205 changed files with 0 additions and 5264 deletions
--- a/roles/alertmanager/defaults/main.yaml
+++ b/roles/alertmanager/defaults/main.yaml
@ -1,52 +0,0 @@
 ---
 alertmanager_go_arch_map:
  i386: '386'
  x86_64: 'amd64'
 alertmanager_go_arch: "{{ alertmanager_go_arch_map[ansible_architecture] | default('amd64') }}"
 alertmanager_service_name: alertmanager.service
 alertmanager_service_enabled: true
 alertmanager_service_state: started
 alertmanager_version_regex: ^alertmanager, version ([\d.]+)
 alertmanager_github_project_url: https://github.com/prometheus/alertmanager
 alertmanager_release_file: "alertmanager-{{ alertmanager_version }}.{{ ansible_system | lower }}-{{ alertmanager_go_arch }}.tar.gz"
 alertmanager_release_url: "{{ alertmanager_github_project_url }}/releases/download/v{{ alertmanager_version }}/{{ alertmanager_release_file }}"
 alertmanager_checksum_url: "{{ alertmanager_github_project_url }}/releases/download/v{{ alertmanager_version }}/sha256sums.txt"
 alertmanager_download_path: "/tmp/{{ alertmanager_release_file }}"
 alertmanager_unarchive_dest_path: /tmp
 alertmanager_extracted_path: "{{ alertmanager_download_path | replace('.tar.gz', '') }}"
 alertmanager_user: alertmanager
 alertmanager_user_state: present
 alertmanager_user_shell: /usr/sbin/nologin
 alertmanager_group: alertmanager
 alertmanager_group_state: "{{ alertmanager_user_state | default('present') }}"
 alertmanager_etc_path: /etc/alertmanager
 alertmanager_etc_owner: root
 alertmanager_etc_group: root
 alertmanager_etc_mode: "0755"
 alertmanager_var_path: /var/lib/alertmanager
 alertmanager_var_owner: "{{ alertmanager_user }}"
 alertmanager_var_group: "{{ alertmanager_group }}"
 alertmanager_var_mode: "0755"
 alertmanager_bin_path: /usr/local/bin
 alertmanager_web_listen_address: 0.0.0.0:9093
 alertmanager_port: "{{ alertmanager_web_listen_address.split(':')[1] }}"
 alertmanager_web_external_url:
 alertmanager_web_route_prefix:
 alertmanager_cluster_advertise_address: 0.0.0.0:9093
 alertmanager_config:
  route:
    routes:
      receiver: dummy
  receivers:
    - name: dummy
--- a/roles/alertmanager/handlers/main.yaml
+++ b/roles/alertmanager/handlers/main.yaml
@ -1,6 +0,0 @@
 ---
 - name: restart alertmanager
  systemd:
    name: alertmanager.service
    daemon_reload: true
    state: restarted
--- a/roles/alertmanager/tasks/configure.yaml
+++ b/roles/alertmanager/tasks/configure.yaml
@ -1,56 +0,0 @@
 ---
 - name: create group
  group:
    name: "{{ alertmanager_group }}"
    system: true
    state: "{{ alertmanager_group_state | default('present') }}"
 - name: create user
  user:
    name: "{{ alertmanager_user }}"
    system: true
    shell: "{{ alertmanager_user_shell }}"
    group: "{{ alertmanager_group }}"
    createhome: false
    home: "{{ alertmanager_var_path }}"
    state: "{{ alertmanager_user_state | default('present') }}"
 - name: create etc path
  file:
    path: "{{ alertmanager_etc_path }}"
    state: directory
    owner: "{{ alertmanager_etc_owner }}"
    group: "{{ alertmanager_etc_group }}"
    mode: "{{ alertmanager_etc_mode }}"
 - name: create var path
  file:
    path: "{{ alertmanager_var_path }}"
    state: directory
    owner: "{{ alertmanager_var_owner }}"
    group: "{{ alertmanager_var_group }}"
    mode: "{{ alertmanager_var_mode }}"
 - name: configure
  copy:
    dest: "{{ alertmanager_etc_path }}/alertmanager.yaml"
    content: "{{ (alertmanager_config | default({})) | to_nice_yaml }}"
    owner: root
    group: root
    mode: 0444
  notify: restart alertmanager
 - name: configure systemd template
  template:
    src: alertmanager.service.j2
    dest: /etc/systemd/system/alertmanager.service
    owner: root
    group: root
    mode: 0444
  notify: restart alertmanager
 - name: manage service
  service:
    name: "{{ alertmanager_service_name }}"
    enabled: "{{ alertmanager_service_enabled }}"
    state: "{{ alertmanager_service_state }}"
--- a/roles/alertmanager/tasks/default.yaml
+++ b/roles/alertmanager/tasks/default.yaml
--- a/roles/alertmanager/tasks/install.yaml
+++ b/roles/alertmanager/tasks/install.yaml
@ -1,32 +0,0 @@
 ---
 - block:
  - name: download tar
    get_url:
      url: "{{ alertmanager_release_url }}"
      dest: "{{ alertmanager_download_path }}"
      checksum: "{{ alertmanager_checksum }}"
    register: dl
    until: dl is success
    retries: 5
    delay: 10
  - name: extract tar
    unarchive:
      src: "{{ alertmanager_download_path }}"
      dest: "{{ alertmanager_unarchive_dest_path }}"
      creates: "{{ alertmanager_extracted_path }}/alertmanager"
      remote_src: true
  - name: install binaries
    copy:
      src: "{{ alertmanager_extracted_path }}/{{ item }}"
      dest: "{{ alertmanager_bin_path }}/{{ item }}"
      owner: root
      group: root
      mode: 0755
      remote_src: true
    loop:
      - alertmanager
      - amtool
    notify: restart alertmanager
  when: alertmanager_version != alertmanager_local_version
--- a/roles/alertmanager/tasks/main.yaml
+++ b/roles/alertmanager/tasks/main.yaml
@ -1,30 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - include: pre.yaml
 - include: install.yaml
 - include: configure.yaml
--- a/roles/alertmanager/tasks/pre.yaml
+++ b/roles/alertmanager/tasks/pre.yaml
@ -1,50 +0,0 @@
 ---
 - name: determine if installed
  stat:
    path: "{{ alertmanager_bin_path }}/alertmanager"
  register: st
 - name: set alertmanager_installed
  set_fact:
    alertmanager_installed: "{{ st.stat.exists | bool }}"
 - block:
  - name: determine latest version
    uri:
      url: https://api.github.com/repos/prometheus/alertmanager/releases/latest
      return_content: true
      body_format: json
    register: _latest_version
    until: _latest_version.status == 200
    retries: 3
  - name: set alertmanager_version
    set_fact:
      alertmanager_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
 - block:
  - name: determine installed version
    command: "{{ alertmanager_bin_path }}/alertmanager --version"
    register: _installed_version_string
    changed_when: false
  - name: set alertmanager_local_version
    set_fact:
      alertmanager_local_version: "{{ _installed_version_string.stdout | regex_search(alertmanager_version_regex, '\\1') | first }}"
  when: alertmanager_installed
 - name: set alertmanager_local_version to 0
  set_fact:
    alertmanager_local_version: "0"
  when: not alertmanager_installed
 - block:
  - name: get checksums
    set_fact:
      _checksums: "{{ lookup('url', alertmanager_checksum_url, wantlist=True) }}"
  - name: set alertmanager_checksum
    set_fact:
      alertmanager_checksum: "sha256:{{ item.split(' ') | first }}"
    loop: "{{ _checksums }}"
    when: "alertmanager_release_file in item"
--- a/roles/alertmanager/templates/alertmanager.service.j2
+++ b/roles/alertmanager/templates/alertmanager.service.j2
@ -1,26 +0,0 @@
 {{ ansible_managed | comment }}
 [Unit]
 Description=Alertmanager
 After=network-online.target
 [Service]
 Type=simple
 User={{ alertmanager_user }}
 Group={{ alertmanager_group }}
 ExecStart={{ alertmanager_bin_path }}/alertmanager \
  --config.file={{ alertmanager_etc_path }}/alertmanager.yaml \
  --storage.path={{ alertmanager_var_path }} \
  --cluster.advertise-address={{ alertmanager_cluster_advertise_address }} \
 {% if alertmanager_web_external_url %}
  --web.external-url={{ alertmanager_web_external_url }} \
 {% endif %}
 {% if alertmanager_web_route_prefix %}
  --web.route-prefix={{ alertmanager_web_route_prefix }} \
 {% endif %}
 {% if alertmanager_web_listen_address %}
  --web.listen-address={{ alertmanager_web_listen_address }} \
 {% endif %}
 [Install]
 WantedBy=multi-user.target
--- a/roles/alertmanager/vars/default.yaml
+++ b/roles/alertmanager/vars/default.yaml
--- a/roles/blackbox_exporter/defaults/main.yaml
+++ b/roles/blackbox_exporter/defaults/main.yaml
@ -1,39 +0,0 @@
 blackbox_exporter_go_arch_map:
  i386: '386'
  x86_64: 'amd64'
 blackbox_exporter_go_arch: "{{ blackbox_exporter_go_arch_map[ansible_architecture] | default('amd64') }}"
 blackbox_exporter_service_name: blackbox_exporter.service
 blackbox_exporter_service_enabled: true
 blackbox_exporter_service_state: started
 blackbox_exporter_version_regex: ^blackbox_exporter, version ([\d.]+)
 blackbox_exporter_release_file: "blackbox_exporter-{{ blackbox_exporter_version }}.{{ ansible_system | lower }}-{{ blackbox_exporter_go_arch }}.tar.gz"
 blackbox_exporter_release_url: "https://github.com/prometheus/blackbox_exporter/releases/download/v{{ blackbox_exporter_version }}/{{ blackbox_exporter_release_file }}"
 blackbox_exporter_checksum_url: "https://github.com/prometheus/blackbox_exporter/releases/download/v{{ blackbox_exporter_version }}/sha256sums.txt"
 blackbox_exporter_download_path: "/tmp/{{ blackbox_exporter_release_file }}"
 blackbox_exporter_unarchive_dest_path: /tmp
 blackbox_exporter_extracted_path: "{{ blackbox_exporter_download_path | replace('.tar.gz', '') }}"
 blackbox_exporter_user: blackbox_exporter
 blackbox_exporter_user_state: present
 blackbox_exporter_user_shell: /usr/sbin/nologin
 blackbox_exporter_group: blackbox_exporter
 blackbox_exporter_group_state: "{{ blackbox_exporter_user_state | default('present') }}"
 blackbox_exporter_etc_path: /etc/blackbox_exporter
 blackbox_exporter_etc_owner: root
 blackbox_exporter_etc_group: root
 blackbox_exporter_etc_mode: "0755"
 blackbox_exporter_var_path: /var/lib/blackbox_exporter
 blackbox_exporter_var_owner: "{{ blackbox_exporter_user }}"
 blackbox_exporter_var_group: "{{ blackbox_exporter_group }}"
 blackbox_exporter_var_mode: "0755"
 blackbox_exporter_bin_path: /usr/local/bin
 blackbox_exporter_config: {}
--- a/roles/blackbox_exporter/handlers/main.yaml
+++ b/roles/blackbox_exporter/handlers/main.yaml
@ -1,6 +0,0 @@
 ---
 - name: restart blackbox_exporter
  systemd:
    name: blackbox_exporter.service
    daemon_reload: true
    state: restarted
--- a/roles/blackbox_exporter/tasks/configure.yaml
+++ b/roles/blackbox_exporter/tasks/configure.yaml
@ -1,48 +0,0 @@
 ---
 - name: create group
  group:
    name: "{{ blackbox_exporter_group }}"
    system: true
    state: "{{ blackbox_exporter_group_state | default('present') }}"
 - name: create user
  user:
    name: "{{ blackbox_exporter_user }}"
    system: true
    shell: "{{ blackbox_exporter_user_shell }}"
    group: "{{ blackbox_exporter_group }}"
    createhome: false
    home: "{{ blackbox_exporter_var_path }}"
    state: "{{ blackbox_exporter_user_state | default('present') }}"
 - name: create etc path
  file:
    path: "{{ blackbox_exporter_etc_path }}"
    state: directory
    owner: "{{ blackbox_exporter_etc_owner }}"
    group: "{{ blackbox_exporter_etc_group }}"
    mode: "{{ blackbox_exporter_etc_mode }}"
 - name: configure
  copy:
    dest: "{{ blackbox_exporter_etc_path }}/config.yaml"
    content: "{{ (blackbox_exporter_config | default({})) | to_nice_yaml }}"
    owner: root
    group: root
    mode: 0444
  notify: restart blackbox_exporter
 - name: configure systemd template
  template:
    src: blackbox_exporter.service.j2
    dest: /etc/systemd/system/blackbox_exporter.service
    owner: root
    group: root
    mode: 0444
  notify: restart blackbox_exporter
 - name: manage service
  service:
    name: "{{ blackbox_exporter_service_name }}"
    enabled: "{{ blackbox_exporter_service_enabled }}"
    state: "{{ blackbox_exporter_service_state }}"
--- a/roles/blackbox_exporter/tasks/default.yaml
+++ b/roles/blackbox_exporter/tasks/default.yaml
--- a/roles/blackbox_exporter/tasks/install.yaml
+++ b/roles/blackbox_exporter/tasks/install.yaml
@ -1,31 +0,0 @@
 ---
 - block:
  - name: download tar
    get_url:
      url: "{{ blackbox_exporter_release_url }}"
      dest: "{{ blackbox_exporter_download_path }}"
      checksum: "{{ blackbox_exporter_checksum }}"
    register: dl
    until: dl is success
    retries: 5
    delay: 10
  - name: extract tar
    unarchive:
      src: "{{ blackbox_exporter_download_path }}"
      dest: "{{ blackbox_exporter_unarchive_dest_path }}"
      creates: "{{ blackbox_exporter_extracted_path }}/blackbox_exporter"
      remote_src: true
  - name: install binaries
    copy:
      src: "{{ blackbox_exporter_extracted_path }}/{{ item }}"
      dest: "{{ blackbox_exporter_bin_path }}/{{ item }}"
      owner: root
      group: root
      mode: 0755
      remote_src: true
    loop:
      - blackbox_exporter
    notify: restart blackbox_exporter
  when: blackbox_exporter_version != blackbox_exporter_local_version
--- a/roles/blackbox_exporter/tasks/main.yaml
+++ b/roles/blackbox_exporter/tasks/main.yaml
@ -1,30 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - include: pre.yaml
 - include: install.yaml
 - include: configure.yaml
--- a/roles/blackbox_exporter/tasks/pre.yaml
+++ b/roles/blackbox_exporter/tasks/pre.yaml
@ -1,50 +0,0 @@
 ---
 - name: determine if installed
  stat:
    path: "{{ blackbox_exporter_bin_path }}/blackbox_exporter"
  register: st
 - name: set blackbox_exporter_installed
  set_fact:
    blackbox_exporter_installed: "{{ st.stat.exists | bool }}"
 - block:
  - name: determine latest version
    uri:
      url: https://api.github.com/repos/prometheus/blackbox_exporter/releases/latest
      return_content: true
      body_format: json
    register: _latest_version
    until: _latest_version.status == 200
    retries: 3
  - name: set blackbox_exporter_version
    set_fact:
      blackbox_exporter_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
 - block:
  - name: determine installed version
    command: "{{ blackbox_exporter_bin_path }}/blackbox_exporter --version"
    register: _installed_version_string
    changed_when: false
  - name: set blackbox_exporter_local_version
    set_fact:
      blackbox_exporter_local_version: "{{ _installed_version_string.stdout | regex_search(blackbox_exporter_version_regex, '\\1') | first }}"
  when: blackbox_exporter_installed
 - name: set blackbox_exporter_local_version to 0
  set_fact:
    blackbox_exporter_local_version: "0"
  when: not blackbox_exporter_installed
 - block:
  - name: get checksums
    set_fact:
      _checksums: "{{ lookup('url', blackbox_exporter_checksum_url, wantlist=True) }}"
  - name: set blackbox_exporter_checksum
    set_fact:
      blackbox_exporter_checksum: "sha256:{{ item.split(' ') | first }}"
    loop: "{{ _checksums }}"
    when: "blackbox_exporter_release_file in item"
--- a/roles/blackbox_exporter/templates/blackbox_exporter.service.j2
+++ b/roles/blackbox_exporter/templates/blackbox_exporter.service.j2
@ -1,11 +0,0 @@
 [Unit]
 Description=Blackbox Exporter
 [Service]
 User=blackbox_exporter
 ExecStart={{ blackbox_exporter_bin_path }}/blackbox_exporter \
  --config.file={{ blackbox_exporter_etc_path }}/config.yaml
 AmbientCapabilities=CAP_NET_RAW
 [Install]
 WantedBy=multi-user.target
--- a/roles/blackbox_exporter/vars/default.yaml
+++ b/roles/blackbox_exporter/vars/default.yaml
--- a/roles/consul/defaults/main.yaml
+++ b/roles/consul/defaults/main.yaml
@ -1,21 +0,0 @@
 ---
 consul_package_name: consul
 consul_package_state: present
 consul_service_name: consul
 consul_service_state: started
 consul_service_enabled: true
 consul_etc_path: /etc/consul.d
 consul_config_path: "{{ consul_etc_path }}/consul.hcl"
 consul_config_template: consul.hcl.j2
 consul_user: consul
 consul_group: consul
 consul_config_owner: "{{ consul_user }}"
 consul_config_group: "{{ consul_group }}"
 consul_config_mode: 0644
 consul_data_dir: /opt/consul
 consul_bind_addr: "{{ ansible_default_ipv4.address }}"
 consul_server: false
 consul_bootstrap_expect: 1
 consul_ui_config_enabled: true
 consul_client_addr: 0.0.0.0
 consul_unbound_enabled: false
--- a/roles/consul/files/unbound-consul.conf
+++ b/roles/consul/files/unbound-consul.conf
@ -1,9 +0,0 @@
 # Ansible managed
 server:
  do-not-query-localhost: no
  domain-insecure: "consul"
 stub-zone:
  name: "consul"
  stub-addr: 127.0.0.1@8600
--- a/roles/consul/handlers/main.yaml
+++ b/roles/consul/handlers/main.yaml
@ -1,12 +0,0 @@
 ---
 - name: reload consul
  service:
    name: "{{ consul_service_name }}"
    state: reloaded
  when: consul_service_enabled
 - name: restart consul
  service:
    name: "{{ consul_service_name }}"
    state: restarted
  when: consul_service_enabled
--- a/roles/consul/tasks/RedHat.yaml
+++ b/roles/consul/tasks/RedHat.yaml
@ -1,18 +0,0 @@
 ---
 - name: install Hashicorp yum repo
  yum_repository:
    name: hashicorp
    description: Hashicorp Stable - $basearch
    baseurl: https://rpm.releases.hashicorp.com/RHEL/$releasever/$basearch/stable
    enabled: 1
    gpgcheck: 1
    gpgkey: https://rpm.releases.hashicorp.com/gpg
 - name: install Hashicorp (test) yum repo
  yum_repository:
    name: hashicorp-test
    description: Hashicorp Test - $basearch
    baseurl: https://rpm.releases.hashicorp.com/RHEL/$releasever/$basearch/test
    enabled: 0
    gpgcheck: 1
    gpgkey: https://rpm.releases.hashicorp.com/gpg
--- a/roles/consul/tasks/forward-unbound.yaml
+++ b/roles/consul/tasks/forward-unbound.yaml
@ -1,9 +0,0 @@
 ---
 - name: configure unbound forwarder
  copy:
    src: unbound-consul.conf
    dest: "{{ unbound_conf_d_path }}/consul.conf"
    owner: root
    group: root
    mode: "0644"
  notify: reload unbound
--- a/roles/consul/tasks/main.yaml
+++ b/roles/consul/tasks/main.yaml
@ -1,47 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - name: install
  package:
    name: "{{ consul_package_name | default('consul') }}"
