From 3a839cfe37ae96679cedcc60cd0b5e7c160e2625 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 18 Aug 2025 13:35:43 +0200 Subject: [PATCH] Refactor systemctl services and categories due to alarm bugs This commit restructures systemctl service definitions and category mappings. Motivation: Alarm-related bugs revealed inconsistencies in service and role handling. Preparation step: lays the groundwork for fixing the alarm issues by aligning categories, roles, and service templates. --- cli/create/role.py | 2 +- docs/guides/administrator/Readme.md | 4 +- group_vars/all/00_general.yml | 39 +++------ group_vars/all/05_maintenace.yml | 38 --------- group_vars/all/{06_nginx.yml => 05_nginx.yml} | 0 group_vars/all/{07_paths.yml => 06_paths.yml} | 0 group_vars/all/07_services.yml | 40 +++++++++ group_vars/all/08_calendar.yml | 29 ------- group_vars/all/08_timer.yml | 54 +++++++++++++ .../all/{10_networks.yml => 09_networks.yml} | 0 roles/categories.yml | 81 +++++++++++++------ roles/cmp-rdbms/tasks/main.yml | 2 +- .../drv-msi-keyboard-color/tasks/01_core.yml | 4 +- .../templates/keyboard-color.service.j2 | 2 +- roles/srv-web-7-4-core/tasks/01_core.yml | 4 +- roles/srv-web-7-6-https/README.md | 2 +- roles/srv-web-7-6-https/tasks/main.yml | 2 +- .../srv-web-7-7-letsencrypt/tasks/01_core.yml | 6 +- roles/svc-bkp-loc-2-usb/tasks/main.yml | 2 +- .../templates/svc-bkp-loc-2-usb.service.j2 | 4 +- roles/svc-bkp-rmt-2-loc/README.md | 2 +- roles/svc-bkp-rmt-2-loc/meta/main.yml | 4 +- roles/svc-bkp-rmt-2-loc/tasks/main.yml | 4 +- .../templates/sys-bkp-rmt-2-loc.service.j2 | 4 +- .../templates/svc-opt-ssd-hdd.service.j2 | 4 +- roles/svc-opt-swapfile/meta/main.yml | 2 +- roles/sys-alm-compose/handlers/main.yml | 5 -- roles/sys-alm-compose/tasks/main.yml | 14 ---- .../templates/sys-alm-compose@.service.j2 | 8 -- roles/sys-alm-email/handlers/main.yml | 4 - roles/sys-alm-email/tasks/01_core.yml | 23 ------ roles/sys-alm-telegram/handlers/main.yml | 4 - roles/sys-alm-telegram/vars/main.yml | 2 - ...sys-bkp-docker-2-loc-everything.service.j2 | 9 --- .../templates/sys-bkp-docker-2-loc.service.j2 | 9 --- .../files/ssh-wrapper.sh | 4 +- roles/sys-bkp-provider/README.md | 2 +- roles/sys-bkp-provider/tasks/main.yml | 2 +- roles/sys-cln-bkps-service/handlers/main.yml | 5 -- .../templates/sys-cln-backups.service.j2 | 8 -- roles/sys-cln-certs/handlers/main.yml | 6 -- roles/sys-cln-disc-space/handlers/main.yml | 5 -- .../templates/sys-cln-disc-space.service.j2 | 8 -- roles/sys-cln-faild-bkps/handlers/main.yml | 5 -- .../README.md | 4 +- roles/sys-ctl-alm-compose/handlers/main.yml | 5 ++ .../meta/main.yml | 0 roles/sys-ctl-alm-compose/tasks/main.yml | 14 ++++ .../templates/sys-ctl-alm-compose@.service.j2 | 8 ++ .../README.md | 6 +- roles/sys-ctl-alm-email/handlers/main.yml | 4 + .../meta/main.yml | 2 +- roles/sys-ctl-alm-email/tasks/01_core.yml | 23 ++++++ .../tasks/main.yml | 2 +- .../templates/sys-ctl-alm-email.sh.j2} | 0 .../templates/sys-ctl-alm-email@.service.j2} | 2 +- .../vars/main.yml | 2 +- .../README.md | 6 +- .../defaults/main.yml | 0 roles/sys-ctl-alm-telegram/handlers/main.yml | 4 + .../meta/main.yml | 2 +- .../tasks/01_core.yml | 12 +-- roles/sys-ctl-alm-telegram/tasks/main.yml | 4 + .../templates/sys-ctl-alm-telegram.sh.j2} | 0 .../sys-ctl-alm-telegram@.service.j2} | 0 roles/sys-ctl-alm-telegram/vars/main.yml | 2 + .../README.md | 4 +- .../Todo.md | 0 .../__init__.py | 0 .../filter_plugins/__init__.py | 0 .../filter_plugins/dict_to_cli_args.py | 0 .../find_dock_val_by_bkp_entr.py | 0 .../handlers/main.yml | 0 .../meta/main.yml | 2 +- .../tasks/01_core.yml | 6 +- .../tasks/02_pkgmgr_routines.yml | 0 .../tasks/03_reset.yml | 0 .../tasks/04_seed-database-to-backup.yml | 6 +- .../tasks/main.yml | 2 +- ...ctl-bkp-docker-2-loc-everything.service.j2 | 9 +++ .../sys-ctl-bkp-docker-2-loc.service.j2 | 9 +++ .../vars/main.yml | 0 .../README.md | 0 .../meta/main.yml | 0 .../tasks/main.yml | 8 +- .../vars/main.yml | 0 .../README.md | 2 +- .../files/sys-ctl-cln-backups.py} | 0 roles/sys-ctl-cln-bkps/handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../tasks/01_core.yml | 16 ++-- .../tasks/main.yml | 3 +- .../templates/sys-ctl-cln-backups.service.j2 | 8 ++ .../vars/main.yml | 2 +- .../README.md | 12 +-- roles/sys-ctl-cln-certs/handlers/main.yml | 6 ++ .../meta/main.yml | 0 .../tasks/01_core.yml | 12 +-- .../tasks/main.yml | 2 +- .../templates/sys-ctl-cln-certs.service.j2} | 2 +- .../README.md | 0 .../sys-ctl-cln-disc-space/handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../tasks/main.yml | 20 ++--- .../sys-ctl-cln-disc-space.service.j2 | 8 ++ .../templates/sys-ctl-cln-disc-space.sh.j2} | 2 +- .../vars/main.yml | 2 +- .../README.md | 2 +- .../meta/main.yml | 0 .../tasks/main.yml | 6 +- .../tasks/remove_deprecated_nginx_configs.yml | 0 .../vars/main.yml | 0 .../README.md | 8 +- .../sys-ctl-cln-faild-bkps/handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../tasks/01_core.yml | 14 ++-- .../tasks/main.yml | 2 +- .../sys-ctl-cln-faild-bkps.service.j2} | 4 +- .../vars/main.yml | 0 .../README.md | 8 +- .../files/sys-ctl-hlth-btrfs.sh} | 0 roles/sys-ctl-hlth-btrfs/handlers/main.yml | 5 ++ .../meta/main.yml | 0 roles/sys-ctl-hlth-btrfs/tasks/main.yml | 36 +++++++++ .../templates/sys-ctl-hlth-btrfs.service.j2 | 7 ++ .../vars/main.yml | 2 +- .../README.md | 2 +- .../files/sys-ctl-hlth-csp.py} | 0 .../handlers/main.yml | 4 +- .../meta/main.yml | 0 .../tasks/01_core.yml | 20 ++--- .../tasks/main.yml | 2 +- .../templates/sys-ctl-hlth-csp.service.j2} | 2 +- roles/sys-ctl-hlth-csp/vars/main.yml | 3 + .../README.md | 4 +- .../files/sys-ctl-hlth-disc-space.sh} | 0 .../sys-ctl-hlth-disc-space/handlers/main.yml | 5 ++ .../meta/main.yml | 0 roles/sys-ctl-hlth-disc-space/tasks/main.yml | 34 ++++++++ .../sys-ctl-hlth-disc-space.service.j2 | 7 ++ roles/sys-ctl-hlth-disc-space/vars/main.yml | 1 + .../README.md | 4 +- .../files/sys-ctl-hlth-docker-container.sh} | 0 .../handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../tasks/01_core.yml | 31 +++++++ .../tasks/main.yml | 4 + .../sys-ctl-hlth-docker-container.service.j2 | 7 ++ .../vars/main.yml | 2 +- .../README.md | 4 +- .../files/sys-ctl-hlth-docker-volumes.sh} | 0 .../handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../tasks/01_core.yml | 31 +++++++ .../tasks/main.yml | 4 + .../sys-ctl-hlth-docker-volumes.service.j2 | 7 ++ .../vars/main.yml | 2 +- .../README.md | 4 +- .../files/sys-ctl-hlth-journalctl.sh} | 0 .../sys-ctl-hlth-journalctl/handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../sys-ctl-hlth-journalctl/tasks/01_core.yml | 31 +++++++ .../tasks/main.yml | 3 +- .../sys-ctl-hlth-journalctl.service.j2 | 7 ++ roles/sys-ctl-hlth-journalctl/vars/main.yml | 2 + roles/sys-ctl-hlth-msmtp/README.md | 21 +++++ roles/sys-ctl-hlth-msmtp/handlers/main.yml | 5 ++ .../meta/main.yml | 0 roles/sys-ctl-hlth-msmtp/tasks/main.yml | 35 ++++++++ .../templates/sys-ctl-hlth-msmtp.service.j2 | 7 ++ .../templates/sys-ctl-hlth-msmtp.sh.j2} | 0 roles/sys-ctl-hlth-msmtp/vars/main.yml | 2 + .../README.md | 4 +- .../TODO.md | 0 .../sys-ctl-hlth-webserver/handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../tasks/01_core.yml | 20 ++--- .../tasks/main.yml | 2 +- .../templates/sys-ctl-hlth-webserver.py.j2} | 0 .../sys-ctl-hlth-webserver.service.j2 | 7 ++ roles/sys-ctl-hlth-webserver/vars/main.yml | 1 + .../README.md | 2 +- .../SETUP.md | 0 .../files/sys-ctl-mtn-cert-deploy.sh} | 0 .../handlers/main.yml | 0 .../meta/main.yml | 2 +- .../tasks/01_core.yml | 6 +- .../tasks/main.yml | 6 +- .../sys-ctl-mtn-cert-deploy.service.j2} | 2 +- .../vars/main.yml | 2 +- .../README.md | 4 +- .../handlers/main.yml | 2 +- .../meta/main.yml | 2 +- .../tasks/01_core.yml | 10 +-- roles/sys-ctl-mtn-cert-renew/tasks/main.yml | 4 + .../sys-ctl-mtn-cert-renew.service.j2} | 2 +- .../README.md | 2 +- .../handlers/main.yml | 4 + .../meta/main.yml | 0 .../tasks/01_core.yml | 26 ++++++ .../sys-ctl-rpr-btrfs-balancer/tasks/main.yml | 4 + .../sys-ctl-rpr-btrfs-balancer.service.j2} | 2 +- .../README.md | 0 .../files/sys-ctl-rpr-docker-hard.py} | 0 .../sys-ctl-rpr-docker-hard/handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../tasks/01_core.yml | 12 +-- roles/sys-ctl-rpr-docker-hard/tasks/main.yml | 4 + .../sys-ctl-rpr-docker-hard.service.j2 | 8 ++ roles/sys-ctl-rpr-docker-hard/vars/main.yml | 3 + .../README.md | 0 .../sys-ctl-rpr-docker-soft/handlers/main.yml | 5 ++ .../meta/main.yml | 0 .../sys-ctl-rpr-docker-soft/tasks/01_core.yml | 32 ++++++++ roles/sys-ctl-rpr-docker-soft/tasks/main.yml | 4 + .../templates/sys-ctl-rpr-docker-soft.py.j2} | 2 +- .../sys-ctl-rpr-docker-soft.service.j2 | 8 ++ roles/sys-ctl-rpr-docker-soft/vars/main.yml | 2 + roles/sys-hlth-btrfs/handlers/main.yml | 5 -- roles/sys-hlth-btrfs/tasks/main.yml | 36 --------- .../templates/sys-hlth-btrfs.service.j2 | 7 -- roles/sys-hlth-csp/tasks/main.yml | 4 - roles/sys-hlth-csp/vars/main.yml | 3 - roles/sys-hlth-disc-space/handlers/main.yml | 5 -- roles/sys-hlth-disc-space/tasks/main.yml | 34 -------- .../templates/sys-hlth-disc-space.service.j2 | 7 -- roles/sys-hlth-disc-space/vars/main.yml | 1 - .../handlers/main.yml | 5 -- .../tasks/01_core.yml | 31 ------- .../sys-hlth-docker-container/tasks/main.yml | 4 - .../sys-hlth-docker-container.service.j2 | 7 -- .../sys-hlth-docker-volumes/handlers/main.yml | 5 -- .../sys-hlth-docker-volumes/tasks/01_core.yml | 31 ------- roles/sys-hlth-docker-volumes/tasks/main.yml | 4 - .../sys-hlth-docker-volumes.service.j2 | 7 -- roles/sys-hlth-journalctl/handlers/main.yml | 5 -- roles/sys-hlth-journalctl/tasks/01_core.yml | 31 ------- roles/sys-hlth-journalctl/tasks/main.yml | 4 - .../templates/sys-hlth-journalctl.service.j2 | 7 -- roles/sys-hlth-journalctl/vars/main.yml | 2 - roles/sys-hlth-msmtp/README.md | 21 ----- roles/sys-hlth-msmtp/handlers/main.yml | 5 -- roles/sys-hlth-msmtp/tasks/main.yml | 35 -------- .../templates/sys-hlth-msmtp.service.j2 | 7 -- roles/sys-hlth-msmtp/vars/main.yml | 2 - roles/sys-hlth-webserver/handlers/main.yml | 5 -- .../templates/sys-hlth-webserver.service.j2 | 7 -- roles/sys-hlth-webserver/vars/main.yml | 1 - roles/sys-lock/files/sys-lock.py | 14 +--- roles/sys-rpr-btrfs-blnc/handlers/main.yml | 4 - roles/sys-rpr-btrfs-blnc/tasks/01_core.yml | 26 ------ roles/sys-rpr-btrfs-blnc/tasks/main.yml | 4 - roles/sys-rpr-docker-hard/handlers/main.yml | 5 -- roles/sys-rpr-docker-hard/tasks/main.yml | 4 - .../templates/sys-rpr-docker-hard.service.j2 | 8 -- roles/sys-rpr-docker-hard/vars/main.yml | 3 - roles/sys-rpr-docker-soft/handlers/main.yml | 5 -- roles/sys-rpr-docker-soft/tasks/01_core.yml | 32 -------- roles/sys-rpr-docker-soft/tasks/main.yml | 4 - .../templates/sys-rpr-docker-soft.service.j2 | 8 -- roles/sys-rpr-docker-soft/vars/main.yml | 2 - .../templates/global.css.j2 | 6 +- .../README.md | 2 +- .../meta/main.yml | 0 .../tasks/main.yml | 0 roles/sys-svc-docker/README.md | 10 +-- roles/sys-svc-docker/tasks/01_core.yml | 10 +-- roles/sys-svc-journalctl/README.md | 2 +- roles/sys-svc-journalctl/tasks/main.yml | 6 +- roles/sys-svc-msmtp/tasks/01_core.yml | 6 +- .../README.md | 6 +- .../meta/main.yml | 2 +- .../tasks/01_core.yml | 8 +- .../tasks/main.yml | 4 +- roles/update-docker/tasks/01_core.yml | 4 +- .../templates/update-docker.service.j2 | 4 +- roles/web-app-bigbluebutton/tasks/main.yml | 2 +- roles/web-app-mailu/tasks/01_core.yml | 2 +- .../tasks/02_create-and-seed-database.yml | 2 +- roles/web-app-nextcloud/docs/Update.md | 4 +- roles/web-app-nextcloud/vars/system.yml | 2 +- tasks/stages/02_server.yml | 8 +- .../test_networks_unique_valid_and_mapped.py | 8 +- tests/unit/cli/create/test_role.py | 2 +- .../filter_plugins/test_get_entity_name.py | 40 ++++----- .../__init__.py | 0 .../filter_plugins/__init__.py | 0 .../filter_plugins/test_dict_to_cli_args.py | 4 +- .../test_find_dock_val_by_bkp_entr.py | 2 +- 289 files changed, 975 insertions(+), 948 deletions(-) delete mode 100644 group_vars/all/05_maintenace.yml rename group_vars/all/{06_nginx.yml => 05_nginx.yml} (100%) rename group_vars/all/{07_paths.yml => 06_paths.yml} (100%) create mode 100644 group_vars/all/07_services.yml delete mode 100644 group_vars/all/08_calendar.yml create mode 100644 group_vars/all/08_timer.yml rename group_vars/all/{10_networks.yml => 09_networks.yml} (100%) delete mode 100644 roles/sys-alm-compose/handlers/main.yml delete mode 100644 roles/sys-alm-compose/tasks/main.yml delete mode 100644 roles/sys-alm-compose/templates/sys-alm-compose@.service.j2 delete mode 100644 roles/sys-alm-email/handlers/main.yml delete mode 100644 roles/sys-alm-email/tasks/01_core.yml delete mode 100644 roles/sys-alm-telegram/handlers/main.yml delete mode 100644 roles/sys-alm-telegram/vars/main.yml delete mode 100644 roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc-everything.service.j2 delete mode 100644 roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc.service.j2 delete mode 100644 roles/sys-cln-bkps-service/handlers/main.yml delete mode 100644 roles/sys-cln-bkps-service/templates/sys-cln-backups.service.j2 delete mode 100644 roles/sys-cln-certs/handlers/main.yml delete mode 100644 roles/sys-cln-disc-space/handlers/main.yml delete mode 100644 roles/sys-cln-disc-space/templates/sys-cln-disc-space.service.j2 delete mode 100644 roles/sys-cln-faild-bkps/handlers/main.yml rename roles/{sys-alm-compose => sys-ctl-alm-compose}/README.md (76%) create mode 100644 roles/sys-ctl-alm-compose/handlers/main.yml rename roles/{sys-alm-compose => sys-ctl-alm-compose}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-alm-compose/tasks/main.yml create mode 100644 roles/sys-ctl-alm-compose/templates/sys-ctl-alm-compose@.service.j2 rename roles/{sys-alm-email => sys-ctl-alm-email}/README.md (71%) create mode 100644 roles/sys-ctl-alm-email/handlers/main.yml rename roles/{sys-alm-email => sys-ctl-alm-email}/meta/main.yml (84%) create mode 100644 roles/sys-ctl-alm-email/tasks/01_core.yml rename roles/{sys-cln-certs => sys-ctl-alm-email}/tasks/main.yml (62%) rename roles/{sys-alm-email/templates/sys-alm-email.sh.j2 => sys-ctl-alm-email/templates/sys-ctl-alm-email.sh.j2} (100%) rename roles/{sys-alm-email/templates/sys-alm-email@.service.j2 => sys-ctl-alm-email/templates/sys-ctl-alm-email@.service.j2} (57%) rename roles/{sys-alm-email => sys-ctl-alm-email}/vars/main.yml (76%) rename roles/{sys-alm-telegram => sys-ctl-alm-telegram}/README.md (68%) rename roles/{sys-alm-telegram => sys-ctl-alm-telegram}/defaults/main.yml (100%) create mode 100644 roles/sys-ctl-alm-telegram/handlers/main.yml rename roles/{sys-alm-telegram => sys-ctl-alm-telegram}/meta/main.yml (90%) rename roles/{sys-alm-telegram => sys-ctl-alm-telegram}/tasks/01_core.yml (72%) create mode 100644 roles/sys-ctl-alm-telegram/tasks/main.yml rename roles/{sys-alm-telegram/templates/sys-alm-telegram.sh.j2 => sys-ctl-alm-telegram/templates/sys-ctl-alm-telegram.sh.j2} (100%) rename roles/{sys-alm-telegram/templates/sys-alm-telegram@.service.j2 => sys-ctl-alm-telegram/templates/sys-ctl-alm-telegram@.service.j2} (100%) create mode 100644 roles/sys-ctl-alm-telegram/vars/main.yml rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/README.md (91%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/Todo.md (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/__init__.py (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/filter_plugins/__init__.py (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/filter_plugins/dict_to_cli_args.py (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/filter_plugins/find_dock_val_by_bkp_entr.py (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/handlers/main.yml (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/meta/main.yml (96%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/tasks/01_core.yml (89%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/tasks/02_pkgmgr_routines.yml (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/tasks/03_reset.yml (100%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/tasks/04_seed-database-to-backup.yml (90%) rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/tasks/main.yml (81%) create mode 100644 roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc-everything.service.j2 create mode 100644 roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc.service.j2 rename roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/vars/main.yml (100%) rename roles/{sys-cln-anon-volumes => sys-ctl-cln-anon-volumes}/README.md (100%) rename roles/{sys-cln-anon-volumes => sys-ctl-cln-anon-volumes}/meta/main.yml (100%) rename roles/{sys-cln-anon-volumes => sys-ctl-cln-anon-volumes}/tasks/main.yml (68%) rename roles/{sys-cln-anon-volumes => sys-ctl-cln-anon-volumes}/vars/main.yml (100%) rename roles/{sys-cln-bkps-service => sys-ctl-cln-bkps}/README.md (94%) rename roles/{sys-cln-bkps-service/files/sys-cln-backups.py => sys-ctl-cln-bkps/files/sys-ctl-cln-backups.py} (100%) create mode 100644 roles/sys-ctl-cln-bkps/handlers/main.yml rename roles/{sys-cln-bkps-service => sys-ctl-cln-bkps}/meta/main.yml (100%) rename roles/{sys-cln-bkps-service => sys-ctl-cln-bkps}/tasks/01_core.yml (51%) rename roles/{sys-cln-faild-bkps => sys-ctl-cln-bkps}/tasks/main.yml (62%) create mode 100644 roles/sys-ctl-cln-bkps/templates/sys-ctl-cln-backups.service.j2 rename roles/{sys-cln-bkps-service => sys-ctl-cln-bkps}/vars/main.yml (78%) rename roles/{sys-cln-certs => sys-ctl-cln-certs}/README.md (75%) create mode 100644 roles/sys-ctl-cln-certs/handlers/main.yml rename roles/{sys-cln-certs => sys-ctl-cln-certs}/meta/main.yml (100%) rename roles/{sys-cln-certs => sys-ctl-cln-certs}/tasks/01_core.yml (57%) rename roles/{sys-alm-telegram => sys-ctl-cln-certs}/tasks/main.yml (62%) rename roles/{sys-cln-certs/templates/sys-cln-certs.service.j2 => sys-ctl-cln-certs/templates/sys-ctl-cln-certs.service.j2} (75%) rename roles/{sys-cln-disc-space => sys-ctl-cln-disc-space}/README.md (100%) create mode 100644 roles/sys-ctl-cln-disc-space/handlers/main.yml rename roles/{sys-cln-disc-space => sys-ctl-cln-disc-space}/meta/main.yml (100%) rename roles/{sys-cln-disc-space => sys-ctl-cln-disc-space}/tasks/main.yml (51%) create mode 100644 roles/sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.service.j2 rename roles/{sys-cln-disc-space/templates/sys-cln-disc-space.sh.j2 => sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.sh.j2} (90%) rename roles/{sys-cln-disc-space => sys-ctl-cln-disc-space}/vars/main.yml (75%) rename roles/{sys-cln-domains => sys-ctl-cln-domains}/README.md (97%) rename roles/{sys-cln-domains => sys-ctl-cln-domains}/meta/main.yml (100%) rename roles/{sys-cln-domains => sys-ctl-cln-domains}/tasks/main.yml (90%) rename roles/{sys-cln-domains => sys-ctl-cln-domains}/tasks/remove_deprecated_nginx_configs.yml (100%) rename roles/{sys-cln-domains => sys-ctl-cln-domains}/vars/main.yml (100%) rename roles/{sys-cln-faild-bkps => sys-ctl-cln-faild-bkps}/README.md (65%) create mode 100644 roles/sys-ctl-cln-faild-bkps/handlers/main.yml rename roles/{sys-cln-faild-bkps => sys-ctl-cln-faild-bkps}/meta/main.yml (100%) rename roles/{sys-cln-faild-bkps => sys-ctl-cln-faild-bkps}/tasks/01_core.yml (70%) rename roles/{srv-web-6-6-tls-renew => sys-ctl-cln-faild-bkps}/tasks/main.yml (60%) rename roles/{sys-cln-faild-bkps/templates/sys-cln-faild-bkps.service.j2 => sys-ctl-cln-faild-bkps/templates/sys-ctl-cln-faild-bkps.service.j2} (50%) rename roles/{sys-cln-faild-bkps => sys-ctl-cln-faild-bkps}/vars/main.yml (100%) rename roles/{sys-hlth-btrfs => sys-ctl-hlth-btrfs}/README.md (69%) rename roles/{sys-hlth-btrfs/files/sys-hlth-btrfs.sh => sys-ctl-hlth-btrfs/files/sys-ctl-hlth-btrfs.sh} (100%) create mode 100644 roles/sys-ctl-hlth-btrfs/handlers/main.yml rename roles/{sys-hlth-btrfs => sys-ctl-hlth-btrfs}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-hlth-btrfs/tasks/main.yml create mode 100644 roles/sys-ctl-hlth-btrfs/templates/sys-ctl-hlth-btrfs.service.j2 rename roles/{sys-hlth-btrfs => sys-ctl-hlth-btrfs}/vars/main.yml (78%) rename roles/{sys-hlth-csp => sys-ctl-hlth-csp}/README.md (92%) rename roles/{sys-hlth-csp/files/sys-hlth-csp.py => sys-ctl-hlth-csp/files/sys-ctl-hlth-csp.py} (100%) rename roles/{sys-hlth-csp => sys-ctl-hlth-csp}/handlers/main.yml (79%) rename roles/{sys-hlth-csp => sys-ctl-hlth-csp}/meta/main.yml (100%) rename roles/{sys-hlth-csp => sys-ctl-hlth-csp}/tasks/01_core.yml (55%) rename roles/{sys-alm-email => sys-ctl-hlth-csp}/tasks/main.yml (63%) rename roles/{sys-hlth-csp/templates/sys-hlth-csp.service.j2 => sys-ctl-hlth-csp/templates/sys-ctl-hlth-csp.service.j2} (77%) create mode 100644 roles/sys-ctl-hlth-csp/vars/main.yml rename roles/{sys-hlth-disc-space => sys-ctl-hlth-disc-space}/README.md (77%) rename roles/{sys-hlth-disc-space/files/sys-hlth-disc-space.sh => sys-ctl-hlth-disc-space/files/sys-ctl-hlth-disc-space.sh} (100%) create mode 100644 roles/sys-ctl-hlth-disc-space/handlers/main.yml rename roles/{sys-hlth-disc-space => sys-ctl-hlth-disc-space}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-hlth-disc-space/tasks/main.yml create mode 100644 roles/sys-ctl-hlth-disc-space/templates/sys-ctl-hlth-disc-space.service.j2 create mode 100644 roles/sys-ctl-hlth-disc-space/vars/main.yml rename roles/{sys-hlth-docker-container => sys-ctl-hlth-docker-container}/README.md (87%) rename roles/{sys-hlth-docker-container/files/sys-hlth-docker-container.sh => sys-ctl-hlth-docker-container/files/sys-ctl-hlth-docker-container.sh} (100%) create mode 100644 roles/sys-ctl-hlth-docker-container/handlers/main.yml rename roles/{sys-hlth-docker-container => sys-ctl-hlth-docker-container}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-hlth-docker-container/tasks/01_core.yml create mode 100644 roles/sys-ctl-hlth-docker-container/tasks/main.yml create mode 100644 roles/sys-ctl-hlth-docker-container/templates/sys-ctl-hlth-docker-container.service.j2 rename roles/{sys-hlth-docker-container => sys-ctl-hlth-docker-container}/vars/main.yml (65%) rename roles/{sys-hlth-docker-volumes => sys-ctl-hlth-docker-volumes}/README.md (85%) rename roles/{sys-hlth-docker-volumes/files/sys-hlth-docker-volumes.sh => sys-ctl-hlth-docker-volumes/files/sys-ctl-hlth-docker-volumes.sh} (100%) create mode 100644 roles/sys-ctl-hlth-docker-volumes/handlers/main.yml rename roles/{sys-hlth-docker-volumes => sys-ctl-hlth-docker-volumes}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-hlth-docker-volumes/tasks/01_core.yml create mode 100644 roles/sys-ctl-hlth-docker-volumes/tasks/main.yml create mode 100644 roles/sys-ctl-hlth-docker-volumes/templates/sys-ctl-hlth-docker-volumes.service.j2 rename roles/{sys-hlth-docker-volumes => sys-ctl-hlth-docker-volumes}/vars/main.yml (68%) rename roles/{sys-hlth-journalctl => sys-ctl-hlth-journalctl}/README.md (81%) rename roles/{sys-hlth-journalctl/files/sys-hlth-journalctl.sh => sys-ctl-hlth-journalctl/files/sys-ctl-hlth-journalctl.sh} (100%) create mode 100644 roles/sys-ctl-hlth-journalctl/handlers/main.yml rename roles/{sys-hlth-journalctl => sys-ctl-hlth-journalctl}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-hlth-journalctl/tasks/01_core.yml rename roles/{sys-cln-bkps-service => sys-ctl-hlth-journalctl}/tasks/main.yml (59%) create mode 100644 roles/sys-ctl-hlth-journalctl/templates/sys-ctl-hlth-journalctl.service.j2 create mode 100644 roles/sys-ctl-hlth-journalctl/vars/main.yml create mode 100644 roles/sys-ctl-hlth-msmtp/README.md create mode 100644 roles/sys-ctl-hlth-msmtp/handlers/main.yml rename roles/{sys-hlth-msmtp => sys-ctl-hlth-msmtp}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-hlth-msmtp/tasks/main.yml create mode 100644 roles/sys-ctl-hlth-msmtp/templates/sys-ctl-hlth-msmtp.service.j2 rename roles/{sys-hlth-msmtp/templates/sys-hlth-msmtp.sh.j2 => sys-ctl-hlth-msmtp/templates/sys-ctl-hlth-msmtp.sh.j2} (100%) create mode 100644 roles/sys-ctl-hlth-msmtp/vars/main.yml rename roles/{sys-hlth-webserver => sys-ctl-hlth-webserver}/README.md (92%) rename roles/{sys-hlth-webserver => sys-ctl-hlth-webserver}/TODO.md (100%) create mode 100644 roles/sys-ctl-hlth-webserver/handlers/main.yml rename roles/{sys-hlth-webserver => sys-ctl-hlth-webserver}/meta/main.yml (100%) rename roles/{sys-hlth-webserver => sys-ctl-hlth-webserver}/tasks/01_core.yml (55%) rename roles/{sys-hlth-webserver => sys-ctl-hlth-webserver}/tasks/main.yml (60%) rename roles/{sys-hlth-webserver/templates/sys-hlth-webserver.py.j2 => sys-ctl-hlth-webserver/templates/sys-ctl-hlth-webserver.py.j2} (100%) create mode 100644 roles/sys-ctl-hlth-webserver/templates/sys-ctl-hlth-webserver.service.j2 create mode 100644 roles/sys-ctl-hlth-webserver/vars/main.yml rename roles/{sys-svc-cert-sync-docker => sys-ctl-mtn-cert-deploy}/README.md (96%) rename roles/{sys-svc-cert-sync-docker => sys-ctl-mtn-cert-deploy}/SETUP.md (100%) rename roles/{sys-svc-cert-sync-docker/files/sys-svc-cert-sync-docker.sh => sys-ctl-mtn-cert-deploy/files/sys-ctl-mtn-cert-deploy.sh} (100%) rename roles/{sys-svc-cert-sync-docker => sys-ctl-mtn-cert-deploy}/handlers/main.yml (100%) rename roles/{sys-svc-cert-sync-docker => sys-ctl-mtn-cert-deploy}/meta/main.yml (96%) rename roles/{sys-svc-cert-sync-docker => sys-ctl-mtn-cert-deploy}/tasks/01_core.yml (68%) rename roles/{sys-svc-cert-sync-docker => sys-ctl-mtn-cert-deploy}/tasks/main.yml (80%) rename roles/{sys-svc-cert-sync-docker/templates/sys-svc-cert-sync-docker.service.j2 => sys-ctl-mtn-cert-deploy/templates/sys-ctl-mtn-cert-deploy.service.j2} (82%) rename roles/{sys-svc-cert-sync-docker => sys-ctl-mtn-cert-deploy}/vars/main.yml (85%) rename roles/{srv-web-6-6-tls-renew => sys-ctl-mtn-cert-renew}/README.md (93%) rename roles/{srv-web-6-6-tls-renew => sys-ctl-mtn-cert-renew}/handlers/main.yml (64%) rename roles/{srv-web-6-6-tls-renew => sys-ctl-mtn-cert-renew}/meta/main.yml (97%) rename roles/{srv-web-6-6-tls-renew => sys-ctl-mtn-cert-renew}/tasks/01_core.yml (65%) create mode 100644 roles/sys-ctl-mtn-cert-renew/tasks/main.yml rename roles/{srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2 => sys-ctl-mtn-cert-renew/templates/sys-ctl-mtn-cert-renew.service.j2} (80%) rename roles/{sys-rpr-btrfs-blnc => sys-ctl-rpr-btrfs-balancer}/README.md (93%) create mode 100644 roles/sys-ctl-rpr-btrfs-balancer/handlers/main.yml rename roles/{sys-rpr-btrfs-blnc => sys-ctl-rpr-btrfs-balancer}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-rpr-btrfs-balancer/tasks/01_core.yml create mode 100644 roles/sys-ctl-rpr-btrfs-balancer/tasks/main.yml rename roles/{sys-rpr-btrfs-blnc/templates/sys-rpr-btrfs-blnc.service.j2 => sys-ctl-rpr-btrfs-balancer/templates/sys-ctl-rpr-btrfs-balancer.service.j2} (64%) rename roles/{sys-rpr-docker-hard => sys-ctl-rpr-docker-hard}/README.md (100%) rename roles/{sys-rpr-docker-hard/files/sys-rpr-docker-hard.py => sys-ctl-rpr-docker-hard/files/sys-ctl-rpr-docker-hard.py} (100%) create mode 100644 roles/sys-ctl-rpr-docker-hard/handlers/main.yml rename roles/{sys-rpr-docker-hard => sys-ctl-rpr-docker-hard}/meta/main.yml (100%) rename roles/{sys-rpr-docker-hard => sys-ctl-rpr-docker-hard}/tasks/01_core.yml (62%) create mode 100644 roles/sys-ctl-rpr-docker-hard/tasks/main.yml create mode 100644 roles/sys-ctl-rpr-docker-hard/templates/sys-ctl-rpr-docker-hard.service.j2 create mode 100644 roles/sys-ctl-rpr-docker-hard/vars/main.yml rename roles/{sys-rpr-docker-soft => sys-ctl-rpr-docker-soft}/README.md (100%) create mode 100644 roles/sys-ctl-rpr-docker-soft/handlers/main.yml rename roles/{sys-rpr-docker-soft => sys-ctl-rpr-docker-soft}/meta/main.yml (100%) create mode 100644 roles/sys-ctl-rpr-docker-soft/tasks/01_core.yml create mode 100644 roles/sys-ctl-rpr-docker-soft/tasks/main.yml rename roles/{sys-rpr-docker-soft/templates/sys-rpr-docker-soft.py.j2 => sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.py.j2} (97%) create