extern/christianlempa-boilerplates
1
0
Fork 0
mirror of https://github.com/ChristianLempa/boilerplates.git synced 2025-01-27 08:41:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into main

Browse Source
This commit is contained in:
Christian Lempa 2024-03-18 16:33:45 +01:00 committed by GitHub
commit d96ec0f78a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
41 changed files with 508 additions and 349 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
.github/issue_template.md vendored Normal file
View File

@ -0,0 +1,33 @@
### Issue Reporting
*Please write all text in English in order to facilitate communication and collaboration. Thank you!*
#### Description
[Provide a clear and concise description of the issue]
#### Steps to Reproduce
1. [First step]
2. [Second step]
3. [Any subsequent steps]
#### Expected Behavior
[Describe what you expected to happen]
#### Actual Behavior
[Describe what actually happened]
#### Screenshots
[If applicable, add screenshots to help explain the issue]
#### Additional Information
[Any additional information or context that can be helpful in resolving the issue]
#### Environment
[Include as many relevant details about the environment you experienced the bug in.]

10
.github/pull_request_template.md vendored
View File

@ -1,12 +1,12 @@
Checklist:
### Pull Request
<!-- Please follow this checklist and put an x in each of the boxes, like this: [x]. It will help the moderators review your PR. -->
*Please write all text in English in order to facilitate communication and collaboration, and follow this checklist. It will help the contributors to review your PR. Thank you!*
- [ ] My pull request has a descriptive title. (unlike `Update index.md`). Check [this](https://www.conventionalcommits.org/en/v1.0.0/) guide regarding titles.
- [ ] If applicable, I have tested these changes.
- [ ] If applicable, I have tested these changes locally.
<!--If your pull request closes a GitHub issue, replace the XXXXX below with the issue number.-->
*If your pull request closes a GitHub issue, replace the XXXXX below with the issue number.*
Closes #XXXXX
<!-- You can add additional description of changes below this line -->
---

4
CONTRIBUTING.md
View File

@ -4,11 +4,11 @@
- Although I do my best to keep up with the latest changes and releases, but if you find something that needs to update, please contribute.
- If youd like to contribute to this project, reach out to me on social media or [Discord](https://discord.gg/bz2SN7d), or create a pull request for the necessary changes.
- If youd like to contribute to this project, reach out to me on social media or [Discord](https://christianlempa.de/discord), or create a pull request for the necessary changes.
## Project overview
To get an overview of the project, read the [README](https://github.com/xcad2k/boilerplates#readme).
To get an overview of the project, read the [README](https://github.com/ChristianLempa/boilerplates#readme).
## Issues

40
ansible/configuration/fail2ban/config-f2b-protect-sshd.yaml
View File

@ -1,19 +1,25 @@
---
- name: install fail2ban and configure sshd
hosts: "{{ hosts }}"
become: yes
- name: Install fail2ban and configure sshd
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install fail2ban
apt:
name:
- fail2ban
update_cache: yes
- name: copy fail2ban configfiles
copy:
src: configfiles/debian-sshd-default.conf
dest: /etc/fail2ban/jail.d/debian-sshd-default.conf
- name: restart fail2ban
systemd:
state: restarted
daemon_reload: yes
name: fail2ban
- name: Install fail2ban
ansible.builtin.apt:
name:
- fail2ban
update_cache: true
- name: Copy fail2ban config file
ansible.builtin.copy:
src: configfiles/debian-sshd-default.conf
dest: /etc/fail2ban/jail.d/debian-sshd-default.conf
mode: '0644'
owner: root
group: root
- name: Restart fail2ban
ansible.builtin.systemd_service:
state: restarted
daemon_reload: true
name: fail2ban

