From d14c2aaa2c816c7bd4a82dc93cbb8d79f52598d1 Mon Sep 17 00:00:00 2001 From: James Tombleson Date: Fri, 28 Jan 2022 16:22:11 -0800 Subject: [PATCH] Dev (#9) * docker tests are looking good and nfs is able to connect and containers can talk to each other. * Added pihole support for a new vm * pihole is not working yet via docker. Installed it by hand without ansible for now. * added some docker related tasks and working on collins now to see how to use it. * forgot to push some changes... kube didnt work out as it adds too much overhead for what I need. * added two roles to help working with backup and restore of docker volume data. * did some cleanup on old roles. * pushing for axw testing * moving to requirements.yml. adding cron jobs for maint. * roles are being moved out of this repo. Roles are handled by requirements.yml going forward. Dev roles are still in the repo but if they stick around a new repo will be made for it. * Made a bunch of changes * fixed a problem * Added a playbook to deploy grafana and added prometheus role to monitor things. * Updated cron to test * Updated cron to test * Updated cron * updated discord_webhook and now testing if cron will pick up the changes. * Fixed plex backup for now. * docker updates and working on nginx * pushing pending changes that need to go live for cron testing * fixed debug roles and updated discord test * fixed debug roles and updated discord test * Disabling test cron * its been awhile... I am not sure what I have done anymore but time to push my changes. * added newsbot configs, added to jenkins, starting to migrate to collections. * Updated inventory to support the network changes * jenkinsfile is now working in my local setup. * node2 is unhealthy and is removed from inv. I was doing something to this box months ago, but now i dont remember what it was." * updated images and adding them to jenkins for testing * removed the old image files and moved to my public image * Jenkins will now inform discord of jobs. Added post tasks. Added mediaserver common. * updated the backend update job and adding a jenkins pipeline to handle it for me. * updated the backup job again * Updated all the jekins jobs. Added a jenkins newsbot backup job. Adjusted newsbot plays to add backup and redeploy jobs. * updated newsbot backup playbook to make older backup files as needed. * Added debug message to report in CI what version is getting deployed. * I did something stupid and this device is not letting me login for now. * removing twitter source for now as I found a bandwidth related bug that wont get pushed for a bit * Adding a bunch of changes, some is cleanup and some are adds * updated the images * updated the kube common playbook * Started to work on ceph, stopped due to hardware resources, updated common, added monit, and starting to work on a playbook to handle my ssh access. * Added a role to deploy monit to my servers. Still needs some more updates before its ready * Here is my work on ceph, it might go away but I am not sure yet. * Starting to migrate my common playbook to a role, not done yet. * updated kube and inventory * updated gitignore --- .devcontainer/Dockerfile | 57 +++ .devcontainer/devcontainer.json | 33 ++ .gitignore | 11 +- .vscode/settings.json | 3 +- Vagrantfile | 78 ---- ansible.cfg | 11 +- ci/ansible-job-common/docker/jenkinsfile | 92 +++++ ci/ansible-job-common/k8s/jenkinsfile | 71 ++++ ci/ansible-job-mediaback-backup/jenkinsfile | 78 ++++ ci/ansible-job-newsbot-backup/jenkinsfile | 78 ++++ inventory/group_vars/ceph-primary.yml | 3 + inventory/group_vars/duckdns.yml | 8 + inventory/group_vars/kube-fs.yml | 22 ++ inventory/group_vars/kube-master.yml | 142 ++++++++ inventory/group_vars/kube-node.yml | 1 + inventory/group_vars/kube.yml | 56 +++ inventory/group_vars/linux-all.yml | 199 ++++++++++ inventory/group_vars/localhost.yml | 12 + inventory/group_vars/mediaserver-back.yml | 8 + inventory/group_vars/mediaserver.yml | 19 + inventory/group_vars/newsbot.yml | 153 ++++++++ inventory/home.yaml | 89 ----- inventory/inv.yaml | 94 +++++ jenkinsfile | 56 +++ makefile | 12 + modules/discord.py | 178 +++++++++ playbook/debug/roleTest.yml | 39 ++ playbook/docker/InstallDocker.yml | 56 --- playbook/docker/archive/collins.yml | 30 ++ playbook/docker/archive/deploy-awx.yml | 18 + playbook/docker/archive/gitea_stack.yml | 83 +++++ playbook/docker/archive/nagios.yml | 17 + playbook/docker/archive/portainer.yml | 48 +++ playbook/docker/archive/portainer_agents.yml | 0 playbook/docker/archive/rancher.yml | 42 +++ playbook/docker/archive/rancher_workers.yml | 57 +++ playbook/docker/common.yml | 52 +++ playbook/docker/duckdns.yml | 38 ++ playbook/docker/foldingathome.yml | 26 ++ playbook/docker/gitea.yml | 72 ++++ playbook/docker/mediaserver/back/backup.yml | 168 +++++++++ playbook/docker/mediaserver/back/deploy.yml | 113 ++++++ playbook/docker/mediaserver/back/organizr.yml | 19 + playbook/docker/mediaserver/back/restarts.yml | 55 +++ playbook/docker/mediaserver/back/restore.yml | 25 ++ playbook/docker/mediaserver/back/status.yml | 30 ++ .../mediaserver/back/task-status-checkup.yml | 20 ++ playbook/docker/mediaserver/common.yml | 68 ++++ playbook/docker/mediaserver/front/backup.yml | 55 +++ playbook/docker/mediaserver/front/deploy.yml | 77 ++++ .../docker/mediaserver/front/restarts.yml | 22 ++ playbook/docker/mediaserver/front/restore.yml | 25 ++ playbook/docker/mediaserver/hydra.yml | 48 --- playbook/docker/mediaserver/mediaserver.yml | 134 ------- playbook/docker/mediaserver/mount.yml | 18 - playbook/docker/mediaserver/nzbget.yml | 35 -- playbook/docker/mediaserver/sonarr.yml | 37 -- playbook/docker/mediaserver/update.yml | 42 +++ playbook/docker/mediaserver/vars.yml | 12 - playbook/docker/minecraft/deploy.yml | 55 +++ .../docker/monitoring/files/influxdb.conf | 0 .../docker/monitoring/files/telegraf.h1.conf | 0 .../docker/monitoring/files/telegraf.h2.conf | 0 playbook/docker/monitoring/grafana.yml | 30 ++ playbook/docker/monitoring/influxdb.yml | 96 +++++ playbook/docker/newsbot/backup.yml | 107 ++++++ playbook/docker/newsbot/deploy.yml | 103 ++++++ playbook/docker/nextcloud/deploy.yml | 93 +++++ playbook/docker/nginx.yml | 39 ++ playbook/docker/pihole.yml | 55 +++ playbook/docker/readme.md | 3 + playbook/docker/syncthing/syncthing.yml | 48 +++ .../infrastructure/containers/nextcloud.yml | 2 + .../containers/nextcloud/main.tf | 157 ++++++++ playbook/kube/extract-kube-config.yaml | 10 + playbook/kube/install-node.yml | 43 +++ playbook/kube/minecraftServer.yml | 22 ++ playbook/kube/nextcloud.yml | 110 ++++++ playbook/kube/restore-app-backup.yaml | 28 ++ playbook/kube/setup-media-requirements.yaml | 58 +++ playbook/linux/ansible_config.yml | 9 + playbook/linux/ceph/common.yml | 17 + playbook/linux/ceph/test.yml | 27 ++ playbook/linux/certbot.yml | 11 + playbook/linux/common.yml | 33 +- playbook/linux/influxdb.yml | 12 + playbook/linux/install-awx.yml | 2 +- playbook/linux/install-jenkins.yml | 33 -- playbook/linux/install-nextcloud.yml | 13 + playbook/linux/monit.yml | 12 + playbook/linux/nfsserver.yml | 46 +++ playbook/linux/nginx.yml | 13 + playbook/linux/passwordless-access.yml | 19 + playbook/linux/readme.md | 3 + playbook/linux/telegraf.yml | 10 + playbook/linux/zsh.yml | 17 + playbook/localhost/collins_test.yml | 12 + playbook/localhost/discord_test.yml | 29 ++ playbook/macos/docker/demoSynthing.yml | 16 + playbook/macos/docker/influx.yml | 28 ++ playbook/macos/docker/nextcloud-role.yml | 9 + playbook/macos/docker/nextcloud.yml | 120 +++++++ playbook/macos/docker/owncloud.yml | 34 ++ playbook/macos/docker/traefik.yml | 24 ++ playbook/macos/installDevTools.yml | 76 +--- playbook/pull.yml | 77 ---- requirements.yml | 78 ++++ roles/geerlingguy.ansible/.gitignore | 3 - roles/geerlingguy.ansible/.travis.yml | 32 -- roles/geerlingguy.ansible/LICENSE | 20 -- roles/geerlingguy.ansible/README.md | 51 --- roles/geerlingguy.ansible/defaults/main.yml | 8 - .../meta/.galaxy_install_info | 2 - roles/geerlingguy.ansible/meta/main.yml | 30 -- .../molecule/default/molecule.yml | 29 -- .../molecule/default/playbook-pip.yml | 12 - .../molecule/default/playbook.yml | 7 - .../molecule/default/requirements.yml | 2 - .../molecule/default/tests/test_default.py | 14 - .../molecule/default/yaml-lint.yml | 6 - roles/geerlingguy.ansible/tasks/main.yml | 27 -- .../tasks/setup-Debian.yml | 23 -- .../tasks/setup-Fedora.yml | 5 - .../tasks/setup-RedHat.yml | 6 - .../tasks/setup-Ubuntu.yml | 11 - roles/geerlingguy.ansible/tasks/setup-pip.yml | 5 - roles/geerlingguy.awx/.gitignore | 2 - roles/geerlingguy.awx/.travis.yml | 22 -- roles/geerlingguy.awx/LICENSE | 20 -- roles/geerlingguy.awx/README.md | 68 ---- roles/geerlingguy.awx/defaults/main.yml | 7 - .../geerlingguy.awx/meta/.galaxy_install_info | 2 - roles/geerlingguy.awx/meta/main.yml | 32 -- .../tasks/awx-install-playbook.yml | 12 - roles/geerlingguy.awx/tasks/main.yml | 21 -- roles/geerlingguy.awx/tests/README.md | 11 - .../tests/custom_travis_wait.sh | 26 -- roles/geerlingguy.awx/tests/requirements.yml | 7 - .../tests/test-no-playbook.yml | 15 - roles/geerlingguy.awx/tests/test.yml | 23 -- roles/geerlingguy.awx/vars/Debian.yml | 6 - roles/geerlingguy.awx/vars/RedHat.yml | 6 - roles/geerlingguy.docker/.gitignore | 3 - roles/geerlingguy.docker/.travis.yml | 31 -- roles/geerlingguy.docker/LICENSE | 20 -- roles/geerlingguy.docker/README.md | 89 ----- roles/geerlingguy.docker/defaults/main.yml | 29 -- roles/geerlingguy.docker/handlers/main.yml | 3 - .../meta/.galaxy_install_info | 2 - roles/geerlingguy.docker/meta/main.yml | 34 -- .../molecule/default/molecule.yml | 29 -- .../molecule/default/playbook.yml | 12 - .../molecule/default/yaml-lint.yml | 6 - .../tasks/docker-1809-shim.yml | 16 - .../tasks/docker-compose.yml | 20 -- .../geerlingguy.docker/tasks/docker-users.yml | 7 - roles/geerlingguy.docker/tasks/main.yml | 31 -- .../geerlingguy.docker/tasks/setup-Debian.yml | 40 --- .../geerlingguy.docker/tasks/setup-RedHat.yml | 35 -- .../templates/override.conf.j2 | 3 - roles/geerlingguy.git/.ansible-lint | 2 - roles/geerlingguy.git/.gitignore | 3 - roles/geerlingguy.git/.travis.yml | 34 -- roles/geerlingguy.git/LICENSE | 20 -- roles/geerlingguy.git/README.md | 55 --- roles/geerlingguy.git/defaults/main.yml | 23 -- .../geerlingguy.git/meta/.galaxy_install_info | 2 - roles/geerlingguy.git/meta/main.yml | 29 -- .../molecule/default/molecule.yml | 29 -- .../molecule/default/playbook-source.yml | 18 - .../molecule/default/playbook.yml | 17 - .../molecule/default/yaml-lint.yml | 6 - .../tasks/install-from-source.yml | 64 ---- roles/geerlingguy.git/tasks/main.yml | 24 -- roles/geerlingguy.git/vars/Debian.yml | 9 - roles/geerlingguy.git/vars/Fedora.yml | 12 - roles/geerlingguy.git/vars/RedHat.yml | 11 - roles/geerlingguy.git/vars/main.yml | 2 - roles/geerlingguy.java/.gitignore | 3 - roles/geerlingguy.java/.travis.yml | 32 -- roles/geerlingguy.java/LICENSE | 20 -- roles/geerlingguy.java/README.md | 67 ---- roles/geerlingguy.java/defaults/main.yml | 6 - .../meta/.galaxy_install_info | 2 - roles/geerlingguy.java/meta/main.yml | 39 -- .../molecule/default/molecule.yml | 29 -- .../molecule/default/playbook.yml | 13 - .../molecule/default/tests/test_default.py | 14 - .../molecule/default/yaml-lint.yml | 6 - roles/geerlingguy.java/tasks/main.yml | 41 --- roles/geerlingguy.java/tasks/setup-Debian.yml | 16 - .../geerlingguy.java/tasks/setup-FreeBSD.yml | 11 - roles/geerlingguy.java/tasks/setup-RedHat.yml | 5 - .../templates/java_home.sh.j2 | 1 - roles/geerlingguy.java/vars/Debian-8.yml | 7 - roles/geerlingguy.java/vars/Debian-9.yml | 6 - roles/geerlingguy.java/vars/Fedora.yml | 6 - roles/geerlingguy.java/vars/FreeBSD.yml | 7 - roles/geerlingguy.java/vars/RedHat-6.yml | 7 - roles/geerlingguy.java/vars/RedHat-7.yml | 8 - roles/geerlingguy.java/vars/Ubuntu-12.yml | 7 - roles/geerlingguy.java/vars/Ubuntu-14.yml | 7 - roles/geerlingguy.java/vars/Ubuntu-16.yml | 7 - roles/geerlingguy.java/vars/Ubuntu-18.yml | 6 - roles/geerlingguy.jenkins/.ansible-lint | 2 - roles/geerlingguy.jenkins/.gitignore | 3 - roles/geerlingguy.jenkins/.travis.yml | 43 --- roles/geerlingguy.jenkins/LICENSE | 20 -- roles/geerlingguy.jenkins/README.md | 135 ------- roles/geerlingguy.jenkins/defaults/main.yml | 37 -- roles/geerlingguy.jenkins/handlers/main.yml | 12 - .../meta/.galaxy_install_info | 2 - roles/geerlingguy.jenkins/meta/main.yml | 29 -- .../molecule/default/java-8.yml | 51 --- .../molecule/default/molecule.yml | 29 -- .../molecule/default/playbook-http-port.yml | 24 -- .../default/playbook-jenkins-version.yml | 27 -- .../default/playbook-plugins-with-home.yml | 52 --- .../molecule/default/playbook-prefix.yml | 24 -- .../molecule/default/playbook.yml | 16 - .../molecule/default/requirements.yml | 2 - .../molecule/default/yaml-lint.yml | 6 - roles/geerlingguy.jenkins/tasks/main.yml | 66 ---- roles/geerlingguy.jenkins/tasks/plugins.yml | 61 ---- roles/geerlingguy.jenkins/tasks/settings.yml | 69 ---- .../tasks/setup-Debian.yml | 45 --- .../tasks/setup-RedHat.yml | 45 --- .../templates/basic-security.groovy.j2 | 28 -- roles/geerlingguy.jenkins/vars/Debian.yml | 7 - roles/geerlingguy.jenkins/vars/RedHat.yml | 7 - roles/geerlingguy.nodejs/.ansible-lint | 3 - roles/geerlingguy.nodejs/.gitignore | 3 - roles/geerlingguy.nodejs/.travis.yml | 34 -- roles/geerlingguy.nodejs/LICENSE | 20 -- roles/geerlingguy.nodejs/README.md | 73 ---- roles/geerlingguy.nodejs/defaults/main.yml | 27 -- .../meta/.galaxy_install_info | 2 - roles/geerlingguy.nodejs/meta/main.yml | 30 -- .../molecule/default/molecule.yml | 29 -- .../molecule/default/playbook-latest.yml | 23 -- .../molecule/default/playbook.yml | 22 -- .../molecule/default/tests/test_default.py | 14 - .../molecule/default/yaml-lint.yml | 6 - roles/geerlingguy.nodejs/tasks/main.yml | 42 --- .../geerlingguy.nodejs/tasks/setup-Debian.yml | 25 -- .../geerlingguy.nodejs/tasks/setup-RedHat.yml | 37 -- roles/geerlingguy.nodejs/templates/npm.sh.j2 | 3 - roles/geerlingguy.pip/.gitignore | 3 - roles/geerlingguy.pip/.travis.yml | 29 -- roles/geerlingguy.pip/LICENSE | 20 -- roles/geerlingguy.pip/README.md | 76 ---- roles/geerlingguy.pip/defaults/main.yml | 6 - .../geerlingguy.pip/meta/.galaxy_install_info | 2 - roles/geerlingguy.pip/meta/main.yml | 30 -- .../molecule/default/molecule.yml | 29 -- .../molecule/default/playbook.yml | 20 -- .../molecule/default/tests/test_default.py | 14 - .../molecule/default/yaml-lint.yml | 6 - roles/geerlingguy.pip/tasks/main.yml | 14 - roles/jnv.unattended-upgrades/.editorconfig | 9 - roles/jnv.unattended-upgrades/.gitignore | 3 - roles/jnv.unattended-upgrades/.travis.yml | 16 - roles/jnv.unattended-upgrades/LICENSE | 339 ------------------ roles/jnv.unattended-upgrades/README.md | 180 ---------- .../jnv.unattended-upgrades/defaults/main.yml | 122 ------- .../jnv.unattended-upgrades/handlers/main.yml | 2 - .../meta/.galaxy_install_info | 2 - roles/jnv.unattended-upgrades/meta/main.yml | 38 -- roles/jnv.unattended-upgrades/tasks/main.yml | 2 - .../jnv.unattended-upgrades/tasks/reboot.yml | 9 - .../tasks/unattended-upgrades.yml | 37 -- .../templates/auto-upgrades.j2 | 25 -- .../templates/unattended-upgrades.j2 | 106 ------ .../jnv.unattended-upgrades/tests/ansible.cfg | 3 - roles/jnv.unattended-upgrades/tests/inventory | 1 - .../tests/requirements.yml | 3 - roles/jnv.unattended-upgrades/tests/test.sh | 29 -- roles/jnv.unattended-upgrades/tests/test.yml | 70 ---- .../vars/Debian-wheezy.yml | 11 - roles/jnv.unattended-upgrades/vars/Debian.yml | 3 - roles/jnv.unattended-upgrades/vars/Ubuntu.yml | 3 - roles/jtom38.ceph/.travis.yml | 29 ++ .../README.md | 0 roles/jtom38.ceph/defaults/main.yml | 27 ++ roles/jtom38.ceph/handlers/main.yml | 2 + .../meta/main.yml | 29 +- roles/jtom38.ceph/tasks/bootstrap.yml | 26 ++ roles/jtom38.ceph/tasks/cluster_config.yml | 10 + roles/jtom38.ceph/tasks/install.yml | 60 ++++ roles/jtom38.ceph/tasks/main.yml | 14 + roles/jtom38.ceph/tasks/seed.yml | 87 +++++ roles/jtom38.ceph/templates/bootstrap.log.j2 | 1 + roles/jtom38.ceph/templates/release.j2 | 4 + roles/jtom38.ceph/templates/ssh.config.j2 | 6 + .../tests/inventory | 0 .../tests/test.yml | 2 +- roles/jtom38.ceph/vars/main.yml | 2 + roles/jtom38.linux_common/.travis.yml | 29 ++ .../README.md | 0 roles/jtom38.linux_common/defaults/main.yml | 19 + .../files/miharu_linux.pub | 43 +++ roles/jtom38.linux_common/handlers/main.yml | 2 + .../meta/main.yml | 28 +- roles/jtom38.linux_common/tasks/main.yml | 45 +++ .../tests/inventory | 0 .../tests/test.yml | 2 +- roles/jtom38.linux_common/vars/main.yml | 2 + roles/jtom38.monit/.travis.yml | 29 ++ .../README.md | 30 +- roles/jtom38.monit/defaults/main.yml | 89 +++++ roles/jtom38.monit/handlers/main.yml | 2 + .../meta/main.yml | 29 +- roles/jtom38.monit/tasks/main.yml | 120 +++++++ .../templates/conf/filesystems.conf.j2 | 14 + .../templates/conf/global.conf.j2 | 13 + .../jtom38.monit/templates/conf/hosts.conf.j2 | 32 ++ .../jtom38.monit/templates/conf/http.conf.j2 | 7 + .../templates/conf/processes.conf.j2 | 24 ++ .../templates/conf/system.conf.j2 | 14 + .../templates/scripts/discord.sh.j2 | 19 + .../templates/scripts/slack.sh.j2 | 24 ++ .../tests/inventory | 0 .../tests/test.yml | 2 +- roles/jtom38.monit/vars/main.yml | 2 + roles/luther38.elasticsearch/README.md | 96 ----- .../luther38.elasticsearch/defaults/main.yml | 60 ---- .../luther38.elasticsearch/handlers/main.yml | 2 - .../tasks/install-repo.yml | 29 -- roles/luther38.elasticsearch/tasks/main.yml | 11 - roles/luther38.elasticsearch/tasks/ubuntu.yml | 44 --- .../templates/elasticsearch.j2 | 96 ----- roles/luther38.elasticsearch/vars/main.yml | 27 -- roles/luther38.filebeat/defaults/main.yml | 15 - roles/luther38.filebeat/handlers/main.yml | 2 - .../luther38.filebeat/tasks/install-repo.yml | 29 -- roles/luther38.filebeat/tasks/main.yml | 7 - roles/luther38.filebeat/tasks/ubuntu.yml | 30 -- roles/luther38.filebeat/tasks/windows.yml | 62 ---- roles/luther38.filebeat/templates/filebeat.j2 | 211 ----------- roles/luther38.filebeat/vars/main.yml | 2 - .../archive/config-heartbeat.yml | 18 - roles/luther38.heartbeat/defaults/main.yml | 2 - roles/luther38.heartbeat/handlers/main.yml | 2 - roles/luther38.heartbeat/meta/main.yml | 60 ---- roles/luther38.heartbeat/tasks/main.yml | 2 - .../luther38.heartbeat/templates/heartbeat.j2 | 168 --------- roles/luther38.heartbeat/tests/test.yml | 5 - roles/luther38.heartbeat/vars/main.yml | 2 - roles/luther38.kibana/defaults/main.yml | 38 -- roles/luther38.kibana/handlers/main.yml | 2 - roles/luther38.kibana/tasks/install-repo.yml | 29 -- roles/luther38.kibana/tasks/main.yml | 7 - roles/luther38.kibana/tasks/ubuntu.yml | 42 --- roles/luther38.kibana/templates/kibana.j2 | 118 ------ roles/luther38.kibana/tests/inventory | 2 - roles/luther38.kibana/vars/main.yml | 2 - roles/luther38.logstash/README.md | 38 -- roles/luther38.logstash/defaults/main.yml | 5 - roles/luther38.logstash/handlers/main.yml | 2 - roles/luther38.logstash/meta/main.yml | 60 ---- .../luther38.logstash/tasks/install-repo.yml | 29 -- roles/luther38.logstash/tasks/main.yml | 6 - roles/luther38.logstash/tasks/ubuntu.yml | 44 --- roles/luther38.logstash/templates/logstash.j2 | 247 ------------- roles/luther38.logstash/tests/inventory | 2 - roles/luther38.logstash/tests/test.yml | 5 - roles/luther38.logstash/vars/main.yml | 2 - roles/luther38.metricbeat/README.md | 38 -- .../archive/config-metricbeat.yml | 26 -- .../archive/config-win-heartbeat.yml | 56 --- .../archive/install-metricbeat.yml | 16 - roles/luther38.metricbeat/defaults/main.yml | 18 - roles/luther38.metricbeat/handlers/main.yml | 2 - roles/luther38.metricbeat/meta/main.yml | 60 ---- .../tasks/install-repo.yml | 26 -- roles/luther38.metricbeat/tasks/main.yml | 10 - roles/luther38.metricbeat/tasks/ubuntu.yml | 37 -- roles/luther38.metricbeat/tasks/windows.yml | 62 ---- .../templates/metricbeat.j2 | 155 -------- roles/luther38.metricbeat/tests/inventory | 2 - roles/luther38.metricbeat/tests/test.yml | 5 - roles/luther38.metricbeat/vars/main.yml | 2 - roles/luther38.okta/defaults/main.yml | 12 - roles/luther38.okta/tasks/main.yml | 90 ----- roles/luther38.winlogbeat/README.md | 38 -- .../archive/config-winlogbeat.yml | 52 --- roles/luther38.winlogbeat/defaults/main.yml | 2 - roles/luther38.winlogbeat/handlers/main.yml | 2 - roles/luther38.winlogbeat/meta/main.yml | 60 ---- roles/luther38.winlogbeat/tasks/main.yml | 6 - roles/luther38.winlogbeat/tasks/windows.yml | 62 ---- .../templates/winlogbeat.j2 | 158 -------- roles/luther38.winlogbeat/tests/inventory | 2 - roles/luther38.winlogbeat/tests/test.yml | 5 - roles/luther38.winlogbeat/vars/main.yml | 2 - roles/sensu.sensu/.gitattributes | 6 - roles/sensu.sensu/.gitignore | 4 - roles/sensu.sensu/.yamllint | 11 - roles/sensu.sensu/CHANGELOG.md | 194 ---------- roles/sensu.sensu/LICENSE | 18 - roles/sensu.sensu/README.md | 85 ----- roles/sensu.sensu/defaults/main.yml | 126 ------- roles/sensu.sensu/handlers/main.yml | 69 ---- roles/sensu.sensu/meta/.galaxy_install_info | 2 - roles/sensu.sensu/meta/main.yml | 39 -- roles/sensu.sensu/tasks/Amazon/dashboard.yml | 21 -- roles/sensu.sensu/tasks/Amazon/main.yml | 30 -- roles/sensu.sensu/tasks/Amazon/rabbit.yml | 66 ---- roles/sensu.sensu/tasks/Amazon/redis.yml | 29 -- roles/sensu.sensu/tasks/CentOS/dashboard.yml | 41 --- roles/sensu.sensu/tasks/CentOS/main.yml | 83 ----- roles/sensu.sensu/tasks/CentOS/rabbit.yml | 66 ---- roles/sensu.sensu/tasks/CentOS/redis.yml | 29 -- roles/sensu.sensu/tasks/Debian/dashboard.yml | 21 -- roles/sensu.sensu/tasks/Debian/main.yml | 41 --- roles/sensu.sensu/tasks/Debian/rabbit.yml | 53 --- roles/sensu.sensu/tasks/Debian/redis.yml | 26 -- roles/sensu.sensu/tasks/Fedora/dashboard.yml | 1 - roles/sensu.sensu/tasks/Fedora/main.yml | 1 - roles/sensu.sensu/tasks/Fedora/rabbit.yml | 66 ---- roles/sensu.sensu/tasks/Fedora/redis.yml | 27 -- roles/sensu.sensu/tasks/FreeBSD/dashboard.yml | 86 ----- roles/sensu.sensu/tasks/FreeBSD/main.yml | 53 --- roles/sensu.sensu/tasks/FreeBSD/rabbit.yml | 14 - roles/sensu.sensu/tasks/FreeBSD/redis.yml | 25 -- roles/sensu.sensu/tasks/OpenBSD/dashboard.yml | 86 ----- roles/sensu.sensu/tasks/OpenBSD/main.yml | 69 ---- roles/sensu.sensu/tasks/OpenBSD/rabbit.yml | 14 - roles/sensu.sensu/tasks/OpenBSD/redis.yml | 25 -- roles/sensu.sensu/tasks/OracleLinux | 1 - roles/sensu.sensu/tasks/RedHat | 1 - roles/sensu.sensu/tasks/SmartOS/client.yml | 23 -- roles/sensu.sensu/tasks/SmartOS/dashboard.yml | 96 ----- roles/sensu.sensu/tasks/SmartOS/main.yml | 36 -- roles/sensu.sensu/tasks/SmartOS/rabbit.yml | 14 - roles/sensu.sensu/tasks/SmartOS/redis.yml | 12 - roles/sensu.sensu/tasks/SmartOS/server.yml | 32 -- roles/sensu.sensu/tasks/Ubuntu/dashboard.yml | 21 -- roles/sensu.sensu/tasks/Ubuntu/main.yml | 35 -- roles/sensu.sensu/tasks/Ubuntu/rabbit.yml | 53 --- roles/sensu.sensu/tasks/Ubuntu/redis.yml | 33 -- roles/sensu.sensu/tasks/client.yml | 28 -- roles/sensu.sensu/tasks/common.yml | 57 --- roles/sensu.sensu/tasks/dashboard.yml | 12 - roles/sensu.sensu/tasks/main.yml | 45 --- roles/sensu.sensu/tasks/plugins.yml | 152 -------- roles/sensu.sensu/tasks/rabbit.yml | 76 ---- roles/sensu.sensu/tasks/redis.yml | 14 - roles/sensu.sensu/tasks/server.yml | 44 --- roles/sensu.sensu/tasks/ssl.yml | 31 -- roles/sensu.sensu/tasks/ssl_generate.yml | 129 ------- roles/sensu.sensu/templates/client.json.j2 | 15 - .../templates/erlang-apt-preferences.j2 | 4 - roles/sensu.sensu/templates/openssl.cnf.j2 | 56 --- .../sensu.sensu/templates/rabbitmq.config.j2 | 16 - roles/sensu.sensu/templates/sensu-api.json.j2 | 10 - .../sensu-api.smartos_smf_manifest.xml.j2 | 32 -- .../sensu-client.smartos_smf_manifest.xml.j2 | 32 -- .../templates/sensu-freebsd-repo.conf.j2 | 5 - .../templates/sensu-rabbitmq.json.j2 | 15 - .../sensu.sensu/templates/sensu-redis.json.j2 | 14 - .../sensu-server.smartos_smf_manifest.xml.j2 | 32 -- .../templates/sensu-tessen.json.j2 | 5 - .../sensu_enterprise_dashboard_config.json.j2 | 19 - .../templates/sensuclient_openbsd.j2 | 13 - roles/sensu.sensu/templates/transport.json.j2 | 6 - roles/sensu.sensu/templates/uchiwa.sh.j2 | 25 -- .../uchiwa.smartos_smf_manifest.xml.j2 | 32 -- .../templates/uchiwa_config.json.j2 | 29 -- roles/sensu.sensu/templates/uchiwa_freebsd.j2 | 27 -- roles/sensu.sensu/vars/Amazon.yml | 20 -- roles/sensu.sensu/vars/CentOS.yml | 13 - roles/sensu.sensu/vars/Debian.yml | 14 - roles/sensu.sensu/vars/Fedora.yml | 12 - roles/sensu.sensu/vars/FreeBSD.yml | 14 - roles/sensu.sensu/vars/OpenBSD.yml | 16 - roles/sensu.sensu/vars/OracleLinux.yml | 1 - roles/sensu.sensu/vars/RedHat.yml | 1 - roles/sensu.sensu/vars/SmartOS.yml | 10 - roles/sensu.sensu/vars/Ubuntu.yml | 15 - roles/win_localdircopy/README.md | 38 -- roles/win_localdircopy/defaults/main.yml | 2 - roles/win_localdircopy/handlers/main.yml | 2 - roles/win_localdircopy/meta/main.yml | 60 ---- roles/win_localdircopy/tasks/main.yml | 2 - roles/win_localdircopy/tests/inventory | 2 - roles/win_localdircopy/tests/test.yml | 5 - roles/win_localdircopy/vars/main.yml | 2 - 488 files changed, 5129 insertions(+), 10743 deletions(-) create mode 100644 .devcontainer/Dockerfile create mode 100644 .devcontainer/devcontainer.json delete mode 100644 Vagrantfile create mode 100644 ci/ansible-job-common/docker/jenkinsfile create mode 100644 ci/ansible-job-common/k8s/jenkinsfile create mode 100644 ci/ansible-job-mediaback-backup/jenkinsfile create mode 100644 ci/ansible-job-newsbot-backup/jenkinsfile create mode 100644 inventory/group_vars/ceph-primary.yml create mode 100644 inventory/group_vars/duckdns.yml create mode 100644 inventory/group_vars/kube-fs.yml create mode 100644 inventory/group_vars/kube-master.yml create mode 100644 inventory/group_vars/kube-node.yml create mode 100644 inventory/group_vars/kube.yml create mode 100644 inventory/group_vars/linux-all.yml create mode 100644 inventory/group_vars/localhost.yml create mode 100644 inventory/group_vars/mediaserver-back.yml create mode 100644 inventory/group_vars/mediaserver.yml create mode 100644 inventory/group_vars/newsbot.yml delete mode 100644 inventory/home.yaml create mode 100644 inventory/inv.yaml create mode 100644 jenkinsfile create mode 100644 makefile create mode 100644 modules/discord.py create mode 100644 playbook/debug/roleTest.yml delete mode 100644 playbook/docker/InstallDocker.yml create mode 100644 playbook/docker/archive/collins.yml create mode 100644 playbook/docker/archive/deploy-awx.yml create mode 100644 playbook/docker/archive/gitea_stack.yml create mode 100644 playbook/docker/archive/nagios.yml create mode 100644 playbook/docker/archive/portainer.yml create mode 100644 playbook/docker/archive/portainer_agents.yml create mode 100644 playbook/docker/archive/rancher.yml create mode 100644 playbook/docker/archive/rancher_workers.yml create mode 100644 playbook/docker/common.yml create mode 100644 playbook/docker/duckdns.yml create mode 100644 playbook/docker/foldingathome.yml create mode 100644 playbook/docker/gitea.yml create mode 100644 playbook/docker/mediaserver/back/backup.yml create mode 100644 playbook/docker/mediaserver/back/deploy.yml create mode 100644 playbook/docker/mediaserver/back/organizr.yml create mode 100644 playbook/docker/mediaserver/back/restarts.yml create mode 100644 playbook/docker/mediaserver/back/restore.yml create mode 100644 playbook/docker/mediaserver/back/status.yml create mode 100644 playbook/docker/mediaserver/back/task-status-checkup.yml create mode 100644 playbook/docker/mediaserver/common.yml create mode 100644 playbook/docker/mediaserver/front/backup.yml create mode 100644 playbook/docker/mediaserver/front/deploy.yml create mode 100644 playbook/docker/mediaserver/front/restarts.yml create mode 100644 playbook/docker/mediaserver/front/restore.yml delete mode 100644 playbook/docker/mediaserver/hydra.yml delete mode 100644 playbook/docker/mediaserver/mediaserver.yml delete mode 100644 playbook/docker/mediaserver/mount.yml delete mode 100644 playbook/docker/mediaserver/nzbget.yml delete mode 100644 playbook/docker/mediaserver/sonarr.yml create mode 100644 playbook/docker/mediaserver/update.yml delete mode 100644 playbook/docker/mediaserver/vars.yml create mode 100644 playbook/docker/minecraft/deploy.yml create mode 100644 playbook/docker/monitoring/files/influxdb.conf create mode 100644 playbook/docker/monitoring/files/telegraf.h1.conf create mode 100644 playbook/docker/monitoring/files/telegraf.h2.conf create mode 100644 playbook/docker/monitoring/grafana.yml create mode 100644 playbook/docker/monitoring/influxdb.yml create mode 100644 playbook/docker/newsbot/backup.yml create mode 100644 playbook/docker/newsbot/deploy.yml create mode 100644 playbook/docker/nextcloud/deploy.yml create mode 100644 playbook/docker/nginx.yml create mode 100644 playbook/docker/pihole.yml create mode 100644 playbook/docker/readme.md create mode 100644 playbook/docker/syncthing/syncthing.yml create mode 100644 playbook/infrastructure/containers/nextcloud.yml create mode 100644 playbook/infrastructure/containers/nextcloud/main.tf create mode 100644 playbook/kube/extract-kube-config.yaml create mode 100644 playbook/kube/install-node.yml create mode 100644 playbook/kube/minecraftServer.yml create mode 100644 playbook/kube/nextcloud.yml create mode 100644 playbook/kube/restore-app-backup.yaml create mode 100644 playbook/kube/setup-media-requirements.yaml create mode 100644 playbook/linux/ansible_config.yml create mode 100644 playbook/linux/ceph/common.yml create mode 100644 playbook/linux/ceph/test.yml create mode 100644 playbook/linux/certbot.yml create mode 100644 playbook/linux/influxdb.yml delete mode 100644 playbook/linux/install-jenkins.yml create mode 100644 playbook/linux/install-nextcloud.yml create mode 100644 playbook/linux/monit.yml create mode 100644 playbook/linux/nfsserver.yml create mode 100644 playbook/linux/nginx.yml create mode 100644 playbook/linux/passwordless-access.yml create mode 100644 playbook/linux/readme.md create mode 100644 playbook/linux/telegraf.yml create mode 100644 playbook/linux/zsh.yml create mode 100644 playbook/localhost/collins_test.yml create mode 100644 playbook/localhost/discord_test.yml create mode 100644 playbook/macos/docker/demoSynthing.yml create mode 100644 playbook/macos/docker/influx.yml create mode 100644 playbook/macos/docker/nextcloud-role.yml create mode 100644 playbook/macos/docker/nextcloud.yml create mode 100644 playbook/macos/docker/owncloud.yml create mode 100644 playbook/macos/docker/traefik.yml delete mode 100644 playbook/pull.yml create mode 100644 requirements.yml delete mode 100644 roles/geerlingguy.ansible/.gitignore delete mode 100644 roles/geerlingguy.ansible/.travis.yml delete mode 100644 roles/geerlingguy.ansible/LICENSE delete mode 100644 roles/geerlingguy.ansible/README.md delete mode 100644 roles/geerlingguy.ansible/defaults/main.yml delete mode 100644 roles/geerlingguy.ansible/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.ansible/meta/main.yml delete mode 100644 roles/geerlingguy.ansible/molecule/default/molecule.yml delete mode 100644 roles/geerlingguy.ansible/molecule/default/playbook-pip.yml delete mode 100644 roles/geerlingguy.ansible/molecule/default/playbook.yml delete mode 100644 roles/geerlingguy.ansible/molecule/default/requirements.yml delete mode 100644 roles/geerlingguy.ansible/molecule/default/tests/test_default.py delete mode 100644 roles/geerlingguy.ansible/molecule/default/yaml-lint.yml delete mode 100644 roles/geerlingguy.ansible/tasks/main.yml delete mode 100644 roles/geerlingguy.ansible/tasks/setup-Debian.yml delete mode 100644 roles/geerlingguy.ansible/tasks/setup-Fedora.yml delete mode 100644 roles/geerlingguy.ansible/tasks/setup-RedHat.yml delete mode 100644 roles/geerlingguy.ansible/tasks/setup-Ubuntu.yml delete mode 100644 roles/geerlingguy.ansible/tasks/setup-pip.yml delete mode 100644 roles/geerlingguy.awx/.gitignore delete mode 100644 roles/geerlingguy.awx/.travis.yml delete mode 100644 roles/geerlingguy.awx/LICENSE delete mode 100644 roles/geerlingguy.awx/README.md delete mode 100644 roles/geerlingguy.awx/defaults/main.yml delete mode 100644 roles/geerlingguy.awx/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.awx/meta/main.yml delete mode 100644 roles/geerlingguy.awx/tasks/awx-install-playbook.yml delete mode 100644 roles/geerlingguy.awx/tasks/main.yml delete mode 100644 roles/geerlingguy.awx/tests/README.md delete mode 100755 roles/geerlingguy.awx/tests/custom_travis_wait.sh delete mode 100644 roles/geerlingguy.awx/tests/requirements.yml delete mode 100644 roles/geerlingguy.awx/tests/test-no-playbook.yml delete mode 100644 roles/geerlingguy.awx/tests/test.yml delete mode 100644 roles/geerlingguy.awx/vars/Debian.yml delete mode 100644 roles/geerlingguy.awx/vars/RedHat.yml delete mode 100644 roles/geerlingguy.docker/.gitignore delete mode 100644 roles/geerlingguy.docker/.travis.yml delete mode 100644 roles/geerlingguy.docker/LICENSE delete mode 100644 roles/geerlingguy.docker/README.md delete mode 100644 roles/geerlingguy.docker/defaults/main.yml delete mode 100644 roles/geerlingguy.docker/handlers/main.yml delete mode 100644 roles/geerlingguy.docker/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.docker/meta/main.yml delete mode 100644 roles/geerlingguy.docker/molecule/default/molecule.yml delete mode 100644 roles/geerlingguy.docker/molecule/default/playbook.yml delete mode 100644 roles/geerlingguy.docker/molecule/default/yaml-lint.yml delete mode 100644 roles/geerlingguy.docker/tasks/docker-1809-shim.yml delete mode 100644 roles/geerlingguy.docker/tasks/docker-compose.yml delete mode 100644 roles/geerlingguy.docker/tasks/docker-users.yml delete mode 100644 roles/geerlingguy.docker/tasks/main.yml delete mode 100644 roles/geerlingguy.docker/tasks/setup-Debian.yml delete mode 100644 roles/geerlingguy.docker/tasks/setup-RedHat.yml delete mode 100644 roles/geerlingguy.docker/templates/override.conf.j2 delete mode 100644 roles/geerlingguy.git/.ansible-lint delete mode 100644 roles/geerlingguy.git/.gitignore delete mode 100644 roles/geerlingguy.git/.travis.yml delete mode 100644 roles/geerlingguy.git/LICENSE delete mode 100644 roles/geerlingguy.git/README.md delete mode 100644 roles/geerlingguy.git/defaults/main.yml delete mode 100644 roles/geerlingguy.git/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.git/meta/main.yml delete mode 100644 roles/geerlingguy.git/molecule/default/molecule.yml delete mode 100644 roles/geerlingguy.git/molecule/default/playbook-source.yml delete mode 100644 roles/geerlingguy.git/molecule/default/playbook.yml delete mode 100644 roles/geerlingguy.git/molecule/default/yaml-lint.yml delete mode 100644 roles/geerlingguy.git/tasks/install-from-source.yml delete mode 100644 roles/geerlingguy.git/tasks/main.yml delete mode 100644 roles/geerlingguy.git/vars/Debian.yml delete mode 100644 roles/geerlingguy.git/vars/Fedora.yml delete mode 100644 roles/geerlingguy.git/vars/RedHat.yml delete mode 100644 roles/geerlingguy.git/vars/main.yml delete mode 100644 roles/geerlingguy.java/.gitignore delete mode 100644 roles/geerlingguy.java/.travis.yml delete mode 100644 roles/geerlingguy.java/LICENSE delete mode 100644 roles/geerlingguy.java/README.md delete mode 100644 roles/geerlingguy.java/defaults/main.yml delete mode 100644 roles/geerlingguy.java/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.java/meta/main.yml delete mode 100644 roles/geerlingguy.java/molecule/default/molecule.yml delete mode 100644 roles/geerlingguy.java/molecule/default/playbook.yml delete mode 100644 roles/geerlingguy.java/molecule/default/tests/test_default.py delete mode 100644 roles/geerlingguy.java/molecule/default/yaml-lint.yml delete mode 100644 roles/geerlingguy.java/tasks/main.yml delete mode 100644 roles/geerlingguy.java/tasks/setup-Debian.yml delete mode 100644 roles/geerlingguy.java/tasks/setup-FreeBSD.yml delete mode 100644 roles/geerlingguy.java/tasks/setup-RedHat.yml delete mode 100644 roles/geerlingguy.java/templates/java_home.sh.j2 delete mode 100644 roles/geerlingguy.java/vars/Debian-8.yml delete mode 100644 roles/geerlingguy.java/vars/Debian-9.yml delete mode 100644 roles/geerlingguy.java/vars/Fedora.yml delete mode 100644 roles/geerlingguy.java/vars/FreeBSD.yml delete mode 100644 roles/geerlingguy.java/vars/RedHat-6.yml delete mode 100644 roles/geerlingguy.java/vars/RedHat-7.yml delete mode 100644 roles/geerlingguy.java/vars/Ubuntu-12.yml delete mode 100644 roles/geerlingguy.java/vars/Ubuntu-14.yml delete mode 100644 roles/geerlingguy.java/vars/Ubuntu-16.yml delete mode 100644 roles/geerlingguy.java/vars/Ubuntu-18.yml delete mode 100644 roles/geerlingguy.jenkins/.ansible-lint delete mode 100644 roles/geerlingguy.jenkins/.gitignore delete mode 100644 roles/geerlingguy.jenkins/.travis.yml delete mode 100644 roles/geerlingguy.jenkins/LICENSE delete mode 100644 roles/geerlingguy.jenkins/README.md delete mode 100644 roles/geerlingguy.jenkins/defaults/main.yml delete mode 100644 roles/geerlingguy.jenkins/handlers/main.yml delete mode 100644 roles/geerlingguy.jenkins/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.jenkins/meta/main.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/java-8.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/molecule.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/playbook-http-port.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/playbook-jenkins-version.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/playbook-plugins-with-home.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/playbook-prefix.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/playbook.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/requirements.yml delete mode 100644 roles/geerlingguy.jenkins/molecule/default/yaml-lint.yml delete mode 100644 roles/geerlingguy.jenkins/tasks/main.yml delete mode 100644 roles/geerlingguy.jenkins/tasks/plugins.yml delete mode 100644 roles/geerlingguy.jenkins/tasks/settings.yml delete mode 100644 roles/geerlingguy.jenkins/tasks/setup-Debian.yml delete mode 100644 roles/geerlingguy.jenkins/tasks/setup-RedHat.yml delete mode 100644 roles/geerlingguy.jenkins/templates/basic-security.groovy.j2 delete mode 100644 roles/geerlingguy.jenkins/vars/Debian.yml delete mode 100644 roles/geerlingguy.jenkins/vars/RedHat.yml delete mode 100644 roles/geerlingguy.nodejs/.ansible-lint delete mode 100644 roles/geerlingguy.nodejs/.gitignore delete mode 100644 roles/geerlingguy.nodejs/.travis.yml delete mode 100644 roles/geerlingguy.nodejs/LICENSE delete mode 100644 roles/geerlingguy.nodejs/README.md delete mode 100644 roles/geerlingguy.nodejs/defaults/main.yml delete mode 100644 roles/geerlingguy.nodejs/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.nodejs/meta/main.yml delete mode 100644 roles/geerlingguy.nodejs/molecule/default/molecule.yml delete mode 100644 roles/geerlingguy.nodejs/molecule/default/playbook-latest.yml delete mode 100644 roles/geerlingguy.nodejs/molecule/default/playbook.yml delete mode 100644 roles/geerlingguy.nodejs/molecule/default/tests/test_default.py delete mode 100644 roles/geerlingguy.nodejs/molecule/default/yaml-lint.yml delete mode 100644 roles/geerlingguy.nodejs/tasks/main.yml delete mode 100644 roles/geerlingguy.nodejs/tasks/setup-Debian.yml delete mode 100644 roles/geerlingguy.nodejs/tasks/setup-RedHat.yml delete mode 100644 roles/geerlingguy.nodejs/templates/npm.sh.j2 delete mode 100644 roles/geerlingguy.pip/.gitignore delete mode 100644 roles/geerlingguy.pip/.travis.yml delete mode 100644 roles/geerlingguy.pip/LICENSE delete mode 100644 roles/geerlingguy.pip/README.md delete mode 100644 roles/geerlingguy.pip/defaults/main.yml delete mode 100644 roles/geerlingguy.pip/meta/.galaxy_install_info delete mode 100644 roles/geerlingguy.pip/meta/main.yml delete mode 100644 roles/geerlingguy.pip/molecule/default/molecule.yml delete mode 100644 roles/geerlingguy.pip/molecule/default/playbook.yml delete mode 100644 roles/geerlingguy.pip/molecule/default/tests/test_default.py delete mode 100644 roles/geerlingguy.pip/molecule/default/yaml-lint.yml delete mode 100644 roles/geerlingguy.pip/tasks/main.yml delete mode 100644 roles/jnv.unattended-upgrades/.editorconfig delete mode 100644 roles/jnv.unattended-upgrades/.gitignore delete mode 100644 roles/jnv.unattended-upgrades/.travis.yml delete mode 100644 roles/jnv.unattended-upgrades/LICENSE delete mode 100644 roles/jnv.unattended-upgrades/README.md delete mode 100644 roles/jnv.unattended-upgrades/defaults/main.yml delete mode 100644 roles/jnv.unattended-upgrades/handlers/main.yml delete mode 100644 roles/jnv.unattended-upgrades/meta/.galaxy_install_info delete mode 100644 roles/jnv.unattended-upgrades/meta/main.yml delete mode 100644 roles/jnv.unattended-upgrades/tasks/main.yml delete mode 100644 roles/jnv.unattended-upgrades/tasks/reboot.yml delete mode 100644 roles/jnv.unattended-upgrades/tasks/unattended-upgrades.yml delete mode 100644 roles/jnv.unattended-upgrades/templates/auto-upgrades.j2 delete mode 100644 roles/jnv.unattended-upgrades/templates/unattended-upgrades.j2 delete mode 100644 roles/jnv.unattended-upgrades/tests/ansible.cfg delete mode 100644 roles/jnv.unattended-upgrades/tests/inventory delete mode 100644 roles/jnv.unattended-upgrades/tests/requirements.yml delete mode 100755 roles/jnv.unattended-upgrades/tests/test.sh delete mode 100644 roles/jnv.unattended-upgrades/tests/test.yml delete mode 100644 roles/jnv.unattended-upgrades/vars/Debian-wheezy.yml delete mode 100644 roles/jnv.unattended-upgrades/vars/Debian.yml delete mode 100644 roles/jnv.unattended-upgrades/vars/Ubuntu.yml create mode 100644 roles/jtom38.ceph/.travis.yml rename roles/{luther38.filebeat => jtom38.ceph}/README.md (100%) create mode 100644 roles/jtom38.ceph/defaults/main.yml create mode 100644 roles/jtom38.ceph/handlers/main.yml rename roles/{luther38.kibana => jtom38.ceph}/meta/main.yml (65%) create mode 100644 roles/jtom38.ceph/tasks/bootstrap.yml create mode 100644 roles/jtom38.ceph/tasks/cluster_config.yml create mode 100644 roles/jtom38.ceph/tasks/install.yml create mode 100644 roles/jtom38.ceph/tasks/main.yml create mode 100644 roles/jtom38.ceph/tasks/seed.yml create mode 100644 roles/jtom38.ceph/templates/bootstrap.log.j2 create mode 100644 roles/jtom38.ceph/templates/release.j2 create mode 100644 roles/jtom38.ceph/templates/ssh.config.j2 rename roles/{luther38.elasticsearch => jtom38.ceph}/tests/inventory (100%) rename roles/{luther38.kibana => jtom38.ceph}/tests/test.yml (75%) create mode 100644 roles/jtom38.ceph/vars/main.yml create mode 100644 roles/jtom38.linux_common/.travis.yml rename roles/{luther38.heartbeat => jtom38.linux_common}/README.md (100%) create mode 100644 roles/jtom38.linux_common/defaults/main.yml create mode 100644 roles/jtom38.linux_common/files/miharu_linux.pub create mode 100644 roles/jtom38.linux_common/handlers/main.yml rename roles/{luther38.elasticsearch => jtom38.linux_common}/meta/main.yml (65%) create mode 100644 roles/jtom38.linux_common/tasks/main.yml rename roles/{luther38.filebeat => jtom38.linux_common}/tests/inventory (100%) rename roles/{luther38.filebeat => jtom38.linux_common}/tests/test.yml (66%) create mode 100644 roles/jtom38.linux_common/vars/main.yml create mode 100644 roles/jtom38.monit/.travis.yml rename roles/{luther38.kibana => jtom38.monit}/README.md (75%) create mode 100644 roles/jtom38.monit/defaults/main.yml create mode 100644 roles/jtom38.monit/handlers/main.yml rename roles/{luther38.filebeat => jtom38.monit}/meta/main.yml (65%) create mode 100644 roles/jtom38.monit/tasks/main.yml create mode 100644 roles/jtom38.monit/templates/conf/filesystems.conf.j2 create mode 100644 roles/jtom38.monit/templates/conf/global.conf.j2 create mode 100644 roles/jtom38.monit/templates/conf/hosts.conf.j2 create mode 100644 roles/jtom38.monit/templates/conf/http.conf.j2 create mode 100644 roles/jtom38.monit/templates/conf/processes.conf.j2 create mode 100644 roles/jtom38.monit/templates/conf/system.conf.j2 create mode 100644 roles/jtom38.monit/templates/scripts/discord.sh.j2 create mode 100644 roles/jtom38.monit/templates/scripts/slack.sh.j2 rename roles/{luther38.heartbeat => jtom38.monit}/tests/inventory (100%) rename roles/{luther38.elasticsearch => jtom38.monit}/tests/test.yml (73%) create mode 100644 roles/jtom38.monit/vars/main.yml delete mode 100644 roles/luther38.elasticsearch/README.md delete mode 100644 roles/luther38.elasticsearch/defaults/main.yml delete mode 100644 roles/luther38.elasticsearch/handlers/main.yml delete mode 100644 roles/luther38.elasticsearch/tasks/install-repo.yml delete mode 100644 roles/luther38.elasticsearch/tasks/main.yml delete mode 100644 roles/luther38.elasticsearch/tasks/ubuntu.yml delete mode 100755 roles/luther38.elasticsearch/templates/elasticsearch.j2 delete mode 100644 roles/luther38.elasticsearch/vars/main.yml delete mode 100644 roles/luther38.filebeat/defaults/main.yml delete mode 100644 roles/luther38.filebeat/handlers/main.yml delete mode 100644 roles/luther38.filebeat/tasks/install-repo.yml delete mode 100644 roles/luther38.filebeat/tasks/main.yml delete mode 100644 roles/luther38.filebeat/tasks/ubuntu.yml delete mode 100644 roles/luther38.filebeat/tasks/windows.yml delete mode 100755 roles/luther38.filebeat/templates/filebeat.j2 delete mode 100644 roles/luther38.filebeat/vars/main.yml delete mode 100644 roles/luther38.heartbeat/archive/config-heartbeat.yml delete mode 100644 roles/luther38.heartbeat/defaults/main.yml delete mode 100644 roles/luther38.heartbeat/handlers/main.yml delete mode 100644 roles/luther38.heartbeat/meta/main.yml delete mode 100644 roles/luther38.heartbeat/tasks/main.yml delete mode 100755 roles/luther38.heartbeat/templates/heartbeat.j2 delete mode 100644 roles/luther38.heartbeat/tests/test.yml delete mode 100644 roles/luther38.heartbeat/vars/main.yml delete mode 100644 roles/luther38.kibana/defaults/main.yml delete mode 100644 roles/luther38.kibana/handlers/main.yml delete mode 100644 roles/luther38.kibana/tasks/install-repo.yml delete mode 100644 roles/luther38.kibana/tasks/main.yml delete mode 100644 roles/luther38.kibana/tasks/ubuntu.yml delete mode 100644 roles/luther38.kibana/templates/kibana.j2 delete mode 100644 roles/luther38.kibana/tests/inventory delete mode 100644 roles/luther38.kibana/vars/main.yml delete mode 100644 roles/luther38.logstash/README.md delete mode 100644 roles/luther38.logstash/defaults/main.yml delete mode 100644 roles/luther38.logstash/handlers/main.yml delete mode 100644 roles/luther38.logstash/meta/main.yml delete mode 100644 roles/luther38.logstash/tasks/install-repo.yml delete mode 100644 roles/luther38.logstash/tasks/main.yml delete mode 100644 roles/luther38.logstash/tasks/ubuntu.yml delete mode 100644 roles/luther38.logstash/templates/logstash.j2 delete mode 100644 roles/luther38.logstash/tests/inventory delete mode 100644 roles/luther38.logstash/tests/test.yml delete mode 100644 roles/luther38.logstash/vars/main.yml delete mode 100644 roles/luther38.metricbeat/README.md delete mode 100644 roles/luther38.metricbeat/archive/config-metricbeat.yml delete mode 100644 roles/luther38.metricbeat/archive/config-win-heartbeat.yml delete mode 100644 roles/luther38.metricbeat/archive/install-metricbeat.yml delete mode 100644 roles/luther38.metricbeat/defaults/main.yml delete mode 100644 roles/luther38.metricbeat/handlers/main.yml delete mode 100644 roles/luther38.metricbeat/meta/main.yml delete mode 100644 roles/luther38.metricbeat/tasks/install-repo.yml delete mode 100644 roles/luther38.metricbeat/tasks/main.yml delete mode 100644 roles/luther38.metricbeat/tasks/ubuntu.yml delete mode 100644 roles/luther38.metricbeat/tasks/windows.yml delete mode 100755 roles/luther38.metricbeat/templates/metricbeat.j2 delete mode 100644 roles/luther38.metricbeat/tests/inventory delete mode 100644 roles/luther38.metricbeat/tests/test.yml delete mode 100644 roles/luther38.metricbeat/vars/main.yml delete mode 100644 roles/luther38.okta/defaults/main.yml delete mode 100644 roles/luther38.okta/tasks/main.yml delete mode 100644 roles/luther38.winlogbeat/README.md delete mode 100644 roles/luther38.winlogbeat/archive/config-winlogbeat.yml delete mode 100644 roles/luther38.winlogbeat/defaults/main.yml delete mode 100644 roles/luther38.winlogbeat/handlers/main.yml delete mode 100644 roles/luther38.winlogbeat/meta/main.yml delete mode 100644 roles/luther38.winlogbeat/tasks/main.yml delete mode 100644 roles/luther38.winlogbeat/tasks/windows.yml delete mode 100644 roles/luther38.winlogbeat/templates/winlogbeat.j2 delete mode 100644 roles/luther38.winlogbeat/tests/inventory delete mode 100644 roles/luther38.winlogbeat/tests/test.yml delete mode 100644 roles/luther38.winlogbeat/vars/main.yml delete mode 100644 roles/sensu.sensu/.gitattributes delete mode 100644 roles/sensu.sensu/.gitignore delete mode 100644 roles/sensu.sensu/.yamllint delete mode 100644 roles/sensu.sensu/CHANGELOG.md delete mode 100644 roles/sensu.sensu/LICENSE delete mode 100644 roles/sensu.sensu/README.md delete mode 100644 roles/sensu.sensu/defaults/main.yml delete mode 100644 roles/sensu.sensu/handlers/main.yml delete mode 100644 roles/sensu.sensu/meta/.galaxy_install_info delete mode 100644 roles/sensu.sensu/meta/main.yml delete mode 100644 roles/sensu.sensu/tasks/Amazon/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/Amazon/main.yml delete mode 100644 roles/sensu.sensu/tasks/Amazon/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/Amazon/redis.yml delete mode 100644 roles/sensu.sensu/tasks/CentOS/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/CentOS/main.yml delete mode 100644 roles/sensu.sensu/tasks/CentOS/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/CentOS/redis.yml delete mode 100644 roles/sensu.sensu/tasks/Debian/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/Debian/main.yml delete mode 100644 roles/sensu.sensu/tasks/Debian/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/Debian/redis.yml delete mode 120000 roles/sensu.sensu/tasks/Fedora/dashboard.yml delete mode 120000 roles/sensu.sensu/tasks/Fedora/main.yml delete mode 100644 roles/sensu.sensu/tasks/Fedora/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/Fedora/redis.yml delete mode 100644 roles/sensu.sensu/tasks/FreeBSD/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/FreeBSD/main.yml delete mode 100644 roles/sensu.sensu/tasks/FreeBSD/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/FreeBSD/redis.yml delete mode 100644 roles/sensu.sensu/tasks/OpenBSD/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/OpenBSD/main.yml delete mode 100644 roles/sensu.sensu/tasks/OpenBSD/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/OpenBSD/redis.yml delete mode 120000 roles/sensu.sensu/tasks/OracleLinux delete mode 120000 roles/sensu.sensu/tasks/RedHat delete mode 100644 roles/sensu.sensu/tasks/SmartOS/client.yml delete mode 100644 roles/sensu.sensu/tasks/SmartOS/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/SmartOS/main.yml delete mode 100644 roles/sensu.sensu/tasks/SmartOS/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/SmartOS/redis.yml delete mode 100644 roles/sensu.sensu/tasks/SmartOS/server.yml delete mode 100644 roles/sensu.sensu/tasks/Ubuntu/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/Ubuntu/main.yml delete mode 100644 roles/sensu.sensu/tasks/Ubuntu/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/Ubuntu/redis.yml delete mode 100644 roles/sensu.sensu/tasks/client.yml delete mode 100644 roles/sensu.sensu/tasks/common.yml delete mode 100644 roles/sensu.sensu/tasks/dashboard.yml delete mode 100644 roles/sensu.sensu/tasks/main.yml delete mode 100644 roles/sensu.sensu/tasks/plugins.yml delete mode 100644 roles/sensu.sensu/tasks/rabbit.yml delete mode 100644 roles/sensu.sensu/tasks/redis.yml delete mode 100644 roles/sensu.sensu/tasks/server.yml delete mode 100644 roles/sensu.sensu/tasks/ssl.yml delete mode 100644 roles/sensu.sensu/tasks/ssl_generate.yml delete mode 100644 roles/sensu.sensu/templates/client.json.j2 delete mode 100644 roles/sensu.sensu/templates/erlang-apt-preferences.j2 delete mode 100644 roles/sensu.sensu/templates/openssl.cnf.j2 delete mode 100644 roles/sensu.sensu/templates/rabbitmq.config.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-api.json.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-api.smartos_smf_manifest.xml.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-client.smartos_smf_manifest.xml.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-freebsd-repo.conf.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-rabbitmq.json.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-redis.json.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-server.smartos_smf_manifest.xml.j2 delete mode 100644 roles/sensu.sensu/templates/sensu-tessen.json.j2 delete mode 100644 roles/sensu.sensu/templates/sensu_enterprise_dashboard_config.json.j2 delete mode 100644 roles/sensu.sensu/templates/sensuclient_openbsd.j2 delete mode 100644 roles/sensu.sensu/templates/transport.json.j2 delete mode 100644 roles/sensu.sensu/templates/uchiwa.sh.j2 delete mode 100644 roles/sensu.sensu/templates/uchiwa.smartos_smf_manifest.xml.j2 delete mode 100644 roles/sensu.sensu/templates/uchiwa_config.json.j2 delete mode 100644 roles/sensu.sensu/templates/uchiwa_freebsd.j2 delete mode 100644 roles/sensu.sensu/vars/Amazon.yml delete mode 100644 roles/sensu.sensu/vars/CentOS.yml delete mode 100644 roles/sensu.sensu/vars/Debian.yml delete mode 100644 roles/sensu.sensu/vars/Fedora.yml delete mode 100644 roles/sensu.sensu/vars/FreeBSD.yml delete mode 100644 roles/sensu.sensu/vars/OpenBSD.yml delete mode 120000 roles/sensu.sensu/vars/OracleLinux.yml delete mode 120000 roles/sensu.sensu/vars/RedHat.yml delete mode 100644 roles/sensu.sensu/vars/SmartOS.yml delete mode 100644 roles/sensu.sensu/vars/Ubuntu.yml delete mode 100644 roles/win_localdircopy/README.md delete mode 100644 roles/win_localdircopy/defaults/main.yml delete mode 100644 roles/win_localdircopy/handlers/main.yml delete mode 100644 roles/win_localdircopy/meta/main.yml delete mode 100644 roles/win_localdircopy/tasks/main.yml delete mode 100644 roles/win_localdircopy/tests/inventory delete mode 100644 roles/win_localdircopy/tests/test.yml delete mode 100644 roles/win_localdircopy/vars/main.yml diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile new file mode 100644 index 0000000..8f0e133 --- /dev/null +++ b/.devcontainer/Dockerfile @@ -0,0 +1,57 @@ + +FROM ubuntu:focal + +ARG USER_NAME=ansible +ARG USER_UID=110 +ARG USER_GID=110 + +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt update -y && \ + apt install -y python3 \ + python3-pip \ + sshpass \ + git \ + libssl-dev \ + curl \ + unzip \ + apt-utils \ + software-properties-common \ + sudo + +#RUN useradd -s /bin/bash --uid ${USER_UID} --gid ${USER_GID} -m ${USER_NAME} + + +RUN curl https://releases.hashicorp.com/terraform/0.13.3/terraform_0.13.3_linux_amd64.zip > /tmp/terraform.zip && \ + unzip -q /tmp/terraform.zip -d /bin/ && \ + /bin/terraform --version + + # Install Docker CE CLI. +RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \ + && add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" \ + && apt-get update \ + && apt-get install -y docker-ce-cli + +RUN pip3 install \ + setuptools \ + molecule \ + #ansible==2.9.11 \ + ansible==2.10.2 \ + # Docker Support + docker \ + # VMWare support + PyVmomi \ + # Azure Support + azure-mgmt-compute \ + azure-mgmt-storage \ + azure-mgmt-resource \ + azure-keyvault-secrets \ + azure-storage-blob \ + # AWS Support + boto \ + boto3 \ + botocore + +VOLUME [ "/var/run/docker.sock", '/workspace/'] + +CMD [ "sleep", "infinity" ] diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 0000000..aec7e3c --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,33 @@ +// For format details, see https://aka.ms/vscode-remote/devcontainer.json or this file's README at: +// https://github.com/microsoft/vscode-dev-containers/tree/v0.128.0/containers/azure-ansible +{ + "name": "Ansible Workspace", + "dockerFile": "Dockerfile", + //"image": "docker.pkg.github.com/jtom38/docker-ansible/ansible:2.10.3", + //"image":"jtom38/ansible:2.10.3", + "mounts": [ + // [Optional] Anisble Collections: Uncomment if you want to mount your local .ansible/collections folder. + // "source=${localEnv:HOME}${localEnv:USERPROFILE}/.ansible/collections,target=/root/.ansible/collections,type=bind,consistency=cached", + "source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind" + ], + // Set *default* container specific settings.json values on container create. + "settings": { + "terminal.integrated.shell.linux": "/bin/bash" + }, + // Add the IDs of extensions you want installed when the container is created. + "extensions": [ + "vscoss.vscode-ansible", + "redhat.vscode-yaml", + "ms-vscode.azurecli", + "ms-azuretools.vscode-docker", + "samuelcolvin.jinjahtml" + ], + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], + // Use 'postCreateCommand' to run commands after the container is created. + "postCreateCommand": "ansible --version && ansible-galaxy install -r requirements.yml", + // Uncomment when using a ptrace-based debugger like C++, Go, and Rust + // "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], + // Uncomment to connect as a non-root user. See https://aka.ms/vscode-remote/containers/non-root. + // "remoteUser": "vscode" +} \ No newline at end of file diff --git a/.gitignore b/.gitignore index 9e78778..f200f97 100644 --- a/.gitignore +++ b/.gitignore @@ -2,11 +2,17 @@ *.retry *.swp +*.ignore.* + +# Ignore the roles path as production roles are handled with requirements.yml +roles/* + +# Ignore collections +collections/ # OSX files .DS_Store - # Ansible Inventory hosts win_hosts @@ -20,4 +26,5 @@ hosts.d .vagrant # Debug files -ansible-vars.all \ No newline at end of file +ansible-vars.all +res.json diff --git a/.vscode/settings.json b/.vscode/settings.json index ad63129..2f09f51 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -4,5 +4,6 @@ "okta", "specialcounsel", "vault" - ] + ], + "python.pythonPath": "/System/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python" } \ No newline at end of file diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index 3681975..0000000 --- a/Vagrantfile +++ /dev/null @@ -1,78 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -# All Vagrant configuration is done below. The "2" in Vagrant.configure -# configures the configuration version (we support older styles for -# backwards compatibility). Please don't change it unless you know what -# you're doing. -Vagrant.configure("2") do |config| - # The most common configuration options are documented and commented below. - # For a complete reference, please see the online documentation at - # https://docs.vagrantup.com. - - # Every Vagrant development environment requires a box. You can search for - # boxes at https://vagrantcloud.com/search. - config.vm.box = "generic/ubuntu1804" - - # Disable automatic box update checking. If you disable this, then - # boxes will only be checked for updates when the user runs - # `vagrant box outdated`. This is not recommended. - # config.vm.box_check_update = false - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine. In the example below, - # accessing "localhost:8080" will access port 80 on the guest machine. - # NOTE: This will enable public access to the opened port - # config.vm.network "forwarded_port", guest: 80, host: 8080 - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine and only allow access - # via 127.0.0.1 to disable public access - # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" - - # Create a private network, which allows host-only access to the machine - # using a specific IP. - # config.vm.network "private_network", ip: "192.168.33.10" - - # Create a public network, which generally matched to bridged network. - # Bridged networks make the machine appear as another physical device on - # your network. - #config.vm.network "public_network", type: "dhcp" - - # Share an additional folder to the guest VM. The first argument is - # the path on the host to the actual folder. The second argument is - # the path on the guest to mount the folder. And the optional third - # argument is a set of non-required options. - # config.vm.synced_folder "../data", "/vagrant_data" - - # Provider-specific configuration so you can fine-tune various - # backing providers for Vagrant. These expose provider-specific options. - # Example for VirtualBox: - # - config.vm.provider "virtualbox" do |vb| - # Display the VirtualBox GUI when booting the machine - vb.gui = false - - # Customize the amount of memory on the VM: - vb.memory = "512" - vb.cpus = 1 - - vb.name = "1804" - - vb.customize ["modifyvm", "1804", "--natdnshostresolver1", "on"] - vb.customize ["modifyvm", "1804", "--natdnsproxy1", "on"] - end - # - # View the documentation for the provider you are using for more - # information on available options. - - # Enable provisioning with a shell script. Additional provisioners such as - # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the - # documentation for more information about their specific syntax and use. - config.vm.provision "shell", inline: <<-SHELL - #apt-get update - #sudo apt update - #sudo apt upgrade - - SHELL -end diff --git a/ansible.cfg b/ansible.cfg index 3b10962..f8a2e6f 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -11,7 +11,7 @@ # some basic default values... -inventory = ./inventory/home.yaml +inventory = ./inventory/ #library = /usr/share/my_modules/:./modules/ # Looks like modules can only be pointed to a single directory @@ -67,8 +67,11 @@ local_tmp = ~/.ansible/tmp # ansible_facts. # inject_facts_as_vars = True +# Paths to search for collections, colon separated +collections_paths = ./collections/:~/.ansible/collections:/usr/share/ansible/collections + # additional paths to search for roles in, colon separated -roles_path = ./roles/:/etc/ansible/roles +roles_path = ./roles/:~/Documents/Github/ansible-project/:/etc/ansible/roles # uncomment this to disable SSH key host checking #host_key_checking = False @@ -111,7 +114,7 @@ roles_path = ./roles/:/etc/ansible/roles # logging is off by default unless this path is defined # if so defined, consider logrotate -#log_path = /var/log/ansible.log +#log_path = ./ansible.log # default module name for /usr/bin/ansible #module_name = command @@ -198,7 +201,7 @@ vault_password_file = ./.ansible_vault #callback_plugins = /usr/share/ansible/plugins/callback #connection_plugins = /usr/share/ansible/plugins/connection #lookup_plugins = /usr/share/ansible/plugins/lookup -#inventory_plugins = /usr/share/ansible/plugins/inventory +#inventory_plugins = ./plugins/inventory:/usr/share/ansible/plugins/inventory #vars_plugins = /usr/share/ansible/plugins/vars #filter_plugins = /usr/share/ansible/plugins/filter #test_plugins = /usr/share/ansible/plugins/test diff --git a/ci/ansible-job-common/docker/jenkinsfile b/ci/ansible-job-common/docker/jenkinsfile new file mode 100644 index 0000000..676b0b8 --- /dev/null +++ b/ci/ansible-job-common/docker/jenkinsfile @@ -0,0 +1,92 @@ +pipeline { + //agent any + agent { + docker { + image 'jtom38/ansible:2.10.3' + args '-u 0:0' + } + } + triggers { + cron('H 2 * * 7') + } + environment { + GIT_BRANCH='dev' + GIT_URL='https://github.com/jtom38/ansible.git' + ANSIBLE_VAULT_FILE='./.ansible_vault' + + // This will allow us to not pass + ANSIBLE_HOST_KEY_CHECKING='False' + + DISCORD_HOOK=credentials('discord-mm-hook') + DISCORD_JOB_NAME='ansible-job-common' + DISCORD_FOOTER='Jenkins Automation' + } + stages { + stage('Checkout-Code') { + steps { + sh ''' #!/bin/bash + #echo "Cleaning up old builds" + #rm ./gitAnsible -f -r + + git clone ${GIT_URL} gitAnsible || echo "skip checkout" + cd ./gitAnsible + git checkout ${GIT_BRANCH} + git pull + ''' + } + } + stage('Set-Secret') { + steps { + withCredentials([file(credentialsId: 'ansible-vault-file', variable: 'FILE')]) { + sh '''#!/bin/bash + echo "Set Vault File" + cp $FILE ./gitAnsible/.ansible_vault + ''' + } + } + } + stage('Get-Galaxy-Requirements'){ + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-galaxy install -r requirements.yml + ''' + } + } + stage('Run-Linux-Common') { + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-playbook ./playbook/linux/common.yml -i ./inventory + ''' + } + } + stage('Run-Docker-Common') { + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-playbook ./playbook/docker/common.yml -i ./inventory + ''' + } + } + stage('Run-MediaServer-Common') { + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-playbook ./playbook/docker/mediaserver/common.yml -i ./inventory + ''' + } + } + } + + post { + always { + sh 'rm -f ./gitAnsible/.ansible_vault' + discordSend description: "Job Status is "+currentBuild.currentResult+"!", footer: env.DISCORD_FOOTER, link: env.BUILD_URL, result: currentBuild.currentResult, title: env.DISCORD_JOB_NAME, webhookURL: env.DISCORD_HOOK + } + /* + success {} + failure {} + */ + } +} diff --git a/ci/ansible-job-common/k8s/jenkinsfile b/ci/ansible-job-common/k8s/jenkinsfile new file mode 100644 index 0000000..6ef6021 --- /dev/null +++ b/ci/ansible-job-common/k8s/jenkinsfile @@ -0,0 +1,71 @@ +pipeline { + environment { + GIT_URL='https://github.com/jtom38/docker-ansible.git' + GIT_PROJECT='docker-ansible' + GIT_BRANCH='main' + DOCKER_USER='jtom38' + DOCKER_IMAGE='ansible' + DOCKER_TAG_1='2.9.11' + DOCKER_TAG_2='2.10.3' + DOCKER_REPO_LOCAL='192.168.1.221:30002' + GITHUB_SITE='docker.pkg.github.com' + TF_VER='0.13.5' + } + agent { + kubernetes{ + //defaultContainer 'docker' + yaml """ +apiVersion: v1 +kind: Pod +spec: + containers: + - name: docker + image: docker + command: ['cat'] + tty: true + volumeMounts: + - name: dockersock + mountPath: /var/run/docker.sock + volumes: + - name: dockersock + hostPath: + path: /var/run/docker.sock + """ + } + } + + + stages { + stage('Pull-Source') { + steps { + sh "git clone ${GIT_URL}" + //sh 'git checkout ${GIT_BRANCH}' + } + } + stage('Build-Image-2.9') { + steps { + container('docker') { + sh 'docker build -t ${DOCKER_USER}/${DOCKER_IMAGE}:${DOCKER_TAG_1} ${GIT_PROJECT}/ --build-arg ANSIBLE_VER=${DOCKER_TAG_1} --build-arg TF_VER=${TF_VER}' + } + } + } + stage('Build-Image-2.10') { + steps { + container('docker'){ + sh 'docker build -t ${DOCKER_USER}/${DOCKER_IMAGE}:${DOCKER_TAG_2} ${GIT_PROJECT}/ --build-arg ANSIBLE_VER=${DOCKER_TAG_2} --build-arg TF_VER=${TF_VER}' + } + } + } + } + post { + always { + container('docker') { + sh 'docker rmi ${DOCKER_USER}/${DOCKER_IMAGE}:${DOCKER_TAG_1}' + sh 'docker rmi ${DOCKER_USER}/${DOCKER_IMAGE}:${DOCKER_TAG_2}' + //catch ( echo 'Did not find ${DOCKER_USER}/${DOCKER_IMAGE}:${DOCKER_TAG_1} to remove.' ) + //sh 'docker rmi ${DOCKER_REPO_LOCAL}/${DOCKER_IMAGE}:${DOCKER_TAG_1}' + //catch ( ) + } + } + } +} \ No newline at end of file diff --git a/ci/ansible-job-mediaback-backup/jenkinsfile b/ci/ansible-job-mediaback-backup/jenkinsfile new file mode 100644 index 0000000..58fbc06 --- /dev/null +++ b/ci/ansible-job-mediaback-backup/jenkinsfile @@ -0,0 +1,78 @@ +pipeline { + //agent any + agent { + docker { + image 'jtom38/ansible:2.10.3' + args '-u 0:0' + } + } + triggers { + cron('H 2 * * 6') + } + environment { + GIT_BRANCH='dev' + GIT_URL='https://github.com/jtom38/ansible.git' + ANSIBLE_VAULT_FILE='./.ansible_vault' + ANSIBLE_HOST_KEY_CHECKING='False' + DISCORD_HOOK=credentials('discord-mm-hook') + DISCORD_JOB_NAME='ansible-job-mediaback-backup' + DISCORD_FOOTER='Jenkins Automation' + } + stages { + stage('Checkout-Code') { + steps { + sh ''' #!/bin/bash + git clone ${GIT_URL} gitAnsible || echo "skip checkout" + cd ./gitAnsible + git checkout ${GIT_BRANCH} + git pull + ''' + } + } + stage('Set-Secret') { + steps { + withCredentials([file(credentialsId: 'ansible-vault-file', variable: 'FILE')]) { + sh '''#!/bin/bash + echo "Set Vault File" + cp $FILE ./gitAnsible/.ansible_vault + ''' + } + } + } + stage('Get-Galaxy-Requirements'){ + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-galaxy install -r requirements.yml + ''' + } + } + stage('Run-MediaBack-Backup') { + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-playbook ./playbook/docker/mediaserver/back/backup.yml -i ./inventory + ''' + } + } + stage('Run-MediaBack-Deploy') { + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-playbook ./playbook/docker/mediaserver/back/deploy.yml -i ./inventory + ''' + } + } + } + + post { + always { + sh 'rm -f ./gitAnsible/.ansible_vault' + discordSend description: "Job Status is "+currentBuild.currentResult+"!", footer: env.DISCORD_FOOTER, link: env.BUILD_URL, result: currentBuild.currentResult, title: env.DISCORD_JOB_NAME, webhookURL: env.DISCORD_HOOK + } + /* + success {} + failure {} + */ + } +} diff --git a/ci/ansible-job-newsbot-backup/jenkinsfile b/ci/ansible-job-newsbot-backup/jenkinsfile new file mode 100644 index 0000000..64abb74 --- /dev/null +++ b/ci/ansible-job-newsbot-backup/jenkinsfile @@ -0,0 +1,78 @@ +pipeline { + //agent any + agent { + docker { + image 'jtom38/ansible:2.10.3' + args '-u 0:0' + } + } + triggers { + cron('H 2 * * 6') + } + environment { + GIT_BRANCH='dev' + GIT_URL='https://github.com/jtom38/ansible.git' + ANSIBLE_VAULT_FILE='./.ansible_vault' + ANSIBLE_HOST_KEY_CHECKING='False' + DISCORD_HOOK=credentials('discord-mm-hook') + DISCORD_JOB_NAME='ansible-job-newsbot-backup' + DISCORD_FOOTER='Jenkins Automation' + } + stages { + stage('Checkout-Code') { + steps { + sh ''' #!/bin/bash + git clone ${GIT_URL} gitAnsible || echo "skip checkout" + cd ./gitAnsible + git checkout ${GIT_BRANCH} + git pull + ''' + } + } + stage('Set-Secret') { + steps { + withCredentials([file(credentialsId: 'ansible-vault-file', variable: 'FILE')]) { + sh '''#!/bin/bash + echo "Set Vault File" + cp $FILE ./gitAnsible/.ansible_vault + ''' + } + } + } + stage('Get-Galaxy-Requirements'){ + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-galaxy install -r requirements.yml + ''' + } + } + stage('Run-MediaBack-Backup') { + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-playbook ./playbook/docker/newsbot/backup.yml -i ./inventory + ''' + } + } + stage('Run-MediaBack-Deploy') { + steps { + sh '''#!/bin/bash + cd ./gitAnsible + ansible-playbook ./playbook/docker/newsbot/deploy.yml -i ./inventory + ''' + } + } + } + + post { + always { + sh 'rm -f ./gitAnsible/.ansible_vault' + discordSend description: "Job Status is "+currentBuild.currentResult+"!", footer: env.DISCORD_FOOTER, link: env.BUILD_URL, result: currentBuild.currentResult, title: env.DISCORD_JOB_NAME, webhookURL: env.DISCORD_HOOK + } + /* + success {} + failure {} + */ + } +} diff --git a/inventory/group_vars/ceph-primary.yml b/inventory/group_vars/ceph-primary.yml new file mode 100644 index 0000000..ab92f6e --- /dev/null +++ b/inventory/group_vars/ceph-primary.yml @@ -0,0 +1,3 @@ + +ceph_primary: true + diff --git a/inventory/group_vars/duckdns.yml b/inventory/group_vars/duckdns.yml new file mode 100644 index 0000000..6aa92f7 --- /dev/null +++ b/inventory/group_vars/duckdns.yml @@ -0,0 +1,8 @@ +duckdns_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 37306161633536613837613762313935343430386136363432363662656232353630616533383961 + 3062333265616463336631313938343731326133306263330a313261376266373663633432393238 + 65336430396335643135373233376336303162316335333361643264653761346238396534313162 + 3262386535373266300a373662383064363364393461643739306631613430366264386335336261 + 32376332376537363637316630313065333763616637616162383764613165336363316231613566 + 3466303038646163633631633632323537393536666131356162 \ No newline at end of file diff --git a/inventory/group_vars/kube-fs.yml b/inventory/group_vars/kube-fs.yml new file mode 100644 index 0000000..ac6e53c --- /dev/null +++ b/inventory/group_vars/kube-fs.yml @@ -0,0 +1,22 @@ +--- +# Inventory vars for the 'kube-fs' host +monit_filesystems: + - name: root + path: / + when: + - usage: '> 80%' + tries: 1 + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + + - name: 'mnt/data' + path: '/mnt/data' + when: + - usage: '> 80%' + tries: 1 + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + + diff --git a/inventory/group_vars/kube-master.yml b/inventory/group_vars/kube-master.yml new file mode 100644 index 0000000..3cb15ee --- /dev/null +++ b/inventory/group_vars/kube-master.yml @@ -0,0 +1,142 @@ +--- +# Inventory vars for the 'kube-master' host +kubernetes_role: master + + + +monit_hosts: + - name: jenkins + group: kube + address: 192.168.1.247 + when: + - http: + enabled: true + username: '' + password: '' + port: 80 + protocol: http + request: '/login' + then: + alert: false + exec: "{{ monit_discord_alert_script }}" + restart: false + + - name: pihole + group: kube + address: 192.168.1.248 + when: + - http: + enabled: true + username: '' + password: '' + port: 80 + protocol: http + request: '/' + then: + alert: false + exec: "{{ monit_discord_alert_script }}" + restart: false + - name: nextcloud + group: kube + address: 192.168.1.249 + when: + - http: + enabled: true + username: '' + password: '' + port: 80 + protocol: http + request: '/' + then: + alert: false + exec: "{{ monit_discord_alert_script }}" + restart: false + + - name: search + group: kube + address: 192.168.1.251 + when: + - http: + enabled: true + protocol: http + username: '' + password: '' + port: 80 + request: '/' + then: + alert: false + exec: "{{ monit_discord_alert_script }}" + restart: false + - name: get + group: kube + address: 192.168.1.252 + when: + - http: + enabled: true + username: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 63653338356435333664323436633063663132623530356162653130313435363761613633623266 + 3237623031353935626131346461303034373433366136640a323436613831646432356566626564 + 31653733346164383363373238343534613662613636346334646539636134386365656334333638 + 3037626533363965630a373537363563373566613237663635363132353563656262363939316635 + 3565 + password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32383461323230323435386635316166353461316237356138666335363734333338353131303536 + 3032383231323461336565303231316338666436313361630a343332383163333932363734653734 + 62653266623764333335663335623162616235323232653936663166393436633734303363373662 + 6330363538616166320a353063653863613862373834303331666138333836313530313132613962 + 3034 + port: 80 + protocol: http + request: '/' + then: + alert: false + exec: "{{ monit_discord_alert_script }}" + restart: false + - name: son + group: kube + address: 192.168.1.253 + when: + - http: + enabled: true + username: '' + password: '' + port: 80 + protocol: http + request: '/' + then: + alert: false + exec: "{{ monit_discord_alert_script }}" + restart: false + + - name: registry + group: kube + address: 192.168.1.250 + when: + - http: + enabled: true + username: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 63653338356435333664323436633063663132623530356162653130313435363761613633623266 + 3237623031353935626131346461303034373433366136640a323436613831646432356566626564 + 31653733346164383363373238343534613662613636346334646539636134386365656334333638 + 3037626533363965630a373537363563373566613237663635363132353563656262363939316635 + 3565 + password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32383461323230323435386635316166353461316237356138666335363734333338353131303536 + 3032383231323461336565303231316338666436313361630a343332383163333932363734653734 + 62653266623764333335663335623162616235323232653936663166393436633734303363373662 + 6330363538616166320a353063653863613862373834303331666138333836313530313132613962 + 3034' + port: 443 + protocol: https + request: '/v2' + then: + alert: false + exec: "{{ monit_discord_alert_script }}" + restart: false + + + diff --git a/inventory/group_vars/kube-node.yml b/inventory/group_vars/kube-node.yml new file mode 100644 index 0000000..4bef8be --- /dev/null +++ b/inventory/group_vars/kube-node.yml @@ -0,0 +1 @@ +kubernetes_role: "node" diff --git a/inventory/group_vars/kube.yml b/inventory/group_vars/kube.yml new file mode 100644 index 0000000..2eda225 --- /dev/null +++ b/inventory/group_vars/kube.yml @@ -0,0 +1,56 @@ + +kube_fs_ip: 192.168.1.222 +kube_fs_mount: /mnt/data + +monit_processes: + - name: ssh + pidfile: '/var/run/sshd.pid' + matching: '' + start: '/bin/systemctl start ssh' + stop: '/bin/systemctl stop ssh' + timeout: '30 seconds' + when: + - type: 'totalmem' + usage: '> 80%' + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + + - name: 'kubelet' + pidfile: '' + matching: 'kubelet' + start: '/bin/systemctl start kubelet' + stop: '/bin/systemctl stop kubelet' + timeout: '30 seconds' + when: + - type: 'totalmem' + usage: '> 80%' + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + + - name: docker + pidfile: '/var/run/docker.pid' + matching: '' + start: '/bin/systemctl start docker' + stop: '/bin/systemctl stop docker' + timeout: '30 seconds' + when: + - type: 'totalmem' + usage: '> 80%' + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + + - name: containerd + pidfile: '' + matching: containerd + start: '/bin/systemctl start containerd' + stop: '/bin/systemctl stop containerd' + timeout: '30 seconds' + when: + - type: 'totalmem' + usage: '> 80%' + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" diff --git a/inventory/group_vars/linux-all.yml b/inventory/group_vars/linux-all.yml new file mode 100644 index 0000000..66d87f8 --- /dev/null +++ b/inventory/group_vars/linux-all.yml @@ -0,0 +1,199 @@ +--- + +# Vars file for linux group +ansible_user: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32323438633437386234366165646365303038656639396632313933396431376136343837393738 + 6131653037623836383032613766653233656338303566330a653938333062363432643365316133 + 61626164383063636362343362663133653964646139386635626365373564306238306566633930 + 3139363666373864620a656336653633376539616337303361333936313462623963643861646166 + 3364 +ansible_password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 63363131623134643365366432393962613032383931613663353233356334316536326334333739 + 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 + 65643166363565343562663937343866623035356639333635636432333363653463666433303035 + 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 + 6231 +ansible_connection: ssh +ansible_become_method: sudo +ansible_become_pass: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 63363131623134643365366432393962613032383931613663353233356334316536326334333739 + 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 + 65643166363565343562663937343866623035356639333635636432333363653463666433303035 + 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 + 6231 +ansible_python_interpreter: /usr/bin/python3 + +ansible_ssh_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 34393539356664633665366432336234313864616432636133613432393565343436326338613161 + 6435306431303866383037383434333138333534623262320a383539363161313532626362666434 + 65396432373635646666323834303530616439376565663235643664336665343133336230396334 + 6164303235383565370a363961366162346464633132353061346538373034343835613561333533 + 63343933303936326533386563613430383832656366653239636463663032333762306461363238 + 37623734363130356235373330643763333635346136613331643030666434356131346566343064 + 39306534646361376333643834393162323839343762333564343465343136643464356531353732 + 30336662656665626561306633343533346465353065333937663039363666323130613936656332 + 66336566653239323235363336376564366365363735663136366635396338336432656634633866 + 33393936373539626661353461313238646430633139346434343936373137653836616438396261 + 62643739666463653832373065373064333939366636663735363930613436356631313531303232 + 37343832663166663733306331303034333530633362363433303062643362333532626638663464 + 32393661376238376562376232643862363733343865313330616538363166343062303332616538 + 64646538646538356561323131666233633737393438633937623237323562356232303431313865 + 34396531633835323965643664623830663039356438373563616463626430333430626132313531 + 37336536306638356532663436363730663662363064366332383534383866363532383633336663 + 34303566303761616630383537373566393834306164616134626135393434626637633666396234 + 66326233633061393162343638373130356562656432343734633539336131613934643830633837 + 35346238316131333537343066343033613565373762363463366539383234326332333735353330 + 65373462633262326331363563356537353038306132636132366530646430363864656333656362 + 64643562623630316135316232336434666237643834326630303439336132636131383039353161 + 62306637303866333436613539393664353835393637353061356633613263633335623138663361 + 33366462303735623666663232393165316235313064663830663732643834346135343938666463 + 66353037353031613063353263376162353562663062653733636635306465633965626439613965 + 32666536626133376166636330323366393064646137333134343530316565626366623137633766 + 64396138316436646639393336643535626162343930633036663838613438353761373132626531 + 30633833343831346538383039376661313866643065363762353238326335393934353839656132 + 34646434353465653837636335373930373763363764623161333930366431633333306434393539 + 3463 + +# Webhook info for sending messages to servers +discord_corgi_hook: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 61336238643261633430303664386565333131313636663235663733656538633165623438333030 + 3739316137393937646162313266636563656132653866620a653465643138323363376263383931 + 62666461333464393165383466333764303235613562313631353239306664373761393663656533 + 3166663432313933320a333332383737616337336562623435623131653935353165316266356133 + 33343166616161343734376465666563313932333864343230623339326562653435323862623031 + 38376666326536393034306161636563633061383239323330326232326165383538323266323736 + 65313736656530653261646562646161643062616533363633633935653566373362366539623030 + 30313331323661616438303031633666343231353837383561613666653937616265613533306436 + 65343435363937393732316333633961376635343332316132396238383435653364616138386438 + 6634346462383838636264656436326361316535393139636436 +discord_test_hook: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 61333433653661666235306562643161626638313734383966326536313539376362643636636135 + 6631396661666430326365393136363161366661386261350a653566663034303065336433623433 + 30326637343438646531313461323435316164623264363330326538613431366633346238343561 + 3931613531373935390a323961386639623033393233363839383366303963363333623732383432 + 34353334373264643136396633393133323764656233393037366132303866383537316666636336 + 35636530643532633930393262336266346561336662633765303861363763313866376238616631 + 30646137303933653932613834353337386338666535313966343963346363323534633262363064 + 37363833653835623730346638393136343039343730653231626438376638666139386635323538 + 65303666333566323538373335363565646134643034373039326164633736373036333634363135 + 3235656231373565656335646461663838613738326362663535 + +discord_mm_hook: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 33636534323837333466613165383738343332636530643864623464353461666164376231393839 + 6431363038633835383330303230363034363562626439300a376563373061636562353339346165 + 36303364616564306361663731373062653432613732616538323361626431343965663536383332 + 6337326631366239330a373232663265306530303166393634643430373438656236366262353962 + 35323739336561313434333066393731326639636239373935383663386230373662376564663630 + 36373239386335643061306564343838306663306362326631393765623335316438363762393931 + 63383965363634626662663238383965643036303438326230623635366363643661393039316430 + 62356465356433643639326265646237653231376466346664633862353563376266303238663766 + 32613665626238363338343131623666306431313961653937333436343136633232346332393566 + 3537666436643536373361393932353430636337386162623735 + +discord_mmt_hook: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 31366161353962386638363763353665353934346338343539323465643131333263333463643137 + 3334353838303063393133666539376431646330663339380a353139343630396237643463653761 + 66613232633238366466323464363866346261643730643634396665323036373864363239386563 + 3536333261626662330a326666306235623230613334356563373535353431626538633937366530 + 38356533616265353432653034666537323638643664636630626534653065333564613337326531 + 32343530376465386630323366383165306334643136363637313538663165393435623363633564 + 35343061366332353035643338363161306534306264633931356265353362343536656333366365 + 62656330653136663434313364643331333164383063306566663030363439386431633531303764 + 35633437326538353230646366323163366663663364646464626336636433386664393937366639 + 3762303365626430653532653633633663653265666139313638 + +# Used with geerlingguy.ntp +ntp_enabled: true +ntp_timezone: 'America/Los_Angeles' + +zsh_backup: false +zsh_ohmyzsh_install: /home/miharu +zsh_plugins: git ansible dotenv + +# Used with +unattended_automatic_reboot: true + +# Monit + + + +monit_alert_discord: + deploy: true + webhook: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 36326161303166663837313931653436636531373434353964663766363566336231653063303831 + 6239666434326439333362313961663638303866653735640a626363363031646236613039353263 + 37343331353138303562653237636638623965656133353731383265343164393037323363643666 + 3863643462376538630a613430323030656530386638643537643430343339666561373863656539 + 35663934623331613332343538326334633361333566623466646235396134386237306536646238 + 65653634343537616534303237663763653065333333663266306237363561626132343638613363 + 31636133626635663666386663363332653465336265656433353332643638396235343934646432 + 34333839666637613234666562633130343536663534396433393164306135376435363434356565 + 39386439613861383433656666613231653636363864646564656564613866623934653539313036 + 6664326337363335343236383362663134383464396539356263 + username: 'Monit' + +monit_processes: + - name: ssh + pidfile: '/var/run/sshd.pid' + matching: '' + start: '/bin/systemctl start ssh' + stop: '/bin/systemctl stop ssh' + timeout: '30 seconds' + when: + - type: 'totalmem' + usage: '> 80%' + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + + +monit_system: + hostname: "{{ ansible_hostname }}" + when: + - type: cpu + usage: "usage (user) > 80%" + cycles: 5 + alert: false + exec: "{{ monit_discord_alert_script }}" + - type: cpu + usage: "usage (system) > 30%" + cycles: 5 + alert: false + exec: "{{ monit_discord_alert_script }}" + - type: cpu + usage: "usage (wait) > 20%" + cycles: 5 + alert: false + exec: "{{ monit_discord_alert_script }}" + + - type: memory + usage: "usage > 90%" + cycles: 5 + alert: false + exec: "{{ monit_discord_alert_script }}" + + - type: swap + usage: "usage > 50%" + cycles: 5 + alert: false + exec: "{{ monit_discord_alert_script }}" + +monit_filesystems: + - name: root + path: / + when: + - usage: '> 80%' + tries: 1 + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + diff --git a/inventory/group_vars/localhost.yml b/inventory/group_vars/localhost.yml new file mode 100644 index 0000000..b9d79a6 --- /dev/null +++ b/inventory/group_vars/localhost.yml @@ -0,0 +1,12 @@ +discord_mm_hook: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 33636534323837333466613165383738343332636530643864623464353461666164376231393839 + 6431363038633835383330303230363034363562626439300a376563373061636562353339346165 + 36303364616564306361663731373062653432613732616538323361626431343965663536383332 + 6337326631366239330a373232663265306530303166393634643430373438656236366262353962 + 35323739336561313434333066393731326639636239373935383663386230373662376564663630 + 36373239386335643061306564343838306663306362326631393765623335316438363762393931 + 63383965363634626662663238383965643036303438326230623635366363643661393039316430 + 62356465356433643639326265646237653231376466346664633862353563376266303238663766 + 32613665626238363338343131623666306431313961653937333436343136633232346332393566 + 3537666436643536373361393932353430636337386162623735 \ No newline at end of file diff --git a/inventory/group_vars/mediaserver-back.yml b/inventory/group_vars/mediaserver-back.yml new file mode 100644 index 0000000..d8aa6b4 --- /dev/null +++ b/inventory/group_vars/mediaserver-back.yml @@ -0,0 +1,8 @@ +--- + +pathDockerRoot: "/docker" +pathConfig: "/docker/cfg" +pathDownloads: "/docker/downloads" +pathNfsBackup: "/docker/nfs/backup" +pathNfsMedia: "/docker/nfs/media" +pathNfsSync: "/docker/nfs/sync" \ No newline at end of file diff --git a/inventory/group_vars/mediaserver.yml b/inventory/group_vars/mediaserver.yml new file mode 100644 index 0000000..e3fc8f2 --- /dev/null +++ b/inventory/group_vars/mediaserver.yml @@ -0,0 +1,19 @@ +--- + +# local dir +pathDockerRoot: "/docker" +pathConfig: "{{ pathDockerRoot }}/cfg" +pathNfs: "{{ pathDockerRoot }}/nfs" +pathBackups: "/tmp/backups" + +# nfs dir +pathNfsBackup: "{{ pathNfs }}/backup" +pathNfsMedia: "{{ pathNfs }}/media" +pathNfsSync: "{{ pathNfs }}/sync" +#pathNfsTmp: "{{ pathNfs }}/tmp" +pathNfsTmp: "/docker/tmp/" +pathMedia: "{{ pathDockerRoot }}/media" +nfsAddress: 192.168.1.85 +nfsDockerConfig: "docker" +nfsMedia: "plex" +dockerNetwork: mediaserver diff --git a/inventory/group_vars/newsbot.yml b/inventory/group_vars/newsbot.yml new file mode 100644 index 0000000..f66c192 --- /dev/null +++ b/inventory/group_vars/newsbot.yml @@ -0,0 +1,153 @@ +--- + +twitter_api_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 61313764363239636663663835393231396638623262366231383530323634383031633935626663 + 6232633432356134356334616238643865616663316631370a346536666166376533663338393037 + 39386632363636343131316363303564623232623766613863396261666230643765623836313030 + 3262373162363837660a376232363736643439313564636565383132323033643562363031386633 + 38373561376338363062326131326265373931663633643434646531363934333430 + +twitter_api_key_secret: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35383761623635613065653933303063616166666165353838613865383434343831633636363339 + 3064373731653633653963363932353232633030663133610a643634363830336666336266316133 + 30343864643330323064316465313265353065633637333537626461613235356366313966623866 + 3031326432333534630a396566643032376638306232303631356164663662326634313234653861 + 31396435633936393461316539316431383131656566656539353463633833353465633337613737 + 36376165366136636164653261633161663733623962643532316337613637623837626137656664 + 643731343233353966393236393661346335 + +twitch_client_id: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 39346539366562656137366431643765316334313037336265326635306266643030303335316339 + 3336633332386634393063373961623465653439376166370a303764336436323062343537366464 + 34313164663661303739333039346461663035376338303331326465393639356335663863323239 + 6464303266613533340a643162333939313462653763313862383662616436373563343838653330 + 37383166383535383639323632376135623363613737353235313237303965613437 + +twitch_client_secret: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35626166373436633664313230396131626335363539666431623538333733393334306363633236 + 6461313061343463633065353139333330396466616639640a656433633936323436346433656337 + 66623433653836356261643030623730386563633332626335373865333231636437376532313535 + 6330616464636235340a363965373461616161616530323035613762376363616364663634303936 + 65343432616264383263366566646238316335663134323664663065373366333935 + +mm_pogo_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 36373534636139616466663237373165386134353466343961303064313731316531343733623065 + 3866366430376362633332353061386531626461353465320a323639636538376238383037643530 + 32613532363465346630306561346432613565636263613832623136396462616663303431633932 + 3938623565646631640a643466643563393333653066313230373862613839326366613066643761 + 30303731386634323339623234623933333936646262383963373865633366633965633536393764 + 38663032386138303862363537386365623439666532326432336565663766613066366539346561 + 62316132353637373434626639353164616637646438333239616634623936303632306634343465 + 63326134633636613335633436653062313566323066343736356635653934386633396466643461 + 65666137323066323938663938333266366564646636623130326631363763336637326430313230 + 65393939323830396232343532626431383835653034616435373961346465656531636530623635 + 37373164656332653133336464653738383830306561326639373063636635663365363235343437 + 64616163643763343732353930623537656663303136376565333639313362336665346633306430 + 61383864323033363332343663663139636263623637326236626336356163356231643835666463 + 33666165396438313837393534383331386630666130653663353533386238613336306233306537 + 64623538666532623933616566623966346439383465656639386266376130323764316162306639 + 65323163643333373332333065636363343761316632656363333463626137353531666532346439 + 6164 + +mm_pso2_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35393664303332376363616663366438613866636166643037653439663061646361386337313462 + 6636356464373361363435613933313263613630363566350a363166623933616364386566363366 + 38336634396536643865666235353263623662653330323438303063616232643934386666303439 + 3739356265313164300a306234346635626539303331613338353936636565383139333433636231 + 32633537353630306163646664613562343264306537353934666631613964303336646232386263 + 65366364333631663864306536663438626532353764336139636464376662316231323432313538 + 35646538626237306233616339643733303738353433303531396166633563333162376439333264 + 38343038626165303561623834313964363165646235626561623137393963363834383430386331 + 33626663346466383864303037386565386638653439373262323637306562376335306637366435 + 6663386531313636663932356162303962306434306136323865 + +mm_ffxiv_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 65393564633762333836353430656232346566323132346335623633633637633262313534316438 + 6133333037383733636261383332653864313430383539370a626163373536303832326562653666 + 38353164653966633264373237636130613333383563356164303665653939333966356564643534 + 3838366237383161380a663239663332653565333833373563396430613138633763633062353132 + 61643630343138653135356230383932383738373734373961336636353465343364623665623031 + 64316534663161623231303132393266666264396230353730373134636461656664343837383037 + 34646538643432323166643532393864363266336432346462353364633432393265376433656639 + 38653562653261613864313130373830396336623034333862613939336132383639653439363435 + 37626561613739386263643666613964356338656438323930373564346331613138323534303434 + 3235343836616230336132323661656337396238343231316463 + +mm_programmer_humor_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 39646538326463373964303866356139383565316563653334623662343730373266343264656436 + 6663313664326536656562383330313733363066356338630a353833306464373133313930303933 + 34636564333033333264636461326630623564643632663565623734376266613062383362323032 + 3562653435626130610a393337646136666434373630313565356665613534323133363735613038 + 38633033366238613833636364303033663166363138666531626439386261656566646432356636 + 61376664333439363436343861346564393966343335313033373765393538393438353831633834 + 65373333383465626634383832623739323538616565666665626634383962306534623035306666 + 30653038393730306162356266656635326163653564663037353238313039373164616165356265 + 32393262356537646633646431326465636564653639643863633561623966396534343461656533 + 38653937626662633661646136346333316263653137353430363638306663343362303334393138 + 32313963383937393632343037656461303961313561323636333336653339313038626338366637 + 35356535643834643336303534306237643261663638333830643163353430363933616663383139 + 63366630646563313737376535336566386334393732653936623534356363643933643133316561 + 33383431636630643362303137633136303437616538656431383134396136636635333139333664 + 31613439373263653663383361383463346663363330616337376535316331326332306330633133 + 32353039343832386662666436313465626137303730383934656231383464373464626533313139 + 3362 + +mm_lrr_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 65383633363536373265663466363134306663613065613061633363316465383236303634643465 + 3364323031353630663338333635613435656466386264610a373162333135643335306439393365 + 66383937636336316136613330343232363531656262373663663039356432316662333839326162 + 6339353538383464380a643464346363656262663030643362313536613466343635323064393661 + 31626264663532333738356235336539623531653063333537343065663335346261333165666265 + 34303732313566613238326563653137636537333631653132643637623832393832623666616535 + 62333363343930313131323663396464653665356133383737356130323630643161343265316234 + 61616335343266333439323138306635383965626162643466376339386236653463623333393966 + 30343739313661313638613338353639376536356564633836323937313034343735383732363863 + 3231633864663530636366326130356262326335323633636432 + +mm_genshin_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35663738356138653465316333653838376638613166313237666537383162366434333535333437 + 6565653834313534303863653738386265383831633561390a323865373661643530336434333235 + 33373161626362643338313732643633336530643837366330626362353436353635383065303461 + 3533366263633736650a363438643531653637393436623466626639306162333932303466383062 + 33663038316434613635363239366336323736666563343130373261346666306334366164663138 + 30333936393432373462663639633366323530323262383463333334353463633834643730396361 + 30656439303466363536366136356534643936333962306333303037336435396465613562316662 + 66396432373364376664346531373564333362636461303062363435616439653939363230656233 + 64643438373330386335333837666163613738386538383063663165663636393234306430323431 + 3666366162613137386662303961306564363264616662633136 + +mm_happyfeed_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35356264383331666662333834313637643936653765613637613163663939636130663732653566 + 6265616462306533326639633437363337613565353865300a343633343238663731373162363162 + 32616238313834633661353138396562386338363433363332616165373031326132653561353531 + 3130636139373264660a336333303962636436663336396339326233363332663061663964323637 + 32376434356339313666396133373238373138353237656666613966613739363136386639373735 + 65663462383536613437353262383566323661643530316234393139303734383234653431616362 + 61356533383539333435376163666232326265366537336262376234633465663738643662353563 + 35316632376165376466333666663761346638303935313531303062646336353134396334303464 + 30386537346565343332663963326337333965313436316363303033643034643131343537616463 + 6431623162383762353230373534663737643938656636626239 + +sin_newsbot_hooks: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 66386134653336623134663031343166663365396664636563623664636365323462356562306462 + 6137626235306431336439343966636365663632396562650a643134646334633663653339373730 + 62383235353136613234623032663037313934313363643232333463323439633038303532333165 + 3261353335653434330a303637313966613862613537656135636137663934653530323532313136 + 36656465393835333264313037353766346432633535303735636461346161316433383363663438 + 35373735623234396662626237663766393437333931643738393165656431636166666338633565 + 32636636656264306266613539326566653930383336386431646462336632613563626531616662 + 62306331303331323134323738646165613433303430323937663764336135386438313937316461 + 65626234343566646435663834366633323038613332323232636235383933623432333366646137 + 3133366634306166376464393738613231343166393266636237 \ No newline at end of file diff --git a/inventory/home.yaml b/inventory/home.yaml deleted file mode 100644 index 8d413da..0000000 --- a/inventory/home.yaml +++ /dev/null @@ -1,89 +0,0 @@ - -all: - children: - linux-all: - hosts: - 192.168.0.60: - 192.168.0.76: - vars: - ansible_user: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 32323438633437386234366165646365303038656639396632313933396431376136343837393738 - 6131653037623836383032613766653233656338303566330a653938333062363432643365316133 - 61626164383063636362343362663133653964646139386635626365373564306238306566633930 - 3139363666373864620a656336653633376539616337303361333936313462623963643861646166 - 3364 - ansible_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63363131623134643365366432393962613032383931613663353233356334316536326334333739 - 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 - 65643166363565343562663937343866623035356639333635636432333363653463666433303035 - 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 - 6231 - ansible_connection: ssh - ansible_become_method: sudo - ansible_become_pass: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63363131623134643365366432393962613032383931613663353233356334316536326334333739 - 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 - 65643166363565343562663937343866623035356639333635636432333363653463666433303035 - 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 - 6231 - ansible_python_interpreter: /usr/bin/python3 - docker: - hosts: - 192.168.0.76: - vars: - ansible_user: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 32323438633437386234366165646365303038656639396632313933396431376136343837393738 - 6131653037623836383032613766653233656338303566330a653938333062363432643365316133 - 61626164383063636362343362663133653964646139386635626365373564306238306566633930 - 3139363666373864620a656336653633376539616337303361333936313462623963643861646166 - 3364 - ansible_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63363131623134643365366432393962613032383931613663353233356334316536326334333739 - 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 - 65643166363565343562663937343866623035356639333635636432333363653463666433303035 - 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 - 6231 - ansible_connection: ssh - ansible_become_method: sudo - ansible_become_pass: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63363131623134643365366432393962613032383931613663353233356334316536326334333739 - 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 - 65643166363565343562663937343866623035356639333635636432333363653463666433303035 - 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 - 6231 - ansible_python_interpreter: /usr/bin/python3 - mediaserver: - hosts: - 192.168.0.76: - vars: - ansible_user: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 32323438633437386234366165646365303038656639396632313933396431376136343837393738 - 6131653037623836383032613766653233656338303566330a653938333062363432643365316133 - 61626164383063636362343362663133653964646139386635626365373564306238306566633930 - 3139363666373864620a656336653633376539616337303361333936313462623963643861646166 - 3364 - ansible_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63363131623134643365366432393962613032383931613663353233356334316536326334333739 - 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 - 65643166363565343562663937343866623035356639333635636432333363653463666433303035 - 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 - 6231 - ansible_connection: ssh - ansible_become_method: sudo - ansible_become_pass: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 63363131623134643365366432393962613032383931613663353233356334316536326334333739 - 3130663431363561373437353262313430623131363864350a393064636161613232633036303139 - 65643166363565343562663937343866623035356639333635636432333363653463666433303035 - 6134646432353330630a343839643163323733623265356261306661396332326465656561633734 - 6231 - ansible_python_interpreter: /usr/bin/python3 - \ No newline at end of file diff --git a/inventory/inv.yaml b/inventory/inv.yaml new file mode 100644 index 0000000..ae41eb1 --- /dev/null +++ b/inventory/inv.yaml @@ -0,0 +1,94 @@ + +all: + children: + linux-all: + hosts: + + children: + kube: + kube-fs: + docker: + jenkins: + ceph: + + docker: + hosts: + 192.168.1.243: + 192.168.1.244: + + 192.168.1.226: + + mediaserver: + children: + #192.168.1.243: + #192.168.1.244: + mediaserver-front: + #mediaserver-back: + + mediaserver-back: + hosts: + 192.168.1.244: + mediaserver-front: + hosts: + 192.168.1.226: + + newsbot: + hosts: + 192.168.1.244: + duckdns: + hosts: + 192.168.1.244: + pihole: + hosts: + 192.168.1.223: + + jenkins: + hosts: + 192.168.1.246: + + ceph: + children: + ceph-primary: + ceph-node: + + ceph-primary: + hosts: + #fs01.k8s.home.local: + 192.168.1.222: + vars: + ceph_primary: true + + ceph-node: + hosts: + #fs02.k8s.home.local: + 192.168.1.225: + vars: + ceph_primary: false + +kube: + children: + kube-master: + kube-node: + +kube-master: + hosts: + # master.k8s.home.local: + 192.168.1.221: # master + +kube-node: + hosts: + #node01.k8s.home.local: + #node02.k8s.home.local: + #node03.k8s.home.local: + 192.168.1.223: # node01 + # 192.168.1.224: # node02 + # 192.168.1.226: # node03 + # 192.168.1.225: # node04 + +kube_media_node: + hosts: + 192.168.1.223: + +kube-fs: + hosts: + fs01.k8s.home.local: \ No newline at end of file diff --git a/jenkinsfile b/jenkinsfile new file mode 100644 index 0000000..8eafe9b --- /dev/null +++ b/jenkinsfile @@ -0,0 +1,56 @@ +pipeline { + //agent any + agent { + docker { + image 'ansible:2.9.11' + args '-u 0:0' + } + } + environment { + GIT_BRANCH='dev' + GIT_URL='https://github.com/jtom38/ansible.git' + ANSIBLE_VAULT_FILE='./.ansible_vault' + ANSIBLE_HOST_KEY_CHECKING='False' + } + stages { + stage('Checkout-Code') { + steps { + sh ''' #!/bin/bash + echo "Checking where we start" + pwd + + echo "Checking current dir" + ls + + echo "Checking active user" + whoami + + echo "Cleaning up old builds" + rm ./gitAnsible -f -r + + git clone ${GIT_URL} gitAnsible + cd ./gitAnsible + git checkout ${GIT_BRANCH} + ''' + } + } + stage('Get-Galaxy-Requirements'){ + steps { + sh '''#!/bin/bash + pwd + cd ./gitAnsible + ansible-galaxy install -r requirements.yml + ''' + } + } + stage('Run-Linux-Common') { + steps { + withCredentials([file(credentialsId: 'ansible-vault-file', variable: 'FILE')]) { + sh '''#!/bin/bash + ansible-playbook ./gitAnsible/playbook/linux/common.yml -i ./gitAnsible/inventory --vault-password-file $FILE + ''' + } + } + } + } +} diff --git a/makefile b/makefile new file mode 100644 index 0000000..655a21d --- /dev/null +++ b/makefile @@ -0,0 +1,12 @@ +.PHONY: help +help: ## Shows this help command + @egrep -h '\s##\s' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}' + +build-image-2.9: + docker build -t ansible:2.9.11 ./.devcontainer/ + +build-image-2.10: + docker build -t ansible:2.10 ./.devcontainer/Dockerfile_210 + +install-requirements: ## Install Ansible Galaxy Requirements + ansible-galaxy install -r requirements.yml diff --git a/modules/discord.py b/modules/discord.py new file mode 100644 index 0000000..6190304 --- /dev/null +++ b/modules/discord.py @@ -0,0 +1,178 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright: (c) 2019, James Tombleson +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + + + +from ansible.module_utils.basic import AnsibleModule +from ansible.module_args.urls import fetch_url +import json + +ANSIBLE_METADATA = { + 'metadata_version': '1.0', + 'status': ['preview'], + 'supported_by': 'community' +} + +DOCUMENTATION = ''' +--- +module: discord_webhook + +short_description: This module sends messages to a discord webhook. + +version_added: "2.4" + +description: + - "This is my longer description explaining my test module" + +options: + webhook_url: + description: + - This defines where ansible will send the json payload for discord to intake. + required: true + content: + description: + - This defines the message that will be presented within the payload. + required: true + + username: + description: + - This will allow you to overwrite the default webhook name. + - Useful for when different services use the same webhook. + required: false + + avatar_url: + description: + - Add a URL here if you want to overwrite the default avatar image configured on the webhook. + required: false + + +author: + - James Tombleson (github.com/luther38) +''' + +EXAMPLES = ''' +# Pass in a message +- name: Test with a message + my_test: + name: hello world + +# pass in a message and have changed true +- name: Test with a message and changed output + my_test: + name: hello world + new: true + +# fail the module +- name: Test failure of the module + my_test: + name: fail me +''' + +RETURN = ''' +original_message: + description: The original name param that was passed in + type: str + returned: always +message: + description: The output message that the test module generates + type: str + returned: always +''' + + +def run_module(): + # define available arguments/parameters a user can pass to the module + + + # seed the result dict in the object + # we primarily care about changed and state + # change is if this module effectively modified the target + # state will include any data that you want your module to pass back + # for consumption, for example, in a subsequent task + result = dict( + changed=False, + original_message='', + message='' + ) + + # the AnsibleModule object will be our abstraction working with Ansible + # this includes instantiation, a couple of common attr would be the + # args/params passed to the execution, as well as if the module + # supports check mode + module = AnsibleModule( + argument_spec=module_args, + supports_check_mode=True + ) + + # if the user is working with this module in only check mode we do not + # want to make any changes to the environment, just return the current + # state with no modifications + if module.check_mode: + module.exit_json(**result) + + # manipulate or modify the state as needed (this is going to be the + # part where your module will do what it needs to do) + result['original_message'] = module.params['name'] + result['message'] = 'goodbye' + + # use whatever logic you need to determine whether or not this module + # made any modifications to your target + if module.params['new']: + result['changed'] = True + + # during the execution of the module, if there is an exception or a + # conditional state that effectively causes a failure, run + # AnsibleModule.fail_json() to pass in the message and the result + if module.params['name'] == 'fail me': + module.fail_json(msg='You requested this to fail', **result) + + # in the event of a successful module execution, you will want to + # simple AnsibleModule.exit_json(), passing the key/value results + module.exit_json(**result) + +def basic(ansibleModule): + + headers = '{ "Content-Type": "application/json" }' + payload = { + 'content': ansibleModule.argument_spec['content'] + } + resp, info = fetch_url( + module=payload, + url= ansibleModule.argument_spec['webhook_url'], + headers= json.loads(headers), + method='GET') + + if info['status'] != 204: + ansibleModule.fail_json(msg="Fail: ") + + pass + +def main(): + module = AnsibleModule( + argument_spec= dict( + webhook_url =dict(type='str', required=True), + content =dict(type='str', required=True), + username =dict(type='str', required=False), + avatar_url =dict(type='str', required=False) + ), + supports_check_mode= True + ) + + result = dict( + changed= False, + original_message= '', + message= '' + ) + + if module.check_mode: + return result + + basic(module) + + #run_module() + +if __name__ == '__main__': + main() \ No newline at end of file diff --git a/playbook/debug/roleTest.yml b/playbook/debug/roleTest.yml new file mode 100644 index 0000000..d0c624a --- /dev/null +++ b/playbook/debug/roleTest.yml @@ -0,0 +1,39 @@ +--- + +- name: testing role + hosts: localhost + vars: + + + + tasks: +# - include_role: +# name: ansible_discord_webhook +# vars: +# discord_message: "HI! I am nothing more then a test playbook\nPlease save me." + + - name: Test if the container is alive + uri: + url: http://192.168.0.242:32401/web/index.html + method: GET + ignore_errors: true + register: PlexStatus + + - debug: + msg: "{{ PlexStatus }}" + + - name: Send Service Alive + include_role: + name: ansible_discord_webhook + vars: + discord_webhook: "{{ corgi_ansible }}" + discord_message: "Plex Status: OK\nDebug: {{ PlexStatus.msg }}" + when: PlexStatus.status == 200 + + - name: Service Offline + include_role: + name: ansible_discord_webhook + vars: + discord_webhook: "{{ corgi_ansible }}" + discord_message: "Plex Status: Offline\nDebug: {{ PlexStatus.msg }}" + when: PlexStatus.status == -1 diff --git a/playbook/docker/InstallDocker.yml b/playbook/docker/InstallDocker.yml deleted file mode 100644 index 1264536..0000000 --- a/playbook/docker/InstallDocker.yml +++ /dev/null @@ -1,56 +0,0 @@ - -- name: Install Docker CE - hosts: linux - - tasks: - - name: Check if Docker is installed - #failed_when: "'Failed' Docker was already installed." - apt: - name: docker - state: absent - - - name: Install dependancies - become: true - become_method: sudo - apt: - name: "{{ packages }}" - # state: absent - vars: - packages: - - apt-transport-https - - ca-certificates - - curl - - gnupg-agent - - software-properties-common - - - name: Install Docker GPG key - become: true - become_method: sudo - apt_key: - url: "https://download.docker.com/linux/ubuntu/gpg" - state: present - id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 - - - name: Install Docker Repo - become: true - become_method: sudo - apt_repository: - repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu/ {{ ansible_distribution_release }} stable" - state: present - - - name: Update Repos - become: true - become_method: sudo - apt: - update_cache: yes - - - name: Install Docker - become: true - become_method: sudo - apt: - name: "{{ packages }}" - vars: - packages: - - docker-ce - - docker-ce-cli - - containerd.io diff --git a/playbook/docker/archive/collins.yml b/playbook/docker/archive/collins.yml new file mode 100644 index 0000000..67df5d5 --- /dev/null +++ b/playbook/docker/archive/collins.yml @@ -0,0 +1,30 @@ +--- + +- name: Maintain Collins + hosts: localhost + + tasks: + - name: Determine OSX Vars + set_fact: + path_root: ~/docker + when: ansible_distribution == "MacOSX" + + - name: stop collins + docker_container: + name: collins + state: stopped + ignore_errors: yes + + - name: update collins + docker_image: + name: 'tumblr/collins' + tag: latest + + - name: Deploy Collins + docker_container: + name: collins + image: 'tumblr/collins' + state: started + restart_policy: unless-stopped + ports: + - 9001:9000 \ No newline at end of file diff --git a/playbook/docker/archive/deploy-awx.yml b/playbook/docker/archive/deploy-awx.yml new file mode 100644 index 0000000..0b81594 --- /dev/null +++ b/playbook/docker/archive/deploy-awx.yml @@ -0,0 +1,18 @@ +--- + +- name: install awx + hosts: awx + become: true + vars: + #nodejs_version: "6.x" + pip_install_packages: + - name: docker + + roles: + #- geerlingguy.repo-epel + - geerlingguy.git + - geerlingguy.ansible + - geerlingguy.docker + - geerlingguy.pip + - geerlingguy.nodejs + - geerlingguy.awx diff --git a/playbook/docker/archive/gitea_stack.yml b/playbook/docker/archive/gitea_stack.yml new file mode 100644 index 0000000..e610488 --- /dev/null +++ b/playbook/docker/archive/gitea_stack.yml @@ -0,0 +1,83 @@ +--- +- name: Deploy Gitea + hosts: swarm-host + become: true + vars: + containers: + - "gitea_app_1" + - "gitea_db_1" + images: + - "postgres" + - "gitea/gitea:latest" + vols: + - "gitea_data" + - "gitea_sql" + + tasks: + + - name: stop containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ containers }}" + ignore_errors: true + + - name: Pull images + docker_image: + name: "{{ item }}" + source: pull + loop: "{{ images }}" + + - name: deploy containers + docker_stack: + state: present + name: gitea + compose: + #project_name: gitea + #definition: + - version: "3" + + networks: + gitea: + external: false + + volumes: + gitea_data: + gitea_sql: + + services: + app: + image: gitea/gitea:latest + environment: + - USER_UID=1000 + - USER_GID=1000 + - DB_TYPE=postgres + - DB_HOST=db:5432 + - DB_NAME=gitea + - DB_USER=gitea + - DB_PASSWD=gitea + restart: always + networks: + - gitea + volumes: + - gitea_data:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "3000:3000" + - "222:22" + depends_on: + - db + + db: + image: postgres + restart: always + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + networks: + - gitea + volumes: + - gitea_sql:/var/lib/postgresql/data + diff --git a/playbook/docker/archive/nagios.yml b/playbook/docker/archive/nagios.yml new file mode 100644 index 0000000..64c053b --- /dev/null +++ b/playbook/docker/archive/nagios.yml @@ -0,0 +1,17 @@ +--- + +- name: deploy nagios core + hosts: awx + become: true + + tasks: + - include_role: + name: nagioscore + vars: + nagios_action: install + pathEtc: '/docker/nagios/etc' + pathVar: '/docker/nagios/var' + pathPlugins: '/docker/nagios/plugins' + pathNagiosGraphVar: '/docker/nagios/graph/var' + pathNagiosGraphEtc: '/docker/nagios/graph/etc' + port: 8080 diff --git a/playbook/docker/archive/portainer.yml b/playbook/docker/archive/portainer.yml new file mode 100644 index 0000000..7cda1fa --- /dev/null +++ b/playbook/docker/archive/portainer.yml @@ -0,0 +1,48 @@ +--- + +# This maintains the portainer host + +- name: maintain portainer host + hosts: portainer + become: true + vars: + d_name: portainer + d_image: "{{ d_name }}/{{ d_name }}" + d_data: "/docker/{{ d_name }}" + + tasks: + #- include_role: + # name: common + # vars: + # docker: true + + - name: Confirm portainer folder + file: + path: "{{ d_data }}" + state: directory + + - name: Check is portainer exists + docker_container: + name: "{{ d_name }}" + image: "{{ d_image }}" + state: stopped + register: cfg_portainer + ignore_errors: true + + - name: Update portainer image if we can + docker_image: + name: "{{ d_image }}" + tag: latest + + - name: deploy portainer container + docker_container: + name: "{{ d_name }}" + image: "{{ d_image }}" + restart_policy: unless-stopped + ports: + - 8000:8000 + - 9000:9000 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - "{{ d_data }}/data:/data" + diff --git a/playbook/docker/archive/portainer_agents.yml b/playbook/docker/archive/portainer_agents.yml new file mode 100644 index 0000000..e69de29 diff --git a/playbook/docker/archive/rancher.yml b/playbook/docker/archive/rancher.yml new file mode 100644 index 0000000..4788f95 --- /dev/null +++ b/playbook/docker/archive/rancher.yml @@ -0,0 +1,42 @@ +--- + +- name: DSC Rancher + hosts: rancher + become: true + + tasks: + - include_role: + name: common + vars: + linux: true + docker: true + + - name: Stop rancher if found + docker_container: + name: rancher + state: stopped + ignore_errors: yes + + - name: download/update rancher + docker_image: + name: rancher/rancher + + - name: Start Rancher + docker_container: + name: rancher + image: 'rancher/rancher' + state: started + network_mode: host + #env: + + #ports: + # - 80:80 + # - 443:443 + #volumes: + # - "{{ hydra_config }}:/config" + # - "{{ pathConfig }}/hydra:/config" + # - "{{ pathDownloads }}:/downloads" + #networks: + # - name: "{{ dockerNetwork }}" + + diff --git a/playbook/docker/archive/rancher_workers.yml b/playbook/docker/archive/rancher_workers.yml new file mode 100644 index 0000000..1358792 --- /dev/null +++ b/playbook/docker/archive/rancher_workers.yml @@ -0,0 +1,57 @@ +--- + +- name: Manage Rancher Workers + hosts: rancher-worker + become: true + vars: + token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 30613833333861303239396233323731343562623565303962393536393462306336643534383235 + 6637613737633931653532613463353838366261303765320a616464653364613737396265313739 + 62363131353535386434616431343432393439636662363130616363616334656534326134623932 + 6466613036363633360a343033373765646334643639383530343834656661643265363463303434 + 37653032383161396265633433356433623463386165386538626366366665333361363939613364 + 33343964623037356162643661666165666562366535656638663537653034626161636239306332 + 316239663536613064353830333936326465 + ca: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 66303462636433643737393864633234346333386139653762383330333661373337626462393063 + 6433333266303337343937346231303661323039373135620a316263303734393537393232623932 + 66396534613032666430613139636533616130353131653263646532326537343066383662366261 + 3262306262393932390a646132323834363033363934376639396466396661346530323539326236 + 61313263626134653963653433653234353061626135373738366361343134323331323737623632 + 63386463306437306661363734666561366166326330646434626338323065373731616137616564 + 62613563306666376664333564316435313431643336386466303164663363383032343431356263 + 31623761653032636235 + + tasks: + - include_role: + name: common + vars: + #linux: true + #docker: true + + - name: stop agent if found + docker_container: + name: rancherworker + state: stopped + ignore_errors: true + + - name: start agent + docker_container: + name: rancherworker + image: rancher/rancher-agent:v2.3.2 + state: started + network_mode: host + privileged: true + restart_policy: unless-stopped + command: --worker --etcd --controlplane + env: + server=https://192.168.0.241 + #token=krgdcfchvhprzstmwgbsmzz2qj8kmcrgc8q26wpdklr9kfpdqgg5sg + "token={{ token }}" + #ca-checksum=a7077c8e0381f72a7091eda6e617a16b2259227113f66d042a453767174b2dbb + volumes: + - "/etc/kubernetes:/etc/kubernetes" + - "/var/run:/var/run" +# --worker \ No newline at end of file diff --git a/playbook/docker/common.yml b/playbook/docker/common.yml new file mode 100644 index 0000000..7d29bb7 --- /dev/null +++ b/playbook/docker/common.yml @@ -0,0 +1,52 @@ +--- + +- name: Configure defaults for docker servers + hosts: docker + become: true + vars: + install_podmon: false + + tasks: + - name: install pip packages + pip: + name: "{{ pipPacks }}" + state: present + vars: + pipPacks: + - docker + - docker-compose + - jsondiff + + # Does not work yet + - name: Install Podmon + block: + - name: Add Repo + apt_repository: + repo: deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ + state: absent + filename: devel:kubic:libcontainers:stable.list + + - name: update apt + apt: + update_cache: true + name: podmon + when: install_podmon == true + + + - name: install docker + include_role: + name: geerlingguy.docker + + - name: make /docker folder + file: + path: "/docker" + state: directory + + - name: make 'docker' group + shell: groupadd docker + ignore_errors: true + + - name: add users to 'docker' group + shell: gpasswd -a miharu docker + ignore_errors: true + diff --git a/playbook/docker/duckdns.yml b/playbook/docker/duckdns.yml new file mode 100644 index 0000000..ef7423a --- /dev/null +++ b/playbook/docker/duckdns.yml @@ -0,0 +1,38 @@ +--- +- name: Deploy DuckDNS + hosts: duckdns + become: true + tasks: + - name: stop containers + docker_container: + name: duckdns_app_1 + state: absent + ignore_errors: true + + - name: Pull images + docker_image: + name: linuxserver/duckdns:latest + source: pull + + - name: deploy containers + docker_compose: + project_name: duckdns + definition: + version: "2" + + networks: + duckdns: + external: false + + services: + app: + image: linuxserver/duckdns:latest + environment: + SUBDOMAINS: luther38 + TOKEN: "{{ duckdns_token }}" + restart: always + networks: + - duckdns + + + diff --git a/playbook/docker/foldingathome.yml b/playbook/docker/foldingathome.yml new file mode 100644 index 0000000..698154c --- /dev/null +++ b/playbook/docker/foldingathome.yml @@ -0,0 +1,26 @@ + +- name: Deploy Folding@home + hosts: mediaserver-back + become: true + + tasks: + - name: deploy containers + docker_compose: + project_name: gitea + definition: + version: "2" + services: + app: + image: johnktims/folding-at-home:latest + restart: always + volumes: + - /docker/cfg/gitea/data:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "3000:3000" + - "222:22" + depends_on: + - db + + diff --git a/playbook/docker/gitea.yml b/playbook/docker/gitea.yml new file mode 100644 index 0000000..f84efff --- /dev/null +++ b/playbook/docker/gitea.yml @@ -0,0 +1,72 @@ +--- +- name: Deploy Gitea + hosts: mediaserver-back + become: true + vars: + containers: + - "gitea_app_1" + - "gitea_db_1" + images: + - "postgres" + - "gitea/gitea:latest" + + tasks: + + - name: stop containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ containers }}" + ignore_errors: true + + + - name: Pull images + docker_image: + name: "{{ item }}" + source: pull + loop: "{{ images }}" + + - name: deploy containers + docker_compose: + project_name: gitea + definition: + version: "2" + networks: + gitea: + external: false + services: + app: + image: gitea/gitea:latest + environment: + - USER_UID=1000 + - USER_GID=1000 + - DB_TYPE=postgres + - DB_HOST=db:5432 + - DB_NAME=gitea + - DB_USER=gitea + - DB_PASSWD=gitea + restart: always + networks: + - gitea + volumes: + - /docker/cfg/gitea/data:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "3000:3000" + - "222:22" + depends_on: + - db + + db: + image: postgres + restart: always + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + networks: + - gitea + volumes: + - /docker/cfg/gitea/sql:/var/lib/postgresql/data + diff --git a/playbook/docker/mediaserver/back/backup.yml b/playbook/docker/mediaserver/back/backup.yml new file mode 100644 index 0000000..56dc9f6 --- /dev/null +++ b/playbook/docker/mediaserver/back/backup.yml @@ -0,0 +1,168 @@ +--- +- name: testing backup plan + hosts: mediaserver-back + become: true + vars: + backup: false + tasks: + - name: Ensure backup location is present + file: + path: /tmp/docker/backup + state: directory + + - name: Backup Search + block: + - set_fact: + pathLocal: /docker/cfg/hydra + container: mediaback_search_1 + + - name: ensure backup dir is present + file: + path: "{{ pathNfsBackup }}/{{ container }}" + state: directory + + - name: Check on old backups + find: + path: "{{ pathNfsBackup }}/{{ container }}" + age: 4w + register: searchRes + + - name: Remove old backups + file: + path: "{{ item.path }}" + state: absent + loop: "{{ searchRes.files }}" + + - name: stop search + docker_container: + name: "{{ container }}" + state: stopped + + - name: generate archive + community.general.archive: + path: "{{ pathLocal }}" + dest: "{{ pathNfsBackup }}/{{ container }}/backup.tgz" + + - name: start start + docker_container: + name: "{{ container }}" + state: started + #when: backup == true + + - name: Backup son + block: + - set_fact: + pathLocal: /docker/cfg/sonarr + container: mediaback_son_1 + + - name: ensure backup dir is present + file: + path: "{{ pathNfsBackup }}/{{ container }}" + state: directory + + - name: Check on old backups + find: + path: "{{ pathNfsBackup }}/{{ container }}" + age: 4w + register: searchRes + + - name: Remove old backups + file: + path: "{{ item.path }}" + state: absent + loop: "{{ searchRes.files }}" + + - name: stop son + docker_container: + name: "{{ container }}" + state: stopped + + - name: generate archive + community.general.archive: + path: "{{ pathLocal }}" + dest: "{{ pathNfsBackup }}/{{ container }}/backup.tgz" + + - name: start son + docker_container: + name: "{{ container }}" + state: started + #when: backup == true + + - name: Backup rad + block: + - set_fact: + pathLocal: /docker/cfg/radarr + container: mediaback_rad_1 + + - name: ensure backup dir is present + file: + path: "{{ pathNfsBackup }}/{{ container }}" + state: directory + + - name: Check on old backups + find: + path: "{{ pathNfsBackup }}/{{ container }}" + age: 4w + register: searchRes + + - name: Remove old backups + file: + path: "{{ item.path }}" + state: absent + loop: "{{ searchRes.files }}" + + - name: stop rad + docker_container: + name: "{{ container }}" + state: stopped + + - name: generate archive + community.general.archive: + path: "{{ pathLocal }}" + dest: "{{ pathNfsBackup }}/{{ container }}/backup.tgz" + + - name: start rad + docker_container: + name: "{{ container }}" + state: started + + #when: backup == true + + - name: Backup get + block: + - set_fact: + pathLocal: /docker/cfg/nzbget + container: mediaback_get_1 + + - name: ensure backup dir is present + file: + path: "{{ pathNfsBackup }}/{{ container }}" + state: directory + + - name: Check on old backups + find: + path: "{{ pathNfsBackup }}/{{ container }}" + age: 4w + register: searchRes + + - name: Remove old backups + file: + path: "{{ item.path }}" + state: absent + loop: "{{ searchRes.files }}" + + - name: stop get + docker_container: + name: "{{ container }}" + state: stopped + + - name: generate archive + community.general.archive: + path: "{{ pathLocal }}" + dest: "{{ pathNfsBackup }}/{{ container }}/backup.tgz" + + - name: start get + docker_container: + name: "{{ container }}" + state: started + \ No newline at end of file diff --git a/playbook/docker/mediaserver/back/deploy.yml b/playbook/docker/mediaserver/back/deploy.yml new file mode 100644 index 0000000..805d904 --- /dev/null +++ b/playbook/docker/mediaserver/back/deploy.yml @@ -0,0 +1,113 @@ + +- name: Configure Media Server + hosts: mediaserver-back + #hosts: swarm-host + become: yes + vars: + update: false + containers: + - mediaback_search_1 + - mediaback_son_1 + - mediaback_get_1 + - mediaback_rad_1 + images: + - 'linuxserver/nzbhydra2:version-v3.9.0' + - 'linuxserver/sonarr:version-2.0.0.5344' + - 'linuxserver/nzbget:version-v21.0' + - 'linuxserver/radarr:version-3.0.1.4259' + + tasks: + - name: stop and remove containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ containers }}" + ignore_errors: yes + + - name: Pull images + docker_image: + name: "{{ item }}" + source: pull + loop: "{{ images }}" + + - name: deploy docker-compose + docker_compose: + project_name: mediaback + definition: + version: "3" + + networks: + mediaback: + ipam: + driver: default + config: + - subnet: 172.16.10.0/16 + + services: + search: + image: "{{ images[0] }}" + restart: always + environment: + - PUID=0 + - PGID=0 + - TZ=Europe/London + ports: + - 5076:5076 + volumes: + - "{{ pathConfig }}/hydra:/config" + - "{{ pathNfsTmp }}:/downloads" + networks: + mediaback: + ipv4_address: 172.16.10.10 + + get: + image: "{{ images[2] }}" + restart: always + environment: + - PUID=0 + - PGID=0 + - TZ=Europe/London + ports: + - 6789:6789 + volumes: + - "{{ pathConfig }}/nzbget:/config" + - "{{ pathNfsTmp }}:/downloads" + networks: + mediaback: + ipv4_address: 172.16.10.11 + son: + image: "{{ images[1] }}" + restart: always + environment: + - PUID=0 + - PGID=0 + - TZ=Europe/London + - UMASK_SET=022 #optional + ports: + - 8989:8989 #http + #- 9898:9898 #https + volumes: + - "{{ pathConfig }}/sonarr:/config" + - "{{ pathNfsMedia }}:/tv" + - "{{ pathNfsTmp}}:/downloads" + networks: + mediaback: + ipv4_address: 172.16.10.12 + + rad: + image: "{{ images[3] }}" + restart: always + environment: + - PUID=0 + - PGID=0 + - TZ=Europe/London + - UMASK_SET=022 #optional + ports: + - 7878:7878 + volumes: + - "{{ pathConfig }}/radarr:/config" + - "{{ pathNfsMedia }}:/movies" + - "{{ pathNfsTmp }}:/downloads" + networks: + mediaback: + ipv4_address: 172.16.10.13 \ No newline at end of file diff --git a/playbook/docker/mediaserver/back/organizr.yml b/playbook/docker/mediaserver/back/organizr.yml new file mode 100644 index 0000000..4045f22 --- /dev/null +++ b/playbook/docker/mediaserver/back/organizr.yml @@ -0,0 +1,19 @@ +--- + +- name: deploy Organizr + hosts: mediaserver-back + become: true + + tasks: + - name: Deploy Organizr + docker_container: + name: mediaback_organizr_1 + state: started + image: organizrtools/organizr-v2 + restart_policy: unless-stopped + ports: + - 8080:80 + volumes: + - "{{ pathConfig }}/organizr:/config" + networks: + - name: "{{ dockerNetwork }}" diff --git a/playbook/docker/mediaserver/back/restarts.yml b/playbook/docker/mediaserver/back/restarts.yml new file mode 100644 index 0000000..f194044 --- /dev/null +++ b/playbook/docker/mediaserver/back/restarts.yml @@ -0,0 +1,55 @@ +--- + +- name: restart all containers + hosts: mediaserver-back + become: true + vars: + host_ip: '192.168.0.76' + containers: + - hydra: + service_port: 5076 + - nzbget: + - sonarr: + - radarr: + + tasks: +# - name: stop containers +# docker_container: +# name: "{{ item }}" +# state: stopped +# loop: "{{ containers }}" + +# - name: start containers +# docker_container: +# name: "{{ item }}" +# state: started +# loop: "{{ containers }}" + +# - name: Wait 3 Minutes before checking services +# wait_for: +# timeout: 180 + + - name: Test Hydra + uri: + url: "http://{{ host_ip }}:{{ containers[0].service_port }}" + method: GET + ignore_errors: true + register: HydraStatus + + - debug: + msg: "{{ HydraStatus }}" + +# - include_role: +# name: luther38.discord_webhook +# vars: +# discord_webhook: "{{ discord_test_hook }}" +# discord_message: "Hydra Status: {{ HydraStatus.status }}\nDebug: {{ HydraStatus.msg }}" +# when: HydraStatus.status == 200 + +# - include_role: +# name: luther38.discord_webhook +# vars: +# discord_webhook: "{{ discord_test_hook }}" +# discord_message: "Hydra Status: Offline\nDebug: {{ HydraStatus.msg }}" +# when: HydraStatus.status == -1 + diff --git a/playbook/docker/mediaserver/back/restore.yml b/playbook/docker/mediaserver/back/restore.yml new file mode 100644 index 0000000..363b7bb --- /dev/null +++ b/playbook/docker/mediaserver/back/restore.yml @@ -0,0 +1,25 @@ +--- + +- name: restore container data + hosts: mediaserver-back + become: true + vars: + container: "nzbget" + mount: 'config' + + tasks: + - name: stop container + docker_container: + name: hydra + state: stopped + + - name: ensure restore point is present + file: + path: "/docker/cfg/{{ container }}" + state: directory + + - name: unarchive old backup + unarchive: + remote_src: true + src: "/docker/nfs/backup/{{ container }}/{{ mount }}.gz" + dest: "/docker/cfg/" diff --git a/playbook/docker/mediaserver/back/status.yml b/playbook/docker/mediaserver/back/status.yml new file mode 100644 index 0000000..5a5ea11 --- /dev/null +++ b/playbook/docker/mediaserver/back/status.yml @@ -0,0 +1,30 @@ +--- + +- name: Check on services + hosts: mediaserver-back + become: true + + tasks: + - include_tasks: task-status-checkup.yml + vars: + container_url: 'http://192.168.0.76:5076' + container_name: Hydra + http_code: 200 + + - include_tasks: task-status-checkup.yml + vars: + container_url: 'http://192.168.0.76:6789' + container_name: Nzbget + http_code: 401 + + - include_tasks: task-status-checkup.yml + vars: + container_url: 'http://192.168.0.76:8989' + container_name: Sonarr + http_code: 200 + + - include_tasks: task-status-checkup.yml + vars: + container_url: 'http://192.168.0.76:7878' + container_name: Radarr + http_code: 200 diff --git a/playbook/docker/mediaserver/back/task-status-checkup.yml b/playbook/docker/mediaserver/back/task-status-checkup.yml new file mode 100644 index 0000000..b7bec3a --- /dev/null +++ b/playbook/docker/mediaserver/back/task-status-checkup.yml @@ -0,0 +1,20 @@ +--- + +- name: Test if the container is alive + uri: + url: "{{ container_url }}" + method: GET + status_code: "{{ http_code }}" + ignore_errors: true + register: status + +#- debug: +# msg: "{{ status }}" + +- include_role: + name: luther38.discord_webhook + vars: + discord_webhook: "{{ discord_test_hook }}" + discord_message: "{{ container_name }}\n - Status: {{ status.status }}\n - Message: {{ status.msg }}" + #when: HydraStatus.status == -1 + diff --git a/playbook/docker/mediaserver/common.yml b/playbook/docker/mediaserver/common.yml new file mode 100644 index 0000000..89e19a8 --- /dev/null +++ b/playbook/docker/mediaserver/common.yml @@ -0,0 +1,68 @@ +--- + +- name: Ensure Mediaserver defaults + hosts: mediaserver + become: true + # vars are stored in inventory + + tasks: + - name: "Ensure {{ pathNfsSync }} exists" + file: + path: "{{ item }}" + state: directory + vars: + folders: + - "{{ pathDockerRoot }}" + - "{{ pathConfig }}" + - "{{ pathNfs }}" + - "{{ pathNfsBackup }}" + - "{{ pathNfsMedia }}" + - "{{ pathNfsSync }}" + loop: "{{ folders }}" + + - name: Ensure {{ pathNfsBackup }} is mounted + mount: + src: "{{ nfsAddress }}:/{{ nfsDockerConfig }}" + path: "{{ pathNfsBackup }}" + fstype: nfs + boot: yes + state: mounted + + - name: Ensure {{ pathNfsMedia }} is mounted + mount: + src: "{{ nfsAddress }}:/{{ nfsMedia }}" + path: "{{ pathNfsMedia }}" + fstype: nfs + boot: yes + state: mounted + + - name: "Ensure {{ pathNfsSync }} is mounted" + mount: + src: "{{ nfsAddress }}:/sync" + path: "{{ pathNfsSync }}" + fstype: nfs + boot: yes + state: mounted + # Going to ignore errors because some nodes are unable to touch this + ignore_errors: true + + - name: "Ensure {{ pathNfsTmp }} is mounted" + mount: + src: "{{ nfsAddress }}:/tmp" + path: "{{ pathNfsTmp }}" + fstype: nfs + boot: yes + state: mounted + # Going to ignore errors because some nodes are unable to touch this + ignore_errors: true + + + - name: install docker pip package + pip: + name: docker + state: present + executable: pip3 + + - name: make docker network + docker_network: + name: "{{ dockerNetwork }}" diff --git a/playbook/docker/mediaserver/front/backup.yml b/playbook/docker/mediaserver/front/backup.yml new file mode 100644 index 0000000..03110b3 --- /dev/null +++ b/playbook/docker/mediaserver/front/backup.yml @@ -0,0 +1,55 @@ +--- +- name: backup frontend services + hosts: mediaserver-front + become: true + + tasks: + - block: + - name: stop container + docker_container: + name: plex + state: stopped + + - name: Copy db files + copy: + remote_src: true + src: '/docker/cfg/plex/Library/Application Support/Plex Media Server/Plug-in Support/Databases/' + dest: '/tmp/docker/backup/plex/' + + - name: Copy logs + copy: + remote_src: true + src: '/docker/cfg/plex/Library/Application Support/Plex Media Server/Plug-in Support/Logs/' + + - name: start container + docker_container: + name: plex + state: started + + - name: Archive db backups + archive: + path: '/tmp/docker/backup/plex/' + dest: '/tmp/docker/backup/plex/databases.gz' + + - name: Ensure nfs has a backup location + file: + path: '/docker/nfs/backup/plex' + state: directory + + - name: Copy archive to a safe place + copy: + src: '/tmp/docker/backup/plex/databases.gz' + dest: '/docker/nfs/backup/plex/databases.gz' + remote_src: true + backup: true + + - name: remove temp files + file: + path: '/tmp/docker/backup/plex' + state: absent + + - include_role: + name: ansible_discord_webhook + vars: + discord_message: "Backup Job:\nJob has finished and services should be back online." + diff --git a/playbook/docker/mediaserver/front/deploy.yml b/playbook/docker/mediaserver/front/deploy.yml new file mode 100644 index 0000000..52db56b --- /dev/null +++ b/playbook/docker/mediaserver/front/deploy.yml @@ -0,0 +1,77 @@ +--- +- name: deploy plex + hosts: mediaserver-front + become: true + vars: + pathDockerRoot: "/docker" + pathConfig: "{{ pathDockerRoot }}/cfg" + pathMedia: "/docker/nfs/media" + update: false + containers: + - plex + - plex_app_1 + - plex_logs_1 + images: + - linuxserver/plex:latest + - tautulli/tautulli + + tasks: + + - name: Stop and remove Containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ containers }}" + ignore_errors: yes + + #- name: Start Plex + # docker_container: + # name: plex + # image: linuxserver/plex:1.18.2.2058-e67a4e892-ls70 + # state: started + # network_mode: host + # restart_policy: unless-stopped + # env: + # PUID=0 + # PGID=0 + # TZ="{{ ntp_timezone }}" + # UMASK_SET=022 + # volumes: + # - "{{ pathConfig }}/plex:/config" + # - "{{ pathMedia }}:/tv" + + - name: Ensure containers are running + docker_compose: + project_name: plex + definition: + version: "3.4" + services: + app: + image: linuxserver/plex:version-1.20.3.3483-211702a9f + environment: + - PUID=0 + - PGID=0 + - TZ="{{ ntp_timezone }}" + - UMASK_SET=022 + restart: always + network_mode: host + volumes: + - "{{ pathConfig }}/plex:/config" + - "{{ pathMedia }}:/tv" + + logs: + image: tautulli/tautulli:v2.6.0 + restart: always + volumes: + - "{{ pathConfig }}/tatulli:/config" + - "{{ pathConfig }}/plex/Library/Application Support/Plex Media Server/Logs:/plex_logs:ro" + environment: + - PUID=0 + - PGID=0 + - TZ="{{ ntp_timezone }}" + - ADVANCED_GIT_BRANCH=master + ports: + - "8181:8181" + + + diff --git a/playbook/docker/mediaserver/front/restarts.yml b/playbook/docker/mediaserver/front/restarts.yml new file mode 100644 index 0000000..6c742cc --- /dev/null +++ b/playbook/docker/mediaserver/front/restarts.yml @@ -0,0 +1,22 @@ +--- + +- name: restart frontend containers + hosts: mediaserver-front + become: true + vars: + containers: + - plex + + tasks: + - name: stop containers + docker_container: + name: "{{ item }}" + state: stopped + loop: "{{ containers }}" + + - name: start containers + docker_container: + name: "{{ item }}" + state: started + loop: "{{ containers }}" + \ No newline at end of file diff --git a/playbook/docker/mediaserver/front/restore.yml b/playbook/docker/mediaserver/front/restore.yml new file mode 100644 index 0000000..64e28ce --- /dev/null +++ b/playbook/docker/mediaserver/front/restore.yml @@ -0,0 +1,25 @@ +--- + +- name: restore frontend + hosts: mediaserver-front + become: true + + tasks: + - name: stop container if active + docker_container: + name: plex + state: stopped + ignore_errors: true + + - name: ensure restore point is ready + file: + path: '/docker/cfg/plex/Library/Application Support/Plex Media Server/Plug-in Support/Databases/' + state: directory + + - name: restore from backup + unarchive: + remote_src: true + src: '/docker/nfs/backup/plex/databases.gz' + dest: '/docker/cfg/plex/Library/Application Support/Plex Media Server/Plug-in Support/Databases/' + + \ No newline at end of file diff --git a/playbook/docker/mediaserver/hydra.yml b/playbook/docker/mediaserver/hydra.yml deleted file mode 100644 index 44ad307..0000000 --- a/playbook/docker/mediaserver/hydra.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -# https://github.com/linuxserver/docker-hydra2 -- name: Media Server - become: yes - hosts: linux - vars_files: - - vars.yml - - tasks: - - name: pip docker-py - absent - pip: - name: docker-py - state: absent - executable: pip3 - - - name: pip docker - present - pip: - name: docker - state: present - executable: pip3 - - - name: Hydra Network - docker_network: - name: "{{ network }}" - - - name: stop hydra - docker_container: - name: hydra - state: stopped - ignore_errors: yes - - - name: Make Hydra - docker_container: - name: hydra - image: 'linuxserver/hydra2:latest' - state: started - env: - PUID=1000 - PGID=1000 - TZ=Europe/London - ports: - - 5076:5076 - volumes: - #- "{{ hydra_config }}:/config" - - "/docker/hydra:/config" - - "{{ shared_downloads }}:/downloads" - networks: - - name: "{{ network }}" \ No newline at end of file diff --git a/playbook/docker/mediaserver/mediaserver.yml b/playbook/docker/mediaserver/mediaserver.yml deleted file mode 100644 index 1a576e1..0000000 --- a/playbook/docker/mediaserver/mediaserver.yml +++ /dev/null @@ -1,134 +0,0 @@ - -- name: Configure Media Server - hosts: mediaserver - become: yes - vars: - dockerFolder: "/docker" - dockerMount: "/docker/config" - dockerPlex: "/docker/plex" - nfsAddress: 192.168.0.16 - dockerNetwork: mediaserver - - tasks: - - name: install docker - import_role: - name: geerlingguy.docker - become: yes - - - name: make docker folder location - file: - path: "{{ dockerFolder }}" - state: directory - - - name: make docker config path - file: - path: "{{ dockerMount }}" - state: directory - - - name: mount nfs to /docker/config - mount: - src: "{{ nfsAddress }}:/docker/" - path: "{{ dockerMount }}" - fstype: nfs - boot: yes - state: mounted - - - name: make plex mount point - file: - path: "{{ dockerPlex }}" - state: directory - - - name: mount nfs to /docker/plex - mount: - src: "{{nfsAddress }}:/plex/" - path: "{{ dockerPlex }}" - fstype: nfs - boot: yes - state: mounted - - - name: install docker pip package - pip: - name: docker - state: present - executable: pip3 - - - name: make docker network - docker_network: - name: "{{ dockerNetwork }}" - - - name: stop hydra - docker_container: - name: hydra - state: stopped - ignore_errors: yes - - - name: Make Hydra - docker_container: - name: hydra - image: 'linuxserver/hydra2:latest' - state: started - env: - #PUID=1000 - #PGID=1000 - PUID=0 - PGID=0 - TZ=Europe/London - ports: - - 5076:5076 - volumes: - #- "{{ hydra_config }}:/config" - - "{{ dockerMount }}/hydra:/config" - - "/docker/downloads:/downloads" - networks: - - name: "{{ dockerNetwork }}" - - - name: stop sonarr - docker_container: - name: sonarr - state: stopped - ignore_errors: yes - - - name: start sonarr - docker_container: - name: sonarr - image: linuxserver/sonarr:latest - state: started - env: - # Use 0 because this runs as root - #PUID=1000 - #PGID=1000 - PUID=0 - PGID=0 - TZ=Europe/London - UMASK_SET=022 #optional - ports: - - 8989:8989 - volumes: - - "{{ dockerMount }}/sonarr/config:/config" - - "/docker/sonarr/data:/tv" - - "/docker/downloads:/downloads" - networks: - - name: "{{ dockerNetwork }}" - - - name: stop nzb - docker_container: - name: nzbget - state: stopped - ignore_errors: yes - - - name: Make Nzb - docker_container: - name: nzbget - image: linuxserver/nzbget:latest - state: started - env: - PUID=0 - PGID=0 - TZ=Europe/London - ports: - - 6789:6789 - volumes: - - "{{ dockerMount }}/nzbget:/config" - - "/docker/downloads:/downloads" - networks: - - name: "{{ dockerNetwork }}" \ No newline at end of file diff --git a/playbook/docker/mediaserver/mount.yml b/playbook/docker/mediaserver/mount.yml deleted file mode 100644 index 3c94ddd..0000000 --- a/playbook/docker/mediaserver/mount.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: mount external nfs disks - hosts: mediaserver - vars_files: - - vars.yml - - tasks: - - name: make mountpoint - file: - path: /docker/dockerconfig - state: directory - - - name: mount /docker to /docker/dockerconfig - mount: - path: 192.168.0.16:/docker - src: /docker/dockerconfig - boot: yes - state: mounted \ No newline at end of file diff --git a/playbook/docker/mediaserver/nzbget.yml b/playbook/docker/mediaserver/nzbget.yml deleted file mode 100644 index fec4a12..0000000 --- a/playbook/docker/mediaserver/nzbget.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- name: nzbget - hosts: linux - become: yes - vars_files: - - vars.yml - - tasks: - - name: pip docker - pip: - name: docker - executable: pip3 - - - name: stop nzb - docker_container: - name: nzbget - state: stopped - ignore_errors: yes - - - name: Make Nzb - docker_container: - name: nzbget - image: linuxserver/nzbget:latest - state: started - env: - PUID=1000 - PGID=1000 - TZ=Europe/London - ports: - - 6789:6789 - volumes: - - "/docker/config/nzbconfig:/config" - - "/docker/nzbdownloads:/downloads" - networks: - - name: "{{ network }}" \ No newline at end of file diff --git a/playbook/docker/mediaserver/sonarr.yml b/playbook/docker/mediaserver/sonarr.yml deleted file mode 100644 index 6795c32..0000000 --- a/playbook/docker/mediaserver/sonarr.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: sonarr - hosts: linux - become: yes - vars_files: - - vars.yml - - tasks: - - name: pip docker - pip: - name: docker - - - name: stop sonarr - docker_container: - name: sonarr - state: stopped - ignore_errors: yes - - - name: start sonarr - docker_container: - name: sonarr - image: linuxserver/sonarr:latest - state: started - env: - PUID=1000 - PGID=1000 - TZ=Europe/London - UMASK_SET=022 #optional - ports: - - 8989:8989 - volumes: - - "/docker/sonarr/config:/config" - - "/docker/sonarr/data:/tv" - - "/docker/nzbdownloads:/downloads" - networks: - - name: "{{ network }}" - diff --git a/playbook/docker/mediaserver/update.yml b/playbook/docker/mediaserver/update.yml new file mode 100644 index 0000000..bda395d --- /dev/null +++ b/playbook/docker/mediaserver/update.yml @@ -0,0 +1,42 @@ +--- + +# This is a job that will work on weekly rotation to update images. + +- name: update containers + hosts: mediaserver + become: true + + tasks: + - name: download latest sonarr + docker_image: + name: linuxserver/sonarr + tag: latest + state: present + source: pull + + - name: download latest hydra + docker_image: + name: linuxserver/hydra2 + tag: latest + state: present + source: pull + + - name: download latest radarr + docker_image: + name: linuxserver/radarr + tag: latest + state: present + source: pull + + - name: download latest nzbget + docker_image: + name: linuxserver/nzbget + tag: latest + state: present + source: pull + + #- name: remove old images + # docker_prune: + # images: true + # images_filters: + # dangling: true diff --git a/playbook/docker/mediaserver/vars.yml b/playbook/docker/mediaserver/vars.yml deleted file mode 100644 index f9b6e10..0000000 --- a/playbook/docker/mediaserver/vars.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# Volumes -sonarr_data: sonarr_data -sonarr_config: sonarr_config - -osx_sonarr_data: ~/doc - -hydra_config: hydra_config -shared_downloads: media_downloads - -# Networks -network: net_hydra \ No newline at end of file diff --git a/playbook/docker/minecraft/deploy.yml b/playbook/docker/minecraft/deploy.yml new file mode 100644 index 0000000..c1275ba --- /dev/null +++ b/playbook/docker/minecraft/deploy.yml @@ -0,0 +1,55 @@ +--- +# https://hub.docker.com/r/itzg/minecraft-server +# https://www.curseforge.com/minecraft/modpacks/ftb-ultimate-reloaded/files + +- name: Deploy minecraft + hosts: mediaserver-front + become: true + vars: + volData: "~/docker/minecraft/data" + + #zip: FTBUltimateReloadedServer_1.9.0.zip + zip: "SkyFactory-4_Server_4.2.2.zip" + + tasks: + - name: stop container + docker_container: + name: minecraft + state: absent + ignore_errors: true + + - name: Ensure tmp is present + file: + path: /docker/mc/ + state: directory + + - name: Copy zip to the host + copy: + src: "~/Downloads/{{ zip }}" + dest: "/docker/mc/{{ zip }}" + + # Curse is trash and curl and wget cant get the direct path + #- name: Download ModPack + # get_url: + # url: https://www.curseforge.com/minecraft/modpacks/ftb-ultimate-reloaded/download/2778970/file?client=n + # dest: "{{ zip }}" + + - name: compose deploy + docker_compose: + project_name: minecraft + definition: + version: '2' + + services: + server: + image: itzg/minecraft-server + environment: + - EULA=TRUE + - TYPE=CURSEFORGE + - CF_SERVER_MOD={{ zip }} + restart: always + volumes: + - /docker/mc/:/data + ports: + - 25565:25565 + \ No newline at end of file diff --git a/playbook/docker/monitoring/files/influxdb.conf b/playbook/docker/monitoring/files/influxdb.conf new file mode 100644 index 0000000..e69de29 diff --git a/playbook/docker/monitoring/files/telegraf.h1.conf b/playbook/docker/monitoring/files/telegraf.h1.conf new file mode 100644 index 0000000..e69de29 diff --git a/playbook/docker/monitoring/files/telegraf.h2.conf b/playbook/docker/monitoring/files/telegraf.h2.conf new file mode 100644 index 0000000..e69de29 diff --git a/playbook/docker/monitoring/grafana.yml b/playbook/docker/monitoring/grafana.yml new file mode 100644 index 0000000..d7e706c --- /dev/null +++ b/playbook/docker/monitoring/grafana.yml @@ -0,0 +1,30 @@ +--- + + +- name: Deploy Grafana in a container + hosts: localhost + + tasks: + - name: Stop container + docker_container: + name: grafana + state: stopped + + - name: destroy container + docker_container: + name: grafana + state: absent + + - name: Deploy container + docker_container: + name: grafana + image: grafana/grafana + state: started + env: + GF_INSTALL_PLUGINS=andig-darksky-datasource + #GF_SECURITY_ADMIN_PASSWORD=secret + ports: + - 3000:3000 + volumes: + - "~/docker/grafana/data:/var/lib/grafana" + #- "~/docker/grafana/config:/etc/grafana/" diff --git a/playbook/docker/monitoring/influxdb.yml b/playbook/docker/monitoring/influxdb.yml new file mode 100644 index 0000000..472cc2d --- /dev/null +++ b/playbook/docker/monitoring/influxdb.yml @@ -0,0 +1,96 @@ +--- + +- name: Deploy InfluxDB + hosts: d1 + become: true + vars: + containers: + - "monitor_db_1" + - "monitor_web_1" + - "monitor_alert_1" + + images: + - 'influxdb:1.8-alpine' + - 'chronograf:1.8-alpine' + - 'kapacitor:1.5-alpine' + - 'grafana/grafana:6.7.2' + + + tasks: + - name: stop and remove containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ containers }}" + + - name: pull images + docker_image: + name: "{{ item }}" + source: pull + loop: "{{ images }}" + + - name: Generate Telegraf vmware Config + include_role: + name: telegraf_cfg + vars: + telegraf_config_dir: /docker/influx/vmware/ + telegraf_target: vmware + telegraf_vmware_hosts: "http://192.168.0.75/sdk, http://192.168.0.230/sdk" + telegraf_vmware_username: root + telegraf_vmware_password: Lm38iq + + - name: Deploy Influx Stack + docker_compose: + project_name: monitor + definition: + version: "3" + networks: + influx: + services: + db: + image: "{{ images[0] }}" + restart: always + ports: + - 8086:8086 + volumes: + - /docker/influx/db:/var/lib/influxdb + networks: + influx: + + web: + image: "{{ images[1] }}" + restart: always + ports: + - 8888:8888 + volumes: + - /docker/influx/web:/var/lib/chronograf + networks: + influx: + + alert: + image: "{{ images[2] }}" + restart: always + ports: + - 9092:9092 + volumes: + - /docker/influx/alert:/var/lib/kapacitor + networks: + influx: + + vmware: + image + + + + #dash: + # image: "{{ images[3] }}" + # restart: always + # ports: + # - 3000:3000 + # volumes: + + + + + + diff --git a/playbook/docker/newsbot/backup.yml b/playbook/docker/newsbot/backup.yml new file mode 100644 index 0000000..95fdbf2 --- /dev/null +++ b/playbook/docker/newsbot/backup.yml @@ -0,0 +1,107 @@ +--- +- name: testing backup plan + hosts: newsbot + become: true + vars: + backup: false + tasks: + - block: + - set_fact: + pathLocal: /docker/cfg/newsbot/database + container: newsbot_app_1 + + - name: "{{ container }} - Ensure backup dir is present" + file: + path: "{{ pathNfsBackup }}/{{ container }}" + state: directory + + - name: "{{ container}} - Check on old backups" + find: + path: "{{ pathNfsBackup }}/{{ container }}" + age: 4w + register: searchRes + + - name: "{{ container }} - Remove old backups" + file: + path: "{{ item.path }}" + state: absent + loop: "{{ searchRes.files }}" + + - name: "{{ container }} - Stop container" + docker_container: + name: "{{ container }}" + state: stopped + + - name: "{{ container }} - Generate backup" + community.general.archive: + path: "{{ pathLocal }}" + dest: "{{ pathNfsBackup }}/{{ container }}/temp.tgz" + + - name: "{{ container }} - Copy backup" + copy: + src: "{{ pathNfsBackup}}/{{ container }}/temp.tgz" + dest: "{{ pathNfsBackup}}/{{ container }}/backup.tgz" + backup: true + remote_src: true + + - name: "{{ container }} - Remove temp file" + #shell: "rm {{ PathNfsBackup }}/{{ container }}/temp.tgz" + file: + path: "{{ pathNfsBackup }}/{{ container }}/temp.tgz" + state: absent + + + - name: "{{ container }} - Start container" + docker_container: + name: "{{ container }}" + state: started + + - block: + - set_fact: + pathLocal: /docker/cfg/newsbot_sin/database + container: newsbot_sin_1 + + - name: "{{ container }} - Ensure backup dir is present" + file: + path: "{{ pathNfsBackup }}/{{ container }}" + state: directory + + - name: "{{ container}} - Check on old backups" + find: + path: "{{ pathNfsBackup }}/{{ container }}" + age: 4w + register: searchRes + + - name: "{{ container }} - Remove old backups" + file: + path: "{{ item.path }}" + state: absent + loop: "{{ searchRes.files }}" + + - name: "{{ container }} - Stop container" + docker_container: + name: "{{ container }}" + state: stopped + + - name: "{{ container }} - Generate backup" + community.general.archive: + path: "{{ pathLocal }}" + dest: "{{ pathNfsBackup }}/{{ container }}/temp.tgz" + + - name: "{{ container }} - Copy backup" + copy: + src: "{{ pathNfsBackup}}/{{ container }}/temp.tgz" + dest: "{{ pathNfsBackup}}/{{ container }}/backup.tgz" + backup: true + remote_src: true + + - name: "{{ container }} - Remove temp file" + file: + path: "{{ pathNfsBackup }}/{{ container }}/temp.tgz" + state: absent + + - name: "{{ container }} - Start container" + docker_container: + name: "{{ container }}" + state: started + diff --git a/playbook/docker/newsbot/deploy.yml b/playbook/docker/newsbot/deploy.yml new file mode 100644 index 0000000..51d8296 --- /dev/null +++ b/playbook/docker/newsbot/deploy.yml @@ -0,0 +1,103 @@ +--- + +- name: Deploy Newsbot + hosts: newsbot + become: true + vars: + image: jtom38/newsbot:0.6.0 + + tasks: + - debug: + msg: "Deploying image: {{ image }}" + + - name: stop containers + docker_container: + name: "{{ item }}" + state: absent + ignore_errors: true + loop: + - "newsbot_app_1" + - "newsbot_sin_1" + + - name: Pull Images + docker_image: + name: "{{ image }}" + source: pull + state: present + force_source: true + + - name: Deploy Newsbot + docker_compose: + project_name: newsbot + definition: + version: "2" + + networks: + newsbot: + external: false + + services: + app: + image: "{{ image }}" + environment: + NEWSBOT_POGO_ENABLED: 'true' + NEWSBOT_POGO_HOOK: "{{ mm_pogo_hooks }}" + + NEWSBOT_PSO2_ENABLED: 'true' + NEWSBOT_PSO2_HOOK: "{{ mm_pso2_hooks }}" + + NEWSBOT_FFXIV_ALL: 'false' + NEWSBOT_FFXIV_TOPICS: 'True' + NEWSBOT_FFXIV_NOTICES: 'false' + NEWSBOT_FFXIV_MAINTENANCE: 'false' + NEWSBOT_FFXIV_UPDATES: 'false' + NEWSBOT_FFXIV_STATUS: 'false' + NEWSBOT_FFXIV_HOOK: "{{ mm_ffxiv_hooks }}" + + NEWSBOT_REDDIT_SUB_0: "ProgrammerHumor" + NEWSBOT_REDDIT_HOOK_0: "{{ mm_programmer_humor_hooks }}" + + NEWSBOT_YOUTUBE_URL_0: 'https://www.youtube.com/user/loadingreadyrun/' + NEWSBOT_YOUTUBE_NAME_0: "LoadingReadyRun" + NEWSBOT_YOUTUBE_HOOK_0: "{{ mm_lrr_hooks }}" + + #NEWSBOT_TWITTER_API_KEY: "{{ twitter_api_key }}" + #NEWSBOT_TWITTER_API_KEY_SECRET: "{{ twitter_api_key_secret }}" + #NEWSBOT_TWITTER_USER_NAME_0: "GenshinImpact" + #NEWSBOT_TWITTER_USER_HOOK_0: "{{ mm_genshin_hooks }}" + + NEWSBOT_INSTAGRAM_USER_NAME_1: madmax_fluffyroad + NEWSBOT_INSTAGRAM_USER_HOOK_1: "{{ mm_happyfeed_hooks}}" + NEWSBOT_INSTAGRAM_TAG_NAME_1: corgi + NEWSBOT_INSTAGRAM_TAG_HOOK_1: "{{ mm_happyfeed_hooks }}" + + NEWSBOT_TWITCH_CLIENT_ID: "{{ twitch_client_id }}" + NEWSBOT_TWITCH_CLIENT_SECRET: "{{ twitch_client_secret }}" + + restart: always + + networks: + - newsbot + + volumes: + - /docker/cfg/newsbot/database:/app/mounts/database + - /docker/logs/newsbot/logs:/app/mounts/logs + + sin: + image: "{{ image }}" + environment: + NEWSBOT_REDDIT_SUB_0: "Cringetopia" + NEWSBOT_REDDIT_HOOK_0: "{{ sin_newsbot_hooks }}" + + NEWSBOT_REDDIT_SUB_1: "cursedfood" + NEWSBOT_REDDIT_HOOK_1: "{{ sin_newsbot_hooks }}" + restart: always + + networks: + - newsbot + + volumes: + - /docker/cfg/newsbot_sin/database:/app/mounts/database + - /docker/logs/newsbot_sin/logs:/app/mounts/logs + + diff --git a/playbook/docker/nextcloud/deploy.yml b/playbook/docker/nextcloud/deploy.yml new file mode 100644 index 0000000..74120b2 --- /dev/null +++ b/playbook/docker/nextcloud/deploy.yml @@ -0,0 +1,93 @@ +--- + +- name: Deploy NextCloud + hosts: nextcloud + become: true + vars: + removeLocalData: false + localData: + - /docker/cfg/nextcloud_app/ + - /docker/cfg/nextcloud_db/ + containers: + - nextcloud_db_1 + - nextcloud_cache_1 + - nextcloud_app_1 + + tasks: + - name: Remove Existing containers + docker_container: + name: "{{ item }}" + state: absent + loop: "{{ containers }}" + + - name: Remove local data + file: + path: "{{ item }}" + state: absent + loop: "{{ localData }}" + when: removeLocalData == True + + - name: Deploy containers + docker_compose: + project_name: "nextcloud" + definition: + version: "3" + + networks: + nextcloudBack: + #ipam: + # driver: default + # config: + # - subnet: 172.16.30.0/16 + + #nextcloudFront: + # external: false + + services: + cache: + image: redis:6.0.9-alpine + ports: + - 6379:6379 + networks: + nextcloudBack: + #ipv4_address: 172.16.30.10 + + db: + image: postgres:13.0-alpine + volumes: + - /docker/cfg/nextcloud_db/:/var/lib/postgresql/data + environment: + POSTGRES_USER: nextcloud + POSTGRES_PASSWORD: "pgcloud" + POSTGRES_DB: nextcloud + ports: + - 5432:5432 + networks: + nextcloudBack: + #ipv4_address: 172.16.30.20 + + app: + image: nextcloud:20.0.1 + volumes: + - /docker/cfg/nextcloud_app/html:/var/www/html/ + #- /docker/cfg/nextcloud_app/data:/var/www/html/data + #- /docker/cfg/nextcloud_app/custom_apps:/var/www/html/custom_apps + #- /docker/cfg/nextcloud_app/config:/var/www/html/config + environment: + #REDIS_HOST: nextcloud_cache_1 + #REDIS_HOST_PORT: 6379 + + POSTGRES_DB: nextcloud + POSTGRES_USER: nextcloud + POSTGRES_PASSWORD: "pgcloud" + POSTGRES_HOST: nextcloud_db_1 + ports: + - 8090:80 + #- 8091:443 + networks: + nextcloudBack: + #ipv4_address: 172.16.30.30 + + + + diff --git a/playbook/docker/nginx.yml b/playbook/docker/nginx.yml new file mode 100644 index 0000000..92b10ea --- /dev/null +++ b/playbook/docker/nginx.yml @@ -0,0 +1,39 @@ +--- + +- name: Ensure nginx is deployed + hosts: mediaserver-back + become: true + vars: + discord_webhook: "{{ discord_mmt_hook }}" + discord_name: "Ansible Monitor - Backend" + discord_type: "fancy" + discord_title: "nginx deployment" + discord_color: "12255487" + + tasks: + - include_role: + name: luther38.discord_webhook + vars: + discord_message: "Nginx is getting rebooted... please wait..." + + - name: Stop and destroy Container + docker_container: + name: nginx + state: absent + ignore_errors: true + + - name: Pull image + docker_image: + name: nginx + source: pull + + - name: Deploy nginx + docker_container: + name: nginx + image: nginx + state: started + restart_policy: unless-stopped + ports: + - 80:80 + volumes: + - '/docker/cfg/nginx:/etc/nginx/' diff --git a/playbook/docker/pihole.yml b/playbook/docker/pihole.yml new file mode 100644 index 0000000..31fa1de --- /dev/null +++ b/playbook/docker/pihole.yml @@ -0,0 +1,55 @@ +--- +- name: Deploy PiHole + hosts: pihole + become: true + vars: + image: pihole/pihole:v5.2.1 + tasks: + - name: stop containers + docker_container: + name: pihole_app_1 + state: absent + ignore_errors: true + + - name: Pull images + docker_image: + name: "{{ image }}" + source: pull + + - name: Disable resolved for pihole + shell: sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + + - name: Update local resolved config + shell: sh -c 'rm /etc/resolv.conf && ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf' + + - name: restart resolved + systemd: + name: systemd-resolved + state: restarted + + - name: deploy containers + docker_compose: + project_name: pihole + definition: + version: "2" + + services: + app: + image: "{{ image }}" + ports: + - "53:53/tcp" + - "53:53/udp" + - "67:67/udp" + - "80:80/tcp" + - "443:443/tcp" + environment: + TZ: 'America/Los_Angeles' + WEBPASSWORD: 'pihole' + volumes: + - /docker/pihole/etc/pihole/:/etc/pihole/ + - /docker/pihole/etc/dnsmasq:/etc/dnsmasq.d/ + restart: always + #network_mode: host + + + diff --git a/playbook/docker/readme.md b/playbook/docker/readme.md new file mode 100644 index 0000000..7d6154f --- /dev/null +++ b/playbook/docker/readme.md @@ -0,0 +1,3 @@ +# docker + +The folders here are made to container the tasks that get ran against the group. The files here are not really for interfacing with the program its self. This is more about the health and maintenance of containers. diff --git a/playbook/docker/syncthing/syncthing.yml b/playbook/docker/syncthing/syncthing.yml new file mode 100644 index 0000000..21eb59b --- /dev/null +++ b/playbook/docker/syncthing/syncthing.yml @@ -0,0 +1,48 @@ +--- +- name: Deploy Syncthing + hosts: mediaserver-back + become: true + vars: + #pathConfig: ~/docker/syncthing/config + # This will place the config in the common location + #pathConfig: '/docker/cfg/syncthing/' + + # No data should be stored on the host device + #pathData: ~/docker/syncthing/data + #pathData: '/docker/nfs/sync' + + + tasks: + - name: stop container + docker_container: + name: synct + state: stopped + ignore_errors: true + + - name: Pull container + docker_image: + name: linuxserver/syncthing + source: pull + + - name: Destroy old Container + docker_container: + name: synct + state: absent + ignore_errors: true + + - name: Deploy new container + docker_container: + name: synct + image: linuxserver/syncthing + state: started + restart_policy: unless-stopped + env: + PUID=0 + PGID=0 + ports: + - 8384:8384 + - 22000:22000 + - 21027:21027/udp + volumes: + - "{{ pathConfig }}/syncthing:/config" + - "{{ pathNfsSync }}:/data" diff --git a/playbook/infrastructure/containers/nextcloud.yml b/playbook/infrastructure/containers/nextcloud.yml new file mode 100644 index 0000000..cd21505 --- /dev/null +++ b/playbook/infrastructure/containers/nextcloud.yml @@ -0,0 +1,2 @@ +--- + diff --git a/playbook/infrastructure/containers/nextcloud/main.tf b/playbook/infrastructure/containers/nextcloud/main.tf new file mode 100644 index 0000000..d68811a --- /dev/null +++ b/playbook/infrastructure/containers/nextcloud/main.tf @@ -0,0 +1,157 @@ + +provider "docker" { + host = "http://192.168.0.241:2375" +} + + + +resource "docker_image" "nextcloud" { + name = "nextcloud:19.0.1-apache" +} + +resource "docker_image" "postgres" { + name = "postgres:12.3" +} + +resource "docker_image" "redis" { + name = "redis:6.0.6-alpine" +} + +resource "docker_image" "proxy" { + name = "nginx:1.19.1-alpine" +} + + + +resource "docker_volume" "nextcloud_web_data" { + name = "nextcloud_web_data" +} + +resource "docker_volume" "nextcloud_db_data" { + name = "nextcloud_db_data" +} + +resource "docker_network" "nextcloud" { + name = "nextcloud" + driver = "bridge" + ipam_config { + subnet = "172.200.0.0/16" + gateway = "172.200.0.1" + } +} + +resource "docker_container" "nextcloud_proxy" { + count = 1 + name = "nextcloud_proxy_${count.index}" + image = docker_image.proxy.latest + + ports { + internal = 80 + external = 80 + } + + upload { + file = "/etc/nginx/nginx.conf" + #content = file("nextcloud.conf") + content = <- - deb http://ftp.debian.org/debian - {{ ansible_distribution_release }}-backports main' - state: present - filename: "{{ ansible_distribution_release }}_backports" - when: ansible_distribution_version | int < 9 - -- name: Update apt cache. - apt: update_cache=true cache_valid_time=86400 - -- name: Set the default_release option for older Debian versions. - set_fact: - ansible_default_release: "{{ ansible_distribution_release }}-backports" - when: ansible_distribution_version | int < 9 - -- name: Install Ansible. - apt: - name: ansible - state: "{{ ansible_package_state }}" - default_release: "{{ ansible_default_release }}" diff --git a/roles/geerlingguy.ansible/tasks/setup-Fedora.yml b/roles/geerlingguy.ansible/tasks/setup-Fedora.yml deleted file mode 100644 index 7d56261..0000000 --- a/roles/geerlingguy.ansible/tasks/setup-Fedora.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Install Ansible. - package: - name: ansible - state: "{{ ansible_package_state }}" diff --git a/roles/geerlingguy.ansible/tasks/setup-RedHat.yml b/roles/geerlingguy.ansible/tasks/setup-RedHat.yml deleted file mode 100644 index 2f1221d..0000000 --- a/roles/geerlingguy.ansible/tasks/setup-RedHat.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Install Ansible. - yum: - name: ansible - state: "{{ ansible_package_state }}" - enablerepo: epel diff --git a/roles/geerlingguy.ansible/tasks/setup-Ubuntu.yml b/roles/geerlingguy.ansible/tasks/setup-Ubuntu.yml deleted file mode 100644 index 2c9b2fa..0000000 --- a/roles/geerlingguy.ansible/tasks/setup-Ubuntu.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Add ansible repository. - apt_repository: repo='ppa:ansible/ansible' - -- name: Update apt cache. - apt: update_cache=true cache_valid_time=86400 - -- name: Install Ansible. - apt: - name: ansible - state: "{{ ansible_package_state }}" diff --git a/roles/geerlingguy.ansible/tasks/setup-pip.yml b/roles/geerlingguy.ansible/tasks/setup-pip.yml deleted file mode 100644 index a91049b..0000000 --- a/roles/geerlingguy.ansible/tasks/setup-pip.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Install Ansible via Pip. - pip: - name: ansible - version: "{{ ansible_install_version_pip | default(omit) }}" diff --git a/roles/geerlingguy.awx/.gitignore b/roles/geerlingguy.awx/.gitignore deleted file mode 100644 index c9b2377..0000000 --- a/roles/geerlingguy.awx/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*.retry -tests/test.sh diff --git a/roles/geerlingguy.awx/.travis.yml b/roles/geerlingguy.awx/.travis.yml deleted file mode 100644 index 3059dde..0000000 --- a/roles/geerlingguy.awx/.travis.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -services: docker - -env: - - distro: centos7 - - distro: ubuntu1604 - - distro: debian9 - - # Test without running the full playbook. - - distro: centos7 - playbook: test-no-playbook.yml - -script: - # Download test shim. - - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/ - - chmod +x ${PWD}/tests/test.sh - - # Run tests (increasing the travis_wait timeout). - - tests/custom_travis_wait.sh ${PWD}/tests/test.sh - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geerlingguy.awx/LICENSE b/roles/geerlingguy.awx/LICENSE deleted file mode 100644 index 4275cf3..0000000 --- a/roles/geerlingguy.awx/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Jeff Geerling - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.awx/README.md b/roles/geerlingguy.awx/README.md deleted file mode 100644 index 99c77f0..0000000 --- a/roles/geerlingguy.awx/README.md +++ /dev/null @@ -1,68 +0,0 @@ -# Ansible Role: AWX (open source Ansible Tower) - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-awx.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-awx) - -Installs and configures [AWX](https://github.com/ansible/awx), the open source version of [Ansible Tower](https://www.ansible.com/tower). - -## Requirements - -Before this role runs, assuming you want the role to completely set up AWX using it's included installer, you need to make sure the following AWX dependencies are installed: - -| Dependency | Suggested Role | -| ----------------------------- | ------------------------ | -| EPEL repo (RedHat OSes only) | `geerlingguy.repo-epel` | -| Git | `geerlingguy.git` | -| Ansible | `geerlingguy.ansible` | -| Docker | `geerlingguy.docker` | -| Python Pip | `geerlingguy.pip` | -| Node.js (6.x) | `geerlingguy.nodejs` | - -See this role's `tests/test.yml` playbook for an example that works across many different OSes. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - awx_repo: https://github.com/ansible/awx.git - awx_repo_dir: "~/awx" - awx_version: devel - awx_keep_updated: yes - -Variables to control what version of AWX is checked out and installed. - - awx_run_install_playbook: yes - -By default, this role will run the installation playbook included with AWX (which builds a set of containers and runs them). You can disable the playbook run by setting this variable to `no`. - -## Dependencies - -None. - -## Example Playbook - - - hosts: awx-centos - become: yes - - vars: - nodejs_version: "6.x" - pip_install_packages: - - name: docker-py - - roles: - - geerlingguy.repo-epel - - geerlingguy.git - - geerlingguy.ansible - - geerlingguy.docker - - geerlingguy.pip - - geerlingguy.nodejs - - geerlingguy.awx - -After AWX is installed, you can log in with the default username `admin` and password `password`. - -## License - -MIT / BSD - -## Author Information - -This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.awx/defaults/main.yml b/roles/geerlingguy.awx/defaults/main.yml deleted file mode 100644 index ec9fdec..0000000 --- a/roles/geerlingguy.awx/defaults/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -awx_repo: https://github.com/ansible/awx.git -awx_repo_dir: "~/awx" -awx_version: devel -awx_keep_updated: yes -awx_run_install_playbook: yes -postgres_data_dir: /var/lib/pgdocker diff --git a/roles/geerlingguy.awx/meta/.galaxy_install_info b/roles/geerlingguy.awx/meta/.galaxy_install_info deleted file mode 100644 index 42ca04c..0000000 --- a/roles/geerlingguy.awx/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Fri Oct 18 19:16:41 2019 -version: 1.2.0 diff --git a/roles/geerlingguy.awx/meta/main.yml b/roles/geerlingguy.awx/meta/main.yml deleted file mode 100644 index bb41dc5..0000000 --- a/roles/geerlingguy.awx/meta/main.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: "Installs and configures AWX (Ansible Tower's open source version)." - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.0 - platforms: - - name: EL - versions: - - 7 - - name: Fedora - versions: - - all - - name: Ubuntu - versions: - - all - - name: Debian - versions: - - all - galaxy_tags: - - automation - - system - - web - - django - - awx - - tower - - playbook - - ci - - cd diff --git a/roles/geerlingguy.awx/tasks/awx-install-playbook.yml b/roles/geerlingguy.awx/tasks/awx-install-playbook.yml deleted file mode 100644 index 49a124a..0000000 --- a/roles/geerlingguy.awx/tasks/awx-install-playbook.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Run the AWX installation playbook. - command: "ansible-playbook -i inventory install.yml -e postgres_data_dir={{ postgres_data_dir }}" - args: - chdir: "{{ awx_repo_dir }}/installer" - creates: /etc/awx_playbook_complete - -- name: Create a file to mark whether this playbook has completed. - file: - path: /etc/awx_playbook_complete - state: touch - changed_when: False diff --git a/roles/geerlingguy.awx/tasks/main.yml b/roles/geerlingguy.awx/tasks/main.yml deleted file mode 100644 index a7691a5..0000000 --- a/roles/geerlingguy.awx/tasks/main.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" - -- name: Install AWX dependencies. - package: - name: "{{ item }}" - state: present - with_items: "{{ awx_package_dependencies }}" - -- name: Clone AWX into configured directory. - git: - repo: "{{ awx_repo }}" - dest: "{{ awx_repo_dir }}" - version: "{{ awx_version }}" - update: "{{ awx_keep_updated }}" - force: yes - accept_hostkey: yes - -- include: awx-install-playbook.yml - when: awx_run_install_playbook diff --git a/roles/geerlingguy.awx/tests/README.md b/roles/geerlingguy.awx/tests/README.md deleted file mode 100644 index 6fb2117..0000000 --- a/roles/geerlingguy.awx/tests/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Ansible Role tests - -To run the test playbook(s) in this directory: - - 1. Install and start Docker. - 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: - - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` - 1. Make the test shim executable: `chmod +x tests/test.sh`. - 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` - -If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)` diff --git a/roles/geerlingguy.awx/tests/custom_travis_wait.sh b/roles/geerlingguy.awx/tests/custom_travis_wait.sh deleted file mode 100755 index 1197b72..0000000 --- a/roles/geerlingguy.awx/tests/custom_travis_wait.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash -# Add a custom wait time (limit value, in seconds). -# -# Chose to use a custom script instead of travis_wait, since travis_wait eats -# logged output then spits it out at the end. - -set -e -set -u - -command=$1 - -# Launch command in the background. -${command} & - -# Ping every second. -seconds=0 -limit=45*60 -while kill -0 $! >/dev/null 2>&1; -do - echo -n -e " \b" - if [ $seconds == $limit ]; then - break; - fi - seconds=$((seconds + 1)) - sleep 1 -done diff --git a/roles/geerlingguy.awx/tests/requirements.yml b/roles/geerlingguy.awx/tests/requirements.yml deleted file mode 100644 index f837db1..0000000 --- a/roles/geerlingguy.awx/tests/requirements.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- src: geerlingguy.repo-epel -- src: geerlingguy.git -- src: geerlingguy.ansible -- src: geerlingguy.docker -- src: geerlingguy.pip -- src: geerlingguy.nodejs diff --git a/roles/geerlingguy.awx/tests/test-no-playbook.yml b/roles/geerlingguy.awx/tests/test-no-playbook.yml deleted file mode 100644 index 82d9094..0000000 --- a/roles/geerlingguy.awx/tests/test-no-playbook.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- hosts: all - - vars: - awx_run_install_playbook: no - - pre_tasks: - - name: Update apt cache. - apt: update_cache=yes cache_valid_time=600 - when: ansible_os_family == 'Debian' - changed_when: false - - roles: - - geerlingguy.git - - role_under_test diff --git a/roles/geerlingguy.awx/tests/test.yml b/roles/geerlingguy.awx/tests/test.yml deleted file mode 100644 index 07e1b63..0000000 --- a/roles/geerlingguy.awx/tests/test.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- hosts: all - - vars: - nodejs_version: "6.x" - pip_install_packages: - - name: docker-py - - pre_tasks: - - name: Update apt cache. - apt: update_cache=yes cache_valid_time=600 - when: ansible_os_family == 'Debian' - changed_when: false - - roles: - - name: geerlingguy.repo-epel - when: ansible_os_family == "RedHat" - - geerlingguy.git - - geerlingguy.ansible - - geerlingguy.docker - - geerlingguy.pip - - geerlingguy.nodejs - - role_under_test diff --git a/roles/geerlingguy.awx/vars/Debian.yml b/roles/geerlingguy.awx/vars/Debian.yml deleted file mode 100644 index 804bbdd..0000000 --- a/roles/geerlingguy.awx/vars/Debian.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -awx_package_dependencies: - - build-essential - - gettext - - g++ - - bzip2 diff --git a/roles/geerlingguy.awx/vars/RedHat.yml b/roles/geerlingguy.awx/vars/RedHat.yml deleted file mode 100644 index fc180d5..0000000 --- a/roles/geerlingguy.awx/vars/RedHat.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -awx_package_dependencies: - - '@Development tools' - - gettext - - gcc-c++ - - bzip2 diff --git a/roles/geerlingguy.docker/.gitignore b/roles/geerlingguy.docker/.gitignore deleted file mode 100644 index f56f5b5..0000000 --- a/roles/geerlingguy.docker/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*.retry -*/__pycache__ -*.pyc diff --git a/roles/geerlingguy.docker/.travis.yml b/roles/geerlingguy.docker/.travis.yml deleted file mode 100644 index a8851b7..0000000 --- a/roles/geerlingguy.docker/.travis.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: docker - matrix: - - MOLECULE_DISTRO: centos7 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: ubuntu1604 - - MOLECULE_DISTRO: ubuntu1404 - - MOLECULE_DISTRO: debian9 - - MOLECULE_DISTRO: fedora27 - -install: - # Install test dependencies. - - pip install molecule docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geerlingguy.docker/LICENSE b/roles/geerlingguy.docker/LICENSE deleted file mode 100644 index 4275cf3..0000000 --- a/roles/geerlingguy.docker/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Jeff Geerling - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.docker/README.md b/roles/geerlingguy.docker/README.md deleted file mode 100644 index 9a49840..0000000 --- a/roles/geerlingguy.docker/README.md +++ /dev/null @@ -1,89 +0,0 @@ -# Ansible Role: Docker - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-docker.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-docker) - -An Ansible Role that installs [Docker](https://www.docker.com) on Linux. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - # Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition). - docker_edition: 'ce' - docker_package: "docker-{{ docker_edition }}" - docker_package_state: present - -The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterprise Edition). You can also specify a specific version of Docker to install using the distribution-specific format: Red Hat/CentOS: `docker-{{ docker_edition }}-`; Debian/Ubuntu: `docker-{{ docker_edition }}=`. - -You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play). - - docker_service_state: started - docker_service_enabled: true - docker_restart_handler_state: restarted - -Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set these to `stopped` and set the enabled variable to `no`. - - docker_install_compose: true - docker_compose_version: "1.22.0" - docker_compose_path: /usr/local/bin/docker-compose - -Docker Compose installation options. - - docker_apt_release_channel: stable - docker_apt_arch: amd64 - docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" - docker_apt_ignore_key_error: True - -(Used only for Debian/Ubuntu.) You can switch the channel to `edge` if you want to use the Edge release. - - docker_yum_repo_url: https://download.docker.com/linux/centos/docker-{{ docker_edition }}.repo - docker_yum_repo_enable_edge: 0 - docker_yum_repo_enable_test: 0 - -(Used only for RedHat/CentOS.) You can enable the Edge or Test repo by setting the respective vars to `1`. - - docker_users: - - user1 - - user2 - -A list of system users to be added to the `docker` group (so they can use Docker on the server). - -## Use with Ansible (and `docker` Python library) - -Many users of this role wish to also use Ansible to then _build_ Docker images and manage Docker containers on the server where Docker is installed. In this case, you can easily add in the `docker` Python library using the `geerlingguy.pip` role: - -```yaml -- hosts: all - - vars: - pip_install_packages: - - name: docker - - roles: - - geerlingguy.pip - - geerlingguy.docker -``` - -## Dependencies - -None. - -## Example Playbook - -```yaml -- hosts: all - roles: - - geerlingguy.docker -``` - -## License - -MIT / BSD - -## Author Information - -This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.docker/defaults/main.yml b/roles/geerlingguy.docker/defaults/main.yml deleted file mode 100644 index 3a9cc47..0000000 --- a/roles/geerlingguy.docker/defaults/main.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition). -docker_edition: 'ce' -docker_package: "docker-{{ docker_edition }}" -docker_package_state: present - -# Service options. -docker_service_state: started -docker_service_enabled: true -docker_restart_handler_state: restarted - -# Docker Compose options. -docker_install_compose: true -docker_compose_version: "1.24.1" -docker_compose_path: /usr/local/bin/docker-compose - -# Used only for Debian/Ubuntu. Switch 'stable' to 'edge' if needed. -docker_apt_release_channel: stable -docker_apt_arch: amd64 -docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" -docker_apt_ignore_key_error: true - -# Used only for RedHat/CentOS/Fedora. -docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo -docker_yum_repo_enable_edge: 0 -docker_yum_repo_enable_test: 0 - -# A list of users who will be added to the docker group. -docker_users: [] diff --git a/roles/geerlingguy.docker/handlers/main.yml b/roles/geerlingguy.docker/handlers/main.yml deleted file mode 100644 index 7847bc1..0000000 --- a/roles/geerlingguy.docker/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart docker - service: "name=docker state={{ docker_restart_handler_state }}" diff --git a/roles/geerlingguy.docker/meta/.galaxy_install_info b/roles/geerlingguy.docker/meta/.galaxy_install_info deleted file mode 100644 index d33da8c..0000000 --- a/roles/geerlingguy.docker/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Sun Oct 20 01:52:19 2019 -version: 2.5.3 diff --git a/roles/geerlingguy.docker/meta/main.yml b/roles/geerlingguy.docker/meta/main.yml deleted file mode 100644 index 0dfa4cd..0000000 --- a/roles/geerlingguy.docker/meta/main.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Docker for Linux. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.4 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Fedora - versions: - - all - - name: Debian - versions: - - jessie - - stretch - - name: Ubuntu - versions: - - trusty - - xenial - - bionic - galaxy_tags: - - web - - system - - containers - - docker - - orchestration - - compose - - server diff --git a/roles/geerlingguy.docker/molecule/default/molecule.yml b/roles/geerlingguy.docker/molecule/default/molecule.yml deleted file mode 100644 index 2ca6fea..0000000 --- a/roles/geerlingguy.docker/molecule/default/molecule.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml -platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true -provisioner: - name: ansible - lint: - name: ansible-lint - playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} -scenario: - name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/roles/geerlingguy.docker/molecule/default/playbook.yml b/roles/geerlingguy.docker/molecule/default/playbook.yml deleted file mode 100644 index dad331d..0000000 --- a/roles/geerlingguy.docker/molecule/default/playbook.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - pre_tasks: - - name: Update apt cache. - apt: update_cache=yes cache_valid_time=600 - when: ansible_os_family == 'Debian' - - roles: - - role: geerlingguy.docker diff --git a/roles/geerlingguy.docker/molecule/default/yaml-lint.yml b/roles/geerlingguy.docker/molecule/default/yaml-lint.yml deleted file mode 100644 index 7aeec5a..0000000 --- a/roles/geerlingguy.docker/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 200 - level: warning diff --git a/roles/geerlingguy.docker/tasks/docker-1809-shim.yml b/roles/geerlingguy.docker/tasks/docker-1809-shim.yml deleted file mode 100644 index 286254b..0000000 --- a/roles/geerlingguy.docker/tasks/docker-1809-shim.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Ensure containerd service dir exists. - file: - path: /etc/systemd/system/containerd.service.d - state: directory - -- name: Add shim to ensure Docker can start in all environments. - template: - src: override.conf.j2 - dest: /etc/systemd/system/containerd.service.d/override.conf - register: override_template - -- name: Reload systemd daemon if template is changed. - systemd: - daemon_reload: true - when: override_template is changed diff --git a/roles/geerlingguy.docker/tasks/docker-compose.yml b/roles/geerlingguy.docker/tasks/docker-compose.yml deleted file mode 100644 index 92cf4f2..0000000 --- a/roles/geerlingguy.docker/tasks/docker-compose.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Check current docker-compose version. - command: docker-compose --version - register: docker_compose_current_version - changed_when: false - failed_when: false - -- name: Delete existing docker-compose version if it's different. - file: - path: "{{ docker_compose_path }}" - state: absent - when: > - docker_compose_current_version.stdout is defined - and docker_compose_version not in docker_compose_current_version.stdout - -- name: Install Docker Compose (if configured). - get_url: - url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64 - dest: "{{ docker_compose_path }}" - mode: 0755 diff --git a/roles/geerlingguy.docker/tasks/docker-users.yml b/roles/geerlingguy.docker/tasks/docker-users.yml deleted file mode 100644 index b3b6e0f..0000000 --- a/roles/geerlingguy.docker/tasks/docker-users.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Ensure docker users are added to the docker group. - user: - name: "{{ item }}" - groups: docker - append: true - with_items: "{{ docker_users }}" diff --git a/roles/geerlingguy.docker/tasks/main.yml b/roles/geerlingguy.docker/tasks/main.yml deleted file mode 100644 index 8968c77..0000000 --- a/roles/geerlingguy.docker/tasks/main.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- include_tasks: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include_tasks: setup-Debian.yml - when: ansible_os_family == 'Debian' - -- name: Install Docker. - package: - name: "{{ docker_package }}" - state: "{{ docker_package_state }}" - notify: restart docker - -# TODO: Remove this shim once 18.09.1 or later is released. -- import_tasks: docker-1809-shim.yml - when: ansible_service_mgr == 'systemd' - -- name: Ensure Docker is started and enabled at boot. - service: - name: docker - state: "{{ docker_service_state }}" - enabled: "{{ docker_service_enabled }}" - -- name: Ensure handlers are notified now to avoid firewall conflicts. - meta: flush_handlers - -- include_tasks: docker-compose.yml - when: docker_install_compose | bool - -- include_tasks: docker-users.yml - when: docker_users | length > 0 diff --git a/roles/geerlingguy.docker/tasks/setup-Debian.yml b/roles/geerlingguy.docker/tasks/setup-Debian.yml deleted file mode 100644 index eaaa96f..0000000 --- a/roles/geerlingguy.docker/tasks/setup-Debian.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -- name: Ensure old versions of Docker are not installed. - package: - name: - - docker - - docker-engine - state: absent - -- name: Ensure dependencies are installed. - apt: - name: - - apt-transport-https - - ca-certificates - state: present - -- name: Add Docker apt key. - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 - state: present - register: add_repository_key - ignore_errors: "{{ docker_apt_ignore_key_error }}" - -- name: Ensure curl is present (on older systems without SNI). - package: name=curl state=present - when: add_repository_key is failed - -- name: Add Docker apt key (alternative for older systems without SNI). - shell: | - set -o pipefail - curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - - args: - warn: false - when: add_repository_key is failed - -- name: Add Docker repository. - apt_repository: - repo: "{{ docker_apt_repository }}" - state: present - update_cache: true diff --git a/roles/geerlingguy.docker/tasks/setup-RedHat.yml b/roles/geerlingguy.docker/tasks/setup-RedHat.yml deleted file mode 100644 index 0cd1a50..0000000 --- a/roles/geerlingguy.docker/tasks/setup-RedHat.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -- name: Ensure old versions of Docker are not installed. - package: - name: - - docker - - docker-common - - docker-engine - state: absent - -- name: Add Docker GPG key. - rpm_key: - key: https://download.docker.com/linux/centos/gpg - state: present - -- name: Add Docker repository. - get_url: - url: "{{ docker_yum_repo_url }}" - dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo' - owner: root - group: root - mode: 0644 - -- name: Configure Docker Edge repo. - ini_file: - dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo' - section: 'docker-{{ docker_edition }}-edge' - option: enabled - value: '{{ docker_yum_repo_enable_edge }}' - -- name: Configure Docker Test repo. - ini_file: - dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo' - section: 'docker-{{ docker_edition }}-test' - option: enabled - value: '{{ docker_yum_repo_enable_test }}' diff --git a/roles/geerlingguy.docker/templates/override.conf.j2 b/roles/geerlingguy.docker/templates/override.conf.j2 deleted file mode 100644 index adab53c..0000000 --- a/roles/geerlingguy.docker/templates/override.conf.j2 +++ /dev/null @@ -1,3 +0,0 @@ -# {{ ansible_managed }} -[Service] -ExecStartPre= diff --git a/roles/geerlingguy.git/.ansible-lint b/roles/geerlingguy.git/.ansible-lint deleted file mode 100644 index 1ae5e6c..0000000 --- a/roles/geerlingguy.git/.ansible-lint +++ /dev/null @@ -1,2 +0,0 @@ -skip_list: - - '204' diff --git a/roles/geerlingguy.git/.gitignore b/roles/geerlingguy.git/.gitignore deleted file mode 100644 index f56f5b5..0000000 --- a/roles/geerlingguy.git/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*.retry -*/__pycache__ -*.pyc diff --git a/roles/geerlingguy.git/.travis.yml b/roles/geerlingguy.git/.travis.yml deleted file mode 100644 index 742ed3b..0000000 --- a/roles/geerlingguy.git/.travis.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: git - matrix: - - MOLECULE_DISTRO: centos7 - MOLECULE_PLAYBOOK: playbook-source.yml - - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_PLAYBOOK: playbook-source.yml - - MOLECULE_DISTRO: centos7 - - MOLECULE_DISTRO: centos6 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: ubuntu1604 - - MOLECULE_DISTRO: debian9 - -install: - # Install test dependencies. - - pip install molecule docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geerlingguy.git/LICENSE b/roles/geerlingguy.git/LICENSE deleted file mode 100644 index 4275cf3..0000000 --- a/roles/geerlingguy.git/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Jeff Geerling - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.git/README.md b/roles/geerlingguy.git/README.md deleted file mode 100644 index d1eb74d..0000000 --- a/roles/geerlingguy.git/README.md +++ /dev/null @@ -1,55 +0,0 @@ -# Ansible Role: Git - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-git.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-git) - -Installs Git, a distributed version control system, on any RHEL/CentOS or Debian/Ubuntu Linux system. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - workspace: /root - -Where certain files will be downloaded and adjusted prior to git installation, if needed. - - git_enablerepo: "" - -This variable, a well as `git_packages`, will be used to install git via a particular `yum` repo if `git_install_from_source` is false (CentOS only). Any additional repositories you have installed that you would like to use for a newer/different Git version. - - git_packages: - - git - - git-svn - -The specific Git packages that will be installed. By default, `git-svn` is included, but you can easily add this variable to your playbook's variables and remove `git-svn` if desired. - - git_install_from_source: false - git_install_path: "/usr" - git_version: "2.16.2" - -Whether to install Git from source; if set to `true`, `git_version` is required and will be used to install a particular version of git (see all available versions here: https://www.kernel.org/pub/software/scm/git/), and `git_install_path` defines where git should be installed. - - git_install_from_source_force_update: false - -If git is already installed at and older version, force a new source build. Only applies if `git_install_from_source` is `true`. - -## Dependencies - -None. - -## Example Playbook - - - hosts: servers - roles: - - { role: geerlingguy.git } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.git/defaults/main.yml b/roles/geerlingguy.git/defaults/main.yml deleted file mode 100644 index d01f332..0000000 --- a/roles/geerlingguy.git/defaults/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -workspace: /root - -# If git_install_from_source is set to false, these two variables define whether -# to use an additional repo for the package installation, and which git packages -# will be installed. -git_enablerepo: "" -git_packages: - - git - - git-svn - -# If set to TRUE, git will be installed from source, using the version set with -# the 'git_version' variable instead of using a package. -git_install_from_source: false -git_install_path: "/usr" -git_version: "2.16.2" - -# If git is already installed at and older version, force a new source build. -# Only applies if git_install_from_source is `true`. -git_install_from_source_force_update: false - -# Leave this at it's default. -git_reinstall_from_source: false diff --git a/roles/geerlingguy.git/meta/.galaxy_install_info b/roles/geerlingguy.git/meta/.galaxy_install_info deleted file mode 100644 index a596198..0000000 --- a/roles/geerlingguy.git/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Sun Oct 20 01:54:10 2019 -version: 2.0.5 diff --git a/roles/geerlingguy.git/meta/main.yml b/roles/geerlingguy.git/meta/main.yml deleted file mode 100644 index 4e1fd8f..0000000 --- a/roles/geerlingguy.git/meta/main.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Git version control software - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.4 - platforms: - - name: EL - versions: - - all - - name: Fedora - versions: - - all - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - galaxy_tags: - - development - - system - - git - - vcs - - source - - code diff --git a/roles/geerlingguy.git/molecule/default/molecule.yml b/roles/geerlingguy.git/molecule/default/molecule.yml deleted file mode 100644 index 2ca6fea..0000000 --- a/roles/geerlingguy.git/molecule/default/molecule.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml -platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true -provisioner: - name: ansible - lint: - name: ansible-lint - playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} -scenario: - name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/roles/geerlingguy.git/molecule/default/playbook-source.yml b/roles/geerlingguy.git/molecule/default/playbook-source.yml deleted file mode 100644 index 5974363..0000000 --- a/roles/geerlingguy.git/molecule/default/playbook-source.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - git_install_from_source: true - git_install_from_source_force_update: true - git_version: "2.16.2" - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - changed_when: false - - roles: - - role: geerlingguy.git diff --git a/roles/geerlingguy.git/molecule/default/playbook.yml b/roles/geerlingguy.git/molecule/default/playbook.yml deleted file mode 100644 index 2b57874..0000000 --- a/roles/geerlingguy.git/molecule/default/playbook.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - git_install_from_source: false - git_install_path: /usr/local - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - changed_when: false - - roles: - - role: geerlingguy.git diff --git a/roles/geerlingguy.git/molecule/default/yaml-lint.yml b/roles/geerlingguy.git/molecule/default/yaml-lint.yml deleted file mode 100644 index db22c42..0000000 --- a/roles/geerlingguy.git/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 160 - level: warning diff --git a/roles/geerlingguy.git/tasks/install-from-source.yml b/roles/geerlingguy.git/tasks/install-from-source.yml deleted file mode 100644 index a32af0a..0000000 --- a/roles/geerlingguy.git/tasks/install-from-source.yml +++ /dev/null @@ -1,64 +0,0 @@ ---- -- name: Include OS-specific variables (RedHat). - include_vars: "{{ ansible_os_family }}.yml" - when: - - ansible_os_family == "RedHat" - - ansible_distribution != "Fedora" - -- name: Include OS-specific variables (Fedora). - include_vars: "{{ ansible_distribution }}.yml" - when: ansible_distribution == "Fedora" - -- name: Include OS-specific variables (Debian). - include_vars: "{{ ansible_os_family }}.yml" - when: ansible_os_family == "Debian" - -- name: Define git_install_from_source_dependencies. - set_fact: - git_install_from_source_dependencies: "{{ __git_install_from_source_dependencies | list }}" - when: git_install_from_source_dependencies is not defined - -- name: Ensure git's dependencies are installed. - package: - name: "{{ git_install_from_source_dependencies }}" - state: present - -- name: Get installed version. - command: > - git --version - warn=no - changed_when: false - failed_when: false - check_mode: false - register: git_installed_version - -- name: Force git install if the version numbers do not match. - set_fact: - git_reinstall_from_source: true - when: - - git_install_from_source_force_update | bool - - (git_installed_version.rc == 0) and (git_installed_version.stdout | regex_replace("^.*?([0-9\.]+)$", "\\1") | version_compare(git_version, operator="!=")) - -- name: Download git. - get_url: - url: "https://www.kernel.org/pub/software/scm/git/git-{{ git_version }}.tar.gz" - dest: "{{ workspace }}/git-{{ git_version }}.tar.gz" - when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool) - -- name: Expand git archive. - unarchive: - src: "{{ workspace }}/git-{{ git_version }}.tar.gz" - dest: "{{ workspace }}" - creates: "{{ workspace }}/git-{{ git_version }}/README" - copy: false - when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool) - -- name: Build git. - command: > - make prefix={{ git_install_path }} {{ item }} - chdir={{ workspace }}/git-{{ git_version }} - with_items: - - all - - install - when: (git_installed_version.rc != 0) or (git_reinstall_from_source | bool) - become: true diff --git a/roles/geerlingguy.git/tasks/main.yml b/roles/geerlingguy.git/tasks/main.yml deleted file mode 100644 index d7cc581..0000000 --- a/roles/geerlingguy.git/tasks/main.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- name: Ensure git is installed (RedHat). - package: - name: "{{ git_packages }}" - state: present - enablerepo: "{{ git_enablerepo | default(omit, true) }}" - when: - - not git_install_from_source | bool - - ansible_os_family == 'RedHat' - -- name: Update apt cache (Debian). - apt: update_cache=true cache_valid_time=86400 - when: ansible_os_family == 'Debian' - -- name: Ensure git is installed (Debian). - apt: - name: "{{ git_packages }}" - state: present - when: - - not git_install_from_source | bool - - ansible_os_family == 'Debian' - -- import_tasks: install-from-source.yml - when: git_install_from_source | bool diff --git a/roles/geerlingguy.git/vars/Debian.yml b/roles/geerlingguy.git/vars/Debian.yml deleted file mode 100644 index 230e674..0000000 --- a/roles/geerlingguy.git/vars/Debian.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -git_install_from_source_dependencies: - - libcurl4-gnutls-dev - - libexpat1-dev - - gettext - - libssl-dev - - zlib1g-dev - - build-essential - - gcc diff --git a/roles/geerlingguy.git/vars/Fedora.yml b/roles/geerlingguy.git/vars/Fedora.yml deleted file mode 100644 index c0daee1..0000000 --- a/roles/geerlingguy.git/vars/Fedora.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -git_install_from_source_dependencies: - - gettext-devel - - expat-devel - - curl-devel - - zlib-devel - - perl-devel - - openssl-devel - - subversion-perl - - make - - gcc - - tar diff --git a/roles/geerlingguy.git/vars/RedHat.yml b/roles/geerlingguy.git/vars/RedHat.yml deleted file mode 100644 index d54dc5b..0000000 --- a/roles/geerlingguy.git/vars/RedHat.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -git_install_from_source_dependencies: - - gettext-devel - - expat-devel - - curl-devel - - zlib-devel - - perl-devel - - openssl-devel - - subversion-perl - - make - - gcc diff --git a/roles/geerlingguy.git/vars/main.yml b/roles/geerlingguy.git/vars/main.yml deleted file mode 100644 index 10e268a..0000000 --- a/roles/geerlingguy.git/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# This space intentionally left blank. diff --git a/roles/geerlingguy.java/.gitignore b/roles/geerlingguy.java/.gitignore deleted file mode 100644 index f56f5b5..0000000 --- a/roles/geerlingguy.java/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*.retry -*/__pycache__ -*.pyc diff --git a/roles/geerlingguy.java/.travis.yml b/roles/geerlingguy.java/.travis.yml deleted file mode 100644 index 4fb19f9..0000000 --- a/roles/geerlingguy.java/.travis.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: java - matrix: - - MOLECULE_DISTRO: centos7 - - MOLECULE_DISTRO: centos6 - - MOLECULE_DISTRO: fedora27 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: ubuntu1604 - - MOLECULE_DISTRO: debian9 - - MOLECULE_DISTRO: debian8 - -install: - # Install test dependencies. - - pip install molecule docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geerlingguy.java/LICENSE b/roles/geerlingguy.java/LICENSE deleted file mode 100644 index 4275cf3..0000000 --- a/roles/geerlingguy.java/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Jeff Geerling - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.java/README.md b/roles/geerlingguy.java/README.md deleted file mode 100644 index 7bc991f..0000000 --- a/roles/geerlingguy.java/README.md +++ /dev/null @@ -1,67 +0,0 @@ -# Ansible Role: Java - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-java.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-java) - -Installs Java for RedHat/CentOS and Debian/Ubuntu linux servers. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values: - - # The defaults provided by this role are specific to each distribution. - java_packages: - - java-1.7.0-openjdk - -Set the version/development kit of Java to install, along with any other necessary Java packages. Some other options include are included in the distribution-specific files in this role's 'defaults' folder. - - java_home: "" - -If set, the role will set the global environment variable `JAVA_HOME` to this value. - -## Dependencies - -None. - -## Example Playbook (using default package, usually OpenJDK 7) - - - hosts: servers - roles: - - role: geerlingguy.java - become: yes - -## Example Playbook (install OpenJDK 8) - -For RHEL / CentOS: - - - hosts: server - roles: - - role: geerlingguy.java - when: "ansible_os_family == 'RedHat'" - java_packages: - - java-1.8.0-openjdk - -For Ubuntu < 16.04: - - - hosts: server - tasks: - - name: installing repo for Java 8 in Ubuntu - apt_repository: repo='ppa:openjdk-r/ppa' - - - hosts: server - roles: - - role: geerlingguy.java - when: "ansible_os_family == 'Debian'" - java_packages: - - openjdk-8-jdk - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.java/defaults/main.yml b/roles/geerlingguy.java/defaults/main.yml deleted file mode 100644 index aaf519d..0000000 --- a/roles/geerlingguy.java/defaults/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# Set java_packages if you would like to use a different version than the -# default (OpenJDK 1.7). -# java_packages: [] - -java_home: "" diff --git a/roles/geerlingguy.java/meta/.galaxy_install_info b/roles/geerlingguy.java/meta/.galaxy_install_info deleted file mode 100644 index b945bcc..0000000 --- a/roles/geerlingguy.java/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Mon Apr 29 14:19:43 2019 -version: 1.9.5 diff --git a/roles/geerlingguy.java/meta/main.yml b/roles/geerlingguy.java/meta/main.yml deleted file mode 100644 index 57fec56..0000000 --- a/roles/geerlingguy.java/meta/main.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Java for Linux - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.4 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Fedora - versions: - - all - - name: Debian - versions: - - wheezy - - jessie - - stretch - - name: Ubuntu - versions: - - precise - - trusty - - xenial - - bionic - - name: FreeBSD - versions: - - 10.2 - galaxy_tags: - - development - - system - - web - - java - - jdk - - openjdk - - oracle diff --git a/roles/geerlingguy.java/molecule/default/molecule.yml b/roles/geerlingguy.java/molecule/default/molecule.yml deleted file mode 100644 index 2ca6fea..0000000 --- a/roles/geerlingguy.java/molecule/default/molecule.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml -platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true -provisioner: - name: ansible - lint: - name: ansible-lint - playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} -scenario: - name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/roles/geerlingguy.java/molecule/default/playbook.yml b/roles/geerlingguy.java/molecule/default/playbook.yml deleted file mode 100644 index c99558d..0000000 --- a/roles/geerlingguy.java/molecule/default/playbook.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - changed_when: false - - roles: - - role: geerlingguy.java diff --git a/roles/geerlingguy.java/molecule/default/tests/test_default.py b/roles/geerlingguy.java/molecule/default/tests/test_default.py deleted file mode 100644 index eedd64a..0000000 --- a/roles/geerlingguy.java/molecule/default/tests/test_default.py +++ /dev/null @@ -1,14 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_hosts_file(host): - f = host.file('/etc/hosts') - - assert f.exists - assert f.user == 'root' - assert f.group == 'root' diff --git a/roles/geerlingguy.java/molecule/default/yaml-lint.yml b/roles/geerlingguy.java/molecule/default/yaml-lint.yml deleted file mode 100644 index a3dbc38..0000000 --- a/roles/geerlingguy.java/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 120 - level: warning diff --git a/roles/geerlingguy.java/tasks/main.yml b/roles/geerlingguy.java/tasks/main.yml deleted file mode 100644 index b2a6ded..0000000 --- a/roles/geerlingguy.java/tasks/main.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -- name: Include OS-specific variables for Fedora or FreeBSD. - include_vars: "{{ ansible_distribution }}.yml" - when: ansible_distribution == 'FreeBSD' or ansible_distribution == 'Fedora' - -- name: Include version-specific variables for CentOS/RHEL. - include_vars: "RedHat-{{ ansible_distribution_version.split('.')[0] }}.yml" - when: ansible_distribution == 'CentOS' or - ansible_distribution == 'Red Hat Enterprise Linux' or - ansible_distribution == 'RedHat' - -- name: Include version-specific variables for Ubuntu. - include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_version.split('.')[0] }}.yml" - when: ansible_distribution == 'Ubuntu' - -- name: Include version-specific variables for Debian. - include_vars: "{{ ansible_distribution|title }}-{{ ansible_distribution_version.split('.')[0] }}.yml" - when: ansible_os_family == 'Debian' - -- name: Define java_packages. - set_fact: - java_packages: "{{ __java_packages | list }}" - when: java_packages is not defined - -# Setup/install tasks. -- include_tasks: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include_tasks: setup-Debian.yml - when: ansible_os_family == 'Debian' - -- include_tasks: setup-FreeBSD.yml - when: ansible_os_family == 'FreeBSD' - -# Environment setup. -- name: Set JAVA_HOME if configured. - template: - src: java_home.sh.j2 - dest: /etc/profile.d/java_home.sh - mode: 0644 - when: java_home is defined and java_home diff --git a/roles/geerlingguy.java/tasks/setup-Debian.yml b/roles/geerlingguy.java/tasks/setup-Debian.yml deleted file mode 100644 index cecbd45..0000000 --- a/roles/geerlingguy.java/tasks/setup-Debian.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199 and -# https://github.com/geerlingguy/ansible-role-java/issues/64 -- name: Ensure 'man' directory exists. - file: - path: /usr/share/man/man1 - state: directory - recurse: true - when: - - ansible_distribution == 'Ubuntu' - - ansible_distribution_version == '18.04' - -- name: Ensure Java is installed. - apt: - name: "{{ java_packages }}" - state: present diff --git a/roles/geerlingguy.java/tasks/setup-FreeBSD.yml b/roles/geerlingguy.java/tasks/setup-FreeBSD.yml deleted file mode 100644 index ba66872..0000000 --- a/roles/geerlingguy.java/tasks/setup-FreeBSD.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Ensure Java is installed. - pkgng: - name: "{{ java_packages }}" - state: present - -- name: ensure proc is mounted - mount: name=/proc fstype=procfs src=proc opts=rw state=mounted - -- name: ensure fdesc is mounted - mount: name=/dev/fd fstype=fdescfs src=fdesc opts=rw state=mounted diff --git a/roles/geerlingguy.java/tasks/setup-RedHat.yml b/roles/geerlingguy.java/tasks/setup-RedHat.yml deleted file mode 100644 index 1306945..0000000 --- a/roles/geerlingguy.java/tasks/setup-RedHat.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Ensure Java is installed. - package: - name: "{{ java_packages }}" - state: present diff --git a/roles/geerlingguy.java/templates/java_home.sh.j2 b/roles/geerlingguy.java/templates/java_home.sh.j2 deleted file mode 100644 index 4859c4a..0000000 --- a/roles/geerlingguy.java/templates/java_home.sh.j2 +++ /dev/null @@ -1 +0,0 @@ -export JAVA_HOME={{ java_home }} diff --git a/roles/geerlingguy.java/vars/Debian-8.yml b/roles/geerlingguy.java/vars/Debian-8.yml deleted file mode 100644 index 8d620e4..0000000 --- a/roles/geerlingguy.java/vars/Debian-8.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-6-jdk -# - openjdk-7-jdk -__java_packages: - - openjdk-7-jdk diff --git a/roles/geerlingguy.java/vars/Debian-9.yml b/roles/geerlingguy.java/vars/Debian-9.yml deleted file mode 100644 index 17e49bf..0000000 --- a/roles/geerlingguy.java/vars/Debian-9.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-8-jdk -__java_packages: - - openjdk-8-jdk diff --git a/roles/geerlingguy.java/vars/Fedora.yml b/roles/geerlingguy.java/vars/Fedora.yml deleted file mode 100644 index 47c5a01..0000000 --- a/roles/geerlingguy.java/vars/Fedora.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# JDK version options include: -# - java -# - java-1.8.0-openjdk -__java_packages: - - java-1.8.0-openjdk diff --git a/roles/geerlingguy.java/vars/FreeBSD.yml b/roles/geerlingguy.java/vars/FreeBSD.yml deleted file mode 100644 index 0d712eb..0000000 --- a/roles/geerlingguy.java/vars/FreeBSD.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options for FreeBSD include: -# - openjdk -# - openjdk6 -# - openjdk8 -__java_packages: - - openjdk diff --git a/roles/geerlingguy.java/vars/RedHat-6.yml b/roles/geerlingguy.java/vars/RedHat-6.yml deleted file mode 100644 index 70694b7..0000000 --- a/roles/geerlingguy.java/vars/RedHat-6.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - java-1.6.0-openjdk -# - java-1.7.0-openjdk -__java_packages: - - java-1.7.0-openjdk diff --git a/roles/geerlingguy.java/vars/RedHat-7.yml b/roles/geerlingguy.java/vars/RedHat-7.yml deleted file mode 100644 index 64db579..0000000 --- a/roles/geerlingguy.java/vars/RedHat-7.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# JDK version options include: -# - java -# - java-1.6.0-openjdk -# - java-1.7.0-openjdk -# - java-1.8.0-openjdk -__java_packages: - - java-1.8.0-openjdk diff --git a/roles/geerlingguy.java/vars/Ubuntu-12.yml b/roles/geerlingguy.java/vars/Ubuntu-12.yml deleted file mode 100644 index 8d620e4..0000000 --- a/roles/geerlingguy.java/vars/Ubuntu-12.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-6-jdk -# - openjdk-7-jdk -__java_packages: - - openjdk-7-jdk diff --git a/roles/geerlingguy.java/vars/Ubuntu-14.yml b/roles/geerlingguy.java/vars/Ubuntu-14.yml deleted file mode 100644 index 8d620e4..0000000 --- a/roles/geerlingguy.java/vars/Ubuntu-14.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-6-jdk -# - openjdk-7-jdk -__java_packages: - - openjdk-7-jdk diff --git a/roles/geerlingguy.java/vars/Ubuntu-16.yml b/roles/geerlingguy.java/vars/Ubuntu-16.yml deleted file mode 100644 index 0a0bd82..0000000 --- a/roles/geerlingguy.java/vars/Ubuntu-16.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-8-jdk -# - openjdk-9-jdk -__java_packages: - - openjdk-8-jdk diff --git a/roles/geerlingguy.java/vars/Ubuntu-18.yml b/roles/geerlingguy.java/vars/Ubuntu-18.yml deleted file mode 100644 index bd058c2..0000000 --- a/roles/geerlingguy.java/vars/Ubuntu-18.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# JDK version options include: -# - java -# - openjdk-11-jdk -__java_packages: - - openjdk-11-jdk diff --git a/roles/geerlingguy.jenkins/.ansible-lint b/roles/geerlingguy.jenkins/.ansible-lint deleted file mode 100644 index 3f7f42d..0000000 --- a/roles/geerlingguy.jenkins/.ansible-lint +++ /dev/null @@ -1,2 +0,0 @@ -skip_list: - - '602' diff --git a/roles/geerlingguy.jenkins/.gitignore b/roles/geerlingguy.jenkins/.gitignore deleted file mode 100644 index f56f5b5..0000000 --- a/roles/geerlingguy.jenkins/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*.retry -*/__pycache__ -*.pyc diff --git a/roles/geerlingguy.jenkins/.travis.yml b/roles/geerlingguy.jenkins/.travis.yml deleted file mode 100644 index 6bba6d9..0000000 --- a/roles/geerlingguy.jenkins/.travis.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: jenkins - matrix: - # Test defaults. - - MOLECULE_DISTRO: centos7 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: ubuntu1604 - - MOLECULE_DISTRO: debian9 - - # Test other role features. - - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_PLAYBOOK: playbook-http-port.yml - - - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_PLAYBOOK: playbook-prefix.yml - - - MOLECULE_DISTRO: centos7 - MOLECULE_PLAYBOOK: playbook-jenkins-version.yml - - - MOLECULE_DISTRO: ubuntu1804 - MOLECULE_PLAYBOOK: playbook-plugins-with-home.yml - -install: - # Install test dependencies. - - pip install molecule docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geerlingguy.jenkins/LICENSE b/roles/geerlingguy.jenkins/LICENSE deleted file mode 100644 index 4275cf3..0000000 --- a/roles/geerlingguy.jenkins/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Jeff Geerling - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.jenkins/README.md b/roles/geerlingguy.jenkins/README.md deleted file mode 100644 index 320118c..0000000 --- a/roles/geerlingguy.jenkins/README.md +++ /dev/null @@ -1,135 +0,0 @@ -# Ansible Role: Jenkins CI - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-jenkins.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-jenkins) - -Installs Jenkins CI on RHEL/CentOS and Debian/Ubuntu servers. - -## Requirements - -Requires `curl` to be installed on the server. Also, newer versions of Jenkins require Java 8+ (see the test playbooks inside the `tests/` directory for an example of how to use newer versions of Java for your OS). - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - jenkins_package_state: present - -The state of the `jenkins` package install. By default this role installs Jenkins but will not upgrade Jenkins (when using package-based installs). If you want to always update to the latest version, change this to `latest`. - - jenkins_hostname: localhost - -The system hostname; usually `localhost` works fine. This will be used during setup to communicate with the running Jenkins instance via HTTP requests. - - jenkins_home: /var/lib/jenkins - -The Jenkins home directory which, amongst others, is being used for storing artifacts, workspaces and plugins. This variable allows you to override the default `/var/lib/jenkins` location. - - jenkins_http_port: 8080 - -The HTTP port for Jenkins' web interface. - - jenkins_admin_username: admin - jenkins_admin_password: admin - -Default admin account credentials which will be created the first time Jenkins is installed. - - jenkins_admin_password_file: "" - -Default admin password file which will be created the first time Jenkins is installed as /var/lib/jenkins/secrets/initialAdminPassword - - jenkins_jar_location: /opt/jenkins-cli.jar - -The location at which the `jenkins-cli.jar` jarfile will be kept. This is used for communicating with Jenkins via the CLI. - - jenkins_plugins: [] - -Jenkins plugins to be installed automatically during provisioning. - - jenkins_plugins_install_dependencies: true - -Whether Jenkins plugins to be installed should also install any plugin dependencies. - - jenkins_plugins_state: present - -Use `latest` to ensure all plugins are running the most up-to-date version. - - jenkins_plugin_updates_expiration: 86400 - -Number of seconds after which a new copy of the update-center.json file is downloaded. Set it to 0 if no cache file should be used. - - jenkins_updates_url: "https://updates.jenkins.io" - -The URL to use for Jenkins plugin updates and update-center information. - - jenkins_plugin_timeout: 30 - -The server connection timeout, in seconds, when installing Jenkins plugins. - - jenkins_version: "1.644" - jenkins_pkg_url: "http://www.example.com" - -(Optional) Then Jenkins version can be pinned to any version available on `http://pkg.jenkins-ci.org/debian/` (Debian/Ubuntu) or `http://pkg.jenkins-ci.org/redhat/` (RHEL/CentOS). If the Jenkins version you need is not available in the default package URLs, you can override the URL with your own; set `jenkins_pkg_url` (_Note_: the role depends on the same naming convention that `http://pkg.jenkins-ci.org/` uses). - - jenkins_url_prefix: "" - -Used for setting a URL prefix for your Jenkins installation. The option is added as `--prefix={{ jenkins_url_prefix }}` to the Jenkins initialization `java` invocation, so you can access the installation at a path like `http://www.example.com{{ jenkins_url_prefix }}`. Make sure you start the prefix with a `/` (e.g. `/jenkins`). - - jenkins_connection_delay: 5 - jenkins_connection_retries: 60 - -Amount of time and number of times to wait when connecting to Jenkins after initial startup, to verify that Jenkins is running. Total time to wait = `delay` * `retries`, so by default this role will wait up to 300 seconds before timing out. - - # For RedHat/CentOS (role default): - jenkins_repo_url: http://pkg.jenkins-ci.org/redhat/jenkins.repo - jenkins_repo_key_url: http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key - # For Debian (role default): - jenkins_repo_url: deb http://pkg.jenkins-ci.org/debian binary/ - jenkins_repo_key_url: http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key - -This role will install the latest version of Jenkins by default (using the official repositories as listed above). You can override these variables (use the correct set for your platform) to install the current LTS version instead: - - # For RedHat/CentOS LTS: - jenkins_repo_url: http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo - jenkins_repo_key_url: http://pkg.jenkins-ci.org/redhat-stable/jenkins-ci.org.key - # For Debian/Ubuntu LTS: - jenkins_repo_url: deb http://pkg.jenkins-ci.org/debian-stable binary/ - jenkins_repo_key_url: http://pkg.jenkins-ci.org/debian-stable/jenkins-ci.org.key - -It is also possible stop the repo file being added by setting `jenkins_repo_url = ''`. This is useful if, for example, you sign your own packages or run internal package management (e.g. Spacewalk). - - jenkins_java_options: "-Djenkins.install.runSetupWizard=false" - -Extra Java options for the Jenkins launch command configured in the init file can be set with the var `jenkins_java_options`. For example, if you want to configure the timezone Jenkins uses, add `-Dorg.apache.commons.jelly.tags.fmt.timeZone=America/New_York`. By default, the option to disable the Jenkins 2.0 setup wizard is added. - - jenkins_init_changes: - - option: "JENKINS_ARGS" - value: "--prefix={{ jenkins_url_prefix }}" - - option: "JENKINS_JAVA_OPTIONS" - value: "{{ jenkins_java_options }}" - -Changes made to the Jenkins init script; the default set of changes set the configured URL prefix and add in configured Java options for Jenkins' startup. You can add other option/value pairs if you need to set other options for the Jenkins init file. - -## Dependencies - - - geerlingguy.java - -## Example Playbook - -```yaml -- hosts: jenkins - vars: - jenkins_hostname: jenkins.example.com - roles: - - role: geerlingguy.java - become: yes - - role: geerlingguy.jenkins - become: yes -``` - -## License - -MIT (Expat) / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.jenkins/defaults/main.yml b/roles/geerlingguy.jenkins/defaults/main.yml deleted file mode 100644 index b159e71..0000000 --- a/roles/geerlingguy.jenkins/defaults/main.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -# Optional method of pinning a specific version of Jenkins and/or overriding the -# default Jenkins packaging URL. -# jenkins_version: "1.644" -# jenkins_pkg_url: "https://www.example.com" - -# Change this to `latest` to update Jenkins if a newer version is available. -jenkins_package_state: present - -jenkins_connection_delay: 5 -jenkins_connection_retries: 60 -jenkins_home: /var/lib/jenkins -jenkins_hostname: localhost -jenkins_http_port: 8080 -jenkins_jar_location: /opt/jenkins-cli.jar -jenkins_url_prefix: "" -jenkins_java_options: "-Djenkins.install.runSetupWizard=false" - -jenkins_plugins: [] -jenkins_plugins_state: present -jenkins_plugin_updates_expiration: 86400 -jenkins_plugin_timeout: 30 -jenkins_plugins_install_dependencies: true -jenkins_updates_url: "https://updates.jenkins.io" - -jenkins_admin_username: admin -jenkins_admin_password: admin -jenkins_admin_password_file: "" - -jenkins_process_user: jenkins -jenkins_process_group: "{{ jenkins_process_user }}" - -jenkins_init_changes: - - option: "JENKINS_ARGS" - value: "--prefix={{ jenkins_url_prefix }}" - - option: "{{ jenkins_java_options_env_var }}" - value: "{{ jenkins_java_options }}" diff --git a/roles/geerlingguy.jenkins/handlers/main.yml b/roles/geerlingguy.jenkins/handlers/main.yml deleted file mode 100644 index 005440b..0000000 --- a/roles/geerlingguy.jenkins/handlers/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: restart jenkins - service: name=jenkins state=restarted - -- name: configure default users - template: - src: basic-security.groovy.j2 - dest: "{{ jenkins_home }}/init.groovy.d/basic-security.groovy" - owner: "{{ jenkins_process_user }}" - group: "{{ jenkins_process_group }}" - mode: 0775 - register: jenkins_users_config diff --git a/roles/geerlingguy.jenkins/meta/.galaxy_install_info b/roles/geerlingguy.jenkins/meta/.galaxy_install_info deleted file mode 100644 index 3b50624..0000000 --- a/roles/geerlingguy.jenkins/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Mon Apr 29 14:19:40 2019 -version: 3.7.0 diff --git a/roles/geerlingguy.jenkins/meta/main.yml b/roles/geerlingguy.jenkins/meta/main.yml deleted file mode 100644 index 54ab892..0000000 --- a/roles/geerlingguy.jenkins/meta/main.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependencies: - - geerlingguy.java - -galaxy_info: - author: geerlingguy - description: Jenkins CI - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.4 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Fedora - versions: - - all - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - galaxy_tags: - - development - - packaging - - jenkins - - ci diff --git a/roles/geerlingguy.jenkins/molecule/default/java-8.yml b/roles/geerlingguy.jenkins/molecule/default/java-8.yml deleted file mode 100644 index cadaf39..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/java-8.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -# Ubuntu. -- name: Add repository for OpenJDK 8 (Ubuntu 14). - apt_repository: repo='ppa:openjdk-r/ppa' - when: - - ansible_distribution == "Ubuntu" - - ansible_distribution_version == "14.04" - -# Debian. -- name: Enable Backports repository (Debian 8). - apt_repository: - repo: 'deb http://ftp.debian.org/debian {{ ansible_distribution_release }}-backports main' - state: present - filename: "{{ ansible_distribution_release }}_backports" - when: ansible_distribution == "Debian" - -- name: Update apt cache. - apt: update_cache=yes cache_valid_time=600 - when: ansible_os_family == 'Debian' - changed_when: false - -# See: http://unix.stackexchange.com/a/342469 -- name: Install dependencies. - apt: - default_release: "{{ ansible_distribution_release }}-backports" - name: - - openjdk-8-jre-headless - - ca-certificates-java - state: present - when: ansible_distribution == "Debian" - -# Red Hat. -- name: Set the java_packages variable (RedHat). - set_fact: - java_packages: - - java-1.8.0-openjdk - when: ansible_os_family == 'RedHat' - -# Ubuntu. -- name: Set the java_packages variable (Ubuntu). - set_fact: - java_packages: - - openjdk-8-jdk - when: ansible_distribution == 'Ubuntu' - -# Debian. -- name: Set the java_packages variable (Debian). - set_fact: - java_packages: - - openjdk-8-jdk - when: ansible_distribution == 'Debian' diff --git a/roles/geerlingguy.jenkins/molecule/default/molecule.yml b/roles/geerlingguy.jenkins/molecule/default/molecule.yml deleted file mode 100644 index 2ca6fea..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/molecule.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml -platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true -provisioner: - name: ansible - lint: - name: ansible-lint - playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} -scenario: - name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/roles/geerlingguy.jenkins/molecule/default/playbook-http-port.yml b/roles/geerlingguy.jenkins/molecule/default/playbook-http-port.yml deleted file mode 100644 index 1f4bba2..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/playbook-http-port.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - jenkins_http_port: 8081 - - pre_tasks: - - include_tasks: java-8.yml - - roles: - - geerlingguy.java - - geerlingguy.jenkins - - post_tasks: - - name: Ensure Jenkins is running on the specified port. - uri: - url: "http://127.0.0.1:{{ jenkins_http_port }}" - status_code: 200 - register: result - until: result.status == 200 - retries: 60 - delay: 1 diff --git a/roles/geerlingguy.jenkins/molecule/default/playbook-jenkins-version.yml b/roles/geerlingguy.jenkins/molecule/default/playbook-jenkins-version.yml deleted file mode 100644 index 8f36796..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/playbook-jenkins-version.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - jenkins_version: "1.644" - - roles: - - geerlingguy.java - - geerlingguy.jenkins - - post_tasks: - - name: Check installed version of Jenkins. - command: rpm -q jenkins - args: - warn: false - changed_when: false - register: jenkins_rpm_version - tags: ['skip_ansible_lint'] - - - name: Print installed Jenkins package information. - debug: var=jenkins_rpm_version - - - name: Fail if version doesn't match what we wanted. - fail: - when: "jenkins_version not in jenkins_rpm_version.stdout" diff --git a/roles/geerlingguy.jenkins/molecule/default/playbook-plugins-with-home.yml b/roles/geerlingguy.jenkins/molecule/default/playbook-plugins-with-home.yml deleted file mode 100644 index 92a699d..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/playbook-plugins-with-home.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - jenkins_plugins: - - ghprb - - greenballs - jenkins_home: /tmp/jenkins - jenkins_plugin_timeout: 120 - - pre_tasks: - - include_tasks: java-8.yml - - roles: - - geerlingguy.java - - geerlingguy.jenkins - - post_tasks: - - name: Verify JENKINS_HOME is correct. - stat: - path: "{{ jenkins_home }}/config.xml" - register: jenkins_home_config - - - name: Fail if Jenkins config file doesn't exist. - fail: - when: not jenkins_home_config.stat.exists - - - name: List plugins directory contents. - command: "ls {{ jenkins_home }}/plugins" - register: plugins_contents - changed_when: false - tags: ['skip_ansible_lint'] - - - name: Verify greenballs plugin exists. - stat: - path: "{{ jenkins_home }}/plugins/greenballs.jpi" - register: greenballs_plugin - - - name: Fail if greenballs plugin file doesn't exist. - fail: - when: not greenballs_plugin.stat.exists - - - name: Ensure Jenkins is running. - uri: - url: "http://127.0.0.1:8080/" - status_code: 200 - register: result - until: result.status == 200 - retries: 60 - delay: 1 diff --git a/roles/geerlingguy.jenkins/molecule/default/playbook-prefix.yml b/roles/geerlingguy.jenkins/molecule/default/playbook-prefix.yml deleted file mode 100644 index 23d12fc..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/playbook-prefix.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - jenkins_url_prefix: /jenkins - - pre_tasks: - - include_tasks: java-8.yml - - roles: - - geerlingguy.java - - geerlingguy.jenkins - - post_tasks: - - name: Ensure Jenkins is running with the specified prefix. - uri: - url: "http://127.0.0.1:8080{{ jenkins_url_prefix }}" - status_code: 200 - register: result - until: result.status == 200 - retries: 60 - delay: 1 diff --git a/roles/geerlingguy.jenkins/molecule/default/playbook.yml b/roles/geerlingguy.jenkins/molecule/default/playbook.yml deleted file mode 100644 index 15532b5..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/playbook.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - pre_tasks: - - include_tasks: java-8.yml - - roles: - - role: geerlingguy.java - - role: geerlingguy.jenkins - - post_tasks: - - name: Check if Jenkins is running. - uri: - url: "http://127.0.0.1:8080/" diff --git a/roles/geerlingguy.jenkins/molecule/default/requirements.yml b/roles/geerlingguy.jenkins/molecule/default/requirements.yml deleted file mode 100644 index 8fbe7cb..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/requirements.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- src: geerlingguy.java diff --git a/roles/geerlingguy.jenkins/molecule/default/yaml-lint.yml b/roles/geerlingguy.jenkins/molecule/default/yaml-lint.yml deleted file mode 100644 index c9aab08..0000000 --- a/roles/geerlingguy.jenkins/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 150 - level: warning diff --git a/roles/geerlingguy.jenkins/tasks/main.yml b/roles/geerlingguy.jenkins/tasks/main.yml deleted file mode 100644 index c302929..0000000 --- a/roles/geerlingguy.jenkins/tasks/main.yml +++ /dev/null @@ -1,66 +0,0 @@ ---- -# Variable setup. -- name: Include OS-Specific variables - include_vars: "{{ ansible_os_family }}.yml" - -- name: Define jenkins_repo_url - set_fact: - jenkins_repo_url: "{{ __jenkins_repo_url }}" - when: jenkins_repo_url is not defined - -- name: Define jenkins_repo_key_url - set_fact: - jenkins_repo_key_url: "{{ __jenkins_repo_key_url }}" - when: jenkins_repo_key_url is not defined - -- name: Define jenkins_pkg_url - set_fact: - jenkins_pkg_url: "{{ __jenkins_pkg_url }}" - when: jenkins_pkg_url is not defined - -# Setup/install tasks. -- include_tasks: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include_tasks: setup-Debian.yml - when: ansible_os_family == 'Debian' - -# Configure Jenkins init settings. -- include_tasks: settings.yml - -# Make sure Jenkins starts, then configure Jenkins. -- name: Ensure Jenkins is started and runs on startup. - service: name=jenkins state=started enabled=yes - -- name: Wait for Jenkins to start up before proceeding. - command: > - curl -D - --silent --max-time 5 http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{ jenkins_url_prefix }}/cli/ - args: - warn: false - register: result - until: > - (result.stdout.find("403 Forbidden") != -1) - or (result.stdout.find("200 OK") != -1) - and (result.stdout.find("Please wait while") == -1) - retries: "{{ jenkins_connection_retries }}" - delay: "{{ jenkins_connection_delay }}" - changed_when: false - check_mode: false - -- name: Get the jenkins-cli jarfile from the Jenkins server. - get_url: - url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{ jenkins_url_prefix }}/jnlpJars/jenkins-cli.jar" - dest: "{{ jenkins_jar_location }}" - register: jarfile_get - until: "'OK' in jarfile_get.msg or '304' in jarfile_get.msg or 'file already exists' in jarfile_get.msg" - retries: 5 - delay: 10 - check_mode: false - -- name: Remove Jenkins security init scripts after first startup. - file: - path: "{{ jenkins_home }}/init.groovy.d/basic-security.groovy" - state: absent - -# Update Jenkins and install configured plugins. -- include_tasks: plugins.yml diff --git a/roles/geerlingguy.jenkins/tasks/plugins.yml b/roles/geerlingguy.jenkins/tasks/plugins.yml deleted file mode 100644 index 1807590..0000000 --- a/roles/geerlingguy.jenkins/tasks/plugins.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- -# jenkins_plugin module doesn't support password files. -- name: Get Jenkins admin password from file. - slurp: - src: "{{ jenkins_admin_password_file }}" - register: adminpasswordfile - no_log: true - when: jenkins_admin_password_file != "" - tags: ['skip_ansible_lint'] - -- name: Set Jenkins admin password fact. - set_fact: - jenkins_admin_password: "{{ adminpasswordfile['stdout'] | default(jenkins_admin_password) }}" - no_log: true - -# Update Jenkins so that plugin updates don't fail. -- name: Create Jenkins updates directory. - file: - path: "{{ jenkins_home }}/updates" - state: directory - owner: jenkins - group: jenkins - -- name: Download current plugin updates from Jenkins update site. - get_url: - url: "{{ jenkins_updates_url }}/update-center.json" - dest: "{{ jenkins_home }}/updates/default.json" - owner: jenkins - group: jenkins - mode: 0440 - changed_when: false - register: get_result - until: get_result is success - retries: 3 - delay: 2 - -- name: Remove first and last line from json file. - replace: - path: "{{ jenkins_home }}/updates/default.json" - regexp: "1d;$d" - -- name: Install Jenkins plugins using password. - jenkins_plugin: - name: "{{ item }}" - jenkins_home: "{{ jenkins_home }}" - url_username: "{{ jenkins_admin_username }}" - url_password: "{{ jenkins_admin_password }}" - state: "{{ jenkins_plugins_state }}" - timeout: "{{ jenkins_plugin_timeout }}" - updates_expiration: "{{ jenkins_plugin_updates_expiration }}" - updates_url: "{{ jenkins_updates_url }}" - url: "http://{{ jenkins_hostname }}:{{ jenkins_http_port }}{{ jenkins_url_prefix }}" - with_dependencies: "{{ jenkins_plugins_install_dependencies }}" - with_items: "{{ jenkins_plugins }}" - when: jenkins_admin_password != "" - notify: restart jenkins - tags: ['skip_ansible_lint'] - register: plugin_result - until: plugin_result is success - retries: 3 - delay: 2 diff --git a/roles/geerlingguy.jenkins/tasks/settings.yml b/roles/geerlingguy.jenkins/tasks/settings.yml deleted file mode 100644 index 6d11c43..0000000 --- a/roles/geerlingguy.jenkins/tasks/settings.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- -- name: Check if jenkins_init_file exists. - stat: - path: "{{ jenkins_init_file }}" - register: jenkins_init_file_stat - -- name: Ensure jenkins_init_file exists. - file: - path: "{{ jenkins_init_file }}" - state: touch - when: not jenkins_init_file_stat.stat.exists - -- name: Modify variables in init file. - lineinfile: - dest: "{{ jenkins_init_file }}" - insertafter: '^{{ item.option }}=' - regexp: '^{{ item.option }}=\"\${{ item.option }} ' - line: '{{ item.option }}="${{ item.option }} {{ item.value }}"' - state: present - with_items: "{{ jenkins_init_changes }}" - register: jenkins_init_prefix - -- name: Set the Jenkins home directory. - lineinfile: - dest: "{{ jenkins_init_file }}" - regexp: '^JENKINS_HOME=.*' - line: 'JENKINS_HOME={{ jenkins_home }}' - register: jenkins_home_config - -- name: Immediately restart Jenkins on init config changes. - service: name=jenkins state=restarted - when: jenkins_init_prefix.changed - tags: ['skip_ansible_lint'] - -- name: Set HTTP port in Jenkins config. - lineinfile: - backrefs: true - dest: "{{ jenkins_init_file }}" - regexp: '^{{ jenkins_http_port_param }}=' - line: '{{ jenkins_http_port_param }}={{ jenkins_http_port }}' - register: jenkins_http_config - -- name: Ensure jenkins_home {{ jenkins_home }} exists - file: - path: "{{ jenkins_home }}" - state: directory - owner: jenkins - group: jenkins - mode: u+rwx - follow: true - -- name: Create custom init scripts directory. - file: - path: "{{ jenkins_home }}/init.groovy.d" - state: directory - owner: "{{ jenkins_process_user }}" - group: "{{ jenkins_process_group }}" - mode: 0775 - -- name: Trigger handlers immediately in case Jenkins was installed - meta: flush_handlers - -- name: Immediately restart Jenkins on http or user changes. - service: name=jenkins state=restarted - when: > - (jenkins_users_config is defined and jenkins_users_config.changed) - or (jenkins_http_config is defined and jenkins_http_config.changed) - or (jenkins_home_config is defined and jenkins_home_config.changed) - tags: ['skip_ansible_lint'] diff --git a/roles/geerlingguy.jenkins/tasks/setup-Debian.yml b/roles/geerlingguy.jenkins/tasks/setup-Debian.yml deleted file mode 100644 index 7f81a14..0000000 --- a/roles/geerlingguy.jenkins/tasks/setup-Debian.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -- name: Ensure dependencies are installed. - apt: - name: - - curl - - apt-transport-https - state: present - -- name: Add Jenkins apt repository key. - apt_key: - url: "{{ jenkins_repo_key_url }}" - state: present - -- name: Add Jenkins apt repository. - apt_repository: - repo: "{{ jenkins_repo_url }}" - state: present - update_cache: true - when: jenkins_repo_url != "" - tags: ['skip_ansible_lint'] - -- name: Download specific Jenkins version. - get_url: - url: "{{ jenkins_pkg_url }}/jenkins_{{ jenkins_version }}_all.deb" - dest: "/tmp/jenkins_{{ jenkins_version }}_all.deb" - when: jenkins_version is defined - -- name: Check if we downloaded a specific version of Jenkins. - stat: - path: "/tmp/jenkins_{{ jenkins_version }}_all.deb" - register: specific_version - when: jenkins_version is defined - -- name: Install our specific version of Jenkins. - apt: - deb: "/tmp/jenkins_{{ jenkins_version }}_all.deb" - state: present - when: jenkins_version is defined and specific_version.stat.exists - notify: configure default users - -- name: Ensure Jenkins is installed. - apt: - name: jenkins - state: "{{ jenkins_package_state }}" - notify: configure default users diff --git a/roles/geerlingguy.jenkins/tasks/setup-RedHat.yml b/roles/geerlingguy.jenkins/tasks/setup-RedHat.yml deleted file mode 100644 index e5ee979..0000000 --- a/roles/geerlingguy.jenkins/tasks/setup-RedHat.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -- name: Ensure dependencies are installed. - package: - name: - - curl - - libselinux-python - - initscripts - state: present - -- name: Ensure Jenkins repo is installed. - get_url: - url: "{{ jenkins_repo_url }}" - dest: /etc/yum.repos.d/jenkins.repo - when: jenkins_repo_url != "" - tags: ['skip_ansible_lint'] - -- name: Add Jenkins repo GPG key. - rpm_key: - state: present - key: "{{ jenkins_repo_key_url }}" - -- name: Download specific Jenkins version. - get_url: - url: "{{ jenkins_pkg_url }}/jenkins-{{ jenkins_version }}-1.1.noarch.rpm" - dest: "/tmp/jenkins-{{ jenkins_version }}-1.1.noarch.rpm" - when: jenkins_version is defined - -- name: Check if we downloaded a specific version of Jenkins. - stat: - path: "/tmp/jenkins-{{ jenkins_version }}-1.1.noarch.rpm" - register: specific_version - when: jenkins_version is defined - -- name: Install our specific version of Jenkins. - package: - name: "/tmp/jenkins-{{ jenkins_version }}-1.1.noarch.rpm" - state: present - when: jenkins_version is defined and specific_version.stat.exists - notify: configure default users - -- name: Ensure Jenkins is installed. - package: - name: jenkins - state: "{{ jenkins_package_state }}" - notify: configure default users diff --git a/roles/geerlingguy.jenkins/templates/basic-security.groovy.j2 b/roles/geerlingguy.jenkins/templates/basic-security.groovy.j2 deleted file mode 100644 index c1d0758..0000000 --- a/roles/geerlingguy.jenkins/templates/basic-security.groovy.j2 +++ /dev/null @@ -1,28 +0,0 @@ -#!groovy -import hudson.security.* -import jenkins.model.* - -def instance = Jenkins.getInstance() -def hudsonRealm = new HudsonPrivateSecurityRealm(false) -def users = hudsonRealm.getAllUsers() -users_s = users.collect { it.toString() } - -// Create the admin user account if it doesn't already exist. -if ("{{ jenkins_admin_username }}" in users_s) { - println "Admin user already exists - updating password" - - def user = hudson.model.User.get('{{ jenkins_admin_username }}'); - def password = hudson.security.HudsonPrivateSecurityRealm.Details.fromPlainPassword('{{ jenkins_admin_password }}') - user.addProperty(password) - user.save() -} -else { - println "--> creating local admin user" - - hudsonRealm.createAccount('{{ jenkins_admin_username }}', '{{ jenkins_admin_password }}') - instance.setSecurityRealm(hudsonRealm) - - def strategy = new FullControlOnceLoggedInAuthorizationStrategy() - instance.setAuthorizationStrategy(strategy) - instance.save() -} diff --git a/roles/geerlingguy.jenkins/vars/Debian.yml b/roles/geerlingguy.jenkins/vars/Debian.yml deleted file mode 100644 index 526c9bf..0000000 --- a/roles/geerlingguy.jenkins/vars/Debian.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -__jenkins_repo_url: deb https://pkg.jenkins.io/debian binary/ -__jenkins_repo_key_url: https://pkg.jenkins.io/debian/jenkins.io.key -__jenkins_pkg_url: https://pkg.jenkins.io/debian/binary -jenkins_init_file: /etc/default/jenkins -jenkins_http_port_param: HTTP_PORT -jenkins_java_options_env_var: JAVA_ARGS diff --git a/roles/geerlingguy.jenkins/vars/RedHat.yml b/roles/geerlingguy.jenkins/vars/RedHat.yml deleted file mode 100644 index 82d8845..0000000 --- a/roles/geerlingguy.jenkins/vars/RedHat.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -__jenkins_repo_url: https://pkg.jenkins.io/redhat/jenkins.repo -__jenkins_repo_key_url: https://pkg.jenkins.io/redhat/jenkins.io.key -__jenkins_pkg_url: https://pkg.jenkins.io/redhat -jenkins_init_file: /etc/sysconfig/jenkins -jenkins_http_port_param: JENKINS_PORT -jenkins_java_options_env_var: JENKINS_JAVA_OPTIONS diff --git a/roles/geerlingguy.nodejs/.ansible-lint b/roles/geerlingguy.nodejs/.ansible-lint deleted file mode 100644 index 0af17d0..0000000 --- a/roles/geerlingguy.nodejs/.ansible-lint +++ /dev/null @@ -1,3 +0,0 @@ -skip_list: - - '405' - - '204' diff --git a/roles/geerlingguy.nodejs/.gitignore b/roles/geerlingguy.nodejs/.gitignore deleted file mode 100644 index f56f5b5..0000000 --- a/roles/geerlingguy.nodejs/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*.retry -*/__pycache__ -*.pyc diff --git a/roles/geerlingguy.nodejs/.travis.yml b/roles/geerlingguy.nodejs/.travis.yml deleted file mode 100644 index 05cf095..0000000 --- a/roles/geerlingguy.nodejs/.travis.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: nodejs - matrix: - - MOLECULE_DISTRO: centos7 - - MOLECULE_DISTRO: centos6 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: ubuntu1604 - - MOLECULE_DISTRO: debian9 - - MOLECULE_DISTRO: debian8 - - - MOLECULE_DISTRO: centos7 - MOLECULE_PLAYBOOK: playbook-latest.yml - -install: - # Install test dependencies. - - pip install molecule docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geerlingguy.nodejs/LICENSE b/roles/geerlingguy.nodejs/LICENSE deleted file mode 100644 index 4275cf3..0000000 --- a/roles/geerlingguy.nodejs/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Jeff Geerling - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.nodejs/README.md b/roles/geerlingguy.nodejs/README.md deleted file mode 100644 index 87f9c96..0000000 --- a/roles/geerlingguy.nodejs/README.md +++ /dev/null @@ -1,73 +0,0 @@ -# Ansible Role: Node.js - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-nodejs.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-nodejs) - -Installs Node.js on RHEL/CentOS or Debian/Ubuntu. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - nodejs_version: "10.x" - -The Node.js version to install. "10.x" is the default and works on most supported OSes. Other versions such as "0.12", "4.x", "5.x", "6.x", "8.x", "10.x" etc. should work on the latest versions of Debian/Ubuntu and RHEL/CentOS. - - nodejs_install_npm_user: "{{ ansible_ssh_user }}" - -The user for whom the npm packages will be installed can be set here, this defaults to `ansible_user`. - - npm_config_prefix: "/usr/local/lib/npm" - -The global installation directory. This should be writeable by the `nodejs_install_npm_user`. - - npm_config_unsafe_perm: "false" - -Set to true to suppress the UID/GID switching when running package scripts. If set explicitly to false, then installing as a non-root user will fail. - - nodejs_npm_global_packages: [] - -A list of npm packages with a `name` and (optional) `version` to be installed globally. For example: - - nodejs_npm_global_packages: - # Install a specific version of a package. - - name: jslint - version: 0.9.3 - # Install the latest stable release of a package. - - name: node-sass - # This shorthand syntax also works (same as previous example). - - node-sass - - - nodejs_package_json_path: "" - -Set a path pointing to a particular `package.json` (e.g. `"/var/www/app/package.json"`). This will install all of the defined packages globally using Ansible's `npm` module. - -## Dependencies - -None. - -## Example Playbook - - - hosts: utility - vars_files: - - vars/main.yml - roles: - - geerlingguy.nodejs - -*Inside `vars/main.yml`*: - - nodejs_npm_global_packages: - - name: jslint - - name: node-sass - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.nodejs/defaults/main.yml b/roles/geerlingguy.nodejs/defaults/main.yml deleted file mode 100644 index 7b76032..0000000 --- a/roles/geerlingguy.nodejs/defaults/main.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# Set the version of Node.js to install ("6.x", "8.x", "10.x", "11.x", etc.). -# Version numbers from Nodesource: https://github.com/nodesource/distributions -nodejs_version: "10.x" - -# The user for whom the npm packages will be installed. -# nodejs_install_npm_user: username - -# The directory for global installations. -npm_config_prefix: "/usr/local/lib/npm" - -# Set to true to suppress the UID/GID switching when running package scripts. If -# set explicitly to false, then installing as a non-root user will fail. -npm_config_unsafe_perm: "false" - -# Define a list of global packages to be installed with NPM. -nodejs_npm_global_packages: [] -# # Install a specific version of a package. -# - name: jslint -# version: 0.9.3 -# # Install the latest stable release of a package. -# - name: node-sass -# # This shorthand syntax also works (same as previous example). -# - node-sass - -# The path of a package.json file used to install packages globally. -nodejs_package_json_path: "" diff --git a/roles/geerlingguy.nodejs/meta/.galaxy_install_info b/roles/geerlingguy.nodejs/meta/.galaxy_install_info deleted file mode 100644 index 5bbc52f..0000000 --- a/roles/geerlingguy.nodejs/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Sun Oct 20 01:52:29 2019 -version: 5.0.0 diff --git a/roles/geerlingguy.nodejs/meta/main.yml b/roles/geerlingguy.nodejs/meta/main.yml deleted file mode 100644 index 24dc3ee..0000000 --- a/roles/geerlingguy.nodejs/meta/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Node.js installation for Linux - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.4 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - trusty - - xenial - - bionic - galaxy_tags: - - development - - web - - javascript - - js - - node - - npm - - nodejs diff --git a/roles/geerlingguy.nodejs/molecule/default/molecule.yml b/roles/geerlingguy.nodejs/molecule/default/molecule.yml deleted file mode 100644 index 2ca6fea..0000000 --- a/roles/geerlingguy.nodejs/molecule/default/molecule.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml -platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true -provisioner: - name: ansible - lint: - name: ansible-lint - playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} -scenario: - name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/roles/geerlingguy.nodejs/molecule/default/playbook-latest.yml b/roles/geerlingguy.nodejs/molecule/default/playbook-latest.yml deleted file mode 100644 index 7fca428..0000000 --- a/roles/geerlingguy.nodejs/molecule/default/playbook-latest.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - nodejs_version: "11.x" - nodejs_install_npm_user: root - npm_config_prefix: /root/.npm-global - npm_config_unsafe_perm: "true" - nodejs_npm_global_packages: - - node-sass - - name: jslint - version: 0.12.0 - - name: yo - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - - roles: - - role: geerlingguy.nodejs diff --git a/roles/geerlingguy.nodejs/molecule/default/playbook.yml b/roles/geerlingguy.nodejs/molecule/default/playbook.yml deleted file mode 100644 index d1d5863..0000000 --- a/roles/geerlingguy.nodejs/molecule/default/playbook.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - nodejs_install_npm_user: root - npm_config_prefix: /root/.npm-global - npm_config_unsafe_perm: "true" - nodejs_npm_global_packages: - - node-sass - - name: jslint - version: 0.12.0 - - name: yo - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - - roles: - - role: geerlingguy.nodejs diff --git a/roles/geerlingguy.nodejs/molecule/default/tests/test_default.py b/roles/geerlingguy.nodejs/molecule/default/tests/test_default.py deleted file mode 100644 index eedd64a..0000000 --- a/roles/geerlingguy.nodejs/molecule/default/tests/test_default.py +++ /dev/null @@ -1,14 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_hosts_file(host): - f = host.file('/etc/hosts') - - assert f.exists - assert f.user == 'root' - assert f.group == 'root' diff --git a/roles/geerlingguy.nodejs/molecule/default/yaml-lint.yml b/roles/geerlingguy.nodejs/molecule/default/yaml-lint.yml deleted file mode 100644 index 76d1459..0000000 --- a/roles/geerlingguy.nodejs/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 220 - level: warning diff --git a/roles/geerlingguy.nodejs/tasks/main.yml b/roles/geerlingguy.nodejs/tasks/main.yml deleted file mode 100644 index 5622c35..0000000 --- a/roles/geerlingguy.nodejs/tasks/main.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -- import_tasks: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- import_tasks: setup-Debian.yml - when: ansible_os_family == 'Debian' - -- name: Define nodejs_install_npm_user - set_fact: - nodejs_install_npm_user: "{{ ansible_user | default(lookup('env', 'USER')) }}" - when: nodejs_install_npm_user is not defined - -- name: Create npm global directory - file: - path: "{{ npm_config_prefix }}" - owner: "{{ nodejs_install_npm_user }}" - group: "{{ nodejs_install_npm_user }}" - state: directory - -- name: Add npm_config_prefix bin directory to global $PATH. - template: - src: npm.sh.j2 - dest: /etc/profile.d/npm.sh - mode: 0644 - -- name: Ensure npm global packages are installed. - npm: - name: "{{ item.name | default(item) }}" - version: "{{ item.version | default('latest') }}" - global: true - state: latest - environment: - NPM_CONFIG_PREFIX: "{{ npm_config_prefix }}" - NODE_PATH: "{{ npm_config_prefix }}/lib/node_modules" - NPM_CONFIG_UNSAFE_PERM: "{{ npm_config_unsafe_perm }}" - with_items: "{{ nodejs_npm_global_packages }}" - tags: ['skip_ansible_lint'] - -- name: Install packages defined in a given package.json. - npm: - path: "{{ nodejs_package_json_path }}" - when: nodejs_package_json_path is defined and nodejs_package_json_path diff --git a/roles/geerlingguy.nodejs/tasks/setup-Debian.yml b/roles/geerlingguy.nodejs/tasks/setup-Debian.yml deleted file mode 100644 index c939617..0000000 --- a/roles/geerlingguy.nodejs/tasks/setup-Debian.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Ensure apt-transport-https is installed. - apt: name=apt-transport-https state=present - -- name: Add Nodesource apt key. - apt_key: - url: https://keyserver.ubuntu.com/pks/lookup?op=get&fingerprint=on&search=0x1655A0AB68576280 - id: "68576280" - state: present - -- name: Add NodeSource repositories for Node.js. - apt_repository: - repo: "{{ item }}" - state: present - with_items: - - "deb https://deb.nodesource.com/node_{{ nodejs_version }} {{ ansible_distribution_release }} main" - - "deb-src https://deb.nodesource.com/node_{{ nodejs_version }} {{ ansible_distribution_release }} main" - register: node_repo - -- name: Update apt cache if repo was added. - apt: update_cache=yes - when: node_repo.changed - -- name: Ensure Node.js and npm are installed. - apt: "name=nodejs={{ nodejs_version|regex_replace('x', '') }}* state=present" diff --git a/roles/geerlingguy.nodejs/tasks/setup-RedHat.yml b/roles/geerlingguy.nodejs/tasks/setup-RedHat.yml deleted file mode 100644 index f2b9ee7..0000000 --- a/roles/geerlingguy.nodejs/tasks/setup-RedHat.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: Set up the Nodesource RPM directory for Node.js > 0.10. - set_fact: - nodejs_rhel_rpm_dir: "pub_{{ nodejs_version }}" - when: nodejs_version != '0.10' - -- name: Set up the Nodesource RPM variable for Node.js == 0.10. - set_fact: - nodejs_rhel_rpm_dir: "pub" - when: nodejs_version == '0.10' - -- name: Import Nodesource RPM key (CentOS < 7). - rpm_key: - key: http://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL - state: present - when: ansible_distribution_major_version|int < 7 - -- name: Import Nodesource RPM key (CentOS 7+).. - rpm_key: - key: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL - state: present - when: ansible_distribution_major_version|int >= 7 - -- name: Add Nodesource repositories for Node.js (CentOS < 7). - yum: - name: "http://rpm.nodesource.com/{{ nodejs_rhel_rpm_dir }}/el/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}/nodesource-release-el{{ ansible_distribution_major_version }}-1.noarch.rpm" - state: present - when: ansible_distribution_major_version|int < 7 - -- name: Add Nodesource repositories for Node.js (CentOS 7+). - yum: - name: "https://rpm.nodesource.com/{{ nodejs_rhel_rpm_dir }}/el/{{ ansible_distribution_major_version }}/{{ ansible_architecture }}/nodesource-release-el{{ ansible_distribution_major_version }}-1.noarch.rpm" - state: present - when: ansible_distribution_major_version|int >= 7 - -- name: Ensure Node.js and npm are installed. - yum: "name=nodejs-{{ nodejs_version|regex_replace('x', '') }}* state=present enablerepo='nodesource'" diff --git a/roles/geerlingguy.nodejs/templates/npm.sh.j2 b/roles/geerlingguy.nodejs/templates/npm.sh.j2 deleted file mode 100644 index 67caa78..0000000 --- a/roles/geerlingguy.nodejs/templates/npm.sh.j2 +++ /dev/null @@ -1,3 +0,0 @@ -export PATH={{ npm_config_prefix }}/bin:$PATH -export NPM_CONFIG_PREFIX={{ npm_config_prefix }} -export NODE_PATH=$NODE_PATH:{{ npm_config_prefix }}/lib/node_modules diff --git a/roles/geerlingguy.pip/.gitignore b/roles/geerlingguy.pip/.gitignore deleted file mode 100644 index f56f5b5..0000000 --- a/roles/geerlingguy.pip/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*.retry -*/__pycache__ -*.pyc diff --git a/roles/geerlingguy.pip/.travis.yml b/roles/geerlingguy.pip/.travis.yml deleted file mode 100644 index 906b30d..0000000 --- a/roles/geerlingguy.pip/.travis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: pip - matrix: - - MOLECULE_DISTRO: centos7 - - MOLECULE_DISTRO: fedora29 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: debian9 - -install: - # Install test dependencies. - - pip install molecule docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geerlingguy.pip/LICENSE b/roles/geerlingguy.pip/LICENSE deleted file mode 100644 index 4275cf3..0000000 --- a/roles/geerlingguy.pip/LICENSE +++ /dev/null @@ -1,20 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2017 Jeff Geerling - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.pip/README.md b/roles/geerlingguy.pip/README.md deleted file mode 100644 index ec9beb9..0000000 --- a/roles/geerlingguy.pip/README.md +++ /dev/null @@ -1,76 +0,0 @@ -# Ansible Role: Pip (for Python) - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-pip.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-pip) - -An Ansible Role that installs [Pip](https://pip.pypa.io) on Linux. - -## Requirements - -On RedHat/CentOS, you may need to have EPEL installed before running this role. You can use the `geerlingguy.repo-epel` role if you need a simple way to ensure it's installed. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - pip_package: python-pip - -The name of the packge to install to get `pip` on the system. You can set to `python3-pip`, for example, when using Python 3 on Ubuntu. - - pip_executable: pip - -The role will try to autodetect the pip executable based on the `pip_package` (e.g. `pip` for Python 2 and `pip3` for Python 3). You can also override this explicitly, e.g. `pip_executable: pip3.6`. - - pip_install_packages: [] - -A list of packages to install with pip. Examples below: - - pip_install_packages: - # Specify names and versions. - - name: docker - version: "1.2.3" - - name: awscli - version: "1.11.91" - - # Or specify bare packages to get the latest release. - - docker - - awscli - - # Or uninstall a package. - - name: docker - state: absent - - # Or update a package ot the latest version. - - name: docker - state: latest - - # Or force a reinstall. - - name: docker - state: forcereinstall - - # Or install a package in a particular virtualenv. - - name: docker - virtualenv: /my_app/venv - -## Dependencies - -None. - -## Example Playbook - - - hosts: all - - vars: - pip_install_packages: - - name: docker - - name: awscli - - roles: - - geerlingguy.pip - -## License - -MIT / BSD - -## Author Information - -This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.pip/defaults/main.yml b/roles/geerlingguy.pip/defaults/main.yml deleted file mode 100644 index 8a70a1e..0000000 --- a/roles/geerlingguy.pip/defaults/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# For Python 3, use python3-pip. -pip_package: python-pip -pip_executable: "{{ 'pip3' if pip_package.startswith('python3') else 'pip' }}" - -pip_install_packages: [] diff --git a/roles/geerlingguy.pip/meta/.galaxy_install_info b/roles/geerlingguy.pip/meta/.galaxy_install_info deleted file mode 100644 index ebd8011..0000000 --- a/roles/geerlingguy.pip/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Tue May 14 21:41:10 2019 -version: 1.3.0 diff --git a/roles/geerlingguy.pip/meta/main.yml b/roles/geerlingguy.pip/meta/main.yml deleted file mode 100644 index eb4248b..0000000 --- a/roles/geerlingguy.pip/meta/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Pip (Python package manager) for Linux. - issue_tracker_url: https://github.com/geerlingguy/ansible-role-pip/issues - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 2.0 - platforms: - - name: EL - versions: - - all - - name: Fedora - versions: - - all - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - galaxy_tags: - - system - - server - - packaging - - python - - pip - - tools diff --git a/roles/geerlingguy.pip/molecule/default/molecule.yml b/roles/geerlingguy.pip/molecule/default/molecule.yml deleted file mode 100644 index 2ca6fea..0000000 --- a/roles/geerlingguy.pip/molecule/default/molecule.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml -platforms: - - name: instance - image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true -provisioner: - name: ansible - lint: - name: ansible-lint - playbooks: - converge: ${MOLECULE_PLAYBOOK:-playbook.yml} -scenario: - name: default -verifier: - name: testinfra - lint: - name: flake8 diff --git a/roles/geerlingguy.pip/molecule/default/playbook.yml b/roles/geerlingguy.pip/molecule/default/playbook.yml deleted file mode 100644 index 6ffa90b..0000000 --- a/roles/geerlingguy.pip/molecule/default/playbook.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Converge - hosts: all - become: true - - vars: - pip_install_packages: - # Test installing a specific version of a package. - - name: ipaddress - version: "1.0.18" - # Test installing a package by name. - - colorama - - pre_tasks: - - name: Update apt cache. - apt: update_cache=true cache_valid_time=600 - when: ansible_os_family == 'Debian' - - roles: - - role: geerlingguy.pip diff --git a/roles/geerlingguy.pip/molecule/default/tests/test_default.py b/roles/geerlingguy.pip/molecule/default/tests/test_default.py deleted file mode 100644 index eedd64a..0000000 --- a/roles/geerlingguy.pip/molecule/default/tests/test_default.py +++ /dev/null @@ -1,14 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_hosts_file(host): - f = host.file('/etc/hosts') - - assert f.exists - assert f.user == 'root' - assert f.group == 'root' diff --git a/roles/geerlingguy.pip/molecule/default/yaml-lint.yml b/roles/geerlingguy.pip/molecule/default/yaml-lint.yml deleted file mode 100644 index a3dbc38..0000000 --- a/roles/geerlingguy.pip/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -extends: default -rules: - line-length: - max: 120 - level: warning diff --git a/roles/geerlingguy.pip/tasks/main.yml b/roles/geerlingguy.pip/tasks/main.yml deleted file mode 100644 index dda7fac..0000000 --- a/roles/geerlingguy.pip/tasks/main.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Ensure Pip is installed. - package: - name: "{{ pip_package }}" - state: present - -- name: Ensure pip_install_packages are installed. - pip: - name: "{{ item.name | default(item) }}" - version: "{{ item.version | default(omit) }}" - virtualenv: "{{ item.virtualenv | default(omit) }}" - state: "{{ item.state | default(omit) }}" - executable: "{{ pip_executable }}" - with_items: "{{ pip_install_packages }}" diff --git a/roles/jnv.unattended-upgrades/.editorconfig b/roles/jnv.unattended-upgrades/.editorconfig deleted file mode 100644 index c6c8b36..0000000 --- a/roles/jnv.unattended-upgrades/.editorconfig +++ /dev/null @@ -1,9 +0,0 @@ -root = true - -[*] -indent_style = space -indent_size = 2 -end_of_line = lf -charset = utf-8 -trim_trailing_whitespace = true -insert_final_newline = true diff --git a/roles/jnv.unattended-upgrades/.gitignore b/roles/jnv.unattended-upgrades/.gitignore deleted file mode 100644 index d9ff546..0000000 --- a/roles/jnv.unattended-upgrades/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -.vagrant/ -*~ -*.log diff --git a/roles/jnv.unattended-upgrades/.travis.yml b/roles/jnv.unattended-upgrades/.travis.yml deleted file mode 100644 index 32fdb5d..0000000 --- a/roles/jnv.unattended-upgrades/.travis.yml +++ /dev/null @@ -1,16 +0,0 @@ -sudo: required -language: python -services: docker - -cache: pip - -install: - - pip install ansible docker - - ansible-galaxy install -r tests/requirements.yml -p tests/roles/ - -script: - - ansible --version - - tests/test.sh - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/jnv.unattended-upgrades/LICENSE b/roles/jnv.unattended-upgrades/LICENSE deleted file mode 100644 index d511905..0000000 --- a/roles/jnv.unattended-upgrades/LICENSE +++ /dev/null @@ -1,339 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. diff --git a/roles/jnv.unattended-upgrades/README.md b/roles/jnv.unattended-upgrades/README.md deleted file mode 100644 index 5cec7ec..0000000 --- a/roles/jnv.unattended-upgrades/README.md +++ /dev/null @@ -1,180 +0,0 @@ -# Unattended-Upgrades Role for Ansible - -[![Build Status of branch master](https://img.shields.io/travis/jnv/ansible-role-unattended-upgrades/master.svg?style=flat-square)](https://travis-ci.org/jnv/ansible-role-unattended-upgrades) -[![Ansible Role: jnv.unattended-upgrades](https://img.shields.io/ansible/role/8068.svg?style=flat-square)](https://galaxy.ansible.com/jnv/unattended-upgrades/) - -Install and setup [unattended-upgrades](https://launchpad.net/unattended-upgrades) for Ubuntu and Debian (since Wheezy), to periodically install security upgrades. - -**NOTE:** If you have used version 0.0.1 of the role, you can delete the file `/etc/apt/apt.conf.d/10periodic` as it is not needed anymore. You can use the following one-shot command: - - ansible -m file -a "state=absent path=/etc/apt/apt.conf.d/10periodic" - -## Requirements - -The role uses [apt module](http://docs.ansible.com/apt_repository_module.html) which has additional dependencies. - -If you set `unattended_mail` to an e-mail address, make sure `mailx` command is available and your system is able to send e-mails. - -The role requires unattended-upgrades version 0.70 and newer, which is available since Debian Wheezy and Ubuntu 12.04 respectively. This is due to [Origins Patterns](#origins-patterns) usage; if this is not available on your system, you may use [the first version of the role](https://github.com/jnv/ansible-role-unattended-upgrades/tree/v0.1). - -### Automatic Reboot - -If you enable automatic reboot feature (`unattended_automatic_reboot`), the role will attempt to install `update-notifier-common` package, which is required on some systems for detecting and executing reboot after the upgrade. You may optionally define a specific time for rebooting (`unattended_automatic_reboot_time`). - -This feature was broken in Debian Jessie, but eventually was rolled into the unattended-upgrades package; see [the discussion in #6](https://github.com/jnv/ansible-role-unattended-upgrades/issues/6) for more details. - -## Disabled Cron Jobs - -On some hosts you may find that the unattended-upgrade's cronfile `/etc/cron.daily/apt` file has been renamed to `apt.disabled`. This is possibly provider's decision, to save some CPU cycles. Use [enable-standard-cronjobs](https://github.com/Yannik/ansible-role-enable-standard-cronjobs) role to reenable unattended-upgrades. See also discussion in [#9](https://github.com/jnv/ansible-role-unattended-upgrades/issues/9). - -## Role Variables - -* `unattended_cache_valid_time`: Update the apt cache if its older than the given time in seconds; passed to the [apt module](https://docs.ansible.com/ansible/latest/apt_module.html) during package installation. - * Default: `3600` -* `unattended_origins_patterns`: array of origins patterns to determine whether the package can be automatically installed, for more details see [Origins Patterns](#origins-patterns) below. - * Default for Debian: `['origin=Debian,codename=${distro_codename},label=Debian-Security']` - * Default for Ubuntu: `['origin=Ubuntu,archive=${distro_codename}-security,label=Ubuntu']` -* `unattended_package_blacklist`: packages which won't be automatically upgraded - * Default: `[]` -* `unattended_autofix_interrupted_dpkg`: whether on unclean dpkg exit to run `dpkg --force-confold --configure -a` - * Default: `true` -* `unattended_minimal_steps`: split the upgrade into the smallest possible chunks so that they can be interrupted with SIGUSR1. - * Default: `false` -* `unattended_install_on_shutdown`: install all unattended-upgrades when the machine is shuting down. - * Default: `false` -* `unattended_mail`: e-mail address to send information about upgrades or problems with unattended upgrades - * Default: `false` (don't send any e-mail) -* `unattended_mail_only_on_error`: send e-mail only on errors, otherwise e-mail will be sent every time there's a package upgrade. - * Default: `false` -* `unattended_remove_unused_dependencies`: do automatic removal of new unused dependencies after the upgrade. - * Default: `false` -* `unattended_automatic_reboot`: Automatically reboot system if any upgraded package requires it, immediately after the upgrade. - * Default: `false` -* `unattended_automatic_reboot_time`: Automatically reboot system if any upgraded package requires it, at the specific time (_HH:MM_) instead of immediately after the upgrade. - * Default: `false` -* `unattended_update_days`: Set the days of the week that updates should be applied. The days can be specified as localized abbreviated or full names. Or as integers where "0" is Sunday, "1" is Monday etc. Example: `{"Mon";"Fri"};` - * Default: disabled -* `unattended_ignore_apps_require_restart`: unattended-upgrades won't automatically upgrade some critical packages requiring restart after an upgrade (i.e. there is `XB-Upgrade-Requires: app-restart` directive in their debian/control file). With this option set to `true`, unattended-upgrades will upgrade these packages regardless of the directive. - * Default: `false` -* `unattended_verbose`: Define verbosity level of APT for periodic runs. The output will be sent to root. - * Possible options: - * `0`: no report - * `1`: progress report - * `2`: + command outputs - * `3`: + trace on - * Default: `0` (no report) -* `unattended_update_package_list`: Do "apt-get update" automatically every n-days (0=disable) - * Default: `1` -* `unattended_download_upgradeable`: Do "apt-get upgrade --download-only" every n-days (0=disable) - * Default: `0` -* `unattended_autoclean_interval`: Do "apt-get autoclean" every n-days (0=disable) - * Default: `7` -* `unattended_clean_interval`: Do "apt-get clean" every n-days (0=disable) - * Default: `0` -* `unattended_random_sleep`: Define maximum for a random interval in seconds after which the apt job starts (only for systems without systemd) - * Default: `1800` (30 minutes) -* `unattended_dpkg_options`: Array of dpkg command-line options used during unattended-upgrades runs, e.g. `["--force-confdef"]`, `["--force-confold"]` - * Default: `[]` -* `unattended_dl_limit`: Limit the download speed in kb/sec using apt bandwidth limit feature. - * Default: disabled - -## Origins Patterns - -Origins Pattern is a more powerful alternative to the Allowed Origins option used in previous versions of unattended-upgrade. - -Pattern is composed from specific keywords: - -* `a`,`archive`,`suite` – e.g. `stable`, `trusty-security` (`archive=stable`) -* `c`,`component` – e.g. `main`, `crontrib`, `non-free` (`component=main`) -* `l`,`label` – e.g. `Debian`, `Debian-Security`, `Ubuntu` -* `o`,`origin` – e.g. `Debian`, `Unofficial Multimedia Packages`, `Ubuntu` -* `n`,`codename` – e.g. `jessie`, `jessie-updates`, `trusty` (this is only supported with `unattended-upgrades` >= 0.80) -* `site` – e.g. `http.debian.net` - -You can review the available repositories using `apt-cache policy` and debug your choice using `unattended-upgrades -d` command on a target system. - -Additionally unattended-upgrades support two macros (variables), derived from `/etc/debian_version`: - -* `${distro_id}` – Installed distribution name, e.g. `Debian` or `Ubuntu`. -* `${distro_codename}` – Installed codename, e.g. `jessie` or `trusty`. - -Using `${distro_codename}` should be preferred over using `stable` or `oldstable` as a selected, as once `stable` moves to `oldstable`, no security updates will be installed at all, or worse, package from a newer distro release will be installed by accident. The same goes for upgrading your installation from `oldstable` to `stable`, if you forget to change this in your origin patterns, you may not receive the security updates for your newer distro release. With `${distro_codename}`, both cases can never happen. - -## Role Usage Example - -Example for Ubuntu, with custom [origins patterns](#patterns-examples), blacklisted packages and e-mail notification: - -```yaml -- hosts: all - roles: - - role: jnv.unattended-upgrades - unattended_origins_patterns: - - 'origin=Ubuntu,archive=${distro_codename}-security' - - 'o=Ubuntu,a=${distro_codename}-updates' - unattended_package_blacklist: [cowsay, vim] - unattended_mail: 'root@example.com' -``` - -_Note:_ You don't need to specify `unattended_origins_patterns`, the role will use distribution's default if the variable is not set. - -### Patterns Examples - -By default, only security updates are allowed for both Ubuntu and Debian. You can add more patterns to allow unattended-updates install more packages automatically, however be aware that automated major updates may potentially break your system. - -#### For Debian - -```yaml -unattended_origins_patterns: - - 'origin=Debian,codename=${distro_codename},label=Debian-Security' # security updates - - 'o=Debian,codename=${distro_codename},label=Debian' # updates including non-security updates - - 'o=Debian,codename=${distro_codename},a=proposed-updates' -``` - -On debian wheezy, due to `unattended-upgrades` being `0.79.5`, you cannot use the `codename` directive. - -You will have to do archive based matching instead: - -```yaml -unattended_origins_patterns: - - 'origin=Debian,a=stable,label=Debian-Security' # security updates - - 'o=Debian,a=stable,l=Debian' # updates including non-security updates - - 'o=Debian,a=proposed-updates' -``` - -Please be sure to read about the issues regarding this in the origin pattern documentation above. - -#### For Ubuntu - -In Ubuntu, archive always contains the distribution codename - -```yaml -unattended_origins_patterns: - - 'origin=Ubuntu,archive=${distro_codename}-security' - - 'o=Ubuntu,a=${distro_codename}' - - 'o=Ubuntu,a=${distro_codename}-updates' - - 'o=Ubuntu,a=${distro_codename}-proposed-updates' -``` - - -#### For Raspbian - -In Raspbian, it is only possible to update all packages from the default repository, including non-security updates, or updating none. - -Updating all, including non-security: - -```yaml -unattended_origins_patterns: - - 'origin=Raspbian,codename=${distro_codename},label=Raspbian' -``` - -You can not use the `codename` directive on raspbian wheezy, the same as with debian wheezy above. - -To not install any updates on a raspbian host, just set `unattended_origins_patterns` to an empty list: -``` -unattended_origins_patterns: [] -``` - - -## License - -GPLv2 diff --git a/roles/jnv.unattended-upgrades/defaults/main.yml b/roles/jnv.unattended-upgrades/defaults/main.yml deleted file mode 100644 index 7b2a211..0000000 --- a/roles/jnv.unattended-upgrades/defaults/main.yml +++ /dev/null @@ -1,122 +0,0 @@ ---- -# Cache update time for apt module -unattended_cache_valid_time: 3600 - -#Unattended-Upgrade::Origins-Pattern -# Automatically upgrade packages from these origin patterns -# e.g.: 'o=Debian,a=stable', 'o=Debian,a=stable-updates' -# -# Left unset, distribution-specific defaults will be used through -# __unattended_origins_patterns variable only if this variable -# is not provided externally -# REFS https://github.com/ansible/ansible/issues/8121 -#unattended_origins_patterns: [] - -#Unattended-Upgrade::Package-Blacklist -# List of packages to not update -unattended_package_blacklist: [] - -#Unattended-Upgrade::AutoFixInterruptedDpkg -# On a unclean dpkg exit unattended-upgrades will run -# dpkg --force-confold --configure -a -# The default is true, to ensure updates keep getting installed -unattended_autofix_interrupted_dpkg: true - -#Unattended-Upgrade::MinimalSteps -# Split the upgrade into the smallest possible chunks so that -# they can be interrupted with SIGUSR1. This makes the upgrade -# a bit slower but it has the benefit that shutdown while a upgrade -# is running is possible (with a small delay) -unattended_minimal_steps: false - -#Unattended-Upgrade::InstallOnShutdown -# Install all unattended-upgrades when the machine is shuting down -# instead of doing it in the background while the machine is running -# This will (obviously) make shutdown slower -unattended_install_on_shutdown: false - -#Unattended-Upgrade::Mail -# Send email to this address for problems or packages upgrades -# If empty or unset then no email is sent, make sure that you -# have a working mail setup on your system. A package that provides -# 'mailx' must be installed. -unattended_mail: false - -#Unattended-Upgrade::MailOnlyOnError -# Set this value to "true" to get emails only on errors. Default -# is to always send a mail if Unattended-Upgrade::Mail is set -unattended_mail_only_on_error: false - -#Unattended-Upgrade::Remove-Unused-Dependencies -# Do automatic removal of new unused dependencies after the upgrade -# (equivalent to apt-get autoremove) -unattended_remove_unused_dependencies: false - -#Unattended-Upgrade::Automatic-Reboot -# Automatically reboot *WITHOUT CONFIRMATION* if a -# the file /var/run/reboot-required is found after the upgrade -unattended_automatic_reboot: false - -#Unattended-Upgrade::Automatic-Reboot-Time -# If automatic reboot is enabled and needed, reboot at the specific -# time instead of immediately -unattended_automatic_reboot_time: false - -#Unattended-Upgrade::IgnoreAppsRequireRestart -# Do upgrade application even if it requires restart after upgrade -# I.e. "XB-Upgrade-Requires: app-restart" is set in the debian/control file -unattended_ignore_apps_require_restart: false - -### APT::Periodic configuration -# Snatched from /usr/lib/apt/apt.systemd.daily - -#APT::Periodic::Update-Package-Lists "0"; -# - Do "apt-get update" automatically every n-days (0=disable) -unattended_update_package_list: 1 - -#APT::Periodic::Download-Upgradeable-Packages "0"; -# - Do "apt-get upgrade --download-only" every n-days (0=disable) -#unattended_download_upgradeable: 0 - -#APT::Periodic::AutocleanInterval "0"; -# - Do "apt-get autoclean" every n-days (0=disable) -unattended_autoclean_interval: 7 - -#APT::Periodic::CleanInterval "0"; -# - Do "apt-get clean" every n-days (0=disable) -#unattended_clean_interval: 0 - -#APT::Periodic::Verbose "0"; -# - Send report mail to root -# 0: no report (or null string) -# 1: progress report (actually any string) -# 2: + command outputs (remove -qq, remove 2>/dev/null, add -d) -# 3: + trace on -#unattended_verbose: 0 - -## Cron systems only - -#APT::Periodic::RandomSleep -# When the apt job starts, it will sleep for a random period between 0 -# and APT::Periodic::RandomSleep seconds -# The default value is "1800" so that the script will stall for up to 30 -# minutes (1800 seconds) so that the mirror servers are not crushed by -# everyone running their updates all at the same time -# Kept undefined to allow default (1800) -#unattended_random_sleep: 0 - -#Dpkg::Options -# Provide dpkg options that take effect during unattended upgrades. -# By default no flags are appended. Configuration file changes can -# block installation of certain packages. Passing the flags -# "--force-confdef" and "--force-confold" will ensure updates are applied -# and old configuration files are preserved. -unattended_dpkg_options: [] - -# unattended_dpkg_options: -# - "--force-confdef" -# - "--force-confold" - - -# Use apt bandwidth limit feature, this example limits the download speed to 70kb/sec -#unattended_dl_limit: 70 \ No newline at end of file diff --git a/roles/jnv.unattended-upgrades/handlers/main.yml b/roles/jnv.unattended-upgrades/handlers/main.yml deleted file mode 100644 index c0b5512..0000000 --- a/roles/jnv.unattended-upgrades/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for unattended-upgrades diff --git a/roles/jnv.unattended-upgrades/meta/.galaxy_install_info b/roles/jnv.unattended-upgrades/meta/.galaxy_install_info deleted file mode 100644 index 713a4a2..0000000 --- a/roles/jnv.unattended-upgrades/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Sun Apr 28 18:26:47 2019 -version: v1.7.0 diff --git a/roles/jnv.unattended-upgrades/meta/main.yml b/roles/jnv.unattended-upgrades/meta/main.yml deleted file mode 100644 index 90dcd6d..0000000 --- a/roles/jnv.unattended-upgrades/meta/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -galaxy_info: - author: Jan Vlnas - description: Setup unattended-upgrades on Debian-based systems - license: GPLv2 - min_ansible_version: 1.4 - platforms: - - name: Ubuntu - versions: - - precise - - raring - - saucy - - trusty - - utopic - - name: Debian - versions: - - wheezy - - jessie - # - # Below are all categories currently available. Just as with - # the platforms above, uncomment those that apply to your role. - # - categories: - #- cloud - #- cloud:ec2 - #- cloud:gce - #- cloud:rax - #- database - #- database:nosql - #- database:sql - #- development - #- monitoring - #- networking - #- packaging - - system - #- web -dependencies: [] - diff --git a/roles/jnv.unattended-upgrades/tasks/main.yml b/roles/jnv.unattended-upgrades/tasks/main.yml deleted file mode 100644 index 9a924fa..0000000 --- a/roles/jnv.unattended-upgrades/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ - - include: unattended-upgrades.yml - tags: unattended diff --git a/roles/jnv.unattended-upgrades/tasks/reboot.yml b/roles/jnv.unattended-upgrades/tasks/reboot.yml deleted file mode 100644 index faa7149..0000000 --- a/roles/jnv.unattended-upgrades/tasks/reboot.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -# Ignored, since newer distros don't need this package -# https://github.com/jnv/ansible-role-unattended-upgrades/issues/6 -- name: install update-notifier-common - apt: - pkg: update-notifier-common - state: present - failed_when: false - diff --git a/roles/jnv.unattended-upgrades/tasks/unattended-upgrades.yml b/roles/jnv.unattended-upgrades/tasks/unattended-upgrades.yml deleted file mode 100644 index a777fb9..0000000 --- a/roles/jnv.unattended-upgrades/tasks/unattended-upgrades.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: add distribution-specific variables - include_vars: "{{ ansible_distribution }}.yml" - -- name: add Debian Wheezy workaround - include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml" - when: (ansible_distribution == "Debian") and (ansible_distribution_release == "wheezy") - -- name: install unattended-upgrades - become: true - apt: - pkg: unattended-upgrades - state: present - cache_valid_time: "{{unattended_cache_valid_time}}" - update_cache: yes - -- name: install reboot dependencies - include: reboot.yml - when: unattended_automatic_reboot - -- name: create APT auto-upgrades configuration - become: true - template: - src: auto-upgrades.j2 - dest: /etc/apt/apt.conf.d/20auto-upgrades - owner: root - group: root - mode: 0644 - -- name: create unattended-upgrades configuration - become: true - template: - src: unattended-upgrades.j2 - dest: /etc/apt/apt.conf.d/50unattended-upgrades - owner: root - group: root - mode: 0644 diff --git a/roles/jnv.unattended-upgrades/templates/auto-upgrades.j2 b/roles/jnv.unattended-upgrades/templates/auto-upgrades.j2 deleted file mode 100644 index 388a028..0000000 --- a/roles/jnv.unattended-upgrades/templates/auto-upgrades.j2 +++ /dev/null @@ -1,25 +0,0 @@ -APT::Periodic::Unattended-Upgrade "1"; - -{% if unattended_update_package_list is defined %} -APT::Periodic::Update-Package-Lists "{{unattended_update_package_list}}"; -{% endif %} - -{% if unattended_download_upgradeable is defined %} -APT::Periodic::Download-Upgradeable-Packages "{{unattended_download_upgradeable}}"; -{% endif %} - -{% if unattended_autoclean_interval is defined %} -APT::Periodic::AutocleanInterval "{{unattended_autoclean_interval}}"; -{% endif %} - -{% if unattended_clean_interval is defined %} -APT::Periodic::CleanInterval "{{unattended_clean_interval}}"; -{% endif %} - -{% if unattended_verbose is defined %} -APT::Periodic::Verbose "{{unattended_verbose}}"; -{% endif %} - -{% if unattended_random_sleep is defined %} -APT::Periodic::RandomSleep "{{unattended_random_sleep}}"; -{% endif %} diff --git a/roles/jnv.unattended-upgrades/templates/unattended-upgrades.j2 b/roles/jnv.unattended-upgrades/templates/unattended-upgrades.j2 deleted file mode 100644 index 3df60da..0000000 --- a/roles/jnv.unattended-upgrades/templates/unattended-upgrades.j2 +++ /dev/null @@ -1,106 +0,0 @@ -// Unattended-Upgrade::Origins-Pattern controls which packages are -// upgraded. -Unattended-Upgrade::Origins-Pattern { -{% if unattended_origins_patterns is defined %} - {% for origin in unattended_origins_patterns %} - "{{ origin }}"; - {% endfor %} -{% else %} - {% for origin in __unattended_origins_patterns %} - "{{ origin }}"; - {% endfor %} -{% endif %} -}; - -// List of packages to not update (regexp are supported) -Unattended-Upgrade::Package-Blacklist { -{% for package in unattended_package_blacklist %} - "{{package}}"; -{% endfor %} -}; - -{% if not unattended_autofix_interrupted_dpkg %} -// This option allows you to control if on a unclean dpkg exit -// unattended-upgrades will automatically run -// dpkg --force-confold --configure -a -// The default is true, to ensure updates keep getting installed -Unattended-Upgrade::AutoFixInterruptedDpkg "false"; -{% endif %} - -{% if unattended_minimal_steps %} -// Split the upgrade into the smallest possible chunks so that -// they can be interrupted with SIGUSR1. This makes the upgrade -// a bit slower but it has the benefit that shutdown while a upgrade -// is running is possible (with a small delay) -Unattended-Upgrade::MinimalSteps "true"; -{% endif %} - -{% if unattended_install_on_shutdown %} -// Install all unattended-upgrades when the machine is shuting down -// instead of doing it in the background while the machine is running -// This will (obviously) make shutdown slower -Unattended-Upgrade::InstallOnShutdown "true"; -{% endif %} - -{% if unattended_mail %} -// Send email to this address for problems or packages upgrades -// If empty or unset then no email is sent, make sure that you -// have a working mail setup on your system. A package that provides -// 'mailx' must be installed. -Unattended-Upgrade::Mail "{{unattended_mail}}"; -{% endif %} - -{% if unattended_mail_only_on_error %} -// Set this value to "true" to get emails only on errors. Default -// is to always send a mail if Unattended-Upgrade::Mail is set -Unattended-Upgrade::MailOnlyOnError "true"; -{% endif %} - -{% if unattended_remove_unused_dependencies %} -// Do automatic removal of new unused dependencies after the upgrade -// (equivalent to apt-get autoremove) -Unattended-Upgrade::Remove-Unused-Dependencies "true"; -{% endif %} - -{% if unattended_automatic_reboot %} -// Automatically reboot *WITHOUT CONFIRMATION* if a -// the file /var/run/reboot-required is found after the upgrade -Unattended-Upgrade::Automatic-Reboot "true"; -{% endif %} - -{% if unattended_automatic_reboot_time %} -// If automatic reboot is enabled and needed, reboot at the specific -// time instead of immediately -// Default: "now" -Unattended-Upgrade::Automatic-Reboot-Time "{{ unattended_automatic_reboot_time }}"; -{% endif %} - -{% if unattended_update_days is defined %} -// Set the days of the week that updates should be applied. The days can be specified -// as localized abbreviated or full names. Or as integers where "0" is Sunday, "1" is -// Monday etc. -// Example - apply updates only on Monday and Friday: -// {"Mon";"Fri"}; -Unattended-Upgrade::Update-Days {{ unattended_update_days }}; -{% endif %} - -{% if unattended_ignore_apps_require_restart %} -// Do upgrade application even if it requires restart after upgrade -// I.e. "XB-Upgrade-Requires: app-restart" is set in the debian/control file -Unattended-Upgrade::IgnoreAppsRequireRestart "true"; -{% endif %} - -{% if unattended_dpkg_options %} -// Append options for governing dpkg behavior, e.g. --force-confdef. -Dpkg::Options { -{% for dpkg_option in unattended_dpkg_options %} - "{{ dpkg_option }}"; -{% endfor %} -}; -{% endif %} - -{% if unattended_dl_limit is defined %} -// Use apt bandwidth limit feature, this example limits the download -// speed to 70kb/sec -Acquire::http::Dl-Limit "{{ unattended_dl_limit }}"; -{% endif %} diff --git a/roles/jnv.unattended-upgrades/tests/ansible.cfg b/roles/jnv.unattended-upgrades/tests/ansible.cfg deleted file mode 100644 index 6abf5b7..0000000 --- a/roles/jnv.unattended-upgrades/tests/ansible.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[defaults] -roles_path = ../../ -retry_files_enabled = False diff --git a/roles/jnv.unattended-upgrades/tests/inventory b/roles/jnv.unattended-upgrades/tests/inventory deleted file mode 100644 index 42de3a1..0000000 --- a/roles/jnv.unattended-upgrades/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python" diff --git a/roles/jnv.unattended-upgrades/tests/requirements.yml b/roles/jnv.unattended-upgrades/tests/requirements.yml deleted file mode 100644 index 562771a..0000000 --- a/roles/jnv.unattended-upgrades/tests/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- src: chrismeyersfsu.provision_docker - name: provision_docker diff --git a/roles/jnv.unattended-upgrades/tests/test.sh b/roles/jnv.unattended-upgrades/tests/test.sh deleted file mode 100755 index 84096bf..0000000 --- a/roles/jnv.unattended-upgrades/tests/test.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -# Exit on any individual command failure -set -e - -# Pretty colors. -red='\033[0;31m' -green='\033[0;32m' -neutral='\033[0m' - -section() { - echo -e "\033[33;1m$1\033[0m" -} - -fold_start() { - echo -e "travis_fold:start:$1\033[33;1m$2\033[0m" -} - -fold_end() { - echo -e "\ntravis_fold:end:$1\r" -} - -# Ensure we are in the tests dir -cd "$( dirname "${BASH_SOURCE[0]}" )" - -section "Syntax check" -ansible-playbook -i inventory --syntax-check test.yml -section "Running role" -ansible-playbook -i inventory test.yml diff --git a/roles/jnv.unattended-upgrades/tests/test.yml b/roles/jnv.unattended-upgrades/tests/test.yml deleted file mode 100644 index 45d5485..0000000 --- a/roles/jnv.unattended-upgrades/tests/test.yml +++ /dev/null @@ -1,70 +0,0 @@ ---- -- name: Bring up Docker containers - hosts: localhost - gather_facts: false - vars: - inventory: - - name: ubuntu_latest - image: "ubuntu:latest" - - name: ubuntu_xenial - image: "ubuntu:xenial" - - name: ubuntu_trusty - image: "ubuntu:trusty" - - name: debian_testing - image: "debian:testing" - - name: debian_stable - image: "debian:stable" - - name: debian_oldstable - image: "debian:oldstable" - roles: - - role: provision_docker - provision_docker_inventory: "{{ inventory }}" - provision_docker_privileged: true - provision_docker_use_docker_connection: true - -- name: Test role - hosts: docker_containers - gather_facts: false - pre_tasks: - - name: Provision Python - raw: bash -c "test -e /usr/bin/python || (apt-get -y update && apt-get install -y python-simplejson)" - register: output - changed_when: output.stdout - - setup: # Gather facts - vars: - unattended_autofix_interrupted_dpkg: false - unattended_minimal_steps: true - unattended_install_on_shutdown: true - unattended_automatic_reboot: true - unattended_update_days: '{"Sat"}' - roles: - # Searched for in ../.. (see ansible.cfg) - - ansible-role-unattended-upgrades - tasks: - - name: Idempotency check - include_role: - name: ansible-role-unattended-upgrades - register: idempotency - - fail: - msg: Role failed idempotency check - when: idempotency.changed - - - name: Get apt-config variables - shell: apt-config dump - register: aptconfig - - name: Check for registered variables - assert: - that: item in aptconfig.stdout - with_items: - - 'APT::Periodic::Unattended-Upgrade "1"' - - 'Unattended-Upgrade::AutoFixInterruptedDpkg "false"' - - 'Unattended-Upgrade::MinimalSteps "true"' - - 'Unattended-Upgrade::InstallOnShutdown "true"' - - 'Unattended-Upgrade::Automatic-Reboot "true"' - # NOTE: this uses the array syntax, which requires one - # top-level record, then one item per line - - 'Unattended-Upgrade::Update-Days "";' - - 'Unattended-Upgrade::Update-Days:: "Sat";' - - - name: Dry run unattended-upgrades - command: /usr/bin/unattended-upgrades --dry-run diff --git a/roles/jnv.unattended-upgrades/vars/Debian-wheezy.yml b/roles/jnv.unattended-upgrades/vars/Debian-wheezy.yml deleted file mode 100644 index 57afa2d..0000000 --- a/roles/jnv.unattended-upgrades/vars/Debian-wheezy.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -# This workaround for Debian Wheezy which doesn't support ${distro_codename} macro -# See -# https://github.com/jnv/ansible-role-unattended-upgrades/issues/19 -# https://github.com/jnv/ansible-role-unattended-upgrades/pull/20 -# for details - -__unattended_origins_patterns: - - 'origin=Debian,archive=stable,label=Debian-Security' - - 'origin=Debian,archive=oldstable,label=Debian-Security' diff --git a/roles/jnv.unattended-upgrades/vars/Debian.yml b/roles/jnv.unattended-upgrades/vars/Debian.yml deleted file mode 100644 index 706a604..0000000 --- a/roles/jnv.unattended-upgrades/vars/Debian.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -__unattended_origins_patterns: - - 'origin=Debian,codename=${distro_codename},label=Debian-Security' diff --git a/roles/jnv.unattended-upgrades/vars/Ubuntu.yml b/roles/jnv.unattended-upgrades/vars/Ubuntu.yml deleted file mode 100644 index 85a6bf3..0000000 --- a/roles/jnv.unattended-upgrades/vars/Ubuntu.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -__unattended_origins_patterns: - - 'origin=Ubuntu,archive=${distro_codename}-security,label=Ubuntu' diff --git a/roles/jtom38.ceph/.travis.yml b/roles/jtom38.ceph/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/jtom38.ceph/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/luther38.filebeat/README.md b/roles/jtom38.ceph/README.md similarity index 100% rename from roles/luther38.filebeat/README.md rename to roles/jtom38.ceph/README.md diff --git a/roles/jtom38.ceph/defaults/main.yml b/roles/jtom38.ceph/defaults/main.yml new file mode 100644 index 0000000..470da49 --- /dev/null +++ b/roles/jtom38.ceph/defaults/main.yml @@ -0,0 +1,27 @@ +--- +# defaults file for jtom38.ceph + +# This defines what version to install +ceph_release: 'octopus' + +# cephadm deploys the cluster in 'docker' or 'podmon' +ceph_runtime: 'docker' + +# This defines the host that will be primary in the cluster. +# Set this to true and it will find the IP and use it to bootstrap +ceph_primary: false + + +# Flip this to true if you want to see the stdout from the bootstraping of the cluster. +ceph_bootstrap_log: false + +ceph_network: 192.168.1.1/24 + +# role examples +# monitor +# ods + +ceph_hosts: + - hostname: localhost + address: 127.0.0.1 + role: node diff --git a/roles/jtom38.ceph/handlers/main.yml b/roles/jtom38.ceph/handlers/main.yml new file mode 100644 index 0000000..22adc8c --- /dev/null +++ b/roles/jtom38.ceph/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for jtom38.ceph \ No newline at end of file diff --git a/roles/luther38.kibana/meta/main.yml b/roles/jtom38.ceph/meta/main.yml similarity index 65% rename from roles/luther38.kibana/meta/main.yml rename to roles/jtom38.ceph/meta/main.yml index 5d50bf4..227ad9c 100644 --- a/roles/luther38.kibana/meta/main.yml +++ b/roles/jtom38.ceph/meta/main.yml @@ -1,34 +1,26 @@ galaxy_info: author: your name - description: your description + description: your role description company: your company (optional) # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - # Some suggested licenses: - # - BSD (default) + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) - min_ansible_version: 2.4 + min_ansible_version: 2.9 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - # # Provide a list of supported platforms, and for each platform a list of versions. # If you don't wish to enumerate all versions for a particular platform, use 'all'. @@ -57,4 +49,5 @@ galaxy_info: dependencies: [] # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file + # if you add dependencies to this list. + \ No newline at end of file diff --git a/roles/jtom38.ceph/tasks/bootstrap.yml b/roles/jtom38.ceph/tasks/bootstrap.yml new file mode 100644 index 0000000..ebef451 --- /dev/null +++ b/roles/jtom38.ceph/tasks/bootstrap.yml @@ -0,0 +1,26 @@ +--- + +- name: Checking for previous cluster + file: + dest: /etc/ceph/bootstrapped + ignore_errors: true + register: bootstrapped +- block: + - name: Bootstrap a ceph cluster (this is slow) + shell: "cephadm bootstrap --mon-ip {{ ansible_default_ipv4.address }}" + register: bootstrapLog + + - name: Show Bootstrap log + debug: + msg: "{{ bootstrapLog }}" + when: ceph_bootstrap_log == true + + - name: Write bootstrap log + template: + src: bootstrap.log.j2 + dest: /etc/ceph/bootstrap.log + + when: + - ceph_primary == true + - bootstrapped.failed == true + diff --git a/roles/jtom38.ceph/tasks/cluster_config.yml b/roles/jtom38.ceph/tasks/cluster_config.yml new file mode 100644 index 0000000..b285ad4 --- /dev/null +++ b/roles/jtom38.ceph/tasks/cluster_config.yml @@ -0,0 +1,10 @@ +--- + +- block: + - name: Define where ceph nodes can be found on the network. + shell: "ceph config set mon public_network {{ ceph_network }}" + + - name: Add hosts to the cluster + shell: "ceph orch host add {{ item.hostname }}" + with_items: "{{ ceph_hosts }}" + when: ceph_primary == true \ No newline at end of file diff --git a/roles/jtom38.ceph/tasks/install.yml b/roles/jtom38.ceph/tasks/install.yml new file mode 100644 index 0000000..b557c23 --- /dev/null +++ b/roles/jtom38.ceph/tasks/install.yml @@ -0,0 +1,60 @@ +--- +- name: Checking for cephadm + shell: cephadm version + ignore_errors: true + register: installed +- block: + - name: Download cephadm + get_url: + url: https://github.com/ceph/ceph/raw/octopus/src/cephadm/cephadm + dest: /tmp/cephadm + + - name: Make cephadm execuable + file: + path: /tmp/cephadm + mode: +x + + - name: Installing cephadm + shell: /tmp/cephadm install + + - name: Install ceph cli tools + shell: cephadm install ceph-common + + - name: Prepare the host + shell: cephadm prepare-host + + - name: Add ceph dir + file: + dest: /etc/ceph + state: directory + + when: installed.failed == true + + +- name: Checking what release has been set + file: + dest: "/etc/ceph/release_{{ ceph_release }}" + ignore_errors: true + register: activeRelease +- block: + - name: "Add {{ ceph_release }} release" + shell: "/tmp/cephadm add-repo --release {{ ceph_release }}" + register: release + + - name: Write the current release to the disk + template: + src: release.j2 + dest: "/etc/ceph/release_{{ ceph_release }}" + + - name: Remove ceph gpg key (caused problems in dev) + file: + dest: /etc/apt/trusted.gpg.d/ceph.release.gpg + state: absent + when: + - activeRelease.state == 'absent' + +- name: Remove ceph from apt source (caused problems in dev) + file: + dest: /etc/apt/sources.list.d/ceph.list + state: absent + diff --git a/roles/jtom38.ceph/tasks/main.yml b/roles/jtom38.ceph/tasks/main.yml new file mode 100644 index 0000000..2eb68f0 --- /dev/null +++ b/roles/jtom38.ceph/tasks/main.yml @@ -0,0 +1,14 @@ +--- +# tasks file for jtom38.ceph + +- include: install.yml + tags: install + +- include: seed.yml + tags: seed + +- include: bootstrap.yml + tags: bootstrap + +- include: cluster_config.yml + tags: config \ No newline at end of file diff --git a/roles/jtom38.ceph/tasks/seed.yml b/roles/jtom38.ceph/tasks/seed.yml new file mode 100644 index 0000000..f2f0a5d --- /dev/null +++ b/roles/jtom38.ceph/tasks/seed.yml @@ -0,0 +1,87 @@ +--- +- block: + - name: Checking for existing cert + file: + path: /root/.ssh/ceph_admin + ignore_errors: true + register: cert + + - debug: + msg: "{{ cert }}" + + - name: Generate a new cert + shell: ssh-keygen -t rsa -b 4096 -N '' -f /.ssh/ceph_admin + when: cert.state == 'absent' + + - name: Copy public key to a common area + copy: + src: /root/.ssh/ceph_admin.pub + dest: /tmp/ceph_admin.pub + remote_src: true + + - name: Copy cert public to ansible control + fetch: + src: /tmp/ceph_admin.pub + dest: /tmp/ceph_admin.pub + flat: true + + - name: Check for cephadm public key + file: + path: '~/ceph.pub' + ignore_errors: true + register: cephPub + +# - debug: +# msg: "{{ cephPub }}" + + - name: Export cephadm public key + shell: ceph cephadm get-pub-key > ~/ceph.pub + when: cephPub.state == 'absent' + + - name: Copy cephadm public key to ansible control + fetch: + src: /root/ceph.pub + dest: /tmp/ceph.pub + flat: true + + - name: Configure SSH on primary + template: + src: ssh.config.j2 + dest: /root/.ssh/config + when: ceph_primary == true + +- block: + - name: Copy cephadm public key to nodes + copy: + src: /tmp/ceph.pub + dest: /tmp/ceph.pub + + - name: Copy ceph_admin public key to nodes + copy: + src: /tmp/ceph_admin.pub + dest: /tmp/ceph_admin.pub + + - name: Add ceph_admin public key to authorized_key + authorized_key: + user: root + state: present + key: "{{ lookup('file', '/tmp/ceph_admin.pub') }}" + when: ceph_primary == false + + +- name: Add cephadm public key to authorized_key + authorized_key: + user: root + state: present + key: "{{ lookup('file', '/tmp/ceph.pub') }}" + +- name: Backup the hosts file + copy: + src: /etc/hosts + dest: /etc/hosts.ceph + +- name: Define cluster servers in the hosts file + lineinfile: + path: /etc/hosts + line: "{{ item.address }} {{ item.hostname }}" + with_items: "{{ ceph_hosts }}" diff --git a/roles/jtom38.ceph/templates/bootstrap.log.j2 b/roles/jtom38.ceph/templates/bootstrap.log.j2 new file mode 100644 index 0000000..e9cebe7 --- /dev/null +++ b/roles/jtom38.ceph/templates/bootstrap.log.j2 @@ -0,0 +1 @@ +{{ bootstrapLog.stdout }} \ No newline at end of file diff --git a/roles/jtom38.ceph/templates/release.j2 b/roles/jtom38.ceph/templates/release.j2 new file mode 100644 index 0000000..579184f --- /dev/null +++ b/roles/jtom38.ceph/templates/release.j2 @@ -0,0 +1,4 @@ +# This file is managed by Ansible. +# To avoid problems, leave this file alone. + +{{ ceph_release }} diff --git a/roles/jtom38.ceph/templates/ssh.config.j2 b/roles/jtom38.ceph/templates/ssh.config.j2 new file mode 100644 index 0000000..89cded2 --- /dev/null +++ b/roles/jtom38.ceph/templates/ssh.config.j2 @@ -0,0 +1,6 @@ +Host * + UserKnownHostsFile /dev/null + StrictHostKeyChecking no + IdentitiesOnly yes + ConnectTimeout 0 + ServerAliveInterval 300 diff --git a/roles/luther38.elasticsearch/tests/inventory b/roles/jtom38.ceph/tests/inventory similarity index 100% rename from roles/luther38.elasticsearch/tests/inventory rename to roles/jtom38.ceph/tests/inventory diff --git a/roles/luther38.kibana/tests/test.yml b/roles/jtom38.ceph/tests/test.yml similarity index 75% rename from roles/luther38.kibana/tests/test.yml rename to roles/jtom38.ceph/tests/test.yml index 4ca1352..166316c 100644 --- a/roles/luther38.kibana/tests/test.yml +++ b/roles/jtom38.ceph/tests/test.yml @@ -2,4 +2,4 @@ - hosts: localhost remote_user: root roles: - - kibana \ No newline at end of file + - jtom38.ceph \ No newline at end of file diff --git a/roles/jtom38.ceph/vars/main.yml b/roles/jtom38.ceph/vars/main.yml new file mode 100644 index 0000000..d6aa96b --- /dev/null +++ b/roles/jtom38.ceph/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for jtom38.ceph \ No newline at end of file diff --git a/roles/jtom38.linux_common/.travis.yml b/roles/jtom38.linux_common/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/jtom38.linux_common/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/luther38.heartbeat/README.md b/roles/jtom38.linux_common/README.md similarity index 100% rename from roles/luther38.heartbeat/README.md rename to roles/jtom38.linux_common/README.md diff --git a/roles/jtom38.linux_common/defaults/main.yml b/roles/jtom38.linux_common/defaults/main.yml new file mode 100644 index 0000000..a6ef8d7 --- /dev/null +++ b/roles/jtom38.linux_common/defaults/main.yml @@ -0,0 +1,19 @@ +--- +# defaults file for jtom38.linux_common + +users: + - ansible + + +aptPackages: + - python3 + - python3-pip + - nfs-common + - tree + - ranger + - sshpass + - mosh + +pipPackages: + - docker + - docker-compose \ No newline at end of file diff --git a/roles/jtom38.linux_common/files/miharu_linux.pub b/roles/jtom38.linux_common/files/miharu_linux.pub new file mode 100644 index 0000000..b8f93b4 --- /dev/null +++ b/roles/jtom38.linux_common/files/miharu_linux.pub @@ -0,0 +1,43 @@ +$ANSIBLE_VAULT;1.1;AES256 +63343965653763303431313165316365393033326464613537356137623537623165623831313934 +3938623064653064316464316662333734356535623566660a366436626130353036376633316438 +37363930353431396434633439376461643465623762623735363739333234316562366634313233 +3237616338653431350a386533373037333630666265356234303264346430353333616631343533 +37363737613962353464343731626334316638373562363536633038313865356665626463343236 +30653033383863663535343533366134323963323061313734396337663463663963663036633234 +38383364623536633332616539623439613236373130353031323235643330376666623038326130 +61663136386534373539343962633964653166323333366661393936383463376366613838323332 +36316662633736613063303561356534646333613538396237636562396230666562313739343839 +36616338376463616564353333663162656535663635336665363934383735643962326161336563 +62626239626238326264303837663666646237626237343566383831393830306131353534353633 +64313135373630653265653164643765363564383236616637383166313465656564313464663533 +34313762313137313162623662393063333463353965376261326435343562623833356139373761 +35363162323033653165643239623332326561663530373661393739636335333138313561376166 +39333062353430333530393833336631383039633762323032666533336532613731333162386439 +39343362393661396262383565366532313130643530326538333861383037383830373031333634 +34626131393134383065666336323363623766643839393431353765336433376566623161316137 +62316533656630336331353535373662396533626338656561303163306134346462356134633837 +38356539376434303837343937616636353466326237363961643034666331663961366632373237 +65333832366163326466303933373530666133613066623064643832363962373265386339353433 +37383732313962363562346565376563653139393233303461383838633739376662303462643661 +62626432643837386265366330616135393932633863383331666162616531333466346663313764 +35636137653631613331643663346562386161613232373830396431363465376264373464353634 +38643061343432633765626338356230393739393664386338376264653632643337346534386362 +37626563326133363134633730376464633162383161383066346430646634643162303630616133 +33636537353863346666383462333433313064303931313239386136353765616332343031316233 +31366161363337336231303264336665333737303937633835613733653934373665313138663161 +32333131366163353339323966623562663864633261656438383865643066363764663064346233 +65333437626362623137306230323031313538643665396139316535386439376432643666666632 +61306638613066656265613364663335376565366336653834646135373035663535303266326437 +37623866363038303931376163333235633934323163303463633562373133393434383235626238 +33663433613863623865306136616465623139616339373939656462636437383738356634613136 +37636564383535393730363066626561346461333333616335303535653265376239376663373137 +37383266346163623233663962366230393831346464386535323031383936613134636431383565 +31613739366430663562383631386661663634313537636633366436623834623234666532383264 +62663735393230393463326235373265653264313536366562663830636638386531333233303231 +32633062356137616438343031633033363733313332343936356433616539623165613062666430 +36323138613464653131623630336132313733313234353164663166323539653966636662343830 +34656638363139336236356139656462653362633061333236626465333365653136613362636132 +30383432326139333932383236353337343061643237653364633462663238306630366566313535 +65636563373638303463643235376339346165616637343037343064386132343538653930396132 +6431633632636366353064623634613338373936306364653161 diff --git a/roles/jtom38.linux_common/handlers/main.yml b/roles/jtom38.linux_common/handlers/main.yml new file mode 100644 index 0000000..11ab8e4 --- /dev/null +++ b/roles/jtom38.linux_common/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for jtom38.linux_common diff --git a/roles/luther38.elasticsearch/meta/main.yml b/roles/jtom38.linux_common/meta/main.yml similarity index 65% rename from roles/luther38.elasticsearch/meta/main.yml rename to roles/jtom38.linux_common/meta/main.yml index 5d50bf4..c572acc 100644 --- a/roles/luther38.elasticsearch/meta/main.yml +++ b/roles/jtom38.linux_common/meta/main.yml @@ -1,34 +1,26 @@ galaxy_info: author: your name - description: your description + description: your role description company: your company (optional) # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - # Some suggested licenses: - # - BSD (default) + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) - min_ansible_version: 2.4 + min_ansible_version: 2.1 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - # # Provide a list of supported platforms, and for each platform a list of versions. # If you don't wish to enumerate all versions for a particular platform, use 'all'. @@ -57,4 +49,4 @@ galaxy_info: dependencies: [] # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file + # if you add dependencies to this list. diff --git a/roles/jtom38.linux_common/tasks/main.yml b/roles/jtom38.linux_common/tasks/main.yml new file mode 100644 index 0000000..9610175 --- /dev/null +++ b/roles/jtom38.linux_common/tasks/main.yml @@ -0,0 +1,45 @@ +--- +# tasks file for jtom38.linux_common +- name: install packages + #ansible.builtin.apt: + apt: + name: "{{ aptPackages }}" + state: present + when: ansible_distribution == "Ubuntu" + +- name: install pip packages + #ansible.builtin.pip: + pip: + name: "{{ pipPackages}}" + +- block: + - name: Ensure default accounts a present + user: + name: "{{ item }}" + groups: sudo + state: present + with_items: "{{ users }}" + + - name: Ensure .ssh directory is present + file: + path: "/home/{{ item }}/.ssh" + state: directory + with_items: "{{ users }}" + + - name: Add all .pub keys to ansible's authorized_key + ansible.posix.authorized_key: + user: "ansible" + state: present + #key: "{{ lookup('file', 'files/') }}" + key: "{{ item }}" + with_file: + - files/miharu_linux.pub + + - name: Add .pub keys to miharu's authorized_key + ansible.posix.authorized_key: + user: "miharu" + state: present + key: "{{ item }}" + with_file: + - files/miharu_linux.pub + diff --git a/roles/luther38.filebeat/tests/inventory b/roles/jtom38.linux_common/tests/inventory similarity index 100% rename from roles/luther38.filebeat/tests/inventory rename to roles/jtom38.linux_common/tests/inventory diff --git a/roles/luther38.filebeat/tests/test.yml b/roles/jtom38.linux_common/tests/test.yml similarity index 66% rename from roles/luther38.filebeat/tests/test.yml rename to roles/jtom38.linux_common/tests/test.yml index b3d142f..d046a95 100644 --- a/roles/luther38.filebeat/tests/test.yml +++ b/roles/jtom38.linux_common/tests/test.yml @@ -2,4 +2,4 @@ - hosts: localhost remote_user: root roles: - - luther38.filebeat \ No newline at end of file + - jtom38.linux_common diff --git a/roles/jtom38.linux_common/vars/main.yml b/roles/jtom38.linux_common/vars/main.yml new file mode 100644 index 0000000..a48321b --- /dev/null +++ b/roles/jtom38.linux_common/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for jtom38.linux_common diff --git a/roles/jtom38.monit/.travis.yml b/roles/jtom38.monit/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/jtom38.monit/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/luther38.kibana/README.md b/roles/jtom38.monit/README.md similarity index 75% rename from roles/luther38.kibana/README.md rename to roles/jtom38.monit/README.md index 225dd44..30a90ed 100644 --- a/roles/luther38.kibana/README.md +++ b/roles/jtom38.monit/README.md @@ -1,25 +1,33 @@ -Role Name -========= +# Monit -A brief description of the role goes here. +This ansible role will deploy and configure monit. The monit configuration is defined in the yaml with a dictionary. -Requirements ------------- +## Requirements Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. -Role Variables --------------- +## Role Variables A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. -Dependencies ------------- +### Monitoring hosts + +```yaml +monit_hosts: + - name: jenkins + address: 192.168.1.247 + when: + - url: 'http://192.168.1.247/login' + alert: false + exec: "" +``` + +## Dependencies A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. -Example Playbook ----------------- +## Example Playbook + Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: diff --git a/roles/jtom38.monit/defaults/main.yml b/roles/jtom38.monit/defaults/main.yml new file mode 100644 index 0000000..6c4ee52 --- /dev/null +++ b/roles/jtom38.monit/defaults/main.yml @@ -0,0 +1,89 @@ +--- +# defaults file for jtom38/monit + +monit_slack_alert_script: /etc/monit/scripts/slack.sh +monit_discord_alert_script: /etc/monit/scripts/discord.sh + +monit_global: + check_interval: 120 + log_file: /var/lib/monit/state + statefile: /var/lib/monit/state + eventqueue: + basedir: /var/lib/monit/events + slots: 100 + +monit_alert_slack: + deploy: false + webhook_token: '' + slack_instance: '' + channel: "#alerts" + username: "Monit" + +monit_alert_discord: + deploy: false + webhook: '' + username: 'Monit' + +monit_http: + port: 2812 + username: admin + password: monit + +monit_processes: + - name: ssh + pidfile: '/var/run/sshd.pid' + matching: '' + start: '/bin/systemctl start ssh' + stop: '/bin/systemctl stop ssh' + timeout: '30 seconds' + when: + - type: 'totalmem' + usage: '> 80%' + cycles: 1 + alert: false + exec: "{{ monit_discord_alert_script }}" + +monit_filesystems: + - name: root + path: / + when: + - usage: '> 80%' + tries: 1 + cycles: 1 + alert: false + exec: "" + +monit_system: + hostname: "{{ ansible_hostname }}" + when: + - type: cpu + usage: "usage (user) > 80%" + cycles: 5 + alert: false + exec: "" + - type: cpu + usage: "usage (system) > 30%" + cycles: 5 + alert: false + exec: "" + - type: cpu + usage: "usage (wait) > 20%" + cycles: 5 + alert: false + exec: "" + + - type: memory + usage: "usage > 90%" + cycles: 5 + alert: false + exec: "" + - type: swap + usage: "usage > 25%" + cycles: 5 + alert: false + exec: "" + - type: "loadavg(5min)" + usage: "> 1" + cycles: 5 + alert: false + exec: "" \ No newline at end of file diff --git a/roles/jtom38.monit/handlers/main.yml b/roles/jtom38.monit/handlers/main.yml new file mode 100644 index 0000000..5843220 --- /dev/null +++ b/roles/jtom38.monit/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for jtom38/monit \ No newline at end of file diff --git a/roles/luther38.filebeat/meta/main.yml b/roles/jtom38.monit/meta/main.yml similarity index 65% rename from roles/luther38.filebeat/meta/main.yml rename to roles/jtom38.monit/meta/main.yml index 5d50bf4..227ad9c 100644 --- a/roles/luther38.filebeat/meta/main.yml +++ b/roles/jtom38.monit/meta/main.yml @@ -1,34 +1,26 @@ galaxy_info: author: your name - description: your description + description: your role description company: your company (optional) # If the issue tracker for your role is not on github, uncomment the # next line and provide a value # issue_tracker_url: http://example.com/issue/tracker - # Some suggested licenses: - # - BSD (default) + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) - min_ansible_version: 2.4 + min_ansible_version: 2.9 # If this a Container Enabled role, provide the minimum Ansible Container version. # min_ansible_container_version: - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - # # Provide a list of supported platforms, and for each platform a list of versions. # If you don't wish to enumerate all versions for a particular platform, use 'all'. @@ -57,4 +49,5 @@ galaxy_info: dependencies: [] # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file + # if you add dependencies to this list. + \ No newline at end of file diff --git a/roles/jtom38.monit/tasks/main.yml b/roles/jtom38.monit/tasks/main.yml new file mode 100644 index 0000000..468f85e --- /dev/null +++ b/roles/jtom38.monit/tasks/main.yml @@ -0,0 +1,120 @@ +--- +# tasks file for jtom38/monit + +# Application installs and checks +- block: + - name: Install monit (Debian) + apt: + name: monit + state: present + + - name: make script directory + file: + state: directory + dest: /etc/monit/scripts + +# Slack Notification script +- block: + - name: Deploy Slack notification script + template: + src: scripts/slack.sh.j2 + dest: "{{ monit_slack_alert_script }}" + register: slack + + - name: Make Slack notifiaction executable + file: + dest: "{{ monit_slack_alert_script }}" + mode: a+x + when: monit_alert_slack.deploy == true + +# Discord Notification script +- block: + - name: Getting systems hostname + shell: hostname + register: monit_hostname + + - name: Deploy Discord Notification script + template: + src: scripts/discord.sh.j2 + dest: "{{ monit_discord_alert_script }}" + register: discord + + - name: Make Discord script executable + file: + dest: "{{ monit_discord_alert_script }}" + mode: a+x + when: monit_alert_discord.deploy == true + +# Update configs +- block: + - name: Remove 'http.conf' if needed + file: + path: /etc/monit/conf.d/http.conf + state: absent + when: monit_http is not defined + + - name: Check 'http.conf' config + template: + src: conf/http.conf.j2 + dest: /etc/monit/conf.d/http.conf + register: http + when: monit_http is defined + + + - name: Remove 'processes.conf' if needed + file: + path: /etc/monit/conf.d/processes.conf + state: absent + when: monit_processes is not defined + + - name: Check 'processes.conf' config + template: + src: conf/processes.conf.j2 + dest: /etc/monit/conf.d/processes.conf + register: processes + when: monit_processes is defined + + + - name: Remove 'filesystems.conf' if needed + file: + path: /etc/monit/conf.d/filesystems.conf + state: absent + when: monit_filesystems is not defined + + - name: Check 'filesystems.conf' config + template: + src: conf/filesystems.conf.j2 + dest: /etc/monit/conf.d/filesystems.conf + register: filesystem + when: monit_filesystems is defined + + - name: Remove 'hosts.conf' if needed + file: + path: /etc/monit/conf.d/hosts.conf + state: absent + when: monit_hosts is not defined + + - name: Check 'hosts.conf' config + template: + src: conf/hosts.conf.j2 + dest: /etc/monit/conf.d/hosts.conf + when: monit_hosts is defined + register: hosts + + + - name: Remove 'system.conf' if needed + file: + path: /etc/monit/conf.d/system.conf + state: absent + when: monit_system is not defined + + - name: Check 'system.conf' config + template: + src: conf/system.conf.j2 + dest: /etc/monit/conf.d/system.conf + register: system + +- name: Reload monit + shell: monit reload + register: reload + diff --git a/roles/jtom38.monit/templates/conf/filesystems.conf.j2 b/roles/jtom38.monit/templates/conf/filesystems.conf.j2 new file mode 100644 index 0000000..15a6613 --- /dev/null +++ b/roles/jtom38.monit/templates/conf/filesystems.conf.j2 @@ -0,0 +1,14 @@ +# This file was generated by Ansible. +# Any changes made to this file will be lost. + +{% for i in monit_filesystems %} +check filesystem {{ i.name }} with path {{ i.path }} +{% for w in i.when %} +{% if w.alert == true %} + if space usage {{ w.usage }} for {{ w.tries }} times within {{ w.cycles }} cycles then alert +{% elif w.exec != '' %} + if space usage {{ w.usage }} for {{ w.tries }} times within {{ w.cycles }} cycles then exec {{ w.exec }} + else if succeeded then exec {{ w.exec }} +{% endif %} +{% endfor %} +{% endfor %} diff --git a/roles/jtom38.monit/templates/conf/global.conf.j2 b/roles/jtom38.monit/templates/conf/global.conf.j2 new file mode 100644 index 0000000..e0d582d --- /dev/null +++ b/roles/jtom38.monit/templates/conf/global.conf.j2 @@ -0,0 +1,13 @@ +# This file was generated by Ansible. +# Any changes made to this file will be lost. + +set daemon {{ monit_global.check_interval }} + +set log {{ monit_global.log_file }} + +set statefile {{ monit_global.statefile }} + +# This defines how many messages are stored incase email failure +set eventqueue + basedir {{ monit_global.eventqueue.basedir }} + slots {{ monit_global.eventqueue.slots }} diff --git a/roles/jtom38.monit/templates/conf/hosts.conf.j2 b/roles/jtom38.monit/templates/conf/hosts.conf.j2 new file mode 100644 index 0000000..b6c4ef7 --- /dev/null +++ b/roles/jtom38.monit/templates/conf/hosts.conf.j2 @@ -0,0 +1,32 @@ +# This file was generated by Ansible. +# Any changes made to this file will be lost. + +{% for i in monit_hosts %} +check host {{ i.name }} with address {{ i.address }} +{% if i.group != '' %} + group {{ i.group }} +{% endif %} +{% for w in i.when %} + if failed +{% if w.http.enabled == true %} + port {{ w.http.port }} + protocol {{ w.http.protocol }} + request "{{ w.http.request }}" +{% if w.http.username != ''%} + username "{{ w.http.username }}" +{% endif %} +{% if w.http.password != ''%} + password "{{ w.http.password }}" +{% endif %} +{% endif %} +{% if w.then.alert == true %} + then alert + else if succeeded then alert +{% elif w.then.exec != '' %} + then exec {{ w.then.exec }} + else if succeeded then exec {{ w.then.exec }} +{% elif w.then.restart == true %} + then restart +{% endif %} +{% endfor %} +{% endfor %} diff --git a/roles/jtom38.monit/templates/conf/http.conf.j2 b/roles/jtom38.monit/templates/conf/http.conf.j2 new file mode 100644 index 0000000..3857a4f --- /dev/null +++ b/roles/jtom38.monit/templates/conf/http.conf.j2 @@ -0,0 +1,7 @@ +# This file was generated by Ansible. +# Any changes made to this file will be lost. + +set httpd port {{ monit_http.port }} + # Defines the user account to login + allow {{ monit_http.username }}:{{ monit_http.password }} + diff --git a/roles/jtom38.monit/templates/conf/processes.conf.j2 b/roles/jtom38.monit/templates/conf/processes.conf.j2 new file mode 100644 index 0000000..9417176 --- /dev/null +++ b/roles/jtom38.monit/templates/conf/processes.conf.j2 @@ -0,0 +1,24 @@ +# This file was generated by Ansible. +# Any changes made to this file will be lost. + +{% for i in monit_processes %} + + {% if i.pidfile != '' %} +check process {{ i.name }} with pidfile {{ i.pidfile }} + {% elif i.matching != '' %} +check process {{ i.name }} with matching {{ i.matching }} + {% endif %} + start = "{{ i.start }}" with timeout {{ i.timeout }} + stop = "{{ i.stop }}" + + {% for w in i.when %} + {% if w.alert == true %} + if {{ w.type }} {{ w.usage }} for {{ w.cycles }} cycles then alert + if changed {{ w.type }} THEN alert + {% elif w.exec != '' %} + if {{ w.type }} {{ w.usage }} for {{ w.cycles }} cycles then exec {{ w.exec }} + else if succeeded then exec {{ w.exec }} + {% endif %} + {% endfor %} + +{% endfor %} diff --git a/roles/jtom38.monit/templates/conf/system.conf.j2 b/roles/jtom38.monit/templates/conf/system.conf.j2 new file mode 100644 index 0000000..d5fbbf6 --- /dev/null +++ b/roles/jtom38.monit/templates/conf/system.conf.j2 @@ -0,0 +1,14 @@ +# This file was generated by Ansible. +# Any changes made to this file will be lost. + +check system {{ monit_system.hostname }} + {% for w in monit_system.when %} + {% if w.alert == true %} + if {{ w.type }} {{ w.usage }} for {{ w.cycles }} cycles then alert + {% elif w.exec != '' %} + if {{ w.type }} {{ w.usage }} for {{ w.cycles }} cycles then exec {{ w.exec }} + else if succeeded then exec {{ w.exec }} + {% else %} + if {{ w.type }} {{ w.usage }} for {{ w.cycles }} cycles + {% endif %} + {% endfor %} \ No newline at end of file diff --git a/roles/jtom38.monit/templates/scripts/discord.sh.j2 b/roles/jtom38.monit/templates/scripts/discord.sh.j2 new file mode 100644 index 0000000..25f27df --- /dev/null +++ b/roles/jtom38.monit/templates/scripts/discord.sh.j2 @@ -0,0 +1,19 @@ +#!/bin/bash +# Notice: +# This is maintained by ansible. +# Any changes made to this file outside of ansible will be lost. + +WEBHOOK={{ monit_alert_discord.webhook }} +USERNAME={{ monit_alert_discord.username }} +HOST={{ monit_hostname.stdout }} +MONIT_URL=http://{{ ansible_host }}:{{ monit_http.port}} +DATE=$(date "+%m/%d/%y %H:%M:%S") + +curl -X POST \ + -H "Content-Type: application/json" \ + -d "{ + \"username\": \"${USERNAME}\", + \"content\": \"**Host**: ${HOST}\n**Service**: ${MONIT_SERVICE}\n**Message**: ${MONIT_DESCRIPTION}\n**URL**: ${MONIT_URL}\n**When**: ${DATE} \" + }" \ + ${WEBHOOK} + diff --git a/roles/jtom38.monit/templates/scripts/slack.sh.j2 b/roles/jtom38.monit/templates/scripts/slack.sh.j2 new file mode 100644 index 0000000..95601ee --- /dev/null +++ b/roles/jtom38.monit/templates/scripts/slack.sh.j2 @@ -0,0 +1,24 @@ +#!/bin/bash +# Notice: +# This is maintained by ansible. +# Any changes made to this file outside of ansible will be lost. + +URL=https://{{ monit_alert_slack.slack_instance }}.slack.com/services/hooks/incoming-webhook?token={{ monit_alert_slack.webhook_token }} +CHANNEL={{ monit_alert_slack.channel }} +USERNAME={{ monit_alert_slack.username }} +HOST={{ monit_hostname.stdout }} +MONIT_URL=http://{{ ansible_host }}:{{ monit_http.port}} +DATE=$(date "+%m/%d/%y %H:%M:%S") + +/usr/bin/curl \ + -X POST \ + -s \ + --data-urlencode "payload={ \ + \"channel\": \"${CHANNEL}\", \ + \"username\": \"${USERNAME}\", \ + \"pretext\": \"servername | $MONIT_DATE\", \ + \"color\": \"danger\", \ + \"icon_emoji\": \":warning:\", \ + \"text\": \"**Host**: ${HOST}\n**Service**: ${MONIT_SERVICE}\n**Message**: ${MONIT_DESCRIPTION}\n**URL**: ${MONIT_URL}\n**When**: ${DATE}\" + }" \ + ${URL} \ No newline at end of file diff --git a/roles/luther38.heartbeat/tests/inventory b/roles/jtom38.monit/tests/inventory similarity index 100% rename from roles/luther38.heartbeat/tests/inventory rename to roles/jtom38.monit/tests/inventory diff --git a/roles/luther38.elasticsearch/tests/test.yml b/roles/jtom38.monit/tests/test.yml similarity index 73% rename from roles/luther38.elasticsearch/tests/test.yml rename to roles/jtom38.monit/tests/test.yml index 23f2653..59fde58 100644 --- a/roles/luther38.elasticsearch/tests/test.yml +++ b/roles/jtom38.monit/tests/test.yml @@ -2,4 +2,4 @@ - hosts: localhost remote_user: root roles: - - elasticsearch \ No newline at end of file + - jtom38/monit \ No newline at end of file diff --git a/roles/jtom38.monit/vars/main.yml b/roles/jtom38.monit/vars/main.yml new file mode 100644 index 0000000..041b6ce --- /dev/null +++ b/roles/jtom38.monit/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for jtom38/monit \ No newline at end of file diff --git a/roles/luther38.elasticsearch/README.md b/roles/luther38.elasticsearch/README.md deleted file mode 100644 index 1cdb858..0000000 --- a/roles/luther38.elasticsearch/README.md +++ /dev/null @@ -1,96 +0,0 @@ -ElasticSearch -========= - -This role will install and configure ElastiSearch on requested servers. - -Requirements ------------- - -No requirements are needed for this role. - -Role Variables --------------- - -```yaml -cluster_name: 'cluster' - -node_name: '' - -# https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html -# -node_master: true - -node_data: true - -path_data: '/var/lib/elasticsearch' - -path_logs: '/var/log/elastisearch' - -http_port: 9200 - -### Transport ### -# -#https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html -# - -# The host address to bind the transport service to. Defaults to transport.host (if set) or network.bind_host. -transport_host: 'localhost' - -# A bind port range. Defaults to 9300-9400. -transport_port: 9300 - -# -# Firewall configuration -# - -# Allow http_port though UFW -ufw_http_port: false - -# Allow transport_port though UFW -ufw_transport_port: false - -# -# systemd configuration -# - -# Enable ElasticSearch on system startup -systemd_enabled: false - -# Restart ElasticSearch after running though playbook -systemd_restart: false -``` - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - -- name: testing elastic role - hosts: elastic - - tasks: - - name: Install ElasticSearch - import_role: - name: elasticsearch - vars: - cluster_name: "cookies" - ufw_http_port: true - ufw_transport_port: true - systemd_enabled: true - systemd_restart: true - - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/luther38.elasticsearch/defaults/main.yml b/roles/luther38.elasticsearch/defaults/main.yml deleted file mode 100644 index 4b59327..0000000 --- a/roles/luther38.elasticsearch/defaults/main.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- -# This contains all the variables that can be used in the playbook - -cluster_name: 'cluster' - -node_name: 'nodeName' - -# https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html -# -node_master: true - -node_data: true - -path_data: '/var/lib/elasticsearch' - -path_logs: '/var/log/elastisearch' - -http_port: 9200 - -### Transport ### -# -#https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html -# - -# The host address to bind the transport service to. Defaults to transport.host (if set) or network.bind_host. -transport_host: 'localhost' - -# A bind port range. Defaults to 9300-9400. -transport_port: 9300 - -# -# Discovery -# - -# Format data like so " '172.0.0.1', '192.168.0.0' " -discovery_seed_host: "127.0.0.1" - -#cluster_initial_master_nodes: ["node-1", "node-2"] -cluster_initial_master_nodes: "'node-1', 'node-2'" - -# -# Firewall configuration -# - -# Allow http_port though UFW -ufw_http_port: false - -# Allow transport_port though UFW -ufw_transport_port: false - -# -# systemd configuration -# - -# Enable ElasticSearch on system startup -systemd_enabled: false - -# Restart ElasticSearch after running though playbook -systemd_restart: false - diff --git a/roles/luther38.elasticsearch/handlers/main.yml b/roles/luther38.elasticsearch/handlers/main.yml deleted file mode 100644 index 5da5dbb..0000000 --- a/roles/luther38.elasticsearch/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for elasticsearch \ No newline at end of file diff --git a/roles/luther38.elasticsearch/tasks/install-repo.yml b/roles/luther38.elasticsearch/tasks/install-repo.yml deleted file mode 100644 index c4504a6..0000000 --- a/roles/luther38.elasticsearch/tasks/install-repo.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: Install Elastic GPG Key - become: true - apt_key: - url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch" - state: present - id: 46095ACC8548582C1A2699A9D27D666CD88E42B4 - -- name: Install apt-transport-https - become: true - apt: - name: apt-transport-https - -- name: Add Elastic Repo - become: true - copy: - dest: '/etc/apt/sources.list.d/elastic-7.x.list' - content: "deb https://artifacts.elastic.co/packages/7.x/apt stable main" - # copy: - #src: elastic-7.x.list - # dest: /etc/apt/sources.list.d/ - # backup: yes - -- name: Update Packages - become: true - apt: - update_cache: true - diff --git a/roles/luther38.elasticsearch/tasks/main.yml b/roles/luther38.elasticsearch/tasks/main.yml deleted file mode 100644 index 4f0a375..0000000 --- a/roles/luther38.elasticsearch/tasks/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -# tasks file for elasticsearcih - -#- name: Test role -#debug: var=cluster_name - -- name: Running role - elasticsearch - include: ubuntu.yml - when: ansible_distribution == "Ubuntu" - - diff --git a/roles/luther38.elasticsearch/tasks/ubuntu.yml b/roles/luther38.elasticsearch/tasks/ubuntu.yml deleted file mode 100644 index 6026c10..0000000 --- a/roles/luther38.elasticsearch/tasks/ubuntu.yml +++ /dev/null @@ -1,44 +0,0 @@ - - -- name: Add Elastic repo - include: install-repo.yml - -- name: Install ElasticSearch from apt - become: true - apt: - name: elasticsearch - -- name: Update config - become: true - template: - src: elasticsearch.j2 - dest: /etc/elasticsearch/elasticsearch.yml - backup: yes - -- name: UFW allow http_port - become: true - when: ufw_http_port == true - ufw: - rule: allow - port: "{{ http_port }}" - -- name: UFW allow transport_port - become: true - when: ufw_transport_port == true - ufw: - rule: allow - port: "{{ transport_port }}" - -- name: systemd enable elasticsearch - become: true - when: systemd_enabled == true - systemd: - name: elasticsearch - enabled: true - -- name: systemd restart elasticsearch - become: true - when: systemd_restart == true - systemd: - name: elasticsearch - state: restarted diff --git a/roles/luther38.elasticsearch/templates/elasticsearch.j2 b/roles/luther38.elasticsearch/templates/elasticsearch.j2 deleted file mode 100755 index 83e5523..0000000 --- a/roles/luther38.elasticsearch/templates/elasticsearch.j2 +++ /dev/null @@ -1,96 +0,0 @@ -# ======================== Elasticsearch Configuration ========================= -# -# NOTE: Elasticsearch comes with reasonable defaults for most settings. -# Before you set out to tweak and tune the configuration, make sure you -# understand what are you trying to accomplish and the consequences. -# -# The primary way of configuring a node is via this file. This template lists -# the most important settings you may want to configure for a production cluster. -# -# Please consult the documentation for further information on configuration options: -# https://www.elastic.co/guide/en/elasticsearch/reference/index.html -# -# ---------------------------------- Cluster ----------------------------------- -# -# Use a descriptive name for your cluster: -# -#cluster.name: my-application -cluster.name: {{ cluster_name }} -# -# ------------------------------------ Node ------------------------------------ -# -# Use a descriptive name for the node: -# -#node.name: node-1 -node.name: {{ node_name }} -#node.master: {{ node_master }} -#node.data: {{ node_data }} -# -# Add custom attributes to the node: -# -#node.attr.rack: r1 -# -# ----------------------------------- Paths ------------------------------------ -# -# Path to directory where to store the data (separate multiple locations by comma): -# -path.data: {{ path_data }} -# -# Path to log files: -# -path.logs: {{ path_logs }} -# -# ----------------------------------- Memory ----------------------------------- -# -# Lock the memory on startup: -# -#bootstrap.memory_lock: true -# -# Make sure that the heap size is set to about half the memory available -# on the system and that the owner of the process is allowed to use this -# limit. -# -# Elasticsearch performs poorly when the system is swapping the memory. -# -# ---------------------------------- Network ----------------------------------- -# -# Set the bind address to a specific IP (IPv4 or IPv6): -# -network.host: {{ ansible_default_ipv4.address }} -# -# Set a custom port for HTTP: -# -http.port: {{ http_port }} -#transport.host: {{ transport_host }} -transport.tcp.port: {{ transport_port }} -# -# For more information, consult the network module documentation.# -# -# --------------------------------- Discovery ---------------------------------- -# -# Pass an initial list of hosts to perform discovery when this node is started: -# The default list of hosts is ["127.0.0.1", "[::1]"] -# -#discovery.seed_hosts: ["host1", "host2"] -{{ discovery_seed_hosts_def }} -# -# Bootstrap the cluster using an initial set of master-eligible nodes: -# -#cluster.initial_master_nodes: ["node-1", "node-2"] -cluster.initial_master_nodes: [ {{ cluster_initial_master_nodes }} ] -# -# For more information, consult the discovery and cluster formation module documentation. -# -# ---------------------------------- Gateway ----------------------------------- -# -# Block initial recovery after a full cluster restart until N nodes are started: -# -#gateway.recover_after_nodes: 3 -# -# For more information, consult the gateway module documentation. -# -# ---------------------------------- Various ----------------------------------- -# -# Require explicit names when deleting indices: -# -#action.destructive_requires_name: true diff --git a/roles/luther38.elasticsearch/vars/main.yml b/roles/luther38.elasticsearch/vars/main.yml deleted file mode 100644 index c0056f6..0000000 --- a/roles/luther38.elasticsearch/vars/main.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -# configuration for elasticsearch.yml -# -# Defines the name of the cluster we are going to deploy to -cluster_name: 'Elastic-Cluster' - -# Defines the name of the node -node_name: 'hostname' - -node_master: true - -node_data: true - -path_data: '/var/lib/elasticsearch' - -path_logs: '/var/lib/elasticsearch' - -http_port: 9200 - -transport_host: localhost - -transport_tcp_port: 9300 - -discovery_seed_hosts: 172.0.0.1 - -discovery_seed_hosts_def: "discovery.seed_hosts: [ {{ discovery_seed_hosts }} ]" diff --git a/roles/luther38.filebeat/defaults/main.yml b/roles/luther38.filebeat/defaults/main.yml deleted file mode 100644 index d87f558..0000000 --- a/roles/luther38.filebeat/defaults/main.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# defaults file for luther38.filebeat - -# config file - -# Single value -kibana_host: 127.0.0.1 - -# Takes multiple values -# "'127.0.0.1:9200', '0.0.0.0:9200'" -elasticsearch_hosts: "'127.0.0.1:9200'" - -# Systemd -systemd_enable: false -systemd_restart: false diff --git a/roles/luther38.filebeat/handlers/main.yml b/roles/luther38.filebeat/handlers/main.yml deleted file mode 100644 index ef1f8dc..0000000 --- a/roles/luther38.filebeat/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for luther38.filebeat \ No newline at end of file diff --git a/roles/luther38.filebeat/tasks/install-repo.yml b/roles/luther38.filebeat/tasks/install-repo.yml deleted file mode 100644 index c4504a6..0000000 --- a/roles/luther38.filebeat/tasks/install-repo.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: Install Elastic GPG Key - become: true - apt_key: - url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch" - state: present - id: 46095ACC8548582C1A2699A9D27D666CD88E42B4 - -- name: Install apt-transport-https - become: true - apt: - name: apt-transport-https - -- name: Add Elastic Repo - become: true - copy: - dest: '/etc/apt/sources.list.d/elastic-7.x.list' - content: "deb https://artifacts.elastic.co/packages/7.x/apt stable main" - # copy: - #src: elastic-7.x.list - # dest: /etc/apt/sources.list.d/ - # backup: yes - -- name: Update Packages - become: true - apt: - update_cache: true - diff --git a/roles/luther38.filebeat/tasks/main.yml b/roles/luther38.filebeat/tasks/main.yml deleted file mode 100644 index cd70948..0000000 --- a/roles/luther38.filebeat/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# tasks file for luther38.filebeat - - -- name: Install Filebeat on Ubuntu - when: ansible_distribution == 'Ubuntu' - include: ubuntu.yml diff --git a/roles/luther38.filebeat/tasks/ubuntu.yml b/roles/luther38.filebeat/tasks/ubuntu.yml deleted file mode 100644 index 9f1f3e5..0000000 --- a/roles/luther38.filebeat/tasks/ubuntu.yml +++ /dev/null @@ -1,30 +0,0 @@ - - -- name: Add Elastic repo - include: install-repo.yml - -- name: Install ElasticSearch from apt - become: true - apt: - name: filebeat - -- name: Update config - become: true - template: - src: filebeat.j2 - dest: /etc/filebeat/filebeat.yml - backup: yes - -- name: systemd enable elasticsearch - become: true - when: systemd_enabled == true - systemd: - name: filebeat - enabled: true - -- name: systemd restart elasticsearch - become: true - when: systemd_restart == true - systemd: - name: filebeat - state: restarted diff --git a/roles/luther38.filebeat/tasks/windows.yml b/roles/luther38.filebeat/tasks/windows.yml deleted file mode 100644 index e7ff0dd..0000000 --- a/roles/luther38.filebeat/tasks/windows.yml +++ /dev/null @@ -1,62 +0,0 @@ -#https://artifacts.elastic.co/downloads/beats/winlogbeat/metricbeat-7.0.0-windows-x86_64.zip -# This will install winlogbeat on a windows host. ---- -- name: make tmp folder - win_file: - path: c:\tmp\ - state: directory - -- name: download winlogbeat - win_get_url: - url: 'https://artifacts.elastic.co/downloads/beats/winlogbeat/winlogbeat-{{ version }}-windows-x86_64.zip' - dest: 'C:\tmp\winlogbeat-{{ version }}.zip' - force: no - -- name: unzip winlogbeat - win_unzip: - src: c:\tmp\winlogbeat-{{ version }}.zip - dest: C:\tmp\winlogbeat-{{ version }}\ - creates: C:\tmp\winlogbeat-{{ version }}\ - -- name: Copy winlogbeat-{{ version }} folder - win_command: powershell.exe copy-item -Path 'c:\tmp\winlogbeat-{{ version }}\winlogbeat-{{ version }}-windows-x86_64\' -Filter * -Recurse -Destination 'C:\Program Files\Winlogbeat\' - args: - creates: C:\Program Files\Winlogbeat\ - -- name: Update tmplate - win_template: - src: winlogbeat.j2 - dest: C:\Program Files\Winlogbeat\winlogbeat.yml - -- name: Check if winlogbeat service is installed - register: service - win_service: - name: winlogbeat - -#- debug: var=service - -- name: Install service - when: service.exists == false - win_command: powershell.exe -ExecutionPolicy ByPass -File install-service-winlogbeat.ps1 - args: - chdir: C:\program files\winlogbeat\ - -- name: check status service - register: service - win_service: - name: winlogbeat - -#- debug: var=service - -- name: restart service - when: service.state == 'running' - win_service: - name: winlogbeat - state: restarted - -- name: start service - when: service.state == 'stopped' - win_service: - name: winlogbeat - state: started - diff --git a/roles/luther38.filebeat/templates/filebeat.j2 b/roles/luther38.filebeat/templates/filebeat.j2 deleted file mode 100755 index 0c091d6..0000000 --- a/roles/luther38.filebeat/templates/filebeat.j2 +++ /dev/null @@ -1,211 +0,0 @@ -###################### Filebeat Configuration Example ######################### - -# This file is an example configuration file highlighting only the most common -# options. The filebeat.reference.yml file from the same directory contains all the -# supported options with more comments. You can use it as a reference. -# -# You can find the full configuration reference here: -# https://www.elastic.co/guide/en/beats/filebeat/index.html - -# For more available modules and options, please see the filebeat.reference.yml sample -# configuration file. - -#=========================== Filebeat inputs ============================= - -filebeat.inputs: - -# Each - is an input. Most options can be set at the input level, so -# you can use different inputs for various configurations. -# Below are the input specific configurations. - -- type: log - - # Change to true to enable this input configuration. - enabled: false - - # Paths that should be crawled and fetched. Glob based paths. - paths: - - /var/log/*.log - #- c:\programdata\elasticsearch\logs\* - - # Exclude lines. A list of regular expressions to match. It drops the lines that are - # matching any regular expression from the list. - #exclude_lines: ['^DBG'] - - # Include lines. A list of regular expressions to match. It exports the lines that are - # matching any regular expression from the list. - #include_lines: ['^ERR', '^WARN'] - - # Exclude files. A list of regular expressions to match. Filebeat drops the files that - # are matching any regular expression from the list. By default, no files are dropped. - #exclude_files: ['.gz$'] - - # Optional additional fields. These fields can be freely picked - # to add additional information to the crawled log files for filtering - #fields: - # level: debug - # review: 1 - - ### Multiline options - - # Multiline can be used for log messages spanning multiple lines. This is common - # for Java Stack Traces or C-Line Continuation - - # The regexp Pattern that has to be matched. The example pattern matches all lines starting with [ - #multiline.pattern: ^\[ - - # Defines if the pattern set under pattern should be negated or not. Default is false. - #multiline.negate: false - - # Match can be set to "after" or "before". It is used to define if lines should be append to a pattern - # that was (not) matched before or after or as long as a pattern is not matched based on negate. - # Note: After is the equivalent to previous and before is the equivalent to to next in Logstash - #multiline.match: after - - -#============================= Filebeat modules =============================== - -filebeat.config.modules: - # Glob pattern for configuration loading - path: ${path.config}/modules.d/*.yml - - # Set to true to enable config reloading - reload.enabled: false - - # Period on which files under path should be checked for changes - #reload.period: 10s - -#==================== Elasticsearch template setting ========================== - -setup.template.settings: - index.number_of_shards: 1 - #index.codec: best_compression - #_source.enabled: false - -#================================ General ===================================== - -# The name of the shipper that publishes the network data. It can be used to group -# all the transactions sent by a single shipper in the web interface. -#name: - -# The tags of the shipper are included in their own field with each -# transaction published. -#tags: ["service-X", "web-tier"] - -# Optional fields that you can specify to add additional information to the -# output. -#fields: -# env: staging - - -#============================== Dashboards ===================================== -# These settings control loading the sample dashboards to the Kibana index. Loading -# the dashboards is disabled by default and can be enabled either by setting the -# options here or by using the `setup` command. -#setup.dashboards.enabled: false - -# The URL from where to download the dashboards archive. By default this URL -# has a value which is computed based on the Beat name and version. For released -# versions, this URL points to the dashboard archive on the artifacts.elastic.co -# website. -#setup.dashboards.url: - -#============================== Kibana ===================================== - -# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. -# This requires a Kibana endpoint configuration. -setup.kibana: - - # Kibana Host - # Scheme and port can be left out and will be set to the default (http and 5601) - # In case you specify and additional path, the scheme is required: http://localhost:5601/path - # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601 - #host: "localhost:5601" - host: {{ kibana_host }} - - # Kibana Space ID - # ID of the Kibana Space into which the dashboards should be loaded. By default, - # the Default Space will be used. - #space.id: - -#============================= Elastic Cloud ================================== - -# These settings simplify using filebeat with the Elastic Cloud (https://cloud.elastic.co/). - -# The cloud.id setting overwrites the `output.elasticsearch.hosts` and -# `setup.kibana.host` options. -# You can find the `cloud.id` in the Elastic Cloud web UI. -#cloud.id: - -# The cloud.auth setting overwrites the `output.elasticsearch.username` and -# `output.elasticsearch.password` settings. The format is `:`. -#cloud.auth: - -#================================ Outputs ===================================== - -# Configure what output to use when sending the data collected by the beat. - -#-------------------------- Elasticsearch output ------------------------------ -output.elasticsearch: - # Array of hosts to connect to. - #hosts: ["localhost:9200"] - hosts: [{{ elasticsearch_hosts }}] - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "elastic" - #password: "changeme" - -#----------------------------- Logstash output -------------------------------- -#output.logstash: - # The Logstash hosts - #hosts: ["localhost:5044"] - - # Optional SSL. By default is off. - # List of root certificates for HTTPS server verifications - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - -#================================ Processors ===================================== - -# Configure processors to enhance or manipulate events generated by the beat. - -processors: - - add_host_metadata: ~ - - add_cloud_metadata: ~ - -#================================ Logging ===================================== - -# Sets log level. The default log level is info. -# Available log levels are: error, warning, info, debug -#logging.level: debug - -# At debug level, you can selectively enable logging only for some components. -# To enable all selectors use ["*"]. Examples of other selectors are "beat", -# "publish", "service". -#logging.selectors: ["*"] - -#============================== Xpack Monitoring =============================== -# filebeat can export internal metrics to a central Elasticsearch monitoring -# cluster. This requires xpack monitoring to be enabled in Elasticsearch. The -# reporting is disabled by default. - -# Set to true to enable the monitoring reporter. -#xpack.monitoring.enabled: false - -# Uncomment to send the metrics to Elasticsearch. Most settings from the -# Elasticsearch output are accepted here as well. Any setting that is not set is -# automatically inherited from the Elasticsearch output configuration, so if you -# have the Elasticsearch output configured, you can simply uncomment the -# following line. -#xpack.monitoring.elasticsearch: - -#================================= Migration ================================== - -# This allows to enable 6.7 migration aliases -#migration.6_to_7.enabled: true diff --git a/roles/luther38.filebeat/vars/main.yml b/roles/luther38.filebeat/vars/main.yml deleted file mode 100644 index 20faa9c..0000000 --- a/roles/luther38.filebeat/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for luther38.filebeat \ No newline at end of file diff --git a/roles/luther38.heartbeat/archive/config-heartbeat.yml b/roles/luther38.heartbeat/archive/config-heartbeat.yml deleted file mode 100644 index c1810dd..0000000 --- a/roles/luther38.heartbeat/archive/config-heartbeat.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- - -- name: systemd - daemon reload - become: true - systemd: - daemon_reload: yes - -- name: system - enable on startup - become: true - systemd: - name: heartbeat-elastic - enabled: yes - -- name: systemd - restart heartbeat - become: true - systemd: - name: heartbeat-elastic - state: restarted diff --git a/roles/luther38.heartbeat/defaults/main.yml b/roles/luther38.heartbeat/defaults/main.yml deleted file mode 100644 index fb97c0a..0000000 --- a/roles/luther38.heartbeat/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# defaults file for luther38.heartbeat \ No newline at end of file diff --git a/roles/luther38.heartbeat/handlers/main.yml b/roles/luther38.heartbeat/handlers/main.yml deleted file mode 100644 index 1737524..0000000 --- a/roles/luther38.heartbeat/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for luther38.heartbeat \ No newline at end of file diff --git a/roles/luther38.heartbeat/meta/main.yml b/roles/luther38.heartbeat/meta/main.yml deleted file mode 100644 index 5d50bf4..0000000 --- a/roles/luther38.heartbeat/meta/main.yml +++ /dev/null @@ -1,60 +0,0 @@ -galaxy_info: - author: your name - description: your description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) - - min_ansible_version: 2.4 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. - # To view available platforms and versions (or releases), visit: - # https://galaxy.ansible.com/api/v1/platforms/ - # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file diff --git a/roles/luther38.heartbeat/tasks/main.yml b/roles/luther38.heartbeat/tasks/main.yml deleted file mode 100644 index 90f3b82..0000000 --- a/roles/luther38.heartbeat/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# tasks file for luther38.heartbeat \ No newline at end of file diff --git a/roles/luther38.heartbeat/templates/heartbeat.j2 b/roles/luther38.heartbeat/templates/heartbeat.j2 deleted file mode 100755 index b5c4efa..0000000 --- a/roles/luther38.heartbeat/templates/heartbeat.j2 +++ /dev/null @@ -1,168 +0,0 @@ -################### Heartbeat Configuration Example ######################### - -# This file is an example configuration file highlighting only some common options. -# The heartbeat.reference.yml file in the same directory contains all the supported options -# with detailed comments. You can use it for reference. -# -# You can find the full configuration reference here: -# https://www.elastic.co/guide/en/beats/heartbeat/index.html - -############################# Heartbeat ###################################### - -# Define a directory to load monitor definitions from. Definitions take the form -# of individual yaml files. -heartbeat.config.monitors: - # Directory + glob pattern to search for configuration files - path: ${path.config}/monitors.d/*.yml - # If enabled, heartbeat will periodically check the config.monitors path for changes - reload.enabled: true - # How often to check for changes - reload.period: 5s - -# Configure monitors inline -heartbeat.monitors: -- type: http - - # List or urls to query - urls: ["http://localhost:9200", "https://www.directorsmortgage.com", "https://www.usadirectfunding.com":] - - # Configure task schedule - schedule: '@every 60s' - - # Total test connection and data exchange timeout - #timeout: 16s - -#==================== Elasticsearch template setting ========================== - -setup.template.settings: - index.number_of_shards: 1 - index.codec: best_compression - #_source.enabled: false - -#================================ General ===================================== - -# The name of the shipper that publishes the network data. It can be used to group -# all the transactions sent by a single shipper in the web interface. -name: {{ ansible_hostname }} - -# The tags of the shipper are included in their own field with each -# transaction published. -#tags: ["service-X", "web-tier"] - -# Optional fields that you can specify to add additional information to the -# output. -#fields: -# env: staging - - -#============================== Dashboards ===================================== -# These settings control loading the sample dashboards to the Kibana index. Loading -# the dashboards is disabled by default and can be enabled either by setting the -# options here or by using the `setup` command. - -setup.dashboards.enabled: true - -# The URL from where to download the dashboards archive. By default this URL -# has a value which is computed based on the Beat name and version. For released -# versions, this URL points to the dashboard archive on the artifacts.elastic.co -# website. -#setup.dashboards.url: - -#============================== Kibana ===================================== - -# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. -# This requires a Kibana endpoint configuration. -setup.kibana: - - # Kibana Host - # Scheme and port can be left out and will be set to the default (http and 5601) - # In case you specify and additional path, the scheme is required: http://localhost:5601/path - # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601 - - host: {{ kibana_host }} - - # Kibana Space ID - # ID of the Kibana Space into which the dashboards should be loaded. By default, - # the Default Space will be used. - #space.id: - -#============================= Elastic Cloud ================================== - -# These settings simplify using heartbeat with the Elastic Cloud (https://cloud.elastic.co/). - -# The cloud.id setting overwrites the `output.elasticsearch.hosts` and -# `setup.kibana.host` options. -# You can find the `cloud.id` in the Elastic Cloud web UI. -#cloud.id: - -# The cloud.auth setting overwrites the `output.elasticsearch.username` and -# `output.elasticsearch.password` settings. The format is `:`. -#cloud.auth: - -#================================ Outputs ===================================== - -# Configure what output to use when sending the data collected by the beat. - -#-------------------------- Elasticsearch output ------------------------------ -output.elasticsearch: - # Array of hosts to connect to. - hosts: {{ elasticsearch_hosts }} - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "elastic" - #password: "changeme" - -#----------------------------- Logstash output -------------------------------- -#output.logstash: - # The Logstash hosts - #hosts: ["localhost:5044"] - - # Optional SSL. By default is off. - # List of root certificates for HTTPS server verifications - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - -#================================ Processors ===================================== - -# Configure processors to enhance or manipulate events generated by the beat. - -processors: - - add_host_metadata: ~ - - add_cloud_metadata: ~ - -#================================ Logging ===================================== - -# Sets log level. The default log level is info. -# Available log levels are: error, warning, info, debug -#logging.level: debug - -# At debug level, you can selectively enable logging only for some components. -# To enable all selectors use ["*"]. Examples of other selectors are "beat", -# "publish", "service". -#logging.selectors: ["*"] - -#============================== Xpack Monitoring =============================== -# heartbeat can export internal metrics to a central Elasticsearch monitoring -# cluster. This requires xpack monitoring to be enabled in Elasticsearch. The -# reporting is disabled by default. - -# Set to true to enable the monitoring reporter. -#xpack.monitoring.enabled: false - -# Uncomment to send the metrics to Elasticsearch. Most settings from the -# Elasticsearch output are accepted here as well. Any setting that is not set is -# automatically inherited from the Elasticsearch output configuration, so if you -# have the Elasticsearch output configured, you can simply uncomment the -# following line. -#xpack.monitoring.elasticsearch: - -#================================= Migration ================================== - -# This allows to enable 6.7 migration aliases -#migration.6_to_7.enabled: true diff --git a/roles/luther38.heartbeat/tests/test.yml b/roles/luther38.heartbeat/tests/test.yml deleted file mode 100644 index 9a3e298..0000000 --- a/roles/luther38.heartbeat/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - luther38.heartbeat \ No newline at end of file diff --git a/roles/luther38.heartbeat/vars/main.yml b/roles/luther38.heartbeat/vars/main.yml deleted file mode 100644 index 6c953ab..0000000 --- a/roles/luther38.heartbeat/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for luther38.heartbeat \ No newline at end of file diff --git a/roles/luther38.kibana/defaults/main.yml b/roles/luther38.kibana/defaults/main.yml deleted file mode 100644 index a4d714b..0000000 --- a/roles/luther38.kibana/defaults/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- - -# -# All variables exposed to the Kibana role. -# - -# -# Role variables -# - -# Allow 5601 though UFW -ufw_server_port: false - -# systemd - enable Kibana on startup -systemd_enabled: false - -# systemd - restart Kibana -systemd_restart: false - -# -# Configuration file variables -# - -# Defines that port that Kibana will listen on -# Default: 5601 -server_port: 5601 - -# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. -# The default is 'localhost', which usually means remote machines will not be able to connect. -# To allow connections from remote users, set this parameter to a non-loopback address. -server_host: localhost - -# The Kibana server's name. This is used for display purposes. -server_name: ansible_hostname - -# The URLs of the Elasticsearch instances to use for all your queries. -# example: " 'http://localhost:9200', 'http://192.168.0.1:9200' " -elasticsearch_hosts: " 'http://localhost:9200' " diff --git a/roles/luther38.kibana/handlers/main.yml b/roles/luther38.kibana/handlers/main.yml deleted file mode 100644 index 2afd799..0000000 --- a/roles/luther38.kibana/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for kibana \ No newline at end of file diff --git a/roles/luther38.kibana/tasks/install-repo.yml b/roles/luther38.kibana/tasks/install-repo.yml deleted file mode 100644 index c4504a6..0000000 --- a/roles/luther38.kibana/tasks/install-repo.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: Install Elastic GPG Key - become: true - apt_key: - url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch" - state: present - id: 46095ACC8548582C1A2699A9D27D666CD88E42B4 - -- name: Install apt-transport-https - become: true - apt: - name: apt-transport-https - -- name: Add Elastic Repo - become: true - copy: - dest: '/etc/apt/sources.list.d/elastic-7.x.list' - content: "deb https://artifacts.elastic.co/packages/7.x/apt stable main" - # copy: - #src: elastic-7.x.list - # dest: /etc/apt/sources.list.d/ - # backup: yes - -- name: Update Packages - become: true - apt: - update_cache: true - diff --git a/roles/luther38.kibana/tasks/main.yml b/roles/luther38.kibana/tasks/main.yml deleted file mode 100644 index 768a3f8..0000000 --- a/roles/luther38.kibana/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# tasks file for kibana - - -- name: install kibana on ubuntu - when: ansible_distribution == "Ubuntu" - include: ubuntu.yml diff --git a/roles/luther38.kibana/tasks/ubuntu.yml b/roles/luther38.kibana/tasks/ubuntu.yml deleted file mode 100644 index 5f93792..0000000 --- a/roles/luther38.kibana/tasks/ubuntu.yml +++ /dev/null @@ -1,42 +0,0 @@ - -# This handles the install and configuration for ubuntu based computers. - -- name: Install Elastic Repo - include: install-repo.yml - -- name: Intall Kibana from APT - become: true - apt: - name: kibana - -- name: Update Kibana config from template - become: true - template: - src: kibana.j2 - dest: /etc/kibana/kibana.yml - backup: true - -- name: Allow 5601 though UFW - when: ufw_server_port == true - become: true - ufw: - rule: allow - port: "{{ server_port }}" - -- name: systemd - daemon reload - become: true - systemd: - daemon_reload: yes - -- name: systemd - enable Kibana on startup - when: systemd_enabled == true - become: true - systemd: - name: kibana - enabled: yes - -- name: systemd - restart Kibana - when: systemd_restart == true - become: true - systemd: - name: kiband diff --git a/roles/luther38.kibana/templates/kibana.j2 b/roles/luther38.kibana/templates/kibana.j2 deleted file mode 100644 index c77c2b7..0000000 --- a/roles/luther38.kibana/templates/kibana.j2 +++ /dev/null @@ -1,118 +0,0 @@ -# Kibana is served by a back end server. This setting specifies the port to use. -#server.port: 5601 - -server.port: {{ server_port }} - -# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values. -# The default is 'localhost', which usually means remote machines will not be able to connect. -# To allow connections from remote users, set this parameter to a non-loopback address. -#server.host: "192.168.0.173" - -server.host: "{{ server_host }}" - -# Enables you to specify a path to mount Kibana at if you are running behind a proxy. -# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath -# from requests it receives, and to prevent a deprecation warning at startup. -# This setting cannot end in a slash. -#server.basePath: "" - -# Specifies whether Kibana should rewrite requests that are prefixed with -# `server.basePath` or require that they are rewritten by your reverse proxy. -# This setting was effectively always `false` before Kibana 6.3 and will -# default to `true` starting in Kibana 7.0. -#server.rewriteBasePath: false - -# The maximum payload size in bytes for incoming server requests. -#server.maxPayloadBytes: 1048576 - -# The Kibana server's name. This is used for display purposes. -server.name: "{{ server_name }}" - -# The URLs of the Elasticsearch instances to use for all your queries. -#elasticsearch.hosts: ["http://localhost:9200"] -elasticsearch.hosts: [ {{ elasticsearch_hosts }} ] - -# When this setting's value is true Kibana uses the hostname specified in the server.host -# setting. When the value of this setting is false, Kibana uses the hostname of the host -# that connects to this Kibana instance. -#elasticsearch.preserveHost: true - -# Kibana uses an index in Elasticsearch to store saved searches, visualizations and -# dashboards. Kibana creates a new index if the index doesn't already exist. -#kibana.index: ".kibana" - -# The default application to load. -#kibana.defaultAppId: "home" - -# If your Elasticsearch is protected with basic authentication, these settings provide -# the username and password that the Kibana server uses to perform maintenance on the Kibana -# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which -# is proxied through the Kibana server. -#elasticsearch.username: "user" -#elasticsearch.password: "pass" - -# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively. -# These settings enable SSL for outgoing requests from the Kibana server to the browser. -#server.ssl.enabled: false -#server.ssl.certificate: /path/to/your/server.crt -#server.ssl.key: /path/to/your/server.key - -# Optional settings that provide the paths to the PEM-format SSL certificate and key files. -# These files validate that your Elasticsearch backend uses the same key files. -#elasticsearch.ssl.certificate: /path/to/your/client.crt -#elasticsearch.ssl.key: /path/to/your/client.key - -# Optional setting that enables you to specify a path to the PEM file for the certificate -# authority for your Elasticsearch instance. -#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ] - -# To disregard the validity of SSL certificates, change this setting's value to 'none'. -#elasticsearch.ssl.verificationMode: full - -# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of -# the elasticsearch.requestTimeout setting. -#elasticsearch.pingTimeout: 1500 - -# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value -# must be a positive integer. -#elasticsearch.requestTimeout: 30000 - -# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side -# headers, set this value to [] (an empty list). -#elasticsearch.requestHeadersWhitelist: [ authorization ] - -# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten -# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration. -#elasticsearch.customHeaders: {} - -# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable. -#elasticsearch.shardTimeout: 30000 - -# Time in milliseconds to wait for Elasticsearch at Kibana startup before retrying. -#elasticsearch.startupTimeout: 5000 - -# Logs queries sent to Elasticsearch. Requires logging.verbose set to true. -#elasticsearch.logQueries: false - -# Specifies the path where Kibana creates the process ID file. -#pid.file: /var/run/kibana.pid - -# Enables you specify a file where Kibana stores log output. -#logging.dest: stdout - -# Set the value of this setting to true to suppress all logging output. -#logging.silent: false - -# Set the value of this setting to true to suppress all logging output other than error messages. -#logging.quiet: false - -# Set the value of this setting to true to log all events, including system usage information -# and all requests. -#logging.verbose: false - -# Set the interval in milliseconds to sample system and process performance -# metrics. Minimum is 100ms. Defaults to 5000. -#ops.interval: 5000 - -# Specifies locale to be used for all localizable strings, dates and number formats. -#i18n.locale: "en" diff --git a/roles/luther38.kibana/tests/inventory b/roles/luther38.kibana/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/roles/luther38.kibana/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/luther38.kibana/vars/main.yml b/roles/luther38.kibana/vars/main.yml deleted file mode 100644 index b9a456a..0000000 --- a/roles/luther38.kibana/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for kibana \ No newline at end of file diff --git a/roles/luther38.logstash/README.md b/roles/luther38.logstash/README.md deleted file mode 100644 index 225dd44..0000000 --- a/roles/luther38.logstash/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/luther38.logstash/defaults/main.yml b/roles/luther38.logstash/defaults/main.yml deleted file mode 100644 index 4479481..0000000 --- a/roles/luther38.logstash/defaults/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# defaults file for luther38.logstash - - -http_host: '127.0.0.1' diff --git a/roles/luther38.logstash/handlers/main.yml b/roles/luther38.logstash/handlers/main.yml deleted file mode 100644 index f6a1d47..0000000 --- a/roles/luther38.logstash/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for luther38.logstash \ No newline at end of file diff --git a/roles/luther38.logstash/meta/main.yml b/roles/luther38.logstash/meta/main.yml deleted file mode 100644 index 5d50bf4..0000000 --- a/roles/luther38.logstash/meta/main.yml +++ /dev/null @@ -1,60 +0,0 @@ -galaxy_info: - author: your name - description: your description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) - - min_ansible_version: 2.4 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. - # To view available platforms and versions (or releases), visit: - # https://galaxy.ansible.com/api/v1/platforms/ - # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file diff --git a/roles/luther38.logstash/tasks/install-repo.yml b/roles/luther38.logstash/tasks/install-repo.yml deleted file mode 100644 index c4504a6..0000000 --- a/roles/luther38.logstash/tasks/install-repo.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: Install Elastic GPG Key - become: true - apt_key: - url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch" - state: present - id: 46095ACC8548582C1A2699A9D27D666CD88E42B4 - -- name: Install apt-transport-https - become: true - apt: - name: apt-transport-https - -- name: Add Elastic Repo - become: true - copy: - dest: '/etc/apt/sources.list.d/elastic-7.x.list' - content: "deb https://artifacts.elastic.co/packages/7.x/apt stable main" - # copy: - #src: elastic-7.x.list - # dest: /etc/apt/sources.list.d/ - # backup: yes - -- name: Update Packages - become: true - apt: - update_cache: true - diff --git a/roles/luther38.logstash/tasks/main.yml b/roles/luther38.logstash/tasks/main.yml deleted file mode 100644 index 6d8e5ab..0000000 --- a/roles/luther38.logstash/tasks/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# tasks file for luther38.logstash - -- name: Install Logstash on Ubuntu - when: ansible_distribution == 'Ubuntu' - include: ubuntu.yml diff --git a/roles/luther38.logstash/tasks/ubuntu.yml b/roles/luther38.logstash/tasks/ubuntu.yml deleted file mode 100644 index 08cd5dd..0000000 --- a/roles/luther38.logstash/tasks/ubuntu.yml +++ /dev/null @@ -1,44 +0,0 @@ - - -- name: Add Elastic repo - include: install-repo.yml - -- name: Install logstash from apt - become: true - apt: - name: logstash - -- name: Update config - become: true - template: - src: logstash.j2 - dest: /tmp/logstash/logstash.yml - backup: yes - -- name: UFW allow http_port - become: true - when: ufw_http_port == true - ufw: - rule: allow - port: "{{ http_port }}" - -- name: UFW allow transport_port - become: true - when: ufw_transport_port == true - ufw: - rule: allow - port: "{{ transport_port }}" - -- name: systemd enable elasticsearch - become: true - when: systemd_enabled == true - systemd: - name: elasticsearch - enabled: true - -- name: systemd restart elasticsearch - become: true - when: systemd_restart == true - systemd: - name: elasticsearch - state: restarted diff --git a/roles/luther38.logstash/templates/logstash.j2 b/roles/luther38.logstash/templates/logstash.j2 deleted file mode 100644 index d9ffcf2..0000000 --- a/roles/luther38.logstash/templates/logstash.j2 +++ /dev/null @@ -1,247 +0,0 @@ -# Settings file in YAML -# -# Settings can be specified either in hierarchical form, e.g.: -# -# pipeline: -# batch: -# size: 125 -# delay: 5 -# -# Or as flat keys: -# -# pipeline.batch.size: 125 -# pipeline.batch.delay: 5 -# -# ------------ Node identity ------------ -# -# Use a descriptive name for the node: -# -# node.name: test -# -# If omitted the node name will default to the machine's host name -# -# ------------ Data path ------------------ -# -# Which directory should be used by logstash and its plugins -# for any persistent needs. Defaults to LOGSTASH_HOME/data -# -path.data: /var/lib/logstash -# -# ------------ Pipeline Settings -------------- -# -# The ID of the pipeline. -# -# pipeline.id: main -# -# Set the number of workers that will, in parallel, execute the filters+outputs -# stage of the pipeline. -# -# This defaults to the number of the host's CPU cores. -# -# pipeline.workers: 2 -# -# How many events to retrieve from inputs before sending to filters+workers -# -# pipeline.batch.size: 125 -# -# How long to wait in milliseconds while polling for the next event -# before dispatching an undersized batch to filters+outputs -# -# pipeline.batch.delay: 50 -# -# Force Logstash to exit during shutdown even if there are still inflight -# events in memory. By default, logstash will refuse to quit until all -# received events have been pushed to the outputs. -# -# WARNING: enabling this can lead to data loss during shutdown -# -# pipeline.unsafe_shutdown: false -# -# ------------ Pipeline Configuration Settings -------------- -# -# Where to fetch the pipeline configuration for the main pipeline -# -# path.config: -# -# Pipeline configuration string for the main pipeline -# -# config.string: -# -# At startup, test if the configuration is valid and exit (dry run) -# -# config.test_and_exit: false -# -# Periodically check if the configuration has changed and reload the pipeline -# This can also be triggered manually through the SIGHUP signal -# -# config.reload.automatic: false -# -# How often to check if the pipeline configuration has changed (in seconds) -# -# config.reload.interval: 3s -# -# Show fully compiled configuration as debug log message -# NOTE: --log.level must be 'debug' -# -# config.debug: false -# -# When enabled, process escaped characters such as \n and \" in strings in the -# pipeline configuration files. -# -# config.support_escapes: false -# -# ------------ Module Settings --------------- -# Define modules here. Modules definitions must be defined as an array. -# The simple way to see this is to prepend each `name` with a `-`, and keep -# all associated variables under the `name` they are associated with, and -# above the next, like this: -# -# modules: -# - name: MODULE_NAME -# var.PLUGINTYPE1.PLUGINNAME1.KEY1: VALUE -# var.PLUGINTYPE1.PLUGINNAME1.KEY2: VALUE -# var.PLUGINTYPE2.PLUGINNAME1.KEY1: VALUE -# var.PLUGINTYPE3.PLUGINNAME3.KEY1: VALUE -# -# Module variable names must be in the format of -# -# var.PLUGIN_TYPE.PLUGIN_NAME.KEY -# -# modules: -# -# ------------ Cloud Settings --------------- -# Define Elastic Cloud settings here. -# Format of cloud.id is a base64 value e.g. dXMtZWFzdC0xLmF3cy5mb3VuZC5pbyRub3RhcmVhbCRpZGVudGlmaWVy -# and it may have an label prefix e.g. staging:dXMtZ... -# This will overwrite 'var.elasticsearch.hosts' and 'var.kibana.host' -# cloud.id: -# -# Format of cloud.auth is: : -# This is optional -# If supplied this will overwrite 'var.elasticsearch.username' and 'var.elasticsearch.password' -# If supplied this will overwrite 'var.kibana.username' and 'var.kibana.password' -# cloud.auth: elastic: -# -# ------------ Queuing Settings -------------- -# -# Internal queuing model, "memory" for legacy in-memory based queuing and -# "persisted" for disk-based acked queueing. Defaults is memory -# -# queue.type: memory -# -# If using queue.type: persisted, the directory path where the data files will be stored. -# Default is path.data/queue -# -# path.queue: -# -# If using queue.type: persisted, the page data files size. The queue data consists of -# append-only data files separated into pages. Default is 64mb -# -# queue.page_capacity: 64mb -# -# If using queue.type: persisted, the maximum number of unread events in the queue. -# Default is 0 (unlimited) -# -# queue.max_events: 0 -# -# If using queue.type: persisted, the total capacity of the queue in number of bytes. -# If you would like more unacked events to be buffered in Logstash, you can increase the -# capacity using this setting. Please make sure your disk drive has capacity greater than -# the size specified here. If both max_bytes and max_events are specified, Logstash will pick -# whichever criteria is reached first -# Default is 1024mb or 1gb -# -# queue.max_bytes: 1024mb -# -# If using queue.type: persisted, the maximum number of acked events before forcing a checkpoint -# Default is 1024, 0 for unlimited -# -# queue.checkpoint.acks: 1024 -# -# If using queue.type: persisted, the maximum number of written events before forcing a checkpoint -# Default is 1024, 0 for unlimited -# -# queue.checkpoint.writes: 1024 -# -# If using queue.type: persisted, the interval in milliseconds when a checkpoint is forced on the head page -# Default is 1000, 0 for no periodic checkpoint. -# -# queue.checkpoint.interval: 1000 -# -# ------------ Dead-Letter Queue Settings -------------- -# Flag to turn on dead-letter queue. -# -# dead_letter_queue.enable: false - -# If using dead_letter_queue.enable: true, the maximum size of each dead letter queue. Entries -# will be dropped if they would increase the size of the dead letter queue beyond this setting. -# Default is 1024mb -# dead_letter_queue.max_bytes: 1024mb - -# If using dead_letter_queue.enable: true, the directory path where the data files will be stored. -# Default is path.data/dead_letter_queue -# -# path.dead_letter_queue: -# -# ------------ Metrics Settings -------------- -# -# Bind address for the metrics REST endpoint -# -# http.host: "127.0.0.1" -# -# Bind port for the metrics REST endpoint, this option also accept a range -# (9600-9700) and logstash will pick up the first available ports. -# -# http.port: 9600-9700 -# -# ------------ Debugging Settings -------------- -# -# Options for log.level: -# * fatal -# * error -# * warn -# * info (default) -# * debug -# * trace -# -# log.level: info -path.logs: /var/log/logstash -# -# ------------ Other Settings -------------- -# -# Where to find custom plugins -# path.plugins: [] -# -# ------------ X-Pack Settings (not applicable for OSS build)-------------- -# -# X-Pack Monitoring -# https://www.elastic.co/guide/en/logstash/current/monitoring-logstash.html -#xpack.monitoring.enabled: false -#xpack.monitoring.elasticsearch.username: logstash_system -#xpack.monitoring.elasticsearch.password: password -#xpack.monitoring.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"] -#xpack.monitoring.elasticsearch.ssl.certificate_authority: [ "/path/to/ca.crt" ] -#xpack.monitoring.elasticsearch.ssl.truststore.path: path/to/file -#xpack.monitoring.elasticsearch.ssl.truststore.password: password -#xpack.monitoring.elasticsearch.ssl.keystore.path: /path/to/file -#xpack.monitoring.elasticsearch.ssl.keystore.password: password -#xpack.monitoring.elasticsearch.ssl.verification_mode: certificate -#xpack.monitoring.elasticsearch.sniffing: false -#xpack.monitoring.collection.interval: 10s -#xpack.monitoring.collection.pipeline.details.enabled: true -# -# X-Pack Management -# https://www.elastic.co/guide/en/logstash/current/logstash-centralized-pipeline-management.html -#xpack.management.enabled: false -#xpack.management.pipeline.id: ["main", "apache_logs"] -#xpack.management.elasticsearch.username: logstash_admin_user -#xpack.management.elasticsearch.password: password -#xpack.management.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"] -#xpack.management.elasticsearch.ssl.certificate_authority: [ "/path/to/ca.crt" ] -#xpack.management.elasticsearch.ssl.truststore.path: /path/to/file -#xpack.management.elasticsearch.ssl.truststore.password: password -#xpack.management.elasticsearch.ssl.keystore.path: /path/to/file -#xpack.management.elasticsearch.ssl.keystore.password: password -#xpack.management.elasticsearch.ssl.verification_mode: certificate -#xpack.management.elasticsearch.sniffing: false -#xpack.management.logstash.poll_interval: 5s diff --git a/roles/luther38.logstash/tests/inventory b/roles/luther38.logstash/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/roles/luther38.logstash/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/luther38.logstash/tests/test.yml b/roles/luther38.logstash/tests/test.yml deleted file mode 100644 index f869efb..0000000 --- a/roles/luther38.logstash/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - luther38.logstash \ No newline at end of file diff --git a/roles/luther38.logstash/vars/main.yml b/roles/luther38.logstash/vars/main.yml deleted file mode 100644 index 29d57d6..0000000 --- a/roles/luther38.logstash/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for luther38.logstash \ No newline at end of file diff --git a/roles/luther38.metricbeat/README.md b/roles/luther38.metricbeat/README.md deleted file mode 100644 index 225dd44..0000000 --- a/roles/luther38.metricbeat/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/luther38.metricbeat/archive/config-metricbeat.yml b/roles/luther38.metricbeat/archive/config-metricbeat.yml deleted file mode 100644 index 1726d2c..0000000 --- a/roles/luther38.metricbeat/archive/config-metricbeat.yml +++ /dev/null @@ -1,26 +0,0 @@ - -# - name: enable modules -- name: enable system module - become: true - shell: metricbeat modules enable system - - #- name: start metricbeat service - # become: true - #shell: metricbeat service metricbeat start - -- name: systemd - daemon reload - become: true - systemd: - daemon_reload: yes - -- name: Enable service on system startup - become: true - systemd: - name: metricbeat - enabled: yes - -- name: systemd - restart Metricbeat - become: true - systemd: - name: metricbeat - state: restarted diff --git a/roles/luther38.metricbeat/archive/config-win-heartbeat.yml b/roles/luther38.metricbeat/archive/config-win-heartbeat.yml deleted file mode 100644 index 051614b..0000000 --- a/roles/luther38.metricbeat/archive/config-win-heartbeat.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- -# This will install all the client parts needed for elastic to monitor client computers - -- name: Install elastic client programs - hosts: windows - vars: - elastic_version: '7.0.0' - url_heartbeat: 'https://artifacts.elastic.co/downloads/beats/heartbeat/heartbeat-{{elastic_version}}-windows-x86_64.zip' - temp: 'c:\temp\' - program_files: 'c:\program files\' - kibana_host: '192.168.0.173:5601' - elasticsearch_hosts: '["192.168.0.173:9200"]' - - - tasks: - - name: make temp folder - win_file: - path: c:\temp\ - state: directory - - - name: download heartbeat - win_get_url: - url: '{{ url_heartbeat }}' - dest: 'C:\temp\heartbeat-{{ elastic_version }}.zip' - force: no - - - name: unzip heartbeat - win_unzip: - src: c:\temp\heartbeat-{{ elastic_version }}.zip - dest: C:\temp\heartbeat-{{ elastic_version }}\ - creates: C:\temp\heartbeat-{{ elastic_version }}\ - - - name: Copy heartbeat-{{ elastic_version }} folder - win_command: powershell.exe copy-item -Path 'c:\temp\heartbeat-{{ elastic_version }}\heartbeat-{{ elastic_version }}-windows-x86_64\' -Filter * -Recurse -Destination 'C:\Program Files\Heartbeat\' - args: - creates: C:\Program Files\Heartbeat\ - - - name: Update template - win_template: - src: heartbeat.j2 - dest: C:\Program Files\Heartbeat\heartbeat.yml - - - name: Install Heartbeat service - win_command: powershell.exe -ExecutionPolicy ByPass -File install-service-heartbeat.ps1 - args: - chdir: C:\program files\heartbeat\ - - - name: stop heartbeat service - win_service: - name: heartbeat - state: stopped - - - name: start heartbeat service - win_service: - name: heartbeat - state: started diff --git a/roles/luther38.metricbeat/archive/install-metricbeat.yml b/roles/luther38.metricbeat/archive/install-metricbeat.yml deleted file mode 100644 index 8643cd0..0000000 --- a/roles/luther38.metricbeat/archive/install-metricbeat.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -- name: Install Metricbeat - hosts: elasticClients - - tasks: - - name: Install Metricbeat - become: true - include_role: - name: luther38.metricbeat - vars: - kibana_host: 172.20.0.142 - elasticsearch_hosts: '["172.20.0.142:9200"]' - systemd_enable_service: true - systemd_restart_service: true - diff --git a/roles/luther38.metricbeat/defaults/main.yml b/roles/luther38.metricbeat/defaults/main.yml deleted file mode 100644 index 5a87f4e..0000000 --- a/roles/luther38.metricbeat/defaults/main.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# defaults file for luther38.metricbeat - -# Defines the kibana host we will send data to -kibana_host: 127.0.0.1 - -# Example: '["172.0.0.1:9200"]' -elasticsearch_hosts: '["172.0.0.1:9200"]' - -# tells ansible to enable the service on startup -systemd_enable_service: true - -# Tells ansible to restart the service after everything has been done -systemd_restart_service: true - -# Defines the version of metricbeat to install. -# Currently used for Windows -version: 7.0.0 diff --git a/roles/luther38.metricbeat/handlers/main.yml b/roles/luther38.metricbeat/handlers/main.yml deleted file mode 100644 index 4971955..0000000 --- a/roles/luther38.metricbeat/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for luther38.metricbeat \ No newline at end of file diff --git a/roles/luther38.metricbeat/meta/main.yml b/roles/luther38.metricbeat/meta/main.yml deleted file mode 100644 index 5d50bf4..0000000 --- a/roles/luther38.metricbeat/meta/main.yml +++ /dev/null @@ -1,60 +0,0 @@ -galaxy_info: - author: your name - description: your description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) - - min_ansible_version: 2.4 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. - # To view available platforms and versions (or releases), visit: - # https://galaxy.ansible.com/api/v1/platforms/ - # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file diff --git a/roles/luther38.metricbeat/tasks/install-repo.yml b/roles/luther38.metricbeat/tasks/install-repo.yml deleted file mode 100644 index b11ff33..0000000 --- a/roles/luther38.metricbeat/tasks/install-repo.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- - -- name: Install Elastic GPG Key - become: true - apt_key: - url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch" - state: present - id: 46095ACC8548582C1A2699A9D27D666CD88E42B4 - -- name: Install apt-transport-https - become: true - apt: - name: apt-transport-https - -- name: Add Elastic Repo - become: true - copy: - dest: '/etc/apt/sources.list.d/elastic-7.x.list' - content: "deb https://artifacts.elastic.co/packages/7.x/apt stable main" - - -- name: Update Packages - become: true - apt: - update_cache: true - diff --git a/roles/luther38.metricbeat/tasks/main.yml b/roles/luther38.metricbeat/tasks/main.yml deleted file mode 100644 index 624d141..0000000 --- a/roles/luther38.metricbeat/tasks/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# tasks file for luther38.metricbeat - -- name: Install Metricbeat on Ubuntu - when: ansible_distribution == 'Ubuntu' - include: ubuntu.yml - -- name: Install Metricbeat on Windows - when: ansible_os_family == 'Windows' - include: windows.yml diff --git a/roles/luther38.metricbeat/tasks/ubuntu.yml b/roles/luther38.metricbeat/tasks/ubuntu.yml deleted file mode 100644 index e174e10..0000000 --- a/roles/luther38.metricbeat/tasks/ubuntu.yml +++ /dev/null @@ -1,37 +0,0 @@ - -- name: Install elastic repo - include: install-repo.yml - -- name: Install metricbeat from apt - become: true - apt: - name: metricbeat - -- name: Update config - become: true - template: - src: metricbeat.j2 - dest: /etc/metricbeat/metricbeat.yml - -- name: enable system module - become: true - shell: metricbeat modules enable system - -- name: systemd - daemon reload - become: true - systemd: - daemon_reload: yes - -- name: Enable service on system startup - when: systemd_enable_service == true - become: true - systemd: - name: metricbeat - enabled: yes - -- name: systemd - restart Metricbeat - when: systemd_restart_service == true - become: true - systemd: - name: metricbeat - state: restarted diff --git a/roles/luther38.metricbeat/tasks/windows.yml b/roles/luther38.metricbeat/tasks/windows.yml deleted file mode 100644 index ede903b..0000000 --- a/roles/luther38.metricbeat/tasks/windows.yml +++ /dev/null @@ -1,62 +0,0 @@ -#https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-7.0.0-windows-x86_64.zip -# This will install metricbeat on a windows host. ---- -- name: make tmp folder - win_file: - path: c:\tmp\ - state: directory - -- name: download metricbeat - win_get_url: - url: 'https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-{{ version }}-windows-x86_64.zip' - dest: 'C:\tmp\metricbeat-{{ version }}.zip' - force: no - -- name: unzip metricbeat - win_unzip: - src: c:\tmp\metricbeat-{{ version }}.zip - dest: C:\tmp\metricbeat-{{ version }}\ - creates: C:\tmp\metricbeat-{{ version }}\ - -- name: Copy metricbeat-{{ version }} folder - win_command: powershell.exe copy-item -Path 'c:\tmp\metricbeat-{{ version }}\metricbeat-{{ version }}-windows-x86_64\' -Filter * -Recurse -Destination 'C:\Program Files\Metricbeat\' - args: - creates: C:\Program Files\Metricbeat\ - -- name: Update tmplate - win_template: - src: metricbeat.j2 - dest: C:\Program Files\Metricbeat\metricbeat.yml - -- name: Check if metricbeat service is installed - register: service - win_service: - name: metricbeat - -#- debug: var=service - -- name: Install Metricbeat service - when: service.exists == false - win_command: powershell.exe -ExecutionPolicy ByPass -File install-service-metricbeat.ps1 - args: - chdir: C:\program files\metricbeat\ - -- name: check status of metricbeat service - register: service - win_service: - name: metricbeat - -#- debug: var=service - -- name: restart service - when: service.state == 'running' - win_service: - name: metricbeat - state: restarted - -- name: start service - when: service.state == 'stopped' - win_service: - name: metricbeat - state: started - diff --git a/roles/luther38.metricbeat/templates/metricbeat.j2 b/roles/luther38.metricbeat/templates/metricbeat.j2 deleted file mode 100755 index a6ec3cb..0000000 --- a/roles/luther38.metricbeat/templates/metricbeat.j2 +++ /dev/null @@ -1,155 +0,0 @@ -###################### Metricbeat Configuration Example ####################### - -# This file is an example configuration file highlighting only the most common -# options. The metricbeat.reference.yml file from the same directory contains all the -# supported options with more comments. You can use it as a reference. -# -# You can find the full configuration reference here: -# https://www.elastic.co/guide/en/beats/metricbeat/index.html - -#========================== Modules configuration ============================ - -metricbeat.config.modules: - # Glob pattern for configuration loading - path: ${path.config}/modules.d/*.yml - - # Set to true to enable config reloading - reload.enabled: false - - # Period on which files under path should be checked for changes - #reload.period: 10s - -#==================== Elasticsearch template setting ========================== - -setup.template.settings: - index.number_of_shards: 1 - index.codec: best_compression - #_source.enabled: false - -#================================ General ===================================== - -# The name of the shipper that publishes the network data. It can be used to group -# all the transactions sent by a single shipper in the web interface. -#name: - -# The tags of the shipper are included in their own field with each -# transaction published. -#tags: ["service-X", "web-tier"] - -# Optional fields that you can specify to add additional information to the -# output. -#fields: -# env: staging - - -#============================== Dashboards ===================================== -# These settings control loading the sample dashboards to the Kibana index. Loading -# the dashboards is disabled by default and can be enabled either by setting the -# options here or by using the `setup` command. - -setup.dashboards.enabled: true - -# The URL from where to download the dashboards archive. By default this URL -# has a value which is computed based on the Beat name and version. For released -# versions, this URL points to the dashboard archive on the artifacts.elastic.co -# website. -#setup.dashboards.url: - -#============================== Kibana ===================================== - -# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. -# This requires a Kibana endpoint configuration. -setup.kibana: - - # Kibana Host - # Scheme and port can be left out and will be set to the default (http and 5601) - # In case you specify and additional path, the scheme is required: http://localhost:5601/path - # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601 - - host: "{{ kibana_host }}" - - # Kibana Space ID - # ID of the Kibana Space into which the dashboards should be loaded. By default, - # the Default Space will be used. - #space.id: - -#============================= Elastic Cloud ================================== - -# These settings simplify using metricbeat with the Elastic Cloud (https://cloud.elastic.co/). - -# The cloud.id setting overwrites the `output.elasticsearch.hosts` and -# `setup.kibana.host` options. -# You can find the `cloud.id` in the Elastic Cloud web UI. -#cloud.id: - -# The cloud.auth setting overwrites the `output.elasticsearch.username` and -# `output.elasticsearch.password` settings. The format is `:`. -#cloud.auth: - -#================================ Outputs ===================================== - -# Configure what output to use when sending the data collected by the beat. - -#-------------------------- Elasticsearch output ------------------------------ -output.elasticsearch: - # Array of hosts to connect to. - hosts: {{ elasticsearch_hosts }} - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "elastic" - #password: "changeme" - -#----------------------------- Logstash output -------------------------------- -#output.logstash: - # The Logstash hosts - #hosts: ["localhost:5044"] - - # Optional SSL. By default is off. - # List of root certificates for HTTPS server verifications - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - -#================================ Processors ===================================== - -# Configure processors to enhance or manipulate events generated by the beat. - -processors: - - add_host_metadata: ~ - - add_cloud_metadata: ~ - -#================================ Logging ===================================== - -# Sets log level. The default log level is info. -# Available log levels are: error, warning, info, debug -#logging.level: debug - -# At debug level, you can selectively enable logging only for some components. -# To enable all selectors use ["*"]. Examples of other selectors are "beat", -# "publish", "service". -#logging.selectors: ["*"] - -#============================== Xpack Monitoring =============================== -# metricbeat can export internal metrics to a central Elasticsearch monitoring -# cluster. This requires xpack monitoring to be enabled in Elasticsearch. The -# reporting is disabled by default. - -# Set to true to enable the monitoring reporter. -#xpack.monitoring.enabled: false - -# Uncomment to send the metrics to Elasticsearch. Most settings from the -# Elasticsearch output are accepted here as well. Any setting that is not set is -# automatically inherited from the Elasticsearch output configuration, so if you -# have the Elasticsearch output configured, you can simply uncomment the -# following line. -#xpack.monitoring.elasticsearch: - -#================================= Migration ================================== - -# This allows to enable 6.7 migration aliases -#migration.6_to_7.enabled: true diff --git a/roles/luther38.metricbeat/tests/inventory b/roles/luther38.metricbeat/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/roles/luther38.metricbeat/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/luther38.metricbeat/tests/test.yml b/roles/luther38.metricbeat/tests/test.yml deleted file mode 100644 index c679671..0000000 --- a/roles/luther38.metricbeat/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - luther38.metricbeat \ No newline at end of file diff --git a/roles/luther38.metricbeat/vars/main.yml b/roles/luther38.metricbeat/vars/main.yml deleted file mode 100644 index 46b2f8d..0000000 --- a/roles/luther38.metricbeat/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for luther38.metricbeat \ No newline at end of file diff --git a/roles/luther38.okta/defaults/main.yml b/roles/luther38.okta/defaults/main.yml deleted file mode 100644 index 9c9238b..0000000 --- a/roles/luther38.okta/defaults/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -organization: '' -api_key: '' - -first_name: '' -last_name: '' -email: '' -login: '' -status: '' - -add_groups: -remove_groups: \ No newline at end of file diff --git a/roles/luther38.okta/tasks/main.yml b/roles/luther38.okta/tasks/main.yml deleted file mode 100644 index 9403fae..0000000 --- a/roles/luther38.okta/tasks/main.yml +++ /dev/null @@ -1,90 +0,0 @@ ---- -- name: Check for {{ login }} - okta_users: - organization: "{{ organization }}" - api_key: "{{ api_key }}" - action: list - login: "{{ login }}" - register: oktalist - -# if the account is not found, make it -- name: Create {{ login }} - okta_users: - organization: "{{ organization }}" - api_key: "{{ api_key }}" - action: create - login: "{{ login }}" - email: "{{ email }}" - first_name: "{{ first_name }}" - last_name: "{{ last_name }}" - when: - - oktalist['json'] is not defined - - isActive|bool == True - -- name: Update {{ login }} first_name - okta_users: - organization: "{{ organization }}" - api_key: "{{ api_key }}" - action: update - id: "{{ oktalist.json.0.id }}" - first_name: "{{ first_name }}" - when: - - oktalist.json.0.profile.firstName != first_name - - isActive|bool == True - -- name: Update {{ login }} last_name - okta_users: - organization: "{{ organization }}" - api_key: "{{ api_key }}" - action: update - id: "{{ oktalist.json.0.id }}" - last_name: "{{ last_name }}" - when: - - oktalist.json.0.profile.lastName != last_name - - isActive|bool == True - -- name: Update {{ login }} email - okta_users: - organization: "{{ organization }}" - api_key: "{{ api_key }}" - action: update - id: "{{ oktalist.json.0.id }}" - email: "{{ email }}" - when: - - oktalist.json.0.profile.email != email - - isActive|bool == True - -- name: Disable {{ login }} - okta_users: - organization: "{{ organization }}" - api_key: "{{ api_key }}" - action: deactivate - id: "{{ oktalist.json.0.id }}" - when: - - oktalist.json is defined - - isActive|bool == False - -- name: debug - debug: - msg: "{{ item }}" - with_items: "{{ add_groups }}" - -- name: add groups - okta_groups: - action: add_user - organization: "{{ organization }}" - api_key: "{{ api_key }}" - user_id: "{{ oktalist.json.0.id }}" - id: "{{ item }}" - with_items: "{{ add_groups }}" - ignore_errors: yes - -- name: remove groups - okta_groups: - action: remove_user - organization: "{{ organization }}" - api_key: "{{ api_key }}" - user_id: "{{ oktalist.json.0.id }}" - id: "{{ item }}" - with_items: "{{ remove_groups }}" - ignore_errors: yes \ No newline at end of file diff --git a/roles/luther38.winlogbeat/README.md b/roles/luther38.winlogbeat/README.md deleted file mode 100644 index 225dd44..0000000 --- a/roles/luther38.winlogbeat/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/luther38.winlogbeat/archive/config-winlogbeat.yml b/roles/luther38.winlogbeat/archive/config-winlogbeat.yml deleted file mode 100644 index 0f5df35..0000000 --- a/roles/luther38.winlogbeat/archive/config-winlogbeat.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -# This will install all the client parts needed for elastic to monitor client computers - -- name: download winlogbeat - win_get_url: - url: '{{ url_winlogbeat }}' - dest: 'C:\temp\winlogbeat-{{ elastic_version }}.zip' - force: no - -- name: unzip winlogbeat - win_unzip: - src: c:\temp\winlogbeat-{{ elastic_version }}.zip - dest: C:\temp\winlogbeat-{{ elastic_version }}\ - creates: C:\temp\winlogbeat-{{ elastic_version }}\ - -- name: Copy winlogbeat-{{ elastic_version }} folder - win_command: powershell.exe copy-item -Path 'c:\temp\winlogbeat-{{ elastic_version }}\winlogbeat-{{ elastic_version }}-windows-x86_64\' -Filter * -Recurse -Destination 'C:\Program Files\winlogbeat\' - args: - creates: C:\Program Files\winlogbeat\ - -- name: Update template - win_template: - src: winlogbeat.j2 - dest: C:\Program Files\winlogbeat\winlogbeat.yml - -- name: check for service - register: service - win_service: - name: winlogbeat - -- name: Install winlogbeat service - win_command: powershell.exe -ExecutionPolicy ByPass -File install-service-winlogbeat.ps1 - args: - chdir: C:\program files\winlogbeat\ - when: service.exists == false - -- name: check status of service - register: service - win_service: - name: winlogbeat - -- name: restart service - win_service: - name: winlogbeat - state: restarted - when: service.state == 'started' - -- name: start service - win_service: - name: winlogbeat - state: started - when: service.state == 'stopped' diff --git a/roles/luther38.winlogbeat/defaults/main.yml b/roles/luther38.winlogbeat/defaults/main.yml deleted file mode 100644 index dabf483..0000000 --- a/roles/luther38.winlogbeat/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# defaults file for luther38.winlogbeat \ No newline at end of file diff --git a/roles/luther38.winlogbeat/handlers/main.yml b/roles/luther38.winlogbeat/handlers/main.yml deleted file mode 100644 index 1359119..0000000 --- a/roles/luther38.winlogbeat/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for luther38.winlogbeat \ No newline at end of file diff --git a/roles/luther38.winlogbeat/meta/main.yml b/roles/luther38.winlogbeat/meta/main.yml deleted file mode 100644 index 5d50bf4..0000000 --- a/roles/luther38.winlogbeat/meta/main.yml +++ /dev/null @@ -1,60 +0,0 @@ -galaxy_info: - author: your name - description: your description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) - - min_ansible_version: 2.4 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. - # To view available platforms and versions (or releases), visit: - # https://galaxy.ansible.com/api/v1/platforms/ - # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file diff --git a/roles/luther38.winlogbeat/tasks/main.yml b/roles/luther38.winlogbeat/tasks/main.yml deleted file mode 100644 index 098aa89..0000000 --- a/roles/luther38.winlogbeat/tasks/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# tasks file for luther38.winlogbeat - -- name: Install Metricbeat on Windows - when: ansible_os_family == 'Windows' - include: windows.yml diff --git a/roles/luther38.winlogbeat/tasks/windows.yml b/roles/luther38.winlogbeat/tasks/windows.yml deleted file mode 100644 index e7ff0dd..0000000 --- a/roles/luther38.winlogbeat/tasks/windows.yml +++ /dev/null @@ -1,62 +0,0 @@ -#https://artifacts.elastic.co/downloads/beats/winlogbeat/metricbeat-7.0.0-windows-x86_64.zip -# This will install winlogbeat on a windows host. ---- -- name: make tmp folder - win_file: - path: c:\tmp\ - state: directory - -- name: download winlogbeat - win_get_url: - url: 'https://artifacts.elastic.co/downloads/beats/winlogbeat/winlogbeat-{{ version }}-windows-x86_64.zip' - dest: 'C:\tmp\winlogbeat-{{ version }}.zip' - force: no - -- name: unzip winlogbeat - win_unzip: - src: c:\tmp\winlogbeat-{{ version }}.zip - dest: C:\tmp\winlogbeat-{{ version }}\ - creates: C:\tmp\winlogbeat-{{ version }}\ - -- name: Copy winlogbeat-{{ version }} folder - win_command: powershell.exe copy-item -Path 'c:\tmp\winlogbeat-{{ version }}\winlogbeat-{{ version }}-windows-x86_64\' -Filter * -Recurse -Destination 'C:\Program Files\Winlogbeat\' - args: - creates: C:\Program Files\Winlogbeat\ - -- name: Update tmplate - win_template: - src: winlogbeat.j2 - dest: C:\Program Files\Winlogbeat\winlogbeat.yml - -- name: Check if winlogbeat service is installed - register: service - win_service: - name: winlogbeat - -#- debug: var=service - -- name: Install service - when: service.exists == false - win_command: powershell.exe -ExecutionPolicy ByPass -File install-service-winlogbeat.ps1 - args: - chdir: C:\program files\winlogbeat\ - -- name: check status service - register: service - win_service: - name: winlogbeat - -#- debug: var=service - -- name: restart service - when: service.state == 'running' - win_service: - name: winlogbeat - state: restarted - -- name: start service - when: service.state == 'stopped' - win_service: - name: winlogbeat - state: started - diff --git a/roles/luther38.winlogbeat/templates/winlogbeat.j2 b/roles/luther38.winlogbeat/templates/winlogbeat.j2 deleted file mode 100644 index 8514f47..0000000 --- a/roles/luther38.winlogbeat/templates/winlogbeat.j2 +++ /dev/null @@ -1,158 +0,0 @@ -###################### Winlogbeat Configuration Example ########################## - -# This file is an example configuration file highlighting only the most common -# options. The winlogbeat.reference.yml file from the same directory contains all the -# supported options with more comments. You can use it as a reference. -# -# You can find the full configuration reference here: -# https://www.elastic.co/guide/en/beats/winlogbeat/index.html - -#======================= Winlogbeat specific options ========================== - -# event_logs specifies a list of event logs to monitor as well as any -# accompanying options. The YAML data type of event_logs is a list of -# dictionaries. -# -# The supported keys are name (required), tags, fields, fields_under_root, -# forwarded, ignore_older, level, event_id, provider, and include_xml. Please -# visit the documentation for the complete details of each option. -# https://go.es.io/WinlogbeatConfig -winlogbeat.event_logs: - - name: Application - ignore_older: 72h - - name: Security - - name: System - -#==================== Elasticsearch template setting ========================== - -setup.template.settings: - index.number_of_shards: 1 - #index.codec: best_compression - #_source.enabled: false - -#================================ General ===================================== - -# The name of the shipper that publishes the network data. It can be used to group -# all the transactions sent by a single shipper in the web interface. -#name: - -# The tags of the shipper are included in their own field with each -# transaction published. -#tags: ["service-X", "web-tier"] - -# Optional fields that you can specify to add additional information to the -# output. -#fields: -# env: staging - - -#============================== Dashboards ===================================== -# These settings control loading the sample dashboards to the Kibana index. Loading -# the dashboards is disabled by default and can be enabled either by setting the -# options here or by using the `setup` command. -setup.dashboards.enabled: true - -# The URL from where to download the dashboards archive. By default this URL -# has a value which is computed based on the Beat name and version. For released -# versions, this URL points to the dashboard archive on the artifacts.elastic.co -# website. -#setup.dashboards.url: - -#============================== Kibana ===================================== - -# Starting with Beats version 6.0.0, the dashboards are loaded via the Kibana API. -# This requires a Kibana endpoint configuration. -setup.kibana: - - # Kibana Host - # Scheme and port can be left out and will be set to the default (http and 5601) - # In case you specify and additional path, the scheme is required: http://localhost:5601/path - # IPv6 addresses should always be defined as: https://[2001:db8::1]:5601 - host: {{ kibana_host }} - - # Kibana Space ID - # ID of the Kibana Space into which the dashboards should be loaded. By default, - # the Default Space will be used. - #space.id: - -#============================= Elastic Cloud ================================== - -# These settings simplify using winlogbeat with the Elastic Cloud (https://cloud.elastic.co/). - -# The cloud.id setting overwrites the `output.elasticsearch.hosts` and -# `setup.kibana.host` options. -# You can find the `cloud.id` in the Elastic Cloud web UI. -#cloud.id: - -# The cloud.auth setting overwrites the `output.elasticsearch.username` and -# `output.elasticsearch.password` settings. The format is `:`. -#cloud.auth: - -#================================ Outputs ===================================== - -# Configure what output to use when sending the data collected by the beat. - -#-------------------------- Elasticsearch output ------------------------------ -output.elasticsearch: - # Array of hosts to connect to. - hosts: {{ elasticsearch_hosts }} - - # Optional protocol and basic auth credentials. - #protocol: "https" - #username: "elastic" - #password: "changeme" - -#----------------------------- Logstash output -------------------------------- -#output.logstash: - # The Logstash hosts - #hosts: ["localhost:5044"] - - # Optional SSL. By default is off. - # List of root certificates for HTTPS server verifications - #ssl.certificate_authorities: ["/etc/pki/root/ca.pem"] - - # Certificate for SSL client authentication - #ssl.certificate: "/etc/pki/client/cert.pem" - - # Client Certificate Key - #ssl.key: "/etc/pki/client/cert.key" - -#================================ Processors ===================================== - -# Configure processors to enhance or manipulate events generated by the beat. - -processors: - - add_host_metadata: ~ - - add_cloud_metadata: ~ - -#================================ Logging ===================================== - -# Sets log level. The default log level is info. -# Available log levels are: error, warning, info, debug -#logging.level: debug - -# At debug level, you can selectively enable logging only for some components. -# To enable all selectors use ["*"]. Examples of other selectors are "beat", -# "publish", "service". -#logging.selectors: ["*"] - -#============================== Xpack Monitoring =============================== -# winlogbeat can export internal metrics to a central Elasticsearch monitoring -# cluster. This requires xpack monitoring to be enabled in Elasticsearch. The -# reporting is disabled by default. - -# Set to true to enable the monitoring reporter. -#xpack.monitoring.enabled: false - -# Uncomment to send the metrics to Elasticsearch. Most settings from the -# Elasticsearch output are accepted here as well. Any setting that is not set is -# automatically inherited from the Elasticsearch output configuration, so if you -# have the Elasticsearch output configured, you can simply uncomment the -# following line. -#xpack.monitoring.elasticsearch: - -#================================= Migration ================================== - -# This allows to enable 6.7 migration aliases -#migration.6_to_7.enabled: true - diff --git a/roles/luther38.winlogbeat/tests/inventory b/roles/luther38.winlogbeat/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/roles/luther38.winlogbeat/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/luther38.winlogbeat/tests/test.yml b/roles/luther38.winlogbeat/tests/test.yml deleted file mode 100644 index e52b43a..0000000 --- a/roles/luther38.winlogbeat/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - luther38.winlogbeat \ No newline at end of file diff --git a/roles/luther38.winlogbeat/vars/main.yml b/roles/luther38.winlogbeat/vars/main.yml deleted file mode 100644 index 8b53290..0000000 --- a/roles/luther38.winlogbeat/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for luther38.winlogbeat \ No newline at end of file diff --git a/roles/sensu.sensu/.gitattributes b/roles/sensu.sensu/.gitattributes deleted file mode 100644 index 9498b62..0000000 --- a/roles/sensu.sensu/.gitattributes +++ /dev/null @@ -1,6 +0,0 @@ -Pipfile export-ignore -Pipfile.lock export-ignore -.travis.yml export-ignore -docs/ export-ignore -mkdocs.yml export-ignore -molecule/ export-ignore diff --git a/roles/sensu.sensu/.gitignore b/roles/sensu.sensu/.gitignore deleted file mode 100644 index 3e1b141..0000000 --- a/roles/sensu.sensu/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -site -molecule/shared/data/* -!molecule/shared/data/static/ -molecule/*/cache/ diff --git a/roles/sensu.sensu/.yamllint b/roles/sensu.sensu/.yamllint deleted file mode 100644 index ad0be76..0000000 --- a/roles/sensu.sensu/.yamllint +++ /dev/null @@ -1,11 +0,0 @@ -extends: default - -rules: - braces: - max-spaces-inside: 1 - level: error - brackets: - max-spaces-inside: 1 - level: error - line-length: disable - truthy: disable diff --git a/roles/sensu.sensu/CHANGELOG.md b/roles/sensu.sensu/CHANGELOG.md deleted file mode 100644 index 59f4805..0000000 --- a/roles/sensu.sensu/CHANGELOG.md +++ /dev/null @@ -1,194 +0,0 @@ -# Change Log -All notable changes to this project will be documented in this file. - -This project adheres to [Semantic Versioning](http://semver.org/) -The format is based on [Keep a Changelog](http://keepachangelog.com/). - -## [Unreleased] - -## [5.2.0] - 2019-03-12 -## Added -- Add official support for OracleLinux 7 (@michaelpporter) - -## [5.1.0] - 2019-02-27 -## Changed -- Add `client_templates` option for group based tempaltes (@michaelpporter) -- Add `run_once: true` to `delegate_to: localhost` (@michaelpporter) - -## [5.0.2] - 2019-02-19 -## Fixed -- Fixup new loop logic to deploy checks/handlers/plugins to hosts (@michaelpporter) - -## [5.0.1] - 2019-02-19 -## Fixed -- Fixup sensu_rabbitmq_host to use new default variable for sensu_rabbitmq_servers (@michaelpporter) - -## [5.0.0] - 2019-02-19 -### Breaking Changes -- Prefix all variables with `sensu_` to reduce collisions with other roles (@michaelpporter) - -## [4.0.0] - 2019-02-17 -### Breaking Changes -- Upgrade all playbooks to `loop` syntax, requiring Ansible 2.5 or higher (@michaelpporter) -- Update role metadata to require Ansible 2.5 or higher (@jaredledvina) - -### Changed -- Upgrade Inspec to 3.6.6 (@jaredledvina) -- Re-enabled Ubuntu 18.04 integration tests (@michaelpporter) -- Switch from `local_action` to `delegate_to: localhost` (@michaelpporter) - -## [3.0.0] - 2019-02-16 -### Breaking Changes -- Officially drop support for Ansible 2.3 (@jaredledvina) -- Switch to `include_tasks` and `import_tasks` (@michaelpporter) - -### Fixed -- Update the use of tags to support Ansible 2.5 or higher (@michaelpporter) - -## [2.7.0] - 2019-01-31 -### Fixed -- RabbitMQ - Configure ciphers when SSL is enabled (@mkobel) -- Check if sensu_available_checks was skipped to support running in check mode (@jaredledvina) - -### Changed -- Tests - Update Dockerfile and bump Inspec to 3.1.1 (@jaredledvina) -- Docs - Change theme to readthedocs from flatly to fix builds (@jaredledvina) - -## [2.6.0] - 2018-07-03 -### Changed -- Add support for configuring [Tessen](https://docs.sensu.io/sensu-core/1.4/reference/tessen/) via `sensu_enable_tessen` (@jaredledvina) -- Stop publishing development/testing files to Ansible Galaxy (@jaredledvina) -- Update molecule's testing configuration for speed and task profiling (@jaredledvina) -- Update Inspec to latest stable & refactor shared testing files (@jaredledvina) -- RabbitMQ - Expose a varient distro repo configs via variables for more flexibility (@jaredledvina) -- RabbitMQ - Configure apt-preferences and pin erlang to version 20.3.X (@jaredledvina) -- Fedora - RabbitMQ - Reconfigure GPG key pinning to match CentOS/AmazonLinux (@jaredledvina) -- Fedora/CentOS/AmazonLinux - Upgrade to zero-dep erlang v20 repo's (@jaredledvina) - -## [2.5.0] - 2018-06-16 -### Changed -- Ansible role is officially mirrored to the `sensu.sensu` namespace (@jaredledvina) -- Deprecated `sensu_pkg_version` for Redhat, Fedora, CentOS, and FreeBSD. To pin going forward across all operating systems, simply append the Sensu version to `sensu_package`. For example, `sensu_package: sensu-1.3.3` will ensure that only Sensu 1.3.3 is ever installed. (@jaredledvina) -- Ensure that on first install we install the latest stable Sensu release (@jaredledvina) -- Document `sensu_pkg_state`. If you'd like to ensure the latest stable release is always installed, simply leave `sensu_package` to the default `sensu` and change `sensu_pkg_state` to `latest`. (@jaredledvina) -- Switched entirely to [molecule](https://github.com/metacloud/molecule) for integration testing (@jaredledvina) -- Configure [Inspec](https://www.inspec.io/) for full automated verification after integration testing (@jaredledvina) -- Amazon Linux now installs proper version of EPEL (@jaredledvina) -- Amazon Linux now installs a supported version of Erlang and RabbitMQ from Bintray (@jaredledvina) -- Fixup the CentOS RabbitMQ install w/ full GPG signing verification (@jaredledvina) -- Various syntax cleanups and testing documentation updates (@jaredledvina) -- Enable `yamllint` checking and fixup all files to pass checks (@jaredledvina) -- Enable `ansible-lint` checking and fixup all errors to pass checks (@jaredledvina) -- Various doc cleanup and fixes (@jaredledvina) -- Switch openssl to `present` as `installed` is deprecated (@rlizana) - - -## [2.4.0] - 2018-05-06 -### Fixed: -- Automated SSL key & cert generation fails on systems with Python 2.6 or older (@jaredledvina) - -### Changed -- Port over the latest ssl_tools code to more native Ansible `command` instructions for greater flexibility (@jaredledvina) - -## [2.3.0] - 2018-05-04 -### Fixed -- Issue that prevented older OS such as CentOS 5 from installing the Sensu RPM package as they are unsigned (@smbambling) -- Security issue with redis.json being world readable, as it can contain sensitive information (@smbambling) -- Issue with conf.d that limited access and prevent automated tests from passing (@smbambling) - -### Added -- Support for keepalive attributes: handlers and thresholds (warning/critical) in client.json (@smbambling) -- Support for managing safe_mode in client.json (@smbambling) - -## [2.2.0] - 2018-02-22 -### Added -- Fedora support. Tested in the wild on Fedora 25 as a client and Fedora 27 on the test suite as both master and client. (@danragnar) - - `tasks/Fedora/redis.yml`, `tasks/Fedora/rabbit.yml`: Based on CentOS equivalents but with dnf module instead of yum - - `tasks/Fedora/main.yml`, `tasks/Fedora/dashboard.yml`: links to Centos files - - `vars/Fedora.yml`: vars for Fedora - -### Changed -- `tasks/CentOS/dashboard.yml`, `tasks/CentOS/main.yml`: Use generic package module to support Fedora (@danragnar) - -## [2.1.0] -### Fixed -- `defaults/main.yaml`,`tasks/plugins.yml`: Fix Python 3.X compatability issue when checking the contents of sensu_remote_plugins. (@danragnar) - -### Added -- `templates/sensu-api-json.j2`, `templates/uchiwa_config.json.j2`: Check for explicitly defining sensu_uchiwa_users and sensu_api_user_name as empty to disable authentication, useful when having a reverse proxy handling auth in front of the API and/or the uchiwa dashboard (@danragnar) -- `tasks/rabbit.yml`: Consistency of remote_src option for rabbitmq and sensu when copying SSL cert/key files. Useful if certificates are generated by another CA (e.g. FreeIPA) on the sensu host. (@danragnar) - -## [2.0.0] - 2018-02-07 -### Breaking Change -- Split up the variables used to determine if a host gets rabbitmq/redis for more flexibility in deployments. (@tculp) `sensu_deploy_rabbitmq` and `sensu_deploy_redis` are now `sensu_deploy_rabbitmq_server` and `sensu_deploy_redis_server` respectively. See the [role variable documentation](https://github.com/sensu/sensu-ansible/blob/master/docs/role_variables.md) for details on the parameters. -- Redis on Ubuntu will now be configured to bind to `0.0.0.0` to ensure accessiblity and to match the other supported OS configurations. (@tculp) -- Updated the supported Ansible version to the last two stable releases (currently that's Ansible 2.3 and 2.4). (@jaredledvina) Please note that we have not explicitly broken support for running this role on versions of Ansible <2.3. However, we will only be actively supporting the last two stable Ansible releases to reduce the maintenance burden. - -### Added -- Initial support for OpenBSD! (@smbambling) -- Ubuntu now get's `apt-transport-https` installed to support HTTPS repos. (@kevit) -- Default to HTTPS APT repos. @jaredledvina -- Allow for configuring when a node gets the `sensu-client` config file. (@tculp) -- Allow for deploying client definitions based on groups. (@tculp) -- Default to HTTPS Yum repo's and install the Yum key for package signing validation via HTTPS. (@jaredledvina) -- Used HTTPS for APT key. (@jaredledvina) -- Amazon Linux has proper yum repo configured and supports Amazon Linux 2. (@romainrbr) -- Yum based distros now get EPEL to support installing a newer and supported version of RabbitMQ. (@romainrbr) -- CentOS now supports using Bintray mirrors for installing RabbitMQ to work around Erlang issues with older versions. (@romainrbr) -- All PRs are now required to pass TravisCI integrations tests. (@jaredledvina) -- Ensure that we configure the `mode` and `umask` for files to work in a more restrictive environment. (@roumano) -- Debian and Ubuntu switch to Bintray for RabbitMQ to match yum distros. (@jaredledvina) - -### Changed -- Switched from Gitter to `#ansible` in the Sensu Community Slack. (@grepory) -- Bumped SSL tools version to 1.2 by default. (@marji) -- Update 'Generate SSL Certs' to support Ansible 2.4. (@tculp) - -## [1.2.0] - 2017-05-13 -### Added -- RedHat support -- Sensu enterprise support - - Adds a few other minor features as well, such as the ability to toggle rabbitmq's SSL -- Uchiwa HA support - -### Changed -- Rely on the existing sensu repositories to install Uchiwa -- Use the FreeBSD repository -- Update documentation to note Ubuntu 15's EOL -- Allow overriding the use of EPEL on CentOS/RedHat - -### Fixed -- Make sure any local directories that are assumed to exist actually do - -## [1.1.0] - 2017-04-03 -### Added -- Toggle for SSL cert management - -### Changed -- Updated repository URLs and versions for all platforms - -### Fixed -- Fixed behaivor changed by recent versions of Ansible - -## 1.0.0 - 2017-02-14 - -First tagged release, starting at 1.0.0 since the project can be considered stable at this point. - -[Unreleased]: https://github.com/sensu/sensu-ansible/compare/5.2.0...HEAD -[5.2.0]: https://github.com/sensu/sensu-ansible/compare/5.1.0...5.2.0 -[5.1.0]: https://github.com/sensu/sensu-ansible/compare/5.0.2...5.1.0 -[5.0.2]: https://github.com/sensu/sensu-ansible/compare/5.0.1...5.0.2 -[5.0.1]: https://github.com/sensu/sensu-ansible/compare/5.0.0...5.0.1 -[5.0.0]: https://github.com/sensu/sensu-ansible/compare/4.0.0...5.0.0 -[4.0.0]: https://github.com/sensu/sensu-ansible/compare/3.0.0...4.0.0 -[3.0.0]: https://github.com/sensu/sensu-ansible/compare/2.7.0...3.0.0 -[2.7.0]: https://github.com/sensu/sensu-ansible/compare/2.6.0...2.7.0 -[2.6.0]: https://github.com/sensu/sensu-ansible/compare/2.5.0...2.6.0 -[2.5.0]: https://github.com/sensu/sensu-ansible/compare/2.4.0...2.5.0 -[2.4.0]: https://github.com/sensu/sensu-ansible/compare/2.3.0...2.4.0 -[2.3.0]: https://github.com/sensu/sensu-ansible/compare/2.2.0...2.3.0 -[2.2.0]: https://github.com/sensu/sensu-ansible/compare/2.1.0...2.2.0 -[2.1.0]: https://github.com/sensu/sensu-ansible/compare/2.0.0...2.1.0 -[2.0.0]: https://github.com/sensu/sensu-ansible/compare/1.2.0...2.0.0 -[1.2.0]: https://github.com/sensu/sensu-ansible/compare/1.1.0...1.2.0 -[1.1.0]: https://github.com/sensu/sensu-ansible/compare/1.0.0...1.1.0 diff --git a/roles/sensu.sensu/LICENSE b/roles/sensu.sensu/LICENSE deleted file mode 100644 index c9b44cb..0000000 --- a/roles/sensu.sensu/LICENSE +++ /dev/null @@ -1,18 +0,0 @@ -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/sensu.sensu/README.md b/roles/sensu.sensu/README.md deleted file mode 100644 index 16ccb05..0000000 --- a/roles/sensu.sensu/README.md +++ /dev/null @@ -1,85 +0,0 @@ -# Sensu [![Ansible Galaxy](https://img.shields.io/badge/galaxy-sensu.sensu-660198.svg?style=flat)](https://galaxy.ansible.com/sensu/sensu/) [![Build Status](https://travis-ci.org/sensu/sensu-ansible.svg?branch=master)](https://travis-ci.org/sensu/sensu-ansible) - -[![Join the chat at https://slack.sensu.io/](https://slack.sensu.io/badge.svg)](https://slack.sensu.io/) - -This role deploys a full [Sensu](https://sensu.io) stack, a modern, open source monitoring framework. - -## Features -- Deploy a full [Sensu](https://sensu.io) stack, including RabbitMQ, redis, and the [Uchiwa dashboard](https://uchiwa.io/#/) -- Full support for [Sensu Enterprise](https://sensu.io/products/enterprise) -- Tight integration with the Ansible inventory - deployment of monitoring checks based on inventory grouping -- Fine grained control over dynamic client configurations -- Remote plugin deployment -- Automatic generation and dynamic deployment of SSL certs for secure communication between your clients and servers -- Highly configurable - -## Batteries included, but not imposed -Along with deploying the Sensu Server, API and clients, this role can deploy a full stack: [RabbitMQ](http://www.rabbitmq.com/), [redis](http://redis.io), and the [Uchiwa dashboard](https://uchiwa.io/#/). -However, if you want to rely on other roles/management methods to deploy/manage these services, [it's nice and easy to integrate this role](http://ansible-sensu.readthedocs.io/en/latest/integration/). - -## Documentation [![Documentation](https://readthedocs.org/projects/ansible-sensu/badge/?version=latest)](http://ansible-sensu.readthedocs.io/en/latest/) -[Read the full documentation](http://ansible-sensu.readthedocs.io/en/latest/) for a comprehensive overview of this role and its powerful features. - -## Requirements -This role requires: -- A supported version of Ansible, see [Ansible version support](#ansible-version-support) for details. -- The `dynamic_data_store` variable to be set: see [Dynamic Data Store](http://ansible-sensu.readthedocs.io/en/latest/dynamic_data/) -- If `sensu_include_plugins` is true (the default), the `static_data_store` variable needs to be set: see [Check Deployment](http://ansible-sensu.readthedocs.io/en/latest/dynamic_checks/) - -## Supported Platforms -### Automatically tested via TravisCI - -- [CentOS - 6](https://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.9) -- [CentOS - 7](https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7) -- [Debian - 8 (Jessie)](https://wiki.debian.org/DebianJessie) -- [Debian - 9 (Stretch)](https://wiki.debian.org/DebianStretch) -- [Ubuntu - 14.04 (Trusty Tahr)](http://releases.ubuntu.com/14.04/) -- [Ubuntu - 16.04 (Xenial Xerus)](http://releases.ubuntu.com/16.04/) -- [Fedora - 26](https://docs.fedoraproject.org/f26/release-notes/) -- [Fedora - 27](https://docs.fedoraproject.org/f27/release-notes/) -- [Fedora - 28](https://docs.fedoraproject.org/f28/release-notes/) -- [Amazon Linux](https://aws.amazon.com/amazon-linux-ami/) -- [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/) - -### Supported manually (compatibility not always guaranteed) -- [SmartOS - base-64 15.x.x](https://docs.joyent.com/images/smartos/base#version-15xx) -- [FreeBSD - 10.3, 11.0 (64-bit only)](https://www.freebsd.org/releases/10.2R/relnotes.html) -- [OpenBSD - 6.2](https://www.openbsd.org/62.html) - -## Role Variables - -See [Role Variables](http://ansible-sensu.readthedocs.io/en/latest/role_variables/) for a detailed list of the variables this role uses - -## Example Playbook - -``` yaml - - hosts: all - roles: - - role: sensu.sensu -``` -Or, passing parameter values: - -``` yaml - - hosts: sensu_masters - roles: - - { role: sensu.sensu, sensu_master: true, sensu_include_dashboard: true } -``` - -## Ansible version support -All changes to this role are actively tested against Ansible 2.6 and 2.7 at this time. Ansible 2.5 is required at a minimum. - - -License -------- -MIT - -Author Information ------------------- -Originally created by [Calum MacRae](http://cmacr.ae) and supported by the [Sensu Community Ansible Maintainers](https://github.com/sensu-plugins/community/#maintained-areas) - -### Contributors -See the projects [Contributors page](https://github.com/sensu/sensu-ansible/graphs/contributors) - -Feel free to: -[Raise an issue](https://github.com/sensu/sensu-ansible/issues) -[Contribute](https://github.com/sensu/sensu-ansible/pulls) diff --git a/roles/sensu.sensu/defaults/main.yml b/roles/sensu.sensu/defaults/main.yml deleted file mode 100644 index eec777d..0000000 --- a/roles/sensu.sensu/defaults/main.yml +++ /dev/null @@ -1,126 +0,0 @@ ---- -# Sensu enterprise credential -# Variables for Sensu Enterprise License -se_enterprise: false -se_user: '' -se_pass: '' - -# Sensu package -sensu_package: sensu -sensu_enterprise_package: sensu-enterprise -sensu_enterprise_dashboard_package: sensu-enterprise-dashboard - -# Sensu repo urls -sensu_yum_repo_url: "https://sensu.global.ssl.fastly.net/yum/$releasever/$basearch/" -sensu_yum_key_url: "https://sensu.global.ssl.fastly.net/yum/pubkey.gpg" -sensu_apt_repo_url: "deb https://repositories.sensuapp.org/apt {{ ansible_distribution_release }} main" -sensu_apt_key_url: "https://sensu.global.ssl.fastly.net/apt/pubkey.gpg" -sensu_freebsd_url: "https://sensu.global.ssl.fastly.net/freebsd/FreeBSD:{{ ansible_distribution_major_version }}:{{ ansible_architecture }}/" -sensu_ol_yum_repo_url: "https://dl.fedoraproject.org/pub/epel/$releasever/$basearch/" -sensu_ol_yum_key_url: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever" - -# Sensu service names -sensu_server_service_name: sensu-server -sensu_api_service_name: sensu-api -sensu_client_service_name: sensu-client -sensu_enterprise_service_name: sensu-enterprise -sensu_enterprise_dashboard_service_name: sensu-enterprise-dashboard -uchiwa_service_name: uchiwa - -# Service deployment options -sensu_deploy_rabbitmq_server: true -sensu_deploy_redis_server: true - -# RabbitMQ server properties -sensu_rabbitmq_config_path: /etc/rabbitmq -sensu_rabbitmq_config_template: rabbitmq.config.j2 -sensu_rabbitmq_enable_ssl: true -sensu_rabbitmq_host: "{{ groups['sensu_rabbitmq_servers'][0] }}" -sensu_rabbitmq_port: 5671 -sensu_rabbitmq_pkg_state: present -sensu_rabbitmq_server: false -sensu_rabbitmq_service_name: rabbitmq-server -sensu_rabbitmq_user_name: sensu -sensu_rabbitmq_password: sensu -sensu_rabbitmq_vhost: /sensu - -# redis server properties -sensu_redis_host: "{{ groups['sensu_redis_servers'][0] }}" -sensu_redis_server: false -sensu_redis_service_name: redis -sensu_redis_pkg_repo: ~ -sensu_redis_pkg_name: redis -sensu_redis_pkg_state: present -sensu_redis_port: 6379 -sensu_redis_password: -sensu_redis_sentinels: [] -sensu_redis_master_name: -sensu_redis_config: sensu-redis.json.j2 - -# Sensu/Uchiwa user/group/service properties -sensu_api_host: "{{ groups['sensu_masters'][0] }}" -sensu_api_port: 4567 -sensu_api_ssl: "false" -sensu_api_user_name: admin -sensu_api_password: secret -sensu_api_uchiwa_path: '' -sensu_api_timeout: 5000 -sensu_client_config: client.json.j2 -sensu_rabbitmq_config: sensu-rabbitmq.json.j2 -sensu_config_path: /etc/sensu -sensu_pkg_state: present -sensu_gem_state: present -sensu_plugin_gem_state: present -sensu_group_name: sensu -sensu_include_plugins: true -sensu_include_dashboard: false -sensu_master: false -sensu_client: true -sensu_user_name: sensu -sensu_remote_plugins: [] -sensu_transport: rabbitmq -sensu_client_name: "{{ ansible_hostname }}" -sensu_client_subscriptions: "{{ group_names }}" -sensu_client_keepalive_handlers: - - default -sensu_client_keepalive_threshold_warning: 120 -sensu_client_keepalive_threshold_critical: 180 -sensu_client_safe_mode: false -sensu_deploy_rabbitmq_config: true -sensu_deploy_redis_config: true -sensu_deploy_transport_config: true -sensu_enable_tessen: false - -# Sensu/RabbitMQ SSL certificate properties -sensu_ssl_gen_certs: true -sensu_ssl_deploy_remote_src: false -sensu_ssl_manage_certs: true -sensu_master_config_path: "{{ hostvars[groups['sensu_masters'][0]]['sensu_config_path'] | default('/etc/sensu') }}" -sensu_ssl_tool_base_path: "{{ dynamic_data_store }}/{{ groups['sensu_masters'][0] }}{{ sensu_master_config_path }}/ssl_generation/sensu_ssl_tool" -sensu_ssl_client_cert: "{{ sensu_ssl_tool_base_path }}/client/cert.pem" -sensu_ssl_client_key: "{{ sensu_ssl_tool_base_path }}/client/key.pem" -sensu_ssl_server_cacert: "{{ sensu_ssl_tool_base_path }}/sensu_ca/cacert.pem" -sensu_ssl_server_cert: "{{ sensu_ssl_tool_base_path }}/server/cert.pem" -sensu_ssl_server_key: "{{ sensu_ssl_tool_base_path }}/server/key.pem" -dynamic_data_store: "{{ playbook_dir }}/data/store" -static_data_store: "{{ playbook_dir }}/data/static" - -# Uchiwa properties -sensu_uchiwa_dc_name: ~ -sensu_uchiwa_path: /opt/uchiwa -sensu_uchiwa_redis_use_ssl: false -sensu_uchiwa_users: - - username: admin - password: admin -sensu_uchiwa_port: 3000 -sensu_uchiwa_refresh: 5 -sensu_uchiwa_api_port: "{{ sensu_api_port }}" -sensu_uchiwa_auth_privatekey: ~ -sensu_uchiwa_auth_publickey: ~ - -# CentOS repository for redis and rabbitmq -sensu_centos_repository: epel - -# Internal settings -__bash_path: /bin/bash -__root_group: root diff --git a/roles/sensu.sensu/handlers/main.yml b/roles/sensu.sensu/handlers/main.yml deleted file mode 100644 index 4762243..0000000 --- a/roles/sensu.sensu/handlers/main.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- - -- name: restart rabbitmq service - service: - name: "{{ sensu_rabbitmq_service_name }}" - state: restarted - -- name: restart redis service - service: - name: "{{ sensu_redis_service_name }}" - pattern: /usr/bin/redis-server - state: restarted - -- name: restart uchiwa service - service: - name: "{{ uchiwa_service_name }}" - state: restarted - -- name: restart sensu-server service - service: - name: "{{ sensu_server_service_name }}" - state: restarted - when: sensu_master and not se_enterprise - -- name: restart sensu-api service - service: - name: "{{ sensu_api_service_name }}" - state: restarted - when: sensu_master and not se_enterprise - -- name: restart sensu-client service - service: - name: "{{ sensu_client_service_name }}" - state: restarted - -- name: restart sensu-enterprise service - service: - name: "{{ sensu_enterprise_service_name }}" - state: restarted - when: se_enterprise and sensu_master - -- name: restart sensu-enterprise-dashboard service - service: - name: "{{ sensu_enterprise_dashboard_service_name }}" - state: restarted - when: se_enterprise and sensu_master - -# Joyent SmartOS specific handlers -- name: import sensu-server service - command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/sensu-server.xml - -- name: import sensu-api service - command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/sensu-api.xml - -- name: import sensu-client service - command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/sensu-client.xml - -- name: import uchiwa service - command: /usr/sbin/svccfg import /opt/local/lib/svc/manifest/uchiwa.xml - -- name: Build and deploy Uchiwa - command: npm install --production - args: - chdir: "{{ sensu_uchiwa_path }}/go/src/github.com/sensu/uchiwa" - become: true - become_user: "{{ sensu_user_name }}" - -- name: Update pkgng database - command: /usr/sbin/pkg update diff --git a/roles/sensu.sensu/meta/.galaxy_install_info b/roles/sensu.sensu/meta/.galaxy_install_info deleted file mode 100644 index 3994e10..0000000 --- a/roles/sensu.sensu/meta/.galaxy_install_info +++ /dev/null @@ -1,2 +0,0 @@ -install_date: Sun Apr 28 17:44:58 2019 -version: 5.2.0 diff --git a/roles/sensu.sensu/meta/main.yml b/roles/sensu.sensu/meta/main.yml deleted file mode 100644 index 834a880..0000000 --- a/roles/sensu.sensu/meta/main.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -galaxy_info: - author: Calum MacRae - description: Deploy a full Sensu monitoring stack; including redis, RabbitMQ & the Uchiwa dashboard - license: MIT - min_ansible_version: 2.5 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Ubuntu - versions: - - trusty - - vivid - - name: Debian - versions: - - jessie - - stretch - - name: Fedora - versions: - - 26 - - 27 - - 28 - - galaxy_tags: - - cloud - - monitoring - - system - - web - - sensu - - rabbitmq - - redis - - metrics - - amqp - - alerting - - stack - - dashboard -dependencies: [] diff --git a/roles/sensu.sensu/tasks/Amazon/dashboard.yml b/roles/sensu.sensu/tasks/Amazon/dashboard.yml deleted file mode 100644 index ad93db8..0000000 --- a/roles/sensu.sensu/tasks/Amazon/dashboard.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# tasks/Amazon/dashboard.yml: Deployment of the Uchiwa dashboard -# Specific to CentOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: dashboard - -- name: Ensure Uchiwa is installed - tags: dashboard - yum: - name: uchiwa - state: present - -- name: Deploy Uchiwa config - tags: dashboard - template: - src: uchiwa_config.json.j2 - dest: "{{ sensu_config_path }}/uchiwa.json" - notify: restart uchiwa service diff --git a/roles/sensu.sensu/tasks/Amazon/main.yml b/roles/sensu.sensu/tasks/Amazon/main.yml deleted file mode 100644 index 8aa3568..0000000 --- a/roles/sensu.sensu/tasks/Amazon/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# tasks/Amazon/main.yml: CentOS specific set-up -# This takes care of base prerequisites for Amazon Linux AMI - -- name: Include ansible_distribution vars - tags: setup - include_vars: - file: "{{ ansible_distribution }}.yml" - -- name: Set epel_version override when AmazonLinux AMIv2 - tags: setup - set_fact: - epel_version: 7 - when: ansible_distribution_version == 'Candidate' - -- name: Ensure the Sensu Core Yum repo is present - tags: setup - yum_repository: - name: sensu - description: The Sensu Core yum repository - baseurl: "{{ sensu_yum_repo_url }}" - gpgkey: "{{ sensu_yum_key_url }}" - gpgcheck: yes - enabled: yes - -- name: Ensure Sensu is installed - tags: setup - yum: - name: "{{ sensu_package }}" - state: "{{ sensu_pkg_state }}" diff --git a/roles/sensu.sensu/tasks/Amazon/rabbit.yml b/roles/sensu.sensu/tasks/Amazon/rabbit.yml deleted file mode 100644 index 97db57d..0000000 --- a/roles/sensu.sensu/tasks/Amazon/rabbit.yml +++ /dev/null @@ -1,66 +0,0 @@ ---- -# tasks/Amazon/rabbit.yml: Deploy RabbitMQ -# Specific to Amazon Linux - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- name: Configure RabbitMQ/RabbitMQ-erlang GPG keys in the RPM keyring - tags: rabbitmq - rpm_key: - key: "{{ sensu_rabbitmq_signing_key }}" - state: present - register: sensu_rabbitmq_import_key - -- name: Add RabbitMQ's repo - tags: rabbitmq - yum_repository: - name: rabbitmq - description: rabbitmq - baseurl: "{{ sensu_rabbitmq_baseurl }}" - gpgcheck: yes - gpgkey: "{{ sensu_rabbitmq_signing_key }}" - repo_gpgcheck: no - -- name: Add RabbitMQ's Erlang repo - tags: rabbitmq - yum_repository: - name: rabbitmq-erlang - description: rabbitmq-erlang - baseurl: "{{ sensu_rabbitmq_erlang_baseurl }}" - gpgcheck: yes - gpgkey: "{{ sensu_rabbitmq_erlang_signing_key }}" - repo_gpgcheck: no - -# HACK: https://github.com/ansible/ansible/issues/20711#issuecomment-306260869 -# Can be removed once we're running w/ a version of Ansible that has https://github.com/ansible/ansible/pull/35989 -- name: Make yum cache to import GPG keys - tags: rabbitmq - command: "yum -q makecache -y --disablerepo='*' --enablerepo='{{ item }}'" - args: - warn: false - when: sensu_rabbitmq_import_key.changed - loop: - - rabbitmq - - rabbitmq-erlang - -# Hard dependency for rabbitmq-server, however, typically comes from EPEL, so -# we simply install it here, as we purposely disable epel when installing rabbitmq -# causing dependency issues during installs -- name: Ensure socat is installed - tags: rabbitmq - yum: - name: socat - state: present - -- name: Ensure Erlang & RabbitMQ are installed - tags: rabbitmq - yum: - name: - - erlang - - rabbitmq-server - state: present - enablerepo: rabbitmq,rabbitmq-erlang - disablerepo: '*' diff --git a/roles/sensu.sensu/tasks/Amazon/redis.yml b/roles/sensu.sensu/tasks/Amazon/redis.yml deleted file mode 100644 index 8fdd9dc..0000000 --- a/roles/sensu.sensu/tasks/Amazon/redis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# tasks/Amazon/redis.yml: Deploy redis -# Specific to Amazon Linux AMI - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: redis - -- name: Install EPEL repo - tags: redis - yum: - name: "{{ epel_repo_rpm }}" - state: present - when: enable_epel_repo - -- name: Ensure redis is installed - tags: redis - yum: - name: "{{ sensu_redis_pkg_name }}" - state: "{{ sensu_redis_pkg_state }}" - enablerepo: epel - -- name: Ensure redis binds to accessible IP - tags: redis - lineinfile: - dest: /etc/redis.conf - regexp: '^bind' - line: 'bind 0.0.0.0' diff --git a/roles/sensu.sensu/tasks/CentOS/dashboard.yml b/roles/sensu.sensu/tasks/CentOS/dashboard.yml deleted file mode 100644 index 5ad39d2..0000000 --- a/roles/sensu.sensu/tasks/CentOS/dashboard.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -# tasks/CentOS/dashboard.yml: Deployment of the Uchiwa dashboard -# Specific to CentOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: dashboard - -- name: Ensure Uchiwa is installed - tags: dashboard - package: - name: uchiwa - state: present - when: not se_enterprise - -- name: Ensure Sensu Enterprise Dashboard is installed - tags: dashboard - package: - name: "{{ sensu_enterprise_dashboard_package }}" - state: present - when: se_enterprise - -- name: Deploy Uchiwa config - tags: dashboard - template: - src: uchiwa_config.json.j2 - dest: "{{ sensu_config_path }}/uchiwa.json" - when: not se_enterprise - notify: - - restart uchiwa service - - -- name: Deploy Sensu Enterprise Dashboard - tags: dashboard - template: - src: sensu_enterprise_dashboard_config.json.j2 - dest: "{{ sensu_config_path }}/dashboard.json" - when: se_enterprise - notify: - - restart sensu-enterprise-dashboard service diff --git a/roles/sensu.sensu/tasks/CentOS/main.yml b/roles/sensu.sensu/tasks/CentOS/main.yml deleted file mode 100644 index 41bfebb..0000000 --- a/roles/sensu.sensu/tasks/CentOS/main.yml +++ /dev/null @@ -1,83 +0,0 @@ ---- -# tasks/CentOS/main.yml: CentOS specific set-up -# This takes care of base prerequisites for CentOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: setup - -- name: Ensure the Sensu Core Yum repo is present - tags: setup - yum_repository: - name: sensu - description: The Sensu Core yum repository - baseurl: "{{ sensu_yum_repo_url }}" - gpgkey: "{{ sensu_yum_key_url }}" - gpgcheck: "{{ ( - (ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux') and - ansible_distribution_major_version == '5' - ) | ternary('no', 'yes') }}" - enabled: yes - -- name: Ensure the epel present for OracleLinux - tags: setup - yum_repository: - name: epel - description: EPEL YUM repo - baseurl: "{{ sensu_ol_yum_repo_url }}" - gpgkey: "{{ sensu_ol_yum_key_url }}" - enabled: yes - when: ansible_distribution == 'OracleLinux' - -- name: Ensure that credential is supplied if installing Sensu Enterprise - tags: setup - assert: - that: - - "se_user != ''" - - "se_pass != ''" - msg: Sensu enterprise credential must not be empty. Did you forget to set se_user and se_pass? - when: se_enterprise - -- name: Ensure the Sensu Enterprise repo is present - tags: setup - copy: - dest: /etc/yum.repos.d/sensu-enterprise.repo - content: | - [sensu-enterprise] - name=sensu-enterprise - baseurl=http://{{ se_user }}:{{ se_pass }}@enterprise.sensuapp.com/yum/noarch/ - gpgcheck=0 - enabled=1 - owner: root - group: root - mode: 0644 - when: se_enterprise - -- name: Ensure the Sensu Enterprise Dashboard repo is present - tags: setup - copy: - dest: /etc/yum.repos.d/sensu-enterprise-dashboard.repo - content: | - [sensu-enterprise-dashboard] - name=sensu-enterprise-dashboard - baseurl=http://{{ se_user }}:{{ se_pass }}@enterprise.sensuapp.com/yum/\$basearch/ - gpgcheck=0 - enabled=1 - owner: root - group: root - mode: 0644 - when: se_enterprise - -- name: Ensure Sensu is installed - tags: setup - package: - name: "{{ sensu_package }}" - state: "{{ sensu_pkg_state }}" - -- name: Ensure Sensu Enterprise is installed - tags: setup - package: - name: "{{ sensu_enterprise_package }}" - state: "{{ sensu_pkg_state }}" - when: se_enterprise diff --git a/roles/sensu.sensu/tasks/CentOS/rabbit.yml b/roles/sensu.sensu/tasks/CentOS/rabbit.yml deleted file mode 100644 index 055e662..0000000 --- a/roles/sensu.sensu/tasks/CentOS/rabbit.yml +++ /dev/null @@ -1,66 +0,0 @@ ---- -# tasks/CentOS/rabbit.yml: Deploy RabbitMQ -# Specific to CentOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- name: Configure RabbitMQ GPG keys in the RPM keyring - tags: rabbitmq - rpm_key: - key: "{{ sensu_rabbitmq_signing_key }}" - state: present - register: sensu_rabbitmq_import_key - -- name: Add RabbitMQ's repo - tags: rabbitmq - yum_repository: - name: rabbitmq - description: rabbitmq - baseurl: "{{ sensu_rabbitmq_baseurl }}" - gpgcheck: yes - gpgkey: "{{ sensu_rabbitmq_signing_key }}" - repo_gpgcheck: no - -- name: Add RabbitMQ's Erlang repo - tags: rabbitmq - yum_repository: - name: rabbitmq-erlang - description: rabbitmq-erlang - baseurl: "{{ sensu_rabbitmq_erlang_baseurl }}" - gpgcheck: yes - gpgkey: "{{ sensu_rabbitmq_erlang_signing_key }}" - repo_gpgcheck: no - -# HACK: https://github.com/ansible/ansible/issues/20711#issuecomment-306260869 -# Can be removed once we're running w/ a version of Ansible that has https://github.com/ansible/ansible/pull/35989 -- name: Make yum cache to import GPG keys - tags: rabbitmq - command: "yum -q makecache -y --disablerepo='*' --enablerepo='{{ item }}'" - args: - warn: false - when: sensu_rabbitmq_import_key.changed - loop: - - rabbitmq - - rabbitmq-erlang - -# Hard dependency for rabbitmq-server, however, typically comes from EPEL, so -# we simply install it here, as we purposely disable epel when installing rabbitmq -# causing dependency issues during installs -- name: Ensure socat is installed - tags: rabbitmq - yum: - name: socat - state: present - -- name: Ensure Erlang & RabbitMQ are installed - tags: rabbitmq - yum: - name: - - erlang - - rabbitmq-server - state: present - enablerepo: rabbitmq,rabbitmq-erlang - disablerepo: epel diff --git a/roles/sensu.sensu/tasks/CentOS/redis.yml b/roles/sensu.sensu/tasks/CentOS/redis.yml deleted file mode 100644 index 28a7bd0..0000000 --- a/roles/sensu.sensu/tasks/CentOS/redis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# tasks/CentOS/redis.yml: Deploy redis -# Specific to CentOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: redis - -- name: Install EPEL repo - tags: redis - yum: - name: epel-release - state: present - when: enable_epel_repo - -- name: Ensure redis is installed - tags: redis - yum: - name: "{{ sensu_redis_pkg_name }}" - state: "{{ sensu_redis_pkg_state }}" - enablerepo: "{{ sensu_centos_repository }}" - -- name: Ensure redis binds to accessible IP - tags: redis - lineinfile: - dest: /etc/redis.conf - regexp: '^bind' - line: 'bind 0.0.0.0' diff --git a/roles/sensu.sensu/tasks/Debian/dashboard.yml b/roles/sensu.sensu/tasks/Debian/dashboard.yml deleted file mode 100644 index 9ae01d2..0000000 --- a/roles/sensu.sensu/tasks/Debian/dashboard.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# tasks/Debian/dashboard.yml: Deployment of the Uchiwa dashboard -# Specific to Debian - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: dashboard - -- name: Install uchiwa - tags: dashboard - apt: - name: uchiwa - state: present - -- name: Deploy Uchiwa config - tags: dashboard - template: - src: uchiwa_config.json.j2 - dest: "{{ sensu_config_path }}/uchiwa.json" - notify: restart uchiwa service diff --git a/roles/sensu.sensu/tasks/Debian/main.yml b/roles/sensu.sensu/tasks/Debian/main.yml deleted file mode 100644 index 44177da..0000000 --- a/roles/sensu.sensu/tasks/Debian/main.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -# tasks/Debian/main.yml: Debian specific set-up -# This takes care of base prerequisites for Debian - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: setup - -- name: Ensure apt-transport-https is installed - tags: setup - apt: - name: apt-transport-https - state: present - cache_valid_time: 3600 - update_cache: true - -- name: Ensure that gnupg is installed for apt_key - tags: setup - apt: - name: gnupg - state: present - -- name: Ensure the Sensu APT repo GPG key is present - tags: setup - apt_key: - url: "{{ sensu_apt_key_url }}" - state: present - -- name: Ensure the Sensu Core APT repo is present - tags: setup - apt_repository: - repo: "{{ sensu_apt_repo_url }}" - state: present - update_cache: true - -- name: Ensure Sensu is installed - tags: setup - apt: - name: "{{ sensu_package }}" - state: "{{ sensu_pkg_state }}" diff --git a/roles/sensu.sensu/tasks/Debian/rabbit.yml b/roles/sensu.sensu/tasks/Debian/rabbit.yml deleted file mode 100644 index 841c658..0000000 --- a/roles/sensu.sensu/tasks/Debian/rabbit.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -# tasks/Debian/rabbit.yml: Deploy RabbitMQ -# Specific to Debian - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- name: Ensure the RabbitMQ APT repo GPG key is present - tags: rabbitmq - apt_key: - url: "{{ sensu_rabbitmq_signing_key }}" - state: present - -- name: Ensure the RabbitMQ APT repo is present - tags: rabbitmq - apt_repository: - repo: "{{ sensu_rabbitmq_repo }}" - filename: rabbitmq - state: present - update_cache: true - -- name: Ensure Erlang APT preferences is configured - tags: rabbitmq - template: - src: erlang-apt-preferences.j2 - dest: /etc/apt/preferences.d/erlang - owner: root - group: root - mode: 0755 - -- name: Ensure the Erlang APT repo GPG key is present - tags: rabbitmq - apt_key: - url: "{{ sensu_rabbitmq_erlang_signing_key }}" - state: present - -- name: Ensure the Erlang APT repo is present - tags: rabbitmq - apt_repository: - repo: "{{ sensu_rabbitmq_erlang_repo }}" - filename: erlang - state: present - update_cache: true - -- name: Ensure RabbitMQ is installed - tags: rabbitmq - apt: - name: rabbitmq-server - state: "{{ sensu_rabbitmq_pkg_state }}" - cache_valid_time: 600 - update_cache: true diff --git a/roles/sensu.sensu/tasks/Debian/redis.yml b/roles/sensu.sensu/tasks/Debian/redis.yml deleted file mode 100644 index 3592f60..0000000 --- a/roles/sensu.sensu/tasks/Debian/redis.