mode 100644 roles/sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.service.j2 create mode 100644 roles/sys-ctl-rpr-docker-soft/vars/main.yml delete mode 100644 roles/sys-hlth-btrfs/handlers/main.yml delete mode 100644 roles/sys-hlth-btrfs/tasks/main.yml delete mode 100644 roles/sys-hlth-btrfs/templates/sys-hlth-btrfs.service.j2 delete mode 100644 roles/sys-hlth-csp/tasks/main.yml delete mode 100644 roles/sys-hlth-csp/vars/main.yml delete mode 100644 roles/sys-hlth-disc-space/handlers/main.yml delete mode 100644 roles/sys-hlth-disc-space/tasks/main.yml delete mode 100644 roles/sys-hlth-disc-space/templates/sys-hlth-disc-space.service.j2 delete mode 100644 roles/sys-hlth-disc-space/vars/main.yml delete mode 100644 roles/sys-hlth-docker-container/handlers/main.yml delete mode 100644 roles/sys-hlth-docker-container/tasks/01_core.yml delete mode 100644 roles/sys-hlth-docker-container/tasks/main.yml delete mode 100644 roles/sys-hlth-docker-container/templates/sys-hlth-docker-container.service.j2 delete mode 100644 roles/sys-hlth-docker-volumes/handlers/main.yml delete mode 100644 roles/sys-hlth-docker-volumes/tasks/01_core.yml delete mode 100644 roles/sys-hlth-docker-volumes/tasks/main.yml delete mode 100644 roles/sys-hlth-docker-volumes/templates/sys-hlth-docker-volumes.service.j2 delete mode 100644 roles/sys-hlth-journalctl/handlers/main.yml delete mode 100644 roles/sys-hlth-journalctl/tasks/01_core.yml delete mode 100644 roles/sys-hlth-journalctl/tasks/main.yml delete mode 100644 roles/sys-hlth-journalctl/templates/sys-hlth-journalctl.service.j2 delete mode 100644 roles/sys-hlth-journalctl/vars/main.yml delete mode 100644 roles/sys-hlth-msmtp/README.md delete mode 100644 roles/sys-hlth-msmtp/handlers/main.yml delete mode 100644 roles/sys-hlth-msmtp/tasks/main.yml delete mode 100644 roles/sys-hlth-msmtp/templates/sys-hlth-msmtp.service.j2 delete mode 100644 roles/sys-hlth-msmtp/vars/main.yml delete mode 100644 roles/sys-hlth-webserver/handlers/main.yml delete mode 100644 roles/sys-hlth-webserver/templates/sys-hlth-webserver.service.j2 delete mode 100644 roles/sys-hlth-webserver/vars/main.yml delete mode 100644 roles/sys-rpr-btrfs-blnc/handlers/main.yml delete mode 100644 roles/sys-rpr-btrfs-blnc/tasks/01_core.yml delete mode 100644 roles/sys-rpr-btrfs-blnc/tasks/main.yml delete mode 100644 roles/sys-rpr-docker-hard/handlers/main.yml delete mode 100644 roles/sys-rpr-docker-hard/tasks/main.yml delete mode 100644 roles/sys-rpr-docker-hard/templates/sys-rpr-docker-hard.service.j2 delete mode 100644 roles/sys-rpr-docker-hard/vars/main.yml delete mode 100644 roles/sys-rpr-docker-soft/handlers/main.yml delete mode 100644 roles/sys-rpr-docker-soft/tasks/01_core.yml delete mode 100644 roles/sys-rpr-docker-soft/tasks/main.yml delete mode 100644 roles/sys-rpr-docker-soft/templates/sys-rpr-docker-soft.service.j2 delete mode 100644 roles/sys-rpr-docker-soft/vars/main.yml rename roles/{sys-bkp-directory-validator => sys-svc-directory-validator}/README.md (89%) rename roles/{sys-bkp-directory-validator => sys-svc-directory-validator}/meta/main.yml (100%) rename roles/{sys-bkp-directory-validator => sys-svc-directory-validator}/tasks/main.yml (100%) rename roles/{sys-cln-bkps-timer => sys-timer-cln-bkps}/README.md (72%) rename roles/{sys-cln-bkps-timer => sys-timer-cln-bkps}/meta/main.yml (89%) rename roles/{sys-cln-bkps-timer => sys-timer-cln-bkps}/tasks/01_core.yml (57%) rename roles/{sys-cln-bkps-timer => sys-timer-cln-bkps}/tasks/main.yml (53%) rename tests/unit/roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/__init__.py (100%) rename tests/unit/roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/filter_plugins/__init__.py (100%) rename tests/unit/roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/filter_plugins/test_dict_to_cli_args.py (92%) rename tests/unit/roles/{sys-bkp-docker-2-loc => sys-ctl-bkp-docker-2-loc}/filter_plugins/test_find_dock_val_by_bkp_entr.py (98%) diff --git a/cli/create/role.py b/cli/create/role.py index c986ab68..73767e20 100644 --- a/cli/create/role.py +++ b/cli/create/role.py @@ -12,7 +12,7 @@ from module_utils.entity_name_utils import get_entity_name # Paths to the group-vars files PORTS_FILE = './group_vars/all/09_ports.yml' -NETWORKS_FILE = './group_vars/all/10_networks.yml' +NETWORKS_FILE = './group_vars/all/09_networks.yml' ROLE_TEMPLATE_DIR = './templates/roles/web-app' ROLES_DIR = './roles' diff --git a/docs/guides/administrator/Readme.md b/docs/guides/administrator/Readme.md index 77a3d36a..2e80e5ad 100644 --- a/docs/guides/administrator/Readme.md +++ b/docs/guides/administrator/Readme.md @@ -16,7 +16,7 @@ Follow these guides to install and configure Infinito.Nexus: ## Managing & Updating Infinito.Nexus 🔄 - Regularly update services using `update-docker`, `update-pacman`, or `update-apt`. -- Monitor system health with `sys-hlth-btrfs`, `sys-hlth-webserver`, and `sys-hlth-docker-container`. -- Automate system maintenance with `sys-lock`, `sys-cln-bkps-service`, and `sys-rpr-docker-hard`. +- Monitor system health with `sys-ctl-hlth-btrfs`, `sys-ctl-hlth-webserver`, and `sys-ctl-hlth-docker-container`. +- Automate system maintenance with `sys-lock`, `sys-ctl-cln-bkps`, and `sys-ctl-rpr-docker-hard`. For more details, refer to the specific guides above. \ No newline at end of file diff --git a/group_vars/all/00_general.yml b/group_vars/all/00_general.yml index ca598ad7..4e7e2501 100644 --- a/group_vars/all/00_general.yml +++ b/group_vars/all/00_general.yml @@ -1,6 +1,8 @@ SOFTWARE_NAME: "Infinito.Nexus" # Name of the software +# Deployment ENVIRONMENT: "production" # Possible values: production, development +DEPLOYMENT_MODE: "single" # Use single, if you deploy on one server. Use cluster if you setup in cluster mode. # If true, sensitive credentials will be masked or hidden from all Ansible task logs # Recommendet to set to true @@ -20,9 +22,6 @@ HOST_TIME_FORMAT: "HH:mm" HOST_THOUSAND_SEPARATOR: "." HOST_DECIMAL_MARK: "," -# Deployment mode -DEPLOYMENT_MODE: "single" # Use single, if you deploy on one server. Use cluster if you setup in cluster mode. - # Web WEB_PROTOCOL: "https" # Web protocol type. Use https or http. If you run local you need to change it to http WEB_PORT: "{{ 443 if WEB_PROTOCOL == 'https' else 80 }}" # Default port web applications will listen to @@ -30,17 +29,6 @@ WEB_PORT: "{{ 443 if WEB_PROTOCOL == 'https' else 80 }}" # Defaul # Domain PRIMARY_DOMAIN: "localhost" # Primary Domain of the server -# Server Tact Variables - -## Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance -HOURS_SERVER_AWAKE: "0..23" - -## Random delay for systemd timers to avoid peak loads. -RANDOMIZED_DELAY_SEC: "5min" - -# Runtime Variables for Process Control -ACTIVATE_ALL_TIMERS: false # Activates all timers, independend if the handlers had been triggered - DNS_PROVIDER: cloudflare # The DNS Provider\Registrar for the domain HOSTING_PROVIDER: hetzner # Provider which hosts the server @@ -52,18 +40,15 @@ CERTBOT_CREDENTIALS_FILE: "{{ CERTBOT_CREDENTIALS_DIR }}/{{ CERT CERTBOT_DNS_PROPAGATION_WAIT_SECONDS: 300 # How long should the script wait for DNS propagation before continuing CERTBOT_FLAVOR: san # Possible options: san (recommended, with a dns flavor like cloudflare, or hetzner), wildcard(doesn't function with www redirect), dedicated -# Path where Certbot stores challenge webroot files -LETSENCRYPT_WEBROOT_PATH: "/var/lib/letsencrypt/" +# Letsencrypt +LETSENCRYPT_WEBROOT_PATH: "/var/lib/letsencrypt/" # Path where Certbot stores challenge webroot files +LETSENCRYPT_BASE_PATH: "/etc/letsencrypt/" # Base directory containing Certbot configuration, account data, and archives +LETSENCRYPT_LIVE_PATH: "{{ LETSENCRYPT_BASE_PATH }}live/" # Symlink directory for the current active certificate and private key -# Base directory containing Certbot configuration, account data, and archives -LETSENCRYPT_BASE_PATH: "/etc/letsencrypt/" - -# Symlink directory for the current active certificate and private key -LETSENCRYPT_LIVE_PATH: "{{ LETSENCRYPT_BASE_PATH }}live/" - -## Docker Role Specific Parameters -DOCKER_RESTART_POLICY: "unless-stopped" -DOCKER_VARS_FILE: "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml" +## Docker +DOCKER_RESTART_POLICY: "unless-stopped" # Default restart parameter for docker containers +DOCKER_VARS_FILE: "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml" # File containing docker compose variables used by other services +DOCKER_WHITELISTET_ANON_VOLUMES: [] # Volumes which should be ignored during docker anonymous health check # Asyn Confitguration ASYNC_ENABLED: "{{ not MODE_DEBUG | bool }}" # Activate async, deactivated for debugging @@ -88,10 +73,6 @@ _applications_nextcloud_oidc_flavor: >- ) }} -# Systemctl -SYS_TIMER_SUFFIX: ".{{ SOFTWARE_NAME | lower }}.timer" -SYS_SERVICE_SUFFIX: ".{{ SOFTWARE_NAME | lower }}.service" - # Role-based access control # @See https://en.wikipedia.org/wiki/Role-based_access_control RBAC: diff --git a/group_vars/all/05_maintenace.yml b/group_vars/all/05_maintenace.yml deleted file mode 100644 index e1be9524..00000000 --- a/group_vars/all/05_maintenace.yml +++ /dev/null @@ -1,38 +0,0 @@ - -# System maintenance Services - -## Timeouts to wait for other services to stop -system_maintenance_lock_timeout_cleanup_services: "15min" -system_maintenance_lock_timeout_storage_optimizer: "10min" -system_maintenance_lock_timeout_backup_services: "1h" -system_maintenance_lock_timeout_heal_docker: "30min" -system_maintenance_lock_timeout_update_docker: "2min" -system_maintenance_lock_timeout_restart_docker: "{{system_maintenance_lock_timeout_update_docker}}" - -## Services - -### Defined Services for Backup Tasks -system_maintenance_backup_services: - - "sys-bkp-docker-2-loc" - - "svc-bkp-rmt-2-loc" - - "svc-bkp-loc-2-usb" - - "sys-bkp-docker-2-loc-everything" - -### Defined Services for System Cleanup -system_maintenance_cleanup_services: - - "sys-cln-backups" - - "sys-cln-disc-space" - - "sys-cln-faild-bkps" - -### Services that Manipulate the System -system_maintenance_manipulation_services: - - "sys-rpr-docker-soft" - - "update-docker" - - "svc-opt-ssd-hdd" - - "sys-rpr-docker-hard" - -## Total System Maintenance Services -system_maintenance_services: "{{ system_maintenance_backup_services + system_maintenance_cleanup_services + system_maintenance_manipulation_services }}" - -### Define Variables for Docker Volume Health services -whitelisted_anonymous_docker_volumes: [] diff --git a/group_vars/all/06_nginx.yml b/group_vars/all/05_nginx.yml similarity index 100% rename from group_vars/all/06_nginx.yml rename to group_vars/all/05_nginx.yml diff --git a/group_vars/all/07_paths.yml b/group_vars/all/06_paths.yml similarity index 100% rename from group_vars/all/07_paths.yml rename to group_vars/all/06_paths.yml diff --git a/group_vars/all/07_services.yml b/group_vars/all/07_services.yml new file mode 100644 index 00000000..8b819b21 --- /dev/null +++ b/group_vars/all/07_services.yml @@ -0,0 +1,40 @@ + +# Services + +## Meta +SYS_SERVICE_SUFFIX: ".{{ SOFTWARE_NAME | lower }}.service" + +## Names +SYS_SERVICE_ALARM_CMP: "sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@.service" + +## Groups +SYS_SERVICE_GROUP_BACKUPS: > + {{ (('sys-ctl-bkp-' | get_category_entries) + ('svc-bkp-' | get_category_entries)) + | map('regex_replace', '$', SYS_SERVICE_SUFFIX) | list }} + +SYS_SERVICE_GROUP_CLEANUP: > + {{ ('sys-ctl-cln-' | get_category_entries) + | map('regex_replace', '$', SYS_SERVICE_SUFFIX) | list }} + +SYS_SERVICE_GROUP_REPAIR: > + {{ ('sys-ctl-rpr-' | get_category_entries) + | map('regex_replace', '$', SYS_SERVICE_SUFFIX) | list }} + +SYS_SERVICE_GROUP_OPTIMIZATION: > + {{ ('svc-opt-' | get_category_entries) + | map('regex_replace', '$', SYS_SERVICE_SUFFIX) | list }} + +SYS_SERVICE_GROUP_MAINTANANCE: > + {{ ('svc-mtn-' | get_category_entries) + | map('regex_replace', '$', SYS_SERVICE_SUFFIX) | list }} + +## Collection of services to manipulate the system +SYS_SERVICE_GROUP_MANIPULATION: > + {{ + SYS_SERVICE_GROUP_BACKUPS + + SYS_SERVICE_GROUP_CLEANUP + + SYS_SERVICE_GROUP_REPAIR + + SYS_SERVICE_GROUP_OPTIMIZATION + + SYS_SERVICE_GROUP_MAINTANANCE + + [ 'update-docker' ] + }} diff --git a/group_vars/all/08_calendar.yml b/group_vars/all/08_calendar.yml deleted file mode 100644 index 21849ffe..00000000 --- a/group_vars/all/08_calendar.yml +++ /dev/null @@ -1,29 +0,0 @@ - -## Schedule for Health Checks -on_calendar_health_btrfs: "*-*-* 00:00:00" # Check once per day the btrfs for errors -on_calendar_health_journalctl: "*-*-* 00:00:00" # Check once per day the journalctl for errors -on_calendar_health_disc_space: "*-*-* 06,12,18,00:00:00" # Check four times per day if there is sufficient disc space -on_calendar_health_docker_container: "*-*-* {{ HOURS_SERVER_AWAKE }}:00:00" # Check once per hour if the docker containers are healthy -on_calendar_health_docker_volumes: "*-*-* {{ HOURS_SERVER_AWAKE }}:15:00" # Check once per hour if the docker volumes are healthy -on_calendar_health_csp_crawler: "*-*-* {{ HOURS_SERVER_AWAKE }}:30:00" # Check once per hour if all CSP are fullfilled available -on_calendar_health_nginx: "*-*-* {{ HOURS_SERVER_AWAKE }}:45:00" # Check once per hour if all webservices are available -on_calendar_health_msmtp: "*-*-* 00:00:00" # Check once per day SMTP Server - -## Schedule for Cleanup Tasks -on_calendar_cleanup_backups: "*-*-* 00,06,12,18:30:00" # Cleanup backups every 6 hours, MUST be called before disc space cleanup -on_calendar_cleanup_disc_space: "*-*-* 07,13,19,01:30:00" # Cleanup disc space every 6 hours -on_calendar_cleanup_certs: "*-*-* 12,00:45:00" # Deletes and revokes unused certs - -## Schedule for Backup Tasks -on_calendar_backup_docker_to_local: "*-*-* 03:30:00" -on_calendar_backup_remote_to_local: "*-*-* 21:30:00" - -## Schedule for Maintenance Tasks -on_calendar_heal_docker: "*-*-* {{ HOURS_SERVER_AWAKE }}:30:00" # Heal unhealthy docker instances once per hour -on_calendar_renew_lets_encrypt_certificates: "*-*-* 12,00:30:00" # Renew Mailu certificates twice per day -on_calendar_deploy_certificates: "*-*-* 13,01:30:00" # Deploy letsencrypt certificates twice per day to docker containers -on_calendar_msi_keyboard_color: "*-*-* *:*:00" # Change the keyboard color every minute -on_calendar_cleanup_failed_docker: "*-*-* 12:00:00" # Clean up failed docker backups every noon -on_calendar_btrfs_auto_balancer: "Sat *-*-01..07 00:00:00" # Execute btrfs auto balancer every first Saturday of a month -on_calendar_restart_docker: "Sun *-*-* 08:00:00" # Restart docker instances every Sunday at 8:00 AM -on_calendar_nextcloud: "22" # Do nextcloud maintanace between 22:00 and 02:00 \ No newline at end of file diff --git a/group_vars/all/08_timer.yml b/group_vars/all/08_timer.yml new file mode 100644 index 00000000..9e948ade --- /dev/null +++ b/group_vars/all/08_timer.yml @@ -0,0 +1,54 @@ + +# Service Timers + +## Meta +SYS_TIMER_SUFFIX: ".{{ SOFTWARE_NAME | lower }}.timer" + +## Server Tact Variables + +HOURS_SERVER_AWAKE: "0..23" # Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance +RANDOMIZED_DELAY_SEC: "5min" # Random delay for systemd timers to avoid peak loads. +ACTIVATE_ALL_TIMERS: false # Runtime Variables for Process Control - Activates all timers, independend if the handlers had been triggered + +## Timeouts for all services +SYS_TIMEOUT_CLEANUP_SERVICES: "15min" +SYS_TIMEOUT_STORAGE_OPTIMIZER: "10min" +SYS_TIMEOUT_BACKUP_SERVICES: "1h" +SYS_TIMEOUT_HEAL_DOCKER: "30min" +SYS_TIMEOUT_UPDATE_DOCKER: "2min" +SYS_TIMEOUT_RESTART_DOCKER: "{{ SYS_TIMEOUT_UPDATE_DOCKER }}" + +## On Calendar + +### Schedule for health checks +SYS_SCHEDULE_HEALTH_BTRFS: "*-*-* 00:00:00" # Check once per day the btrfs for errors +SYS_SCHEDULE_HEALTH_JOURNALCTL: "*-*-* 00:00:00" # Check once per day the journalctl for errors +SYS_SCHEDULE_HEALTH_DISC_SPACE: "*-*-* 06,12,18,00:00:00" # Check four times per day if there is sufficient disc space +SYS_SCHEDULE_HEALTH_DOCKER_CONTAINER: "*-*-* {{ HOURS_SERVER_AWAKE }}:00:00" # Check once per hour if the docker containers are healthy +SYS_SCHEDULE_HEALTH_DOCKER_VOLUMES: "*-*-* {{ HOURS_SERVER_AWAKE }}:15:00" # Check once per hour if the docker volumes are healthy +SYS_SCHEDULE_HEALTH_CSP_CRAWLER: "*-*-* {{ HOURS_SERVER_AWAKE }}:30:00" # Check once per hour if all CSP are fullfilled available +SYS_SCHEDULE_HEALTH_NGINX: "*-*-* {{ HOURS_SERVER_AWAKE }}:45:00" # Check once per hour if all webservices are available +SYS_SCHEDULE_HEALTH_MSMTP: "*-*-* 00:00:00" # Check once per day SMTP Server + +### Schedule for cleanup tasks +SYS_SCHEDULE_CLEANUP_BACKUPS: "*-*-* 00,06,12,18:30:00" # Cleanup backups every 6 hours, MUST be called before disc space cleanup +SYS_SCHEDULE_CLEANUP_DISC_SPACE: "*-*-* 07,13,19,01:30:00" # Cleanup disc space every 6 hours +SYS_SCHEDULE_CLEANUP_CERTS: "*-*-* 12,00:45:00" # Deletes and revokes unused certs +SYS_SCHEDULE_CLEANUP_FAILED_BACKUPS: "*-*-* 12:00:00" # Clean up failed docker backups every noon + +### Schedule for repair services +SYS_SCHEDULE_REPAIR_BTRFS_AUTO_BALANCER: "Sat *-*-01..07 00:00:00" # Execute btrfs auto balancer every first Saturday of a month +SYS_SCHEDULE_REPAIR_DOCKER_SOFT: "*-*-* {{ HOURS_SERVER_AWAKE }}:30:00" # Heal unhealthy docker instances once per hour +SYS_SCHEDULE_REPAIR_DOCKER_HARD: "Sun *-*-* 08:00:00" # Restart docker instances every Sunday at 8:00 AM + +### Schedule for backup tasks +SYS_SCHEDULE_BACKUP_DOCKER_TO_LOCAL: "*-*-* 03:30:00" +SYS_SCHEDULE_BACKUP_REMOTE_TO_LOCAL: "*-*-* 21:30:00" + +### Schedule for Maintenance Tasks +SYS_SCHEDULE_MAINTANANCE_LETSENCRYPT_RENEW: "*-*-* 12,00:30:00" # Renew Mailu certificates twice per day +SYS_SCHEDULE_MAINTANANCE_LETSENCRYPT_DEPLOY: "*-*-* 13,01:30:00" # Deploy letsencrypt certificates twice per day to docker containers +SYS_SCHEDULE_MAINTANANCE_NEXTCLOUD: "22" # Do nextcloud maintanace between 22:00 and 02:00 + +### Animation +SYS_SCHEDULE_ANIMATION_KEYBOARD_COLOR: "*-*-* *:*:00" # Change the keyboard color every minute \ No newline at end of file diff --git a/group_vars/all/10_networks.yml b/group_vars/all/09_networks.yml similarity index 100% rename from group_vars/all/10_networks.yml rename to group_vars/all/09_networks.yml diff --git a/roles/categories.yml b/roles/categories.yml index da6e8921..47bb55e2 100644 --- a/roles/categories.yml +++ b/roles/categories.yml @@ -1,4 +1,14 @@ roles: + cmp: + title: "Compositions" + description: "Composition of other roles." + icon: "fas fa-sitemap" + invokable: false + docker: + title: "Docker Toolkit" + description: "Generic Docker helpers and utilities (compose wrappers, container tooling)." + icon: "fas fa-docker" + invokable: false dev: title: "Software Development Utilties" invokable: false @@ -6,41 +16,61 @@ roles: title: "System" description: "System near components. Will be automaticly called if necessary from other roles." invokable: false - alm: - title: "Alerting" - description: "Notification handlers for system events" - icon: "fas fa-bell" + ctl: + title: "Control" + description: "Control layer for system lifecycle management—handling cleanup, monitoring, backups, alerting, maintenance, and repair tasks." + icon: "fas fa-cogs" invokable: false - cln: - title: "Cleanup" - description: "Roles for cleaning up various system resources—old backups, unused certificates, temporary files, Docker volumes, disk caches, deprecated domains, and more." - icon: "fas fa-trash-alt" - invokable: false - hlth: - title: "Monitoring" - description: "Roles for system monitoring and health checks—encompassing bot-style automated checks and core low-level monitors for logs, containers, disk usage, and more." - icon: "fas fa-chart-area" - invokable: false - bkp: - title: "Backup & Restore" - description: "Backup strategies & restore procedures" - icon: "fas fa-hdd" + cln: + title: "Cleanup" + description: "Roles for cleaning up various system resources—old backups, unused certificates, temporary files, Docker volumes, disk caches, deprecated domains, and more." + icon: "fas fa-trash-alt" + invokable: false + hlth: + title: "Monitoring" + description: "Roles for system monitoring and health checks—encompassing bot-style automated checks and core low-level monitors for logs, containers, disk usage, and more." + icon: "fas fa-chart-area" + invokable: false + bkp: + title: "Backup & Restore" + description: "Backup strategies & restore procedures" + icon: "fas fa-hdd" + invokable: false + alm: + title: "Alerting" + description: "Notification handlers for system events" + icon: "fas fa-bell" + invokable: false + mtn: + title: "Maintenance" + description: "Maintenance roles for certificates, system upkeep, and recurring operational tasks." + icon: "fas fa-tools" + invokable: false + rpr: + title: "Repair" + description: "Repair and recovery roles—handling hard/soft recovery of Docker, Btrfs balancers, and other low-level system fixes." + icon: "fas fa-wrench" + invokable: false + dns: + title: "DNS Automation" + description: "DNS providers, records, and rDNS management (Cloudflare, Hetzner, etc.)." + icon: "fas fa-network-wired" invokable: false update: title: "Updates & Package Management" description: "OS & package updates" icon: "fas fa-sync" invokable: true + pkgmgr: + title: "Package Manager Helpers" + description: "Helpers for package managers and unified install flows." + icon: "fas fa-box-open" + invokable: false drv: title: "Drivers" description: "Roles for installing and configuring hardware drivers—covering printers, graphics, input devices, and other peripheral support." icon: "fas fa-microchip" invokable: true -# core: -# title: "Core & System" -# description: "Fundamental system configuration" -# icon: "fas fa-cogs" -# invokable: true gen: title: "Generic" description: "Helper roles & installers (git, locales, timer, etc.)" @@ -66,6 +96,11 @@ roles: description: "Utility roles for server-side configuration and management—covering corporate identity provisioning, network helpers, and other service-oriented toolkits." icon: "fas fa-cogs" invokable: true + dev: + title: "Developer Utilities" + description: "Developer-centric server utilities and admin toolkits." + icon: "fas fa-code" + invokable: false srv: title: "Server" description: "General server roles for provisioning and managing server infrastructure—covering web servers, proxy servers, network services, and other backend components." diff --git a/roles/cmp-rdbms/tasks/main.yml b/roles/cmp-rdbms/tasks/main.yml index 246a2115..29633cff 100644 --- a/roles/cmp-rdbms/tasks/main.yml +++ b/roles/cmp-rdbms/tasks/main.yml @@ -23,4 +23,4 @@ when: applications | get_app_conf(application_id, 'features.central_database', False) - name: "For '{{ application_id }}': Add Entry for Backup Procedure" - include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml" + include_tasks: "{{ playbook_dir }}/roles/sys-ctl-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml" diff --git a/roles/drv-msi-keyboard-color/tasks/01_core.yml b/roles/drv-msi-keyboard-color/tasks/01_core.yml index f0dcd495..44cdb5b4 100644 --- a/roles/drv-msi-keyboard-color/tasks/01_core.yml +++ b/roles/drv-msi-keyboard-color/tasks/01_core.yml @@ -2,7 +2,7 @@ name: '{{ item }}' loop: - dev-yay - - sys-alm-compose + - sys-ctl-alm-compose - name: Install MSI packages kewlfft.aur.aur: @@ -34,5 +34,5 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_msi_keyboard_color}}" + on_calendar: "{{SYS_SCHEDULE_ANIMATION_KEYBOARD_COLOR}}" persistent: "true" diff --git a/roles/drv-msi-keyboard-color/templates/keyboard-color.service.j2 b/roles/drv-msi-keyboard-color/templates/keyboard-color.service.j2 index 4b06027e..ce6f0d19 100644 --- a/roles/drv-msi-keyboard-color/templates/keyboard-color.service.j2 +++ b/roles/drv-msi-keyboard-color/templates/keyboard-color.service.j2 @@ -1,6 +1,6 @@ [Unit] Description=Keyboard Color Service -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot diff --git a/roles/srv-web-7-4-core/tasks/01_core.yml b/roles/srv-web-7-4-core/tasks/01_core.yml index b44b99f3..111372d8 100644 --- a/roles/srv-web-7-4-core/tasks/01_core.yml +++ b/roles/srv-web-7-4-core/tasks/01_core.yml @@ -26,8 +26,8 @@ include_role: name: "{{ item }}" loop: - - sys-hlth-webserver - - sys-hlth-csp + - sys-ctl-hlth-webserver + - sys-ctl-hlth-csp vars: # Extra flush is for performance reasons not necessary flush_handlers: false diff --git a/roles/srv-web-7-6-https/README.md b/roles/srv-web-7-6-https/README.md index 7d9a586f..588617b6 100644 --- a/roles/srv-web-7-6-https/README.md +++ b/roles/srv-web-7-6-https/README.md @@ -16,7 +16,7 @@ This role is built on top of your existing `srv-web-7-4-core` role, and it autom When you apply **srv-web-7-6-https**, it will: 1. **Include** the `srv-web-7-4-core` role to install and configure Nginx. -2. **Clean up** any stale vHost files under `sys-cln-domains`. +2. **Clean up** any stale vHost files under `sys-ctl-cln-domains`. 3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `srv-web-7-7-letsencrypt`. 4. **Reload** Nginx automatically when any template changes. diff --git a/roles/srv-web-7-6-https/tasks/main.yml b/roles/srv-web-7-6-https/tasks/main.yml index 89ea09ee..28a873bd 100644 --- a/roles/srv-web-7-6-https/tasks/main.yml +++ b/roles/srv-web-7-6-https/tasks/main.yml @@ -4,7 +4,7 @@ name: '{{ item }}' loop: - srv-web-7-4-core - - sys-cln-domains + - sys-ctl-cln-domains - srv-web-7-7-letsencrypt - include_tasks: utils/run_once.yml when: run_once_srv_web_7_6_https is not defined diff --git a/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml b/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml index b6b43284..b8fcf58b 100644 --- a/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml +++ b/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml @@ -1,7 +1,7 @@ - - name: Include dependency 'srv-web-6-6-tls-renew' + - name: Include dependency 'sys-ctl-mtn-cert-renew' include_role: - name: srv-web-6-6-tls-renew - when: run_once_srv_web_6_6_tls_renew is not defined + name: sys-ctl-mtn-cert-renew + when: run_once_sys_ctl_mtn_cert_renew is not defined - name: create nginx letsencrypt config file template: diff --git a/roles/svc-bkp-loc-2-usb/tasks/main.yml b/roles/svc-bkp-loc-2-usb/tasks/main.yml index 5114cda2..58cb80e4 100644 --- a/roles/svc-bkp-loc-2-usb/tasks/main.yml +++ b/roles/svc-bkp-loc-2-usb/tasks/main.yml @@ -3,7 +3,7 @@ include_role: name: '{{ item }}' loop: - - sys-cln-bkps-service + - sys-ctl-cln-bkps - sys-lock - include_tasks: utils/run_once.yml when: run_once_svc_bkp_loc_2_usb is not defined diff --git a/roles/svc-bkp-loc-2-usb/templates/svc-bkp-loc-2-usb.service.j2 b/roles/svc-bkp-loc-2-usb/templates/svc-bkp-loc-2-usb.service.j2 index f751dce2..bb016d5e 100644 --- a/roles/svc-bkp-loc-2-usb/templates/svc-bkp-loc-2-usb.service.j2 +++ b/roles/svc-bkp-loc-2-usb/templates/svc-bkp-loc-2-usb.service.j2 @@ -1,12 +1,12 @@ [Unit] Description=Backup to USB when mounted to {{ backup_to_usb_mount }} Wants={{systemctl_mount_service_name}} -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot ExecStart=/bin/python {{ backup_to_usb_script_path }} {{backup_to_usb_source}} {{backup_to_usb_destination}} -ExecStartPost=/bin/systemctl start sys-cln-backups{{ SYS_SERVICE_SUFFIX }} +ExecStartPost=/bin/systemctl start sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }} [Install] WantedBy=multi-user.target \ No newline at end of file diff --git a/roles/svc-bkp-rmt-2-loc/README.md b/roles/svc-bkp-rmt-2-loc/README.md index b615ff7d..8ebfc6b2 100644 --- a/roles/svc-bkp-rmt-2-loc/README.md +++ b/roles/svc-bkp-rmt-2-loc/README.md @@ -17,7 +17,7 @@ Backup Remote to Local is a robust solution for retrieving backup data from remo - **Remote Backup Retrieval:** Pulls backups from a remote server using secure SSH connections. - **Incremental Backup with rsync:** Uses rsync with options for archive, backup, and hard linking to efficiently manage changes. - **Retry Logic:** Implements a retry mechanism to handle transient network issues or remote errors. -- **Integration with Other Roles:** Works alongside roles like sys-bkp-directory-validator, sys-cln-faild-bkps, sys-timer, sys-bkp-provider, and sys-lock. +- **Integration with Other Roles:** Works alongside roles like sys-svc-directory-validator, sys-ctl-cln-faild-bkps, sys-timer, sys-bkp-provider, and sys-lock. - **Administrative Debugging:** Detailed debug instructions and administrative tasks are provided in a separate file. ## Other Resources diff --git a/roles/svc-bkp-rmt-2-loc/meta/main.yml b/roles/svc-bkp-rmt-2-loc/meta/main.yml index c89b38cf..e2caaf94 100644 --- a/roles/svc-bkp-rmt-2-loc/meta/main.yml +++ b/roles/svc-bkp-rmt-2-loc/meta/main.yml @@ -23,5 +23,5 @@ galaxy_info: issue_tracker_url: "https://s.infinito.nexus/issues" documentation: "https://docs.infinito.nexus" dependencies: -- sys-cln-bkps-timer -- sys-cln-faild-bkps +- sys-timer-cln-bkps +- sys-ctl-cln-faild-bkps diff --git a/roles/svc-bkp-rmt-2-loc/tasks/main.yml b/roles/svc-bkp-rmt-2-loc/tasks/main.yml index 1d66b63f..e5edc148 100644 --- a/roles/svc-bkp-rmt-2-loc/tasks/main.yml +++ b/roles/svc-bkp-rmt-2-loc/tasks/main.yml @@ -4,7 +4,7 @@ name: '{{ item }}' loop: - dev-git - - sys-alm-compose + - sys-ctl-alm-compose - sys-lock - sys-rst-daemon - include_tasks: utils/run_once.yml @@ -42,5 +42,5 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_backup_remote_to_local}}" + on_calendar: "{{SYS_SCHEDULE_BACKUP_REMOTE_TO_LOCAL}}" diff --git a/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2 b/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2 index 0a73fad5..797b30a8 100644 --- a/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2 +++ b/roles/svc-bkp-rmt-2-loc/templates/sys-bkp-rmt-2-loc.