kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 10:19:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Optimized tests für run once

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-08-12 02:38:37 +02:00
parent 82aaf7ad74
commit 1595a7c4a6
148 changed files with 1803 additions and 1147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
roles/desk-gnome-caffeine/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs caffeine-ng and configures it to autostart for preventing screen sleep on GNOME."
@@ -6,12 +5,10 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.4"
platforms:
- name: Archlinux
versions:
- all
- name: Archlinux
versions:
- all
galaxy_tags:
- caffeine
- autostart
- archlinux
dependencies:
- dev-yay
- caffeine
- autostart
- archlinux

11
roles/desk-gnome-caffeine/tasks/main.yml
View File

@@ -1,9 +1,16 @@
---
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-yay'
include_role:
name: dev-yay
- set_fact:
run_once_desk_gnome_caffeine: true
when: run_once_desk_gnome_caffeine is not defined
- name: Install caffeine
kewlfft.aur.aur:
use: yay
name:
- caffeine-ng
- caffeine-ng
become: false
- name: Create autostart directory if it doesn't exist

12
roles/desk-qbittorrent/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birchenbach"
description: "Installs the qBittorrent torrent client via AUR on Arch Linux."
@@ -9,15 +8,12 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- qbittorrent
- torrent
- qbittorrent
- torrent
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/desk-qbittorrent"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: [ all ]
dependencies:
- dev-yay
- name: Archlinux
versions: [all]

10
roles/desk-qbittorrent/tasks/main.yml
View File

@@ -1,5 +1,13 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-yay'
include_role:
name: dev-yay
- set_fact:
run_once_desk_qbittorrent: true
when: run_once_desk_qbittorrent is not defined
- name: install torrent software
kewlfft.aur.aur:
use: yay
name:
- qbittorrent
- qbittorrent

21
roles/desk-spotify/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs the Spotify client."
@@ -10,18 +9,16 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- spotify
- aur
- music
- streaming
- archlinux
- client
- spotify
- aur
- music
- streaming
- archlinux
- client
repository: https://github.com/kevinveenbirkenbach/infinito-nexus
issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues
documentation: "https://docs.infinito.nexus/"
dependencies:
- dev-yay

10
roles/desk-spotify/tasks/main.yml
View File

@@ -1,5 +1,13 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-yay'
include_role:
name: dev-yay
- set_fact:
run_once_desk_spotify: true
when: run_once_desk_spotify is not defined
- name: install spotify
kewlfft.aur.aur:
use: yay
name:
- spotify
- spotify

26
roles/desk-ssh/meta/main.yml
View File

@@ -1,30 +1,28 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Persistent SSH agent setup for GNOME Wayland sessions with SSH configuration pulled from Git."
license: "Infinito.Nexus NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- ssh
- agent
- systemd
- gnome
- wayland
- archlinux
- keepassxc
- ssh
- agent
- systemd
- gnome
- wayland
- archlinux
- keepassxc
repository: https://github.com/kevinveenbirkenbach/infinito-nexus
issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues
documentation: "https://docs.infinito.nexus/"
dependencies:
- desk-git
- dev-shell
- desk-git

10
roles/desk-ssh/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-shell'
include_role:
name: dev-shell
- set_fact:
run_once_desk_ssh: true
when: run_once_desk_ssh is not defined
- name: pull ssh repository from {{desk_ssh_repository}}
git:
repo: "{{desk_ssh_repository}}"
@@ -43,4 +51,4 @@
state: present
create: yes
mode: "0644"
become: false
become: false

14
roles/desk-zoom/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birchenbach"
description: "Installs the Zoom video conferencing client via AUR on Arch Linux."
@@ -9,16 +8,13 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- zoom
- video
- conferencing
- zoom
- video
- conferencing
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/desk-zoom"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: [ all ]
dependencies:
- dev-yay
- name: Archlinux
versions: [all]

12
roles/desk-zoom/tasks/main.yml
View File

@@ -1,6 +1,14 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-yay'
include_role:
name: dev-yay
- set_fact:
run_once_desk_zoom: true
when: run_once_desk_zoom is not defined
- name: install video conference software
kewlfft.aur.aur:
use: yay
name:
- zoom
become: false
- zoom
become: false

19
roles/dev-python-pip/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs the python-pip package to provide the Python package manager, ensuring that Python packages can be installed reliably on the target system."
@@ -10,17 +9,15 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- python
- pip
- package
- installation
- automation
- python
- pip
- package
- installation
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- dev-gcc

9
roles/dev-python-pip/tasks/main.yml
View File

@@ -1,4 +1,11 @@
---
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-gcc'
include_role:
name: dev-gcc
- set_fact:
run_once_dev_python_pip: true
when: run_once_dev_python_pip is not defined
- name: python pip install
community.general.pacman:
name: python-pip

19
roles/dev-yay/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs the AUR helper yay and configures an aur_builder user with appropriate sudo privileges to facilitate AUR package management on Arch Linux systems."
@@ -10,20 +9,16 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- aur
- yay
- archlinux
- package-management
- aur
- yay
- archlinux
- package-management
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
logo:
class: "fas fa-archive"
dependencies:
- dev-fakeroot
- dev-git
- dev-base-devel

18
roles/dev-yay/tasks/main.yml
View File

@@ -1,8 +1,20 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- dev-fakeroot
- dev-git
- dev-base-devel
- set_fact:
run_once_dev_yay: true
when: run_once_dev_yay is not defined
- name: install yay
community.general.pacman:
name:
- base-devel
- patch
- base-devel
- patch
state: present
- name: Create the `aur_builder` user
@@ -36,4 +48,4 @@
cd /home/aur_builder/yay
makepkg -si --noconfirm
args:
creates: /usr/bin/yay
creates: /usr/bin/yay

23
roles/docker-compose/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Manages Docker Compose project structure and execution logic on Arch Linux."
@@ -10,19 +9,17 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- docker
- compose
- container
- infrastructure
- devops
- automation
- archlinux
- docker
- compose
- container
- infrastructure
- devops
- automation
- archlinux
repository: https://github.com/kevinveenbirkenbach/infinito-nexus
issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues
documentation: "https://docs.infinito.nexus/"
dependencies:
- docker-container # Necessary for template use

22
roles/docker-compose/tasks/main.yml
View File

@@ -1,10 +1,16 @@
# run_once_docker_compose: deactivate
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'docker-container'
include_role:
name: docker-container
- set_fact:
run_once_docker_compose: true
when: run_once_docker_compose is not defined
- name: "Load variables from {{ docker_compose_variable_file }} for whole play"
include_vars: "{{ docker_compose_variable_file }}"
- name: "reset (if enabled)"
include_tasks: 01_reset.yml
include_tasks: 01_reset.yml
when: mode_reset | bool
# This could lead to problems in docker-compose directories which are based on a git repository
@@ -21,12 +27,12 @@
when: docker_pull_git_repository | bool
- block:
- name: "Include file management routines for '{{application_id}}'."
include_tasks: "03_files.yml"
- name: "Ensure that {{ docker_compose.directories.instance }} is up"
include_tasks: "04_ensure_up.yml"
- name: "Include file management routines for '{{application_id}}'."
include_tasks: "03_files.yml"
- name: "Ensure that {{ docker_compose.directories.instance }} is up"
include_tasks: "04_ensure_up.yml"
when: not docker_compose_skipp_file_creation | bool
- name: "flush database, docker and proxy for '{{ application_id }}'"
- name: "flush database, docker and proxy for '{{ application_id }}'"
meta: flush_handlers
when: docker_compose_flush_handlers | bool