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -# tasks/Debian/redis.yml: Deploy redis -# Specific to Debian - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: redis - -- name: Ensure redis is installed - tags: redis - apt: - name: "{{ sensu_redis_pkg_name }}" - state: "{{ sensu_redis_pkg_state }}" - update_cache: true - -- name: Ensure redis binds to accessible IP - tags: redis - lineinfile: - dest: /etc/redis/redis.conf - regexp: '^bind' - line: 'bind 0.0.0.0' - notify: restart redis service - -- meta: flush_handlers - tags: redis diff --git a/roles/sensu.sensu/tasks/Fedora/dashboard.yml b/roles/sensu.sensu/tasks/Fedora/dashboard.yml deleted file mode 120000 index 30ac786..0000000 --- a/roles/sensu.sensu/tasks/Fedora/dashboard.yml +++ /dev/null @@ -1 +0,0 @@ -../CentOS/dashboard.yml \ No newline at end of file diff --git a/roles/sensu.sensu/tasks/Fedora/main.yml b/roles/sensu.sensu/tasks/Fedora/main.yml deleted file mode 120000 index 8f9e772..0000000 --- a/roles/sensu.sensu/tasks/Fedora/main.yml +++ /dev/null @@ -1 +0,0 @@ -../CentOS/main.yml \ No newline at end of file diff --git a/roles/sensu.sensu/tasks/Fedora/rabbit.yml b/roles/sensu.sensu/tasks/Fedora/rabbit.yml deleted file mode 100644 index a3783f8..0000000 --- a/roles/sensu.sensu/tasks/Fedora/rabbit.yml +++ /dev/null @@ -1,66 +0,0 @@ ---- -# tasks/Fedora/rabbit.yml: Deploy RabbitMQ -# Specific to Fedora - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- name: Configure RabbitMQ GPG keys in the RPM keyring - tags: rabbitmq - rpm_key: - key: "{{ sensu_rabbitmq_signing_key }}" - state: present - register: sensu_rabbitmq_import_key - -- name: Add RabbitMQ's repo - tags: rabbitmq - yum_repository: - name: rabbitmq - description: rabbitmq - baseurl: "{{ sensu_rabbitmq_baseurl }}" - gpgcheck: yes - gpgkey: "{{ sensu_rabbitmq_signing_key }}" - repo_gpgcheck: no - -- name: Add RabbitMQ's Erlang repo - tags: rabbitmq - yum_repository: - name: rabbitmq-erlang - description: rabbitmq-erlang - baseurl: "{{ sensu_rabbitmq_erlang_baseurl }}" - gpgcheck: yes - gpgkey: "{{ sensu_rabbitmq_erlang_signing_key }}" - repo_gpgcheck: no - -# HACK: https://github.com/ansible/ansible/issues/20711#issuecomment-306260869 -# Can be removed once we're running w/ a version of Ansible that has https://github.com/ansible/ansible/pull/35989 -- name: Make yum cache to import GPG keys - tags: rabbitmq - command: "yum -q makecache -y --disablerepo='*' --enablerepo='{{ item }}'" - args: - warn: false - when: sensu_rabbitmq_import_key.changed - loop: - - rabbitmq - - rabbitmq-erlang - -# Hard dependency for rabbitmq-server, however, typically comes from EPEL, so -# we simply install it here, as we purposely disable epel when installing rabbitmq -# causing dependency issues during installs -- name: Ensure socat is installed - tags: rabbitmq - dnf: - name: socat - state: present - -- name: Ensure Erlang & RabbitMQ are installed - tags: rabbitmq - dnf: - name: - - erlang - - rabbitmq-server - state: present - enablerepo: rabbitmq,rabbitmq-erlang - disablerepo: epel diff --git a/roles/sensu.sensu/tasks/Fedora/redis.yml b/roles/sensu.sensu/tasks/Fedora/redis.yml deleted file mode 100644 index 952d0ca..0000000 --- a/roles/sensu.sensu/tasks/Fedora/redis.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# tasks/Fedora/redis.yml: Deploy redis -# Specific to Fedora - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: redis - -- name: Ensure jemalloc is installed as a dependency of Redis - tags: redis - dnf: - name: jemalloc - state: present - -- name: Ensure redis is installed - tags: redis - dnf: - name: "{{ sensu_redis_pkg_name }}" - state: "{{ sensu_redis_pkg_state }}" - -- name: Ensure redis binds to accessible IP - tags: redis - lineinfile: - dest: /etc/redis.conf - regexp: '^bind' - line: 'bind 0.0.0.0' diff --git a/roles/sensu.sensu/tasks/FreeBSD/dashboard.yml b/roles/sensu.sensu/tasks/FreeBSD/dashboard.yml deleted file mode 100644 index 2b4d331..0000000 --- a/roles/sensu.sensu/tasks/FreeBSD/dashboard.yml +++ /dev/null @@ -1,86 +0,0 @@ ---- -# tasks/FreeBSD/dashboard.yml: Deployment of the Uchiwa dashboard -# Specific to FreeBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: dashboard - -- name: Ensure Uchiwa (dashboard) dependencies are installed - tags: dashboard - pkgng: - name: "{{ item }}" - state: present - loop: - - go - - git - - npm - -- name: Ensure Uchiwa directory exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - recurse: true - -- name: Ensure Uchiwa Go/config directory exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}/{{ item }}" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - recurse: true - loop: - - etc - - go - -- name: Ensure Uchiwa GOPATH exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}/go/{{ item }}" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - state: directory - recurse: true - loop: - - bin - - pkg - - src - -- name: Fetch Uchiwa from GitHub - tags: dashboard - command: go get github.com/sensu/uchiwa - environment: - GOPATH: "{{ sensu_uchiwa_path }}/go" - args: - creates: "{{ sensu_uchiwa_path }}/go/src/github.com/sensu/uchiwa" - notify: Build and deploy Uchiwa - become: true - become_user: "{{ sensu_user_name }}" - -- meta: flush_handlers - tags: dashboard - -- name: Deploy Uchiwa config - tags: dashboard - template: - src: uchiwa_config.json.j2 - dest: "{{ sensu_uchiwa_path }}/etc/config.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - notify: restart uchiwa service - -- name: Deploy Uchiwa service file - tags: dashboard - template: - src: uchiwa_freebsd.j2 - dest: "/usr/local/etc/rc.d/uchiwa" - mode: "0755" - -- name: Ensure Uchiwa server service is running - tags: dashboard - service: name=uchiwa state=started enabled=yes diff --git a/roles/sensu.sensu/tasks/FreeBSD/main.yml b/roles/sensu.sensu/tasks/FreeBSD/main.yml deleted file mode 100644 index c521758..0000000 --- a/roles/sensu.sensu/tasks/FreeBSD/main.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -# tasks/FreeBSD/main.yml: FreeBSD specific set-up -# This takes care of base prerequisites for FreeBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: setup - -- name: Ensure the Sensu group is present - tags: setup - group: - name: "{{ sensu_group_name }}" - state: present - -- name: Ensure the Sensu user is present - tags: setup - user: - name: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - shell: /bin/false - home: "{{ sensu_config_path }}" - createhome: true - state: present - -- name: Ensure pkgng custom repo config directory exists - tags: setup - file: - path: /usr/local/etc/pkg/repos/ - state: directory - -- name: Ensure Sensu repo is configured - tags: setup - template: - src: sensu-freebsd-repo.conf.j2 - dest: /usr/local/etc/pkg/repos/sensu.conf - notify: - - Update pkgng database - -- name: Ensure prerequisite packages are installed - tags: setup - pkgng: - name: "{{ item }}" - state: present - loop: - - bash - - ca_root_nss - -- name: Ensure Sensu is installed - tags: setup - pkgng: - name: "{{ sensu_package }}" - state: "{{ sensu_pkg_state }}" diff --git a/roles/sensu.sensu/tasks/FreeBSD/rabbit.yml b/roles/sensu.sensu/tasks/FreeBSD/rabbit.yml deleted file mode 100644 index 44f854d..0000000 --- a/roles/sensu.sensu/tasks/FreeBSD/rabbit.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# tasks/FreeBSD/rabbit.yml: Deploy RabbitMQ -# Specific to FreeBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- name: Ensure RabbitMQ is installed - tags: rabbitmq - pkgng: - name: rabbitmq - state: "{{ sensu_rabbitmq_pkg_state }}" diff --git a/roles/sensu.sensu/tasks/FreeBSD/redis.yml b/roles/sensu.sensu/tasks/FreeBSD/redis.yml deleted file mode 100644 index 9a821d3..0000000 --- a/roles/sensu.sensu/tasks/FreeBSD/redis.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# tasks/FreeBSD/redis.yml: Deploy redis -# Specific to FreeBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: redis - -- name: Ensure redis is installed - tags: redis - pkgng: - name: "{{ sensu_redis_pkg_name }}" - state: "{{ sensu_redis_pkg_state }}" - -- name: Ensure redis binds to accessible IP - tags: redis - lineinfile: - dest: /usr/local/etc/redis.conf - regexp: '^bind' - line: 'bind 0.0.0.0' - notify: restart redis service - -- meta: flush_handlers - tags: redis diff --git a/roles/sensu.sensu/tasks/OpenBSD/dashboard.yml b/roles/sensu.sensu/tasks/OpenBSD/dashboard.yml deleted file mode 100644 index a0735c6..0000000 --- a/roles/sensu.sensu/tasks/OpenBSD/dashboard.yml +++ /dev/null @@ -1,86 +0,0 @@ ---- -# tasks/OpenBSD/dashboard.yml: Deployment of the Uchiwa dashboard -# Specific to OpenBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: dashboard - -- name: Ensure Uchiwa (dashboard) dependencies are installed - tags: dashboard - openbsd_pkg: - name: "{{ item }}" - state: present - loop: - - go - - git - - npm - -- name: Ensure Uchiwa directory exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - recurse: true - -- name: Ensure Uchiwa Go/config directory exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}/{{ item }}" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - recurse: true - loop: - - etc - - go - -- name: Ensure Uchiwa GOPATH exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}/go/{{ item }}" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - state: directory - recurse: true - loop: - - bin - - pkg - - src - -- name: Fetch Uchiwa from GitHub - tags: dashboard - command: go get github.com/sensu/uchiwa - environment: - GOPATH: "{{ sensu_uchiwa_path }}/go" - args: - creates: "{{ sensu_uchiwa_path }}/go/src/github.com/sensu/uchiwa" - notify: Build and deploy Uchiwa - become: true - become_user: "{{ sensu_user_name }}" - -- meta: flush_handlers - tags: dashboard - -- name: Deploy Uchiwa config - tags: dashboard - template: - src: uchiwa_config.json.j2 - dest: "{{ sensu_uchiwa_path }}/etc/config.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - notify: restart uchiwa service - -- name: Deploy Uchiwa service file - tags: dashboard - template: - src: uchiwa_openbsd.j2 - dest: "/usr/local/etc/rc.d/uchiwa" - mode: "0755" - -- name: Ensure Uchiwa server service is running - tags: dashboard - service: name=uchiwa state=started enabled=yes diff --git a/roles/sensu.sensu/tasks/OpenBSD/main.yml b/roles/sensu.sensu/tasks/OpenBSD/main.yml deleted file mode 100644 index c6c763a..0000000 --- a/roles/sensu.sensu/tasks/OpenBSD/main.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- -# tasks/OpenBSD/main.yml: OpenBSD specific set-up -# This takes care of base prerequisites for OpenBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: setup - -- name: Ensure the Sensu group is present - tags: setup - group: name={{ sensu_group_name }} state=present - -- name: Ensure the Sensu user is present - tags: setup - user: - name: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - shell: /bin/false - home: "{{ sensu_config_path }}" - createhome: true - state: present - -- name: Install prerequisite packages - tags: setup - openbsd_pkg: - name: "{{ item }}" - state: present - loop: - - bash - - ruby%2.3 - -- name: Get the current version of rubygems - tags: setup - shell: /usr/local/bin/gem23 --version - check_mode: no - register: gem23_version - changed_when: False - -- name: Update rubygems to work around rubygems/rubygems/issues/1448 - tags: setup - shell: /usr/local/bin/gem23 update --system - when: "{{ gem23_version.stdout | version_compare('2.5.3', '<') }}" - -- name: Install sensu gem and all of its dependencies - tags: setup - gem: - name: sensu - repository: "{{ sensu_gem_repository | default('https://api.rubygems.org/') }}" - user_install: no - version: "{{ sensu_gem_version }}" - executable: /usr/local/bin/gem23 - -- name: Create the sensu log folder - tags: setup - file: - path: /var/log/sensu - owner: root - group: wheel - state: directory - -- name: Deploy OpenBSD rc script - tags: setup - template: - src: sensuclient_openbsd.j2 - dest: /etc/rc.d/sensuclient - owner: root - group: wheel - mode: 0755 diff --git a/roles/sensu.sensu/tasks/OpenBSD/rabbit.yml b/roles/sensu.sensu/tasks/OpenBSD/rabbit.yml deleted file mode 100644 index 1437c3b..0000000 --- a/roles/sensu.sensu/tasks/OpenBSD/rabbit.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# tasks/OpenBSD/rabbit.yml: Deploy RabbitMQ -# Specific to OpenBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- name: Ensure RabbitMQ is installed - tags: rabbitmq - pkgng: - name: rabbitmq - state: "{{ sensu_rabbitmq_pkg_state }}" diff --git a/roles/sensu.sensu/tasks/OpenBSD/redis.yml b/roles/sensu.sensu/tasks/OpenBSD/redis.yml deleted file mode 100644 index 45f494c..0000000 --- a/roles/sensu.sensu/tasks/OpenBSD/redis.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -# tasks/OpenBSD/redis.yml: Deploy redis -# Specific to OpenBSD - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: redis - -- name: Ensure redis is installed - tags: redis - pkgng: - name: "{{ sensu_redis_pkg_name }}" - state: "{{ sensu_redis_pkg_state }}" - -- name: Ensure redis binds to accessible IP - tags: redis - lineinfile: - dest: /usr/local/etc/redis.conf - regexp: '^bind' - line: 'bind 0.0.0.0' - notify: restart redis service - -- meta: flush_handlers - tags: redis diff --git a/roles/sensu.sensu/tasks/OracleLinux b/roles/sensu.sensu/tasks/OracleLinux deleted file mode 120000 index d6b00a3..0000000 --- a/roles/sensu.sensu/tasks/OracleLinux +++ /dev/null @@ -1 +0,0 @@ -CentOS \ No newline at end of file diff --git a/roles/sensu.sensu/tasks/RedHat b/roles/sensu.sensu/tasks/RedHat deleted file mode 120000 index d6b00a3..0000000 --- a/roles/sensu.sensu/tasks/RedHat +++ /dev/null @@ -1 +0,0 @@ -CentOS \ No newline at end of file diff --git a/roles/sensu.sensu/tasks/SmartOS/client.yml b/roles/sensu.sensu/tasks/SmartOS/client.yml deleted file mode 100644 index 75748d1..0000000 --- a/roles/sensu.sensu/tasks/SmartOS/client.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# tasks/SmartOS/client.yml: Deploy various client-side configurations for Sensu -# Specific to Joyent SmartOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: client - -- name: Deploy Sensu client service manifest - tags: client - template: - dest: /opt/local/lib/svc/manifest/sensu-client.xml - src: sensu-client.smartos_smf_manifest.xml.j2 - owner: root - group: root - mode: 0644 - notify: - - import sensu-client service - - restart sensu-client service - -- meta: flush_handlers - tags: client diff --git a/roles/sensu.sensu/tasks/SmartOS/dashboard.yml b/roles/sensu.sensu/tasks/SmartOS/dashboard.yml deleted file mode 100644 index d4fad2e..0000000 --- a/roles/sensu.sensu/tasks/SmartOS/dashboard.yml +++ /dev/null @@ -1,96 +0,0 @@ ---- -# tasks/SmartOS/dashboard.yml: Deployment of the Uchiwa dashboard -# Specific to Joyent SmartOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: dashboard - -- name: Ensure Uchiwa (dashboard) dependencies are installed - tags: dashboard - pkgin: name=go state=present - -- name: Ensure Uchiwa directory exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - recurse: true - -- name: Ensure Uchiwa Go/config directory exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}/{{ item }}" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - recurse: true - loop: - - etc - - go - -- name: Ensure Uchiwa GOPATH exists - tags: dashboard - file: - dest: "{{ sensu_uchiwa_path }}/go/{{ item }}" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - state: directory - recurse: true - loop: - - bin - - pkg - - src - -- name: Fetch Uchiwa from GitHub - tags: dashboard - command: go get github.com/sensu/uchiwa - environment: - GOPATH: "{{ sensu_uchiwa_path }}/go" - args: - creates: "{{ sensu_uchiwa_path }}/go/src/github.com/sensu/uchiwa" - notify: Build and deploy Uchiwa - become: true - become_user: "{{ sensu_user_name }}" - -- meta: flush_handlers - tags: dashboard - -- name: Deploy Uchiwa config - tags: dashboard - template: - src: uchiwa_config.json.j2 - dest: "{{ sensu_uchiwa_path }}/etc/config.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - notify: restart uchiwa service - -- name: Deploy Uchiwa service script - tags: dashboard - template: - src: uchiwa.sh.j2 - dest: /opt/local/lib/svc/method/uchiwa - owner: root - group: root - mode: 0755 - notify: restart uchiwa service - -- name: Deploy Uchiwa service manifest - tags: dashboard - template: - dest: /opt/local/lib/svc/manifest/uchiwa.xml - src: uchiwa.smartos_smf_manifest.xml.j2 - owner: root - group: root - mode: 0644 - notify: import uchiwa service - -- meta: flush_handlers - tags: dashboard - -- name: Ensure Uchiwa server service is running - service: name=uchiwa state=started enabled=yes - tags: dashboard diff --git a/roles/sensu.sensu/tasks/SmartOS/main.yml b/roles/sensu.sensu/tasks/SmartOS/main.yml deleted file mode 100644 index ef3fcb5..0000000 --- a/roles/sensu.sensu/tasks/SmartOS/main.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# tasks/SmartOS/main.yml: "Set-up" playbook for sensu.sensu role -# This takes care of base prerequisites for Joyent SmartOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: setup - -- name: Ensure the Sensu group is present - tags: setup - group: name={{ sensu_group_name }} state=present - -- name: Ensure the Sensu user is present - tags: setup - user: - name: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - shell: /bin/false - home: "{{ sensu_config_path }}" - createhome: true - state: present - -- name: Ensure Sensu dependencies are installed - tags: setup - pkgin: name=build-essential,ruby21-base state=present - -- name: Ensure Sensu is installed - tags: setup - gem: name=sensu state={{ sensu_gem_state }} user_install=no - notify: - - restart sensu-client service - -- name: Ensure Sensu 'plugins' gem is installed - tags: setup - gem: name=sensu-plugin state={{ sensu_plugin_gem_state }} user_install=no diff --git a/roles/sensu.sensu/tasks/SmartOS/rabbit.yml b/roles/sensu.sensu/tasks/SmartOS/rabbit.yml deleted file mode 100644 index ea09994..0000000 --- a/roles/sensu.sensu/tasks/SmartOS/rabbit.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# tasks/SmartOS/rabbit.yml: Deploy RabbitMQ -# Specific to Joyent SmartOS - -- name: Ensure RabbitMQ is installed - tags: rabbitmq - pkgin: name=rabbitmq state=present - -- name: Ensure EPMD is running - tags: rabbitmq - service: - name: epmd - state: started - enabled: true diff --git a/roles/sensu.sensu/tasks/SmartOS/redis.yml b/roles/sensu.sensu/tasks/SmartOS/redis.yml deleted file mode 100644 index 7b15fce..0000000 --- a/roles/sensu.sensu/tasks/SmartOS/redis.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# tasks/SmartOS/redis.yml: Deploy redis -# Specific to Ubuntu - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: redis - -- name: Ensure redis is installed - tags: redis - pkgin: name=redis state={{ sensu_redis_pkg_state }} diff --git a/roles/sensu.sensu/tasks/SmartOS/server.yml b/roles/sensu.sensu/tasks/SmartOS/server.yml deleted file mode 100644 index da98d43..0000000 --- a/roles/sensu.sensu/tasks/SmartOS/server.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# tasks/SmartOS/server.yml: Deploy the necessary configuration for -# a Sensu 'master' node. -# Specific to SmartOS - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: server - -- name: Deploy Sensu server service manifest - tags: server - template: - dest: /opt/local/lib/svc/manifest/sensu-server.xml - src: sensu-server.smartos_smf_manifest.xml.j2 - owner: root - group: root - mode: 0644 - notify: import sensu-server service - -- name: Deploy Sensu API service manifest - tags: server - template: - dest: /opt/local/lib/svc/manifest/sensu-api.xml - src: sensu-api.smartos_smf_manifest.xml.j2 - owner: root - group: root - mode: 0644 - notify: import sensu-api service - -- meta: flush_handlers - tags: server diff --git a/roles/sensu.sensu/tasks/Ubuntu/dashboard.yml b/roles/sensu.sensu/tasks/Ubuntu/dashboard.yml deleted file mode 100644 index 39591ee..0000000 --- a/roles/sensu.sensu/tasks/Ubuntu/dashboard.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# tasks/Ubuntu/dashboard.yml: Deployment of the Uchiwa dashboard -# Specific to Ubuntu - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: dashboard - -- name: Install Uchiwa - tags: dashboard - apt: - name: uchiwa - state: present - -- name: Deploy Uchiwa config - tags: dashboard - template: - src: uchiwa_config.json.j2 - dest: "{{ sensu_config_path }}/uchiwa.json" - notify: restart uchiwa service diff --git a/roles/sensu.sensu/tasks/Ubuntu/main.yml b/roles/sensu.sensu/tasks/Ubuntu/main.yml deleted file mode 100644 index 62618bd..0000000 --- a/roles/sensu.sensu/tasks/Ubuntu/main.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -# tasks/Ubuntu/main.yml: Ubuntu specific set-up -# This takes care of base prerequisites for Ubuntu - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: setup - -- name: Ensure that https transport is ready - tags: setup - apt: - name: apt-transport-https - state: present - cache_valid_time: 3600 - update_cache: true - -- name: Ensure the Sensu APT repo GPG key is present - tags: setup - apt_key: - url: "{{ sensu_apt_key_url }}" - state: present - -- name: Ensure the Sensu Core APT repo is present - tags: setup - apt_repository: - repo: "{{ sensu_apt_repo_url }}" - state: present - update_cache: true - -- name: Ensure Sensu is installed - tags: setup - apt: - name: "{{ sensu_package }}" - state: "{{ sensu_pkg_state }}" diff --git a/roles/sensu.sensu/tasks/Ubuntu/rabbit.yml b/roles/sensu.sensu/tasks/Ubuntu/rabbit.yml deleted file mode 100644 index 8e2b5a5..0000000 --- a/roles/sensu.sensu/tasks/Ubuntu/rabbit.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -# tasks/Ubuntu/rabbit.yml: Deploy RabbitMQ -# Specific to Ubuntu - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- name: Ensure the RabbitMQ APT repo GPG key is present - tags: rabbitmq - apt_key: - url: "{{ sensu_rabbitmq_signing_key }}" - state: present - -- name: Ensure the RabbitMQ APT repo is present - tags: rabbitmq - apt_repository: - repo: "{{ sensu_rabbitmq_repo }}" - filename: rabbitmq - state: present - update_cache: true - -- name: Ensure Erlang APT preferences is configured - tags: rabbitmq - template: - src: erlang-apt-preferences.j2 - dest: /etc/apt/preferences.d/erlang - owner: root - group: root - mode: 0755 - -- name: Ensure the Erlang APT repo GPG key is present - tags: rabbitmq - apt_key: - url: "{{ sensu_rabbitmq_erlang_signing_key }}" - state: present - -- name: Ensure the Erlang APT repo is present - tags: rabbitmq - apt_repository: - repo: "{{ sensu_rabbitmq_erlang_repo }}" - filename: erlang - state: present - update_cache: true - -- name: Ensure RabbitMQ is installed - tags: rabbitmq - apt: - name: rabbitmq-server - state: "{{ sensu_rabbitmq_pkg_state }}" - cache_valid_time: 600 - update_cache: true diff --git a/roles/sensu.sensu/tasks/Ubuntu/redis.yml b/roles/sensu.sensu/tasks/Ubuntu/redis.yml deleted file mode 100644 index 9dc82ec..0000000 --- a/roles/sensu.sensu/tasks/Ubuntu/redis.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -# tasks/Ubuntu/redis.yml: Deploy redis -# Specific to Ubuntu - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - -- name: Ensure redis is installed - apt: - name: "{{ sensu_redis_pkg_name }}" - state: "{{ sensu_redis_pkg_state }}" - update_cache: true - register: sensu_ubuntu_redis_install - - # BUG: On Ubuntu 14.04, when first installed, redis, will be started - # however, the /var/run/redis/redis-server.pid file gets lost during the restart - # causing the process to be orphaned from the init system. - # We manually stop it right after install to account for this. -- name: Stop redis manually - shell: kill $(pgrep redis-server) - when: - - sensu_ubuntu_redis_install is changed - - ansible_distribution_version == '14.04' - -- name: Ensure redis binds to accessible IP - lineinfile: - dest: /etc/redis/redis.conf - regexp: '^bind' - line: 'bind 0.0.0.0' - notify: restart redis service - -- meta: flush_handlers diff --git a/roles/sensu.sensu/tasks/client.yml b/roles/sensu.sensu/tasks/client.yml deleted file mode 100644 index 417da15..0000000 --- a/roles/sensu.sensu/tasks/client.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -# tasks/client.yml: Deploy various client-side configurations for Sensu - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: client - -- name: Deploy Sensu client service configuration - tags: client - template: - dest: "{{ sensu_config_path }}/conf.d/client.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - src: "{{ sensu_client_config }}" - mode: "0640" - notify: restart sensu-client service - -- include_tasks: "{{ role_path }}/tasks/SmartOS/client.yml" - tags: client - when: ansible_distribution == "SmartOS" - -- name: Ensure Sensu client service is running - tags: client - service: - name: "{{ sensu_client_service_name }}" - state: started - enabled: yes diff --git a/roles/sensu.sensu/tasks/common.yml b/roles/sensu.sensu/tasks/common.yml deleted file mode 100644 index a928290..0000000 --- a/roles/sensu.sensu/tasks/common.yml +++ /dev/null @@ -1,57 +0,0 @@ ---- -# tasks/common.yml: Deploy configurations common to client and server for Sensu - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - -- name: Ensure the Sensu config directory is present - file: - dest: "{{ sensu_config_path }}/conf.d" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - mode: "0555" - -- name: Deploy Sensu Redis configuration - template: - dest: "{{ sensu_config_path }}/conf.d/redis.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - src: "{{ sensu_redis_config }}" - mode: "0640" - when: sensu_deploy_redis_config - notify: - - restart sensu-server service - - restart sensu-api service - - restart sensu-enterprise service - - restart sensu-client service - -- name: Deploy Sensu RabbitMQ configuration - template: - dest: "{{ sensu_config_path }}/conf.d/rabbitmq.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - src: "{{ sensu_rabbitmq_config }}" - mode: "0640" - when: sensu_transport == "rabbitmq" - and sensu_deploy_rabbitmq_config - notify: - - restart sensu-server service - - restart sensu-api service - - restart sensu-enterprise service - - restart sensu-client service - -- name: Deploy Sensu transport configuration - template: - dest: "{{ sensu_config_path }}/conf.d/transport.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - src: transport.json.j2 - mode: "0640" - when: sensu_deploy_transport_config - notify: - - restart sensu-server service - - restart sensu-api service - - restart sensu-enterprise service - - restart sensu-client service diff --git a/roles/sensu.sensu/tasks/dashboard.yml b/roles/sensu.sensu/tasks/dashboard.yml deleted file mode 100644 index 7b64523..0000000 --- a/roles/sensu.sensu/tasks/dashboard.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# tasks/dashboard.yml: Deployment of the Uchiwa dashboard -- name: Include ansible_distribution vars - include_tasks: "{{ role_path }}/tasks/{{ ansible_distribution }}/dashboard.yml" - tags: dashboard - -- name: Ensure Uchiwa/Sensu Enterprise Dashboard server service is running - tags: dashboard - service: - name: "{{ uchiwa_service_name if not se_enterprise else sensu_enterprise_dashboard_service_name }}" - state: started - enabled: yes diff --git a/roles/sensu.sensu/tasks/main.yml b/roles/sensu.sensu/tasks/main.yml deleted file mode 100644 index 3a4f805..0000000 --- a/roles/sensu.sensu/tasks/main.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -# tasks/main.yml: "Master" playbook for the sensu.sensu role - -- name: Include distribution specific variables - include_vars: - file: "{{ ansible_distribution }}.yml" - -- include_tasks: "{{ role_path }}/tasks/{{ ansible_distribution }}/main.yml" - tags: setup - when: sensu_master - or sensu_client - -- import_tasks: "redis.yml" - tags: redis - when: sensu_redis_server - and sensu_deploy_redis_server - -- import_tasks: "ssl.yml" - tags: ssl - -- import_tasks: "rabbit.yml" - tags: rabbitmq - when: sensu_rabbitmq_server - and sensu_deploy_rabbitmq_server - -- import_tasks: "common.yml" - tags: common - when: sensu_master - or sensu_client - -- import_tasks: "server.yml" - tags: server - when: sensu_master - -- import_tasks: "dashboard.yml" - tags: dashboard - when: sensu_include_dashboard - -- import_tasks: "client.yml" - tags: client - when: sensu_client - -- import_tasks: "plugins.yml" - tags: plugins - when: sensu_include_plugins diff --git a/roles/sensu.sensu/tasks/plugins.yml b/roles/sensu.sensu/tasks/plugins.yml deleted file mode 100644 index f5bd81b..0000000 --- a/roles/sensu.sensu/tasks/plugins.yml +++ /dev/null @@ -1,152 +0,0 @@ ---- -# tasks/plugins.yml: Deploy available checks/plugins/handlers/filters/mutators - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - -- name: Ensure Sensu plugin directory exists - file: - dest: "{{ sensu_config_path }}/plugins" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - -- name: Ensure local directories exist - file: - state: directory - dest: "{{ static_data_store }}/sensu/{{ item }}" - delegate_to: localhost - become: no - run_once: true - loop: - - checks - - filters - - handlers - - mutators - - definitions - - client_definitions - - client_templates - -- name: Ensure any remote plugins defined are present - shell: umask 0022; sensu-install -p {{ item }} - loop: "{{ sensu_remote_plugins }}" - changed_when: false - when: sensu_remote_plugins | length > 0 - -- name: Register available checks - command: "ls {{ static_data_store }}/sensu/checks" - delegate_to: localhost - register: sensu_available_checks - changed_when: false - become: false - run_once: true - -- name: Deploy check plugins - copy: - src: "{{ static_data_store }}/sensu/checks/{{ item }}/" - dest: "{{ sensu_config_path }}/plugins/" - mode: 0755 - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - when: - - sensu_available_checks is defined - - sensu_available_checks is not skipped - - item in sensu_available_checks.stdout_lines - loop: "{{ group_names|flatten }}" - notify: restart sensu-client service - -- name: Deploy handler plugins - copy: - src: "{{ static_data_store }}/sensu/handlers/" - dest: "{{ sensu_config_path }}/plugins/" - mode: 0755 - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - notify: restart sensu-client service - -- name: Deploy filter plugins - copy: - src: "{{ static_data_store }}/sensu/filters/" - dest: "{{ sensu_config_path }}/plugins/" - mode: 0755 - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - notify: restart sensu-client service - -- name: Deploy mutator plugins - copy: - src: "{{ static_data_store }}/sensu/mutators/" - dest: "{{ sensu_config_path }}/plugins/" - mode: 0755 - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - notify: restart sensu-client service - -- name: Deploy check/handler/filter/mutator definitions to the master - template: - src: "{{ item }}" - dest: "{{ sensu_config_path }}/conf.d/{{ item | basename | regex_replace('.j2', '') }}" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - when: sensu_master - with_fileglob: - - "{{ static_data_store }}/sensu/definitions/*" - notify: - - restart sensu-server service - - restart sensu-api service - - restart sensu-enterprise service - -- name: Register available client definitions - command: "ls {{ static_data_store }}/sensu/client_definitions" - delegate_to: localhost - register: sensu_available_client_definitions - changed_when: false - become: false - run_once: true - -- name: Deploy client definitions - copy: - src: "{{ static_data_store }}/sensu/client_definitions/{{ item }}/" - dest: "{{ sensu_config_path }}/conf.d/{{ item | basename | regex_replace('.j2', '') }}" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - when: - - sensu_available_client_definitions is defined - - sensu_available_client_definitions is not skipped - - item in sensu_available_client_definitions.stdout_lines - loop: "{{ group_names|flatten }}" - notify: restart sensu-client service - -- name: Register available client templates - command: "ls {{ static_data_store }}/sensu/client_templates" - delegate_to: localhost - register: sensu_available_client_templates - changed_when: false - become: false - run_once: true - -- name: Deploy client template folders - file: - path: '{{ sensu_config_path }}/conf.d/{{ item | basename }}' - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - when: - - sensu_available_client_templates is defined - - sensu_available_client_templates is not skipped - - item in sensu_available_client_templates.stdout_lines - loop: "{{ group_names|flatten }}" - notify: restart sensu-client service - -- name: Deploy client templates - template: - src: "{{ static_data_store }}/sensu/client_templates/{{ item.path | dirname }}/{{ item.path | basename }}" - dest: "{{ sensu_config_path }}/conf.d/{{ item.path | dirname }}/{{ item.path | basename | regex_replace('.j2', '') }}" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - with_filetree: "{{ static_data_store }}/sensu/client_templates" - when: - - item.state == 'file' - - item.path | dirname in group_names - notify: restart sensu-client service diff --git a/roles/sensu.sensu/tasks/rabbit.yml b/roles/sensu.sensu/tasks/rabbit.yml deleted file mode 100644 index aebe60a..0000000 --- a/roles/sensu.sensu/tasks/rabbit.yml +++ /dev/null @@ -1,76 +0,0 @@ ---- -# tasks/rabbit.yml: Deploy RabbitMQ and set-up vhost for Sensu messaging - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: rabbitmq - -- include_tasks: "{{ ansible_distribution }}/rabbit.yml" - tags: rabbitmq - -- name: Ensure RabbitMQ SSL directory exists - tags: rabbitmq - file: - dest: "{{ sensu_rabbitmq_config_path }}/ssl" - state: directory - -- name: Ensure RabbitMQ SSL certs/keys are in place - tags: rabbitmq - copy: - src: "{{ item.src }}" - dest: "{{ sensu_rabbitmq_config_path }}/ssl/{{ item.dest }}" - remote_src: "{{ sensu_ssl_deploy_remote_src }}" - loop: - - { src: "{{ sensu_ssl_server_cacert }}", dest: cacert.pem } - - { src: "{{ sensu_ssl_server_cert }}", dest: cert.pem } - - { src: "{{ sensu_ssl_server_key }}", dest: key.pem } - notify: - - restart rabbitmq service - - restart sensu-api service - - restart sensu-server service - - restart sensu-enterprise service - when: sensu_ssl_manage_certs - -- name: Deploy RabbitMQ config - tags: rabbitmq - template: - dest: "{{ sensu_rabbitmq_config_path }}/rabbitmq.config" - src: "{{ sensu_rabbitmq_config_template }}" - owner: root - group: "{{ __root_group }}" - mode: 0644 - notify: restart rabbitmq service - -- name: Ensure RabbitMQ is running - tags: rabbitmq - service: - name: "{{ sensu_rabbitmq_service_name }}" - state: started - enabled: true - register: sensu_rabbitmq_state - -- name: Wait for RabbitMQ to be up and running before asking to create a vhost - tags: rabbitmq - pause: - seconds: 3 - when: sensu_rabbitmq_state is changed - -- block: - - name: Ensure Sensu RabbitMQ vhost exists - rabbitmq_vhost: - name: "{{ sensu_rabbitmq_vhost }}" - state: present - - - name: Ensure Sensu RabbitMQ user has access to the Sensu vhost - rabbitmq_user: - user: "{{ sensu_rabbitmq_user_name }}" - password: "{{ sensu_rabbitmq_password }}" - vhost: "{{ sensu_rabbitmq_vhost }}" - configure_priv: .* - read_priv: .* - write_priv: .* - state: present - become: true - become_user: rabbitmq - tags: rabbitmq diff --git a/roles/sensu.sensu/tasks/redis.yml b/roles/sensu.sensu/tasks/redis.yml deleted file mode 100644 index 44554b0..0000000 --- a/roles/sensu.sensu/tasks/redis.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# tasks/redis.yml: Deploy redis - -- name: Include ansible_distribution vars - include_tasks: "{{ role_path }}/tasks/{{ ansible_distribution }}/redis.yml" - tags: redis - -- name: Ensure redis is running - tags: redis - service: - name: "{{ sensu_redis_service_name }}" - pattern: /usr/bin/redis-server - state: started - enabled: true diff --git a/roles/sensu.sensu/tasks/server.yml b/roles/sensu.sensu/tasks/server.yml deleted file mode 100644 index 3466b7e..0000000 --- a/roles/sensu.sensu/tasks/server.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -# tasks/server.yml: Deploy Sensu Server/API - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - tags: server - -- name: Deploy Sensu server API configuration - tags: server - template: - dest: "{{ sensu_config_path }}/conf.d/api.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - src: sensu-api.json.j2 - notify: restart sensu-api service - -- name: Deploy Tessen server configuratiuon - tags: server - template: - dest: "{{ sensu_config_path }}/conf.d/tessen.json" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - src: sensu-tessen.json.j2 - notify: restart sensu-server service - -- include_tasks: "{{ role_path }}/tasks/SmartOS/server.yml" - tags: server - when: ansible_distribution == "SmartOS" - -- name: Ensure Sensu server service is running - tags: server - service: - name: "{{ sensu_server_service_name if not se_enterprise else sensu_enterprise_service_name }}" - state: started - enabled: yes - -- name: Ensure Sensu API service is running - tags: server - service: - name: sensu-api - state: started - enabled: yes - when: not se_enterprise diff --git a/roles/sensu.sensu/tasks/ssl.yml b/roles/sensu.sensu/tasks/ssl.yml deleted file mode 100644 index 51c82f1..0000000 --- a/roles/sensu.sensu/tasks/ssl.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# tasks/ssl.yml: Deploy the client SSL cert/key to client systems - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - -- name: Ensure Sensu SSL directory exists - file: - dest: "{{ sensu_config_path }}/ssl" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - when: sensu_ssl_manage_certs - -- include_tasks: "{{ role_path }}/tasks/ssl_generate.yml" - when: sensu_ssl_gen_certs - -- name: Deploy the Sensu client SSL cert/key - copy: - src: "{{ item.src }}" - owner: "{{ sensu_user_name }}" - remote_src: "{{ sensu_ssl_deploy_remote_src }}" - group: "{{ sensu_group_name }}" - dest: "{{ sensu_config_path }}/ssl/{{ item.dest }}" - mode: " {{ item.perm }}" - loop: - - {src: "{{ sensu_ssl_client_cert }}", dest: cert.pem, perm: "0640" } - - {src: "{{ sensu_ssl_client_key }}", dest: key.pem, perm: "0640" } - notify: restart sensu-client service - when: sensu_ssl_manage_certs diff --git a/roles/sensu.sensu/tasks/ssl_generate.yml b/roles/sensu.sensu/tasks/ssl_generate.yml deleted file mode 100644 index 0a27bcd..0000000 --- a/roles/sensu.sensu/tasks/ssl_generate.yml +++ /dev/null @@ -1,129 +0,0 @@ ---- -# tasks/ssl_generate.yml: Generate SSL data and stash to dynamic -# data store for deployment to clients - -- name: Include ansible_distribution vars - include_vars: - file: "{{ ansible_distribution }}.yml" - -- name: Ensure OpenSSL is installed - package: - name: openssl - state: present - -- name: Ensure SSL generation directory exists - file: - dest: "{{ sensu_config_path }}/{{ item }}" - state: directory - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - when: sensu_master - loop: - - ssl_generation - - ssl_generation/sensu_ssl_tool - - ssl_generation/sensu_ssl_tool/client - - ssl_generation/sensu_ssl_tool/server - - ssl_generation/sensu_ssl_tool/sensu_ca - - ssl_generation/sensu_ssl_tool/sensu_ca/private - - ssl_generation/sensu_ssl_tool/sensu_ca/certs - -- name: Ensure OpenSSL configuration is in place - template: - src: openssl.cnf.j2 - dest: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca/openssl.cnf" - owner: "{{ sensu_user_name }}" - group: "{{ sensu_group_name }}" - when: sensu_master - -- block: - - name: Ensure the Sensu CA serial configuration - shell: 'echo 01 > sensu_ca/serial' - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca/serial" - register: sensu_ca_new_serial - - - name: Ensure sensu_ca/index.txt exists - file: - dest: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca/index.txt" - state: touch - when: sensu_ca_new_serial is changed - - # TODO: The following mirrors the commands used in sensu_ssl_tool/ssl_certs.sh - # from the 1.3 version of the script. Ideally, this moves into the native openssl_* modules. - # See https://docs.sensu.io/sensu-core/1.3/reference/ssl/#reference-documentation for limitations and further instructions - - name: Generate Sensu CA certificate - command: openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 1825 -out cacert.pem -outform PEM -subj /CN=SensuCA/ -nodes - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca/cacert.pem" - - - name: Generate CA cert - command: openssl x509 -in cacert.pem -out cacert.cer -outform DER - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca/cacert.cer" - - - name: Generate server keys - command: openssl genrsa -out key.pem 2048 - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server/key.pem" - - - name: Generate server certificate signing request - command: openssl req -new -key key.pem -out req.pem -outform PEM -subj /CN=sensu/O=server/ -nodes - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server/req.pem" - - - name: Sign the server certificate - command: openssl ca -config openssl.cnf -in ../server/req.pem -out ../server/cert.pem -notext -batch -extensions server_ca_extensions - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server/cert.pem" - - - name: Convert server certificate and key to PKCS12 formart - command: openssl pkcs12 -export -out keycert.p12 -in cert.pem -inkey key.pem -passout pass:secret - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/server/keycert.p12" - - - name: Generate client key - command: openssl genrsa -out key.pem 2048 - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/client" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/client/key.pem" - - - name: Generate client certificate signing request - command: openssl req -new -key key.pem -out req.pem -outform PEM -subj /CN=sensu/O=client/ -nodes - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/client" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/client/req.pem" - - - name: Sign the client certificate - command: openssl ca -config openssl.cnf -in ../client/req.pem -out ../client/cert.pem -notext -batch -extensions client_ca_extensions - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/sensu_ca" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/client/cert.pem" - - - name: Convert client key/certificate to PKCS12 format - command: openssl pkcs12 -export -out keycert.p12 -in cert.pem -inkey key.pem -passout pass:secret - args: - chdir: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/client" - creates: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/client/keycert.p12" - - when: sensu_master|bool - become: true - become_user: "{{ sensu_user_name }}" - -- name: Stash the Sensu SSL certs/keys - fetch: - src: "{{ sensu_config_path }}/ssl_generation/sensu_ssl_tool/{{ item }}" - dest: "{{ dynamic_data_store }}" - when: sensu_master - loop: - - sensu_ca/cacert.pem - - server/cert.pem - - server/key.pem - - client/cert.pem - - client/key.pem diff --git a/roles/sensu.sensu/templates/client.json.j2 b/roles/sensu.sensu/templates/client.json.j2 deleted file mode 100644 index ab57f1d..0000000 --- a/roles/sensu.sensu/templates/client.json.j2 +++ /dev/null @@ -1,15 +0,0 @@ -{ - "client": { - "name": "{{ sensu_client_name }}", - "address": "{{ ansible_default_ipv4['address'] }}", - "subscriptions": {{ sensu_client_subscriptions | to_nice_json(indent=6) }}, - "keepalive": { - "handlers": {{ sensu_client_keepalive_handlers | to_nice_json(indent=8) }}, - "thresholds": { - "warning": {{ sensu_client_keepalive_threshold_warning }}, - "critical": {{ sensu_client_keepalive_threshold_critical }} - } - }, - "safe_mode": {{ sensu_client_safe_mode | bool | lower }} - } -} diff --git a/roles/sensu.sensu/templates/erlang-apt-preferences.j2 b/roles/sensu.sensu/templates/erlang-apt-preferences.j2 deleted file mode 100644 index 8e4a4c0..0000000 --- a/roles/sensu.sensu/templates/erlang-apt-preferences.j2 +++ /dev/null @@ -1,4 +0,0 @@ -{{ ansible_managed | comment }} -Package: {{ sensu_erlang_pin_package }} -Pin: version {{ sensu_erlang_pin_version }} -Pin-Priority: 1000 diff --git a/roles/sensu.sensu/templates/openssl.cnf.j2 b/roles/sensu.sensu/templates/openssl.cnf.j2 deleted file mode 100644 index fc877d3..0000000 --- a/roles/sensu.sensu/templates/openssl.cnf.j2 +++ /dev/null @@ -1,56 +0,0 @@ -{{ ansible_managed | comment }} -# Source: http://docs.sensu.io/sensu-core/1.3/files/sensu_ssl_tool.tar - -[ ca ] -default_ca = sensu_ca - -[ sensu_ca ] -dir = . -certificate = $dir/cacert.pem -database = $dir/index.txt -new_certs_dir = $dir/certs -private_key = $dir/private/cakey.pem -serial = $dir/serial - -default_crl_days = 7 -default_days = 1825 -default_md = sha1 - -policy = sensu_ca_policy -x509_extensions = certificate_extensions - -[ sensu_ca_policy ] -commonName = supplied -stateOrProvinceName = optional -countryName = optional -emailAddress = optional -organizationName = optional -organizationalUnitName = optional - -[ certificate_extensions ] -basicConstraints = CA:false - -[ req ] -default_bits = 2048 -default_keyfile = ./private/cakey.pem -default_md = sha1 -prompt = yes -distinguished_name = root_ca_distinguished_name -x509_extensions = root_ca_extensions - -[ root_ca_distinguished_name ] -commonName = sensu - -[ root_ca_extensions ] -basicConstraints = CA:true -keyUsage = keyCertSign, cRLSign - -[ client_ca_extensions ] -basicConstraints = CA:false -keyUsage = digitalSignature -extendedKeyUsage = 1.3.6.1.5.5.7.3.2 - -[ server_ca_extensions ] -basicConstraints = CA:false -keyUsage = keyEncipherment -extendedKeyUsage = 1.3.6.1.5.5.7.3.1 diff --git a/roles/sensu.sensu/templates/rabbitmq.config.j2 b/roles/sensu.sensu/templates/rabbitmq.config.j2 deleted file mode 100644 index 1388564..0000000 --- a/roles/sensu.sensu/templates/rabbitmq.config.j2 +++ /dev/null @@ -1,16 +0,0 @@ -[ - {rabbit, [ - {% if sensu_rabbitmq_enable_ssl %} - {ssl_listeners, [{{ sensu_rabbitmq_port }}]}, - {ssl_options, [{cacertfile,"{{ sensu_rabbitmq_config_path }}/ssl/cacert.pem"}, - {certfile,"{{ sensu_rabbitmq_config_path }}/ssl/cert.pem"}, - {keyfile,"{{ sensu_rabbitmq_config_path }}/ssl/key.pem"}, - {verify,verify_peer}, - {versions, ['tlsv1.2']}, - {ciphers, [{rsa,aes_256_cbc,sha256}]}, - {fail_if_no_peer_cert,true}]} - {% else %} - {tcp_listeners, [{{ sensu_rabbitmq_port }}]} - {% endif %} - ]} -]. diff --git a/roles/sensu.sensu/templates/sensu-api.json.j2 b/roles/sensu.sensu/templates/sensu-api.json.j2 deleted file mode 100644 index dfcb373..0000000 --- a/roles/sensu.sensu/templates/sensu-api.json.j2 +++ /dev/null @@ -1,10 +0,0 @@ -{ - "api": { - {% if sensu_api_user_name %} - "user": "{{ sensu_api_user_name }}", - "password": "{{ sensu_api_password }}", - {% endif %} - "host": "{{ sensu_api_host }}", - "port": {{ sensu_api_port }} - } -} diff --git a/roles/sensu.sensu/templates/sensu-api.smartos_smf_manifest.xml.j2 b/roles/sensu.sensu/templates/sensu-api.smartos_smf_manifest.xml.j2 deleted file mode 100644 index b587f54..0000000 --- a/roles/sensu.sensu/templates/sensu-api.smartos_smf_manifest.xml.j2 +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/roles/sensu.sensu/templates/sensu-client.smartos_smf_manifest.xml.j2 b/roles/sensu.sensu/templates/sensu-client.smartos_smf_manifest.xml.j2 deleted file mode 100644 index 5a4e1b4..0000000 --- a/roles/sensu.sensu/templates/sensu-client.smartos_smf_manifest.xml.j2 +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/roles/sensu.sensu/templates/sensu-freebsd-repo.conf.j2 b/roles/sensu.sensu/templates/sensu-freebsd-repo.conf.j2 deleted file mode 100644 index 59c0acf..0000000 --- a/roles/sensu.sensu/templates/sensu-freebsd-repo.conf.j2 +++ /dev/null @@ -1,5 +0,0 @@ -sensu: { - url: "{{ sensu_freebsd_url }}", - enabled: true, - mirror_type: "http" -} diff --git a/roles/sensu.sensu/templates/sensu-rabbitmq.json.j2 b/roles/sensu.sensu/templates/sensu-rabbitmq.json.j2 deleted file mode 100644 index 0063439..0000000 --- a/roles/sensu.sensu/templates/sensu-rabbitmq.json.j2 +++ /dev/null @@ -1,15 +0,0 @@ -{ - "rabbitmq": { - {% if sensu_rabbitmq_enable_ssl %} - "ssl": { - "cert_chain_file": "{{ sensu_config_path }}/ssl/cert.pem", - "private_key_file": "{{ sensu_config_path }}/ssl/key.pem" - }, - {% endif %} - "host": "{{ sensu_rabbitmq_host }}", - "port": {{ sensu_rabbitmq_port }}, - "vhost": "{{ sensu_rabbitmq_vhost }}", - "user": "{{ sensu_rabbitmq_user_name }}", - "password": "{{ sensu_rabbitmq_password }}" - } -} diff --git a/roles/sensu.sensu/templates/sensu-redis.json.j2 b/roles/sensu.sensu/templates/sensu-redis.json.j2 deleted file mode 100644 index 6b98b89..0000000 --- a/roles/sensu.sensu/templates/sensu-redis.json.j2 +++ /dev/null @@ -1,14 +0,0 @@ -{ - "redis": { -{% if sensu_redis_password %} - "password": "{{ sensu_redis_password }}", -{% endif %} -{% if sensu_redis_sentinels %} - "sentinels": {{ sensu_redis_sentinels | to_nice_json }}, - "master": "{{ sensu_redis_master_name }}" -{% else %} - "host": "{{ sensu_redis_host }}", - "port": {{ sensu_redis_port }} -{% endif %} - } -} diff --git a/roles/sensu.sensu/templates/sensu-server.smartos_smf_manifest.xml.j2 b/roles/sensu.sensu/templates/sensu-server.smartos_smf_manifest.xml.j2 deleted file mode 100644 index 238267d..0000000 --- a/roles/sensu.sensu/templates/sensu-server.smartos_smf_manifest.xml.j2 +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/roles/sensu.sensu/templates/sensu-tessen.json.j2 b/roles/sensu.sensu/templates/sensu-tessen.json.j2 deleted file mode 100644 index 250c45a..0000000 --- a/roles/sensu.sensu/templates/sensu-tessen.json.j2 +++ /dev/null @@ -1,5 +0,0 @@ -{ - "tessen": { - "enabled": {{ sensu_enable_tessen | bool | lower }} - } -} diff --git a/roles/sensu.sensu/templates/sensu_enterprise_dashboard_config.json.j2 b/roles/sensu.sensu/templates/sensu_enterprise_dashboard_config.json.j2 deleted file mode 100644 index 928ba24..0000000 --- a/roles/sensu.sensu/templates/sensu_enterprise_dashboard_config.json.j2 +++ /dev/null @@ -1,19 +0,0 @@ -{ - "sensu": [ - { - "name": "{{ sensu_uchiwa_dc_name }}", - "host": "{{ sensu_api_host }}", - "ssl": {{ sensu_api_ssl }}, - "port": {{ sensu_uchiwa_api_port }}, - "user": "{{ sensu_api_user_name }}", - "pass": "{{ sensu_api_password }}", - "path": "{{ sensu_api_uchiwa_path }}", - "timeout": {{ sensu_api_timeout }} - } - ], - "dashboard": { - "users": {{ sensu_uchiwa_users | to_nice_json }}, - "port": {{ sensu_uchiwa_port }}, - "refresh": {{ sensu_uchiwa_refresh }} - } -} diff --git a/roles/sensu.sensu/templates/sensuclient_openbsd.j2 b/roles/sensu.sensu/templates/sensuclient_openbsd.j2 deleted file mode 100644 index c4e988f..0000000 --- a/roles/sensu.sensu/templates/sensuclient_openbsd.j2 +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh - -daemon="/usr/local/bin/sensu-client" - -daemon_flags="-b -c {{ sensu_config_path }}/conf.json -d {{ sensu_config_path }}/conf.d -e {{ sensu_config_path }}/extensions -p /var/run/sensu-client.pid -l /var/log/sensu/sensu-client.log -L info" - -. /etc/rc.d/rc.subr - -rc_reload="NO" - -pexp="/usr/local/bin/ruby23 /usr/local/bin/sensu-client.*" - -rc_cmd $1 diff --git a/roles/sensu.sensu/templates/transport.json.j2 b/roles/sensu.sensu/templates/transport.json.j2 deleted file mode 100644 index b0bfff2..0000000 --- a/roles/sensu.sensu/templates/transport.json.j2 +++ /dev/null @@ -1,6 +0,0 @@ -{ - "transport": { - "name": "{{ sensu_transport }}", - "reconnect_on_error": true - } -} diff --git a/roles/sensu.sensu/templates/uchiwa.sh.j2 b/roles/sensu.sensu/templates/uchiwa.sh.j2 deleted file mode 100644 index 237eee0..0000000 --- a/roles/sensu.sensu/templates/uchiwa.sh.j2 +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -PATH=/opt/local/bin:/opt/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin -export PATH - -set -o errexit -set -o xtrace - -. /lib/svc/share/smf_include.sh - -HOME={{ sensu_uchiwa_path }} -UCHIWA_PATH=${HOME}/go/src/github.com/sensu/uchiwa -UCHIWA_USER={{ sensu_user_name }} - -if [ ! -d $HOME ]; then - echo "No directory found at: $HOME" -fi - -if [ ! -f $HOME/etc/config.json ]; then - echo "No Uchiwa config found at: ${HOME}/config.json" -fi - -cd $UCHIWA_PATH -${HOME}/go/bin/uchiwa -c ${HOME}/etc/config.json & -exit ${SMF_EXIT_OK} diff --git a/roles/sensu.sensu/templates/uchiwa.smartos_smf_manifest.xml.j2 b/roles/sensu.sensu/templates/uchiwa.smartos_smf_manifest.xml.j2 deleted file mode 100644 index 726c30d..0000000 --- a/roles/sensu.sensu/templates/uchiwa.smartos_smf_manifest.xml.j2 +++ /dev/null @@ -1,32 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/roles/sensu.sensu/templates/uchiwa_config.json.j2 b/roles/sensu.sensu/templates/uchiwa_config.json.j2 deleted file mode 100644 index d32c8f1..0000000 --- a/roles/sensu.sensu/templates/uchiwa_config.json.j2 +++ /dev/null @@ -1,29 +0,0 @@ -{ - "sensu": [ - { - "name": "{{ sensu_uchiwa_dc_name }}", - "host": "{{ sensu_api_host }}", - "ssl": {{ sensu_api_ssl | lower }}, - "port": {{ sensu_uchiwa_api_port }}, - {% if sensu_api_user_name %} - "user": "{{ sensu_api_user_name }}", - "pass": "{{ sensu_api_password }}", - {% endif %} - "path": "{{ sensu_api_uchiwa_path }}", - "timeout": {{ sensu_api_timeout }} - } - ], - "uchiwa": { - {% if sensu_uchiwa_users %} - "users": {{ sensu_uchiwa_users | to_nice_json }}, - {% endif %} - "port": {{ sensu_uchiwa_port }}, - {% if sensu_uchiwa_auth_privatekey %} - "auth": { - "privatekey": "{{ sensu_uchiwa_auth_privatekey }}", - "publickey": "{{ sensu_uchiwa_auth_publickey }}" - }, - {% endif %} - "refresh": {{ sensu_uchiwa_refresh }} - } -} diff --git a/roles/sensu.sensu/templates/uchiwa_freebsd.j2 b/roles/sensu.sensu/templates/uchiwa_freebsd.j2 deleted file mode 100644 index 6f5f314..0000000 --- a/roles/sensu.sensu/templates/uchiwa_freebsd.j2 +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh - -. /etc/rc.subr - -name=uchiwa -rcvar=uchiwa_enable - -command="{{ sensu_uchiwa_path }}/go/bin/${name}" -uchiwa_flags="-d {{ sensu_uchiwa_path }} -c {{ sensu_uchiwa_path }}/etc/config.json -p {{ sensu_uchiwa_path }}/go/src/github.com/sensu/uchiwa/public" - -load_rc_config $name - -pidfile=/var/run/${name}.pid -start_cmd=uchiwa_start -stop_postcmd=uchiwa_cleanup - -uchiwa_start() { - echo "Starting uchiwa." - /usr/bin/touch ${pidfile} - /usr/sbin/daemon -cf -p ${pidfile} ${command} ${uchiwa_flags} -} - -uchiwa_cleanup() { - [ -f ${pidfile} ] && /bin/rm ${pidfile} -} - -run_rc_command "$1" diff --git a/roles/sensu.sensu/vars/Amazon.yml b/roles/sensu.sensu/vars/Amazon.yml deleted file mode 100644 index 65e0a3f..0000000 --- a/roles/sensu.sensu/vars/Amazon.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# vars/Amazon.yml: Variables for Amazon Linux AMI -# Defaults are defined in defaults/main.yml - -# Define repo url without $releasever -# Define epel version to 6 by default, change to 7 when using a version 2 AMI -epel_version: 6 -sensu_yum_repo_url: "https://sensu.global.ssl.fastly.net/yum/{{epel_version}}/$basearch/" - -# Set this to false to disable the EPEL repo installation -enable_epel_repo: true -epel_repo_rpm: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{epel_version}}.noarch.rpm" - -# RabbitMQ/Erlang -sensu_rabbitmq_repo_version: v3.7.x -sensu_rabbitmq_erlang_repo_version: 20 -sensu_rabbitmq_signing_key: https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc -sensu_rabbitmq_baseurl: "https://dl.bintray.com/rabbitmq/rpm/rabbitmq-server/{{ sensu_rabbitmq_repo_version }}/el/{{ epel_version }}" -sensu_rabbitmq_erlang_signing_key: "{{ sensu_rabbitmq_signing_key }}" -sensu_rabbitmq_erlang_baseurl: "https://dl.bintray.com/rabbitmq/rpm/erlang/{{ sensu_rabbitmq_erlang_repo_version }}/el/{{ epel_version }}" diff --git a/roles/sensu.sensu/vars/CentOS.yml b/roles/sensu.sensu/vars/CentOS.yml deleted file mode 100644 index 15752c1..0000000 --- a/roles/sensu.sensu/vars/CentOS.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -# vars/CentOS.yml: Variables for CentOS -# Defaults are defined in defaults/main.yml - -# Set this to false to disable the EPEL repo installation -enable_epel_repo: true - -sensu_rabbitmq_repo_version: v3.7.x -sensu_rabbitmq_erlang_repo_version: 20 -sensu_rabbitmq_signing_key: https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc -sensu_rabbitmq_baseurl: "https://dl.bintray.com/rabbitmq/rpm/rabbitmq-server/{{ sensu_rabbitmq_repo_version }}/el/{{ ansible_distribution_major_version }}" -sensu_rabbitmq_erlang_signing_key: "{{ sensu_rabbitmq_signing_key }}" -sensu_rabbitmq_erlang_baseurl: "https://dl.bintray.com/rabbitmq/rpm/erlang/{{ sensu_rabbitmq_erlang_repo_version }}/el/{{ ansible_distribution_major_version }}" diff --git a/roles/sensu.sensu/vars/Debian.yml b/roles/sensu.sensu/vars/Debian.yml deleted file mode 100644 index e6cc3a5..0000000 --- a/roles/sensu.sensu/vars/Debian.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# vars/Debian.yml: Variables for Debian -# Defaults are defined in defaults/main.yml - -# redis server properties -sensu_redis_pkg_name: redis-server -sensu_redis_service_name: redis-server - -sensu_erlang_pin_package: 'esl-erlang erlang*' -sensu_erlang_pin_version: '1:20.3*' -sensu_rabbitmq_signing_key: https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc -sensu_rabbitmq_repo: "deb https://dl.bintray.com/rabbitmq/debian {{ ansible_distribution_release }} main" -sensu_rabbitmq_erlang_signing_key: https://packages.erlang-solutions.com/debian/erlang_solutions.asc -sensu_rabbitmq_erlang_repo: "deb https://packages.erlang-solutions.com/debian {{ ansible_distribution_release }} contrib" diff --git a/roles/sensu.sensu/vars/Fedora.yml b/roles/sensu.sensu/vars/Fedora.yml deleted file mode 100644 index 53c1d5b..0000000 --- a/roles/sensu.sensu/vars/Fedora.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# vars/Fedora.yml: Variables for Fedora -# Defaults are defined in defaults/main.yml - -# RH/Centos 7 version works for Fedora 25 as a client -sensu_yum_repo_url: "https://sensu.global.ssl.fastly.net/yum/7/$basearch/" -sensu_rabbitmq_repo_version: v3.7.x -sensu_rabbitmq_erlang_repo_version: 20 -sensu_rabbitmq_signing_key: https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc -sensu_rabbitmq_baseurl: "https://dl.bintray.com/rabbitmq/rpm/rabbitmq-server/{{ sensu_rabbitmq_repo_version }}/el/7" -sensu_rabbitmq_erlang_signing_key: "{{ sensu_rabbitmq_signing_key }}" -sensu_rabbitmq_erlang_baseurl: "https://dl.bintray.com/rabbitmq/rpm/erlang/{{ sensu_rabbitmq_erlang_repo_version }}/el/7" diff --git a/roles/sensu.sensu/vars/FreeBSD.yml b/roles/sensu.sensu/vars/FreeBSD.yml deleted file mode 100644 index 1db3285..0000000 --- a/roles/sensu.sensu/vars/FreeBSD.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# vars/FreeBSD.yml: Variables for FreeBSD -# Defaults are defined in defaults/main.yml - -# Sensu config/package properties -sensu_config_path: /usr/local/etc/sensu - -# RabbitMQ options -sensu_rabbitmq_config_path: /usr/local/etc/rabbitmq -sensu_rabbitmq_service_name: rabbitmq - -# Internal settings -__bash_path: /usr/local/bin/bash -__root_group: wheel diff --git a/roles/sensu.sensu/vars/OpenBSD.yml b/roles/sensu.sensu/vars/OpenBSD.yml deleted file mode 100644 index 64f445e..0000000 --- a/roles/sensu.sensu/vars/OpenBSD.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# vars/FreeBSD.yml: Variables for FreeBSD -# Defaults are defined in vars/default.yml - -# Sensu config/package properties -sensu_config_path: /etc/sensu -sensu_gem_version: 0.29.0 -sensu_client_service_name: sensuclient - -# RabbitMQ options -sensu_rabbitmq_config_path: /etc/rabbitmq -sensu_rabbitmq_service_name: rabbitmq - -# Internal settings -__bash_path: /usr/local/bin/bash -__root_group: wheel diff --git a/roles/sensu.sensu/vars/OracleLinux.yml b/roles/sensu.sensu/vars/OracleLinux.yml deleted file mode 120000 index 2b721e2..0000000 --- a/roles/sensu.sensu/vars/OracleLinux.yml +++ /dev/null @@ -1 +0,0 @@ -CentOS.yml \ No newline at end of file diff --git a/roles/sensu.sensu/vars/RedHat.yml b/roles/sensu.sensu/vars/RedHat.yml deleted file mode 120000 index 2b721e2..0000000 --- a/roles/sensu.sensu/vars/RedHat.yml +++ /dev/null @@ -1 +0,0 @@ -CentOS.yml \ No newline at end of file diff --git a/roles/sensu.sensu/vars/SmartOS.yml b/roles/sensu.sensu/vars/SmartOS.yml deleted file mode 100644 index a2bf5fc..0000000 --- a/roles/sensu.sensu/vars/SmartOS.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# vars/SmartOS.yml: Variables for Joyent SmartOS -# Defaults are defined in defaults/main.yml - -# RabbitMQ server properties -sensu_rabbitmq_service_name: rabbitmq -sensu_rabbitmq_config_path: /opt/local/etc/rabbitmq - -# Sensu/Uchiwa user/group/service properties -sensu_config_path: /opt/local/etc/sensu diff --git a/roles/sensu.sensu/vars/Ubuntu.yml b/roles/sensu.sensu/vars/Ubuntu.yml deleted file mode 100644 index 48d404e..0000000 --- a/roles/sensu.sensu/vars/Ubuntu.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# vars/Ubuntu.yml: Variables for Ubuntu -# Defaults are defined in defaults/main.yml - -# redis server properties -sensu_redis_pkg_name: redis-server -sensu_redis_service_name: redis-server - - -sensu_erlang_pin_package: 'esl-erlang erlang*' -sensu_erlang_pin_version: '1:20.3*' -sensu_rabbitmq_signing_key: https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc -sensu_rabbitmq_repo: "deb https://dl.bintray.com/rabbitmq/debian {{ ansible_distribution_release }} main" -sensu_rabbitmq_erlang_signing_key: https://packages.erlang-solutions.com/debian/erlang_solutions.asc -sensu_rabbitmq_erlang_repo: "deb https://packages.erlang-solutions.com/ubuntu {{ ansible_distribution_release }} contrib" diff --git a/roles/win_localdircopy/README.md b/roles/win_localdircopy/README.md deleted file mode 100644 index 225dd44..0000000 --- a/roles/win_localdircopy/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/win_localdircopy/defaults/main.yml b/roles/win_localdircopy/defaults/main.yml deleted file mode 100644 index 001f5ab..0000000 --- a/roles/win_localdircopy/defaults/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# defaults file for win_localdircopy \ No newline at end of file diff --git a/roles/win_localdircopy/handlers/main.yml b/roles/win_localdircopy/handlers/main.yml deleted file mode 100644 index 480b525..0000000 --- a/roles/win_localdircopy/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for win_localdircopy \ No newline at end of file diff --git a/roles/win_localdircopy/meta/main.yml b/roles/win_localdircopy/meta/main.yml deleted file mode 100644 index 5d50bf4..0000000 --- a/roles/win_localdircopy/meta/main.yml +++ /dev/null @@ -1,60 +0,0 @@ -galaxy_info: - author: your name - description: your description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Some suggested licenses: - # - BSD (default) - # - MIT - # - GPLv2 - # - GPLv3 - # - Apache - # - CC-BY - license: license (GPLv2, CC-BY, etc) - - min_ansible_version: 2.4 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - # Optionally specify the branch Galaxy will use when accessing the GitHub - # repo for this role. During role install, if no tags are available, - # Galaxy will use this branch. During import Galaxy will access files on - # this branch. If Travis integration is configured, only notifications for this - # branch will be accepted. Otherwise, in all cases, the repo's default branch - # (usually master) will be used. - #github_branch: - - # - # Provide a list of supported platforms, and for each platform a list of versions. - # If you don't wish to enumerate all versions for a particular platform, use 'all'. - # To view available platforms and versions (or releases), visit: - # https://galaxy.ansible.com/api/v1/platforms/ - # - # platforms: - # - name: Fedora - # versions: - # - all - # - 25 - # - name: SomePlatform - # versions: - # - all - # - 1.0 - # - 7 - # - 99.99 - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. \ No newline at end of file diff --git a/roles/win_localdircopy/tasks/main.yml b/roles/win_localdircopy/tasks/main.yml deleted file mode 100644 index 4d66bd7..0000000 --- a/roles/win_localdircopy/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# tasks file for win_localdircopy \ No newline at end of file diff --git a/roles/win_localdircopy/tests/inventory b/roles/win_localdircopy/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/roles/win_localdircopy/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/win_localdircopy/tests/test.yml b/roles/win_localdircopy/tests/test.yml deleted file mode 100644 index 73c7e0c..0000000 --- a/roles/win_localdircopy/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - win_localdircopy \ No newline at end of file diff --git a/roles/win_localdircopy/vars/main.yml b/roles/win_localdircopy/vars/main.yml deleted file mode 100644 index 882aea6..0000000 --- a/roles/win_localdircopy/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for win_localdircopy \ No newline at end of file