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=pull remote backups -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} [Service] Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{ system_maintenance_lock_timeout_backup_services }}"' +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{SYS_SERVICE_GROUP_BACKUPS| join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}sys-bkp-rmt-2-loc-multi-provider.sh' diff --git a/roles/svc-opt-ssd-hdd/templates/svc-opt-ssd-hdd.service.j2 b/roles/svc-opt-ssd-hdd/templates/svc-opt-ssd-hdd.service.j2 index 80817fb0..e43bef29 100644 --- a/roles/svc-opt-ssd-hdd/templates/svc-opt-ssd-hdd.service.j2 +++ b/roles/svc-opt-ssd-hdd/templates/svc-opt-ssd-hdd.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Optimize storage paths -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore svc-opt-ssd-hdd svc-bkp-rmt-2-loc --timeout "{{system_maintenance_lock_timeout_storage_optimizer}}"' +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore svc-opt-ssd-hdd svc-bkp-rmt-2-loc --timeout "{{SYS_TIMEOUT_STORAGE_OPTIMIZER}}"' ExecStart=/bin/sh -c '/usr/bin/python {{storage_optimizer_script}} --rapid-storage-path {{path_rapid_storage}} --mass-storage-path {{path_mass_storage}}' \ No newline at end of file diff --git a/roles/svc-opt-swapfile/meta/main.yml b/roles/svc-opt-swapfile/meta/main.yml index 4f873f97..9227c881 100644 --- a/roles/svc-opt-swapfile/meta/main.yml +++ b/roles/svc-opt-swapfile/meta/main.yml @@ -12,7 +12,7 @@ galaxy_info: - performance repository: "https://s.infinito.nexus/code" issue_tracker_url: "https://s.infinito.nexus/issues" - documentation: "https://s.infinito.nexus/code/tree/main/roles/sys-opt-swapfile" + documentation: "https://s.infinito.nexus/code/tree/main/roles/sys-ctl-opt-rpr-swapfile" min_ansible_version: "2.9" platforms: - name: Any diff --git a/roles/sys-alm-compose/handlers/main.yml b/roles/sys-alm-compose/handlers/main.yml deleted file mode 100644 index c6f45d14..00000000 --- a/roles/sys-alm-compose/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "restart sys-alm-compose service" - systemd: - name: sys-alm-compose{{ SYS_SERVICE_SUFFIX }} - daemon_reload: yes - when: run_once_sys_alm_compose is not defined diff --git a/roles/sys-alm-compose/tasks/main.yml b/roles/sys-alm-compose/tasks/main.yml deleted file mode 100644 index a2ea69ab..00000000 --- a/roles/sys-alm-compose/tasks/main.yml +++ /dev/null @@ -1,14 +0,0 @@ -- block: - - name: Include dependencies - include_role: - name: '{{ item }}' - loop: - - sys-alm-telegram - - sys-alm-email - - name: configure sys-alm-compose.infinito@.service - template: - src: sys-alm-compose@.service.j2 - dest: "/etc/systemd/system/sys-alm-compose.infinito@.service" - notify: "restart sys-alm-compose service" - - include_tasks: utils/run_once.yml - when: run_once_sys_alm_compose is not defined diff --git a/roles/sys-alm-compose/templates/sys-alm-compose@.service.j2 b/roles/sys-alm-compose/templates/sys-alm-compose@.service.j2 deleted file mode 100644 index 60acd953..00000000 --- a/roles/sys-alm-compose/templates/sys-alm-compose@.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Notifier for %i - -[Service] -Type=oneshot -ExecStart=/usr/bin/systemctl start sys-alm-telegram.infinito@%i.service sys-alm-email.infinito@%i.service -User=root -Group=systemd-journal diff --git a/roles/sys-alm-email/handlers/main.yml b/roles/sys-alm-email/handlers/main.yml deleted file mode 100644 index 8dc3e718..00000000 --- a/roles/sys-alm-email/handlers/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- name: "restart sys-alm-email service" - systemd: - name: sys-alm-email{{ SYS_SERVICE_SUFFIX }} - daemon_reload: yes diff --git a/roles/sys-alm-email/tasks/01_core.yml b/roles/sys-alm-email/tasks/01_core.yml deleted file mode 100644 index 931a2f7e..00000000 --- a/roles/sys-alm-email/tasks/01_core.yml +++ /dev/null @@ -1,23 +0,0 @@ -- name: Include dependencies - include_role: - name: '{{ item }}' - loop: - - sys-svc-msmtp - - sys-rst-daemon - -- name: "create {{systemd_notifier_email_folder}}" - file: - path: "{{systemd_notifier_email_folder}}" - state: directory - mode: "0755" - -- name: configure sys-alm-email.sh - template: - src: sys-alm-email.sh.j2 - dest: "{{systemd_notifier_email_folder}}sys-alm-email.sh" - -- name: configure sys-alm-email{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-alm-email@.service.j2 - dest: /etc/systemd/system/sys-alm-email.infinito@.service - notify: restart sys-alm-email service diff --git a/roles/sys-alm-telegram/handlers/main.yml b/roles/sys-alm-telegram/handlers/main.yml deleted file mode 100644 index 8ec0f6bd..00000000 --- a/roles/sys-alm-telegram/handlers/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- name: "restart sys-alm-telegram service" - systemd: - name: sys-alm-telegram{{ SYS_SERVICE_SUFFIX }} - daemon_reload: yes diff --git a/roles/sys-alm-telegram/vars/main.yml b/roles/sys-alm-telegram/vars/main.yml deleted file mode 100644 index 8d56f7cb..00000000 --- a/roles/sys-alm-telegram/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -systemd_telegram_folder: /opt/ansible-roles/sys-alm-telegram/ -systemd_telegram_script: '{{systemd_telegram_folder}}sys-alm-telegram.sh' diff --git a/roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc-everything.service.j2 b/roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc-everything.service.j2 deleted file mode 100644 index bc160a07..00000000 --- a/roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc-everything.service.j2 +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=backup all docker volumes to local folder -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} - -[Service] -Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', role_name ) | join(' ') }} --timeout "{{ system_maintenance_lock_timeout_backup_services }}"' -ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }} --everything' -ExecStartPost=/bin/sh -c '/bin/systemctl start sys-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} &' \ No newline at end of file diff --git a/roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc.service.j2 b/roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc.service.j2 deleted file mode 100644 index 47f4b7fe..00000000 --- a/roles/sys-bkp-docker-2-loc/templates/sys-bkp-docker-2-loc.service.j2 +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=backup docker volumes to local folder -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} - -[Service] -Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', role_name ~ '-everything') | join(' ') }} --timeout "{{ system_maintenance_lock_timeout_backup_services }}"' -ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }}' -ExecStartPost=/bin/sh -c '/bin/systemctl start sys-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} &' \ No newline at end of file diff --git a/roles/sys-bkp-provider-user/files/ssh-wrapper.sh b/roles/sys-bkp-provider-user/files/ssh-wrapper.sh index edaf94fd..d31cc22d 100644 --- a/roles/sys-bkp-provider-user/files/ssh-wrapper.sh +++ b/roles/sys-bkp-provider-user/files/ssh-wrapper.sh @@ -12,8 +12,8 @@ hashed_machine_id="$($get_hashed_machine_id | head -c 64)" get_backup_types="find /Backups/$hashed_machine_id/ -maxdepth 1 -type d -execdir basename {} ;"; -# @todo This configuration is not scalable yet. If other backup services then sys-bkp-docker-2-loc are integrated, this logic needs to be optimized -get_version_directories="ls -d /Backups/$hashed_machine_id/sys-bkp-docker-2-loc/*" +# @todo This configuration is not scalable yet. If other backup services then sys-ctl-bkp-docker-2-loc are integrated, this logic needs to be optimized +get_version_directories="ls -d /Backups/$hashed_machine_id/sys-ctl-bkp-docker-2-loc/*" last_version_directory="$($get_version_directories | tail -1)" rsync_command="sudo rsync --server --sender -blogDtpre.iLsfxCIvu . $last_version_directory/" diff --git a/roles/sys-bkp-provider/README.md b/roles/sys-bkp-provider/README.md index 4b9c91ba..49f6569a 100644 --- a/roles/sys-bkp-provider/README.md +++ b/roles/sys-bkp-provider/README.md @@ -8,7 +8,7 @@ This role sets up and manages the host as a backup provider. It establishes the Optimized for automated backup processes, this role: - Configures the host to provide backup services. -- Integrates seamlessly with the [sys-bkp-provider-user](../sys-bkp-provider-user/README.md) and [sys-cln-bkps-timer](../sys-cln-bkps-timer/README.md) roles. +- Integrates seamlessly with the [sys-bkp-provider-user](../sys-bkp-provider-user/README.md) and [sys-timer-cln-bkps](../sys-timer-cln-bkps/README.md) roles. - Lays the foundation for secure and extensible backup operations. ## Purpose diff --git a/roles/sys-bkp-provider/tasks/main.yml b/roles/sys-bkp-provider/tasks/main.yml index 4f6ee94c..4fb7f6e6 100644 --- a/roles/sys-bkp-provider/tasks/main.yml +++ b/roles/sys-bkp-provider/tasks/main.yml @@ -4,6 +4,6 @@ name: '{{ item }}' loop: - sys-bkp-provider-user - - sys-cln-bkps-timer + - sys-timer-cln-bkps - include_tasks: utils/run_once.yml when: run_once_sys_bkp_provider is not defined diff --git a/roles/sys-cln-bkps-service/handlers/main.yml b/roles/sys-cln-bkps-service/handlers/main.yml deleted file mode 100644 index 14681079..00000000 --- a/roles/sys-cln-bkps-service/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-cln-backups service" - systemd: - name: sys-cln-backups{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes diff --git a/roles/sys-cln-bkps-service/templates/sys-cln-backups.service.j2 b/roles/sys-cln-bkps-service/templates/sys-cln-backups.service.j2 deleted file mode 100644 index 2820af98..00000000 --- a/roles/sys-cln-bkps-service/templates/sys-cln-backups.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=delete old backups -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{ system_maintenance_lock_timeout_backup_services }}"' -ExecStart=/bin/sh -c '/usr/bin/python {{cleanup_backups_directory}}sys-cln-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}}' \ No newline at end of file diff --git a/roles/sys-cln-certs/handlers/main.yml b/roles/sys-cln-certs/handlers/main.yml deleted file mode 100644 index 5375c693..00000000 --- a/roles/sys-cln-certs/handlers/main.yml +++ /dev/null @@ -1,6 +0,0 @@ -- name: "Reload and restart sys-cln-certs service" - systemd: - name: sys-cln-certs{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes - state: restarted \ No newline at end of file diff --git a/roles/sys-cln-disc-space/handlers/main.yml b/roles/sys-cln-disc-space/handlers/main.yml deleted file mode 100644 index ce102eb5..00000000 --- a/roles/sys-cln-disc-space/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-cln-disc-space service" - systemd: - name: sys-cln-disc-space{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes diff --git a/roles/sys-cln-disc-space/templates/sys-cln-disc-space.service.j2 b/roles/sys-cln-disc-space/templates/sys-cln-disc-space.service.j2 deleted file mode 100644 index b2024a39..00000000 --- a/roles/sys-cln-disc-space/templates/sys-cln-disc-space.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=freeing disc space -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{ system_maintenance_lock_timeout_backup_services }}"' -ExecStart=/bin/sh -c '/bin/bash {{cleanup_disc_space_folder}}sys-cln-disc-space.sh {{size_percent_cleanup_disc_space}}' \ No newline at end of file diff --git a/roles/sys-cln-faild-bkps/handlers/main.yml b/roles/sys-cln-faild-bkps/handlers/main.yml deleted file mode 100644 index fb107291..00000000 --- a/roles/sys-cln-faild-bkps/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "Reload sys-cln-faild-bkps service" - systemd: - name: sys-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-alm-compose/README.md b/roles/sys-ctl-alm-compose/README.md similarity index 76% rename from roles/sys-alm-compose/README.md rename to roles/sys-ctl-alm-compose/README.md index 4b468b9d..024aad82 100644 --- a/roles/sys-alm-compose/README.md +++ b/roles/sys-ctl-alm-compose/README.md @@ -2,7 +2,7 @@ ## Description -This role installs a systemd service that sends notifications via both [sys-alm-telegram](../sys-alm-telegram/README.md) and [sys-alm-email](../sys-alm-email/README.md) when any service fails. +This role installs a systemd service that sends notifications via both [sys-ctl-alm-telegram](../sys-ctl-alm-telegram/README.md) and [sys-ctl-alm-email](../sys-ctl-alm-email/README.md) when any service fails. ## Overview @@ -15,6 +15,6 @@ The primary purpose of this role is to provide a centralized mechanism for servi ## Features - **Unified Notification Service:** Installs a systemd service that triggers both Telegram and Email alerts. -- **Dependency Integration:** Works seamlessly with the [sys-alm-telegram](../sys-alm-telegram/README.md) and [sys-alm-email](../sys-alm-email/README.md) roles. +- **Dependency Integration:** Works seamlessly with the [sys-ctl-alm-telegram](../sys-ctl-alm-telegram/README.md) and [sys-ctl-alm-email](../sys-ctl-alm-email/README.md) roles. - **Automated Service Management:** Automatically restarts the notifier service upon configuration changes. - **Centralized Alerting:** Provides a unified approach to monitor and notify about service failures. \ No newline at end of file diff --git a/roles/sys-ctl-alm-compose/handlers/main.yml b/roles/sys-ctl-alm-compose/handlers/main.yml new file mode 100644 index 00000000..190fb244 --- /dev/null +++ b/roles/sys-ctl-alm-compose/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "restart sys-ctl-alm-compose service" + systemd: + name: "{{ SYS_SERVICE_ALARM_CMP }}" + daemon_reload: yes + when: run_once_sys_ctl_alm_compose is not defined diff --git a/roles/sys-alm-compose/meta/main.yml b/roles/sys-ctl-alm-compose/meta/main.yml similarity index 100% rename from roles/sys-alm-compose/meta/main.yml rename to roles/sys-ctl-alm-compose/meta/main.yml diff --git a/roles/sys-ctl-alm-compose/tasks/main.yml b/roles/sys-ctl-alm-compose/tasks/main.yml new file mode 100644 index 00000000..bafe2587 --- /dev/null +++ b/roles/sys-ctl-alm-compose/tasks/main.yml @@ -0,0 +1,14 @@ +- block: + - name: Include dependencies + include_role: + name: '{{ item }}' + loop: + - sys-ctl-alm-telegram + - sys-ctl-alm-email + - name: "setup '{{ SYS_SERVICE_ALARM_CMP }}'" + template: + src: sys-ctl-alm-compose@.service.j2 + dest: "/etc/systemd/system/{{ SYS_SERVICE_ALARM_CMP }}" + notify: "restart sys-ctl-alm-compose service" + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_alm_compose is not defined diff --git a/roles/sys-ctl-alm-compose/templates/sys-ctl-alm-compose@.service.j2 b/roles/sys-ctl-alm-compose/templates/sys-ctl-alm-compose@.service.j2 new file mode 100644 index 00000000..d967b40a --- /dev/null +++ b/roles/sys-ctl-alm-compose/templates/sys-ctl-alm-compose@.service.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=Notifier for %i + +[Service] +Type=oneshot +ExecStart=/usr/bin/systemctl start sys-ctl-alm-telegram.infinito@%i.service sys-ctl-alm-email.infinito@%i.service +User=root +Group=systemd-journal diff --git a/roles/sys-alm-email/README.md b/roles/sys-ctl-alm-email/README.md similarity index 71% rename from roles/sys-alm-email/README.md rename to roles/sys-ctl-alm-email/README.md index 3f9bec62..783129f6 100644 --- a/roles/sys-alm-email/README.md +++ b/roles/sys-ctl-alm-email/README.md @@ -2,11 +2,11 @@ ## Description -This role installs and configures the necessary components for sending email notifications via systemd when a service fails. It sets up the `sys-alm-email` service and configures email parameters and templates using msmtp. +This role installs and configures the necessary components for sending email notifications via systemd when a service fails. It sets up the `sys-ctl-alm-email` service and configures email parameters and templates using msmtp. ## Overview -Optimized for secure and reliable service failure notifications, this role is an integral part of the overall `sys-alm-compose` suite. It ensures that, upon failure of a critical service, an email alert is sent automatically to enable prompt troubleshooting. +Optimized for secure and reliable service failure notifications, this role is an integral part of the overall `sys-ctl-alm-compose` suite. It ensures that, upon failure of a critical service, an email alert is sent automatically to enable prompt troubleshooting. ## Purpose @@ -17,7 +17,7 @@ The primary purpose of this role is to provide a comprehensive solution for auto - **Service Installation & Configuration:** Installs msmtp and configures the email sending service. - **Customizable Templates:** Supports tailoring email templates for service failure notifications. - **Secure Notifications:** Integrates with systemd to trigger email alerts when services fail. -- **Suite Integration:** Part of the `sys-alm-compose` suite, offering a unified approach to service failure notifications. +- **Suite Integration:** Part of the `sys-ctl-alm-compose` suite, offering a unified approach to service failure notifications. ## Other Resources diff --git a/roles/sys-ctl-alm-email/handlers/main.yml b/roles/sys-ctl-alm-email/handlers/main.yml new file mode 100644 index 00000000..52372f22 --- /dev/null +++ b/roles/sys-ctl-alm-email/handlers/main.yml @@ -0,0 +1,4 @@ +- name: "restart sys-ctl-alm-email service" + systemd: + name: sys-ctl-alm-email{{ SYS_SERVICE_SUFFIX }} + daemon_reload: yes diff --git a/roles/sys-alm-email/meta/main.yml b/roles/sys-ctl-alm-email/meta/main.yml similarity index 84% rename from roles/sys-alm-email/meta/main.yml rename to roles/sys-ctl-alm-email/meta/main.yml index a43e2d37..ba520217 100644 --- a/roles/sys-alm-email/meta/main.yml +++ b/roles/sys-ctl-alm-email/meta/main.yml @@ -1,6 +1,6 @@ galaxy_info: author: "Kevin Veen-Birkenbach" - description: "Installs and configures components for sending email notifications. This role is part of the sys-alm-compose suite, providing automated alerts when services fail." + description: "Installs and configures components for sending email notifications. This role is part of the sys-ctl-alm-compose suite, providing automated alerts when services fail." license: "Infinito.Nexus NonCommercial License" license_url: "https://s.infinito.nexus/license" company: | diff --git a/roles/sys-ctl-alm-email/tasks/01_core.yml b/roles/sys-ctl-alm-email/tasks/01_core.yml new file mode 100644 index 00000000..ab797061 --- /dev/null +++ b/roles/sys-ctl-alm-email/tasks/01_core.yml @@ -0,0 +1,23 @@ +- name: Include dependencies + include_role: + name: '{{ item }}' + loop: + - sys-svc-msmtp + - sys-rst-daemon + +- name: "create {{systemd_notifier_email_folder}}" + file: + path: "{{systemd_notifier_email_folder}}" + state: directory + mode: "0755" + +- name: configure sys-ctl-alm-email.sh + template: + src: sys-ctl-alm-email.sh.j2 + dest: "{{systemd_notifier_email_folder}}sys-ctl-alm-email.sh" + +- name: configure sys-ctl-alm-email{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-alm-email@.service.j2 + dest: /etc/systemd/system/sys-ctl-alm-email.infinito@.service + notify: restart sys-ctl-alm-email service diff --git a/roles/sys-cln-certs/tasks/main.yml b/roles/sys-ctl-alm-email/tasks/main.yml similarity index 62% rename from roles/sys-cln-certs/tasks/main.yml rename to roles/sys-ctl-alm-email/tasks/main.yml index ad7ad1b9..8b6641ee 100644 --- a/roles/sys-cln-certs/tasks/main.yml +++ b/roles/sys-ctl-alm-email/tasks/main.yml @@ -1,4 +1,4 @@ - block: - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml - when: run_once_sys_cln_certs is not defined \ No newline at end of file + when: run_once_sys_ctl_alm_email is not defined \ No newline at end of file diff --git a/roles/sys-alm-email/templates/sys-alm-email.sh.j2 b/roles/sys-ctl-alm-email/templates/sys-ctl-alm-email.sh.j2 similarity index 100% rename from roles/sys-alm-email/templates/sys-alm-email.sh.j2 rename to roles/sys-ctl-alm-email/templates/sys-ctl-alm-email.sh.j2 diff --git a/roles/sys-alm-email/templates/sys-alm-email@.service.j2 b/roles/sys-ctl-alm-email/templates/sys-ctl-alm-email@.service.j2 similarity index 57% rename from roles/sys-alm-email/templates/sys-alm-email@.service.j2 rename to roles/sys-ctl-alm-email/templates/sys-ctl-alm-email@.service.j2 index 54efb87c..baacb993 100644 --- a/roles/sys-alm-email/templates/sys-alm-email@.service.j2 +++ b/roles/sys-ctl-alm-email/templates/sys-ctl-alm-email@.service.j2 @@ -3,6 +3,6 @@ Description=status email for %i to user [Service] Type=oneshot -ExecStart=/bin/bash {{systemd_notifier_email_folder}}sys-alm-email.sh %i +ExecStart=/bin/bash {{systemd_notifier_email_folder}}sys-ctl-alm-email.sh %i User=root Group=systemd-journal diff --git a/roles/sys-alm-email/vars/main.yml b/roles/sys-ctl-alm-email/vars/main.yml similarity index 76% rename from roles/sys-alm-email/vars/main.yml rename to roles/sys-ctl-alm-email/vars/main.yml index 8b4f6bc2..ff43e78d 100644 --- a/roles/sys-alm-email/vars/main.yml +++ b/roles/sys-ctl-alm-email/vars/main.yml @@ -1 +1 @@ -systemd_notifier_email_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-alm-email/' +systemd_notifier_email_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-alm-email/' diff --git a/roles/sys-alm-telegram/README.md b/roles/sys-ctl-alm-telegram/README.md similarity index 68% rename from roles/sys-alm-telegram/README.md rename to roles/sys-ctl-alm-telegram/README.md index 92700077..333c0962 100644 --- a/roles/sys-alm-telegram/README.md +++ b/roles/sys-ctl-alm-telegram/README.md @@ -2,11 +2,11 @@ ## Description -This role installs and configures the necessary components for sending notifications via systemd when a service fails. It sets up the `sys-alm-telegram` service and configures parameters and customizable templates for sending messages through [Telegram](https://telegram.org). +This role installs and configures the necessary components for sending notifications via systemd when a service fails. It sets up the `sys-ctl-alm-telegram` service and configures parameters and customizable templates for sending messages through [Telegram](https://telegram.org). ## Overview -Optimized for real-time alerts, this role is a key component of the overall [`sys-alm-compose` suite](../). It ensures that, upon failure of a critical service, a Telegram message is automatically sent to notify administrators and enable prompt troubleshooting. +Optimized for real-time alerts, this role is a key component of the overall [`sys-ctl-alm-compose` suite](../). It ensures that, upon failure of a critical service, a Telegram message is automatically sent to notify administrators and enable prompt troubleshooting. ## Purpose @@ -17,7 +17,7 @@ The primary purpose of this role is to provide a robust solution for automated T - **Service Installation & Configuration:** Installs and configures necessary components (including the `curl` package). - **Customizable Templates:** Supports tailored Telegram message templates for service failure notifications. - **Secure Notifications:** Leverages systemd to trigger alerts automatically when services fail. -- **Suite Integration:** Part of the [`sys-alm-compose` suite](../) which includes related roles such as [sys-alm-email](../sys-alm-email/README.md) and others. +- **Suite Integration:** Part of the [`sys-ctl-alm-compose` suite](../) which includes related roles such as [sys-ctl-alm-email](../sys-ctl-alm-email/README.md) and others. ## Other Resources diff --git a/roles/sys-alm-telegram/defaults/main.yml b/roles/sys-ctl-alm-telegram/defaults/main.yml similarity index 100% rename from roles/sys-alm-telegram/defaults/main.yml rename to roles/sys-ctl-alm-telegram/defaults/main.yml diff --git a/roles/sys-ctl-alm-telegram/handlers/main.yml b/roles/sys-ctl-alm-telegram/handlers/main.yml new file mode 100644 index 00000000..675bbfa3 --- /dev/null +++ b/roles/sys-ctl-alm-telegram/handlers/main.yml @@ -0,0 +1,4 @@ +- name: "restart sys-ctl-alm-telegram service" + systemd: + name: sys-ctl-alm-telegram{{ SYS_SERVICE_SUFFIX }} + daemon_reload: yes diff --git a/roles/sys-alm-telegram/meta/main.yml b/roles/sys-ctl-alm-telegram/meta/main.yml similarity index 90% rename from roles/sys-alm-telegram/meta/main.yml rename to roles/sys-ctl-alm-telegram/meta/main.yml index 4a960286..47c3ee21 100644 --- a/roles/sys-alm-telegram/meta/main.yml +++ b/roles/sys-ctl-alm-telegram/meta/main.yml @@ -1,6 +1,6 @@ galaxy_info: author: "Kevin Veen-Birkenbach" - description: "Installs and configures components for sending Telegram notifications through systemd. This role is part of the sys-alm-compose suite, providing automated alerts when services fail." + description: "Installs and configures components for sending Telegram notifications through systemd. This role is part of the sys-ctl-alm-compose suite, providing automated alerts when services fail." license: "Infinito.Nexus NonCommercial License" license_url: "https://s.infinito.nexus/license" company: | diff --git a/roles/sys-alm-telegram/tasks/01_core.yml b/roles/sys-ctl-alm-telegram/tasks/01_core.yml similarity index 72% rename from roles/sys-alm-telegram/tasks/01_core.yml rename to roles/sys-ctl-alm-telegram/tasks/01_core.yml index d8f885a7..997da792 100644 --- a/roles/sys-alm-telegram/tasks/01_core.yml +++ b/roles/sys-ctl-alm-telegram/tasks/01_core.yml @@ -25,13 +25,13 @@ state: directory mode: '0755' -- name: configure sys-alm-telegram.sh +- name: configure sys-ctl-alm-telegram.sh template: - src: sys-alm-telegram.sh.j2 + src: sys-ctl-alm-telegram.sh.j2 dest: "{{ systemd_telegram_script }}" -- name: configure sys-alm-telegram{{ SYS_SERVICE_SUFFIX }} +- name: configure sys-ctl-alm-telegram{{ SYS_SERVICE_SUFFIX }} template: - src: sys-alm-telegram@.service.j2 - dest: "/etc/systemd/system/sys-alm-telegram.infinito@.service" - notify: "restart sys-alm-telegram