hyperreal.bsky.moonshadow.dev / ansible-homelab
Playbooks I use for my homelab
fork atom

update: all; add zfs-log-compress.yml

hyperreal.bsky.moonshadow.dev 8a945342 35bd6a1b

options
unified split
Changed files
+78 -22
check-borgmatic.yml
debian-update.yml
freebsd-update.yml
inventory.yml
prometheus-clients.yml
prometheus-servers.yml
remote-logging-setup.yml
zfs-log-compress.yml
+1 -1
check-borgmatic.yml 
···

       
1

       
1

       
 

       
---


     

       
2

       
2

       
 

       
- name: Check the date of the last borgmatic archive


     

       
3

       

       
-

       
  hosts: borgmatichosts


     

       

       
3

       
+

       
  hosts: borgmatic_hosts


     

       
4

       
4

       
 

       
  gather_facts: true


     

       
5

       
5

       
 

       
  become: true


     

       
6

       
6

       
 

       
  tasks:
+1 -1
debian-update.yml 
···

       
1

       
1

       
 

       
---


     

       
2

       

       
-

       
- hosts: debianservers


     

       

       
2

       
+

       
- hosts: debian_servers


     

       
3

       
3

       
 

       
  gather_facts: true


     

       
4

       
4

       
 

       
  become: true


     

       
5

       
5
+24 -10
freebsd-update.yml 
···

       
1

       
1

       
 

       
---


     

       
2

       

       
-

       
- hosts: freebsdservers


     

       

       
2

       
+

       
- hosts: freebsd_servers


     

       
3

       
3

       
 

       
  gather_facts: true


     

       
4

       
4

       
 

       
  become: true


     

       
5

       

       
-

       
  vars:


     

       
6

       

       
-

       
    jails:


     

       
7

       

       
-

       
      - aa-torrenting


     

       
8

       
5

       
 

       



     

       
9

       
6

       
 

       
  tasks:


     

       
10

       
7

       
 

       
    - name: Update all installed packages


     
···

       
12

       
9

       
 

       
        name: "*"


     

       
13

       
10

       
 

       
        state: latest


     

       
14

       
11

       
 

       



     

       
15

       

       
-

       
    - name: Update all installed packages in jails


     

       
16

       

       
-

       
      community.general.pkgng:


     

       
17

       

       
-

       
        name: "*"


     

       
18

       

       
-

       
        state: latest


     

       
19

       

       
-

       
        jail: "{{ item }}"


     

       
20

       

       
-

       
      with_items: "{{ jails }}"


     

       

       
12

       
+

       
    - name: Update the base system


     

       

       
13

       
+

       
      ansible.builtin.shell: freebsd-update fetch install --not-running-from-cron


     

       

       
14

       
+

       



     

       

       
15

       
+

       
    - name: Get currently running FreeBSD kernel version in memory


     

       

       
16

       
+

       
      ansible.builtin.shell: freebsd-version -r


     

       

       
17

       
+

       
      register: running_kv


     

       

       
18

       
+

       



     

       

       
19

       
+

       
    - name: Get newly installed kernel version


     

       

       
20

       
+

       
      ansible.builtin.shell: freebsd-version -k


     

       

       
21

       
+

       
      register: installed_kv


     

       

       
22

       
+

       



     

       

       
23

       
+

       
    - name: Check for kernel version mismatch


     

       

       
24

       
+

       
      set_fact:


     

       

       
25

       
+

       
        reboot_required: "{{ running_kv.stdout != installed_kv.stdout }}"


     

       

       
26

       
+

       



     

       

       
27

       
+

       
    - name: Display reboot status


     

       

       
28

       
+

       
      ansible.builtin.debug:


     

       

       
29

       
+

       
        msg: "Reboot required: {{ reboot_required }}"


     

       

       
30

       
+

       



     

       

       
31

       
+

       
    - name: Reboot the FreeBSD server if needed


     

       

       
32

       
+

       
      ansible.builtin.reboot:


     

       

       
33

       
+

       
        reboot_timeout: 3600


     

       

       
34

       
+

       
      when: reboot_required
+11 -7
inventory.yml 
···

       
1

       

       
-

       
borgmatichosts:


     

       

       
1

       
+

       
borgmatic_hosts:


     

       
2

       
2

       
 

       
  hosts:


     

       
3

       
3

       
 

       
    desktop:


     

       
4

       
4

       
 

       
      ansible_user: jas


     
···

       
17

       
17

       
 

       
      ansible_host: moonshadow.headscale.moonshadow.dev


     

       
18

       
18

       
 

       
      ansible_python_interpreter: /usr/local/bin/python3


     

       
19

       
19

       
 

       



     

       
20

       

       
-

       
debianservers:


     

       

       
20

       
+

       
debian_servers:


     

       
21

       
21

       
 

       
  hosts:


     

       
22

       
22

       
 

       
    hyperreal.coffee:


     

       
23

       
23

       
 

       
      ansible_user: jas


     
···

       
28

       
28

       
 

       
      ansible_host: rpi400.headscale.moonshadow.dev


     

       
29

       
29

       
 

       
      ansible_python_interpreter: /usr/bin/python3


     

       
30

       
30

       
 

       



     

       
31

       

       
-

       
freebsdservers:


     

       

       
31

       
+

       
freebsd_servers:


     

       
32

       
32

       
 

       
  hosts:


     

       
33

       
33

       
 

       
    nas:


     

       
34

       
34

       
 

       
      ansible_user: jas


     
···

       
39

       
39

       
 

       
      ansible_host: moonshadow.headscale.moonshadow.dev


     

       
40

       
40

       
 

       
      ansible_python_interpreter: /usr/local/bin/python3


     

       
41

       
41

       
 

       



     

       
42

       

       
-

       
promservers:


     

       

       
42

       
+

       
prom_servers:


     

       
43

       
43

       
 

       
  hosts:


     

       
44

       
44

       
 

       
    desktop:


     

       
45

       
45

       
 

       
      ansible_user: jas


     

       
46

       
46

       
 

       
      ansible_host: localhost


     

       
47

       
47

       
 

       
      ansible_python_interpreter: /usr/bin/python3


     

       
48

       
48

       
 

       



     

       
49

       

       
-

       
promclients:


     

       

       
49

       
+

       
prom_clients:


     

       
50

       
50

       
 

       
  children:


     

       
51

       

       
-

       
    debianservers:


     

       
52

       

       
-

       
    freebsdservers:


     

       

       
51

       
+

       
    debian_servers:


     

       

       
52

       
+

       
    freebsd_servers:


     

       

       
53

       
+

       



     

       

       
54

       
+

       
zfs_hosts:


     

       

       
55

       
+

       
  children:


     

       

       
56

       
+

       
    freebsd_servers:
+1 -1
prometheus-clients.yml 
···

       
1

       
1

       
 

       
---


     

       
2

       

       
-

       
- hosts: promclients


     

       

       
2

       
+

       
- hosts: prom_clients


     

       
3

       
3

       
 

       
  tasks:


     

       
4

       
4

       
 

       
    - name: Import Node Exporter role


     

       
5

       
5

       
 

       
      import_role:
+1 -1
prometheus-servers.yml 
···

       
1

       
1

       
 

       
---


     

       
2

       

       
-

       
- hosts: promservers


     

       

       
2

       
+

       
- hosts: prom_servers


     

       
3

       
3

       
 

       
  tasks:


     

       
4

       
4

       
 

       
    - name: Import Node Exporter role


     

       
5

       
5

       
 

       
      import_role:
+1 -1
remote-logging-setup.yml 
···

       
1

       
1

       
 

       
---


     

       
2

       

       
-

       
- hosts: debianservers,freebsdservers


     

       

       
2

       
+

       
- hosts: debian_servers,freebsd_servers


     

       
3

       
3

       
 

       
  gather_facts: true


     

       
4

       
4

       
 

       
  become: true


     

       
5

       
5
+38
zfs-log-compress.yml 
···

       

       
1

       
+

       
# Based on https://github.com/FreeBSDFoundation/blog/blob/main/zfs-log-compression-on-freebsd/zfs_log_compress.yml


     

       

       
2

       
+

       
---


     

       

       
3

       
+

       
- name: Remove log compression on FreeBSD host, add timestamps to rotated logs


     

       

       
4

       
+

       
  hosts: zfs_hosts


     

       

       
5

       
+

       
  gather_facts: true


     

       

       
6

       
+

       
  become: true


     

       

       
7

       
+

       
  tasks:


     

       

       
8

       
+

       
    - name: Set compression of /var/log dataset to zstd


     

       

       
9

       
+

       
      community.general.zfs:


     

       

       
10

       
+

       
        name: zroot/var/log


     

       

       
11

       
+

       
        state: present


     

       

       
12

       
+

       
        extra_zfs_properties:


     

       

       
13

       
+

       
          compression: zstd


     

       

       
14

       
+

       



     

       

       
15

       
+

       
    - name: Remove 'J' from the newsyslog.conf file


     

       

       
16

       
+

       
      ansible.builtin.replace:


     

       

       
17

       
+

       
        path: /etc/newsyslog.conf


     

       

       
18

       
+

       
        regexp: "^J|J"


     

       

       
19

       
+

       
        replace: ""


     

       

       
20

       
+

       
      notify: "Restart newsyslog service"


     

       

       
21

       
+

       



     

       

       
22

       
+

       
    - name: Use timestamps instead of numbers for log rotations


     

       

       
23

       
+

       
      ansible.builtin.replace:


     

       

       
24

       
+

       
        path: /etc/crontab


     

       

       
25

       
+

       
        regexp: "newsyslog$"


     

       

       
26

       
+

       
        replace: "newsyslog -t DEFAULT"


     

       

       
27

       
+

       
      notify: "Restart syslogd service"


     

       

       
28

       
+

       



     

       

       
29

       
+

       
  handlers:


     

       

       
30

       
+

       
    - name: Restart newsyslog service


     

       

       
31

       
+

       
      ansible.builtin.service:


     

       

       
32

       
+

       
        name: newsyslog


     

       

       
33

       
+

       
        state: restarted


     

       

       
34

       
+

       



     

       

       
35

       
+

       
    - name: Restart syslogd service


     

       

       
36

       
+

       
      ansible.builtin.service:


     

       

       
37

       
+

       
        name: syslogd


     

       

       
38

       
+

       
        state: restarted