diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-05-26 23:50:38 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-05-26 23:50:38 +0200 |
commit | acc437083cfa7b8f77b8e79af2a0c05bd871e198 (patch) | |
tree | 576360023addac147bef43f1ba340c61e3c9fe5b /inventory | |
parent | remove nextcloud test instance (diff) | |
parent | cleanup old configs and playbooks (diff) |
Merge branch 'topic/zfs-buster-backports'
Diffstat (limited to 'inventory')
-rw-r--r-- | inventory/host_vars/ch-gnocchi.yml | 4 | ||||
-rw-r--r-- | inventory/host_vars/ch-mimas.yml | 3 | ||||
-rw-r--r-- | inventory/host_vars/ele-gwhetzner.yml | 3 | ||||
-rw-r--r-- | inventory/host_vars/emc-master.yml | 11 | ||||
-rw-r--r-- | inventory/host_vars/lw-master.yml | 11 | ||||
-rw-r--r-- | inventory/host_vars/r3-cccamp19-av.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/r3-cccamp19-flora.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/r3-cccamp19-verr.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/sk-2019.yml | 14 | ||||
-rw-r--r-- | inventory/host_vars/sk-2019vm.yml | 54 | ||||
-rw-r--r-- | inventory/host_vars/sk-cloudia/vars.yml | 10 | ||||
-rw-r--r-- | inventory/host_vars/sk-testvm.yml | 3 | ||||
-rw-r--r-- | inventory/host_vars/sk-tomnext-hp.yml | 32 | ||||
-rw-r--r-- | inventory/host_vars/sk-tomnext-nc.yml | 126 | ||||
-rw-r--r-- | inventory/host_vars/sk-tomnext.yml | 70 | ||||
-rw-r--r-- | inventory/host_vars/sk-torrent.yml | 6 | ||||
-rw-r--r-- | inventory/hosts.ini | 11 |
17 files changed, 306 insertions, 58 deletions
diff --git a/inventory/host_vars/ch-gnocchi.yml b/inventory/host_vars/ch-gnocchi.yml index 35527e2d..d5525443 100644 --- a/inventory/host_vars/ch-gnocchi.yml +++ b/inventory/host_vars/ch-gnocchi.yml @@ -33,7 +33,7 @@ __interface_zones__: __interface_zones_yaml__: | - {% for interface in __interface_zones__.keys() %} + {% for interface in (__interface_zones__.keys() | sort) %} {% for zone in __interface_zones__[interface] %} {% if zone is mapping %} {{ zone.name }}: @@ -61,7 +61,7 @@ __interface_configs__: | # The loopback network interface auto lo iface lo inet loopback - {% for interface in __interface_zones__.keys() %} + {% for interface in (__interface_zones__.keys() | sort) %} auto {{ interface }} diff --git a/inventory/host_vars/ch-mimas.yml b/inventory/host_vars/ch-mimas.yml index 9a89fe7c..194ecbb7 100644 --- a/inventory/host_vars/ch-mimas.yml +++ b/inventory/host_vars/ch-mimas.yml @@ -10,8 +10,7 @@ install: virtio: vda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 62g interfaces: - bridge: br-public diff --git a/inventory/host_vars/ele-gwhetzner.yml b/inventory/host_vars/ele-gwhetzner.yml index 7ebda8ff..98f5fb6e 100644 --- a/inventory/host_vars/ele-gwhetzner.yml +++ b/inventory/host_vars/ele-gwhetzner.yml @@ -10,8 +10,7 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 5g interfaces: - bridge: br-public diff --git a/inventory/host_vars/emc-master.yml b/inventory/host_vars/emc-master.yml index e89463a9..71fe8c75 100644 --- a/inventory/host_vars/emc-master.yml +++ b/inventory/host_vars/emc-master.yml @@ -10,14 +10,11 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 20g - sdb: - type: zfs - pool: storage - name: "streamstats" - size: 50g + # sdb: + # type: image + # path: /dev/zvol/storage/streamstats interfaces: - bridge: br-public name: primary0 diff --git a/inventory/host_vars/lw-master.yml b/inventory/host_vars/lw-master.yml index e89463a9..71fe8c75 100644 --- a/inventory/host_vars/lw-master.yml +++ b/inventory/host_vars/lw-master.yml @@ -10,14 +10,11 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 20g - sdb: - type: zfs - pool: storage - name: "streamstats" - size: 50g + # sdb: + # type: image + # path: /dev/zvol/storage/streamstats interfaces: - bridge: br-public name: primary0 diff --git a/inventory/host_vars/r3-cccamp19-av.yml b/inventory/host_vars/r3-cccamp19-av.yml index 378f459c..54f6c5da 100644 --- a/inventory/host_vars/r3-cccamp19-av.yml +++ b/inventory/host_vars/r3-cccamp19-av.yml @@ -31,5 +31,7 @@ network: mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}" gateway: "{{ network_zones.lan.gateway }}" +install_playbook: r3-cccamp19_vm + dyndns: server: ch-pan diff --git a/inventory/host_vars/r3-cccamp19-flora.yml b/inventory/host_vars/r3-cccamp19-flora.yml index 378f459c..54f6c5da 100644 --- a/inventory/host_vars/r3-cccamp19-flora.yml +++ b/inventory/host_vars/r3-cccamp19-flora.yml @@ -31,5 +31,7 @@ network: mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}" gateway: "{{ network_zones.lan.gateway }}" +install_playbook: r3-cccamp19_vm + dyndns: server: ch-pan diff --git a/inventory/host_vars/r3-cccamp19-verr.yml b/inventory/host_vars/r3-cccamp19-verr.yml index 03b32e4c..81cbe05b 100644 --- a/inventory/host_vars/r3-cccamp19-verr.yml +++ b/inventory/host_vars/r3-cccamp19-verr.yml @@ -31,5 +31,7 @@ network: mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}" gateway: "{{ network_zones.lan.gateway }}" +install_playbook: r3-cccamp19_vm + dyndns: server: ch-pan diff --git a/inventory/host_vars/sk-2019.yml b/inventory/host_vars/sk-2019.yml index 9de2b04a..f54d852f 100644 --- a/inventory/host_vars/sk-2019.yml +++ b/inventory/host_vars/sk-2019.yml @@ -10,12 +10,13 @@ install: network: {} base_intel_nic_stability_fix: true +ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan + ssh_keys.brt }}" +ssh_allowusers_host: "{{ admin_user_host | map(attribute='name') | list }}" + admin_user_host: - "{{ brt_user }}" -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan + ssh_keys.brt }}" -ssh_allowusers_host: "{{ admin_user_host | map(attribute='name') | list }}" cryptdisk_volumes: @@ -27,11 +28,12 @@ cryptdisk_volumes: device: /dev/disk/by-id/nvme-eui.0025388791050fdc-part3 +zfs_use_systemd_mount_generator: no +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 12 * 1024 * 1024 * 1024 }}" + zfs_zpools: storage: mountpoint: /srv/storage create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 - -# zfs_arc_size: -# min: "{{ 2 * 1024 * 1024 * 1024 }}" -# max: "{{ 16 * 1024 * 1024 * 1024 }}" diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index 4584813e..705ff929 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -10,12 +10,42 @@ install: network: {} base_intel_nic_stability_fix: true +ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" apt_repo_components: - main - contrib ## for zfs - non-free ## for microcode updates + +cryptdisk_volumes: + crypto-nvme0: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.0025388291b201dc-part3 + crypto-nvme1: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme1'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.0025388291b201cb-part3 + + +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 8 * 1024 * 1024 * 1024 }}" + +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 + +zfs_sanoid_modules: + storage/vm: + use_template: production + recursive: yes + process_children_only: yes + storage/vm/sk-testvm: + use_template: ignore + recursive: yes + + vm_host: network: dns: @@ -42,23 +72,7 @@ vm_host: ele-gwhetzner: 2 ch-mimas: 6 sk-testvm: 7 - -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" - -cryptdisk_volumes: - crypto-nvme0: - passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" - device: /dev/disk/by-id/nvme-eui.0025388291b201dc-part3 - crypto-nvme1: - passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme1'].passphrase }}" - device: /dev/disk/by-id/nvme-eui.0025388291b201cb-part3 - - -zfs_zpools: - storage: - mountpoint: /srv/storage - create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 - -zfs_arc_size: - min: "{{ 2 * 1024 * 1024 * 1024 }}" - max: "{{ 8 * 1024 * 1024 * 1024 }}" + zfs: + default: + pool: storage + name: vm