mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-25 22:21:04 +01:00
Compare commits
9 Commits
617c2eac9e
...
67f54c2a16
Author | SHA1 | Date | |
---|---|---|---|
67f54c2a16 | |||
7f7a85dc63 | |||
07929063ad | |||
dd788f0017 | |||
665c96164b | |||
ef8a0925b6 | |||
0a74d9f275 | |||
26bb8822b3 | |||
6f6b804593 |
@ -68,10 +68,11 @@ nginx_matomo_tracking: false # Activates matomo tracking on all html pa
|
|||||||
# System maintenance Services
|
# System maintenance Services
|
||||||
|
|
||||||
## Timeouts to wait for other services to stop
|
## Timeouts to wait for other services to stop
|
||||||
sytem_maintenance_lock_timeoutcleanup_services: "15min"
|
sytem_maintenance_lock_timeout_cleanup_services: "15min"
|
||||||
sytem_maintenance_lock_timeoutbackup_services: "1h"
|
sytem_maintenance_lock_timeout_storage_optimizer: "10min"
|
||||||
sytem_maintenance_lock_timeoutheal_docker: "30min"
|
sytem_maintenance_lock_timeout_backup_services: "1h"
|
||||||
sytem_maintenance_lock_timeoutupdate_docker: "2min"
|
sytem_maintenance_lock_timeout_heal_docker: "30min"
|
||||||
|
sytem_maintenance_lock_timeout_update_docker: "2min"
|
||||||
|
|
||||||
## Services
|
## Services
|
||||||
|
|
||||||
@ -112,6 +113,7 @@ nginx_upstreams_directory: "{{nginx_configuration_directory}}upstreams/"
|
|||||||
|
|
||||||
### Enable Central MariaDB
|
### Enable Central MariaDB
|
||||||
enable_central_database: true
|
enable_central_database: true
|
||||||
|
enable_central_database_mailu: "{{enable_central_database}}"
|
||||||
|
|
||||||
### Domain Names for Various Services
|
### Domain Names for Various Services
|
||||||
domain_akaunting: "akaunting.{{top_domain}}"
|
domain_akaunting: "akaunting.{{top_domain}}"
|
||||||
|
@ -77,6 +77,7 @@
|
|||||||
vars:
|
vars:
|
||||||
domain: "{{domain_mailu}}"
|
domain: "{{domain_mailu}}"
|
||||||
http_port: 8007
|
http_port: 8007
|
||||||
|
enable_central_database: "{{enable_central_database_mailu}}"
|
||||||
|
|
||||||
- name: setup elk hosts
|
- name: setup elk hosts
|
||||||
hosts: elk
|
hosts: elk
|
||||||
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything'
|
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything'
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local-everything') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local-everything') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py'
|
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py'
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh'
|
ExecStart=/bin/sh -c '/usr/bin/bash {{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh'
|
||||||
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{docker_cleanup_backups}}cleanup-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}}'
|
ExecStart=/bin/sh -c '/usr/bin/python {{docker_cleanup_backups}}cleanup-backups.py --backups-folder-path {{backups_folder_path}} --maximum-backup-size-percent {{size_percent_maximum_backup}}'
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/bin/bash {{cleanup_disc_space_folder}}cleanup-disc-space.sh {{size_percent_cleanup_disc_space}}'
|
ExecStart=/bin/sh -c '/bin/bash {{cleanup_disc_space_folder}}cleanup-disc-space.sh {{size_percent_cleanup_disc_space}}'
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/yes | /usr/bin/bash {{backup_docker_to_local_cleanup_folder}}cleanup-all.sh {{backup_docker_to_local_cleanup_trigger_directory}}'
|
ExecStart=/bin/sh -c '/usr/bin/yes | /usr/bin/bash {{backup_docker_to_local_cleanup_folder}}cleanup-all.sh {{backup_docker_to_local_cleanup_trigger_directory}}'
|
@ -1,6 +1,6 @@
|
|||||||
server {
|
server {
|
||||||
listen 443 ssl http2 default_server;
|
# listen 443 ssl http2 default_server;
|
||||||
listen [::]:443 ssl http2 default_server;
|
# listen [::]:443 ssl http2 default_server;
|
||||||
server_name {{domain}};
|
server_name {{domain}};
|
||||||
|
|
||||||
ssl_certificate /etc/letsencrypt/live/{{domain}}/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/{{domain}}/fullchain.pem;
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
docker_compose_project_name: "bigbluebutton"
|
docker_compose_project_name: "bigbluebutton"
|
||||||
database_host: "postgres" # needs to be fixed
|
#database_host: "postgres" # needs to be fixed
|
||||||
database_name: "greenlight-v3"
|
#database_name: "greenlight-v3"
|
||||||
database_username: "postgres"
|
#database_username: "postgres"
|
||||||
database_password: ""
|
#database_password: ""
|
||||||
database_type: "postgres"
|
#database_type: "postgres"
|
@ -19,7 +19,9 @@
|
