mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-26 06:31:04 +01:00
Compare commits
No commits in common. "05ebb3b7ad59f98ea4b0580b498f4f26342f8464" and "1778fea9baf56dd8912d61735ca87c9d0805c05a" have entirely different histories.
05ebb3b7ad
...
1778fea9ba
@ -1,33 +1,33 @@
|
|||||||
# Server Tact Variables
|
# Server Tact Variables
|
||||||
|
|
||||||
## Ours in which the server is 100% working. Rest of the time is reserved for maintanance
|
## Ours in which the server is 100% working. Rest of the time is reserved for maintanance
|
||||||
hours_server_awake: "0..2,9..23"
|
hours_server_awake: "{{ range(9, 24) | list + range(0, 3) | list }}"
|
||||||
|
|
||||||
## Random delay for systemd timers to avoid peak loads.
|
## Random delay for systemd timers to avoid peak loads.
|
||||||
randomized_delay_sec: "5min"
|
randomized_delay_sec: "5min"
|
||||||
|
|
||||||
## Schedule for Health Checks
|
## Schedule for Health Checks
|
||||||
on_calendar_health_btrfs: "*-*-* 00:00:00" # Check once per day the btrfs for errors
|
on_calendar_health_btrfs: "*-*-* 00:00:00"
|
||||||
on_calendar_health_journalctl: "*-*-* 00:00:00" # Check once per day the journalctl for errors
|
on_calendar_health_journalctl: "*-*-* 00:00:00"
|
||||||
on_calendar_health_disc_space: "*-*-* 06,12,18,00:00:00" # Check four times per day if there is sufficient disc space
|
on_calendar_health_disc_space: "*-*-* 06,12,18,00:00:00"
|
||||||
on_calendar_health_docker_container: "*-*-* {{ hours_server_awake }}:00:00" # Check once per hour if the docker containers are healthy
|
on_calendar_health_docker_container: "*-*-* {{ hours_server_awake | join(',') }}:00:00"
|
||||||
on_calendar_health_docker_volumes: "*-*-* {{ hours_server_awake }}:15:00" # Check once per hour if the docker volumes are healthy
|
on_calendar_health_docker_volumes: "*-*-* {{ hours_server_awake | join(',') }}:15:00"
|
||||||
on_calendar_health_nginx: "*-*-* {{ hours_server_awake }}:45:00"
|
on_calendar_health_nginx: "*-*-* {{ hours_server_awake | join(',') }}:45:00"
|
||||||
|
|
||||||
## Schedule for Cleanup Tasks
|
## Schedule for Cleanup Tasks
|
||||||
on_calendar_cleanup_backups: "*-*-* 00,06,12,18:30:00" # Cleanup backups every 6 hours, MUST be called before disc space cleanup
|
on_calendar_cleanup_backups: "*-*-* 06,12,18,00:30:00"
|
||||||
on_calendar_cleanup_disc_space: "*-*-* 07,13,19,01:30:00" # Cleanup disc space every 6 hours
|
on_calendar_cleanup_disc_space: "*-*-* 07,13,19,01:30:00"
|
||||||
|
|
||||||
## Schedule for Backup Tasks
|
## Schedule for Backup Tasks
|
||||||
on_calendar_backup_docker_to_local: "*-*-* 03:30:00"
|
on_calendar_backup_docker_to_local: "*-*-* 03:30:00"
|
||||||
on_calendar_backup_remote_to_local: "*-*-* 21:30:00"
|
on_calendar_backup_remote_to_local: "*-*-* 21:30:00"
|
||||||
|
|
||||||
## Schedule for Maintenance Tasks
|
## Schedule for Maintenance Tasks
|
||||||
on_calendar_heal_docker: "*-*-* {{ hours_server_awake }}:30:00" # Heal unhealthy docker instances once per hour
|
on_calendar_heal_docker: "*-*-* {{ hours_server_awake | join(',') }}:30:00"
|
||||||
on_calendar_defrost: "*:0/5" # Defrost every 5min
|
on_calendar_defrost: "*-*-* *:00,15,30,45:00"
|
||||||
on_calendar_renew_lets_encrypt_certificates: "*-*-* 12,00:30:00" # Renew Mailu certificates twice per day
|
on_calendar_renew_lets_encrypt_certificates: "*-*-* 12,00:30:00"
|
||||||
on_calendar_deploy_mailu_certificates: "*-*-* 13,01:30:00" # Deploy Mailu certificates twice per day
|
on_calendar_deploy_mailu_certificates: "*-*-* 13,01:30:00"
|
||||||
on_calendar_msi_keyboard_color: "*-*-* *:*:00" # Change the keyboard color every minute
|
on_calendar_msi_keyboard_color: "*-*-* *:*:00"
|
||||||
|
|
||||||
|
|
||||||
# Storage Space-Related Configurations
|
# Storage Space-Related Configurations
|
||||||
@ -133,6 +133,7 @@ domain_matrix: "chat.{{top_domain}}"
|
|||||||
domain_mediawiki: "wiki.{{top_domain}}"
|
domain_mediawiki: "wiki.{{top_domain}}"
|
||||||
domain_nextcloud: "cloud.{{top_domain}}"
|
domain_nextcloud: "cloud.{{top_domain}}"
|
||||||
domain_pixelfed: "picture.{{top_domain}}"
|
domain_pixelfed: "picture.{{top_domain}}"
|
||||||
|
domains_pixelfed: []
|
||||||
domain_peertube: "video.{{top_domain}}"
|
domain_peertube: "video.{{top_domain}}"
|
||||||
domains_peertube: []
|
domains_peertube: []
|
||||||
domain_roulette: "roulette.{{top_domain}}"
|
domain_roulette: "roulette.{{top_domain}}"
|
||||||
|
@ -5,4 +5,4 @@ OnFailure=systemd-notifier@%n.service cleanup-failed-docker-backups.service
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py'
|
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py && systemctl start system-maintenance-service-defrost.service'
|
@ -5,4 +5,4 @@ OnFailure=systemd-notifier@%n.service cleanup-failed-docker-backups.service
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh'
|
ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh && systemctl start system-maintenance-service-defrost.service'
|
||||||
|
@ -5,4 +5,4 @@ OnFailure=systemd-notifier@%n.service
