build

2025-12-13 17:44:53 +01:00 · 2025-11-25 16:24:21 +01:00
parent f8b42a2674
commit 487e844cac
8 changed files with 119 additions and 59 deletions
--- a/hosts_init.yml
+++ b/hosts_init.yml
@@ -11,13 +11,13 @@ datacenter:
        amd.home.lan:
        omv.home.lan:
        192.168.77.101:
        rack.home.lan:
      vars:
        ansible_python_interpreter: /usr/bin/python3
        ansible_ssh_user: jd
        # ansible_ssh_password: l4c1j4yd33Du5lo
-        ansible_become_password: l4c1j4yd33Du5lo-
+        ansible_become_password: q
-        identity_file: ssh_key.pem
+        ansible_ssh_pass: q
        ansible_ssh_pass: l4c1j4yd33Du5lo-
        ansible_become_user: root
    external:
@@ -47,6 +47,7 @@ datacenter:
      hosts:
        vm01.home.lan:
        vm02.home.lan:
        vm03.home.lan:
      vars:
        ansible_python_interpreter: /usr/bin/python3
        ansible_ssh_user: jd
--- a/hosts_roles.yml
+++ b/hosts_roles.yml
@@ -187,6 +187,7 @@ datacenter:
      hosts:
        vm01.home.lan:
        vm02.home.lan:
        vm03.home.lan:
      vars:
        ansible_python_interpreter: /usr/bin/python3
        ansible_ssh_user: jd
--- a/jaydee.yml
+++ b/jaydee.yml
@@ -1,18 +1,20 @@
 $ANSIBLE_VAULT;1.1;AES256
-63356366383732396163376631336164373666646234646335323762626333316435356133393661
+37663331373063666438653164616534303732366337653238316433326364333765306339373863
-6630376666323636633065653466343361643763376364310a303334343035626565303133396439
+3461393866633063303730653635356435613163623337650a636639623733346638626239326566
-35636130336265373230613766373831333863353339643631333262373439323561653737663265
+37393032353063363735376133333636376262386364383933303133376630353432313136356439
-3733626334306165660a333631383966666238376135653065646134376335326635363136613734
+6237653563646437660a653764653562626137393363396565316666383064383933323338623838
-36643733333835303563653035363530653333626437316436396163333635313033363039306533
+31373234313330663861336537313431616136356234626435383037333966326637313836633561
-66333538656564313062366437393666643161306139313936356134623133333931353733663834
+65356437333264393061303263326637643839313732386533366133376534383263643562333636
-35653234383466383530356235303564383062626663343563663964323638323538336435363864
+62383736333438663131613563373936623261356666393931326461363336353534623464613733
-35383839386230646636616633336639663038633237373530616233326436383666313338373761
+62333636326538623539393634366137663833353137656235356135326435306563393336663866
-39653338663737666132393638343066346431326533653538353533313733363063356535326231
+38373563346339386364323063613436326562336337363330656330313436313730356530643237
-65306464386332616561313664313066666231666366346434633633363934376137626662363939
+30316463613338613765383235613665383666303135353236663830623639343764313330653937
-31383637333263383435633631393162653137336262313335303539666366623134333430643165
+35393132333565386333643534366564306165636235356138313533616261653936333161373135
-62306364613436663932376530366534323038646639313630643637613531656239663434646437
+65363333376331653735336133613938313436366530656261366630616330643233353731663931
-35303139373230646164353265313964326264616465623261633732643637306462653930353330
+34303632373530663437386130656633376131326538323466643830326266346465666563343364
-63313363643832616433353565306462383962363331383431373630306566613931313564363439
+63303631363635303337653135336662346434653166623635633730613639653539626161323636
-34383037366230363862313433633164303932343738393964353065613130376535326266326563
+31356164623537386634393534623538373833633732396232613532383163303136386139613730
-62666664323731396639333931316635653464386166343464373664393334623430333037623764
