lala

all.yml

@@ -1,5 +1,5 @@
----
 - hosts: datacenter
+  name: Roles
   roles:
     - name: common
       tags: common
@@ -28,4 +28,6 @@
     - role: mqtt-srv
       tags: mqtt-srv
     - role: vnc_server
-      tags: vnc_server
+      tags: vnc_server
+    - role: promtail
+      tags: promtail

hosts_roles.yml

@@ -73,7 +73,7 @@ datacenter:
         ansible_winrm_kerberos_delegation: true
     mqtt_srv:
       children:
-        servers:
+        servers1:
           hosts:
             rpi5-1.home.lan:
             rpi5.home.lan:
@@ -128,6 +128,7 @@ datacenter:
                 ansible_ssh_user: jd
                 ansible_become_password: l4c1j4yd33Du5lo
                 ansible_ssh_private_key_file: ssh_key.pem
+                identity_file: ssh_key.pem
             ns:
               hosts:
                 nas.home.lan:
@@ -141,11 +142,10 @@ datacenter:
                 ansible_python_interpreter: /share/ZFS530_DATA/.qpkg/QPython312/bin/python3
         servers:
           hosts:
-            rpi5-1.home.lan:
             rpi5.home.lan:
             m-server.home.lan:
-            fog.home.lan:
-            omv.home.lan:
+            amd.home.lan:
+            rack.home.lan:
           vars:
             ansible_python_interpreter: /usr/bin/python3
             ansible_ssh_user: jd

jaydee.yml

@@ -1,17 +1,17 @@
 $ANSIBLE_VAULT;1.1;AES256
-37396163363830306632376461613061333432336166376338306632633139383336343536316463
-3863643031313433613130613665373466383432323039350a333365363839616135353061653834
-38396136343338366162366366326265346632656561636535633631346638333730613763373065
-3732386136373565620a643661333137373738333332633631303535333836666465643862396634
-62633466346463363363313162376464393533636335336533313536333531366139393134323733
-64643535346530653865633034636466643635633430376539633061353037353236333531396531
-64336133663630663438303266653662326463396565323664303764356264623661303465643038
-36376531323365643363363465353064623630663662633238663661346630326464356232303564
-30316265613438643731626463626564663963613036386235383766616561323235636566333438
-31633933343138383237363765663735656362376132363336633631336462636531346664353435
-33623935326532646136646436613662316431306336613632643639386534343532666237633433
-63343031376462616262623965363139343961376162646133376232323365656663376361663539
-62613637393630303830653232663563333436373663656434646632396162653030333034383961
-62626334623833393536323035636135663530326138366332666535336130373733323835663232
-36313035353436633962633435623232323362633265666330623761373162303235376264613339
-37343139333730346362
+61323036366363323032396232663032666134316166633635316134623436303565316538333637
+6138356462323362636265323030353439393233643032330a313763336632383432613830356136
+31353731646665373863666364363163633539313436643638663736393734363532363562353866
+3333343966613162310a643534663838306435373630303337356331356164356463653863613363
+62663862376430383238616135383233313430323839613631633339373430353361326338303666
+35316631363739313938613737656661366636613165643736343433646233666362363034333139
+31646636663161313365373337333661373330386365306664306233343765636136393531643531
+63653362323461313763653836663165383162363763396162393932653764646532313637656136
+62313761386237326633653037636334343765383464333562326230323131306637323265373261
+37316263613732333633636334363762383733646461653632363434386539303130626538616437
+66306433353061323932383437373637613638643232363461316262346436366162316637306461
+64336261613436323664643063616239636631343139636164633234613536633665643231346463
+33343536373235303032373939353032666237663137353366326639613730393439353232303964
+63623536666339333135643361636138303539613233326639623236323331336661353734373562
+31633131383835323734646235363266666336343565623339373265623635323134333964353966
+61623231323936643565

roles/promtail/tasks/main.yml

@@ -0,0 +1,68 @@
+---
+- block:
+  - name: Create dir
+    ansible.builtin.file:
+      path: /etc/apt/keyrings/
+      owner: root
+      group: root
+
+  - name: Create Banner
+    ansible.builtin.shell: wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor > /etc/apt/keyrings/grafana.gpg
+    register: my_output
+    changed_when: my_output.rc != 0
+
+  - name: Create Banner
+    ansible.builtin.shell: echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | tee /etc/apt/sources.list.d/grafana.list
+    register: my_output
+    changed_when: my_output.rc != 0
+
+  - name: Install packages
+    ansible.builtin.apt:
+      name:
+        - promtail
+      update_cache: true
+
+  - name: Creating a file with content
+    ansible.builtin.copy:
+      dest: "/etc/promtail/config.yml"
+      owner: root
+      group: root
+      mode: '0644'
+      content: |
+        # This minimal config scrape only single log file.
+        # Primarily used in rpm/deb packaging where promtail service can be started during system init process.
+        # And too much scraping during init process can overload the complete system.
+        # https://github.com/grafana/loki/issues/11398
+
+        server:
+          http_listen_port: 9080
+          grpc_listen_port: 0
+
+        positions:
+          filename: /tmp/positions.yaml
+
+        clients:
+        - url: http://192.168.77.101:3100/loki/api/v1/push
+          external_labels:
+              nodename: {{ inventory_hostname }}
+
+        scrape_configs:
+        - job_name: system
+          static_configs:
+          - targets:
+              - localhost
+            labels:
+              job: varlogs1
+              #NOTE: Need to be modified to scrape any additional logs of the system.
+              __path__: /var/log/zabbix/*.log
+          - targets:
+              - localhost
+            labels:
+              job: omv_backup
+              __path__: /myapps/omv_backup.log
+
+  - name: Sshd
+    ansible.builtin.service:
+      name: promtail
+      state: restarted
+  become: true

roles/ssh_banner/tasks/main.yml

@@ -12,7 +12,7 @@
 
   - name: Creating a file with content
     copy:
-      dest: "/etc/banner"
+      dest: "/etc/motd"
       content: |
         {{ logo.stdout }}
 
@@ -20,7 +20,7 @@
     ansible.builtin.lineinfile:
       path: /etc/ssh/sshd_config
       regexp: "^Banner.* "
-      line: "Banner /etc/banner"
+      line: "#Banner /etc/banner"
 
   - name: Reconfigure sshd
     ansible.builtin.lineinfile: