hyperreal.bsky.moonshadow.dev / ansible-homelab
Playbooks I use for my homelab
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+12 -67
freebsd-update.yml
inventory.yml
remote-logging-setup.yml
-8
freebsd-update.yml 
···

       
1

       

       
-

       
---


     

       
2

       
1

       
 

       
- hosts: freebsd_servers


     

       
3

       
2

       
 

       
  gather_facts: true


     

       
4

       
3

       
 

       
  become: true


     

       
5

       

       
-

       



     

       
6

       
4

       
 

       
  tasks:


     

       
7

       
5

       
 

       
    - name: Update all installed packages


     

       
8

       
6

       
 

       
      community.general.pkgng:


     

       
9

       
7

       
 

       
        name: "*"


     

       
10

       
8

       
 

       
        state: latest


     

       
11

       

       
-

       



     

       
12

       
9

       
 

       
    - name: Update the base system


     

       
13

       
10

       
 

       
      ansible.builtin.shell: freebsd-update fetch install --not-running-from-cron


     

       
14

       

       
-

       



     

       
15

       
11

       
 

       
    - name: Get currently running FreeBSD kernel version in memory


     

       
16

       
12

       
 

       
      ansible.builtin.shell: freebsd-version -r


     

       
17

       
13

       
 

       
      register: running_kv


     

       
18

       

       
-

       



     

       
19

       
14

       
 

       
    - name: Get newly installed kernel version


     

       
20

       
15

       
 

       
      ansible.builtin.shell: freebsd-version -k


     

       
21

       
16

       
 

       
      register: installed_kv


     

       
22

       

       
-

       



     

       
23

       
17

       
 

       
    - name: Check for kernel version mismatch


     

       
24

       
18

       
 

       
      set_fact:


     

       
25

       
19

       
 

       
        reboot_required: "{{ running_kv.stdout != installed_kv.stdout }}"


     

       
26

       

       
-

       



     

       
27

       
20

       
 

       
    - name: Display reboot status


     

       
28

       
21

       
 

       
      ansible.builtin.debug:


     

       
29

       
22

       
 

       
        msg: "Reboot required: {{ reboot_required }}"


     

       
30

       

       
-

       



     

       
31

       
23

       
 

       
    - name: Reboot the FreeBSD server if needed


     

       
32

       
24

       
 

       
      ansible.builtin.reboot:


     

       
33

       
25

       
 

       
        reboot_timeout: 3600
+10 -47
inventory.yml 
···

       
1

       
1

       
 

       
borgmatic_hosts:


     

       
2

       
2

       
 

       
  hosts:


     

       
3

       

       
-

       
    hyperreal:


     

       

       
3

       
+

       
    desktop:


     

       
4

       
4

       
 

       
      ansible_user: jas


     

       
5

       

       
-

       
      ansible_host: hyperreal.carp-wyvern.ts.net


     

       

       
5

       
+

       
      ansible_host: desktop.carp-wyvern.ts.net


     

       
6

       
6

       
 

       
      ansible_python_interpreter: /usr/bin/python3


     

       
7

       
7

       
 

       
    nas:


     

       
8

       
8

       
 

       
      ansible_user: jas


     

       
9

       
9

       
 

       
      ansible_host: nas.carp-wyvern.ts.net


     

       
10

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
11

       

       
-

       
    dietpi:


     

       
12

       

       
-

       
      ansible_user: jas


     

       
13

       

       
-

       
      ansible_host: dietpi.carp-wyvern.ts.net


     

       
14

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
15

       

       
-

       
rhel_servers:


     

       
16

       

       
-

       
  hosts:


     

       
17

       

       
-

       
    hws:


     

       
18

       

       
-

       
      ansible_user: jas


     

       
19

       

       
-

       
      ansible_host: hws.carp-wyvern.ts.net


     

       
20

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       

       
10

       
+

       
      ansible_python_interpreter: /usr/local/bin/python3.11


     

       
21

       
11

       
 

       
debian_servers:


     

       
22

       
12

       
 

       
  hosts:


     

       
23

       

       
-

       
    dietpi:


     

       
24

       

       
-

       
      ansible_user: dietpi


     

       
25

       

       
-

       
      ansible_host: dietpi.carp-wyvern.ts.net


     

       
26

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
27

       

       
-

       
    hyperreal:


     

       
28

       

       
-

       
      ansible_user: jas


     

       
29

       

       
-

       
      ansible_host: hyperreal.carp-wyvern.ts.net


     

       
30

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
31

       

       
-

       
    nas-aux:


     

       

       
13

       
+

       
    moonshadow:


     

       
32

       
14

       
 

       
      ansible_user: jas


     

       
33

       

       
-

       
      ansible_host: nas-aux.carp-wyvern.ts.net


     

       
34

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
35

       

       
-

       
    bsky-pds:


     

       
36

       

       
-

       
      ansible_user: jas


     

       
37

       

       
-

       
      ansible_host: bsky-pds.carp-wyvern.ts.net


     

       
38

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
39

       

       
-

       
    aux-remote:


     

       
40

       

       
-

       
      ansible_user: jas


     

       
41

       

       
-

       
      ansible_host: aux-remote.carp-wyvern.ts.net


     

       

       
15

       
+

       
      ansible_host: moonshadow.carp-wyvern.ts.net


     

       
42

       
16

       
 

       
      ansible_python_interpreter: /usr/bin/python3


     

       
43

       
17

       
 

       
freebsd_servers:


     

       
44

       
18

       
 

       
  hosts:


     

       
45

       
19

       
 

       
    nas:


     

       
46

       

       
-

       
      ansible_user: jas


     

       

       
20

       
+

       
      ansible_user: root


     

       
47

       
21

       
 

       
      ansible_host: nas.carp-wyvern.ts.net


     

       
48

       
22

       
 

       
      ansible_python_interpreter: /usr/local/bin/python3.11


     

       
49

       

       
-

       
prom_servers:


     

       
50

       

       
-

       
  hosts:


     

       
51

       

       
-

       
    nas-aux:


     

       
52

       

       
-

       
      ansible_user: jas


     

       
53

       

       
-

       
      ansible_host: nas-aux.carp-wyvern.ts.net


     

       
54

       

       
-

       
      ansible_python_interpreter: /usr/bin/python3


     

       
55

       

       
-

       
prom_clients:


     

       
56

       

       
-

       
  children:


     

       
57

       

       
-

       
    debian_servers:


     

       
58

       

       
-

       
    rhel_servers:


     

       
59

       

       
-

       
remote_logging_clients:


     

       
60

       

       
-

       
  children:


     

       
61

       

       
-

       
    debian_servers:


     

       
62

       

       
-

       
    freebsd_servers:


     

       
63

       

       
-

       
    rhel_servers:


     

       

       
23

       
+

       
    tornode:


     

       

       
24

       
+

       
      ansible_user: root


     

       

       
25

       
+

       
      ansible_host: tornode


     

       

       
26

       
+

       
      ansible_python_interpreter: /usr/local/bin/python3.11
+2 -12
remote-logging-setup.yml 
···

       
1

       

       
-

       
---


     

       
2

       
1

       
 

       
- hosts: remote_logging_clients


     

       
3

       
2

       
 

       
  gather_facts: true


     

       
4

       
3

       
 

       
  become: true


     

       
5

       

       
-

       



     

       
6

       
4

       
 

       
  tasks:


     

       
7

       
5

       
 

       
    - name: Ensure rsyslog is installed


     

       
8

       
6

       
 

       
      ansible.builtin.package:


     

       
9

       
7

       
 

       
        name: rsyslog


     

       
10

       
8

       
 

       
        state: latest


     

       
11

       
9

       
 

       
      when: ansible_system == "Linux"


     

       
12

       

       
-

       



     

       
13

       
10

       
 

       
    - name: Ensure rsyslog is enabled


     

       
14

       
11

       
 

       
      ansible.builtin.systemd_service:


     

       
15

       
12

       
 

       
        name: rsyslog


     

       
16

       
13

       
 

       
        enabled: true


     

