From ccfe79cb57c36ccbc753c9010c56d7fd12e5a5bb Mon Sep 17 00:00:00 2001 From: jaydee Date: Sun, 30 Nov 2025 18:01:00 +0100 Subject: [PATCH] klal --- hosts_kestra copy.yml | 153 ------------------------------------ requirements.txt | 10 +++ roles/docker/tasks/main.yml | 42 +++++++++- test.yml | 4 - 4 files changed, 48 insertions(+), 161 deletions(-) delete mode 100755 hosts_kestra copy.yml create mode 100644 requirements.txt delete mode 100755 test.yml diff --git a/hosts_kestra copy.yml b/hosts_kestra copy.yml deleted file mode 100755 index b81d8aa..0000000 --- a/hosts_kestra copy.yml +++ /dev/null @@ -1,153 +0,0 @@ ---- -datacenter: - children: - odroid_cluster: - children: - odroid_master: - hosts: - 192.168.77.131: - vars: - testVar: 999 - odroid_worker: - hosts: - 192.168.77.13[2:5]: - - vars: - ansible_ssh_user: jd - ansible_ssh_pass: lacijaydee - ansible_become_password: lacijaydee - ssh_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - ansible_ssh_common_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - - localhost1: - hosts: - localhost - vars: - ansible_user: root - morefine: - hosts: - 192.168.77.12: - vars: - jaydee_install_mqtt_srv: true - ansible_python_interpreter: auto_silent - ansible_ssh_user: jd - ansible_become_user: root - ansible_become_password: q - ansible_ssh_common_args: "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - - ryzen: - hosts: - 192.168.77.15: - vars: - ansible_python_interpreter: auto_silent - ansible_ssh_user: root - ansible_ssh_pass: lacijaydee - ansible_password: lacijaydee - ansible_become_user: root - ansible_become_password: lacijaydee - omv: - hosts: - 192.168.77.189: - vars: - ansible_user: root - ansible_password: lacijaydee - ansible_ssh_user: root - ansible_ssh_pass: lacijaydee - ansible_become_user: root - ansible_become_password: lacijaydee - amd: - hosts: - 192.168.77.4: - vars: - ansible_user: root - ansible_password: l4c1j4yd33Du5lo - ansible_ssh_user: root - ansible_ssh_pass: l4c1j4yd33Du5lo - ansible_become_user: root - ansible_become_password: l4c1j4yd33Du5lo - rhasspy: - hosts: - 192.168.77.224 - vars: - ansible_user: jd - ansible_ssh_pass: q - ansible_become_password: l4c1j4yd33Du5lo - windows: - hosts: - 192.168.77.211 - vars: - ansible_user: jd - ansible_password: "q" - ansible_connection: winrm - ansible_port: 5985 - ansible_winrm_server_cert_validation: ignore - ansible_winrm_kerberos_delegation: true - mqtt_srv: - children: - servers: - hosts: - rpi5-1.home.lan: - rpi5.home.lan: - omv.home.lan: - rack.home.lan: - m-server.home.lan: - zabbix.home.lan: - 192.168.77.101: - vars: - ansible_python_interpreter: /usr/bin/python3 - ansible_ssh_user: jd - ansible_become_password: l4c1j4yd33Du5lo - ansible_ssh_private_key_file: ssh_key.pem - identity_file: ssh_key.pem - nas: - hosts: - nas.home.lan: - vars: - ansible_ssh_user: admin - become_method: su - become_user: admin - ansible_ssh_private_key_file: ssh_key.pem - # ansible_user: admin - # ansible_pass: l4c1!j4yd33?Du5lo1 - ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3 - desktop: - hosts: - morefine.home.lan: - vars: - ansible_ssh_user: jd - ansible_become_user: root - ansible_become_password: q - # ansible_ssh_password: q - ansible_ssh_private_key_file: ssh_key.pem - - containers: - children: - servers: - hosts: - rpi5-1.home.lan: - rpi5.home.lan: - m-server.home.lan: - fog.home.lan: - zabbix.home.lan: - omv.home.lan: - 192.168.77.101: - vars: - ansible_python_interpreter: /usr/bin/python3 - ansible_ssh_user: jd - # ansible_ssh_password: l4c1j4yd33Du5lo - ansible_become_password: l4c1j4yd33Du5lo - ansible_ssh_private_key_file: ssh_key.pem - identity_file: ssh_key.pem - ansible_ssh_pass: l4c1j4yd33Du5lo - nas: - hosts: - nas.home.lan: - 192.168.77.106: - vars: - ansible_ssh_user: admin - become_method: su - become_user: admin - ansible_ssh_private_key_file: ssh_key.pem - # ansible_user: admin - # ansible_pass: l4c1!j4yd33?Du5lo1 - ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3 diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..074130c --- /dev/null +++ b/requirements.txt @@ -0,0 +1,10 @@ +ansible-core==2.20.0 +ansible-lint==25.11.1 + +# YAML libs +PyYAML>=6.0.2 +ruamel.yaml==0.18.16 +ruamel.yaml.clib==0.2.15 + +jinja2==3.1.6 +ansible-compat==25.11.0 diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 1aab9b3..77e4af1 100755 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -18,9 +18,7 @@ - python3-dev state: present update_cache: true - retries: 5 - delay: 10 - until: result is succeeded + - name: Get keys for raspotify ansible.builtin.command: @@ -274,6 +272,42 @@ ansible.builtin.systemd: daemon_reload: true + - name: Check if file exists + ansible.builtin.stat: + path: /etc/docker/certs/ca.pem + register: file_check + + - name: Include role only if missing + ansible.builtin.include_role: + name: cert_gen + when: not file_check + + + - name: Create docker config file + ansible.builtin.copy: + dest: /etc/docker/daemon.json + content: | + { + "log-driver": "json-file", + "log-opts": { + "max-size": "10m", + "max-file": "3" + }, + "storage-driver": "overlay2", + "storage-opts": [ + "overlay2.override_kernel_check=true" + ], + "data-root": "/var/lib/docker" + { + "dns": ["192.168.77.101", "192.168.77.106", "8.8.8.8"], + "dns-search": ["lan", "home.lan"] + + } + mode: '0644' + owner: root + group: root + + - name: Restart docker service ansible.builtin.service: name: docker @@ -283,6 +317,6 @@ # ansible.builtin.shell: docker plugin install grafana/loki-docker-driver:3.3.2-{{ ansible_architecture }} --alias loki --grant-all-permissions - name: Install a plugin community.docker.docker_plugin: - plugin_name: grafana/loki-docker-driver:3.3.2 + plugin_name: grafana/loki-docker-driver alias: loki state: present diff --git a/test.yml b/test.yml deleted file mode 100755 index dc55048..0000000 --- a/test.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: datacenter - roles: - - wazuh-agent \ No newline at end of file