diff --git a/hosts.yml b/hosts.yml index cf8aff5..12b78d0 100644 --- a/hosts.yml +++ b/hosts.yml @@ -89,6 +89,7 @@ datacenter: servers: hosts: rpi5-1.home.lan: + rpi5.home.lan: omv.home.lan: rack.home.lan: m-server.home.lan: @@ -136,6 +137,7 @@ datacenter: servers: hosts: rpi5-1.home.lan: + rpi5.home.lan: m-server.home.lan: fog.home.lan: zabbix.home.lan: diff --git a/hosts_init.yml b/hosts_init.yml index e141576..5a6704d 100644 --- a/hosts_init.yml +++ b/hosts_init.yml @@ -1,7 +1,31 @@ --- -odroid_cluster: - hosts: - 192.168.77.16[1:5]: - vars: - ansible_ssh_user: root - ansible_ssh_pass: 1234 \ No newline at end of file +datacenter: + children: + servers: + hosts: + rpi5-1.home.lan: + rpi5.home.lan: + m-server.home.lan: + fog.home.lan: + zabbix.home.lan: + omv.home.lan: + 192.168.77.101: + vars: + ansible_python_interpreter: /usr/bin/python3 + ansible_ssh_user: jd + # ansible_ssh_password: l4c1j4yd33Du5lo + ansible_become_password: l4c1j4yd33Du5lo + identity_file: ssh_key.pem + ansible_ssh_pass: l4c1j4yd33Du5lo + ansible_become_user: root + nas: + hosts: + nas.home.lan: + 192.168.77.106: + vars: + ansible_ssh_user: admin + become_method: su + become_user: admin + # ansible_user: admin + # ansible_pass: l4c1!j4yd33?Du5lo1 + ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3 diff --git a/hosts_kestra.yml b/hosts_kestra.yml index 2351806..b81d8aa 100644 --- a/hosts_kestra.yml +++ b/hosts_kestra.yml @@ -31,8 +31,6 @@ datacenter: jaydee_install_mqtt_srv: true ansible_python_interpreter: auto_silent ansible_ssh_user: jd - ansible_ssh_pass: q - ansible_password: q ansible_become_user: root ansible_become_password: q ansible_ssh_common_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" @@ -89,18 +87,21 @@ datacenter: servers: hosts: rpi5-1.home.lan: + rpi5.home.lan: omv.home.lan: rack.home.lan: m-server.home.lan: zabbix.home.lan: + 192.168.77.101: vars: ansible_python_interpreter: /usr/bin/python3 - ansible_user: jd + ansible_ssh_user: jd + ansible_become_password: l4c1j4yd33Du5lo ansible_ssh_private_key_file: ssh_key.pem + identity_file: ssh_key.pem nas: hosts: nas.home.lan: - vars: ansible_ssh_user: admin become_method: su @@ -113,26 +114,31 @@ datacenter: hosts: morefine.home.lan: vars: - ansible_user: jd - ansible_password: q ansible_ssh_user: jd - ansible_ssh_pass: q ansible_become_user: root ansible_become_password: q + # ansible_ssh_password: q + ansible_ssh_private_key_file: ssh_key.pem containers: children: servers: hosts: rpi5-1.home.lan: + rpi5.home.lan: m-server.home.lan: fog.home.lan: zabbix.home.lan: omv.home.lan: + 192.168.77.101: vars: ansible_python_interpreter: /usr/bin/python3 ansible_ssh_user: jd + # ansible_ssh_password: l4c1j4yd33Du5lo + ansible_become_password: l4c1j4yd33Du5lo ansible_ssh_private_key_file: ssh_key.pem + identity_file: ssh_key.pem + ansible_ssh_pass: l4c1j4yd33Du5lo nas: hosts: nas.home.lan: diff --git a/playbooks/00_install_zabbix_agent.yml b/playbooks/00_install_zabbix_agent.yml index d8d001c..aa1d8ec 100644 --- a/playbooks/00_install_zabbix_agent.yml +++ b/playbooks/00_install_zabbix_agent.yml @@ -1,36 +1,42 @@ - hosts: datacenter name: Install zabbix agent + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" vars: - ZABBIX_SERVER: "zabbix-server.lan" + ZABBIX_SERVER: "zabbix.home.lan" tasks: - - name: Combine list1 and list2 into a merged_list var + - name: Get config for not nas ansible.builtin.set_fact: zabbix_agent_cfg: "/etc/zabbix/zabbix_agent2.conf" - when: inventory_hostname not in groups['nas'] + when: inventory_hostname != 'nas.home.lan' - - name: Combine list1 and list2 into a merged_list var + - name: Get config for nas ansible.builtin.set_fact: zabbix_agent_cfg: "/opt/ZabbixAgent/etc/zabbix_agentd.conf" - when: inventory_hostname in groups['nas'] + when: inventory_hostname == 'nas.home.lan' - name: Print all available facts ansible.builtin.debug: - msg: "{{ false if inventory_hostname not in groups['nas'] else true }}" + msg: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" - name: Print all available facts ansible.builtin.debug: var: ansible_facts.architecture + - name: Print all available facts + ansible.builtin.debug: + var: ansible_distribution + - name: Print all available facts + ansible.builtin.debug: + var: ansible_distribution_major_version # - name: Upload zabbix package # ansible.builtin.copy: # src: packages/zabbix-release_6.4-1+ubuntu22.04_all.deb # dest: /tmp/ - - name: Install a .deb package