build

klal
2025-12-14 10:04:52 +01:00 · 2025-12-02 23:50:18 +01:00 · 2025-12-02 00:45:25 +01:00 · 2025-12-02 00:23:57 +01:00 · 2025-12-01 20:12:43 +01:00 · 2025-12-01 19:31:09 +01:00
5 changed files with 47 additions and 236 deletions
--- a/all.yml
+++ b/all.yml
@@ -44,9 +44,9 @@
    - name: zabbix-agent
      role: zabbix-agent
      tags: zabbix-agent
-    - name: autofs_client
+    - name: autofs
-      role: autofs_client
+      role: autofs
-      tags: autofs_client
+      tags: autofs
    - name: ldap_client
      role: ldap_client
      tags: ldap_client
--- a/roles/autofs_client/tasks/main.yml
+++ b/roles/autofs_client/tasks/main.yml
@@ -1,214 +0,0 @@
 - name: Setup autofs
  become: "{{ false if inventory_hostname == 'nas.home.lan' else true }}"
  block:
    - name: Include vault
      ansible.builtin.include_vars:
        file: jaydee.yml
    - name: Install autofs
      ansible.builtin.apt:
        name:
          - autofs
          - cifs-utils
        state: present
    - name: Creating a file with content
      ansible.builtin.copy:
        dest: "/etc/auto.auth"
        content: |
          username={{ samba_user }}
          password={{ samba_password }}
        mode: '0600'
        owner: root
        group: root
    - name: Creating a file with content
      ansible.builtin.copy:
        dest: "/etc/auto.m-server"
        content: |
          docker_data  -fstype=nfs   m-server.home.lan:/docker_data
          downloads  -fstype=nfs   m-server.home.lan:/downloads
        mode: '0600'
        owner: root
        group: root
      when: inventory_hostname != 'm-server.home.lan'
    - name: Creating a file with content
      ansible.builtin.copy:
        dest: "/etc/auto.amd"
        content: |
          backup  -fstype=nfs   amd.home.lan:/backup
        mode: '0600'
        owner: root
        group: root
      when: inventory_hostname == 'm-server.home.lan'
    - name: Creating a file with content
      ansible.builtin.copy:
        dest: "/etc/auto.rack"
        content: |
          docker_data  -fstype=nfs   rack.home.lan:/docker_data
        mode: '0600'
        owner: root
        group: root
      when: inventory_hostname != 'rack.home.lan'
    - name: Creating a file with content
      ansible.builtin.copy:
        dest: "/etc/auto.rpi5"
        content: |
          docker_data  -fstype=nfs   rpi5.home.lan:/docker_data
        mode: '0600'
        owner: root
        group: root
      when: inventory_hostname != 'rpi5.home.lan'
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas-movies"
    #     content: |
    #       movies  -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/movies
    #     mode: '0600'
    #     owner: root
    #     group: root
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas-movies"
    #     content: |
    #       movies --fstype=nfs,rw nas.home.lan:/movies
    #     mode: '0600'
    #     owner: root
    #     group: root
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas-music"
    #     content: |
    #       music --fstype=nfs,rw nas.home.lan:/music
    #     mode: '0600'
    #     owner: root
    #     group: root
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas-shows"
    #     content: |
    #       shows --fstype=nfs,rw nas.home.lan:/shows
    #     mode: '0600'
    #     owner: root
    #     group: root        
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas-music"
    #     content: |
    #       music   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/music
    #     mode: '0600'
    #     owner: root
    #     group: root
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas-music"
    #     content: |
    #       music   --fstype=nfs,rw ://nas.home.lan/music
    #     mode: '0600'
    #     owner: root
    #     group: root
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas-shows"
    #     content: |
    #       shows   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/shows
    #     mode: '0600'
    #     owner: root
    #     group: root
    # - name: Creating a file with content
    #   ansible.builtin.copy:
    #     dest: "/etc/auto.nas"
    #     content: |
    #       nas-data   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/Data
    #       nas-docker-data   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/docker_data
    #       nas-photo -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/Photo
    #       nas-public   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/Public
    #       nas-install   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/install
    #       nas-downloads   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw    ://nas.home.lan/downloads
    #       nas-games   -fstype=cifs,credentials=/etc/auto.auth,dir_mode=0755,file_mode=0755,uid=jd,rw  ://nas.home.lan/qda_2
    #     mode: '0600'
    #     owner: root
    #     group: root
    - name: Creating a file with content
      ansible.builtin.copy:
        dest: "/etc/auto.nas"
        content: |
          docker-data   --fstype=nfs,rw nas.home.lan:/docker_data
          data   --fstype=nfs,rw nas.home.lan:/Data
          qda_1   --fstype=nfs,rw nas.home.lan:/qda_1
          photo  --fstype=nfs,rw nas.home.lan:/Photo
          install  --fstype=nfs,rw nas.home.lan:/install
          games  --fstype=nfs,rw nas.home.lan:/games
          movies --fstype=nfs,rw nas.home.lan:/movies
          music --fstype=nfs,rw nas.home.lan:/music
          shows --fstype=nfs,rw nas.home.lan:/shows
          xxx --fstype=nfs,rw nas.home.lan:/xxx
          proxmox --fstype=nfs,rw nas.home.lan:/proxmox
        mode: '0600'
        owner: root
        group: root
      when: inventory_hostname != 'nas.home.lan'
    # - name: Reconfigure autofs Server
    #   ansible.builtin.lineinfile:
    #     path: /etc/auto.master
    #     regexp: "^/media/nas.*"
    #     insertafter: '^/media/nas'
    #     line: "/media/nas   /etc/auto.nas --timeout 360 --ghost"
    # - name: Reconfigure autofs Server
    #   ansible.builtin.lineinfile:
    #     path: /etc/auto.master
    #     regexp: "^/media/data/music/nas.*"
    #     line: /media/data/music/nas   /etc/auto.nas-music --timeout 360 --ghost
    # - name: Reconfigure autofs Server
    #   ansible.builtin.lineinfile:
    #     path: /etc/auto.master
    #     regexp: "^/media/data/movies/nas.*"
    #     line: /media/data/movies/nas   /etc/auto.nas-movies --timeout 360 --ghost
    # - name: Reconfigure autofs Server
    #   ansible.builtin.lineinfile:
    #     path: /etc/auto.master
    #     regexp: "^/media/data/shows/nas.*"
    #     line: /media/data/shows/nas   /etc/auto.nas-shows --timeout 360 --ghost
    - name: Reconfigure autofs Server
      ansible.builtin.lineinfile:
        path: /etc/auto.master
        regexp: "^/media/nas.*"
        line: /media/nas   /etc/auto.nas --timeout 360 --ghost
    - name: Reconfigure autofs Server
      ansible.builtin.lineinfile:
        path: /etc/auto.master
        regexp: "^/media/m-server.*"
        line: /media/m-server  /etc/auto.m-server --timeout 360 --ghost
    - name: Reconfigure autofs Server
      ansible.builtin.lineinfile:
        path: /etc/auto.master
        regexp: "^/media/rack.*"
        line: /media/rack  /etc/auto.rack --timeout 360 --ghost
    - name: Reconfigure autofs Server
      ansible.builtin.lineinfile:
        path: /etc/auto.master
        regexp: "^/media/rpi5.*"
        line: /media/rpi5  /etc/auto.rpi5 --timeout 360 --ghost
    - name: Reconfigure autofs Server
      ansible.builtin.lineinfile:
        path: /etc/auto.master
        regexp: "^/media/amd.*"
        line: /media/amd  /etc/auto.amd --timeout 360 --ghost
    - name: Restart docker service
      ansible.builtin.service:
        name: autofs
        state: restarted
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -18,7 +18,10 @@
          - python3-dev
        state: present
        update_cache: true
-
+      register: install_docker_deps
      until: install_docker_deps is succeeded
      retries: 10
      delay: 10
    - name: Get keys for raspotify
      ansible.builtin.command:
@@ -211,6 +214,7 @@
        path: /etc/systemd/system/docker.service.d/
        state: directory
        mode: '0755'
    - name: Create a directory for certs
      ansible.builtin.file:
        path: /etc/docker/certs
@@ -277,10 +281,14 @@
        path: /etc/docker/certs/ca.pem
      register: file_check
    - name: Print file check result
      ansible.builtin.debug:
        var: file_check
    - name: Include role only if missing
      ansible.builtin.include_role:
        name: cert_gen
-      when: not file_check
+      when: not file_check.stat.exists and mode == "cert"
    - name: Create docker config file
@@ -293,12 +301,7 @@
              "max-size": "10m",
              "max-file": "3"
            },
-            "storage-driver": "overlay2",
+            "data-root": "/var/lib/docker",
            "storage-opts": [
              "overlay2.override_kernel_check=true"
            ],
            "data-root": "/var/lib/docker"
            {
            "dns": ["192.168.77.101", "192.168.77.106", "8.8.8.8"],
            "dns-search": ["lan", "home.lan"]
--- a/roles/letsgo/tasks/main.yml
+++ b/roles/letsgo/tasks/main.yml
@@ -7,5 +7,6 @@
      loop_control:
        loop_var: roles_item
      loop:
        - cert_gen
        - docker
        - docker_swarm
        - autofs
--- a/roles/nfs_server/tasks/main.yml
+++ b/roles/nfs_server/tasks/main.yml
@@ -48,44 +48,65 @@
        fstype: none
      when: inventory_hostname != 'amd.home.lan'
-    - name: Reconfigure nfs fstab
+    - name: Reconfigure nfs exports
      ansible.builtin.lineinfile:
        path: /etc/fstab
-        regexp: "^/media/m-server/downloads .*"
+        regexp: "^/share/{{ volume }} .*"
-        line: "/media/m-server/downloads  /srv/nfs/downloads    none    bind    0       0"
+        line: "/media/m-server/{{ volume }}  /srv/nfs/{{ volume }}    none    bind    0       0"
      when: inventory_hostname == 'm-server.home.lan'
      loop_control:
        loop_var: volume
      loop: 
        - downloads
        - music
        - movies
        - shows
    - name: Reconfigure nfs exports
      ansible.builtin.lineinfile:
        path: /etc/fstab
-        regexp: "^/share/docker_data .*"
+        regexp: "^/share/{{ volume }} .*"
-        line: "/share/docker_data  /srv/nfs/docker_data    none    bind    0       0"
+        line: "/share/{{ volume }}  /srv/nfs/{{ volume }}    none    bind    0       0"
      when: inventory_hostname == 'm-server.home.lan'
      loop_control:
        loop_var: volume
      loop: 
        - docker_data
    - name: Reconfigure nfs exports
      ansible.builtin.lineinfile:
        path: /etc/exports
        regexp: "^/srv/nfs .*"
-        line: "/srv/nfs         192.168.77.0/24(rw,sync,no_subtree_check,crossmnt,fsid=0)"
+        line: "/srv/nfs         192.168.77.0/24(rw,sync,no_subtree_check,crossmnt,fsid=0) 192.168.80.0/24(rw,sync,no_subtree_check,crossmnt,fsid=0)"
    - name: Reconfigure nfs exports
      ansible.builtin.lineinfile:
        path: /etc/exports
        regexp: "^/srv/nfs/docker_data .*"
-        line: "/srv/nfs/docker_data 192.168.77.0/24(rw,sync,no_subtree_check)"
+        line: "/srv/nfs/docker_data 192.168.77.0/24(rw,sync,no_subtree_check) 192.168.80.0/24(rw,sync,no_subtree_check)"
      when: inventory_hostname != 'amd.home.lan'
    - name: Reconfigure nfs exports
      ansible.builtin.lineinfile:
        path: /etc/exports
-        regexp: "^/srv/nfs/downloads .*"
+        regexp: "^/srv/nfs/{{ volume }} .*"
-        line: "/srv/nfs/downloads 192.168.77.0/24(rw,sync,no_subtree_check)"
+        line: "/srv/nfs/{{ volume }} 192.168.77.0/24(rw,sync,no_subtree_check) 192.168.80.0/24(rw,sync,no_subtree_check)"
      when: inventory_hostname == 'm-server.home.lan'
      loop_control:
        loop_var: volume
      loop: 
        - downloads
        - music
        - movies
        - shows
    - name: Reconfigure nfs exports
      ansible.builtin.lineinfile:
        path: /etc/exports
        regexp: "^/srv/nfs/backup .*"
-        line: "/srv/nfs/backup 192.168.77.0/24(rw,sync,no_subtree_check)"
+        line: "/srv/nfs/backup 192.168.77.0/24(rw,sync,no_subtree_check) 192.168.80.0/24(rw,sync,no_subtree_check)"
      when: inventory_hostname == 'amd.home.lan'
    - name: Restart nfs service
      ansible.builtin.service:
Author	SHA1	Message	Date
jaydee	227294e19c	build Some checks failed Gitea Actions Demo / Explore-Gitea-Actions (push) Has been cancelled Details	2025-12-02 23:50:18 +01:00
jaydee	8e543f838a	build	2025-12-02 00:45:25 +01:00
jaydee	b462d4307f	klal	2025-12-02 00:23:57 +01:00
jaydee	dab586d019	klal	2025-12-01 20:12:43 +01:00
jaydee	8c58dbeb29	build	2025-12-01 19:31:09 +01:00
jaydee	0169786938	klal	2025-12-01 09:41:27 +01:00