crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

needrestart and unattended upgrades configuration

main
_shirenn 2022-12-17 16:29:07 +01:00
parent c95cf063d5
commit a2f4d70f4d
62 changed files with 348 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
host_vars/apprentis.adm.crans.org.yml
View File

@ -1,3 +1,9 @@
---
interfaces:
adm: ens18
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/backup-ft.adm.crans.org.yml
View File

@ -2,6 +2,12 @@
interfaces:
adm: ens18
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_home_nounou:
mounts:
- ip: "{{ query('ldap', 'ip4', 'ft', 'adm') }}"

6
host_vars/backup-thot.adm.crans.org.yml
View File

@ -2,6 +2,12 @@
interfaces:
adm: ens18
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_home_nounou:
mounts:
- ip: "{{ query('ldap', 'ip4', 'thot', 'adm') }}"

6
host_vars/belenios.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: eth0
srv_nat: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/boeing.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: ens18
srv: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_wireguard:
tunnels:
- name: "sputnik"

3
host_vars/cameron.adm.crans.org
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_borg:
to_exclude:
- /var/mail

6
host_vars/cas.adm.crans.org.yml
View File

@ -1,3 +1,9 @@
---
interfaces:
adm: eth0
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/constellation-dev.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: eth0
srv_nat: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_constellation:
allowed_hosts:
- 'constellation-dev.crans.org'

3
host_vars/daneel.adm.crans.org.yml
View File

@ -3,3 +3,6 @@ interfaces:
disable: true
adm: ens18
san: ens19
loc_needrestart:
override: []

3
host_vars/daniel.adm.crans.org.yml
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_slapd:
ip: "{{ query('ldap', 'ip4', 'daniel', 'adm') }}"
replica: true

6
host_vars/eclat.adm.crans.org.yml
View File

@ -4,6 +4,12 @@ interfaces:
san: ens19
srv: ens20
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_nfs_mount:
mounts:
- ip: "{{ query('ldap', 'ip4', 'tealc', 'san') }}"

3
host_vars/en7.adm.crans.org.yml
View File

@ -3,6 +3,9 @@ interfaces:
adm: ens18
renater: ens19
loc_needrestart:
override: []
loc_bind:
default:
type: slave

6
host_vars/ethercalc.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: eth0
srv_nat: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/flirt.adm.crans.org.yml
View File

@ -1,3 +1,9 @@
---
interfaces:
adm: ens18
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/fluxx.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: eth0
srv: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []

3
host_vars/ft.adm.crans.org.yml
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_borg:
to_backup:
- /etc

6
host_vars/fyre.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: eth0
srv_nat: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_prometheus:
node:
config:

6
host_vars/gitlab-ci.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: eth0
srv_nat: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []

7
host_vars/gitzly.adm.crans.org.yml
View File

@ -3,6 +3,13 @@ interfaces:
adm: ens18
srv: ens19
loc_unattended:
reboot: true
blacklist: [ "gitlab"]
loc_needrestart:
override: []
loc_certbot:
- mail: root@crans.org
certname: crans.org

3
host_vars/gulp.adm.crans.org.yml
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_debian_images:
include_extra_images: true

6
host_vars/helloworld.adm.crans.org.yml
View File

@ -4,5 +4,11 @@ interfaces:
srv_nat: ens19
lp: ens20
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_snmp_exporter:
listen_address: "{{ query('ldap', 'ip4', 'helloworld', 'adm') }}:9116"

6
host_vars/hodaur.adm.crans.org.yml
View File

@ -3,5 +3,11 @@ interfaces:
adm: ens18
srv: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_autoconfig:
path: /var/www/autoconfig.crans.org

6
host_vars/horde.adm.crans.org.yml
View File

@ -1,3 +1,9 @@
---
interfaces:
adm: eth0
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/irc.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: ens18
srv: ens19
loc_needrestart:
override:
- inspircd
- anope
- thelounge
loc_nginx:
service_name: "thelounge"
servers:

3
host_vars/jack.adm.crans.org.yml
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_slapd:
ip: "{{ query('ldap', 'ip4', 'jack', 'adm') }}"
replica: true

6
host_vars/jitsi.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: ens18
srv: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []

3
host_vars/kameron.adm.crans.org.yml
View File

@ -3,3 +3,6 @@ interfaces:
adm: ens18
san: ens19
zef: ens20
loc_needrestart:
override: []

6
host_vars/kenobi.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: ens18
srv_nat: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/kiwi.adm.crans.org.yml
View File

@ -3,5 +3,11 @@ interfaces:
adm: ens18
srv_nat: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_moinmoin:
main: true

6
host_vars/linx.adm.crans.org.yml
View File

@ -2,5 +2,11 @@
interfaces:
adm: ens18
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_linx:
ip: "{{ query('ldap', 'ip', 'linx', 'adm') | first }}"

3
host_vars/listenup.adm.crans.org.yml
View File

@ -3,3 +3,6 @@ interfaces:
disable: true
adm: ens18
san: ens19
loc_needrestart:
override: []

6
host_vars/mailman.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: eth0
srv: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/neree.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: eth0
srv: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []

6
host_vars/netns.adm.crans.org
View File

@ -1,3 +1,9 @@
---
interfaces:
adm: ens18
loc_unattended:
reboot: true
loc_needrestart:
override: []

3
host_vars/odlyd.adm.crans.org.yml
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_debian_images:
include_extra_images: true

3
host_vars/otter.adm.crans.org.yml
View File

@ -3,3 +3,6 @@ interfaces:
adm: ens18
san: ens19
zef: ens20
loc_needrestart:
override: []

6
host_vars/owl.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: eth0
srv: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_dovecot:
cert_path: /etc/letsencrypt/live/crans.org

