mirror of
https://github.com/ChristianLempa/boilerplates.git
synced 2024-11-22 00:03:16 +01:00
fix: fix names which did not start with an uppercase letter
This commit is contained in:
parent
24b0819e7f
commit
bde2063ec9
@ -1,21 +1,21 @@
|
|||||||
---
|
---
|
||||||
- name: install fail2ban and configure sshd
|
- name: Install fail2ban and configure sshd
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install fail2ban
|
- name: Install fail2ban
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- fail2ban
|
- fail2ban
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
- name: copy fail2ban configfiles
|
- name: Copy fail2ban configfiles
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: configfiles/debian-sshd-default.conf
|
src: configfiles/debian-sshd-default.conf
|
||||||
dest: /etc/fail2ban/jail.d/debian-sshd-default.conf
|
dest: /etc/fail2ban/jail.d/debian-sshd-default.conf
|
||||||
|
|
||||||
- name: restart fail2ban
|
- name: Restart fail2ban
|
||||||
ansible.builtin.systemd_service:
|
ansible.builtin.systemd_service:
|
||||||
state: restarted
|
state: restarted
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
|
@ -1,16 +1,16 @@
|
|||||||
---
|
---
|
||||||
- name: add ssh key
|
- name: Add ssh key
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install public keys
|
- name: Install public keys
|
||||||
ansible.posix.authorized_key:
|
ansible.posix.authorized_key:
|
||||||
user: "{{ lookup('env','USER') }}"
|
user: "{{ lookup('env','USER') }}"
|
||||||
state: present
|
state: present
|
||||||
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
|
||||||
|
|
||||||
- name: change sudoers file
|
- name: Change sudoers file
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: /etc/sudoers
|
path: /etc/sudoers
|
||||||
state: present
|
state: present
|
||||||
|
@ -1,15 +1,15 @@
|
|||||||
---
|
---
|
||||||
- name: deploy portainer-ce latest
|
- name: Deploy portainer-ce latest
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
become_user: "{{ lookup('env','USER') }}"
|
become_user: "{{ lookup('env','USER') }}"
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: create new volume
|
- name: Create new volume
|
||||||
community.docker.docker_volume:
|
community.docker.docker_volume:
|
||||||
name: portainer-data
|
name: portainer-data
|
||||||
|
|
||||||
- name: deploy portainer
|
- name: Deploy portainer
|
||||||
community.docker.docker_container:
|
community.docker.docker_container:
|
||||||
name: portainer
|
name: portainer
|
||||||
image: "docker.io/portainer/portainer-ce"
|
image: "docker.io/portainer/portainer-ce"
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: deploy traefik v2.5
|
- name: Deploy traefik v2.5
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: deploy traefik
|
- name: Deploy traefik
|
||||||
become_user: "{{ lookup('env','USER') }}"
|
become_user: "{{ lookup('env','USER') }}"
|
||||||
community.docker.docker_container:
|
community.docker.docker_container:
|
||||||
name: traefik
|
name: traefik
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: install core packages
|
- name: Install core packages
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install core packages
|
- name: Install core packages
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- prometheus-node-exporter
|
- prometheus-node-exporter
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: install docker
|
- name: Install docker
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install docker dependencies
|
- name: Install docker dependencies
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- apt-transport-https
|
- apt-transport-https
|
||||||
@ -14,19 +14,19 @@
|
|||||||
- software-properties-common
|
- software-properties-common
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
- name: add docker gpg key
|
- name: Add docker gpg key
|
||||||
ansible.builtin.apt_key:
|
ansible.builtin.apt_key:
|
||||||
url: https://download.docker.com/linux/ubuntu/gpg
|
url: https://download.docker.com/linux/ubuntu/gpg
|
||||||
state: present
|
state: present
|
||||||
keyring: /etc/apt/keyrings/docker.gpg
|
keyring: /etc/apt/keyrings/docker.gpg
|
||||||
|
|
||||||
- name: add docker repository
|
- name: Add docker repository
|
||||||
ansible.builtin.apt_repository:
|
ansible.builtin.apt_repository:
|
||||||
filename: docker
|
filename: docker
|
||||||
repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename|lower }} stable
|
repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename|lower }} stable
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: install docker engine
|
- name: Install docker engine
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- docker-ce
|
- docker-ce
|
||||||
|
@ -1,13 +1,13 @@
|
|||||||
---
|
---
|
||||||
- name: install microk8s
|
- name: Install microk8s
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install microk8s
|
- name: Install microk8s
|
||||||
community.general.snap:
|
community.general.snap:
|
||||||
classic: true
|
classic: true
|
||||||
name: microk8s
|
name: microk8s
|
||||||
|
|
||||||
- name: add userpermissions
|
- name: Add user permissions
|
||||||
ansible.builtin.shell: "usermod -aG microk8s {{ lookup('env','USER') }}"
|
ansible.builtin.shell: "usermod -aG microk8s {{ lookup('env','USER') }}"
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: install core packages for virtual machines
|
- name: Install core packages for virtual machines
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install packages
|
- name: Install packages
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- prometheus-node-exporter
|
- prometheus-node-exporter
|
||||||
@ -12,7 +12,7 @@
|
|||||||
- qemu-guest-agent
|
- qemu-guest-agent
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
- name: start guest qemu-guest-agent
|
- name: Start guest qemu-guest-agent
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
name: qemu-guest-agent
|
name: qemu-guest-agent
|
||||||
state: started
|
state: started
|
||||||
|
@ -1,15 +1,15 @@
|
|||||||
---
|
---
|
||||||
- name: install wireguard
|
- name: Install wireguard
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install wireguard
|
- name: Install wireguard
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: wireguard
|
name: wireguard
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
- name: generate private and public keypair
|
- name: Generate private and public keypair
|
||||||
ansible.builtin.shell: |
|
ansible.builtin.shell: |
|
||||||
wg genkey | tee privatekey | wg pubkey > publickey
|
wg genkey | tee privatekey | wg pubkey > publickey
|
||||||
chmod 0400 privatekey
|
chmod 0400 privatekey
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: install zsh
|
- name: Install zsh
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install zsh
|
- name: Install zsh
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: zsh
|
name: zsh
|
||||||
state: present
|
state: present
|
||||||
|
@ -1,17 +1,17 @@
|
|||||||
---
|
---
|
||||||
- name: check disk space
|
- name: Check disk space
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: get disk usage
|
- name: Get disk usage
|
||||||
ansible.builtin.command: df -h
|
ansible.builtin.command: df -h
|
||||||
register: disk_usage
|
register: disk_usage
|
||||||
|
|
||||||
- name: check disk space available
|
- name: Check disk space available
|
||||||
ansible.builtin.shell: df -Ph / | awk 'NR==2 {print $5}'
|
ansible.builtin.shell: df -Ph / | awk 'NR==2 {print $5}'
|
||||||
register: disk_usage
|
register: disk_usage
|
||||||
|
|
||||||
# - name: send discord message when disk space is over 80%
|
# - name: Send discord message when disk space is over 80%
|
||||||
# uri:
|
# uri:
|
||||||
# url: "your-webhook"
|
# url: "your-webhook"
|
||||||
# method: POST
|
# method: POST
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: clean docker
|
- name: Clean docker
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: prune non-dangling images
|
- name: Prune non-dangling images
|
||||||
community.docker.docker_prune:
|
community.docker.docker_prune:
|
||||||
containers: false
|
containers: false
|
||||||
images: true
|
images: true
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
- name: check if system reboot is required
|
- name: Check if system reboot is required
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: check if system reboot is required
|
- name: Check if system reboot is required
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.stat:
|
ansible.builtin.stat:
|
||||||
path: /var/run/reboot-required
|
path: /var/run/reboot-required
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: reboot machine
|
- name: Reboot machine
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: reboot machine
|
- name: Reboot machine
|
||||||
ansible.builtin.reboot:
|
ansible.builtin.reboot:
|
||||||
reboot_timeout: 3600
|
reboot_timeout: 3600
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
# In order to generate a webhook, please see
|
# In order to generate a webhook, please see
|
||||||
# https://support.discord.com/hc/en-us/articles/360045093012-Server-Integrations-Page
|
# https://support.discord.com/hc/en-us/articles/360045093012-Server-Integrations-Page
|
||||||
|
|
||||||
- name: notify discord
|
- name: Notify discord
|
||||||
|
|
||||||
hosts: "{{ my_hosts | d([]) }}"
|
hosts: "{{ my_hosts | d([]) }}"
|
||||||
|
|
||||||
@ -62,7 +62,7 @@
|
|||||||
notify_discord_send_from_host: localhost
|
notify_discord_send_from_host: localhost
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: send discord message
|
- name: Send Discord message
|
||||||
community.general.discord:
|
community.general.discord:
|
||||||
username: "{{ notify_discord_username }}"
|
username: "{{ notify_discord_username }}"
|
||||||
webhook_id: "{{ notify_discord_webhook_id }}"
|
webhook_id: "{{ notify_discord_webhook_id }}"
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install prerequisites
|
- name: Install prerequisites
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- apt-transport-https
|
- apt-transport-https
|
||||||
@ -14,15 +14,15 @@
|
|||||||
- software-properties-common
|
- software-properties-common
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
- name: add apt-key
|
- name: Add apt-key
|
||||||
ansible.builtin.apt_key:
|
ansible.builtin.apt_key:
|
||||||
url: https://download.docker.com/linux/ubuntu/gpg
|
url: https://download.docker.com/linux/ubuntu/gpg
|
||||||
|
|
||||||
- name: add docker repo
|
- name: Add docker repo
|
||||||
ansible.builtin.apt_repository:
|
ansible.builtin.apt_repository:
|
||||||
repo: deb https://download.docker.com/linux/ubuntu focal stable
|
repo: deb https://download.docker.com/linux/ubuntu focal stable
|
||||||
|
|
||||||
- name: install docker
|
- name: Install docker
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- docker-ce
|
- docker-ce
|
||||||
@ -31,5 +31,5 @@
|
|||||||
- docker-compose
|
- docker-compose
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
|
||||||
- name: add userpermissions
|
- name: Add user permissions
|
||||||
ansible.builtin.shell: "usermod -aG docker vagrant"
|
ansible.builtin.shell: "usermod -aG docker vagrant"
|
||||||
|
@ -4,10 +4,10 @@
|
|||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install microk8s
|
- name: Install microk8s
|
||||||
community.general.snap:
|
community.general.snap:
|
||||||
classic: true
|
classic: true
|
||||||
name: microk8s
|
name: microk8s
|
||||||
|
|
||||||
- name: add userpermissions
|
- name: Add user permissions
|
||||||
ansible.builtin.shell: "usermod -aG microk8s vagrant"
|
ansible.builtin.shell: "usermod -aG microk8s vagrant"
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
become: true
|
become: true
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: install cockpit
|
- name: Install cockpit
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: cockpit
|
name: cockpit
|
||||||
update_cache: true
|
update_cache: true
|
||||||
|
Loading…
Reference in New Issue
Block a user