+61653534636434616438633030633636343663396636653536386536333866646438633433613931
-36383964623530373132323731396132306234343934653337326132653232333566
+61323833333237333063356331333137616564653636333361353239653738653830633537386661
 65353763623666326265633164633763323463363237363333373562336434393264356438323634
 613632373265346632306436633535323731
--- a/roles/autofs_client/tasks/main.yml
+++ b/roles/autofs_client/tasks/main.yml
@@ -149,6 +149,7 @@
          music --fstype=nfs,rw nas.home.lan:/music
          shows --fstype=nfs,rw nas.home.lan:/shows
          xxx --fstype=nfs,rw nas.home.lan:/xxx
          proxmox --fstype=nfs,rw nas.home.lan:/proxmox
        mode: '0600'
        owner: root
        group: root
--- a/roles/cert_gen/files/certs.sh
+++ b/roles/cert_gen/files/certs.sh
@@ -13,7 +13,7 @@ IP=`ip route get 8.8.8.8 | head -1 | cut -d' ' -f7`
 fi
 HOST=`uname -n`
 openssl req -subj "/CN=$HOST" -sha256 -new -key server-key.pem -out server.csr
-echo subjectAltName = DNS:$HOST,IP:$IP,IP:127.0.0.1 >> extfile.cnf
+echo subjectAltName = DNS:$HOST,DNS:${HOST}.home.lan,IP:$IP,IP:127.0.0.1 >> extfile.cnf
 echo extendedKeyUsage = serverAuth >> extfile.cnf
 openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \
  -CAcreateserial -out server-cert.pem -extfile extfile.cnf -passin pass:"foobarpwd"
--- a/roles/omv_backup/tasks/main.yml
+++ b/roles/omv_backup/tasks/main.yml
@@ -92,6 +92,7 @@
      ansible.builtin.apt:
        name:
          - python3-virtualenv
          - rsync
    - name: Install specified python requirements in indicated (virtualenv)
      ansible.builtin.pip:
--- a/roles/wake_on_lan/tasks/main.yml
+++ b/roles/wake_on_lan/tasks/main.yml
@@ -1,39 +1,46 @@
- name: Install ethtool
+- name: Install zabbix agent
-  ansible.builtin.apt:
+  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
-    name: ethtool
+  block:
-    state: present
+    - name: Include facts
-  become: true
+      ansible.builtin.include_role:
- name: Display all interfaces name
+        name: "setup"
-  ansible.builtin.debug:
+      when: ansible_facts.architecture is not defined
-    var: ansible_facts.interfaces
+    - name: Install ethtool
- name: Get wifi adapter
+      ansible.builtin.apt:
-  ansible.builtin.set_fact: 
+        name: ethtool
-    active_adapter: '{{ item }}'
+        state: present
-  loop: '{{ ansible_facts.interfaces }}'
+      become: true
-  when: '(item.startswith("eno") or item.startswith("enp")) and not item.endswith("avahi")'
+    - name: Display all interfaces name
      ansible.builtin.debug:
        var: ansible_facts.interfaces
    - name: Get wifi adapter
      ansible.builtin.set_fact:
        active_adapter: '{{ item }}'
      loop: '{{ ansible_facts.interfaces }}'
      when: '(item.startswith("eno") or item.startswith("enp") or item.startswith("nic")) and not item.endswith("avahi")'
- name: Creating config
+    - name: Creating config
-  become: true
+      become: true
-  ansible.builtin.copy:
+      ansible.builtin.copy:
-    dest: "/etc/systemd/system/wol@.service"
+        dest: "/etc/systemd/system/wol@.service"
-    content: |
+        content: |
-      [Unit]
+          [Unit]
-      Description=Enable Wake On Lan
+          Description=Enable Wake On Lan
-      [Service]
+          [Service]
-      Type=oneshot
+          Type=oneshot
-      ExecStart = /usr/sbin/ethtool --change %i wol g
+          ExecStart = /usr/sbin/ethtool --change %i wol g
-      [Install]
+          [Install]
-      WantedBy=basic.target
+          WantedBy=basic.target
-    owner: root
+        owner: root
-    mode: '0744'
+        mode: '0744'
- name: Restart service wol, in all cases
+    - name: Restart service wol, in all cases
-  ansible.builtin.service:
+      ansible.builtin.service:
-    name: wol@{{ item }}
+        name: wol@{{ item }}
-    state: restarted
+        state: restarted
-    enabled: true
+        enabled: true
-  become: true
+      become: true
-  loop: '{{ ansible_facts.interfaces }}'
+      loop: '{{ ansible_facts.interfaces }}'
-  when: '(item.startswith("eno") or item.startswith("enp")) and not item.endswith("avahi")'
+      when: '(item.startswith("eno") or item.startswith("enp")) and not item.endswith("avahi")'
--- a/roles/zabbix-agent/tasks/main.yml
+++ b/roles/zabbix-agent/tasks/main.yml
@@ -1,6 +1,11 @@
 - name: Install zabbix agent
  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
  block:
    - name: Include facts
      ansible.builtin.include_role:
        name: "setup"
      when: ansible_facts.architecture is not defined
    - name: Get config for not nas
      ansible.builtin.set_fact:
        zabbix_agent_cfg: "/etc/zabbix/zabbix_agent2.conf"
@@ -55,6 +60,17 @@
      ansible.builtin.apt:
        # deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian12_all.deb
        deb: https://repo.zabbix.com/zabbix/7.4/release/debian/pool/main/z/zabbix-release/zabbix-release_latest_7.4+debian12_all.deb
      when:
        - ansible_facts.architecture != "armv7l"
        - ansible_facts.architecture != "aarch64"
        - ansible_distribution == "Debian"
        - ansible_distribution_major_version  == "12"
      register: command_result
      failed_when: "'FAILED' in command_result.stderr"
    - name: Install a .deb package from the Debian 13
      ansible.builtin.apt:
        # deb: https://repo.zabbix.com/zabbix/6.4/debian/pool/main/z/zabbix-release/zabbix-release_6.4-1+debian12_all.deb
        deb: https://repo.zabbix.com/zabbix/7.4/release/debian/pool/main/z/zabbix-release/zabbix-release_latest_7.4+debian13_all.deb
      when:
        - ansible_facts.architecture != "armv7l"
        - ansible_facts.architecture != "aarch64"
@@ -83,7 +99,7 @@
          - zabbix-agent2-plugin-postgresql
          # - zabbix-agent2-plugin-mysql
        only_upgrade: true
-        state: latest
+        state: present
      when: inventory_hostname != 'nas.home.lan'
    - name: Reconfigure zabbix agent Server
@@ -173,9 +189,40 @@
        regexp: "^HostMetadata=.*"
        insertafter: '^# HostMetadata='
        line: "HostMetadata=server;jaydee"
-      when: inventory_hostname == 'nas.home.lan' or inventory_hostname == 'm-server.home.lan'
+      when: inventory_hostname == 'm-server.home.lan'
-    - name: Add the user 'to group video
+    - name: Create docker-swarm plugin directory
      ansible.builtin.file:
        path: /usr/lib/zabbix/plugins/docker-swarm/
        state: directory
        mode: '0755'
        owner: zabbix
        group: zabbix
    - name: Copy docker-swarm plugin
      ansible.builtin.copy:
        src: docker-swarm-linux-amd64
        dest: /usr/lib/zabbix/plugins/docker-swarm/docker-swarm-linux-x86_64
        mode: '0755'
        owner: zabbix
        group: zabbix
      when: inventory_hostname == 'm-server.home.lan'
    - name: Reconfigure zabbix-agent2 hostname
      ansible.builtin.lineinfile:
        path: "{{ zabbix_agent_cfg }}"
        regexp: "^Plugins.DockerSwarm.System.Path=.*"
        insertafter: '^# HostMetadata='
        line: "Plugins.DockerSwarm.System.Path=/usr/lib/zabbix/plugins/docker-swarm/docker-swarm-linux-x86_64"
      when: inventory_hostname == 'm-server.home.lan'
    - name: Reconfigure zabbix-agent2 hostname
      ansible.builtin.lineinfile:
        path: "{{ zabbix_agent_cfg }}"
        regexp: "^Plugins.DockerSwarm.System.Timeout=.*"
        line: "Plugins.DockerSwarm.System.Timeout=30"
      when: inventory_hostname == 'm-server.home.lan'
    - name: Add the user 'zabbix' to group video
      ansible.builtin.user:
        name: zabbix
        groups: video