diff --git a/ansible/inventory.yaml b/ansible/inventory.yaml new file mode 100644 index 0000000..3b73e22 --- /dev/null +++ b/ansible/inventory.yaml @@ -0,0 +1,19 @@ +wks: + hosts: + adm01.wks: + drucki.wks: + ebin01.wks: + ebin02.wks: + pine01.wks: + #pine02.wks: + pine03.wks: + #pine04.wks: + pine05.wks: + +ring86: + hosts: + auto02.chaos: + truhe.chaos: + #wohnz.chaos: + #yori.chaos: + #lenny.chaos: diff --git a/ansible/roles/armbian/tasks/main.yaml b/ansible/roles/armbian/tasks/main.yaml new file mode 100644 index 0000000..bc4b17f --- /dev/null +++ b/ansible/roles/armbian/tasks/main.yaml @@ -0,0 +1,21 @@ +- name: Add Armbian Repo + block: + - name: Armbian GPG Key + ansible.builtin.get_url: + url: https://apt.armbian.com/armbian.key + dest: /etc/apt/trusted.gpg.d/armbian-archive-keyring.asc + - name: Armbian Repo + ansible.builtin.apt_repository: + filename: armbian + repo: deb http://apt-cache.service.nr5/apt.armbian.com bookworm main bookworm-utils +- name: Armbian config Repo & Package + block: + - name: Armbian-config Repo + ansible.builtin.apt_repository: + filename: armbian-config + repo: deb https://github.armbian.com/configng stable main + - name: armbian-config install + apt: + state: present + name: + - armbian-config \ No newline at end of file diff --git a/ansible/roles/autofs/tasks/main.yaml b/ansible/roles/autofs/tasks/main.yaml new file mode 100644 index 0000000..0d479e9 --- /dev/null +++ b/ansible/roles/autofs/tasks/main.yaml @@ -0,0 +1,24 @@ +- name: Install autofs + apt: + state: present + name: + - autofs + +- name: Create /net + file: + path: /net + state: directory + +- name: Update auto.master + lineinfile: + path: /etc/auto.master + regexp: '^#/net' + line: /net -hosts + register: auto_master_update + + +- name: Restart autofs + service: + name: autofs + state: restarted + when: auto_master_update.changed \ No newline at end of file diff --git a/ansible/roles/common/tasks/darwin.yaml b/ansible/roles/common/tasks/darwin.yaml new file mode 100644 index 0000000..7c8c464 --- /dev/null +++ b/ansible/roles/common/tasks/darwin.yaml @@ -0,0 +1,14 @@ +- name: Install common packages + become: true + become_user: admin + homebrew: + state: present + name: + - btop + - htop + - rsync + - rclone + - vim + - curl + - arping + diff --git a/ansible/roles/common/tasks/linux.yaml b/ansible/roles/common/tasks/linux.yaml new file mode 100644 index 0000000..6430e8f --- /dev/null +++ b/ansible/roles/common/tasks/linux.yaml @@ -0,0 +1,69 @@ +- name: Install common packages + apt: + state: present + name: + - btop + - htop + - iotop + - net-tools + - tcpdump + - curl + - vim + - rclone + - rsync + - borgmatic + - cifs-utils + - nfs-common + - etckeeper + - iputils-arping + - bwm-ng + - iftop + +- name: Remove common packages + apt: + state: absent + name: + - salt-* + +- name: Remove packages in VMs + apt: + state: absent + purge: true + name: + - smartmontools + - lm-sensors + - ipmitools + - openipmi + when: ansible_facts['virtualization_role'] == "guest" + +- name: Install packages on physical hosts + apt: + state: present + name: + - lm-sensors + - hdparm + when: ansible_facts['virtualization_role'] == "host" + +- name: Update /etc/hosts + lineinfile: + path: /etc/hosts + regexp: '^127\.0\.1\.1' + line: 127.0.1.1 {{ ansible_nodename }} + +- name: Kernel modules + include_role: + name: modules + +- name: sudo for Linux + include_role: + name: sudo + +#- name: autofs for Linux +# include_role: +# name: autofs +# +# Set vm.swappiness to 5 in /etc/sysctl.conf +- sysctl: + name: vm.swappiness + value: '5' + state: present diff --git a/ansible/roles/common/tasks/main.yaml b/ansible/roles/common/tasks/main.yaml new file mode 100644 index 0000000..9f03b90 --- /dev/null +++ b/ansible/roles/common/tasks/main.yaml @@ -0,0 +1,6 @@ +- name: Common Tasks for all hosts + include_tasks: "{{ ansible_system | lower }}.yaml" + +- name: Prometheus + include_role: + name: prometheus-node-exporter diff --git a/ansible/roles/debian/tasks/main.yaml b/ansible/roles/debian/tasks/main.yaml new file mode 100644 index 0000000..f659662 --- /dev/null +++ b/ansible/roles/debian/tasks/main.yaml @@ -0,0 +1,10 @@ +- name: REPO - Disable SID + ansible.builtin.apt_repository: + state: absent + filename: debian-sid + repo: deb http://apt-cache.service.nr5/deb.debian.org/debian sid main contrib + +- name: REPO - Disable bullseye + ansible.builtin.file: + state: absent + path: /etc/apt/sources.list.d/debian-bullseye.list diff --git a/ansible/roles/nummer5/tasks/main.yaml b/ansible/roles/nummer5/tasks/main.yaml new file mode 100644 index 0000000..dc519fe --- /dev/null +++ b/ansible/roles/nummer5/tasks/main.yaml @@ -0,0 +1,2 @@ +- name: Hashicorp repo + include_tasks: repo.yaml \ No newline at end of file diff --git a/ansible/roles/nummer5/tasks/repo.yaml b/ansible/roles/nummer5/tasks/repo.yaml new file mode 100644 index 0000000..9d72a7f --- /dev/null +++ b/ansible/roles/nummer5/tasks/repo.yaml @@ -0,0 +1,10 @@ +- name: Add Hashicorp Repo + block: + - name: Hashicorp GPG Key + ansible.builtin.get_url: + url: https://apt.releases.hashicorp.com/gpg + dest: /etc/apt/trusted.gpg.d/hashicorp-archive-keyring.asc + - name: Hashicorp Repo + ansible.builtin.apt_repository: + filename: hashicorp + repo: deb https://apt.releases.hashicorp.com bookworm main \ No newline at end of file diff --git a/ansible/roles/prometheus-node-exporter/tasks/darwin.yaml b/ansible/roles/prometheus-node-exporter/tasks/darwin.yaml new file mode 100644 index 0000000..34d9e2c --- /dev/null +++ b/ansible/roles/prometheus-node-exporter/tasks/darwin.yaml @@ -0,0 +1,25 @@ +- name: Install node-exporter + become: true + become_user: admin + homebrew: + state: present + name: + - node_exporter + +# TODO: Fix this +#- name: Check service running +# become: true +# become_user: admin +# command: "/opt/homebrew/bin/brew services info --json node_exporter" +# register: service_running +# ignore_errors: True +# +#- name: Debug +# debug: +# msg: "{{ service_running }}" +# +#- name: Start service +# become: true +# become_user: admin +# command: "/opt/homebrew/bin/brew services start node_exporter" +# when: {{ service_running[*].status }} != "started" \ No newline at end of file diff --git a/ansible/roles/prometheus-node-exporter/tasks/linux.yaml b/ansible/roles/prometheus-node-exporter/tasks/linux.yaml new file mode 100644 index 0000000..39e23df --- /dev/null +++ b/ansible/roles/prometheus-node-exporter/tasks/linux.yaml @@ -0,0 +1,5 @@ +- name: Install node-exporter + apt: + state: present + name: + - prometheus-node-exporter \ No newline at end of file diff --git a/ansible/roles/prometheus-node-exporter/tasks/main.yaml b/ansible/roles/prometheus-node-exporter/tasks/main.yaml new file mode 100644 index 0000000..4aaa85d --- /dev/null +++ b/ansible/roles/prometheus-node-exporter/tasks/main.yaml @@ -0,0 +1,2 @@ +- name: Prometheus Node Exporter + include_tasks: "{{ ansible_system | lower }}.yaml" diff --git a/ansible/roles/sudo/tasks/main.yaml b/ansible/roles/sudo/tasks/main.yaml new file mode 100644 index 0000000..71d19c2 --- /dev/null +++ b/ansible/roles/sudo/tasks/main.yaml @@ -0,0 +1,13 @@ +- name: Install sudo + apt: + name: sudo + state: present + +- name: ensure Admini role + user: + comment: Administrative User + user: admini + password: $6$WmyMaztTbqI6Ga19$AADxgXtK.3q/ne0v.rimlKWRmZoX0bXApWRmoVTiQAdcGrfMwiInDHWElz5zfQiBGTZM6wOnSletT9JfdO6Zl0 + groups: + - sudo + append: true \ No newline at end of file diff --git a/ansible/site.yaml b/ansible/site.yaml new file mode 100644 index 0000000..e913769 --- /dev/null +++ b/ansible/site.yaml @@ -0,0 +1,15 @@ +- hosts: all + gather_facts: true + + roles: + - role: common + tags: common + +- hosts: ~pine.*\.wks + roles: + - role: nummer5 + tags: nummer5 + - role: armbian + tags: armbian + - role: debian + tags: debian \ No newline at end of file