service" + src: sys-ctl-alm-telegram@.service.j2 + dest: "/etc/systemd/system/sys-ctl-alm-telegram.infinito@.service" + notify: "restart sys-ctl-alm-telegram service" diff --git a/roles/sys-ctl-alm-telegram/tasks/main.yml b/roles/sys-ctl-alm-telegram/tasks/main.yml new file mode 100644 index 00000000..23ef97f6 --- /dev/null +++ b/roles/sys-ctl-alm-telegram/tasks/main.yml @@ -0,0 +1,4 @@ +- block: + - include_tasks: 01_core.yml + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_alm_telegram is not defined \ No newline at end of file diff --git a/roles/sys-alm-telegram/templates/sys-alm-telegram.sh.j2 b/roles/sys-ctl-alm-telegram/templates/sys-ctl-alm-telegram.sh.j2 similarity index 100% rename from roles/sys-alm-telegram/templates/sys-alm-telegram.sh.j2 rename to roles/sys-ctl-alm-telegram/templates/sys-ctl-alm-telegram.sh.j2 diff --git a/roles/sys-alm-telegram/templates/sys-alm-telegram@.service.j2 b/roles/sys-ctl-alm-telegram/templates/sys-ctl-alm-telegram@.service.j2 similarity index 100% rename from roles/sys-alm-telegram/templates/sys-alm-telegram@.service.j2 rename to roles/sys-ctl-alm-telegram/templates/sys-ctl-alm-telegram@.service.j2 diff --git a/roles/sys-ctl-alm-telegram/vars/main.yml b/roles/sys-ctl-alm-telegram/vars/main.yml new file mode 100644 index 00000000..b747b0ff --- /dev/null +++ b/roles/sys-ctl-alm-telegram/vars/main.yml @@ -0,0 +1,2 @@ +systemd_telegram_folder: /opt/ansible-roles/sys-ctl-alm-telegram/ +systemd_telegram_script: '{{systemd_telegram_folder}}sys-ctl-alm-telegram.sh' diff --git a/roles/sys-bkp-docker-2-loc/README.md b/roles/sys-ctl-bkp-docker-2-loc/README.md similarity index 91% rename from roles/sys-bkp-docker-2-loc/README.md rename to roles/sys-ctl-bkp-docker-2-loc/README.md index db745de6..b46f6c77 100644 --- a/roles/sys-bkp-docker-2-loc/README.md +++ b/roles/sys-ctl-bkp-docker-2-loc/README.md @@ -7,8 +7,8 @@ This Ansible role automates the process of backing up Docker volumes to a local ## Overview Optimized for Archlinux, this role ensures that Docker volume backups are performed reliably with minimal manual intervention. It integrates with several dependent roles to verify backup success and manage related tasks, including: -- [sys-bkp-directory-validator](../sys-bkp-directory-validator/) – Validates backup directories. -- [sys-cln-faild-bkps](../sys-cln-faild-bkps/) – Cleans up unsuccessful backup attempts. +- [sys-svc-directory-validator](../sys-svc-directory-validator/) – Validates backup directories. +- [sys-ctl-cln-faild-bkps](../sys-ctl-cln-faild-bkps/) – Cleans up unsuccessful backup attempts. - [sys-timer](../sys-timer/) – Schedules recurring backup tasks. - [sys-bkp-provider](../sys-bkp-provider/) – Manages backup sources. - [sys-lock](../sys-lock/) – Ensures coordinated maintenance operations. diff --git a/roles/sys-bkp-docker-2-loc/Todo.md b/roles/sys-ctl-bkp-docker-2-loc/Todo.md similarity index 100% rename from roles/sys-bkp-docker-2-loc/Todo.md rename to roles/sys-ctl-bkp-docker-2-loc/Todo.md diff --git a/roles/sys-bkp-docker-2-loc/__init__.py b/roles/sys-ctl-bkp-docker-2-loc/__init__.py similarity index 100% rename from roles/sys-bkp-docker-2-loc/__init__.py rename to roles/sys-ctl-bkp-docker-2-loc/__init__.py diff --git a/roles/sys-bkp-docker-2-loc/filter_plugins/__init__.py b/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/__init__.py similarity index 100% rename from roles/sys-bkp-docker-2-loc/filter_plugins/__init__.py rename to roles/sys-ctl-bkp-docker-2-loc/filter_plugins/__init__.py diff --git a/roles/sys-bkp-docker-2-loc/filter_plugins/dict_to_cli_args.py b/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/dict_to_cli_args.py similarity index 100% rename from roles/sys-bkp-docker-2-loc/filter_plugins/dict_to_cli_args.py rename to roles/sys-ctl-bkp-docker-2-loc/filter_plugins/dict_to_cli_args.py diff --git a/roles/sys-bkp-docker-2-loc/filter_plugins/find_dock_val_by_bkp_entr.py b/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/find_dock_val_by_bkp_entr.py similarity index 100% rename from roles/sys-bkp-docker-2-loc/filter_plugins/find_dock_val_by_bkp_entr.py rename to roles/sys-ctl-bkp-docker-2-loc/filter_plugins/find_dock_val_by_bkp_entr.py diff --git a/roles/sys-bkp-docker-2-loc/handlers/main.yml b/roles/sys-ctl-bkp-docker-2-loc/handlers/main.yml similarity index 100% rename from roles/sys-bkp-docker-2-loc/handlers/main.yml rename to roles/sys-ctl-bkp-docker-2-loc/handlers/main.yml diff --git a/roles/sys-bkp-docker-2-loc/meta/main.yml b/roles/sys-ctl-bkp-docker-2-loc/meta/main.yml similarity index 96% rename from roles/sys-bkp-docker-2-loc/meta/main.yml rename to roles/sys-ctl-bkp-docker-2-loc/meta/main.yml index 39577333..a66988d6 100644 --- a/roles/sys-bkp-docker-2-loc/meta/main.yml +++ b/roles/sys-ctl-bkp-docker-2-loc/meta/main.yml @@ -22,4 +22,4 @@ galaxy_info: issue_tracker_url: "https://s.infinito.nexus/issues" documentation: "https://docs.infinito.nexus" dependencies: -- sys-cln-faild-bkps +- sys-ctl-cln-faild-bkps diff --git a/roles/sys-bkp-docker-2-loc/tasks/01_core.yml b/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml similarity index 89% rename from roles/sys-bkp-docker-2-loc/tasks/01_core.yml rename to roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml index 16ed264d..8fa7eef6 100644 --- a/roles/sys-bkp-docker-2-loc/tasks/01_core.yml +++ b/roles/sys-ctl-bkp-docker-2-loc/tasks/01_core.yml @@ -3,9 +3,9 @@ name: '{{ item }}' loop: - sys-bkp-provider - - sys-alm-compose + - sys-ctl-alm-compose - sys-lock - - sys-bkp-directory-validator + - sys-svc-directory-validator - include_tasks: 02_pkgmgr_routines.yml when: backup_docker_to_local_folder is not defined @@ -34,4 +34,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_backup_docker_to_local}}" + on_calendar: "{{SYS_SCHEDULE_BACKUP_DOCKER_TO_LOCAL}}" diff --git a/roles/sys-bkp-docker-2-loc/tasks/02_pkgmgr_routines.yml b/roles/sys-ctl-bkp-docker-2-loc/tasks/02_pkgmgr_routines.yml similarity index 100% rename from roles/sys-bkp-docker-2-loc/tasks/02_pkgmgr_routines.yml rename to roles/sys-ctl-bkp-docker-2-loc/tasks/02_pkgmgr_routines.yml diff --git a/roles/sys-bkp-docker-2-loc/tasks/03_reset.yml b/roles/sys-ctl-bkp-docker-2-loc/tasks/03_reset.yml similarity index 100% rename from roles/sys-bkp-docker-2-loc/tasks/03_reset.yml rename to roles/sys-ctl-bkp-docker-2-loc/tasks/03_reset.yml diff --git a/roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml b/roles/sys-ctl-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml similarity index 90% rename from roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml rename to roles/sys-ctl-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml index 70aac456..bbb9569e 100644 --- a/roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml +++ b/roles/sys-ctl-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml @@ -57,12 +57,12 @@ database_name is defined and database_username is defined and database_password is defined) and - run_once_sys_bkp_docker_2_loc_file_permission is not defined + run_once_sys_ctl_bkp_docker_2_loc_file_permission is not defined register: file_permission_result async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}" poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}" - name: run the backup_docker_to_local_file_permission tasks once set_fact: - run_once_sys_bkp_docker_2_loc_file_permission: true - when: run_once_sys_bkp_docker_2_loc_file_permission is not defined and file_permission_result is defined and file_permission_result.changed \ No newline at end of file + run_once_sys_ctl_bkp_docker_2_loc_file_permission: true + when: run_once_sys_ctl_bkp_docker_2_loc_file_permission is not defined and file_permission_result is defined and file_permission_result.changed \ No newline at end of file diff --git a/roles/sys-bkp-docker-2-loc/tasks/main.yml b/roles/sys-ctl-bkp-docker-2-loc/tasks/main.yml similarity index 81% rename from roles/sys-bkp-docker-2-loc/tasks/main.yml rename to roles/sys-ctl-bkp-docker-2-loc/tasks/main.yml index 53ce0609..71f1f771 100644 --- a/roles/sys-bkp-docker-2-loc/tasks/main.yml +++ b/roles/sys-ctl-bkp-docker-2-loc/tasks/main.yml @@ -2,7 +2,7 @@ - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml when: - - run_once_sys_bkp_docker_2_loc is not defined + - run_once_sys_ctl_bkp_docker_2_loc is not defined - name: "include 04_seed-database-to-backup.yml" include_tasks: 04_seed-database-to-backup.yml diff --git a/roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc-everything.service.j2 b/roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc-everything.service.j2 new file mode 100644 index 00000000..6d678c07 --- /dev/null +++ b/roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc-everything.service.j2 @@ -0,0 +1,9 @@ +[Unit] +Description=backup all docker volumes to local folder +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} + +[Service] +Type=oneshot +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{ SYS_SERVICE_GROUP_BACKUPS | reject('equalto', role_name ) | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' +ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }} --everything' +ExecStartPost=/bin/sh -c '/bin/systemctl start sys-ctl-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} &' \ No newline at end of file diff --git a/roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc.service.j2 b/roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc.service.j2 new file mode 100644 index 00000000..bc606ec8 --- /dev/null +++ b/roles/sys-ctl-bkp-docker-2-loc/templates/sys-ctl-bkp-docker-2-loc.service.j2 @@ -0,0 +1,9 @@ +[Unit] +Description=backup docker volumes to local folder +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} + +[Service] +Type=oneshot +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{ SYS_SERVICE_GROUP_BACKUPS | reject('equalto', role_name ~ '-everything') | join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' +ExecStart=/bin/sh -c '{{ BKP_DOCKER_2_LOC_EXEC }}' +ExecStartPost=/bin/sh -c '/bin/systemctl start sys-ctl-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} &' \ No newline at end of file diff --git a/roles/sys-bkp-docker-2-loc/vars/main.yml b/roles/sys-ctl-bkp-docker-2-loc/vars/main.yml similarity index 100% rename from roles/sys-bkp-docker-2-loc/vars/main.yml rename to roles/sys-ctl-bkp-docker-2-loc/vars/main.yml diff --git a/roles/sys-cln-anon-volumes/README.md b/roles/sys-ctl-cln-anon-volumes/README.md similarity index 100% rename from roles/sys-cln-anon-volumes/README.md rename to roles/sys-ctl-cln-anon-volumes/README.md diff --git a/roles/sys-cln-anon-volumes/meta/main.yml b/roles/sys-ctl-cln-anon-volumes/meta/main.yml similarity index 100% rename from roles/sys-cln-anon-volumes/meta/main.yml rename to roles/sys-ctl-cln-anon-volumes/meta/main.yml diff --git a/roles/sys-cln-anon-volumes/tasks/main.yml b/roles/sys-ctl-cln-anon-volumes/tasks/main.yml similarity index 68% rename from roles/sys-cln-anon-volumes/tasks/main.yml rename to roles/sys-ctl-cln-anon-volumes/tasks/main.yml index 0ae26b08..b3d5adeb 100644 --- a/roles/sys-cln-anon-volumes/tasks/main.yml +++ b/roles/sys-ctl-cln-anon-volumes/tasks/main.yml @@ -9,19 +9,19 @@ vars: package_name: dockreap when: - - run_once_sys_cln_anon_volumes is not defined + - run_once_sys_ctl_cln_anon_volumes is not defined - docker_bin.stat.exists - name: run dockreap with --no-confirmation command: cmd: "dockreap --no-confirmation" when: - - run_once_sys_cln_anon_volumes is not defined + - run_once_sys_ctl_cln_anon_volumes is not defined - docker_bin.stat.exists - name: mark dockreap as run set_fact: - run_once_sys_cln_anon_volumes: true + run_once_sys_ctl_cln_anon_volumes: true when: - - run_once_sys_cln_anon_volumes is not defined + - run_once_sys_ctl_cln_anon_volumes is not defined - docker_bin.stat.exists diff --git a/roles/sys-cln-anon-volumes/vars/main.yml b/roles/sys-ctl-cln-anon-volumes/vars/main.yml similarity index 100% rename from roles/sys-cln-anon-volumes/vars/main.yml rename to roles/sys-ctl-cln-anon-volumes/vars/main.yml diff --git a/roles/sys-cln-bkps-service/README.md b/roles/sys-ctl-cln-bkps/README.md similarity index 94% rename from roles/sys-cln-bkps-service/README.md rename to roles/sys-ctl-cln-bkps/README.md index e5755f9f..93eedcf4 100644 --- a/roles/sys-cln-bkps-service/README.md +++ b/roles/sys-ctl-cln-bkps/README.md @@ -10,7 +10,7 @@ Optimized for effective disk space management, this role: - Installs required packages (e.g. [lsof](https://en.wikipedia.org/wiki/Lsof) and [psutil](https://pypi.org/project/psutil/)) using pacman. - Creates a directory for storing cleanup scripts. - Deploys a Python script that deletes old backup directories when disk usage is too high. -- Configures a systemd service to run the cleanup script, with notifications via [sys-alm-compose](../sys-alm-compose/README.md). +- Configures a systemd service to run the cleanup script, with notifications via [sys-ctl-alm-compose](../sys-ctl-alm-compose/README.md). ## Purpose diff --git a/roles/sys-cln-bkps-service/files/sys-cln-backups.py b/roles/sys-ctl-cln-bkps/files/sys-ctl-cln-backups.py similarity index 100% rename from roles/sys-cln-bkps-service/files/sys-cln-backups.py rename to roles/sys-ctl-cln-bkps/files/sys-ctl-cln-backups.py diff --git a/roles/sys-ctl-cln-bkps/handlers/main.yml b/roles/sys-ctl-cln-bkps/handlers/main.yml new file mode 100644 index 00000000..7a507aca --- /dev/null +++ b/roles/sys-ctl-cln-bkps/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-cln-backups service" + systemd: + name: sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes diff --git a/roles/sys-cln-bkps-service/meta/main.yml b/roles/sys-ctl-cln-bkps/meta/main.yml similarity index 100% rename from roles/sys-cln-bkps-service/meta/main.yml rename to roles/sys-ctl-cln-bkps/meta/main.yml diff --git a/roles/sys-cln-bkps-service/tasks/01_core.yml b/roles/sys-ctl-cln-bkps/tasks/01_core.yml similarity index 51% rename from roles/sys-cln-bkps-service/tasks/01_core.yml rename to roles/sys-ctl-cln-bkps/tasks/01_core.yml index 3c735cac..dbd1dc46 100644 --- a/roles/sys-cln-bkps-service/tasks/01_core.yml +++ b/roles/sys-ctl-cln-bkps/tasks/01_core.yml @@ -3,7 +3,7 @@ name: '{{ item }}' loop: - dev-python-pip - - sys-alm-compose + - sys-ctl-alm-compose - sys-lock - sys-rst-daemon @@ -20,13 +20,13 @@ state: directory mode: "0755" -- name: create sys-cln-backups.py +- name: create sys-ctl-cln-backups.py copy: - src: "sys-cln-backups.py" - dest: "{{cleanup_backups_directory}}sys-cln-backups.py" + src: "sys-ctl-cln-backups.py" + dest: "{{cleanup_backups_directory}}sys-ctl-cln-backups.py" -- name: create sys-cln-backups{{ SYS_SERVICE_SUFFIX }} +- name: create sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }} template: - src: "sys-cln-backups.service.j2" - dest: "/etc/systemd/system/sys-cln-backups{{ SYS_SERVICE_SUFFIX }}" - notify: reload sys-cln-backups service + src: "sys-ctl-cln-backups.service.j2" + dest: "/etc/systemd/system/sys-ctl-cln-backups{{ SYS_SERVICE_SUFFIX }}" + notify: reload sys-ctl-cln-backups service diff --git a/roles/sys-cln-faild-bkps/tasks/main.yml b/roles/sys-ctl-cln-bkps/tasks/main.yml similarity index 62% rename from roles/sys-cln-faild-bkps/tasks/main.yml rename to roles/sys-ctl-cln-bkps/tasks/main.yml index 104f51e8..5e38c7a2 100644 --- a/roles/sys-cln-faild-bkps/tasks/main.yml +++ b/roles/sys-ctl-cln-bkps/tasks/main.yml @@ -1,4 +1,5 @@ - block: - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml - when: run_once_sys_cln_faild_bkps is not defined \ No newline at end of file + when: run_once_sys_ctl_cln_bkps is not defined + diff --git a/roles/sys-ctl-cln-bkps/templates/sys-ctl-cln-backups.service.j2 b/roles/sys-ctl-cln-bkps/templates/sys-ctl-cln-backups.service.j2 new file mode 100644 index 00000000..b65f1b56 --- /dev/null +++ b/roles/sys-ctl-cln-bkps/templates/sys-ctl-cln-backups.service.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=delete old backups +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{SYS_SERVICE_GROUP_CLEANUP| join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' +ExecStart=/bin/sh -c '/usr/bin/python {{cleanup_backups_directory}}sys-ctl-cln-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}}' \ No newline at end of file diff --git a/roles/sys-cln-bkps-service/vars/main.yml b/roles/sys-ctl-cln-bkps/vars/main.yml similarity index 78% rename from roles/sys-cln-bkps-service/vars/main.yml rename to roles/sys-ctl-cln-bkps/vars/main.yml index b811adac..771293cb 100644 --- a/roles/sys-cln-bkps-service/vars/main.yml +++ b/roles/sys-ctl-cln-bkps/vars/main.yml @@ -1,2 +1,2 @@ -cleanup_backups_directory: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-cln-backups/' +cleanup_backups_directory: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-cln-backups/' diff --git a/roles/sys-cln-certs/README.md b/roles/sys-ctl-cln-certs/README.md similarity index 75% rename from roles/sys-cln-certs/README.md rename to roles/sys-ctl-cln-certs/README.md index bb8506b8..86cc5db7 100644 --- a/roles/sys-cln-certs/README.md +++ b/roles/sys-ctl-cln-certs/README.md @@ -7,10 +7,10 @@ This Ansible role automates the detection, revocation and deletion of unused Let ## Overview - Installs the `certreap` cleanup tool using the `pkgmgr-install` role -- Deploys and configures a `sys-cln-certs{{ SYS_SERVICE_SUFFIX }}` systemd unit +- Deploys and configures a `sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }}` systemd unit - (Optionally) Sets up a recurring cleanup via a systemd timer using the `sys-timer` role -- Integrates with `sys-alm-compose` to send failure notifications -- Ensures idempotent execution with a `run_once_sys_cln_certs` flag +- Integrates with `sys-ctl-alm-compose` to send failure notifications +- Ensures idempotent execution with a `run_once_sys_ctl_cln_certs` flag ## Features @@ -18,16 +18,16 @@ This Ansible role automates the detection, revocation and deletion of unused Let Uses `pkgmgr-install` to install the `certreap` binary. - **Systemd Service Configuration** - Deploys `sys-cln-certs{{ SYS_SERVICE_SUFFIX }}` and reloads/restarts it on changes. + Deploys `sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }}` and reloads/restarts it on changes. - **Systemd Timer Scheduling** Optionally wires in a timer via the `sys-timer` role, controlled by the `on_calendar_cleanup_certs` variable. - **Smart Execution Logic** - Prevents multiple runs in one play by setting a `run_once_sys_cln_certs` fact. + Prevents multiple runs in one play by setting a `run_once_sys_ctl_cln_certs` fact. - **Failure Notification** - Triggers `sys-alm-compose.infinito@sys-cln-certs{{ SYS_SERVICE_SUFFIX }}` on failure. + Triggers `sys-ctl-alm-compose.infinito@sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }}` on failure. ## Further Resources diff --git a/roles/sys-ctl-cln-certs/handlers/main.yml b/roles/sys-ctl-cln-certs/handlers/main.yml new file mode 100644 index 00000000..c9618058 --- /dev/null +++ b/roles/sys-ctl-cln-certs/handlers/main.yml @@ -0,0 +1,6 @@ +- name: "Reload and restart sys-ctl-cln-certs service" + systemd: + name: sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes + state: restarted \ No newline at end of file diff --git a/roles/sys-cln-certs/meta/main.yml b/roles/sys-ctl-cln-certs/meta/main.yml similarity index 100% rename from roles/sys-cln-certs/meta/main.yml rename to roles/sys-ctl-cln-certs/meta/main.yml diff --git a/roles/sys-cln-certs/tasks/01_core.yml b/roles/sys-ctl-cln-certs/tasks/01_core.yml similarity index 57% rename from roles/sys-cln-certs/tasks/01_core.yml rename to roles/sys-ctl-cln-certs/tasks/01_core.yml index f0f1eb6b..208d3b37 100644 --- a/roles/sys-cln-certs/tasks/01_core.yml +++ b/roles/sys-ctl-cln-certs/tasks/01_core.yml @@ -2,7 +2,7 @@ include_role: name: '{{ item }}' loop: - - sys-alm-compose + - sys-ctl-alm-compose - sys-rst-daemon - name: "pkgmgr install" @@ -11,11 +11,11 @@ vars: package_name: certreap -- name: configure sys-cln-certs{{ SYS_SERVICE_SUFFIX }} +- name: configure sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }} template: - src: sys-cln-certs.service.j2 - dest: /etc/systemd/system/sys-cln-certs{{ SYS_SERVICE_SUFFIX }} - notify: Reload and restart sys-cln-certs service + src: sys-ctl-cln-certs.service.j2 + dest: /etc/systemd/system/sys-ctl-cln-certs{{ SYS_SERVICE_SUFFIX }} + notify: Reload and restart sys-ctl-cln-certs service - name: "set 'service_name' to '{{ role_name }}'" set_fact: @@ -25,4 +25,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{ on_calendar_cleanup_certs }}" + on_calendar: "{{ SYS_SCHEDULE_CLEANUP_CERTS }}" diff --git a/roles/sys-alm-telegram/tasks/main.yml b/roles/sys-ctl-cln-certs/tasks/main.yml similarity index 62% rename from roles/sys-alm-telegram/tasks/main.yml rename to roles/sys-ctl-cln-certs/tasks/main.yml index 56f5d2fb..3d277260 100644 --- a/roles/sys-alm-telegram/tasks/main.yml +++ b/roles/sys-ctl-cln-certs/tasks/main.yml @@ -1,4 +1,4 @@ - block: - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml - when: run_once_sys_alm_telegram is not defined \ No newline at end of file + when: run_once_sys_ctl_cln_certs is not defined \ No newline at end of file diff --git a/roles/sys-cln-certs/templates/sys-cln-certs.service.j2 b/roles/sys-ctl-cln-certs/templates/sys-ctl-cln-certs.service.j2 similarity index 75% rename from roles/sys-cln-certs/templates/sys-cln-certs.service.j2 rename to roles/sys-ctl-cln-certs/templates/sys-ctl-cln-certs.service.j2 index 34629a8c..0beb615e 100644 --- a/roles/sys-cln-certs/templates/sys-cln-certs.service.j2 +++ b/roles/sys-ctl-cln-certs/templates/sys-ctl-cln-certs.service.j2 @@ -1,6 +1,6 @@ [Unit] Description=Detect, revoke, and delete unused Let's Encrypt certificates based on active NGINX configuration files. -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot diff --git a/roles/sys-cln-disc-space/README.md b/roles/sys-ctl-cln-disc-space/README.md similarity index 100% rename from roles/sys-cln-disc-space/README.md rename to roles/sys-ctl-cln-disc-space/README.md diff --git a/roles/sys-ctl-cln-disc-space/handlers/main.yml b/roles/sys-ctl-cln-disc-space/handlers/main.yml new file mode 100644 index 00000000..24426db8 --- /dev/null +++ b/roles/sys-ctl-cln-disc-space/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-cln-disc-space service" + systemd: + name: sys-ctl-cln-disc-space{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes diff --git a/roles/sys-cln-disc-space/meta/main.yml b/roles/sys-ctl-cln-disc-space/meta/main.yml similarity index 100% rename from roles/sys-cln-disc-space/meta/main.yml rename to roles/sys-ctl-cln-disc-space/meta/main.yml diff --git a/roles/sys-cln-disc-space/tasks/main.yml b/roles/sys-ctl-cln-disc-space/tasks/main.yml similarity index 51% rename from roles/sys-cln-disc-space/tasks/main.yml rename to roles/sys-ctl-cln-disc-space/tasks/main.yml index f1443a8b..ac1d5f72 100644 --- a/roles/sys-cln-disc-space/tasks/main.yml +++ b/roles/sys-ctl-cln-disc-space/tasks/main.yml @@ -3,11 +3,11 @@ include_role: name: '{{ item }}' loop: - - sys-alm-compose + - sys-ctl-alm-compose - sys-lock - sys-rst-daemon - include_tasks: utils/run_once.yml - when: run_once_sys_cln_disc_space is not defined + when: run_once_sys_ctl_cln_disc_space is not defined - name: "create {{cleanup_disc_space_folder}}" file: @@ -15,16 +15,16 @@ state: directory mode: "0755" -- name: create sys-cln-disc-space.sh +- name: create sys-ctl-cln-disc-space.sh template: - src: sys-cln-disc-space.sh.j2 - dest: "{{cleanup_disc_space_folder}}sys-cln-disc-space.sh" + src: sys-ctl-cln-disc-space.sh.j2 + dest: "{{cleanup_disc_space_folder}}sys-ctl-cln-disc-space.sh" -- name: create sys-cln-disc-space{{ SYS_SERVICE_SUFFIX }} +- name: create sys-ctl-cln-disc-space{{ SYS_SERVICE_SUFFIX }} template: - src: sys-cln-disc-space.service.j2 - dest: /etc/systemd/system/sys-cln-disc-space{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-cln-disc-space service + src: sys-ctl-cln-disc-space.service.j2 + dest: /etc/systemd/system/sys-ctl-cln-disc-space{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-cln-disc-space service - name: "set 'service_name' to '{{ role_name }}'" set_fact: @@ -34,4 +34,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_cleanup_disc_space}}" + on_calendar: "{{SYS_SCHEDULE_CLEANUP_DISC_SPACE}}" diff --git a/roles/sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.service.j2 b/roles/sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.service.j2 new file mode 100644 index 00000000..2ebc1ef3 --- /dev/null +++ b/roles/sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.service.