ansible

ansible/inventory.yaml

@@ -0,0 +1,19 @@
+wks:
+  hosts:
+    adm01.wks:
+    drucki.wks:
+    ebin01.wks:
+    ebin02.wks:
+    pine01.wks:
+    #pine02.wks:
+    pine03.wks:
+    #pine04.wks:
+    pine05.wks:
+
+ring86:
+  hosts:
+    auto02.chaos:
+    truhe.chaos:
+    #wohnz.chaos:
+    #yori.chaos:
+    #lenny.chaos:

ansible/roles/armbian/tasks/main.yaml

@@ -0,0 +1,21 @@
+- name: Add Armbian Repo
+  block:
+    - name: Armbian GPG Key
+      ansible.builtin.get_url:
+        url: https://apt.armbian.com/armbian.key
+        dest: /etc/apt/trusted.gpg.d/armbian-archive-keyring.asc
+    - name: Armbian Repo
+      ansible.builtin.apt_repository:
+        filename: armbian
+        repo: deb http://apt-cache.service.nr5/apt.armbian.com bookworm main bookworm-utils
+- name: Armbian config Repo & Package
+  block:
+    - name: Armbian-config Repo
+      ansible.builtin.apt_repository:
+        filename: armbian-config
+        repo: deb https://github.armbian.com/configng stable main 
+    - name: armbian-config install
+      apt:
+        state: present
+        name:
+        - armbian-config

ansible/roles/autofs/tasks/main.yaml

@@ -0,0 +1,24 @@
+- name: Install autofs
+  apt:
+    state: present
+    name:
+    - autofs
+    
+- name: Create /net
+  file:
+    path: /net
+    state: directory
+    
+- name: Update auto.master
+  lineinfile:
+    path: /etc/auto.master
+    regexp: '^#/net'
+    line: /net    -hosts
+  register: auto_master_update
+    
+    
+- name: Restart autofs
+  service:
+    name: autofs
+    state: restarted
+  when: auto_master_update.changed

ansible/roles/common/tasks/darwin.yaml

@@ -0,0 +1,14 @@
+- name: Install common packages
+  become: true
+  become_user: admin
+  homebrew:
+    state: present
+    name:
+    - btop
+    - htop
+    - rsync
+    - rclone
+    - vim
+    - curl
+    - arping
+

ansible/roles/common/tasks/linux.yaml

@@ -0,0 +1,69 @@
+- name: Install common packages
+  apt:
+    state: present
+    name:
+    - btop
+    - htop
+    - iotop
+    - net-tools
+    - tcpdump
+    - curl
+    - vim
+    - rclone 
+    - rsync
+    - borgmatic
+    - cifs-utils
+    - nfs-common
+    - etckeeper
+    - iputils-arping
+    - bwm-ng
+    - iftop
+
+- name: Remove common packages
+  apt:
+    state: absent
+    name:
+    - salt-*
+ 
+- name: Remove packages in VMs
+  apt: 
+    state: absent
+    purge: true
+    name:
+    - smartmontools
+    - lm-sensors
+    - ipmitools
+    - openipmi
+  when: ansible_facts['virtualization_role'] == "guest"
+ 
+- name: Install packages on physical hosts
+  apt: 
+    state: present
+    name:
+    - lm-sensors
+    - hdparm
+  when: ansible_facts['virtualization_role'] == "host" 
+
+- name: Update /etc/hosts
+  lineinfile:
+    path: /etc/hosts
+    regexp: '^127\.0\.1\.1'
+    line: 127.0.1.1 {{ ansible_nodename }}
+
+- name: Kernel modules
+  include_role:
+    name: modules
+
+- name: sudo for Linux
+  include_role:
+    name: sudo
+
+#- name: autofs for Linux
+#  include_role:
+#    name: autofs    
+#
+# Set vm.swappiness to 5 in /etc/sysctl.conf
+- sysctl:
+    name: vm.swappiness
+    value: '5'
+    state: present

ansible/roles/common/tasks/main.yaml

@@ -0,0 +1,6 @@
+- name: Common Tasks for all hosts
+  include_tasks: "{{ ansible_system | lower }}.yaml"
+  
+- name: Prometheus
+  include_role:
+    name: prometheus-node-exporter

ansible/roles/debian/tasks/main.yaml

@@ -0,0 +1,10 @@
+- name: REPO - Disable SID
+  ansible.builtin.apt_repository:
+    state: absent
+    filename: debian-sid
+    repo: deb http://apt-cache.service.nr5/deb.debian.org/debian sid main contrib
+    
+- name: REPO - Disable bullseye
+  ansible.builtin.file:
+    state: absent
+    path: /etc/apt/sources.list.d/debian-bullseye.list

ansible/roles/nummer5/tasks/main.yaml

@@ -0,0 +1,2 @@
+- name: Hashicorp repo
+  include_tasks: repo.yaml

ansible/roles/nummer5/tasks/repo.yaml

@@ -0,0 +1,10 @@
+- name: Add Hashicorp Repo
+  block:
+    - name: Hashicorp GPG Key
+      ansible.builtin.get_url:
+        url: https://apt.releases.hashicorp.com/gpg
+        dest: /etc/apt/trusted.gpg.d/hashicorp-archive-keyring.asc
+    - name: Hashicorp Repo
+      ansible.builtin.apt_repository:
+        filename: hashicorp
+        repo: deb https://apt.releases.hashicorp.com bookworm main

ansible/roles/prometheus-node-exporter/tasks/darwin.yaml

@@ -0,0 +1,25 @@
+- name: Install node-exporter
+  become: true
+  become_user: admin
+  homebrew:
+    state: present
+    name:
+    - node_exporter
+    
+# TODO: Fix this    
+#- name: Check service running
+#  become: true
+#  become_user: admin
+#  command: "/opt/homebrew/bin/brew services info --json node_exporter"
+#  register: service_running
+#  ignore_errors: True
+#  
+#- name: Debug
+#  debug:
+#    msg: "{{ service_running }}"
+#  
+#- name: Start service
+#  become: true
+#  become_user: admin
+#  command: "/opt/homebrew/bin/brew services start node_exporter"
+#  when: {{ service_running[*].status }} != "started"

ansible/roles/prometheus-node-exporter/tasks/linux.yaml

@@ -0,0 +1,5 @@
+- name: Install node-exporter
+  apt:
+    state: present
+    name:
+    - prometheus-node-exporter

ansible/roles/prometheus-node-exporter/tasks/main.yaml

@@ -0,0 +1,2 @@
+- name: Prometheus Node Exporter
+  include_tasks: "{{ ansible_system | lower }}.yaml"

ansible/roles/sudo/tasks/main.yaml

@@ -0,0 +1,13 @@
+- name: Install sudo
+  apt:
+    name: sudo
+    state: present
+
+- name: ensure Admini role
+  user:
+    comment: Administrative User
+    user: admini
+    password: $6$WmyMaztTbqI6Ga19$AADxgXtK.3q/ne0v.rimlKWRmZoX0bXApWRmoVTiQAdcGrfMwiInDHWElz5zfQiBGTZM6wOnSletT9JfdO6Zl0
+    groups:
+    - sudo
+    append: true

ansible/site.yaml

@@ -0,0 +1,15 @@
+- hosts: all
+  gather_facts: true
+
+  roles:
+  - role: common
+    tags: common
+
+- hosts: ~pine.*\.wks
+  roles:
+  - role: nummer5
+    tags: nummer5
+  - role: armbian
+    tags: armbian
+  - role: debian
+    tags: debian