Browse Source

[TIDY] Update to ansible 4 module names

master
Jannik Beyerstedt 3 months ago
parent
commit
a2fc598416
  1. 20
      README.md
  2. 8
      handlers/main.yml
  3. 6
      tasks/borgbackup-Debian-stretch.yml
  4. 2
      tasks/borgbackup-Debian.yml
  5. 10
      tasks/borgbackup.yml
  6. 18
      tasks/caddy-install.yml
  7. 10
      tasks/caddy-setup.yml
  8. 4
      tasks/caddyserver.yml
  9. 12
      tasks/cronmails-Centos.yml
  10. 12
      tasks/cronmails-Debian.yml
  11. 6
      tasks/cronmails.yml
  12. 24
      tasks/docker-Debian.yml
  13. 4
      tasks/docker.yml
  14. 6
      tasks/dyndns.yml
  15. 4
      tasks/main.yml
  16. 2
      tasks/setup.yml
  17. 4
      tasks/telegraf-Centos.yml
  18. 10
      tasks/telegraf-Debian.yml
  19. 16
      tasks/telegraf.yml

20
README.md

@ -86,46 +86,46 @@ The different tasks should be used on a case-by-case basis:
hosts: servers
tasks:
- name: Servers - Generic setup tasks
import_role:
ansible.builtin.import_role:
name: server
tasks_from: setup
- name: Servers - Setup cronjob mails
import_role:
ansible.builtin.import_role:
name: server
tasks_from: cronmails
- name: Servers - Setup dyndns cronjob
import_role:
ansible.builtin.import_role:
name: server
tasks_from: dyndns
- name: Servers - Setup monitoring
import_role:
ansible.builtin.import_role:
name: server
tasks_from: telegraf
- name: Servers - Setup backups (if variables are set)
import_role:
ansible.builtin.import_role:
name: server
tasks_from: borgbackup
# Docker
- name: Servers - Install docker
import_role:
ansible.builtin.import_role:
name: server
tasks_from: docker
- name: Servers - Add telegraf to docker group
become: yes
user:
ansible.builtin.user:
name: telegraf
groups: docker
append: yes
# Caddy Webserver
- name: Servers - Install and setup caddy
import_role:
ansible.builtin.import_role:
name: server
tasks_from: caddyserver
- name: Servers - Start caddy service
become: yes
service:
ansible.builtin.service:
name: caddy
enabled: yes
state: started
@ -133,7 +133,7 @@ The different tasks should be used on a case-by-case basis:
# UFW Firewall
- name: Servers - Install UFW
become: yes
apt:
ansible.builtin.apt:
name: ufw
state: present
```

8
handlers/main.yml

@ -3,25 +3,25 @@
- name: Restart sshd
become: yes
service:
ansible.builtin.service:
name: ssh
state: restarted
- name: Enable caddy
become: yes
service:
ansible.builtin.service:
name: caddy
enabled: yes
- name: Restart caddy
become: yes
service:
ansible.builtin.service:
name: caddy
state: restarted
- name: Enable and restart caddy
become: yes
service:
ansible.builtin.service:
name: caddy
state: restarted
enabled: yes

6
tasks/borgbackup-Debian-stretch.yml

@ -9,7 +9,7 @@
- name: borgbackup - Add debian repo key
become: yes
apt_key:
ansible.builtin.apt_key:
keyserver: pgpkeys.mit.edu
id: 8B48AD6246925553
state: present
@ -17,14 +17,14 @@
- ansible_distribution_release == 'stretch'
- name: borgbackup - Add stretch-backports
become: yes
apt_repository:
ansible.builtin.apt_repository:
repo: deb http://ftp.debian.org/debian stretch-backports main
state: present
when:
- ansible_distribution_release == 'stretch'
- name: borgbackup - Install borgbackup from stretch-backports
become: yes
apt:
ansible.builtin.apt:
name: borgbackup
state: latest
default_release: stretch-backports

2
tasks/borgbackup-Debian.yml

@ -9,7 +9,7 @@
- name: borgbackup - Install borgbackup
become: yes
apt:
ansible.builtin.apt:
name: borgbackup
state: present
when:

10
tasks/borgbackup.yml

@ -6,7 +6,7 @@
# - borgbackup_hostname
- name: borgbackup - Install
include_tasks: "{{ item }}"
ansible.builtin.include_tasks: "{{ item }}"
with_first_found:
