diff --git a/command-to-run.txt b/command-to-run.txt index 9cab5b3..e9fdfc1 100644 --- a/command-to-run.txt +++ b/command-to-run.txt @@ -1,2 +1,4 @@ ansible-playbook --ask-become-pass -i ~/.ansible/inventory playbook.yml ansible-galaxy role init {role-to-create} + +mkpasswd --method=sha-512 diff --git a/roles/ansible-role-docker/tasks/main.yml b/roles/ansible-role-docker/tasks/main.yml index dcd47de..187b29a 100644 --- a/roles/ansible-role-docker/tasks/main.yml +++ b/roles/ansible-role-docker/tasks/main.yml @@ -96,3 +96,9 @@ - include_tasks: docker-users.yml when: at_least_one_user_to_modify is defined + + +- name: Install docker python package + ansible.builtin.pip: + name: docker + extra_args: "--break-system-packages" diff --git a/roles/nfs-share/.travis.yml b/roles/create_samba_user/.travis.yml similarity index 100% rename from roles/nfs-share/.travis.yml rename to roles/create_samba_user/.travis.yml diff --git a/roles/nfs-share/README.md b/roles/create_samba_user/README.md similarity index 100% rename from roles/nfs-share/README.md rename to roles/create_samba_user/README.md diff --git a/roles/create_samba_user/defaults/main.yml b/roles/create_samba_user/defaults/main.yml new file mode 100644 index 0000000..0bfd24f --- /dev/null +++ b/roles/create_samba_user/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for create_samba_user diff --git a/roles/create_samba_user/handlers/main.yml b/roles/create_samba_user/handlers/main.yml new file mode 100644 index 0000000..9518990 --- /dev/null +++ b/roles/create_samba_user/handlers/main.yml @@ -0,0 +1,6 @@ +--- +# handlers file for create_samba_user +- name: smb restart + service: + name: smb + state: restarted \ No newline at end of file diff --git a/roles/nfs-share/meta/main.yml b/roles/create_samba_user/meta/main.yml similarity index 100% rename from roles/nfs-share/meta/main.yml rename to roles/create_samba_user/meta/main.yml diff --git a/roles/create_samba_user/tasks/main.yml b/roles/create_samba_user/tasks/main.yml new file mode 100644 index 0000000..71e48c1 --- /dev/null +++ b/roles/create_samba_user/tasks/main.yml @@ -0,0 +1,21 @@ +--- +# tasks file for create_samba_user +- name: Create + ansible.builtin.blockinfile: + state: present + owner: root + group: root + insertafter: EOF + path: /etc/samba/smb.conf + mode: '0644' + block: | + [{{ samba_user }}] + comment = {{ samba_user }} samba + path = {{ samba_mountpoint }} + browseable = yes + writeable = yes + read only = no + create mask = 0700 + directory mask = 0700 + valid users = {{ samba_user }} + notify: smb restart \ No newline at end of file diff --git a/roles/nfs-share/tests/inventory b/roles/create_samba_user/tests/inventory similarity index 100% rename from roles/nfs-share/tests/inventory rename to roles/create_samba_user/tests/inventory diff --git a/roles/create_samba_user/tests/test.yml b/roles/create_samba_user/tests/test.yml new file mode 100644 index 0000000..a94884d --- /dev/null +++ b/roles/create_samba_user/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - create_samba_user diff --git a/roles/create_samba_user/vars/main.yml b/roles/create_samba_user/vars/main.yml new file mode 100644 index 0000000..17a16b8 --- /dev/null +++ b/roles/create_samba_user/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for create_samba_user diff --git a/roles/zfs-install/.travis.yml b/roles/create_user/.travis.yml similarity index 100% rename from roles/zfs-install/.travis.yml rename to roles/create_user/.travis.yml diff --git a/roles/zfs-install/README.md b/roles/create_user/README.md similarity index 100% rename from roles/zfs-install/README.md rename to roles/create_user/README.md diff --git a/roles/create_user/defaults/main.yml b/roles/create_user/defaults/main.yml new file mode 100644 index 0000000..d7ead5c --- /dev/null +++ b/roles/create_user/defaults/main.yml @@ -0,0 +1,6 @@ +--- +# defaults file for create_user +primary_group: "{{ user }}" +secondary_groups: '' +shell: "/bin/bash" +home: "/home/{{ user }}" diff --git a/roles/create_user/handlers/main.yml b/roles/create_user/handlers/main.yml new file mode 100644 index 0000000..32e3928 --- /dev/null +++ b/roles/create_user/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for create_user diff --git a/roles/zfs-install/meta/main.yml b/roles/create_user/meta/main.yml similarity index 100% rename from roles/zfs-install/meta/main.yml rename to roles/create_user/meta/main.yml diff --git a/roles/create_user/tasks/main.yml b/roles/create_user/tasks/main.yml new file mode 100644 index 0000000..39b89c6 --- /dev/null +++ b/roles/create_user/tasks/main.yml @@ -0,0 +1,45 @@ +--- +# tasks file for create_user +- name: Adding group + ansible.builtin.group: + name: "{{ primary_group }}" + state: present + +- name: Adding user + ansible.builtin.user: + name: "{{ user }}" + group: "{{ primary_group }}" + uid: "{{ uid }}" + shell: "{{ shell }}" + groups: "{{ secondary_groups }}" + home: "{{ home }}" + password: "{{ password }}" + +- name: Dowload ssh key + ansible.builtin.uri: + url: "{{ user_ssh_key_url }}" + method: GET + return_content: true + register: ssh_key + when: user_ssh_key_url is defined + +- name: Setting ssh key + ansible.builtin.blockinfile: + state: present + owner: "{{ user }}" + group: "{{ primary_group }}" + insertafter: EOF + path: /home/{{ user }}/.ssh/authorized_keys + mode: '0644' + create: true + block: | + {{ ssh_key.content }} + when: user_ssh_key_url is defined + +- name: Set permissions to .ssh folder + ansible.builtin.file: + path: /home/{{ user }}/.ssh + owner: "{{ user }}" + group: "{{ primary_group }}" + mode: '0711' + when: user_ssh_key_url is defined diff --git a/roles/zfs-install/tests/inventory b/roles/create_user/tests/inventory similarity index 100% rename from roles/zfs-install/tests/inventory rename to roles/create_user/tests/inventory diff --git a/roles/create_user/tests/test.yml b/roles/create_user/tests/test.yml new file mode 100644 index 0000000..53baf4f --- /dev/null +++ b/roles/create_user/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - create_user diff --git a/roles/create_user/vars/main.yml b/roles/create_user/vars/main.yml new file mode 100644 index 0000000..df5579e --- /dev/null +++ b/roles/create_user/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for create_user diff --git a/roles/create_zfs_dataset/defaults/main.yml b/roles/create_zfs_dataset/defaults/main.yml index 4ff853d..fa8f2e2 100644 --- a/roles/create_zfs_dataset/defaults/main.yml +++ b/roles/create_zfs_dataset/defaults/main.yml @@ -1,5 +1,6 @@ --- # defaults file for create_zfs_dataset zfs_dataset_size: 10M -zfs_dataset_mountpoint: "{{ zfs_pool_name }}/{{ zfs_dataset_name }}" - +zfs_dataset_mountpoint: "/{{ zfs_pool_name }}/{{ zfs_dataset_name }}" +zfs_dataset_user: root +zfs_dataset_group: root diff --git a/roles/create_zfs_dataset/tasks/main.yml b/roles/create_zfs_dataset/tasks/main.yml index fd0df97..2198e4f 100644 --- a/roles/create_zfs_dataset/tasks/main.yml +++ b/roles/create_zfs_dataset/tasks/main.yml @@ -5,5 +5,12 @@ name: "{{ zfs_pool_name }}/{{ zfs_dataset_name }}" state: present extra_zfs_properties: - quota: {{ zfs_dataset_size }} - mountpoint: {{ zfs_dataset_mountpoint }} \ No newline at end of file + quota: "{{ zfs_dataset_size }}" + mountpoint: "{{ zfs_dataset_mountpoint }}" + +- name: Dir Ownershipt to {{ user }} + ansible.builtin.file: + path: "{{ zfs_dataset_mountpoint }}" + owner: "{{ zfs_dataset_user }}" + group: "{{ zfs_dataset_group }}" + mode: '0731' diff --git a/roles/docker_spin_up/.travis.yml b/roles/docker_spin_up/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/docker_spin_up/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/docker_spin_up/README.md b/roles/docker_spin_up/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/docker_spin_up/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/docker_spin_up/defaults/main.yml b/roles/docker_spin_up/defaults/main.yml new file mode 100644 index 0000000..7cde2d3 --- /dev/null +++ b/roles/docker_spin_up/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for docker_spin_up diff --git a/roles/docker_spin_up/handlers/main.yml b/roles/docker_spin_up/handlers/main.yml new file mode 100644 index 0000000..6ffc348 --- /dev/null +++ b/roles/docker_spin_up/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for docker_spin_up diff --git a/roles/docker_spin_up/meta/main.yml b/roles/docker_spin_up/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/docker_spin_up/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/docker_spin_up/tasks/main.yml b/roles/docker_spin_up/tasks/main.yml new file mode 100644 index 0000000..d746b4b --- /dev/null +++ b/roles/docker_spin_up/tasks/main.yml @@ -0,0 +1,13 @@ +--- +# tasks file for docker_spin_up +#- name: Copy composer +# template: +# src: "../templates/{{ docker_compose_file }}" +# dest: "/{{ docker_homepath }}/docker-compose.yml" +# owner: root +# group: root +# mode: '0644' + +- name: Spin up "{{ docker_name }}" + ansible.builtin.include_tasks: + "{{ docker_compose_file }}" \ No newline at end of file diff --git a/roles/docker_spin_up/tasks/transmission.yaml b/roles/docker_spin_up/tasks/transmission.yaml new file mode 100644 index 0000000..5865913 --- /dev/null +++ b/roles/docker_spin_up/tasks/transmission.yaml @@ -0,0 +1,24 @@ +--- +- name: transmission + community.docker.docker_container: + name: transmission + image: lscr.io/linuxserver/transmission:latest + #container_name: transmission + env: + PUID: "{{ uid }}" + PGID: "{{ uid }}" + TZ: Europe/Berlin + #TRANSMISSION_WEB_HOME=/combustion-release/ #optional + USER: "{{ user }}" #optional + PASS: "{{ password }}" #optional + volumes: + # - /path/to/data:/config + - "{{ docker_homepath }}/downloads:/downloads" + - "{{ docker_homepath }}/watch:/watch" + ports: + - 9091:9091 + - 51413:51413 + - 51413:51413/udp + restart_policy: unless-stopped + #networks: + # - name: global \ No newline at end of file diff --git a/roles/docker_spin_up/tests/inventory b/roles/docker_spin_up/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/docker_spin_up/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/docker_spin_up/tests/test.yml b/roles/docker_spin_up/tests/test.yml new file mode 100644 index 0000000..6041d25 --- /dev/null +++ b/roles/docker_spin_up/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - docker_spin_up diff --git a/roles/docker_spin_up/vars/main.yml b/roles/docker_spin_up/vars/main.yml new file mode 100644 index 0000000..c225738 --- /dev/null +++ b/roles/docker_spin_up/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for docker_spin_up diff --git a/roles/linux_config_init/tasks/main.yml b/roles/linux_config_init/tasks/main.yml index 70a4b5e..761a257 100644 --- a/roles/linux_config_init/tasks/main.yml +++ b/roles/linux_config_init/tasks/main.yml @@ -6,9 +6,10 @@ - sudoer_no_passwd.yml - hostname_set.yml - git.yml - - create_user.yml +# - create_user.yml - set_perma_ip.yml - bashrc_copy.yml + - timezone.yml #- name: Set Pernament IP # ansible.builtin.include_tasks: set_perma_ip.yml diff --git a/roles/linux_config_init/tasks/timezone.yml b/roles/linux_config_init/tasks/timezone.yml new file mode 100644 index 0000000..50f18c9 --- /dev/null +++ b/roles/linux_config_init/tasks/timezone.yml @@ -0,0 +1,3 @@ +- name: Set timezone to Europe/Prague + community.general.timezone: + name: Europe/Prague \ No newline at end of file diff --git a/roles/nfs_install/.travis.yml b/roles/nfs_install/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/nfs_install/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/nfs_install/README.md b/roles/nfs_install/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/nfs_install/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/nfs-share/defaults/main.yml b/roles/nfs_install/defaults/main.yml similarity index 100% rename from roles/nfs-share/defaults/main.yml rename to roles/nfs_install/defaults/main.yml diff --git a/roles/nfs-share/handlers/main.yml b/roles/nfs_install/handlers/main.yml similarity index 100% rename from roles/nfs-share/handlers/main.yml rename to roles/nfs_install/handlers/main.yml diff --git a/roles/nfs_install/meta/main.yml b/roles/nfs_install/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/nfs_install/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/nfs-share/tasks/main.yml b/roles/nfs_install/tasks/main.yml similarity index 100% rename from roles/nfs-share/tasks/main.yml rename to roles/nfs_install/tasks/main.yml diff --git a/roles/nfs_install/tests/inventory b/roles/nfs_install/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/nfs_install/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/nfs-share/tests/test.yml b/roles/nfs_install/tests/test.yml similarity index 100% rename from roles/nfs-share/tests/test.yml rename to roles/nfs_install/tests/test.yml diff --git a/roles/nfs-share/vars/main.yml b/roles/nfs_install/vars/main.yml similarity index 100% rename from roles/nfs-share/vars/main.yml rename to roles/nfs_install/vars/main.yml diff --git a/roles/proxmox/tasks/main.yml b/roles/proxmox/tasks/main.yml index cdc9ebd..892378a 100644 --- a/roles/proxmox/tasks/main.yml +++ b/roles/proxmox/tasks/main.yml @@ -5,4 +5,5 @@ loop: - set_community_repo.yml - iommu.yml + #- set_wol.yml \ No newline at end of file diff --git a/roles/proxmox/tasks/set_wol.yml b/roles/proxmox/tasks/set_wol.yml new file mode 100644 index 0000000..0d7e97b --- /dev/null +++ b/roles/proxmox/tasks/set_wol.yml @@ -0,0 +1 @@ +#no fuctiona for now \ No newline at end of file diff --git a/roles/samba_install/.travis.yml b/roles/samba_install/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/samba_install/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/samba_install/README.md b/roles/samba_install/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/samba_install/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/samba_install/defaults/main.yml b/roles/samba_install/defaults/main.yml new file mode 100644 index 0000000..055a76d --- /dev/null +++ b/roles/samba_install/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for samba_install diff --git a/roles/samba_install/handlers/main.yml b/roles/samba_install/handlers/main.yml new file mode 100644 index 0000000..1938dfa --- /dev/null +++ b/roles/samba_install/handlers/main.yml @@ -0,0 +1,6 @@ +--- +# handlers file for samba_install +- name: smb restart + service: + name: smb + state: restarted \ No newline at end of file diff --git a/roles/samba_install/meta/main.yml b/roles/samba_install/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/samba_install/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/samba_install/tasks/main.yml b/roles/samba_install/tasks/main.yml new file mode 100644 index 0000000..943f3cf --- /dev/null +++ b/roles/samba_install/tasks/main.yml @@ -0,0 +1,22 @@ +--- +# tasks file for samba_install +- name: Install + ansible.builtin.package: + name: + - samba + state: present + +- name: Start and enabled + ansible.builtin.service: + name: smbd + state: started + enabled: true + +- name: Copy config + template: + src: ../templates/smb.conf + dest: /etc/samba/smb.conf + owner: root + group: root + mode: '0644' + notify: smb restart diff --git a/roles/samba_install/templates/smb.conf b/roles/samba_install/templates/smb.conf new file mode 100644 index 0000000..21f7027 --- /dev/null +++ b/roles/samba_install/templates/smb.conf @@ -0,0 +1,54 @@ +[global] + workgroup = DOMA2 + interfaces = "{{ samba_ip }}" + bind interfaces only = yes + log file = /var/log/samba/log.%m + max log size = 1000 + logging = file + panic action = /usr/share/samba/panic-action %d + server role = standalone server + obey pam restrictions = yes + unix password sync = yes + passwd program = /usr/bin/passwd %u + passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . + pam password change = yes + map to guest = bad user +; logon path = \\%N\profiles\%U +; logon drive = H: +; logon script = logon.cmd +; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u +; add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u +; add group script = /usr/sbin/addgroup --force-badname %g +; include = /home/samba/etc/smb.conf.%m +; idmap config * : backend = tdb +; idmap config * : range = 3000-7999 +; idmap config YOURDOMAINHERE : backend = tdb +; idmap config YOURDOMAINHERE : range = 100000-999999 +; template shell = /bin/bash +;[netlogon] +; comment = Network Logon Service +; path = /home/samba/netlogon +; guest ok = yes +; read only = yes +;[profiles] +; comment = Users profiles +; path = /home/samba/profiles +; guest ok = no +; browseable = no +; create mask = 0600 +; directory mask = 0700 +;[printers] +; comment = All Printers +; browseable = no +; path = /var/spool/samba +; printable = yes +; guest ok = no +; read only = yes +; create mask = 0700 +;[print$] +; comment = Printer Drivers +; path = /var/lib/samba/printers +; browseable = yes +; read only = yes +; guest ok = no +; write list = root, @lpadmin \ No newline at end of file diff --git a/roles/samba_install/tests/inventory b/roles/samba_install/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/samba_install/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/samba_install/tests/test.yml b/roles/samba_install/tests/test.yml new file mode 100644 index 0000000..fc58879 --- /dev/null +++ b/roles/samba_install/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - samba_install diff --git a/roles/samba_install/vars/main.yml b/roles/samba_install/vars/main.yml new file mode 100644 index 0000000..a92b740 --- /dev/null +++ b/roles/samba_install/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for samba_install diff --git a/roles/tools_for_command_line/tasks/administration.yml b/roles/tools_for_command_line/tasks/administration.yml index 3f7079d..3ba48fb 100644 --- a/roles/tools_for_command_line/tasks/administration.yml +++ b/roles/tools_for_command_line/tasks/administration.yml @@ -18,6 +18,8 @@ - rsync - iotop - screen + - python3 + - python3-pip state: present - name: Wireguard deb diff --git a/roles/zfs_install/.travis.yml b/roles/zfs_install/.travis.yml new file mode 100644 index 0000000..36bbf62 --- /dev/null +++ b/roles/zfs_install/.travis.yml @@ -0,0 +1,29 @@ +--- +language: python +python: "2.7" + +# Use the new container infrastructure +sudo: false + +# Install ansible +addons: + apt: + packages: + - python-pip + +install: + # Install ansible + - pip install ansible + + # Check ansible version + - ansible --version + + # Create ansible.cfg with correct roles_path + - printf '[defaults]\nroles_path=../' >ansible.cfg + +script: + # Basic role syntax check + - ansible-playbook tests/test.yml -i tests/inventory --syntax-check + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/roles/zfs_install/README.md b/roles/zfs_install/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/zfs_install/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/zfs-install/defaults/main.yml b/roles/zfs_install/defaults/main.yml similarity index 100% rename from roles/zfs-install/defaults/main.yml rename to roles/zfs_install/defaults/main.yml diff --git a/roles/zfs-install/handlers/main.yml b/roles/zfs_install/handlers/main.yml similarity index 100% rename from roles/zfs-install/handlers/main.yml rename to roles/zfs_install/handlers/main.yml diff --git a/roles/zfs_install/meta/main.yml b/roles/zfs_install/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/zfs_install/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/zfs-install/tasks/main.yml b/roles/zfs_install/tasks/main.yml similarity index 100% rename from roles/zfs-install/tasks/main.yml rename to roles/zfs_install/tasks/main.yml diff --git a/roles/zfs_install/tests/inventory b/roles/zfs_install/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/zfs_install/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/zfs-install/tests/test.yml b/roles/zfs_install/tests/test.yml similarity index 100% rename from roles/zfs-install/tests/test.yml rename to roles/zfs_install/tests/test.yml diff --git a/roles/zfs-install/vars/main.yml b/roles/zfs_install/vars/main.yml similarity index 100% rename from roles/zfs-install/vars/main.yml rename to roles/zfs_install/vars/main.yml diff --git a/vault.yml b/vault.yml new file mode 100644 index 0000000..8158d8b --- /dev/null +++ b/vault.yml @@ -0,0 +1,19 @@ +$ANSIBLE_VAULT;1.1;AES256 +35363534613936356464373637376133343034633638376163633063383335636364373864353935 +3366356539376539316237303231373464336563383539330a666236356231323938656531643262 +39613261333032353332653034366537616535613164663333636133613066363833386462343036 +6137653433666632380a383132346135633637333831313735366430316263343732633865636262 +33393166353735636635633761386532373261623264376265396533613737313330613230343765 +32303133383264613764343933306166646236393463383133633231633866643765313163383436 +66356135373332303335636263643839383264343362323933303736383562313435616432653735 +35326132646439663932343264623133643737646533396362336662656633323064396332633966 +31326164363532633337313730616637336266646239346632363838643431336238616637376630 +63336334383139653231396532333530333465616539356532396164376264303534623937383261 +31666130633832616436616336353136363765326163336131363735353934323266633232616234 +30356136326138393134626135643464656336353362643635303937656161653036613337326134 +38633531303339613935336266386632363335613838356539613934626133363364323932343565 +32646361623837663832373933336338383737343237343364313134343030323432643034303432 +34313366633233373136346565363266336532333434303635353930343164316565626437356561 +33653339353563343330626232313331656638366538666535313936343664613165306133356163 +33373561633062613564306133336562643235643065323961303666306565366532663033393035 +3737656462363930383834613234666131626161343761303435 diff --git a/zeus.yml b/zeus.yml index e3ea681..95461d5 100644 --- a/zeus.yml +++ b/zeus.yml @@ -1,40 +1,79 @@ #- name: Init for zeus -# hosts: zeus +# hosts: zeus-public # become: true +# vars_files: +# - vault.yml # vars: # user: warezjoe # uid: 1000 +# password: "{{ warezjoe_password }}" # user_ssh_key_url: https://github.com/MatousVondrejka.keys # host: zeus # set_ip: true # false # in_face: ens18 # ip: 192.168.5.7 +# samba_ip: "{{ ip }}/32" +# docker_users: "{{ user }}" +# roles: +# - role: create_user +# - role: linux_config_init +# - role: tools_for_command_line +# - role: ansible-role-security +# - role: zfs_install +# - role: nfs_install +# - role: samba_install +# - role: ansible-role-docker + + +#- name: Zfs dataset + Samba - Tata +# hosts: zeus-public +# become: true +# vars_files: +# - vault.yml +# vars: +# user: tata +# primary_group: nogroup +# uid: 1001 +# password: "{{ tata_password }}" +# home: /bigpool/tata +# shell: "/bin/false" +# zfs_pool_name: bigpool +# zfs_dataset_name: "{{ user }}" +# zfs_dataset_user: "{{ user }}" +# zfs_dataset_group: "{{ primary_group }}" +# zfs_dataset_size: 1T +# samba_user: "{{ user }}" +# samba_mountpoint: "{{ home }}" # # roles: -# - role: linux_config_init -# # - role: tools_for_command_line -# # - role: ansible-role-security -# # - role: zfs-install -# # - role: nfs-config +# - role: create_user +# - role: create_user +# - role: create_zfs_dataset +# - role: create_samba_user + # smbpasswd -a tata + + +#- name: Torrent client spawn +# hosts: zeus-public +# become: true +# vars_files: +# - vault.yml +# vars: +# user: warezjoe +# uid: "1000" +# password: "{{ warezjoe_password_un }}" +# docker_name: transmission +# docker_compose_file: transmission.yaml +# zfs_pool_name: bigpool +# zfs_dataset_name: "{{ docker_name }}" +# zfs_dataset_user: "{{ user }}" +# zfs_dataset_group: "{{ user }}" +# zfs_dataset_size: 1T +# docker_homepath: "/{{ zfs_pool_name }}/{{ docker_name }}" +# +# roles: +# - role: create_zfs_dataset +# - role: docker_spin_up -- name: Zfs dataset + NFS - Tata - hosts: zeus - become: true - vars: - user: tata - group: nogroup - uid: 1001 - zfs_pool_name: bigpool - zfs_dataset_name: tata - #zfs_dataset_mountpoint: /bigpool/tata - zfs_dataset_size: 1T - samba-mountpoint: /bigpool/tata - samba-user: tata - samba-range: 192.168.5.0/24 - - roles: - - role: create_zfs_dataset - # - role: create_user - # - role: samba_user