13
roles/docker-container/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birchenbach"
description: "Provides shared Jinja2 snippets for Docker Compose service definitions (base, networks, healthchecks, depends_on)."
@@ -9,15 +8,13 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- docker
- compose
- jinja2
- docker
- compose
- jinja2
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/docker-container"
min_ansible_version: "2.9"
platforms:
- name: Any
versions: [ all ]
dependencies:
- docker-core
- name: Any
versions: [all]

8
roles/docker-container/tasks/main.yml Normal file
View File

@@ -0,0 +1,8 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'docker-core'
include_role:
name: docker-core
- set_fact:
run_once_docker_container: true
when: run_once_docker_container is not defined

14
roles/drv-epson-multiprinter/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birchenbach"
description: "Installs Epson multifunction printer drivers and scanning utilities (escpr, imagescan) via Pacman and AUR on Arch Linux."
@@ -9,16 +8,13 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- epson
- printer
- scanner
- epson
- printer
- scanner
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/drv-epson-multiprinter"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: [ all ]
dependencies:
- dev-yay
- name: Archlinux
versions: [all]

18
roles/drv-epson-multiprinter/tasks/main.yml
View File

@@ -1,13 +1,21 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-yay'
include_role:
name: dev-yay
- set_fact:
run_once_drv_epson_multiprinter: true
when: run_once_drv_epson_multiprinter is not defined
- name: install AUR packages for epson
kewlfft.aur.aur:
use: yay
name:
- epson-printer-utility
- imagescan-plugin-networkscan
- epson-inkjet-printer-escpr
- epson-inkjet-printer-escpr2
- epson-printer-utility
- imagescan-plugin-networkscan
- epson-inkjet-printer-escpr
- epson-inkjet-printer-escpr2
become: false
- name: install imagescan
community.general.pacman:
name: imagescan
state: present
state: present

9
roles/drv-msi-keyboard-color/meta/main.yml
View File

@@ -4,9 +4,6 @@ galaxy_info:
description: "Ansible role to set up dynamic keyboard color change on MSI laptops"
min_ansible_version: 2.9
platforms:
- name: Linux
versions:
- all
dependencies:
- dev-yay
- sys-alm-compose
- name: Linux
versions:
- all

18
roles/drv-msi-keyboard-color/tasks/main.yml
View File

@@ -1,9 +1,19 @@
---
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- dev-yay
- sys-alm-compose
- set_fact:
run_once_drv_msi_keyboard_color: true
when: run_once_drv_msi_keyboard_color is not defined
- name: Install MSI packages
kewlfft.aur.aur:
use: yay
name:
- msi-perkeyrgb
- msi-perkeyrgb
- name: Copy keyboard_color.sh script
copy:
@@ -29,5 +39,5 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_msi_keyboard_color}}"
persistent: "true"
on_calendar: "{{on_calendar_msi_keyboard_color}}"
persistent: "true"

18
roles/pkgmgr-install/meta/main.yml
View File

@@ -3,22 +3,20 @@ galaxy_info:
description: "Installs and updates packages using pkgmgr."
license: "Infinito.Nexus NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- package
- update
- archlinux
- infinito
- package
- update
- archlinux
- infinito
repository: https://github.com/kevinveenbirkenbach/package-manager
issue_tracker_url: https://github.com/kevinveenbirkenbach/package-manager/issues
documentation: https://github.com/kevinveenbirkenbach/package-manager
dependencies:
- pkgmgr

10
roles/pkgmgr-install/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'pkgmgr'
include_role:
name: pkgmgr
- set_fact:
run_once_pkgmgr_install: true
when: run_once_pkgmgr_install is not defined
- name: update pkgmgr
shell: |
source ~/.venvs/pkgmgr/bin/activate
@@ -16,4 +24,4 @@
- name: mark pkgmgr update as done
set_fact:
run_once_pkgmgr_install: true
when: run_once_pkgmgr_install is not defined
when: run_once_pkgmgr_install is not defined

41
roles/pkgmgr/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Automates the installation of Kevin's Package Manager — a tool for managing multiple repositories and automating Git operations."
@@ -10,29 +9,25 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Debian
versions:
- stretch
- buster
- bullseye
- name: Ubuntu
versions:
- bionic
- focal
- jammy
- name: Archlinux
versions:
- rolling
- name: Debian
versions:
- stretch
- buster
- bullseye
- name: Ubuntu
versions:
- bionic
- focal
- jammy
- name: Archlinux
versions:
- rolling
galaxy_tags:
- pkgmgr
- automation
- git
- repositories
- development
- pkgmgr
- automation
- git
- repositories
- development
repository: https://github.com/kevinveenbirkenbach/package-manager
issue_tracker_url: https://github.com/kevinveenbirkenbach/package-manager/issues
documentation: https://github.com/kevinveenbirkenbach/package-manager
dependencies:
- dev-git
- dev-make
- dev-python-yaml

18
roles/pkgmgr/tasks/01_core.yml
View File

@@ -1,3 +1,15 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- dev-git
- dev-make
- dev-python-yaml
- set_fact:
run_once_pkgmgr: true
when: run_once_pkgmgr is not defined
- name: Ensure GitHub host key is in known_hosts
known_hosts:
path: "~/.ssh/known_hosts"
@@ -27,10 +39,10 @@
become: true
- name: create config.yaml
template:
template:
src: config.yaml.j2
dest: "{{pkgmgr_config_path}}"
become: true
become: true
- name: Run the Package Manager install command to create an alias for Kevins package manager
shell: |
@@ -39,4 +51,4 @@
args:
chdir: "{{ pkgmgr_install_path }}"
executable: /bin/bash
become: true
become: true

21
roles/srv-proxy-6-6-domain/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Automated domain provisioning (TLS, vHost, OAuth2) for Nginx."
@@ -10,18 +9,16 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- tls
- letsencrypt
- oauth2
- automation
- archlinux
- nginx
- tls
- letsencrypt
- oauth2
- automation
- archlinux
repository: https://github.com/kevinveenbirkenbach/infinito-nexus
issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues
documentation: "https://docs.infinito.nexus/"
dependencies:
- srv-proxy-7-4-core

40
roles/srv-proxy-6-6-domain/tasks/main.yml
View File

@@ -1,5 +1,11 @@
# run_once_srv_proxy_6_6_domain: deactivated
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-proxy-7-4-core'
include_role:
name: srv-proxy-7-4-core
- set_fact:
run_once_srv_proxy_6_6_domain: true
when: run_once_srv_proxy_6_6_domain is not defined
- include_tasks: "01_cloudflare.yml"
when: dns_provider == "cloudflare"
@@ -10,7 +16,7 @@
- name: "include role for {{ domain }} to receive certificates and do the modification routines"
include_role:
name: srv-web-7-6-composer
- name: "Copy nginx config to {{ configuration_destination }}"
template:
src: "{{ vhost_template_src }}"
@@ -19,18 +25,18 @@
notify: restart openresty
- block:
- name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)"
uri:
url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
register: site_check
failed_when: false
changed_when: false
- name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)"
uri:
url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
register: site_check
failed_when: false
changed_when: false
- name: Restart nginx if site is down
command:
cmd: "true"
notify: restart openresty
when:
- site_check.status is defined
- not site_check.status in [200,301,302]
when: not nginx_conf.changed
- name: Restart nginx if site is down
command:
cmd: "true"
notify: restart openresty
when:
- site_check.status is defined
- not site_check.status in [200,301,302]
when: not nginx_conf.changed

