99 lines
2.5 KiB
YAML
99 lines
2.5 KiB
YAML
- hosts: storage
|
|
vars:
|
|
ansible_ssh_user: pi
|
|
ansible_sudo_pass: pi
|
|
ansible_ssh_pass: pi
|
|
ansible_host: "{{ ip_before_reboot }}"
|
|
roles:
|
|
- role: dns
|
|
tags: dns
|
|
- role: network_interfaces
|
|
tags: network_interfaces, network
|
|
- role: base
|
|
tags: base
|
|
- role: chrony
|
|
- role: ansible-role-docker
|
|
tags: docker
|
|
- role: base_users
|
|
tags: users, auth
|
|
|
|
- name: install oh-my-zsh and delete user pi
|
|
hosts: storage
|
|
tasks:
|
|
- name: "Run ansible-role-oh-my-zsh"
|
|
include_role:
|
|
name: "ansible-role-oh-my-zsh"
|
|
vars:
|
|
omz_user: "{{ item }}"
|
|
with_items: "{{ base_users }}"
|
|
- name: "Deactivate user pi"
|
|
ansible.builtin.user:
|
|
name: "pi"
|
|
shell: "/bin/false"
|
|
groups: "nogroup"
|
|
|
|
# - name: deploy nftables Debian
|
|
# hosts: storage
|
|
# roles:
|
|
# - role: base_nftables
|
|
# tags: [ base_nftables, nft ]
|
|
|
|
- name: override logrotate timer schedule
|
|
hosts: storage
|
|
tags: logrotate_timer
|
|
tasks:
|
|
- name: Create the directory if it does not exist
|
|
file:
|
|
path: /etc/systemd/system/logrotate.timer.d
|
|
state: directory
|
|
mode: '0755'
|
|
owner: root
|
|
group: root
|
|
- name: Copy logrotate.timer
|
|
copy:
|
|
dest: /etc/systemd/system/logrotate.timer.d/override.conf
|
|
content: |
|
|
[Timer]
|
|
OnCalendar=hourly
|
|
AccuracySec=1m
|
|
mode: '0755'
|
|
owner: root
|
|
group: root
|
|
- name: Restart logrotate.timer
|
|
systemd:
|
|
name: logrotate.timer
|
|
daemon_reload: true
|
|
|
|
- name: "Mount new /var/log and move logs"
|
|
hosts: storage
|
|
tags: [ mount, logs ]
|
|
roles:
|
|
- role: lingling9000.btrfssubvol
|
|
tags: btrfssubvol
|
|
when: has_var_log_mount
|
|
tasks:
|
|
- name: "Check if /var/log/journal exists"
|
|
stat:
|
|
path: /var/log/journal
|
|
register: _var_log_stat
|
|
when: has_var_log_mount
|
|
|
|
- name: "Move logs to new directory"
|
|
when:
|
|
- has_var_log_mount
|
|
- _var_log_stat.stat.isdir is not defined or not _var_log_stat.stat.isdir
|
|
block:
|
|
- name: "Mount original rootfs and move files"
|
|
shell: "mkdir /tmp/mnt-rootfs && mount --bind / /tmp/mnt-rootfs && mv /tmp/mnt-rootfs/var/log/* /var/log/ && umount /tmp/mnt-rootfs && rmdir /tmp/mnt-rootfs"
|
|
rescue:
|
|
- name: "Unmount rootfs"
|
|
shell: "umount /tmp/mnt-rootfs && rmdir /tmp/mnt-rootfs"
|
|
|
|
# - name: install victoria exporters
|
|
# hosts: storage
|
|
# gather_facts: yes
|
|
# roles:
|
|
# - role: cadvisor
|
|
# tags:
|
|
# - monitoring
|
|
# - cadvisor |