kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-08 03:07:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-08-14 14:39:18 +02:00
parent 1b638c366e
commit 0228014d34
377 changed files with 549 additions and 508 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
roles/sys-hlth-docker-volumes/README.md
View File

@@ -1,25 +1,31 @@
# Health Check for Docker Volumes
# Docker Volumes Health Check
## Description
This role checks for anonymous Docker volumes that are not bound to a container and may be left over from previous operations. It provides a cleanup mechanism by identifying such volumes, excluding any that are whitelisted, and possibly taking action against them.
This role detects unused **anonymous Docker volumes** that are not bound to any running container.
It can optionally exclude specific volumes from the check using a configurable whitelist.
## Files
## Overview
- `vars/main.yml`: Variable definitions for the script's directory and whitelist.
- `handlers/main.yml`: Handlers to reload and restart the systemd service and timer.
- `files/sys-hlth-docker-volumes.sh`: The script that checks for anonymous Docker volumes and excludes whitelisted volumes.
- `tasks/main.yml`: Tasks to create necessary directories, copy scripts, and create systemd service and timer.
- `templates/sys-hlth-docker-volumes.infinito.service.j2`: Systemd service template, including the whitelisted volumes as a parameter.
- `templates/sys-hlth-docker-volumes.infinito.timer.j2`: Systemd timer template.
- `meta/main.yml`: Meta information declaring dependencies for the role.
The role installs a script and a `systemd` service with a timer to periodically scan for leftover anonymous volumes.
This helps prevent wasted disk space and leftover resources from old deployments.
## Usage
## Purpose
Include this role in your playbook and set the `path_administrator_scripts` variable to determine where the health check scripts should reside. Define `whitelisted_anonymous_volumes` in `vars/main.yml` with an array of volume IDs that should be ignored by the health check.
The main purpose of this role is to keep Docker environments clean by identifying and reporting orphaned anonymous volumes.
It supports a whitelist mechanism to avoid alerting on known or intentional volumes.
Ensure that the `sys-alm-compose` dependency is satisfied for error notifications.
## Features
## Created with AI
This script was created with the help of AI. The full conversation you find [here](https://chat.openai.com/share/1fa829f1-f001-4111-b1d4-1b2e3d583da2).
- **Anonymous Volume Detection:** Identifies volumes with 64-character IDs not attached to any container.
- **Whitelist Support:** Skips volumes listed in `whitelisted_anonymous_docker_volumes`.
- **Bootstrap Volume Exclusion:** Ignores known bootstrap volumes (e.g., `/var/www/bootstrap`).
- **Systemd Integration:** Installs a one-shot service and timer to automate checks.
- **Alerting Support:** Works with the [`sys-alm-compose`](../sys-alm-compose/README.md) role for failure notifications.
## Further Resources
- [Docker Volumes Documentation](https://docs.docker.com/storage/volumes/)
- [Systemd Timers Documentation](https://www.freedesktop.org/software/systemd/man/systemd.timer.html)
- [ChatGPT Create Conversation](https://chat.openai.com/share/1fa829f1-f001-4111-b1d4-1b2e3d583da2).

4
roles/sys-hlth-docker-volumes/handlers/main.yml
View File

@@ -1,5 +1,5 @@
- name: "reload sys-hlth-docker-volumes.infinito.service"
- name: "reload sys-hlth-docker-volumes service"
systemd:
name: sys-hlth-docker-volumes.infinito.service
name: sys-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }}
enabled: yes
daemon_reload: yes

2
roles/sys-hlth-docker-volumes/meta/main.yml
View File

@@ -5,7 +5,7 @@ galaxy_info:
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
license: "Infinito.Nexus NonCommercial License (CNCL)"
license: "Infinito.Nexus NonCommercial License"
license_url: "https://s.infinito.nexus/license"
min_ansible_version: "2.9"
platforms:

6
roles/sys-hlth-docker-volumes/tasks/01_core.yml
View File

@@ -14,11 +14,11 @@
src: sys-hlth-docker-volumes.sh
dest: "{{health_docker_volumes_folder}}sys-hlth-docker-volumes.sh"
- name: create sys-hlth-docker-volumes.infinito.service
- name: create sys-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }}
template:
src: sys-hlth-docker-volumes.service.j2
dest: /etc/systemd/system/sys-hlth-docker-volumes.infinito.service
notify: reload sys-hlth-docker-volumes.infinito.service
dest: /etc/systemd/system/sys-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }}
notify: reload sys-hlth-docker-volumes service
- name: "set 'service_name' to '{{ role_name }}'"
set_fact: