Michael Grote
28f22968da
Reviewed-on: #127
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
ci: testing deployment (#128)
Reviewed-on: #128
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
ci: test
ci: enable deployment
ci: set ssh-key for deployment
ci: debug
ci: deactivate ansible-lint temporarily
ci: deactivate ansible-galaxy temporarily
ci: debug ssh-key shell redirect
ci: base64
ci: debug
ci: debug
ci: fix output
Revert "ci: deactivate ansible-lint temporarily"
This reverts commit 6729342f26
.
ci: fix vault-pass secret
pbs_integration: enable no_log
ci: debug ansible-vault
ci: debug
ci: ansible-vault + move to viczem.keepass (#130)
Reviewed-on: #130
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
ff
plugin umbennennugn
ff
115 lines
4 KiB
YAML
115 lines
4 KiB
YAML
---
|
|
### mgrote_netplan
|
|
netplan_configure: false
|
|
|
|
### mgrote_user
|
|
users:
|
|
- username: root
|
|
password: "{{ lookup('viczem.keepass.keepass', 'root_linux_password_hash_proxmox', 'password') }}"
|
|
update_password: always
|
|
groups: ssh, sudo, root
|
|
state: present
|
|
allow_sudo: true
|
|
allow_passwordless_sudo: true
|
|
- username: mg
|
|
password: "{{ lookup('viczem.keepass.keepass', 'mg_linux_password_hash', 'password') }}"
|
|
update_password: always
|
|
groups: ssh, sudo
|
|
state: present
|
|
public_ssh_key: "{{ ssh_public_key_mg }}"
|
|
allow_sudo: true
|
|
allow_passwordless_sudo: true
|
|
- username: ansible-user
|
|
password: "{{ lookup('viczem.keepass.keepass', 'ansible_user_linux_password_hash', 'password') }}"
|
|
update_password: always
|
|
groups: ssh, sudo
|
|
state: present
|
|
public_ssh_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJcBwOjanQV6sFWaTetqpl20SVe3aRzGjKbsp7hKkDCE mg@irantu
|
|
allow_sudo: true
|
|
allow_passwordless_sudo: true
|
|
|
|
### mgrote_cv4pve_autosnap
|
|
cv4pve_api_user: root@pam!cv4pve-autosnap
|
|
cv4pve_api_token: "{{ lookup('viczem.keepass.keepass', 'cv4pve_api_token', 'password') }}"
|
|
cv4pve_vmid: all,-115
|
|
cv4pve_keep_snapshots: 5
|
|
cv4pve_version: v1.14.10
|
|
|
|
### mgrote_apt_manage_packages
|
|
apt_packages_extra:
|
|
- ifupdown2
|
|
- bmon
|
|
- qemu-guest-agent
|
|
- open-vm-tools
|
|
- systemd-boot
|
|
|
|
### mgrote_munin_node
|
|
munin_node_plugins:
|
|
- name: chrony
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/chrony/chrony
|
|
- name: systemd_status
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/systemd/systemd_status
|
|
- name: systemd_mem
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/systemd/systemd_mem
|
|
config: |
|
|
[systemd_mem]
|
|
env.all_services true
|
|
- name: fail2ban
|
|
src: https://git.mgrote.net/mg/munin-plugins/raw/branch/master/extern/fail2ban
|
|
config: |
|
|
[fail2ban]
|
|
env.client /usr/bin/fail2ban-client
|
|
env.config_dir /etc/fail2ban
|
|
user root
|
|
- name: zfs_arcstats
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/zfs/zfs_arcstats
|
|
- name: zfsonlinux_stats_
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/zfs/zfsonlinux_stats_
|
|
- name: zpool_iostat
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/zfs/zpool_iostat
|
|
- name: zfs_list
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/zfs/zfs_list
|
|
config: |
|
|
[zfs_list]
|
|
env.ignore_datasets_pattern autodaily
|
|
- name: zpool_capacity
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/zfs/zpool_capacity
|
|
- name: kvm_mem
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/libvirt/kvm_mem
|
|
- name: kvm_net
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/libvirt/kvm_net
|
|
- name: kvm_io
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/libvirt/kvm_io
|
|
config: |
|
|
[kvm_io]
|
|
user root
|
|
- name: kvm_cpu
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/libvirt/kvm_cpu
|
|
- name: proxmox_count
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/proxmox/proxmox_vm_count
|
|
config: |
|
|
[proxmox_count]
|
|
user root
|
|
group root
|
|
- name: zfs_count
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/zfs/zfs_pool_dataset_count
|
|
- name: ksm_
|
|
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/system/kernel_same_page_merging
|
|
munin_node_disabled_plugins:
|
|
- meminfo # zu hohe last
|
|
- hddtemp2 # ersetzt durch hddtemp_smartctl
|
|
- ntp # verursacht zu viele dns ptr request
|
|
- hddtempd # ersetzt durch hddtemp_smartctl
|
|
- squid_cache # proxmox
|
|
- squid_objectsize # proxmox
|
|
- squid_requests # proxmox
|
|
- squid_traffic # proxmox
|
|
- lvm_
|
|
- slab
|
|
- timesync
|
|
- lxc_guests
|
|
|
|
# Ansible Variablen
|
|
### sudo
|
|
sudo: false
|
|
...
|