mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-07-17 14:04:24 +02:00
General optimations during inventory cleanup
This commit is contained in:
parent
b6ee7b9f98
commit
e4028fccf4
@ -15,7 +15,7 @@ Every business is unique, and so is CyMaIS! With a modular architecture, it adap
|
|||||||
With automated updates, system health checks, and security audits, CyMaIS ensures your infrastructure is always up-to-date and running smoothly. Roles such as `sys-hlth-docker-container`, `sys-hlth-btrfs`, and `sys-hlth-webserver` help monitor system integrity.
|
With automated updates, system health checks, and security audits, CyMaIS ensures your infrastructure is always up-to-date and running smoothly. Roles such as `sys-hlth-docker-container`, `sys-hlth-btrfs`, and `sys-hlth-webserver` help monitor system integrity.
|
||||||
|
|
||||||
## Uncompromised Security 🔒
|
## Uncompromised Security 🔒
|
||||||
Security is a top priority! CyMaIS includes robust security features like full-disk encryption recommendations, 2FA enforcement, encrypted server deployments (`web-app-keycloak`, `svc-db-openldap`), and secure backup solutions (`sys-bkp-remote-to-local`, `svc-sys-bkp-data-to-usb`).
|
Security is a top priority! CyMaIS includes robust security features like full-disk encryption recommendations, 2FA enforcement, encrypted server deployments (`web-app-keycloak`, `svc-db-openldap`), and secure backup solutions (`sys-bkp-remote-to-local`, `svc-bkp-2-usb`).
|
||||||
|
|
||||||
## User-Friendly with Expert Support 👩💻
|
## User-Friendly with Expert Support 👩💻
|
||||||
No need to be a Linux or Docker expert! CyMaIS simplifies deployment with intuitive role-based automation. Documentation and community support make IT administration accessible to all experience levels.
|
No need to be a Linux or Docker expert! CyMaIS simplifies deployment with intuitive role-based automation. Documentation and community support make IT administration accessible to all experience levels.
|
||||||
|
|||||||
@ -10,7 +10,7 @@ Follow these guides to install and configure CyMaIS:
|
|||||||
|
|
||||||
## Key Responsibilities 🔧
|
## Key Responsibilities 🔧
|
||||||
- **User Management** - Configure LDAP, Keycloak, and user permissions.
|
- **User Management** - Configure LDAP, Keycloak, and user permissions.
|
||||||
- **Security & Backups** - Set up `sys-bkp-remote-to-local`, `svc-sys-bkp-data-to-usb`, and `core-security` roles.
|
- **Security & Backups** - Set up `sys-bkp-remote-to-local`, `svc-bkp-2-usb`, and `core-security` roles.
|
||||||
- **Application Hosting** - Deploy services like `Nextcloud`, `Matrix`, `Gitea`, and more.
|
- **Application Hosting** - Deploy services like `Nextcloud`, `Matrix`, `Gitea`, and more.
|
||||||
- **Networking & VPN** - Configure `WireGuard`, `OpenVPN`, and `Nginx Reverse Proxy`.
|
- **Networking & VPN** - Configure `WireGuard`, `OpenVPN`, and `Nginx Reverse Proxy`.
|
||||||
|
|
||||||
|
|||||||
@ -15,7 +15,7 @@ system_maintenance_lock_timeout_restart_docker: "{{system_maintenance_lock_ti
|
|||||||
system_maintenance_backup_services:
|
system_maintenance_backup_services:
|
||||||
- "sys-bkp-docker-to-local"
|
- "sys-bkp-docker-to-local"
|
||||||
- "svc-sys-bkp-rmt-2-loc"
|
- "svc-sys-bkp-rmt-2-loc"
|
||||||
- "svc-sys-bkp-data-to-usb"
|
- "svc-bkp-2-usb"
|
||||||
- "sys-bkp-docker-to-local-everything"
|
- "sys-bkp-docker-to-local-everything"
|
||||||
|
|
||||||
### Defined Services for System Cleanup
|
### Defined Services for System Cleanup
|
||||||
|
|||||||
@ -1,3 +1,3 @@
|
|||||||
user_home_directory: /home/{{users.client.username}}/
|
user_home_directory: /home/{{users.client.username}}/
|
||||||
cloud_directory: '{{user_home_directory}}Clouds/{{cloud_fqdn}}/{{users.client.username}}/'
|
cloud_directory: '{{user_home_directory}}Clouds/{{cloud_fqdn}}/{{users.client.username}}/'
|
||||||
application_id: desk-nextcloud-client
|
application_id: desk-nextcloud
|
||||||
@ -1 +1 @@
|
|||||||
application_id: epson-multiprinter
|
application_id: drv-epson-multiprinter
|
||||||
|
|||||||
@ -1 +1 @@
|
|||||||
application_id: intel
|
application_id: drv-intel
|
||||||
|
|||||||
@ -1 +1 @@
|
|||||||
application_id: lid-switch
|
application_id: drv-lid-switch
|
||||||
|
|||||||
@ -1 +1 @@
|
|||||||
application_id: msi-keyboard-color
|
application_id: drv-msi-keyboard-color
|
||||||
|
|||||||
@ -1 +1 @@
|
|||||||
application_id: non-free
|
application_id: drv-non-free
|
||||||
|
|||||||
@ -21,7 +21,7 @@ def main():
|
|||||||
machine_id = subprocess.run(["sha256sum", "/etc/machine-id"], capture_output=True, text=True).stdout.strip()[:64]
|
machine_id = subprocess.run(["sha256sum", "/etc/machine-id"], capture_output=True, text=True).stdout.strip()[:64]
