bitwarden

roles/common/tasks/main.yml

@@ -0,0 +1,4 @@
+- name: Upgrade the full OS 
+  ansible.builtin.apt:
+    upgrade: full
+  become: true

roles/monitoring/tasks/main.yml

@@ -0,0 +1,165 @@
+- name: Get config for not nas
+  ansible.builtin.set_fact:
+    zabbix_agent_cfg: "/etc/zabbix/zabbix_agent2.conf"
+  when: inventory_hostname != 'nas.home.lan'
+  
+- name: Get config for nas
+  ansible.builtin.set_fact:
+    zabbix_agent_cfg: "/opt/ZabbixAgent/etc/zabbix_agentd.conf"
+  when: inventory_hostname  == 'nas.home.lan'
+  become: true
+# - name: Print all available facts
+#   ansible.builtin.debug:
+#     var: ansible_facts.architecture
+# - name: Print all available facts
+#   ansible.builtin.debug:
+#     var: ansible_distribution
+# - name: Print all available facts
+#   ansible.builtin.debug:
+#     var: ansible_distribution_major_version
+# - name: Upload zabbix package
+#   ansible.builtin.copy:
+#     src: packages/zabbix-release_6.4-1+ubuntu22.04_all.deb
+#     dest: /tmp/
+- name: Install a .deb package from the internet11
+  ansible.builtin.apt:
+    deb: https://repo.zabbix.com/zabbix/6.4/ubuntu-arm64/pool/main/z/zabbix-release/zabbix-release_6.4-1+ubuntu22.04_all.deb
+  when:
+    - ansible_facts.architecture != "armv7l" and  ( ansible_distribution == "Ubuntu" or ansible_distribution == "Linux Mint" )
+  become: true
+- name: Install a .deb package from the internet2
+  ansible.builtin.apt:
+    #deb: https://repo.zabbix.com/zabbix/6.4/raspbian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian11_all.deb
+    deb: https://repo.zabbix.com/zabbix/7.0/raspbian/pool/main/z/zabbix-release/zabbix-release_7.0-1+debian11_all.deb
+  retries: 5
+  delay: 5
+  when:
+    - ansible_facts.architecture == "armv7l" or ansible_facts.architecture == "aarch64"
+  become: true
+  ignore_errors: true
+
+- name: Install a .deb package from the internet3
+  ansible.builtin.apt:
+    deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian11_all.deb
+  become: true  
+  when:
+    - ansible_facts.architecture != "armv7l"  and ansible_distribution == "Debian"  and ansible_distribution_major_version  == "11"
+  
+- name: Install a .deb package from the internet4
+  ansible.builtin.apt:
+    #deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian12_all.deb
+    deb: https://repo.zabbix.com/zabbix/7.0/debian/pool/main/z/zabbix-release/zabbix-release_7.0-1+debian12_all.deb
+  when:
+    - ansible_facts.architecture != "armv7l" and  ansible_facts.architecture != "aarch64" and ansible_distribution == "Debian"  and ansible_distribution_major_version  == "12"
+  ignore_errors: true
+  become: true
+# - name: Install a .deb package localy
+#   ansible.builtin.apt:
+#     deb: /tmp/zabbix-release_6.4-1+ubuntu22.04_all.deb
+- name: Install zabbix packages
+  ansible.builtin.apt:
+    name: 
+      - zabbix-agent2
+      - zabbix-agent2-plugin-mongodb
+      - zabbix-agent2-plugin-postgresql
+    update_cache: yes
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+  ignore_errors: true
+  when: inventory_hostname != 'nas.home.lan'
+
+- name: Reconfigure zabbix agent Server
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    regexp: "^Server=.*"
+    insertafter: '^# Server='
+    line: "Server=192.168.77.0/24"
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Reconfigure zabbix agent ServerActive
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    regexp: "^ServerActive=.*"
+    line: "ServerActive={{ ZABBIX_SERVER }}"
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+- name: Reconfigure zabbix agent ListenPort
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    regexp: "^ListenPort=.*"
+    line: "ListenPort=10050"
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+# - name: Reconfigure zabbix agent ListenIP
+#   ansible.builtin.lineinfile:
+#     path: /"{{ zabbix_agent_cfg }}"
+#     regexp: "^ListenIP=.*"
+#     line: "ListenIP=0.0.0.0"
+
+- name: Reconfigure zabbix-agent2 hostname
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    regexp: "^Hostname=.*"
+    line: "Hostname={{ inventory_hostname }}"
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+  
+- name: Reconfigure zabbix-agent2 config
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    insertafter: '^# UserParameter='
+    regexp: "^UserParameter=system.certs.*"
+    line: "UserParameter=system.certs,python3 /share/ZFS530_DATA/.qpkg/ZabbixAgent/cert_check2.py"
+  when: inventory_hostname == 'nas.home.lan' 
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Reconfigure zabbix-agent2 config
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    insertafter: '^# UserParameter='
+    regexp: "^UserParameter=system.certs.*"
+    line: "UserParameter=system.certs,python3 /usr/bin/cert_check2.py"
+  when: inventory_hostname == 'm-server.home.lan' 
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Reconfigure zabbix-agent2 config
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    insertafter: '^# UserParameter='
+    line: "UserParameter=rpi.hw.temp,/usr/bin/vcgencmd measure_temp"
+  when: inventory_hostname == 'rpi5.home.lan'
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Reconfigure zabbix-agent2 hostname
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    regexp: "^HostMetadata=.*"
+    insertafter: '^# HostMetadata='
+    line: "HostMetadata=linux;jaydee"
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Reconfigure zabbix-agent2 hostname
+  ansible.builtin.lineinfile:
+    path: "{{ zabbix_agent_cfg }}"
+    regexp: "^HostMetadata=.*"
+    insertafter: '^# HostMetadata='
+    line: "HostMetadata=server;jaydee"
+  when: inventory_hostname == 'nas.home.lan' or inventory_hostname == 'm-server.home.lan' 
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Add the user 'to group video
+  ansible.builtin.user:
+    name: zabbix
+    groups: video
+    append: yes
+  when: inventory_hostname != 'nas.home.lan'
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Restart zabbix-agent2 service
+  ansible.builtin.service:
+    name: zabbix-agent2.service
+    state: restarted
+    enabled: true
+  when: inventory_hostname != 'nas.home.lan'
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
+
+- name: Restart agent
+  ansible.builtin.shell: /etc/init.d/ZabbixAgent.sh restart
+  when: inventory_hostname == 'nas.home.lan'
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"

roles/monitoring/vars/main.yml

@@ -0,0 +1 @@
+ZABBIX_SERVER: "zabbix.home.lan"

roles/update_flatpack/tasks/main.yml

@@ -0,0 +1,3 @@
+- name: Upgrade flatpack 
+  ansible.builtin.command:  flatpak update -y
+  become: true

roles/wake_on_lan/tasks/main.yml

@@ -0,0 +1,36 @@
+- name: Install ethtool
+  ansible.builtin.apt:
+    name: ethtool
+    state: present
+- name: Display all interfaces name
+  debug:
+    var: ansible_facts.interfaces
+- name: Get wifi adapter
+  set_fact: 
+    wifi_adapter: '{{ item }}'
+  loop: '{{ ansible_facts.interfaces }}'
+  when: 'item.startswith("eno")'
+  
+- name: Creating config
+  become: true
+  ansible.builtin.copy:
+    
+    dest: "/etc/systemd/system/wol.service"
+    content: |
+      [Unit]
+      Description=Enable Wake On Lan
+
+      [Service]
+      Type=oneshot
+      ExecStart = /usr/sbin/ethtool --change {{ wifi_adapter }} wol g
+
+      [Install]
+      WantedBy=basic.target
+    owner: root
+    mode: '0744'
+- name: Restart service wol, in all cases
+  ansible.builtin.service:
+    name: wol
+    state: restarted
+    enabled: true
+  become: true