[TIDY] Set some "diff: false", fix linter warnings

This commit is contained in:
Jannik Beyerstedt 2023-04-28 23:25:21 +02:00
parent f97ef4dee6
commit fe97b0ae76
19 changed files with 189 additions and 175 deletions

View file

@ -117,11 +117,11 @@ The different tasks should be used on a case-by-case basis:
name: server name: server
tasks_from: docker tasks_from: docker
- name: Servers - Add telegraf to docker group - name: Servers - Add telegraf to docker group
become: yes become: true
ansible.builtin.user: ansible.builtin.user:
name: telegraf name: telegraf
groups: docker groups: docker
append: yes append: true
# Caddy Webserver # Caddy Webserver
- name: Servers - Install and setup caddy - name: Servers - Install and setup caddy
@ -129,7 +129,7 @@ The different tasks should be used on a case-by-case basis:
name: server name: server
tasks_from: caddyserver tasks_from: caddyserver
- name: Servers - Start caddy service - name: Servers - Start caddy service
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: caddy name: caddy
enabled: yes enabled: yes
@ -137,7 +137,7 @@ The different tasks should be used on a case-by-case basis:
# UFW Firewall # UFW Firewall
- name: Servers - Install UFW - name: Servers - Install UFW
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: ufw name: ufw
state: present state: present

View file

@ -2,26 +2,26 @@
# handlers file for server # handlers file for server
- name: Restart sshd - name: Restart sshd
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: ssh name: ssh
state: restarted state: restarted
- name: Enable caddy - name: Enable caddy
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: caddy name: caddy
enabled: yes enabled: true
- name: Restart caddy - name: Restart caddy
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: caddy name: caddy
state: restarted state: restarted
- name: Enable and restart caddy - name: Enable and restart caddy
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: caddy name: caddy
state: restarted state: restarted
enabled: yes enabled: true

View file

@ -7,31 +7,32 @@
# For Debian Stretch, use a newer package version from backports # For Debian Stretch, use a newer package version from backports
- name: borgbackup - Add debian repo key - name: Borgbackup - Add debian repo key
when: when:
- ansible_distribution_release == 'stretch' - ansible_distribution_release == 'stretch'
become: yes become: true
ansible.builtin.apt_key: ansible.builtin.apt_key:
keyserver: pgpkeys.mit.edu keyserver: pgpkeys.mit.edu
id: 8B48AD6246925553 id: 8B48AD6246925553
state: present state: present
- name: borgbackup - Add stretch-backports - name: Borgbackup - Add stretch-backports
when: when:
- ansible_distribution_release == 'stretch' - ansible_distribution_release == 'stretch'
become: yes become: true
ansible.builtin.apt_repository: ansible.builtin.apt_repository:
repo: deb http://ftp.debian.org/debian stretch-backports main repo: deb http://ftp.debian.org/debian stretch-backports main
state: present state: present
- name: borgbackup - Install borgbackup from stretch-backports - name: Borgbackup - Install borgbackup from stretch-backports
when: when:
- borgbackup_passphrase is defined - borgbackup_passphrase is defined
- borgbackup_repo is defined - borgbackup_repo is defined
- borgbackup_hostname is defined - borgbackup_hostname is defined
- ansible_distribution_release == 'stretch' - ansible_distribution_release == 'stretch'
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: borgbackup name: borgbackup
state: latest state: latest
default_release: stretch-backports default_release: stretch-backports
update_cache: yes update_cache: true
cache_valid_time: 3600 cache_valid_time: 3600
diff: false

View file

@ -7,13 +7,14 @@
# For all other Debian versions, simply install borgbackup # For all other Debian versions, simply install borgbackup
- name: borgbackup - Install borgbackup - name: Borgbackup - Install borgbackup
when: when:
- borgbackup_passphrase is defined - borgbackup_passphrase is defined
- borgbackup_repo is defined - borgbackup_repo is defined
- borgbackup_hostname is defined - borgbackup_hostname is defined
- ansible_distribution_release != 'stretch' - ansible_distribution_release != 'stretch'
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: borgbackup name: borgbackup
state: present state: present
diff: false

