Novos/ansible-playbooks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Reformat messages

Browse source
This commit is contained in:
LinuxSquare 2025-05-01 22:20:09 +02:00
parent d09544dcd6
commit a1572676a4
32 changed files with 126 additions and 128 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
apps/ddupdater/init.ansible.yml
View file

@ -2,19 +2,19 @@
vars_files: vars_files:
- ../../map.yml - ../../map.yml
tasks: tasks:
- name: Create ddupdater app-dir - name: "apps/ddupdater : Create ddupdater app-dir"
file: file:
state: directory state: directory
path: "{{ app_dir }}/ddupdater" path: "{{ app_dir }}/ddupdater"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Clone ddupdater git repo - name: "apps/ddupdater : Clone ddupdater git repo"
git: git:
repo: https://git.noveria.org/Tools/ddupdater.git repo: https://git.noveria.org/Tools/ddupdater.git
dest: "{{ app_dir }}/ddupdater" dest: "{{ app_dir }}/ddupdater"
force: true force: true
- name: Symlink ddupdater - name: "apps/ddupdater : Symlink to bin directory"
file: file:
state: link state: link
src: "{{ app_dir }}/ddupdater/ddupdater" src: "{{ app_dir }}/ddupdater/ddupdater"
@ -22,7 +22,7 @@
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: ddupdater config - name: "apps/ddupdater : Populate config"
template: template:
src: files/ddupdater_config.json.j2 src: files/ddupdater_config.json.j2
dest: "{{ app_dir }}/ddupdater/config.json" dest: "{{ app_dir }}/ddupdater/config.json"
@ -33,7 +33,7 @@
USERNAME: "noveria" USERNAME: "noveria"
PASSWORD: "{{dyndns_password}}" PASSWORD: "{{dyndns_password}}"
DOMAIN: "play.noveria.org" DOMAIN: "play.noveria.org"
- name: ddupdater crontab - name: "apps/ddupdater : Create ddupdater crontab"
cron: cron:
name: "Check public ip and update ddns record every 5 minutes" name: "Check public ip and update ddns record every 5 minutes"
state: present state: present

6
apps/generate-motd/init.ansible.yml
View file

@ -2,19 +2,19 @@
vars_files: vars_files:
- ../../map.yml - ../../map.yml
tasks: tasks:
- name: Create generate_motd app-dir - name: "apps/generate-motd : Create generate_motd app-dir"
file: file:
state: directory state: directory
path: "{{ app_dir }}/generate_motd" path: "{{ app_dir }}/generate_motd"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Clone generate-motd git repo - name: "apps/generate-motd : Clone generate-motd git repo"
git: git:
repo: https://git.noveria.org/Tools/generate_motd.git repo: https://git.noveria.org/Tools/generate_motd.git
dest: "{{ app_dir }}/generate_motd" dest: "{{ app_dir }}/generate_motd"
force: true force: true
- name: Symlink generate_motd - name: "apps/generate-motd : Symlink to bin directory"
file: file:
state: link state: link
src: "{{ app_dir }}/generate_motd/generate_motd" src: "{{ app_dir }}/generate_motd/generate_motd"

12
apps/noveriablcgen/init.ansible.yml
View file

@ -1,19 +1,19 @@
- hosts: localhost - hosts: localhost
vars_files: ../../map.yml vars_files: ../../map.yml
tasks: tasks:
- name: Create noveriablcgen app-dir - name: "apps/noveriablcgen : Create noveriablcgen app-dir"
file: file:
state: directory state: directory
path: "{{ app_dir }}/noveriablcgen" path: "{{ app_dir }}/noveriablcgen"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Clone noveriablcgen git-repo - name: "apps/noveriablcgen : Clone noveriablcgen git-repo"
git: git:
repo: https://git.noveria.org/Tools/noveriablcgen.git repo: https://git.noveria.org/Tools/noveriablcgen.git
dest: "{{ app_dir }}/noveriablcgen" dest: "{{ app_dir }}/noveriablcgen"
force: true force: true
- name: Symlink noveriablcgen - name: "apps/noveriablcgen : Symlink to bin directory"
file: file:
state: link state: link
src: "{{ app_dir }}/noveriablcgen/noveriablcgen" src: "{{ app_dir }}/noveriablcgen/noveriablcgen"
@ -21,19 +21,19 @@
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: noveriablcgen etc dir - name: "apps/noveriablcgen : Create noveriablcgen etc dir"
file: file:
state: directory state: directory
path: "{{ etc_dir }}/noveriablcgen" path: "{{ etc_dir }}/noveriablcgen"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Get ROOT_UUID - name: "apps/noveriablcgen : Get ROOT_UUID"
shell: | shell: |
lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}' lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}'
register: root_uuid register: root_uuid
run_once: true run_once: true
- name: Populate noveriablcgen config - name: "apps/noveriablcgen : Populate noveriablcgen config"
template: template:
src: files/noveriablcgen_config.json.j2 src: files/noveriablcgen_config.json.j2
dest: "{{ etc_dir }}/noveriablcgen/noveriablcgen.json" dest: "{{ etc_dir }}/noveriablcgen/noveriablcgen.json"

10
apps/nsm/init.ansible.yml
View file

@ -2,19 +2,19 @@
vars_files: vars_files:
- ../../map.yml - ../../map.yml
tasks: tasks:
- name: Create nsm app-dir - name: "apps/nsm : Create nsm app-dir"
file: file:
state: directory state: directory
path: "{{ app_dir }}/nsm" path: "{{ app_dir }}/nsm"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Clone nsm git repo - name: "apps/nsm : Clone nsm git repo"
git: git:
repo: https://git.noveria.org/Tools/nsm.git repo: https://git.noveria.org/Tools/nsm.git
dest: "{{ app_dir }}/nsm" dest: "{{ app_dir }}/nsm"
force: true force: true
- name: Symlink nsm - name: "apps/nsm : Symlink to bin directory"
file: file:
state: link state: link
src: "{{ app_dir }}/nsm/nsm" src: "{{ app_dir }}/nsm/nsm"
@ -22,14 +22,14 @@
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: nsm Config dir - name: "apps/nsm : Create nsm config dir"
file: file:
state: directory state: directory
name: "{{ etc_dir }}/nsm" name: "{{ etc_dir }}/nsm"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: nsm config - name: "apps/nsm : Populate nsm config"
template: template:
src: files/nsm.json src: files/nsm.json
dest: "{{ etc_dir }}/nsm/nsm.json" dest: "{{ etc_dir }}/nsm/nsm.json"

10
apps/pms-cli/init.ansible.yml
View file

@ -3,19 +3,19 @@
- ../../map.yml - ../../map.yml
- ../../podman/map.yml - ../../podman/map.yml
tasks: tasks:
- name: Create pms-cli app-dir - name: "apps/pms-cli : Create pms-cli app-dir"
file: file:
state: directory state: directory
path: "{{ app_dir }}/pms-cli" path: "{{ app_dir }}/pms-cli"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Clone pms-cli git repo - name: "apps/pms-cli : Clone pms-cli git repo"
git: git:
repo: https://git.noveria.org/Tools/pms-cli.git repo: https://git.noveria.org/Tools/pms-cli.git
dest: "{{ app_dir }}/pms-cli" dest: "{{ app_dir }}/pms-cli"
force: true force: true
- name: Symlink pms-cli - name: "apps/pms-cli : Symlink to bin directory"
file: file:
state: link state: link
src: "{{ app_dir }}/pms-cli/pms-cli" src: "{{ app_dir }}/pms-cli/pms-cli"
@ -23,14 +23,14 @@
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: PMS-CLI Config dir - name: "apps/pms-cli : Create pms-cli config dir"
file: file:
state: directory state: directory
name: "{{ etc_dir }}/pms-cli" name: "{{ etc_dir }}/pms-cli"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: PMS-CLI Config - name: "apps/pms-cli : Populate pms-cli Config"
template: template:
src: files/pms-cli.json.j2 src: files/pms-cli.json.j2
dest: "{{ etc_dir }}/pms-cli/pms-cli.json" dest: "{{ etc_dir }}/pms-cli/pms-cli.json"

12
apps/raclette/init.ansible.yml
View file

@ -2,19 +2,19 @@
vars_files: vars_files:
- ../../map.yml - ../../map.yml
tasks: tasks:
- name: Create raclette app-dir - name: "apps/raclette : Create raclette app-dir"
file: file:
state: directory state: directory
path: "{{ app_dir }}/raclette" path: "{{ app_dir }}/raclette"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Clone raclette git-repo - name: "apps/raclette : Clone raclette git-repo"
git: git:
repo: https://git.noveria.org/Tools/raclette.git repo: https://git.noveria.org/Tools/raclette.git
dest: "{{ app_dir }}/raclette" dest: "{{ app_dir }}/raclette"
force: true force: true
- name: Symlink raclette-run - name: "apps/raclette : Symlink raclette-run to bin directory"
file: file:
state: link state: link
src: "{{ app_dir }}/raclette/raclette-run" src: "{{ app_dir }}/raclette/raclette-run"
@ -22,7 +22,7 @@
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Symlink raclette-call - name: "apps/raclette : Symlink raclette-call to bin directory"
file: file:
state: link state: link
src: "{{ app_dir }}/raclette/raclette-call" src: "{{ app_dir }}/raclette/raclette-call"
@ -30,14 +30,14 @@
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: raclette etc dir - name: "apps/raclette : Create raclette config dir"
file: file:
state: directory state: directory
path: "{{ etc_dir }}/raclette" path: "{{ etc_dir }}/raclette"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Populate raclette config - name: "apps/raclette : Populate raclette config"
template: template:
src: files/raclette_config.json.j2 src: files/raclette_config.json.j2
dest: "{{ etc_dir }}/raclette/raclette.json" dest: "{{ etc_dir }}/raclette/raclette.json"

6
build/init.ansible.yml
View file

@ -2,15 +2,15 @@
vars_files: vars_files:
- ../../map.yml - ../../map.yml
tasks: tasks:
- name: Create repo-mgmt dir - name: "build : Create repo-mgmt dir"
file: file:
state: directory state: directory
path: /opt/podman/repo-mgmt path: /opt/podman/repo-mgmt
owner: puser owner: puser
group: puser group: puser
mode: '0755' mode: "0755"
recurse: true recurse: true
- name: Clone repo-mgmt - name: "build : Clone repo-mgmt"
git: git:
repo: https://git.noveria.org/Novos/repo-mgmt.git repo: https://git.noveria.org/Novos/repo-mgmt.git
dest: /opt/podman/repo-mgmt dest: /opt/podman/repo-mgmt

8
directories.ansible.yml
View file

@ -2,28 +2,28 @@
vars_files: vars_files:
- map.yml - map.yml
tasks: tasks:
- name: Create base directory - name: "directories : Create base directory"
file: file:
path: "{{ dir }}" path: "{{ dir }}"
recurse: yes recurse: yes
owner: root owner: root
group: root group: root
state: directory state: directory
- name: Create bin directory - name: "directories : Create bin directory"
file: file:
path: "{{ bin_dir }}" path: "{{ bin_dir }}"
recurse: yes recurse: yes
owner: root owner: root
group: root group: root
state: directory state: directory
- name: Create etc directory - name: "directories : Create etc directory"
file: file:
path: "{{ etc_dir }}" path: "{{ etc_dir }}"
recurse: yes recurse: yes
owner: root owner: root
group: root group: root
state: directory state: directory
- name: Create apps directory - name: "directories : Create apps directory"
file: file:
path: "{{ app_dir }}" path: "{{ app_dir }}"
recurse: yes recurse: yes

14
haproxy/pkg.ansible.yml
View file

@ -2,33 +2,33 @@
vars_files: vars_files:
- map.yml - map.yml
tasks: tasks:
- name: Install haproxy pkg - name: "haproxy/pkg : Install haproxy pkg"
package: package:
state: present state: present
name: name:
- haproxy - haproxy
- name: Setup haproxy conf.d directory - name: "haproxy/pkg : Setup haproxy conf.d directory"
file: file:
state: directory state: directory
path: /etc/haproxy/conf.d path: /etc/haproxy/conf.d
owner: root owner: root
group: root group: root
mode: '0755' mode: "0755"
- name: Populate haproxy config - name: "haproxy/pkg : Populate haproxy config"
template: template:
src: files/haproxy_config.j2 src: files/haproxy_config.j2
dest: /etc/haproxy/haproxy.cfg dest: /etc/haproxy/haproxy.cfg
owner: root owner: root
group: root group: root
mode: '0644' mode: "0644"
vars: vars:
IPV4: "{{ ansible_default_ipv4.address }}" IPV4: "{{ ansible_default_ipv4.address }}"
- name: Populate haproxy rc-script - name: "haproxy/pkg : Populate haproxy rc-script"
template: template:
src: files/haproxy_rcscript.initd.j2 src: files/haproxy_rcscript.initd.j2
dest: /etc/init.d/haproxy dest: /etc/init.d/haproxy
owner: root owner: root
group: root group: root
mode: '0755' mode: "0755"
vars: vars:
CONF_DIR: "{{ conf_dir }}" CONF_DIR: "{{ conf_dir }}"

2
haproxy/service.ansible.yml
View file

@ -1,6 +1,6 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Enable haproxy service - name: "haproxy/service : Enable haproxy service"
service: service:
name: haproxy name: haproxy
state: started state: started

4
migrations.ansible.yml
View file

@ -1,12 +1,12 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Remove pterodactyl - name: "migrations : Remove pterodactyl"
package: package:
state: absent state: absent
name: name:
- pterodactyl-panel-compose - pterodactyl-panel-compose
- pterodactyl-wings - pterodactyl-wings
- name: Remove Docker - name: "migrations : Remove Docker"
package: package:
state: absent state: absent
name: name:

2
mysql/directory.ansible.yml
View file

@ -1,6 +1,6 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Create mysql directory - name: "mysql/directory : Create mysql directory"
file: file:
path: /var/lib/mysql path: /var/lib/mysql
recurse: yes recurse: yes

4
mysql/pkg.ansible.yml
View file

@ -1,6 +1,6 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Install mariadb package - name: "mysql/pkg : Install mariadb package"
package: package:
state: present state: present
name: name:
@ -8,5 +8,3 @@
- mariadb-client - mariadb-client
- mariadb-openrc - mariadb-openrc
- py3-mysqlclient - py3-mysqlclient

16
mysql/secure.ansible.yml
View file

@ -1,10 +1,10 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Test if mysql has been secured - name: "mysql/secure : Test if mysql has been secured"
stat: stat:
path: /var/lib/mysql/.secured path: /var/lib/mysql/.secured
register: MYSQL_SECURED_RESULT register: MYSQL_SECURED_RESULT
- name: Set the root password - name: "mysql/secure : Set the root password"
mysql_user: user=root password="{{mysql_root_password}}" host="{{item}}" mysql_user: user=root password="{{mysql_root_password}}" host="{{item}}"
with_items: with_items:
- 127.0.0.1 - 127.0.0.1
@ -12,32 +12,32 @@
- localhost - localhost
no_log: true no_log: true
when: not MYSQL_SECURED_RESULT.stat.exists when: not MYSQL_SECURED_RESULT.stat.exists
- name: Set root my.cnf - name: "mysql/secure : Set root my.cnf"
template: template:
src: files/my.cnf.j2 src: files/my.cnf.j2
dest: /root/.my.cnf dest: /root/.my.cnf
owner: root owner: root
group: root group: root
mode: '0644' mode: "0644"
vars: vars:
MYSQL_ROOT_PASSWORD: "{{mysql_root_password}}" MYSQL_ROOT_PASSWORD: "{{mysql_root_password}}"
no_log: true no_log: true
- name: Delete anonymous MySQL user - name: "mysql/secure : Delete anonymous MySQL user"
mysql_user: name="" host="{{item}}" state=absent mysql_user: name="" host="{{item}}" state=absent
with_items: with_items:
- localhost - localhost
- "{{ansible_nodename}}" - "{{ansible_nodename}}"
no_log: true no_log: true
when: not MYSQL_SECURED_RESULT.stat.exists when: not MYSQL_SECURED_RESULT.stat.exists
- name: Delete Hostname based MySQL user - name: "mysql/secure : Delete Hostname based MySQL user"
mysql_user: user=root host="{{ansible_nodename}}" state=absent mysql_user: user=root host="{{ansible_nodename}}" state=absent
no_log: true no_log: true
when: not MYSQL_SECURED_RESULT.stat.exists when: not MYSQL_SECURED_RESULT.stat.exists
- name: Remove MySQL test database - name: "mysql/secure : Remove MySQL test database"
mysql_db: name=test state=absent mysql_db: name=test state=absent
no_log: true no_log: true
when: not MYSQL_SECURED_RESULT.stat.exists when: not MYSQL_SECURED_RESULT.stat.exists
- name: Create .secured lock file - name: "mysql/secure : Create .secured lock file"
file: file:
state: touch state: touch
path: /var/lib/mysql/.secured path: /var/lib/mysql/.secured

4
mysql/service.ansible.yml
View file

@ -1,11 +1,11 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Test if directory exists - name: "mysql/service : Test if directory exists"
stat: stat:
path: /var/lib/mysql/mysql path: /var/lib/mysql/mysql
register: MYSQL_DIRECTORY_RESULT register: MYSQL_DIRECTORY_RESULT
ignore_errors: true ignore_errors: true
- name: MariaDB setup - name: "mysql/service : Setup mariadb"
shell: | shell: |
/etc/init.d/mariadb setup /etc/init.d/mariadb setup
when: not MYSQL_DIRECTORY_RESULT.stat.exists when: not MYSQL_DIRECTORY_RESULT.stat.exists

