ryanc/ansible
1
0
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

Compare commits

base: ryanc:c63271c8b5fb6ef2ad49e32af92145def99bbfcf
Branches Tags
ryanc:master
..
compare: ryanc:75188b008e0dc2da116792f5943e87b64170b13c
Branches Tags
ryanc:master

5 Commits
c63271c8b5 ... 75188b008e

Author SHA1 Message Date
Ryan Cavicchioni
75188b008e install serveral system tools 
refs #4
 2020-01-23 08:03:35 -06:00
Ryan Cavicchioni
05a67e2db4 keep 5 days of syslog files uncompressed 2020-01-23 08:03:08 -06:00
Ryan Cavicchioni
11898e4ee7 support for multiple instances of minecraft in restic minecraft hook 2020-01-23 08:01:58 -06:00
Ryan Cavicchioni
5b65beff27 don't register change when checking restic repo 2020-01-23 08:01:23 -06:00
Ryan Cavicchioni
befad13cb5 add spiped role 2020-01-23 08:00:57 -06:00
8 changed files with 134 additions and 10 deletions
Expand all files Collapse all files

25
roles/restic/files/hooks/minecraft.sh
View File

@@ -85,23 +85,30 @@ open_files() {
main() { main() {
prereq "$SERVICE"
if [ "$1" == "pre" ]; then if [ "$1" == "pre" ]; then
printf "stopping %s\n" $SERVICE for path in "$VAR_DIR"/*; do
if ! stop_server $SERVICE; then instance="minecraft@$(basename "$path").service"
error_exit "Failed to stop $SERVICE" prereq "$instance"
fi printf "stopping %s\n" "$instance"
if ! stop_server "$instance"; then
error_exit "Failed to stop $instance"
fi
done
printf "checking for open files\n" printf "checking for open files\n"
if ! open_files $VAR_DIR; then if ! open_files $VAR_DIR; then
error_exit "Open files exist in $VAR_DIR" error_exit "Open files exist in $VAR_DIR"
fi fi
elif [ "$1" == "post" ]; then elif [ "$1" == "post" ]; then
printf "starting %s\n" $SERVICE for path in "$VAR_DIR"/*; do
if ! start_server $SERVICE; then instance="minecraft@$(basename "$path").service"
error_exit "Failed to start $SERVICE" prereq "$instance"
fi printf "starting %s\n" "$instance"
if ! start_server "$instance"; then
error_exit "Failed to start $instance"
fi
done
fi fi
} }

1
roles/restic/tasks/repo.yaml
View File

@@ -5,6 +5,7 @@
ignore_errors: yes ignore_errors: yes
environment: "{{ item.environment | default({}) }}" environment: "{{ item.environment | default({}) }}"
register: restic_init register: restic_init
changed_when: false
- name: init repos - name: init repos
shell: shell:

2
roles/rsyslog/tasks/archival.yaml
View File

@@ -68,5 +68,5 @@
minute: "0" minute: "0"
hour: "1" hour: "1"
user: root user: root
job: find /var/log/syslog/ -type f ! -name "*$(date +\%Y\%m\%d)*.log" -name "*.log" -exec xz {} \; job: find /var/log/syslog/ -type f -name "*.log" -mtime +5 -exec xz {} \;
state: "{{ rsyslog_archival_format_enabled | ternary('present', 'absent') }}" state: "{{ rsyslog_archival_format_enabled | ternary('present', 'absent') }}"

14
roles/spiped/defaults/main.yaml Normal file
View File

@@ -0,0 +1,14 @@
---
spiped_package_name: spiped
spiped_package_state: present
spiped_etc_path: /etc/spiped
spiped_run_path: /run/spiped
spiped_user: spiped
spiped_group: spiped
spiped_user_state: present
spiped_user_comment: spiped
spiped_user_home: "{{ spiped_run_path }}"
spiped_user_password: "!"
spiped_user_shell: /usr/sbin/nologin

10
roles/spiped/handlers/main.yaml Normal file
View File

@@ -0,0 +1,10 @@
---
- name: spiped daemon-reload
systemd:
daemon_reload: yes
- name: restart spiped tunnels
service:
name: "spiped-{{ item.name }}"
state: restarted
loop: "{{ spiped_tunnels | default([]) }}"

60
roles/spiped/tasks/main.yaml Normal file
View File

@@ -0,0 +1,60 @@
---
- name: install package
package:
name: "{{ spiped_package_name }}"
state: "{{ spiped_package_state }}"
- name: "create {{ spiped_user }} user"
user:
name: "{{ spiped_user }}"
comment: "{{ spiped_user_comment }}"
password: "{{ spiped_user_password }}"
home: "{{ spiped_user_home }}"
shell: "{{ spiped_user_shell }}"
state: "{{ spiped_user_state }}"
system: yes
create_home: no
- name: create paths
file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: 0755
loop:
- "{{ spiped_etc_path }}"
- name: configure systemd unit
template:
src: spiped.service.j2
dest: "/etc/systemd/system/spiped-{{ item.name }}.service"
owner: root
group: root
mode: 0644
loop: "{{ spiped_tunnels | default([]) }}"
notify:
- restart spiped tunnels
- spiped daemon-reload
when: ansible_service_mgr == 'systemd'
no_log: true
- name: configure keys
copy:
dest: "{{ spiped_etc_path }}/{{ item.name }}.key"
content: "{{ item.key | b64decode }}"
owner: "{{ spiped_user }}"
group: "{{ spiped_group }}"
mode: 0400
loop: "{{ spiped_tunnels | default([]) }}"
notify:
- restart spiped tunnels
no_log: true
- name: manage services
service:
name: "spiped-{{ item.name }}.service"
state: "{{ item.state | default('started') }}"
enabled: "{{ item.enabled | default(true) }}"
loop: "{{ spiped_tunnels | default([]) }}"
no_log: true

22
roles/spiped/templates/spiped.service.j2 Normal file
View File

@@ -0,0 +1,22 @@
{% set keyfile = "{0}/{1}.key".format(spiped_etc_path, item.name) %}
# {{ ansible_managed }}
[Unit]
Description=spiped tunnel {{ item.name }}
Wants=network-online.target
After=network-online.target
[Service]
User={{ spiped_user }}
{% if item.type == 'client' %}
ExecStart=/usr/bin/spiped -F -g -k {{ keyfile }} -D -e -s '{{ item.source_socket }}' -t '{{ item.target_socket }}'
{% else %}
ExecStart=/usr/bin/spiped -F -g -k {{ keyfile }} -d -s '{{ item.source_socket }}' -t '{{ item.target_socket }}'
{% endif %}
Restart=always
RestartSec=60
RuntimeDirectory=spiped
PIDFile={{ spiped_run_path }}/{{ item.name }}.pid
[Install]
WantedBy=multi-user.target

10
roles/util/defaults/main.yaml
View File

@@ -28,12 +28,21 @@ util_packages:
- bc - bc
misc: misc:
- tmux - tmux
- screen
- moreutils - moreutils
utils: utils:
- unzip - unzip
- p7zip - p7zip
- p7zip-full - p7zip-full
- pigz
- pxz
- pbzip2
- pv - pv
- htop
- iotop
- iftop
- lsof
- sysdig
security: security:
- gnupg - gnupg
- pass - pass
@@ -41,6 +50,7 @@ util_packages:
text: text:
- jq - jq
- crudini - crudini
- xmlstarlet
interpreters: interpreters:
- lua5.3 - lua5.3
python: python: