m/natelandau_ansible-homelab-config
1
0
Fork 0
mirror of https://github.com/natelandau/ansible-homelab-config.git synced 2025-11-17 09:23:40 -05:00
Code Issues Packages Projects Releases Wiki Activity

style: pass ansible-lint

Browse Source
This commit is contained in:
Nathaniel Landau
2023-04-25 11:32:29 -04:00
parent 76f4af703e
commit d36212b7d7
18 changed files with 1246 additions and 1214 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.pre-commit-config.yaml
View File

@@ -1,7 +1,7 @@
--- ---
repos: repos:
- repo: "https://github.com/commitizen-tools/commitizen" - repo: "https://github.com/commitizen-tools/commitizen"
rev: v2.42.1 rev: 3.0.1
hooks: hooks:
- id: "commitizen" - id: "commitizen"
@@ -31,7 +31,7 @@ repos:
args: [--markdown-linebreak-ext=md] args: [--markdown-linebreak-ext=md]
- repo: "https://github.com/adrienverge/yamllint.git" - repo: "https://github.com/adrienverge/yamllint.git"
rev: v1.29.0 rev: v1.31.0
hooks: hooks:
- id: yamllint - id: yamllint
files: \.(yaml|yml)$ files: \.(yaml|yml)$

76
handlers/main.yml
View File

@@ -3,80 +3,96 @@
- name: Mount shared storage on Mac - name: Mount shared storage on Mac
become: true become: true
ansible.builtin.command: ansible.builtin.command:
cmd: automount -cv cmd: automount -cv
register: automount_output register: automount_output
failed_when: automount_output.rc > 0 failed_when: automount_output.rc > 0
changed_when: automount_output.rc == 0
when: when:
- "'macs' in group_names" - "'macs' in group_names"
- not ansible_check_mode - not ansible_check_mode
listen: "mac_run_automount" listen: "mac_run_automount"
- name: Mount and unmount shared storage on Mac - name: Mount and unmount shared storage on Mac
become: true become: true
ansible.builtin.command: ansible.builtin.command:
cmd: automount -cvu cmd: automount -cvu
register: automount_output register: automount_output
failed_when: automount_output.rc > 0 failed_when: automount_output.rc > 0
changed_when: automount_output.rc == 0
when: when:
- "'macs' in group_names" - "'macs' in group_names"
- not ansible_check_mode - not ansible_check_mode
listen: "mac_run_automount_unmount" listen: "mac_run_automount_unmount"
##################################### TELEGRAF ##################################### TELEGRAF
- name: (Re)Start telegraf (Debian) - name: (Re)Start telegraf (Debian)
become: true become: true
ansible.builtin.service: ansible.builtin.service:
name: telegraf name: telegraf
state: restarted state: restarted
register: telegraf_service
failed_when: telegraf_service.rc > 0
changed_when: telegraf_service.rc == 0
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
listen: restart_telegraf listen: restart_telegraf
- name: (Re)Start telegraf - name: (Re)Start telegraf
ansible.builtin.shell: ansible.builtin.shell:
cmd: /usr/local/bin/brew services restart telegraf cmd: /usr/local/bin/brew services restart telegraf
executable: /usr/local/bin/bash executable: /usr/local/bin/bash
ignore_errors: true ignore_errors: true
register: telegraf_service
failed_when: telegraf_service.rc > 0
changed_when: telegraf_service.rc == 0
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
listen: restart_telegraf listen: restart_telegraf
##################################### NOMAD ##################################### NOMAD
- name: restart nomad (Debian) - name: Restart nomad (Debian)
become: true become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: nomad name: nomad
enabled: true enabled: true
state: restarted state: restarted
register: nomad_service
failed_when: nomad_service.rc > 0
changed_when: nomad_service.rc == 0
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- "'nostart' not in ansible_run_tags" - "'nostart' not in ansible_run_tags"
listen: "restart nomad" listen: "restart nomad"
- name: "unload nomad agent (MacOSX)" - name: "Unload nomad agent (MacOSX)"
ansible.builtin.command: ansible.builtin.command:
cmd: "launchctl unload -w {{ nomad_plist_macos }}" cmd: "launchctl unload -w {{ nomad_plist_macos }}"
failed_when: false register: nomad_service
changed_when: nomad_service.rc == 0
failed_when: nomad_service.rc > 0
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- "'nostart' not in ansible_run_tags" - "'nostart' not in ansible_run_tags"
listen: "restart nomad" listen: "restart nomad"
- name: "load the nomad agent (MacOSX)" - name: "Load the nomad agent (MacOSX)"
ansible.builtin.command: ansible.builtin.command:
cmd: "launchctl load -w {{ nomad_plist_macos }}" cmd: "launchctl load -w {{ nomad_plist_macos }}"
register: nomad_service
changed_when: nomad_service.rc == 0
failed_when: nomad_service.rc > 0
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- "'nostart' not in ansible_run_tags" - "'nostart' not in ansible_run_tags"
listen: "restart nomad" listen: "restart nomad"
- name: "ensure nomad is really running" - name: "Ensure nomad is really running"
ansible.builtin.shell: ansible.builtin.shell:
cmd: "sleep 10 && /usr/local/bin/nomad node status -self -short | grep {{ inventory_hostname }}" cmd: "set -o pipefail && sleep 10 && /usr/local/bin/nomad node status -self -short | grep {{ inventory_hostname }}"
register: node_status_response register: node_status_response
failed_when: node_status_response.rc > 0 failed_when: node_status_response.rc > 0
changed_when: false changed_when: node_status_response.rc == 0
when: "'nostart' not in ansible_run_tags" when: "'nostart' not in ansible_run_tags"
listen: "restart nomad" listen: "restart nomad"
# - name: "Ensure sure Nomad service is really running" # - name: "Ensure sure Nomad service is really running"

134
main.yml
View File

@@ -4,76 +4,76 @@
serial: 1 serial: 1
vars_files: vars_files:
- default_variables.yml - default_variables.yml
- vault.yml - vault.yml
pre_tasks: pre_tasks:
- name: Run sanity checks - name: Run sanity checks
ansible.builtin.import_tasks: tasks/sanity.yml ansible.builtin.import_tasks: tasks/sanity.yml
tags: ["always", "sanity"] tags: ["always", "sanity"]
- name: populate service facts - name: Populate service facts
ansible.builtin.service_facts: ansible.builtin.service_facts:
tags: ["nomad", "consul"] tags: ["nomad", "consul"]
- name: Run debug tasks - name: Run debug tasks
ansible.builtin.import_tasks: tasks/debug.yml ansible.builtin.import_tasks: tasks/debug.yml
tags: [never, debug] tags: [never, debug]
- name: populate device specific variables - name: Populate device specific variables
ansible.builtin.import_tasks: tasks/interpolated_variables.yml ansible.builtin.import_tasks: tasks/interpolated_variables.yml
tags: ["always"] tags: ["always"]
- name: Ensure we have up-to-date packages - name: Ensure we have up-to-date packages
ansible.builtin.import_tasks: tasks/packages.yml ansible.builtin.import_tasks: tasks/packages.yml
tags: ["packages", "update"] tags: ["packages", "update"]
- name: Set clean nomad_jobs_dir variable - name: Set clean nomad_jobs_dir variable
ansible.builtin.set_fact: ansible.builtin.set_fact:
clean_nomad_jobs: true clean_nomad_jobs: true
tags: ["never", "clean"] tags: ["never", "clean"]
tasks: tasks:
- name: Configure cluster NFS mounts - name: Configure cluster NFS mounts
ansible.builtin.import_tasks: tasks/cluster_storage.yml ansible.builtin.import_tasks: tasks/cluster_storage.yml
tags: ["storage"] tags: ["storage"]
when: when:
- is_nomad_client or is_nomad_server or is_shared_storage_client - is_nomad_client or is_nomad_server or is_shared_storage_client
- name: Install Docker - name: Install Docker
ansible.builtin.import_tasks: tasks/docker.yml ansible.builtin.import_tasks: tasks/docker.yml
tags: ["docker"] tags: ["docker"]
when: "'nas' not in group_names" when: "'nas' not in group_names"
- name: Install and Upgrade Consul - name: Install and Upgrade Consul
ansible.builtin.import_tasks: tasks/consul.yml ansible.builtin.import_tasks: tasks/consul.yml
tags: ["consul"] tags: ["consul"]
when: is_consul_client or is_consul_server when: is_consul_client or is_consul_server
- name: Install and Upgrade Nomad - name: Install and Upgrade Nomad
ansible.builtin.import_tasks: tasks/nomad.yml ansible.builtin.import_tasks: tasks/nomad.yml
tags: ["nomad"] tags: ["nomad"]
when: is_nomad_client or is_nomad_server when: is_nomad_client or is_nomad_server
- name: Orchestration Jobs - name: Orchestration Jobs
ansible.builtin.import_tasks: tasks/orchestration_jobs.yml ansible.builtin.import_tasks: tasks/orchestration_jobs.yml
tags: ["jobs", "update"] tags: ["jobs", "update"]
- name: Prometheus Node Exporter - name: Prometheus Node Exporter
ansible.builtin.import_tasks: tasks/service_prometheus_nodeExporter.yml ansible.builtin.import_tasks: tasks/service_prometheus_nodeExporter.yml
tags: ["prometheus_exporter"] tags: ["prometheus_exporter"]
when: when:
- is_prometheus_node - is_prometheus_node
- "'pis' in group_names" - "'pis' in group_names"
- name: Install backup scripts - name: Install backup scripts
ansible.builtin.import_tasks: tasks/backups.yml ansible.builtin.import_tasks: tasks/backups.yml
tags: ["backup", "backups"] tags: ["backup", "backups"]
when: is_nomad_client or is_nomad_server when: is_nomad_client or is_nomad_server
- name: Install and configure Telegraf - name: Install and configure Telegraf
ansible.builtin.import_tasks: tasks/telegraf.yml ansible.builtin.import_tasks: tasks/telegraf.yml
tags: ["telegraf"] tags: ["telegraf"]
when: is_telegraf_client when: is_telegraf_client
- name: Pull repositories - name: Pull repositories
ansible.builtin.import_tasks: tasks/pull_repositories.yml ansible.builtin.import_tasks: tasks/pull_repositories.yml
tags: ["never", "update", "repos"] tags: ["never", "update", "repos"]
- name: Configure log rotate - name: Configure log rotate
ansible.builtin.import_tasks: tasks/logrotate.yml ansible.builtin.import_tasks: tasks/logrotate.yml
tags: ["logrotate"] tags: ["logrotate"]
when: is_cluster_leader when: is_cluster_leader
- name: Install and configure tdarr - name: Install and configure tdarr
ansible.builtin.import_tasks: tasks/tdarr.yml ansible.builtin.import_tasks: tasks/tdarr.yml
tags: ["tdarr"] tags: ["tdarr"]
when: is_tdarr_server or is_tdarr_node when: is_tdarr_server or is_tdarr_node
handlers: handlers:
- ansible.builtin.import_tasks: handlers/main.yml - ansible.builtin.import_tasks: handlers/main.yml

48
tasks/backups.yml
View File

@@ -6,42 +6,42 @@
# 1. Copies a backup and restore shellscript to /usr/local/bin # 1. Copies a backup and restore shellscript to /usr/local/bin
# 2. Edits the sudoers file to allow the script to be invoked with sudo privileges # 2. Edits the sudoers file to allow the script to be invoked with sudo privileges
- name: copy backup shellscript to server - name: Copy backup shellscript to server
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: scripts/service_backups.sh.j2 src: scripts/service_backups.sh.j2
dest: /usr/local/bin/service_backups dest: /usr/local/bin/service_backups
mode: 0755 mode: 0755
when: when:
- is_nomad_client or is_nomad_server - is_nomad_client or is_nomad_server
- name: copy restore shellscript to server - name: Copy restore shellscript to server
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: scripts/service_restore.sh.j2 src: scripts/service_restore.sh.j2
dest: /usr/local/bin/service_restore dest: /usr/local/bin/service_restore
mode: 0755 mode: 0755
when: when:
- is_nomad_client or is_nomad_server - is_nomad_client or is_nomad_server
- name: ensure nomad user can run sudo with the restore script - name: Ensure nomad user can run sudo with the restore script
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/sudoers path: /etc/sudoers
state: present state: present
line: "nomad ALL=(ALL) NOPASSWD: /usr/local/bin/service_backups, /usr/local/bin/service_restore" line: "nomad ALL=(ALL) NOPASSWD: /usr/local/bin/service_backups, /usr/local/bin/service_restore"
validate: "/usr/sbin/visudo -cf %s" validate: "/usr/sbin/visudo -cf %s"
when: when:
- is_nomad_client or is_nomad_server - is_nomad_client or is_nomad_server
- "'pis' in group_names" - "'pis' in group_names"
- name: ensure my user can run sudo with the restore script - name: Ensure my user can run sudo with the restore script
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/sudoers path: /etc/sudoers
state: present state: present
line: "{{ ansible_user }} ALL=(ALL) NOPASSWD: /usr/local/bin/service_backups, /usr/local/bin/service_restore" line: "{{ ansible_user }} ALL=(ALL) NOPASSWD: /usr/local/bin/service_backups, /usr/local/bin/service_restore"
validate: "/usr/sbin/visudo -cf %s" validate: "/usr/sbin/visudo -cf %s"
when: when:
- is_nomad_client or is_nomad_server - is_nomad_client or is_nomad_server
- "'pis' in group_names" - "'pis' in group_names"

276
tasks/cluster_storage.yml
View File

@@ -6,159 +6,159 @@
- name: "Mount storage on Raspberry Pis" - name: "Mount storage on Raspberry Pis"
when: "'pis' in group_names" when: "'pis' in group_names"
block: block:
- name: ensure local mount points exist - name: Ensure local mount points exist
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ item.local }}" path: "{{ item.local }}"
state: directory state: directory
mode: 0777 mode: 0777
# owner: "{{ ansible_user_uid }}" # owner: "{{ ansible_user_uid }}"
# group: "{{ ansible_user_gid }}" # group: "{{ ansible_user_gid }}"
loop: "{{ rpi_nfs_mounts_list }}" loop: "{{ rpi_nfs_mounts_list }}"
- name: remove old nfs drives - name: Remove old nfs drives
become: true become: true
ansible.posix.mount: ansible.posix.mount:
path: "{{ item.local }}" path: "{{ item.local }}"
src: "{{ item.src }}" src: "{{ item.src }}"
fstype: nfs fstype: nfs
opts: defaults,hard,intr,timeo=14 opts: defaults,hard,intr,timeo=14
state: absent state: absent
loop: "{{ rpi_nfs_mounts_remove }}" loop: "{{ rpi_nfs_mounts_remove }}"
- name: mount all nfs drives - name: Mount all nfs drives
become: true become: true
ansible.posix.mount: ansible.posix.mount:
path: "{{ item.local }}" path: "{{ item.local }}"
src: "{{ item.src }}" src: "{{ item.src }}"
fstype: nfs fstype: nfs
opts: defaults,hard,intr,timeo=14 opts: defaults,hard,intr,timeo=14
state: mounted state: mounted
boot: true boot: true
loop: "{{ rpi_nfs_mounts_list }}" loop: "{{ rpi_nfs_mounts_list }}"
# --------------------------------- Mount on Macs # --------------------------------- Mount on Macs
# https://gist.github.com/l422y/8697518 # https://gist.github.com/l422y/8697518
- name: "Mount storage on Macs" - name: "Mount storage on Macs"
when: "'macs' in group_names" when: "'macs' in group_names"
block: block:
- name: create mount_point - name: Create mount_point
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ mac_storage_mount_point }}" path: "{{ mac_storage_mount_point }}"
state: directory state: directory
mode: 0755 mode: 0755
# I ran into problems getting this to run successfully. If errors occur, add the line manually using: # I ran into problems getting this to run successfully. If errors occur, add the line manually using:
# $ sudo nano /private/etc/auto_master # $ sudo nano /private/etc/auto_master
- name: add NFS shared drives to macs - name: Add NFS shared drives to macs
when: mac_autofs_type == 'nfs' when: mac_autofs_type == 'nfs'
block: block:
- name: add auto_nfs to "/private/etc/auto_master" - name: Add auto_nfs to "/private/etc/auto_master"
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /private/etc/auto_master path: /private/etc/auto_master
regexp: "auto_nfs" regexp: "auto_nfs"
line: "/- auto_nfs -nobrowse,nosuid" line: "/- auto_nfs -nobrowse,nosuid"
unsafe_writes: true unsafe_writes: true
- name: add mounts to /etc/auto_nfs - name: Add mounts to /etc/auto_nfs
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
create: true create: true
path: /private/etc/auto_nfs path: /private/etc/auto_nfs
regexp: "{{ item.src }}" regexp: "{{ item.src }}"
line: "{{ item.local }} -fstype=nfs,bg,intr,noowners,rw,vers=4 nfs://{{ item.src }}" line: "{{ item.local }} -fstype=nfs,bg,intr,noowners,rw,vers=4 nfs://{{ item.src }}"
state: present state: present
unsafe_writes: true unsafe_writes: true
mode: 0644 mode: 0644
loop: "{{ mac_nfs_mounts_list if mac_nfs_mounts_list is iterable else [] }}" loop: "{{ mac_nfs_mounts_list if mac_nfs_mounts_list is iterable else [] }}"
notify: mac_run_automount notify: mac_run_automount
- name: remove old mounts from /etc/auto_nfs - name: Remove old mounts from /etc/auto_nfs
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
create: true create: true
path: /private/etc/auto_nfs path: /private/etc/auto_nfs
regexp: "{{ item.src }}" regexp: "{{ item.src }}"
line: "{{ item.local }} -fstype=nfs,bg,intr,noowners,rw,vers=4 nfs://{{ item.src }}" line: "{{ item.local }} -fstype=nfs,bg,intr,noowners,rw,vers=4 nfs://{{ item.src }}"
state: absent state: absent
unsafe_writes: true unsafe_writes: true
mode: 0644 mode: 0644
notify: mac_run_automount_unmount notify: mac_run_automount_unmount
loop: "{{ mac_nfs_mounts_remove if mac_nfs_mounts_remove is iterable else [] }}" loop: "{{ mac_nfs_mounts_remove if mac_nfs_mounts_remove is iterable else [] }}"
- name: add AFP shared drives to macs - name: Add AFP shared drives to macs
when: mac_autofs_type == 'afp' when: mac_autofs_type == 'afp'
block: block:
- name: add auto_afp to "/private/etc/auto_master" - name: Add auto_afp to "/private/etc/auto_master"
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /private/etc/auto_master path: /private/etc/auto_master
regexp: "auto_afp" regexp: "auto_afp"
line: "/- auto_afp -nobrowse,nosuid" line: "/- auto_afp -nobrowse,nosuid"
unsafe_writes: true unsafe_writes: true
- name: add mounts to /etc/auto_afp - name: Add mounts to /etc/auto_afp
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
create: true create: true
path: /private/etc/auto_afp path: /private/etc/auto_afp
regexp: "{{ item.src }}" regexp: "{{ item.src }}"
line: "{{ item.local }} -fstype=afp,rw afp://{{ item.src }}" line: "{{ item.local }} -fstype=afp,rw afp://{{ item.src }}"
state: present state: present
unsafe_writes: true unsafe_writes: true
mode: 0644 mode: 0644
loop: "{{ mac_afp_or_smb_mounts_list if mac_afp_or_smb_mounts_list is iterable else [] }}" loop: "{{ mac_afp_or_smb_mounts_list if mac_afp_or_smb_mounts_list is iterable else [] }}"
notify: mac_run_automount notify: mac_run_automount
- name: remove mounts from /etc/auto_afp - name: Remove mounts from /etc/auto_afp
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
create: true create: true
path: /private/etc/auto_afp path: /private/etc/auto_afp
regexp: "{{ item.src }}" regexp: "{{ item.src }}"
line: "{{ item.local }} -fstype=afp,rw afp://{{ item.src }}" line: "{{ item.local }} -fstype=afp,rw afp://{{ item.src }}"
state: present state: present
unsafe_writes: true unsafe_writes: true
mode: 0644 mode: 0644
loop: "{{ mac_afp_or_smb_mounts_remove if mac_afp_or_smb_mounts_remove is iterable else [] }}" loop: "{{ mac_afp_or_smb_mounts_remove if mac_afp_or_smb_mounts_remove is iterable else [] }}"
notify: mac_run_automount_unmount notify: mac_run_automount_unmount
- name: add SMB shared drives to macs - name: Add SMB shared drives to macs
when: mac_autofs_type == 'smb' when: mac_autofs_type == 'smb'
block: block:
- name: add auto_smb to "/private/etc/auto_master" - name: Add auto_smb to "/private/etc/auto_master"
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /private/etc/auto_master path: /private/etc/auto_master
regexp: "auto_smb" regexp: "auto_smb"
line: "/- auto_smb -noowners,nosuid" line: "/- auto_smb -noowners,nosuid"
unsafe_writes: true unsafe_writes: true
- name: add mounts to /etc/auto_smb - name: Add mounts to /etc/auto_smb
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
create: true create: true
path: /private/etc/auto_smb path: /private/etc/auto_smb
regexp: "{{ item.src }}" regexp: "{{ item.src }}"
line: "{{ item.local }} -fstype=smbfs,soft,noowners,nosuid,rw ://{{ smb_username }}:{{ smb_password }}@{{ item.src }}" line: "{{ item.local }} -fstype=smbfs,soft,noowners,nosuid,rw ://{{ smb_username }}:{{ smb_password }}@{{ item.src }}"
state: present state: present
unsafe_writes: true unsafe_writes: true
mode: 0644 mode: 0644
loop: "{{ mac_afp_or_smb_mounts_list if mac_afp_or_smb_mounts_list is iterable else [] }}" loop: "{{ mac_afp_or_smb_mounts_list if mac_afp_or_smb_mounts_list is iterable else [] }}"
notify: mac_run_automount notify: mac_run_automount
- name: remove mounts from /etc/auto_smb - name: Remove mounts from /etc/auto_smb
become: true become: true
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
create: true create: true
path: /private/etc/auto_smb path: /private/etc/auto_smb
regexp: "{{ item.src }}" regexp: "{{ item.src }}"
line: "{{ item.local }} -fstype=afp,rw afp://{{ item.src }}" line: "{{ item.local }} -fstype=afp,rw afp://{{ item.src }}"
state: present state: present
unsafe_writes: true unsafe_writes: true
mode: 0644 mode: 0644
loop: "{{ mac_afp_or_smb_mounts_remove if mac_afp_or_smb_mounts_remove is iterable else [] }}" loop: "{{ mac_afp_or_smb_mounts_remove if mac_afp_or_smb_mounts_remove is iterable else [] }}"
notify: mac_run_automount_unmount notify: mac_run_automount_unmount