12
network/firewall.ansible.yml
View file

@ -1,27 +1,27 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Install firewall packages - name: "network/firewall : Install nftables packages"
package: package:
name: name:
- nftables - nftables
state: present state: present
- name: Create firewall rules directory - name: "network/firewall : Create nftables.d directory"
file: file:
state: directory state: directory
path: /etc/nftables.d path: /etc/nftables.d
owner: root owner: root
group: root group: root
mode: '0755' mode: "0755"
- name: Firewall rules - name: "network/firewall : Firewall rules"
template: template:
src: files/firewall_rules.nft.j2 src: files/firewall_rules.nft.j2
dest: /etc/nftables.d/noveria.nft dest: /etc/nftables.d/noveria.nft
owner: root owner: root
group: root group: root
mode: '0600' mode: "0600"
vars: vars:
ALLOWED_PORTS: [80, 443] ALLOWED_PORTS: [80, 443]
- name: Enable nftables service - name: "network/firewall : Enable nftables service"
service: service:
name: nftables name: nftables
state: started state: started

4
network/init.ansible.yml
View file

@ -2,14 +2,14 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Populate interfaces - name: "network : Populate interfaces"
template: template:
src: files/network_interfaces src: files/network_interfaces
dest: /etc/network/interfaces dest: /etc/network/interfaces
owner: root owner: root
group: root group: root
mode: "0644" mode: "0644"
- name: Enable networking service - name: "network : Enable networking service"
service: service:
name: networking name: networking
state: started state: started

6
openssh/config.ansible.yml
View file

@ -1,20 +1,20 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Populate sshd_config - name: "openssh/config : Populate sshd_config"
template: template:
src: files/openssh_sshd_config src: files/openssh_sshd_config
dest: /etc/ssh/sshd_config dest: /etc/ssh/sshd_config
mode: "0644" mode: "0644"
owner: root owner: root
group: root group: root
- name: Configure root .ssh directory - name: "openssh/config : Configure root .ssh directory"
file: file:
state: directory state: directory
path: /root/.ssh path: /root/.ssh
mode: "0755" mode: "0755"
owner: root owner: root
group: root group: root
- name: Configure root authorized_keys - name: "openssh/config : Configure root authorized_keys"
template: template:
src: files/openssh_authorized_keys src: files/openssh_authorized_keys
dest: /root/.ssh/authorized_keys dest: /root/.ssh/authorized_keys

2
openssh/pkg.ansible.yml
View file

@ -1,6 +1,6 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Install openssh package - name: "openssh/pkg : Install openssh-server package"
package: package:
state: present state: present
name: name:

4
openssh/service.ansible.yml
View file

@ -1,11 +1,11 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Enable openssh service - name: "openssh/service : Enable sshd service"
service: service:
name: sshd name: sshd
state: started state: started
enabled: true enabled: true
- name: Require lo interface - name: "openssh/service : Require networking service"
lineinfile: lineinfile:
state: present state: present
path: /etc/conf.d/sshd path: /etc/conf.d/sshd

2
podman/directory.ansible.yml
View file

@ -2,7 +2,7 @@
vars_files: vars_files:
- map.yml - map.yml
tasks: tasks:
- name: Create podman directory - name: "podman/directory : Create podman directory"
file: file:
path: "{{ podman_dir }}" path: "{{ podman_dir }}"
owner: puser owner: puser

2
podman/pkg.ansible.yml
View file

@ -1,6 +1,6 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Install podman package - name: "podman/pkg : Install required packages"
package: package:
state: present state: present
name: name:

10
podman/rootless.ansible.yml
View file

@ -1,15 +1,15 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: cgroup mode - name: "podman/rootless : Set cgroup mode to unified"
lineinfile: lineinfile:
path: "/etc/rc.conf" path: "/etc/rc.conf"
regexp: "^rc_cgroup_mode.?=.?" regexp: "^rc_cgroup_mode.?=.?"
line: rc_cgroup_mode="unified" line: rc_cgroup_mode="unified"
- name: cgroups service - name: "podman/rootless : Enable cgroups service"
service: service:
name: cgroups name: cgroups
enabled: true enabled: true
- name: rootless modules - name: "podman/rootless : Activate rootless modules"
lineinfile: lineinfile:
state: present state: present
path: /etc/modules path: /etc/modules
@ -18,13 +18,13 @@
tun tun
fuse fuse
ip_tables ip_tables
- name: subgid - name: "podman/rootless : Set puser subgid"
lineinfile: lineinfile:
state: present state: present
path: /etc/subgid path: /etc/subgid
insertafter: EOF insertafter: EOF
line: puser:100000:65536 line: puser:100000:65536
- name: subuid - name: "podman/rootless : Set puser subuid"
lineinfile: lineinfile:
state: present state: present
path: /etc/subuid path: /etc/subuid

4
podman/service.ansible.yml
View file

@ -1,10 +1,10 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Enable podman service - name: "podman/service : Enable podman service"
service: service:
name: podman name: podman
enabled: true enabled: true
- name: Podman unprivileged ports - name: "podman/service : Podman unprivileged ports"
template: template:
src: files/files_unprivileged_ports src: files/files_unprivileged_ports
dest: /etc/sysctl.d/podman.conf dest: /etc/sysctl.d/podman.conf

6
podman/user.ansible.yml
View file

@ -1,6 +1,6 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Create puser user - name: "podman/user : Create puser user"
user: user:
uid: 2000 uid: 2000
name: puser name: puser
@ -8,14 +8,14 @@
home: /home/puser home: /home/puser
password: "*" password: "*"
create_home: true create_home: true
- name: puser .ssh dir - name: "podman/user : Create puser .ssh dir"
file: file:
state: directory state: directory
path: /home/puser/.ssh path: /home/puser/.ssh
mode: "0755" mode: "0755"
owner: puser owner: puser
group: puser group: puser
- name: puser authorized_keys - name: "podman/user : Add puser authorized_keys"
template: template:
src: ../openssh/files/openssh_authorized_keys src: ../openssh/files/openssh_authorized_keys
dest: /home/puser/.ssh/authorized_keys dest: /home/puser/.ssh/authorized_keys

4
system/ansible.ansible.yml
View file

@ -2,12 +2,12 @@
vars_files: vars_files:
- ../map.yml - ../map.yml
tasks: tasks:
- name: Install ansible packages - name: "system/ansible : Install ansible packages"
package: package:
name: name:
- ansible - ansible
state: present state: present
- name: Populate ansible config - name: "system/ansible : Populate ansible config"
template: template:
src: files/ansible_config src: files/ansible_config
dest: /etc/ansible/ansible.cfg dest: /etc/ansible/ansible.cfg

20
system/base.ansible.yml
View file

@ -2,7 +2,7 @@
vars_files: vars_files:
- ../map.yml - ../map.yml
tasks: tasks:
- name: Install base packages - name: "system/base : Install base packages"
package: package:
state: present state: present
name: name:
@ -21,53 +21,53 @@
- screen - screen
- iproute2-ss - iproute2-ss
- chrony - chrony
- name: Systemupdate script - name: "system/base : Deploy systemupdate script"
template: template:
src: files/base_systemupdate src: files/base_systemupdate
dest: "{{ app_dir }}/systemupdate" dest: "{{ app_dir }}/systemupdate"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Systemupdate bin-link - name: "system/base : Create systemupdate symlink to bin"
file: file:
src: "{{ app_dir }}/systemupdate" src: "{{ app_dir }}/systemupdate"
dest: "{{ bin_dir }}/systemupdate" dest: "{{ bin_dir }}/systemupdate"
owner: root owner: root
group: root group: root
state: link state: link
- name: Enable modules Service - name: "system/base : Enable modules Service"
service: service:
state: started state: started
name: modules name: modules
enabled: true enabled: true
- name: Tun permission service-file - name: "system/base : Deploy tun permission service-file"
template: template:
src: files/base_tun-perm.initd src: files/base_tun-perm.initd
dest: "/etc/init.d/tun-perm" dest: "/etc/init.d/tun-perm"
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
- name: Enable tun-perm service - name: "system/base : Enable tun-perm service"
service: service:
state: started state: started
name: tun-perm name: tun-perm
enabled: true enabled: true
- name: Enable sysctl service - name: "system/base : Enable sysctl service"
service: service:
state: started state: started
name: sysctl name: sysctl
enabled: true enabled: true
- name: Enable syslog service - name: "system/base : Enable syslog service"
service: service:
state: started state: started
name: syslog name: syslog
enabled: true enabled: true
- name: Enable sysfs service - name: "system/base : Enable sysfs service"
service: service:
state: started state: started
name: sysfs name: sysfs
enabled: true enabled: true
- name: Enable chrony-ntp service - name: "system/base : Enable chrony-ntp service"
service: service:
state: started state: started
name: chronyd name: chronyd

18
system/bootloader.ansible.yml
View file

@ -2,7 +2,7 @@
vars_files: vars_files:
- ../map.yml - ../map.yml
tasks: tasks:
- name: Install bootloader pkgs - name: "system/bootloader : Install grub, mkinitfs, efibootmgr"
package: package:
name: name:
- grub - grub
@ -11,22 +11,22 @@
- mkinitfs-doc - mkinitfs-doc
- efibootmgr - efibootmgr
state: present state: present
- name: Get current timestamp - name: "system/bootloader : Get current timestamp"
shell: | shell: |
CURRENT_SUBVOLUME=$(LC_ALL=C btrfs sub show / | LC_ALL=C grep Name: | tr -d '[:space:]'); TIMESTAMP_FORMAT='[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}_[[:digit:]]{2}-[[:digit:]]{2}-[[:digit:]]{2}'; echo "$CURRENT_SUBVOLUME" | grep -Eo "$TIMESTAMP_FORMAT" CURRENT_SUBVOLUME=$(LC_ALL=C btrfs sub show / | LC_ALL=C grep Name: | tr -d '[:space:]'); TIMESTAMP_FORMAT='[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}_[[:digit:]]{2}-[[:digit:]]{2}-[[:digit:]]{2}'; echo "$CURRENT_SUBVOLUME" | grep -Eo "$TIMESTAMP_FORMAT"
register: CURRENT_SUBVOLUME_TIMESTAMP register: CURRENT_SUBVOLUME_TIMESTAMP
run_once: true run_once: true
- name: Get current timestamp human - name: "system/bootloader : Get current timestamp human"
shell: | shell: |
CURRENT_SUBVOLUME_TIMESTAMP='{{ CURRENT_SUBVOLUME_TIMESTAMP.stdout }}'; echo "${CURRENT_SUBVOLUME_TIMESTAMP:0:10} ${CURRENT_SUBVOLUME_TIMESTAMP:11:2}:${CURRENT_SUBVOLUME_TIMESTAMP:14:2}" CURRENT_SUBVOLUME_TIMESTAMP='{{ CURRENT_SUBVOLUME_TIMESTAMP.stdout }}'; echo "${CURRENT_SUBVOLUME_TIMESTAMP:0:10} ${CURRENT_SUBVOLUME_TIMESTAMP:11:2}:${CURRENT_SUBVOLUME_TIMESTAMP:14:2}"
register: CURRENT_SUBVOLUME_TIMESTAMP_HUMAN register: CURRENT_SUBVOLUME_TIMESTAMP_HUMAN
run_once: true run_once: true
- name: Get current kernel version - name: "system/bootloader : Get current kernel version"
shell: | shell: |
uname -r uname -r
register: KERNEL_VERSION register: KERNEL_VERSION
run_once: true run_once: true
- name: mkinitfs config - name: "system/bootloader : Add features to mkinitfs config"
lineinfile: lineinfile:
path: "/etc/mkinitfs/mkinitfs.conf" path: "/etc/mkinitfs/mkinitfs.conf"
regexp: "^features.?=.?" regexp: "^features.?=.?"
@ -34,7 +34,7 @@
owner: root owner: root
group: root group: root
mode: "0644" mode: "0644"
- name: os-release file - name: "system/bootloader : Generate os-release file"
template: template:
src: files/bootloader_os-release.j2 src: files/bootloader_os-release.j2
dest: "/etc/os-release" dest: "/etc/os-release"
@ -44,14 +44,14 @@
vars: vars:
OS_VERSION: "{{ release_version }}" OS_VERSION: "{{ release_version }}"
OS_RELEASE_INFO: '"Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}"' OS_RELEASE_INFO: '"Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}"'
- name: Motd Directory - name: "system/bootloader : Create motd directory"
file: file:
name: /etc/motd.d name: /etc/motd.d
owner: root owner: root
group: root group: root
mode: "0755" mode: "0755"
state: directory state: directory
- name: Motd - name: "system/bootloader : Place Noveria motd file in motd directory"
template: template:
src: files/bootloader_00_noveria.motd.j2 src: files/bootloader_00_noveria.motd.j2
dest: /etc/motd.d/00_noveria.motd dest: /etc/motd.d/00_noveria.motd
@ -62,7 +62,7 @@
OS_NAME: "Novos {{ release_version }}" OS_NAME: "Novos {{ release_version }}"
OS_RELEASE_INFO: "Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}" OS_RELEASE_INFO: "Timestamp: {{ CURRENT_SUBVOLUME_TIMESTAMP_HUMAN.stdout }} | Kernel: {{ KERNEL_VERSION.stdout }}"
OS_ISSUE_URL: "https://git.noveria.org/Novos/ISO/issues" OS_ISSUE_URL: "https://git.noveria.org/Novos/ISO/issues"
- name: Issue - name: "system/bootloader : Place issue file"
template: template:
src: files/bootloader_issue.j2 src: files/bootloader_issue.j2
dest: /etc/issue dest: /etc/issue