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=freeing disc space +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{SYS_SERVICE_GROUP_CLEANUP| join(' ') }} --timeout "{{ SYS_TIMEOUT_BACKUP_SERVICES }}"' +ExecStart=/bin/sh -c '/bin/bash {{cleanup_disc_space_folder}}sys-ctl-cln-disc-space.sh {{size_percent_cleanup_disc_space}}' \ No newline at end of file diff --git a/roles/sys-cln-disc-space/templates/sys-cln-disc-space.sh.j2 b/roles/sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.sh.j2 similarity index 90% rename from roles/sys-cln-disc-space/templates/sys-cln-disc-space.sh.j2 rename to roles/sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.sh.j2 index 1e607bda..ce255193 100644 --- a/roles/sys-cln-disc-space/templates/sys-cln-disc-space.sh.j2 +++ b/roles/sys-ctl-cln-disc-space/templates/sys-ctl-cln-disc-space.sh.j2 @@ -24,7 +24,7 @@ if [ "$force_freeing" = true ]; then {% if backups_folder_path is defined and size_percent_maximum_backup is defined %} echo "cleaning up backups" && - python {{ PATH_ADMINISTRATOR_SCRIPTS }}sys-cln-backups/sys-cln-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}} || exit 2 + python {{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-cln-backups/sys-ctl-cln-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}} || exit 2 {% endif %} if pacman -Qs $package > /dev/null ; then diff --git a/roles/sys-cln-disc-space/vars/main.yml b/roles/sys-ctl-cln-disc-space/vars/main.yml similarity index 75% rename from roles/sys-cln-disc-space/vars/main.yml rename to roles/sys-ctl-cln-disc-space/vars/main.yml index 29b4c061..26f27e49 100644 --- a/roles/sys-cln-disc-space/vars/main.yml +++ b/roles/sys-ctl-cln-disc-space/vars/main.yml @@ -1 +1 @@ -cleanup_disc_space_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-cln-disc-space/' +cleanup_disc_space_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-cln-disc-space/' diff --git a/roles/sys-cln-domains/README.md b/roles/sys-ctl-cln-domains/README.md similarity index 97% rename from roles/sys-cln-domains/README.md rename to roles/sys-ctl-cln-domains/README.md index 1acfc7c4..33793ce8 100644 --- a/roles/sys-cln-domains/README.md +++ b/roles/sys-ctl-cln-domains/README.md @@ -1,4 +1,4 @@ -# sys-cln-domains +# sys-ctl-cln-domains ## Description diff --git a/roles/sys-cln-domains/meta/main.yml b/roles/sys-ctl-cln-domains/meta/main.yml similarity index 100% rename from roles/sys-cln-domains/meta/main.yml rename to roles/sys-ctl-cln-domains/meta/main.yml diff --git a/roles/sys-cln-domains/tasks/main.yml b/roles/sys-ctl-cln-domains/tasks/main.yml similarity index 90% rename from roles/sys-cln-domains/tasks/main.yml rename to roles/sys-ctl-cln-domains/tasks/main.yml index aaee95e0..b53cefc1 100644 --- a/roles/sys-cln-domains/tasks/main.yml +++ b/roles/sys-ctl-cln-domains/tasks/main.yml @@ -26,7 +26,7 @@ # label: "{{ item }}" # when: # - MODE_CLEANUP | bool -# - run_once_sys_cln_domains is not defined +# - run_once_sys_ctl_cln_domains is not defined # register: certbot_revoke_result # failed_when: > # certbot_revoke_result.rc != 0 and @@ -44,7 +44,7 @@ # label: "{{ item }}" # when: # - MODE_CLEANUP | bool -# - run_once_sys_cln_domains is not defined +# - run_once_sys_ctl_cln_domains is not defined # register: certbot_delete_result # failed_when: > # certbot_delete_result.rc != 0 and @@ -52,4 +52,4 @@ # changed_when: > # certbot_delete_result.rc == 0 - include_tasks: utils/run_once.yml - when: run_once_sys_cln_domains is not defined + when: run_once_sys_ctl_cln_domains is not defined diff --git a/roles/sys-cln-domains/tasks/remove_deprecated_nginx_configs.yml b/roles/sys-ctl-cln-domains/tasks/remove_deprecated_nginx_configs.yml similarity index 100% rename from roles/sys-cln-domains/tasks/remove_deprecated_nginx_configs.yml rename to roles/sys-ctl-cln-domains/tasks/remove_deprecated_nginx_configs.yml diff --git a/roles/sys-cln-domains/vars/main.yml b/roles/sys-ctl-cln-domains/vars/main.yml similarity index 100% rename from roles/sys-cln-domains/vars/main.yml rename to roles/sys-ctl-cln-domains/vars/main.yml diff --git a/roles/sys-cln-faild-bkps/README.md b/roles/sys-ctl-cln-faild-bkps/README.md similarity index 65% rename from roles/sys-cln-faild-bkps/README.md rename to roles/sys-ctl-cln-faild-bkps/README.md index 0393cac5..174d76fc 100644 --- a/roles/sys-cln-faild-bkps/README.md +++ b/roles/sys-ctl-cln-faild-bkps/README.md @@ -2,15 +2,15 @@ ## Description -This role cleans up failed Docker backups by pulling a [Git repository](https://github.com/kevinveenbirkenbach/sys-cln-faild-bkps) that contains cleanup scripts and configuring a systemd service to execute them. It ensures that failed or incomplete backups are removed to free up disk space and maintain a healthy backup environment. +This role cleans up failed Docker backups by pulling a [Git repository](https://github.com/kevinveenbirkenbach/sys-ctl-cln-faild-bkps) that contains cleanup scripts and configuring a systemd service to execute them. It ensures that failed or incomplete backups are removed to free up disk space and maintain a healthy backup environment. ## Overview Optimized for backup maintenance, this role: -- Clones the sys-cln-faild-bkps repository. +- Clones the sys-ctl-cln-faild-bkps repository. - Configures a systemd service to run the cleanup script. - Integrates with the [sys-timer](../sys-timer/README.md) role to schedule periodic cleanup. -- Works in conjunction with the sys-bkp-directory-validator role for additional verification. +- Works in conjunction with the sys-svc-directory-validator role for additional verification. ## Purpose @@ -21,4 +21,4 @@ The primary purpose of this role is to remove failed Docker backups automaticall - **Repository Cloning:** Retrieves the latest cleanup scripts from a Git repository. - **Service Configuration:** Sets up a systemd service to run the cleanup tasks. - **Timer Integration:** Schedules periodic cleanup through a systemd timer. -- **Dependency Integration:** Works with sys-bkp-directory-validator to enhance backup integrity. \ No newline at end of file +- **Dependency Integration:** Works with sys-svc-directory-validator to enhance backup integrity. \ No newline at end of file diff --git a/roles/sys-ctl-cln-faild-bkps/handlers/main.yml b/roles/sys-ctl-cln-faild-bkps/handlers/main.yml new file mode 100644 index 00000000..758c797f --- /dev/null +++ b/roles/sys-ctl-cln-faild-bkps/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "Reload sys-ctl-cln-faild-bkps service" + systemd: + name: sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-cln-faild-bkps/meta/main.yml b/roles/sys-ctl-cln-faild-bkps/meta/main.yml similarity index 100% rename from roles/sys-cln-faild-bkps/meta/main.yml rename to roles/sys-ctl-cln-faild-bkps/meta/main.yml diff --git a/roles/sys-cln-faild-bkps/tasks/01_core.yml b/roles/sys-ctl-cln-faild-bkps/tasks/01_core.yml similarity index 70% rename from roles/sys-cln-faild-bkps/tasks/01_core.yml rename to roles/sys-ctl-cln-faild-bkps/tasks/01_core.yml index 5244cd68..70b0ea89 100644 --- a/roles/sys-cln-faild-bkps/tasks/01_core.yml +++ b/roles/sys-ctl-cln-faild-bkps/tasks/01_core.yml @@ -2,9 +2,9 @@ include_role: name: '{{ item }}' loop: - - sys-alm-compose + - sys-ctl-alm-compose - sys-lock - - sys-bkp-directory-validator + - sys-svc-directory-validator - sys-rst-daemon - name: "pkgmgr install" @@ -23,11 +23,11 @@ backup_docker_to_local_cleanup_script: "{{ pkgmgr_output.stdout.rstrip('/') ~ '/cleanup-all.sh' }}" changed_when: false -- name: configure sys-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} +- name: configure sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} template: - src: sys-cln-faild-bkps.service.j2 - dest: /etc/systemd/system/sys-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} - notify: Reload sys-cln-faild-bkps service + src: sys-ctl-cln-faild-bkps.service.j2 + dest: /etc/systemd/system/sys-ctl-cln-faild-bkps{{ SYS_SERVICE_SUFFIX }} + notify: Reload sys-ctl-cln-faild-bkps service - name: "set 'service_name' to '{{ role_name }}'" set_fact: @@ -37,4 +37,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_cleanup_failed_docker}}" + on_calendar: "{{SYS_SCHEDULE_CLEANUP_FAILED_BACKUPS}}" diff --git a/roles/srv-web-6-6-tls-renew/tasks/main.yml b/roles/sys-ctl-cln-faild-bkps/tasks/main.yml similarity index 60% rename from roles/srv-web-6-6-tls-renew/tasks/main.yml rename to roles/sys-ctl-cln-faild-bkps/tasks/main.yml index f42e9099..d2e94209 100644 --- a/roles/srv-web-6-6-tls-renew/tasks/main.yml +++ b/roles/sys-ctl-cln-faild-bkps/tasks/main.yml @@ -1,4 +1,4 @@ - block: - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml - when: run_once_srv_web_6_6_tls_renew is not defined + when: run_once_sys_ctl_cln_faild_bkps is not defined \ No newline at end of file diff --git a/roles/sys-cln-faild-bkps/templates/sys-cln-faild-bkps.service.j2 b/roles/sys-ctl-cln-faild-bkps/templates/sys-ctl-cln-faild-bkps.service.j2 similarity index 50% rename from roles/sys-cln-faild-bkps/templates/sys-cln-faild-bkps.service.j2 rename to roles/sys-ctl-cln-faild-bkps/templates/sys-ctl-cln-faild-bkps.service.j2 index 7d8a165b..5bc91713 100644 --- a/roles/sys-cln-faild-bkps/templates/sys-cln-faild-bkps.service.j2 +++ b/roles/sys-ctl-cln-faild-bkps/templates/sys-ctl-cln-faild-bkps.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Cleaning up failed docker volume backups -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{system_maintenance_lock_timeout_cleanup_services}}"' +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{SYS_SERVICE_GROUP_CLEANUP| join(' ') }} --timeout "{{SYS_TIMEOUT_CLEANUP_SERVICES}}"' ExecStart=/bin/sh -c '/usr/bin/yes | /usr/bin/bash {{backup_docker_to_local_cleanup_script}}' \ No newline at end of file diff --git a/roles/sys-cln-faild-bkps/vars/main.yml b/roles/sys-ctl-cln-faild-bkps/vars/main.yml similarity index 100% rename from roles/sys-cln-faild-bkps/vars/main.yml rename to roles/sys-ctl-cln-faild-bkps/vars/main.yml diff --git a/roles/sys-hlth-btrfs/README.md b/roles/sys-ctl-hlth-btrfs/README.md similarity index 69% rename from roles/sys-hlth-btrfs/README.md rename to roles/sys-ctl-hlth-btrfs/README.md index dbcb2f9c..f5c07762 100644 --- a/roles/sys-hlth-btrfs/README.md +++ b/roles/sys-ctl-hlth-btrfs/README.md @@ -1,4 +1,4 @@ -# sys-hlth-btrfs +# sys-ctl-hlth-btrfs ## Description Checks the health of all mounted Btrfs filesystems by inspecting device error counters. @@ -7,10 +7,10 @@ Checks the health of all mounted Btrfs filesystems by inspecting device error co - Iterates over every Btrfs filesystem. - Runs `btrfs device stats` and alerts if any error counters are non-zero. - Hooks into systemd and a timer for regular checks. -- On failure, calls `sys-alm-compose.infinito@…` for notification. +- On failure, calls `sys-ctl-alm-compose.infinito@…` for notification. ## Usage Just include this role in your playbook; it will: -1. Deploy a small shell script under `{{ PATH_ADMINISTRATOR_SCRIPTS }}/sys-hlth-btrfs/`. +1. Deploy a small shell script under `{{ PATH_ADMINISTRATOR_SCRIPTS }}/sys-ctl-hlth-btrfs/`. 2. Install a `.service` and `.timer` unit. -3. Send alerts via `sys-alm-compose` if any filesystem shows errors. +3. Send alerts via `sys-ctl-alm-compose` if any filesystem shows errors. diff --git a/roles/sys-hlth-btrfs/files/sys-hlth-btrfs.sh b/roles/sys-ctl-hlth-btrfs/files/sys-ctl-hlth-btrfs.sh similarity index 100% rename from roles/sys-hlth-btrfs/files/sys-hlth-btrfs.sh rename to roles/sys-ctl-hlth-btrfs/files/sys-ctl-hlth-btrfs.sh diff --git a/roles/sys-ctl-hlth-btrfs/handlers/main.yml b/roles/sys-ctl-hlth-btrfs/handlers/main.yml new file mode 100644 index 00000000..f059564c --- /dev/null +++ b/roles/sys-ctl-hlth-btrfs/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-hlth-btrfs service" + systemd: + name: sys-ctl-hlth-btrfs{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-hlth-btrfs/meta/main.yml b/roles/sys-ctl-hlth-btrfs/meta/main.yml similarity index 100% rename from roles/sys-hlth-btrfs/meta/main.yml rename to roles/sys-ctl-hlth-btrfs/meta/main.yml diff --git a/roles/sys-ctl-hlth-btrfs/tasks/main.yml b/roles/sys-ctl-hlth-btrfs/tasks/main.yml new file mode 100644 index 00000000..108fc6c6 --- /dev/null +++ b/roles/sys-ctl-hlth-btrfs/tasks/main.yml @@ -0,0 +1,36 @@ +- block: + + - name: Include dependency 'sys-ctl-alm-compose' + include_role: + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined + + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_hlth_btrfs is not defined + +- name: "create {{docker_health_btrfs_folder}}" + file: + path: "{{docker_health_btrfs_folder}}" + state: directory + mode: "0755" + +- name: create sys-ctl-hlth-btrfs.sh + copy: + src: sys-ctl-hlth-btrfs.sh + dest: "{{docker_health_btrfs_folder}}sys-ctl-hlth-btrfs.sh" + +- name: create sys-ctl-hlth-btrfs{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-hlth-btrfs.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-btrfs{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-btrfs service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: "include role for sys-timer for {{ service_name }}" + include_role: + name: sys-timer + vars: + on_calendar: "{{SYS_SCHEDULE_HEALTH_BTRFS}}" diff --git a/roles/sys-ctl-hlth-btrfs/templates/sys-ctl-hlth-btrfs.service.j2 b/roles/sys-ctl-hlth-btrfs/templates/sys-ctl-hlth-btrfs.service.j2 new file mode 100644 index 00000000..ee0bfbd2 --- /dev/null +++ b/roles/sys-ctl-hlth-btrfs/templates/sys-ctl-hlth-btrfs.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=Check btrfs status +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStart=/bin/bash {{docker_health_btrfs_folder}}sys-ctl-hlth-btrfs.sh diff --git a/roles/sys-hlth-btrfs/vars/main.yml b/roles/sys-ctl-hlth-btrfs/vars/main.yml similarity index 78% rename from roles/sys-hlth-btrfs/vars/main.yml rename to roles/sys-ctl-hlth-btrfs/vars/main.yml index 869c7980..53b454e1 100644 --- a/roles/sys-hlth-btrfs/vars/main.yml +++ b/roles/sys-ctl-hlth-btrfs/vars/main.yml @@ -1 +1 @@ -docker_health_btrfs_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-btrfs/' +docker_health_btrfs_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-btrfs/' diff --git a/roles/sys-hlth-csp/README.md b/roles/sys-ctl-hlth-csp/README.md similarity index 92% rename from roles/sys-hlth-csp/README.md rename to roles/sys-ctl-hlth-csp/README.md index 037f1f59..6c3cc1dd 100644 --- a/roles/sys-hlth-csp/README.md +++ b/roles/sys-ctl-hlth-csp/README.md @@ -13,7 +13,7 @@ Designed for Archlinux systems, this role periodically checks whether web resour - **CSP Resource Validation:** Uses Puppeteer to simulate browser requests and detect blocked resources. - **Domain Extraction:** Parses all `.conf` files in the NGINX config folder to determine the list of domains to check. - **Automated Execution:** Registers a systemd service and timer for recurring health checks. -- **Error Notification:** Integrates with `sys-alm-compose` for alerting on failure. +- **Error Notification:** Integrates with `sys-ctl-alm-compose` for alerting on failure. ## License diff --git a/roles/sys-hlth-csp/files/sys-hlth-csp.py b/roles/sys-ctl-hlth-csp/files/sys-ctl-hlth-csp.py similarity index 100% rename from roles/sys-hlth-csp/files/sys-hlth-csp.py rename to roles/sys-ctl-hlth-csp/files/sys-ctl-hlth-csp.py diff --git a/roles/sys-hlth-csp/handlers/main.yml b/roles/sys-ctl-hlth-csp/handlers/main.yml similarity index 79% rename from roles/sys-hlth-csp/handlers/main.yml rename to roles/sys-ctl-hlth-csp/handlers/main.yml index c81f432d..9db3dea5 100644 --- a/roles/sys-hlth-csp/handlers/main.yml +++ b/roles/sys-ctl-hlth-csp/handlers/main.yml @@ -1,6 +1,6 @@ -- name: "reload sys-hlth-csp service" +- name: "reload sys-ctl-hlth-csp service" systemd: - name: sys-hlth-csp{{ SYS_SERVICE_SUFFIX }} + name: sys-ctl-hlth-csp{{ SYS_SERVICE_SUFFIX }} enabled: yes daemon_reload: yes async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}" diff --git a/roles/sys-hlth-csp/meta/main.yml b/roles/sys-ctl-hlth-csp/meta/main.yml similarity index 100% rename from roles/sys-hlth-csp/meta/main.yml rename to roles/sys-ctl-hlth-csp/meta/main.yml diff --git a/roles/sys-hlth-csp/tasks/01_core.yml b/roles/sys-ctl-hlth-csp/tasks/01_core.yml similarity index 55% rename from roles/sys-hlth-csp/tasks/01_core.yml rename to roles/sys-ctl-hlth-csp/tasks/01_core.yml index 65cb6606..43b782eb 100644 --- a/roles/sys-hlth-csp/tasks/01_core.yml +++ b/roles/sys-ctl-hlth-csp/tasks/01_core.yml @@ -1,7 +1,7 @@ -- name: Include dependency 'sys-alm-compose' +- name: Include dependency 'sys-ctl-alm-compose' include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined - name: "pkgmgr install" include_role: @@ -16,17 +16,17 @@ state: directory mode: "0755" -- name: copy sys-hlth-csp.py +- name: copy sys-ctl-hlth-csp.py copy: - src: sys-hlth-csp.py + src: sys-ctl-hlth-csp.py dest: "{{ health_csp_crawler_script }}" mode: "0755" -- name: create sys-hlth-csp{{ SYS_SERVICE_SUFFIX }} +- name: create sys-ctl-hlth-csp{{ SYS_SERVICE_SUFFIX }} template: - src: sys-hlth-csp.service.j2 - dest: /etc/systemd/system/sys-hlth-csp{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-csp service + src: sys-ctl-hlth-csp.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-csp{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-csp service - name: set service_name to role_name set_fact: @@ -36,4 +36,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{ on_calendar_health_csp_crawler }}" + on_calendar: "{{ SYS_SCHEDULE_HEALTH_CSP_CRAWLER }}" diff --git a/roles/sys-alm-email/tasks/main.yml b/roles/sys-ctl-hlth-csp/tasks/main.yml similarity index 63% rename from roles/sys-alm-email/tasks/main.yml rename to roles/sys-ctl-hlth-csp/tasks/main.yml index 645661a2..16f8dcde 100644 --- a/roles/sys-alm-email/tasks/main.yml +++ b/roles/sys-ctl-hlth-csp/tasks/main.yml @@ -1,4 +1,4 @@ - block: - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml - when: run_once_sys_alm_email is not defined \ No newline at end of file + when: run_once_sys_ctl_hlth_csp is not defined \ No newline at end of file diff --git a/roles/sys-hlth-csp/templates/sys-hlth-csp.service.j2 b/roles/sys-ctl-hlth-csp/templates/sys-ctl-hlth-csp.service.j2 similarity index 77% rename from roles/sys-hlth-csp/templates/sys-hlth-csp.service.j2 rename to roles/sys-ctl-hlth-csp/templates/sys-ctl-hlth-csp.service.j2 index 24ec51ab..d09005e3 100644 --- a/roles/sys-hlth-csp/templates/sys-hlth-csp.service.j2 +++ b/roles/sys-ctl-hlth-csp/templates/sys-ctl-hlth-csp.service.j2 @@ -1,6 +1,6 @@ [Unit] Description=Check for CSP-blocked resources via Puppeteer -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot diff --git a/roles/sys-ctl-hlth-csp/vars/main.yml b/roles/sys-ctl-hlth-csp/vars/main.yml new file mode 100644 index 00000000..b08a1de2 --- /dev/null +++ b/roles/sys-ctl-hlth-csp/vars/main.yml @@ -0,0 +1,3 @@ +health_csp_crawler_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-csp/' +health_csp_crawler_script: '{{ health_csp_crawler_folder }}sys-ctl-hlth-csp.py' + diff --git a/roles/sys-hlth-disc-space/README.md b/roles/sys-ctl-hlth-disc-space/README.md similarity index 77% rename from roles/sys-hlth-disc-space/README.md rename to roles/sys-ctl-hlth-disc-space/README.md index 84ea0637..d36bf6c0 100644 --- a/roles/sys-hlth-disc-space/README.md +++ b/roles/sys-ctl-hlth-disc-space/README.md @@ -1,4 +1,4 @@ -# sys-hlth-disc-space +# sys-ctl-hlth-disc-space ## Description Monitors disk-space usage and alerts if any filesystem usage exceeds your defined threshold. @@ -6,5 +6,5 @@ Monitors disk-space usage and alerts if any filesystem usage exceeds your define ## Features - Uses `df` to gather current usage. - Compares against `size_percent_disc_space_warning` threshold. -- Sends failure alerts via `sys-alm-compose`. +- Sends failure alerts via `sys-ctl-alm-compose`. - Runs on a configurable systemd timer. diff --git a/roles/sys-hlth-disc-space/files/sys-hlth-disc-space.sh b/roles/sys-ctl-hlth-disc-space/files/sys-ctl-hlth-disc-space.sh similarity index 100% rename from roles/sys-hlth-disc-space/files/sys-hlth-disc-space.sh rename to roles/sys-ctl-hlth-disc-space/files/sys-ctl-hlth-disc-space.sh diff --git a/roles/sys-ctl-hlth-disc-space/handlers/main.yml b/roles/sys-ctl-hlth-disc-space/handlers/main.yml new file mode 100644 index 00000000..2e3ed0cb --- /dev/null +++ b/roles/sys-ctl-hlth-disc-space/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-hlth-disc-space service" + systemd: + name: sys-ctl-hlth-disc-space{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes diff --git a/roles/sys-hlth-disc-space/meta/main.yml b/roles/sys-ctl-hlth-disc-space/meta/main.yml similarity index 100% rename from roles/sys-hlth-disc-space/meta/main.yml rename to roles/sys-ctl-hlth-disc-space/meta/main.yml diff --git a/roles/sys-ctl-hlth-disc-space/tasks/main.yml b/roles/sys-ctl-hlth-disc-space/tasks/main.yml new file mode 100644 index 00000000..1ea06bd5 --- /dev/null +++ b/roles/sys-ctl-hlth-disc-space/tasks/main.yml @@ -0,0 +1,34 @@ +- block: + - name: Include dependency 'sys-ctl-alm-compose' + include_role: + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_hlth_disc_space is not defined + +- name: "create {{health_disc_space_folder}}" + file: + path: "{{health_disc_space_folder}}" + state: directory + mode: "0755" + +- name: create sys-ctl-hlth-disc-space.sh + copy: + src: sys-ctl-hlth-disc-space.sh + dest: "{{health_disc_space_folder}}sys-ctl-hlth-disc-space.sh" + +- name: create sys-ctl-hlth-disc-space{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-hlth-disc-space.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-disc-space{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-disc-space service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: "include role for sys-timer for {{ service_name }}" + include_role: + name: sys-timer + vars: + on_calendar: "{{SYS_SCHEDULE_HEALTH_DISC_SPACE}}" diff --git a/roles/sys-ctl-hlth-disc-space/templates/sys-ctl-hlth-disc-space.service.j2 b/roles/sys-ctl-hlth-disc-space/templates/sys-ctl-hlth-disc-space.service.j2 new file mode 100644 index 00000000..a2e85b7e --- /dev/null +++ b/roles/sys-ctl-hlth-disc-space/templates/sys-ctl-hlth-disc-space.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=checking disc space +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStart=/bin/bash {{health_disc_space_folder}}sys-ctl-hlth-disc-space.sh {{size_percent_disc_space_warning}} diff --git a/roles/sys-ctl-hlth-disc-space/vars/main.yml b/roles/sys-ctl-hlth-disc-space/vars/main.yml new file mode 100644 index 00000000..e5e472ed --- /dev/null +++ b/roles/sys-ctl-hlth-disc-space/vars/main.yml @@ -0,0 +1 @@ +health_disc_space_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-disc-space/' diff --git a/roles/sys-hlth-docker-container/README.md b/roles/sys-ctl-hlth-docker-container/README.md similarity index 87% rename from roles/sys-hlth-docker-container/README.md rename to roles/sys-ctl-hlth-docker-container/README.md index 45ee2c32..decafc26 100644 --- a/roles/sys-hlth-docker-container/README.md +++ b/roles/sys-ctl-hlth-docker-container/README.md @@ -7,7 +7,7 @@ This role monitors the health status of Docker containers on the system. It dete ## Overview The role installs a health check script along with a `systemd` service and timer to run these checks at scheduled intervals. -If unhealthy or failed containers are detected, the configured failure notifier (via `sys-alm-compose`) is triggered. +If unhealthy or failed containers are detected, the configured failure notifier (via `sys-ctl-alm-compose`) is triggered. ## Purpose @@ -17,7 +17,7 @@ The primary purpose of this role is to ensure that Docker-based services remain - **Automated Health Checks:** Detects containers in `unhealthy` state or exited with non-zero exit codes. - **Systemd Integration:** Installs a one-shot service and timer to run health checks on a schedule. -- **Alerting Support:** Works with the [`sys-alm-compose`](../sys-alm-compose/README.md) role for failure notifications. +- **Alerting Support:** Works with the [`sys-ctl-alm-compose`](../sys-ctl-alm-compose/README.md) role for failure notifications. - **Configurable Script Location:** Controlled via the `PATH_ADMINISTRATOR_SCRIPTS` variable. ## Further Resources diff --git a/roles/sys-hlth-docker-container/files/sys-hlth-docker-container.sh b/roles/sys-ctl-hlth-docker-container/files/sys-ctl-hlth-docker-container.sh similarity index 100% rename from roles/sys-hlth-docker-container/files/sys-hlth-docker-container.sh rename to roles/sys-ctl-hlth-docker-container/files/sys-ctl-hlth-docker-container.sh diff --git a/roles/sys-ctl-hlth-docker-container/handlers/main.yml b/roles/sys-ctl-hlth-docker-container/handlers/main.yml new file mode 100644 index 00000000..f61482dc --- /dev/null +++ b/roles/sys-ctl-hlth-docker-container/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-hlth-docker-container service" + systemd: + name: sys-ctl-hlth-docker-container{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes diff --git a/roles/sys-hlth-docker-container/meta/main.yml b/roles/sys-ctl-hlth-docker-container/meta/main.yml similarity index 100% rename from roles/sys-hlth-docker-container/meta/main.yml rename to roles/sys-ctl-hlth-docker-container/meta/main.yml diff --git a/roles/sys-ctl-hlth-docker-container/tasks/01_core.yml b/roles/sys-ctl-hlth-docker-container/tasks/01_core.yml new file mode 100644 index 00000000..b2ea5c55 --- /dev/null +++ b/roles/sys-ctl-hlth-docker-container/tasks/01_core.yml @@ -0,0 +1,31 @@ +- name: Include dependency 'sys-ctl-alm-compose' + include_role: + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined + +- name: "create {{health_docker_container_folder}}" + file: + path: "{{health_docker_container_folder}}" + state: directory + mode: "0755" + +- name: create sys-ctl-hlth-docker-container.sh + copy: + src: sys-ctl-hlth-docker-container.sh + dest: "{{health_docker_container_folder}}sys-ctl-hlth-docker-container.sh" + +- name: create sys-ctl-hlth-docker-container{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-hlth-docker-container.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-docker-container{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-docker-container service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: "include role for sys-timer for {{ service_name }}" + include_role: + name: sys-timer + vars: + on_calendar: "{{SYS_SCHEDULE_HEALTH_DOCKER_CONTAINER}}" diff --git a/roles/sys-ctl-hlth-docker-container/tasks/main.yml b/roles/sys-ctl-hlth-docker-container/tasks/main.yml new file mode 100644 index 00000000..69e4bbc6 --- /dev/null +++ b/roles/sys-ctl-hlth-docker-container/tasks/main.yml @@ -0,0 +1,4 @@ +- block: + - include_tasks: 01_core.yml + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_hlth_docker_container is not defined diff --git a/roles/sys-ctl-hlth-docker-container/templates/sys-ctl-hlth-docker-container.service.j2 b/roles/sys-ctl-hlth-docker-container/templates/sys-ctl-hlth-docker-container.service.j2 new file mode 100644 index 00000000..56ea5cb7 --- /dev/null +++ b/roles/sys-ctl-hlth-docker-container/templates/sys-ctl-hlth-docker-container.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=Checking docker health +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStart=/bin/bash {{health_docker_container_folder}}sys-ctl-hlth-docker-container.sh diff --git a/roles/sys-hlth-docker-container/vars/main.yml b/roles/sys-ctl-hlth-docker-container/vars/main.yml similarity index 65% rename from roles/sys-hlth-docker-container/vars/main.yml rename to roles/sys-ctl-hlth-docker-container/vars/main.yml index 983f44f0..c66ee4b3 100644 --- a/roles/sys-hlth-docker-container/vars/main.yml +++ b/roles/sys-ctl-hlth-docker-container/vars/main.yml @@ -1 +1 @@ -health_docker_container_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-docker-container/' +health_docker_container_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-docker-container/' diff --git a/roles/sys-hlth-docker-volumes/README.md b/roles/sys-ctl-hlth-docker-volumes/README.md similarity index 85% rename from roles/sys-hlth-docker-volumes/README.md rename to roles/sys-ctl-hlth-docker-volumes/README.md index aaa0ea91..ae7bb983 100644 --- a/roles/sys-hlth-docker-volumes/README.md +++ b/roles/sys-ctl-hlth-docker-volumes/README.md @@ -18,10 +18,10 @@ It supports a whitelist mechanism to avoid alerting on known or intentional volu ## Features - **Anonymous Volume Detection:** Identifies volumes with 64-character IDs not attached to any container. -- **Whitelist Support:** Skips volumes listed in `whitelisted_anonymous_docker_volumes`. +- **Whitelist Support:** Skips volumes listed in `DOCKER_WHITELISTET_ANON_VOLUMES`. - **Bootstrap Volume Exclusion:** Ignores known bootstrap volumes (e.g., `/var/www/bootstrap`). - **Systemd Integration:** Installs a one-shot service and timer to automate checks. -- **Alerting Support:** Works with the [`sys-alm-compose`](../sys-alm-compose/README.md) role for failure notifications. +- **Alerting Support:** Works with the [`sys-ctl-alm-compose`](../sys-ctl-alm-compose/README.md) role for failure notifications. ## Further Resources diff --git a/roles/sys-hlth-docker-volumes/files/sys-hlth-docker-volumes.sh b/roles/sys-ctl-hlth-docker-volumes/files/sys-ctl-hlth-docker-volumes.sh similarity index 100% rename from roles/sys-hlth-docker-volumes/files/sys-hlth-docker-volumes.sh rename to roles/sys-ctl-hlth-docker-volumes/files/sys-ctl-hlth-docker-volumes.sh diff --git a/roles/sys-ctl-hlth-docker-volumes/handlers/main.yml b/roles/sys-ctl-hlth-docker-volumes/handlers/main.yml new file mode 100644 index 00000000..20da7a87 --- /dev/null +++ b/roles/sys-ctl-hlth-docker-volumes/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-hlth-docker-volumes service" + systemd: + name: sys-ctl-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes diff --git a/roles/sys-hlth-docker-volumes/meta/main.yml b/roles/sys-ctl-hlth-docker-volumes/meta/main.yml similarity index 100% rename from roles/sys-hlth-docker-volumes/meta/main.yml rename to roles/sys-ctl-hlth-docker-volumes/meta/main.yml diff --git a/roles/sys-ctl-hlth-docker-volumes/tasks/01_core.yml b/roles/sys-ctl-hlth-docker-volumes/tasks/01_core.yml new file mode 100644 index 00000000..c2326a94 --- /dev/null +++ b/roles/sys-ctl-hlth-docker-volumes/tasks/01_core.yml @@ -0,0 +1,31 @@ +- name: Include dependency 'sys-ctl-alm-compose' + include_role: + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined + +- name: "create {{health_docker_volumes_folder}}" + file: + path: "{{health_docker_volumes_folder}}" + state: directory + mode: "0755" + +- name: create sys-ctl-hlth-docker-volumes.sh + copy: + src: sys-ctl-hlth-docker-volumes.sh + dest: "{{health_docker_volumes_folder}}sys-ctl-hlth-docker-volumes.sh" + +- name: create sys-ctl-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-hlth-docker-volumes.