View file

@ -5,13 +5,13 @@
# - borgbackup_repo # - borgbackup_repo
# - borgbackup_hostname # - borgbackup_hostname
- name: borgbackup - Install - name: Borgbackup - Install
when: when:
- borgbackup_passphrase is defined - borgbackup_passphrase is defined
- borgbackup_repo is defined - borgbackup_repo is defined
- borgbackup_hostname is defined - borgbackup_hostname is defined
block: block:
- name: borgbackup - Install application - name: Borgbackup - Install application
ansible.builtin.include_tasks: "{{ item }}" ansible.builtin.include_tasks: "{{ item }}"
with_first_found: with_first_found:
- "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml" - "borgbackup-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
@ -20,16 +20,16 @@
ignore_errors: true ignore_errors: true
# copy backup script and enable cronjob # copy backup script and enable cronjob
- name: borgbackup - Copy Borgbackup script - name: Borgbackup - Copy Borgbackup script
become: yes become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ role_path }}/templates/borgbackup.sh" src: "{{ role_path }}/templates/borgbackup.sh"
dest: /usr/local/bin/borgbackup.sh dest: /usr/local/bin/borgbackup.sh
owner: "{{ ansible_user_id }}" owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}" group: "{{ ansible_user_id }}"
mode: 0775 mode: "0775"
- name: borgbackup - Run Borgbackup script at 1:00 daily - name: Borgbackup - Run Borgbackup script at 1:00 daily
become: yes become: true
ansible.builtin.cron: ansible.builtin.cron:
name: "Create Backup" name: "Create Backup"
minute: "0" minute: "0"
@ -37,16 +37,16 @@
job: "/usr/local/bin/borgbackup.sh" job: "/usr/local/bin/borgbackup.sh"
# safeguard, if the host variables were removed # safeguard, if the host variables were removed
- name: borgbackup - Uninstall - name: Borgbackup - Uninstall
when: (borgbackup_passphrase is not defined) or (borgbackup_repo is not defined) or (borgbackup_hostname is not defined) when: (borgbackup_passphrase is not defined) or (borgbackup_repo is not defined) or (borgbackup_hostname is not defined)
block: block:
- name: borgbackup - Remove Borgbackup script if no borgbackup config - name: Borgbackup - Remove Borgbackup script if no borgbackup config
become: yes become: true
ansible.builtin.file: ansible.builtin.file:
path: /usr/local/bin/borgbackup.sh path: /usr/local/bin/borgbackup.sh
state: absent state: absent
- name: borgbackup - Remove Cronjob if no borgbackup config - name: Borgbackup - Remove Cronjob if no borgbackup config
become: yes become: true
ansible.builtin.cron: ansible.builtin.cron:
name: "Create Backup" name: "Create Backup"
minute: "0" minute: "0"

View file

@ -1,66 +1,66 @@
--- ---
# Server/Caddyserver-Install: Install/Update Caddy Webserver (with some modules) # Server/Caddyserver-Install: Install/Update Caddy Webserver (with some modules)
- name: caddyserver - Create cache directory - name: Caddyserver - Create cache directory
ansible.builtin.file: ansible.builtin.file:
path: "{{ caddy_cachedir }}" path: "{{ caddy_cachedir }}"
state: directory state: directory
- name: caddyserver - Get all caddy releases - name: Caddyserver - Get all caddy releases
ansible.builtin.get_url: ansible.builtin.get_url:
url: https://api.github.com/repos/caddyserver/caddy/git/refs/tags url: https://api.github.com/repos/caddyserver/caddy/git/refs/tags
dest: "{{ caddy_cachedir }}/releases.txt" dest: "{{ caddy_cachedir }}/releases.txt"
force: yes force: true
register: caddy_releases_cache register: caddy_releases_cache
- name: caddyserver - Install or update - name: Caddyserver - Install or update
when: caddy_releases_cache.changed when: caddy_releases_cache.changed
block: block:
- name: caddyserver - Make temp download directory - name: Caddyserver - Make temp download directory
ansible.builtin.file: ansible.builtin.file:
path: "{{ caddy_cachedir }}/tmp" path: "{{ caddy_cachedir }}/tmp"
state: directory state: directory
- name: caddyserver - Download caddy webserver (amd64) - name: Caddyserver - Download caddy webserver (amd64)
when: ansible_architecture == "x86_64" when: ansible_architecture == "x86_64"
become: yes become: true
ansible.builtin.get_url: ansible.builtin.get_url:
url: "https://caddyserver.com/api/download?os=linux&arch=amd64" url: "https://caddyserver.com/api/download?os=linux&arch=amd64"
dest: "{{ caddy_cachedir }}/tmp/caddy" dest: "{{ caddy_cachedir }}/tmp/caddy"
group: root group: root
owner: root owner: root
mode: 0755 mode: "0755"
- name: caddyserver - Download caddy webserver (armv7/ raspberry pi) - name: Caddyserver - Download caddy webserver (armv7/ raspberry pi)
when: ansible_architecture == "armv7l" when: ansible_architecture == "armv7l"
become: yes become: true
ansible.builtin.get_url: ansible.builtin.get_url:
url: "https://caddyserver.com/api/download?os=linux&arch=arm&arm=7" url: "https://caddyserver.com/api/download?os=linux&arch=arm&arm=7"
dest: "{{ caddy_cachedir }}/tmp/caddy" dest: "{{ caddy_cachedir }}/tmp/caddy"
group: root group: root
owner: root owner: root
mode: 0755 mode: "0755"
- name: caddyserver - Download caddy webserver (arm64) - name: Caddyserver - Download caddy webserver (arm64)
when: ansible_architecture == "aarch64" when: ansible_architecture == "aarch64"
become: yes become: true
ansible.builtin.get_url: ansible.builtin.get_url:
url: "https://caddyserver.com/api/download?os=linux&arch=arm64" url: "https://caddyserver.com/api/download?os=linux&arch=arm64"
dest: "{{ caddy_cachedir }}/tmp/caddy" dest: "{{ caddy_cachedir }}/tmp/caddy"
group: root group: root
owner: root owner: root
mode: 0755 mode: "0755"
- name: caddyserver - Stop caddy - name: Caddyserver - Stop caddy
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: caddy name: caddy
state: stopped state: stopped
ignore_errors: yes ignore_errors: true
- name: caddyserver - Copy caddy to a PATH location - name: Caddyserver - Copy caddy to a PATH location
become: yes become: true
ansible.builtin.shell: "cp {{ caddy_cachedir }}/tmp/caddy /usr/local/bin" ansible.builtin.shell: "cp {{ caddy_cachedir }}/tmp/caddy /usr/local/bin"
- name: caddyserver - Clean up download files - name: Caddyserver - Clean up download files
become: yes become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ caddy_cachedir }}/tmp" path: "{{ caddy_cachedir }}/tmp"
state: absent state: absent

View file

@ -1,45 +1,45 @@
--- ---
# Server/Caddyserver-Setup: Setup Caddy Webserver (user, directories, etc) # Server/Caddyserver-Setup: Setup Caddy Webserver (user, directories, etc)
- name: caddyserver - Add www-data system user - name: Caddyserver - Add www-data system user
become: yes become: true
ansible.builtin.user: ansible.builtin.user:
name: www-data name: www-data
create_home: no create_home: false
system: yes system: true
shell: /bin/false shell: /bin/false
state: present state: present
- name: caddyserver - Add Caddy directories - name: Caddyserver - Add Caddy directories
become: yes become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
owner: www-data owner: www-data
group: www-data group: www-data
mode: 0770 mode: "0770"
with_items: with_items:
- /var/lib/caddy - /var/lib/caddy
- /etc/caddy - /etc/caddy
- name: caddyserver - Add Caddy home directory - name: Caddyserver - Add Caddy home directory
become: yes become: true
ansible.builtin.file: ansible.builtin.file:
path: /var/www path: /var/www
state: directory state: directory
owner: www-data owner: www-data
group: www-data group: www-data
mode: 0555 mode: "0555"
- name: caddyserver - Copy Caddy systemd service file - name: Caddyserver - Copy Caddy systemd service file
become: yes become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ role_path }}/templates/caddy.service" src: "{{ role_path }}/templates/caddy.service"
dest: /etc/systemd/system/caddy.service dest: /etc/systemd/system/caddy.service
owner: root owner: root
group: root group: root
mode: 0644 mode: "0644"
- name: caddyserver - Add standard user to www-data group - name: Caddyserver - Add standard user to www-data group
become: yes become: true
ansible.builtin.user: ansible.builtin.user:
name: "{{ ansible_user_id }}" name: "{{ ansible_user_id }}"
groups: www-data groups: www-data
append: yes append: true

