add roles

all.yml

@@ -31,10 +31,43 @@
     - { role: willshersystems.sshd, tags: ssh }
     - { role: claranet.apt, tags: apt }
     - { role: robertdebock.fail2ban, tags: ban }
-    - { role: ome.rsync_server, tags: rsync }
+    - { role: nickhammond.logrotate, tags: log,
+        vars: "{{ logrotate_files }}" 
+      }
 
   tasks:
 
+      - name: Ensure scripts directory exist
+        file:
+          path: /usr/local/scripts/
+          state: directory
+          owner: root
+          group: root 
+          mode: 0755
+        tags:
+          - alerts
+
+      - name: create the main alertings bash script file
+        template:
+          src: "../templates/alerts.sh.j2"
+          dest: "/usr/local/scripts/alerts.sh"
+          owner: root
+          group: root
+          mode: 0744
+        tags:
+          - alerts
+
+      - name: Creates a cron file for alerts under /etc/cron.d
+        ansible.builtin.cron:
+          name: "{{ item.name }}"
+          weekday: "{{ item.weekday }}"
+          minute: "{{ item.minute }}"
+          hour: "{{ item.hour }}"
+          user: "{{ item.user }}"
+          job: "{{ item.job }}"
+          cron_file: "{{ item.cron_file }}"
+        loop: "{{ alerts_cron }}"
+
     # - name: Show ssh backup
     #   debug:
     #     msg: "{{ ssh_backup }}"

host_vars/scaleway_fr.yml

@@ -1,3 +1,87 @@
 ---
-apt_repositories: 
-  - http://mirrors.online.net      
+# apt_repositories: 
+#   - http://mirrors.online.net      
+
+apt_repositories_sources:
+  - deb http://mirrors.online.net/ubuntu focal main restricted
+  - deb http://mirrors.online.net/ubuntu focal-updates main restricted
+  - deb http://mirrors.online.net/ubuntu focal universe
+  - deb http://mirrors.online.net/ubuntu focal-updates universe
+  - deb http://mirrors.online.net/ubuntu focal multiverse
+  - deb http://mirrors.online.net/ubuntu focal-updates multiverse
+  - deb http://mirrors.online.net/ubuntu focal-backports main restricted universe multiverse
+  - deb http://security.ubuntu.com/ubuntu focal-security main restricted
+  - deb http://security.ubuntu.com/ubuntu focal-security universe
+  - deb http://security.ubuntu.com/ubuntu focal-security multiverse
+
+alerts_cron:
+  - name: storage
+    weekday: 0
+    minute: 0
+    hour: 15
+    user: root
+    job: "/usr/local/scripts/alerts.sh storage >/dev/null 2>&1"
+    cron_file: alerts
+  - name: load
+    weekday: "*"
+    minute: "*/5"
+    hour: "*"
+    user: root
+    job: "/usr/local/scripts/alerts.sh load >/dev/null 2>&1"
+    cron_file: alerts
+  - name: cpu
+    weekday: "*"
+    minute: "*/5"
+    hour: "*"
+    user: root
+    job: "/usr/local/scripts/alerts.sh cpu >/dev/null 2>&1"
+    cron_file: alerts
+  - name: ping
+    weekday: "*"
+    minute: "*"
+    hour: 0
+    user: root
+    job: "/usr/local/scripts/alerts.sh ping >/dev/null 2>&1"
+    cron_file: alerts
+  - name: ssl
+    weekday: "*"
+    minute: 0
+    hour: 15
+    user: root
+    job: "/usr/local/scripts/alerts.sh ssl >/dev/null 2>&1"
+    cron_file: alerts
+  - name: storage
+    weekday: 0
+    minute: 0
+    hour: 15
+    user: root
+    job: "/usr/local/scripts/alerts.sh storage >/dev/null 2>&1"
+    cron_file: alerts
+  - name: backup_git
+    weekday: "*"
+    minute: 0
+    hour: 18
+    user: root
+    job: "/usr/local/scripts/alerts.sh backup_git >/dev/null 2>&1"
+    cron_file: alerts
+  - name: backup_vault
+    weekday: "*"
+    minute: 0
+    hour: 20
+    user: root
+    job: "/usr/local/scripts/alerts.sh backup_vault >/dev/null 2>&1"
+    cron_file: alerts
+
+
+logrotate_files:
+  - name: backup
+    paths:
+      - /opt/dockerapps/backup/*.zip
+      - /opt/dockerapps/appdata/vaultwarden/backup/*.tar.xz.gpg
+    options:
+      - daily
+      - rotate 4
+      - compress
+      - missingok
+      - notifempty
+      - create 0644 root root