16
roles/srv-proxy-6-6-tls-deploy/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birchenbach"
description: "Deploys Lets Encrypt certificates into Docker Compose Nginx setups via systemd service and timer."
@@ -9,17 +8,14 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- nginx
- letsencrypt
- docker
- systemd
- nginx
- letsencrypt
- docker
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-proxy-6-6-tls-deploy"
min_ansible_version: "2.9"
platforms:
- name: Any
versions: [ all ]
dependencies:
- sys-alm-compose
- name: Any
versions: [all]

28
roles/srv-proxy-6-6-tls-deploy/tasks/main.yml
View File

@@ -1,20 +1,28 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-compose'
include_role:
name: sys-alm-compose
- set_fact:
run_once_srv_proxy_6_6_tls_deploy: true
when: run_once_srv_proxy_6_6_tls_deploy is not defined
- name: add srv-proxy-6-6-tls-deploy.sh
template:
src: "srv-proxy-6-6-tls-deploy.sh.j2"
template:
src: "srv-proxy-6-6-tls-deploy.sh.j2"
dest: "{{nginx_docker_cert_deploy_script}}"
when: run_once_srv_proxy_6_6_tls_deploy is not defined
notify: restart srv-proxy-6-6-tls-deploy.infinito.service
- name: "create {{cert_mount_directory}}"
file:
path: "{{cert_mount_directory}}"
state: directory
mode: 0755
path: "{{cert_mount_directory}}"
state: directory
mode: 0755
notify: restart srv-proxy-6-6-tls-deploy.infinito.service
- name: configure srv-proxy-6-6-tls-deploy.infinito.service
template:
src: "srv-proxy-6-6-tls-deploy.service.j2"
template:
src: "srv-proxy-6-6-tls-deploy.service.j2"
dest: "/etc/systemd/system/srv-proxy-6-6-tls-deploy.{{application_id}}.infinito.service"
notify: restart srv-proxy-6-6-tls-deploy.infinito.service
@@ -22,11 +30,11 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_deploy_certificates}}"
on_calendar: "{{on_calendar_deploy_certificates}}"
service_name: "srv-proxy-6-6-tls-deploy.{{application_id}}"
persistent: "true"
persistent: "true"
- name: run the run_once_srv_proxy_6_6_tls_deploy tasks once
set_fact:
run_once_srv_proxy_6_6_tls_deploy: true
when: run_once_srv_proxy_6_6_tls_deploy is not defined
when: run_once_srv_proxy_6_6_tls_deploy is not defined

22
roles/srv-proxy-7-4-core/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Nginx reverse proxy front-end for local Docker applications."
@@ -10,19 +9,16 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- docker
- reverse_proxy
- web
- automation
- archlinux
- nginx
- docker
- reverse_proxy
- web
- automation
- archlinux
repository: https://github.com/kevinveenbirkenbach/infinito-nexus
issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues
documentation: "https://docs.infinito.nexus/"
dependencies:
- srv-web-7-6-https
- srv-web-7-4-core

11
roles/srv-proxy-7-4-core/tasks/main.yml Normal file
View File

@@ -0,0 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- srv-web-7-6-https
- srv-web-7-4-core
- set_fact:
run_once_srv_proxy_7_4_core: true
when: run_once_srv_proxy_7_4_core is not defined

27
roles/srv-web-6-6-tls-core/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: |
@@ -11,21 +10,19 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- certbot
- letsencrypt
- ssl
- tls
- acme
- https
- wildcard
- automation
- nginx
- certbot
- letsencrypt
- ssl
- tls
- acme
- https
- wildcard
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- srv-web-7-6-https

12
roles/srv-web-6-6-tls-core/tasks/main.yml
View File

@@ -1,5 +1,11 @@
# run_once_srv_web_6_6_tls_core: deactivated
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-7-6-https'
include_role:
name: srv-web-7-6-https
- set_fact:
run_once_srv_web_6_6_tls_core: true
when: run_once_srv_web_6_6_tls_core is not defined
- name: "Include flavor '{{ certbot_flavor }}' for '{{ domain }}'"
include_tasks: "{{ role_path }}/tasks/flavors/{{ certbot_flavor }}.yml"
@@ -36,4 +42,4 @@
- name: "Ensure ssl_cert_folder is set for domain {{ domain }}"
fail:
msg: "No certificate folder found for domain {{ domain }}"
when: ssl_cert_folder is undefined or ssl_cert_folder is none
when: ssl_cert_folder is undefined or ssl_cert_folder is none

28
roles/srv-web-6-6-tls-renew/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: |
@@ -11,23 +10,20 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- certbot
- ssl
- tls
- letsencrypt
- https
- systemd
- automation
- nginx
- certbot
- ssl
- tls
- letsencrypt
- https
- systemd
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- srv-web-7-7-certbot
- srv-web-7-4-core
- sys-alm-compose
- sys-cln-certs
- sys-cln-certs

22
roles/srv-web-6-6-tls-renew/tasks/01_core.yml
View File

@@ -1,12 +1,24 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- srv-web-7-7-certbot
- srv-web-7-4-core
- sys-alm-compose
- set_fact:
run_once_srv_web_6_6_tls_renew: true
when: run_once_srv_web_6_6_tls_renew is not defined
- name: install certbot
community.general.pacman:
name:
- certbot-nginx
- certbot-nginx
state: present
- name: configure srv-web-6-6-tls-renew.infinito.service
template:
src: srv-web-6-6-tls-renew.service.j2
template:
src: srv-web-6-6-tls-renew.service.j2
dest: /etc/systemd/system/srv-web-6-6-tls-renew.infinito.service
notify: reload certbot service
@@ -18,5 +30,5 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_renew_lets_encrypt_certificates}}"
persistent: "true"
on_calendar: "{{on_calendar_renew_lets_encrypt_certificates}}"
persistent: "true"

22
roles/srv-web-7-6-https/meta/main.yml
View File

@@ -9,20 +9,16 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- https
- tls
- letsencrypt
- security
- automation
- nginx
- https
- tls
- letsencrypt
- security
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
dependencies:
- srv-web-7-4-core
- sys-cln-domains
- srv-web-7-7-letsencrypt

12
roles/srv-web-7-6-https/tasks/main.yml Normal file
View File

@@ -0,0 +1,12 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- srv-web-7-4-core
- sys-cln-domains
- srv-web-7-7-letsencrypt
- set_fact:
run_once_srv_web_7_6_https: true
when: run_once_srv_web_7_6_https is not defined

19
roles/srv-web-7-7-inj-compose/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Core role for Nginx HTML injection of Matomo, theming, iFrame and JS snippets based on application feature flags."
@@ -9,19 +8,15 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- nginx
- injector
- matomo
- theming
- nginx
- injector
- matomo
- theming
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-web-7-7-inj-compose"
min_ansible_version: "2.9"
platforms:
- name: Any
versions:
- all
dependencies:
# The injections are called in the script. Keep the logic there.
- srv-web-7-4-core
- name: Any
versions:
- all

