kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2024-11-22 20:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: kevinveenbirkenbach:b923db2ec08ab86823bd38a1ba3595eca3e210e0
Branches Tags
kevinveenbirkenbach:master
..
compare: kevinveenbirkenbach:2b96bb254f0d5f909a71cce8d543ea42b2296412
Branches Tags
kevinveenbirkenbach:master

No commits in common. "b923db2ec08ab86823bd38a1ba3595eca3e210e0" and "2b96bb254f0d5f909a71cce8d543ea42b2296412" have entirely different histories.
b923db2ec0 ... 2b96bb254f

61 changed files with 354 additions and 207 deletions
Show Stats Expand all files Collapse all files

4
group_vars/all
View File

@ -1,7 +1,6 @@
# General # General
verbose: false # Prints well formated debug information verbose: false # Prints well formated debug information
top_domain: "localhost" # Change this in inventory to your domain top_domain: "localhost"
ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server
backups_folder_path: "/Backups/" backups_folder_path: "/Backups/"
# Server Tact Variables # Server Tact Variables
@ -129,7 +128,6 @@ domain_roulette: "roulette.{{top_domain}}"
domain_attendize: "tickets.{{top_domain}}" domain_attendize: "tickets.{{top_domain}}"
domain_yourls: "s.{{top_domain}}" domain_yourls: "s.{{top_domain}}"
domain_openproject: "project.{{top_domain}}" domain_openproject: "project.{{top_domain}}"
domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"]
### Common Configurations ### Common Configurations
postgres_default_version: "16" postgres_default_version: "16"

12
roles/backup-docker-to-local/handlers/main.yml
View File

@ -2,3 +2,15 @@
systemd: systemd:
name: backup-docker-to-local.service name: backup-docker-to-local.service
daemon_reload: yes daemon_reload: yes
- name: "reload backup-docker-to-local-everything.service"
systemd:
name: backup-docker-to-local-everything.service
daemon_reload: yes
- name: "restart backup-docker-to-local.timer"
systemd:
name: backup-docker-to-local.timer
state: started
enabled: yes
daemon_reload: yes

15
roles/backup-docker-to-local/tasks/main.yml
View File

@ -34,16 +34,11 @@
notify: reload backup-docker-to-local.service notify: reload backup-docker-to-local.service
when: run_once_backup_docker_to_local is not defined when: run_once_backup_docker_to_local is not defined
- name: set service_name to the name of the current role - name: configure backup-docker-to-local.timer.tpl
set_fact: template: src=backup-docker-to-local.timer.j2 dest=/etc/systemd/system/backup-docker-to-local.timer
service_name: "{{ role_name }}" register: backup_docker_to_local_timer
when: run_once_backup_docker_to_local is not defined changed_when: backup_docker_to_local_timer.changed or activate_all_timers | bool
notify: restart backup-docker-to-local.timer
- name: "include role for systemd-timer for {{service_name}}"
include_role:
name: systemd-timer
vars:
on_calendar: "{{on_calendar_backup_docker_to_local}}"
when: run_once_backup_docker_to_local is not defined when: run_once_backup_docker_to_local is not defined
- name: seed database values - name: seed database values

10
roles/backup-docker-to-local/templates/backup-docker-to-local.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=backups the docker volumes
[Timer]
OnCalendar={{on_calendar_backup_docker_to_local}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=false
[Install]
WantedBy=timers.target

16
roles/backup-remote-to-local/tasks/main.yml
View File

@ -14,19 +14,15 @@
template: src=backup-remote-to-local.service.j2 dest=/etc/systemd/system/backup-remote-to-local.service template: src=backup-remote-to-local.service.j2 dest=/etc/systemd/system/backup-remote-to-local.service
notify: reload backup-remote-to-local service notify: reload backup-remote-to-local service
- name: create backup-remote-to-local.timer
template: src=backup-remote-to-local.timer.j2 dest=/etc/systemd/system/backup-remote-to-local.timer
register: backup_backup_remote_to_local_timer
changed_when: backup_backup_remote_to_local_timer.changed or activate_all_timers | bool
notify: restart backup-remote-to-local timer
- name: create backups-remote-to-local.sh - name: create backups-remote-to-local.sh
template: template:
src: backups-remote-to-local.sh.j2 src: backups-remote-to-local.sh.j2
dest: "{{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh" dest: "{{docker_backup_remote_to_local_folder}}backups-remote-to-local.sh"
mode: 0755 mode: 0755
- name: set service_name to the name of the current role
set_fact:
service_name: "{{ role_name }}"
- name: "include role for systemd-timer for {{service_name}}"
include_role:
name: systemd-timer
vars:
on_calendar: "{{on_calendar_backup_remote_to_local}}"

10
roles/backup-remote-to-local/templates/backup-remote-to-local.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts pull remote backup timer
[Timer]
OnCalendar={{on_calendar_backup_remote_to_local}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=false
[Install]
WantedBy=timers.target

12
roles/cleanup-backups-timer/handlers/main.yml Normal file
View File

@ -0,0 +1,12 @@
- name: "restart cleanup-backups.timer"
systemd:
name: cleanup-backups.timer
state: restarted
enabled: yes
daemon_reload: yes
when: run_once_cleanup_backup_timer is not defined
- name: run the cleanup_backup_timer tasks once
set_fact:
run_once_cleanup_backup_timer: true
when: run_once_cleanup_backup_timer is not defined

17
roles/cleanup-backups-timer/tasks/main.yml
View File

@ -1,13 +1,10 @@
- name: set service_name to the name of the current role - name: create cleanup-backups.timer
set_fact: template:
service_name: "{{ role_name }}" src: "cleanup-backups.timer.j2"
when: run_once_cleanup_backups_timer is not defined dest: "/etc/systemd/system/cleanup-backups.timer"
register: cleanup_backups_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: cleanup_backups_timer.changed or activate_all_timers | bool
include_role: notify: restart cleanup-backups.timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_cleanup_backups}}"
when: run_once_cleanup_backups_timer is not defined when: run_once_cleanup_backups_timer is not defined
- name: run the cleanup_backups_timer tasks once - name: run the cleanup_backups_timer tasks once

10
roles/cleanup-backups-timer/templates/cleanup-backups.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts cleanup-backups.service
[Timer]
OnCalendar={{on_calendar_cleanup_backups}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=true
[Install]
WantedBy=timers.target

6
roles/cleanup-disc-space/handlers/main.yml
View File

@ -3,3 +3,9 @@
name: cleanup-disc-space.service name: cleanup-disc-space.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart cleanup-disc-space.timer"
systemd:
name: cleanup-disc-space.timer
state: restarted
enabled: yes
daemon_reload: yes

16
roles/cleanup-disc-space/tasks/main.yml
View File

@ -15,12 +15,10 @@
dest: /etc/systemd/system/cleanup-disc-space.service dest: /etc/systemd/system/cleanup-disc-space.service
notify: reload cleanup-disc-space.service notify: reload cleanup-disc-space.service
- name: set service_name to the name of the current role - name: create cleanup-disc-space.timer
set_fact: template:
service_name: "{{ role_name }}" src: cleanup-disc-space.timer.j2
dest: /etc/systemd/system/cleanup-disc-space.timer
- name: "include role for systemd-timer for {{service_name}}" register: cleanup_disc_space_timer
include_role: changed_when: cleanup_disc_space_timer.changed or activate_all_timers | bool
name: systemd-timer notify: restart cleanup-disc-space.timer
vars:
on_calendar: "{{on_calendar_cleanup_disc_space}}"

10
roles/cleanup-disc-space/templates/cleanup-disc-space.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts cleanup-disc-space.service
[Timer]
OnCalendar={{on_calendar_cleanup_disc_space}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=true
[Install]
WantedBy=timers.target

7
roles/cleanup-failed-docker-backups/handlers/main.yml
View File

@ -3,3 +3,10 @@
name: cleanup-failed-docker-backups.service name: cleanup-failed-docker-backups.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart cleanup-failed-docker-backups.timer"
systemd:
name: cleanup-failed-docker-backups.timer
state: restarted
enabled: yes
daemon_reload: yes

