diff --git a/roles/desk-gnome-caffeine/meta/main.yml b/roles/desk-gnome-caffeine/meta/main.yml index 81f2457c..d62c589e 100644 --- a/roles/desk-gnome-caffeine/meta/main.yml +++ b/roles/desk-gnome-caffeine/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs caffeine-ng and configures it to autostart for preventing screen sleep on GNOME." @@ -6,12 +5,10 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.4" platforms: - - name: Archlinux - versions: - - all + - name: Archlinux + versions: + - all galaxy_tags: - - caffeine - - autostart - - archlinux -dependencies: - - dev-yay \ No newline at end of file + - caffeine + - autostart + - archlinux diff --git a/roles/desk-gnome-caffeine/tasks/main.yml b/roles/desk-gnome-caffeine/tasks/main.yml index cc81371a..4badb9f9 100644 --- a/roles/desk-gnome-caffeine/tasks/main.yml +++ b/roles/desk-gnome-caffeine/tasks/main.yml @@ -1,9 +1,16 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_desk_gnome_caffeine: true + when: run_once_desk_gnome_caffeine is not defined - name: Install caffeine kewlfft.aur.aur: use: yay name: - - caffeine-ng + - caffeine-ng become: false - name: Create autostart directory if it doesn't exist diff --git a/roles/desk-qbittorrent/meta/main.yml b/roles/desk-qbittorrent/meta/main.yml index 48daea4f..d0be4cde 100644 --- a/roles/desk-qbittorrent/meta/main.yml +++ b/roles/desk-qbittorrent/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Installs the qBittorrent torrent client via AUR on Arch Linux." @@ -9,15 +8,12 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - qbittorrent - - torrent + - qbittorrent + - torrent repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/desk-qbittorrent" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: [ all ] -dependencies: - - dev-yay - + - name: Archlinux + versions: [all] diff --git a/roles/desk-qbittorrent/tasks/main.yml b/roles/desk-qbittorrent/tasks/main.yml index 052d132d..262dac5b 100644 --- a/roles/desk-qbittorrent/tasks/main.yml +++ b/roles/desk-qbittorrent/tasks/main.yml @@ -1,5 +1,13 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_desk_qbittorrent: true + when: run_once_desk_qbittorrent is not defined - name: install torrent software kewlfft.aur.aur: use: yay name: - - qbittorrent \ No newline at end of file + - qbittorrent diff --git a/roles/desk-spotify/meta/main.yml b/roles/desk-spotify/meta/main.yml index 436f21e6..6eaa4562 100644 --- a/roles/desk-spotify/meta/main.yml +++ b/roles/desk-spotify/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs the Spotify client." @@ -10,18 +9,16 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - spotify - - aur - - music - - streaming - - archlinux - - client + - spotify + - aur + - music + - streaming + - archlinux + - client repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" -dependencies: - - dev-yay diff --git a/roles/desk-spotify/tasks/main.yml b/roles/desk-spotify/tasks/main.yml index 459d5268..5dfceb0f 100644 --- a/roles/desk-spotify/tasks/main.yml +++ b/roles/desk-spotify/tasks/main.yml @@ -1,5 +1,13 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_desk_spotify: true + when: run_once_desk_spotify is not defined - name: install spotify kewlfft.aur.aur: use: yay name: - - spotify \ No newline at end of file + - spotify diff --git a/roles/desk-ssh/meta/main.yml b/roles/desk-ssh/meta/main.yml index 195ce298..97453eb4 100644 --- a/roles/desk-ssh/meta/main.yml +++ b/roles/desk-ssh/meta/main.yml @@ -1,30 +1,28 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Persistent SSH agent setup for GNOME Wayland sessions with SSH configuration pulled from Git." license: "Infinito.Nexus NonCommercial License (CNCL)" license_url: "https://s.veen.world/cncl" - company: | + company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - ssh - - agent - - systemd - - gnome - - wayland - - archlinux - - keepassxc + - ssh + - agent + - systemd + - gnome + - wayland + - archlinux + - keepassxc repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" dependencies: - - desk-git - - dev-shell \ No newline at end of file +- desk-git diff --git a/roles/desk-ssh/tasks/main.yml b/roles/desk-ssh/tasks/main.yml index 0015e85b..7817dc65 100644 --- a/roles/desk-ssh/tasks/main.yml +++ b/roles/desk-ssh/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-shell' + include_role: + name: dev-shell + - set_fact: + run_once_desk_ssh: true + when: run_once_desk_ssh is not defined - name: pull ssh repository from {{desk_ssh_repository}} git: repo: "{{desk_ssh_repository}}" @@ -43,4 +51,4 @@ state: present create: yes mode: "0644" - become: false \ No newline at end of file + become: false diff --git a/roles/desk-zoom/meta/main.yml b/roles/desk-zoom/meta/main.yml index 345633cd..101eb0df 100644 --- a/roles/desk-zoom/meta/main.yml +++ b/roles/desk-zoom/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Installs the Zoom video conferencing client via AUR on Arch Linux." @@ -9,16 +8,13 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - zoom - - video - - conferencing + - zoom + - video + - conferencing repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/desk-zoom" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: [ all ] -dependencies: - - dev-yay - + - name: Archlinux + versions: [all] diff --git a/roles/desk-zoom/tasks/main.yml b/roles/desk-zoom/tasks/main.yml index 8438bce5..53bb25b9 100644 --- a/roles/desk-zoom/tasks/main.yml +++ b/roles/desk-zoom/tasks/main.yml @@ -1,6 +1,14 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_desk_zoom: true + when: run_once_desk_zoom is not defined - name: install video conference software kewlfft.aur.aur: use: yay name: - - zoom - become: false \ No newline at end of file + - zoom + become: false diff --git a/roles/dev-python-pip/meta/main.yml b/roles/dev-python-pip/meta/main.yml index 637f1a2a..0a13119d 100644 --- a/roles/dev-python-pip/meta/main.yml +++ b/roles/dev-python-pip/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs the python-pip package to provide the Python package manager, ensuring that Python packages can be installed reliably on the target system." @@ -10,17 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - python - - pip - - package - - installation - - automation + - python + - pip + - package + - installation + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - dev-gcc diff --git a/roles/dev-python-pip/tasks/main.yml b/roles/dev-python-pip/tasks/main.yml index 5a3c35e2..7219fff5 100644 --- a/roles/dev-python-pip/tasks/main.yml +++ b/roles/dev-python-pip/tasks/main.yml @@ -1,4 +1,11 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-gcc' + include_role: + name: dev-gcc + - set_fact: + run_once_dev_python_pip: true + when: run_once_dev_python_pip is not defined - name: python pip install community.general.pacman: name: python-pip diff --git a/roles/dev-yay/meta/main.yml b/roles/dev-yay/meta/main.yml index dfaabb9b..254b9618 100644 --- a/roles/dev-yay/meta/main.yml +++ b/roles/dev-yay/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs the AUR helper yay and configures an aur_builder user with appropriate sudo privileges to facilitate AUR package management on Arch Linux systems." @@ -10,20 +9,16 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - aur - - yay - - archlinux - - package-management + - aur + - yay + - archlinux + - package-management repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" logo: class: "fas fa-archive" -dependencies: - - dev-fakeroot - - dev-git - - dev-base-devel diff --git a/roles/dev-yay/tasks/main.yml b/roles/dev-yay/tasks/main.yml index 9416f50b..f269c252 100644 --- a/roles/dev-yay/tasks/main.yml +++ b/roles/dev-yay/tasks/main.yml @@ -1,8 +1,20 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - dev-fakeroot + - dev-git + - dev-base-devel + - set_fact: + run_once_dev_yay: true + when: run_once_dev_yay is not defined - name: install yay community.general.pacman: name: - - base-devel - - patch + - base-devel + - patch state: present - name: Create the `aur_builder` user @@ -36,4 +48,4 @@ cd /home/aur_builder/yay makepkg -si --noconfirm args: - creates: /usr/bin/yay \ No newline at end of file + creates: /usr/bin/yay diff --git a/roles/docker-compose/meta/main.yml b/roles/docker-compose/meta/main.yml index 7e3064c0..0e0ba76b 100644 --- a/roles/docker-compose/meta/main.yml +++ b/roles/docker-compose/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Manages Docker Compose project structure and execution logic on Arch Linux." @@ -10,19 +9,17 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - docker - - compose - - container - - infrastructure - - devops - - automation - - archlinux + - docker + - compose + - container + - infrastructure + - devops + - automation + - archlinux repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" -dependencies: - - docker-container # Necessary for template use \ No newline at end of file diff --git a/roles/docker-compose/tasks/main.yml b/roles/docker-compose/tasks/main.yml index 1e386682..07647496 100644 --- a/roles/docker-compose/tasks/main.yml +++ b/roles/docker-compose/tasks/main.yml @@ -1,10 +1,16 @@ -# run_once_docker_compose: deactivate - +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'docker-container' + include_role: + name: docker-container + - set_fact: + run_once_docker_compose: true + when: run_once_docker_compose is not defined - name: "Load variables from {{ docker_compose_variable_file }} for whole play" include_vars: "{{ docker_compose_variable_file }}" - name: "reset (if enabled)" - include_tasks: 01_reset.yml + include_tasks: 01_reset.yml when: mode_reset | bool # This could lead to problems in docker-compose directories which are based on a git repository @@ -21,12 +27,12 @@ when: docker_pull_git_repository | bool - block: - - name: "Include file management routines for '{{application_id}}'." - include_tasks: "03_files.yml" - - name: "Ensure that {{ docker_compose.directories.instance }} is up" - include_tasks: "04_ensure_up.yml" + - name: "Include file management routines for '{{application_id}}'." + include_tasks: "03_files.yml" + - name: "Ensure that {{ docker_compose.directories.instance }} is up" + include_tasks: "04_ensure_up.yml" when: not docker_compose_skipp_file_creation | bool -- name: "flush database, docker and proxy for '{{ application_id }}'" +- name: "flush database, docker and proxy for '{{ application_id }}'" meta: flush_handlers when: docker_compose_flush_handlers | bool diff --git a/roles/docker-container/meta/main.yml b/roles/docker-container/meta/main.yml index 37c3365e..a0383562 100644 --- a/roles/docker-container/meta/main.yml +++ b/roles/docker-container/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Provides shared Jinja2 snippets for Docker Compose service definitions (base, networks, healthchecks, depends_on)." @@ -9,15 +8,13 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - docker - - compose - - jinja2 + - docker + - compose + - jinja2 repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/docker-container" min_ansible_version: "2.9" platforms: - - name: Any - versions: [ all ] -dependencies: - - docker-core + - name: Any + versions: [all] diff --git a/roles/docker-container/tasks/main.yml b/roles/docker-container/tasks/main.yml new file mode 100644 index 00000000..383144f9 --- /dev/null +++ b/roles/docker-container/tasks/main.yml @@ -0,0 +1,8 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'docker-core' + include_role: + name: docker-core + - set_fact: + run_once_docker_container: true + when: run_once_docker_container is not defined diff --git a/roles/drv-epson-multiprinter/meta/main.yml b/roles/drv-epson-multiprinter/meta/main.yml index d2a77960..53c5a540 100644 --- a/roles/drv-epson-multiprinter/meta/main.yml +++ b/roles/drv-epson-multiprinter/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Installs Epson multifunction printer drivers and scanning utilities (escpr, imagescan) via Pacman and AUR on Arch Linux." @@ -9,16 +8,13 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - epson - - printer - - scanner + - epson + - printer + - scanner repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/drv-epson-multiprinter" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: [ all ] -dependencies: - - dev-yay - + - name: Archlinux + versions: [all] diff --git a/roles/drv-epson-multiprinter/tasks/main.yml b/roles/drv-epson-multiprinter/tasks/main.yml index b95db18f..6e8884ce 100644 --- a/roles/drv-epson-multiprinter/tasks/main.yml +++ b/roles/drv-epson-multiprinter/tasks/main.yml @@ -1,13 +1,21 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_drv_epson_multiprinter: true + when: run_once_drv_epson_multiprinter is not defined - name: install AUR packages for epson kewlfft.aur.aur: use: yay name: - - epson-printer-utility - - imagescan-plugin-networkscan - - epson-inkjet-printer-escpr - - epson-inkjet-printer-escpr2 + - epson-printer-utility + - imagescan-plugin-networkscan + - epson-inkjet-printer-escpr + - epson-inkjet-printer-escpr2 become: false - name: install imagescan community.general.pacman: name: imagescan - state: present \ No newline at end of file + state: present diff --git a/roles/drv-msi-keyboard-color/meta/main.yml b/roles/drv-msi-keyboard-color/meta/main.yml index b2ba397c..f5112cef 100644 --- a/roles/drv-msi-keyboard-color/meta/main.yml +++ b/roles/drv-msi-keyboard-color/meta/main.yml @@ -4,9 +4,6 @@ galaxy_info: description: "Ansible role to set up dynamic keyboard color change on MSI laptops" min_ansible_version: 2.9 platforms: - - name: Linux - versions: - - all -dependencies: - - dev-yay - - sys-alm-compose + - name: Linux + versions: + - all diff --git a/roles/drv-msi-keyboard-color/tasks/main.yml b/roles/drv-msi-keyboard-color/tasks/main.yml index ebe6315a..201c36e0 100644 --- a/roles/drv-msi-keyboard-color/tasks/main.yml +++ b/roles/drv-msi-keyboard-color/tasks/main.yml @@ -1,9 +1,19 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - dev-yay + - sys-alm-compose + - set_fact: + run_once_drv_msi_keyboard_color: true + when: run_once_drv_msi_keyboard_color is not defined - name: Install MSI packages kewlfft.aur.aur: use: yay name: - - msi-perkeyrgb + - msi-perkeyrgb - name: Copy keyboard_color.sh script copy: @@ -29,5 +39,5 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_msi_keyboard_color}}" - persistent: "true" + on_calendar: "{{on_calendar_msi_keyboard_color}}" + persistent: "true" diff --git a/roles/pkgmgr-install/meta/main.yml b/roles/pkgmgr-install/meta/main.yml index 0ab01d84..c6d124ad 100644 --- a/roles/pkgmgr-install/meta/main.yml +++ b/roles/pkgmgr-install/meta/main.yml @@ -3,22 +3,20 @@ galaxy_info: description: "Installs and updates packages using pkgmgr." license: "Infinito.Nexus NonCommercial License (CNCL)" license_url: "https://s.veen.world/cncl" - company: | + company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - package - - update - - archlinux - - infinito + - package + - update + - archlinux + - infinito repository: https://github.com/kevinveenbirkenbach/package-manager issue_tracker_url: https://github.com/kevinveenbirkenbach/package-manager/issues documentation: https://github.com/kevinveenbirkenbach/package-manager -dependencies: - - pkgmgr \ No newline at end of file diff --git a/roles/pkgmgr-install/tasks/main.yml b/roles/pkgmgr-install/tasks/main.yml index 30a823aa..70fe13cb 100644 --- a/roles/pkgmgr-install/tasks/main.yml +++ b/roles/pkgmgr-install/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'pkgmgr' + include_role: + name: pkgmgr + - set_fact: + run_once_pkgmgr_install: true + when: run_once_pkgmgr_install is not defined - name: update pkgmgr shell: | source ~/.venvs/pkgmgr/bin/activate @@ -16,4 +24,4 @@ - name: mark pkgmgr update as done set_fact: run_once_pkgmgr_install: true - when: run_once_pkgmgr_install is not defined \ No newline at end of file + when: run_once_pkgmgr_install is not defined diff --git a/roles/pkgmgr/meta/main.yml b/roles/pkgmgr/meta/main.yml index a0894b22..2227915a 100644 --- a/roles/pkgmgr/meta/main.yml +++ b/roles/pkgmgr/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automates the installation of Kevin's Package Manager — a tool for managing multiple repositories and automating Git operations." @@ -10,29 +9,25 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Debian - versions: - - stretch - - buster - - bullseye - - name: Ubuntu - versions: - - bionic - - focal - - jammy - - name: Archlinux - versions: - - rolling + - name: Debian + versions: + - stretch + - buster + - bullseye + - name: Ubuntu + versions: + - bionic + - focal + - jammy + - name: Archlinux + versions: + - rolling galaxy_tags: - - pkgmgr - - automation - - git - - repositories - - development + - pkgmgr + - automation + - git + - repositories + - development repository: https://github.com/kevinveenbirkenbach/package-manager issue_tracker_url: https://github.com/kevinveenbirkenbach/package-manager/issues documentation: https://github.com/kevinveenbirkenbach/package-manager -dependencies: - - dev-git - - dev-make - - dev-python-yaml diff --git a/roles/pkgmgr/tasks/01_core.yml b/roles/pkgmgr/tasks/01_core.yml index bc79cd07..2173b47d 100644 --- a/roles/pkgmgr/tasks/01_core.yml +++ b/roles/pkgmgr/tasks/01_core.yml @@ -1,3 +1,15 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - dev-git + - dev-make + - dev-python-yaml + - set_fact: + run_once_pkgmgr: true + when: run_once_pkgmgr is not defined - name: Ensure GitHub host key is in known_hosts known_hosts: path: "~/.ssh/known_hosts" @@ -27,10 +39,10 @@ become: true - name: create config.yaml - template: + template: src: config.yaml.j2 dest: "{{pkgmgr_config_path}}" - become: true + become: true - name: Run the Package Manager install command to create an alias for Kevins package manager shell: | @@ -39,4 +51,4 @@ args: chdir: "{{ pkgmgr_install_path }}" executable: /bin/bash - become: true \ No newline at end of file + become: true diff --git a/roles/srv-proxy-6-6-domain/meta/main.yml b/roles/srv-proxy-6-6-domain/meta/main.yml index 31e64fcf..80ccebbb 100644 --- a/roles/srv-proxy-6-6-domain/meta/main.yml +++ b/roles/srv-proxy-6-6-domain/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automated domain provisioning (TLS, vHost, OAuth2) for Nginx." @@ -10,18 +9,16 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - tls - - letsencrypt - - oauth2 - - automation - - archlinux + - nginx + - tls + - letsencrypt + - oauth2 + - automation + - archlinux repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" -dependencies: - - srv-proxy-7-4-core \ No newline at end of file diff --git a/roles/srv-proxy-6-6-domain/tasks/main.yml b/roles/srv-proxy-6-6-domain/tasks/main.yml index 878d450d..e19c548c 100644 --- a/roles/srv-proxy-6-6-domain/tasks/main.yml +++ b/roles/srv-proxy-6-6-domain/tasks/main.yml @@ -1,5 +1,11 @@ -# run_once_srv_proxy_6_6_domain: deactivated - +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-proxy-7-4-core' + include_role: + name: srv-proxy-7-4-core + - set_fact: + run_once_srv_proxy_6_6_domain: true + when: run_once_srv_proxy_6_6_domain is not defined - include_tasks: "01_cloudflare.yml" when: dns_provider == "cloudflare" @@ -10,7 +16,7 @@ - name: "include role for {{ domain }} to receive certificates and do the modification routines" include_role: name: srv-web-7-6-composer - + - name: "Copy nginx config to {{ configuration_destination }}" template: src: "{{ vhost_template_src }}" @@ -19,18 +25,18 @@ notify: restart openresty - block: - - name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)" - uri: - url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}" - register: site_check - failed_when: false - changed_when: false + - name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)" + uri: + url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}" + register: site_check + failed_when: false + changed_when: false - - name: Restart nginx if site is down - command: - cmd: "true" - notify: restart openresty - when: - - site_check.status is defined - - not site_check.status in [200,301,302] - when: not nginx_conf.changed \ No newline at end of file + - name: Restart nginx if site is down + command: + cmd: "true" + notify: restart openresty + when: + - site_check.status is defined + - not site_check.status in [200,301,302] + when: not nginx_conf.changed diff --git a/roles/srv-proxy-6-6-tls-deploy/meta/main.yml b/roles/srv-proxy-6-6-tls-deploy/meta/main.yml index fb2f489f..6fd232a8 100644 --- a/roles/srv-proxy-6-6-tls-deploy/meta/main.yml +++ b/roles/srv-proxy-6-6-tls-deploy/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Deploys Let’s Encrypt certificates into Docker Compose Nginx setups via systemd service and timer." @@ -9,17 +8,14 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - nginx - - letsencrypt - - docker - - systemd + - nginx + - letsencrypt + - docker + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-proxy-6-6-tls-deploy" min_ansible_version: "2.9" platforms: - - name: Any - versions: [ all ] -dependencies: - - sys-alm-compose - + - name: Any + versions: [all] diff --git a/roles/srv-proxy-6-6-tls-deploy/tasks/main.yml b/roles/srv-proxy-6-6-tls-deploy/tasks/main.yml index b925b43c..3200dd78 100644 --- a/roles/srv-proxy-6-6-tls-deploy/tasks/main.yml +++ b/roles/srv-proxy-6-6-tls-deploy/tasks/main.yml @@ -1,20 +1,28 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_srv_proxy_6_6_tls_deploy: true + when: run_once_srv_proxy_6_6_tls_deploy is not defined - name: add srv-proxy-6-6-tls-deploy.sh - template: - src: "srv-proxy-6-6-tls-deploy.sh.j2" + template: + src: "srv-proxy-6-6-tls-deploy.sh.j2" dest: "{{nginx_docker_cert_deploy_script}}" when: run_once_srv_proxy_6_6_tls_deploy is not defined notify: restart srv-proxy-6-6-tls-deploy.infinito.service - name: "create {{cert_mount_directory}}" file: - path: "{{cert_mount_directory}}" - state: directory - mode: 0755 + path: "{{cert_mount_directory}}" + state: directory + mode: 0755 notify: restart srv-proxy-6-6-tls-deploy.infinito.service - name: configure srv-proxy-6-6-tls-deploy.infinito.service - template: - src: "srv-proxy-6-6-tls-deploy.service.j2" + template: + src: "srv-proxy-6-6-tls-deploy.service.j2" dest: "/etc/systemd/system/srv-proxy-6-6-tls-deploy.{{application_id}}.infinito.service" notify: restart srv-proxy-6-6-tls-deploy.infinito.service @@ -22,11 +30,11 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_deploy_certificates}}" + on_calendar: "{{on_calendar_deploy_certificates}}" service_name: "srv-proxy-6-6-tls-deploy.{{application_id}}" - persistent: "true" + persistent: "true" - name: run the run_once_srv_proxy_6_6_tls_deploy tasks once set_fact: run_once_srv_proxy_6_6_tls_deploy: true - when: run_once_srv_proxy_6_6_tls_deploy is not defined \ No newline at end of file + when: run_once_srv_proxy_6_6_tls_deploy is not defined diff --git a/roles/srv-proxy-7-4-core/meta/main.yml b/roles/srv-proxy-7-4-core/meta/main.yml index 22d829a9..0460e56d 100644 --- a/roles/srv-proxy-7-4-core/meta/main.yml +++ b/roles/srv-proxy-7-4-core/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Nginx reverse proxy front-end for local Docker applications." @@ -10,19 +9,16 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - docker - - reverse_proxy - - web - - automation - - archlinux + - nginx + - docker + - reverse_proxy + - web + - automation + - archlinux repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" -dependencies: - - srv-web-7-6-https - - srv-web-7-4-core diff --git a/roles/srv-proxy-7-4-core/tasks/main.yml b/roles/srv-proxy-7-4-core/tasks/main.yml new file mode 100644 index 00000000..4d8be372 --- /dev/null +++ b/roles/srv-proxy-7-4-core/tasks/main.yml @@ -0,0 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - srv-web-7-6-https + - srv-web-7-4-core + - set_fact: + run_once_srv_proxy_7_4_core: true + when: run_once_srv_proxy_7_4_core is not defined diff --git a/roles/srv-web-6-6-tls-core/meta/main.yml b/roles/srv-web-6-6-tls-core/meta/main.yml index 8cf9e335..72d24df1 100644 --- a/roles/srv-web-6-6-tls-core/meta/main.yml +++ b/roles/srv-web-6-6-tls-core/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: | @@ -11,21 +10,19 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - certbot - - letsencrypt - - ssl - - tls - - acme - - https - - wildcard - - automation + - nginx + - certbot + - letsencrypt + - ssl + - tls + - acme + - https + - wildcard + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - srv-web-7-6-https diff --git a/roles/srv-web-6-6-tls-core/tasks/main.yml b/roles/srv-web-6-6-tls-core/tasks/main.yml index 83bfadd4..e0299554 100644 --- a/roles/srv-web-6-6-tls-core/tasks/main.yml +++ b/roles/srv-web-6-6-tls-core/tasks/main.yml @@ -1,5 +1,11 @@ -# run_once_srv_web_6_6_tls_core: deactivated - +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-6-https' + include_role: + name: srv-web-7-6-https + - set_fact: + run_once_srv_web_6_6_tls_core: true + when: run_once_srv_web_6_6_tls_core is not defined - name: "Include flavor '{{ certbot_flavor }}' for '{{ domain }}'" include_tasks: "{{ role_path }}/tasks/flavors/{{ certbot_flavor }}.yml" @@ -36,4 +42,4 @@ - name: "Ensure ssl_cert_folder is set for domain {{ domain }}" fail: msg: "No certificate folder found for domain {{ domain }}" - when: ssl_cert_folder is undefined or ssl_cert_folder is none \ No newline at end of file + when: ssl_cert_folder is undefined or ssl_cert_folder is none diff --git a/roles/srv-web-6-6-tls-renew/meta/main.yml b/roles/srv-web-6-6-tls-renew/meta/main.yml index e909a673..5ee7d700 100644 --- a/roles/srv-web-6-6-tls-renew/meta/main.yml +++ b/roles/srv-web-6-6-tls-renew/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: | @@ -11,23 +10,20 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - certbot - - ssl - - tls - - letsencrypt - - https - - systemd - - automation + - nginx + - certbot + - ssl + - tls + - letsencrypt + - https + - systemd + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" dependencies: - - srv-web-7-7-certbot - - srv-web-7-4-core - - sys-alm-compose - - sys-cln-certs +- sys-cln-certs diff --git a/roles/srv-web-6-6-tls-renew/tasks/01_core.yml b/roles/srv-web-6-6-tls-renew/tasks/01_core.yml index 08b20d90..02062684 100644 --- a/roles/srv-web-6-6-tls-renew/tasks/01_core.yml +++ b/roles/srv-web-6-6-tls-renew/tasks/01_core.yml @@ -1,12 +1,24 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - srv-web-7-7-certbot + - srv-web-7-4-core + - sys-alm-compose + - set_fact: + run_once_srv_web_6_6_tls_renew: true + when: run_once_srv_web_6_6_tls_renew is not defined - name: install certbot community.general.pacman: name: - - certbot-nginx + - certbot-nginx state: present - name: configure srv-web-6-6-tls-renew.infinito.service - template: - src: srv-web-6-6-tls-renew.service.j2 + template: + src: srv-web-6-6-tls-renew.service.j2 dest: /etc/systemd/system/srv-web-6-6-tls-renew.infinito.service notify: reload certbot service @@ -18,5 +30,5 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_renew_lets_encrypt_certificates}}" - persistent: "true" \ No newline at end of file + on_calendar: "{{on_calendar_renew_lets_encrypt_certificates}}" + persistent: "true" diff --git a/roles/srv-web-7-6-https/meta/main.yml b/roles/srv-web-7-6-https/meta/main.yml index 4579d6f1..7e7f8f79 100644 --- a/roles/srv-web-7-6-https/meta/main.yml +++ b/roles/srv-web-7-6-https/meta/main.yml @@ -9,20 +9,16 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - https - - tls - - letsencrypt - - security - - automation + - nginx + - https + - tls + - letsencrypt + - security + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" -dependencies: - - srv-web-7-4-core - - sys-cln-domains - - srv-web-7-7-letsencrypt diff --git a/roles/srv-web-7-6-https/tasks/main.yml b/roles/srv-web-7-6-https/tasks/main.yml new file mode 100644 index 00000000..e3db6c1a --- /dev/null +++ b/roles/srv-web-7-6-https/tasks/main.yml @@ -0,0 +1,12 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - srv-web-7-4-core + - sys-cln-domains + - srv-web-7-7-letsencrypt + - set_fact: + run_once_srv_web_7_6_https: true + when: run_once_srv_web_7_6_https is not defined diff --git a/roles/srv-web-7-7-inj-compose/meta/main.yml b/roles/srv-web-7-7-inj-compose/meta/main.yml index 0be23be0..2738bb95 100644 --- a/roles/srv-web-7-7-inj-compose/meta/main.yml +++ b/roles/srv-web-7-7-inj-compose/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Core role for Nginx HTML injection of Matomo, theming, iFrame and JS snippets based on application feature flags." @@ -9,19 +8,15 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - nginx - - injector - - matomo - - theming + - nginx + - injector + - matomo + - theming repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-web-7-7-inj-compose" min_ansible_version: "2.9" platforms: - - name: Any - versions: - - all -dependencies: -# The injections are called in the script. Keep the logic there. - - srv-web-7-4-core - \ No newline at end of file + - name: Any + versions: + - all diff --git a/roles/srv-web-7-7-inj-compose/tasks/main.yml b/roles/srv-web-7-7-inj-compose/tasks/main.yml index 9d56405f..ea6a1942 100644 --- a/roles/srv-web-7-7-inj-compose/tasks/main.yml +++ b/roles/srv-web-7-7-inj-compose/tasks/main.yml @@ -1,29 +1,35 @@ -# run_once_srv_web_7_7_inj_compose: deactivated - +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-4-core' + include_role: + name: srv-web-7-4-core + - set_fact: + run_once_srv_web_7_7_inj_compose: true + when: run_once_srv_web_7_7_inj_compose is not defined - name: Set inj_enabled dictionary set_fact: inj_enabled: javascript: "{{ applications | get_app_conf(application_id, 'features.javascript', False) }}" - logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}" - css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}" - matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}" - port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}" + logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}" + css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}" + matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}" + port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}" - name: "Load CDN for {{domain}}" include_role: name: web-svc-cdn public: false # ATM just the Logout is using the CDN. - when: - - inj_enabled.logout - - application_id != 'web-svc-cdn' - - run_once_web_svc_cdn is not defined + when: + - inj_enabled.logout + - application_id != 'web-svc-cdn' + - run_once_web_svc_cdn is not defined - name: Overwritte CDN handlers with neutral handlers ansible.builtin.include_tasks: "{{ playbook_dir }}/tasks/utils/load_handlers.yml" loop: - - svc-prx-openresty - - docker-compose + - svc-prx-openresty + - docker-compose loop_control: label: "{{ item }}" vars: @@ -33,17 +39,17 @@ set_fact: inj_enabled: javascript: "{{ applications | get_app_conf(application_id, 'features.javascript', False) }}" - logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}" - css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}" - matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}" - port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}" + logout: "{{ (applications | get_app_conf(application_id, 'features.logout', False) or domain == primary_domain) }}" + css: "{{ applications | get_app_conf(application_id, 'features.css', False) }}" + matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}" + port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}" - name: "Activate Corporate CSS for {{domain}}" include_role: name: srv-web-7-7-inj-css - when: - - inj_enabled.css - - run_once_srv_web_7_7_inj_css is not defined + when: + - inj_enabled.css + - run_once_srv_web_7_7_inj_css is not defined - name: "Activate Matomo Tracking for {{domain}}" include_role: diff --git a/roles/srv-web-7-7-inj-css/meta/main.yml b/roles/srv-web-7-7-inj-css/meta/main.yml index 41d3d594..003097d7 100644 --- a/roles/srv-web-7-7-inj-css/meta/main.yml +++ b/roles/srv-web-7-7-inj-css/meta/main.yml @@ -1,29 +1,26 