- "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "borgbackup-{{ ansible_distribution }}.yml"
@ -20,7 +20,7 @@
# copy backup script and enable cronjob
- name: borgbackup - Copy Borgbackup script
become: yes
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/borgbackup.sh"
dest: /usr/local/bin/borgbackup.sh
owner: "{{ ansible_user_id }}"
@ -32,7 +32,7 @@
- borgbackup_hostname is defined
- name: borgbackup - Run Borgbackup script at 1:00 daily
become: yes
cron:
ansible.builtin.cron:
name: "Create Backup"
minute: "0"
hour: "1"
@ -47,12 +47,12 @@
block:
- name: borgbackup - Remove Borgbackup script if no borgbackup config
become: yes
file:
ansible.builtin.file:
path: /usr/local/bin/borgbackup.sh
state: absent
- name: borgbackup - Remove Cronjob if no borgbackup config
become: yes
cron:
ansible.builtin.cron:
name: "Create Backup"
minute: "0"
hour: "1"

18
tasks/caddy-install.yml

@ -2,12 +2,12 @@
# Server/Caddyserver-Install: Install/Update Caddy Webserver (with some modules)
- name: caddyserver - Create cache directory
file:
ansible.builtin.file:
path: "{{ caddy_cachedir }}"
state: directory
- name: caddyserver - Get all caddy releases
get_url:
ansible.builtin.get_url:
url: https://api.github.com/repos/caddyserver/caddy/git/refs/tags
dest: "{{ caddy_cachedir }}/releases.txt"
force: yes
@ -16,13 +16,13 @@
- name: caddyserver - Install or update
block:
- name: caddyserver - Make temp download directory
file:
ansible.builtin.file:
path: "{{ caddy_cachedir }}/tmp"
state: directory
- name: caddyserver - Download caddy webserver (amd64)
become: yes
get_url:
ansible.builtin.get_url:
url: "https://caddyserver.com/api/download?os=linux&arch=amd64"
dest: "{{ caddy_cachedir }}/tmp/caddy"
group: root
@ -31,7 +31,7 @@
when: ansible_architecture == "x86_64"
- name: caddyserver - Download caddy webserver (armv7/ raspberry pi)
become: yes
get_url:
ansible.builtin.get_url:
url: "https://caddyserver.com/api/download?os=linux&arch=arm&arm=7"
dest: "{{ caddy_cachedir }}/tmp/caddy"
group: root
@ -40,7 +40,7 @@
when: ansible_architecture == "armv7l"
- name: caddyserver - Download caddy webserver (arm64)
become: yes
get_url:
ansible.builtin.get_url:
url: "https://caddyserver.com/api/download?os=linux&arch=arm64"
dest: "{{ caddy_cachedir }}/tmp/caddy"
group: root
@ -50,17 +50,17 @@
- name: caddyserver - Stop caddy
become: yes
service:
ansible.builtin.service:
name: caddy
state: stopped
ignore_errors: yes
- name: caddyserver - Copy caddy to a PATH location
become: yes
shell: "cp {{ caddy_cachedir }}/tmp/caddy /usr/local/bin"
ansible.builtin.shell: "cp {{ caddy_cachedir }}/tmp/caddy /usr/local/bin"
- name: caddyserver - Clean up download files
become: yes
file:
ansible.builtin.file:
path: "{{ caddy_cachedir }}/tmp"
state: absent
when: caddy_releases_cache.changed

10
tasks/caddy-setup.yml

@ -3,7 +3,7 @@
- name: caddyserver - Add www-data system user
become: yes
user:
ansible.builtin.user:
name: www-data
create_home: no
system: yes
@ -11,7 +11,7 @@
state: present
- name: caddyserver - Add Caddy directories
become: yes
file:
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: www-data
@ -22,7 +22,7 @@
- /etc/caddy
- name: caddyserver - Add Caddy home directory
become: yes
file:
ansible.builtin.file:
path: /var/www
state: directory
owner: www-data
@ -30,7 +30,7 @@
mode: 0555
- name: caddyserver - Copy Caddy systemd service file
become: yes
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/caddy.service"
dest: /etc/systemd/system/caddy.service
owner: root
@ -39,7 +39,7 @@
- name: caddyserver - Add standard user to www-data group
become: yes
user:
ansible.builtin.user:
name: "{{ ansible_user_id }}"
groups: www-data
append: yes

4
tasks/caddyserver.yml