584
tasks/consul.yml
View File

@@ -4,356 +4,362 @@
- name: Set variables needed to install consul - name: Set variables needed to install consul
block: block:
- name: "Set variable: check if we have a mounted USB drive (Debian)" - name: "Set variable: check if we have a mounted USB drive (Debian)"
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ rpi_usb_drive_mount_point }}" path: "{{ rpi_usb_drive_mount_point }}"
register: have_usb_drive register: have_usb_drive
changed_when: false changed_when: false
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "Set variable: Use USB drive for consul /opt (Debian)" - name: "Set variable: Use USB drive for consul /opt (Debian)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_opt_dir: "{{ rpi_usb_drive_mount_point }}/opt/consul" consul_opt_dir: "{{ rpi_usb_drive_mount_point }}/opt/consul"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- have_usb_drive.stat.exists - have_usb_drive.stat.exists
- name: "Set variable: Use root disk for consul /opt (Debian)" - name: "Set variable: Use root disk for consul /opt (Debian)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_opt_dir: "/opt/consul" consul_opt_dir: "/opt/consul"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- not have_usb_drive.stat.exists - not have_usb_drive.stat.exists
- name: "Set variable: Use ~/library for /opt files (macOSX)" - name: "Set variable: Use ~/library for /opt files (macOSX)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_opt_dir: "/Users/{{ ansible_user }}/Library/consul" consul_opt_dir: "/Users/{{ ansible_user }}/Library/consul"
when: when:
- mac_intel or mac_arm - mac_intel or mac_arm
- name: "Set variable: Use ~/volume1/docker/consul/data for /opt files (synology)" - name: "Set variable: Use ~/volume1/docker/consul/data for /opt files (synology)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_opt_dir: "/volume1/docker/consul/data" consul_opt_dir: "/volume1/docker/consul/data"
when: when:
- inventory_hostname == 'synology' - inventory_hostname == 'synology'
- name: "Set variable: Set Consul download Binary (armv7l)" - name: "Set variable: Set Consul download Binary (armv7l)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_arm.zip" consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_arm.zip"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'armv7l' - ansible_architecture == 'armv7l'
- name: "Set variable: Set Consul download Binary (aarch64)" - name: "Set variable: Set Consul download Binary (aarch64)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_arm64.zip" consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_linux_arm64.zip"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'aarch64' - ansible_architecture == 'aarch64'
- name: "Set variable: Set Consul download Binary (MacOSX)" - name: "Set variable: Set Consul download Binary (MacOSX)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_darwin_amd64.zip" consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_darwin_amd64.zip"
when: mac_intel when: mac_intel
- name: "Set variable: Set Consul download Binary (MacOSX)" - name: "Set variable: Set Consul download Binary (MacOSX)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_darwin_arm64.zip" consul_download_uri: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_darwin_arm64.zip"
when: mac_arm when: mac_arm
- name: Assert that we can install Consul - name: Assert that we can install Consul
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- consul_download_uri is defined - consul_download_uri is defined
- consul_opt_dir is defined - consul_opt_dir is defined
fail_msg: "Unable to install consul on this host" fail_msg: "Unable to install consul on this host"
when: inventory_hostname != 'synology' when: inventory_hostname != 'synology'
- name: "Stop Consul" - name: "Stop Consul"
block: block:
- name: "Stop consul systemd service (Debian)" - name: "Stop consul systemd service (Debian)"
become: true become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: consul name: consul
state: stopped state: stopped
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_facts.services["consul.service"] is defined - ansible_facts.services["consul.service"] is defined
- name: "Check if plist file exists (MacOSX)" - name: "Check if plist file exists (MacOSX)"
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ consul_plist_macos }}" path: "{{ consul_plist_macos }}"
register: consul_file register: consul_file
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: "Unload consul agent (MacOSX)" - name: "Unload consul agent (MacOSX)"
become: true become: true
ansible.builtin.command: ansible.builtin.command:
cmd: "launchctl unload {{ consul_plist_macos }}" cmd: "launchctl unload {{ consul_plist_macos }}"
when: register: consul_unload
- ansible_os_family == 'Darwin' failed_when: consul_unload.rc != 0
- consul_file.stat.exists changed_when: consul_unload.rc == 0
when:
- ansible_os_family == 'Darwin'
- consul_file.stat.exists
- name: "Create 'consul' user and group" - name: "Create 'consul' user and group"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
block: block:
- name: "Ensure group 'consul' exists (Debian)" - name: "Ensure group 'consul' exists (Debian)"
become: true become: true
ansible.builtin.group: ansible.builtin.group:
name: consul name: consul
state: present state: present
- name: "Add the user 'consul' with group 'consul' (Debian)" - name: "Add the user 'consul' with group 'consul' (Debian)"
become: true become: true
ansible.builtin.user: ansible.builtin.user:
name: consul name: consul
group: consul group: consul
- name: "Create Consul /opt storage and copy certificates" - name: "Create Consul /opt storage and copy certificates"
block: block:
- name: "Create {{ consul_opt_dir }} directories" - name: "Create {{ consul_opt_dir }} directories"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
recurse: true recurse: true
mode: 0755 mode: 0755
loop: loop:
- "{{ consul_opt_dir }}" - "{{ consul_opt_dir }}"
- "{{ consul_opt_dir }}/logs" - "{{ consul_opt_dir }}/logs"
- "{{ consul_opt_dir }}/plugins" - "{{ consul_opt_dir }}/plugins"
- "{{ consul_opt_dir }}/certs" - "{{ consul_opt_dir }}/certs"
- name: Copy certs to servers - name: Copy certs to servers
become: true become: true
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: 0755 mode: 0755
loop: loop:
- { src: "certs/consul/consul-agent-ca.pem", dest: "{{ consul_opt_dir }}/certs/consul-agent-ca.pem" } - { src: "certs/consul/consul-agent-ca.pem", dest: "{{ consul_opt_dir }}/certs/consul-agent-ca.pem" }
- { src: "certs/consul/{{ datacenter_name }}-server-consul-0.pem", dest: "{{ consul_opt_dir }}/certs/{{ datacenter_name }}-server-consul-0.pem" } - { src: "certs/consul/{{ datacenter_name }}-server-consul-0.pem", dest: "{{ consul_opt_dir }}/certs/{{ datacenter_name }}-server-consul-0.pem" }
- { src: "certs/consul/{{ datacenter_name }}-server-consul-0-key.pem", dest: "{{ consul_opt_dir }}/certs/{{ datacenter_name }}-server-consul-0-key.pem" } - { src: "certs/consul/{{ datacenter_name }}-server-consul-0-key.pem", dest: "{{ consul_opt_dir }}/certs/{{ datacenter_name }}-server-consul-0-key.pem" }
when: when:
- is_consul_server - is_consul_server
- name: Copy certs to clients - name: Copy certs to clients
become: true become: true
ansible.builtin.copy: ansible.builtin.copy:
src: certs/consul/consul-agent-ca.pem src: certs/consul/consul-agent-ca.pem
dest: "{{ consul_opt_dir }}/certs/consul-agent-ca.pem" dest: "{{ consul_opt_dir }}/certs/consul-agent-ca.pem"
mode: 0755 mode: 0755
when: when:
- is_consul_client - is_consul_client
- not is_consul_server - not is_consul_server
- name: "Set owner of files to consul:consul (debian)" - name: "Set owner of files to consul:consul (debian)"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ consul_opt_dir }}" path: "{{ consul_opt_dir }}"
owner: consul owner: consul
group: consul group: consul
recurse: true recurse: true
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "Set owner of files to {{ ansible_user_uid }}:{{ ansible_user_gid }}" - name: "Set owner of files to {{ ansible_user_uid }}:{{ ansible_user_gid }}"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ consul_opt_dir }}" path: "{{ consul_opt_dir }}"
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
recurse: true recurse: true
when: when:
- mac_intel or mac_arm or inventory_hostname == 'synology' - mac_intel or mac_arm or inventory_hostname == 'synology'
- name: "Template out Consul configuration file" - name: "Template out Consul configuration file"
block: block:
- name: "Create {{ interpolated_consul_configuration_dir }}" - name: "Create {{ interpolated_consul_configuration_dir }}"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ interpolated_consul_configuration_dir }}" path: "{{ interpolated_consul_configuration_dir }}"
state: directory state: directory
mode: 0755 mode: 0755
- name: Copy consul base config file - name: Copy consul base config file
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: consul.hcl.j2 src: consul.hcl.j2
dest: "{{ interpolated_consul_configuration_dir }}/consul.hcl" dest: "{{ interpolated_consul_configuration_dir }}/consul.hcl"
mode: 0644 mode: 0644
- name: "Set owner of files to consul:consul (Debian)" - name: "Set owner of files to consul:consul (Debian)"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ interpolated_consul_configuration_dir }}" path: "{{ interpolated_consul_configuration_dir }}"
owner: consul owner: consul
group: consul group: consul
recurse: true recurse: true
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "Set owner of files to {{ ansible_user_uid }}:{{ ansible_user_gid }}" - name: "Set owner of files to {{ ansible_user_uid }}:{{ ansible_user_gid }}"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ interpolated_consul_configuration_dir }}" path: "{{ interpolated_consul_configuration_dir }}"
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
recurse: true recurse: true
when: when:
- mac_intel or mac_arm or inventory_hostname == 'synology' - mac_intel or mac_arm or inventory_hostname == 'synology'
- name: "Set owner of root consul dir to {{ ansible_user_uid }}:{{ ansible_user_gid }} (synology)" - name: "Set owner of root consul dir to {{ ansible_user_uid }}:{{ ansible_user_gid }} (synology)"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: /volume1/docker/consul/ path: /volume1/docker/consul/
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
recurse: true recurse: true
when: when:
- inventory_hostname == 'synology' - inventory_hostname == 'synology'
- name: "Install Consul binary" - name: "Install Consul binary"
block: block:
- name: "Set fact: need install consul?" - name: "Set fact: need install consul?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_consul_install: false need_consul_install: false
when: when:
- consul_download_uri is defined - consul_download_uri is defined
- name: Check if Consul is installed - name: Check if Consul is installed
ansible.builtin.stat: ansible.builtin.stat:
path: /usr/local/bin/consul path: /usr/local/bin/consul
register: consul_binary_file_location register: consul_binary_file_location
when: when:
- consul_download_uri is defined - consul_download_uri is defined
- name: "Set fact: need consul install?" - name: "Set fact: need consul install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_consul_install: true need_consul_install: true
when: when:
- consul_download_uri is defined - consul_download_uri is defined
- not consul_binary_file_location.stat.exists - not consul_binary_file_location.stat.exists
- name: Check current version of Consul - name: Check current version of Consul
ansible.builtin.shell: ansible.builtin.shell:
cmd: /usr/local/bin/consul --version | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' cmd: /usr/local/bin/consul --version | grep -oE '[0-9]+\.[0-9]+\.[0-9]+'
ignore_errors: true ignore_errors: true
changed_when: false changed_when: false
register: installed_consul_version register: installed_consul_version
check_mode: false check_mode: false
when: when:
- consul_download_uri is defined - consul_download_uri is defined
- not need_consul_install - not need_consul_install
- name: "Set fact: need consul install?" - name: "Set fact: need consul install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_consul_install: true need_consul_install: true
when: when:
- consul_download_uri is defined - consul_download_uri is defined
- not need_consul_install - not need_consul_install
- installed_consul_version.stdout is version(consul_version, '<') - installed_consul_version.stdout is version(consul_version, '<')
- name: Install Consul - name: Install Consul
become: true become: true
ansible.builtin.unarchive: ansible.builtin.unarchive:
src: "{{ consul_download_uri }}" src: "{{ consul_download_uri }}"
dest: /usr/local/bin dest: /usr/local/bin
remote_src: true remote_src: true
when: when:
- consul_download_uri is defined - consul_download_uri is defined
- need_consul_install - need_consul_install
- name: "Validate consul config" - name: "Validate consul config"
ansible.builtin.command: ansible.builtin.command:
cmd: "/usr/local/bin/consul validate {{ interpolated_consul_configuration_dir }}" cmd: "/usr/local/bin/consul validate {{ interpolated_consul_configuration_dir }}"
register: consul_config_valid register: consul_config_valid
changed_when: false changed_when: false
failed_when: consul_config_valid.rc != 0 failed_when: consul_config_valid.rc != 0
when: when:
- inventory_hostname != 'synology' - inventory_hostname != 'synology'
- name: "Copy system.d or launchctl service files" - name: "Copy system.d or launchctl service files"
block: block:
- name: Ensure /Library/LaunchAgents exists (MacOSX) - name: Ensure /Library/LaunchAgents exists (MacOSX)
ansible.builtin.file: ansible.builtin.file:
path: "{{ consul_plist_macos | dirname }}" path: "{{ consul_plist_macos | dirname }}"
state: directory state: directory
mode: 0755 mode: 0755
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: Create Consul launchd service (MacOSX) - name: Create Consul launchd service (MacOSX)
ansible.builtin.template: ansible.builtin.template:
src: consul.launchd.j2 src: consul.launchd.j2
dest: "{{ consul_plist_macos }}" dest: "{{ consul_plist_macos }}"
mode: 0644 mode: 0644
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: Create Consul service (Debian) - name: Create Consul service (Debian)
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: consul.service.j2 src: consul.service.j2
dest: /etc/systemd/system/consul.service dest: /etc/systemd/system/consul.service
mode: 0644 mode: 0644
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "Start Consul" - name: "Start Consul"
block: block:
- name: Load the Consul agent (MacOSX) - name: Load the Consul agent (MacOSX)
ansible.builtin.command: ansible.builtin.command:
cmd: "launchctl load -w {{ consul_plist_macos }}" cmd: "launchctl load -w {{ consul_plist_macos }}"
when: register: consul_loaded
- mac_intel or mac_arm changed_when: consul_loaded.rc == 0
- "'nostart' not in ansible_run_tags" failed_when: consul_loaded.rc > 0
when:
- mac_intel or mac_arm
- "'nostart' not in ansible_run_tags"
- name: Start Consul (Debian) - name: Start Consul (Debian)
become: true become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: consul name: consul
enabled: true enabled: true
state: started state: started
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- "'nostart' not in ansible_run_tags" - "'nostart' not in ansible_run_tags"
- name: Make sure Consul service is really running - name: Make sure Consul service is really running
ansible.builtin.command: ansible.builtin.command:
cmd: systemctl is-active consul cmd: systemctl is-active consul
register: is_consul_really_running register: is_consul_really_running
changed_when: false changed_when: false
failed_when: is_consul_really_running.rc != 0 failed_when: is_consul_really_running.rc != 0
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- "'nostart' not in ansible_run_tags" - "'nostart' not in ansible_run_tags"
- name: "Copy Consul service checks to synology" - name: "Copy Consul service checks to synology"
when: when:
- inventory_hostname == 'synology' - inventory_hostname == 'synology'
block: block:
- name: Copy config file - name: Copy config file
ansible.builtin.template: ansible.builtin.template:
src: consul_services/consul_synology_checks.json.j2 src: consul_services/consul_synology_checks.json.j2
dest: "{{ interpolated_consul_configuration_dir }}/service_checks.json" dest: "{{ interpolated_consul_configuration_dir }}/service_checks.json"
mode: 0644 mode: 0644
- name: Reload configuration file - name: Reload configuration file
ansible.builtin.uri: ansible.builtin.uri:
url: "http://{{ synology_second_ip }}:8500/v1/agent/reload" url: "http://{{ synology_second_ip }}:8500/v1/agent/reload"
method: PUT method: PUT
status_code: 200 status_code: 200
ignore_errors: true ignore_errors: true
check_mode: false check_mode: false
register: consul_agent_reload_http_response register: consul_agent_reload_http_response
failed_when: consul_agent_reload_http_response.status != 200 failed_when: consul_agent_reload_http_response.status != 200
- name: Debug when consul agent reload fails - name: Debug when consul agent reload fails
ansible.builtin.debug: ansible.builtin.debug:
var: consul_agent_reload_http_response.msg var: consul_agent_reload_http_response.msg
check_mode: false check_mode: false
when: consul_agent_reload_http_response.status != 200 when: consul_agent_reload_http_response.status != 200