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-docker-volumes service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: "include role for sys-timer for {{ service_name }}" + include_role: + name: sys-timer + vars: + on_calendar: "{{SYS_SCHEDULE_HEALTH_DOCKER_VOLUMES}}" diff --git a/roles/sys-ctl-hlth-docker-volumes/tasks/main.yml b/roles/sys-ctl-hlth-docker-volumes/tasks/main.yml new file mode 100644 index 00000000..a1030353 --- /dev/null +++ b/roles/sys-ctl-hlth-docker-volumes/tasks/main.yml @@ -0,0 +1,4 @@ +- block: + - include_tasks: 01_core.yml + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_hlth_docker_volumes is not defined diff --git a/roles/sys-ctl-hlth-docker-volumes/templates/sys-ctl-hlth-docker-volumes.service.j2 b/roles/sys-ctl-hlth-docker-volumes/templates/sys-ctl-hlth-docker-volumes.service.j2 new file mode 100644 index 00000000..d59a7c58 --- /dev/null +++ b/roles/sys-ctl-hlth-docker-volumes/templates/sys-ctl-hlth-docker-volumes.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=Checking docker health +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStart=/bin/bash {{ health_docker_volumes_folder }}sys-ctl-hlth-docker-volumes.sh "{{ DOCKER_WHITELISTET_ANON_VOLUMES | join(' ') }}" diff --git a/roles/sys-hlth-docker-volumes/vars/main.yml b/roles/sys-ctl-hlth-docker-volumes/vars/main.yml similarity index 68% rename from roles/sys-hlth-docker-volumes/vars/main.yml rename to roles/sys-ctl-hlth-docker-volumes/vars/main.yml index 16f2f195..9184ef49 100644 --- a/roles/sys-hlth-docker-volumes/vars/main.yml +++ b/roles/sys-ctl-hlth-docker-volumes/vars/main.yml @@ -1 +1 @@ -health_docker_volumes_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-docker-volumes/' +health_docker_volumes_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-docker-volumes/' diff --git a/roles/sys-hlth-journalctl/README.md b/roles/sys-ctl-hlth-journalctl/README.md similarity index 81% rename from roles/sys-hlth-journalctl/README.md rename to roles/sys-ctl-hlth-journalctl/README.md index 9b997acc..358671c1 100644 --- a/roles/sys-hlth-journalctl/README.md +++ b/roles/sys-ctl-hlth-journalctl/README.md @@ -1,4 +1,4 @@ -# sys-hlth-journalctl +# sys-ctl-hlth-journalctl ## Description Scans `journalctl` over the last day for “error” entries and alerts if any are found. @@ -7,7 +7,7 @@ Scans `journalctl` over the last day for “error” entries and alerts if any a - Runs `journalctl --since '1 day ago' | grep -i error`. - Exits non-zero on matches. - Scheduled via systemd timer. -- Alerts via `sys-alm-compose` on detection. +- Alerts via `sys-ctl-alm-compose` on detection. ## Usage Include the role; set `on_calendar_health_journalctl` for your preferred schedule. diff --git a/roles/sys-hlth-journalctl/files/sys-hlth-journalctl.sh b/roles/sys-ctl-hlth-journalctl/files/sys-ctl-hlth-journalctl.sh similarity index 100% rename from roles/sys-hlth-journalctl/files/sys-hlth-journalctl.sh rename to roles/sys-ctl-hlth-journalctl/files/sys-ctl-hlth-journalctl.sh diff --git a/roles/sys-ctl-hlth-journalctl/handlers/main.yml b/roles/sys-ctl-hlth-journalctl/handlers/main.yml new file mode 100644 index 00000000..e85bda76 --- /dev/null +++ b/roles/sys-ctl-hlth-journalctl/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-hlth-journalctl service" + systemd: + name: sys-ctl-hlth-journalctl{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-hlth-journalctl/meta/main.yml b/roles/sys-ctl-hlth-journalctl/meta/main.yml similarity index 100% rename from roles/sys-hlth-journalctl/meta/main.yml rename to roles/sys-ctl-hlth-journalctl/meta/main.yml diff --git a/roles/sys-ctl-hlth-journalctl/tasks/01_core.yml b/roles/sys-ctl-hlth-journalctl/tasks/01_core.yml new file mode 100644 index 00000000..cd75ce17 --- /dev/null +++ b/roles/sys-ctl-hlth-journalctl/tasks/01_core.yml @@ -0,0 +1,31 @@ +- name: Include dependency 'sys-ctl-alm-compose' + include_role: + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined + +- name: "create {{health_journalctl_folder}}" + file: + path: "{{health_journalctl_folder}}" + state: directory + mode: "0755" + +- name: create sys-ctl-hlth-journalctl.sh + copy: + src: sys-ctl-hlth-journalctl.sh + dest: "{{health_journalctl_folder}}sys-ctl-hlth-journalctl.sh" + +- name: create sys-ctl-hlth-journalctl{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-hlth-journalctl.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-journalctl{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-journalctl service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: "include role for sys-timer for {{ service_name }}" + include_role: + name: sys-timer + vars: + on_calendar: "{{SYS_SCHEDULE_HEALTH_JOURNALCTL}}" diff --git a/roles/sys-cln-bkps-service/tasks/main.yml b/roles/sys-ctl-hlth-journalctl/tasks/main.yml similarity index 59% rename from roles/sys-cln-bkps-service/tasks/main.yml rename to roles/sys-ctl-hlth-journalctl/tasks/main.yml index 93feccfc..a16f8d4d 100644 --- a/roles/sys-cln-bkps-service/tasks/main.yml +++ b/roles/sys-ctl-hlth-journalctl/tasks/main.yml @@ -1,5 +1,4 @@ - block: - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml - when: run_once_sys_cln_bkps_service is not defined - + when: run_once_sys_ctl_hlth_journalctl is not defined \ No newline at end of file diff --git a/roles/sys-ctl-hlth-journalctl/templates/sys-ctl-hlth-journalctl.service.j2 b/roles/sys-ctl-hlth-journalctl/templates/sys-ctl-hlth-journalctl.service.j2 new file mode 100644 index 00000000..c04365f3 --- /dev/null +++ b/roles/sys-ctl-hlth-journalctl/templates/sys-ctl-hlth-journalctl.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=checking journalctl health +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStart=/bin/bash {{health_journalctl_folder}}sys-ctl-hlth-journalctl.sh diff --git a/roles/sys-ctl-hlth-journalctl/vars/main.yml b/roles/sys-ctl-hlth-journalctl/vars/main.yml new file mode 100644 index 00000000..1518bf5e --- /dev/null +++ b/roles/sys-ctl-hlth-journalctl/vars/main.yml @@ -0,0 +1,2 @@ +health_journalctl_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-journalctl/' + diff --git a/roles/sys-ctl-hlth-msmtp/README.md b/roles/sys-ctl-hlth-msmtp/README.md new file mode 100644 index 00000000..649981b1 --- /dev/null +++ b/roles/sys-ctl-hlth-msmtp/README.md @@ -0,0 +1,21 @@ +# sys-ctl-hlth-msmtp + +## Description + +This Ansible role sends periodic health check emails using **msmtp** to verify that your mail transport agent is operational. It deploys a simple script and hooks it into a systemd service and timer, with failure notifications sent via Telegram. + +## Overview + +Optimized for Archlinux, this role creates the required directory structure, installs and configures the sys-ctl-hlth-check script, and integrates with the **sys-ctl-alm-telegram** role. It uses the **sys-timer** role to schedule regular checks based on your customizable `OnCalendar` setting. + +## Purpose + +The **sys-ctl-hlth-msmtp** role ensures that your mail transport system stays available by sending a test email at defined intervals. If the email fails, a Telegram alert is triggered, allowing you to detect and address issues before they impact users. + +## Features + +- **Directory & Script Deployment:** Sets up `sys-ctl-hlth-msmtp/` and deploys a templated Bash script to send test emails via msmtp. +- **Systemd Service & Timer:** Provides `.service` and `.timer` units to run the check and schedule it automatically. +- **Failure Notifications:** Leverages **sys-ctl-alm-telegram** to push alerts when the script exits with an error. +- **Configurable Schedule:** Define your desired check frequency using the `on_calendar_health_msmtp` variable. +- **Email Destination:** Specify the recipient via the `users.administrator.email` variable. \ No newline at end of file diff --git a/roles/sys-ctl-hlth-msmtp/handlers/main.yml b/roles/sys-ctl-hlth-msmtp/handlers/main.yml new file mode 100644 index 00000000..9fdb2c7f --- /dev/null +++ b/roles/sys-ctl-hlth-msmtp/handlers/main.yml @@ -0,0 +1,5 @@ +- name: reload sys-ctl-hlth-msmtp service + systemd: + name: sys-ctl-hlth-msmtp{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-hlth-msmtp/meta/main.yml b/roles/sys-ctl-hlth-msmtp/meta/main.yml similarity index 100% rename from roles/sys-hlth-msmtp/meta/main.yml rename to roles/sys-ctl-hlth-msmtp/meta/main.yml diff --git a/roles/sys-ctl-hlth-msmtp/tasks/main.yml b/roles/sys-ctl-hlth-msmtp/tasks/main.yml new file mode 100644 index 00000000..c636bdd4 --- /dev/null +++ b/roles/sys-ctl-hlth-msmtp/tasks/main.yml @@ -0,0 +1,35 @@ +- block: + - name: Include dependency 'sys-ctl-alm-telegram' + include_role: + name: sys-ctl-alm-telegram + when: run_once_sys_ctl_alm_telegram is not defined + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_hlth_msmtp is not defined + +- name: "create {{ health_msmtp_folder }}" + file: + path: "{{ health_msmtp_folder }}" + state: directory + mode: "0755" + +- name: create sys-ctl-hlth-msmtp.sh + template: + src: sys-ctl-hlth-msmtp.sh.j2 + dest: "{{ health_msmtp_folder }}sys-ctl-hlth-msmtp.sh" + mode: '0755' + +- name: create sys-ctl-hlth-msmtp{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-hlth-msmtp.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-msmtp{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-msmtp service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: include role for sys-timer for {{ service_name }} + include_role: + name: sys-timer + vars: + on_calendar: "{{ SYS_SCHEDULE_HEALTH_MSMTP }}" diff --git a/roles/sys-ctl-hlth-msmtp/templates/sys-ctl-hlth-msmtp.service.j2 b/roles/sys-ctl-hlth-msmtp/templates/sys-ctl-hlth-msmtp.service.j2 new file mode 100644 index 00000000..b2f43c7e --- /dev/null +++ b/roles/sys-ctl-hlth-msmtp/templates/sys-ctl-hlth-msmtp.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=Check msmtp liveliness +OnFailure=sys-ctl-alm-telegram.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStart=/bin/bash {{ health_msmtp_folder }}sys-ctl-hlth-msmtp.sh diff --git a/roles/sys-hlth-msmtp/templates/sys-hlth-msmtp.sh.j2 b/roles/sys-ctl-hlth-msmtp/templates/sys-ctl-hlth-msmtp.sh.j2 similarity index 100% rename from roles/sys-hlth-msmtp/templates/sys-hlth-msmtp.sh.j2 rename to roles/sys-ctl-hlth-msmtp/templates/sys-ctl-hlth-msmtp.sh.j2 diff --git a/roles/sys-ctl-hlth-msmtp/vars/main.yml b/roles/sys-ctl-hlth-msmtp/vars/main.yml new file mode 100644 index 00000000..c3d793df --- /dev/null +++ b/roles/sys-ctl-hlth-msmtp/vars/main.yml @@ -0,0 +1,2 @@ +health_msmtp_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-msmtp/' + diff --git a/roles/sys-hlth-webserver/README.md b/roles/sys-ctl-hlth-webserver/README.md similarity index 92% rename from roles/sys-hlth-webserver/README.md rename to roles/sys-ctl-hlth-webserver/README.md index d3791901..2cb9bb5e 100644 --- a/roles/sys-hlth-webserver/README.md +++ b/roles/sys-ctl-hlth-webserver/README.md @@ -1,4 +1,4 @@ -# sys-hlth-webserver +# sys-ctl-hlth-webserver ## Description Verifies that each of your Nginx‐served domains returns an expected HTTP status (200, 301, etc.) and alerts on deviations. @@ -6,7 +6,7 @@ Verifies that each of your Nginx‐served domains returns an expected HTTP statu ## Features - Scans your `nginx` server block `.conf` files for domains. - HEAD-requests each domain and compares against per-domain expected codes. -- Reports any mismatches via `sys-alm-compose`. +- Reports any mismatches via `sys-ctl-alm-compose`. - Scheduled via a systemd timer for periodic health sweeps. ## Usage diff --git a/roles/sys-hlth-webserver/TODO.md b/roles/sys-ctl-hlth-webserver/TODO.md similarity index 100% rename from roles/sys-hlth-webserver/TODO.md rename to roles/sys-ctl-hlth-webserver/TODO.md diff --git a/roles/sys-ctl-hlth-webserver/handlers/main.yml b/roles/sys-ctl-hlth-webserver/handlers/main.yml new file mode 100644 index 00000000..b1da5979 --- /dev/null +++ b/roles/sys-ctl-hlth-webserver/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-hlth-webserver service" + systemd: + name: sys-ctl-hlth-webserver{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes diff --git a/roles/sys-hlth-webserver/meta/main.yml b/roles/sys-ctl-hlth-webserver/meta/main.yml similarity index 100% rename from roles/sys-hlth-webserver/meta/main.yml rename to roles/sys-ctl-hlth-webserver/meta/main.yml diff --git a/roles/sys-hlth-webserver/tasks/01_core.yml b/roles/sys-ctl-hlth-webserver/tasks/01_core.yml similarity index 55% rename from roles/sys-hlth-webserver/tasks/01_core.yml rename to roles/sys-ctl-hlth-webserver/tasks/01_core.yml index 9769c7c6..339b1a2c 100644 --- a/roles/sys-hlth-webserver/tasks/01_core.yml +++ b/roles/sys-ctl-hlth-webserver/tasks/01_core.yml @@ -4,9 +4,9 @@ name: '{{ item }}' loop: - dev-python-pip - - sys-alm-compose + - sys-ctl-alm-compose - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_webserver is not defined + when: run_once_sys_ctl_hlth_webserver is not defined - name: Install required Python modules community.general.pacman: @@ -19,16 +19,16 @@ state: directory mode: "0755" -- name: create sys-hlth-webserver.py +- name: create sys-ctl-hlth-webserver.py template: - src: sys-hlth-webserver.py.j2 - dest: "{{ health_nginx_folder }}sys-hlth-webserver.py" + src: sys-ctl-hlth-webserver.py.j2 + dest: "{{ health_nginx_folder }}sys-ctl-hlth-webserver.py" -- name: create sys-hlth-webserver{{ SYS_SERVICE_SUFFIX }} +- name: create sys-ctl-hlth-webserver{{ SYS_SERVICE_SUFFIX }} template: - src: sys-hlth-webserver.service.j2 - dest: /etc/systemd/system/sys-hlth-webserver{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-webserver service + src: sys-ctl-hlth-webserver.service.j2 + dest: /etc/systemd/system/sys-ctl-hlth-webserver{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-hlth-webserver service - name: "set 'service_name' to '{{ role_name }}'" set_fact: @@ -38,4 +38,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_health_nginx}}" + on_calendar: "{{SYS_SCHEDULE_HEALTH_NGINX}}" diff --git a/roles/sys-hlth-webserver/tasks/main.yml b/roles/sys-ctl-hlth-webserver/tasks/main.yml similarity index 60% rename from roles/sys-hlth-webserver/tasks/main.yml rename to roles/sys-ctl-hlth-webserver/tasks/main.yml index 85b8d7a0..124ab3a0 100644 --- a/roles/sys-hlth-webserver/tasks/main.yml +++ b/roles/sys-ctl-hlth-webserver/tasks/main.yml @@ -1,6 +1,6 @@ - block: - include_tasks: 01_core.yml - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_webserver is not defined + when: run_once_sys_ctl_hlth_webserver is not defined diff --git a/roles/sys-hlth-webserver/templates/sys-hlth-webserver.py.j2 b/roles/sys-ctl-hlth-webserver/templates/sys-ctl-hlth-webserver.py.j2 similarity index 100% rename from roles/sys-hlth-webserver/templates/sys-hlth-webserver.py.j2 rename to roles/sys-ctl-hlth-webserver/templates/sys-ctl-hlth-webserver.py.j2 diff --git a/roles/sys-ctl-hlth-webserver/templates/sys-ctl-hlth-webserver.service.j2 b/roles/sys-ctl-hlth-webserver/templates/sys-ctl-hlth-webserver.service.j2 new file mode 100644 index 00000000..311b354b --- /dev/null +++ b/roles/sys-ctl-hlth-webserver/templates/sys-ctl-hlth-webserver.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=Check nginx configuration status +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/python3 {{ health_nginx_folder }}sys-ctl-hlth-webserver.py diff --git a/roles/sys-ctl-hlth-webserver/vars/main.yml b/roles/sys-ctl-hlth-webserver/vars/main.yml new file mode 100644 index 00000000..1b108bee --- /dev/null +++ b/roles/sys-ctl-hlth-webserver/vars/main.yml @@ -0,0 +1 @@ +health_nginx_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-hlth-webserver/' diff --git a/roles/sys-svc-cert-sync-docker/README.md b/roles/sys-ctl-mtn-cert-deploy/README.md similarity index 96% rename from roles/sys-svc-cert-sync-docker/README.md rename to roles/sys-ctl-mtn-cert-deploy/README.md index 9b46d76f..fac3f2dc 100644 --- a/roles/sys-svc-cert-sync-docker/README.md +++ b/roles/sys-ctl-mtn-cert-deploy/README.md @@ -14,5 +14,5 @@ Installs a small script and a systemd unit that copy certificates into your Comp ## Further Resources - [Wildcard Certificate Setup (SETUP.md)](./SETUP.md) -- [Role Documentation](https://s.infinito.nexus/code/tree/main/roles/sys-svc-cert-sync-docker) +- [Role Documentation](https://s.infinito.nexus/code/tree/main/roles/sys-ctl-mtn-cert-deploy) - [Issue Tracker](https://s.infinito.nexus/issues) diff --git a/roles/sys-svc-cert-sync-docker/SETUP.md b/roles/sys-ctl-mtn-cert-deploy/SETUP.md similarity index 100% rename from roles/sys-svc-cert-sync-docker/SETUP.md rename to roles/sys-ctl-mtn-cert-deploy/SETUP.md diff --git a/roles/sys-svc-cert-sync-docker/files/sys-svc-cert-sync-docker.sh b/roles/sys-ctl-mtn-cert-deploy/files/sys-ctl-mtn-cert-deploy.sh similarity index 100% rename from roles/sys-svc-cert-sync-docker/files/sys-svc-cert-sync-docker.sh rename to roles/sys-ctl-mtn-cert-deploy/files/sys-ctl-mtn-cert-deploy.sh diff --git a/roles/sys-svc-cert-sync-docker/handlers/main.yml b/roles/sys-ctl-mtn-cert-deploy/handlers/main.yml similarity index 100% rename from roles/sys-svc-cert-sync-docker/handlers/main.yml rename to roles/sys-ctl-mtn-cert-deploy/handlers/main.yml diff --git a/roles/sys-svc-cert-sync-docker/meta/main.yml b/roles/sys-ctl-mtn-cert-deploy/meta/main.yml similarity index 96% rename from roles/sys-svc-cert-sync-docker/meta/main.yml rename to roles/sys-ctl-mtn-cert-deploy/meta/main.yml index ae7b0331..d582ad74 100644 --- a/roles/sys-svc-cert-sync-docker/meta/main.yml +++ b/roles/sys-ctl-mtn-cert-deploy/meta/main.yml @@ -14,7 +14,7 @@ galaxy_info: - systemd repository: "https://s.infinito.nexus/code" issue_tracker_url: "https://s.infinito.nexus/issues" - documentation: "https://s.infinito.nexus/code/tree/main/roles/sys-svc-cert-sync-docker" + documentation: "https://s.infinito.nexus/code/tree/main/roles/sys-ctl-mtn-cert-deploy" min_ansible_version: "2.9" platforms: - name: Any diff --git a/roles/sys-svc-cert-sync-docker/tasks/01_core.yml b/roles/sys-ctl-mtn-cert-deploy/tasks/01_core.yml similarity index 68% rename from roles/sys-svc-cert-sync-docker/tasks/01_core.yml rename to roles/sys-ctl-mtn-cert-deploy/tasks/01_core.yml index 5493895a..a439a06a 100644 --- a/roles/sys-svc-cert-sync-docker/tasks/01_core.yml +++ b/roles/sys-ctl-mtn-cert-deploy/tasks/01_core.yml @@ -1,7 +1,7 @@ -- name: Include dependency 'sys-alm-compose' +- name: Include dependency 'sys-ctl-alm-compose' include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined - name: "Install '{{ CERT_SYNC_DOCKER_SCRIPT_FILE }}'" ansible.builtin.copy: diff --git a/roles/sys-svc-cert-sync-docker/tasks/main.yml b/roles/sys-ctl-mtn-cert-deploy/tasks/main.yml similarity index 80% rename from roles/sys-svc-cert-sync-docker/tasks/main.yml rename to roles/sys-ctl-mtn-cert-deploy/tasks/main.yml index 9dab1618..2781c6a4 100644 --- a/roles/sys-svc-cert-sync-docker/tasks/main.yml +++ b/roles/sys-ctl-mtn-cert-deploy/tasks/main.yml @@ -1,8 +1,8 @@ - block: - include_tasks: 01_core.yml - set_fact: - run_once_sys_svc_cert_sync_docker: true - when: run_once_sys_svc_cert_sync_docker is not defined + run_once_sys_ctl_mtn_cert_deploy: true + when: run_once_sys_ctl_mtn_cert_deploy is not defined - name: "create {{ cert_mount_directory }}" file: @@ -21,7 +21,7 @@ include_role: name: sys-timer vars: - on_calendar: "{{ on_calendar_deploy_certificates }}" + on_calendar: "{{ SYS_SCHEDULE_MAINTANANCE_LETSENCRYPT_DEPLOY }}" service_name: "{{ CERT_SYNC_DOCKER_SERVICE_NAME_BASE }}" persistent: "true" diff --git a/roles/sys-svc-cert-sync-docker/templates/sys-svc-cert-sync-docker.service.j2 b/roles/sys-ctl-mtn-cert-deploy/templates/sys-ctl-mtn-cert-deploy.service.j2 similarity index 82% rename from roles/sys-svc-cert-sync-docker/templates/sys-svc-cert-sync-docker.service.j2 rename to roles/sys-ctl-mtn-cert-deploy/templates/sys-ctl-mtn-cert-deploy.service.j2 index 64cf266a..1d8f5453 100644 --- a/roles/sys-svc-cert-sync-docker/templates/sys-svc-cert-sync-docker.service.j2 +++ b/roles/sys-ctl-mtn-cert-deploy/templates/sys-ctl-mtn-cert-deploy.service.j2 @@ -1,6 +1,6 @@ [Unit] Description=Let's Encrypt deploy to {{ docker_compose.directories.instance }} -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot diff --git a/roles/sys-svc-cert-sync-docker/vars/main.yml b/roles/sys-ctl-mtn-cert-deploy/vars/main.yml similarity index 85% rename from roles/sys-svc-cert-sync-docker/vars/main.yml rename to roles/sys-ctl-mtn-cert-deploy/vars/main.yml index 9ca544c3..f4261ff8 100644 --- a/roles/sys-svc-cert-sync-docker/vars/main.yml +++ b/roles/sys-ctl-mtn-cert-deploy/vars/main.yml @@ -1,5 +1,5 @@ -CERT_SYNC_DOCKER_BASE: "sys-svc-cert-sync-docker" +CERT_SYNC_DOCKER_BASE: "sys-ctl-mtn-cert-deploy" CERT_SYNC_DOCKER_SCRIPT_FILE: "{{ CERT_SYNC_DOCKER_BASE }}.sh" CERT_SYNC_DOCKER_SCRIPT_PATH: "{{ PATH_ADMINISTRATOR_SCRIPTS }}{{ CERT_SYNC_DOCKER_SCRIPT_FILE }}" CERT_SYNC_DOCKER_SERVICE_NAME_BASE: "{{ application_id | get_entity_name }}.{{ CERT_SYNC_DOCKER_BASE }}" diff --git a/roles/srv-web-6-6-tls-renew/README.md b/roles/sys-ctl-mtn-cert-renew/README.md similarity index 93% rename from roles/srv-web-6-6-tls-renew/README.md rename to roles/sys-ctl-mtn-cert-renew/README.md index 18096b2c..35c6f548 100644 --- a/roles/srv-web-6-6-tls-renew/README.md +++ b/roles/sys-ctl-mtn-cert-renew/README.md @@ -11,7 +11,7 @@ Optimized for Archlinux systems, this role installs the `certbot-nginx` package, ### Key Features - **Automatic Renewal:** Schedules unattended certificate renewals using sys-timers. - **Seamless Nginx Reload:** Reloads the Nginx service automatically after successful renewals. -- **Systemd Integration:** Manages renewal operations reliably with `systemd` and `sys-alm-compose`. +- **Systemd Integration:** Manages renewal operations reliably with `systemd` and `sys-ctl-alm-compose`. - **Quiet and Safe Operation:** Uses `--quiet` and `--agree-tos` flags to ensure non-interactive renewals. ## 🎯 Purpose @@ -23,7 +23,7 @@ The Nginx Certbot Automation role ensures that Let's Encrypt SSL/TLS certificate - **Certbot-Nginx Package Installation:** Installs required certbot plugins for Nginx. - **Custom Systemd Service:** Configures a lightweight, dedicated renewal service. - **Timer Setup:** Uses sys-timer to run certbot renewals periodically. -- **Failure Notification:** Integrated with `sys-alm-compose` for alerting on failures. +- **Failure Notification:** Integrated with `sys-ctl-alm-compose` for alerting on failures. ## 🔗 Learn More diff --git a/roles/srv-web-6-6-tls-renew/handlers/main.yml b/roles/sys-ctl-mtn-cert-renew/handlers/main.yml similarity index 64% rename from roles/srv-web-6-6-tls-renew/handlers/main.yml rename to roles/sys-ctl-mtn-cert-renew/handlers/main.yml index d993a385..6fbf0df9 100644 --- a/roles/srv-web-6-6-tls-renew/handlers/main.yml +++ b/roles/sys-ctl-mtn-cert-renew/handlers/main.yml @@ -1,6 +1,6 @@ - name: "reload certbot service" systemd: - name: srv-web-6-6-tls-renew{{ SYS_SERVICE_SUFFIX }} + name: sys-ctl-mtn-cert-renew{{ SYS_SERVICE_SUFFIX }} state: reloaded enabled: yes daemon_reload: yes diff --git a/roles/srv-web-6-6-tls-renew/meta/main.yml b/roles/sys-ctl-mtn-cert-renew/meta/main.yml similarity index 97% rename from roles/srv-web-6-6-tls-renew/meta/main.yml rename to roles/sys-ctl-mtn-cert-renew/meta/main.yml index 47362d0b..1e2af968 100644 --- a/roles/srv-web-6-6-tls-renew/meta/main.yml +++ b/roles/sys-ctl-mtn-cert-renew/meta/main.yml @@ -26,4 +26,4 @@ galaxy_info: issue_tracker_url: "https://s.infinito.nexus/issues" documentation: "https://docs.infinito.nexus" dependencies: -- sys-cln-certs +- sys-ctl-cln-certs diff --git a/roles/srv-web-6-6-tls-renew/tasks/01_core.yml b/roles/sys-ctl-mtn-cert-renew/tasks/01_core.yml similarity index 65% rename from roles/srv-web-6-6-tls-renew/tasks/01_core.yml rename to roles/sys-ctl-mtn-cert-renew/tasks/01_core.yml index 18f29326..e5ef5a96 100644 --- a/roles/srv-web-6-6-tls-renew/tasks/01_core.yml +++ b/roles/sys-ctl-mtn-cert-renew/tasks/01_core.yml @@ -4,7 +4,7 @@ loop: - sys-svc-certbot - srv-web-7-4-core - - sys-alm-compose + - sys-ctl-alm-compose - name: install certbot community.general.pacman: @@ -12,10 +12,10 @@ - certbot-nginx state: present -- name: configure srv-web-6-6-tls-renew service +- name: configure sys-ctl-mtn-cert-renew service template: - src: srv-web-6-6-tls-renew.service.j2 - dest: /etc/systemd/system/srv-web-6-6-tls-renew{{ SYS_SERVICE_SUFFIX }} + src: sys-ctl-mtn-cert-renew.service.j2 + dest: /etc/systemd/system/sys-ctl-mtn-cert-renew{{ SYS_SERVICE_SUFFIX }} notify: reload certbot service - name: "set 'service_name' to '{{ role_name }}'" @@ -26,5 +26,5 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_renew_lets_encrypt_certificates}}" + on_calendar: "{{ SYS_SCHEDULE_MAINTANANCE_LETSENCRYPT_RENEW }}" persistent: "true" diff --git a/roles/sys-ctl-mtn-cert-renew/tasks/main.yml b/roles/sys-ctl-mtn-cert-renew/tasks/main.yml new file mode 100644 index 00000000..14f69892 --- /dev/null +++ b/roles/sys-ctl-mtn-cert-renew/tasks/main.yml @@ -0,0 +1,4 @@ +- block: + - include_tasks: 01_core.yml + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_mtn_cert_renew is not defined diff --git a/roles/srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2 b/roles/sys-ctl-mtn-cert-renew/templates/sys-ctl-mtn-cert-renew.service.j2 similarity index 80% rename from roles/srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2 rename to roles/sys-ctl-mtn-cert-renew/templates/sys-ctl-mtn-cert-renew.service.j2 index e51f8708..b4f0f0ef 100644 --- a/roles/srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2 +++ b/roles/sys-ctl-mtn-cert-renew/templates/sys-ctl-mtn-cert-renew.service.j2 @@ -1,6 +1,6 @@ [Unit] Description=Let's Encrypt renewal -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot diff --git a/roles/sys-rpr-btrfs-blnc/README.md b/roles/sys-ctl-rpr-btrfs-balancer/README.md similarity index 93% rename from roles/sys-rpr-btrfs-blnc/README.md rename to roles/sys-ctl-rpr-btrfs-balancer/README.md index 9692e45a..6c1a97c5 100644 --- a/roles/sys-rpr-btrfs-blnc/README.md +++ b/roles/sys-ctl-rpr-btrfs-balancer/README.md @@ -21,4 +21,4 @@ The primary purpose of this role is to maintain optimal performance of Btrfs fil - **Repository Cloning:** Automatically fetches the latest auto-btrfs-balancer repository. - **Service Configuration:** Sets up a systemd service for running the balancing script. - **Timer Integration:** Schedules the balancing process via a systemd timer. -- **Error Notification:** Notifies on failure using sys-alm-compose. +- **Error Notification:** Notifies on failure using sys-ctl-alm-compose. diff --git a/roles/sys-ctl-rpr-btrfs-balancer/handlers/main.yml b/roles/sys-ctl-rpr-btrfs-balancer/handlers/main.yml new file mode 100644 index 00000000..ab075525 --- /dev/null +++ b/roles/sys-ctl-rpr-btrfs-balancer/handlers/main.yml @@ -0,0 +1,4 @@ +- name: "reload sys-ctl-rpr-btrfs-balancer service" + systemd: + name: sys-ctl-rpr-btrfs-balancer{{ SYS_SERVICE_SUFFIX }} + daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-rpr-btrfs-blnc/meta/main.yml b/roles/sys-ctl-rpr-btrfs-balancer/meta/main.yml similarity index 100% rename from roles/sys-rpr-btrfs-blnc/meta/main.yml rename to roles/sys-ctl-rpr-btrfs-balancer/meta/main.yml diff --git a/roles/sys-ctl-rpr-btrfs-balancer/tasks/01_core.yml b/roles/sys-ctl-rpr-btrfs-balancer/tasks/01_core.yml new file mode 100644 index 00000000..8afe2051 --- /dev/null +++ b/roles/sys-ctl-rpr-btrfs-balancer/tasks/01_core.yml @@ -0,0 +1,26 @@ +- name: Include dependency 'sys-ctl-alm-compose' + include_role: + name: sys-ctl-alm-compose + when: run_once_sys_ctl_alm_compose is not defined + +- name: "pkgmgr install" + include_role: + name: pkgmgr-install + vars: + package_name: btrfs-auto-balancer + +- name: configure