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Global CSS injection for Nginx-based apps using dynamic colorschemes." license: "Infinito.Nexus NonCommercial License (CNCL)" license_url: "https://s.veen.world/cncl" - company: | + company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - css - - colors - - bootstrap - - theming - - dynamic - - frontend - - global + - nginx + - css + - colors + - bootstrap + - theming + - dynamic + - frontend + - global repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" -dependencies: - - srv-web-7-4-core \ No newline at end of file diff --git a/roles/srv-web-7-7-inj-css/tasks/01_core.yml b/roles/srv-web-7-7-inj-css/tasks/01_core.yml index dc66dea2..f3a36c2a 100644 --- a/roles/srv-web-7-7-inj-css/tasks/01_core.yml +++ b/roles/srv-web-7-7-inj-css/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-4-core' + include_role: + name: srv-web-7-4-core + - set_fact: + run_once_srv_web_7_7_inj_css: true + when: run_once_srv_web_7_7_inj_css is not defined - name: Generate color palette with colorscheme-generator set_fact: color_palette: "{{ lookup('colorscheme', global_css_base_color, count=global_css_count, shades=global_css_shades) }}" @@ -21,4 +29,4 @@ - name: Set global_css_version set_fact: - global_css_version: "{{ global_css_stat.stat.mtime }}" \ No newline at end of file + global_css_version: "{{ global_css_stat.stat.mtime }}" diff --git a/roles/srv-web-7-7-inj-javascript/meta/main.yml b/roles/srv-web-7-7-inj-javascript/meta/main.yml index 5649675d..051e6bb0 100644 --- a/roles/srv-web-7-7-inj-javascript/meta/main.yml +++ b/roles/srv-web-7-7-inj-javascript/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Injects a custom JavaScript snippet into Nginx-served HTML responses via sub_filter." @@ -10,19 +9,17 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - javascript - - csp - - sub_filter - - injection - - global + - nginx + - javascript + - csp + - sub_filter + - injection + - global repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" -dependencies: - - srv-web-7-4-core diff --git a/roles/srv-web-7-7-inj-javascript/tasks/main.yml b/roles/srv-web-7-7-inj-javascript/tasks/main.yml index 39206a1f..84e4facc 100644 --- a/roles/srv-web-7-7-inj-javascript/tasks/main.yml +++ b/roles/srv-web-7-7-inj-javascript/tasks/main.yml @@ -1,4 +1,11 @@ -# run_once_srv_web_7_7_inj_javascript: deactivated +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-4-core' + include_role: + name: srv-web-7-4-core + - set_fact: + run_once_srv_web_7_7_inj_javascript: true + when: run_once_srv_web_7_7_inj_javascript is not defined - name: "Load JavaScript code for '{{ application_id }}'" set_fact: javascript_code: "{{ lookup('template', modifier_javascript_template_file) }}" diff --git a/roles/srv-web-7-7-inj-logout/meta/main.yml b/roles/srv-web-7-7-inj-logout/meta/main.yml index 9c6f8053..b79ed206 100644 --- a/roles/srv-web-7-7-inj-logout/meta/main.yml +++ b/roles/srv-web-7-7-inj-logout/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen‑Birkenbach" role_name: "srv-web-7-7-inj-logout" @@ -9,21 +8,17 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Any - versions: ["all"] + - name: Any + versions: ["all"] galaxy_tags: - - nginx - - logout - - oidc - - javascript - - csp - - sub_filter + - nginx + - logout + - oidc + - javascript + - csp + - sub_filter company: > - Kevin Veen‑Birkenbach - Consulting & Coaching Solutions - https://www.veen.world + Kevin Veen‑Birkenbach Consulting & Coaching Solutions https://www.veen.world repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-web-7-7-inj-logout" -dependencies: - - srv-web-7-4-core diff --git a/roles/srv-web-7-7-inj-logout/tasks/main.yml b/roles/srv-web-7-7-inj-logout/tasks/main.yml index 6d0d02fe..fa002c4e 100644 --- a/roles/srv-web-7-7-inj-logout/tasks/main.yml +++ b/roles/srv-web-7-7-inj-logout/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-4-core' + include_role: + name: srv-web-7-4-core + - set_fact: + run_once_srv_web_7_7_inj_logout: true + when: run_once_srv_web_7_7_inj_logout is not defined - name: "deploy the logout.js" include_tasks: "deploy.yml" when: run_once_srv_web_7_7_inj_logout is not defined diff --git a/roles/srv-web-7-7-inj-matomo/meta/main.yml b/roles/srv-web-7-7-inj-matomo/meta/main.yml index 794761b2..e6ff075b 100644 --- a/roles/srv-web-7-7-inj-matomo/meta/main.yml +++ b/roles/srv-web-7-7-inj-matomo/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Injects Matomo analytics tracking code and noscript image tracker into Nginx-served HTML pages." @@ -9,16 +8,13 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - nginx - - matomo - - analytics + - nginx + - matomo + - analytics repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/srv-web-7-7-inj-matomo" min_ansible_version: "2.9" platforms: - - name: Any - versions: [ all ] -dependencies: - - srv-web-7-4-core - + - name: Any + versions: [all] diff --git a/roles/srv-web-7-7-inj-matomo/tasks/main.yml b/roles/srv-web-7-7-inj-matomo/tasks/main.yml index 6ccf1532..5273ec6d 100644 --- a/roles/srv-web-7-7-inj-matomo/tasks/main.yml +++ b/roles/srv-web-7-7-inj-matomo/tasks/main.yml @@ -1,5 +1,11 @@ -# run_once_srv_web_7_7_inj_matomo: deactivated - +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-4-core' + include_role: + name: srv-web-7-4-core + - set_fact: + run_once_srv_web_7_7_inj_matomo: true + when: run_once_srv_web_7_7_inj_matomo is not defined - name: "Relevant variables for role: {{ role_path | basename }}" debug: msg: @@ -10,16 +16,16 @@ - name: "Check if site {{ domain }} is allready registered at Matomo" uri: - url: "{{ matomo_verification_url }}" - method: GET + url: "{{ matomo_verification_url }}" + method: GET return_content: yes - status_code: 200 + status_code: 200 validate_certs: yes - register: site_check + register: site_check - name: Set matomo_site_id to Null set_fact: - matomo_site_id: Null + matomo_site_id: - name: Set fact for site ID if site already exists set_fact: diff --git a/roles/srv-web-7-7-inj-port-ui-desktop/meta/main.yml b/roles/srv-web-7-7-inj-port-ui-desktop/meta/main.yml index 6a3a51a6..86f4f9a2 100644 --- a/roles/srv-web-7-7-inj-port-ui-desktop/meta/main.yml +++ b/roles/srv-web-7-7-inj-port-ui-desktop/meta/main.yml @@ -1,5 +1,3 @@ - ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Injects a JS snippet into HTML to notify parent windows of iframe location changes and force external links to new tabs." @@ -14,15 +12,13 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - iframe - - javascript - - csp - - security - - postMessage -dependencies: - - srv-web-7-4-core \ No newline at end of file + - nginx + - iframe + - javascript + - csp + - security + - postMessage diff --git a/roles/srv-web-7-7-inj-port-ui-desktop/tasks/main.yml b/roles/srv-web-7-7-inj-port-ui-desktop/tasks/main.yml index 339c86b2..29ac1bb7 100644 --- a/roles/srv-web-7-7-inj-port-ui-desktop/tasks/main.yml +++ b/roles/srv-web-7-7-inj-port-ui-desktop/tasks/main.yml @@ -1,4 +1,11 @@ -# run_once_srv_web_7_7_inj_port_ui_desktop: deactivated +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-4-core' + include_role: + name: srv-web-7-4-core + - set_fact: + run_once_srv_web_7_7_inj_port_ui_desktop: true + when: run_once_srv_web_7_7_inj_port_ui_desktop is not defined - name: "Load iFrame handler JS template for '{{ application_id }}'" set_fact: iframe_code: "{{ lookup('template','iframe-handler.js.j2') }}" diff --git a/roles/srv-web-7-7-letsencrypt/meta/main.yml b/roles/srv-web-7-7-letsencrypt/meta/main.yml index a8cdcb1a..7a992e4f 100644 --- a/roles/srv-web-7-7-letsencrypt/meta/main.yml +++ b/roles/srv-web-7-7-letsencrypt/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "An Ansible role to automate Let’s Encrypt SSL certificate issuance and renewal for Nginx" @@ -10,17 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - letsencrypt - - nginx - - ssl - - certificate - - security + - letsencrypt + - nginx + - ssl + - certificate + - security repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - srv-web-6-6-tls-renew diff --git a/roles/srv-web-7-7-letsencrypt/tasks/main.yml b/roles/srv-web-7-7-letsencrypt/tasks/main.yml index 0eaa309f..d3bdd9ca 100644 --- a/roles/srv-web-7-7-letsencrypt/tasks/main.yml +++ b/roles/srv-web-7-7-letsencrypt/tasks/main.yml @@ -1,13 +1,21 @@ -- block: - - name: create nginx letsencrypt config file - template: - src: "letsencrypt.conf.j2" - dest: "{{nginx.directories.http.global}}letsencrypt.conf" - notify: restart openresty - - - name: "Set CAA records for all base domains" - include_tasks: 01_set-caa-records.yml - when: dns_provider == 'cloudflare' - - - include_tasks: utils/run_once.yml +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-6-6-tls-renew' + include_role: + name: srv-web-6-6-tls-renew + - set_fact: + run_once_srv_web_7_7_letsencrypt: true + when: run_once_srv_web_7_7_letsencrypt is not defined +- block: + - name: create nginx letsencrypt config file + template: + src: "letsencrypt.conf.j2" + dest: "{{nginx.directories.http.global}}letsencrypt.conf" + notify: restart openresty + + - name: "Set CAA records for all base domains" + include_tasks: 01_set-caa-records.yml + when: dns_provider == 'cloudflare' + + - include_tasks: utils/run_once.yml when: run_once_srv_web_7_7_letsencrypt is not defined diff --git a/roles/svc-bkp-loc-2-usb/meta/main.yml b/roles/svc-bkp-loc-2-usb/meta/main.yml index 87b308bb..79cbf6ef 100644 --- a/roles/svc-bkp-loc-2-usb/meta/main.yml +++ b/roles/svc-bkp-loc-2-usb/meta/main.yml @@ -1,27 +1,23 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automated backups to a swappable USB device." license: "Infinito.Nexus NonCommercial License (CNCL)" license_url: "https://s.veen.world/cncl" - company: | + company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - backup - - usb - - systemd - - automation - - archlinux + - backup + - usb + - systemd + - automation + - archlinux repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" -dependencies: - - sys-cln-bkps-service - - sys-lock diff --git a/roles/svc-bkp-loc-2-usb/tasks/main.yml b/roles/svc-bkp-loc-2-usb/tasks/main.yml index bad58c0b..ed76a5f8 100644 --- a/roles/svc-bkp-loc-2-usb/tasks/main.yml +++ b/roles/svc-bkp-loc-2-usb/tasks/main.yml @@ -1,9 +1,20 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-cln-bkps-service + - sys-lock + - set_fact: + run_once_svc_bkp_loc_2_usb: true + when: run_once_svc_bkp_loc_2_usb is not defined - name: Fail if any backup_to_usb variable is empty assert: that: - - backup_to_usb_mount != "" - - backup_to_usb_target != "" - - backup_to_usb_source != "" + - backup_to_usb_mount != "" + - backup_to_usb_target != "" + - backup_to_usb_source != "" fail_msg: | One or more of the configuration variables are empty! Please set: @@ -27,4 +38,4 @@ owner: root group: root mode: '0644' - notify: reload svc-bkp-loc-2-usb.infinito.service \ No newline at end of file + notify: reload svc-bkp-loc-2-usb.infinito.service diff --git a/roles/svc-bkp-rmt-2-loc/meta/main.yml b/roles/svc-bkp-rmt-2-loc/meta/main.yml index 367cdac8..b3792a1a 100644 --- a/roles/svc-bkp-rmt-2-loc/meta/main.yml +++ b/roles/svc-bkp-rmt-2-loc/meta/main.yml @@ -1,5 +1,3 @@ - ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Pulls backups from a remote server and stores them locally using rsync with retry logic. This role is part of a comprehensive backup scheme and works in conjunction with other roles to ensure reliable backup operations." @@ -11,24 +9,19 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - backup - - remote - - local - - docker - - systemd - - automation + - backup + - remote + - local + - docker + - systemd + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" dependencies: - - dev-git - - sys-alm-compose - - sys-cln-bkps-timer - - sys-cln-faild-bkps - - sys-lock - - user-root - - sys-rst-daemon +- sys-cln-bkps-timer +- sys-cln-faild-bkps diff --git a/roles/svc-bkp-rmt-2-loc/tasks/main.yml b/roles/svc-bkp-rmt-2-loc/tasks/main.yml index a66d1e81..45b1d391 100644 --- a/roles/svc-bkp-rmt-2-loc/tasks/main.yml +++ b/roles/svc-bkp-rmt-2-loc/tasks/main.yml @@ -1,3 +1,17 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - dev-git + - sys-alm-compose + - sys-lock + - user-root + - sys-rst-daemon + - set_fact: + run_once_svc_bkp_rmt_2_loc: true + when: run_once_svc_bkp_rmt_2_loc is not defined - name: "create {{docker_backup_remote_to_local_folder}}" file: path: "{{docker_backup_remote_to_local_folder}}" @@ -11,14 +25,14 @@ mode: 0755 - name: create svc-bkp-rmt-2-loc.infinito.service - template: - src: svc-bkp-rmt-2-loc.service.j2 + template: + src: svc-bkp-rmt-2-loc.service.j2 dest: /etc/systemd/system/svc-bkp-rmt-2-loc.infinito.service notify: reload svc-bkp-rmt-2-loc service - name: create sys-bkp-rmt-2-loc-multi-provider.sh - template: - src: sys-bkp-rmt-2-loc-multi-provider.sh.j2 + template: + src: sys-bkp-rmt-2-loc-multi-provider.sh.j2 dest: "{{docker_backup_remote_to_local_folder}}sys-bkp-rmt-2-loc-multi-provider.sh" mode: 0755 @@ -30,5 +44,5 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_backup_remote_to_local}}" + on_calendar: "{{on_calendar_backup_remote_to_local}}" diff --git a/roles/svc-db-postgres/meta/main.yml b/roles/svc-db-postgres/meta/main.yml index effe679e..8a208179 100644 --- a/roles/svc-db-postgres/meta/main.yml +++ b/roles/svc-db-postgres/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: >- @@ -12,17 +11,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Docker - versions: - - "latest" + - name: Docker + versions: + - "latest" galaxy_tags: - - postgresql - - docker - - database - - administration - - central-database + - postgresql + - docker + - database + - administration + - central-database repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - docker-core # Loading it here to avoid extra flush for network init diff --git a/roles/svc-db-postgres/tasks/01_core.yml b/roles/svc-db-postgres/tasks/01_core.yml index 86df823c..dc1c3465 100644 --- a/roles/svc-db-postgres/tasks/01_core.yml +++ b/roles/svc-db-postgres/tasks/01_core.yml @@ -1,12 +1,20 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'docker-core' + include_role: + name: docker-core + - set_fact: + run_once_svc_db_postgres: true + when: run_once_svc_db_postgres is not defined - name: Create Docker network for PostgreSQL community.docker.docker_network: name: "{{ postgres_network_name }}" state: present ipam_config: - - subnet: "{{ postgres_subnet }}" + - subnet: "{{ postgres_subnet }}" - name: "include docker-compose role" - include_role: + include_role: name: docker-compose - name: Wait for Postgres inside the container @@ -17,6 +25,6 @@ delay: 5 - name: install python-psycopg2 - community.general.pacman: + community.general.pacman: name: python-psycopg2 state: present diff --git a/roles/svc-opt-swapfile/meta/main.yml b/roles/svc-opt-swapfile/meta/main.yml index b537595c..18de1618 100644 --- a/roles/svc-opt-swapfile/meta/main.yml +++ b/roles/svc-opt-swapfile/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Automates swapfile creation on target systems by cloning and executing a swapfile script." @@ -9,15 +8,13 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - swapfile - - performance + - swapfile + - performance repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/sys-opt-swapfile" min_ansible_version: "2.9" platforms: - - name: Any - versions: - - all -dependencies: - - pkgmgr-install + - name: Any + versions: + - all diff --git a/roles/svc-opt-swapfile/tasks/main.yml b/roles/svc-opt-swapfile/tasks/main.yml index d77f13f6..3ec3c40e 100644 --- a/roles/svc-opt-swapfile/tasks/main.yml +++ b/roles/svc-opt-swapfile/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'pkgmgr-install' + include_role: + name: pkgmgr-install + - set_fact: + run_once_svc_opt_swapfile: true + when: run_once_svc_opt_swapfile is not defined - name: "pkgmgr install" include_role: name: pkgmgr-install @@ -6,4 +14,4 @@ - name: Execute create swapfile script shell: swap-forge "{{swapfile_size}}" - become: true \ No