17
roles/cleanup-failed-docker-backups/tasks/main.yml
View File

@ -19,16 +19,13 @@
notify: reload cleanup-failed-docker-backups.service daemon notify: reload cleanup-failed-docker-backups.service daemon
when: run_once_cleanup_failed_docker_backups is not defined when: run_once_cleanup_failed_docker_backups is not defined
- name: set service_name to the name of the current role - name: create cleanup-failed-docker-backups.timer
set_fact: template:
service_name: "{{ role_name }}" src: cleanup-failed-docker-backups.timer.j2
when: run_once_cleanup_failed_docker_backups is not defined dest: /etc/systemd/system/cleanup-failed-docker-backups.timer
register: cleanup_failed_docker_backups_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: cleanup_failed_docker_backups_timer.changed or activate_all_timers | bool
include_role: notify: restart cleanup-failed-docker-backups.timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_cleanup_failed_docker}}"
when: run_once_cleanup_failed_docker_backups is not defined when: run_once_cleanup_failed_docker_backups is not defined
- name: run the cleanup_failed_docker_backups tasks once - name: run the cleanup_failed_docker_backups tasks once

10
roles/cleanup-failed-docker-backups/templates/cleanup-failed-docker-backups.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts cleanup-failed-docker-backups.service
[Timer]
OnCalendar={{on_calendar_cleanup_failed_docker}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=true
[Install]
WantedBy=timers.target

6
roles/docker-mailu/handlers/main.yml
View File

@ -5,3 +5,9 @@
state: restarted state: restarted
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart deploy-letsencrypt-mailu.timer"
systemd:
name: deploy-letsencrypt-mailu.timer
state: restarted
enabled: yes
daemon_reload: yes

14
roles/docker-mailu/tasks/main.yml
View File

@ -54,10 +54,10 @@
dest: "/etc/systemd/system/deploy-letsencrypt-mailu.service" dest: "/etc/systemd/system/deploy-letsencrypt-mailu.service"
notify: restart deploy-letsencrypt-mailu.service notify: restart deploy-letsencrypt-mailu.service
- name: "include role for systemd-timer for {{service_name}}" - name: configure deploy-letsencrypt-mailu.timer
include_role: template:
name: systemd-timer src: "deploy-letsencrypt-mailu.timer.j2"
vars: dest: "/etc/systemd/system/deploy-letsencrypt-mailu.timer"
on_calendar: "{{on_calendar_deploy_mailu_certificates}}" register: deploy_letsencrypt_mailu_timer
service_name: "deploy-letsencrypt-mailu" changed_when: deploy_letsencrypt_mailu_timer.changed or activate_all_timers | bool
persistent: "true" notify: restart deploy-letsencrypt-mailu.timer

10
roles/docker-mailu/templates/deploy-letsencrypt-mailu.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Deployment of Let's Encrypt's certificates
[Timer]
OnCalendar={{on_calendar_deploy_mailu_certificates}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=true
[Install]
WantedBy=timers.target

5
roles/docker-mailu/templates/docker-compose.yml.j2
View File

@ -54,9 +54,7 @@ services:
- "dkim:/dkim" - "dkim:/dkim"
{% include 'templates/docker-container-depends-on-database-redis.yml.j2' %} {% include 'templates/docker-container-depends-on-database-redis.yml.j2' %}
resolver: resolver:
condition: service_started
front: front:
condition: service_started
logging: logging:
driver: journald driver: journald
dns: dns:
@ -151,12 +149,13 @@ services:
- "webdav_data:/data" - "webdav_data:/data"
logging: logging:
driver: journald driver: journald
networks:
- radicale
depends_on: depends_on:
- resolver - resolver
dns: dns:
- 192.168.203.254 - 192.168.203.254
{% include 'templates/docker-container-networks.yml.j2' %} {% include 'templates/docker-container-networks.yml.j2' %}
radicale:
fetchmail: fetchmail:
image: ghcr.io/mailu/fetchmail:{{version_mailu}} image: ghcr.io/mailu/fetchmail:{{version_mailu}}

1
roles/docker-mailu/vars/main.yml
View File

@ -1,3 +1,2 @@
docker_compose_project_name: "mailu" docker_compose_project_name: "mailu"
database_password: "{{mailu_database_password}}" database_password: "{{mailu_database_password}}"
database_type: "mariadb"

5
roles/docker-mariadb/tasks/main.yml
View File

@ -40,7 +40,7 @@
timeout: 300 timeout: 300
when: run_once_docker_mariadb is not defined when: run_once_docker_mariadb is not defined
- name: "Create database: {{ database_databasename }}" - name: create database
mysql_db: mysql_db:
name: "{{ database_databasename }}" name: "{{ database_databasename }}"
state: present state: present
@ -49,7 +49,8 @@
login_host: 127.0.0.1 login_host: 127.0.0.1
login_port: 3306 login_port: 3306
- name: "Create database user: {{ database_username }}"
- name: create database user
mysql_user: mysql_user:
name: "{{database_username}}" name: "{{database_username}}"
password: "{{database_password}}" password: "{{database_password}}"