2
tasks/debug.yml
View File

@@ -33,5 +33,5 @@
# when: # when:
# - ansible_facts['system_vendor'] is search("Synology") # - ansible_facts['system_vendor'] is search("Synology")
- name: "end play" - name: "End play"
ansible.builtin.meta: end_play ansible.builtin.meta: end_play

132
tasks/docker.yml
View File

@@ -4,85 +4,91 @@
- name: Check if Docker is already present - name: Check if Docker is already present
ansible.builtin.command: ansible.builtin.command:
cmd: docker --version cmd: docker --version
register: docker_command_result register: docker_command_result
changed_when: docker_command_result.rc == 1 changed_when: docker_command_result.rc == 1
failed_when: false failed_when: false
- name: install docker on Debian - name: Install docker on Debian
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
block: block:
- name: "Add docker local filesystem storage directory" - name: "Add docker local filesystem storage directory"
ansible.builtin.file: ansible.builtin.file:
path: "{{ rpi_localfs_service_storage }}" path: "{{ rpi_localfs_service_storage }}"
mode: 0755 mode: 0755
state: directory state: directory
- name: Download Docker install convenience script - name: Download Docker install convenience script
ansible.builtin.get_url: ansible.builtin.get_url:
url: "https://get.docker.com/" url: "https://get.docker.com/"
dest: /tmp/get-docker.sh dest: /tmp/get-docker.sh
mode: 0775 mode: 0775
when: docker_command_result.rc == 1 when: docker_command_result.rc == 1
- name: Run Docker install convenience script - name: Run Docker install convenience script
ansible.builtin.command: /tmp/get-docker.sh ansible.builtin.command: /tmp/get-docker.sh
environment: environment:
CHANNEL: stable CHANNEL: stable
when: docker_command_result.rc == 1 register: docker_install
failed_when: docker_install.rc > 0
changed_when: docker_install.rc == 0
when: docker_command_result.rc == 1
- name: Make sure Docker CE is the version specified - name: Make sure Docker CE is the version specified
ansible.builtin.apt: ansible.builtin.apt:
name: "docker-ce" name: "docker-ce"
state: present state: present
when: docker_command_result.rc == 1 when: docker_command_result.rc == 1
- name: Ensure Docker is started - name: Ensure Docker is started
ansible.builtin.service: ansible.builtin.service:
name: docker name: docker
state: started state: started
enabled: true enabled: true
- name: Ensure docker users are added to the docker group - name: Ensure docker users are added to the docker group
become: true become: true
ansible.builtin.user: ansible.builtin.user:
name: "{{ ansible_user }}" name: "{{ ansible_user }}"
groups: docker groups: docker
append: true append: true
when: docker_command_result.rc == 1 when: docker_command_result.rc == 1
- name: install docker on macOS - name: Install docker on macOS
when: "'macs' in group_names" when: "'macs' in group_names"
block: block:
- name: "Add docker directory to ~/Library" - name: "Add docker directory to ~/Library"
ansible.builtin.file: ansible.builtin.file:
path: "{{ mac_localfs_service_storage }}" path: "{{ mac_localfs_service_storage }}"
mode: 0755 mode: 0755
state: directory state: directory
- name: install base homebrew packages - name: Install base homebrew packages
community.general.homebrew: community.general.homebrew:
name: docker name: docker
state: present state: present
update_homebrew: false update_homebrew: false
upgrade_all: false upgrade_all: false
when: docker_command_result.rc == 1 when: docker_command_result.rc == 1
- name: open docker application - name: Open docker application
ansible.builtin.command: ansible.builtin.command:
cmd: open /Applications/Docker.app cmd: open /Applications/Docker.app
when: docker_command_result.rc == 1 register: docker_open_app
failed_when: docker_open_app.rc > 0
changed_when: docker_open_app.rc == 0
when: docker_command_result.rc == 1
- name: Must install Docker manually - name: Must install Docker manually
ansible.builtin.debug: ansible.builtin.debug:
msg: | msg: |
Docker must be installed manually on MacOS. Log in to mac to install then rerun playbook Docker must be installed manually on MacOS. Log in to mac to install then rerun playbook
Be certain to configure the following: Be certain to configure the following:
- run on login - run on login
- add '{{ mac_storage_mount_point }}' to mountable file system directories - add '{{ mac_storage_mount_point }}' to mountable file system directories
when: docker_command_result.rc == 1 when: docker_command_result.rc == 1
- name: end play - name: End play
ansible.builtin.meta: end_play ansible.builtin.meta: end_play
when: docker_command_result.rc == 1 when: docker_command_result.rc == 1

34
tasks/interpolated_variables.yml
View File

@@ -8,46 +8,46 @@
- name: "Set local filesystem location (pis)" - name: "Set local filesystem location (pis)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_localfs_service_storage: "{{ rpi_localfs_service_storage }}" interpolated_localfs_service_storage: "{{ rpi_localfs_service_storage }}"
changed_when: false changed_when: false
when: when:
- "'pis' in group_names" - "'pis' in group_names"
- name: "Set local filesystem location (macs)" - name: "Set local filesystem location (macs)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_localfs_service_storage: "{{ mac_localfs_service_storage }}" interpolated_localfs_service_storage: "{{ mac_localfs_service_storage }}"
changed_when: false changed_when: false
when: when:
- "'macs' in group_names" - "'macs' in group_names"
- name: "Set NFS mount location (pis)" - name: "Set NFS mount location (pis)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_nfs_service_storage: "{{ rpi_nfs_mount_point }}" interpolated_nfs_service_storage: "{{ rpi_nfs_mount_point }}"
changed_when: false changed_when: false
when: when:
- "'pis' in group_names" - "'pis' in group_names"
- name: "Set NFS mount location location (macs)" - name: "Set NFS mount location location (macs)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_nfs_service_storage: "{{ mac_storage_mount_point }}" interpolated_nfs_service_storage: "{{ mac_storage_mount_point }}"
changed_when: false changed_when: false
when: when:
- "'macs' in group_names" - "'macs' in group_names"
- name: "set consul configuration directory (synology)" - name: "Set consul configuration directory (synology)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_consul_configuration_dir: "{{ synology_consul_configuration_dir }}" interpolated_consul_configuration_dir: "{{ synology_consul_configuration_dir }}"
when: when:
- inventory_hostname == 'synology' - inventory_hostname == 'synology'
- name: "set consul configuration directory (pis)" - name: "Set consul configuration directory (pis)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_consul_configuration_dir: "{{ rpi_consul_configuration_dir }}" interpolated_consul_configuration_dir: "{{ rpi_consul_configuration_dir }}"
when: when:
- "'pis' in group_names" - "'pis' in group_names"
- name: "set consul configuration directory (macs)" - name: "Set consul configuration directory (macs)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_consul_configuration_dir: "{{ mac_consul_configuration_dir }}" interpolated_consul_configuration_dir: "{{ mac_consul_configuration_dir }}"
when: when:
- "'macs' in group_names" - "'macs' in group_names"

40
tasks/logrotate.yml
View File

@@ -4,29 +4,29 @@
# #
# NOTE: This task exists due to the arillso.logrotate failing completely on macOS # NOTE: This task exists due to the arillso.logrotate failing completely on macOS
- name: add service_backups.log to logrotate - name: Add service_backups.log to logrotate
become: true become: true
vars: vars:
logrotate_applications: logrotate_applications:
- name: service_backups - name: service_backups
definitions: definitions:
- logs: - logs:
- "{{ rpi_nfs_mount_point }}/pi-cluster/logs/service_backups.log" - "{{ rpi_nfs_mount_point }}/pi-cluster/logs/service_backups.log"
options: options:
- rotate 1 - rotate 1
- size 100k - size 100k
- missingok - missingok
- notifempty - notifempty
- su root root - su root root
- extension .log - extension .log
- compress - compress
- nodateext - nodateext
- nocreate - nocreate
- delaycompress - delaycompress
ansible.builtin.import_role: ansible.builtin.import_role:
name: arillso.logrotate name: arillso.logrotate
failed_when: false failed_when: false
ignore_errors: true ignore_errors: true
when: when:
- "'macs' not in group_names" - "'macs' not in group_names"
- is_cluster_leader - is_cluster_leader

42
tasks/nomad.yml
View File

@@ -4,7 +4,7 @@
- name: "Set variables needed to install Nomad" - name: "Set variables needed to install Nomad"
block: block:
- name: "set variable: check if we have a mounted USB drive (Debian)" - name: "Set variable: check if we have a mounted USB drive (Debian)"
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ rpi_usb_drive_mount_point }}" path: "{{ rpi_usb_drive_mount_point }}"
register: have_usb_drive register: have_usb_drive
@@ -12,41 +12,41 @@
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "set variable: Use USB drive for nomad /opt (Debian)" - name: "Set variable: Use USB drive for nomad /opt (Debian)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
nomad_opt_dir_location: "{{ rpi_usb_drive_mount_point }}/opt/nomad" nomad_opt_dir_location: "{{ rpi_usb_drive_mount_point }}/opt/nomad"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- have_usb_drive.stat.exists - have_usb_drive.stat.exists
- name: "set variable: Use root dist for nomad /opt (Debian)" - name: "Set variable: Use root dist for nomad /opt (Debian)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
nomad_opt_dir_location: "/opt/nomad" nomad_opt_dir_location: "/opt/nomad"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- not have_usb_drive.stat.exists - not have_usb_drive.stat.exists
- name: "set variable: Use ~/library for /opt files (macOSX)" - name: "Set variable: Use ~/library for /opt files (macOSX)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
nomad_opt_dir_location: "/Users/{{ ansible_user }}/Library/nomad" nomad_opt_dir_location: "/Users/{{ ansible_user }}/Library/nomad"
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: "set variable: Set Nomad download Binary (armv7l)" - name: "Set variable: Set Nomad download Binary (armv7l)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_arm.zip" nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_arm.zip"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'armv7l' - ansible_architecture == 'armv7l'
- name: "set variable: Set Nomad download Binary (aarch64)" - name: "Set variable: Set Nomad download Binary (aarch64)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_arm64.zip" nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_arm64.zip"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'aarch64' - ansible_architecture == 'aarch64'
- name: "set variable: Set Nomad download Binary (MacOSX)" - name: "Set variable: Set Nomad download Binary (MacOSX)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_darwin_amd64.zip" nomad_download_file_uri: "https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_darwin_amd64.zip"
when: when:
@@ -83,7 +83,7 @@
- name: "Create Nomad /opt storage" - name: "Create Nomad /opt storage"
block: block:
- name: "create {{ nomad_opt_dir_location }} directories" - name: "Create {{ nomad_opt_dir_location }} directories"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
@@ -121,7 +121,7 @@
notify: "restart nomad" notify: "restart nomad"
when: is_nomad_client when: is_nomad_client
- name: "set owner of files to nomad:nomad (debian)" - name: "Set owner of files to nomad:nomad (debian)"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ nomad_opt_dir_location }}" path: "{{ nomad_opt_dir_location }}"
@@ -130,7 +130,7 @@
recurse: true recurse: true
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- name: "set owner of files to {{ ansible_user_uid }}:{{ ansible_user_gid }} (MacOSX)" - name: "Set owner of files to {{ ansible_user_uid }}:{{ ansible_user_gid }} (MacOSX)"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ nomad_opt_dir_location }}" path: "{{ nomad_opt_dir_location }}"
@@ -141,14 +141,14 @@
- name: "Template out the configuration file" - name: "Template out the configuration file"
block: block:
- name: "create {{ nomad_configuration_dir }}" - name: "Create {{ nomad_configuration_dir }}"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ nomad_configuration_dir }}" path: "{{ nomad_configuration_dir }}"
state: directory state: directory
mode: 0755 mode: 0755
- name: copy base config file - name: Copy base config file
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: nomad.hcl.j2 src: nomad.hcl.j2
@@ -156,7 +156,7 @@
mode: 0644 mode: 0644
notify: "restart nomad" notify: "restart nomad"
- name: "set owner of files to nomad:nomad (Debian)" - name: "Set owner of files to nomad:nomad (Debian)"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ nomad_configuration_dir }}" path: "{{ nomad_configuration_dir }}"
@@ -168,7 +168,7 @@
- name: Install or Update Nomad - name: Install or Update Nomad
block: block:
- name: "set fact: do we need a nomad install?" - name: "Set fact: do we need a nomad install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_nomad_install: false need_nomad_install: false
@@ -177,7 +177,7 @@
path: /usr/local/bin/nomad path: /usr/local/bin/nomad
register: nomad_binary_file_location register: nomad_binary_file_location
- name: "set fact: do we need a nomad install" - name: "Set fact: do we need a nomad install"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_nomad_install: true need_nomad_install: true
when: when:
@@ -192,14 +192,14 @@
when: when:
- not need_nomad_install - not need_nomad_install
- name: "set fact: do we need a nomad install" - name: "Set fact: do we need a nomad install"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_nomad_install: true need_nomad_install: true
when: when:
- not need_nomad_install - not need_nomad_install
- current_nomad_version.stdout is version(nomad_version, '<') - current_nomad_version.stdout is version(nomad_version, '<')
- name: install Nomad - name: Install Nomad
become: true become: true
ansible.builtin.unarchive: ansible.builtin.unarchive:
src: "{{ nomad_download_file_uri }}" src: "{{ nomad_download_file_uri }}"
@@ -211,7 +211,7 @@
- name: "Copy system.d or launchctrl service files" - name: "Copy system.d or launchctrl service files"
block: block:
- name: ensure /Library/LaunchAgents exists (MacOSX) - name: Ensure /Library/LaunchAgents exists (MacOSX)
ansible.builtin.file: ansible.builtin.file:
path: "{{ nomad_plist_macos | dirname }}" path: "{{ nomad_plist_macos | dirname }}"
state: directory state: directory
@@ -219,7 +219,7 @@
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: create nomad launchd service (MacOSX) - name: Create nomad launchd service (MacOSX)
ansible.builtin.template: ansible.builtin.template:
src: nomad.launchd.j2 src: nomad.launchd.j2
dest: "{{ nomad_plist_macos }}" dest: "{{ nomad_plist_macos }}"
@@ -228,7 +228,7 @@
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: create nomad service (Debian) - name: Create nomad service (Debian)
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: nomad.service.j2 src: nomad.service.j2
@@ -238,7 +238,7 @@
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "start nomad, if stopped" - name: "Start nomad, if stopped"
ansible.builtin.shell: ansible.builtin.shell:
cmd: "/usr/local/bin/nomad node status -self -short | grep {{ inventory_hostname }}" cmd: "/usr/local/bin/nomad node status -self -short | grep {{ inventory_hostname }}"
register: node_status_response register: node_status_response

112
tasks/orchestration_jobs.yml
View File

@@ -10,67 +10,67 @@
- name: "Sync Nomad Jobs" - name: "Sync Nomad Jobs"
block: block:
- name: Remove nomad jobs directory - name: Remove nomad jobs directory
ansible.builtin.file: ansible.builtin.file:
path: "{{ nomad_jobfile_location }}" path: "{{ nomad_jobfile_location }}"
state: absent state: absent
when: when:
- is_nomad_client or is_nomad_server or ("'macs' in group_names") - is_nomad_client or is_nomad_server or ("'macs' in group_names")
- clean_nomad_jobs - clean_nomad_jobs
- name: (Re)Create nomad jobs directory - name: (Re)Create nomad jobs directory
ansible.builtin.file: ansible.builtin.file:
path: "{{ nomad_jobfile_location }}" path: "{{ nomad_jobfile_location }}"
state: directory state: directory
mode: 0755 mode: 0755
when: when:
- is_nomad_client or is_nomad_server or ("'macs' in group_names") - is_nomad_client or is_nomad_server or ("'macs' in group_names")
- "'nas' not in group_names" - "'nas' not in group_names"
- name: synchronize nomad job templates (jinja) - name: Synchronize nomad job templates (jinja)
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ nomad_jobfile_location }}/{{ item | basename | regex_replace('.j2$', '') }}" dest: "{{ nomad_jobfile_location }}/{{ item | basename | regex_replace('.j2$', '') }}"
mode: 0644 mode: 0644
with_fileglob: "templates/nomad_jobs/*.j2" with_fileglob: "templates/nomad_jobs/*.j2"
when: when:
- is_nomad_client or is_nomad_server or ("'macs' in group_names") - is_nomad_client or is_nomad_server or ("'macs' in group_names")
- "'nas' not in group_names" - "'nas' not in group_names"
- name: synchronize nomad job templates (hcl) - name: Synchronize nomad job templates (hcl)
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ nomad_jobfile_location }}/{{ item | basename }}" dest: "{{ nomad_jobfile_location }}/{{ item | basename }}"
mode: 0644 mode: 0644
with_fileglob: "templates/nomad_jobs/*.hcl" with_fileglob: "templates/nomad_jobs/*.hcl"
when: when:
- is_nomad_client or is_nomad_server or ("'macs' in group_names") - is_nomad_client or is_nomad_server or ("'macs' in group_names")
- "'nas' not in group_names" - "'nas' not in group_names"
- name: Ensure we have local storage folders - name: Ensure we have local storage folders
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ interpolated_localfs_service_storage }}/{{ item }}" path: "{{ interpolated_localfs_service_storage }}/{{ item }}"
state: directory state: directory
mode: 0777 mode: 0777
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
when: when:
- is_nomad_client or is_nomad_server - is_nomad_client or is_nomad_server
loop: "{{ service_localfs_dirs }}" loop: "{{ service_localfs_dirs }}"
- name: "Sync docker compose files" - name: Sync docker compose files
when: is_docker_compose_client when: is_docker_compose_client
block: block:
- name: confirm compose file dir exists - name: Confirm compose file dir exists
ansible.builtin.file: ansible.builtin.file:
path: "{{ docker_compose_file_location }}" path: "{{ docker_compose_file_location }}"
state: directory state: directory
mode: 0755 mode: 0755
- name: synchronize docker-compose files - name: Synchronize docker-compose files
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ docker_compose_file_location }}/{{ item | basename | regex_replace('.j2$', '') }}" dest: "{{ docker_compose_file_location }}/{{ item | basename | regex_replace('.j2$', '') }}"
mode: 0644 mode: 0644
with_fileglob: "../templates/docker_compose_files/*.j2" with_fileglob: "../templates/docker_compose_files/*.j2"

100
tasks/packages.yml
View File

@@ -4,64 +4,64 @@
- name: "Update and install APT packages" - name: "Update and install APT packages"
when: when:
- ansible_os_family != 'Darwin' - ansible_os_family != 'Darwin'
- manage_apt_packages_list - manage_apt_packages_list
block: block:
- name: update APT package cache - name: Update APT package cache
become: true become: true
ansible.builtin.apt: ansible.builtin.apt:
update_cache: true update_cache: true
cache_valid_time: 3600 cache_valid_time: 3600
- name: "upgrade APT to the latest packages (this may take a while)" - name: "Upgrade APT to the latest packages (this may take a while)"
become: true become: true
ansible.builtin.apt: ansible.builtin.apt:
upgrade: safe upgrade: safe
- name: "install/upgrade APT packages (this may take a while)" - name: "Install/upgrade APT packages (this may take a while)"
become: true become: true
ansible.builtin.apt: ansible.builtin.apt:
pkg: "{{ item }}" pkg: "{{ item }}"
state: present state: present
loop: "{{ apt_packages_list }}" loop: "{{ apt_packages_list }}"
register: apt_output register: apt_output
- name: "Update and install Homebrew packages" - name: "Update and install Homebrew packages"
when: when:
- manage_homebrew_package_list - manage_homebrew_package_list
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
block: block:
- name: upgrade homebrew and all packages - name: Upgrade homebrew and all packages
community.general.homebrew: community.general.homebrew:
update_homebrew: true update_homebrew: true
upgrade_all: true upgrade_all: true
register: homebrew_output register: homebrew_output
ignore_errors: true ignore_errors: true
- name: install base homebrew packages - name: Install base homebrew packages
community.general.homebrew: community.general.homebrew:
name: "{{ homebrew_package_list | join(',') }}" name: "{{ homebrew_package_list | join(',') }}"
state: present state: present
update_homebrew: false update_homebrew: false
upgrade_all: false upgrade_all: false
register: homebrew_output register: homebrew_output
- name: homebrew packages updated or installed - name: Homebrew packages updated or installed
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ homebrew_output.changed_pkgs }}" msg: "{{ homebrew_output.changed_pkgs }}"
- name: unchanged homebrew packages - name: Unchanged homebrew packages
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ homebrew_output.unchanged_pkgs }}" msg: "{{ homebrew_output.unchanged_pkgs }}"
- name: install homebrew casks - name: Install homebrew casks
community.general.homebrew_cask: community.general.homebrew_cask:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
install_options: "appdir=/Applications" install_options: "appdir=/Applications"
accept_external_apps: true accept_external_apps: true
upgrade_all: false upgrade_all: false
update_homebrew: false update_homebrew: false
greedy: false greedy: false
loop: "{{ homebrew_casks_list }}" loop: "{{ homebrew_casks_list }}"
ignore_errors: true ignore_errors: true

35
tasks/pull_repositories.yml
View File

@@ -5,36 +5,37 @@
- name: "Check if pull_all_repos exists" - name: "Check if pull_all_repos exists"
ansible.builtin.stat: ansible.builtin.stat:
path: "~/bin/pull_all_repos" path: "~/bin/pull_all_repos"
check_mode: false check_mode: false
register: pull_script_check register: pull_script_check
- name: "Check if ~/repos exists" - name: "Check if ~/repos exists"
ansible.builtin.stat: ansible.builtin.stat:
path: "~/repos" path: "~/repos"
check_mode: false check_mode: false
register: repos_directory_check register: repos_directory_check
- name: "run pull_all_repos script" - name: "Run pull_all_repos script"
ansible.builtin.command: ansible.builtin.command:
cmd: "~/bin/pull_all_repos --directory ~/repos" cmd: "~/bin/pull_all_repos --directory ~/repos"
register: pull_script_output register: pull_script_output
when: when:
- not ansible_check_mode - not ansible_check_mode
- pull_script_check.stat.exists - pull_script_check.stat.exists
- pull_script_check.stat.executable - pull_script_check.stat.executable
- repos_directory_check.stat.isdir is defined - repos_directory_check.stat.isdir is defined
- repos_directory_check.stat.isdir - repos_directory_check.stat.isdir
- repos_directory_check.stat.writeable - repos_directory_check.stat.writeable
failed_when: pull_script_output.rc > 1 failed_when: pull_script_output.rc > 1
changed_when: pull_script_output.rc == 0
- name: "Output from pull_all_repos" - name: "Output from pull_all_repos"
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ pull_script_output.stdout }}" msg: "{{ pull_script_output.stdout }}"
when: when:
- not ansible_check_mode - not ansible_check_mode
- pull_script_check.stat.exists - pull_script_check.stat.exists
- pull_script_check.stat.executable - pull_script_check.stat.executable
- repos_directory_check.stat.isdir is defined - repos_directory_check.stat.isdir is defined
- repos_directory_check.stat.isdir - repos_directory_check.stat.isdir
- repos_directory_check.stat.writeable - repos_directory_check.stat.writeable

8
tasks/sanity.yml
View File

@@ -1,12 +1,12 @@
--- ---
# TASK DESCRIPTION: # TASK DESCRIPTION:
# Always runs fist. Confirms we can actually use Ansible # Always runs fist. Confirms we can actually use Ansible
- name: sanity - user mode - name: Sanity - user mode
become: false become: false
ansible.builtin.debug: ansible.builtin.debug:
msg: "sanity check: user mode" msg: "Sanity check: user mode"
- name: sanity - become mode - name: Sanity - become mode
become: true become: true
ansible.builtin.debug: ansible.builtin.debug:
msg: "sanity check: become mode" msg: "Sanity check: become mode"

88
tasks/service_prometheus_nodeExporter.yml
View File

@@ -4,90 +4,92 @@
# #
# NOTE: This is depreciated, I no longer use Prometheus and have migrated to Telegraf # NOTE: This is depreciated, I no longer use Prometheus and have migrated to Telegraf
- name: populate service facts - name: Populate service facts
ansible.builtin.service_facts: ansible.builtin.service_facts:
- name: stop node_exporter - name: Stop node_exporter
become: true become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: node_exporter name: node_exporter
state: stopped state: stopped
when: ansible_facts.services["node_exporter.service"] is defined when: ansible_facts.services["node_exporter.service"] is defined
- name: Ensure group "prometheus" exists - name: Ensure group "prometheus" exists
become: true become: true
ansible.builtin.group: ansible.builtin.group:
name: prometheus name: prometheus
state: present state: present
- name: Add the user 'prometheus' with group 'prometheus' - name: Add the user 'prometheus' with group 'prometheus'
become: true become: true
ansible.builtin.user: ansible.builtin.user:
name: prometheus name: prometheus
group: prometheus group: prometheus
groups: docker groups: docker
append: true append: true
# --------------- Install or Update Prometheus # --------------- Install or Update Prometheus
- name: "set fact: need to install Prometheus?" - name: "Set fact: need to install Prometheus?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_prometheus_install: false need_prometheus_install: false
- name: Check if node_exporter is installed - name: Check if node_exporter is installed
ansible.builtin.stat: ansible.builtin.stat:
path: /usr/local/bin/node_exporter path: /usr/local/bin/node_exporter
register: prometheus_binary_file_location register: prometheus_binary_file_location
- name: "set fact: need to install Prometheus?" - name: "Set fact: need to install Prometheus?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_prometheus_install: true need_prometheus_install: true
when: when:
- not prometheus_binary_file_location.stat.exists - not prometheus_binary_file_location.stat.exists
- name: Check current version of Prometheus - name: Check current version of Prometheus
ansible.builtin.shell: /usr/local/bin/node_exporter --version 3>&1 1>&2 2>&3 | head -n1 | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' ansible.builtin.shell: /usr/local/bin/node_exporter --version 3>&1 1>&2 2>&3 | head -n1 | grep -oE '[0-9]+\.[0-9]+\.[0-9]+'
ignore_errors: true ignore_errors: true
register: current_prometheus_version register: current_prometheus_version
failed_when: false
changed_when: false
check_mode: false check_mode: false
when: when:
- need_prometheus_install is false - need_prometheus_install is false
- name: "set fact: need to install Prometheus?" - name: "Set fact: need to install Prometheus?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_prometheus_install: true need_prometheus_install: true
when: when:
- need_prometheus_install is false - need_prometheus_install is false
- current_prometheus_version.stdout != prometheus_verssion - current_prometheus_version.stdout != prometheus_verssion
- name: install node_exporter - name: Install node_exporter
become: true become: true
ansible.builtin.unarchive: ansible.builtin.unarchive:
src: "https://github.com/prometheus/node_exporter/releases/download/v{{ prometheus_verssion }}/node_exporter-{{ prometheus_verssion }}.linux-armv7.tar.gz" src: "https://github.com/prometheus/node_exporter/releases/download/v{{ prometheus_verssion }}/node_exporter-{{ prometheus_verssion }}.linux-armv7.tar.gz"
dest: /usr/local/bin dest: /usr/local/bin
group: prometheus group: prometheus
owner: prometheus owner: prometheus
# reference for extra_opts: https://github.com/ansible/ansible/issues/27081 # reference for extra_opts: https://github.com/ansible/ansible/issues/27081
extra_opts: extra_opts:
- --strip=1 - --strip=1
- --no-anchored - --no-anchored
- "node_exporter" - "node_exporter"
remote_src: true remote_src: true
when: when:
- need_prometheus_install is true - need_prometheus_install is true
- name: create node_exporter service - name: Create node_exporter service
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: node_exporter.service.j2 src: node_exporter.service.j2
dest: /etc/systemd/system/node_exporter.service dest: /etc/systemd/system/node_exporter.service
mode: 0644 mode: 0644
- name: start node_exporter - name: Start node_exporter
become: true become: true
ansible.builtin.systemd: ansible.builtin.systemd:
name: node_exporter name: node_exporter
daemon_reload: true daemon_reload: true
enabled: true enabled: true
state: started state: started
when: when:
- "'nostart' not in ansible_run_tags" - "'nostart' not in ansible_run_tags"

305
tasks/tdarr.yml
View File

@@ -4,186 +4,187 @@
- name: "Set variables" - name: "Set variables"
block: block:
- name: "Set tdarr local filesystem location (pis)" - name: "Set tdarr local filesystem location (pis)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_tdarr_dir: "{{ rpi1_tdarr_file_location }}" interpolated_tdarr_dir: "{{ rpi1_tdarr_file_location }}"
changed_when: false changed_when: false
when: when:
- "'pis' in group_names" - "'pis' in group_names"
- name: "Set tdarr local filesystem location (macs)" - name: "Set tdarr local filesystem location (macs)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
interpolated_tdarr_dir: "{{ mac_tdarr_file_location }}" interpolated_tdarr_dir: "{{ mac_tdarr_file_location }}"
changed_when: false changed_when: false
when: when:
- "'macs' in group_names" - "'macs' in group_names"
- name: "set variable: Set tdarr download Binary (armv7l)" - name: "Set variable: Set tdarr download Binary (armv7l)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
tdarr_download_uri: "https://f000.backblazeb2.com/file/tdarrs/versions/{{ tdarr_installer_version }}/linux_arm/Tdarr_Updater.zip" tdarr_download_uri: "https://f000.backblazeb2.com/file/tdarrs/versions/{{ tdarr_installer_version }}/linux_arm/Tdarr_Updater.zip"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'armv7l' - ansible_architecture == 'armv7l'
- name: "set variable: Set tdarr download Binary (MacOSX) - Intel" - name: "Set variable: Set tdarr download Binary (MacOSX) - Intel"
ansible.builtin.set_fact: ansible.builtin.set_fact:
tdarr_download_uri: "https://f000.backblazeb2.com/file/tdarrs/versions/{{ tdarr_installer_version }}/darwin_x64/Tdarr_Updater.zip" tdarr_download_uri: "https://f000.backblazeb2.com/file/tdarrs/versions/{{ tdarr_installer_version }}/darwin_x64/Tdarr_Updater.zip"
when: when:
- mac_intel - mac_intel
- name: "set variable: Set tdarr download Binary (MacOSX) - ARM" - name: "Set variable: Set tdarr download Binary (MacOSX) - ARM"
ansible.builtin.set_fact: ansible.builtin.set_fact:
tdarr_download_uri: "https://f000.backblazeb2.com/file/tdarrs/versions/{{ tdarr_installer_version }}/darwin_arm64/Tdarr_Updater.zip" tdarr_download_uri: "https://f000.backblazeb2.com/file/tdarrs/versions/{{ tdarr_installer_version }}/darwin_arm64/Tdarr_Updater.zip"
when: when:
- mac_arm - mac_arm
- name: "set fact: do we need a tdarr install?" - name: "Set fact: do we need a tdarr install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_tdarr_install: false need_tdarr_install: false
- name: Assert that we can install Tdarr - name: Assert that we can install Tdarr
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- tdarr_download_uri is defined - tdarr_download_uri is defined
- interpolated_tdarr_dir is defined - interpolated_tdarr_dir is defined
fail_msg: "Unable to install Tdarr on this host" fail_msg: "Unable to install Tdarr on this host"
- name: "Install ffmpeg and HandbrakeCLI" - name: "Install ffmpeg and HandbrakeCLI"
block: block:
- name: "ensure ffmpeg and handbrake are installed (Debian)" - name: "Ensure ffmpeg and handbrake are installed (Debian)"
become: true become: true
ansible.builtin.apt: ansible.builtin.apt:
pkg: "{{ item }}" pkg: "{{ item }}"
state: present state: present
loop: loop:
- ffmpeg - ffmpeg
- handbrake - handbrake
when: "'pis' in group_names" when: "'pis' in group_names"
- name: "ensure ffmpeg and handbrake are installed (MacOS)" - name: "Ensure ffmpeg and handbrake are installed (MacOS)"
community.general.homebrew: community.general.homebrew:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
update_homebrew: false update_homebrew: false
upgrade_all: false upgrade_all: false
loop: loop:
- ffmpeg - ffmpeg
- handbrake - handbrake
when: "'macs' in group_names" when: "'macs' in group_names"
- name: "ensure tdarr directory exists" - name: "Ensure tdarr directory exists"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ interpolated_tdarr_dir }}" path: "{{ interpolated_tdarr_dir }}"
mode: 0755 mode: 0755
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
state: directory state: directory
- name: "Install tdarr" - name: "Install tdarr"
block: block:
- name: "set_fact: need Tdarr install?" - name: "Set fact: need Tdarr install?"
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ interpolated_tdarr_dir }}/configs" path: "{{ interpolated_tdarr_dir }}/configs"
register: tdarr_exists register: tdarr_exists
changed_when: false changed_when: false
failed_when: false failed_when: false
- name: "set fact: do we need a tdarr install?" - name: "Set fact: do we need a tdarr install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_tdarr_install: true need_tdarr_install: true
when: not tdarr_exists.stat.exists when: not tdarr_exists.stat.exists
- name: Download tdarr - name: Download tdarr
ansible.builtin.unarchive: ansible.builtin.unarchive:
src: "{{ tdarr_download_uri }}" src: "{{ tdarr_download_uri }}"
dest: "{{ interpolated_tdarr_dir }}" dest: "{{ interpolated_tdarr_dir }}"
remote_src: true remote_src: true
when: need_tdarr_install when: need_tdarr_install
- name: Did tdarr download? - name: Did tdarr download?
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ interpolated_tdarr_dir }}/Tdarr_Updater" path: "{{ interpolated_tdarr_dir }}/Tdarr_Updater"
register: tdarr_installer_exists register: tdarr_installer_exists
failed_when: not tdarr_installer_exists.stat.exists failed_when: not tdarr_installer_exists.stat.exists
when: need_tdarr_install when: need_tdarr_install
- name: Ensure correct permissions on Tdarr_Updater - name: Ensure correct permissions on Tdarr_Updater
ansible.builtin.file: ansible.builtin.file:
path: "{{ interpolated_tdarr_dir }}/Tdarr_Updater" path: "{{ interpolated_tdarr_dir }}/Tdarr_Updater"
mode: 0755 mode: 0755
when: need_tdarr_install when: need_tdarr_install
- name: Install tdarr - name: Install tdarr
ansible.builtin.command: ansible.builtin.command:
cmd: "{{ interpolated_tdarr_dir }}/Tdarr_Updater" cmd: "{{ interpolated_tdarr_dir }}/Tdarr_Updater"
register: tdarr_install register: tdarr_install
failed_when: tdarr_install.rc > 0 failed_when: tdarr_install.rc > 0
when: need_tdarr_install changed_when: tdarr_install.rc == 0
when: need_tdarr_install
- name: Ensure correct permissions on server/node executables - name: Ensure correct permissions on server/node executables
ansible.builtin.file: ansible.builtin.file:
path: "{{ interpolated_tdarr_dir }}/{{ item }}" path: "{{ interpolated_tdarr_dir }}/{{ item }}"
mode: 0755 mode: 0755
loop: loop:
- Tdarr_Server/Tdarr_Server - Tdarr_Server/Tdarr_Server
- Tdarr_Node/Tdarr_Node - Tdarr_Node/Tdarr_Node
when: need_tdarr_install when: need_tdarr_install
- name: "configure tdarr" - name: "Configure tdarr"
block: block:
- name: update server configuration file - name: Update server configuration file
ansible.builtin.template: ansible.builtin.template:
src: Tdarr_Server_Config.json.j2 src: Tdarr_Server_Config.json.j2
dest: "{{ interpolated_tdarr_dir }}/configs/Tdarr_Server_Config.json" dest: "{{ interpolated_tdarr_dir }}/configs/Tdarr_Server_Config.json"
mode: 0644 mode: 0644
when: is_tdarr_server when: is_tdarr_server
- name: update node configuration file - name: Update node configuration file
ansible.builtin.template: ansible.builtin.template:
src: Tdarr_Node_Config.json.j2 src: Tdarr_Node_Config.json.j2
dest: "{{ interpolated_tdarr_dir }}/configs/Tdarr_Node_Config.json" dest: "{{ interpolated_tdarr_dir }}/configs/Tdarr_Node_Config.json"
mode: 0644 mode: 0644
when: is_tdarr_node when: is_tdarr_node
- name: check if consul is installed? - name: Check if consul is installed?
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ interpolated_consul_configuration_dir }}" path: "{{ interpolated_consul_configuration_dir }}"
register: consul_installed register: consul_installed
changed_when: false changed_when: false
failed_when: false failed_when: false
when: when:
- is_tdarr_server - is_tdarr_server
- name: move consul service config into place - name: Move consul service config into place
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: consul_services/tdarr_service.json.j2 src: consul_services/tdarr_service.json.j2
dest: "{{ interpolated_consul_configuration_dir }}/tdarr_service.json" dest: "{{ interpolated_consul_configuration_dir }}/tdarr_service.json"
mode: 0644 mode: 0644
when: when:
- is_tdarr_server - is_tdarr_server
- consul_installed.stat.exists - consul_installed.stat.exists
- name: Reload consul agent - name: Reload consul agent
ansible.builtin.uri: ansible.builtin.uri:
url: "http://{{ ansible_host }}:8500/v1/agent/reload" url: "http://{{ ansible_host }}:8500/v1/agent/reload"
method: PUT method: PUT
status_code: 200 status_code: 200
ignore_errors: true ignore_errors: true
register: consul_agent_reload_http_response register: consul_agent_reload_http_response
failed_when: consul_agent_reload_http_response.status != 200 failed_when: consul_agent_reload_http_response.status != 200
when: when:
- is_tdarr_server - is_tdarr_server
- consul_installed.stat.exists - consul_installed.stat.exists
- name: debug when consul agent reload fails - name: Debug when consul agent reload fails
ansible.builtin.debug: ansible.builtin.debug:
var: consul_agent_reload_http_response.msg var: consul_agent_reload_http_response.msg
when: when:
- is_tdarr_server - is_tdarr_server
- consul_installed.stat.exists - consul_installed.stat.exists
- consul_agent_reload_http_response.status != 200 - consul_agent_reload_http_response.status != 200
- name: mount shared storage - name: Mount shared storage
ansible.builtin.import_tasks: cluster_storage.yml ansible.builtin.import_tasks: cluster_storage.yml

440
tasks/telegraf.yml
View File

@@ -5,146 +5,146 @@
# --------------------------------- Set variables depending on system type # --------------------------------- Set variables depending on system type
- name: "Configure variables" - name: "Configure variables"
block: block:
- name: "set variable: telegraph_binary_location (Debian)" - name: "Set variable: telegraph_binary_location (Debian)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
telegraph_binary_location: "/usr/bin/telegraf" telegraph_binary_location: "/usr/bin/telegraf"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "set variable: telegraph_binary_location (MacOS)" - name: "Set variable: telegraph_binary_location (MacOS)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
telegraph_binary_location: "/usr/local/bin/telegraf" telegraph_binary_location: "/usr/local/bin/telegraf"
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: "set fact: telegraph_config_location (Debian)" - name: "Set fact: telegraph_config_location (Debian)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
telegraph_config_location: "/etc/telegraf" telegraph_config_location: "/etc/telegraf"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- name: "set fact: telegraph_config_location (macOS)" - name: "Set fact: telegraph_config_location (macOS)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
telegraph_config_location: "/usr/local/etc" telegraph_config_location: "/usr/local/etc"
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- name: "set fact: telegraph_config_location (macOS)" - name: "Set fact: telegraph_config_location (macOS)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
telegraph_config_location: "/volume1/docker/telegraf/config" telegraph_config_location: "/volume1/docker/telegraf/config"
when: when:
- inventory_hostname == 'synology' - inventory_hostname == 'synology'
- name: "Fail if arm Mac (need to update task) or variables not defined" - name: "Fail if arm Mac (need to update task) or variables not defined"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- telegraph_binary_location is defined - telegraph_binary_location is defined
- telegraph_config_location is defined - telegraph_config_location is defined
- not mac_arm - not mac_arm
fail_msg: "Unable to install Telegraf on this host" fail_msg: "Unable to install Telegraf on this host"
- name: "set variable: Set speedtest download Binary (armv7l)" - name: "Set variable: Set speedtest download Binary (armv7l)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
speedtest_download_file_uri: "https://install.speedtest.net/app/cli/ookla-speedtest-{{ speedtest_cli_version }}-linux-armhf.tgz" speedtest_download_file_uri: "https://install.speedtest.net/app/cli/ookla-speedtest-{{ speedtest_cli_version }}-linux-armhf.tgz"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'armv7l' - ansible_architecture == 'armv7l'
- name: "set variable: Set speedtest download Binary (aarch64)" - name: "Set variable: Set speedtest download Binary (aarch64)"
ansible.builtin.set_fact: ansible.builtin.set_fact:
speedtest_download_file_uri: "https://install.speedtest.net/app/cli/ookla-speedtest-{{ speedtest_cli_version }}-linux-aarch64.tgz" speedtest_download_file_uri: "https://install.speedtest.net/app/cli/ookla-speedtest-{{ speedtest_cli_version }}-linux-aarch64.tgz"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'aarch64' - ansible_architecture == 'aarch64'
- name: "Install/upgrade Telegraf" - name: "Install/upgrade Telegraf"
block: block:
- name: "set fact: Need telegraf install?" - name: "Set fact: Need telegraf install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_telegraf_install: false need_telegraf_install: false
when: telegraph_binary_location is defined when: telegraph_binary_location is defined
- name: Check if telegraf is installed - name: Check if telegraf is installed
ansible.builtin.stat: ansible.builtin.stat:
path: "{{ telegraph_binary_location }}" path: "{{ telegraph_binary_location }}"
check_mode: false check_mode: false
register: telegraf_binary_exists register: telegraf_binary_exists
when: telegraph_binary_location is defined when: telegraph_binary_location is defined
- name: "set fact: Need telegraf install?" - name: "Set fact: Need telegraf install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_telegraf_install: true need_telegraf_install: true
check_mode: false check_mode: false
when: when:
- telegraph_binary_location is defined - telegraph_binary_location is defined
- not telegraf_binary_exists.stat.exists - not telegraf_binary_exists.stat.exists
- name: Check current version of telegraf - name: Check current version of telegraf
ansible.builtin.shell: "{{ telegraph_binary_location }} --version | grep -oE '[0-9]+\\.[0-9]+\\.[0-9]+'" ansible.builtin.shell: "{{ telegraph_binary_location }} --version | grep -oE '[0-9]+\\.[0-9]+\\.[0-9]+'"
ignore_errors: true ignore_errors: true
register: current_telegraf_version register: current_telegraf_version
check_mode: false check_mode: false
changed_when: false changed_when: false
when: when:
- not need_telegraf_install - not need_telegraf_install
- telegraph_binary_location is defined - telegraph_binary_location is defined
- name: "set fact: Need telegraf install?" - name: "Set fact: Need telegraf install?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_telegraf_install: true need_telegraf_install: true
when: when:
- telegraph_binary_location is defined - telegraph_binary_location is defined
- not need_telegraf_install - not need_telegraf_install
- current_telegraf_version.stdout is version(telegraf_version, '<') - current_telegraf_version.stdout is version(telegraf_version, '<')
- name: install telegraf (MacOS) - name: Install telegraf (MacOS)
community.general.homebrew: community.general.homebrew:
name: telegraf name: telegraf
state: present state: present
notify: restart_telegraf notify: restart_telegraf
when: when:
- ansible_os_family == 'Darwin' - ansible_os_family == 'Darwin'
- need_telegraf_install - need_telegraf_install
- name: install base apt-transport (Debian) - name: Install base apt-transport (Debian)
become: true become: true
ansible.builtin.apt: ansible.builtin.apt:
pkg: apt-transport-https pkg: apt-transport-https
state: present state: present
update_cache: true update_cache: true
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- need_telegraf_install - need_telegraf_install
- name: Download telegraf GPG key (Debian) - name: Download telegraf GPG key (Debian)
become: true become: true
ansible.builtin.apt_key: ansible.builtin.apt_key:
state: present state: present
url: "https://repos.influxdata.com/influxdb.key" url: "https://repos.influxdata.com/influxdb.key"
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- need_telegraf_install - need_telegraf_install
- name: Add telegraf repository to apt (Debian) - name: Add telegraf repository to apt (Debian)
become: true become: true
ansible.builtin.apt_repository: ansible.builtin.apt_repository:
repo: deb https://repos.influxdata.com/debian bullseye stable repo: deb https://repos.influxdata.com/debian bullseye stable
state: present state: present
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- need_telegraf_install - need_telegraf_install
- name: install telegraf (Debian) - name: Install telegraf (Debian)
become: true become: true
ansible.builtin.apt: ansible.builtin.apt:
pkg: telegraf pkg: telegraf
state: latest state: latest
update_cache: true update_cache: true
only_upgrade: true only_upgrade: true
notify: restart_telegraf notify: restart_telegraf
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- need_telegraf_install - need_telegraf_install
# - name: give telegraf access to docker # - name: give telegraf access to docker
# become: true # become: true
@@ -162,115 +162,115 @@
- name: "Install speedtest" - name: "Install speedtest"
when: "'pis' in group_names" when: "'pis' in group_names"
block: block:
- name: "set fact: do we need speedtest installed?" - name: "Set fact: do we need speedtest installed?"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_speedtest_install: false need_speedtest_install: false
- name: Check if speedtest is installed - name: Check if speedtest is installed
ansible.builtin.stat: ansible.builtin.stat:
path: /usr/local/bin/speedtest path: /usr/local/bin/speedtest
register: speedtest_binary_file_location register: speedtest_binary_file_location
- name: "set fact: do we need a speedtest install" - name: "Set fact: do we need a speedtest install"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_speedtest_install: true need_speedtest_install: true
when: when:
- not speedtest_binary_file_location.stat.exists - not speedtest_binary_file_location.stat.exists
- name: Check current version of speedtest - name: Check current version of speedtest
ansible.builtin.shell: /usr/local/bin/speedtest --version | head -n1 | awk '{print $4}' | grep -oE '[0-9]+\.[0-9]+\.[0-9]+' ansible.builtin.shell: /usr/local/bin/speedtest --version | head -n1 | awk '{print $4}' | grep -oE '[0-9]+\.[0-9]+\.[0-9]+'
ignore_errors: true ignore_errors: true
register: current_speedtest_version register: current_speedtest_version
check_mode: false check_mode: false
changed_when: false changed_when: false
when: when:
- not need_speedtest_install - not need_speedtest_install
- name: "set fact: do we need a speedtest install" - name: "Set fact: do we need a speedtest install"
ansible.builtin.set_fact: ansible.builtin.set_fact:
need_speedtest_install: true need_speedtest_install: true
when: when:
- not need_speedtest_install - not need_speedtest_install
- current_speedtest_version.stdout is version(speedtest_cli_version, '<') - current_speedtest_version.stdout is version(speedtest_cli_version, '<')
- name: "Install speedtest (pi)" - name: "Install speedtest (pi)"
become: true become: true
ansible.builtin.unarchive: ansible.builtin.unarchive:
src: "{{ speedtest_download_file_uri }}" src: "{{ speedtest_download_file_uri }}"
dest: /usr/local/bin dest: /usr/local/bin
remote_src: true remote_src: true
when: when:
- need_speedtest_install - need_speedtest_install
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'
- ansible_architecture == 'armv7l' - ansible_architecture == 'armv7l'
- name: "Configure Telegraf" - name: "Configure Telegraf"
block: block:
- name: "Ensure {{ telegraph_config_location }} exists" - name: "Ensure {{ telegraph_config_location }} exists"
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
mode: 0755 mode: 0755
loop: loop:
- "{{ telegraph_config_location }}" - "{{ telegraph_config_location }}"
- "{{ telegraph_config_location }}/telegraf.d" - "{{ telegraph_config_location }}/telegraf.d"
- name: template config files to server - name: Template config files to server
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: "644" mode: "644"
loop: loop:
- { src: "telegraf/base_config.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.conf" } - { src: "telegraf/base_config.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.conf" }
- { src: "telegraf/custom_metrics.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/custom_metrics.conf" } - { src: "telegraf/custom_metrics.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/custom_metrics.conf" }
- { src: "telegraf/nomad.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/nomad.conf" } - { src: "telegraf/nomad.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/nomad.conf" }
- { src: "telegraf/docker.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/docker.conf" } - { src: "telegraf/docker.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/docker.conf" }
notify: restart_telegraf notify: restart_telegraf
- name: template leader configs (ie, configs that should be placed on a single server) - name: Template leader configs (ie, configs that should be placed on a single server)
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
mode: "644" mode: "644"
loop: loop:
- { src: "telegraf/leader.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/leader.conf" } - { src: "telegraf/leader.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/leader.conf" }
- { src: "telegraf/speedtest.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/speedtest.conf" } - { src: "telegraf/speedtest.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/speedtest.conf" }
- { src: "telegraf/pingHosts.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/pingHosts.conf" } - { src: "telegraf/pingHosts.conf.j2", dest: "{{ telegraph_config_location }}/telegraf.d/pingHosts.conf" }
when: when:
- is_cluster_leader - is_cluster_leader
notify: restart_telegraf notify: restart_telegraf
- name: Copy custom metrics script - name: Copy custom metrics script
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: "scripts/telegraf_custom_metrics.sh.j2" src: "scripts/telegraf_custom_metrics.sh.j2"
dest: "/usr/local/bin/telegraf_custom_metrics.sh" dest: "/usr/local/bin/telegraf_custom_metrics.sh"
mode: 0755 mode: 0755
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
when: when:
- inventory_hostname != 'synology' - inventory_hostname != 'synology'
- name: Copy speedtest script - name: Copy speedtest script
become: true become: true
ansible.builtin.template: ansible.builtin.template:
src: "scripts/telegraf_speedtest.sh.j2" src: "scripts/telegraf_speedtest.sh.j2"
dest: "/usr/local/bin/telegraf_speedtest.sh" dest: "/usr/local/bin/telegraf_speedtest.sh"
mode: 0755 mode: 0755
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
when: when:
- is_cluster_leader - is_cluster_leader
- name: Reset file ownership - name: Reset file ownership
become: true become: true
ansible.builtin.file: ansible.builtin.file:
path: "{{ telegraph_config_location }}" path: "{{ telegraph_config_location }}"
owner: "{{ ansible_user_uid }}" owner: "{{ ansible_user_uid }}"
group: "{{ ansible_user_gid }}" group: "{{ ansible_user_gid }}"
recurse: true recurse: true
when: when:
- (ansible_os_family == 'Darwin') or (inventory_hostname == 'synology') - (ansible_os_family == 'Darwin') or (inventory_hostname == 'synology')