newline at end of file + become: true diff --git a/roles/sys-alm-compose/meta/main.yml b/roles/sys-alm-compose/meta/main.yml index 30f220bd..847cf16c 100644 --- a/roles/sys-alm-compose/meta/main.yml +++ b/roles/sys-alm-compose/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs a unified systemd notification service that sends alerts via both Telegram and Email when a service fails." @@ -10,18 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - systemd - - notifier - - telegram - - email - - notifications + - systemd + - notifier + - telegram + - email + - notifications repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-telegram - - sys-alm-email diff --git a/roles/sys-alm-compose/tasks/main.yml b/roles/sys-alm-compose/tasks/main.yml index 0193b5ae..c3f8d0d2 100644 --- a/roles/sys-alm-compose/tasks/main.yml +++ b/roles/sys-alm-compose/tasks/main.yml @@ -1,7 +1,17 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-alm-telegram + - sys-alm-email + - set_fact: + run_once_sys_alm_compose: true + when: run_once_sys_alm_compose is not defined - name: configure sys-alm-compose.infinito@.service - template: - src: sys-alm-compose@.service.j2 + template: + src: sys-alm-compose@.service.j2 dest: "/etc/systemd/system/sys-alm-compose.infinito@.service" notify: "restart sys-alm-compose service" when: run_once_sys_alm_compose is not defined @@ -9,4 +19,4 @@ - name: run the systemd_notifier_service tasks once set_fact: run_once_sys_alm_compose: true - when: run_once_sys_alm_compose is not defined \ No newline at end of file + when: run_once_sys_alm_compose is not defined diff --git a/roles/sys-alm-email/meta/main.yml b/roles/sys-alm-email/meta/main.yml index d6665806..abc187c9 100644 --- a/roles/sys-alm-email/meta/main.yml +++ b/roles/sys-alm-email/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs and configures components for sending email notifications. This role is part of the sys-alm-compose suite, providing automated alerts when services fail." @@ -10,18 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - email - - systemd - - notifications - - automation - - msmtp + - email + - systemd + - notifications + - automation + - msmtp repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-svc-msmtp - - sys-rst-daemon diff --git a/roles/sys-alm-email/tasks/01_core.yml b/roles/sys-alm-email/tasks/01_core.yml index 05ad0a93..26ee92db 100644 --- a/roles/sys-alm-email/tasks/01_core.yml +++ b/roles/sys-alm-email/tasks/01_core.yml @@ -1,3 +1,14 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-svc-msmtp + - sys-rst-daemon + - set_fact: + run_once_sys_alm_email: true + when: run_once_sys_alm_email is not defined - name: "create {{systemd_notifier_email_folder}}" file: path: "{{systemd_notifier_email_folder}}" @@ -6,11 +17,11 @@ - name: configure sys-alm-email.sh template: - src: sys-alm-email.sh.j2 + src: sys-alm-email.sh.j2 dest: "{{systemd_notifier_email_folder}}sys-alm-email.sh" - name: configure sys-alm-email.infinito.service - template: - src: sys-alm-email@.service.j2 + template: + src: sys-alm-email@.service.j2 dest: /etc/systemd/system/sys-alm-email.infinito@.service notify: restart sys-alm-email service diff --git a/roles/sys-alm-telegram/meta/main.yml b/roles/sys-alm-telegram/meta/main.yml index b82a16ad..2a4dbef5 100644 --- a/roles/sys-alm-telegram/meta/main.yml +++ b/roles/sys-alm-telegram/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs and configures components for sending Telegram notifications through systemd. This role is part of the sys-alm-compose suite, providing automated alerts when services fail." @@ -10,17 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - telegram - - systemd - - notifications - - automation - - curl + - telegram + - systemd + - notifications + - automation + - curl repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-rst-daemon diff --git a/roles/sys-alm-telegram/tasks/01_core.yml b/roles/sys-alm-telegram/tasks/01_core.yml index d337c577..c4eca935 100644 --- a/roles/sys-alm-telegram/tasks/01_core.yml +++ b/roles/sys-alm-telegram/tasks/01_core.yml @@ -1,8 +1,16 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-rst-daemon' + include_role: + name: sys-rst-daemon + - set_fact: + run_once_sys_alm_telegram: true + when: run_once_sys_alm_telegram is not defined - name: Fail if Telegram bot credentials are not set assert: that: - - telegram_bot_token != "" - - telegram_chat_id != "" + - telegram_bot_token != "" + - telegram_chat_id != "" fail_msg: | Telegram configuration is incomplete! Please provide non‑empty values for: @@ -10,7 +18,7 @@ - telegram_chat_id # The Telegram chat ID to send messages to - name: install curl - community.general.pacman: + community.general.pacman: name: curl state: present @@ -21,12 +29,12 @@ mode: '0755' - name: configure sys-alm-telegram.sh - template: - src: sys-alm-telegram.sh.j2 + template: + src: sys-alm-telegram.sh.j2 dest: "{{ systemd_telegram_script }}" - name: configure sys-alm-telegram.infinito.service - template: - src: sys-alm-telegram@.service.j2 + template: + src: sys-alm-telegram@.service.j2 dest: "/etc/systemd/system/sys-alm-telegram.infinito@.service" notify: "restart sys-alm-telegram service" diff --git a/roles/sys-bkp-docker-2-loc/meta/main.yml b/roles/sys-bkp-docker-2-loc/meta/main.yml index f14a7297..e2aba859 100644 --- a/roles/sys-bkp-docker-2-loc/meta/main.yml +++ b/roles/sys-bkp-docker-2-loc/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automates the backup of Docker volumes to a local folder" @@ -10,21 +9,17 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - backup - - docker - - local - - systemd - - automation + - backup + - docker + - local + - systemd + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" dependencies: - - sys-bkp-provider - - sys-alm-compose - - sys-cln-faild-bkps - - sys-lock - - sys-bkp-directory-validator \ No newline at end of file +- sys-cln-faild-bkps diff --git a/roles/sys-bkp-docker-2-loc/tasks/01_core.yml b/roles/sys-bkp-docker-2-loc/tasks/01_core.yml index fef742be..3bf78c4e 100644 --- a/roles/sys-bkp-docker-2-loc/tasks/01_core.yml +++ b/roles/sys-bkp-docker-2-loc/tasks/01_core.yml @@ -1,3 +1,16 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-bkp-provider + - sys-alm-compose + - sys-lock + - sys-bkp-directory-validator + - set_fact: + run_once_sys_bkp_docker_2_loc: true + when: run_once_sys_bkp_docker_2_loc is not defined - include_tasks: 02_pkgmgr_routines.yml when: backup_docker_to_local_folder is not defined @@ -6,13 +19,13 @@ when: mode_reset | bool - name: configure sys-bkp-docker-2-loc-everything.infinito.service - template: + template: src: sys-bkp-docker-2-loc-everything.service.j2 dest: /etc/systemd/system/sys-bkp-docker-2-loc-everything.infinito.service notify: reload sys-bkp-docker-2-loc-everything.infinito.service - name: configure sys-bkp-docker-2-loc.infinito.service - template: + template: src: sys-bkp-docker-2-loc.service.j2 dest: /etc/systemd/system/sys-bkp-docker-2-loc.infinito.service notify: reload sys-bkp-docker-2-loc.infinito.service @@ -25,4 +38,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_backup_docker_to_local}}" + on_calendar: "{{on_calendar_backup_docker_to_local}}" diff --git a/roles/sys-bkp-provider/meta/main.yml b/roles/sys-bkp-provider/meta/main.yml index 4eb23b83..e1b0a9f1 100644 --- a/roles/sys-bkp-provider/meta/main.yml +++ b/roles/sys-bkp-provider/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Configures the host as a backup provider to facilitate secure backup operations." @@ -10,18 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Linux - versions: - - all + - name: Linux + versions: + - all galaxy_tags: - - backups - - provider - - backup - - automation - - security + - backups + - provider + - backup + - automation + - security repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-bkp-provider-user - - sys-cln-bkps-timer diff --git a/roles/sys-bkp-provider/tasks/main.yml b/roles/sys-bkp-provider/tasks/main.yml new file mode 100644 index 00000000..0140e602 --- /dev/null +++ b/roles/sys-bkp-provider/tasks/main.yml @@ -0,0 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-bkp-provider-user + - sys-cln-bkps-timer + - set_fact: + run_once_sys_bkp_provider: true + when: run_once_sys_bkp_provider is not defined diff --git a/roles/sys-cli/meta/main.yml b/roles/sys-cli/meta/main.yml index 59b12c2a..2ca40f3f 100644 --- a/roles/sys-cli/meta/main.yml +++ b/roles/sys-cli/meta/main.yml @@ -1,24 +1,21 @@ - galaxy_info: author: "Kevin Veen-Birkenbach" description: > This role installs and provides the Infinito.Nexus CLI, enabling you to manage your entire Infinito.Nexus environment from the command line. After deployment, the `infinito` command is available. license: "Infinito.Nexus NonCommercial License (CNCL)" license_url: "https://s.veen.world/cncl" - company: | + company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - infinito - - cli - - management - - automation + - infinito + - cli + - management + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/" logo: class: "fa-solid fa-terminal" run_after: [] -dependencies: - - dev-yay \ No newline at end of file diff --git a/roles/sys-cli/tasks/main.yml b/roles/sys-cli/tasks/main.yml index a217338b..0833e7d6 100644 --- a/roles/sys-cli/tasks/main.yml +++ b/roles/sys-cli/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_sys_cli: true + when: run_once_sys_cli is not defined - name: "pkgmgr install infinito" include_role: name: pkgmgr-install @@ -7,4 +15,4 @@ - name: Get infinito base path command: pkgmgr path infinito register: infinito_path_cmd - changed_when: false \ No newline at end of file + changed_when: false diff --git a/roles/sys-cln-bkps-service/meta/main.yml b/roles/sys-cln-bkps-service/meta/main.yml index 9504f00f..2087d9d5 100644 --- a/roles/sys-cln-bkps-service/meta/main.yml +++ b/roles/sys-cln-bkps-service/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automates the cleanup of old backups by executing a Python script that deletes outdated backup versions when disk usage exceeds a specified threshold." @@ -10,19 +9,14 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Linux - versions: - - all + - name: Linux + versions: + - all galaxy_tags: - - backup - - cleanup - - disk - - automation + - backup + - cleanup + - disk + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - dev-python-pip - - sys-alm-compose - - sys-lock - - sys-rst-daemon diff --git a/roles/sys-cln-bkps-service/tasks/01_core.yml b/roles/sys-cln-bkps-service/tasks/01_core.yml index 8c334cc5..fa347e57 100644 --- a/roles/sys-cln-bkps-service/tasks/01_core.yml +++ b/roles/sys-cln-bkps-service/tasks/01_core.yml @@ -1,8 +1,21 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - dev-python-pip + - sys-alm-compose + - sys-lock + - sys-rst-daemon + - set_fact: + run_once_sys_cln_bkps_service: true + when: run_once_sys_cln_bkps_service is not defined - name: install lsof and python-psutil community.general.pacman: name: - - lsof - - python-psutil + - lsof + - python-psutil state: present - name: "create {{cleanup_backups_directory}}" @@ -12,12 +25,12 @@ mode: 0755 - name: create sys-cln-backups.py - copy: - src: "sys-cln-backups.py" + copy: + src: "sys-cln-backups.py" dest: "{{cleanup_backups_directory}}sys-cln-backups.py" - name: create sys-cln-backups.infinito.service - template: - src: "sys-cln-backups.service.j2" + template: + src: "sys-cln-backups.service.j2" dest: "/etc/systemd/system/sys-cln-backups.infinito.service" notify: reload sys-cln-backups.infinito.service diff --git a/roles/sys-cln-bkps-timer/meta/main.yml b/roles/sys-cln-bkps-timer/meta/main.yml index d9b3bb95..ef63cf54 100644 --- a/roles/sys-cln-bkps-timer/meta/main.yml +++ b/roles/sys-cln-bkps-timer/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Schedules periodic cleanup of old backups by configuring a systemd timer to trigger the sys-cln-bkps-service role." @@ -10,17 +9,14 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Linux - versions: - - all + - name: Linux + versions: + - all galaxy_tags: - - timer - - backup - - cleanup - - automation + - timer + - backup + - cleanup + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-cln-bkps-service - - sys-rst-daemon diff --git a/roles/sys-cln-bkps-timer/tasks/main.yml b/roles/sys-cln-bkps-timer/tasks/main.yml index 03b59d9a..11d9d3fb 100644 --- a/roles/sys-cln-bkps-timer/tasks/main.yml +++ b/roles/sys-cln-bkps-timer/tasks/main.yml @@ -1,3 +1,14 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-cln-bkps-service + - sys-rst-daemon + - set_fact: + run_once_sys_cln_bkps_timer: true + when: run_once_sys_cln_bkps_timer is not defined - name: set service_name to sys-cln-backups set_fact: service_name: "sys-cln-backups" @@ -7,7 +18,7 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_cleanup_backups}}" + on_calendar: "{{on_calendar_cleanup_backups}}" when: run_once_sys_cln_bkps_timer is not defined - name: run the cleanup_backups_timer tasks once diff --git a/roles/sys-cln-certs/meta/main.yml b/roles/sys-cln-certs/meta/main.yml index f6f14cf7..f3612caf 100644 --- a/roles/sys-cln-certs/meta/main.yml +++ b/roles/sys-cln-certs/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automates the revocation and deletion of unused Let's Encrypt certificates" @@ -10,19 +9,16 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - certbot - - ssl - - cleanup - - automation - - systemd + - certbot + - ssl + - cleanup + - automation + - systemd repository: "https://github.com/kevinveenbirkenbach/certreap" issue_tracker_url: "https://github.com/kevinveenbirkenbach/certreap/issues" documentation: "https://github.com/kevinveenbirkenbach/certreap#readme" -dependencies: - - sys-alm-compose - - sys-rst-daemon diff --git a/roles/sys-cln-certs/tasks/01_core.yml b/roles/sys-cln-certs/tasks/01_core.yml index c4334ee9..3d43d8d2 100644 --- a/roles/sys-cln-certs/tasks/01_core.yml +++ b/roles/sys-cln-certs/tasks/01_core.yml @@ -1,3 +1,14 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-alm-compose + - sys-rst-daemon + - set_fact: + run_once_sys_cln_certs: true + when: run_once_sys_cln_certs is not defined - name: "pkgmgr install" include_role: name: pkgmgr-install @@ -18,4 +29,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{ on_calendar_cleanup_certs }}" + on_calendar: "{{ on_calendar_cleanup_certs }}" diff --git a/roles/sys-cln-disc-space/meta/main.yml b/roles/sys-cln-disc-space/meta/main.yml index 1c3ce1f3..1a0d8a6c 100644 --- a/roles/sys-cln-disc-space/meta/main.yml +++ b/roles/sys-cln-disc-space/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Frees disk space on the target system by executing a cleanup script that removes temporary files, clears package caches, and optionally handles Docker and backup cleanup." @@ -10,18 +9,14 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Linux - versions: - - all + - name: Linux + versions: + - all galaxy_tags: - - disk - - cleanup - - storage - - automation + - disk + - cleanup + - storage + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose - - sys-lock - - sys-rst-daemon diff --git a/roles/sys-cln-disc-space/tasks/main.yml b/roles/sys-cln-disc-space/tasks/main.yml index 44c06499..76833272 100644 --- a/roles/sys-cln-disc-space/tasks/main.yml +++ b/roles/sys-cln-disc-space/tasks/main.yml @@ -1,3 +1,15 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-alm-compose + - sys-lock + - sys-rst-daemon + - set_fact: + run_once_sys_cln_disc_space: true + when: run_once_sys_cln_disc_space is not defined - name: "create {{cleanup_disc_space_folder}}" file: path: "{{cleanup_disc_space_folder}}" @@ -10,7 +22,7 @@ dest: "{{cleanup_disc_space_folder}}sys-cln-disc-space.sh" - name: create sys-cln-disc-space.infinito.service - template: + template: src: sys-cln-disc-space.service.j2 dest: /etc/systemd/system/sys-cln-disc-space.infinito.service notify: reload sys-cln-disc-space.infinito.service @@ -23,4 +35,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_cleanup_disc_space}}" \ No newline