2
roles/docker-nextcloud/templates/docker-compose.yml.j2
View File

@ -18,7 +18,7 @@ services:
MYSQL_USER: "{{database_username}}" MYSQL_USER: "{{database_username}}"
MYSQL_PASSWORD: "{{database_password}}" MYSQL_PASSWORD: "{{database_password}}"
MYSQL_HOST: {{database_host}}:3306 MYSQL_HOST: {{database_host}}:3306
{% include 'templates/docker-container-depends-on-database-redis.yml.j2' %} {% include 'templates/docker-container-depends-on-just-database.yml.j2' %}
{% include 'templates/docker-container-networks.yml.j2' %} {% include 'templates/docker-container-networks.yml.j2' %}
web: web:

6
roles/heal-docker/handlers/main.yml
View File

@ -2,3 +2,9 @@
systemd: systemd:
name: heal-docker.service name: heal-docker.service
daemon_reload: yes daemon_reload: yes
- name: "restart heal-docker.timer"
systemd:
name: heal-docker.timer
state: restarted
enabled: yes
daemon_reload: yes

17
roles/heal-docker/tasks/main.yml
View File

@ -18,16 +18,13 @@
notify: reload heal-docker.service notify: reload heal-docker.service
when: run_once_heal_docker is not defined when: run_once_heal_docker is not defined
- name: set service_name to the name of the current role - name: create heal-docker.timer
set_fact: template:
service_name: "{{ role_name }}" src: heal-docker.timer.j2
when: run_once_heal_docker is not defined dest: "/etc/systemd/system/heal-docker.timer"
register: heal_docker_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: heal_docker_timer.changed or activate_all_timers | bool
include_role: notify: restart heal-docker.timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_heal_docker}}"
when: run_once_heal_docker is not defined when: run_once_heal_docker is not defined
- name: run the heal_docker tasks once - name: run the heal_docker tasks once

10
roles/heal-docker/templates/heal-docker.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts heal-docker.service
[Timer]
OnCalendar={{on_calendar_heal_docker}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=false
[Install]
WantedBy=timers.target

6
roles/health-btrfs/handlers/main.yml
View File

@ -3,3 +3,9 @@
name: health-btrfs.service name: health-btrfs.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart health-btrfs.timer"
systemd:
name: health-btrfs.timer
state: restarted
enabled: yes
daemon_reload: yes

16
roles/health-btrfs/tasks/main.yml
View File

@ -15,12 +15,10 @@
dest: /etc/systemd/system/health-btrfs.service dest: /etc/systemd/system/health-btrfs.service
notify: reload health-btrfs.service notify: reload health-btrfs.service
- name: set service_name to the name of the current role - name: create health-btrfs.timer
set_fact: template:
service_name: "{{ role_name }}" src: health-btrfs.timer.j2
dest: "/etc/systemd/system/health-btrfs.timer"
- name: "include role for systemd-timer for {{service_name}}" register: health_btrs_timer
include_role: changed_when: health_btrs_timer.changed or activate_all_timers | bool
name: systemd-timer notify: restart health-btrfs.timer
vars:
on_calendar: "{{on_calendar_health_btrfs}}"

10
roles/health-btrfs/templates/health-btrfs.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts health-btrfs.service
[Timer]
OnCalendar={{on_calendar_health_btrfs}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=false
[Install]
WantedBy=timers.target

6
roles/health-disc-space/handlers/main.yml
View File

@ -3,3 +3,9 @@
name: health-disc-space.service name: health-disc-space.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart health-disc-space.timer"
systemd:
name: health-disc-space.timer
state: restarted
enabled: yes
daemon_reload: yes