View file

@ -2,9 +2,9 @@
# Server/Caddyserver: Install Caddy Webserver (with some modules) # Server/Caddyserver: Install Caddy Webserver (with some modules)
# ATTENTION: No Caddyfile is created yet and caddy is not enabled or started! # ATTENTION: No Caddyfile is created yet and caddy is not enabled or started!
- name: caddyserver - Install caddy server - name: Caddyserver - Install caddy server
ansible.builtin.include_tasks: "caddy-install.yml" ansible.builtin.include_tasks: "caddy-install.yml"
- name: caddyserver - Setup caddy server - name: Caddyserver - Setup caddy server
when: caddy_email is defined when: caddy_email is defined
ansible.builtin.include_tasks: "caddy-setup.yml" ansible.builtin.include_tasks: "caddy-setup.yml"

View file

@ -2,8 +2,8 @@
# Server/Cronmails: Setup Mails from Cronjobs (install exim) - CentOS Version # Server/Cronmails: Setup Mails from Cronjobs (install exim) - CentOS Version
# Install exim # Install exim
- name: cronmails - Install exim4 as MTA - name: Cronmails - Install exim4 as MTA
become: yes become: true
ansible.builtin.yum: ansible.builtin.yum:
name: "{{ packages }}" name: "{{ packages }}"
state: present state: present
@ -12,31 +12,31 @@
- exim - exim
# Configure exim # Configure exim
- name: cronmails - Create exim config folder - name: Cronmails - Create exim config folder
become: yes become: true
ansible.builtin.file: ansible.builtin.file:
path: /etc/exim path: /etc/exim
state: directory state: directory
# TODO: exim config works quite differently on CentOS compared to Debian!!! # TODO: exim config works quite differently on CentOS compared to Debian!!!
# # - name: cronmails - Copy exim config template # # - name: Cronmails - Copy exim config template
# # become: yes # # become: true
# # ansible.builtin.copy: # # ansible.builtin.copy:
# # src: "{{ role_path }}/files/exim4.conf.template" # # src: "{{ role_path }}/files/exim4.conf.template"
# # dest: /etc/exim/exim.conf.template # # dest: /etc/exim/exim.conf.template
# # register: cronmails_conftmp_update # # register: cronmails_conftmp_update
# # - name: cronmails - Copy exim config file # # - name: Cronmails - Copy exim config file
# # become: yes # # become: true
# # ansible.builtin.template: # # ansible.builtin.template:
# # src: "{{ role_path }}/templates/update-exim4.conf.conf" # # src: "{{ role_path }}/templates/update-exim4.conf.conf"
# # dest: /etc/exim/update-exim.conf.conf # # dest: /etc/exim/update-exim.conf.conf
# # register: cronmails_conffile_update # # register: cronmails_conffile_update
# # - name: cronmails - Run update-exim.conf # # - name: Cronmails - Run update-exim.conf
# # when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed # # when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed
# # become: yes # # become: true
# # ansible.builtin.shell: "update-exim.conf" # # ansible.builtin.shell: "update-exim.conf"
# - name: cronmails - Enable and start exim # - name: Cronmails - Enable and start exim
# become: yes # become: true
# ansible.builtin.service: # ansible.builtin.service:
# name: exim # name: exim
# state: started # state: started
# enabled: yes # enabled: true

View file

@ -2,8 +2,8 @@
# Server/Cronmails: Setup Mails from Cronjobs (install exim) - Debian Version # Server/Cronmails: Setup Mails from Cronjobs (install exim) - Debian Version
# Install exim # Install exim
- name: cronmails - Install exim4 as MTA - name: Cronmails - Install exim4 as MTA
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: "{{ packages }}" name: "{{ packages }}"
state: present state: present
@ -11,38 +11,39 @@
packages: packages:
- exim4 - exim4
- mailutils - mailutils
diff: false
# Configure exim # Configure exim
- name: cronmails - Create exim4 config folder - name: Cronmails - Create exim4 config folder
become: yes become: true
ansible.builtin.file: ansible.builtin.file:
path: /etc/exim4 path: /etc/exim4
state: directory state: directory
- name: cronmails - Copy exim4 config template - name: Cronmails - Copy exim4 config template
become: yes become: true
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ role_path }}/files/exim4.conf.template" src: "{{ role_path }}/files/exim4.conf.template"
dest: /etc/exim4/exim4.conf.template dest: /etc/exim4/exim4.conf.template
register: cronmails_conftmp_update register: cronmails_conftmp_update
- name: cronmails - Copy exim4 config file - name: Cronmails - Copy exim4 config file
become: yes become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ role_path }}/templates/update-exim4.conf.conf" src: "{{ role_path }}/templates/update-exim4.conf.conf"
dest: /etc/exim4/update-exim4.conf.conf dest: /etc/exim4/update-exim4.conf.conf
register: cronmails_conffile_update register: cronmails_conffile_update
- name: cronmails - Set /etc/mailname - name: Cronmails - Set /etc/mailname
become: yes become: true
ansible.builtin.copy: ansible.builtin.copy:
dest: /etc/mailname dest: /etc/mailname
content: "{{ exim_etc_mailname }}" content: "{{ exim_etc_mailname }}"
register: cronmails_mailname_update register: cronmails_mailname_update
- name: cronmails - Run update-exim4.conf - name: Cronmails - Run update-exim4.conf
when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed or cronmails_mailname_update.changed when: cronmails_conftmp_update.changed or cronmails_conffile_update.changed or cronmails_mailname_update.changed
become: yes become: true
ansible.builtin.shell: "update-exim4.conf" ansible.builtin.shell: "update-exim4.conf"
- name: cronmails - Enable and start exim4 - name: Cronmails - Enable and start exim4
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: exim4 name: exim4
state: restarted state: restarted
enabled: yes enabled: true

View file

@ -2,7 +2,7 @@
# Server/Cronmails: Setup Mails from Cronjobs (install exim) # Server/Cronmails: Setup Mails from Cronjobs (install exim)
# Install and configure exim # Install and configure exim
- name: cronmails - Install exim4 - name: Cronmails - Install exim4
when: not exim_skip_install when: not exim_skip_install
ansible.builtin.include_tasks: "{{ item }}" ansible.builtin.include_tasks: "{{ item }}"
with_first_found: with_first_found:
@ -12,20 +12,20 @@
ignore_errors: true ignore_errors: true
# Set cronjob env variables/ settings # Set cronjob env variables/ settings
- name: cronmails - Crontab set path - name: Cronmails - Crontab set path
become: yes become: true
ansible.builtin.cron: ansible.builtin.cron:
name: PATH name: PATH
env: yes env: true
value: /bin:/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin value: /bin:/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
- name: cronmails - Crontab set mailto - name: Cronmails - Crontab set mailto
become: yes become: true
ansible.builtin.cron: ansible.builtin.cron:
name: MAILTO name: MAILTO
env: yes env: true
value: "{{ cron_email }}" value: "{{ cron_email }}"
- name: cronmails - Add monthly test mail - name: Cronmails - Add monthly test mail
become: yes become: true
ansible.builtin.cron: ansible.builtin.cron:
name: "Monthly Test Mail" name: "Monthly Test Mail"
minute: "0" minute: "0"