from the internet1 + - name: Install a .deb package from the internet11 ansible.builtin.apt: deb: https://repo.zabbix.com/zabbix/6.4/ubuntu-arm64/pool/main/z/zabbix-release/zabbix-release_6.4-1+ubuntu22.04_all.deb when: - - ansible_facts.architecture != "armv7l" and ansible_distribution == "Ubuntu" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + - ansible_facts.architecture != "armv7l" and ( ansible_distribution == "Ubuntu" or ansible_distribution == "Linux Mint" ) - name: Install a .deb package from the internet2 ansible.builtin.apt: @@ -42,7 +48,6 @@ - ansible_facts.architecture == "armv7l" or ansible_facts.architecture == "aarch64" ignore_errors: true - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - name: Install a .deb package from the internet3 ansible.builtin.apt: @@ -50,7 +55,6 @@ when: - ansible_facts.architecture != "armv7l" and ansible_distribution == "Debian" and ansible_distribution_major_version == "11" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - name: Install a .deb package from the internet4 ansible.builtin.apt: @@ -58,7 +62,7 @@ deb: https://repo.zabbix.com/zabbix/7.0/debian/pool/main/z/zabbix-release/zabbix-release_7.0-1+debian12_all.deb when: - ansible_facts.architecture != "armv7l" and ansible_facts.architecture != "aarch64" and ansible_distribution == "Debian" and ansible_distribution_major_version == "12" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + ignore_errors: true # - name: Install a .deb package localy # ansible.builtin.apt: @@ -69,11 +73,10 @@ - zabbix-agent2 - zabbix-agent2-plugin-mongodb - zabbix-agent2-plugin-postgresql - - zabbix-agent2-plugin-mssql + - zabbix-agent2-plugin-mysql update_cache: yes - when: inventory_hostname not in groups['nas'] - become: "{{ false if inventory_hostname in groups['nas'] else true }}" - + ignore_errors: true + when: inventory_hostname != 'nas.home.lan' - name: Reconfigure zabbix agent Server ansible.builtin.lineinfile: @@ -81,14 +84,13 @@ regexp: "^Server=.*" insertafter: '^# Server=' line: "Server=192.168.77.0/24" - become: "{{ false if inventory_hostname in groups['nas'] else true }}" + become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}" - name: Reconfigure zabbix agent ServerActive ansible.builtin.lineinfile: path: "{{ zabbix_agent_cfg }}" regexp: "^ServerActive=.*" line: "ServerActive={{ ZABBIX_SERVER }}" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - name: Reconfigure zabbix agent ListenPort ansible.builtin.lineinfile: @@ -100,41 +102,27 @@ # path: /"{{ zabbix_agent_cfg }}" # regexp: "^ListenIP=.*" # line: "ListenIP=0.0.0.0" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - - name: Reconfigure zabbix-agent2 hostname - ansible.builtin.lineinfile: - path: "{{ zabbix_agent_cfg }}" - regexp: "^Hostname=.*" - line: "Hostname={{ansible_hostname}}" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - name: Reconfigure zabbix-agent2 hostname ansible.builtin.lineinfile: path: "{{ zabbix_agent_cfg }}" - insertafter: '^# UserParameter=' - line: "UserParameter=system.temperature,vcgencmd measure_temp" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + regexp: "^Hostname=.*" + line: "Hostname={{ inventory_hostname }}" - name: Reconfigure zabbix-agent2 config ansible.builtin.lineinfile: path: "{{ zabbix_agent_cfg }}" insertafter: '^# UserParameter=' + regexp: "^UserParameter=system.certs.*" line: "UserParameter=system.certs,python3 /share/ZFS530_DATA/.qpkg/ZabbixAgent/cert_check2.py" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - when: inventory_hostname in groups['nas'] + when: inventory_hostname == 'nas.home.lan' or inventory_hostname == 'm-server.home.lan' - name: Reconfigure zabbix-agent2 config ansible.builtin.lineinfile: path: "{{ zabbix_agent_cfg }}" insertafter: '^# UserParameter=' line: "UserParameter=rpi.hw.temp,/usr/bin/vcgencmd measure_temp" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - when: inventory_hostname in groups['raspberrypi5'] - - - - - + when: inventory_hostname == 'rpi5.home.lan' - name: Reconfigure zabbix-agent2 hostname ansible.builtin.lineinfile: @@ -142,24 +130,28 @@ regexp: "^HostMetadata=.*" insertafter: '^# HostMetadata=' line: "HostMetadata=linux;jaydee" - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + - name: Reconfigure zabbix-agent2 hostname + ansible.builtin.lineinfile: + path: "{{ zabbix_agent_cfg }}" + regexp: "^HostMetadata=.