|
||||||
print(f"machine id: {machine_id}")
|
print(f"machine id: {machine_id}")
|
||||||
|
|
||||||
versions_path = os.path.join(backup_to_usb_destination_path, f"{machine_id}/svc-sys-bkp-data-to-usb/")
|
versions_path = os.path.join(backup_to_usb_destination_path, f"{machine_id}/svc-bkp-2-usb/")
|
||||||
print(f"versions path: {versions_path}")
|
print(f"versions path: {versions_path}")
|
||||||
|
|
||||||
if not os.path.isdir(versions_path):
|
if not os.path.isdir(versions_path):
|
||||||
5
roles/svc-bkp-2-usb/handlers/main.yml
Normal file
5
roles/svc-bkp-2-usb/handlers/main.yml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
- name: "reload svc-bkp-2-usb.cymais.service"
|
||||||
|
systemd:
|
||||||
|
name: svc-bkp-2-usb.cymais.service
|
||||||
|
state: reloaded
|
||||||
|
daemon_reload: yes
|
||||||
@ -1,6 +1,6 @@
|
|||||||
- name: Copy backup script to the scripts directory
|
- name: Copy backup script to the scripts directory
|
||||||
copy:
|
copy:
|
||||||
src: svc-sys-bkp-data-to-usb.python
|
src: svc-bkp-2-usb.python
|
||||||
dest: "{{ backup_to_usb_script_path }}"
|
dest: "{{ backup_to_usb_script_path }}"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
@ -8,9 +8,9 @@
|
|||||||
|
|
||||||
- name: Copy systemd service to systemd directory
|
- name: Copy systemd service to systemd directory
|
||||||
template:
|
template:
|
||||||
src: svc-sys-bkp-data-to-usb.service.j2
|
src: svc-bkp-2-usb.service.j2
|
||||||
dest: /etc/systemd/system/svc-sys-bkp-data-to-usb.cymais.service
|
dest: /etc/systemd/system/svc-bkp-2-usb.cymais.service
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
notify: reload svc-sys-bkp-data-to-usb.cymais.service
|
notify: reload svc-bkp-2-usb.cymais.service
|
||||||
@ -1,6 +1,6 @@
|
|||||||
backup_to_usb_script_path: /usr/local/sbin/svc-sys-bkp-data-to-usb.python
|
backup_to_usb_script_path: /usr/local/sbin/svc-bkp-2-usb.python
|
||||||
backup_to_usb_destination: '{{backup_to_usb_mount}}{{backup_to_usb_destination_subdirectory}}'
|
backup_to_usb_destination: '{{backup_to_usb_mount}}{{backup_to_usb_destination_subdirectory}}'
|
||||||
backups_folder_path: '{{backup_to_usb_destination}}'
|
backups_folder_path: '{{backup_to_usb_destination}}'
|
||||||
systemctl_mount_service_name: '{{ backup_to_usb_mount | trim(''/'') | replace(''/'',
|
systemctl_mount_service_name: '{{ backup_to_usb_mount | trim(''/'') | replace(''/'',
|
||||||
''-'') }}.mount'
|
''-'') }}.mount'
|
||||||
application_id: svc-sys-bkp-data-to-usb
|
application_id: svc-bkp-2-usb
|
||||||
@ -1,4 +1,4 @@
|
|||||||
# System Swapfile Role
|
# System Swapfile
|
||||||
|
|
||||||
## Description
|
## Description
|
||||||
|
|
||||||
1
roles/svc-opt-swapfile/vars/main.yml
Normal file
1
roles/svc-opt-swapfile/vars/main.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
application_id: svc-opt-swapfile
|
||||||
@ -1,5 +0,0 @@
|
|||||||
- name: "reload svc-sys-bkp-data-to-usb.cymais.service"
|
|
||||||
systemd:
|
|
||||||
name: svc-sys-bkp-data-to-usb.cymais.service
|
|
||||||
state: reloaded
|
|
||||||
daemon_reload: yes
|
|
||||||
@ -1 +0,0 @@
|
|||||||
application_id: util-desk-office-tools
|
|
||||||
@ -1,4 +1,4 @@
|
|||||||
# util-desk-office-tools Role
|
# Office Tools
|
||||||
|
|
||||||
## Description
|
## Description
|
||||||
|
|
||||||
@ -6,7 +6,7 @@ This Ansible role installs a comprehensive suite of office productivity tools on
|
|||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
The `util-desk-office-tools` role uses the `community.general.pacman` module to:
|
The `util-desk-office` role uses the `community.general.pacman` module to:
|
||||||
|
|
||||||
1. Install **Chromium** (web browser)
|
1. Install **Chromium** (web browser)
|
||||||
2. Install **Thunderbird** (email and RSS client)
|
2. Install **Thunderbird** (email and RSS client)
|
||||||
@ -17,7 +17,7 @@ galaxy_info:
|
|||||||
- editor
|
- editor
|
||||||
repository: "https://github.com/kevinveenbirkenbach/cymais"
|
repository: "https://github.com/kevinveenbirkenbach/cymais"
|
||||||
issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
|
issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
|
||||||
documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/util-desk-office-tools"
|
documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/util-desk-office"
|
||||||
min_ansible_version: "2.9"
|
min_ansible_version: "2.9"
|
||||||
platforms:
|
platforms:
|
||||||
- name: Archlinux
|
- name: Archlinux
|
||||||
1
roles/util-desk-office/vars/main.yml
Normal file
1
roles/util-desk-office/vars/main.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
application_id: util-desk-office
|
||||||
Loading…
x
Reference in New Issue
Block a user