Add base_config and deploy_systemd_journal_config
This commit is contained in:
parent
93212e2248
commit
328ec744cc
SSH key fingerprint:
SHA256:B3m+yzpaxGXSEcDBpPHfvza/DNC0wuX+CKMeGq8wgak
6 changed files with 48 additions and 18 deletions
inventories/chaosknoten
playbooks
roles
base_config/meta
deploy_systemd_journal_config
|
|
@ -51,6 +51,21 @@ all:
|
||||||
ansible_host: zammad-intern.hamburg.ccc.de
|
ansible_host: zammad-intern.hamburg.ccc.de
|
||||||
ansible_user: chaos
|
ansible_user: chaos
|
||||||
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
|
ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
|
||||||
|
base_config_hosts:
|
||||||
|
hosts:
|
||||||
|
ccchoir:
|
||||||
|
cloud:
|
||||||
|
grafana:
|
||||||
|
keycloak:
|
||||||
|
lists:
|
||||||
|
mumble:
|
||||||
|
onlyoffice:
|
||||||
|
pad:
|
||||||
|
pretalx:
|
||||||
|
public-reverse-proxy:
|
||||||
|
tickets:
|
||||||
|
wiki:
|
||||||
|
zammad:
|
||||||
docker_compose_hosts:
|
docker_compose_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
ccchoir:
|
ccchoir:
|
||||||
|
|
@ -82,21 +97,6 @@ all:
|
||||||
public_reverse_proxy_hosts:
|
public_reverse_proxy_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
public-reverse-proxy:
|
public-reverse-proxy:
|
||||||
ssh_server_config_hosts:
|
|
||||||
hosts:
|
|
||||||
ccchoir:
|
|
||||||
cloud:
|
|
||||||
grafana:
|
|
||||||
keycloak:
|
|
||||||
lists:
|
|
||||||
mumble:
|
|
||||||
onlyoffice:
|
|
||||||
pad:
|
|
||||||
pretalx:
|
|
||||||
public-reverse-proxy:
|
|
||||||
tickets:
|
|
||||||
wiki:
|
|
||||||
zammad:
|
|
||||||
certbot_hosts:
|
certbot_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
ccchoir:
|
ccchoir:
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
---
|
---
|
||||||
- name: Ensure SSH server config deployment on ssh_server_config_hosts
|
- name: Ensure base config is deployment on base_config_hosts
|
||||||
hosts: ssh_server_config_hosts
|
hosts: base_config_hosts
|
||||||
roles:
|
roles:
|
||||||
- deploy_ssh_server_config
|
- base_config
|
||||||
|
|
||||||
- name: Ensure deployment of infrastructure authorized keys
|
- name: Ensure deployment of infrastructure authorized keys
|
||||||
hosts: infrastructure_authorized_keys_hosts
|
hosts: infrastructure_authorized_keys_hosts
|
||||||
|
|
|
||||||
4
roles/base_config/meta/main.yaml
Normal file
4
roles/base_config/meta/main.yaml
Normal file
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
dependencies:
|
||||||
|
- role: deploy_ssh_server_config
|
||||||
|
- role: deploy_systemd_journal_config
|
||||||
3
roles/deploy_systemd_journal_config/files/10-ccchh.conf
Normal file
3
roles/deploy_systemd_journal_config/files/10-ccchh.conf
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
[Journal]
|
||||||
|
MaxFileSec=2day
|
||||||
|
MaxRetentionSec=2week
|
||||||
5
roles/deploy_systemd_journal_config/handlers/main.yaml
Normal file
5
roles/deploy_systemd_journal_config/handlers/main.yaml
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
- name: Restart `systemd-journald.service`
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: systemd-journald.service
|
||||||
|
state: restarted
|
||||||
|
become: true
|
||||||
18
roles/deploy_systemd_journal_config/tasks/main.yaml
Normal file
18
roles/deploy_systemd_journal_config/tasks/main.yaml
Normal file
|
|
@ -0,0 +1,18 @@
|
||||||
|
- name: Create 'journald.conf.d' directory if it does not exist
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "/etc/systemd/journald.conf.d"
|
||||||
|
state: directory
|
||||||
|
mode: '0644'
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: make sure the custom configuration file is deployed
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "10-ccchh.conf"
|
||||||
|
dest: "/etc/systemd/journald.conf.d/10-ccchh.conf"
|
||||||
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
become: true
|
||||||
|
notify: Restart `systemd-journald.service`
|
||||||
Loading…
Add table
Reference in a new issue