diff --git a/all.yml b/all.yml index 4a7556d..1ddb001 100644 --- a/all.yml +++ b/all.yml @@ -68,9 +68,3 @@ tags: - alerts - # - name: Show ssh backup - # debug: - # msg: "{{ ssh_backup }}" - # tags: - # - always - # - test diff --git a/group_vars/perso.yml b/group_vars/perso.yml index d0110e6..c372977 100644 --- a/group_vars/perso.yml +++ b/group_vars/perso.yml @@ -116,6 +116,12 @@ alert_server_ssl: gitea.jingoh.fr # CHISEL # ########## +chisel_version: 1.8.1 +chisel_server_host: 163.172.84.28 +chisel_server_port: 8080 +chisel_client_auth_username: user +chisel_client_auth_password: pass + chisel_remove_all: - "{{ chisel_service_destination }}" - "{{ chisel_config_folder }}" diff --git a/host_vars/ovh_fr.yml b/host_vars/ovh_fr.yml index 71db419..6acc874 100644 --- a/host_vars/ovh_fr.yml +++ b/host_vars/ovh_fr.yml @@ -16,14 +16,8 @@ apt_repositories_sources: ########## chisel_server: false -chisel_client_auth_username: user -chisel_client_auth_password: pass -chisel_version: 1.8.1 -chisel_client_server_url: 163.172.84.28:8080 -chisel_client_remotes: R:163.172.84.28:socks -chisel_server_port: 8080 - - +chisel_client_server_url: "{{ chisel_server_host }}:8080" +chisel_client_remotes: "R:{{ chisel_server_host }}:socks" chisel_service_name: chisel-client chisel_config_name: chisel-client @@ -33,10 +27,6 @@ chisel_conf: regexp: "^AUTH=--auth {{ chisel_client_auth_username }}:{{ chisel_client_auth_password }}" state: present line: "AUTH=--auth {{ chisel_client_auth_username }}:{{ chisel_client_auth_password }}" - # - path: "/etc/chisel/{{ chisel_config_name }}.conf" - # regexp: "^HOSTNAME=--hostname {{ chisel_client_server_url }}" - # state: present - # line: "HOSTNAME=--hostname {{ chisel_client_server_url }}" - path: "/etc/chisel/{{ chisel_config_name }}.conf" regexp: "^FINGERPRINT=--fingerprint {{ chisel_client_server_fingerprint }}" state: present diff --git a/host_vars/scaleway_fr.yml b/host_vars/scaleway_fr.yml index e4ce31f..46fbb8c 100644 --- a/host_vars/scaleway_fr.yml +++ b/host_vars/scaleway_fr.yml @@ -106,8 +106,8 @@ logrotate_scripts: - missingok - notifempty - create 0644 root root - - name: dockerapps - path: /opt/dockerapps/logs/homeserver/*.log + - name: dockerapps-git + path: /opt/dockerapps/logs/homeserver/git*.log options: - rotate 12 - monthly @@ -115,14 +115,41 @@ logrotate_scripts: - missingok - delaycompress scripts: - - name: restart gitea - script: docker-compose restart gitea - - name: restart vaultwarden - script: docker-compose restart vaultwarden - - name: restart grafana - script: docker-compose restart grafana - - name: restart traefrik - script: docker-compose restart traefrik + postrotate: docker-compose restart gitea + - name: dockerapps-grafa + path: /opt/dockerapps/logs/homeserver/grafa*.log + options: + - rotate 12 + - monthly + - compress + - missingok + - delaycompress + scripts: + postrotate: docker-compose restart grafana + - name: dockerapps-traef + path: /opt/dockerapps/logs/homeserver/traef*.log + options: + - rotate 12 + - monthly + - compress + - missingok + - delaycompress + scripts: + postrotate: docker-compose restart traefik + - name: dockerapps-vault + path: /opt/dockerapps/logs/homeserver/vault*.log + options: + - rotate 12 + - monthly + - compress + - missingok + - delaycompress + scripts: + postrotate: docker-compose restart vault + # name: restart gitea + # script: docker-compose restart gitea + # - postrotate: docker-compose restart vaultwarden + # - postrotate: docker-compose restart grafana ########## @@ -131,12 +158,9 @@ logrotate_scripts: # SHOULD BE IN [server] GROUP chisel_server: true -chisel_version: 1.8.1 -chisel_basic_auth: "user:pass" +chisel_basic_auth: "{{ chisel_client_auth_username }}:{{ chisel_client_auth_password }}" chisel_service_name: chisel-server -chisel_server_host: 163.172.84.28 chisel_config_name: chisel-server -chisel_server_port: 8080 chisel_proxychains_conf: # chisel enable socks5, reverse and basic auth - path: "/etc/chisel/{{ chisel_config_name }}.conf"