sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c62f16d2e237f5be6d0e6021d2a77a1b6aa4baf5
semaphore/host_vars/scaleway_fr.yml

212 lines
5.4 KiB
YAML
Raw Blame History

---
#######
# APT #
#######
apt_packages:
- name: openssh-server
- name: proxychains
apt_repositories_sources:
- deb http://mirrors.online.net/ubuntu focal main restricted
- deb http://mirrors.online.net/ubuntu focal-updates main restricted
- deb http://mirrors.online.net/ubuntu focal universe
- deb http://mirrors.online.net/ubuntu focal-updates universe
- deb http://mirrors.online.net/ubuntu focal multiverse
- deb http://mirrors.online.net/ubuntu focal-updates multiverse
- deb http://mirrors.online.net/ubuntu focal-backports main restricted universe multiverse
- deb http://security.ubuntu.com/ubuntu focal-security main restricted
- deb http://security.ubuntu.com/ubuntu focal-security universe
- deb http://security.ubuntu.com/ubuntu focal-security multiverse
############
# ALERTING #
############
alerts_cron:
- name: storage
weekday: 0
minute: 0
hour: 15
user: root
job: "/usr/local/scripts/alerts.sh storage >/dev/null 2>&1"
cron_file: alerts
- name: load
weekday: "*"
minute: "*/5"
hour: "*"
user: root
job: "/usr/local/scripts/alerts.sh load >/dev/null 2>&1"
cron_file: alerts
- name: cpu
weekday: "*"
minute: "*/5"
hour: "*"
user: root
job: "/usr/local/scripts/alerts.sh cpu >/dev/null 2>&1"
cron_file: alerts
- name: ping
weekday: "*"
minute: "*"
hour: 12
user: root
job: "/usr/local/scripts/alerts.sh ping >/dev/null 2>&1"
cron_file: alerts
- name: ssl
weekday: "*"
minute: 0
hour: 15
user: root
job: "/usr/local/scripts/alerts.sh ssl >/dev/null 2>&1"
cron_file: alerts
- name: storage
weekday: 0
minute: 0
hour: 15
user: root
job: "/usr/local/scripts/alerts.sh storage >/dev/null 2>&1"
cron_file: alerts
- name: backup_git
weekday: "*"
minute: 0
hour: 18
user: root
job: "/usr/local/scripts/alerts.sh backup_git >/dev/null 2>&1"
cron_file: alerts
- name: backup_vault
weekday: "*"
minute: 0
hour: 20
user: root
job: "/usr/local/scripts/alerts.sh backup_vault >/dev/null 2>&1"
cron_file: alerts
alerts_storage: scaleway
alerts_load: scaleway
alerts_ping: ovh
alerts_health: scaleway
alerts_backup_gitea: scaleway
alerts_backup_vault: scaleway
alerts_cpu: scaleway
alerts_ssl: scaleway
##############
# LOG ROTATE #
##############
logrotate_scripts:
- name: backup
paths:
- /opt/dockerapps/backup/*.zip
- /opt/dockerapps/appdata/vaultwarden/backup/*.tar.xz.gpg
options:
- daily
- rotate 4
- compress
- missingok
- notifempty
- create 0644 root root
- name: dockerapps-git
path: /opt/dockerapps/logs/homeserver/git*.log
options:
- rotate 12
- monthly
- compress
- missingok
- delaycompress
scripts:
postrotate: docker-compose restart gitea
- name: dockerapps-grafa
path: /opt/dockerapps/logs/homeserver/grafa*.log
options:
- rotate 12
- monthly
- compress
- missingok
- delaycompress
scripts:
postrotate: docker-compose restart grafana
- name: dockerapps-traef
path: /opt/dockerapps/logs/homeserver/traef*.log
options:
- rotate 12
- monthly
- compress
- missingok
- delaycompress
scripts:
postrotate: docker-compose restart traefik
- name: dockerapps-vault
path: /opt/dockerapps/logs/homeserver/vault*.log
options:
- rotate 12
- monthly
- compress
- missingok
- delaycompress
scripts:
postrotate: docker-compose restart vault
# name: restart gitea
# script: docker-compose restart gitea
# - postrotate: docker-compose restart vaultwarden
# - postrotate: docker-compose restart grafana
- name: dockerapps-backup
paths:
- /opt/dockerapps/backup/gitea-dump-*.zip
- /opt/dockerapps/appdata/vaultwarden/backup/*.gpg
- /opt/dockerapps/appdata/vaultwarden/backup/*gpg.1.gz
options:
- rotate 12
- monthly
- compress
- missingok
- delaycompress
##########
# CHISEL #
##########
# SHOULD BE IN [server] GROUP
chisel_server: true
chisel_basic_auth: "{{ chisel_client_auth_username }}:{{ chisel_client_auth_password }}"
chisel_service_name: chisel-server
chisel_config_name: chisel-server
chisel_proxychains_conf:
# chisel enable socks5, reverse and basic auth
- path: "/etc/chisel/{{ chisel_config_name }}.conf"
regexp: "^SOCK5=--socks5"
state: present
line: "SOCK5=--socks5"
- path: "/etc/chisel/{{ chisel_config_name }}.conf"
regexp: "^PID=--reverse"
state: present
line: "PID=--reverse"
- path: "/etc/chisel/{{ chisel_config_name }}.conf"
regexp: "^AUTH=--auth {{ chisel_basic_auth }}"
state: present
line: "AUTH=--auth {{ chisel_basic_auth }}"
- path: "/etc/chisel/{{ chisel_config_name }}.conf"
regexp: "^HOST=--host {{ chisel_server_host }}"
state: present
line: "HOST=--host {{ chisel_server_host }}"
# proxychains replace socks4 to socks5
- path: "/etc/proxychains.conf"
regexp: "^socks4 127.0.0.1 9050"
state: "absent"
- path: "/etc/proxychains.conf"
regexp: "^socks5 {{ chisel_server_host }} 1080"
state: present
line: "socks5 {{ chisel_server_host }} 1080"
dockerapp_tree_volumes:
- "gitlab"
# boostrap dockerapp:
dockerapp_tree_base_dir:
- "/opt/test"
dockerapp_service: lab
pip_executable: pip3
pip_install_packages:
- docker-compose
Reference in New Issue View Git Blame Copy Permalink