diff --git a/hosts_kestra copy.yml b/hosts_kestra copy.yml new file mode 100644 index 0000000..b81d8aa --- /dev/null +++ b/hosts_kestra copy.yml @@ -0,0 +1,153 @@ +--- +datacenter: + children: + odroid_cluster: + children: + odroid_master: + hosts: + 192.168.77.131: + vars: + testVar: 999 + odroid_worker: + hosts: + 192.168.77.13[2:5]: + + vars: + ansible_ssh_user: jd + ansible_ssh_pass: lacijaydee + ansible_become_password: lacijaydee + ssh_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" + ansible_ssh_common_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" + + localhost1: + hosts: + localhost + vars: + ansible_user: root + morefine: + hosts: + 192.168.77.12: + vars: + jaydee_install_mqtt_srv: true + ansible_python_interpreter: auto_silent + ansible_ssh_user: jd + ansible_become_user: root + ansible_become_password: q + ansible_ssh_common_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" + + ryzen: + hosts: + 192.168.77.15: + vars: + ansible_python_interpreter: auto_silent + ansible_ssh_user: root + ansible_ssh_pass: lacijaydee + ansible_password: lacijaydee + ansible_become_user: root + ansible_become_password: lacijaydee + omv: + hosts: + 192.168.77.189: + vars: + ansible_user: root + ansible_password: lacijaydee + ansible_ssh_user: root + ansible_ssh_pass: lacijaydee + ansible_become_user: root + ansible_become_password: lacijaydee + amd: + hosts: + 192.168.77.4: + vars: + ansible_user: root + ansible_password: l4c1j4yd33Du5lo + ansible_ssh_user: root + ansible_ssh_pass: l4c1j4yd33Du5lo + ansible_become_user: root + ansible_become_password: l4c1j4yd33Du5lo + rhasspy: + hosts: + 192.168.77.224 + vars: + ansible_user: jd + ansible_ssh_pass: q + ansible_become_password: l4c1j4yd33Du5lo + windows: + hosts: + 192.168.77.211 + vars: + ansible_user: jd + ansible_password: "q" + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_winrm_kerberos_delegation: true + mqtt_srv: + children: + servers: + hosts: + rpi5-1.home.lan: + rpi5.home.lan: + omv.home.lan: + rack.home.lan: + m-server.home.lan: + zabbix.home.lan: + 192.168.77.101: + vars: + ansible_python_interpreter: /usr/bin/python3 + ansible_ssh_user: jd + ansible_become_password: l4c1j4yd33Du5lo + ansible_ssh_private_key_file: ssh_key.pem + identity_file: ssh_key.pem + nas: + hosts: + nas.home.lan: + vars: + ansible_ssh_user: admin + become_method: su + become_user: admin + ansible_ssh_private_key_file: ssh_key.pem + # ansible_user: admin + # ansible_pass: l4c1!j4yd33?Du5lo1 + ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3 + desktop: + hosts: + morefine.home.lan: + vars: + ansible_ssh_user: jd + ansible_become_user: root + ansible_become_password: q + # ansible_ssh_password: q + ansible_ssh_private_key_file: ssh_key.pem + + containers: + children: + servers: + hosts: + rpi5-1.home.lan: + rpi5.home.lan: + m-server.home.lan: + fog.home.lan: + zabbix.home.lan: + omv.home.lan: + 192.168.77.101: + vars: + ansible_python_interpreter: /usr/bin/python3 + ansible_ssh_user: jd + # ansible_ssh_password: l4c1j4yd33Du5lo + ansible_become_password: l4c1j4yd33Du5lo + ansible_ssh_private_key_file: ssh_key.pem + identity_file: ssh_key.pem + ansible_ssh_pass: l4c1j4yd33Du5lo + nas: + hosts: + nas.home.lan: + 192.168.77.106: + vars: + ansible_ssh_user: admin + become_method: su + become_user: admin + ansible_ssh_private_key_file: ssh_key.pem + # ansible_user: admin + # ansible_pass: l4c1!j4yd33?Du5lo1 + ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3 diff --git a/hosts_roles.yml b/hosts_roles.yml new file mode 100644 index 0000000..0ba9933 --- /dev/null +++ b/hosts_roles.yml @@ -0,0 +1,147 @@ +--- +datacenter: + children: + odroid_cluster: + children: + odroid_master: + hosts: + 192.168.77.131: + vars: + testVar: 999 + odroid_worker: + hosts: + 192.168.77.13[2:5]: + + vars: + ansible_ssh_user: jd + ansible_ssh_pass: lacijaydee + ansible_become_password: lacijaydee + ssh_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" + ansible_ssh_common_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" + + localhost1: + hosts: + localhost + vars: + ansible_user: root + morefine: + hosts: + 192.168.77.12: + vars: + jaydee_install_mqtt_srv: true + ansible_python_interpreter: auto_silent + ansible_ssh_user: jd + ansible_become_user: root + ansible_become_password: q + ansible_ssh_common_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" + + ryzen: + hosts: + 192.168.77.15: + vars: + ansible_python_interpreter: auto_silent + ansible_ssh_user: root + ansible_ssh_pass: lacijaydee + ansible_password: lacijaydee + ansible_become_user: root + ansible_become_password: lacijaydee + omv: + hosts: + 192.168.77.189: + vars: + ansible_user: root + ansible_password: lacijaydee + ansible_ssh_user: root + ansible_ssh_pass: lacijaydee + ansible_become_user: root + ansible_become_password: lacijaydee + amd: + hosts: + 192.168.77.4: + vars: + ansible_user: root + ansible_password: l4c1j4yd33Du5lo + ansible_ssh_user: root + ansible_ssh_pass: l4c1j4yd33Du5lo + ansible_become_user: root + ansible_become_password: l4c1j4yd33Du5lo + rhasspy: + hosts: + 192.168.77.224 + vars: + ansible_user: jd + ansible_ssh_pass: q + ansible_become_password: l4c1j4yd33Du5lo + windows: + hosts: + 192.168.77.211 + vars: + ansible_user: jd + ansible_password: "q" + ansible_connection: winrm + ansible_port: 5985 + ansible_winrm_server_cert_validation: ignore + ansible_winrm_kerberos_delegation: true + mqtt_srv: + children: + servers: + hosts: + rpi5-1.home.lan: + rpi5.home.lan: + omv.home.lan: + rack.home.lan: + m-server.home.lan: + vars: + ansible_python_interpreter: /usr/bin/python3 + ansible_ssh_user: jd + ansible_become_password: l4c1j4yd33Du5lo + ansible_ssh_private_key_file: ssh_key.pem + identity_file: ssh_key.pem + nas: + hosts: + nas.home.lan: + vars: + ansible_ssh_user: admin + become_method: su + become_user: admin + ansible_ssh_private_key_file: ssh_key.pem + # ansible_user: admin + # ansible_pass: l4c1!j4yd33?Du5lo1 + ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3 + desktop: + hosts: + morefine.home.lan: + vars: + ansible_ssh_user: jd + ansible_become_user: root + ansible_become_password: q + # ansible_ssh_password: q + ansible_ssh_private_key_file: ssh_key.pem + + containers: + children: + servers: + hosts: + rpi5-1.home.lan: + rpi5.home.lan: + m-server.home.lan: + fog.home.lan: + # zabbix.home.lan: + omv.home.lan: + vars: + ansible_python_interpreter: /usr/bin/python3 + ansible_ssh_user: jd + ansible_become_password: l4c1j4yd33Du5lo + ansible_ssh_private_key_file: ssh_key.pem + nas: + hosts: + nas.home.lan: + 192.168.77.106: + vars: + ansible_ssh_user: admin + become_method: su + become_user: admin + ansible_ssh_private_key_file: ssh_key.pem + # ansible_user: admin + # ansible_pass: l4c1!j4yd33?Du5lo1 + ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3 diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml new file mode 100644 index 0000000..62c61f3 --- /dev/null +++ b/roles/common/tasks/main.yml @@ -0,0 +1,4 @@ +- name: Upgrade the full OS + ansible.builtin.apt: + upgrade: full + become: true diff --git a/roles/monitoring/tasks/main.yml b/roles/monitoring/tasks/main.yml new file mode 100644 index 0000000..d05ad1e --- /dev/null +++ b/roles/monitoring/tasks/main.yml @@ -0,0 +1,165 @@ +- name: Get config for not nas + ansible.builtin.set_fact: + zabbix_agent_cfg: "/etc/zabbix/zabbix_agent2.conf" + when: inventory_hostname != 'nas.home.lan' + +- name: Get config for nas + ansible.builtin.set_fact: + zabbix_agent_cfg: "/opt/ZabbixAgent/etc/zabbix_agentd.conf" + when: inventory_hostname == 'nas.home.lan' + become: true +# - name: Print all available facts +# ansible.builtin.debug: +# var: ansible_facts.architecture +# - name: Print all available facts +# ansible.builtin.debug: +# var: ansible_distribution +# - name: Print all available facts +# ansible.builtin.debug: +# var: ansible_distribution_major_version +# - name: Upload zabbix package +# ansible.builtin.copy: +# src: packages/zabbix-release_6.4-1+ubuntu22.04_all.deb +# dest: /tmp/ +- name: Install a .deb package from the internet11 + ansible.builtin.apt: + deb: https://repo.zabbix.com/zabbix/6.4/ubuntu-arm64/pool/main/z/zabbix-release/zabbix-release_6.4-1+ubuntu22.04_all.deb + when: + - ansible_facts.architecture != "armv7l" and ( ansible_distribution == "Ubuntu" or ansible_distribution == "Linux Mint" ) + become: true +- name: Install a .deb package from the internet2 + ansible.builtin.apt: + #deb: https://repo.zabbix.com/zabbix/6.4/raspbian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian11_all.deb + deb: https://repo.zabbix.com/zabbix/7.0/raspbian/pool/main/z/zabbix-release/zabbix-release_7.0-1+debian11_all.deb + retries: 5 + delay: 5 + when: + - ansible_facts.architecture == "armv7l" or ansible_facts.architecture == "aarch64" + become: true + ignore_errors: true + +- name: Install a .deb package from the internet3 + ansible.builtin.apt: + deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian11_all.deb + become: true + when: + - ansible_facts.architecture != "armv7l" and ansible_distribution == "Debian" and ansible_distribution_major_version == "11" + +- name: Install a .deb package from the internet4 + ansible.builtin.apt: + #deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian12_all.deb + deb: https://repo.zabbix.com/zabbix/7.0/debian/pool/main/z/zabbix-release/zabbix-release_7.0-1+debian12_all.deb + when: + - ansible_facts.architecture != "armv7l" and ansible_facts.architecture != "aarch64" and ansible_distribution == "Debian" and ansible_distribution_major_version == "12" + ignore_errors: true + become: true +# - name: Install a .deb package localy +# ansible.builtin.apt: +# deb: /tmp/zabbix-release_6.4-1+ubuntu22.04_all.deb +- name: Install zabbix packages + ansible.builtin.apt: + name: + - zabbix-agent2 + - zabbix-agent2-plugin-mongodb + - zabbix-agent2-plugin-postgresql + update_cache: yes + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + ignore_errors: true + when: inventory_hostname != 'nas.home.lan' + +- name: Reconfigure zabbix agent Server + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + regexp: "^Server=.*" + insertafter: '^# Server=' + line: "Server=192.168.77.0/24" + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Reconfigure zabbix agent ServerActive + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + regexp: "^ServerActive=.*" + line: "ServerActive={{ ZABBIX_SERVER }}" + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" +- name: Reconfigure zabbix agent ListenPort + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + regexp: "^ListenPort=.*" + line: "ListenPort=10050" + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" +# - name: Reconfigure zabbix agent ListenIP +# ansible.builtin.lineinfile: +# path: /"{{ zabbix_agent_cfg }}" +# regexp: "^ListenIP=.*" +# line: "ListenIP=0.0.0.0" + +- name: Reconfigure zabbix-agent2 hostname + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + regexp: "^Hostname=.*" + line: "Hostname={{ inventory_hostname }}" + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Reconfigure zabbix-agent2 config + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + insertafter: '^# UserParameter=' + regexp: "^UserParameter=system.certs.*" + line: "UserParameter=system.certs,python3 /share/ZFS530_DATA/.qpkg/ZabbixAgent/cert_check2.py" + when: inventory_hostname == 'nas.home.lan' + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Reconfigure zabbix-agent2 config + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + insertafter: '^# UserParameter=' + regexp: "^UserParameter=system.certs.*" + line: "UserParameter=system.certs,python3 /usr/bin/cert_check2.py" + when: inventory_hostname == 'm-server.home.lan' + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Reconfigure zabbix-agent2 config + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + insertafter: '^# UserParameter=' + line: "UserParameter=rpi.hw.temp,/usr/bin/vcgencmd measure_temp" + when: inventory_hostname == 'rpi5.home.lan' + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Reconfigure zabbix-agent2 hostname + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + regexp: "^HostMetadata=.*" + insertafter: '^# HostMetadata=' + line: "HostMetadata=linux;jaydee" + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Reconfigure zabbix-agent2 hostname + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + regexp: "^HostMetadata=.*" + insertafter: '^# HostMetadata=' + line: "HostMetadata=server;jaydee" + when: inventory_hostname == 'nas.home.lan' or inventory_hostname == 'm-server.home.lan' + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Add the user 'to group video + ansible.builtin.user: + name: zabbix + groups: video + append: yes + when: inventory_hostname != 'nas.home.lan' + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Restart zabbix-agent2 service + ansible.builtin.service: + name: zabbix-agent2.service + state: restarted + enabled: true + when: inventory_hostname != 'nas.home.lan' + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" + +- name: Restart agent + ansible.builtin.shell: /etc/init.d/ZabbixAgent.sh restart + when: inventory_hostname == 'nas.home.lan' + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" \ No newline at end of file diff --git a/roles/monitoring/vars/main.yml b/roles/monitoring/vars/main.yml new file mode 100644 index 0000000..e95fa5e --- /dev/null +++ b/roles/monitoring/vars/main.yml @@ -0,0 +1 @@ +ZABBIX_SERVER: "zabbix.home.lan" \ No newline at end of file diff --git a/roles/update_flatpack/tasks/main.yml b/roles/update_flatpack/tasks/main.yml new file mode 100644 index 0000000..31ddeb0 --- /dev/null +++ b/roles/update_flatpack/tasks/main.yml @@ -0,0 +1,3 @@ +- name: Upgrade flatpack + ansible.builtin.command: flatpak update -y + become: true \ No newline at end of file diff --git a/roles/wake_on_lan/tasks/main.yml b/roles/wake_on_lan/tasks/main.yml new file mode 100644 index 0000000..c03cd9e --- /dev/null +++ b/roles/wake_on_lan/tasks/main.yml @@ -0,0 +1,36 @@ +- name: Install ethtool + ansible.builtin.apt: + name: ethtool + state: present +- name: Display all interfaces name + debug: + var: ansible_facts.interfaces +- name: Get wifi adapter + set_fact: + wifi_adapter: '{{ item }}' + loop: '{{ ansible_facts.interfaces }}' + when: 'item.startswith("eno")' + +- name: Creating config + become: true + ansible.builtin.copy: + + dest: "/etc/systemd/system/wol.service" + content: | + [Unit] + Description=Enable Wake On Lan + + [Service] + Type=oneshot + ExecStart = /usr/sbin/ethtool --change {{ wifi_adapter }} wol g + + [Install] + WantedBy=basic.target + owner: root + mode: '0744' +- name: Restart service wol, in all cases + ansible.builtin.service: + name: wol + state: restarted + enabled: true + become: true \ No newline at end of file diff --git a/servers.yml b/servers.yml new file mode 100644 index 0000000..0c1f556 --- /dev/null +++ b/servers.yml @@ -0,0 +1,6 @@ +--- +- hosts: servers + roles: + - common + - wake_on_lan + - monitoring \ No newline at end of file