@ -3,8 +3,8 @@
# ATTENTION: No Caddyfile is created yet and caddy is not enabled or started!
- name: caddyserver - Install caddy server
include_tasks: "caddy-install.yml"
ansible.builtin.include_tasks: "caddy-install.yml"
- name: caddyserver - Setup caddy server
include_tasks: "caddy-setup.yml"
ansible.builtin.include_tasks: "caddy-setup.yml"
when: caddy_email is defined

12
tasks/cronmails-Centos.yml

@ -4,7 +4,7 @@
# Install exim
- name: cronmails - Install exim4 as MTA
become: yes
yum:
ansible.builtin.yum:
name: "{{ packages }}"
state: present
vars:
@ -14,29 +14,29 @@
# Configure exim
- name: cronmails - Create exim config folder
become: yes
file:
ansible.builtin.file:
path: /etc/exim
state: directory
# TODO: exim config works quite differently on CentOS compared to Debian!!!
# # - name: cronmails - Copy exim config template
# # become: yes
# # copy:
# # ansible.builtin.copy:
# # src: "{{ role_path }}/files/exim4.conf.template"
# # dest: /etc/exim/exim.conf.template
# # register: cronmails_conftmp_update
# # - name: cronmails - Copy exim config file
# # become: yes
# # template:
# # ansible.builtin.template:
# # src: "{{ role_path }}/templates/update-exim4.conf.conf"
# # dest: /etc/exim/update-exim.conf.conf
# # register: cronmails_conffile_update
# # - name: cronmails - Run update-exim.conf
# # become: yes
# # shell: "update-exim.conf"
# # ansible.builtin.shell: "update-exim.conf"
# # when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
# - name: cronmails - Enable and start exim
# become: yes
# service:
# ansible.builtin.service:
# name: exim
# state: started
# enabled: yes

12
tasks/cronmails-Debian.yml

@ -4,7 +4,7 @@
# Install exim
- name: cronmails - Install exim4 as MTA
become: yes
apt:
ansible.builtin.apt:
name: "{{ packages }}"
state: present
vars:
@ -15,28 +15,28 @@
# Configure exim
- name: cronmails - Create exim4 config folder
become: yes
file:
ansible.builtin.file:
path: /etc/exim4
state: directory
- name: cronmails - Copy exim4 config template
become: yes
copy:
ansible.builtin.copy:
src: "{{ role_path }}/files/exim4.conf.template"
dest: /etc/exim4/exim4.conf.template
register: cronmails_conftmp_update
- name: cronmails - Copy exim4 config file
become: yes
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/update-exim4.conf.conf"
dest: /etc/exim4/update-exim4.conf.conf
register: cronmails_conffile_update
- name: cronmails - Run update-exim4.conf
become: yes
shell: "update-exim4.conf"
ansible.builtin.shell: "update-exim4.conf"
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
- name: cronmails - Enable and start exim4
become: yes
service:
ansible.builtin.service:
name: exim4
state: started
enabled: yes

6
tasks/cronmails.yml

@ -3,7 +3,7 @@
# Install and configure exim
- name: cronmails - Install exim4
include_tasks: "{{ item }}"
ansible.builtin.include_tasks: "{{ item }}"
with_first_found:
- "cronmails-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "cronmails-{{ ansible_distribution }}.yml"
@ -13,13 +13,13 @@
# Set cronjob env variables/ settings
- name: cronmails - Crontab set path
become: yes
cron:
ansible.builtin.cron:
name: PATH
env: yes
value: /bin:/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
- name: cronmails - Crontab set mailto
become: yes
cron:
ansible.builtin.cron:
name: MAILTO
env: yes
value: "{{ cron_email }}"

24
tasks/docker-Debian.yml

@ -5,13 +5,13 @@
# Detect some more host facts
- name: docker - Detect architecture
shell: dpkg --print-architecture
ansible.builtin.shell: dpkg --print-architecture
register: dpkg_arch
# Install docker CE
- name: docker - Install docker CE APT dependencies
become: yes
apt:
ansible.builtin.apt:
name: "{{ packages }}"
state: present
vars:
@ -23,27 +23,27 @@
- software-properties-common
- name: docker - Add docker CE repo key
become: yes
apt_key:
ansible.builtin.apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
# IMPORTANT: raspbian needs deb [arch=armhf] https://download.docker.com/linux/raspbian ...
- name: docker - Add docker CE repo (Debian)
become: yes
apt_repository:
ansible.builtin.apt_repository:
repo: "deb [arch={{ dpkg_arch.stdout }}] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
state: present
when: ansible_facts['lsb']['id'] != "Raspbian"
- name: docker - Add docker CE repo (Raspbian)
become: yes
apt_repository:
ansible.builtin.apt_repository:
repo: "deb [arch={{ dpkg_arch.stdout }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
state: present
when: ansible_facts['lsb']['id'] == "Raspbian"
- name: docker - Install docker CE
become: yes
apt:
ansible.builtin.apt:
name: docker-ce
state: latest
install_recommends: no
@ -54,14 +54,14 @@
# docker only provides pre-compiled binaries for x86_64, but not for armhf/ arm64!
# but ansible needs the python package anyway
- name: docker-compose - Discover if ARM is used
set_fact:
ansible.builtin.set_fact:
dockercompose_use_pip: true
when: ansible_architecture == "aarch64" or ansible_architecture == "armv7l"
- name: docker-compose - Install x86_46 binary
block:
- name: docker-compose - Get version number of stable
shell: |
ansible.builtin.shell: |
curl -s https://api.github.com/repos/docker/compose/releases/latest \
| grep tag_name \
| cut -d '"' -f 4
@ -70,13 +70,13 @@
register: latest_dc_version
- name: docker-compose - Download and install
become: yes
get_url:
ansible.builtin.get_url:
url: "https://github.com/docker/compose/releases/download/{{ latest_dc_version.stdout }}/docker-compose-Linux-x86_64"
dest: /usr/local/bin/docker-compose
force: yes # otherwise updates will not be downloaded
- name: docker-compose - Make docker-compose executable
become: yes
file:
ansible.builtin.file:
path: /usr/local/bin/docker-compose
mode: 0755
when: dockercompose_use_pip == false and ansible_architecture == "x86_64"
@ -84,7 +84,7 @@
block:
- name: docker-compose - Install requirements
become: yes
apt:
ansible.builtin.apt:
name: "{{ packages }}"
state: present
vars:
@ -93,7 +93,7 @@
- python3-setuptools
- name: docker-compose - Install using pip3
become: yes
pip:
ansible.builtin.pip:
name: docker-compose
executable: pip3
when: dockercompose_use_pip == true

4
tasks/docker.yml

@ -4,7 +4,7 @@
# - dockercompose_use_pip: boolean to use pip instead of manual download (default: false)
- name: docker - Install
include_tasks: "{{ item }}"
ansible.builtin.include_tasks: "{{ item }}"
with_first_found:
- "docker-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "docker-{{ ansible_distribution }}.yml"
@ -13,7 +13,7 @@
# Other setup tasks
- name: docker - Add standard user to docker group
become: yes
user:
ansible.builtin.user:
name: "{{ ansible_user_id }}"
groups: docker
append: yes

6
tasks/dyndns.yml

@ -3,13 +3,13 @@
- name: dyndns - Install needed tools
become: yes
package:
ansible.builtin.package:
name: curl
state: present
- name: dyndns - Copy dynDNS script
become: yes
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/ddns-hosts.sh"
dest: /usr/local/bin/ddns-hosts.sh
owner: "{{ ansible_user_id }}"
@ -17,7 +17,7 @@
mode: 0775
- name: "dyndns - Create cronjob for {{ ddns_zone }} dynDNS script"
become: yes
cron:
ansible.builtin.cron:
name: "{{ ddns_zone }} dynDNS"
minute: "*/5"
hour: "*"

4
tasks/main.yml