at end of file + on_calendar: "{{on_calendar_cleanup_disc_space}}" diff --git a/roles/sys-cln-domains/meta/main.yml b/roles/sys-cln-domains/meta/main.yml index 921d5e5c..dc00c5e3 100644 --- a/roles/sys-cln-domains/meta/main.yml +++ b/roles/sys-cln-domains/meta/main.yml @@ -9,17 +9,14 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - cleanup - - certbot - - domains + - nginx + - cleanup + - certbot + - domains repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - srv-web-7-4-core - - sys-rst-daemon \ No newline at end of file diff --git a/roles/sys-cln-domains/tasks/main.yml b/roles/sys-cln-domains/tasks/main.yml index ae2eb926..520dc40a 100644 --- a/roles/sys-cln-domains/tasks/main.yml +++ b/roles/sys-cln-domains/tasks/main.yml @@ -1,4 +1,14 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - srv-web-7-4-core + - sys-rst-daemon + - set_fact: + run_once_sys_cln_domains: true + when: run_once_sys_cln_domains is not defined - name: Include task to remove deprecated nginx configs include_tasks: remove_deprecated_nginx_configs.yml loop: "{{ deprecated_domains }}" @@ -7,8 +17,8 @@ vars: domain: "{{ item }}" when: - - mode_cleanup | bool - - run_once_sys_cln_domains is not defined + - mode_cleanup | bool + - run_once_sys_cln_domains is not defined ## The revoking just works for the base domain #- name: "Revoke Certbot certificate for {{ item }}" diff --git a/roles/sys-cln-faild-bkps/meta/main.yml b/roles/sys-cln-faild-bkps/meta/main.yml index 493d37c3..79bac27d 100644 --- a/roles/sys-cln-faild-bkps/meta/main.yml +++ b/roles/sys-cln-faild-bkps/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Cleans up failed Docker backups by configuring a systemd service and timer to execute the cleanup operations periodically." @@ -10,19 +9,14 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Linux - versions: - - all + - name: Linux + versions: + - all galaxy_tags: - - docker - - backup - - cleanup - - automation + - docker + - backup + - cleanup + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose - - sys-lock - - sys-bkp-directory-validator - - sys-rst-daemon diff --git a/roles/sys-cln-faild-bkps/tasks/01_core.yml b/roles/sys-cln-faild-bkps/tasks/01_core.yml index 257489a8..8fc5b2e6 100644 --- a/roles/sys-cln-faild-bkps/tasks/01_core.yml +++ b/roles/sys-cln-faild-bkps/tasks/01_core.yml @@ -1,3 +1,16 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - sys-alm-compose + - sys-lock + - sys-bkp-directory-validator + - sys-rst-daemon + - set_fact: + run_once_sys_cln_faild_bkps: true + when: run_once_sys_cln_faild_bkps is not defined - name: "pkgmgr install" include_role: name: pkgmgr-install @@ -28,4 +41,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_cleanup_failed_docker}}" \ No newline at end of file + on_calendar: "{{on_calendar_cleanup_failed_docker}}" diff --git a/roles/sys-hlth-btrfs/meta/main.yml b/roles/sys-hlth-btrfs/meta/main.yml index f2c58570..d37e87af 100644 --- a/roles/sys-hlth-btrfs/meta/main.yml +++ b/roles/sys-hlth-btrfs/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Health-check for Btrfs filesystems, alerts on any device error counters." @@ -10,15 +9,13 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: ["rolling"] + - name: Archlinux + versions: ["rolling"] galaxy_tags: - - monitor - - btrfs - - health - - systemd - - filesystem + - monitor + - btrfs + - health + - systemd + - filesystem repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose diff --git a/roles/sys-hlth-btrfs/tasks/main.yml b/roles/sys-hlth-btrfs/tasks/main.yml index 70ff338a..adf5e3ce 100644 --- a/roles/sys-hlth-btrfs/tasks/main.yml +++ b/roles/sys-hlth-btrfs/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_sys_hlth_btrfs: true + when: run_once_sys_hlth_btrfs is not defined - name: "create {{docker_health_btrfs_folder}}" file: path: "{{docker_health_btrfs_folder}}" @@ -10,7 +18,7 @@ dest: "{{docker_health_btrfs_folder}}sys-hlth-btrfs.sh" - name: create sys-hlth-btrfs.infinito.service - template: + template: src: sys-hlth-btrfs.service.j2 dest: /etc/systemd/system/sys-hlth-btrfs.infinito.service notify: reload sys-hlth-btrfs.infinito.service @@ -23,4 +31,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_health_btrfs}}" + on_calendar: "{{on_calendar_health_btrfs}}" diff --git a/roles/sys-hlth-csp/meta/main.yml b/roles/sys-hlth-csp/meta/main.yml index 4efb7aef..acceabf4 100644 --- a/roles/sys-hlth-csp/meta/main.yml +++ b/roles/sys-hlth-csp/meta/main.yml @@ -9,19 +9,17 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - csp - - puppeteer - - health - - browser - - nodejs - - monitoring - - systemd + - csp + - puppeteer + - health + - browser + - nodejs + - monitoring + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose \ No newline at end of file diff --git a/roles/sys-hlth-csp/tasks/01_core.yml b/roles/sys-hlth-csp/tasks/01_core.yml index ebd99d77..6d67d57d 100644 --- a/roles/sys-hlth-csp/tasks/01_core.yml +++ b/roles/sys-hlth-csp/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_sys_hlth_csp: true + when: run_once_sys_hlth_csp is not defined - name: "pkgmgr install" include_role: name: pkgmgr-install diff --git a/roles/sys-hlth-disc-space/meta/main.yml b/roles/sys-hlth-disc-space/meta/main.yml index 946b8281..892bf710 100644 --- a/roles/sys-hlth-disc-space/meta/main.yml +++ b/roles/sys-hlth-disc-space/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Disk-space usage monitor; alerts when usage exceeds threshold." @@ -10,15 +9,13 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: ["rolling"] + - name: Archlinux + versions: ["rolling"] galaxy_tags: - - monitor - - disk - - space - - health - - systemd + - monitor + - disk + - space + - health + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose diff --git a/roles/sys-hlth-disc-space/tasks/main.yml b/roles/sys-hlth-disc-space/tasks/main.yml index 16da4e08..ffcfdfd7 100644 --- a/roles/sys-hlth-disc-space/tasks/main.yml +++ b/roles/sys-hlth-disc-space/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_sys_hlth_disc_space: true + when: run_once_sys_hlth_disc_space is not defined - name: "create {{health_disc_space_folder}}" file: path: "{{health_disc_space_folder}}" @@ -10,7 +18,7 @@ dest: "{{health_disc_space_folder}}sys-hlth-disc-space.sh" - name: create sys-hlth-disc-space.infinito.service - template: + template: src: sys-hlth-disc-space.service.j2 dest: /etc/systemd/system/sys-hlth-disc-space.infinito.service notify: reload sys-hlth-disc-space.infinito.service @@ -23,4 +31,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_health_disc_space}}" \ No newline at end of file + on_calendar: "{{on_calendar_health_disc_space}}" diff --git a/roles/sys-hlth-docker-container/meta/main.yml b/roles/sys-hlth-docker-container/meta/main.yml index f9b39627..ffb8c54b 100644 --- a/roles/sys-hlth-docker-container/meta/main.yml +++ b/roles/sys-hlth-docker-container/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Checks Docker containers for unhealthy or exited states and alerts on any issues." @@ -10,15 +9,13 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: ["rolling"] + - name: Archlinux + versions: ["rolling"] galaxy_tags: - - monitor - - docker - - containers - - health - - systemd + - monitor + - docker + - containers + - health + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose diff --git a/roles/sys-hlth-docker-container/tasks/01_core.yml b/roles/sys-hlth-docker-container/tasks/01_core.yml index 7edb2e9e..f87417b3 100644 --- a/roles/sys-hlth-docker-container/tasks/01_core.yml +++ b/roles/sys-hlth-docker-container/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_sys_hlth_docker_container: true + when: run_once_sys_hlth_docker_container is not defined - name: "create {{health_docker_container_folder}}" file: path: "{{health_docker_container_folder}}" @@ -10,8 +18,8 @@ dest: "{{health_docker_container_folder}}sys-hlth-docker-container.sh" - name: create sys-hlth-docker-container.infinito.service - template: - src: sys-hlth-docker-container.service.j2 + template: + src: sys-hlth-docker-container.service.j2 dest: /etc/systemd/system/sys-hlth-docker-container.infinito.service notify: reload sys-hlth-docker-container.infinito.service @@ -23,4 +31,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_health_docker_container}}" + on_calendar: "{{on_calendar_health_docker_container}}" diff --git a/roles/sys-hlth-docker-volumes/meta/main.yml b/roles/sys-hlth-docker-volumes/meta/main.yml index 90c32e5a..782378f0 100644 --- a/roles/sys-hlth-docker-volumes/meta/main.yml +++ b/roles/sys-hlth-docker-volumes/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Detects anonymous Docker volumes not bound to containers (unless whitelisted) and alerts." @@ -10,15 +9,13 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: ["rolling"] + - name: Archlinux + versions: ["rolling"] galaxy_tags: - - monitor - - docker - - volumes - - health - - systemd + - monitor + - docker + - volumes + - health + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose diff --git a/roles/sys-hlth-docker-volumes/tasks/01_core.yml b/roles/sys-hlth-docker-volumes/tasks/01_core.yml index 1a1dcb19..08048797 100644 --- a/roles/sys-hlth-docker-volumes/tasks/01_core.yml +++ b/roles/sys-hlth-docker-volumes/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_sys_hlth_docker_volumes: true + when: run_once_sys_hlth_docker_volumes is not defined - name: "create {{health_docker_volumes_folder}}" file: path: "{{health_docker_volumes_folder}}" @@ -11,7 +19,7 @@ - name: create sys-hlth-docker-volumes.infinito.service template: - src: sys-hlth-docker-volumes.service.j2 + src: sys-hlth-docker-volumes.service.j2 dest: /etc/systemd/system/sys-hlth-docker-volumes.infinito.service notify: reload sys-hlth-docker-volumes.infinito.service @@ -23,4 +31,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_health_docker_volumes}}" + on_calendar: "{{on_calendar_health_docker_volumes}}" diff --git a/roles/sys-hlth-journalctl/meta/main.yml b/roles/sys-hlth-journalctl/meta/main.yml index f5c12604..7d454630 100644 --- a/roles/sys-hlth-journalctl/meta/main.yml +++ b/roles/sys-hlth-journalctl/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Searches the systemd journal for errors over the past day and alerts if any are found." @@ -10,15 +9,13 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: ["rolling"] + - name: Archlinux + versions: ["rolling"] galaxy_tags: - - monitor - - journalctl - - logs - - health - - systemd + - monitor + - journalctl + - logs + - health + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose diff --git a/roles/sys-hlth-journalctl/tasks/01_core.yml b/roles/sys-hlth-journalctl/tasks/01_core.yml index bbbbafab..98517245 100644 --- a/roles/sys-hlth-journalctl/tasks/01_core.yml +++ b/roles/sys-hlth-journalctl/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_sys_hlth_journalctl: true + when: run_once_sys_hlth_journalctl is not defined - name: "create {{health_journalctl_folder}}" file: path: "{{health_journalctl_folder}}" @@ -10,7 +18,7 @@ dest: "{{health_journalctl_folder}}sys-hlth-journalctl.sh" - name: create sys-hlth-journalctl.infinito.service - template: + template: src: sys-hlth-journalctl.service.j2 dest: /etc/systemd/system/sys-hlth-journalctl.infinito.service notify: reload sys-hlth-journalctl.infinito.service @@ -23,4 +31,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_health_journalctl}}" + on_calendar: "{{on_calendar_health_journalctl}}" diff --git a/roles/sys-hlth-msmtp/meta/main.yml b/roles/sys-hlth-msmtp/meta/main.yml index 9c69cc58..80c1dadc 100644 --- a/roles/sys-hlth-msmtp/meta/main.yml +++ b/roles/sys-hlth-msmtp/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Periodic MTA health-check: sends test mail via msmtp and alerts on failure." @@ -10,15 +9,13 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: ["rolling"] + - name: Archlinux + versions: ["rolling"] galaxy_tags: - - monitor - - msmtp - - email - - health - - systemd + - monitor + - msmtp + - email + - health + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-telegram diff --git a/roles/sys-hlth-msmtp/tasks/main.yml b/roles/sys-hlth-msmtp/tasks/main.yml index e24f2f5e..56022dd7 100644 --- a/roles/sys-hlth-msmtp/tasks/main.yml +++ b/roles/sys-hlth-msmtp/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-telegram' + include_role: + name: sys-alm-telegram + - set_fact: + run_once_sys_hlth_msmtp: true + when: run_once_sys_hlth_msmtp is not defined - name: "create {{ health_msmtp_folder }}" file: path: "{{ health_msmtp_folder }}" @@ -6,7 +14,7 @@ - name: create sys-hlth-msmtp.sh template: - src: sys-hlth-msmtp.sh.j2 + src: sys-hlth-msmtp.sh.j2 dest: "{{ health_msmtp_folder }}sys-hlth-msmtp.sh" mode: '0755' @@ -24,4 +32,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{ on_calendar_health_msmtp }}" \ No newline at end of file + on_calendar: "{{ on_calendar_health_msmtp }}" diff --git a/roles/sys-hlth-webserver/meta/main.yml b/roles/sys-hlth-webserver/meta/main.yml index d73d6259..07b9d3f6 100644 --- a/roles/sys-hlth-webserver/meta/main.yml +++ b/roles/sys-hlth-webserver/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Checks that each Nginx domain returns its expected HTTP status and alerts on unexpected codes." @@ -10,17 +9,14 @@ galaxy_info: license_url: "https://s.veen.world/cncl" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: ["rolling"] + - name: Archlinux + versions: ["rolling"] galaxy_tags: - - monitor - - webserver - - nginx - - http - - health - - systemd + - monitor + - webserver + - nginx + - http + - health + - systemd repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" documentation: "https://docs.infinito.nexus" -dependencies: - - dev-python-pip - - sys-alm-compose diff --git a/roles/sys-hlth-webserver/tasks/01_core.yml b/roles/sys-hlth-webserver/tasks/01_core.yml index bc973557..2cfaf2c2 100644 --- a/roles/sys-hlth-webserver/tasks/01_core.yml +++ b/roles/sys-hlth-webserver/tasks/01_core.yml @@ -1,3 +1,14 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - dev-python-pip + - sys-alm-compose + - set_fact: + run_once_sys_hlth_webserver: true + when: run_once_sys_hlth_webserver is not defined - name: Install required Python modules community.general.pacman: name: python-requests @@ -15,7 +26,7 @@ dest: "{{ health_nginx_folder }}sys-hlth-webserver.py" - name: create sys-hlth-webserver.infinito.service - template: + template: src: sys-hlth-webserver.service.j2 dest: /etc/systemd/system/sys-hlth-webserver.infinito.service notify: reload sys-hlth-webserver.infinito.service @@ -28,4 +39,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_health_nginx}}" + on_calendar: "{{on_calendar_health_nginx}}" diff --git a/roles/sys-postfix/meta/main.yml b/roles/sys-postfix/meta/main.yml index c5b131c3..c418002a 100644 --- a/roles/sys-postfix/meta/main.yml +++ b/roles/sys-postfix/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs and configures Postfix to provide a robust mail transfer agent setup with a preconfigured aliases file for local mail delivery." @@ -10,17 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - postfix - - mail - - aliases - - configuration - - security + - postfix + - mail + - aliases + - configuration + - security repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - user-administrator diff --git a/roles/sys-postfix/tasks/main.yml b/roles/sys-postfix/tasks/main.yml index 9d8ed5be..5da93568 100644 --- a/roles/sys-postfix/tasks/main.yml +++ b/roles/sys-postfix/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'user-administrator' + include_role: + name: user-administrator + - set_fact: + run_once_sys_postfix: true + when: run_once_sys_postfix is not defined - name: install postfix community.general.pacman: name: postfix diff --git a/roles/sys-rpr-btrfs-blnc/meta/main.yml b/roles/sys-rpr-btrfs-blnc/meta/main.yml index dd02d34f..2a8d00e6 100644 --- a/roles/sys-rpr-btrfs-blnc/meta/main.yml +++ b/roles/sys-rpr-btrfs-blnc/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automates