8
host_vars/owncloud.adm.crans.org.yml
View File

@ -4,6 +4,14 @@ interfaces:
san: eth1
srv_nat: eth2
loc_unattended:
reboot: true
blacklist:
- owncloud
loc_needrestart:
override: []
loc_ldap:
base_dn: "{{ vault.slapd.re2o.admin.binddn }}"
password: "{{ vault.slapd.re2o.admin.bindpass }}"

6
host_vars/proxy-pve-adh.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: ens18
srv: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []

12
host_vars/ptf.adm.crans.org.yml
View File

@ -4,6 +4,18 @@ interfaces:
san: ens19
srv: ens20
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_nfs_mount:
mounts:
- ip: "{{ query('ldap', 'ip4', 'tealc', 'san') }}"

6
host_vars/re2o-dev.adm.crans.org.yml
View File

@ -3,5 +3,11 @@ interfaces:
adm: eth0
srv_nat: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_re2o_ldap_replica:
url: "ldaps://{{ query('ldap', 'ip4', 'yson-partou', 'adm') }}:636"

6
host_vars/re2o.adm.crans.org.yml
View File

@ -4,6 +4,12 @@ interfaces:
srv_nat: eth1
infra: eth2
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_re2o:
owner: www-data
group: _nounou

6
host_vars/redisdead.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: eth0
srv: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []
postfix:
primary: true
secondary: false

6
host_vars/romanesco.adm.crans.org.yml
View File

@ -4,6 +4,12 @@ interfaces:
srv: ens19
adh: ens20
loc_unattended:
reboot: true
loc_needrestart:
override: []
unbound:
verbosity: 1
interfaces:

6
host_vars/roundcube.adm.crans.org.yml
View File

@ -2,3 +2,9 @@
interfaces:
adm: eth0
srv_nat: eth1
loc_unattended:
reboot: true
loc_needrestart:
override: []

8
host_vars/routeur-2754.adm.crans.org.yml
View File

@ -2,3 +2,11 @@
interfaces:
adm: ens18
srv: ens21
loc_unattended:
blacklist:
- linux
- nftables
loc_needrestart:
override: []

9
host_vars/routeur-daniel.adm.crans.org/vars.yml
View File

@ -8,3 +8,12 @@ interfaces:
srv_nat: ens22
adh: ens23
ens: ens1
loc_unattended:
blacklist:
- linux
- nftables
loc_needrestart:
override:
- bird2

6
host_vars/routeur-ft.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: ens18
auto: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_wireguard:
tunnels:
- name: "boeing"

9
host_vars/routeur-jack.adm.crans.org/vars.yml
View File

@ -8,3 +8,12 @@ interfaces:
srv_nat: ens22
adh: ens23
ens: ens1
loc_unattended:
blacklist:
- linux
- nftables
loc_needrestart:
override:
- bird2

9
host_vars/routeur-sam.adm.crans.org/vars.yml
View File

@ -8,3 +8,12 @@ interfaces:
srv_nat: ens22
adh: ens23
ens: ens1
loc_unattended:
blacklist:
- linux
- nftables
loc_needrestart:
override:
- bird2

6
host_vars/routeur-thot.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: ens18
auto: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_wireguard:
tunnels:
- name: "boeing"

3
host_vars/sam.adm.crans.org.yml
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_borg:
to_backup:
- /etc

6
host_vars/silice.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: eth1
srv: eth0
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_bind:
options:
secondaries: "{{ query('ldap', 'ip', 'sputnik', 'adm') | union(query('ldap', 'ip', 'en7', 'adm')) }}"

6
host_vars/sputnik.adm.crans.org.yml
View File

@ -1,4 +1,10 @@
---
interfaces:
disable: true
loc_needrestart:
override: []
debian_mirror: http://deb.debian.org/debian
postfix:

3
host_vars/stitch.adm.crans.org.yml
View File

@ -2,5 +2,8 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_debian_images:
include_extra_images: true

4
host_vars/tealc.adm.crans.org.yml
View File

@ -2,6 +2,10 @@
interfaces:
disable: true
loc_needrestart:
override:
- postgresql
debian_mirror: 'file:/pool/mirror/pub/debian'
loc_postgres:

3
host_vars/tealch.adm.crans.org.yml
View File

@ -3,3 +3,6 @@ interfaces:
adm: ens18
san: ens19
zef: ens20
loc_needrestart:
override: []

3
host_vars/thot.adm.crans.org.yml
View File

@ -2,6 +2,9 @@
interfaces:
disable: true
loc_needrestart:
override: []
loc_borg:
to_backup:
- /etc

6
host_vars/trinity.adm.crans.org.yml
View File

@ -3,6 +3,12 @@ interfaces:
adm: ens18
srv_nat: ens19
loc_unattended:
reboot: true
loc_needrestart:
override: []
loc_matrix_synapse:
database:
user: synapse

6
host_vars/wall-e.adm.crans.org
View File

@ -2,6 +2,12 @@
interfaces:
adm: ens18
loc_unattended:
automatic_reboot: true
loc_needrestart:
override: []
loc_slapd:
ip: "{{ query('ldap', 'ip', 'wall-e', 'adm') | ipv4 | first }}"
replica: false

6
host_vars/yson-partou.adm.crans.org.yml
View File

@ -1,3 +1,9 @@
---
interfaces:
adm: eth0
loc_unattended:
automatic_reboot: true
loc_needrestart:
override: []

9
host_vars/zamok.adm.crans.org.yml
View File

@ -2,6 +2,15 @@
interfaces:
disable: true
loc_unattended:
blacklist:
- linux
- nftables
loc_needrestart:
override:
- thelounge
loc_borg:
to_exclude:
- /var/mail