Add lint configuration and CI and fix the identified errors #14
15 changed files with 759 additions and 761 deletions
|
@ -1,5 +1,5 @@
|
||||||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/ccchoir/compose.yaml.j2') }}"
|
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/ccchoir/compose.yaml.j2') }}"
|
||||||
docker_compose__configuration_files: []
|
docker_compose__configuration_files: [ ]
|
||||||
|
|
||||||
certbot__version_spec: ""
|
certbot__version_spec: ""
|
||||||
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pad/compose.yaml.j2') }}"
|
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pad/compose.yaml.j2') }}"
|
||||||
docker_compose__configuration_files: []
|
docker_compose__configuration_files: [ ]
|
||||||
|
|
||||||
certbot__version_spec: ""
|
certbot__version_spec: ""
|
||||||
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pretalx/compose.yaml.j2') }}"
|
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pretalx/compose.yaml.j2') }}"
|
||||||
docker_compose__configuration_files: []
|
docker_compose__configuration_files: [ ]
|
||||||
|
|
||||||
certbot__version_spec: ""
|
certbot__version_spec: ""
|
||||||
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/zammad/compose.yaml.j2') }}"
|
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/zammad/compose.yaml.j2') }}"
|
||||||
docker_compose__configuration_files: []
|
docker_compose__configuration_files: [ ]
|
||||||
|
|
||||||
certbot__version_spec: ""
|
certbot__version_spec: ""
|
||||||
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
certbot__acme_account_email_address: le-admin@hamburg.ccc.de
|
||||||
|
|
|
@ -1,10 +1,9 @@
|
||||||
apiVersion: 1
|
apiVersion: 1
|
||||||
|
|
||||||
datasources:
|
datasources:
|
||||||
- name: Prometheus
|
- name: Prometheus
|
||||||
type: prometheus
|
type: prometheus
|
||||||
url: http://prometheus:9090
|
url: http://prometheus:9090
|
||||||
isDefault: true
|
isDefault: true
|
||||||
access: proxy
|
access: proxy
|
||||||
editable: true
|
editable: true
|
||||||
|
|
||||||
|
|
|
@ -15,21 +15,21 @@ rule_files:
|
||||||
- "/etc/prometheus/rules/*.rules.yaml"
|
- "/etc/prometheus/rules/*.rules.yaml"
|
||||||
|
|
||||||
scrape_configs:
|
scrape_configs:
|
||||||
- job_name: prometheus
|
- job_name: prometheus
|
||||||
honor_timestamps: true
|
honor_timestamps: true
|
||||||
metrics_path: /metrics
|
metrics_path: /metrics
|
||||||
scheme: http
|
scheme: http
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- localhost:9090
|
- localhost:9090
|
||||||
- job_name: alertmanager
|
- job_name: alertmanager
|
||||||
honor_timestamps: true
|
honor_timestamps: true
|
||||||
metrics_path: /metrics
|
metrics_path: /metrics
|
||||||
scheme: http
|
scheme: http
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- alertmanager:9093
|
- alertmanager:9093
|
||||||
- job_name: c3lingo
|
- job_name: c3lingo
|
||||||
honor_timestamps: true
|
honor_timestamps: true
|
||||||
scrape_interval: 5s
|
scrape_interval: 5s
|
||||||
scrape_timeout: 1s
|
scrape_timeout: 1s
|
||||||
|
@ -38,7 +38,7 @@ scrape_configs:
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- mumble.c3lingo.org:443
|
- mumble.c3lingo.org:443
|
||||||
- job_name: mumble
|
- job_name: mumble
|
||||||
honor_timestamps: true
|
honor_timestamps: true
|
||||||
scrape_interval: 5s
|
scrape_interval: 5s
|
||||||
scrape_timeout: 1s
|
scrape_timeout: 1s
|
||||||
|
@ -47,14 +47,14 @@ scrape_configs:
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- mumble.hamburg.ccc.de:443
|
- mumble.hamburg.ccc.de:443
|
||||||
- job_name: opnsense-ccchh
|
- job_name: opnsense-ccchh
|
||||||
honor_timestamps: true
|
honor_timestamps: true
|
||||||
metrics_path: /metrics
|
metrics_path: /metrics
|
||||||
scheme: http
|
scheme: http
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- 185.161.129.132:9100
|
- 185.161.129.132:9100
|
||||||
- job_name: jitsi
|
- job_name: jitsi
|
||||||
honor_timestamps: true
|
honor_timestamps: true
|
||||||
scrape_interval: 5s
|
scrape_interval: 5s
|
||||||
scrape_timeout: 1s
|
scrape_timeout: 1s
|
||||||
|
@ -63,23 +63,23 @@ scrape_configs:
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge
|
- jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge
|
||||||
- job_name: 'pve'
|
- job_name: 'pve'
|
||||||
static_configs:
|
static_configs:
|
||||||
- targets:
|
- targets:
|
||||||
- 212.12.48.126 # chaosknoten
|
- 212.12.48.126 # chaosknoten
|
||||||
metrics_path: /pve
|
metrics_path: /pve
|
||||||
params:
|
params:
|
||||||
module: [default]
|
module: [ default ]
|
||||||
cluster: ['1']
|
cluster: [ '1' ]
|
||||||
node: ['1']
|
node: [ '1' ]
|
||||||
relabel_configs:
|
relabel_configs:
|
||||||
- source_labels: [__address__]
|
- source_labels: [ __address__ ]
|
||||||
target_label: __param_target
|
target_label: __param_target
|
||||||
- source_labels: [__param_target]
|
- source_labels: [ __param_target ]
|
||||||
target_label: instance
|
target_label: instance
|
||||||
- target_label: __address__
|
- target_label: __address__
|
||||||
replacement: pve-exporter:9221