44
roles/srv-web-7-7-inj-compose/tasks/main.yml
View File

@@ -1,29 +1,35 @@
# run_once_srv_web_7_7_inj_compose: deactivated
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-7-4-core'
include_role:
name: srv-web-7-4-core
- set_fact:
run_once_srv_web_7_7_inj_compose: true
when: run_once_srv_web_7_7_inj_compose is not defined
- name: Set inj_enabled dictionary
set_fact:
inj_enabled:
javascript: "{{ applications | get_app_conf(application_id, 'features.javascript', False) }}"
logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}"
css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}"
matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}"
port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}"
logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}"
css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}"
matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}"
port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}"
- name: "Load CDN for {{domain}}"
include_role:
name: web-svc-cdn
public: false
# ATM just the Logout is using the CDN.
when:
- inj_enabled.logout
- application_id != 'web-svc-cdn'
- run_once_web_svc_cdn is not defined
when:
- inj_enabled.logout
- application_id != 'web-svc-cdn'
- run_once_web_svc_cdn is not defined
- name: Overwritte CDN handlers with neutral handlers
ansible.builtin.include_tasks: "{{ playbook_dir }}/tasks/utils/load_handlers.yml"
loop:
- svc-prx-openresty
- docker-compose
- svc-prx-openresty
- docker-compose
loop_control:
label: "{{ item }}"
vars:
@@ -33,17 +39,17 @@
set_fact:
inj_enabled:
javascript: "{{ applications | get_app_conf(application_id, 'features.javascript', False) }}"
logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}"
css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}"
matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}"
port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}"
logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}"
css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}"
matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}"
port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}"
- name: "Activate Corporate CSS for {{domain}}"
include_role:
name: srv-web-7-7-inj-css
when:
- inj_enabled.css
- run_once_srv_web_7_7_inj_css is not defined
when:
- inj_enabled.css
- run_once_srv_web_7_7_inj_css is not defined
- name: "Activate Matomo Tracking for {{domain}}"
include_role:

27
roles/srv-web-7-7-inj-css/meta/main.yml
View File

@@ -1,29 +1,26 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Global CSS injection for Nginx-based apps using dynamic colorschemes."
license: "Infinito.Nexus NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- css
- colors
- bootstrap
- theming
- dynamic
- frontend
- global
- nginx
- css
- colors
- bootstrap
- theming
- dynamic
- frontend
- global
repository: https://github.com/kevinveenbirkenbach/infinito-nexus
issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues
documentation: "https://docs.infinito.nexus/"
dependencies:
- srv-web-7-4-core

10
roles/srv-web-7-7-inj-css/tasks/01_core.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-7-4-core'
include_role:
name: srv-web-7-4-core
- set_fact:
run_once_srv_web_7_7_inj_css: true
when: run_once_srv_web_7_7_inj_css is not defined
- name: Generate color palette with colorscheme-generator
set_fact:
color_palette: "{{ lookup('colorscheme', global_css_base_color, count=global_css_count, shades=global_css_shades) }}"
@@ -21,4 +29,4 @@
- name: Set global_css_version
set_fact:
global_css_version: "{{ global_css_stat.stat.mtime }}"
global_css_version: "{{ global_css_stat.stat.mtime }}"

21
roles/srv-web-7-7-inj-javascript/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Injects a custom JavaScript snippet into Nginx-served HTML responses via sub_filter."
@@ -10,19 +9,17 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- javascript
- csp
- sub_filter
- injection
- global
- nginx
- javascript
- csp
- sub_filter
- injection
- global
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
dependencies:
- srv-web-7-4-core

9
roles/srv-web-7-7-inj-javascript/tasks/main.yml
View File

@@ -1,4 +1,11 @@
# run_once_srv_web_7_7_inj_javascript: deactivated
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-7-4-core'
include_role:
name: srv-web-7-4-core
- set_fact:
run_once_srv_web_7_7_inj_javascript: true
when: run_once_srv_web_7_7_inj_javascript is not defined
- name: "Load JavaScript code for '{{ application_id }}'"
set_fact:
javascript_code: "{{ lookup('template', modifier_javascript_template_file) }}"

23
roles/srv-web-7-7-inj-logout/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin VeenBirkenbach"
role_name: "srv-web-7-7-inj-logout"
@@ -9,21 +8,17 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Any
versions: ["all"]
- name: Any
versions: ["all"]
galaxy_tags:
- nginx
- logout
- oidc
- javascript
- csp
- sub_filter
- nginx
- logout
- oidc
- javascript
- csp
- sub_filter
company: >
Kevin VeenBirkenbach
Consulting & Coaching Solutions
https://www.veen.world
Kevin VeenBirkenbach Consulting & Coaching Solutions https://www.veen.world
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-web-7-7-inj-logout"
dependencies:
- srv-web-7-4-core

8
roles/srv-web-7-7-inj-logout/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-7-4-core'
include_role:
name: srv-web-7-4-core
- set_fact:
run_once_srv_web_7_7_inj_logout: true
when: run_once_srv_web_7_7_inj_logout is not defined
- name: "deploy the logout.js"
include_tasks: "deploy.yml"
when: run_once_srv_web_7_7_inj_logout is not defined

14
roles/srv-web-7-7-inj-matomo/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birchenbach"
description: "Injects Matomo analytics tracking code and noscript image tracker into Nginx-served HTML pages."
@@ -9,16 +8,13 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- nginx
- matomo
- analytics
- nginx
- matomo
- analytics
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-web-7-7-inj-matomo"
min_ansible_version: "2.9"
platforms:
- name: Any
versions: [ all ]
dependencies:
- srv-web-7-4-core
- name: Any
versions: [all]

20
roles/srv-web-7-7-inj-matomo/tasks/main.yml
View File

@@ -1,5 +1,11 @@
# run_once_srv_web_7_7_inj_matomo: deactivated
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-7-4-core'
include_role:
name: srv-web-7-4-core
- set_fact:
run_once_srv_web_7_7_inj_matomo: true
when: run_once_srv_web_7_7_inj_matomo is not defined
- name: "Relevant variables for role: {{ role_path | basename }}"
debug:
msg:
@@ -10,16 +16,16 @@
- name: "Check if site {{ domain }} is allready registered at Matomo"
uri:
url: "{{ matomo_verification_url }}"
method: GET
url: "{{ matomo_verification_url }}"
method: GET
return_content: yes
status_code: 200
status_code: 200
validate_certs: yes
register: site_check
register: site_check
- name: Set matomo_site_id to Null
set_fact:
matomo_site_id: Null
matomo_site_id:
- name: Set fact for site ID if site already exists
set_fact:

22
roles/srv-web-7-7-inj-port-ui-desktop/meta/main.yml
View File

@@ -1,5 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Injects a JS snippet into HTML to notify parent windows of iframe location changes and force external links to new tabs."
@@ -14,15 +12,13 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- iframe
- javascript
- csp
- security
- postMessage
dependencies:
- srv-web-7-4-core
- nginx
- iframe
- javascript
- csp
- security
- postMessage

9
roles/srv-web-7-7-inj-port-ui-desktop/tasks/main.yml
View File

@@ -1,4 +1,11 @@
# run_once_srv_web_7_7_inj_port_ui_desktop: deactivated
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-7-4-core'
include_role:
name: srv-web-7-4-core
- set_fact:
run_once_srv_web_7_7_inj_port_ui_desktop: true
when: run_once_srv_web_7_7_inj_port_ui_desktop is not defined
- name: "Load iFrame handler JS template for '{{ application_id }}'"
set_fact:
iframe_code: "{{ lookup('template','iframe-handler.js.j2') }}"

19
roles/srv-web-7-7-letsencrypt/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "An Ansible role to automate Lets Encrypt SSL certificate issuance and renewal for Nginx"
@@ -10,17 +9,15 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- letsencrypt
- nginx
- ssl
- certificate
- security
- letsencrypt
- nginx
- ssl
- certificate
- security
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- srv-web-6-6-tls-renew