       
17

       
14

       
 

       
        state: started


     

       
18

       
15

       
 

       
      when: ansible_service_mgr == "systemd"


     

       
19

       

       
-

       



     

       
20

       
16

       
 

       
    - name: Remove any forwarding file if exists


     

       
21

       
17

       
 

       
      ansible.builtin.file:


     

       
22

       
18

       
 

       
        path: /etc/rsyslog.d/forward.conf


     

       
23

       
19

       
 

       
        state: absent


     

       
24

       
20

       
 

       
      when: ansible_system == "Linux"


     

       
25

       

       
-

       



     

       
26

       
21

       
 

       
    - name: Get remote logging server headnet IP address


     

       
27

       

       
-

       
      ansible.builtin.shell: tailscale status | grep "nas-aux" | awk '{print $1}'


     

       

       
22

       
+

       
      ansible.builtin.shell: tailscale status | grep "aux" | awk '{print $1}'


     

       
28

       
23

       
 

       
      register: ctrl_headnet_ip_addr


     

       
29

       
24

       
 

       
      changed_when: false


     

       
30

       
25

       
 

       
      failed_when: ctrl_headnet_ip_addr.rc != 0


     

       
31

       

       
-

       



     

       
32

       
26

       
 

       
    - name: Configure log forwarding


     

       
33

       
27

       
 

       
      ansible.builtin.blockinfile:


     

       
34

       
28

       
 

       
        path: /etc/rsyslog.d/forward.conf


     
···

       
37

       
31

       
 

       
        group: root


     

       
38

       
32

       
 

       
        mode: 0644


     

       
39

       
33

       
 

       
        block: |


     

       
40

       

       
-

       
          # Forward to nas-aux.ayu-matrix.ts.net ({{ctrl_headnet_ip_addr.stdout}})


     

       

       
34

       
+

       
          # Forward to aux.carp-wyvern.ts.net ({{ctrl_headnet_ip_addr.stdout}})


     

       
41

       
35

       
 

       
          *.* action(type="omfwd" target="{{ctrl_headnet_ip_addr.stdout}}" port="514" protocol="tcp"


     

       
42

       
36

       
 

       
              action.resumeRetryCount="100"


     

       
43

       
37

       
 

       
              queue.type="linkedList" queue.size="10000")


     

       
44

       
38

       
 

       
      when: ansible_system == "Linux"


     

       
45

       

       
-

       



     

       
46

       
39

       
 

       
    - name: Restart rsyslog


     

       
47

       
40

       
 

       
      ansible.builtin.systemd_service:


     

       
48

       
41

       
 

       
        name: rsyslog


     

       
49

       
42

       
 

       
        enabled: true


     

       
50

       
43

       
 

       
        state: restarted


     

       
51

       
44

       
 

       
      when: ansible_service_mgr == "systemd"


     

       
52

       

       
-

       



     

       
53

       
45

       
 

       
    - name: Set syslog flags for remote logging on FreeBSD


     

       
54

       
46

       
 

       
      ansible.builtin.shell: sysrc syslog_flags="-s -v -v"


     

       
55

       
47

       
 

       
      register: set_syslog_flags


     

       
56

       
48

       
 

       
      changed_when: '"syslog_flags:  -> YES" in set_syslog_flags.stdout'


     

       
57

       
49

       
 

       
      when: ansible_service_mgr == "bsdinit"


     

       
58

       

       
-

       



     

       
59

       
50

       
 

       
    - name: Set log forwarding on FreeBSD


     

       
60

       
51

       
 

       
      ansible.builtin.lineinfile:


     

       
61

       
52

       
 

       
        path: /etc/syslog.conf


     
···

       
65

       
56

       
 

       
        group: wheel


     

       
66

       
57

       
 

       
        mode: 0644


     

       
67

       
58

       
 

       
      when: ansible_system == "FreeBSD"


     

       
68

       

       
-

       



     

       
69

       
59

       
 

       
    - name: Restart syslogd


     

       
70

       
60

       
 

       
      ansible.builtin.service:


     

       
71

       
61

       
 

       
        name: syslogd