semaphore/host_vars/scaleway_fr.yml

---
  #######
  # APT #
  #######

apt_packages:
  - name: openssh-server
  - name: proxychains
  
apt_repositories_sources:
  - deb http://mirrors.online.net/ubuntu focal main restricted
  - deb http://mirrors.online.net/ubuntu focal-updates main restricted
  - deb http://mirrors.online.net/ubuntu focal universe
  - deb http://mirrors.online.net/ubuntu focal-updates universe
  - deb http://mirrors.online.net/ubuntu focal multiverse
  - deb http://mirrors.online.net/ubuntu focal-updates multiverse
  - deb http://mirrors.online.net/ubuntu focal-backports main restricted universe multiverse
  - deb http://security.ubuntu.com/ubuntu focal-security main restricted
  - deb http://security.ubuntu.com/ubuntu focal-security universe
  - deb http://security.ubuntu.com/ubuntu focal-security multiverse

  ############
  # ALERTING #
  ############

alerts_cron:
  - name: storage
    weekday: 0
    minute: 0
    hour: 15
    user: root
    job: "/usr/local/scripts/alerts.sh storage >/dev/null 2>&1"
    cron_file: alerts
  - name: load
    weekday: "*"
    minute: "*/5"
    hour: "*"
    user: root
    job: "/usr/local/scripts/alerts.sh load >/dev/null 2>&1"
    cron_file: alerts
  - name: cpu
    weekday: "*"
    minute: "*/5"
    hour: "*"
    user: root
    job: "/usr/local/scripts/alerts.sh cpu >/dev/null 2>&1"
    cron_file: alerts
  - name: ping
    weekday: "*"
    minute: "*"
    hour: 12
    user: root
    job: "/usr/local/scripts/alerts.sh ping >/dev/null 2>&1"
    cron_file: alerts
  - name: ssl
    weekday: "*"
    minute: 0
    hour: 15
    user: root
    job: "/usr/local/scripts/alerts.sh ssl >/dev/null 2>&1"
    cron_file: alerts
  - name: storage
    weekday: 0
    minute: 0
    hour: 15
    user: root
    job: "/usr/local/scripts/alerts.sh storage >/dev/null 2>&1"
    cron_file: alerts
  - name: backup_git
    weekday: "*"
    minute: 0
    hour: 18
    user: root
    job: "/usr/local/scripts/alerts.sh backup_git >/dev/null 2>&1"
    cron_file: alerts
  - name: backup_vault
    weekday: "*"
    minute: 0
    hour: 20
    user: root
    job: "/usr/local/scripts/alerts.sh backup_vault >/dev/null 2>&1"
    cron_file: alerts

alerts_storage: scaleway
alerts_load: scaleway
alerts_ping: ovh
alerts_health: scaleway
alerts_backup_gitea: scaleway
alerts_backup_vault: scaleway
alerts_cpu: scaleway
alerts_ssl: scaleway

  ##############
  # LOG ROTATE #
  ##############

logrotate_scripts:
  - name: backup
    paths:
      - /opt/dockerapps/backup/*.zip
      - /opt/dockerapps/appdata/vaultwarden/backup/*.tar.xz.gpg
    options:
      - daily
      - rotate 4
      - compress
      - missingok
      - notifempty
      - create 0644 root root
  - name: dockerapps
    path: /opt/dockerapps/logs/homeserver/*.log
    options:
      - rotate 12
      - monthly
      - compress
      - missingok
      - delaycompress
    scripts:
      - name: restart gitea
        script: docker-compose restart gitea
      - name: restart vaultwarden
        script: docker-compose restart vaultwarden
      - name: restart grafana
        script: docker-compose restart grafana
      - name: restart traefrik
        script: docker-compose restart traefrik


##########
# CHISEL #
##########

chisel_server: true
chisel_service_name: chisel-server
chisel_config_name: chisel-server
chisel_server_host: 163.172.84.28
chisel_server_port: 8080
chisel_proxychains_conf:
# chisel enable socks5
  - path: "/etc/chisel/{{ chisel_config_name }}"
    regexp: "^SOCK5=--socks5"
    state: present
# chisel enable reverse
  - path: "/etc/chisel/{{ chisel_config_name }}"
    regexp: "^PID=--reverse"
    state: present
# chisel set up basic auth
  - path: "/etc/chisel/{{ chisel_config_name }}"
    regexp: "^AUTH=--auth {{ chisel_basic_auth }}"
    state: present
# proxychains replace socks4 to socks5
  - path: "/etc/proxychains.conf"
    regexp: "^socks4 	127.0.0.1 9050"
    state: "absent"
  - path: "/etc/proxychains.conf"
    regexp: "^socks5 {{ chisel_server_host }} 1080"
    state: present