16
roles/health-disc-space/tasks/main.yml
View File

@ -15,12 +15,10 @@
dest: /etc/systemd/system/health-disc-space.service dest: /etc/systemd/system/health-disc-space.service
notify: reload health-disc-space.service notify: reload health-disc-space.service
- name: set service_name to the name of the current role - name: create health-disc-space.timer
set_fact: template:
service_name: "{{ role_name }}" src: health-disc-space.timer.j2
dest: /etc/systemd/system/health-disc-space.timer
- name: "include role for systemd-timer for {{service_name}}" register: health_disc_space_timer
include_role: changed_when: health_disc_space_timer.changed or activate_all_timers | bool
name: systemd-timer notify: restart health-disc-space.timer
vars:
on_calendar: "{{on_calendar_health_disc_space}}"

10
roles/health-disc-space/templates/health-disc-space.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts health-disc-space.service
[Timer]
OnCalendar={{on_calendar_health_disc_space}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=true
[Install]
WantedBy=timers.target

6
roles/health-docker-container/handlers/main.yml
View File

@ -3,3 +3,9 @@
name: health-docker-container.service name: health-docker-container.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart health-docker-container.timer"
systemd:
name: health-docker-container.timer
state: restarted
enabled: yes
daemon_reload: yes

17
roles/health-docker-container/tasks/main.yml
View File

@ -16,16 +16,13 @@
notify: reload health-docker-container.service notify: reload health-docker-container.service
when: run_once_health_docker_container is not defined when: run_once_health_docker_container is not defined
- name: set service_name to the name of the current role - name: create health-docker-container.timer
set_fact: template:
service_name: "{{ role_name }}" src: health-docker-container.timer.j2
when: run_once_health_docker_container is not defined dest: "/etc/systemd/system/health-docker-container.timer"
register: health_docker_container_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: health_docker_container_timer.changed or activate_all_timers | bool
include_role: notify: restart health-docker-container.timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_health_docker_container}}"
when: run_once_health_docker_container is not defined when: run_once_health_docker_container is not defined
- name: run the health_docker_container tasks once - name: run the health_docker_container tasks once

10
roles/health-docker-container/templates/health-docker-container.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts health-docker-container.service
[Timer]
OnCalendar={{on_calendar_health_docker_container}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=false
[Install]
WantedBy=timers.target

6
roles/health-docker-volumes/handlers/main.yml
View File

@ -3,3 +3,9 @@
name: health-docker-volumes.service name: health-docker-volumes.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart health-docker-volumes.timer"
systemd:
name: health-docker-volumes.timer
state: restarted
enabled: yes
daemon_reload: yes

17
roles/health-docker-volumes/tasks/main.yml
View File

@ -16,16 +16,13 @@
notify: reload health-docker-volumes.service notify: reload health-docker-volumes.service
when: run_once_health_docker_volumes is not defined when: run_once_health_docker_volumes is not defined
- name: set service_name to the name of the current role - name: create health-docker-volumes.timer
set_fact: template:
service_name: "{{ role_name }}" src: health-docker-volumes.timer.j2
when: run_once_health_docker_volumes is not defined dest: "/etc/systemd/system/health-docker-volumes.timer"
register: health_docker_volumes_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: health_docker_volumes_timer.changed or activate_all_timers | bool
include_role: notify: restart health-docker-volumes.timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_health_docker_volumes}}"
when: run_once_health_docker_volumes is not defined when: run_once_health_docker_volumes is not defined
- name: run the health_docker_volumes tasks once - name: run the health_docker_volumes tasks once

10
roles/health-docker-volumes/templates/health-docker-volumes.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts health-docker-volumes.service
[Timer]
OnCalendar={{on_calendar_health_docker_volumes}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=false
[Install]
WantedBy=timers.target

6
roles/health-journalctl/handlers/main.yml
View File

@ -3,3 +3,9 @@
name: health-journalctl.service name: health-journalctl.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart health-journalctl.timer"
systemd:
name: health-journalctl.timer
state: restarted
enabled: yes
daemon_reload: yes