    state: "{{ consul_package_state | default('present') }}"
 - name: configure
  template:
    src: "{{ consul_config_template }}"
    dest: "{{ consul_config_path }}"
    owner: "{{ consul_config_owner }}"
    group: "{{ consul_config_group }}"
    mode: "{{ consul_config_mode }}"
  notify: restart consul
 - name: service
  service:
    name: "{{ consul_service_name | default('consul') }}"
    state: "{{ consul_service_state | default('started') }}"
    enabled: "{{ consul_service_enabled | default(true) }}"
 - include: forward-unbound.yaml
  when: consul_unbound_enabled
--- a/roles/consul/templates/consul.hcl.j2
+++ b/roles/consul/templates/consul.hcl.j2
@ -1,41 +0,0 @@
 // {{ ansible_managed }}
 data_dir = "{{ consul_data_dir }}"
 {% if consul_server is defined %}
 server = {{ (consul_server | lower) | default(false) }}
 {% endif %}
 {% if consul_bind_addr is defined %}
 bind_addr = "{{ (consul_bind_addr | lower) | default("0.0.0.0") }}"
 {% endif %}
 {% if consul_server is true and consul_bootstrap_expect is defined %}
 bootstrap_expect = {{ consul_bootstrap_expect }}
 {% endif %}
 {% if consul_retry_join is defined %}
 retry_join = [
 {%- set comma = joiner(",") -%}
 {%- for x in consul_retry_join | default([]) -%}
 {{ comma() }}"{{ x }}"
 {%- endfor -%} ]
 {% endif %}
 {% if consul_server_addresses is defined %}
 server_addresses = [
 {%- set comma = joiner(",") -%}
 {%- for x in consul_server_addresses | default([]) -%}
 {{ comma() }}"{{ x }}"
 {%- endfor -%} ]
 {% endif %}
 ui_config {
 {% if consul_ui_config_enabled is defined %}
    enabled = {{ (consul_ui_config_enabled | lower) | default(false) }}
 {% endif %}
 }
 {% if consul_client_addr is defined %}
 client_addr = "{{ (consul_client_addr | lower) | default("0.0.0.0") }}"
 {% endif %}
--- a/roles/consul/vars/default.yaml
+++ b/roles/consul/vars/default.yaml
--- a/roles/crio/defaults/main.yaml
+++ b/roles/crio/defaults/main.yaml
@ -1,2 +0,0 @@
 ---
 crio_version: 1.23
--- a/roles/crio/tasks/default.yaml
+++ b/roles/crio/tasks/default.yaml
--- a/roles/crio/tasks/main.yaml
+++ b/roles/crio/tasks/main.yaml
@ -1,53 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - name: yum repo (devel:kubic:libcontainers:stable)
  yum_repository:
    name: devel:kubic:libcontainers:stable
    description: "Stable Releases of Upstream github.com/containers packages ({{ crio_os }}) type=rpm-md"
    baseurl: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/{{ crio_os }}/"
    gpgcheck: yes
    gpgkey: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/{{ crio_os }}/repodata/repomd.xml.key"
    enabled: yes
 - name: "yum repo (devel:kubic:libcontainers:stable:cri-o:{{ crio_version }})"
  yum_repository:
    name: "devel_kubic_libcontainers_stable_cri-o_{{ crio_version }}"
    description: "devel:kubic:libcontainers:stable:cri-o:{{ crio_version }} ({{ crio_os }})"
    baseurl: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/{{ crio_os }}/"
    gpgcheck: yes
    gpgkey: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/{{ crio_version }}/{{ crio_os }}/repodata/repomd.xml.key"
    enabled: yes
 - name: install
  package:
    name: "{{ crio_package_name | default('cri-o') }}"
    state: "{{ crio_package_state | default('present') }}"
 - name: manage service
  service:
    name: "{{ crio_service_name | default('crio') }}"
    state: "{{ crio_service_state | default('started') }}"
    enabled: "{{ crio_service_enabled | default(true) }}"
--- a/roles/crio/vars/Rocky.yaml
+++ b/roles/crio/vars/Rocky.yaml
@ -1 +0,0 @@
 crio_os: "CentOS_{{ ansible_distribution_major_version }}"
--- a/roles/dl/defaults/main.yaml
+++ b/roles/dl/defaults/main.yaml
@ -1,8 +0,0 @@
 ---
 dl_server_name: dl.kill0.net
 dl_server_root: /var/www/dl
 dl_access_log: /var/log/nginx/dl.access.log
 dl_error_log: /var/log/nginx/dl.error.log
 dl_ssl_enabled: false
 dl_ssl_certificate: "/etc/letsencrypt/live/{{ dl_server_name }}/fullchain.pem"
 dl_ssl_certificate_key: "/etc/letsencrypt/live/{{ dl_server_name }}/privkey.pem"
--- a/roles/dl/handlers/main.yaml
+++ b/roles/dl/handlers/main.yaml
@ -1,5 +0,0 @@
 ---
 - name: reload nginx
  service:
    name: nginx
    state: reloaded
--- a/roles/dl/tasks/main.yaml
+++ b/roles/dl/tasks/main.yaml
@ -1,31 +0,0 @@
 ---
 - name: check if SSL key exists
  stat:
    path: "{{ dl_ssl_certificate_key }}"
  register: key_st
 - name: check if SSL certificate exists
  stat:
    path: "{{ dl_ssl_certificate }}"
  register: crt_st
 - name: ssl enabled
  set_fact:
    dl_ssl_enabled: true
  when:
    - key_st.stat.exists
    - crt_st.stat.exists
 - name: configure nginx
  template:
    src: nginx.conf.j2
    dest: "/etc/nginx/conf.d/dl.conf"
    owner: root
    group: root
    mode: 0644
  notify: reload nginx
 - name: create web root
  file:
    path: "{{ dl_server_root }}"
    state: directory
--- a/roles/dl/templates/nginx.conf.j2
+++ b/roles/dl/templates/nginx.conf.j2
@ -1,63 +0,0 @@
 # {{ ansible_managed }}
 server {
    listen 80;
 {% if ansible_all_ipv6_addresses | length %}
    listen [::]:80;
 {% endif %}
    server_name {{ dl_server_name }};
    access_log {{ dl_access_log }} main;
    error_log {{ dl_error_log }} warn;
    location /.well-known/acme-challenge/ {
        root /var/www/html;
        try_files $uri =404;
    }
 {% if dl_ssl_enabled is defined and
      dl_ssl_enabled %}
    location / {
        return 301 https://$server_name$request_uri;
    }
 {% endif %}
 }
 {% if dl_ssl_enabled is defined and
      dl_ssl_enabled %}
 server {
    listen 443 ssl http2;
 {% if ansible_all_ipv6_addresses | length %}
    listen [::]:443 ssl http2;
 {% endif %}
    server_name {{ dl_server_name }};
    access_log {{ dl_access_log }} main;
    error_log {{ dl_error_log }} warn;
    root {{ dl_server_root }};
 {% if dl_ssl_certificate is defined %}
    ssl_certificate {{ dl_ssl_certificate }};
 {% endif %}
 {% if dl_ssl_certificate_key is defined %}
    ssl_certificate_key {{ dl_ssl_certificate_key }};
 {% endif %}
 {% if dl_ssl_dhparam is defined %}
    ssl_dhparam {{ dl_ssl_dhparam }};
 {% endif %}
    location ~ ^\/~(.+?)(\/.*)?$ {
        alias /home/$1/public_html$2;
        index index.html index.htm;
        autoindex on;
        auth_basic "Files";
        auth_basic_user_file /home/$1/.htpasswd;
    }
    location /repo/ {
        root /var/www/html;
        autoindex on;
        try_files $uri $uri/ =404;
    }
 }
 {% endif %}
--- a/roles/docker/defaults/main.yaml
+++ b/roles/docker/defaults/main.yaml
@ -1,11 +0,0 @@
 ---
 docker_package_name:
  - docker-ce
  - docker-ce-cli
  - containerd.io
  - docker-compose-plugin
 docker_package_state: present
 docker_service_name: docker.service
 docker_service_state: started
 docker_service_enabled: true
--- a/roles/docker/tasks/Debian.yaml
+++ b/roles/docker/tasks/Debian.yaml
@ -1,13 +0,0 @@
 ---
 - name: install apt key
  apt_key:
    url: "https://download.docker.com/linux/{{ ansible_lsb.id | lower }}/gpg"
    state: present
 - name: install apt repo
  apt_repository:
    repo: >
      deb [arch=amd64] https://download.docker.com/linux/{{ ansible_lsb.id | lower }}
      {{ ansible_lsb.codename }}
      stable
    filename: docker
--- a/roles/docker/tasks/RedHat.yaml
+++ b/roles/docker/tasks/RedHat.yaml
@ -1,9 +0,0 @@
 ---
 - name: install Docker CE yum repo
  yum_repository:
    name: docker-ce
    description: Docker CE Stable - $basearch
    baseurl: https://download.docker.com/linux/centos/$releasever/$basearch/stable
    enabled: 1
    gpgcheck: 1
    gpgkey: https://download.docker.com/linux/centos/gpg
--- a/roles/docker/tasks/configure.yaml
+++ b/roles/docker/tasks/configure.yaml
@ -1,6 +0,0 @@
 ---
 - name: manage service
  service:
    name: "{{ docker_service_name }}"
    state: "{{ docker_service_state }}"
    enabled: "{{ docker_service_enabled }}"
--- a/roles/docker/tasks/install.yaml
+++ b/roles/docker/tasks/install.yaml
@ -1,6 +0,0 @@
 ---
 - name: install docker
  package:
    name: "{{ item }}"
    state: "{{ docker_package_state }}"
  loop: "{{ docker_package_name }}"
--- a/roles/docker/tasks/main.yaml
+++ b/roles/docker/tasks/main.yaml
@ -1,28 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - include: install.yaml
 - include: configure.yaml
--- a/roles/docker/vars/RedHat.yaml
+++ b/roles/docker/vars/RedHat.yaml
--- a/roles/docker/vars/default.yaml
+++ b/roles/docker/vars/default.yaml
--- a/roles/karma/defaults/main.yaml
+++ b/roles/karma/defaults/main.yaml
@ -1,45 +0,0 @@
 ---
 karma_go_arch_map:
  i386: '386'
  x86_64: 'amd64'
 karma_go_arch: "{{ karma_go_arch_map[ansible_architecture] | default('amd64') }}"
 karma_service_name: karma.service
 karma_service_enabled: true
 karma_service_state: started
 karma_version_regex: ^(.+)