sys-ctl-rpr-btrfs-balancer{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-rpr-btrfs-balancer.service.j2 + dest: /etc/systemd/system/sys-ctl-rpr-btrfs-balancer{{ SYS_SERVICE_SUFFIX }} + notify: reload sys-ctl-rpr-btrfs-balancer service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: "include role for sys-timer for {{ service_name }}" + include_role: + name: sys-timer + vars: + on_calendar: "{{SYS_SCHEDULE_REPAIR_BTRFS_AUTO_BALANCER}}" diff --git a/roles/sys-ctl-rpr-btrfs-balancer/tasks/main.yml b/roles/sys-ctl-rpr-btrfs-balancer/tasks/main.yml new file mode 100644 index 00000000..edb855e7 --- /dev/null +++ b/roles/sys-ctl-rpr-btrfs-balancer/tasks/main.yml @@ -0,0 +1,4 @@ +- block: + - include_tasks: 01_core.yml + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_rpr_btrfs_balancer is not defined diff --git a/roles/sys-rpr-btrfs-blnc/templates/sys-rpr-btrfs-blnc.service.j2 b/roles/sys-ctl-rpr-btrfs-balancer/templates/sys-ctl-rpr-btrfs-balancer.service.j2 similarity index 64% rename from roles/sys-rpr-btrfs-blnc/templates/sys-rpr-btrfs-blnc.service.j2 rename to roles/sys-ctl-rpr-btrfs-balancer/templates/sys-ctl-rpr-btrfs-balancer.service.j2 index 9b54c842..4837b051 100644 --- a/roles/sys-rpr-btrfs-blnc/templates/sys-rpr-btrfs-blnc.service.j2 +++ b/roles/sys-ctl-rpr-btrfs-balancer/templates/sys-ctl-rpr-btrfs-balancer.service.j2 @@ -1,6 +1,6 @@ [Unit] Description=auto balance btrfs -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot diff --git a/roles/sys-rpr-docker-hard/README.md b/roles/sys-ctl-rpr-docker-hard/README.md similarity index 100% rename from roles/sys-rpr-docker-hard/README.md rename to roles/sys-ctl-rpr-docker-hard/README.md diff --git a/roles/sys-rpr-docker-hard/files/sys-rpr-docker-hard.py b/roles/sys-ctl-rpr-docker-hard/files/sys-ctl-rpr-docker-hard.py similarity index 100% rename from roles/sys-rpr-docker-hard/files/sys-rpr-docker-hard.py rename to roles/sys-ctl-rpr-docker-hard/files/sys-ctl-rpr-docker-hard.py diff --git a/roles/sys-ctl-rpr-docker-hard/handlers/main.yml b/roles/sys-ctl-rpr-docker-hard/handlers/main.yml new file mode 100644 index 00000000..e537764a --- /dev/null +++ b/roles/sys-ctl-rpr-docker-hard/handlers/main.yml @@ -0,0 +1,5 @@ +- name: "reload sys-ctl-rpr-docker-hard service" + systemd: + name: sys-ctl-rpr-docker-hard{{ SYS_SERVICE_SUFFIX }} + enabled: yes + daemon_reload: yes diff --git a/roles/sys-rpr-docker-hard/meta/main.yml b/roles/sys-ctl-rpr-docker-hard/meta/main.yml similarity index 100% rename from roles/sys-rpr-docker-hard/meta/main.yml rename to roles/sys-ctl-rpr-docker-hard/meta/main.yml diff --git a/roles/sys-rpr-docker-hard/tasks/01_core.yml b/roles/sys-ctl-rpr-docker-hard/tasks/01_core.yml similarity index 62% rename from roles/sys-rpr-docker-hard/tasks/01_core.yml rename to roles/sys-ctl-rpr-docker-hard/tasks/01_core.yml index 25012be5..afa5bed9 100644 --- a/roles/sys-rpr-docker-hard/tasks/01_core.yml +++ b/roles/sys-ctl-rpr-docker-hard/tasks/01_core.yml @@ -11,14 +11,14 @@ - name: create {{restart_docker_script}} copy: - src: sys-rpr-docker-hard.py + src: sys-ctl-rpr-docker-hard.py dest: "{{restart_docker_script}}" -- name: configure sys-rpr-docker-hard{{ SYS_SERVICE_SUFFIX }} +- name: configure sys-ctl-rpr-docker-hard{{ SYS_SERVICE_SUFFIX }} template: - src: sys-rpr-docker-hard.service.j2 - dest: /etc/systemd/system/sys-rpr-docker-hard{{ SYS_SERVICE_SUFFIX }} - notify: "reload sys-rpr-docker-hard service" + src: sys-ctl-rpr-docker-hard.service.j2 + dest: /etc/systemd/system/sys-ctl-rpr-docker-hard{{ SYS_SERVICE_SUFFIX }} + notify: "reload sys-ctl-rpr-docker-hard service" - name: "set 'service_name' to '{{ role_name }}'" set_fact: @@ -28,4 +28,4 @@ include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_restart_docker}}" + on_calendar: "{{SYS_SCHEDULE_REPAIR_DOCKER_HARD}}" diff --git a/roles/sys-ctl-rpr-docker-hard/tasks/main.yml b/roles/sys-ctl-rpr-docker-hard/tasks/main.yml new file mode 100644 index 00000000..763a25a6 --- /dev/null +++ b/roles/sys-ctl-rpr-docker-hard/tasks/main.yml @@ -0,0 +1,4 @@ +- block: + - include_tasks: 01_core.yml + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_rpr_docker_hard is not defined \ No newline at end of file diff --git a/roles/sys-ctl-rpr-docker-hard/templates/sys-ctl-rpr-docker-hard.service.j2 b/roles/sys-ctl-rpr-docker-hard/templates/sys-ctl-rpr-docker-hard.service.j2 new file mode 100644 index 00000000..50d78e3f --- /dev/null +++ b/roles/sys-ctl-rpr-docker-hard/templates/sys-ctl-rpr-docker-hard.service.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=Restart Docker Instances +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{SYS_SERVICE_GROUP_CLEANUP | join(' ') }} sys-ctl-rpr-docker-hard --timeout "{{SYS_TIMEOUT_RESTART_DOCKER}}"' +ExecStart=/bin/sh -c '/usr/bin/python {{restart_docker_script}} {{ PATH_DOCKER_COMPOSE_INSTANCES }}' \ No newline at end of file diff --git a/roles/sys-ctl-rpr-docker-hard/vars/main.yml b/roles/sys-ctl-rpr-docker-hard/vars/main.yml new file mode 100644 index 00000000..8115aa35 --- /dev/null +++ b/roles/sys-ctl-rpr-docker-hard/vars/main.yml @@ -0,0 +1,3 @@ +restart_docker_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-rpr-docker-hard/' +restart_docker_script: '{{restart_docker_folder}}sys-ctl-rpr-docker-hard.py' + diff --git a/roles/sys-rpr-docker-soft/README.md b/roles/sys-ctl-rpr-docker-soft/README.md similarity index 100% rename from roles/sys-rpr-docker-soft/README.md rename to roles/sys-ctl-rpr-docker-soft/README.md diff --git a/roles/sys-ctl-rpr-docker-soft/handlers/main.yml b/roles/sys-ctl-rpr-docker-soft/handlers/main.yml new file mode 100644 index 00000000..b2950f75 --- /dev/null +++ b/roles/sys-ctl-rpr-docker-soft/handlers/main.yml @@ -0,0 +1,5 @@ +- name: restart sys-ctl-rpr-docker-soft service + systemd: + name: sys-ctl-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} + state: restarted + daemon_reload: yes diff --git a/roles/sys-rpr-docker-soft/meta/main.yml b/roles/sys-ctl-rpr-docker-soft/meta/main.yml similarity index 100% rename from roles/sys-rpr-docker-soft/meta/main.yml rename to roles/sys-ctl-rpr-docker-soft/meta/main.yml diff --git a/roles/sys-ctl-rpr-docker-soft/tasks/01_core.yml b/roles/sys-ctl-rpr-docker-soft/tasks/01_core.yml new file mode 100644 index 00000000..e7f35fb5 --- /dev/null +++ b/roles/sys-ctl-rpr-docker-soft/tasks/01_core.yml @@ -0,0 +1,32 @@ +- name: Include dependency 'sys-lock' + include_role: + name: sys-lock + when: run_once_sys_lock is not defined + +- name: "create {{heal_docker}}" + file: + path: "{{heal_docker}}" + state: directory + mode: "0755" + +- name: create sys-ctl-rpr-docker-soft.py + template: + src: sys-ctl-rpr-docker-soft.py.j2 + dest: "{{heal_docker}}sys-ctl-rpr-docker-soft.py" + notify: restart sys-ctl-rpr-docker-soft service + +- name: create sys-ctl-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} + template: + src: sys-ctl-rpr-docker-soft.service.j2 + dest: /etc/systemd/system/sys-ctl-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} + notify: restart sys-ctl-rpr-docker-soft service + +- name: "set 'service_name' to '{{ role_name }}'" + set_fact: + service_name: "{{ role_name }}" + +- name: "include role for sys-timer for {{ service_name }}" + include_role: + name: sys-timer + vars: + on_calendar: "{{SYS_SCHEDULE_REPAIR_DOCKER_SOFT}}" diff --git a/roles/sys-ctl-rpr-docker-soft/tasks/main.yml b/roles/sys-ctl-rpr-docker-soft/tasks/main.yml new file mode 100644 index 00000000..95815e27 --- /dev/null +++ b/roles/sys-ctl-rpr-docker-soft/tasks/main.yml @@ -0,0 +1,4 @@ +- block: + - include_tasks: 01_core.yml + - include_tasks: utils/run_once.yml + when: run_once_sys_ctl_rpr_docker_soft is not defined \ No newline at end of file diff --git a/roles/sys-rpr-docker-soft/templates/sys-rpr-docker-soft.py.j2 b/roles/sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.py.j2 similarity index 97% rename from roles/sys-rpr-docker-soft/templates/sys-rpr-docker-soft.py.j2 rename to roles/sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.py.j2 index 25ee6dc4..949a44b5 100644 --- a/roles/sys-rpr-docker-soft/templates/sys-rpr-docker-soft.py.j2 +++ b/roles/sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.py.j2 @@ -40,7 +40,7 @@ def main(base_directory): while blocker_running: try: - bash("systemctl is-active --quiet sys-bkp-docker-2-loc{{ SYS_SERVICE_SUFFIX }}") + bash("systemctl is-active --quiet sys-ctl-bkp-docker-2-loc{{ SYS_SERVICE_SUFFIX }}") bash("systemctl is-active --quiet update-docker{{ SYS_SERVICE_SUFFIX }}") print("Backup is running.") print(f"Trying again in {waiting_time} seconds.") diff --git a/roles/sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.service.j2 b/roles/sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.service.j2 new file mode 100644 index 00000000..7ae39452 --- /dev/null +++ b/roles/sys-ctl-rpr-docker-soft/templates/sys-ctl-rpr-docker-soft.service.j2 @@ -0,0 +1,8 @@ +[Unit] +Description=restart unhealthy docker containers +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service + +[Service] +Type=oneshot +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{SYS_SERVICE_GROUP_CLEANUP| join(' ') }} sys-ctl-rpr-docker-soft --timeout "{{SYS_TIMEOUT_HEAL_DOCKER}}"' +ExecStart=/bin/sh -c '/bin/python {{heal_docker}}sys-ctl-rpr-docker-soft.py {{ PATH_DOCKER_COMPOSE_INSTANCES }}' \ No newline at end of file diff --git a/roles/sys-ctl-rpr-docker-soft/vars/main.yml b/roles/sys-ctl-rpr-docker-soft/vars/main.yml new file mode 100644 index 00000000..4c7e11f1 --- /dev/null +++ b/roles/sys-ctl-rpr-docker-soft/vars/main.yml @@ -0,0 +1,2 @@ +heal_docker: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-rpr-docker-soft/' + diff --git a/roles/sys-hlth-btrfs/handlers/main.yml b/roles/sys-hlth-btrfs/handlers/main.yml deleted file mode 100644 index fd49e1e8..00000000 --- a/roles/sys-hlth-btrfs/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-hlth-btrfs service" - systemd: - name: sys-hlth-btrfs{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-hlth-btrfs/tasks/main.yml b/roles/sys-hlth-btrfs/tasks/main.yml deleted file mode 100644 index ec4bdd75..00000000 --- a/roles/sys-hlth-btrfs/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ -- block: - - - name: Include dependency 'sys-alm-compose' - include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined - - - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_btrfs is not defined - -- name: "create {{docker_health_btrfs_folder}}" - file: - path: "{{docker_health_btrfs_folder}}" - state: directory - mode: "0755" - -- name: create sys-hlth-btrfs.sh - copy: - src: sys-hlth-btrfs.sh - dest: "{{docker_health_btrfs_folder}}sys-hlth-btrfs.sh" - -- name: create sys-hlth-btrfs{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-hlth-btrfs.service.j2 - dest: /etc/systemd/system/sys-hlth-btrfs{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-btrfs service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: "include role for sys-timer for {{ service_name }}" - include_role: - name: sys-timer - vars: - on_calendar: "{{on_calendar_health_btrfs}}" diff --git a/roles/sys-hlth-btrfs/templates/sys-hlth-btrfs.service.j2 b/roles/sys-hlth-btrfs/templates/sys-hlth-btrfs.service.j2 deleted file mode 100644 index 8027fed0..00000000 --- a/roles/sys-hlth-btrfs/templates/sys-hlth-btrfs.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Check btrfs status -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStart=/bin/bash {{docker_health_btrfs_folder}}sys-hlth-btrfs.sh diff --git a/roles/sys-hlth-csp/tasks/main.yml b/roles/sys-hlth-csp/tasks/main.yml deleted file mode 100644 index 2c2abe0f..00000000 --- a/roles/sys-hlth-csp/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- block: - - include_tasks: 01_core.yml - - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_csp is not defined \ No newline at end of file diff --git a/roles/sys-hlth-csp/vars/main.yml b/roles/sys-hlth-csp/vars/main.yml deleted file mode 100644 index c147877d..00000000 --- a/roles/sys-hlth-csp/vars/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -health_csp_crawler_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-csp/' -health_csp_crawler_script: '{{ health_csp_crawler_folder }}sys-hlth-csp.py' - diff --git a/roles/sys-hlth-disc-space/handlers/main.yml b/roles/sys-hlth-disc-space/handlers/main.yml deleted file mode 100644 index ed04a628..00000000 --- a/roles/sys-hlth-disc-space/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-hlth-disc-space service" - systemd: - name: sys-hlth-disc-space{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes diff --git a/roles/sys-hlth-disc-space/tasks/main.yml b/roles/sys-hlth-disc-space/tasks/main.yml deleted file mode 100644 index 9591879c..00000000 --- a/roles/sys-hlth-disc-space/tasks/main.yml +++ /dev/null @@ -1,34 +0,0 @@ -- block: - - name: Include dependency 'sys-alm-compose' - include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined - - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_disc_space is not defined - -- name: "create {{health_disc_space_folder}}" - file: - path: "{{health_disc_space_folder}}" - state: directory - mode: "0755" - -- name: create sys-hlth-disc-space.sh - copy: - src: sys-hlth-disc-space.sh - dest: "{{health_disc_space_folder}}sys-hlth-disc-space.sh" - -- name: create sys-hlth-disc-space{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-hlth-disc-space.service.j2 - dest: /etc/systemd/system/sys-hlth-disc-space{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-disc-space service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: "include role for sys-timer for {{ service_name }}" - include_role: - name: sys-timer - vars: - on_calendar: "{{on_calendar_health_disc_space}}" diff --git a/roles/sys-hlth-disc-space/templates/sys-hlth-disc-space.service.j2 b/roles/sys-hlth-disc-space/templates/sys-hlth-disc-space.service.j2 deleted file mode 100644 index 5b463b06..00000000 --- a/roles/sys-hlth-disc-space/templates/sys-hlth-disc-space.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=checking disc space -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStart=/bin/bash {{health_disc_space_folder}}sys-hlth-disc-space.sh {{size_percent_disc_space_warning}} diff --git a/roles/sys-hlth-disc-space/vars/main.yml b/roles/sys-hlth-disc-space/vars/main.yml deleted file mode 100644 index 38b6d645..00000000 --- a/roles/sys-hlth-disc-space/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -health_disc_space_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-disc-space/' diff --git a/roles/sys-hlth-docker-container/handlers/main.yml b/roles/sys-hlth-docker-container/handlers/main.yml deleted file mode 100644 index 6cef6f39..00000000 --- a/roles/sys-hlth-docker-container/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-hlth-docker-container service" - systemd: - name: sys-hlth-docker-container{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes diff --git a/roles/sys-hlth-docker-container/tasks/01_core.yml b/roles/sys-hlth-docker-container/tasks/01_core.yml deleted file mode 100644 index ede058a0..00000000 --- a/roles/sys-hlth-docker-container/tasks/01_core.yml +++ /dev/null @@ -1,31 +0,0 @@ -- name: Include dependency 'sys-alm-compose' - include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined - -- name: "create {{health_docker_container_folder}}" - file: - path: "{{health_docker_container_folder}}" - state: directory - mode: "0755" - -- name: create sys-hlth-docker-container.sh - copy: - src: sys-hlth-docker-container.sh - dest: "{{health_docker_container_folder}}sys-hlth-docker-container.sh" - -- name: create sys-hlth-docker-container{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-hlth-docker-container.service.j2 - dest: /etc/systemd/system/sys-hlth-docker-container{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-docker-container service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: "include role for sys-timer for {{ service_name }}" - include_role: - name: sys-timer - vars: - on_calendar: "{{on_calendar_health_docker_container}}" diff --git a/roles/sys-hlth-docker-container/tasks/main.yml b/roles/sys-hlth-docker-container/tasks/main.yml deleted file mode 100644 index 66b59586..00000000 --- a/roles/sys-hlth-docker-container/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- block: - - include_tasks: 01_core.yml - - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_docker_container is not defined diff --git a/roles/sys-hlth-docker-container/templates/sys-hlth-docker-container.service.j2 b/roles/sys-hlth-docker-container/templates/sys-hlth-docker-container.service.j2 deleted file mode 100644 index 06a946e2..00000000 --- a/roles/sys-hlth-docker-container/templates/sys-hlth-docker-container.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Checking docker health -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStart=/bin/bash {{health_docker_container_folder}}sys-hlth-docker-container.sh diff --git a/roles/sys-hlth-docker-volumes/handlers/main.yml b/roles/sys-hlth-docker-volumes/handlers/main.yml deleted file mode 100644 index f11b6259..00000000 --- a/roles/sys-hlth-docker-volumes/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-hlth-docker-volumes service" - systemd: - name: sys-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes diff --git a/roles/sys-hlth-docker-volumes/tasks/01_core.yml b/roles/sys-hlth-docker-volumes/tasks/01_core.yml deleted file mode 100644 index 251c1153..00000000 --- a/roles/sys-hlth-docker-volumes/tasks/01_core.yml +++ /dev/null @@ -1,31 +0,0 @@ -- name: Include dependency 'sys-alm-compose' - include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined - -- name: "create {{health_docker_volumes_folder}}" - file: - path: "{{health_docker_volumes_folder}}" - state: directory - mode: "0755" - -- name: create sys-hlth-docker-volumes.sh - copy: - src: sys-hlth-docker-volumes.sh - dest: "{{health_docker_volumes_folder}}sys-hlth-docker-volumes.sh" - -- name: create sys-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-hlth-docker-volumes.service.j2 - dest: /etc/systemd/system/sys-hlth-docker-volumes{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-docker-volumes service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: "include role for sys-timer for {{ service_name }}" - include_role: - name: sys-timer - vars: - on_calendar: "{{on_calendar_health_docker_volumes}}" diff --git a/roles/sys-hlth-docker-volumes/tasks/main.yml b/roles/sys-hlth-docker-volumes/tasks/main.yml deleted file mode 100644 index 0e9e4edc..00000000 --- a/roles/sys-hlth-docker-volumes/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- block: - - include_tasks: 01_core.yml - - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_docker_volumes is not defined diff --git a/roles/sys-hlth-docker-volumes/templates/sys-hlth-docker-volumes.service.j2 b/roles/sys-hlth-docker-volumes/templates/sys-hlth-docker-volumes.service.j2 deleted file mode 100644 index adb161ca..00000000 --- a/roles/sys-hlth-docker-volumes/templates/sys-hlth-docker-volumes.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Checking docker health -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStart=/bin/bash {{ health_docker_volumes_folder }}sys-hlth-docker-volumes.sh "{{ whitelisted_anonymous_docker_volumes | join(' ') }}" diff --git a/roles/sys-hlth-journalctl/handlers/main.yml b/roles/sys-hlth-journalctl/handlers/main.yml deleted file mode 100644 index 704ad78c..00000000 --- a/roles/sys-hlth-journalctl/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-hlth-journalctl service" - systemd: - name: sys-hlth-journalctl{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-hlth-journalctl/tasks/01_core.yml b/roles/sys-hlth-journalctl/tasks/01_core.yml deleted file mode 100644 index ace92877..00000000 --- a/roles/sys-hlth-journalctl/tasks/01_core.yml +++ /dev/null @@ -1,31 +0,0 @@ -- name: Include dependency 'sys-alm-compose' - include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined - -- name: "create {{health_journalctl_folder}}" - file: - path: "{{health_journalctl_folder}}" - state: directory - mode: "0755" - -- name: create sys-hlth-journalctl.sh - copy: - src: sys-hlth-journalctl.sh - dest: "{{health_journalctl_folder}}sys-hlth-journalctl.sh" - -- name: create sys-hlth-journalctl{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-hlth-journalctl.service.j2 - dest: /etc/systemd/system/sys-hlth-journalctl{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-journalctl service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: "include role for sys-timer for {{ service_name }}" - include_role: - name: sys-timer - vars: - on_calendar: "{{on_calendar_health_journalctl}}" diff --git a/roles/sys-hlth-journalctl/tasks/main.yml b/roles/sys-hlth-journalctl/tasks/main.yml deleted file mode 100644 index b555c469..00000000 --- a/roles/sys-hlth-journalctl/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- block: - - include_tasks: 01_core.yml - - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_journalctl is not defined \ No newline at end of file diff --git a/roles/sys-hlth-journalctl/templates/sys-hlth-journalctl.service.j2 b/roles/sys-hlth-journalctl/templates/sys-hlth-journalctl.service.j2 deleted file mode 100644 index dd4dd602..00000000 --- a/roles/sys-hlth-journalctl/templates/sys-hlth-journalctl.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=checking journalctl health -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStart=/bin/bash {{health_journalctl_folder}}sys-hlth-journalctl.sh diff --git a/roles/sys-hlth-journalctl/vars/main.yml b/roles/sys-hlth-journalctl/vars/main.yml deleted file mode 100644 index 9a88dc8a..00000000 --- a/roles/sys-hlth-journalctl/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -health_journalctl_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-journalctl/' - diff --git a/roles/sys-hlth-msmtp/README.md b/roles/sys-hlth-msmtp/README.md deleted file mode 100644 index f9b8ecdf..00000000 --- a/roles/sys-hlth-msmtp/README.md +++ /dev/null @@ -1,21 +0,0 @@ -# sys-hlth-msmtp - -## Description - -This Ansible role sends periodic health check emails using **msmtp** to verify that your mail transport agent is operational. It deploys a simple script and hooks it into a systemd service and timer, with failure notifications sent via Telegram. - -## Overview - -Optimized for Archlinux, this role creates the required directory structure, installs and configures the sys-hlth-check script, and integrates with the **sys-alm-telegram** role. It uses the **sys-timer** role to schedule regular checks based on your customizable `OnCalendar` setting. - -## Purpose - -The **sys-hlth-msmtp** role ensures that your mail transport system stays available by sending a test email at defined intervals. If the email fails, a Telegram alert is triggered, allowing you to detect and address issues before they impact users. - -## Features - -- **Directory & Script Deployment:** Sets up `sys-hlth-msmtp/` and deploys a templated Bash script to send test emails via msmtp. -- **Systemd Service & Timer:** Provides `.service` and `.timer` units to run the check and schedule it automatically. -- **Failure Notifications:** Leverages **sys-alm-telegram** to push alerts when the script exits with an error. -- **Configurable Schedule:** Define your desired check frequency using the `on_calendar_health_msmtp` variable. -- **Email Destination:** Specify the recipient via the `users.administrator.email` variable. \ No newline at end of file diff --git a/roles/sys-hlth-msmtp/handlers/main.yml b/roles/sys-hlth-msmtp/handlers/main.yml deleted file mode 100644 index 7c2c6e6a..00000000 --- a/roles/sys-hlth-msmtp/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: reload sys-hlth-msmtp service - systemd: - name: sys-hlth-msmtp{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-hlth-msmtp/tasks/main.yml b/roles/sys-hlth-msmtp/tasks/main.yml deleted file mode 100644 index 57bbb57b..00000000 --- a/roles/sys-hlth-msmtp/tasks/main.yml +++ /dev/null @@ -1,35 +0,0 @@ -- block: - - name: Include dependency 'sys-alm-telegram' - include_role: - name: sys-alm-telegram - when: run_once_sys_alm_telegram is not defined - - include_tasks: utils/run_once.yml - when: run_once_sys_hlth_msmtp is not defined - -- name: "create {{ health_msmtp_folder }}" - file: - path: "{{ health_msmtp_folder }}" - state: directory - mode: "0755" - -- name: create sys-hlth-msmtp.sh - template: - src: sys-hlth-msmtp.sh.j2 - dest: "{{ health_msmtp_folder }}sys-hlth-msmtp.sh" - mode: '0755' - -- name: create sys-hlth-msmtp{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-hlth-msmtp.service.j2 - dest: /etc/systemd/system/sys-hlth-msmtp{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-hlth-msmtp service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: include role for sys-timer for {{ service_name }} - include_role: - name: sys-timer - vars: - on_calendar: "{{ on_calendar_health_msmtp }}" diff --git a/roles/sys-hlth-msmtp/templates/sys-hlth-msmtp.service.j2 b/roles/sys-hlth-msmtp/templates/sys-hlth-msmtp.service.j2 deleted file mode 100644 index 6b2d0253..00000000 --- a/roles/sys-hlth-msmtp/templates/sys-hlth-msmtp.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Check msmtp liveliness -OnFailure=sys-alm-telegram.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStart=/bin/bash {{ health_msmtp_folder }}sys-hlth-msmtp.sh diff --git a/roles/sys-hlth-msmtp/vars/main.yml b/roles/sys-hlth-msmtp/vars/main.yml deleted file mode 100644 index e3eaf795..00000000 --- a/roles/sys-hlth-msmtp/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -health_msmtp_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-msmtp/' - diff --git a/roles/sys-hlth-webserver/handlers/main.yml b/roles/sys-hlth-webserver/handlers/main.yml deleted file mode 100644 index daf44e77..00000000 --- a/roles/sys-hlth-webserver/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-hlth-webserver service" - systemd: - name: sys-hlth-webserver{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes diff --git a/roles/sys-hlth-webserver/templates/sys-hlth-webserver.service.j2 b/roles/sys-hlth-webserver/templates/sys-hlth-webserver.service.j2 deleted file mode 100644 index 35f40b50..00000000 --- a/roles/sys-hlth-webserver/templates/sys-hlth-webserver.service.