26
roles/health-journalctl/tasks/main.yml
View File

@ -3,34 +3,22 @@
path: "{{health_journalctl_folder}}" path: "{{health_journalctl_folder}}"
state: directory state: directory
mode: 0755 mode: 0755
when: run_once_health_journalctl is not defined
- name: create health-journalctl.sh - name: create health-journalctl.sh
copy: copy:
src: health-journalctl.sh src: health-journalctl.sh
dest: "{{health_journalctl_folder}}health-journalctl.sh" dest: "{{health_journalctl_folder}}health-journalctl.sh"
when: run_once_health_journalctl is not defined
- name: create health-journalctl.service - name: create health-journalctl.service
template: template:
src: health-journalctl.service.j2 src: health-journalctl.service.j2
dest: /etc/systemd/system/health-journalctl.service dest: /etc/systemd/system/health-journalctl.service
notify: reload health-journalctl.service notify: reload health-journalctl.service
when: run_once_health_journalctl is not defined
- name: set service_name to the name of the current role - name: create health-journalctl.timer
set_fact: template:
service_name: "{{ role_name }}" src: health-journalctl.timer.j2
when: run_once_health_journalctl is not defined dest: /etc/systemd/system/health-journalctl.timer
register: health_journalctl_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: health_journalctl_timer.changed or activate_all_timers | bool
include_role: notify: restart health-journalctl.timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_health_journalctl}}"
when: run_once_health_journalctl is not defined
- name: run the health_journalctl tasks once
set_fact:
run_once_health_journalctl: true
when: run_once_health_journalctl is not defined

10
roles/health-journalctl/templates/health-journalctl.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts health-journalctl.service
[Timer]
OnCalendar={{on_calendar_health_journalctl}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=false
[Install]
WantedBy=timers.target

7
roles/health-nginx/handlers/main.yml
View File

@ -3,3 +3,10 @@
name: health-nginx.service name: health-nginx.service
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart health-nginx.timer"
systemd:
name: health-nginx.timer
state: restarted
enabled: yes
daemon_reload: yes

17
roles/health-nginx/tasks/main.yml
View File

@ -24,16 +24,13 @@
notify: reload health-nginx.service notify: reload health-nginx.service
when: run_once_health_nginx is not defined when: run_once_health_nginx is not defined
- name: set service_name to the name of the current role - name: create health-nginx.timer
set_fact: template:
service_name: "{{ role_name }}" src: health-nginx.timer.j2
when: run_once_health_nginx is not defined dest: "/etc/systemd/system/health-nginx.timer"
register: health_nginx_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: health_nginx_timer.changed or activate_all_timers | bool
include_role: notify: restart health-nginx.timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_health_nginx}}"
when: run_once_health_nginx is not defined when: run_once_health_nginx is not defined
- name: run the health_nginx tasks once - name: run the health_nginx tasks once

10
roles/health-nginx/templates/health-nginx.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=starts health-nginx.service
[Timer]
OnCalendar={{ on_calendar_health_nginx }}
RandomizedDelaySec={{ randomized_delay_sec }}
Persistent=false
[Install]
WantedBy=timers.target

8
roles/nginx-certbot/handlers/main.yml
View File

@ -1,6 +1,12 @@
- name: "reload certbot service" - name: "reload certbot service"
systemd: systemd:
name: nginx-certbot.service name: certbot.service
state: reloaded state: reloaded
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
- name: "restart certbot timer"
systemd:
name: certbot.timer
state: restarted
enabled: yes
daemon_reload: yes

24
roles/nginx-certbot/tasks/main.yml
View File

@ -4,24 +4,20 @@
state: present state: present
when: run_once_nginx_certbot is not defined when: run_once_nginx_certbot is not defined
- name: configure nginx-certbot.service - name: configure certbot.service.tpl
template: template:
src: nginx-certbot.service.j2 src: certbot.service.j2
dest: /etc/systemd/system/nginx-certbot.service dest: /etc/systemd/system/certbot.service
notify: reload certbot service notify: reload certbot service
when: run_once_nginx_certbot is not defined when: run_once_nginx_certbot is not defined
- name: set service_name to the name of the current role - name: configure certbot.timer.tpl
set_fact: template:
service_name: "{{ role_name }}" src: certbot.timer.j2
when: run_once_nginx_certbot is not defined dest: /etc/systemd/system/certbot.timer
register: certbot_timer
- name: "include role for systemd-timer for {{service_name}}" changed_when: certbot_timer.changed or activate_all_timers | bool
include_role: notify: restart certbot timer
name: systemd-timer
vars:
on_calendar: "{{on_calendar_renew_lets_encrypt_certificates}}"
persistent: "true"
when: run_once_nginx_certbot is not defined when: run_once_nginx_certbot is not defined
- name: run the nginx_certbot tasks once - name: run the nginx_certbot tasks once