 karma_github_project_url: https://github.com/prymitive/karma
 karma_release_file: "karma-{{ ansible_system | lower }}-{{ karma_go_arch }}.tar.gz"
 karma_release_url: "{{ karma_github_project_url }}/releases/download/v{{ karma_version }}/{{ karma_release_file }}"
 karma_checksum_url: "{{ karma_github_project_url }}/releases/download/v{{ karma_version }}/sha512sum.txt"
 karma_download_path: "/tmp/{{ karma_release_file }}"
 karma_unarchive_dest_path: /tmp
 karma_extracted_path: "{{ karma_download_path | replace('.tar.gz', '') }}"
 karma_user: karma
 karma_user_state: present
 karma_user_shell: /usr/sbin/nologin
 karma_group: karma
 karma_group_state: "{{ karma_user_state | default('present') }}"
 karma_etc_path: /etc/karma
 karma_etc_owner: root
 karma_etc_group: root
 karma_etc_mode: "0755"
 karma_config_path: "{{ karma_etc_path }}/karma.yml"
 karma_var_path: /var/lib/karma
 karma_var_owner: "{{ karma_user }}"
 karma_var_group: "{{ karma_group }}"
 karma_var_mode: "0755"
 karma_bin_path: /usr/local/bin
 karma_port: 8080
 karma_config: {}
--- a/roles/karma/handlers/main.yaml
+++ b/roles/karma/handlers/main.yaml
@ -1,6 +0,0 @@
 ---
 - name: restart karma
  systemd:
    name: karma.service
    daemon_reload: true
    state: restarted
--- a/roles/karma/tasks/configure.yaml
+++ b/roles/karma/tasks/configure.yaml
@ -1,56 +0,0 @@
 ---
 - name: create group
  group:
    name: "{{ karma_group }}"
    system: true
    state: "{{ karma_group_state | default('present') }}"
 - name: create user
  user:
    name: "{{ karma_user }}"
    system: true
    shell: "{{ karma_user_shell }}"
    group: "{{ karma_group }}"
    createhome: false
    home: "{{ karma_var_path }}"
    state: "{{ karma_user_state | default('present') }}"
 - name: create etc path
  file:
    path: "{{ karma_etc_path }}"
    state: directory
    owner: "{{ karma_etc_owner }}"
    group: "{{ karma_etc_group }}"
    mode: "{{ karma_etc_mode }}"
 - name: create var path
  file:
    path: "{{ karma_var_path }}"
    state: directory
    owner: "{{ karma_var_owner }}"
    group: "{{ karma_var_group }}"
    mode: "{{ karma_var_mode }}"
 - name: configure
  copy:
    dest: "{{ karma_config_path }}"
    content: "{{ (karma_config | default({})) | to_nice_yaml }}"
    owner: root
    group: root
    mode: 0444
  notify: restart karma
 - name: configure systemd template
  template:
    src: karma.service.j2
    dest: /etc/systemd/system/karma.service
    owner: root
    group: root
    mode: 0444
  notify: restart karma
 - name: manage service
  service:
    name: "{{ karma_service_name }}"
    enabled: "{{ karma_service_enabled }}"
    state: "{{ karma_service_state }}"
--- a/roles/karma/tasks/default.yaml
+++ b/roles/karma/tasks/default.yaml
--- a/roles/karma/tasks/install.yaml
+++ b/roles/karma/tasks/install.yaml
@ -1,29 +0,0 @@
 ---
 - block:
  - name: download tar
    get_url:
      url: "{{ karma_release_url }}"
      dest: "{{ karma_download_path }}"
      checksum: "{{ karma_checksum }}"
    register: dl
    until: dl is success
    retries: 5
    delay: 10
  - name: extract tar
    unarchive:
      src: "{{ karma_download_path }}"
      dest: "{{ karma_unarchive_dest_path }}"
      creates: "{{ karma_extracted_path }}"
      remote_src: true
  - name: install binaries
    copy:
      src: "{{ karma_extracted_path }}"
      dest: "{{ karma_bin_path }}/karma"
      owner: root
      group: root
      mode: 0755
      remote_src: true
    notify: restart karma
  when: karma_version != karma_local_version
--- a/roles/karma/tasks/main.yaml
+++ b/roles/karma/tasks/main.yaml
@ -1,30 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - include: pre.yaml
 - include: install.yaml
 - include: configure.yaml
--- a/roles/karma/tasks/pre.yaml
+++ b/roles/karma/tasks/pre.yaml
@ -1,50 +0,0 @@
 ---
 - name: determine if installed
  stat:
    path: "{{ karma_bin_path }}/karma"
  register: st
 - name: set karma_installed
  set_fact:
    karma_installed: "{{ st.stat.exists | bool }}"
 - block:
  - name: determine latest version
    uri:
      url: https://api.github.com/repos/prymitive/karma/releases/latest
      return_content: true
      body_format: json
    register: _latest_version
    until: _latest_version.status == 200
    retries: 3
  - name: set karma_version
    set_fact:
      karma_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
 - block:
  - name: determine installed version
    command: "{{ karma_bin_path }}/karma --version"
    register: _installed_version_string
    changed_when: false
  - name: set karma_local_version
    set_fact:
      karma_local_version: "{{ _installed_version_string.stdout | regex_search(karma_version_regex, '\\1') | first }}"
  when: karma_installed
 - name: set karma_local_version to 0
  set_fact:
    karma_local_version: "0"
  when: not karma_installed
 - block:
  - name: get checksums
    set_fact:
      _checksums: "{{ lookup('url', karma_checksum_url, wantlist=True) }}"
  - name: set karma_checksum
    set_fact:
      karma_checksum: "sha512:{{ item.split(' ') | first }}"
    loop: "{{ _checksums }}"
    when: "karma_release_file in item"
--- a/roles/karma/templates/karma.service.j2
+++ b/roles/karma/templates/karma.service.j2
@ -1,18 +0,0 @@
 {{ ansible_managed | comment }}
 [Unit]
 Description=Karma Alertmanager dashboard
 Wants=network-online.target
 After=network-online.target
 After=alertmanager.service
 [Service]
 Type=simple
 User={{ karma_user }}
 Group={{ karma_group }}
 WorkingDirectory={{ karma_etc_path }}
 ExecStart={{ karma_bin_path }}/karma \
    --config.file={{ karma_config_path }}
 [Install]
 WantedBy=multi-user.target
--- a/roles/karma/vars/default.yaml
+++ b/roles/karma/vars/default.yaml
--- a/roles/keepalived/defaults/main.yaml
+++ b/roles/keepalived/defaults/main.yaml
@ -1,14 +0,0 @@
 ---
 keepalived_package_name: keepalived
 keepalived_package_state: present
 keepalived_service_name: keepalived
 keepalived_service_state: started
 keepalived_service_enabled: true
 keepalived_etc_path: /etc/keepalived
 keepalived_config_path: "{{ keepalived_etc_path }}/keepalived.conf"
 keepalived_config_owner: root
 keepalived_config_group: root
 keepalived_config_mode: "0600"
--- a/roles/keepalived/handlers/main.yaml
+++ b/roles/keepalived/handlers/main.yaml
@ -1,12 +0,0 @@
 ---
 - name: reload keepalived
  service:
    name: "{{ keepalived_service_name }}"
    state: reloaded
  when: keepalived_service_enabled
 - name: restart keepalived
  service:
    name: "{{ keepalived_service_name }}"
    state: restarted
  when: keepalived_service_enabled
--- a/roles/keepalived/tasks/main.yaml
+++ b/roles/keepalived/tasks/main.yaml
@ -1,20 +0,0 @@
 ---
 - name: install
  package:
    name: "{{ keepalived_package_name }}"
    state: "{{ keepalived_package_state }}"
 - name: configure
  template:
    src: keepalived.conf.j2
    dest: "{{ keepalived_config_path }}"
    owner: "{{ keepalived_config_owner }}"
    group: "{{ keepalived_config_group }}"
    mode: "{{ keepalived_config_mode }}"
  notify: reload keepalived
 - name: service
  service:
    name: "{{ keepalived_service_name }}"
    state: "{{ keepalived_service_state }}"
    enabled: "{{ keepalived_service_enabled }}"
--- a/roles/keepalived/templates/keepalived.conf.j2
+++ b/roles/keepalived/templates/keepalived.conf.j2
@ -1,78 +0,0 @@
 {{ ansible_managed | comment }}
 {% if keepalived_global_defs is defined %}
 global_defs {
 {% for k in keepalived_global_defs %}
 {{ k }} {{ v }}
 {% endfor %}
 }
 {% endif %}
 {% if keepalived_vrrp_scripts is defined %}
 {% for name, conf in keepalived_vrrp_scripts.items() %}
 vrrp_script {{ name }} {
 {% if conf.script is defined %}
    script "{{ conf.script }}"
 {% endif %}
 {% if conf.interval is defined %}
    interval {{ conf.interval | default(1) }}
 {% endif %}
 {% if conf.weight is defined %}
    weight {{ conf.weight }}
 {% endif %}
 }
 {% endfor %}
 {% endif %}
 {% if keepalived_vrrp_instances is defined %}
 {% for name, conf in keepalived_vrrp_instances.items() %}
 vrrp_instance {{ name }} {
 {% if conf.state is defined %}
    state {{ conf.state | default("MASTER") }}
 {% endif %}
 {% if conf.interface is defined %}
    interface {{ conf.interface | default("eth0") }}
 {% endif %}
 {% if conf.virtual_router_id is defined %}
    virtual_router_id {{ conf.virtual_router_id }}
 {% endif %}
 {% if conf.priority is defined %}
    priority {{ conf.priority }}
 {% endif %}
 {% if conf.advert_int is defined %}
    advert_int {{ conf.advert_int }}
 {% endif %}
 {% if conf.authentication is defined %}
    authentication {
 {% if conf.authentication.auth_type is defined %}
        auth_type {{ conf.authentication.auth_type }}
 {% endif %}
 {% if conf.authentication.auth_pass is defined %}