|
replacement: pve-exporter:9221
|
||||||
- job_name: hosts
|
- job_name: hosts
|
||||||
static_configs:
|
static_configs:
|
||||||
# Wieske Chaosknoten VMs
|
# Wieske Chaosknoten VMs
|
||||||
- labels:
|
- labels:
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
# Links & Resources:
|
# Links & Resources:
|
||||||
# - https://samber.github.io/awesome-prometheus-alerts/rules
|
# - https://samber.github.io/awesome-prometheus-alerts/rules
|
||||||
groups:
|
groups:
|
||||||
- name: node-exporter
|
- name: node-exporter
|
||||||
rules:
|
rules:
|
||||||
- alert: HostOutOfMemory
|
- alert: HostOutOfMemory
|
||||||
expr: (node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes * 100 < 10) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
|
expr: (node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes * 100 < 10) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
|
||||||
|
@ -362,7 +362,7 @@ groups:
|
||||||
annotations:
|
annotations:
|
||||||
summary: Host requires reboot (instance {{ $labels.instance }})
|
summary: Host requires reboot (instance {{ $labels.instance }})
|
||||||
description: "{{ $labels.instance }} requires a reboot.\n VALUE = {{ $value }}"
|
description: "{{ $labels.instance }} requires a reboot.\n VALUE = {{ $value }}"
|
||||||
- name: prometheus
|
- name: prometheus
|
||||||
rules:
|
rules:
|
||||||
- alert: PrometheusJobMissing
|
- alert: PrometheusJobMissing
|
||||||
expr: absent(up{job="prometheus"})
|
expr: absent(up{job="prometheus"})
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
force: true
|
force: true
|
||||||
dest: /etc/ssh/sshd_config
|
dest: /etc/ssh/sshd_config
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
src: sshd_config.j2
|
src: sshd_config.j2
|
||||||
|
|
|
@ -4,4 +4,3 @@
|
||||||
user: chaos
|
user: chaos
|
||||||
exclusive: true
|
exclusive: true
|
||||||
key: https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys
|
key: https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys
|
||||||
|
|
|
@ -17,4 +17,4 @@ dependencies:
|
||||||
- role: docker_compose
|
- role: docker_compose
|
||||||
vars:
|
vars:
|
||||||
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'compose.yaml.j2') }}"
|
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'compose.yaml.j2') }}"
|
||||||
docker_compose__configuration_files: []
|
docker_compose__configuration_files: [ ]
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
nginx__deploy_redirect_conf: true
|
nginx__deploy_redirect_conf: true
|
||||||
nginx__deploy_tls_conf: true
|
nginx__deploy_tls_conf: true
|
||||||
nginx__configurations: []
|
nginx__configurations: [ ]
|
||||||
nginx__use_custom_nginx_conf: false
|
nginx__use_custom_nginx_conf: false
|
||||||
nginx__custom_nginx_conf: ""
|
nginx__custom_nginx_conf: ""
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
force: true
|
force: true
|
||||||
dest: /etc/nginx/nginx.conf.ansiblesave
|
dest: /etc/nginx/nginx.conf.ansiblesave
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
remote_src: true
|
remote_src: true
|
||||||
|
@ -22,7 +22,7 @@
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: "{{ nginx__custom_nginx_conf }}"
|
content: "{{ nginx__custom_nginx_conf }}"
|
||||||
dest: "/etc/nginx/nginx.conf"
|
dest: "/etc/nginx/nginx.conf"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
become: true
|
become: true
|
||||||
|
@ -36,7 +36,7 @@
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
force: true
|
force: true
|
||||||
dest: /etc/nginx/nginx.conf
|
dest: /etc/nginx/nginx.conf
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
remote_src: true
|
remote_src: true
|
||||||
|
@ -55,7 +55,7 @@
|
||||||
ansible.builtin.get_url:
|
ansible.builtin.get_url:
|
||||||
force: true
|
force: true
|
||||||
dest: /etc/nginx-mozilla-dhparam
|
dest: /etc/nginx-mozilla-dhparam
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
url: https://ssl-config.mozilla.org/ffdhe2048.txt
|
url: https://ssl-config.mozilla.org/ffdhe2048.txt
|
||||||
become: true
|
become: true
|
||||||
notify: Restart `nginx.service`
|
notify: Restart `nginx.service`
|
||||||
|
@ -71,7 +71,7 @@
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
force: true
|
force: true
|
||||||
dest: /etc/nginx/conf.d/tls.conf
|
dest: /etc/nginx/conf.d/tls.conf
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
src: tls.conf
|
src: tls.conf
|
||||||
|
@ -89,7 +89,7 @@
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
force: true
|
force: true
|
||||||
dest: /etc/nginx/conf.d/redirect.conf
|
dest: /etc/nginx/conf.d/redirect.conf
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
src: redirect.conf
|
src: redirect.conf
|
||||||
|
@ -104,7 +104,7 @@
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: "{{ item.content }}"
|
content: "{{ item.content }}"
|
||||||
dest: "/etc/nginx/conf.d/{{ item.name }}.conf"
|
dest: "/etc/nginx/conf.d/{{ item.name }}.conf"
|
||||||
mode: 0644
|
mode: "0644"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
become: true
|
become: true
|
||||||
|
|
Loading…
Reference in a new issue