32
roles/srv-web-7-7-letsencrypt/tasks/main.yml
View File

@@ -1,13 +1,21 @@
- block:
- name: create nginx letsencrypt config file
template:
src: "letsencrypt.conf.j2"
dest: "{{nginx.directories.http.global}}letsencrypt.conf"
notify: restart openresty
- name: "Set CAA records for all base domains"
include_tasks: 01_set-caa-records.yml
when: dns_provider == 'cloudflare'
- include_tasks: utils/run_once.yml
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'srv-web-6-6-tls-renew'
include_role:
name: srv-web-6-6-tls-renew
- set_fact:
run_once_srv_web_7_7_letsencrypt: true
when: run_once_srv_web_7_7_letsencrypt is not defined
- block:
- name: create nginx letsencrypt config file
template:
src: "letsencrypt.conf.j2"
dest: "{{nginx.directories.http.global}}letsencrypt.conf"
notify: restart openresty
- name: "Set CAA records for all base domains"
include_tasks: 01_set-caa-records.yml
when: dns_provider == 'cloudflare'
- include_tasks: utils/run_once.yml
when: run_once_srv_web_7_7_letsencrypt is not defined

22
roles/svc-bkp-loc-2-usb/meta/main.yml
View File

@@ -1,27 +1,23 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Automated backups to a swappable USB device."
license: "Infinito.Nexus NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- backup
- usb
- systemd
- automation
- archlinux
- backup
- usb
- systemd
- automation
- archlinux
repository: https://github.com/kevinveenbirkenbach/infinito-nexus
issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues
documentation: "https://docs.infinito.nexus/"
dependencies:
- sys-cln-bkps-service
- sys-lock

19
roles/svc-bkp-loc-2-usb/tasks/main.yml
View File

@@ -1,9 +1,20 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-cln-bkps-service
- sys-lock
- set_fact:
run_once_svc_bkp_loc_2_usb: true
when: run_once_svc_bkp_loc_2_usb is not defined
- name: Fail if any backup_to_usb variable is empty
assert:
that:
- backup_to_usb_mount != ""
- backup_to_usb_target != ""
- backup_to_usb_source != ""
- backup_to_usb_mount != ""
- backup_to_usb_target != ""
- backup_to_usb_source != ""
fail_msg: |
One or more of the configuration variables are empty!
Please set:
@@ -27,4 +38,4 @@
owner: root
group: root
mode: '0644'
notify: reload svc-bkp-loc-2-usb.infinito.service
notify: reload svc-bkp-loc-2-usb.infinito.service

29
roles/svc-bkp-rmt-2-loc/meta/main.yml
View File

@@ -1,5 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Pulls backups from a remote server and stores them locally using rsync with retry logic. This role is part of a comprehensive backup scheme and works in conjunction with other roles to ensure reliable backup operations."
@@ -11,24 +9,19 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- backup
- remote
- local
- docker
- systemd
- automation
- backup
- remote
- local
- docker
- systemd
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- dev-git
- sys-alm-compose
- sys-cln-bkps-timer
- sys-cln-faild-bkps
- sys-lock
- user-root
- sys-rst-daemon
- sys-cln-bkps-timer
- sys-cln-faild-bkps

24
roles/svc-bkp-rmt-2-loc/tasks/main.yml
View File

@@ -1,3 +1,17 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- dev-git
- sys-alm-compose
- sys-lock
- user-root
- sys-rst-daemon
- set_fact:
run_once_svc_bkp_rmt_2_loc: true
when: run_once_svc_bkp_rmt_2_loc is not defined
- name: "create {{docker_backup_remote_to_local_folder}}"
file:
path: "{{docker_backup_remote_to_local_folder}}"
@@ -11,14 +25,14 @@
mode: 0755
- name: create svc-bkp-rmt-2-loc.infinito.service
template:
src: svc-bkp-rmt-2-loc.service.j2
template:
src: svc-bkp-rmt-2-loc.service.j2
dest: /etc/systemd/system/svc-bkp-rmt-2-loc.infinito.service
notify: reload svc-bkp-rmt-2-loc service
- name: create sys-bkp-rmt-2-loc-multi-provider.sh
template:
src: sys-bkp-rmt-2-loc-multi-provider.sh.j2
template:
src: sys-bkp-rmt-2-loc-multi-provider.sh.j2
dest: "{{docker_backup_remote_to_local_folder}}sys-bkp-rmt-2-loc-multi-provider.sh"
mode: 0755
@@ -30,5 +44,5 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_backup_remote_to_local}}"
on_calendar: "{{on_calendar_backup_remote_to_local}}"

19
roles/svc-db-postgres/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: >-
@@ -12,17 +11,15 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Docker
versions:
- "latest"
- name: Docker
versions:
- "latest"
galaxy_tags:
- postgresql
- docker
- database
- administration
- central-database
- postgresql
- docker
- database
- administration
- central-database
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- docker-core # Loading it here to avoid extra flush for network init

14
roles/svc-db-postgres/tasks/01_core.yml
View File

@@ -1,12 +1,20 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'docker-core'
include_role:
name: docker-core
- set_fact:
run_once_svc_db_postgres: true
when: run_once_svc_db_postgres is not defined
- name: Create Docker network for PostgreSQL
community.docker.docker_network:
name: "{{ postgres_network_name }}"
state: present
ipam_config:
- subnet: "{{ postgres_subnet }}"
- subnet: "{{ postgres_subnet }}"
- name: "include docker-compose role"
include_role:
include_role:
name: docker-compose
- name: Wait for Postgres inside the container
@@ -17,6 +25,6 @@
delay: 5
- name: install python-psycopg2
community.general.pacman:
community.general.pacman:
name: python-psycopg2
state: present

13
roles/svc-opt-swapfile/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birchenbach"
description: "Automates swapfile creation on target systems by cloning and executing a swapfile script."
@@ -9,15 +8,13 @@ galaxy_info:
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- swapfile
- performance
- swapfile
- performance
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/sys-opt-swapfile"
min_ansible_version: "2.9"
platforms:
- name: Any
versions:
- all
dependencies:
- pkgmgr-install
- name: Any
versions:
- all

10
roles/svc-opt-swapfile/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'pkgmgr-install'
include_role:
name: pkgmgr-install
- set_fact:
run_once_svc_opt_swapfile: true
when: run_once_svc_opt_swapfile is not defined
- name: "pkgmgr install"
include_role:
name: pkgmgr-install
@@ -6,4 +14,4 @@
- name: Execute create swapfile script
shell: swap-forge "{{swapfile_size}}"
become: true
become: true

20
roles/sys-alm-compose/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs a unified systemd notification service that sends alerts via both Telegram and Email when a service fails."
@@ -10,18 +9,15 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- systemd
- notifier
- telegram
- email
- notifications
- systemd
- notifier
- telegram
- email
- notifications
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-telegram
- sys-alm-email

18
roles/sys-alm-compose/tasks/main.yml
View File

@@ -1,7 +1,17 @@
---
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-alm-telegram
- sys-alm-email
- set_fact:
run_once_sys_alm_compose: true
when: run_once_sys_alm_compose is not defined
- name: configure sys-alm-compose.infinito@.service
template:
src: sys-alm-compose@.service.j2
template:
src: sys-alm-compose@.service.j2
dest: "/etc/systemd/system/sys-alm-compose.infinito@.service"
notify: "restart sys-alm-compose service"
when: run_once_sys_alm_compose is not defined
@@ -9,4 +19,4 @@
- name: run the systemd_notifier_service tasks once
set_fact:
run_once_sys_alm_compose: true
when: run_once_sys_alm_compose is not defined
when: run_once_sys_alm_compose is not defined