        auth_pass {{ conf.authentication.auth_pass }}
 {% endif %}
    }
 {% if conf.unicast_peer is defined %}
    unicast_peer {
 {% for x in conf.unicast_peer %}
        {{ x }}
 {% endfor %}
    }
 {% endif %}
 {% if conf.virtual_ipaddress is defined %}
    virtual_ipaddress {
 {% for x in conf.virtual_ipaddress %}
        {{ x }}
 {% endfor %}
    }
 {% endif %}
 {% if conf.track_script is defined %}
    track_script {
 {% for x in conf.track_script %}
        {{ x }}
 {% endfor %}
    }
 {% endif %}
 {% endif %}
 }
 {% endfor %}
 {% endif %}
--- a/roles/kthxbye/defaults/main.yaml
+++ b/roles/kthxbye/defaults/main.yaml
@ -1,47 +0,0 @@
 ---
 kthxbye_go_arch_map:
  i386: '386'
  x86_64: 'amd64'
 kthxbye_go_arch: "{{ kthxbye_go_arch_map[ansible_architecture] | default('amd64') }}"
 kthxbye_sidecar_service_name: kthxbye-sidecar.service
 kthxbye_sidecar_service_enabled: true
 kthxbye_sidecar_service_state: started
 kthxbye_service_name: kthxbye.service
 kthxbye_service_enabled: true
 kthxbye_service_state: started
 kthxbye_version_regex: (.+)
 kthxbye_checksum_algo: sha512
 kthxbye_github_rel_path: prymitive/kthxbye
 kthxbye_github_project_url: "https://github.com/{{ kthxbye_github_rel_path }}"
 kthxbye_release_file: "kthxbye-{{ ansible_system | lower }}-{{ kthxbye_go_arch }}.tar.gz"
 kthxbye_release_url: "{{ kthxbye_github_project_url }}/releases/download/v{{ kthxbye_version }}/{{ kthxbye_release_file }}"
 kthxbye_checksum_url: "{{ kthxbye_github_project_url }}/releases/download/v{{ kthxbye_version }}/{{ kthxbye_checksum_algo }}sum.txt"
 kthxbye_download_path: "/tmp/{{ kthxbye_release_file }}"
 kthxbye_unarchive_dest_path: /tmp
 kthxbye_extracted_path: "{{ kthxbye_download_path | replace('.tar.gz', '') }}"
 kthxbye_binaries:
 - kthxbye
 kthxbye_user: kthxbye
 kthxbye_user_state: present
 kthxbye_user_shell: /usr/sbin/nologin
 kthxbye_group: kthxbye
 kthxbye_group_state: "{{ kthxbye_user_state | default('present') }}"
 kthxbye_etc_path: /etc/kthxbye
 kthxbye_etc_owner: root
 kthxbye_etc_group: root
 kthxbye_etc_mode: "0755"
 kthxbye_var_path: /var/lib/kthxbye
 kthxbye_var_owner: "{{ kthxbye_user }}"
 kthxbye_var_group: "{{ kthxbye_group }}"
 kthxbye_var_mode: "0755"
 kthxbye_bin_path: /usr/local/bin
--- a/roles/kthxbye/handlers/main.yaml
+++ b/roles/kthxbye/handlers/main.yaml
@ -1,6 +0,0 @@
 ---
 - name: restart kthxbye
  systemd:
    name: kthxbye.service
    daemon_reload: true
    state: restarted
--- a/roles/kthxbye/tasks/configure.yaml
+++ b/roles/kthxbye/tasks/configure.yaml
@ -1,47 +0,0 @@
 ---
 - name: create group
  group:
    name: "{{ kthxbye_group }}"
    system: true
    state: "{{ kthxbye_group_state | default('present') }}"
 - name: create user
  user:
    name: "{{ kthxbye_user }}"
    system: true
    shell: "{{ kthxbye_user_shell }}"
    group: "{{ kthxbye_group }}"
    createhome: false
    home: "{{ kthxbye_var_path }}"
    state: "{{ kthxbye_user_state | default('present') }}"
 - name: create etc path
  file:
    path: "{{ kthxbye_etc_path }}"
    state: directory
    owner: "{{ kthxbye_etc_owner }}"
    group: "{{ kthxbye_etc_group }}"
    mode: "{{ kthxbye_etc_mode }}"
 - name: create var path
  file:
    path: "{{ kthxbye_var_path }}"
    state: directory
    owner: "{{ kthxbye_var_owner }}"
    group: "{{ kthxbye_var_group }}"
    mode: "{{ kthxbye_var_mode }}"
 - name: configure systemd template
  template:
    src: kthxbye.service.j2
    dest: /etc/systemd/system/kthxbye.service
    owner: root
    group: root
    mode: 0444
  notify: restart kthxbye
 - name: manage service
  service:
    name: "{{ kthxbye_service_name }}"
    enabled: "{{ kthxbye_service_enabled }}"
    state: "{{ kthxbye_service_state }}"
--- a/roles/kthxbye/tasks/default.yaml
+++ b/roles/kthxbye/tasks/default.yaml
--- a/roles/kthxbye/tasks/install.yaml
+++ b/roles/kthxbye/tasks/install.yaml
@ -1,30 +0,0 @@
 ---
 - block:
  - name: download tar
    get_url:
      url: "{{ kthxbye_release_url }}"
      dest: "{{ kthxbye_download_path }}"
      checksum: "{{ kthxbye_checksum }}"
    register: dl
    until: dl is success
    retries: 5
    delay: 10
  - name: extract tar
    unarchive:
      src: "{{ kthxbye_download_path }}"
      dest: "{{ kthxbye_unarchive_dest_path }}"
      creates: "{{ kthxbye_extracted_path }}"
      remote_src: true
  - name: install binaries
    copy:
      src: "{{ kthxbye_extracted_path }}"
      dest: "{{ kthxbye_bin_path }}/{{ item }}"
      owner: root
      group: root
      mode: 0755
      remote_src: true
    loop: "{{ kthxbye_binaries }}"
    notify: restart kthxbye
  when: kthxbye_version != kthxbye_local_version
--- a/roles/kthxbye/tasks/main.yaml
+++ b/roles/kthxbye/tasks/main.yaml
@ -1,30 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - include: pre.yaml
 - include: install.yaml
 - include: configure.yaml
--- a/roles/kthxbye/tasks/pre.yaml
+++ b/roles/kthxbye/tasks/pre.yaml
@ -1,54 +0,0 @@
 ---
 - name: determine if installed
  stat:
    path: "{{ kthxbye_bin_path }}/kthxbye"
  register: st
 - name: set kthxbye_installed
  set_fact:
    kthxbye_installed: "{{ st.stat.exists | bool }}"
 - block:
  - name: determine latest version
    uri:
      url: "https://api.github.com/repos/{{ kthxbye_github_rel_path }}/releases/latest"
      return_content: true
      body_format: json
    register: _latest_version
    until: _latest_version.status == 200
    retries: 3
  - name: set kthxbye_version
    set_fact:
      kthxbye_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
 - block:
  - name: determine installed version
    command: "{{ kthxbye_bin_path }}/kthxbye --version"
    register: _installed_version_string
    changed_when: false
  - name: set kthxbye_local_version
    set_fact:
      kthxbye_local_version: "{{ _installed_version_string.stdout | regex_search(kthxbye_version_regex, '\\1') | first }}"
  rescue:
  - name: set kthxbye_local_version
    set_fact:
      kthxbye_local_version: "{{ _installed_version_string.stderr | regex_search(kthxbye_version_regex, '\\1') | first }}"
  when: kthxbye_installed
 - name: set kthxbye_local_version to 0
  set_fact:
    kthxbye_local_version: "0"
  when: not kthxbye_installed
 - block:
  - name: get checksums
    set_fact:
      _checksums: "{{ lookup('url', kthxbye_checksum_url, wantlist=True) }}"
  - name: set kthxbye_checksum
    set_fact:
      kthxbye_checksum: "sha512:{{ item.split(' ') | first }}"
    loop: "{{ _checksums }}"
    when: "kthxbye_release_file in item"
--- a/roles/kthxbye/templates/kthxbye.service.j2
+++ b/roles/kthxbye/templates/kthxbye.service.j2
@ -1,20 +0,0 @@
 {{ ansible_managed | comment }}
 [Unit]
 Description=Kthxbye
 Wants=network-online.target
 After=network-online.target
 After=alertmanager.service
 [Service]
 Type=simple
 User={{ kthxbye_user }}
 Group={{ kthxbye_group }}
 WorkingDirectory={{ kthxbye_etc_path }}
 ExecStart={{ kthxbye_bin_path }}/kthxbye \
 {% if kthxbye_listen %}
  -listen={{ kthxbye_listen }}
 {% endif %}
 [Install]
 WantedBy=multi-user.target
--- a/roles/kthxbye/vars/default.yaml
+++ b/roles/kthxbye/vars/default.yaml
--- a/roles/loki/defaults/main.yaml
+++ b/roles/loki/defaults/main.yaml
@ -1,74 +0,0 @@
 ---
 loki_go_arch_map:
  i386: '386'
  x86_64: 'amd64'
 loki_go_arch: "{{ loki_go_arch_map[ansible_architecture] | default('amd64') }}"
 loki_service_name: loki.service
 loki_service_enabled: true
 loki_service_state: started
 loki_version_regex: ^loki, version ([\d.]+)
 loki_github_project_url: https://github.com/grafana/loki
 loki_release_file: "loki-{{ ansible_system | lower }}-{{ loki_go_arch }}.zip"
 loki_release_url: "{{ loki_github_project_url }}/releases/download/v{{ loki_version }}/{{ loki_release_file }}"
 loki_checksum_url: "{{ loki_github_project_url }}/releases/download/v{{ loki_version }}/SHA256SUMS"
 loki_download_path: "/tmp/{{ loki_release_file }}"
 loki_unarchive_dest_path: /tmp
 loki_extracted_path: "{{ loki_download_path | replace('.zip', '') }}"
 loki_user: loki
 loki_user_state: present
 loki_user_shell: /usr/sbin/nologin
 loki_group: loki
 loki_group_state: "{{ loki_user_state | default('present') }}"
 loki_config_path: /etc/loki.yaml
 loki_var_path: /var/lib/loki
 loki_var_owner: "{{ loki_user }}"
 loki_var_group: "{{ loki_group }}"
 loki_var_mode: "0755"
 loki_bin_path: /usr/local/bin
 loki_auth_enabled: false
 loki_server:
  http_listen_port: 3100
 loki_ingester:
  lifecycler:
    address: 127.0.0.1
    ring:
      kvstore:
        store: inmemory
      replication_factor: 1
    final_sleep: 0s
  chunk_idle_period: 5m
  chunk_retain_period: 30s
 loki_schema_config:
  configs:
  - from: 2020-05-15
    store: boltdb
    object_store: filesystem
    schema: v11
    index:
      prefix: index_
