmid: 107 mp_nr: 2 mp_path_host: /hdd_data/pve_backup mp_path_guest: /shares_pve_backup - - vmid: 115 + - vmid: 107 mp_nr: 3 mp_path_host: /hdd_data/papa_backup mp_path_guest: /shares_papa_backup - - vmid: 115 + - vmid: 107 mp_nr: 4 mp_path_host: /hdd_data/music mp_path_guest: /shares_music - - vmid: 115 + - vmid: 107 mp_nr: 5 mp_path_host: /hdd_data/tmp mp_path_guest: /shares_tmp - - vmid: 115 + - vmid: 107 mp_nr: 6 mp_path_host: /hdd_data/archiv mp_path_guest: /shares_archiv - - vmid: 115 + - vmid: 107 mp_nr: 7 mp_path_host: /hdd_data/bilder mp_path_guest: /shares_bilder - - vmid: 115 + - vmid: 107 mp_nr: 9 mp_path_host: /hdd_data/scans mp_path_guest: /shares_scans - - vmid: 115 + - vmid: 107 mp_nr: 10 mp_path_host: /hdd_data/restic mp_path_guest: /shares_restic - - vmid: 115 + - vmid: 107 mp_nr: 12 mp_path_host: /hdd_data/backup mp_path_guest: /shares_backup - - vmid: 115 + - vmid: 107 mp_nr: 14 mp_path_host: /hdd_data/buecher mp_path_guest: /shares_buecher - - vmid: 115 + - vmid: 107 mp_nr: 15 mp_path_host: /hdd_data/programme mp_path_guest: /shares_programme - - vmid: 115 + - vmid: 107 mp_nr: 16 mp_path_host: /hdd_data/vm mp_path_guest: /shares_vm -- 2.43.0 From ce7100d624ddad18b4c0019b92ac9184bbfbc5a8 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:12:35 +0200 Subject: [PATCH 11/17] dd --- roles/mgrote_proxmox_bind_mounts/tasks/bm.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml b/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml index 9ecee9dd..189c044c 100644 --- a/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml +++ b/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml @@ -21,7 +21,7 @@ changed_when: - restart.rc == 25 failed_when: - - restart.rc != 25 + - (restart.rc != 25) or (restart.rc == 0) notify: restart lxc # füge bind-mount hinzu falls er fehlt, also rc ungleich 0 # pro bind-mount -- 2.43.0 From 4be7f06a7ceec4102dbeafbe60b327435a8917a6 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:13:48 +0200 Subject: [PATCH 12/17] ff --- roles/mgrote_proxmox_bind_mounts/tasks/bm.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml b/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml index 189c044c..3e0414b8 100644 --- a/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml +++ b/roles/mgrote_proxmox_bind_mounts/tasks/bm.yml @@ -20,8 +20,6 @@ register: restart changed_when: - restart.rc == 25 - failed_when: - - (restart.rc != 25) or (restart.rc == 0) notify: restart lxc # füge bind-mount hinzu falls er fehlt, also rc ungleich 0 # pro bind-mount -- 2.43.0 From cbf7d8b3ccea376eca60c6ee2378113bfad6ebcd Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:24:55 +0200 Subject: [PATCH 13/17] ff --- playbooks/1_bootstrap.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/1_bootstrap.yml b/playbooks/1_bootstrap.yml index 84c298de..be0de3a3 100644 --- a/playbooks/1_bootstrap.yml +++ b/playbooks/1_bootstrap.yml @@ -26,11 +26,11 @@ vars: ### reobertdebock.bootstrap - bootstrap_user: mg + bootstrap_user: root bootstrap_wait_for_host: false bootstrap_timeout: 1 ### ansible - ansible_user: "mg" + ansible_user: "root" ansible_password: hallowelt ansible_become_password: hallowelt ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'" -- 2.43.0 From c51fb69b20137850d557489215236f346401058e Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:26:07 +0200 Subject: [PATCH 14/17] dd --- playbooks/1_bootstrap.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/1_bootstrap.yml b/playbooks/1_bootstrap.yml index be0de3a3..84c298de 100644 --- a/playbooks/1_bootstrap.yml +++ b/playbooks/1_bootstrap.yml @@ -26,11 +26,11 @@ vars: ### reobertdebock.bootstrap - bootstrap_user: root + bootstrap_user: mg bootstrap_wait_for_host: false bootstrap_timeout: 1 ### ansible - ansible_user: "root" + ansible_user: "mg" ansible_password: hallowelt ansible_become_password: hallowelt ansible_ssh_common_args: "'-o StrictHostKeyChecking=no'" -- 2.43.0 From 88edfc5c92478bbe5eacbb1a59e993b318b351bb Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:32:23 +0200 Subject: [PATCH 15/17] ff --- playbooks/1_bootstrap.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/playbooks/1_bootstrap.yml b/playbooks/1_bootstrap.yml index 84c298de..8f616148 100644 --- a/playbooks/1_bootstrap.yml +++ b/playbooks/1_bootstrap.yml @@ -47,3 +47,8 @@ # Nach dem ersten durchlaufen ist keine Anmeldung mehr per Passwort & ssh möglich. Damit scheitert auch der Versuch das Playbook ein zweites mal durchlaufen zu lassen. + +# Vorher benötigt werden: +# sudo adduser mg +# sudo adduser mg sudo +# sudo apt install openssh-sever -- 2.43.0 From 3204205cc9145687553374b7cc302cd598aa78d8 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:38:22 +0200 Subject: [PATCH 16/17] ddd --- playbooks/base/monitoring.yml | 1 - playbooks/base/system.yml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/base/monitoring.yml b/playbooks/base/monitoring.yml index f92b6b1f..7beb71b9 100644 --- a/playbooks/base/monitoring.yml +++ b/playbooks/base/monitoring.yml @@ -4,7 +4,6 @@ - role: mgrote_munin_node become: true tags: "munin" - when: "not 'laptop' in group_names" ### Die Host müssen auch beim Docker-Container: "munin-master eingetragen" werden. ### wird nur auf physischen Rechnern ausgeführt. diff --git a/playbooks/base/system.yml b/playbooks/base/system.yml index f5cc995d..1f92b051 100644 --- a/playbooks/base/system.yml +++ b/playbooks/base/system.yml @@ -24,3 +24,4 @@ tags: "ssh" - role: mgrote_netplan tags: "netplan" + when: "not 'fileserver' in group_names" -- 2.43.0 From f29287675c0b3b1715814731fb0dce6d1d344a38 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Fri, 4 Oct 2024 14:41:19 +0200 Subject: [PATCH 17/17] dd --- roles/mgrote_fwupd_settings/handlers/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/mgrote_fwupd_settings/handlers/main.yml b/roles/mgrote_fwupd_settings/handlers/main.yml index efd7dfbc..c032a9cc 100644 --- a/roles/mgrote_fwupd_settings/handlers/main.yml +++ b/roles/mgrote_fwupd_settings/handlers/main.yml @@ -5,3 +5,5 @@ state: restarted daemon_reload: true name: fwupd-refresh.service + when: + - "'fwupd-refresh.service' in services" -- 2.43.0