20
roles/sys-alm-email/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs and configures components for sending email notifications. This role is part of the sys-alm-compose suite, providing automated alerts when services fail."
@@ -10,18 +9,15 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- email
- systemd
- notifications
- automation
- msmtp
- email
- systemd
- notifications
- automation
- msmtp
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-svc-msmtp
- sys-rst-daemon

17
roles/sys-alm-email/tasks/01_core.yml
View File

@@ -1,3 +1,14 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-svc-msmtp
- sys-rst-daemon
- set_fact:
run_once_sys_alm_email: true
when: run_once_sys_alm_email is not defined
- name: "create {{systemd_notifier_email_folder}}"
file:
path: "{{systemd_notifier_email_folder}}"
@@ -6,11 +17,11 @@
- name: configure sys-alm-email.sh
template:
src: sys-alm-email.sh.j2
src: sys-alm-email.sh.j2
dest: "{{systemd_notifier_email_folder}}sys-alm-email.sh"
- name: configure sys-alm-email.infinito.service
template:
src: sys-alm-email@.service.j2
template:
src: sys-alm-email@.service.j2
dest: /etc/systemd/system/sys-alm-email.infinito@.service
notify: restart sys-alm-email service

19
roles/sys-alm-telegram/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs and configures components for sending Telegram notifications through systemd. This role is part of the sys-alm-compose suite, providing automated alerts when services fail."
@@ -10,17 +9,15 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- telegram
- systemd
- notifications
- automation
- curl
- telegram
- systemd
- notifications
- automation
- curl
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-rst-daemon

22
roles/sys-alm-telegram/tasks/01_core.yml
View File

@@ -1,8 +1,16 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-rst-daemon'
include_role:
name: sys-rst-daemon
- set_fact:
run_once_sys_alm_telegram: true
when: run_once_sys_alm_telegram is not defined
- name: Fail if Telegram bot credentials are not set
assert:
that:
- telegram_bot_token != ""
- telegram_chat_id != ""
- telegram_bot_token != ""
- telegram_chat_id != ""
fail_msg: |
Telegram configuration is incomplete!
Please provide nonempty values for:
@@ -10,7 +18,7 @@
- telegram_chat_id # The Telegram chat ID to send messages to
- name: install curl
community.general.pacman:
community.general.pacman:
name: curl
state: present
@@ -21,12 +29,12 @@
mode: '0755'
- name: configure sys-alm-telegram.sh
template:
src: sys-alm-telegram.sh.j2
template:
src: sys-alm-telegram.sh.j2
dest: "{{ systemd_telegram_script }}"
- name: configure sys-alm-telegram.infinito.service
template:
src: sys-alm-telegram@.service.j2
template:
src: sys-alm-telegram@.service.j2
dest: "/etc/systemd/system/sys-alm-telegram.infinito@.service"
notify: "restart sys-alm-telegram service"

23
roles/sys-bkp-docker-2-loc/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Automates the backup of Docker volumes to a local folder"
@@ -10,21 +9,17 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- backup
- docker
- local
- systemd
- automation
- backup
- docker
- local
- systemd
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-bkp-provider
- sys-alm-compose
- sys-cln-faild-bkps
- sys-lock
- sys-bkp-directory-validator
- sys-cln-faild-bkps

19
roles/sys-bkp-docker-2-loc/tasks/01_core.yml
View File

@@ -1,3 +1,16 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-bkp-provider
- sys-alm-compose
- sys-lock
- sys-bkp-directory-validator
- set_fact:
run_once_sys_bkp_docker_2_loc: true
when: run_once_sys_bkp_docker_2_loc is not defined
- include_tasks: 02_pkgmgr_routines.yml
when: backup_docker_to_local_folder is not defined
@@ -6,13 +19,13 @@
when: mode_reset | bool
- name: configure sys-bkp-docker-2-loc-everything.infinito.service
template:
template:
src: sys-bkp-docker-2-loc-everything.service.j2
dest: /etc/systemd/system/sys-bkp-docker-2-loc-everything.infinito.service
notify: reload sys-bkp-docker-2-loc-everything.infinito.service
- name: configure sys-bkp-docker-2-loc.infinito.service
template:
template:
src: sys-bkp-docker-2-loc.service.j2
dest: /etc/systemd/system/sys-bkp-docker-2-loc.infinito.service
notify: reload sys-bkp-docker-2-loc.infinito.service
@@ -25,4 +38,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_backup_docker_to_local}}"
on_calendar: "{{on_calendar_backup_docker_to_local}}"

20
roles/sys-bkp-provider/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Configures the host as a backup provider to facilitate secure backup operations."
@@ -10,18 +9,15 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Linux
versions:
- all
- name: Linux
versions:
- all
galaxy_tags:
- backups
- provider
- backup
- automation
- security
- backups
- provider
- backup
- automation
- security
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-bkp-provider-user
- sys-cln-bkps-timer

11
roles/sys-bkp-provider/tasks/main.yml Normal file
View File

@@ -0,0 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-bkp-provider-user
- sys-cln-bkps-timer
- set_fact:
run_once_sys_bkp_provider: true
when: run_once_sys_bkp_provider is not defined

13
roles/sys-cli/meta/main.yml
View File

@@ -1,24 +1,21 @@
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: >
This role installs and provides the Infinito.Nexus CLI, enabling you to manage your entire Infinito.Nexus environment from the command line. After deployment, the `infinito` command is available.
license: "Infinito.Nexus NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
galaxy_tags:
- infinito
- cli
- management
- automation
- infinito
- cli
- management
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/"
logo:
class: "fa-solid fa-terminal"
run_after: []
dependencies:
- dev-yay

10
roles/sys-cli/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'dev-yay'
include_role:
name: dev-yay
- set_fact:
run_once_sys_cli: true
when: run_once_sys_cli is not defined
- name: "pkgmgr install infinito"
include_role:
name: pkgmgr-install
@@ -7,4 +15,4 @@
- name: Get infinito base path
command: pkgmgr path infinito
register: infinito_path_cmd
changed_when: false
changed_when: false

20
roles/sys-cln-bkps-service/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Automates the cleanup of old backups by executing a Python script that deletes outdated backup versions when disk usage exceeds a specified threshold."
@@ -10,19 +9,14 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Linux
versions:
- all
- name: Linux
versions:
- all
galaxy_tags:
- backup
- cleanup
- disk
- automation
- backup
- cleanup
- disk
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- dev-python-pip
- sys-alm-compose
- sys-lock
- sys-rst-daemon

25
roles/sys-cln-bkps-service/tasks/01_core.yml
View File

@@ -1,8 +1,21 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- dev-python-pip
- sys-alm-compose
- sys-lock
- sys-rst-daemon
- set_fact:
run_once_sys_cln_bkps_service: true
when: run_once_sys_cln_bkps_service is not defined
- name: install lsof and python-psutil
community.general.pacman:
name:
- lsof
- python-psutil
- lsof
- python-psutil
state: present
- name: "create {{cleanup_backups_directory}}"
@@ -12,12 +25,12 @@
mode: 0755
- name: create sys-cln-backups.py
copy:
src: "sys-cln-backups.py"
copy:
src: "sys-cln-backups.py"
dest: "{{cleanup_backups_directory}}sys-cln-backups.py"
- name: create sys-cln-backups.infinito.service
template:
src: "sys-cln-backups.service.j2"
template:
src: "sys-cln-backups.service.j2"
dest: "/etc/systemd/system/sys-cln-backups.infinito.service"
notify: reload sys-cln-backups.infinito.service