      period: 168h
 loki_storage_config:
  boltdb:
    directory: "{{ loki_var_path }}/index"
  filesystem:
    directory: "{{ loki_var_path }}/chunks"
 loki_limits_config:
  enforce_metric_name: false
  reject_old_samples: true
  reject_old_samples_max_age: 168h
  ingestion_burst_size_mb: 16
--- a/roles/loki/handlers/main.yaml
+++ b/roles/loki/handlers/main.yaml
@ -1,6 +0,0 @@
 ---
 - name: restart loki
  systemd:
    name: loki.service
    daemon_reload: true
    state: restarted
--- a/roles/loki/tasks/configure.yaml
+++ b/roles/loki/tasks/configure.yaml
@ -1,48 +0,0 @@
 ---
 - name: create group
  group:
    name: "{{ loki_group }}"
    system: true
    state: "{{ loki_group_state | default('present') }}"
 - name: create user
  user:
    name: "{{ loki_user }}"
    system: true
    shell: "{{ loki_user_shell }}"
    group: "{{ loki_group }}"
    createhome: false
    home: "{{ loki_var_path }}"
    state: "{{ loki_user_state | default('present') }}"
 - name: configure
  template:
    src: loki.yaml.j2
    dest: "{{ loki_config_path }}"
    owner: root
    group: root
    mode: 0444
  notify: restart loki
 - name: create var path
  file:
    path: "{{ loki_var_path }}"
    state: directory
    owner: "{{ loki_var_owner }}"
    group: "{{ loki_var_group }}"
    mode: "{{ loki_var_mode }}"
 - name: configure systemd template
  template:
    src: "{{ loki_service_name }}.j2"
    dest: "/etc/systemd/system/{{ loki_service_name }}"
    owner: root
    group: root
    mode: 0444
  notify: restart loki
 - name: manage service
  service:
    name: "{{ loki_service_name }}"
    enabled: "{{ loki_service_enabled }}"
    state: "{{ loki_service_state }}"
--- a/roles/loki/tasks/default.yaml
+++ b/roles/loki/tasks/default.yaml
--- a/roles/loki/tasks/install.yaml
+++ b/roles/loki/tasks/install.yaml
@ -1,29 +0,0 @@
 ---
 - block:
  - name: download archive
    get_url:
      url: "{{ loki_release_url }}"
      dest: "{{ loki_download_path }}"
      checksum: "{{ loki_checksum }}"
    register: dl
    until: dl is success
    retries: 5
    delay: 10
  - name: extract archive
    unarchive:
      src: "{{ loki_download_path }}"
      dest: "{{ loki_unarchive_dest_path }}"
      creates: "{{ loki_extracted_path }}/loki"
      remote_src: true
  - name: install binaries
    copy:
      src: "{{ loki_extracted_path }}"
      dest: "{{ loki_bin_path }}/loki"
      owner: root
      group: root
      mode: 0755
      remote_src: true
    notify: restart loki
  when: loki_version != loki_local_version
--- a/roles/loki/tasks/main.yaml
+++ b/roles/loki/tasks/main.yaml
@ -1,30 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - include: pre.yaml
 - include: install.yaml
 - include: configure.yaml
--- a/roles/loki/tasks/pre.yaml
+++ b/roles/loki/tasks/pre.yaml
@ -1,50 +0,0 @@
 ---
 - name: determine if installed
  stat:
    path: "{{ loki_bin_path }}/loki"
  register: st
 - name: set loki_installed
  set_fact:
    loki_installed: "{{ st.stat.exists | bool }}"
 - block:
  - name: determine latest version
    uri:
      url: https://api.github.com/repos/grafana/loki/releases/latest
      return_content: true
      body_format: json
    register: _latest_version
    until: _latest_version.status == 200
    retries: 3
  - name: set loki_version
    set_fact:
      loki_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
 - block:
  - name: determine installed version
    command: "{{ loki_bin_path }}/loki --version"
    register: _installed_version_string
    changed_when: false
  - name: set loki_local_version
    set_fact:
      loki_local_version: "{{ _installed_version_string.stdout | regex_search(loki_version_regex, '\\1') | first }}"
  when: loki_installed
 - name: set loki_local_version to 0
  set_fact:
    loki_local_version: "0"
  when: not loki_installed
 - block:
  - name: get checksums
    set_fact:
      _checksums: "{{ lookup('url', loki_checksum_url, wantlist=True) }}"
  - name: set loki_checksum
    set_fact:
      loki_checksum: "sha256:{{ item.split(' ') | first }}"
    loop: "{{ _checksums }}"
    when: "loki_release_file in item"
--- a/roles/loki/templates/loki.service.j2
+++ b/roles/loki/templates/loki.service.j2
@ -1,19 +0,0 @@
 {{ ansible_managed | comment }}
 [Unit]
 Description=Loki
 After=network-online.target
 [Service]
 Type=simple
 User={{ loki_user }}
 Group={{ loki_group }}
 ExecStart={{ loki_bin_path }}/loki \
  -config.file {{ loki_config_path }}
 WorkingDirectory={{ loki_var_path }}
 Restart=always
 RestartSec=1
 [Install]
 WantedBy=multi-user.target
--- a/roles/loki/templates/loki.yaml.j2
+++ b/roles/loki/templates/loki.yaml.j2
@ -1,30 +0,0 @@
 {{ ansible_managed | comment }}
 ---
 {% if loki_auth_enabled is defined %}
 auth_enabled: {{ loki_auth_enabled | bool | lower }}
 {% endif %}
 {% if loki_server is defined %}
 server:
  {{ loki_server | to_nice_yaml(indent=2) | indent(2, False) }}
 {% endif -%}
 {% if loki_ingester is defined %}
 ingester:
  {{ loki_ingester | to_nice_yaml(indent=2) | indent(2, False) }}
 {% endif -%}
 {% if loki_schema_config is defined %}
 schema_config:
  {{ loki_schema_config | to_nice_yaml(indent=2) | indent(2, False) }}
 {% endif -%}
 {% if loki_storage_config is defined %}
 storage_config:
  {{ loki_storage_config | to_nice_yaml(indent=2) | indent(2, False) }}
 {% endif -%}
 {% if loki_limits_config is defined %}
 limits_config:
  {{ loki_limits_config | to_nice_yaml(indent=2) | indent(2, False) }}
 {% endif -%}
--- a/roles/loki/vars/default.yaml
+++ b/roles/loki/vars/default.yaml
--- a/roles/mtail/defaults/main.yaml
+++ b/roles/mtail/defaults/main.yaml
@ -1,50 +0,0 @@
 ---
 mtail_go_arch_map:
  i386: '386'
  x86_64: 'amd64'
 mtail_go_arch: "{{ mtail_go_arch_map[ansible_architecture] | default('amd64') }}"
 mtail_service_name: mtail.service
 mtail_service_state: started
 mtail_service_enabled: yes
 mtail_version_regex: ^mtail version (\S+)
 mtail_github_project_url: https://github.com/google/mtail
 mtail_release_file: "mtail_{{ mtail_version }}_{{ ansible_system | capitalize }}_{{ ansible_architecture }}.tar.gz"
 mtail_release_url: "{{ mtail_github_project_url }}/releases/download/v{{ mtail_version }}/{{ mtail_release_file }}"
 mtail_download_path: "/tmp/{{ mtail_release_file }}"
 mtail_checksum_url: "{{ mtail_github_project_url }}/releases/download/v{{ mtail_version }}/checksums.txt"
 mtail_extracted_path: "/tmp"
 mtail_unarchive_dest_path: "/tmp"
 mtail_user: mtail
 mtail_user_state: present
 mtail_user_shell: /usr/sbin/nologin
 mtail_append_groups:
  - adm
 mtail_group: mtail
 mtail_group_state: "{{ mtail_user_state | default('present') }}"
 mtail_etc_path: /etc/mtail
 mtail_etc_owner: root
 mtail_etc_group: root
 mtail_etc_mode: "0755"
 mtail_var_path: /var/lib/mtail
 mtail_var_owner: "{{ mtail_user }}"
 mtail_var_group: "{{ mtail_group }}"
 mtail_var_mode: "0755"
 mtail_var_log_path: /var/log/mtail
 mtail_var_log_owner: "{{ mtail_user }}"
 mtail_var_log_group: "{{ mtail_group }}"
 mtail_var_log_mode: "0755"
 mtail_bin_path: /usr/local/bin
 mtail_arg_logs:
  - "/var/log/syslog/{{ inventory_hostname_short }}/*/*/*.log"   
  - /var/log/nginx/*.access.log
--- a/roles/mtail/files/rules/nginx.mtail
+++ b/roles/mtail/files/rules/nginx.mtail
@ -1,29 +0,0 @@
 getfilename() !~ /nginx\/.*\.log$/ {
    stop
 }
 counter nginx_http_requests_total by vhost, method, code
 counter nginx_http_response_size_bytes_total by vhost, method, code
 histogram nginx_http_response_time_seconds buckets 0.0, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1.0, 2.5, 5.0, 10.0, 25.0, 50.0 by vhost, method, code
 /^/ +
 /(?P<vhost>[0-9A-Za-z\.\-:]+) / +
 /(?P<remote_addr>\S+) / +
 /- / + 
 /(?P<remote_user>\S+) / +
 /\[(?P<time_local>\d{2}\/\w{3}\/\d{4}:\d{2}:\d{2}:\d{2} (\+|-)\d{4})\] / +
 /"(?P<request_method>[A-Z]+) (?P<request_uri>\S+) (?P<http_version>HTTP\/[0-9\.]+)" / +
 /(?P<status>\d{3}) / +
 /(?P<bytes_sent>\d+) / +
 /(?P<request_time>\d+\.\d+) / +
 /"(?P<http_referer>\S+)" / +
 /"(?P<http_user_agent>[[:print:]]+)" / +
 /"(?P<http_x_forwarded_for>\S+)"/ +
 /$/ {
    nginx_http_requests_total[$vhost][$request_method][$status]++
    nginx_http_response_size_bytes_total[$vhost][$request_method][$status] += $bytes_sent
    nginx_http_response_time_seconds[$vhost][$request_method][$status] = $request_time
 }
--- a/roles/mtail/files/rules/syslog.mtail
+++ b/roles/mtail/files/rules/syslog.mtail
@ -1,32 +0,0 @@
 getfilename() !~ /^\/var\/log\/syslog\// {
    stop
 }
 def syslog {
    /(?P<date>(?P<legacy_date>\w+\s+\d+\s+\d+:\d+:\d+)|(?P<rfc3339_date>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d+[+-]\d{2}:\d{2}))/ +
        /\s+(?:\w+@)?(?P<hostname>[\w\.-]+)\s+(?P<application>[\w\.-]+)(?:\[(?P<pid>\d+)\])?:\s+(?P<message>.*)/ {