diff --git a/inventory/host_vars/sk-cloudia/vars.yml b/inventory/host_vars/sk-cloudia/vars.yml index 15dcb860..085a9c95 100644 --- a/inventory/host_vars/sk-cloudia/vars.yml +++ b/inventory/host_vars/sk-cloudia/vars.yml @@ -11,15 +11,17 @@ network: {} base_intel_nic_stability_fix: true -zfs_zpools: - storage: - mountpoint: /srv/storage - create_vdevs: mirror nvme0n1p3 nvme1n1p3 +zfs_use_systemd_mount_generator: no zfs_arc_size: min: "{{ 2 * 1024 * 1024 * 1024 }}" max: "{{ 16 * 1024 * 1024 * 1024 }}" +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: mirror nvme0n1p3 nvme1n1p3 + docker_zfs: pool: storage diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index 6ee92378..5d9561f0 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -10,8 +10,7 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 10g interfaces: - bridge: br-public diff --git a/inventory/host_vars/sk-tomnext-hp.yml b/inventory/host_vars/sk-tomnext-hp.yml new file mode 100644 index 00000000..72f116b9 --- /dev/null +++ b/inventory/host_vars/sk-tomnext-hp.yml @@ -0,0 +1,32 @@ +--- +vm_host: sk-tomnext + +install: + host: "{{ vm_host }}" + mem: 8192 + numcpu: 4 + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 20g + interfaces: + - bridge: br-public + name: primary0 + autostart: True + +network: + nameservers: "{{ hostvars[vm_host].vm_host.network.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: + interface: primary0 + ip: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address') }}" + mask: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('netmask') }}" + gateway: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('address') }}" + overlay: "{{ (hostvars[vm_host].vm_host.network.bridges.public.overlay.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}" + +external_ip: "{{ network.primary.overlay }}" diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml new file mode 100644 index 00000000..296a9e28 --- /dev/null +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -0,0 +1,126 @@ +--- +vm_host: sk-tomnext + +install: + host: "{{ vm_host }}" + mem: 16384 + numcpu: 8 + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 15g + sdb: + type: zfs + name: data + size: 800g + interfaces: + - bridge: br-public + name: primary0 + autostart: True + +network: + nameservers: "{{ hostvars[vm_host].vm_host.network.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: + interface: primary0 + ip: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address') }}" + mask: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('netmask') }}" + gateway: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('address') }}" + overlay: "{{ (hostvars[vm_host].vm_host.network.bridges.public.overlay.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}" + +external_ip: "{{ network.primary.overlay }}" + + +apt_repo_components: +- main +- contrib ## for zfs + + +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 8 * 1024 * 1024 * 1024 }}" + +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: /dev/sdb + +zfs_sanoid_modules: + storage/nextcloud: + use_template: production + recursive: yes + process_children_only: yes + + +docker_zfs: + pool: storage + name: docker + size: 15G + +kubelet_zfs: + pool: storage + name: kubelet + size: 15G + +kubernetes_version: 1.18.3 +kubernetes_container_runtime: docker +kubernetes_standalone_max_pods: 15 +kubernetes_standalone_pod_cidr: 192.168.255.0/24 +kubernetes_standalone_cni_variant: with-portmap + + +acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" +nginx_server_names_hash_bucket_size: 64 + +nextcloud_zfs: + pool: storage + name: nextcloud + size: 700G + +nextcloud_instances: + team.tomwaitz.eu: + # new: true + version: 18.0.4 + port: 8100 + hostnames: + - team.tomwaitz.eu + quota: 700G + database: + type: mariadb + version: 10.5.3 + password: "{{ vault_nextcloud_database_passwords['team.tomwaitz.eu'] }}" + custom_image: + dockerfile: | + RUN set -x \ + && sed 's/main$/main contrib non-free/' -i /etc/apt/sources.list \ + && apt-get update -q \ + && apt-get install -y -q unrar \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + + +collabora_code_base_path: /srv/storage/collabora/code + +collabora_code_instances: + o.tomwaitz.eu: + version: 4.2.3.1 + port: 8200 + hostname: o.tomwaitz.eu + admin: + username: admin + password: "{{ vault_collabora_code_admin_passwords['o.tomwaitz.eu'] }}" + backend_storages: + - team.tomwaitz.eu + custom_image: + dockerfile: | + USER root + RUN set -x \ + && echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections \ + && apt-get update -q \ + && apt-get install -y -q ttf-mscorefonts-installer \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + USER 101 diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml new file mode 100644 index 00000000..22a96897 --- /dev/null +++ b/inventory/host_vars/sk-tomnext.yml @@ -0,0 +1,70 @@ +--- +install: + cloud: + credentials: "{{ vault_hroot_robot_account }}" + server_name: "{{ host_name }}" + disks: + layout: nvme_raid + root_lvm_size: 10G + +network: {} + +base_intel_nic_stability_fix: true +ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" + +apt_repo_components: +- main +- contrib ## for zfs +- non-free ## for microcode updates + + +cryptdisk_volumes: + crypto-nvme0: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.00000000000000018ce38e0500157a42-part3 + crypto-nvme1: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme1'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.00000000000000018ce38e0500157b3d-part3 + + +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 8 * 1024 * 1024 * 1024 }}" + +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 + +zfs_sanoid_modules: + storage/vm: + use_template: production + recursive: yes + process_children_only: yes + storage/vm/sk-tomnext-nc: + use_template: ignore + recursive: yes + + +vm_host: + network: + dns: + - 213.133.100.100 + - 213.133.98.98 + - 213.133.99.99 + bridges: + public: + prefix: 192.168.250.254/24 + offsets: + sk-tomnext-nc: 103 + sk-tomnext-hp: 104 + nat: yes + overlay: + prefix: 94.130.206.64/26 + offsets: + sk-tomnext-nc: 39 + sk-tomnext-hp: 40 + zfs: + default: + pool: storage + name: vm diff --git a/inventory/host_vars/sk-torrent.yml b/inventory/host_vars/sk-torrent.yml index cdf5f94a..8135dde0 100644 --- a/inventory/host_vars/sk-torrent.yml +++ b/inventory/host_vars/sk-torrent.yml @@ -10,13 +10,11 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 10g sdb: type: zfs - pool: storage - name: "{{ inventory_hostname }}-data" + name: data size: 180g interfaces: - bridge: br-public diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 89d073a8..2e55d5dd 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -15,9 +15,9 @@ env_group=chaos-at-home ch-equinox-ws host_name=equinox-ws ch-atlas host_name=atlas ch-pan host_name=pan -ch-mimas host_name=mimas ch-keyserver host_name=keyserver ch-testvm host_name=testvm +ch-mimas host_name=mimas ch-mimas2 host_name=mimas ch-gnocchi host_name=gnocchi ch-router host_name=router @@ -128,6 +128,9 @@ env_group=dan sk-2019 host_name=2019 sk-cloudia host_name=cloudia sk-2019vm host_name=2019vm +sk-tomnext host_name=tomnext +sk-tomnext-nc host_name=tomnext-nc +sk-tomnext-hp host_name=homepage host_domain="" sk-testvm host_name=testvm sk-torrent host_name=torrent @@ -228,6 +231,7 @@ ch-gnocchi r3-cccamp19-dione r3-cccamp19-helene sk-2019vm +sk-tomnext [kvmguests] emc-master @@ -248,12 +252,14 @@ sk-torrent ch-mimas ele-gwhetzner ele-mur - +sk-tomnext-nc +sk-tomnext-hp [hroot] sk-2019 sk-cloudia sk-2019vm +sk-tomnext [hcloud] ch-mimas2 @@ -305,6 +311,7 @@ k8s-lwl sk-cloudia ele-thetys lw-thetys +sk-tomnext-nc [kubernetes:children] kubernetes-cluster |