extern/christianlempa-boilerplates
1
0
Fork 0
mirror of https://github.com/ChristianLempa/boilerplates.git synced 2024-11-24 17:24:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into feat_improve_discord_notification

Browse Source
This commit is contained in:
Christoph Schug 2024-02-27 13:52:32 +01:00 committed by GitHub
commit d0fed19232
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
20 changed files with 45 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ansible/configuration/fail2ban/config-f2b-protect-sshd.yaml
View File

@ -4,16 +4,16 @@
become: yes become: yes
tasks: tasks:
- name: install fail2ban - name: install fail2ban
apt: ansible.builtin.apt:
name: name:
- fail2ban - fail2ban
update_cache: yes update_cache: yes
- name: copy fail2ban configfiles - name: copy fail2ban configfiles
copy: ansible.builtin.copy:
src: configfiles/debian-sshd-default.conf src: configfiles/debian-sshd-default.conf
dest: /etc/fail2ban/jail.d/debian-sshd-default.conf dest: /etc/fail2ban/jail.d/debian-sshd-default.conf
- name: restart fail2ban - name: restart fail2ban
systemd: ansible.builtin.systemd_service:
state: restarted state: restarted
daemon_reload: yes daemon_reload: yes
name: fail2ban name: fail2ban

2
ansible/configuration/ssh/config-add-sshkey.yaml
View File

@ -9,7 +9,7 @@
state: present state: present
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: change sudoers file - name: change sudoers file
lineinfile: ansible.builtin.lineinfile:
path: /etc/sudoers path: /etc/sudoers
state: present state: present
regexp: '^%sudo' regexp: '^%sudo'

2
ansible/installation/inst-core.yaml
View File

@ -3,7 +3,7 @@
become: yes become: yes
tasks: tasks:
- name: install core packages - name: install core packages
apt: ansible.builtin.apt:
name: name:
- prometheus-node-exporter - prometheus-node-exporter
- nfs-common - nfs-common

8
ansible/installation/inst-docker-ubuntu.yaml
View File

@ -4,7 +4,7 @@
become: yes become: yes
tasks: tasks:
- name: install docker dependencies - name: install docker dependencies
apt: ansible.builtin.apt:
name: name:
- apt-transport-https - apt-transport-https
- ca-certificates - ca-certificates
@ -13,17 +13,17 @@
- software-properties-common - software-properties-common
update_cache: yes update_cache: yes
- name: add docker gpg key - name: add docker gpg key
apt_key: ansible.builtin.apt_key:
url: https://download.docker.com/linux/ubuntu/gpg url: https://download.docker.com/linux/ubuntu/gpg
state: present state: present
keyring: /etc/apt/keyrings/docker.gpg keyring: /etc/apt/keyrings/docker.gpg
- name: add docker repository - name: add docker repository
apt_repository: ansible.builtin.apt_repository:
filename: docker filename: docker
repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename|lower }} stable repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename|lower }} stable
state: present state: present
- name: install docker engine - name: install docker engine
apt: ansible.builtin.apt:
name: name:
- docker-ce - docker-ce
- docker-ce-cli - docker-ce-cli

4
ansible/installation/inst-microk8s.yaml
View File

@ -4,8 +4,8 @@
become: yes become: yes
tasks: tasks:
- name: install microk8s - name: install microk8s
snap: community.general.snap:
classic: yes classic: yes
name: microk8s name: microk8s
- name: add userpermissions - name: add userpermissions
shell: "usermod -aG microk8s {{ lookup('env','USER') }}" ansible.builtin.shell: "usermod -aG microk8s {{ lookup('env','USER') }}"

2
ansible/installation/inst-qemu-agent.yaml
View File

@ -5,6 +5,6 @@
become_method: sudo become_method: sudo
tasks: tasks:
- name: Install qemu-guest-agent - name: Install qemu-guest-agent
apt: ansible.builtin.apt:
name: qemu-guest-agent name: qemu-guest-agent
state: present state: present

4
ansible/installation/inst-vm-core.yaml
View File

@ -4,14 +4,14 @@
become: yes become: yes
tasks: tasks:
- name: install packages - name: install packages
apt: ansible.builtin.apt:
name: name:
- prometheus-node-exporter - prometheus-node-exporter
- nfs-common - nfs-common
- qemu-guest-agent - qemu-guest-agent
update_cache: yes update_cache: yes
- name: start guest qemu-guest-agent - name: start guest qemu-guest-agent
service: ansible.builtin.service:
name: qemu-guest-agent name: qemu-guest-agent
state: started state: started
enabled: yes enabled: yes

4
ansible/installation/inst-wireguard.yaml
View File

@ -4,11 +4,11 @@
become: yes become: yes
tasks: tasks:
- name: install wireguard - name: install wireguard
apt: ansible.builtin.apt:
name: wireguard name: wireguard
update_cache: yes update_cache: yes
- name: generate private and public keypair - name: generate private and public keypair
shell: | ansible.builtin.shell: |
wg genkey | tee privatekey | wg pubkey > publickey wg genkey | tee privatekey | wg pubkey > publickey
chmod 0400 privatekey chmod 0400 privatekey
chmod 0400 publickey chmod 0400 publickey

2
ansible/installation/inst-zsh.yaml
View File

@ -4,7 +4,7 @@
become: yes become: yes
tasks: tasks:
- name: install zsh - name: install zsh
apt: ansible.builtin.apt:
name: zsh name: zsh
state: present state: present
update_cache: true update_cache: true

4
ansible/maintenance/maint-diskspace.yaml
View File

@ -3,10 +3,10 @@
hosts: "{{ hosts }}" hosts: "{{ hosts }}"
tasks: tasks:
- name: get disk usage - name: get disk usage
command: df -h ansible.builtin.command: df -h
register: disk_usage register: disk_usage
- name: check disk space available - name: check disk space available
shell: df -Ph / | awk 'NR==2 {print $5}' ansible.builtin.shell: df -Ph / | awk 'NR==2 {print $5}'
register: disk_usage register: disk_usage
# - name: send discord message when disk space is over 80% # - name: send discord message when disk space is over 80%
# uri: # uri:

4
ansible/maintenance/maint-reboot-required.yaml
View File

@ -5,9 +5,9 @@
tasks: tasks:
- name: check if system reboot is required - name: check if system reboot is required
become: true become: true
stat: ansible.builtin.stat:
path: /var/run/reboot-required path: /var/run/reboot-required
register: reboot_required register: reboot_required
- debug: - ansible.builtin.debug:
msg: "Reboot is required" msg: "Reboot is required"
when: reboot_required.stat.exists when: reboot_required.stat.exists

2
ansible/maintenance/maint-reboot.yaml
View File

@ -4,5 +4,5 @@
become: yes become: yes
tasks: tasks:
- name: reboot machine - name: reboot machine
reboot: ansible.builtin.reboot:
reboot_timeout: 3600 reboot_timeout: 3600

8
ansible/update/upd-apt.yaml
View File

@ -4,23 +4,23 @@
tasks: tasks:
- name: Update packages with apt - name: Update packages with apt
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'
apt: ansible.builtin.apt:
update_cache: yes update_cache: yes
- name: Update packages with yum - name: Update packages with yum
when: ansible_pkg_mgr == 'yum' when: ansible_pkg_mgr == 'yum'
yum: ansible.builtin.yum:
name: '*' name: '*'
state: latest state: latest
- name: Upgrade packages with apt - name: Upgrade packages with apt
when: ansible_pkg_mgr == 'apt' when: ansible_pkg_mgr == 'apt'
apt: ansible.builtin.apt:
upgrade: dist upgrade: dist
- name: Upgrade packages with yum - name: Upgrade packages with yum
when: ansible_pkg_mgr == 'yum' when: ansible_pkg_mgr == 'yum'
yum: ansible.builtin.yum:
name: '*' name: '*'
state: latest state: latest
exclude: kernel* exclude: kernel*

2
docker-compose/heimdall/docker-compose.yaml
View File

@ -1,7 +1,7 @@
--- ---
services: services:
heimdall: heimdall:
image: lscr.io/linuxserver/heimdall:2.5.6 image: lscr.io/linuxserver/heimdall:2.6.1
container_name: heimdall container_name: heimdall
environment: environment:
- PUID=1000 - PUID=1000

9
docker-compose/pihole/docker-compose.yaml
View File

@ -1,5 +1,12 @@
---
version: '3' version: '3'
volumes:
dnsmasq:
driver: local
etcd:
driver: local
services: services:
pihole: pihole:
container_name: pihole container_name: pihole
@ -14,6 +21,6 @@ services:
- TZ=Europe/Berlin - TZ=Europe/Berlin
- WEBPASSWORD=your-secret-password - WEBPASSWORD=your-secret-password
volumes: volumes:
- etcd:/etc/pihole
- dnsmasq:/etc/dnsmasq.d - dnsmasq:/etc/dnsmasq.d
- etcd:/etc/pihole
restart: unless-stopped restart: unless-stopped

2
docker-compose/prometheus/docker-compose.yaml
View File

@ -4,7 +4,7 @@ volumes:
driver: local driver: local
services: services:
prometheus: prometheus:
image: prom/prometheus:v2.50.0 image: prom/prometheus:v2.50.1
container_name: prometheus container_name: prometheus
ports: ports:
- 9090:9090 - 9090:9090

2
docker-compose/uptimekuma/docker-compose.yaml
View File

@ -4,7 +4,7 @@ volumes:
driver: local driver: local
services: services:
uptimekuma: uptimekuma:
image: louislam/uptime-kuma:latest image: louislam/uptime-kuma:1.23.11
container_name: uptimekuma container_name: uptimekuma
ports: ports:
- 3001:3001 - 3001:3001

10
vagrant/hyperv/ubuntu/docker/playbook.yaml
View File

@ -3,7 +3,7 @@
become: yes become: yes
tasks: tasks:
- name: install prerequisites - name: install prerequisites
apt: ansible.builtin.apt:
name: name:
- apt-transport-https - apt-transport-https
- ca-certificates - ca-certificates
@ -12,13 +12,13 @@
- software-properties-common - software-properties-common
update_cache: yes update_cache: yes
- name: add apt-key - name: add apt-key
apt_key: ansible.builtin.apt_key:
url: https://download.docker.com/linux/ubuntu/gpg url: https://download.docker.com/linux/ubuntu/gpg
- name: add docker repo - name: add docker repo
apt_repository: ansible.builtin.apt_repository:
repo: deb https://download.docker.com/linux/ubuntu focal stable repo: deb https://download.docker.com/linux/ubuntu focal stable
- name: install docker - name: install docker
apt: ansible.builtin.apt:
name: name:
- docker-ce - docker-ce
- docker-ce-cli - docker-ce-cli
@ -26,4 +26,4 @@
- docker-compose - docker-compose
update_cache: yes update_cache: yes
- name: add userpermissions - name: add userpermissions
shell: "usermod -aG docker vagrant" ansible.builtin.shell: "usermod -aG docker vagrant"

4
vagrant/hyperv/ubuntu/microk8s-installed/playbook.yaml
View File

@ -3,9 +3,9 @@
become: yes become: yes
tasks: tasks:
- name: install microk8s - name: install microk8s
snap: community.general.snap:
classic: yes classic: yes
name: microk8s name: microk8s
- name: add userpermissions - name: add userpermissions
shell: "usermod -aG microk8s vagrant" ansible.builtin.shell: "usermod -aG microk8s vagrant"

2
vagrant/hyperv/ubuntu/plain-with-cockpit/playbook.yaml
View File

@ -3,6 +3,6 @@
become: yes become: yes
tasks: tasks:
- name: install cockpit - name: install cockpit
apt: ansible.builtin.apt:
name: cockpit name: cockpit
update_cache: yes update_cache: yes