Add lint configuration and CI and fix the identified errors #14

Merged
june merged 10 commits from lint_and_ci into main 2024-12-01 22:26:24 +01:00
15 changed files with 759 additions and 761 deletions
Showing only changes of commit 4060dbbe21 - Show all commits

View file

@ -1,5 +1,5 @@
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/ccchoir/compose.yaml.j2') }}" docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/ccchoir/compose.yaml.j2') }}"
docker_compose__configuration_files: [] docker_compose__configuration_files: [ ]
certbot__version_spec: "" certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__acme_account_email_address: le-admin@hamburg.ccc.de

View file

@ -1,5 +1,5 @@
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pad/compose.yaml.j2') }}" docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pad/compose.yaml.j2') }}"
docker_compose__configuration_files: [] docker_compose__configuration_files: [ ]
certbot__version_spec: "" certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__acme_account_email_address: le-admin@hamburg.ccc.de

View file

@ -1,5 +1,5 @@
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pretalx/compose.yaml.j2') }}" docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/pretalx/compose.yaml.j2') }}"
docker_compose__configuration_files: [] docker_compose__configuration_files: [ ]
certbot__version_spec: "" certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__acme_account_email_address: le-admin@hamburg.ccc.de

View file

@ -1,5 +1,5 @@
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/zammad/compose.yaml.j2') }}" docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'chaosknoten/configs/zammad/compose.yaml.j2') }}"
docker_compose__configuration_files: [] docker_compose__configuration_files: [ ]
certbot__version_spec: "" certbot__version_spec: ""
certbot__acme_account_email_address: le-admin@hamburg.ccc.de certbot__acme_account_email_address: le-admin@hamburg.ccc.de

View file

@ -1,10 +1,9 @@
apiVersion: 1 apiVersion: 1
datasources: datasources:
- name: Prometheus - name: Prometheus
type: prometheus type: prometheus
url: http://prometheus:9090 url: http://prometheus:9090
isDefault: true isDefault: true
access: proxy access: proxy
editable: true editable: true

View file

@ -15,21 +15,21 @@ rule_files:
- "/etc/prometheus/rules/*.rules.yaml" - "/etc/prometheus/rules/*.rules.yaml"
scrape_configs: scrape_configs:
- job_name: prometheus - job_name: prometheus
honor_timestamps: true honor_timestamps: true
metrics_path: /metrics metrics_path: /metrics
scheme: http scheme: http
static_configs: static_configs:
- targets: - targets:
- localhost:9090 - localhost:9090
- job_name: alertmanager - job_name: alertmanager
honor_timestamps: true honor_timestamps: true
metrics_path: /metrics metrics_path: /metrics
scheme: http scheme: http
static_configs: static_configs:
- targets: - targets:
- alertmanager:9093 - alertmanager:9093
- job_name: c3lingo - job_name: c3lingo
honor_timestamps: true honor_timestamps: true
scrape_interval: 5s scrape_interval: 5s
scrape_timeout: 1s scrape_timeout: 1s
@ -38,7 +38,7 @@ scrape_configs:
static_configs: static_configs:
- targets: - targets:
- mumble.c3lingo.org:443 - mumble.c3lingo.org:443
- job_name: mumble - job_name: mumble
honor_timestamps: true honor_timestamps: true
scrape_interval: 5s scrape_interval: 5s
scrape_timeout: 1s scrape_timeout: 1s
@ -47,14 +47,14 @@ scrape_configs:
static_configs: static_configs:
- targets: - targets:
- mumble.hamburg.ccc.de:443 - mumble.hamburg.ccc.de:443
- job_name: opnsense-ccchh - job_name: opnsense-ccchh
honor_timestamps: true honor_timestamps: true
metrics_path: /metrics metrics_path: /metrics
scheme: http scheme: http
static_configs: static_configs:
- targets: - targets:
- 185.161.129.132:9100 - 185.161.129.132:9100
- job_name: jitsi - job_name: jitsi
honor_timestamps: true honor_timestamps: true
scrape_interval: 5s scrape_interval: 5s
scrape_timeout: 1s scrape_timeout: 1s
@ -63,23 +63,23 @@ scrape_configs:
static_configs: static_configs:
- targets: - targets:
- jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge - jitsi.hamburg.ccc.de:9888 # Jitsi Video Bridge
- job_name: 'pve' - job_name: 'pve'
static_configs: static_configs:
- targets: - targets:
- 212.12.48.126 # chaosknoten - 212.12.48.126 # chaosknoten
metrics_path: /pve metrics_path: /pve
params: params:
module: [default] module: [ default ]
cluster: ['1'] cluster: [ '1' ]
node: ['1'] node: [ '1' ]
relabel_configs: relabel_configs:
- source_labels: [__address__] - source_labels: [ __address__ ]
target_label: __param_target target_label: __param_target
- source_labels: [__param_target] - source_labels: [ __param_target ]
target_label: instance target_label: instance
- target_label: __address__ - target_label: __address__
replacement: pve-exporter:9221 replacement: pve-exporter:9221
- job_name: hosts - job_name: hosts
static_configs: static_configs:
# Wieske Chaosknoten VMs # Wieske Chaosknoten VMs
- labels: - labels:

View file

@ -1,7 +1,7 @@
# Links & Resources: # Links & Resources:
# - https://samber.github.io/awesome-prometheus-alerts/rules # - https://samber.github.io/awesome-prometheus-alerts/rules
groups: groups:
- name: node-exporter - name: node-exporter
rules: rules:
- alert: HostOutOfMemory - alert: HostOutOfMemory
expr: (node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes * 100 < 10) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"} expr: (node_memory_MemAvailable_bytes / node_memory_MemTotal_bytes * 100 < 10) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}
@ -362,7 +362,7 @@ groups:
annotations: annotations:
summary: Host requires reboot (instance {{ $labels.instance }}) summary: Host requires reboot (instance {{ $labels.instance }})
description: "{{ $labels.instance }} requires a reboot.\n VALUE = {{ $value }}" description: "{{ $labels.instance }} requires a reboot.\n VALUE = {{ $value }}"
- name: prometheus - name: prometheus
rules: rules:
- alert: PrometheusJobMissing - alert: PrometheusJobMissing
expr: absent(up{job="prometheus"}) expr: absent(up{job="prometheus"})

View file

@ -7,7 +7,7 @@
ansible.builtin.template: ansible.builtin.template:
force: true force: true
dest: /etc/ssh/sshd_config dest: /etc/ssh/sshd_config
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root
src: sshd_config.j2 src: sshd_config.j2

View file

@ -4,4 +4,3 @@
user: chaos user: chaos
exclusive: true exclusive: true
key: https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys key: https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys/raw/branch/trunk/authorized_keys

View file

@ -17,4 +17,4 @@ dependencies:
- role: docker_compose - role: docker_compose
vars: vars:
docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'compose.yaml.j2') }}" docker_compose__compose_file_content: "{{ lookup('ansible.builtin.template', 'compose.yaml.j2') }}"
docker_compose__configuration_files: [] docker_compose__configuration_files: [ ]

View file

@ -1,5 +1,5 @@
nginx__deploy_redirect_conf: true nginx__deploy_redirect_conf: true
nginx__deploy_tls_conf: true nginx__deploy_tls_conf: true
nginx__configurations: [] nginx__configurations: [ ]
nginx__use_custom_nginx_conf: false nginx__use_custom_nginx_conf: false
nginx__custom_nginx_conf: "" nginx__custom_nginx_conf: ""

View file

@ -11,7 +11,7 @@
ansible.builtin.copy: ansible.builtin.copy:
force: true force: true
dest: /etc/nginx/nginx.conf.ansiblesave dest: /etc/nginx/nginx.conf.ansiblesave
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root
remote_src: true remote_src: true
@ -22,7 +22,7 @@
ansible.builtin.copy: ansible.builtin.copy:
content: "{{ nginx__custom_nginx_conf }}" content: "{{ nginx__custom_nginx_conf }}"
dest: "/etc/nginx/nginx.conf" dest: "/etc/nginx/nginx.conf"
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root
become: true become: true
@ -36,7 +36,7 @@
ansible.builtin.copy: ansible.builtin.copy:
force: true force: true
dest: /etc/nginx/nginx.conf dest: /etc/nginx/nginx.conf
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root
remote_src: true remote_src: true
@ -55,7 +55,7 @@
ansible.builtin.get_url: ansible.builtin.get_url:
force: true force: true
dest: /etc/nginx-mozilla-dhparam dest: /etc/nginx-mozilla-dhparam
mode: 0644 mode: "0644"
url: https://ssl-config.mozilla.org/ffdhe2048.txt url: https://ssl-config.mozilla.org/ffdhe2048.txt
become: true become: true
notify: Restart `nginx.service` notify: Restart `nginx.service`
@ -71,7 +71,7 @@
ansible.builtin.copy: ansible.builtin.copy:
force: true force: true
dest: /etc/nginx/conf.d/tls.conf dest: /etc/nginx/conf.d/tls.conf
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root
src: tls.conf src: tls.conf
@ -89,7 +89,7 @@
ansible.builtin.copy: ansible.builtin.copy:
force: true force: true
dest: /etc/nginx/conf.d/redirect.conf dest: /etc/nginx/conf.d/redirect.conf
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root
src: redirect.conf src: redirect.conf
@ -104,7 +104,7 @@
ansible.builtin.copy: ansible.builtin.copy:
content: "{{ item.content }}" content: "{{ item.content }}"
dest: "/etc/nginx/conf.d/{{ item.name }}.conf" dest: "/etc/nginx/conf.d/{{ item.name }}.conf"
mode: 0644 mode: "0644"
owner: root owner: root
group: root group: root
become: true become: true