hyperreal.bsky.moonshadow.dev / ansible-homelab
Playbooks I use for my homelab
fork atom

Update freebsd-update.yml; add rsyslog-setup.yml

hyperreal.bsky.moonshadow.dev 2795f254 36c6ab59

options
unified split
Changed files
+68 -13
freebsd-update.yml
inventory.yml
rsyslog-setup.yml
+20
freebsd-update.yml 
···

       
20

       
20

       
 

       
        state: latest


     

       
21

       
21

       
 

       
        jail: "{{ item }}"


     

       
22

       
22

       
 

       
      with_items: "{{ jails }}"


     

       

       
23

       
+

       



     

       

       
24

       
+

       
    - name: Fetch and install updates


     

       

       
25

       
+

       
      ansible.builtin.shell: freebsd-update fetch install


     

       

       
26

       
+

       
      register: updated


     

       

       
27

       
+

       
      changed_when: '"No updates are available to install." not in updated.stdout'


     

       

       
28

       
+

       



     

       

       
29

       
+

       
    - name: Fetch and install updates in aa-torrenting jail


     

       

       
30

       
+

       
      ansible.builtin.shell: freebsd-update -j aa-torrenting fetch install


     

       

       
31

       
+

       
      register: updated_aa_torrenting


     

       

       
32

       
+

       
      changed_when: '"No updates are available to install." not in updated_aa_torrenting.stdout'


     

       

       
33

       
+

       



     

       

       
34

       
+

       
    - name: Fetch and install updates in blocky jail


     

       

       
35

       
+

       
      ansible.builtin.shell: freebsd-update -j blocky fetch install


     

       

       
36

       
+

       
      register: updated_blocky


     

       

       
37

       
+

       
      changed_when: '"No updates are available to install." not in updated_blocky.stdout'


     

       

       
38

       
+

       



     

       

       
39

       
+

       
    - name: Fetch and install updates in unbound jail


     

       

       
40

       
+

       
      ansible.builtin.shell: freebsd-update -j unbound fetch install


     

       

       
41

       
+

       
      register: updated_unbound


     

       

       
42

       
+

       
      changed_when: '"No updates are available to install." not in updated_unbound.stdout'
+3 -13
inventory.yml 
···

       
35

       
35

       
 

       
      ansible_python_interpreter: /usr/bin/python3


     

       
36

       
36

       
 

       



     

       
37

       
37

       
 

       
promclients:


     

       
38

       

       
-

       
  hosts:


     

       
39

       

       
-

       
    hyperreal.coffee:


     

       
40

       

       
-

       
      ansible_user: jas


     

       
41

       

       
-

       
      ansible_host: hyperreal.headscale.moonshadow.dev


     

       
42

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
43

       

       
-

       
    headscale:


     

       
44

       

       
-

       
      ansible_user: jas


     

       
45

       

       
-

       
      ansible_host: headscale.headscale.moonshadow.dev


     

       
46

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
47

       

       
-

       
    archive-warrior:


     

       
48

       

       
-

       
      ansible_user: jas


     

       
49

       

       
-

       
      ansible_host: archive-warrior.headscale.moonshadow.dev


     

       
50

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       

       
38

       
+

       
  children:


     

       

       
39

       
+

       
    debianservers:


     

       

       
40

       
+

       
    almaservers:
+45
rsyslog-setup.yml 
···

       

       
1

       
+

       
---


     

       

       
2

       
+

       
- hosts: promclients


     

       

       
3

       
+

       
  gather_facts: true


     

       

       
4

       
+

       
  become: true


     

       

       
5

       
+

       



     

       

       
6

       
+

       
  tasks:


     

       

       
7

       
+

       
    - name: Ensure rsyslog is installed


     

       

       
8

       
+

       
      ansible.builtin.package:


     

       

       
9

       
+

       
        name: rsyslog


     

       

       
10

       
+

       
        state: latest


     

       

       
11

       
+

       



     

       

       
12

       
+

       
    - name: Ensure rsyslog is enabled


     

       

       
13

       
+

       
      ansible.builtin.systemd_service:


     

       

       
14

       
+

       
        name: rsyslog


     

       

       
15

       
+

       
        enabled: true


     

       

       
16

       
+

       
        state: started


     

       

       
17

       
+

       



     

       

       
18

       
+

       
    - name: Remove any forwarding file if exists


     

       

       
19

       
+

       
      ansible.builtin.file:


     

       

       
20

       
+

       
        path: /etc/rsyslog.d/forward.conf


     

       

       
21

       
+

       
        state: absent


     

       

       
22

       
+

       



     

       

       
23

       
+

       
    - name: Get control node headnet IP address


     

       

       
24

       
+

       
      ansible.builtin.shell: tailscale status | head -1 | awk '{print $1}'


     

       

       
25

       
+

       
      register: ctrl_headnet_ip_addr


     

       

       
26

       
+

       
      delegate_to: 127.0.0.1


     

       

       
27

       
+

       



     

       

       
28

       
+

       
    - name: Configure log forwarding


     

       

       
29

       
+

       
      ansible.builtin.blockinfile:


     

       

       
30

       
+

       
        path: /etc/rsyslog.d/forward.conf


     

       

       
31

       
+

       
        create: true


     

       

       
32

       
+

       
        owner: root


     

       

       
33

       
+

       
        group: root


     

       

       
34

       
+

       
        mode: 0644


     

       

       
35

       
+

       
        block: |


     

       

       
36

       
+

       
          # Forward to desktop.headscale.moonshadow.dev ({{ctrl_headnet_ip_addr.stdout}})


     

       

       
37

       
+

       
          *.* action(type="omfwd" target="{{ctrl_headnet_ip_addr.stdout}}" port="514" protocol="tcp"


     

       

       
38

       
+

       
              action.resumeRetryCount="100"


     

       

       
39

       
+

       
              queue.type="linkedList" queue.size="10000")


     

       

       
40

       
+

       



     

       

       
41

       
+

       
    - name: Restart rsyslog


     

       

       
42

       
+

       
      ansible.builtin.systemd_service:


     

       

       
43

       
+

       
        name: rsyslog


     

       

       
44

       
+

       
        enabled: true


     

       

       
45

       
+

       
        state: restarted