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{docker_cleanup_backups}}cleanup-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}}'
|
ExecStart=/bin/sh -c '/usr/bin/python {{docker_cleanup_backups}}cleanup-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}} && systemctl start system-maintenance-service-defrost.service'
|
@ -5,4 +5,4 @@ OnFailure=systemd-notifier@%n.service
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/bin/bash {{cleanup_disc_space_folder}}cleanup-disc-space.sh {{size_percent_cleanup_disc_space}}'
|
ExecStart=/bin/sh -c '/bin/bash {{cleanup_disc_space_folder}}cleanup-disc-space.sh {{size_percent_cleanup_disc_space}} && systemctl start system-maintenance-service-defrost.service'
|
@ -5,4 +5,4 @@ OnFailure=systemd-notifier@%n.service
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{system_maintenance_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/yes | /usr/bin/bash {{backup_docker_to_local_cleanup_folder}}cleanup.sh {{backup_docker_to_local_cleanup_machine_id}} {{backup_docker_to_local_cleanup_trigger_directory}}'
|
ExecStart=/bin/sh -c '/usr/bin/yes | /usr/bin/bash {{backup_docker_to_local_cleanup_folder}}cleanup.sh {{backup_docker_to_local_cleanup_machine_id}} {{backup_docker_to_local_cleanup_trigger_directory}} && systemctl start system-maintenance-service-defrost.service'
|
@ -1,6 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||||
include_tasks: nginx-docker-proxy-domain.yml
|
include_tasks: nginx-docker-proxy-domain.yml
|
||||||
|
loop: "{{ domains }}"
|
||||||
|
loop_control:
|
||||||
|
loop_var: domain
|
||||||
|
|
||||||
- name: "create {{docker_compose_instance_directory}}"
|
- name: "create {{docker_compose_instance_directory}}"
|
||||||
file:
|
file:
|
||||||
|
@ -5,4 +5,4 @@ OnFailure=systemd-notifier@%n.service
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} heal-docker --timeout "{{system_maintenance_timeout_heal_docker}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} heal-docker --timeout "{{system_maintenance_timeout_heal_docker}}"'
|
||||||
ExecStart=/bin/sh -c '/bin/python {{heal_docker}}heal-docker.py'
|
ExecStart=/bin/sh -c '/bin/python {{heal_docker}}heal-docker.py && systemctl start system-maintenance-service-defrost.service'
|
@ -3,12 +3,6 @@
|
|||||||
## Overview
|
## Overview
|
||||||
This Ansible role is designed to manage system services through freezing (disabling) and defrosting (enabling) actions. It automates the process of managing crucial system services, especially useful for maintenance tasks like backups, cleanups, and updates.
|
This Ansible role is designed to manage system services through freezing (disabling) and defrosting (enabling) actions. It automates the process of managing crucial system services, especially useful for maintenance tasks like backups, cleanups, and updates.
|
||||||
|
|
||||||
## Monitoring
|
|
||||||
To monitor the sucess of the script and the status of systemctl timers execute:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
watch -n 2 systemctl list-timers
|
|
||||||
```
|
|
||||||
|
|
||||||
## Role Variables
|
## Role Variables
|
||||||
- `system_maintenance_services`: List of services to be managed by this role.
|
- `system_maintenance_services`: List of services to be managed by this role.
|
||||||
|
@ -1,9 +1,3 @@
|
|||||||
- name: "start backup-docker-to-local.service"
|
|
||||||
systemd:
|
|
||||||
name: backup-docker-to-local.service
|
|
||||||
state: started
|
|
||||||
when: force_backup_before_update | bool
|
|
||||||
|
|
||||||
- name: create {{update_docker_script}}
|
- name: create {{update_docker_script}}
|
||||||
copy:
|
copy:
|
||||||
src: update-docker.py
|
src: update-docker.py
|
||||||
|
@ -4,5 +4,6 @@ OnFailure=systemd-notifier@%n.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
|
{% if force_backup_before_update | bool %}ExecStartPre=/bin/sh -c 'systemctl start backup-docker-to-local.service'{% endif %}
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services | join(' ') }} update-docker --timeout "{{system_maintenance_timeout_heal_docker}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_maintenance_service_freezer_script }} freeze {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services | join(' ') }} update-docker --timeout "{{system_maintenance_timeout_heal_docker}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{update_docker_script}} {{path_docker_compose_instances}}'
|
ExecStart=/bin/sh -c '/usr/bin/python {{update_docker_script}} {{path_docker_compose_instances}} && systemctl start system-maintenance-service-defrost.service'
|
@ -105,6 +105,7 @@
|
|||||||
- role: docker-pixelfed
|
- role: docker-pixelfed
|
||||||
vars:
|
vars:
|
||||||
domain: "{{domain_pixelfed}}"
|
domain: "{{domain_pixelfed}}"
|
||||||
|
domains: "{{ [domain] + domains_pixelfed }}"
|
||||||
http_port: 8010
|
http_port: 8010
|
||||||
|
|
||||||
- name: setup peertube hosts
|
- name: setup peertube hosts
|
||||||
|
Loading…
Reference in New Issue
Block a user