hypervisors/ansible/hypervisors.yml

---
- name: Prepare physical machines
  hosts: hypervisors

  handlers:
    - name: enable interfaces
      command:
        cmd: ifup -a

  pre_tasks:
    - name: Delete externally managed environment file
      shell:
        cmd: "rm /usr/lib/python*/EXTERNALLY-MANAGED"
      register: rm
      changed_when: "rm.rc == 0"
      failed_when: "false"

    - name: Set timezone
      timezone:
        name: Europe/Amsterdam

    - name: Create data directory
      file:
        path: /data
        state: directory
        mode: og=rwx

    - name: Copy interfaces configuration
      template:
        src: dmz.conf.j2
        dest: /etc/network/interfaces.d/dmz.conf
      register: interfaces

    - name: Enable interfaces
      command:
        cmd: ifup -a
      when: interfaces.changed

  roles:
    - {role: setup_apt, tags: setup_apt}
    - {role: libvirt, tags: libvirt}

- name: Setup special services
  hosts: atlas

  pre_tasks:
    - name: Create terraform database
      include_role:
        name: postgresql_database
      vars:
        database_name: terraform_state
        database_user: terraform
        database_password: "{{ terraform_db_password }}"

  roles:
    - {role: ssh_ca, tags: ssh_ca}

- hosts: hypervisors

  roles:
    - {role: ssh_ca_known_hosts, tags: ssh_ca_known_hosts}
    - {role: deploy_ssh_certificates, tags: deploy_ssh_certificates}

- name: Enable backups
  hosts: lewis
  roles:
    - {role: borg, tags: borg}
change directory structure 2023-04-24 17:28:53 +00:00			`---`
move to snapshots-based backups 2023-06-17 10:54:41 +00:00			`- name: Prepare physical machines`
			`hosts: hypervisors`
change directory structure 2023-04-24 17:28:53 +00:00
			`handlers:`
			`- name: enable interfaces`
			`command:`
			`cmd: ifup -a`

			`pre_tasks:`
move to snapshots-based backups 2023-06-17 10:54:41 +00:00			`- name: Delete externally managed environment file`
			`shell:`
			`cmd: "rm /usr/lib/python*/EXTERNALLY-MANAGED"`
			`register: rm`
			`changed_when: "rm.rc == 0"`
			`failed_when: "false"`

set timezone 2023-04-28 08:56:08 +00:00			`- name: Set timezone`
			`timezone:`
			`name: Europe/Amsterdam`

move to push backups 2023-04-25 20:02:00 +00:00			`- name: Create data directory`
			`file:`
			`path: /data`
			`state: directory`
remove data libvirt volume pool 2023-04-26 14:07:06 +00:00			`mode: og=rwx`
move to push backups 2023-04-25 20:02:00 +00:00
support for multiple hypervisors 2023-05-03 21:35:57 +00:00			`- name: Copy interfaces configuration`
put lewis in DMZ network 2023-06-08 18:37:52 +00:00			`template:`
			`src: dmz.conf.j2`
support for multiple hypervisors 2023-05-03 21:35:57 +00:00			`dest: /etc/network/interfaces.d/dmz.conf`
remove wireguard server for jefke 2023-05-04 11:43:33 +00:00			`register: interfaces`

			`- name: Enable interfaces`
			`command:`
			`cmd: ifup -a`
			`when: interfaces.changed`
support for multiple hypervisors 2023-05-03 21:35:57 +00:00
move to snapshots-based backups 2023-06-17 10:54:41 +00:00			`roles:`
			`- {role: setup_apt, tags: setup_apt}`
			`- {role: libvirt, tags: libvirt}`

			`- name: Setup special services`
			`hosts: atlas`

remove wireguard endpoint allow postgresql from everywhere with password terraform state without wireguard 2023-06-30 13:55:16 +00:00			`pre_tasks:`
			`- name: Create terraform database`
			`include_role:`
			`name: postgresql_database`
			`vars:`
			`database_name: terraform_state`
			`database_user: terraform`
			`database_password: "{{ terraform_db_password }}"`

move to snapshots-based backups 2023-06-17 10:54:41 +00:00			`roles:`
			`- {role: ssh_ca, tags: ssh_ca}`

			`- hosts: hypervisors`
report backup status using apprise 2023-05-10 16:54:43 +00:00
support for multiple hypervisors 2023-05-03 21:35:57 +00:00			`roles:`
extract roles 2023-04-26 17:29:58 +00:00			`- {role: ssh_ca_known_hosts, tags: ssh_ca_known_hosts}`
			`- {role: deploy_ssh_certificates, tags: deploy_ssh_certificates}`
add lewis as hypervisor change borg notification urls 2023-05-17 22:46:45 +00:00
move to snapshots-based backups 2023-06-17 10:54:41 +00:00			`- name: Enable backups`
			`hosts: lewis`
			`roles:`
			`- {role: borg, tags: borg}`