From ce30e54b2598a719bfd5c1e1ab0741d8af9b7625 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 15:50:30 +0100 Subject: [PATCH 1/5] dsfg --- friedhof/mgrote_acng/mgrote.acng/tasks/main.yml | 2 +- friedhof/mgrote_acng/tasks/main.yml | 2 +- friedhof/mgrote_docker_compose_deploy/tasks/main.yml | 4 ++-- friedhof/mgrote_minio/mgrote.minio/tasks/main.yml | 2 +- friedhof/mgrote_minio/tasks/main.yml | 2 +- friedhof/mgrote_sealed_secrets/tasks/import.yml | 2 +- .../tasks/destination.yml | 2 +- group_vars/all.yml | 1 + roles/mgrote_cv4pve_autosnap/tasks/systemd.yml | 2 +- roles/mgrote_docker_compose_inline/tasks/main.yml | 4 ++-- roles/mgrote_fileserver_smb/handlers/main.yml | 2 +- roles/mgrote_fileserver_smb/tasks/users.yml | 2 +- roles/mgrote_gitea_setup/tasks/admin.yml | 4 ++-- roles/mgrote_gitea_setup/tasks/ldap.yml | 4 ++-- roles/mgrote_minio_configure/tasks/main.yml | 2 +- roles/mgrote_mount_cifs/tasks/main.yml | 6 +++--- roles/mgrote_munin_node/tasks/additional.yml | 6 +++--- roles/mgrote_pbs_pve_integration/tasks/main.yml | 4 ++-- roles/mgrote_pbs_users/tasks/main.yml | 4 ++-- roles/mgrote_restic/tasks/main.yml | 4 ++-- roles/mgrote_rsync/tasks/source.yml | 2 +- roles/mgrote_users/tasks/main.yml | 10 +++++----- 22 files changed, 37 insertions(+), 36 deletions(-) diff --git a/friedhof/mgrote_acng/mgrote.acng/tasks/main.yml b/friedhof/mgrote_acng/mgrote.acng/tasks/main.yml index 89a4cbb6..572536ab 100644 --- a/friedhof/mgrote_acng/mgrote.acng/tasks/main.yml +++ b/friedhof/mgrote_acng/mgrote.acng/tasks/main.yml @@ -39,4 +39,4 @@ dest: "{{ acng_security_conf_path }}" mode: "0640" notify: acng_starten_aktivieren - no_log: true + no_log: "{{ no_debug | default('true') }}" diff --git a/friedhof/mgrote_acng/tasks/main.yml b/friedhof/mgrote_acng/tasks/main.yml index f85a6a67..df41ab0f 100644 --- a/friedhof/mgrote_acng/tasks/main.yml +++ b/friedhof/mgrote_acng/tasks/main.yml @@ -32,4 +32,4 @@ dest: "{{ acng_security_conf_path }}" mode: "0640" notify: acng_starten_aktivieren - no_log: true + no_log: "{{ no_debug | default('true') }}" diff --git a/friedhof/mgrote_docker_compose_deploy/tasks/main.yml b/friedhof/mgrote_docker_compose_deploy/tasks/main.yml index 2dd5d728..ed7b1a86 100644 --- a/friedhof/mgrote_docker_compose_deploy/tasks/main.yml +++ b/friedhof/mgrote_docker_compose_deploy/tasks/main.yml @@ -5,7 +5,7 @@ when: - item.state == "present" - docker_compose_projects is defined - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: loop docker tasks - down ansible.builtin.include_tasks: dockercompose-down.yml @@ -13,4 +13,4 @@ when: - item.state == "absent" - docker_compose_projects is defined - no_log: true + no_log: "{{ no_debug | default('true') }}" diff --git a/friedhof/mgrote_minio/mgrote.minio/tasks/main.yml b/friedhof/mgrote_minio/mgrote.minio/tasks/main.yml index 05a5a677..32a08764 100644 --- a/friedhof/mgrote_minio/mgrote.minio/tasks/main.yml +++ b/friedhof/mgrote_minio/mgrote.minio/tasks/main.yml @@ -38,7 +38,7 @@ owner: "{{ minio_user }}" group: "{{ minio_user }}" notify: (re)start service - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: template systemd-unit become: true diff --git a/friedhof/mgrote_minio/tasks/main.yml b/friedhof/mgrote_minio/tasks/main.yml index 05a5a677..32a08764 100644 --- a/friedhof/mgrote_minio/tasks/main.yml +++ b/friedhof/mgrote_minio/tasks/main.yml @@ -38,7 +38,7 @@ owner: "{{ minio_user }}" group: "{{ minio_user }}" notify: (re)start service - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: template systemd-unit become: true diff --git a/friedhof/mgrote_sealed_secrets/tasks/import.yml b/friedhof/mgrote_sealed_secrets/tasks/import.yml index 155cacda..ad5be534 100644 --- a/friedhof/mgrote_sealed_secrets/tasks/import.yml +++ b/friedhof/mgrote_sealed_secrets/tasks/import.yml @@ -13,7 +13,7 @@ group: root mode: '0400' when: key.rc not in [ 0 ] - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: apply private key # noqa no-changed-when ansible.builtin.command: kubectl apply -f /root/private.key diff --git a/friedhof/mgrote_zfs_sanoid_mit_syncoid/tasks/destination.yml b/friedhof/mgrote_zfs_sanoid_mit_syncoid/tasks/destination.yml index 410ae691..296318dd 100644 --- a/friedhof/mgrote_zfs_sanoid_mit_syncoid/tasks/destination.yml +++ b/friedhof/mgrote_zfs_sanoid_mit_syncoid/tasks/destination.yml @@ -7,7 +7,7 @@ owner: "{{ sanoid_user }}" group: "{{ sanoid_user_group }}" mode: "0400" - no_log: true + no_log: "{{ no_debug | default('true') }}" when: - sanoid_syncoid_destination_host diff --git a/group_vars/all.yml b/group_vars/all.yml index cb453501..49575290 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,5 +1,6 @@ --- ### wird in vielen Rollen verwendet +no_debug: true # when set to true "no_log" is also set to true ansible_facts_parallel: true ssh_public_key_mg: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKL8opSQ0rWVw9uCfbuiqmXq188OP4xh66MBTO3zV5jo heimserver_mg_v3 my_mail: michael.grote@posteo.de diff --git a/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml b/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml index d089d485..8ff87071 100644 --- a/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml +++ b/roles/mgrote_cv4pve_autosnap/tasks/systemd.yml @@ -6,7 +6,7 @@ owner: root group: root mode: "0644" - no_log: true + no_log: "{{ no_debug | default('true') }}" notify: - systemctl daemon-reload diff --git a/roles/mgrote_docker_compose_inline/tasks/main.yml b/roles/mgrote_docker_compose_inline/tasks/main.yml index 94a28ba1..10ad907e 100644 --- a/roles/mgrote_docker_compose_inline/tasks/main.yml +++ b/roles/mgrote_docker_compose_inline/tasks/main.yml @@ -26,7 +26,7 @@ src: "{{ item }}" dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') }}" with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -not -name *.j2 ').split('\n') }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: ensure templated files exists ansible.builtin.template: @@ -36,7 +36,7 @@ src: "{{ item }}" dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') | replace('.j2', '') }}" with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -name *.j2').split('\n') }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" register: copy_template - name: Ensure needed networks exists diff --git a/roles/mgrote_fileserver_smb/handlers/main.yml b/roles/mgrote_fileserver_smb/handlers/main.yml index d73e894c..ec9f1db0 100644 --- a/roles/mgrote_fileserver_smb/handlers/main.yml +++ b/roles/mgrote_fileserver_smb/handlers/main.yml @@ -12,4 +12,4 @@ #pipefail: https://blog.christophersmart.com/2019/09/28/using-pipefail-with-shell-module-in-ansible/ with_items: - "{{ smb_users }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" diff --git a/roles/mgrote_fileserver_smb/tasks/users.yml b/roles/mgrote_fileserver_smb/tasks/users.yml index 2dafe2be..1a9519a2 100644 --- a/roles/mgrote_fileserver_smb/tasks/users.yml +++ b/roles/mgrote_fileserver_smb/tasks/users.yml @@ -14,5 +14,5 @@ remove: "{{ item.remove_dir | default('false') }}" create_home: false loop: "{{ smb_users }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" notify: set samba passwords diff --git a/roles/mgrote_gitea_setup/tasks/admin.yml b/roles/mgrote_gitea_setup/tasks/admin.yml index 4adbd209..ef9bbc0d 100644 --- a/roles/mgrote_gitea_setup/tasks/admin.yml +++ b/roles/mgrote_gitea_setup/tasks/admin.yml @@ -6,7 +6,7 @@ # den jeweiligen group/host-Vars! - name: Check if Admin-User exists - no_log: true + no_log: "{{ no_debug | default('true') }}" become_user: gitea become: true ansible.builtin.command: | @@ -16,7 +16,7 @@ changed_when: false - name: Ensure Admin-User exists # noqa no-changed-when no-jinja-when - no_log: true + no_log: "{{ no_debug | default('true') }}" become_user: gitea become: true ansible.builtin.command: | diff --git a/roles/mgrote_gitea_setup/tasks/ldap.yml b/roles/mgrote_gitea_setup/tasks/ldap.yml index 7fbb7436..87213b85 100644 --- a/roles/mgrote_gitea_setup/tasks/ldap.yml +++ b/roles/mgrote_gitea_setup/tasks/ldap.yml @@ -5,7 +5,7 @@ # und # den jeweiligen group/host-Vars! - name: Ensure LDAP config is set up - no_log: true + no_log: "{{ no_debug | default('true') }}" become_user: gitea become: true ansible.builtin.command: | @@ -31,7 +31,7 @@ changed_when: "setup.rc == 0" # chnaged nur wenn Task rc 0 hat, sollte nur beim ersten lauf vorkommen; ungetestet - name: Modify LDAP config - no_log: true + no_log: "{{ no_debug | default('true') }}" become_user: gitea become: true ansible.builtin.command: | diff --git a/roles/mgrote_minio_configure/tasks/main.yml b/roles/mgrote_minio_configure/tasks/main.yml index 839eb268..621920ee 100644 --- a/roles/mgrote_minio_configure/tasks/main.yml +++ b/roles/mgrote_minio_configure/tasks/main.yml @@ -30,7 +30,7 @@ url: "{{ minio_url }}" state: "{{ item.state | default('present') }}" loop: "{{ minio_users }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" # Bug: delegate_to: localhost # in ansible-devspace wird das Python Paket "minio" nicht gefunden diff --git a/roles/mgrote_mount_cifs/tasks/main.yml b/roles/mgrote_mount_cifs/tasks/main.yml index 77e53fba..d2f02dd0 100644 --- a/roles/mgrote_mount_cifs/tasks/main.yml +++ b/roles/mgrote_mount_cifs/tasks/main.yml @@ -13,7 +13,7 @@ state: directory mode: "0777" loop: "{{ cifs_mounts }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" when: cifs_mounts is defined - name: create credential-file @@ -25,7 +25,7 @@ group: root mode: '0400' loop: "{{ cifs_mounts }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" when: cifs_mounts is defined - name: mount cifs volumes @@ -40,5 +40,5 @@ dump: "0" passno: "0" loop: "{{ cifs_mounts }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" when: cifs_mounts is defined diff --git a/roles/mgrote_munin_node/tasks/additional.yml b/roles/mgrote_munin_node/tasks/additional.yml index 64d49100..0ecbcfc5 100644 --- a/roles/mgrote_munin_node/tasks/additional.yml +++ b/roles/mgrote_munin_node/tasks/additional.yml @@ -9,7 +9,7 @@ force_basic_auth: true loop: "{{ munin_node_plugins }}" notify: restart munin-node - no_log: true + no_log: "{{ no_debug | default('true') }}" check_mode: false # damit werden auch im check-mode die Plugins heruntergeladen, sonst schlägt der nächste Task fehl - name: Enable additional plugins @@ -19,7 +19,7 @@ state: link notify: restart munin-node loop: "{{ munin_node_plugins }}" - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: Template additional plugin-config ansible.builtin.copy: @@ -31,7 +31,7 @@ notify: restart munin-node loop: "{{ munin_node_plugins }}" when: item.config is defined - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: Ensure munin-node is running ansible.builtin.service: diff --git a/roles/mgrote_pbs_pve_integration/tasks/main.yml b/roles/mgrote_pbs_pve_integration/tasks/main.yml index 0e371e27..2e406c9f 100644 --- a/roles/mgrote_pbs_pve_integration/tasks/main.yml +++ b/roles/mgrote_pbs_pve_integration/tasks/main.yml @@ -12,7 +12,7 @@ ansible.builtin.command: "pvesm add pbs {{ item.name }} --server {{ item.server }} --datastore {{ item.datastore }} --username {{ item.username }} --password {{ item.password }} --fingerprint {{ item.fingerprint }}" loop: "{{ pve_pbs_datastore }}" when: "item.name not in storages.stdout" - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: ensure datastore is configured become: true @@ -20,4 +20,4 @@ loop: "{{ pve_pbs_datastore }}" when: "item.name in storages.stdout" changed_when: false - no_log: true + no_log: "{{ no_debug | default('true') }}" diff --git a/roles/mgrote_pbs_users/tasks/main.yml b/roles/mgrote_pbs_users/tasks/main.yml index 72b00249..4e000c95 100644 --- a/roles/mgrote_pbs_users/tasks/main.yml +++ b/roles/mgrote_pbs_users/tasks/main.yml @@ -10,7 +10,7 @@ ansible.builtin.command: "proxmox-backup-manager user create {{ item.name }}@{{ item.realm }}" loop: "{{ pbs_users }}" when: "item.name not in users.stdout" - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: check again which users exist become: true @@ -24,4 +24,4 @@ loop: "{{ pbs_users }}" when: "item.name in users.stdout" changed_when: false - no_log: true + no_log: "{{ no_debug | default('true') }}" diff --git a/roles/mgrote_restic/tasks/main.yml b/roles/mgrote_restic/tasks/main.yml index 3e7b0450..39be585c 100644 --- a/roles/mgrote_restic/tasks/main.yml +++ b/roles/mgrote_restic/tasks/main.yml @@ -29,7 +29,7 @@ owner: "{{ restic_user }}" group: "{{ restic_group }}" mode: "0600" - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: templates excludes become: true @@ -49,7 +49,7 @@ owner: root group: root mode: "0600" - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: template restic.mount become: true diff --git a/roles/mgrote_rsync/tasks/source.yml b/roles/mgrote_rsync/tasks/source.yml index 4080e6ff..d80183ff 100644 --- a/roles/mgrote_rsync/tasks/source.yml +++ b/roles/mgrote_rsync/tasks/source.yml @@ -20,7 +20,7 @@ owner: "{{ rsync_mirror_user }}" group: "{{ rsync_mirror_user_group }}" mode: "0400" - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: Ensure rsync_mirror-Script is templated become: true diff --git a/roles/mgrote_users/tasks/main.yml b/roles/mgrote_users/tasks/main.yml index cde9e3a9..f9ca1ecd 100644 --- a/roles/mgrote_users/tasks/main.yml +++ b/roles/mgrote_users/tasks/main.yml @@ -5,7 +5,7 @@ loop: "{{ users }}" when: item.groups is defined become: false - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: Ensure groups exist ansible.builtin.group: @@ -13,7 +13,7 @@ state: present loop: '{{ groups_as_list }}' when: groups_as_list is defined - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: Ensure users exist ansible.builtin.user: @@ -26,7 +26,7 @@ createhome: "{{ item.createhome | default('yes') }}" state: "{{ item.state | default('present') }}" loop: '{{ users }}' - no_log: true + no_log: "{{ no_debug | default('true') }}" - name: Ensure user ssh-keys exist ansible.posix.authorized_key: @@ -35,7 +35,7 @@ state: "{{ item.state | default('present') }}" when: item.public_ssh_key is defined loop: '{{ users }}' - no_log: true + no_log: "{{ no_debug | default('true') }}" # teilweiser revert von https://git.mgrote.net/mg/homeserver/commit/506fa8da8d8c4ca74d0d78d044468b991d0d560a # das modul erstellt die sudoers falsch: @@ -58,4 +58,4 @@ mode: "0440" loop: '{{ users }}' when: item.allow_sudo|default(false) and item.allow_sudo is defined - no_log: true + no_log: "{{ no_debug | default('true') }}" -- 2.43.0 From 740060fda5aa035b5f379fb7d1473ca78d52408d Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 15:51:06 +0100 Subject: [PATCH 2/5] ff --- group_vars/all.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 49575290..1e56d488 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,6 +1,6 @@ --- ### wird in vielen Rollen verwendet -no_debug: true # when set to true "no_log" is also set to true +no_debug: false # when set to true "no_log" is also set to true ansible_facts_parallel: true ssh_public_key_mg: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKL8opSQ0rWVw9uCfbuiqmXq188OP4xh66MBTO3zV5jo heimserver_mg_v3 my_mail: michael.grote@posteo.de -- 2.43.0 From 115c7310e06917ac90f879c2d779925f2f42fe02 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 15:54:02 +0100 Subject: [PATCH 3/5] ff --- docker-compose/traefik/configuration.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index 03ee4ea0..c3cb9938 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -19,7 +19,7 @@ access_control: policy: one_factor subject: - 'group:authelia_wiki' - +# dfgdf session: name: authelia_session secret: {{ lookup('viczem.keepass.keepass', 'authelia/authelia_session_secret', 'password') }} -- 2.43.0 From 7b00ca90867fd25a6e393c152a31fb2ff6e92157 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 15:54:48 +0100 Subject: [PATCH 4/5] dsfg --- docker-compose/traefik/configuration.yml.j2 | 2 +- group_vars/all.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index c3cb9938..11e32e3a 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -19,7 +19,7 @@ access_control: policy: one_factor subject: - 'group:authelia_wiki' -# dfgdf +# dfgdfdfgdsfg session: name: authelia_session secret: {{ lookup('viczem.keepass.keepass', 'authelia/authelia_session_secret', 'password') }} diff --git a/group_vars/all.yml b/group_vars/all.yml index 1e56d488..49575290 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,6 +1,6 @@ --- ### wird in vielen Rollen verwendet -no_debug: false # when set to true "no_log" is also set to true +no_debug: true # when set to true "no_log" is also set to true ansible_facts_parallel: true ssh_public_key_mg: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKL8opSQ0rWVw9uCfbuiqmXq188OP4xh66MBTO3zV5jo heimserver_mg_v3 my_mail: michael.grote@posteo.de -- 2.43.0 From 7397b2aca3f343124aaa9edb2259de0e940dbfe4 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 15:56:03 +0100 Subject: [PATCH 5/5] dsfg --- docker-compose/traefik/configuration.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index 11e32e3a..03ee4ea0 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -19,7 +19,7 @@ access_control: policy: one_factor subject: - 'group:authelia_wiki' -# dfgdfdfgdsfg + session: name: authelia_session secret: {{ lookup('viczem.keepass.keepass', 'authelia/authelia_session_secret', 'password') }} -- 2.43.0