From c182c4dc6694ee6e7f49cfa91f5d02ea306c072d Mon Sep 17 00:00:00 2001 From: Egor Tensin Date: Fri, 4 Aug 2023 11:20:03 +0200 Subject: import some common roles --- README.md | 39 ++++++++++++++++++++++++++++++++++++ galaxy.yml | 8 ++++++++ roles/apt/handlers/main.yml | 16 +++++++++++++++ roles/apt/tasks/main.yml | 20 ++++++++++++++++++ roles/docker/tasks/main.yml | 13 ++++++++++++ roles/journald/tasks/main.yml | 17 ++++++++++++++++ roles/linux_status/defaults/main.yml | 2 ++ roles/linux_status/tasks/main.yml | 25 +++++++++++++++++++++++ 8 files changed, 140 insertions(+) create mode 100644 README.md create mode 100644 galaxy.yml create mode 100644 roles/apt/handlers/main.yml create mode 100644 roles/apt/tasks/main.yml create mode 100644 roles/docker/tasks/main.yml create mode 100644 roles/journald/tasks/main.yml create mode 100644 roles/linux_status/defaults/main.yml create mode 100644 roles/linux_status/tasks/main.yml diff --git a/README.md b/README.md new file mode 100644 index 0000000..2ffef23 --- /dev/null +++ b/README.md @@ -0,0 +1,39 @@ +infra-ansible +============= + +Some common Ansible roles used by me to manage things. + +Usage +----- + +requirements.yml: + +``` +collections: + - source: https://github.com/egor-tensin/infra-ansible.git + type: git + version: master # Or a commit hash +``` + +``` +$ ansible-galaxy install -r requirements.yml +``` + +Then you can use roles in your playbook: + +``` +- name: Test playbook + hosts: all + roles: + - tensin.infra.apt + - tensin.infra.journald + ... +``` + +License +------- + +Distributed under the MIT License. +See [LICENSE.txt] for details. + +[LICENSE.txt]: LICENSE.txt diff --git a/galaxy.yml b/galaxy.yml new file mode 100644 index 0000000..cfb561e --- /dev/null +++ b/galaxy.yml @@ -0,0 +1,8 @@ +namespace: tensin +name: infra +# The version field is unmaintained. +version: 0.0.1 +readme: README.md +license: MIT +authors: + - Egor Tensin diff --git a/roles/apt/handlers/main.yml b/roles/apt/handlers/main.yml new file mode 100644 index 0000000..625a8af --- /dev/null +++ b/roles/apt/handlers/main.yml @@ -0,0 +1,16 @@ +- name: Reboot + ansible.builtin.reboot: + args: + # 3 minutes is plenty. + reboot_timeout: 180 + # Don't reboot yourself accidentally: + when: 'ansible_env["SSH_CLIENT"].split()[0] not in ansible_all_ipv4_addresses' + become: true + listen: reboot + +- name: Wait for connectivity + ansible.builtin.wait_for_connection: + args: + # 3 minutes is plenty. + timeout: 180 + listen: reboot diff --git a/roles/apt/tasks/main.yml b/roles/apt/tasks/main.yml new file mode 100644 index 0000000..f26a1f7 --- /dev/null +++ b/roles/apt/tasks/main.yml @@ -0,0 +1,20 @@ +- name: Upgrade packages + become: true + ansible.builtin.apt: + install_recommends: false + update_cache: true + upgrade: dist + notify: reboot + +- name: Reboot if necessary + ansible.builtin.meta: flush_handlers + +- name: Clean up dependencies + become: true + ansible.builtin.apt: + autoremove: true + purge: true + notify: reboot + +- name: Reboot if necessary + ansible.builtin.meta: flush_handlers diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml new file mode 100644 index 0000000..574a17c --- /dev/null +++ b/roles/docker/tasks/main.yml @@ -0,0 +1,13 @@ +- name: Install Docker + become: true + ansible.builtin.apt: + install_recommends: false + name: + - docker.io + - docker-compose + state: present + +- name: Clean up Docker data + become: true + ansible.builtin.command: docker system prune -a -f --volumes + changed_when: true diff --git a/roles/journald/tasks/main.yml b/roles/journald/tasks/main.yml new file mode 100644 index 0000000..2d7ce15 --- /dev/null +++ b/roles/journald/tasks/main.yml @@ -0,0 +1,17 @@ +- name: Less noisy journal + become: true + block: + - name: Edit journald.conf + community.general.ini_file: + dest: /etc/systemd/journald.conf + section: Journal + option: MaxLevelStore + value: notice + register: edited + + - name: Restart systemd-journald + ansible.builtin.systemd_service: + daemon_reload: true + name: systemd-journald + state: restarted + when: edited.changed diff --git a/roles/linux_status/defaults/main.yml b/roles/linux_status/defaults/main.yml new file mode 100644 index 0000000..da596ae --- /dev/null +++ b/roles/linux_status/defaults/main.yml @@ -0,0 +1,2 @@ +keys_dir: /etc/apt/keyrings +gpg_key_id: ecb69cbafc6d7cd8bd67ec35b1089b3051c9384d diff --git a/roles/linux_status/tasks/main.yml b/roles/linux_status/tasks/main.yml new file mode 100644 index 0000000..766f009 --- /dev/null +++ b/roles/linux_status/tasks/main.yml @@ -0,0 +1,25 @@ +- name: Set up repository + become: true + block: + - name: Create keys directory + ansible.builtin.file: + path: '{{ keys_dir }}' + mode: '755' + state: directory + + - name: Add key + ansible.builtin.get_url: + url: 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x{{ gpg_key_id }}' + dest: '{{ keys_dir }}/linux-status.asc' + mode: '644' + + - name: Add repository + ansible.builtin.apt_repository: + repo: 'deb [signed-by={{ keys_dir }}/linux-status.asc] https://ppa.launchpadcontent.net/egor-tensin/linux-status/ubuntu focal main' + filename: linux-status + +- name: Install linux-status + become: true + ansible.builtin.apt: + install_recommends: false + name: linux-status -- cgit v1.2.3