        # If the legacy_date regexp matched, try this format.
        len($legacy_date) > 0 {
            strptime($legacy_date, "Jan _2 15:04:05")
        }
        # If the RFC3339 style matched, parse it this way.
        len($rfc3339_date) > 0 {
            strptime($rfc3339_date, "2006-01-02T15:04:05-07:00")
        }
        # Call into the decorated block
        next
    }
 }
 counter syslog_loglines_total by application
 counter ssh_invalid_user
@syslog {
    syslog_loglines_total[$application]++
    $application == "sshd" {
        $message =~ /^Invalid user/ {
            ssh_invalid_user++
        }
    }
 }
--- a/roles/mtail/handlers/main.yaml
+++ b/roles/mtail/handlers/main.yaml
@ -1,6 +0,0 @@
 ---
 - name: restart mtail
  systemd:
    name: mtail.service
    daemon_reload: true
    state: restarted
--- a/roles/mtail/tasks/configure.yaml
+++ b/roles/mtail/tasks/configure.yaml
@ -1,67 +0,0 @@
 ---
 - name: create group
  group:
    name: "{{ mtail_group }}"
    system: true
    state: "{{ mtail_group_state | default('present') }}"
 - name: create user
  user:
    name: "{{ mtail_user }}"
    system: true
    shell: "{{ mtail_user_shell }}"
    group: "{{ mtail_group }}"
    groups: "{{ [mtail_group] + (mtail_append_groups | default([])) }}"
    append: true
    createhome: false
    home: "{{ mtail_var_path }}"
    state: "{{ mtail_user_state | default('present') }}"
 - name: create etc path
  file:
    path: "{{ mtail_etc_path }}"
    state: directory
    owner: "{{ mtail_etc_owner }}"
    group: "{{ mtail_etc_group }}"
    mode: "{{ mtail_etc_mode }}"
 - name: create var path
  file:
    path: "{{ mtail_var_path }}"
    state: directory
    owner: "{{ mtail_var_owner }}"
    group: "{{ mtail_var_group }}"
    mode: "{{ mtail_var_mode }}"
 - name: create var_log path
  file:
    path: "{{ mtail_var_log_path }}"
    state: directory
    owner: "{{ mtail_var_log_owner }}"
    group: "{{ mtail_var_log_group }}"
    mode: "{{ mtail_var_log_mode }}"
 - name: configure rules
  copy:
    src: "{{ item }}"
    dest: "{{ mtail_etc_path }}/{{ item | basename }}"
    owner: root
    group: root
    mode: "0755"
  loop: "{{ lookup('fileglob', 'rules/*.mtail', wantlist=True) }}"
  notify: restart mtail
 - name: configure systemd template
  template:
    src: mtail.service.j2
    dest: /etc/systemd/system/mtail.service
    owner: root
    group: root
    mode: 0444
  notify: restart mtail
 - name: manage service
  service:
    name: "{{ mtail_service_name }}"
    enabled: "{{ mtail_service_enabled }}"
    state: "{{ mtail_service_state }}"
--- a/roles/mtail/tasks/default.yaml
+++ b/roles/mtail/tasks/default.yaml
--- a/roles/mtail/tasks/install.yaml
+++ b/roles/mtail/tasks/install.yaml
@ -1,52 +0,0 @@
 ---
 #- block:
 #  - name: download tar
 #    get_url:
 #      url: "{{ mtail_release_url }}"
 #      dest: "{{ mtail_download_path }}"
 #    register: dl
 #    until: dl is success
 #    retries: 5
 #    delay: 10
 #
 #  - name: install binaries
 #    copy:
 #      src: "{{ mtail_download_path }}"
 #      dest: "{{ mtail_bin_path }}/mtail"
 #      owner: root
 #      group: root
 #      mode: 0755
 #      remote_src: true
 #    notify: restart mtail
 #  when: mtail_version != mtail_local_version
 #
 - block:
  - name: download tar
    get_url:
      url: "{{ mtail_release_url }}"
      dest: "{{ mtail_download_path }}"
      checksum: "{{ mtail_checksum }}"
    register: dl
    until: dl is success
    retries: 5
    delay: 10
  - name: extract tar
    unarchive:
      src: "{{ mtail_download_path }}"
      dest: "{{ mtail_unarchive_dest_path }}"
      creates: "{{ mtail_extracted_path }}/mtail"
      remote_src: true
  - name: install binaries
    copy:
      src: "{{ mtail_extracted_path }}/{{ item }}"
      dest: "{{ mtail_bin_path }}/{{ item }}"
      owner: root
      group: root
      mode: 0755
      remote_src: true
    loop:
      - mtail
    notify: restart mtail
  when: mtail_version != mtail_local_version
--- a/roles/mtail/tasks/main.yaml
+++ b/roles/mtail/tasks/main.yaml
@ -1,30 +0,0 @@
 ---
 - name: gather os specific variables
  include_vars: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars
 - name: include os specific tasks
  include_tasks: "{{ lookup('first_found', possible_files) }}"
  vars:
    possible_files:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks
 - include: pre.yaml
 - include: install.yaml
 - include: configure.yaml
--- a/roles/mtail/tasks/pre.yaml
+++ b/roles/mtail/tasks/pre.yaml
@ -1,88 +0,0 @@
 ---
 #- name: determine if installed
 #  stat:
 #    path: "{{ mtail_bin_path }}/mtail"
 #  register: st
 #
 #- name: set mtail_installed
 #  set_fact:
 #    mtail_installed: "{{ st.stat.exists | bool }}"
 #
 #- block:
 #  - name: determine latest version
 #    uri:
 #      url: https://api.github.com/repos/google/mtail/releases/latest
 #      return_content: true
 #      body_format: json
 #    register: _latest_version
 #    until: _latest_version.status == 200
 #    retries: 3
 #
 #  - name: set mtail_version
 #    set_fact:
 #      mtail_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
 #
 #- block:
 #  - name: determine installed version
 #    command: "{{ mtail_bin_path }}/mtail --version"
 #    register: _installed_version_string
 #    changed_when: false
 #
 #  - name: set mtail_local_version
 #    set_fact:
 #      mtail_local_version: "{{ _installed_version_string.stdout | regex_search(mtail_version_regex, '\\1') | first }}"
 #  when: mtail_installed
 #
 #- name: set mtail_local_version to 0
 #  set_fact:
 #    mtail_local_version: "0"
 #  when: not mtail_installed
 - name: determine if installed
  stat:
    path: "{{ mtail_bin_path }}/mtail"
  register: st
 - name: set mtail_installed
  set_fact:
    mtail_installed: "{{ st.stat.exists | bool }}"
 - block:
  - name: determine latest version
    uri:
      url: https://api.github.com/repos/google/mtail/releases/latest
      return_content: true
      body_format: json
    register: _latest_version
    until: _latest_version.status == 200
    retries: 3
  - name: set mtail_version
    set_fact:
      mtail_version: "{{ _latest_version.json['tag_name'] | regex_replace('^v', '') }}"
 - block:
  - name: determine installed version
    command: "{{ mtail_bin_path }}/mtail --version"
    register: _installed_version_string
    changed_when: false
  - name: set mtail_local_version
    set_fact:
      mtail_local_version: "{{ _installed_version_string.stdout | regex_search(mtail_version_regex, '\\1') | first }}"
  when: mtail_installed
 - name: set mtail_local_version to 0
  set_fact:
    mtail_local_version: "0"
  when: not mtail_installed
 - block:
  - name: get checksums
    set_fact:
      _checksums: "{{ lookup('url', mtail_checksum_url, wantlist=True) }}"
  - name: set mtail_checksum
    set_fact:
      mtail_checksum: "sha256:{{ item.split(' ') | first }}"
    loop: "{{ _checksums }}"
    when: "mtail_release_file in item"
--- a/roles/mtail/templates/mtail.service.j2
+++ b/roles/mtail/templates/mtail.service.j2
@ -1,16 +0,0 @@
 [Unit]
 Description=mtail
 [Service]
 User={{ mtail_user }}
 ExecStart={{ mtail_bin_path }}/mtail \
  --progs {{ mtail_etc_path }} \
  --log_dir={{ mtail_var_log_path }} \
 {% if mtail_arg_logs %}
 {% for path in  mtail_arg_logs %}
  --logs {{ path }} \
 {% endfor %}
 {% endif %}
 [Install]
 WantedBy=multi-user.target
--- a/roles/mtail/vars/default.yaml
+++ b/roles/mtail/vars/default.yaml
--- a/roles/mysql/README.md
+++ b/roles/mysql/README.md
@ -1,38 +0,0 @@
 Role Name
 =========
 A brief description of the role goes here.
 Requirements
 ------------
 Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
 Role Variables
 --------------
 A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
 Dependencies
 ------------
 A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
 Example Playbook
 ----------------
 Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
    - hosts: servers
      roles:
         - { role: username.rolename, x: 42 }
 License
 -------
 BSD
 Author Information
 ------------------
 An optional section for the role authors to include contact information, or a website (HTML is not allowed).
--- a/roles/mysql/defaults/main.yaml
+++ b/roles/mysql/defaults/main.yaml
@ -1,57 +0,0 @@
 ---
 mysql_package_state: 'present'
 mysql_service_name: 'mysql'
 mysql_service_state: 'started'
 mysql_service_enabled: yes
 mysql_initialize_log_error: /var/tmp/mysqld_initialize.log
 mysql_cfg_path: /etc/my.cnf
 mysql_datadir_owner: mysql
 mysql_datadir_group: mysql
 mysql_datadir_mode: 0700
 mysql_config:
  mysql:
    port: 3306
    socket: /var/run/mysqld/mysqld.sock
  mysqld:
    basedir: /usr
    bind_address: 127.0.0.1
    datadir: /var/lib/mysql
    default_storage_engine: InnoDB
    innodb_buffer_pool_size: "{{ (ansible_memtotal_mb * 0.25) | int }}M"
    innodb_file_per_table: 1
    innodb_flush_log_at_trx_commit: 1
    innodb_flush_method: O_DIRECT
    innodb_log_file_size: 128M
    innodb_log_files_in_group: 2
    key_buffer_size: 16M
    log_error: /var/log/mysql/mysql-error.log
    log_queries_not_using_indexes: 1
    max_allowed_packet: 16M
    max_connect_errors: 1000000
    max_connections: 100
    max_heap_table_size: 32M
    myisam_recover_options: FORCE,BACKUP
    open_files_limit: 65535
    pid_file: /var/run/mysqld/mysqld.pid
    query_cache_size: 0
    query_cache_type: 0
    slow_query_log: 1
    slow_query_log_file: /var/log/mysql/mysql-slow.log
    socket: /var/run/mysqld/mysqld.sock
    table_definition_cache: 4096
    table_open_cache: 300
    thread_cache_size: 16
    tmp_table_size: 32M
    tmpdir: /tmp
    user: mysql
  mysqld_safe:
    nice: 0
    socket: /var/run/mysqld/mysqld.sock
    syslog: ~
 # vim:ft=yaml.ansible:
--- a/roles/mysql/handlers/main.yml
+++ b/roles/mysql/handlers/main.yml
@ -1,5 +0,0 @@
 ---
 - name: restart mysql
  service:
    name: "{{ mysql_service_name }}"
    state: restarted
--- a/roles/mysql/meta/main.yml
+++ b/roles/mysql/meta/main.yml
@ -1,60 +0,0 @@
 galaxy_info:
  author: your name
  description: your description
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Some suggested licenses:
  # - BSD (default)
  # - MIT
  # - GPLv2
  # - GPLv3
  # - Apache
  # - CC-BY
  license: license (GPLv2, CC-BY, etc)
  min_ansible_version: 2.4
  # If this a Container Enabled role, provide the minimum Ansible Container version.
  # min_ansible_container_version:
  # Optionally specify the branch Galaxy will use when accessing the GitHub
  # repo for this role. During role install, if no tags are available,
  # Galaxy will use this branch. During import Galaxy will access files on
  # this branch. If Travis integration is configured, only notifications for this
  # branch will be accepted. Otherwise, in all cases, the repo's default branch
  # (usually master) will be used.
  #github_branch:
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/roles/mysql/tasks/main.yml
+++ b/roles/mysql/tasks/main.yml
@ -1,39 +0,0 @@
 ---
 - name: gather OS distribution version specific variables
  include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yaml"
 - name: gather OS distribution specific variables
  include_vars: "{{ ansible_distribution }}.yaml"
 - name: gather OS family specific variables
  include_vars: "{{ ansible_os_family }}.yaml"
 - name: manage mysql package
  package:
    name: "{{ mysql_package_name }}"
    state: "{{ mysql_package_state }}"
 - name: create datadir
  file:
    path: "{{ mysql_config.mysqld.datadir }}"
    owner: "{{ mysql_datadir_owner }}"
    group: "{{ mysql_datadir_group }}"
    mode: "{{ mysql_datadir_mode }}"
    state: directory
 - name: initialize mysql
  command: "mysqld --initialize --log-error={{ mysql_initialize_log_error }}"
  args:
    creates: "{{ mysql_config.mysqld.datadir }}/mysql"
 - name: configure mysql
  template:
    src: my.cnf.j2
    dest: "{{ mysql_cfg_path }}"
  notify: restart mysql
 - name: manage mysql service
  service:
    name: "{{ mysql_service_name }}"
    state: "{{ mysql_service_state }}"
    enabled: "{{ mysql_service_enabled }}"
--- a/roles/mysql/templates/my.cnf.j2
+++ b/roles/mysql/templates/my.cnf.j2
@ -1,12 +0,0 @@
 # {{ ansible_managed }}
 {% for section, cfg in mysql_config.iteritems() | sort %}
 [{{section}}]
 {% for k, v in cfg.iteritems() | sort %}
 {% if k is defined and v is not none %}
 {{ k }} = {{ v }}
 {% elif k and v is none %}
 {{ k }}
 {% endif %}
 {% endfor %}
 {% endfor %}
--- a/roles/mysql/tests/inventory
+++ b/roles/mysql/tests/inventory
@ -1,2 +0,0 @@
 localhost
--- a/roles/mysql/tests/test.yml
+++ b/roles/mysql/tests/test.yml
@ -1,5 +0,0 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - roles/mysql
--- a/roles/mysql/vars/Debian.yaml
+++ b/roles/mysql/vars/Debian.yaml
@ -1,2 +0,0 @@
 ---
 mysql_cfg_path: /etc/my.cnf
--- a/roles/mysql/vars/Ubuntu-18.yaml
+++ b/roles/mysql/vars/Ubuntu-18.yaml
@ -1,5 +0,0 @@
 ---
 mysql_service_name: 'mysql.service'
 mysql_cfg_path: /etc/mysql/my.cnf
 # vim:ft=yaml.ansible:
--- a/roles/mysql/vars/Ubuntu.yaml
+++ b/roles/mysql/vars/Ubuntu.yaml
@ -1,4 +0,0 @@
 ---
 mysql_package_name: 'mysql-server'
 # vim:ft=yaml.ansible:
--- a/roles/mysql/vars/main.yml
+++ b/roles/mysql/vars/main.yml
@ -1,2 +0,0 @@
 ---
 # vars file for roles/mysql
--- a/roles/node_exporter/defaults/main.yaml
+++ b/roles/node_exporter/defaults/main.yaml
@ -1,51 +0,0 @@
 ---
 node_exporter_go_arch_map:
  i386: '386'
  x86_64: 'amd64'
 node_exporter_go_arch: "{{ node_exporter_go_arch_map[ansible_architecture] | default('amd64') }}"
 node_exporter_service_name: node_exporter.service
 node_exporter_service_enabled: true
 node_exporter_service_state: started
 node_exporter_version_regex: ^node_exporter, version ([\d.]+)
 node_exporter_release_file: "node_exporter-{{ node_exporter_version }}.{{ ansible_system | lower }}-{{ node_exporter_go_arch }}.tar.gz"
 node_exporter_release_url: "https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/{{ node_exporter_release_file }}"
 node_exporter_checksum_url: "https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/sha256sums.txt"
 node_exporter_download_path: "/tmp/{{ node_exporter_release_file }}"
 node_exporter_unarchive_dest_path: /tmp
 node_exporter_extracted_path: "{{ node_exporter_download_path | replace('.tar.gz', '') }}"
 node_exporter_user: node_exporter
 node_exporter_user_state: present
 node_exporter_user_shell: /usr/sbin/nologin
 node_exporter_group: node_exporter
 node_exporter_group_state: "{{ node_exporter_user_state | default('present') }}"
 node_exporter_var_path: /var/lib/node_exporter
 node_exporter_var_owner: "{{ node_exporter_user }}"
 node_exporter_var_group: "{{ node_exporter_group }}"
 node_exporter_var_mode: "0755"
 node_exporter_spool_path: /var/spool/node_exporter
 node_exporter_spool_owner: "{{ node_exporter_user }}"
 node_exporter_spool_group: "{{ node_exporter_group }}"
 node_exporter_spool_mode: "0755"
 node_exporter_bin_path: /usr/local/bin
 node_exporter_collectors_enabled:
  - textfile:
      directory: "{{ node_exporter_spool_path }}/textfile_collector"
  - processes
  - tcpstat
  - ntp
  - supervisord:
      url: unix:///var/run/supervisor.sock
  - systemd:
      enable-task-metrics:
      enable-restarts-metrics:
      enable-start-time-metrics:
--- a/roles/node_exporter/files/apt-exporter.pl
+++ b/roles/node_exporter/files/apt-exporter.pl
@ -1,36 +0,0 @@
 #!/usr/bin/env perl
 use strict;
 use warnings;
 my $cmd = "apt-get --just-print dist-upgrade";
 my %metrics;
 open(my $fh, '-|', $cmd) or die $!;
 while(my $line = <$fh>) {
    if ($line =~ /Inst \S+ \S+ \(\S+ (.+) \[(\S+)\]\)/) {
        my $k = sprintf("apt_upgrades_pending{origin=\"%s\", arch=\"%s\"}", $1, $2); 
        if (!exists $metrics{$k}) {
            $metrics{$k} = 1;
        } else {
            $metrics{$k}++;
        }
    }
 }
 if (%metrics) {
    # print apt metrics
    while(my($k, $v) = each %metrics) {
        printf("%s %d\n", $k, $v)
    }
 }
 else {
    print("apt_upgrades_pending{origin=\"\",arch=\"\"} 0\n");
 }
 # print reboot required metric
 if (-e "/var/run/reboot-required") {
    print("node_reboot_required 1\n")
 }
 else {
    print("node_reboot_required 0\n")
 }
--- a/roles/node_exporter/files/promcat.sh
+++ b/roles/node_exporter/files/promcat.sh
@ -1,42 +0,0 @@
 #!/bin/bash
 function usage { printf "Usage: %s FILE\n" "$(basename "$0")" >&2; exit 1; }
 while getopts "h" opt; do
    case "${opt}" in
        *)
            usage
            ;;
    esac
 done
 shift $((OPTIND-1))
 FILE="$1"
 if [ -z "${FILE}" ]; then
    usage
    exit 1
 fi
 if command -v sponge > /dev/null; then
    ( echo "# promcat (sponge)" ; cat /dev/stdin ) | sponge "${FILE}"
 else
    TEMP=$(mktemp --suffix .prom)
    function finish {
        if [ -f "${TEMP}" ]; then
            rm -f "${TEMP}"
        fi
    }
    trap finish EXIT
    echo "# promcat (mktemp, mv)" > "${TEMP}"
    cat /dev/stdin >> "${TEMP}"
    if [ ! -s "${TEMP}" ] || grep -q '^[[:space:]]*$' "${TEMP}" ; then
        printf "%s is empty\n" "${TEMP}" >&2
        exit 1
    else
        mv "${TEMP}" "${FILE}"
    fi
 fi
--- a/Show More
+++ b/Show More
		`@ -1 +0,0 @@`
			`crio_os: "CentOS_{{ ansible_distribution_major_version }}"`