24
system/disks.ansible.yml
View file

@ -2,43 +2,43 @@
vars_files: vars_files:
- ../map.yml - ../map.yml
tasks: tasks:
- name: Install Disks packages - name: "system/disks : Install required filesystem packages"
package: package:
name: name:
- btrfs-progs - btrfs-progs
state: present state: present
- name: Append btrfs module - name: "system/disks : Append btrfs module"
lineinfile: lineinfile:
state: present state: present
path: /etc/modules path: /etc/modules
insertafter: EOF insertafter: EOF
line: btrfs line: btrfs
- name: Btrfs mount permission - name: "system/disks : Set correct /btrfs permissions"
file: file:
path: "/btrfs" path: "/btrfs"
owner: root owner: root
group: root group: root
mode: '0755' mode: "0755"
state: directory state: directory
- name: Get ROOT_UUID - name: "system/disks : Get ROOT_UUID"
shell: | shell: |
lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}' lsblk -o LABEL,UUID | grep ROOT | awk '{print $2}'
register: root_uuid register: root_uuid
run_once: true run_once: true
- name: Get ESP_UUID - name: "system/disks : Get ESP_UUID"
shell: | shell: |
lsblk -o LABEL,UUID | grep EFI | awk '{print $2}' lsblk -o LABEL,UUID | grep EFI | awk '{print $2}'
register: esp_uuid register: esp_uuid
run_once: true run_once: true
- name: Deploy fstab - name: "system/disks : Deploy fstab"
template: template:
src: files/disks_fstab.j2 src: files/disks_fstab.j2
dest: /etc/fstab dest: /etc/fstab
owner: root owner: root
group: root group: root
mode: '0644' mode: "0644"
vars: vars:
ROOT_UUID: '{{ root_uuid.stdout }}' ROOT_UUID: "{{ root_uuid.stdout }}"
ESP_UUID: '{{ esp_uuid.stdout }}' ESP_UUID: "{{ esp_uuid.stdout }}"
TIMESTAMP: '{{ start_timestamp }}' TIMESTAMP: "{{ start_timestamp }}"
TMPFS_SIZE: '{{ tmpfs_size }}' TMPFS_SIZE: "{{ tmpfs_size }}"

4
system/repositories.ansible.yml
View file

@ -1,12 +1,12 @@
- hosts: localhost - hosts: localhost
tasks: tasks:
- name: Add noveria repository - name: "system/repositories : Add noveria repository"
lineinfile: lineinfile:
state: present state: present
path: "/etc/apk/repositories" path: "/etc/apk/repositories"
insertafter: EOF insertafter: EOF
line: https://alpine.noveria.org/v3.21/noveria line: https://alpine.noveria.org/v3.21/noveria
- name: Get noveria repo pubkey - name: "system/repositories : Get noveria repo pubkey"
get_url: get_url:
url: "https://alpine.noveria.org/alpine@noveria.org.pub" url: "https://alpine.noveria.org/alpine@noveria.org.pub"
dest: /etc/apk/keys dest: /etc/apk/keys

6
system/shell.ansible.yml
View file

@ -2,19 +2,19 @@
vars_files: vars_files:
- ../map.yml - ../map.yml
tasks: tasks:
- name: Install shell base-packages - name: "system/shell : Install packages"
package: package:
name: name:
- zsh - zsh
- alpine-zsh-config - alpine-zsh-config
- bash - bash
state: present state: present
- name: Populate shell profile - name: "system/shell : Populate shell profile"
template: template:
src: files/shell_profile.j2 src: files/shell_profile.j2
dest: /etc/profile dest: /etc/profile
owner: root owner: root
group: root group: root
mode: '0644' mode: "0644"
vars: vars:
CUSTOM_BIN: "{{ bin_dir }}" CUSTOM_BIN: "{{ bin_dir }}"

6
system/user.ansible.yml
View file

@ -2,14 +2,14 @@
vars_files: vars_files:
- ../map.yml - ../map.yml
tasks: tasks:
- name: Create Noveria user - name: "system/user : Create noveria user"
user: user:
uid: 1000 uid: 1000
name: noveria name: noveria
shell: /bin/false shell: /bin/false
home: /home/noveria home: /home/noveria
password: '*' password: "*"
- name: Edit root user - name: "system/user : Edit root user"
user: user:
name: root name: root
shell: /bin/zsh shell: /bin/zsh