the balancing of Btrfs file systems by cloning the auto-btrfs-balancer repository and configuring a systemd service and timer for regular execution." @@ -10,16 +9,14 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - btrfs - - balancing - - filesystem - - automation + - btrfs + - balancing + - filesystem + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-alm-compose diff --git a/roles/sys-rpr-btrfs-blnc/tasks/01_core.yml b/roles/sys-rpr-btrfs-blnc/tasks/01_core.yml index 2cc5291d..0a1a4da2 100644 --- a/roles/sys-rpr-btrfs-blnc/tasks/01_core.yml +++ b/roles/sys-rpr-btrfs-blnc/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-alm-compose' + include_role: + name: sys-alm-compose + - set_fact: + run_once_sys_rpr_btrfs_blnc: true + when: run_once_sys_rpr_btrfs_blnc is not defined - name: "pkgmgr install" include_role: name: pkgmgr-install @@ -5,7 +13,7 @@ package_name: btrfs-auto-balancer - name: configure sys-rpr-btrfs-blnc.infinito.service - template: + template: src: sys-rpr-btrfs-blnc.service.j2 dest: /etc/systemd/system/sys-rpr-btrfs-blnc.infinito.service notify: reload sys-rpr-btrfs-blnc.infinito.service @@ -18,4 +26,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_btrfs_auto_balancer}}" \ No newline at end of file + on_calendar: "{{on_calendar_btrfs_auto_balancer}}" diff --git a/roles/sys-rpr-docker-hard/meta/main.yml b/roles/sys-rpr-docker-hard/meta/main.yml index 613f5c5d..96354c51 100644 --- a/roles/sys-rpr-docker-hard/meta/main.yml +++ b/roles/sys-rpr-docker-hard/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automates the restart of Docker Compose instances by detecting docker-compose.yml files and executing a restart script, ensuring consistent service availability." @@ -10,20 +9,18 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling - - name: Ubuntu - versions: - - all + - name: Archlinux + versions: + - rolling + - name: Ubuntu + versions: + - all galaxy_tags: - - docker - - restart - - update - - systemd - - automation + - docker + - restart + - update + - systemd + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-lock \ No newline at end of file diff --git a/roles/sys-rpr-docker-hard/tasks/01_core.yml b/roles/sys-rpr-docker-hard/tasks/01_core.yml index 2aeeeccd..eeedefa8 100644 --- a/roles/sys-rpr-docker-hard/tasks/01_core.yml +++ b/roles/sys-rpr-docker-hard/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-lock' + include_role: + name: sys-lock + - set_fact: + run_once_sys_rpr_docker_hard: true + when: run_once_sys_rpr_docker_hard is not defined - name: "create {{restart_docker_folder}}" file: path: "{{restart_docker_folder}}" @@ -10,7 +18,7 @@ dest: "{{restart_docker_script}}" - name: configure sys-rpr-docker-hard.infinito.service - template: + template: src: sys-rpr-docker-hard.service.j2 dest: /etc/systemd/system/sys-rpr-docker-hard.infinito.service notify: "reload sys-rpr-docker-hard.infinito.service" @@ -23,4 +31,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_restart_docker}}" \ No newline at end of file + on_calendar: "{{on_calendar_restart_docker}}" diff --git a/roles/sys-rpr-docker-soft/meta/main.yml b/roles/sys-rpr-docker-soft/meta/main.yml index 33fd179c..5dbf60fb 100644 --- a/roles/sys-rpr-docker-soft/meta/main.yml +++ b/roles/sys-rpr-docker-soft/meta/main.yml @@ -1,26 +1,23 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Automated recovery for unhealthy or exited Docker Compose containers." license: "Infinito.Nexus NonCommercial License (CNCL)" license_url: "https://s.veen.world/cncl" - company: | + company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - docker - - docker-compose - - systemd - - automation - - archlinux + - docker + - docker-compose + - systemd + - automation + - archlinux repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" -dependencies: - - sys-lock \ No newline at end of file diff --git a/roles/sys-rpr-docker-soft/tasks/01_core.yml b/roles/sys-rpr-docker-soft/tasks/01_core.yml index 959333a0..343a8e8f 100644 --- a/roles/sys-rpr-docker-soft/tasks/01_core.yml +++ b/roles/sys-rpr-docker-soft/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-lock' + include_role: + name: sys-lock + - set_fact: + run_once_sys_rpr_docker_soft: true + when: run_once_sys_rpr_docker_soft is not defined - name: "create {{heal_docker}}" file: path: "{{heal_docker}}" @@ -11,8 +19,8 @@ notify: restart sys-rpr-docker-soft.infinito.service - name: create sys-rpr-docker-soft.infinito.service - template: - src: sys-rpr-docker-soft.service.j2 + template: + src: sys-rpr-docker-soft.service.j2 dest: /etc/systemd/system/sys-rpr-docker-soft.infinito.service notify: restart sys-rpr-docker-soft.infinito.service @@ -24,4 +32,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_heal_docker}}" \ No newline at end of file + on_calendar: "{{on_calendar_heal_docker}}" diff --git a/roles/sys-svc-journalctl/meta/main.yml b/roles/sys-svc-journalctl/meta/main.yml index d668ea7e..6de77fca 100644 --- a/roles/sys-svc-journalctl/meta/main.yml +++ b/roles/sys-svc-journalctl/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Configure and manage systemd-journald settings" @@ -9,12 +8,10 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - system - - logging - - journald + - system + - logging + - journald repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/roles/sys-svc-journalctl" run_after: [] -dependencies: - - sys-hlth-journalctl diff --git a/roles/sys-svc-journalctl/tasks/main.yml b/roles/sys-svc-journalctl/tasks/main.yml index d89e9382..f9dec338 100644 --- a/roles/sys-svc-journalctl/tasks/main.yml +++ b/roles/sys-svc-journalctl/tasks/main.yml @@ -1,5 +1,13 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-hlth-journalctl' + include_role: + name: sys-hlth-journalctl + - set_fact: + run_once_sys_svc_journalctl: true + when: run_once_sys_svc_journalctl is not defined - name: copy journald.conf - template: + template: src: templates/journald.conf.j2 dest: /etc/systemd/journald.conf notify: restart systemd-journald diff --git a/roles/sys-svc-msmtp/meta/main.yml b/roles/sys-svc-msmtp/meta/main.yml index 19ca6807..a9db19f4 100644 --- a/roles/sys-svc-msmtp/meta/main.yml +++ b/roles/sys-svc-msmtp/meta/main.yml @@ -9,17 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - email - - msmtp - - smtp - - automation - - archlinux + - email + - msmtp + - smtp + - automation + - archlinux repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-hlth-msmtp diff --git a/roles/sys-svc-msmtp/tasks/main.yml b/roles/sys-svc-msmtp/tasks/main.yml index 292131e0..46cbb20e 100644 --- a/roles/sys-svc-msmtp/tasks/main.yml +++ b/roles/sys-svc-msmtp/tasks/main.yml @@ -1,14 +1,22 @@ -- name: install msmtp msmtp-mta +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-hlth-msmtp' + include_role: + name: sys-hlth-msmtp + - set_fact: + run_once_sys_svc_msmtp: true + when: run_once_sys_svc_msmtp is not defined +- name: install msmtp msmtp-mta community.general.pacman: name: - - msmtp - - msmtp-mta - state: present + - msmtp + - msmtp-mta + state: present when: run_once_sys_svc_msmtp is not defined - name: configure msmtprc.conf.j2 template: - src: "msmtprc.conf.j2" + src: "msmtprc.conf.j2" dest: "/root/.msmtprc" mode: 600 when: run_once_sys_svc_msmtp is not defined @@ -16,4 +24,4 @@ - name: run the msmtp tasks once set_fact: run_once_sys_svc_msmtp: true - when: run_once_sys_svc_msmtp is not defined \ No newline at end of file + when: run_once_sys_svc_msmtp is not defined diff --git a/roles/sys-svc-sshd/meta/main.yml b/roles/sys-svc-sshd/meta/main.yml index ebd2e64f..0c4ffaef 100644 --- a/roles/sys-svc-sshd/meta/main.yml +++ b/roles/sys-svc-sshd/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Configures a secure SSH daemon environment by deploying a templated sshd_config file and restarting the SSH service as needed." @@ -10,16 +9,14 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Linux - versions: - - all + - name: Linux + versions: + - all galaxy_tags: - - sshd - - ssh - - security - - configuration + - sshd + - ssh + - security + - configuration repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - user-administrator diff --git a/roles/sys-svc-sshd/tasks/main.yml b/roles/sys-svc-sshd/tasks/main.yml index 010bbb37..f2984256 100644 --- a/roles/sys-svc-sshd/tasks/main.yml +++ b/roles/sys-svc-sshd/tasks/main.yml @@ -1,14 +1,22 @@ -- block: - - name: create sshd_config - template: - src: "sshd_config.j2" - dest: /etc/ssh/sshd_config - owner: root - group: root - mode: '0644' - notify: sshd restart - - - name: run the sshd tasks once - set_fact: - run_once_sys_svc_sshd: true +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'user-administrator' + include_role: + name: user-administrator + - set_fact: + run_once_sys_svc_sshd: true + when: run_once_sys_svc_sshd is not defined +- block: + - name: create sshd_config + template: + src: "sshd_config.j2" + dest: /etc/ssh/sshd_config + owner: root + group: root + mode: '0644' + notify: sshd restart + + - name: run the sshd tasks once + set_fact: + run_once_sys_svc_sshd: true when: run_once_sys_svc_sshd is not defined diff --git a/roles/update-docker/meta/main.yml b/roles/update-docker/meta/main.yml index f04792d9..a0ed7459 100644 --- a/roles/update-docker/meta/main.yml +++ b/roles/update-docker/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Updates Docker Compose instances by detecting changes in Docker image digests and rebuilding containers when necessary. This role automates Docker image pulls and container rebuilds." @@ -10,21 +9,19 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling - - name: Ubuntu - versions: - - all + - name: Archlinux + versions: + - rolling + - name: Ubuntu + versions: + - all galaxy_tags: - - docker - - update - - compose - - images - - systemd - - maintenance + - docker + - update + - compose + - images + - systemd + - maintenance repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-lock diff --git a/roles/update-docker/tasks/01_core.yml b/roles/update-docker/tasks/01_core.yml index 657ffb19..5a2f514e 100644 --- a/roles/update-docker/tasks/01_core.yml +++ b/roles/update-docker/tasks/01_core.yml @@ -1,9 +1,17 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-lock' + include_role: + name: sys-lock + - set_fact: + run_once_update_docker: true + when: run_once_update_docker is not defined - name: "start sys-bkp-docker-2-loc-everything.infinito.service" systemd: name: sys-bkp-docker-2-loc-everything.infinito.service state: started - when: - - mode_backup | bool + when: + - mode_backup | bool - name: create {{update_docker_script}} template: @@ -11,7 +19,7 @@ dest: "{{update_docker_script}}" - name: configure update-docker.infinito.service - template: + template: src: update-docker.service.j2 dest: /etc/systemd/system/update-docker.infinito.service diff --git a/roles/update-pip/meta/main.yml b/roles/update-pip/meta/main.yml index e627c983..f25a216a 100644 --- a/roles/update-pip/meta/main.yml +++ b/roles/update-pip/meta/main.yml @@ -9,19 +9,17 @@ galaxy_info: description: "Automatically updates all Python Pip packages to their latest available versions." min_ansible_version: "2.9" platforms: - - name: Ubuntu - versions: - - all - - name: Archlinux - versions: - - rolling - - name: Debian - versions: - - all + - name: Ubuntu + versions: + - all + - name: Archlinux + versions: + - rolling + - name: Debian + versions: + - all galaxy_tags: - - python - - pip - - update - - maintenance -dependencies: - - dev-python-pip \ No newline at end of file + - python + - pip + - update + - maintenance diff --git a/roles/update-pip/tasks/main.yml b/roles/update-pip/tasks/main.yml index 41136172..c84f869c 100644 --- a/roles/update-pip/tasks/main.yml +++ b/roles/update-pip/tasks/main.yml @@ -1,8 +1,9 @@ -# run_once_update_pip: deactivated -# Deactivated due to that it breaks the system -# There is no alternative to do the python update -# -#- name: Update all local pip packages -# shell: 'pip freeze --local | grep -v "^\-e" | cut -d = -f 1 | xargs -n1 pip install -U --break-system-packages' -# args: -# executable: /bin/bash \ No newline at end of file +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-python-pip' + include_role: + name: dev-python-pip + - set_fact: + run_once_update_pip: true + when: run_once_update_pip is not defined +- {} diff --git a/roles/update-yay/meta/main.yml b/roles/update-yay/meta/main.yml index f15c816f..496ee75a 100644 --- a/roles/update-yay/meta/main.yml +++ b/roles/update-yay/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Updates AUR packages on Arch Linux systems using yay. This role automates the upgrade process for AUR packages, ensuring that the system remains up-to-date with the latest versions available in the Arch User Repository." @@ -10,18 +9,16 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - aur - - update - - archlinux - - yay - - system - - maintenance + - aur + - update + - archlinux + - yay + - system + - maintenance repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - dev-yay \ No newline at end of file diff --git a/roles/update-yay/tasks/main.yml b/roles/update-yay/tasks/main.yml index 966c323a..182162d3 100644 --- a/roles/update-yay/tasks/main.yml +++ b/roles/update-yay/tasks/main.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_update_yay: true + when: run_once_update_yay is not defined - name: upgrade the system using yay, only act on AUR packages. become: false kewlfft.aur.aur: @@ -9,4 +17,4 @@ - name: run update yay once set_fact: run_once_update_yay: true - when: run_once_update_yay is not defined \ No newline at end of file + when: run_once_update_yay is not defined diff --git a/roles/user-administrator/meta/main.yml b/roles/user-administrator/meta/main.yml index d8731768..0d01218a 100644 --- a/roles/user-administrator/meta/main.yml +++ b/roles/user-administrator/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Creates a dedicated administrator user for local administrative tasks, ensuring secure privilege escalation and proper system management. This role configures the administrator account, sets up the home directory, SSH settings, and grants sudo privileges with password authentication." @@ -10,18 +9,16 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Linux - versions: - - all + - name: Linux + versions: + - all galaxy_tags: - - user - - administrator - - security - - sudo - - ssh - - configuration + - user + - administrator + - security + - sudo + - ssh + - configuration repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - sys-sudo \ No newline at end of file diff --git a/roles/user-administrator/tasks/01_core.yml b/roles/user-administrator/tasks/01_core.yml index 7ffc6dbd..6b90620a 100644 --- a/roles/user-administrator/tasks/01_core.yml +++ b/roles/user-administrator/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-sudo' + include_role: + name: sys-sudo + - set_fact: + run_once_user_administrator: true + when: run_once_user_administrator is not defined - name: create administrator user: name: administrator @@ -23,7 +31,7 @@ owner: administrator group: administrator mode: 0700 - + - name: create {{path_administrator_home}}.ssh/authorized_keys copy: src: "{{ inventory_dir }}/files/{{ inventory_hostname }}{{path_administrator_home}}.ssh/authorized_keys" @@ -39,10 +47,10 @@ mode: '0644' owner: root group: root - notify: sshd restart + notify: sshd restart - name: "embed user routines for {{ role_path | basename }}" include_role: name: user vars: - user_name: "administrator" + user_name: "administrator" diff --git a/roles/util-desk-design/meta/main.yml b/roles/util-desk-design/meta/main.yml index e579d001..f9e1d2b9 100644 --- a/roles/util-desk-design/meta/main.yml +++ b/roles/util-desk-design/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Installs designer tools such as GIMP, Blender, and Draw.io via AUR on Arch Linux." @@ -9,17 +8,14 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - gimp - - blender - - drawio - - design + - gimp + - blender + - drawio + - design repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/util-desk-design" min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: [ all ] -dependencies: - - dev-yay - + - name: Archlinux + versions: [all] diff --git a/roles/util-desk-design/tasks/main.yml b/roles/util-desk-design/tasks/main.yml index 06463537..3b876830 100644 --- a/roles/util-desk-design/tasks/main.yml +++ b/roles/util-desk-design/tasks/main.yml @@ -1,13 +1,21 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-yay' + include_role: + name: dev-yay + - set_fact: + run_once_util_desk_design: true + when: run_once_util_desk_design is not defined - name: install designer tools community.general.pacman: - name: - - gimp - - blender + name: + - gimp + - blender state: present - name: install drawio kewlfft.aur.aur: use: yay name: - - drawio-desktop + - drawio-desktop become: false diff --git a/roles/util-desk-dev-core/meta/main.yml b/roles/util-desk-dev-core/meta/main.yml index 9d98a517..43b35f63 100644 --- a/roles/util-desk-dev-core/meta/main.yml +++ b/roles/util-desk-dev-core/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs a base development environment for software engineers on Linux." @@ -10,19 +9,18 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - development - - software - - engineering - - archlinux - - persona - - tools + - development + - software + - engineering + - archlinux + - persona + - tools repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" dependencies: - - util-dev-admin - - pkgmgr \ No newline at end of file +- util-dev-admin diff --git a/roles/util-desk-dev-core/tasks/main.yml b/roles/util-desk-dev-core/tasks/main.yml index 2f983f45..5c4060e7 100644 --- a/roles/util-desk-dev-core/tasks/main.yml +++ b/roles/util-desk-dev-core/tasks/main.yml @@ -1,5 +1,13 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'pkgmgr' + include_role: + name: pkgmgr + - set_fact: + run_once_util_desk_dev_core: true + when: run_once_util_desk_dev_core is not defined - name: install base developer tools community.general.pacman: name: - - code + - code state: present diff --git a/roles/util-desk-dev-python/meta/main.yml b/roles/util-desk-dev-python/meta/main.yml index 4d906c35..10c60ba0 100644 --- a/roles/util-desk-dev-python/meta/main.yml +++ b/roles/util-desk-dev-python/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs tools and environment for Python development on Linux." @@ -10,20 +9,19 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - development - - python - - software - - engineering - - archlinux - - persona - - pip + - development + - python + - software + - engineering + - archlinux + - persona + - pip repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" dependencies: - - util-desk-dev-core - - dev-python-pip \ No newline at end of file +- util-desk-dev-core diff --git a/roles/util-desk-dev-python/tasks/main.yml b/roles/util-desk-dev-python/tasks/main.yml new file mode 100644 index 00000000..1dbef96e --- /dev/null +++ b/roles/util-desk-dev-python/tasks/main.yml @@ -0,0 +1,8 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'dev-python-pip' + include_role: + name: dev-python-pip + - set_fact: + run_once_util_desk_dev_python: true + when: run_once_util_desk_dev_python is not defined diff --git a/roles/util-dev-admin/meta/main.yml b/roles/util-dev-admin/meta/main.yml index 7aacd2e8..ee4e28b4 100644 --- a/roles/util-dev-admin/meta/main.yml +++ b/roles/util-dev-admin/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Installs essential tools for Linux system administrators on Linux." @@ -10,20 +9,18 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - system - - administration - - archlinux - - persona - - tools + - system + - administration + - archlinux + - persona + - tools repository: https://github.com/kevinveenbirkenbach/infinito-nexus issue_tracker_url: https://github.com/kevinveenbirkenbach/infinito-nexus/issues documentation: "https://docs.infinito.nexus/" dependencies: - - desk-git - - dev-make - - dev-gcc - - dev-yay \ No newline at end of file +- desk-git +- dev-make diff --git a/roles/util-dev-admin/tasks/main.yml b/roles/util-dev-admin/tasks/main.yml index 384cb9fe..b6678c3c 100644 --- a/roles/util-dev-admin/tasks/main.yml +++ b/roles/util-dev-admin/tasks/main.yml @@ -1,8 +1,19 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - dev-gcc + - dev-yay + - set_fact: + run_once_util_dev_admin: true + when: run_once_util_dev_admin is not defined - name: install administration tools community.general.pacman: name: - - base-devel - - cmake - - fdupes - - p7zip + - base-devel + - cmake + - fdupes + - p7zip state: present diff --git a/roles/web-app-matrix-ansible/meta/main.yml b/roles/web-app-matrix-ansible/meta/main.yml index cee4094b..0c16ed0e 100644 --- a/roles/web-app-matrix-ansible/meta/main.yml +++ b/roles/web-app-matrix-ansible/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: > @@ -12,16 +11,14 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - matrix - - ansible - - federated - - decentralized - - real-time - - encrypted + - matrix + - ansible + - federated + - decentralized + - real-time + - encrypted repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" logo: class: "fa-solid fa-satellite-dish" -dependencies: -- srv-proxy-7-4-core diff --git a/roles/web-app-matrix-ansible/tasks/main.yml b/roles/web-app-matrix-ansible/tasks/main.yml index d346fec9..e73123aa 100644 --- a/roles/web-app-matrix-ansible/tasks/main.yml +++ b/roles/web-app-matrix-ansible/tasks/main.yml @@ -1,10 +1,17 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-proxy-7-4-core' + include_role: + name: srv-proxy-7-4-core + - set_fact: + run_once_web_app_matrix_ansible: true + when: run_once_web_app_matrix_ansible is not defined - name: "include role srv-proxy-6-6-domain for {{application_id}}" - include_role: + include_role: name: srv-proxy-6-6-domain loop: - - "{{ domains[application_id].element }}" - - "{{ domains[application_id].synapse }}" + - "{{ domains[application_id].element }}" + - "{{ domains[application_id].synapse }}" loop_control: loop_var: domain @@ -37,8 +44,8 @@ hosts_path: "{{ matrix_inventory_tmp_dir.path }}/hosts.yml" - name: create hosts.yml - template: - src: "hosts.yml.j2" + template: + src: "hosts.yml.j2" dest: "{{hosts_path}}" become: false delegate_to: localhost @@ -62,8 +69,8 @@ vars_file_path: "{{ vars_folder_path }}vars.yml" - name: create vars.yml - template: - src: "vars.yml.j2" + template: + src: "vars.yml.j2" dest: "{{vars_file_path}}" become: false delegate_to: localhost @@ -84,7 +91,7 @@ become: false - + #- name: delete inventory directory # file: # path: "{{ matrix_inventory_tmp_dir.path }}" diff --git a/roles/web-app-mig/meta/main.yml b/roles/web-app-mig/meta/main.yml index 47e0f4d6..0862412d 100644 --- a/roles/web-app-mig/meta/main.yml +++ b/roles/web-app-mig/meta/main.yml @@ -1,25 +1,22 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: > The Meta Infinite Graph offers you an interactive, visual map of all Infinito.Nexus roles and their dependencies—making it easy to explore, understand, and navigate the complete structure of your infrastructure. license: "Infinito.Nexus NonCommercial License (CNCL)" license_url: "https://s.veen.world/cncl" - company: | + company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - infinito - - meta - - visualization - - dependencies - - graph + - infinito + - meta + - visualization + - dependencies + - graph repository: "https://github.com/kevinveenbirkenbach/meta-infinite-graph" issue_tracker_url: "https://github.com/kevinveenbirkenbach/meta-infinite-graph/issues" documentation: "https://github.com/kevinveenbirkenbach/meta-infinite-graph/" logo: class: "fa-solid fa-brain" run_after: [] -dependencies: - - sys-cli diff --git a/roles/web-app-mig/tasks/01_core.yml b/roles/web-app-mig/tasks/01_core.yml index 0f9b02a9..ba242132 100644 --- a/roles/web-app-mig/tasks/01_core.yml +++ b/roles/web-app-mig/tasks/01_core.yml @@ -1,3 +1,11 @@ +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'sys-cli' + include_role: + name: sys-cli + - set_fact: + run_once_web_app_mig: true + when: run_once_web_app_mig is not defined - name: Load docker compose vars include_vars: file: roles/docker-compose/vars/docker-compose.yml @@ -5,11 +13,10 @@ - name: Set roles volume variable set_fact: - mig_roles_meta_volume: "{{ mig_docker_compose.docker_compose.directories.volumes }}/roles/" - + mig_roles_meta_volume: "{{ mig_docker_compose.docker_compose.directories.volumes }}/roles/" - name: Set roles list variable set_fact: - mig_roles_meta_list: "{{ mig_roles_meta_volume }}list.json" + mig_roles_meta_list: "{{ mig_roles_meta_volume }}list.json" - name: "load docker, proxy for '{{application_id}}'" include_role: @@ -17,10 +24,10 @@ - name: Create tree command: "infinito build tree --no-signal --alarm-timeout 0 -s {{ mig_roles_meta_volume }}" - when: - - mig_build_data + when: + - mig_build_data - name: Create roles list command: "infinito build roles_list --no-signal --alarm-timeout 0 -o {{ mig_roles_meta_list }}" - when: - - mig_build_data \ No newline at end of file + when: + - mig_build_data diff --git a/roles/web-app-mybb/meta/main.yml b/roles/web-app-mybb/meta/main.yml index 913e4129..56c073c3 100644 --- a/roles/web-app-mybb/meta/main.yml +++ b/roles/web-app-mybb/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "Transform your community engagement with MyBB, a feature-rich forum solution that combines modern design with robust functionality. Enjoy dynamic discussions, intuitive moderation, and a vibrant user interface that brings your community together." @@ -9,19 +8,17 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - mybb - - docker - - forum - - community - - cms + - mybb + - docker + - forum + - community + - cms repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" logo: class: "fa-solid fa-comments" run_after: - - web-app-matomo - - web-app-keycloak - - web-app-mailu -dependencies: - - srv-proxy-7-4-core \ No newline at end of file + - web-app-matomo + - web-app-keycloak + - web-app-mailu diff --git a/roles/web-app-mybb/tasks/main.yml b/roles/web-app-mybb/tasks/main.yml index 1ffb9ab0..6445ff7e 100644 --- a/roles/web-app-mybb/tasks/main.yml +++ b/roles/web-app-mybb/tasks/main.yml @@ -1,6 +1,13 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-proxy-7-4-core' + include_role: + name: srv-proxy-7-4-core + - set_fact: + run_once_web_app_mybb: true + when: run_once_web_app_mybb is not defined - name: "load docker and db for {{application_id}}" - include_role: + include_role: name: cmp-db-docker - name: "include tasks setup-domain.yml with {{domains | get_domain(application_id)}}" @@ -17,13 +24,13 @@ recurse: yes - name: "create {{docker_compose_instance_confd_defaultconf_file}}" - template: - src: "default.conf" + template: + src: "default.conf" dest: "{{docker_compose_instance_confd_defaultconf_file}}" notify: docker compose up - name: add docker-compose.yml - template: - src: "docker-compose.yml.j2" + template: + src: "docker-compose.yml.j2" dest: "{{docker_compose.directories.instance}}docker-compose.yml" notify: docker compose up diff --git a/roles/web-opt-rdr-domains/meta/main.yml b/roles/web-opt-rdr-domains/meta/main.yml index 04ff69fc..40177371 100644 --- a/roles/web-opt-rdr-domains/meta/main.yml +++ b/roles/web-opt-rdr-domains/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birchenbach" description: "Configures Nginx to perform 301 redirects based on a list of source→target domain mappings." @@ -9,16 +8,13 @@ galaxy_info: Consulting & Coaching Solutions https://www.veen.world galaxy_tags: - - nginx - - redirect - - domains + - nginx + - redirect + - domains repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/tree/main/roles/web-opt-rdr-domains" min_ansible_version: "2.9" platforms: - - name: Any - versions: [ all ] -dependencies: - - srv-web-7-6-https - + - name: Any + versions: [all] diff --git a/roles/web-opt-rdr-domains/tasks/main.yml b/roles/web-opt-rdr-domains/tasks/main.yml index e140d6e0..593d9c7e 100644 --- a/roles/web-opt-rdr-domains/tasks/main.yml +++ b/roles/web-opt-rdr-domains/tasks/main.yml @@ -1,9 +1,14 @@ ---- -# run_once_web_opt_rdr_domains: deactivated - +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-6-https' + include_role: + name: srv-web-7-6-https + - set_fact: + run_once_web_opt_rdr_domains: true + when: run_once_web_opt_rdr_domains is not defined - name: "Include domains redirects" include_tasks: redirect-domain.yml vars: domain: "{{ item.source }}" target: "{{ item.target }}" - loop: "{{ redirect_domain_mappings }}" \ No newline at end of file + loop: "{{ redirect_domain_mappings }}" diff --git a/roles/web-opt-rdr-www/meta/main.yml b/roles/web-opt-rdr-www/meta/main.yml index a024f316..889ff704 100644 --- a/roles/web-opt-rdr-www/meta/main.yml +++ b/roles/web-opt-rdr-www/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: "An Ansible role to redirect www subdomains to non-www domains in Nginx" @@ -10,17 +9,15 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - redirect - - www - - wildcard - - seo + - nginx + - redirect + - www + - wildcard + - seo repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - srv-web-7-4-core \ No newline at end of file diff --git a/roles/web-opt-rdr-www/tasks/main.yml b/roles/web-opt-rdr-www/tasks/main.yml index cc19517a..76a8f798 100644 --- a/roles/web-opt-rdr-www/tasks/main.yml +++ b/roles/web-opt-rdr-www/tasks/main.yml @@ -1,4 +1,11 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependency 'srv-web-7-4-core' + include_role: + name: srv-web-7-4-core + - set_fact: + run_once_web_opt_rdr_www: true + when: run_once_web_opt_rdr_www is not defined - name: Filter www-prefixed domains from current_play_domains_all set_fact: www_domains: "{{ current_play_domains_all | select('match', '^www\\.') | list }}" @@ -7,20 +14,14 @@ include_role: name: web-opt-rdr-domains vars: - domain_mappings: "{{ www_domains - | map('regex_replace', - '^www\\.(.+)$', - '{ source: \"www.\\1\", target: \"\\1\" }') - | map('from_yaml') - | list - }}" + domain_mappings: "{{ www_domains | map('regex_replace', '^www\\.(.+)$', '{ source: \"www.