|||||||
when: mode_reset | bool
|
when: mode_reset | bool
|
||||||
|
|
||||||
- name: add docker-compose.yml
|
- name: add docker-compose.yml
|
||||||
template: src=docker-compose.yml.j2 dest={{docker_compose_instance_directory}}docker-compose.yml
|
template:
|
||||||
|
src: docker-compose.yml.j2
|
||||||
|
dest: "{{docker_compose_instance_directory}}docker-compose.yml"
|
||||||
notify: docker compose project setup
|
notify: docker compose project setup
|
||||||
|
|
||||||
- name: flush, to recreate discourse docker compose
|
- name: flush, to recreate discourse docker compose
|
||||||
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} heal-docker --timeout "{{sytem_maintenance_lock_timeoutheal_docker}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services| join(' ') }} heal-docker --timeout "{{sytem_maintenance_lock_timeout_heal_docker}}"'
|
||||||
ExecStart=/bin/sh -c '/bin/python {{heal_docker}}heal-docker.py'
|
ExecStart=/bin/sh -c '/bin/python {{heal_docker}}heal-docker.py'
|
@ -55,7 +55,7 @@ def pause_and_move(storage_path, volume, volume_path, containers):
|
|||||||
os.makedirs(storage_volume_path,exist_ok=False)
|
os.makedirs(storage_volume_path,exist_ok=False)
|
||||||
|
|
||||||
# Move the data
|
# Move the data
|
||||||
run_rsync(volume_path, storage_volume_path)
|
run_rsync(f"{volume_path}/",f"{storage_volume_path}/")
|
||||||
|
|
||||||
# Delete the source directory
|
# Delete the source directory
|
||||||
delete_directory(volume_path)
|
delete_directory(volume_path)
|
||||||
|
5
roles/system-storage-optimizer/handlers/main.yml
Normal file
5
roles/system-storage-optimizer/handlers/main.yml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
- name: "reload system-storage-optimizer.cymais.service"
|
||||||
|
systemd:
|
||||||
|
name: system-storage-optimizer.cymais.service
|
||||||
|
state: reloaded
|
||||||
|
daemon_reload: yes
|
@ -8,6 +8,7 @@
|
|||||||
template:
|
template:
|
||||||
src: system-storage-optimizer.service.j2
|
src: system-storage-optimizer.service.j2
|
||||||
dest: /etc/systemd/system/system-storage-optimizer.cymais.service
|
dest: /etc/systemd/system/system-storage-optimizer.cymais.service
|
||||||
|
notify: reload system-storage-optimizer.cymais.service
|
||||||
|
|
||||||
- name: create system-storage-optimizer.py
|
- name: create system-storage-optimizer.py
|
||||||
copy:
|
copy:
|
||||||
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore system-storage-optimizer'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore system-storage-optimizer backup-remote-to-local --timeout "{{sytem_maintenance_lock_timeout_storage_optimizer}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{storage_optimizer_script}} --rapid-storage-path {{path_rapid_storage}} --mass-storage-path {{path_mass_storage}}'
|
ExecStart=/bin/sh -c '/usr/bin/python {{storage_optimizer_script}} --rapid-storage-path {{path_rapid_storage}} --mass-storage-path {{path_mass_storage}}'
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier.cymais@%n.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services | join(' ') }} update-docker --timeout "{{sytem_maintenance_lock_timeoutheal_docker}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_cleanup_services | join(' ') }} update-docker --timeout "{{sytem_maintenance_lock_timeout_heal_docker}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{update_docker_script}} {{path_docker_compose_instances}}'
|
ExecStart=/bin/sh -c '/usr/bin/python {{update_docker_script}} {{path_docker_compose_instances}}'
|
@ -1,6 +1,6 @@
|
|||||||
- name: "restart wireguard"
|
- name: "restart wireguard"
|
||||||
systemd:
|
systemd:
|
||||||
name: wg-quick.cymais@wg0.service
|
name: wg-quick@wg0.cymais.service
|
||||||
state: restarted
|
state: restarted
|
||||||
enabled: yes
|
enabled: yes
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
|
@ -18,10 +18,10 @@
|
|||||||
group: root
|
group: root
|
||||||
notify: reload sysctl configuration
|
notify: reload sysctl configuration
|
||||||
|
|
||||||
- name: create /etc/wireguard/wg0.conf
|
- name: create /etc/wireguard/wg0.cymais.conf
|
||||||
copy:
|
copy:
|
||||||
src: "{{ inventory_dir }}/files/{{ inventory_hostname }}/etc/wireguard/wg0.conf"
|
src: "{{ inventory_dir }}/files/{{ inventory_hostname }}/etc/wireguard/wg0.conf"
|
||||||
dest: /etc/wireguard/wg0.conf
|
dest: /etc/wireguard/wg0.cymais.conf
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
notify: restart wireguard
|
notify: restart wireguard
|
Loading…
Reference in New Issue
Block a user