18
roles/sys-cln-bkps-timer/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Schedules periodic cleanup of old backups by configuring a systemd timer to trigger the sys-cln-bkps-service role."
@@ -10,17 +9,14 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Linux
versions:
- all
- name: Linux
versions:
- all
galaxy_tags:
- timer
- backup
- cleanup
- automation
- timer
- backup
- cleanup
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-cln-bkps-service
- sys-rst-daemon

13
roles/sys-cln-bkps-timer/tasks/main.yml
View File

@@ -1,3 +1,14 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-cln-bkps-service
- sys-rst-daemon
- set_fact:
run_once_sys_cln_bkps_timer: true
when: run_once_sys_cln_bkps_timer is not defined
- name: set service_name to sys-cln-backups
set_fact:
service_name: "sys-cln-backups"
@@ -7,7 +18,7 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_cleanup_backups}}"
on_calendar: "{{on_calendar_cleanup_backups}}"
when: run_once_sys_cln_bkps_timer is not defined
- name: run the cleanup_backups_timer tasks once

20
roles/sys-cln-certs/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Automates the revocation and deletion of unused Let's Encrypt certificates"
@@ -10,19 +9,16 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- certbot
- ssl
- cleanup
- automation
- systemd
- certbot
- ssl
- cleanup
- automation
- systemd
repository: "https://github.com/kevinveenbirkenbach/certreap"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/certreap/issues"
documentation: "https://github.com/kevinveenbirkenbach/certreap#readme"
dependencies:
- sys-alm-compose
- sys-rst-daemon

13
roles/sys-cln-certs/tasks/01_core.yml
View File

@@ -1,3 +1,14 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-alm-compose
- sys-rst-daemon
- set_fact:
run_once_sys_cln_certs: true
when: run_once_sys_cln_certs is not defined
- name: "pkgmgr install"
include_role:
name: pkgmgr-install
@@ -18,4 +29,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{ on_calendar_cleanup_certs }}"
on_calendar: "{{ on_calendar_cleanup_certs }}"

19
roles/sys-cln-disc-space/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Frees disk space on the target system by executing a cleanup script that removes temporary files, clears package caches, and optionally handles Docker and backup cleanup."
@@ -10,18 +9,14 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Linux
versions:
- all
- name: Linux
versions:
- all
galaxy_tags:
- disk
- cleanup
- storage
- automation
- disk
- cleanup
- storage
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose
- sys-lock
- sys-rst-daemon

16
roles/sys-cln-disc-space/tasks/main.yml
View File

@@ -1,3 +1,15 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-alm-compose
- sys-lock
- sys-rst-daemon
- set_fact:
run_once_sys_cln_disc_space: true
when: run_once_sys_cln_disc_space is not defined
- name: "create {{cleanup_disc_space_folder}}"
file:
path: "{{cleanup_disc_space_folder}}"
@@ -10,7 +22,7 @@
dest: "{{cleanup_disc_space_folder}}sys-cln-disc-space.sh"
- name: create sys-cln-disc-space.infinito.service
template:
template:
src: sys-cln-disc-space.service.j2
dest: /etc/systemd/system/sys-cln-disc-space.infinito.service
notify: reload sys-cln-disc-space.infinito.service
@@ -23,4 +35,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_cleanup_disc_space}}"
on_calendar: "{{on_calendar_cleanup_disc_space}}"

17
roles/sys-cln-domains/meta/main.yml
View File

@@ -9,17 +9,14 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- nginx
- cleanup
- certbot
- domains
- nginx
- cleanup
- certbot
- domains
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- srv-web-7-4-core
- sys-rst-daemon

16
roles/sys-cln-domains/tasks/main.yml
View File

@@ -1,4 +1,14 @@
---
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- srv-web-7-4-core
- sys-rst-daemon
- set_fact:
run_once_sys_cln_domains: true
when: run_once_sys_cln_domains is not defined
- name: Include task to remove deprecated nginx configs
include_tasks: remove_deprecated_nginx_configs.yml
loop: "{{ deprecated_domains }}"
@@ -7,8 +17,8 @@
vars:
domain: "{{ item }}"
when:
- mode_cleanup | bool
- run_once_sys_cln_domains is not defined
- mode_cleanup | bool
- run_once_sys_cln_domains is not defined
## The revoking just works for the base domain
#- name: "Revoke Certbot certificate for {{ item }}"

20
roles/sys-cln-faild-bkps/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Cleans up failed Docker backups by configuring a systemd service and timer to execute the cleanup operations periodically."
@@ -10,19 +9,14 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Linux
versions:
- all
- name: Linux
versions:
- all
galaxy_tags:
- docker
- backup
- cleanup
- automation
- docker
- backup
- cleanup
- automation
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose
- sys-lock
- sys-bkp-directory-validator
- sys-rst-daemon

15
roles/sys-cln-faild-bkps/tasks/01_core.yml
View File

@@ -1,3 +1,16 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- sys-alm-compose
- sys-lock
- sys-bkp-directory-validator
- sys-rst-daemon
- set_fact:
run_once_sys_cln_faild_bkps: true
when: run_once_sys_cln_faild_bkps is not defined
- name: "pkgmgr install"
include_role:
name: pkgmgr-install
@@ -28,4 +41,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_cleanup_failed_docker}}"
on_calendar: "{{on_calendar_cleanup_failed_docker}}"

17
roles/sys-hlth-btrfs/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Health-check for Btrfs filesystems, alerts on any device error counters."
@@ -10,15 +9,13 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: ["rolling"]
- name: Archlinux
versions: ["rolling"]
galaxy_tags:
- monitor
- btrfs
- health
- systemd
- filesystem
- monitor
- btrfs
- health
- systemd
- filesystem
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose

12
roles/sys-hlth-btrfs/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-compose'
include_role:
name: sys-alm-compose
- set_fact:
run_once_sys_hlth_btrfs: true
when: run_once_sys_hlth_btrfs is not defined
- name: "create {{docker_health_btrfs_folder}}"
file:
path: "{{docker_health_btrfs_folder}}"
@@ -10,7 +18,7 @@
dest: "{{docker_health_btrfs_folder}}sys-hlth-btrfs.sh"
- name: create sys-hlth-btrfs.infinito.service
template:
template:
src: sys-hlth-btrfs.service.j2
dest: /etc/systemd/system/sys-hlth-btrfs.infinito.service
notify: reload sys-hlth-btrfs.infinito.service
@@ -23,4 +31,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_health_btrfs}}"
on_calendar: "{{on_calendar_health_btrfs}}"

22
roles/sys-hlth-csp/meta/main.yml
View File

@@ -9,19 +9,17 @@ galaxy_info:
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions:
- rolling
- name: Archlinux
versions:
- rolling
galaxy_tags:
- csp
- puppeteer
- health
- browser
- nodejs
- monitoring
- systemd
- csp
- puppeteer
- health
- browser
- nodejs
- monitoring
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose

8
roles/sys-hlth-csp/tasks/01_core.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-compose'
include_role:
name: sys-alm-compose
- set_fact:
run_once_sys_hlth_csp: true
when: run_once_sys_hlth_csp is not defined
- name: "pkgmgr install"
include_role:
name: pkgmgr-install

17
roles/sys-hlth-disc-space/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Disk-space usage monitor; alerts when usage exceeds threshold."
@@ -10,15 +9,13 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: ["rolling"]
- name: Archlinux
versions: ["rolling"]
galaxy_tags:
- monitor
- disk
- space
- health
- systemd
- monitor
- disk
- space
- health
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose

12
roles/sys-hlth-disc-space/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-compose'
include_role:
name: sys-alm-compose
- set_fact:
run_once_sys_hlth_disc_space: true
when: run_once_sys_hlth_disc_space is not defined
- name: "create {{health_disc_space_folder}}"
file:
path: "{{health_disc_space_folder}}"
@@ -10,7 +18,7 @@
dest: "{{health_disc_space_folder}}sys-hlth-disc-space.sh"
- name: create sys-hlth-disc-space.infinito.service
template:
template:
src: sys-hlth-disc-space.service.j2
dest: /etc/systemd/system/sys-hlth-disc-space.infinito.service
notify: reload sys-hlth-disc-space.infinito.service
@@ -23,4 +31,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_health_disc_space}}"
on_calendar: "{{on_calendar_health_disc_space}}"

17
roles/sys-hlth-docker-container/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Checks Docker containers for unhealthy or exited states and alerts on any issues."
@@ -10,15 +9,13 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: ["rolling"]
- name: Archlinux
versions: ["rolling"]
galaxy_tags:
- monitor
- docker
- containers
- health
- systemd
- monitor
- docker
- containers
- health
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose

14
roles/sys-hlth-docker-container/tasks/01_core.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-compose'
include_role:
name: sys-alm-compose
- set_fact:
run_once_sys_hlth_docker_container: true
when: run_once_sys_hlth_docker_container is not defined
- name: "create {{health_docker_container_folder}}"
file:
path: "{{health_docker_container_folder}}"
@@ -10,8 +18,8 @@
dest: "{{health_docker_container_folder}}sys-hlth-docker-container.sh"
- name: create sys-hlth-docker-container.infinito.service
template:
src: sys-hlth-docker-container.service.j2
template:
src: sys-hlth-docker-container.service.j2
dest: /etc/systemd/system/sys-hlth-docker-container.infinito.service
notify: reload sys-hlth-docker-container.infinito.service
@@ -23,4 +31,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_health_docker_container}}"
on_calendar: "{{on_calendar_health_docker_container}}"

17
roles/sys-hlth-docker-volumes/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Detects anonymous Docker volumes not bound to containers (unless whitelisted) and alerts."
@@ -10,15 +9,13 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: ["rolling"]
- name: Archlinux
versions: ["rolling"]
galaxy_tags:
- monitor
- docker
- volumes
- health
- systemd
- monitor
- docker
- volumes
- health
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose

12
roles/sys-hlth-docker-volumes/tasks/01_core.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-compose'
include_role:
name: sys-alm-compose
- set_fact:
run_once_sys_hlth_docker_volumes: true
when: run_once_sys_hlth_docker_volumes is not defined
- name: "create {{health_docker_volumes_folder}}"
file:
path: "{{health_docker_volumes_folder}}"
@@ -11,7 +19,7 @@
- name: create sys-hlth-docker-volumes.infinito.service
template:
src: sys-hlth-docker-volumes.service.j2
src: sys-hlth-docker-volumes.service.j2
dest: /etc/systemd/system/sys-hlth-docker-volumes.infinito.service
notify: reload sys-hlth-docker-volumes.infinito.service
@@ -23,4 +31,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_health_docker_volumes}}"
on_calendar: "{{on_calendar_health_docker_volumes}}"

17
roles/sys-hlth-journalctl/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Searches the systemd journal for errors over the past day and alerts if any are found."
@@ -10,15 +9,13 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: ["rolling"]
- name: Archlinux
versions: ["rolling"]
galaxy_tags:
- monitor
- journalctl
- logs
- health
- systemd
- monitor
- journalctl
- logs
- health
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-compose

12
roles/sys-hlth-journalctl/tasks/01_core.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-compose'
include_role:
name: sys-alm-compose
- set_fact:
run_once_sys_hlth_journalctl: true
when: run_once_sys_hlth_journalctl is not defined
- name: "create {{health_journalctl_folder}}"
file:
path: "{{health_journalctl_folder}}"
@@ -10,7 +18,7 @@
dest: "{{health_journalctl_folder}}sys-hlth-journalctl.sh"
- name: create sys-hlth-journalctl.infinito.service
template:
template:
src: sys-hlth-journalctl.service.j2
dest: /etc/systemd/system/sys-hlth-journalctl.infinito.service
notify: reload sys-hlth-journalctl.infinito.service
@@ -23,4 +31,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_health_journalctl}}"
on_calendar: "{{on_calendar_health_journalctl}}"

17
roles/sys-hlth-msmtp/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Periodic MTA health-check: sends test mail via msmtp and alerts on failure."
@@ -10,15 +9,13 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: ["rolling"]
- name: Archlinux
versions: ["rolling"]
galaxy_tags:
- monitor
- msmtp
- email
- health
- systemd
- monitor
- msmtp
- email
- health
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
dependencies:
- sys-alm-telegram

12
roles/sys-hlth-msmtp/tasks/main.yml
View File

@@ -1,3 +1,11 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependency 'sys-alm-telegram'
include_role:
name: sys-alm-telegram
- set_fact:
run_once_sys_hlth_msmtp: true
when: run_once_sys_hlth_msmtp is not defined
- name: "create {{ health_msmtp_folder }}"
file:
path: "{{ health_msmtp_folder }}"
@@ -6,7 +14,7 @@
- name: create sys-hlth-msmtp.sh
template:
src: sys-hlth-msmtp.sh.j2
src: sys-hlth-msmtp.sh.j2
dest: "{{ health_msmtp_folder }}sys-hlth-msmtp.sh"
mode: '0755'
@@ -24,4 +32,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{ on_calendar_health_msmtp }}"
on_calendar: "{{ on_calendar_health_msmtp }}"

20
roles/sys-hlth-webserver/meta/main.yml
View File

@@ -1,4 +1,3 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Checks that each Nginx domain returns its expected HTTP status and alerts on unexpected codes."
@@ -10,17 +9,14 @@ galaxy_info:
license_url: "https://s.veen.world/cncl"
min_ansible_version: "2.9"
platforms:
- name: Archlinux
versions: ["rolling"]
- name: Archlinux
versions: ["rolling"]
galaxy_tags:
- monitor
- webserver
- nginx
- http
- health
- systemd
- monitor
- webserver
- nginx
- http
- health
- systemd
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
documentation: "https://docs.infinito.nexus"
dependencies:
- dev-python-pip
- sys-alm-compose

15
roles/sys-hlth-webserver/tasks/01_core.yml
View File

@@ -1,3 +1,14 @@
- name: Load former meta dependencies once
block:
- name: Include moved dependencies
include_role:
name: '{{ item }}'
loop:
- dev-python-pip
- sys-alm-compose
- set_fact:
run_once_sys_hlth_webserver: true
when: run_once_sys_hlth_webserver is not defined
- name: Install required Python modules
community.general.pacman:
name: python-requests
@@ -15,7 +26,7 @@
dest: "{{ health_nginx_folder }}sys-hlth-webserver.py"
- name: create sys-hlth-webserver.infinito.service
template:
template:
src: sys-hlth-webserver.service.j2
dest: /etc/systemd/system/sys-hlth-webserver.infinito.service
notify: reload sys-hlth-webserver.infinito.service
@@ -28,4 +39,4 @@
include_role:
name: sys-timer
vars:
on_calendar: "{{on_calendar_health_nginx}}"
on_calendar: "{{on_calendar_health_nginx}}"

Some files were not shown because too many files have changed in this diff Show More