32
ansible/configuration/ssh/config-add-sshkey.yaml
View File

@ -1,17 +1,19 @@
---
- name: add ssh key
hosts: "{{ hosts }}"
become: yes
- name: Add ssh key
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install public keys
ansible.posix.authorized_key:
user: "{{ lookup('env','USER') }}"
state: present
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: change sudoers file
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: /usr/sbin/visudo -cf %s
- name: Install public keys
ansible.posix.authorized_key:
user: "{{ lookup('env', 'USER') }}"
state: present
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- name: Change sudoers file
ansible.builtin.lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: /usr/sbin/visudo -cf %s

34
ansible/deployment/portainer/deploy-portainer.yaml
View File

@ -1,19 +1,21 @@
---
- name: deploy portainer-ce latest
hosts: "{{ hosts }}"
become: yes
- name: Deploy portainer-ce latest
hosts: "{{ my_hosts | d([]) }}"
become: true
become_user: "{{ lookup('env','USER') }}"
tasks:
- name: create new volume
community.docker.docker_volume:
name: portainer-data
- name: deploy portainer
community.docker.docker_container:
name: portainer
image: "docker.io/portainer/portainer-ce"
ports:
- "9443:9443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer-data:/data
restart_policy: unless-stopped
- name: Create new volume
community.docker.docker_volume:
name: portainer-data
- name: Deploy portainer
community.docker.docker_container:
name: portainer
image: "docker.io/portainer/portainer-ce"
ports:
- "9443:9443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- portainer-data:/data
restart_policy: unless-stopped

31
ansible/deployment/traefik/deploy-traefik.yaml
View File

@ -1,17 +1,18 @@
---
- name: deploy traefik v2.5
hosts: "{{ hosts }}"
become: yes
- name: Deploy traefik v2.5
hosts: "{{ my_hosts | d([]) }}"
tasks:
- name: deploy traefik
become_user: "{{ lookup('env','USER') }}"
community.docker.docker_container:
name: traefik
image: "traefik:v2.5"
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/traefik:/etc/traefik
restart_policy: unless-stopped
- name: Deploy traefik
community.docker.docker_container:
name: traefik
image: "traefik:v2.5"
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/traefik:/etc/traefik
restart_policy: unless-stopped
become: true
become_user: "{{ lookup('env', 'USER') }}"

20
ansible/installation/inst-core.yaml
View File

@ -1,10 +1,12 @@
- name: install core packages
hosts: "{{ hosts }}"
become: yes
---
- name: Install core packages
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install core packages
apt:
name:
- prometheus-node-exporter
- nfs-common
update_cache: yes
- name: Install core packages
ansible.builtin.apt:
name:
- prometheus-node-exporter
- nfs-common
update_cache: true

34
ansible/installation/inst-docker-ubuntu.yaml
View File

@ -1,29 +1,33 @@
---
- name: install docker
hosts: "{{ hosts }}"
become: yes
- name: Install docker
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install docker dependencies
apt:
- name: Install docker dependencies
ansible.builtin.apt:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
update_cache: yes
- name: add docker gpg key
apt_key:
update_cache: true
- name: Add docker gpg key
ansible.builtin.apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
keyring: /etc/apt/keyrings/docker.gpg
- name: add docker repository
apt_repository:
filename: docker
repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename|lower }} stable
- name: Add docker repository
ansible.builtin.apt_repository:
filename: docker
repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename | lower }} stable
state: present
- name: install docker engine
apt:
- name: Install docker engine
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
@ -31,4 +35,4 @@
- docker-buildx-plugin
- docker-scan-plugin
- docker-compose-plugin
update_cache: yes
update_cache: true

1
ansible/installation/inst-k8s/inst-k8s.yaml
View File

@ -1,5 +1,4 @@
---
- name: Setup Prerequisites To Install Kubernetes
hosts: instance
become: true

