import some common roles

author: Egor Tensin <Egor.Tensin@gmail.com> 2023-08-04 11:20:03 +0200
committer: Egor Tensin <Egor.Tensin@gmail.com> 2023-08-04 11:20:03 +0200
commit: c182c4dc6694ee6e7f49cfa91f5d02ea306c072d (patch)
tree: 82a8889418a1d64312db4e76080dd14014ff70f0
parent: initial commit (diff)
download: infra-ansible-c182c4dc6694ee6e7f49cfa91f5d02ea306c072d.tar.gz
infra-ansible-c182c4dc6694ee6e7f49cfa91f5d02ea306c072d.zip
8 files changed, 140 insertions, 0 deletions
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..2ffef23
--- /dev/null
+++ b/README.md
@@ -0,0 +1,39 @@
+infra-ansible
+=============
+
+Some common Ansible roles used by me to manage things.
+
+Usage
+-----
+
+requirements.yml:
+
+```
+collections:
+  - source: https://github.com/egor-tensin/infra-ansible.git
+    type: git
+    version: master # Or a commit hash
+```
+
+```
+$ ansible-galaxy install -r requirements.yml
+```
+
+Then you can use roles in your playbook:
+
+```
+- name: Test playbook
+  hosts: all
+  roles:
+    - tensin.infra.apt
+    - tensin.infra.journald
+    ...
+```
+
+License
+-------
+
+Distributed under the MIT License.
+See [LICENSE.txt] for details.
+
+[LICENSE.txt]: LICENSE.txt
diff --git a/galaxy.yml b/galaxy.yml
new file mode 100644
index 0000000..cfb561e
--- /dev/null
+++ b/galaxy.yml
@@ -0,0 +1,8 @@
+namespace: tensin
+name: infra
+# The version field is unmaintained.
+version: 0.0.1
+readme: README.md
+license: MIT
+authors:
+  - Egor Tensin <Egor.Tensin@gmail.com>
diff --git a/roles/apt/handlers/main.yml b/roles/apt/handlers/main.yml
new file mode 100644
index 0000000..625a8af
--- /dev/null
+++ b/roles/apt/handlers/main.yml
@@ -0,0 +1,16 @@
+- name: Reboot
+  ansible.builtin.reboot:
+  args:
+    # 3 minutes is plenty.
+    reboot_timeout: 180
+  # Don't reboot yourself accidentally:
+  when: 'ansible_env["SSH_CLIENT"].split()[0] not in ansible_all_ipv4_addresses'
+  become: true
+  listen: reboot
+
+- name: Wait for connectivity
+  ansible.builtin.wait_for_connection:
+  args:
+    # 3 minutes is plenty.
+    timeout: 180
+  listen: reboot
diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml
new file mode 100644
index 0000000..f26a1f7
--- /dev/null
+++ b/roles/apt/tasks/main.yml
@@ -0,0 +1,20 @@
+- name: Upgrade packages
+  become: true
+  ansible.builtin.apt:
+    install_recommends: false
+    update_cache: true
+    upgrade: dist
+  notify: reboot
+
+- name: Reboot if necessary
+  ansible.builtin.meta: flush_handlers
+
+- name: Clean up dependencies
+  become: true
+  ansible.builtin.apt:
+    autoremove: true
+    purge: true
+  notify: reboot
+
+- name: Reboot if necessary
+  ansible.builtin.meta: flush_handlers
diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml
new file mode 100644
index 0000000..574a17c
--- /dev/null
+++ b/roles/docker/tasks/main.yml
@@ -0,0 +1,13 @@
+- name: Install Docker
+  become: true
+  ansible.builtin.apt:
+    install_recommends: false
+    name:
+      - docker.io
+      - docker-compose
+    state: present
+
+- name: Clean up Docker data
+  become: true
+  ansible.builtin.command: docker system prune -a -f --volumes
+  changed_when: true
diff --git a/roles/journald/tasks/main.yml b/roles/journald/tasks/main.yml
new file mode 100644
index 0000000..2d7ce15
--- /dev/null
+++ b/roles/journald/tasks/main.yml
@@ -0,0 +1,17 @@
+- name: Less noisy journal
+  become: true
+  block:
+    - name: Edit journald.conf
+      community.general.ini_file:
+        dest: /etc/systemd/journald.conf
+        section: Journal
+        option: MaxLevelStore
+        value: notice
+      register: edited
+
+    - name: Restart systemd-journald
+      ansible.builtin.systemd_service:
+        daemon_reload: true
+        name: systemd-journald
+        state: restarted
+      when: edited.changed
diff --git a/roles/linux_status/defaults/main.yml b/roles/linux_status/defaults/main.yml
new file mode 100644
index 0000000..da596ae
--- /dev/null
+++ b/roles/linux_status/defaults/main.yml
@@ -0,0 +1,2 @@
+keys_dir: /etc/apt/keyrings
+gpg_key_id: ecb69cbafc6d7cd8bd67ec35b1089b3051c9384d
diff --git a/roles/linux_status/tasks/main.yml b/roles/linux_status/tasks/main.yml
new file mode 100644
index 0000000..766f009
--- /dev/null
+++ b/roles/linux_status/tasks/main.yml
@@ -0,0 +1,25 @@
+- name: Set up repository
+  become: true
+  block:
+    - name: Create keys directory
+      ansible.builtin.file:
+        path: '{{ keys_dir }}'
+        mode: '755'
+        state: directory
+
+    - name: Add key
+      ansible.builtin.get_url:
+        url: 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x{{ gpg_key_id }}'
+        dest: '{{ keys_dir }}/linux-status.asc'
+        mode: '644'
+
+    - name: Add repository
+      ansible.builtin.apt_repository:
+        repo: 'deb [signed-by={{ keys_dir }}/linux-status.asc] https://ppa.launchpadcontent.net/egor-tensin/linux-status/ubuntu focal main'
+        filename: linux-status
+
+- name: Install linux-status
+  become: true
+  ansible.builtin.apt:
+    install_recommends: false
+    name: linux-status
author	Egor Tensin <Egor.Tensin@gmail.com>	2023-08-04 11:20:03 +0200
committer	Egor Tensin <Egor.Tensin@gmail.com>	2023-08-04 11:20:03 +0200
commit	c182c4dc6694ee6e7f49cfa91f5d02ea306c072d (patch)
tree	82a8889418a1d64312db4e76080dd14014ff70f0
parent	initial commit (diff)
download	infra-ansible-c182c4dc6694ee6e7f49cfa91f5d02ea306c072d.tar.gz infra-ansible-c182c4dc6694ee6e7f49cfa91f5d02ea306c072d.zip