diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2024-01-08 14:41:22 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2024-01-08 14:43:04 +0100 |
| commit | e2a85dac446c7765c591ad394d423e08bdf91f13 (patch) | |
| tree | 61ddaa8363fdfc8fb45d968be66fa4f7f4c49121 | |
| parent | refactor: storage roles (diff) | |
cleanup testvm config
| -rw-r--r-- | chaos-at-home/ch-testvm-phoebe.yml | 6 | ||||
| -rw-r--r-- | chaos-at-home/ch-testvm-prometheus.yml | 4 | ||||
| -rw-r--r-- | inventory/host_vars/ch-testvm-phoebe.yml | 38 | ||||
| -rw-r--r-- | inventory/host_vars/ch-testvm-prometheus.yml | 75 | ||||
| -rw-r--r-- | roles/storage/lvm/base/defaults/main.yml | 2 |
5 files changed, 3 insertions, 122 deletions
diff --git a/chaos-at-home/ch-testvm-phoebe.yml b/chaos-at-home/ch-testvm-phoebe.yml index ee1145f5..e791839b 100644 --- a/chaos-at-home/ch-testvm-phoebe.yml +++ b/chaos-at-home/ch-testvm-phoebe.yml @@ -7,9 +7,3 @@ - role: core/sshd/base - role: core/zsh - role: core/ntp - -- name: Payload Setup - hosts: ch-testvm-phoebe - roles: - - role: x509/managed-ca/base - - role: mosquitto/client diff --git a/chaos-at-home/ch-testvm-prometheus.yml b/chaos-at-home/ch-testvm-prometheus.yml index aaae91d1..247beeac 100644 --- a/chaos-at-home/ch-testvm-prometheus.yml +++ b/chaos-at-home/ch-testvm-prometheus.yml @@ -11,6 +11,4 @@ - name: Payload Setup hosts: ch-testvm-prometheus roles: - - role: x509/managed-ca/base - - role: x509/managed-ca/ca - - role: mosquitto/broker + - role: storage/lvm/base diff --git a/inventory/host_vars/ch-testvm-phoebe.yml b/inventory/host_vars/ch-testvm-phoebe.yml index 7eae49e7..d15e4142 100644 --- a/inventory/host_vars/ch-testvm-phoebe.yml +++ b/inventory/host_vars/ch-testvm-phoebe.yml @@ -39,41 +39,3 @@ network: address: "{{ network_zones.iot.prefix | ansible.utils.ipaddr(network_zones.iot.offsets[inventory_hostname]) }}" ntp_variant: systemd-timesyncd - - -### -mosquitto_client_tls: - foo-consumer: - certificate_provider: managed-ca - certificate_config: - ca: - host: ch-testvm-prometheus - name: foo - cert: - common_name: consumer - organization_name: "spreadspace" - organizational_unit_name: "ansible" - san_extra: - - "IP:192.168.32.43" - extended_key_usage: - - clientAuth - extended_key_usage_critical: yes - create_subject_key_identifier: yes - not_after: +100w - foo-producer: - certificate_provider: managed-ca - certificate_config: - ca: - host: ch-testvm-prometheus - name: foo - cert: - common_name: producer - organization_name: "spreadspace" - organizational_unit_name: "ansible" - san_extra: - - "IP:192.168.32.43" - extended_key_usage: - - clientAuth - extended_key_usage_critical: yes - create_subject_key_identifier: yes - not_after: +100w diff --git a/inventory/host_vars/ch-testvm-prometheus.yml b/inventory/host_vars/ch-testvm-prometheus.yml index ff36f733..415e6774 100644 --- a/inventory/host_vars/ch-testvm-prometheus.yml +++ b/inventory/host_vars/ch-testvm-prometheus.yml @@ -35,78 +35,3 @@ network: - *_network_primary_ ntp_variant: systemd-timesyncd - - -### -managed_ca_authorities: - foo: - key: - type: RSA - size: 4096 - cert: - common_name: foo CA - country_name: "AT" - locality_name: "Graz" - organization_name: "spreadspace" - organizational_unit_name: "ansible" - state_or_province_name: "Styria" - digest: sha256 - not_before: +0h - not_after: +520w - - -mosquitto_broker_global_config_options: - per_listener_settings: "true" - -mosquitto_broker_listeners: - example: - bind: 1883 - options: - allow_anonymous: "false" - acl_file: /etc/mosquitto/example.acl - password_file: /etc/mosquitto/example.passwd - foo: - bind: 1884 192.168.32.42 - hostnames: - - mqtt.example.com - tls: - certificate_provider: managed-ca - certificate_config: - ca: - host: ch-testvm-prometheus - name: foo - cert: - organization_name: "spreadspace" - organizational_unit_name: "ansible" - san_extra: - - "IP:192.168.32.42" - extended_key_usage: - - serverAuth - extended_key_usage_critical: yes - create_subject_key_identifier: yes - not_after: +100w - options: - allow_anonymous: "false" - require_certificate: "true" - cafile: /etc/mosquitto/ca_certificates/foo-ca-crt.pem - use_identity_as_username: "true" - acl_file: /etc/mosquitto/foo.acl - -mosquitto_broker_prometheus_listener: true - -mosquitto_broker_acl_files: - example: | - user admin - topic read test/+ - user equinox - topic write test/+ - foo: | - user consumer - topic read foo/+ - user producer - topic write foo/+ - -mosquitto_broker_password_files: - example: | - admin:{{ 'admin' | mosquitto_passwd_hash('admin@mqtt.example.com') }} - equinox:{{ 'secret' | mosquitto_passwd_hash('equinox@mqtt.example.com') }} diff --git a/roles/storage/lvm/base/defaults/main.yml b/roles/storage/lvm/base/defaults/main.yml index 224d35b5..74dc0c20 100644 --- a/roles/storage/lvm/base/defaults/main.yml +++ b/roles/storage/lvm/base/defaults/main.yml @@ -1,4 +1,6 @@ --- +lvm_groups: {} + # lvm_groups: # foo: # pvs: |