*" + insertafter: '^# HostMetadata=' + line: "HostMetadata=server;jaydee" + when: inventory_hostname == 'nas.home.lan' or inventory_hostname == 'm-server.home.lan' - - name: Add the user 'james' with a bash shell, appending the group 'admins' and 'developers' to the user's groups + - name: Add the user 'to group video ansible.builtin.user: name: zabbix groups: video append: yes - when: inventory_hostname not in groups['nas'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname != 'nas.home.lan' - name: Restart zabbix-agent2 service ansible.builtin.service: name: zabbix-agent2.service state: restarted enabled: true - become: true - when: inventory_hostname not in groups['nas'] + when: inventory_hostname != 'nas.home.lan' - name: Restart agent ansible.builtin.shell: /etc/init.d/ZabbixAgent.sh restart - when: inventory_hostname in groups['nas'] \ No newline at end of file + when: inventory_hostname == 'nas.home.lan' \ No newline at end of file diff --git a/playbooks/00_set_hostname.yml b/playbooks/00_set_hostname.yml new file mode 100644 index 0000000..da363a0 --- /dev/null +++ b/playbooks/00_set_hostname.yml @@ -0,0 +1,17 @@ +- hosts: datacenter + name: Set hostname + become: true + tasks: + - name: Modify hostyname + ansible.builtin.hostname: + name: "{{ inventory_hostname }}" + use: systemd + - name: Print all available facts + ansible.builtin.debug: + var: ansible_facts.architecture + - name: Print all available facts + ansible.builtin.debug: + var: "{{ ansible_distribution }}" + - name: Print all available facts + ansible.builtin.debug: + var: ansible_facts.distribution_version \ No newline at end of file diff --git a/playbooks/05_install_autofs.yml b/playbooks/05_install_autofs.yml new file mode 100644 index 0000000..7e67519 --- /dev/null +++ b/playbooks/05_install_autofs.yml @@ -0,0 +1,36 @@ +- hosts: datacenter + name: Install and configure autofs + become: true + become_user: root + tasks: + - name: Install autofs + ansible.builtin.apt: + name: + - autofs + - cifs-utils + state: present + + - name: Creating a file with content + copy: + dest: "/etc/auto.nas" + content: | + nas-data -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Data + nas-docker-data -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/docker_data + nas-photo -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Photo + nas-public -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Public + nas-install -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/install + nas-media -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Media + nas-downloads -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw ://nas.home.lan/Download + + - name: Reconfigure zabbix agent Server + ansible.builtin.lineinfile: + path: /etc/auto.master + regexp: "^/media/nas.*" + insertafter: '^/media/nas' + line: "/media/nas /etc/auto.nas --timeout 360 --ghost" + + - name: Restart docker service + ansible.builtin.service: + name: autofs + state: restarted + \ No newline at end of file diff --git a/playbooks/05_install_docker.yml b/playbooks/05_install_docker.yml index d32c674..b2c5af6 100644 --- a/playbooks/05_install_docker.yml +++ b/playbooks/05_install_docker.yml @@ -14,6 +14,7 @@ - python3-pip - python3-dev state: present + update_cache: true - name: Get keys for raspotify ansible.builtin.shell: install -m 0755 -d /etc/apt/keyrings @@ -34,6 +35,7 @@ - containerd.io - docker-buildx-plugin - docker-compose-plugin + update_cache: true - name: Create a directory docker.service.d ansible.builtin.file: @@ -45,7 +47,7 @@ dest: "/etc/systemd/system/docker.service.d/override.conf" content: | [Service] - ExecStart=/usr/sbin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 + ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 - name: Just force systemd to reread configs ansible.builtin.systemd: diff --git a/playbooks/install_mqtt_srv.yml b/playbooks/install_mqtt_srv.yml index 394ed1d..01bf8ba 100644 --- a/playbooks/install_mqtt_srv.yml +++ b/playbooks/install_mqtt_srv.yml @@ -2,6 +2,8 @@ name: Install mqtt_srv ignore_unreachable: false ignore_errors: true + vars: + dest_folder: "/tmp/ans_repo" tasks: # - name: Install python3-pip # ansible.builtin.apt: @@ -11,69 +13,84 @@ # when: inventory_hostname not in groups['nas'] and inventory_hostname not in groups['router'] # become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - + - name: include vault + ansible.builtin.include_vars: + file: ../jaydee.yml + - name: GIT pull + become: true + tags: + - git_pull + git: + repo: "https://{{ git_user | urlencode }}:{{ git_password | urlencode }}@gitlab.sectorq.eu/jaydee/mqtt_srv.git" + dest: "{{ dest_folder }}" + update: yes + clone: yes + version: main + - debug: + msg: "{{ inventory_hostname }}" - name: Upload service config ansible.builtin.copy: - src: services/mqtt_srv.service + src: "{{ dest_folder }}/mqtt_srv.service" dest: /etc/systemd/system/ - when: inventory_hostname not in groups['nas'] and inventory_hostname not in groups['router'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname != 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" - name: Upload service script ansible.builtin.copy: - src: scripts/mqtt_srv.py + src: "{{ dest_folder }}/mqtt_srv.py" dest: /usr/bin/ mode: '755' owner: root - when: inventory_hostname not in groups['nas'] and inventory_hostname not in groups['router'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname != 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" + - name: Upload service script config ansible.builtin.copy: - src: scripts/mqtt_srv.cfg + src: "{{ dest_folder }}/mqtt_srv.cfg" dest: /etc/mqtt_srv/ mode: '755' owner: root - when: inventory_hostname not in groups['nas'] and inventory_hostname not in groups['router'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" - - name: Upload service script1 - ansible.builtin.copy: - src: scripts/mqtt_srv.sh - dest: /jffs/scripts/mqtt_srv/ - mode: '755' - owner: admin - when: inventory_hostname in groups['router'] - become: false + when: inventory_hostname != 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" + # - name: Upload service script1 + # ansible.builtin.copy: + # src: scripts/mqtt_srv.sh + # dest: /jffs/scripts/mqtt_srv/ + # mode: '755' + # owner: admin + # when: inventory_hostname in groups['router'] + # become: false - - name: Upload service script - ansible.builtin.copy: - src: scripts/mqtt_srv.py - dest: /jffs/scripts/mqtt_srv/ - mode: '755' - owner: admin - when: inventory_hostname in groups['router'] - become: false + # - name: Upload service script + # ansible.builtin.copy: + # src: scripts/mqtt_srv.py + # dest: /jffs/scripts/mqtt_srv/ + # mode: '755' + # owner: admin + # when: inventory_hostname in groups['router'] + # become: false - name: Upload service script1 ansible.builtin.copy: - src: scripts/mqtt_srv.sh + src: "{{ dest_folder }}/mqtt_srv.sh" dest: /etc/init.d/ mode: '755' owner: admin - when: inventory_hostname in groups['nas'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname == 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" - name: Upload service script2 ansible.builtin.copy: - src: scripts/mqtt_srv.py + src: "{{ dest_folder }}/mqtt_srv.py" dest: /usr/bin/ mode: '755' owner: admin - when: inventory_hostname in groups['nas'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname == 'router.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" - name: Install bottle python package ansible.builtin.shell: pip install {{ item }} --break-system-packages @@ -83,15 +100,15 @@ - ping3 - psutil - autorandr - when: inventory_hostname not in groups['nas'] and inventory_hostname not in groups['router'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname != 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" - name: Just force systemd to reread configs (2.4 and above) ansible.builtin.systemd: daemon_reload: true - when: inventory_hostname not in groups['nas'] and inventory_hostname not in groups['router'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname != 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" - name: Restart mqtt_srv service @@ -99,22 +116,13 @@ name: mqtt_srv.service state: restarted enabled: true - when: inventory_hostname not in groups['nas'] and inventory_hostname not in groups['router'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname != 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" - name: Restart mqtt service ansible.builtin.shell: "(/etc/init.d/mqtt_srv.sh restart >/dev/null 2>&1 &)" async: 10 poll: 0 - when: inventory_hostname in groups['nas'] - become: "{{ 'no' if inventory_hostname in groups['nas'] else 'yes' }}" + when: inventory_hostname != 'nas.home.lan' + become: "{{ 'no' if inventory_hostname == 'nas.home.lan' else 'yes' }}" - - name: Restart mqtt service - ansible.builtin.shell: "(/jffs/scripts/mqtt_srv/mqtt_srv.sh restart >/dev/null 2>&1 &)" - async: 10 - poll: 0 - when: inventory_hostname in groups['router'] - become: false - - - \ No newline at end of file