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Check nginx configuration status -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/python3 {{ health_nginx_folder }}sys-hlth-webserver.py diff --git a/roles/sys-hlth-webserver/vars/main.yml b/roles/sys-hlth-webserver/vars/main.yml deleted file mode 100644 index 104e315d..00000000 --- a/roles/sys-hlth-webserver/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -health_nginx_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-hlth-webserver/' diff --git a/roles/sys-lock/files/sys-lock.py b/roles/sys-lock/files/sys-lock.py index b2e6c09b..aa4f9f76 100644 --- a/roles/sys-lock/files/sys-lock.py +++ b/roles/sys-lock/files/sys-lock.py @@ -65,21 +65,13 @@ def wait_for_all_services_to_stop(filtered_services, max_attempts, attempt): def get_max_attempts(timeout_sec): return timeout_sec // BREAK_TIME_SECONDS -def append_suffix_to_services(services, suffix=".infinito"): - """ - Append a specified suffix to each service name in the list. - """ - return [service + suffix for service in services] - def main(services, ignored_services, timeout_sec): """ Main function to process the command-line arguments and perform actions. """ - services_with_suffix = append_suffix_to_services(services) - ignored_services_with_suffix = append_suffix_to_services(ignored_services) - filtered_services = filter_services(services_with_suffix, ignored_services_with_suffix ) - print(f"Services to handle: {services_with_suffix}") - print(f"Services to ignore: {ignored_services_with_suffix}") + filtered_services = filter_services(services, ignored_services ) + print(f"Services to handle: {services}") + print(f"Services to ignore: {ignored_services}") print(f"Services filtered: {filtered_services}") print("Waiting for services to stop.") diff --git a/roles/sys-rpr-btrfs-blnc/handlers/main.yml b/roles/sys-rpr-btrfs-blnc/handlers/main.yml deleted file mode 100644 index 78b5137f..00000000 --- a/roles/sys-rpr-btrfs-blnc/handlers/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- name: "reload sys-rpr-btrfs-blnc service" - systemd: - name: sys-rpr-btrfs-blnc{{ SYS_SERVICE_SUFFIX }} - daemon_reload: yes \ No newline at end of file diff --git a/roles/sys-rpr-btrfs-blnc/tasks/01_core.yml b/roles/sys-rpr-btrfs-blnc/tasks/01_core.yml deleted file mode 100644 index 027270e9..00000000 --- a/roles/sys-rpr-btrfs-blnc/tasks/01_core.yml +++ /dev/null @@ -1,26 +0,0 @@ -- name: Include dependency 'sys-alm-compose' - include_role: - name: sys-alm-compose - when: run_once_sys_alm_compose is not defined - -- name: "pkgmgr install" - include_role: - name: pkgmgr-install - vars: - package_name: btrfs-auto-balancer - -- name: configure sys-rpr-btrfs-blnc{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-rpr-btrfs-blnc.service.j2 - dest: /etc/systemd/system/sys-rpr-btrfs-blnc{{ SYS_SERVICE_SUFFIX }} - notify: reload sys-rpr-btrfs-blnc service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: "include role for sys-timer for {{ service_name }}" - include_role: - name: sys-timer - vars: - on_calendar: "{{on_calendar_btrfs_auto_balancer}}" diff --git a/roles/sys-rpr-btrfs-blnc/tasks/main.yml b/roles/sys-rpr-btrfs-blnc/tasks/main.yml deleted file mode 100644 index f8533a36..00000000 --- a/roles/sys-rpr-btrfs-blnc/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- block: - - include_tasks: 01_core.yml - - include_tasks: utils/run_once.yml - when: run_once_sys_rpr_btrfs_blnc is not defined diff --git a/roles/sys-rpr-docker-hard/handlers/main.yml b/roles/sys-rpr-docker-hard/handlers/main.yml deleted file mode 100644 index 19bf8988..00000000 --- a/roles/sys-rpr-docker-hard/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: "reload sys-rpr-docker-hard service" - systemd: - name: sys-rpr-docker-hard{{ SYS_SERVICE_SUFFIX }} - enabled: yes - daemon_reload: yes diff --git a/roles/sys-rpr-docker-hard/tasks/main.yml b/roles/sys-rpr-docker-hard/tasks/main.yml deleted file mode 100644 index d618e712..00000000 --- a/roles/sys-rpr-docker-hard/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- block: - - include_tasks: 01_core.yml - - include_tasks: utils/run_once.yml - when: run_once_sys_rpr_docker_hard is not defined \ No newline at end of file diff --git a/roles/sys-rpr-docker-hard/templates/sys-rpr-docker-hard.service.j2 b/roles/sys-rpr-docker-hard/templates/sys-rpr-docker-hard.service.j2 deleted file mode 100644 index e094a657..00000000 --- a/roles/sys-rpr-docker-hard/templates/sys-rpr-docker-hard.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=Restart Docker Instances -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services | join(' ') }} sys-rpr-docker-hard --timeout "{{system_maintenance_lock_timeout_restart_docker}}"' -ExecStart=/bin/sh -c '/usr/bin/python {{restart_docker_script}} {{ PATH_DOCKER_COMPOSE_INSTANCES }}' \ No newline at end of file diff --git a/roles/sys-rpr-docker-hard/vars/main.yml b/roles/sys-rpr-docker-hard/vars/main.yml deleted file mode 100644 index b61e5d29..00000000 --- a/roles/sys-rpr-docker-hard/vars/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -restart_docker_folder: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-rpr-docker-hard/' -restart_docker_script: '{{restart_docker_folder}}sys-rpr-docker-hard.py' - diff --git a/roles/sys-rpr-docker-soft/handlers/main.yml b/roles/sys-rpr-docker-soft/handlers/main.yml deleted file mode 100644 index 6b09fb84..00000000 --- a/roles/sys-rpr-docker-soft/handlers/main.yml +++ /dev/null @@ -1,5 +0,0 @@ -- name: restart sys-rpr-docker-soft service - systemd: - name: sys-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} - state: restarted - daemon_reload: yes diff --git a/roles/sys-rpr-docker-soft/tasks/01_core.yml b/roles/sys-rpr-docker-soft/tasks/01_core.yml deleted file mode 100644 index 13176e05..00000000 --- a/roles/sys-rpr-docker-soft/tasks/01_core.yml +++ /dev/null @@ -1,32 +0,0 @@ -- name: Include dependency 'sys-lock' - include_role: - name: sys-lock - when: run_once_sys_lock is not defined - -- name: "create {{heal_docker}}" - file: - path: "{{heal_docker}}" - state: directory - mode: "0755" - -- name: create sys-rpr-docker-soft.py - template: - src: sys-rpr-docker-soft.py.j2 - dest: "{{heal_docker}}sys-rpr-docker-soft.py" - notify: restart sys-rpr-docker-soft service - -- name: create sys-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} - template: - src: sys-rpr-docker-soft.service.j2 - dest: /etc/systemd/system/sys-rpr-docker-soft{{ SYS_SERVICE_SUFFIX }} - notify: restart sys-rpr-docker-soft service - -- name: "set 'service_name' to '{{ role_name }}'" - set_fact: - service_name: "{{ role_name }}" - -- name: "include role for sys-timer for {{ service_name }}" - include_role: - name: sys-timer - vars: - on_calendar: "{{on_calendar_heal_docker}}" diff --git a/roles/sys-rpr-docker-soft/tasks/main.yml b/roles/sys-rpr-docker-soft/tasks/main.yml deleted file mode 100644 index c3790712..00000000 --- a/roles/sys-rpr-docker-soft/tasks/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- block: - - include_tasks: 01_core.yml - - include_tasks: utils/run_once.yml - when: run_once_sys_rpr_docker_soft is not defined \ No newline at end of file diff --git a/roles/sys-rpr-docker-soft/templates/sys-rpr-docker-soft.service.j2 b/roles/sys-rpr-docker-soft/templates/sys-rpr-docker-soft.service.j2 deleted file mode 100644 index c7125165..00000000 --- a/roles/sys-rpr-docker-soft/templates/sys-rpr-docker-soft.service.j2 +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=restart unhealthy docker containers -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service - -[Service] -Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} sys-rpr-docker-soft --timeout "{{system_maintenance_lock_timeout_heal_docker}}"' -ExecStart=/bin/sh -c '/bin/python {{heal_docker}}sys-rpr-docker-soft.py {{ PATH_DOCKER_COMPOSE_INSTANCES }}' \ No newline at end of file diff --git a/roles/sys-rpr-docker-soft/vars/main.yml b/roles/sys-rpr-docker-soft/vars/main.yml deleted file mode 100644 index 63c63b58..00000000 --- a/roles/sys-rpr-docker-soft/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -heal_docker: '{{ PATH_ADMINISTRATOR_SCRIPTS }}sys-rpr-docker-soft/' - diff --git a/roles/sys-srv-web-inj-css/templates/global.css.j2 b/roles/sys-srv-web-inj-css/templates/global.css.j2 index d0ea8f72..040a0625 100644 --- a/roles/sys-srv-web-inj-css/templates/global.css.j2 +++ b/roles/sys-srv-web-inj-css/templates/global.css.j2 @@ -1198,7 +1198,7 @@ input.ng-empty::placeholder,.ng-empty::placeholder { border-color: var(--color-01-67) } -.sys-alm-info { - --bs-sys-alm-color: var(--color-03-14); - --bs-sys-alm-bg: var(--color-01-86); +.sys-ctl-alm-info { + --bs-sys-ctl-alm-color: var(--color-03-14); + --bs-sys-ctl-alm-bg: var(--color-01-86); } \ No newline at end of file diff --git a/roles/sys-bkp-directory-validator/README.md b/roles/sys-svc-directory-validator/README.md similarity index 89% rename from roles/sys-bkp-directory-validator/README.md rename to roles/sys-svc-directory-validator/README.md index 19754a5d..661383fe 100644 --- a/roles/sys-bkp-directory-validator/README.md +++ b/roles/sys-svc-directory-validator/README.md @@ -2,7 +2,7 @@ ## Description -This Ansible role installs the [directory-validator](https://github.com/kevinveenbirkenbach/directory-validator.git). It is used by the sys-bkp-docker-2-loc and sys-cln-faild-bkps roles to verify whether backups have been successfully created. +This Ansible role installs the [directory-validator](https://github.com/kevinveenbirkenbach/directory-validator.git). It is used by the sys-ctl-bkp-docker-2-loc and sys-ctl-cln-faild-bkps roles to verify whether backups have been successfully created. ## Overview diff --git a/roles/sys-bkp-directory-validator/meta/main.yml b/roles/sys-svc-directory-validator/meta/main.yml similarity index 100% rename from roles/sys-bkp-directory-validator/meta/main.yml rename to roles/sys-svc-directory-validator/meta/main.yml diff --git a/roles/sys-bkp-directory-validator/tasks/main.yml b/roles/sys-svc-directory-validator/tasks/main.yml similarity index 100% rename from roles/sys-bkp-directory-validator/tasks/main.yml rename to roles/sys-svc-directory-validator/tasks/main.yml diff --git a/roles/sys-svc-docker/README.md b/roles/sys-svc-docker/README.md index eb3da6ce..d6cc7dd9 100644 --- a/roles/sys-svc-docker/README.md +++ b/roles/sys-svc-docker/README.md @@ -18,12 +18,12 @@ When enabled via `MODE_CLEANUP` or `MODE_RESET`, it will automatically prune unu - **Integrated Dependencies** Includes backup, repair, and health check sub-roles: - - `sys-bkp-docker-2-loc` + - `sys-ctl-bkp-docker-2-loc` - `user-administrator` - - `sys-hlth-docker-container` - - `sys-hlth-docker-volumes` - - `sys-rpr-docker-soft` - - `sys-rpr-docker-hard` + - `sys-ctl-hlth-docker-container` + - `sys-ctl-hlth-docker-volumes` + - `sys-ctl-rpr-docker-soft` + - `sys-ctl-rpr-docker-hard` - **Cleanup & Reset Modes** - `MODE_CLEANUP`: Removes unused Docker containers, networks, images, and volumes. diff --git a/roles/sys-svc-docker/tasks/01_core.yml b/roles/sys-svc-docker/tasks/01_core.yml index c178df87..353bdd21 100644 --- a/roles/sys-svc-docker/tasks/01_core.yml +++ b/roles/sys-svc-docker/tasks/01_core.yml @@ -18,8 +18,8 @@ include_role: name: "{{ item }}" loop: - - sys-bkp-docker-2-loc - - sys-hlth-docker-container - - sys-hlth-docker-volumes - - sys-rpr-docker-soft - - sys-rpr-docker-hard \ No newline at end of file + - sys-ctl-bkp-docker-2-loc + - sys-ctl-hlth-docker-container + - sys-ctl-hlth-docker-volumes + - sys-ctl-rpr-docker-soft + - sys-ctl-rpr-docker-hard \ No newline at end of file diff --git a/roles/sys-svc-journalctl/README.md b/roles/sys-svc-journalctl/README.md index 62dfa248..bf1f4b94 100644 --- a/roles/sys-svc-journalctl/README.md +++ b/roles/sys-svc-journalctl/README.md @@ -22,7 +22,7 @@ This Ansible role manages the configuration of `systemd-journald` on target host - Customizable retention and runtime limits - Seamless restarts on config update -- Integration with `sys-hlth-journalctl` for downstream monitoring +- Integration with `sys-ctl-hlth-journalctl` for downstream monitoring ## Usage diff --git a/roles/sys-svc-journalctl/tasks/main.yml b/roles/sys-svc-journalctl/tasks/main.yml index b5e1b28e..db7bd210 100644 --- a/roles/sys-svc-journalctl/tasks/main.yml +++ b/roles/sys-svc-journalctl/tasks/main.yml @@ -1,8 +1,8 @@ - block: - - name: Include dependency 'sys-hlth-journalctl' + - name: Include dependency 'sys-ctl-hlth-journalctl' include_role: - name: sys-hlth-journalctl - when: run_once_sys_hlth_journalctl is not defined + name: sys-ctl-hlth-journalctl + when: run_once_sys_ctl_hlth_journalctl is not defined - include_tasks: utils/run_once.yml when: run_once_sys_svc_journalctl is not defined diff --git a/roles/sys-svc-msmtp/tasks/01_core.yml b/roles/sys-svc-msmtp/tasks/01_core.yml index 33d4211f..95b207c5 100644 --- a/roles/sys-svc-msmtp/tasks/01_core.yml +++ b/roles/sys-svc-msmtp/tasks/01_core.yml @@ -1,7 +1,7 @@ -- name: Include dependency 'sys-hlth-msmtp' +- name: Include dependency 'sys-ctl-hlth-msmtp' include_role: - name: sys-hlth-msmtp - when: run_once_sys_hlth_msmtp is not defined + name: sys-ctl-hlth-msmtp + when: run_once_sys_ctl_hlth_msmtp is not defined - name: install msmtp msmtp-mta community.general.pacman: diff --git a/roles/sys-cln-bkps-timer/README.md b/roles/sys-timer-cln-bkps/README.md similarity index 72% rename from roles/sys-cln-bkps-timer/README.md rename to roles/sys-timer-cln-bkps/README.md index d10307a2..93c97af1 100644 --- a/roles/sys-cln-bkps-timer/README.md +++ b/roles/sys-timer-cln-bkps/README.md @@ -2,13 +2,13 @@ ## Description -This role sets up a systemd timer to schedule the periodic cleanup of old backups. It leverages the sys-cln-bkps-service role to perform the actual cleanup operation. +This role sets up a systemd timer to schedule the periodic cleanup of old backups. It leverages the sys-ctl-cln-bkps role to perform the actual cleanup operation. ## Overview Optimized for automated maintenance, this role: - Sets a fact for the service name. -- Integrates with the [sys-timer](../sys-timer/README.md) role to schedule sys-cln-backups tasks at defined intervals. +- Integrates with the [sys-timer](../sys-timer/README.md) role to schedule sys-ctl-cln-backups tasks at defined intervals. ## Purpose @@ -17,5 +17,5 @@ The primary purpose of this role is to automate the scheduling of backup cleanup ## Features - **Timer Scheduling:** Configures a systemd timer to trigger the backup cleanup service. -- **Role Integration:** Works in conjunction with the sys-cln-bkps-service role. +- **Role Integration:** Works in conjunction with the sys-ctl-cln-bkps role. - **Idempotency:** Ensures the timer tasks execute only once per playbook run. diff --git a/roles/sys-cln-bkps-timer/meta/main.yml b/roles/sys-timer-cln-bkps/meta/main.yml similarity index 89% rename from roles/sys-cln-bkps-timer/meta/main.yml rename to roles/sys-timer-cln-bkps/meta/main.yml index a4fecbe8..97efe10f 100644 --- a/roles/sys-cln-bkps-timer/meta/main.yml +++ b/roles/sys-timer-cln-bkps/meta/main.yml @@ -1,6 +1,6 @@ galaxy_info: author: "Kevin Veen-Birkenbach" - description: "Schedules periodic cleanup of old backups by configuring a systemd timer to trigger the sys-cln-bkps-service role." + description: "Schedules periodic cleanup of old backups by configuring a systemd timer to trigger the sys-ctl-cln-bkps role." license: "Infinito.Nexus NonCommercial License" license_url: "https://s.infinito.nexus/license" company: | diff --git a/roles/sys-cln-bkps-timer/tasks/01_core.yml b/roles/sys-timer-cln-bkps/tasks/01_core.yml similarity index 57% rename from roles/sys-cln-bkps-timer/tasks/01_core.yml rename to roles/sys-timer-cln-bkps/tasks/01_core.yml index b32a8330..2618ab65 100644 --- a/roles/sys-cln-bkps-timer/tasks/01_core.yml +++ b/roles/sys-timer-cln-bkps/tasks/01_core.yml @@ -2,15 +2,15 @@ include_role: name: '{{ item }}' loop: - - sys-cln-bkps-service + - sys-ctl-cln-bkps - sys-rst-daemon -- name: set service_name to sys-cln-backups +- name: set service_name to sys-ctl-cln-backups set_fact: - service_name: "sys-cln-backups" + service_name: "sys-ctl-cln-backups" - name: "include role for sys-timer for {{ service_name }}" include_role: name: sys-timer vars: - on_calendar: "{{on_calendar_cleanup_backups}}" \ No newline at end of file + on_calendar: "{{SYS_SCHEDULE_CLEANUP_BACKUPS}}" \ No newline at end of file diff --git a/roles/sys-cln-bkps-timer/tasks/main.yml b/roles/sys-timer-cln-bkps/tasks/main.yml similarity index 53% rename from roles/sys-cln-bkps-timer/tasks/main.yml rename to roles/sys-timer-cln-bkps/tasks/main.yml index 4c68b96f..ac31cb5f 100644 --- a/roles/sys-cln-bkps-timer/tasks/main.yml +++ b/roles/sys-timer-cln-bkps/tasks/main.yml @@ -2,5 +2,5 @@ - include_tasks: 01_core.yml - name: run the cleanup_backups_timer tasks once set_fact: - run_once_sys_cln_bkps_timer: true - when: run_once_sys_cln_bkps_timer is not defined + run_once_sys_timer_cln_bkps: true + when: run_once_sys_timer_cln_bkps is not defined diff --git a/roles/update-docker/tasks/01_core.yml b/roles/update-docker/tasks/01_core.yml index 9ff662b1..2528c4d2 100644 --- a/roles/update-docker/tasks/01_core.yml +++ b/roles/update-docker/tasks/01_core.yml @@ -3,9 +3,9 @@ name: sys-lock when: run_once_sys_lock is not defined -- name: "start sys-bkp-docker-2-loc-everything{{ SYS_SERVICE_SUFFIX }}" +- name: "start sys-ctl-bkp-docker-2-loc-everything{{ SYS_SERVICE_SUFFIX }}" systemd: - name: sys-bkp-docker-2-loc-everything{{ SYS_SERVICE_SUFFIX }} + name: sys-ctl-bkp-docker-2-loc-everything{{ SYS_SERVICE_SUFFIX }} state: started when: - MODE_BACKUP | bool diff --git a/roles/update-docker/templates/update-docker.service.j2 b/roles/update-docker/templates/update-docker.service.j2 index d7e517d4..1037f60a 100644 --- a/roles/update-docker/templates/update-docker.service.j2 +++ b/roles/update-docker/templates/update-docker.service.j2 @@ -1,8 +1,8 @@ [Unit] Description=Updates Docker Instances -OnFailure=sys-alm-compose.{{ SOFTWARE_NAME }}@%n.service +OnFailure=sys-ctl-alm-compose.{{ SOFTWARE_NAME }}@%n.service [Service] Type=oneshot -ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services | join(' ') }} update-docker --timeout "{{system_maintenance_lock_timeout_heal_docker}}"' +ExecStartPre=/bin/sh -c '/usr/bin/python {{ PATH_SYSTEM_LOCK_SCRIPT }} {{ SYS_SERVICE_GROUP_MANIPULATION | join(' ') }} --ignore {{SYS_SERVICE_GROUP_CLEANUP | join(' ') }} update-docker --timeout "{{SYS_TIMEOUT_HEAL_DOCKER}}"' ExecStart=/bin/sh -c '/usr/bin/python {{update_docker_script}} {{ PATH_DOCKER_COMPOSE_INSTANCES }}' \ No newline at end of file diff --git a/roles/web-app-bigbluebutton/tasks/main.yml b/roles/web-app-bigbluebutton/tasks/main.yml index cf5cfda5..20960ecd 100644 --- a/roles/web-app-bigbluebutton/tasks/main.yml +++ b/roles/web-app-bigbluebutton/tasks/main.yml @@ -15,7 +15,7 @@ vars: docker_compose_flush_handlers: false - name: "include 04_seed-database-to-backup.yml" - include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml" + include_tasks: "{{ playbook_dir }}/roles/sys-ctl-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml" - name: "Unset 'proxy_extra_configuration'" set_fact: diff --git a/roles/web-app-mailu/tasks/01_core.yml b/roles/web-app-mailu/tasks/01_core.yml index 8569dbb2..00b89be4 100644 --- a/roles/web-app-mailu/tasks/01_core.yml +++ b/roles/web-app-mailu/tasks/01_core.yml @@ -17,7 +17,7 @@ - name: "Include Cert deploy service for '{{ role_name }}'" include_role: - name: sys-svc-cert-sync-docker + name: sys-ctl-mtn-cert-deploy vars: domain: "{{ MAILU_HOSTNAME }}" diff --git a/roles/web-app-matrix/tasks/02_create-and-seed-database.yml b/roles/web-app-matrix/tasks/02_create-and-seed-database.yml index 660b5ad7..1b55d382 100644 --- a/roles/web-app-matrix/tasks/02_create-and-seed-database.yml +++ b/roles/web-app-matrix/tasks/02_create-and-seed-database.yml @@ -10,4 +10,4 @@ when: applications | get_app_conf(application_id, 'features.central_database', False) - name: "include 04_seed-database-to-backup.yml" - include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml" \ No newline at end of file + include_tasks: "{{ playbook_dir }}/roles/sys-ctl-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml" \ No newline at end of file diff --git a/roles/web-app-nextcloud/docs/Update.md b/roles/web-app-nextcloud/docs/Update.md index 1d656e52..ed1e349f 100644 --- a/roles/web-app-nextcloud/docs/Update.md +++ b/roles/web-app-nextcloud/docs/Update.md @@ -43,8 +43,8 @@ and disable any non-functioning apps. ```bash cd {{ PATH_DOCKER_COMPOSE_INSTANCES }}nextcloud && docker-compose down && -docker-compose exec -i database mysql -u nextcloud -pPASSWORT nextcloud < "/Backups/$(sha256sum /etc/machine-id | head -c 64)/sys-bkp-docker-2-loc/latest/nextcloud_database/sql/backup.sql" && -cd {{ PATH_ADMINISTRATOR_SCRIPTS }}sys-bkp-docker-2-loc && +docker-compose exec -i database mysql -u nextcloud -pPASSWORT nextcloud < "/Backups/$(sha256sum /etc/machine-id | head -c 64)/sys-ctl-bkp-docker-2-loc/latest/nextcloud_database/sql/backup.sql" && +cd {{ PATH_ADMINISTRATOR_SCRIPTS }}sys-ctl-bkp-docker-2-loc && bash ./recover-web-app-from-local.sh "nextcloud_data" "$(sha256sum /etc/machine-id | head -c 64)" ``` diff --git a/roles/web-app-nextcloud/vars/system.yml b/roles/web-app-nextcloud/vars/system.yml index 583386c3..8c65ffbb 100644 --- a/roles/web-app-nextcloud/vars/system.yml +++ b/roles/web-app-nextcloud/vars/system.yml @@ -9,7 +9,7 @@ nextcloud_system_config: - parameter: "maintenance_window_start" type: "integer" - value: "{{ on_calendar_nextcloud }}" + value: "{{ SYS_SCHEDULE_MAINTANANCE_NEXTCLOUD }}" - parameter: "default_phone_region" value: "{{ HOST_LL | upper }}" diff --git a/tasks/stages/02_server.yml b/tasks/stages/02_server.yml index 188e51f1..56b81891 100644 --- a/tasks/stages/02_server.yml +++ b/tasks/stages/02_server.yml @@ -7,10 +7,10 @@ - user-root - sys-svc-sshd - sys-svc-journalctl - - sys-hlth-disc-space - - sys-cln-disc-space - - sys-hlth-btrfs - - sys-rpr-btrfs-blnc + - sys-ctl-hlth-disc-space + - sys-ctl-cln-disc-space + - sys-ctl-hlth-btrfs + - sys-ctl-rpr-btrfs-balancer # It is necessary to setup Matomo first, because all other web apps need it if matomo is activated - name: setup web-app-matomo diff --git a/tests/integration/test_networks_unique_valid_and_mapped.py b/tests/integration/test_networks_unique_valid_and_mapped.py index aa2e6102..273747e2 100644 --- a/tests/integration/test_networks_unique_valid_and_mapped.py +++ b/tests/integration/test_networks_unique_valid_and_mapped.py @@ -7,10 +7,10 @@ import ipaddress class TestNetworksUniqueValidAndMapped(unittest.TestCase): @classmethod def setUpClass(cls): - # locate group_vars/all/10_networks.yml + # locate group_vars/all/09_networks.yml base_dir = os.path.dirname(__file__) cls.networks_file = os.path.abspath( - os.path.join(base_dir, '..', '..', 'group_vars', 'all', '10_networks.yml') + os.path.join(base_dir, '..', '..', 'group_vars', 'all', '09_networks.yml') ) if os.path.isfile(cls.networks_file): with open(cls.networks_file, 'r', encoding='utf-8') as f: @@ -28,7 +28,7 @@ class TestNetworksUniqueValidAndMapped(unittest.TestCase): def test_unique_and_non_overlapping_subnets(self): """Ensure that all subnets are valid, unique and do not overlap.""" if self.networks_data is None: - self.skipTest("10_networks.yml not found, skipping subnet validation.") + self.skipTest("09_networks.yml not found, skipping subnet validation.") # extract all named subnets under defaults_networks.local local = self.networks_data.get('defaults_networks', {}).get('local', {}) @@ -73,7 +73,7 @@ class TestNetworksUniqueValidAndMapped(unittest.TestCase): matches an application_id in some roles/*/vars/main.yml. """ if self.networks_data is None: - self.skipTest("10_networks.yml not found, skipping application_id mapping check.") + self.skipTest("09_networks.yml not found, skipping application_id mapping check.") # collect network names local = self.networks_data.get('defaults_networks', {}).get('local', {}) diff --git a/tests/unit/cli/create/test_role.py b/tests/unit/cli/create/test_role.py index 8bd00edc..147d3c0e 100644 --- a/tests/unit/cli/create/test_role.py +++ b/tests/unit/cli/create/test_role.py @@ -19,7 +19,7 @@ class TestCreateDockerRoleCLI(unittest.TestCase): # Temporary directory for YAML files and templates self.tmpdir = tempfile.mkdtemp() self.ports_file = os.path.join(self.tmpdir, '09_ports.yml') - self.networks_file = os.path.join(self.tmpdir, '10_networks.yml') + self.networks_file = os.path.join(self.tmpdir, '09_networks.yml') def tearDown(self): shutil.rmtree(self.tmpdir) diff --git a/tests/unit/filter_plugins/test_get_entity_name.py b/tests/unit/filter_plugins/test_get_entity_name.py index 5d9ee0d2..a7e48fe2 100644 --- a/tests/unit/filter_plugins/test_get_entity_name.py +++ b/tests/unit/filter_plugins/test_get_entity_name.py @@ -17,32 +17,24 @@ class TestGetEntityNameFilter(unittest.TestCase): categories = { 'roles': { 'web': { - 'app': { - 'title': "Applications", - 'invokable': True - }, - 'svc': { - 'title': "Services", - 'invokable': True - } + 'app': {'title': "Applications", 'invokable': True}, + 'svc': {'title': "Services", 'invokable': True}, }, 'util': { - 'desk': { - 'dev': { - 'title': "Dev Utilities", - 'invokable': True - } - } + 'desk': { + 'dev': {'title': "Dev Utilities", 'invokable': True} + } }, 'sys': { - 'bkp': { - 'title': "Backup", - 'invokable': True - }, - 'hlth': { - 'title': "Health", - 'invokable': True - } + 'ctl': { + 'bkp': {'title': "Backup", 'invokable': True}, + 'hlth': {'title': "Health", 'invokable': True}, + }, + # falls du 'core' o. ä. brauchst, hier ergänzen + }, + # 'svc' ist in deinem echten Baum top-level, nicht unter 'sys' + 'svc': { + 'db': {'title': "Databases", 'invokable': True} } } } @@ -77,10 +69,10 @@ class TestGetEntityNameFilter(unittest.TestCase): self.assertEqual(self.get_entity_name("util-desk-dev-shell"), "shell") def test_entity_name_sys_bkp(self): - self.assertEqual(self.get_entity_name("sys-bkp-directory-validator"), "directory-validator") + self.assertEqual(self.get_entity_name("sys-ctl-bkp-directory-validator"), "directory-validator") def test_entity_name_sys_hlth(self): - self.assertEqual(self.get_entity_name("sys-hlth-btrfs"), "btrfs") + self.assertEqual(self.get_entity_name("sys-ctl-hlth-btrfs"), "btrfs") def test_no_category_match(self): # Unknown category, should return input diff --git a/tests/unit/roles/sys-bkp-docker-2-loc/__init__.py b/tests/unit/roles/sys-ctl-bkp-docker-2-loc/__init__.py similarity index 100% rename from tests/unit/roles/sys-bkp-docker-2-loc/__init__.py rename to tests/unit/roles/sys-ctl-bkp-docker-2-loc/__init__.py diff --git a/tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/__init__.py b/tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/__init__.py similarity index 100% rename from tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/__init__.py rename to tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/__init__.py diff --git a/tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/test_dict_to_cli_args.py b/tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/test_dict_to_cli_args.py similarity index 92% rename from tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/test_dict_to_cli_args.py rename to tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/test_dict_to_cli_args.py index f12c5e00..6155b0e6 100644 --- a/tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/test_dict_to_cli_args.py +++ b/tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/test_dict_to_cli_args.py @@ -2,10 +2,10 @@ import unittest import os import sys -# Add the path to roles/sys-bkp-docker-2-loc/filter_plugins +# Add the path to roles/sys-ctl-bkp-docker-2-loc/filter_plugins CURRENT_DIR = os.path.dirname(__file__) FILTER_PLUGIN_DIR = os.path.abspath( - os.path.join(CURRENT_DIR, '../../../../../roles/sys-bkp-docker-2-loc/filter_plugins') + os.path.join(CURRENT_DIR, '../../../../../roles/sys-ctl-bkp-docker-2-loc/filter_plugins') ) sys.path.insert(0, FILTER_PLUGIN_DIR) diff --git a/tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/test_find_dock_val_by_bkp_entr.py b/tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/test_find_dock_val_by_bkp_entr.py similarity index 98% rename from tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/test_find_dock_val_by_bkp_entr.py rename to tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/test_find_dock_val_by_bkp_entr.py index b0091e2c..ce929aca 100644 --- a/tests/unit/roles/sys-bkp-docker-2-loc/filter_plugins/test_find_dock_val_by_bkp_entr.py +++ b/tests/unit/roles/sys-ctl-bkp-docker-2-loc/filter_plugins/test_find_dock_val_by_bkp_entr.py @@ -5,7 +5,7 @@ import os TEST_DIR = os.path.dirname(__file__) PLUGIN_PATH = os.path.abspath(os.path.join( TEST_DIR, - '../../../../../roles/sys-bkp-docker-2-loc/filter_plugins/find_dock_val_by_bkp_entr.py' + '../../../../../roles/sys-ctl-bkp-docker-2-loc/filter_plugins/find_dock_val_by_bkp_entr.py' )) spec = importlib.util.spec_from_file_location("find_dock_val_by_bkp_entr", PLUGIN_PATH)