\\1\", target: \"\\1\" }') | map('from_yaml') | list }}" - name: Include DNS role to set redirects include_role: name: srv-web-7-7-dns-records vars: - cloudflare_api_token: "{{ certbot_dns_api_token }}" - cloudflare_domains: "{{ www_domains }}" - cloudflare_target_ip: "{{ networks.internet.ip4 }}" - cloudflare_proxied: false - when: dns_provider == 'cloudflare' \ No newline at end of file + cloudflare_api_token: "{{ certbot_dns_api_token }}" + cloudflare_domains: "{{ www_domains }}" + cloudflare_target_ip: "{{ networks.internet.ip4 }}" + cloudflare_proxied: false + when: dns_provider == 'cloudflare' diff --git a/roles/web-svc-cdn/meta/main.yml b/roles/web-svc-cdn/meta/main.yml index dbae45c1..3d2e91bb 100644 --- a/roles/web-svc-cdn/meta/main.yml +++ b/roles/web-svc-cdn/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: | @@ -11,20 +10,17 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - https - - file - - static-files - - ssl - - letsencrypt - - automation + - nginx + - https + - file + - static-files + - ssl + - letsencrypt + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - srv-web-7-6-https - - dev-git diff --git a/roles/web-svc-cdn/tasks/main.yml b/roles/web-svc-cdn/tasks/main.yml index 9164c5b2..09ac8ceb 100644 --- a/roles/web-svc-cdn/tasks/main.yml +++ b/roles/web-svc-cdn/tasks/main.yml @@ -1,19 +1,28 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - srv-web-7-6-https + - dev-git + - set_fact: + run_once_web_svc_cdn: true + when: run_once_web_svc_cdn is not defined - block: - - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: name: srv-web-7-6-composer vars: - domain: "{{ domains | get_domain(application_id) }}" - http_port: "{{ ports.localhost.http[application_id] }}" + domain: "{{ domains | get_domain(application_id) }}" + http_port: "{{ ports.localhost.http[application_id] }}" - name: "generate {{domains | get_domain(application_id)}}.conf" - template: - src: "nginx.conf.j2" + template: + src: "nginx.conf.j2" dest: "{{ nginx.directories.http.servers }}{{ domains | get_domain(application_id) }}.conf" notify: restart openresty - + - include_tasks: utils/run_once.yml when: run_once_web_svc_cdn is not defined diff --git a/roles/web-svc-file/meta/main.yml b/roles/web-svc-file/meta/main.yml index b593c8e1..b20ab4be 100644 --- a/roles/web-svc-file/meta/main.yml +++ b/roles/web-svc-file/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: | @@ -11,20 +10,17 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - https - - file - - static-files - - ssl - - letsencrypt - - automation + - nginx + - https + - file + - static-files + - ssl + - letsencrypt + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" -dependencies: - - srv-web-7-6-https - - dev-git diff --git a/roles/web-svc-file/tasks/main.yml b/roles/web-svc-file/tasks/main.yml index bad23ba0..1c496e70 100644 --- a/roles/web-svc-file/tasks/main.yml +++ b/roles/web-svc-file/tasks/main.yml @@ -1,13 +1,23 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - srv-web-7-6-https + - dev-git + - set_fact: + run_once_web_svc_file: true + when: run_once_web_svc_file is not defined - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: name: srv-web-7-6-composer vars: - domain: "{{ domains | get_domain(application_id) }}" - http_port: "{{ ports.localhost.http[application_id] }}" + domain: "{{ domains | get_domain(application_id) }}" + http_port: "{{ ports.localhost.http[application_id] }}" - name: "generate {{domains | get_domain(application_id)}}.conf" - template: - src: "nginx.conf.j2" + template: + src: "nginx.conf.j2" dest: "{{ nginx.directories.http.servers }}{{ domains | get_domain(application_id) }}.conf" - notify: restart openresty \ No newline at end of file + notify: restart openresty diff --git a/roles/web-svc-html/meta/main.yml b/roles/web-svc-html/meta/main.yml index 004375f8..6d54e9eb 100644 --- a/roles/web-svc-html/meta/main.yml +++ b/roles/web-svc-html/meta/main.yml @@ -1,4 +1,3 @@ ---- galaxy_info: author: "Kevin Veen-Birkenbach" description: | @@ -11,24 +10,21 @@ galaxy_info: https://www.veen.world min_ansible_version: "2.9" platforms: - - name: Archlinux - versions: - - rolling + - name: Archlinux + versions: + - rolling galaxy_tags: - - nginx - - https - - static - - html - - letsencrypt - - ssl - - homepage - - automation + - nginx + - https + - static + - html + - letsencrypt + - ssl + - homepage + - automation repository: "https://github.com/kevinveenbirkenbach/infinito-nexus" issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues" documentation: "https://docs.infinito.nexus" # This propably leads to problems at a point, @todo solve it # run_after: # - web-app-matomo -dependencies: - - srv-web-7-6-https - - dev-git diff --git a/roles/web-svc-html/tasks/main.yml b/roles/web-svc-html/tasks/main.yml index d34a66be..307cd875 100644 --- a/roles/web-svc-html/tasks/main.yml +++ b/roles/web-svc-html/tasks/main.yml @@ -1,13 +1,23 @@ ---- +- name: Load former meta dependencies once + block: + - name: Include moved dependencies + include_role: + name: '{{ item }}' + loop: + - srv-web-7-6-https + - dev-git + - set_fact: + run_once_web_svc_html: true + when: run_once_web_svc_html is not defined - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: name: srv-web-7-6-composer vars: - domain: "{{domains | get_domain(application_id)}}" - http_port: "{{ ports.localhost.http[application_id] }}" + domain: "{{domains | get_domain(application_id)}}" + http_port: "{{ ports.localhost.http[application_id] }}" - name: "generate {{domains | get_domain(application_id)}}.conf" - template: - src: "nginx.conf.j2" + template: + src: "nginx.conf.j2" dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf" notify: restart openresty diff --git a/tests/integration/test_run_once_global_usage.py b/tests/integration/test_run_once_global_usage.py new file mode 100644 index 00000000..6dd553a0 --- /dev/null +++ b/tests/integration/test_run_once_global_usage.py @@ -0,0 +1,274 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- + +""" +Ultra-fast + YAML-strict integration test (single pass, per-suffix validation) + +What it enforces: +- For every occurrence of run_once_ in any VALID YAML file in the repo: + * If matches a role (roles//tasks/main.yml; suffix = role.replace('-', '_')): + - That exact suffix must be defined EITHER + A) globally via any `set_fact:` assigning `run_once_: ...`, OR + B) inside that role's tasks: + - include_tasks|import_tasks: utils/run_once.yml (any style), OR + - set_fact: { run_once_: ... } + * If does NOT match any role (an unknown suffix): + - It MUST be defined globally via `set_fact` somewhere in a valid YAML file. + Otherwise: FAIL (this covers cases like `run_once_1234` in a when:). + +Implementation details: +- Only VALID YAML files are scanned (PyYAML parse). Invalid YAML files are ignored. +- Unknown YAML tags (e.g. !vault) are tolerated and treated as plain values. +- Single filesystem walk, regexes compiled once, and per-role detection by path prefix. +""" + +import os +import re +import unittest + +try: + import yaml # PyYAML +except Exception: + yaml = None + +# ---------- Performance: prune heavy/vendor dirs ---------- +EXCLUDE_DIRS = { + '.git', '.hg', '.svn', + '.venv', 'venv', 'env', '.tox', + '__pycache__', '.mypy_cache', '.pytest_cache', + 'node_modules', 'dist', 'build', 'target', '.idea', '.vscode' +} + +# ---------- Regexes (compiled once) ---------- +# Any usage like "run_once_" +RUN_ONCE_USAGE_RE = re.compile(r'\brun_once_([A-Za-z0-9_]+)\b') + +def project_root(): + return os.path.abspath(os.path.join(os.path.dirname(__file__), '..', '..')) + +def roles_root(root: str) -> str: + return os.path.join(root, 'roles') + +def walk_yaml_files(root: str): + """Yield absolute paths to *.yml files, pruning heavy/vendor directories.""" + for dirpath, dirnames, filenames in os.walk(root): + dirnames[:] = [d for d in dirnames if d not in EXCLUDE_DIRS] + for fn in filenames: + if fn.endswith('.yml'): + yield os.path.join(dirpath, fn) + +def read_text_safe(path: str): + try: + with open(path, 'r', encoding='utf-8') as f: + return f.read() + except (OSError, UnicodeDecodeError): + return None + +# ---------- YAML loader that tolerates unknown tags (!vault etc.) ---------- +class TolerantLoader(yaml.SafeLoader): # type: ignore + pass + +def _unknown_tag_constructor(loader, tag_suffix, node): + # Represent unknown tagged nodes as plain structures so parsing doesn't fail + if isinstance(node, yaml.ScalarNode): + return loader.construct_scalar(node) + if isinstance(node, yaml.SequenceNode): + return loader.construct_sequence(node) + if isinstance(node, yaml.MappingNode): + return loader.construct_mapping(node) + return None + +if yaml is not None: + TolerantLoader.add_multi_constructor('!', _unknown_tag_constructor) + +def parse_yaml_documents(text: str): + """Parse YAML into a list of documents; return None if parsing fails.""" + if yaml is None: + return None + try: + return list(yaml.load_all(text, Loader=TolerantLoader)) + except Exception: + return None + +def iter_scalars(obj): + """Yield all scalar strings (including mapping keys) from a loaded YAML object.""" + if obj is None: + return + if isinstance(obj, str): + yield obj + elif isinstance(obj, (int, float, bool)): + return + elif isinstance(obj, list): + for item in obj: + yield from iter_scalars(item) + elif isinstance(obj, dict): + for k, v in obj.items(): + if isinstance(k, str): + yield k + yield from iter_scalars(v) + +def collect_set_fact_suffixes(obj, out_suffixes: set[str]): + """ + Collect suffixes from structures like: + - set_fact: + run_once_: + """ + if obj is None: + return + if isinstance(obj, list): + for item in obj: + collect_set_fact_suffixes(item, out_suffixes) + elif isinstance(obj, dict): + sf = obj.get('set_fact') + if isinstance(sf, dict): + for k in sf.keys(): + if isinstance(k, str): + m = RUN_ONCE_USAGE_RE.fullmatch(k.strip()) + if m: + out_suffixes.add(m.group(1)) + for v in obj.values(): + collect_set_fact_suffixes(v, out_suffixes) + +def file_role_by_prefix(path: str, role_tasks_roots: dict[str, str]) -> str | None: + """Return role name if path is under roles//tasks/**, else None.""" + for role, base in role_tasks_roots.items(): + if path.startswith(base): + return role + return None + +def role_defines_suffix_in_doc(doc, role_suffix: str) -> bool: + """ + Return True if this YAML doc (already parsed) defines run-once for the given role suffix via: + A) include/import utils/run_once.yml (string or mapping style), OR + B) set_fact: { run_once_: ... } + """ + if doc is None: + return False + queue = [doc] + target_var = f'run_once_{role_suffix}' + while queue: + node = queue.pop() + if isinstance(node, dict): + # A) include/import utils/run_once.yml + for key in ('include_tasks', 'import_tasks'): + if key in node: + val = node[key] + if isinstance(val, str) and 'utils/run_once.yml' in val: + return True + if isinstance(val, dict): + for subval in val.values(): + if isinstance(subval, str) and 'utils/run_once.yml' in subval: + return True + # B) set_fact exact var + sf = node.get('set_fact') + if isinstance(sf, dict) and target_var in sf: + return True + # Recurse + for v in node.values(): + queue.append(v) + elif isinstance(node, list): + queue.extend(node) + return False + +class RunOnceGlobalUsageFastTest(unittest.TestCase): + + def test_run_once_used_anywhere_requires_exact_definition(self): + root = project_root() + rroot = roles_root(root) + + # Discover roles and their suffixes + roles: list[str] = [] + suffix_for_role: dict[str, str] = {} + role_tasks_roots: dict[str, str] = {} + known_suffixes: set[str] = set() + + if os.path.isdir(rroot): + for entry in os.listdir(rroot): + main_yml = os.path.join(rroot, entry, 'tasks', 'main.yml') + if os.path.isfile(main_yml): + roles.append(entry) + suffix = entry.replace('-', '_') + suffix_for_role[entry] = suffix + known_suffixes.add(suffix) + role_tasks_roots[entry] = os.path.join(rroot, entry, 'tasks') + os.sep + + # Collections built in one pass + used_suffixes: set[str] = set() # all suffixes used anywhere (valid YAML only) + global_defined_suffixes: set[str] = set() # suffixes defined via global set_fact + role_defined_suffixes: dict[str, set[str]] = {role: set() for role in roles} # per-role defined suffixes + + # Single pass over all valid YAML files + for yml in walk_yaml_files(root): + text = read_text_safe(yml) + if not text: + continue + # Quick prefilter to avoid parsing a ton of irrelevant YAML + if not any(tok in text for tok in ('run_once_', 'set_fact', 'include_tasks', 'import_tasks', 'utils/run_once.yml')): + continue + + docs = parse_yaml_documents(text) + if docs is None: + # Invalid YAML -> skip entirely (by requirement) + continue + if not docs: + docs = [None] + + # 1) USAGE: collect suffixes from all scalar strings + for doc in docs: + for s in iter_scalars(doc): + for m in RUN_ONCE_USAGE_RE.finditer(s): + used_suffixes.add(m.group(1)) + + # 2) GLOBAL DEFINITIONS: any set_fact assigning run_once_ + for doc in docs: + collect_set_fact_suffixes(doc, global_defined_suffixes) + + # 3) PER-ROLE DEFINITIONS + role = file_role_by_prefix(yml, role_tasks_roots) + if role: + role_suffix = suffix_for_role[role] + # utils/run_once.yml inside role tasks defines that role's own suffix + # OR a direct set_fact with exact run_once_ + for doc in docs: + if role_defines_suffix_in_doc(doc, role_suffix): + role_defined_suffixes[role].add(role_suffix) + break # no need to re-check other docs in this file + + # Build offenders: + offenders: list[tuple[str, str, str]] = [] + + # A) Unknown suffixes used (no corresponding role) must be globally defined + for suffix in sorted(used_suffixes): + if suffix not in known_suffixes and suffix not in global_defined_suffixes: + offenders.append(( + "", + f"run_once_{suffix}", + "" + )) + + # B) Known role suffixes used must be defined either globally or in that exact role + for role in sorted(roles): + suffix = suffix_for_role[role] + if suffix in used_suffixes: + if (suffix not in global_defined_suffixes) and (suffix not in role_defined_suffixes[role]): + offenders.append(( + role, + f"run_once_{suffix}", + os.path.join(rroot, role, 'tasks') + )) + + if offenders: + lines = [ + "Some run_once_ usages in valid YAML files are missing exact definitions.", + "Rules:", + " • Unknown suffixes must be defined globally via set_fact.", + " • Known role suffixes must be defined globally OR in that role (include/import utils/run_once.yml or set_fact).", + "", + "Offenders:" + ] + for role, var, where in offenders: + lines.append(f" - role: {role} | variable: {var} | searched: {where}") + self.fail("\n".join(lines)) + +if __name__ == '__main__': + unittest.main() diff --git a/tests/integration/test_run_once_schema.py b/tests/integration/test_run_once_schema.py index 392fa0ee..de8a658b 100644 --- a/tests/integration/test_run_once_schema.py +++ b/tests/integration/test_run_once_schema.py @@ -2,20 +2,18 @@ import os import glob import re import unittest +import yaml class RunOnceSchemaTest(unittest.TestCase): """ Ensure that any occurrence of 'run_once_' in roles/*/tasks/main.yml - matches the pattern 'run_once_' + (role_name with '-' replaced by '_'), - unless the file explicitly deactivates its own run_once var via: + matches 'run_once_' + (role_name with '-' replaced by '_'), + unless explicitly deactivated with: # run_once_: deactivated + Only block-level 'when' conditions in main.yml are considered. """ - RUN_ONCE_PATTERN = re.compile(r"run_once_([A-Za-z0-9_]+)") - # Will be compiled per-file with the expected suffix: - # r"^\s*#\s*run_once_\s*:\s*deactivated\s*$" (flags=MULTILINE|IGNORECASE) - def test_run_once_suffix_matches_role(self): project_root = os.path.abspath( os.path.join(os.path.dirname(__file__), '..', '..') @@ -24,19 +22,13 @@ class RunOnceSchemaTest(unittest.TestCase): pattern = os.path.join(project_root, 'roles', '*', 'tasks', 'main.yml') for filepath in glob.glob(pattern): - parts = os.path.normpath(filepath).split(os.sep) - try: - role_index = parts.index('roles') + 1 - role_name = parts[role_index] - except ValueError: - continue - + role_name = os.path.normpath(filepath).split(os.sep)[-3] expected_suffix = role_name.lower().replace('-', '_') with open(filepath, 'r', encoding='utf-8') as f: content = f.read() - # Skip this file entirely if it explicitly deactivates its own run_once var + # Skip this role if deactivated deactivated_re = re.compile( rf"^\s*#\s*run_once_{re.escape(expected_suffix)}\s*:\s*deactivated\s*$", flags=re.IGNORECASE | re.MULTILINE, @@ -44,15 +36,34 @@ class RunOnceSchemaTest(unittest.TestCase): if deactivated_re.search(content): continue - matches = self.RUN_ONCE_PATTERN.findall(content) - if not matches: + try: + data = yaml.safe_load(content) + except yaml.YAMLError as e: + violations.append(f"{filepath}: YAML parse error: {e}") continue - for suffix in matches: - if suffix != expected_suffix: - violations.append( - f"{filepath}: found run_once_{suffix}, expected run_once_{expected_suffix}" - ) + if not isinstance(data, list): + continue + + for task in data: + # Only check top-level blocks + if isinstance(task, dict) and "block" in task: + when_clause = task.get("when") + if not when_clause: + continue + if isinstance(when_clause, list): + run_once_vars = [w for w in when_clause if isinstance(w, str) and w.startswith("run_once_")] + elif isinstance(when_clause, str): + run_once_vars = [when_clause] if when_clause.startswith("run_once_") else [] + else: + run_once_vars = [] + + for var in run_once_vars: + suffix = var[len("run_once_"):].split()[0] # strip any ' is not defined' + if suffix != expected_suffix: + violations.append( + f"{filepath}: found block-level {var}, expected run_once_{expected_suffix}" + ) if violations: self.fail("Invalid run_once_ suffixes found:\n" + "\n".join(violations))