0
roles/nginx-certbot/templates/nginx-certbot.service.j2 → roles/nginx-certbot/templates/certbot.service.j2
View File

10
roles/nginx-certbot/templates/certbot.timer.j2 Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Renewal of Let's Encrypt's certificates
[Timer]
OnCalendar=0/12:00:00
RandomizedDelaySec={{randomized_delay_sec}}
Persistent=true
[Install]
WantedBy=timers.target

6
roles/systemd-timer/handlers/main.yml
View File

@ -1,6 +0,0 @@
- name: "restart timer"
systemd:
name: "{{service_name}}.timer"
state: restarted
enabled: yes
daemon_reload: yes

7
roles/systemd-timer/tasks/main.yml
View File

@ -1,7 +0,0 @@
- name: create {{service_name}}.timer
template:
src: dummy.timer.j2
dest: "/etc/systemd/system/{{service_name}}.timer"
register: dummy_timer
changed_when: dummy_timer.changed or activate_all_timers | bool
notify: restart timer

10
roles/systemd-timer/templates/dummy.timer.j2
View File

@ -1,10 +0,0 @@
[Unit]
Description=Timer to start {{service_name}}.service
[Timer]
OnCalendar={{on_calendar}}
RandomizedDelaySec={{randomized_delay_sec}}
Persistent={{ persistent | default('false') }}
[Install]
WantedBy=timers.target

2
servers.yml
View File

@ -39,7 +39,7 @@
roles: roles:
- role: docker-wordpress - role: docker-wordpress
vars: vars:
domains: "{{domains_wordpress}}" domains: "{{wordpress_domains}}"
http_port: 8003 http_port: 8003
- name: setup mediawiki hosts - name: setup mediawiki hosts

1
templates/docker-compose-networks.yml.j2
View File

@ -5,4 +5,3 @@ networks:
external: true external: true
{% endif %} {% endif %}
{{docker_compose_project_name}}_network: {{docker_compose_project_name}}_network:
{{ "\n" }}

1
templates/docker-compose-volumes-just-database.yml.j2
View File

@ -3,4 +3,3 @@
volumes: volumes:
database: database:
{% endif %} {% endif %}
{{ "\n" }}

1
templates/docker-compose-volumes.yml.j2
View File

@ -3,4 +3,3 @@ volumes:
{% if not enable_central_database | bool %} {% if not enable_central_database | bool %}
database: database:
{% endif %} {% endif %}
{{ "\n" }}

1
templates/docker-container-depends-on-also-database.yml.j2
View File

@ -4,4 +4,3 @@
database: database:
condition: service_healthy condition: service_healthy
{% endif %} {% endif %}
{{ "\n" }}

1
templates/docker-container-depends-on-database-redis.yml.j2
View File

@ -6,4 +6,3 @@
{% endif %} {% endif %}
redis: redis:
condition: service_healthy condition: service_healthy
{{ "\n" }}

1
templates/docker-container-depends-on-just-database.yml.j2
View File

@ -4,4 +4,3 @@
database: database:
condition: service_healthy condition: service_healthy
{% endif %} {% endif %}
{{ "\n" }}

5
templates/docker-container-networks.yml.j2
View File

@ -1,7 +1,6 @@
# This template needs to be included in docker-compose.yml containers # This template needs to be included in docker-compose.yml containers
networks: networks:
{{docker_compose_project_name}}_network: - {{docker_compose_project_name}}_network
{% if enable_central_database | bool %} {% if enable_central_database | bool %}
central_{{ database_type }}_network: - central_{{ database_type }}_network
{% endif %} {% endif %}
{{ "\n" }}

1
templates/docker-service-mariadb.yml.j2
View File

@ -22,4 +22,3 @@
networks: networks:
- {{docker_compose_project_name}}_network - {{docker_compose_project_name}}_network
{% endif %} {% endif %}
{{ "\n" }}

1
templates/docker-service-postgres.yml.j2
View File

@ -20,4 +20,3 @@
networks: networks:
- {{docker_compose_project_name}}_network - {{docker_compose_project_name}}_network
{% endif %} {% endif %}
{{ "\n" }}

1
templates/docker-service-redis.yml.j2
View File

@ -13,4 +13,3 @@
retries: 30 retries: 30
networks: networks:
- {{docker_compose_project_name}}_network - {{docker_compose_project_name}}_network
{{ "\n" }}