@ -4,7 +4,7 @@
# Activate them on a case-by-case basis.
- name: Basic setup
import_tasks: setup.yml
ansible.builtin.import_tasks: setup.yml
- name: Setup cronjob mails
import_tasks: cronmails.yml
ansible.builtin.import_tasks: cronmails.yml

2
tasks/setup.yml

@ -4,7 +4,7 @@
# SSH
- name: setup - Copy sshd_config
become: yes
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/sshd_config.j2"
dest: "/etc/ssh/sshd_config"
backup: yes

4
tasks/telegraf-Centos.yml

@ -3,7 +3,7 @@
- name: telegraf - Add telegraf repo
become: yes
yum_repository:
ansible.builtin.yum_repository:
name: influxdb
description: InfluxDB Repository
baseurl: https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable
@ -12,7 +12,7 @@
gpgkey: https://repos.influxdata.com/influxdb.key
- name: telegraf - Install telegraf
become: yes
yum:
ansible.builtin.yum:
name: telegraf
state: latest
update_cache: yes

10
tasks/telegraf-Debian.yml

@ -3,22 +3,22 @@
- name: telegraf - Install apt-transport-https
become: yes
apt:
ansible.builtin.apt:
name: apt-transport-https
state: present
- name: telegraf - Add telegraf repo key
become: yes
apt_key:
ansible.builtin.apt_key:
url: https://repos.influxdata.com/influxdb.key
state: present
- name: telegraf - Add telegraf repo
become: yes
apt_repository:
ansible.builtin.apt_repository:
repo: "deb https://repos.influxdata.com/debian {{ ansible_distribution_release }} stable"
state: present
- name: telegraf - Install telegraf
become: yes
apt:
ansible.builtin.apt:
name: telegraf
state: latest
update_cache: yes
@ -27,7 +27,7 @@
# Install SNMP utilities for telegraf monitoring
- name: telegraf - Install SNMP utilities
become: yes
apt:
ansible.builtin.apt:
name: "{{ packages }}"
state: present
vars:

16
tasks/telegraf.yml

@ -3,7 +3,7 @@
# Install
- name: telegraf - Install telegraf
include_tasks: "{{ item }}"
ansible.builtin.include_tasks: "{{ item }}"
with_first_found:
- "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
- "telegraf-{{ ansible_distribution }}.yml"
@ -14,19 +14,19 @@
become: yes
block:
- name: SNMP - Download and install Ubiquiti MIB
copy:
ansible.builtin.copy:
src: "{{ role_path }}/files/UBNT-MIB.txt"
dest: /usr/share/snmp/mibs/UBNT-MIB
- name: SNMP - Download and install Ubiquiti MIB
copy:
ansible.builtin.copy:
src: "{{ role_path }}/files/UBNT-AirMAX-MIB.txt"
dest: /usr/share/snmp/mibs/UBNT-AirMAX-MIB
- name: SNMP - Download and install UniFi MIB
copy:
ansible.builtin.copy:
src: "{{ role_path }}/files/UBNT-UniFi-MIB.txt"
dest: /usr/share/snmp/mibs/UBNT-UniFi-MIB
- name: SNMP - Setup snmp.conf
lineinfile:
ansible.builtin.lineinfile:
name: /etc/snmp/snmp.conf
line: mibs +ALL
create: yes
@ -35,21 +35,21 @@
# Configure
- name: telegraf - Copy telegraf config (Linux)
become: yes
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/telegraf.conf.j2"
dest: /etc/telegraf/telegraf.conf
when: (override_os_family is defined) | ternary(override_os_family,ansible_os_family) != "FreeBSD"
- name: telegraf - Copy telegraf config (FreeBSD)
become: yes
template:
ansible.builtin.template:
src: "{{ role_path }}/templates/telegraf.conf.j2"
dest: /usr/local/etc/telegraf.conf
when: (override_os_family is defined) | ternary(override_os_family,ansible_os_family) == "FreeBSD"
- name: telegraf - Enable and restart telegraf
become: yes
service:
ansible.builtin.service:
name: telegraf
state: restarted
enabled: yes

Loading…
Cancel
Save