21
ansible/installation/inst-microk8s.yaml
View File

@ -1,11 +1,16 @@
---
- name: install microk8s
hosts: "{{ hosts }}"
become: yes
- name: Install microk8s
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install microk8s
snap:
classic: yes
- name: Install microk8s
community.general.snap:
classic: true
name: microk8s
- name: add userpermissions
shell: "usermod -aG microk8s {{ lookup('env','USER') }}"
- name: Add user to group microk8s
ansible.builtin.user:
name: "{{ lookup('env', 'USER') }}"
groups: microk8s
append: true

5
ansible/installation/inst-qemu-agent.yaml
View File

@ -2,9 +2,10 @@
- name: Install qemu-guest-agent package
hosts: all
become: true
become_method: sudo
become_method: ansible.builtin.sudo
tasks:
- name: Install qemu-guest-agent
apt:
ansible.builtin.apt:
name: qemu-guest-agent
state: present

32
ansible/installation/inst-vm-core.yaml
View File

@ -1,17 +1,19 @@
---
- name: install core packages for virtual machines
hosts: "{{ hosts }}"
become: yes
- name: Install core packages for virtual machines
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install packages
apt:
name:
- prometheus-node-exporter
- nfs-common
- qemu-guest-agent
update_cache: yes
- name: start guest qemu-guest-agent
service:
name: qemu-guest-agent
state: started
enabled: yes
- name: Install packages
ansible.builtin.apt:
name:
- prometheus-node-exporter
- nfs-common
- qemu-guest-agent
update_cache: true
- name: Start guest qemu-guest-agent
ansible.builtin.service:
name: qemu-guest-agent
state: started
enabled: true

18
ansible/installation/inst-wireguard.yaml
View File

@ -1,14 +1,16 @@
---
- name: install wireguard
hosts: "{{ hosts }}"
become: yes
- name: Install wireguard
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install wireguard
apt:
- name: Install wireguard
ansible.builtin.apt:
name: wireguard
update_cache: yes
- name: generate private and public keypair
shell: |
update_cache: true
- name: Generate private and public keypair
ansible.builtin.shell: |
wg genkey | tee privatekey | wg pubkey > publickey
chmod 0400 privatekey
chmod 0400 publickey

11
ansible/installation/inst-zsh.yaml
View File

@ -1,10 +1,11 @@
---
- name: install zsh
hosts: "{{ hosts }}"
become: yes
- name: Install zsh
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: install zsh
apt:
- name: Install zsh
ansible.builtin.apt:
name: zsh
state: present
update_cache: true

21
ansible/maintenance/maint-diskspace.yaml
View File

@ -1,14 +1,19 @@
---
- name: check disk space
hosts: "{{ hosts }}"
- name: Check disk space
hosts: "{{ my_hosts | d([]) }}"
tasks:
- name: get disk usage
command: df -h
- name: Check disk space available
ansible.builtin.shell:
cmd: |
set -euo pipefail
df -Ph / | awk 'NR==2 {print $5}'
executable: /bin/bash
changed_when: false
check_mode: false
register: disk_usage
- name: check disk space available
shell: df -Ph / | awk 'NR==2 {print $5}'
register: disk_usage
# - name: send discord message when disk space is over 80%
# - name: Send discord message when disk space is over 80%
# uri:
# url: "your-webhook"
# method: POST

7
ansible/maintenance/maint-docker-clean.yaml
View File

@ -1,8 +1,9 @@
---
- name: clean docker
hosts: "{{ hosts }}"
- name: Clean docker
hosts: "{{ my_hosts | d([]) }}"
tasks:
- name: prune non-dangling images
- name: Prune non-dangling images
community.docker.docker_prune:
containers: false
images: true

15
ansible/maintenance/maint-reboot-required.yaml
View File

@ -1,13 +1,16 @@
---
- name: check if system reboot is required
hosts: "{{ hosts }}"
become: yes
- name: Check if system reboot is required
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: check if system reboot is required
- name: Check if system reboot is required
become: true
stat:
ansible.builtin.stat:
path: /var/run/reboot-required
register: reboot_required
- debug:
- name: Report if reboot is required
ansible.builtin.debug:
msg: "Reboot is required"
when: reboot_required.stat.exists

13
ansible/maintenance/maint-reboot.yaml
View File

@ -1,8 +1,9 @@
---
- name: reboot machine
hosts: "{{ hosts }}"
become: yes
- name: Reboot machine
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: reboot machine
reboot:
reboot_timeout: 3600
- name: Reboot machine
ansible.builtin.reboot:
reboot_timeout: 3600

86
ansible/notification/notify-discord.yaml
View File

@ -1,14 +1,76 @@
---
- name: notify discord
hosts: "{{ hosts }}"
# This Ansible playbook demonstrates how to send Discord notifications
# using the `community.general.discord` module.
# https://docs.ansible.com/ansible/latest/collections/community/general/discord_module.html
#
# If you need guidance how to create your own Discord server, see
# https://support.discord.com/hc/en-us/articles/204849977-How-do-I-create-a-server
#
# In order to generate a webhook, please see
# https://support.discord.com/hc/en-us/articles/360045093012-Server-Integrations-Page
- name: Notify discord
hosts: "{{ my_hosts | d([]) }}"
vars:
# The name that will be shown as sender of the notification. Note
# that some usernames are blocked by Discord, for example it must
# not contain the word `discord`.
notify_discord_username: Ansible
# Your Discord webhook URL should have following format. Please
# extract following segments of the URL path and set it as value of
# the following variables:
#
# https://discord.com/api/webhooks/nnnnnnnnnn/xxxxxxxxxxxxxxxxxxxxxxxxxxx
# | | | |
# notify_discord_webhook_id <----'--------' | |
# | |
# notify_discord_webhook_token <------------'-------------------------'
#
# Security advise: if you commit this data to a repository it is
# strongly recommended to encrypt `notify_discord_webhook_token` using
# Ansible Vault.
notify_discord_webhook_id: ''
notify_discord_webhook_token: ''
# Do not modify following regular expressions unless you know what
# you're doing. Those are to ensure that whatever you've set as
# `notify_discord_webhook_id` and `notify_discord_webhook_token`
# complies with the Discord API Specification (as of 2024-02-25).
#
# https://github.com/discord/discord-api-spec/blob/fe9917381e47285b56d98cb72ae3cfe7db9ea19c/specs/openapi.json#L7524-L7531
# https://github.com/discord/discord-api-spec/blob/fe9917381e47285b56d98cb72ae3cfe7db9ea19c/specs/openapi.json#L24817-L24821
notify_discord_webhook_id_regex: '^0|[1-9][0-9]*$'
# https://github.com/discord/discord-api-spec/blob/fe9917381e47285b56d98cb72ae3cfe7db9ea19c/specs/openapi.json#L7532-L7541
notify_discord_webhook_token_regex: '^[a-zA-Z0-9_-]+$'
# The content of the notification
notify_discord_webhook_content: |-
**Message from `{{ inventory_hostname }}` by *Ansible* ** :tada:
Just a test, adjust it to your liking.
You can use any Markdown formatting here [supported by Discord](
https://support.discord.com/hc/en-us/articles/210298617-Markdown-Text-101-Chat-Formatting-Bold-Italic-Underline).
# Delegate the sending of the Dicord notification to following host
# which must be able to access the public internet on destination
# port 443/tcp. When `localhost` is specified, this is sent from
# the Ansible Controller, but you can pick any host listed in the
# Ansible inventory.
notify_discord_send_from_host: localhost
tasks:
- name: send discord message
uri:
url: "your-webhook"
method: POST
body_format: json
body: '{"content": "your-message"}'
headers:
Content-Type: application/json
status_code: 204
# when: your-condition
- name: Send Discord message
community.general.discord:
username: "{{ notify_discord_username }}"
webhook_id: "{{ notify_discord_webhook_id }}"
webhook_token: "{{ notify_discord_webhook_token }}"
content: "{{ notify_discord_webhook_content }}"
delegate_to: "{{ notify_discord_send_from_host }}"
when:
- notify_discord_webhook_id is match(notify_discord_webhook_id_regex)
- notify_discord_webhook_token is match(notify_discord_webhook_token_regex)
- notify_discord_webhook_content | length > 0
- notify_discord_send_from_host is in (['localhost'] + groups['all'])

2
ansible/update/upd-apt-dist.yaml
View File

@ -1 +1 @@
---

17
ansible/update/upd-apt.yaml
View File

@ -1,26 +1,27 @@
---
- name: Update and upgrade apt packages
hosts: all
hosts: all
tasks:
- name: Update packages with apt
when: ansible_pkg_mgr == 'apt'
apt:
update_cache: yes
ansible.builtin.apt:
update_cache: true
- name: Update packages with yum
when: ansible_pkg_mgr == 'yum'
yum:
ansible.builtin.yum:
name: '*'
state: latest
state: latest # noqa: package-latest
- name: Upgrade packages with apt
when: ansible_pkg_mgr == 'apt'
apt:
ansible.builtin.apt:
upgrade: dist
- name: Upgrade packages with yum
when: ansible_pkg_mgr == 'yum'
yum:
ansible.builtin.yum:
name: '*'
state: latest
state: latest # noqa: package-latest
exclude: kernel*

34
docker-compose/cadvisor/docker-compose.yaml
View File

@ -1,17 +1,17 @@
---
services:
cadvisor:
image: gcr.io/cadvisor/cadvisor:v0.47.0
container_name: cadvisor
ports:
- 8080:8080
volumes:
- /:/rootfs:ro
- /var/run:/var/run:ro
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /dev/disk/:/dev/disk:ro
devices:
- /dev/kmsg
privileged: true
restart: unless-stopped
---
services:
cadvisor:
image: gcr.io/cadvisor/cadvisor:v0.47.0
container_name: cadvisor
ports:
- 8080:8080
volumes:
- /:/rootfs:ro
- /var/run:/var/run:ro
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
- /dev/disk/:/dev/disk:ro
devices:
- /dev/kmsg
privileged: true
restart: unless-stopped

2
docker-compose/duplicati/docker-compose.yaml
View File

@ -1,7 +1,7 @@
---
services:
duplicati:
image: ghcr.io/linuxserver/duplicati
image: lscr.io/linuxserver/duplicati:2.0.7
container_name: duplicati
environment:
- PUID=1000

2
docker-compose/grafana/docker-compose.yaml
View File

@ -4,7 +4,7 @@ volumes:
driver: local
services:
grafana:
image: grafana/grafana-oss:10.3.3
image: docker.io/grafana/grafana-oss:10.4.0
container_name: grafana
ports:
- "3000:3000"

2
docker-compose/heimdall/docker-compose.yaml
View File

@ -1,7 +1,7 @@
---
services:
heimdall:
image: lscr.io/linuxserver/heimdall:2.5.6
image: lscr.io/linuxserver/heimdall:2.6.1
container_name: heimdall
environment:
- PUID=1000

3
docker-compose/homeassistant/docker-compose.yaml
View File

@ -2,10 +2,11 @@
services:
homeassistant:
container_name: homeassistant
image: "ghcr.io/home-assistant/home-assistant:2023.6"
image: ghcr.io/home-assistant/home-assistant:2024.3.1
volumes:
- ./config:/config
- /etc/localtime:/etc/localtime:ro
- /run/dbus:/run/dbus:ro
# devices:
# - /dev/ttyACMO # (optional) Add serial devices to the container
privileged: true

6
docker-compose/nextcloud/docker-compose.yaml
View File

@ -4,7 +4,7 @@ volumes:
nextcloud-db:
services:
nextcloud-app:
image: nextcloud:latest
image: docker.io/library/nextcloud:28.0.3-apache
container_name: nextcloud-app
ports:
- 80:80
@ -17,7 +17,9 @@ services:
- MYSQL_HOST=nextcloud-db
restart: unless-stopped
nextcloud-db:
image: mariadb:latest
# See compatibility matrix for Nextcloud 28
# https://docs.nextcloud.com/server/28/admin_manual/installation/system_requirements.html
image: docker.io/library/mariadb:10.11.7
container_name: nextcloud-db
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:

2
docker-compose/nginxproxymanager/docker-compose.yaml
View File

@ -5,7 +5,7 @@ volumes:
nginxproxymanager-db:
services:
nginxproxymanager:
image: jc21/nginx-proxy-manager:2.10.3
image: docker.io/jc21/nginx-proxy-manager:2.11.1
ports:
- 80:80
- 81:81

18
docker-compose/nodeexporter/docker-compose.yaml
View File

@ -1,10 +1,10 @@
---
services:
node_exporter:
image: quay.io/prometheus/node-exporter:v1.5.0
container_name: node_exporter
command: "--path.rootfs=/host"
pid: host
restart: unless-stopped
volumes:
---
services:
node_exporter:
image: quay.io/prometheus/node-exporter:v1.7.0
container_name: node_exporter
command: "--path.rootfs=/host"
pid: host
restart: unless-stopped
volumes:
- /:/host:ro,rslave

9
docker-compose/pihole/docker-compose.yaml
View File

@ -1,5 +1,12 @@
---
version: '3'
volumes:
dnsmasq:
driver: local
etcd:
driver: local
services:
pihole:
container_name: pihole
@ -14,6 +21,6 @@ services:
- TZ=Europe/Berlin
- WEBPASSWORD=your-secret-password
volumes:
- etcd:/etc/pihole
- dnsmasq:/etc/dnsmasq.d
- etcd:/etc/pihole
restart: unless-stopped

54
docker-compose/prometheus/config/prometheus.yml
View File

@ -1,27 +1,27 @@
global:
scrape_interval: 15s # By default, scrape targets every 15 seconds.
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
# external_labels:
# monitor: 'codelab-monitor'
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
- job_name: 'prometheus'
# Override the global default and scrape targets from this job every 5 seconds.
scrape_interval: 5s
static_configs:
- targets: ['localhost:9090']
# Example job for node_exporter
# - job_name: 'node_exporter'
# static_configs:
# - targets: ['node_exporter:9100']
# Example job for cadvisor
# - job_name: 'cadvisor'
# static_configs:
# - targets: ['cadvisor:8080']
global:
scrape_interval: 15s # By default, scrape targets every 15 seconds.
# Attach these labels to any time series or alerts when communicating with
# external systems (federation, remote storage, Alertmanager).
# external_labels:
# monitor: 'codelab-monitor'
# A scrape configuration containing exactly one endpoint to scrape:
# Here it's Prometheus itself.
scrape_configs:
# The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
- job_name: 'prometheus'
# Override the global default and scrape targets from this job every 5 seconds.
scrape_interval: 5s
static_configs:
- targets: ['localhost:9090']
# Example job for node_exporter
# - job_name: 'node_exporter'
# static_configs:
# - targets: ['node_exporter:9100']
# Example job for cadvisor
# - job_name: 'cadvisor'
# static_configs:
# - targets: ['cadvisor:8080']

2
docker-compose/prometheus/docker-compose.yaml
View File

@ -4,7 +4,7 @@ volumes:
driver: local
services:
prometheus:
image: prom/prometheus:v2.50.0
image: prom/prometheus:v2.50.1
container_name: prometheus
ports:
- 9090:9090

2
docker-compose/uptimekuma/docker-compose.yaml
View File

@ -4,7 +4,7 @@ volumes:
driver: local
services:
uptimekuma:
image: louislam/uptime-kuma:latest
image: louislam/uptime-kuma:1.23.11
container_name: uptimekuma
ports:
- 3001:3001

40
vagrant/hyperv/ubuntu/docker/Vagrantfile vendored
View File

@ -1,20 +1,20 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_docker_1"
end
config.vm.provision "ansible" do |a|
a.verbose = "v"
a.playbook = "playbook.yaml"
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_docker_1"
end
config.vm.provision "ansible" do |a|
a.verbose = "v"
a.playbook = "playbook.yaml"
end
end

43
vagrant/hyperv/ubuntu/docker/playbook.yaml
View File

@ -1,29 +1,38 @@
---
- hosts: all
become: yes
- name: Install Docker
hosts: all
become: true
tasks:
- name: install prerequisites
apt:
- name: Install prerequisites
ansible.builtin.apt:
name:
- apt-transport-https
- ca-certificates
- curl
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
update_cache: yes
- name: add apt-key
apt_key:
update_cache: true
- name: Add apt-key
ansible.builtin.apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
- name: add docker repo
apt_repository:
- name: Add docker repo
ansible.builtin.apt_repository:
repo: deb https://download.docker.com/linux/ubuntu focal stable
- name: install docker
apt:
name:
- name: Install docker
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose
update_cache: yes
- name: add userpermissions
shell: "usermod -aG docker vagrant"
update_cache: true
- name: Add user vagrant to group docker
ansible.builtin.user:
name: vagrant
groups: docker
append: true

40
vagrant/hyperv/ubuntu/microk8s-installed/Vagrantfile vendored
View File

@ -1,20 +1,20 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_plain_1"
end
config.vm.provision "ansible" do |a|
a.verbose = "v"
a.playbook = "playbook.yaml"
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_plain_1"
end
config.vm.provision "ansible" do |a|
a.verbose = "v"
a.playbook = "playbook.yaml"
end
end

23
vagrant/hyperv/ubuntu/microk8s-installed/playbook.yaml
View File

@ -1,11 +1,16 @@
---
- hosts: all
become: yes
tasks:
- name: install microk8s
snap:
classic: yes
name: microk8s
- name: add userpermissions
shell: "usermod -aG microk8s vagrant"
- name: Install microk8s
hosts: all
become: true
tasks:
- name: Install microk8s
community.general.snap:
classic: true
name: microk8s
- name: Add user vagrant to group microk8s
ansible.builtin.user:
name: vagrant
groups: microk8s
append: true

44
vagrant/hyperv/ubuntu/plain-with-cockpit/Vagrantfile vendored
View File

@ -1,22 +1,22 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network", bridge: "BRIDGE"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.hostname = "ubuntu_plan-with-cockpit-1"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_plan-with-cockpit-1"
end
config.vm.provision "ansible" do |a|
a.verbose = "v"
a.playbook = "playbook.yaml"
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network", bridge: "BRIDGE"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.hostname = "ubuntu_plan-with-cockpit-1"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_plan-with-cockpit-1"
end
config.vm.provision "ansible" do |a|
a.verbose = "v"
a.playbook = "playbook.yaml"
end
end

14
vagrant/hyperv/ubuntu/plain-with-cockpit/playbook.yaml
View File

@ -1,8 +1,10 @@
---
- hosts: all
become: yes
- name: Install Cockpit
hosts: all
become: true
tasks:
- name: install cockpit
apt:
name: cockpit
update_cache: yes
- name: Install cockpit
ansible.builtin.apt:
name: cockpit
update_cache: true

30
vagrant/hyperv/ubuntu/plain/Vagrantfile vendored
View File

@ -1,15 +1,15 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_plain_1"
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "generic/ubuntu2004"
config.vm.network "public_network"
config.vm.synced_folder ".", "/vagrant_data", disabled: true
config.vm.provider "hyperv"
config.vm.provider "hyperv" do |h|
h.enable_virtualization_extensions = false
h.linked_clone = true
h.memory = 2048
h.vmname = "ubuntu_plain_1"
end
end