View file

@ -4,13 +4,13 @@
# - none # - none
# Detect some more host facts # Detect some more host facts
- name: docker - Detect architecture - name: Docker - Detect architecture
ansible.builtin.shell: dpkg --print-architecture ansible.builtin.shell: dpkg --print-architecture
register: dpkg_arch register: dpkg_arch
# Install docker CE # Install docker CE
- name: docker - Install docker CE APT dependencies - name: Docker - Install docker CE APT dependencies
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: "{{ packages }}" name: "{{ packages }}"
state: present state: present
@ -21,40 +21,42 @@
- curl - curl
- gnupg2 - gnupg2
- software-properties-common - software-properties-common
- name: docker - Add docker CE repo key diff: false
become: yes - name: Docker - Add docker CE repo key
become: true
ansible.builtin.apt_key: ansible.builtin.apt_key:
url: https://download.docker.com/linux/debian/gpg url: https://download.docker.com/linux/debian/gpg
state: present state: present
# IMPORTANT: raspbian needs deb [arch=armhf] https://download.docker.com/linux/raspbian ... # IMPORTANT: raspbian needs deb [arch=armhf] https://download.docker.com/linux/raspbian ...
- name: docker - Add docker CE repo (Debian) - name: Docker - Add docker CE repo (Debian)
when: ansible_facts['lsb']['id'] != "Raspbian" when: ansible_facts['lsb']['id'] != "Raspbian"
become: yes become: true
ansible.builtin.apt_repository: ansible.builtin.apt_repository:
repo: "deb [arch={{ dpkg_arch.stdout }}] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable" repo: "deb [arch={{ dpkg_arch.stdout }}] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
state: present state: present
- name: docker - Add docker CE repo (Raspbian) - name: Docker - Add docker CE repo (Raspbian)
when: ansible_facts['lsb']['id'] == "Raspbian" when: ansible_facts['lsb']['id'] == "Raspbian"
become: yes become: true
ansible.builtin.apt_repository: ansible.builtin.apt_repository:
repo: "deb [arch={{ dpkg_arch.stdout }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" repo: "deb [arch={{ dpkg_arch.stdout }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
state: present state: present
- name: docker - Install docker CE - name: Docker - Install docker CE
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: docker-ce name: docker-ce
state: latest state: latest
install_recommends: no install_recommends: false
update_cache: yes update_cache: true
cache_valid_time: "3600" cache_valid_time: "3600"
diff: false
# Just always use the python package, because the ansible module won't work otherwise # Just always use the python package, because the ansible module won't work otherwise
- name: docker-compose - Install python package - name: Docker-compose - Install python package
block: block:
- name: docker-compose - Install requirements - name: Docker-compose - Install requirements
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: "{{ packages }}" name: "{{ packages }}"
state: present state: present
@ -62,8 +64,9 @@
packages: packages:
- python3-pip - python3-pip
- python3-setuptools - python3-setuptools
- name: docker-compose - Install using pip3 diff: false
become: yes - name: Docker-compose - Install using pip3
become: true
ansible.builtin.pip: ansible.builtin.pip:
name: docker-compose name: docker-compose
executable: pip3 executable: pip3

View file

@ -3,7 +3,7 @@
# Variables: # Variables:
# - none # - none
- name: docker - Install - name: Docker - Install
ansible.builtin.include_tasks: "{{ item }}" ansible.builtin.include_tasks: "{{ item }}"
with_first_found: with_first_found:
- "docker-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml" - "docker-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
@ -11,9 +11,9 @@
- "docker-{{ ansible_os_family }}.yml" - "docker-{{ ansible_os_family }}.yml"
# Other setup tasks # Other setup tasks
- name: docker - Add standard user to docker group - name: Docker - Add standard user to docker group
become: yes become: true
ansible.builtin.user: ansible.builtin.user:
name: "{{ ansible_user_id }}" name: "{{ ansible_user_id }}"
groups: docker groups: docker
append: yes append: true

View file

@ -1,22 +1,23 @@
--- ---
# Server/Dyndns: Setup dynDNS Script # Server/Dyndns: Setup dynDNS Script
- name: dyndns - Install needed tools - name: Dyndns - Install needed tools
become: yes become: true
ansible.builtin.package: ansible.builtin.package:
name: curl name: curl
state: present state: present
diff: false
- name: dyndns - Copy dynDNS script - name: Dyndns - Copy dynDNS script
become: yes become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ role_path }}/templates/ddns-hosts.sh" src: "{{ role_path }}/templates/ddns-hosts.sh"
dest: /usr/local/bin/ddns-hosts.sh dest: /usr/local/bin/ddns-hosts.sh
owner: "{{ ansible_user_id }}" owner: "{{ ansible_user_id }}"
group: "{{ ansible_user_id }}" group: "{{ ansible_user_id }}"
mode: 0775 mode: "0775"
- name: "dyndns - Create cronjob for {{ ddns_zone }} dynDNS script" - name: "Dyndns - Create cronjob for {{ ddns_zone }} dynDNS script"
become: yes become: true
ansible.builtin.cron: ansible.builtin.cron:
name: "{{ ddns_zone }} dynDNS" name: "{{ ddns_zone }} dynDNS"
minute: "*/5" minute: "*/5"

View file

@ -3,10 +3,10 @@
# SSH # SSH
- name: setup - Copy sshd_config - name: setup - Copy sshd_config
become: yes become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ role_path }}/templates/sshd_config.j2" src: "{{ role_path }}/templates/sshd_config.j2"
dest: "/etc/ssh/sshd_config" dest: "/etc/ssh/sshd_config"
backup: yes backup: true
notify: notify:
- Restart sshd - Restart sshd

View file

@ -1,18 +1,19 @@
--- ---
# Server/Telegraf: Install and Setup Telegraf Monitoring - CentOS Version # Server/Telegraf: Install and Setup Telegraf Monitoring - CentOS Version
- name: telegraf - Add telegraf repo - name: Telegraf - Add telegraf repo
become: true become: true
ansible.builtin.yum_repository: ansible.builtin.yum_repository:
name: influxdb name: influxdb
description: InfluxDB Repository description: InfluxDB Repository
baseurl: https://repos.influxdata.com/rhel/7/\$basearch/stable baseurl: https://repos.influxdata.com/rhel/7/\$basearch/stable
enabled: yes enabled: true
gpgcheck: yes gpgcheck: true
gpgkey: https://repos.influxdata.com/influxdata-archive_compat.key gpgkey: https://repos.influxdata.com/influxdata-archive_compat.key
- name: telegraf - Install telegraf - name: Telegraf - Install telegraf
become: true become: true
ansible.builtin.yum: ansible.builtin.yum:
name: telegraf name: telegraf
state: latest state: latest
update_cache: yes update_cache: true
diff: false

View file

@ -1,33 +1,35 @@
--- ---
# Server/Telegraf: Install and Setup Telegraf Monitoring - Debian Version # Server/Telegraf: Install and Setup Telegraf Monitoring - Debian Version
- name: telegraf - Install apt-transport-https - name: Telegraf - Install apt-transport-https
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: apt-transport-https name: apt-transport-https
state: present state: present
- name: telegraf - Add telegraf repo key diff: false
become: yes - name: Telegraf - Add telegraf repo key
become: true
ansible.builtin.apt_key: ansible.builtin.apt_key:
url: https://repos.influxdata.com/influxdata-archive_compat.key url: https://repos.influxdata.com/influxdata-archive_compat.key
state: present state: present
- name: telegraf - Add telegraf repo - name: Telegraf - Add telegraf repo
become: yes become: true
ansible.builtin.apt_repository: ansible.builtin.apt_repository:
repo: "deb https://repos.influxdata.com/debian {{ ansible_distribution_release }} stable" repo: "deb https://repos.influxdata.com/debian {{ ansible_distribution_release }} stable"
state: present state: present
- name: telegraf - Install telegraf - name: Telegraf - Install telegraf
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: telegraf name: telegraf
state: latest state: latest
update_cache: yes update_cache: true
cache_valid_time: 3600 cache_valid_time: 3600
diff: false
# Install SNMP utilities for telegraf monitoring # Install SNMP utilities for telegraf monitoring
- name: telegraf - Install SNMP utilities - name: Telegraf - Install SNMP utilities
when: telegraf_ubnt_ns_ips is defined when: telegraf_ubnt_ns_ips is defined
become: yes become: true
ansible.builtin.apt: ansible.builtin.apt:
name: "{{ packages }}" name: "{{ packages }}"
state: present state: present
@ -35,3 +37,4 @@
packages: packages:
- snmp - snmp
- snmp-mibs-downloader - snmp-mibs-downloader
diff: false

View file

@ -1,16 +1,17 @@
--- ---
# Server/Telegraf: Install and Setup Telegraf Monitoring - FreeBSD Version # Server/Telegraf: Install and Setup Telegraf Monitoring - FreeBSD Version
- name: telegraf - Install telegraf - name: Telegraf - Install telegraf
become: yes become: true
ansible.builtin.package: ansible.builtin.package:
name: telegraf name: telegraf
state: latest state: latest
diff: false
# # Install SNMP utilities for telegraf monitoring # # Install SNMP utilities for telegraf monitoring
# - name: telegraf - Install SNMP utilities # - name: Telegraf - Install SNMP utilities
# when: telegraf_ubnt_ns_ips is defined # when: telegraf_ubnt_ns_ips is defined
# become: yes # become: true
# ansible.builtin.package: # ansible.builtin.package:
# name: "{{ packages }}" # name: "{{ packages }}"
# state: present # state: present
@ -18,10 +19,11 @@
# packages: # packages:
# - snmp # - snmp
# - snmp-mibs-downloader # - snmp-mibs-downloader
# diff: false
- name: telegraf - Install SNMP utilities - name: Telegraf - Install SNMP utilities
when: telegraf_ubnt_ns_ips is defined when: telegraf_ubnt_ns_ips is defined
become: yes become: true
ansible.builtin.package: ansible.builtin.package:
name: "{{ packages }}" name: "{{ packages }}"
state: present state: present
@ -29,3 +31,4 @@
packages: packages:
- snmp - snmp
- snmp-mibs-downloader - snmp-mibs-downloader
diff: false

View file

@ -2,7 +2,7 @@
# Server/Telegraf: Install and Setup Telegraf Monitoring # Server/Telegraf: Install and Setup Telegraf Monitoring
# Install # Install
- name: telegraf - Install telegraf - name: Telegraf - Install telegraf
ansible.builtin.include_tasks: "{{ item }}" ansible.builtin.include_tasks: "{{ item }}"
with_first_found: with_first_found:
- "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml" - "telegraf-{{ ansible_distribution }}.{{ ansible_distribution_release }}.yml"
@ -10,9 +10,9 @@
- "telegraf-{{ (override_os_family is defined) | ternary(override_os_family, ansible_os_family) }}.yml" - "telegraf-{{ (override_os_family is defined) | ternary(override_os_family, ansible_os_family) }}.yml"
# Install SNMP MIBs # Install SNMP MIBs
- name: telegraf - Install SNMP MIBs - name: Telegraf - Install SNMP MIBs
when: telegraf_ubnt_ns_ips is defined when: telegraf_ubnt_ns_ips is defined
become: yes become: true
block: block:
- name: SNMP - Download and install Ubiquiti MIB - name: SNMP - Download and install Ubiquiti MIB
ansible.builtin.copy: ansible.builtin.copy:
@ -33,23 +33,23 @@
create: yes create: yes
# Configure # Configure
- name: telegraf - Copy telegraf config (Linux) - name: Telegraf - Copy telegraf config (Linux)
when: (override_os_family is defined) | ternary(override_os_family, ansible_os_family) != "FreeBSD" when: (override_os_family is defined) | ternary(override_os_family, ansible_os_family) != "FreeBSD"
become: yes become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ role_path }}/templates/telegraf.conf.j2" src: "{{ role_path }}/templates/telegraf.conf.j2"
dest: /etc/telegraf/telegraf.conf dest: /etc/telegraf/telegraf.conf
- name: telegraf - Copy telegraf config (FreeBSD) - name: Telegraf - Copy telegraf config (FreeBSD)
when: (override_os_family is defined) | ternary(override_os_family, ansible_os_family) == "FreeBSD" when: (override_os_family is defined) | ternary(override_os_family, ansible_os_family) == "FreeBSD"
become: yes become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ role_path }}/templates/telegraf.conf.j2" src: "{{ role_path }}/templates/telegraf.conf.j2"
dest: /usr/local/etc/telegraf.conf dest: /usr/local/etc/telegraf.conf
- name: telegraf - Enable and restart telegraf - name: Telegraf - Enable and restart telegraf
become: yes become: true
ansible.builtin.service: ansible.builtin.service:
name: telegraf name: telegraf
state: restarted state: restarted
enabled: yes enabled: true