From 15bdc78c65159834c9a3335c88053589535549ef Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 8 Jan 2023 23:16:09 +0100 Subject: ch-epimetheus now is a RPi CM4 --- chaos-at-home/ch-epimetheus.yml | 24 ++++-------------------- inventory/host_vars/ch-apps.yml | 2 +- inventory/host_vars/ch-atlas.yml | 2 +- inventory/host_vars/ch-epimetheus.yml | 26 ++++++++++++++++---------- inventory/host_vars/ch-equinox-t450s.yml | 2 +- inventory/host_vars/ch-hyperion.yml | 15 +++++++++++++++ inventory/host_vars/ch-mimas.yml | 2 +- inventory/host_vars/ch-phoebe.yml | 2 +- inventory/host_vars/ch-prometheus.yml | 2 +- inventory/host_vars/sk-2019vm.yml | 2 +- inventory/hosts.ini | 6 ++++++ roles/prepare-dkms/tasks/main.yml | 7 ++++--- roles/raspios/image/tasks/main.yml | 6 ++++++ roles/storage/zfs/syncoid/tasks/main.yml | 6 ++++++ 14 files changed, 64 insertions(+), 40 deletions(-) create mode 100644 inventory/host_vars/ch-hyperion.yml diff --git a/chaos-at-home/ch-epimetheus.yml b/chaos-at-home/ch-epimetheus.yml index 148cda82..d091ffc5 100644 --- a/chaos-at-home/ch-epimetheus.yml +++ b/chaos-at-home/ch-epimetheus.yml @@ -7,32 +7,18 @@ - role: core/sshd/base - role: core/zsh - role: core/ntp - - role: core/cpu-microcode + +- name: Payload Setup + hosts: ch-epimetheus + roles: - role: apt-repo/spreadspace - role: nginx/base - role: monitoring/prometheus/exporter - - role: network/wakeonlan - role: storage/luks/volumes - role: storage/zfs/pools - role: storage/zfs/sanoid - role: storage/zfs/syncoid post_tasks: - - name: install simple suspend script - copy: - content: | - #!/bin/bash - - if [ -z "$1" ]; then - echo "suspending indefinitely" - systemctl suspend - else - #rtcwake --seconds 300 -m mem - echo "suspending for $1" - rtcwake --time $(date -d "$1" +%s) -m mem - fi - dest: /root/suspend.sh - mode: 0755 - - name: install post-boot script copy: dest: /usr/local/bin/post-boot @@ -59,8 +45,6 @@ content: | #!/bin/bash {% set disk_variables = [] %} - disk_primary=$(basename $(realpath '{{ install.disks.primary }}')) - {{ disk_variables.append('$disk_primary') -}} {% for name,volume in luks_volumes.items() %} disk_{{ name | replace('-', '_') }}=$(basename $(realpath '{{ volume.device }}')) {{ disk_variables.append('$disk_'+(name | replace('-', '_'))) -}} diff --git a/inventory/host_vars/ch-apps.yml b/inventory/host_vars/ch-apps.yml index ed53fe38..9c263712 100644 --- a/inventory/host_vars/ch-apps.yml +++ b/inventory/host_vars/ch-apps.yml @@ -55,7 +55,7 @@ spreadspace_apt_repo_components: ssh_keys_root_extra: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjZEFZLrl2KIqYl/GU8Vkp7mlhAbFbjwf4Ht9zQRmI8 ZFS Backup syncoid@epimetheus prometheus_job_multitarget_blackbox__probe: diff --git a/inventory/host_vars/ch-atlas.yml b/inventory/host_vars/ch-atlas.yml index 7b132e6d..9f1fd63e 100644 --- a/inventory/host_vars/ch-atlas.yml +++ b/inventory/host_vars/ch-atlas.yml @@ -26,7 +26,7 @@ network: ssh_keys_root_extra: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjZEFZLrl2KIqYl/GU8Vkp7mlhAbFbjwf4Ht9zQRmI8 ZFS Backup syncoid@epimetheus apt_repo_components: diff --git a/inventory/host_vars/ch-epimetheus.yml b/inventory/host_vars/ch-epimetheus.yml index 431f6337..fa05843e 100644 --- a/inventory/host_vars/ch-epimetheus.yml +++ b/inventory/host_vars/ch-epimetheus.yml @@ -1,27 +1,33 @@ --- -install: - efi: true - disks: - primary: /dev/disk/by-id/ata-ADATA_SP300_1302938101000079 +raspios_variant: lite +raspios_arch: arm64 network: nameservers: "{{ network_zones.lan.dns }}" domain: "{{ host_domain }}" primary: &_network_primary_ - name: enp1s0 + name: eth0 address: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) }}" gateway: "{{ network_zones.lan.gateway }}" interfaces: - *_network_primary_ +raspios_boot_config: + - regexp: '^#?dtparam=i2c_vc' + line: 'dtparam=i2c_vc=on' + - regexp: '^#?dtoverlay=i2c-rtc' + line: 'dtoverlay=i2c-rtc,rv3028,i2c0' + +## TODO: eeprom config... +# POWER_OFF_ON_HALT=1 +# WAKE_ON_GPIO=0 + +base_entropy_generator: rngd -wakeonlan_interfaces: - - enp7s0 ## onboard GBit/s port - enp1s0 is a 10g SFP+ card without support for WOL apt_repo_components: - main - contrib ## for zfs - - non-free ## for microcode updates spreadspace_apt_repo_components: @@ -63,8 +69,8 @@ luks_volumes: zfs_arc_size: - min: 8GB - max: 16GB + min: 1GB + max: 2GB zfs_pools: backup: diff --git a/inventory/host_vars/ch-equinox-t450s.yml b/inventory/host_vars/ch-equinox-t450s.yml index 5aa92d38..d6a04ace 100644 --- a/inventory/host_vars/ch-equinox-t450s.yml +++ b/inventory/host_vars/ch-equinox-t450s.yml @@ -32,7 +32,7 @@ base_modules_blacklist: "{{ base_modules_blacklist_none }}" sshd_password_auth: yes ssh_keys_root_extra: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjZEFZLrl2KIqYl/GU8Vkp7mlhAbFbjwf4Ht9zQRmI8 ZFS Backup syncoid@epimetheus zsh_banner: equinox diff --git a/inventory/host_vars/ch-hyperion.yml b/inventory/host_vars/ch-hyperion.yml new file mode 100644 index 00000000..a551242a --- /dev/null +++ b/inventory/host_vars/ch-hyperion.yml @@ -0,0 +1,15 @@ +--- +install: + efi: true + disks: + primary: /dev/disk/by-id/ata-ADATA_SP300_1302938101000079 + +network: + nameservers: "{{ network_zones.lan.dns }}" + domain: "{{ host_domain }}" + primary: &_network_primary_ + name: enp1s0 + address: "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets[inventory_hostname]) }}" + gateway: "{{ network_zones.lan.gateway }}" + interfaces: + - *_network_primary_ diff --git a/inventory/host_vars/ch-mimas.yml b/inventory/host_vars/ch-mimas.yml index ac7f1748..2aa8e522 100644 --- a/inventory/host_vars/ch-mimas.yml +++ b/inventory/host_vars/ch-mimas.yml @@ -21,7 +21,7 @@ spreadspace_apt_repo_components: sshd_allowusers_host: "{{ admin_users_host + (['git'] | product(gitolite_instances | list) | map('join', '-')) }}" ssh_keys_root_extra: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjZEFZLrl2KIqYl/GU8Vkp7mlhAbFbjwf4Ht9zQRmI8 ZFS Backup syncoid@epimetheus ntp_variant: systemd-timesyncd diff --git a/inventory/host_vars/ch-phoebe.yml b/inventory/host_vars/ch-phoebe.yml index 9e1b9d89..834ec6d5 100644 --- a/inventory/host_vars/ch-phoebe.yml +++ b/inventory/host_vars/ch-phoebe.yml @@ -30,7 +30,7 @@ apt_repo_components: ssh_keys_root_extra: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjZEFZLrl2KIqYl/GU8Vkp7mlhAbFbjwf4Ht9zQRmI8 ZFS Backup syncoid@epimetheus spreadspace_apt_repo_components: diff --git a/inventory/host_vars/ch-prometheus.yml b/inventory/host_vars/ch-prometheus.yml index 20b717c0..332ba8ef 100644 --- a/inventory/host_vars/ch-prometheus.yml +++ b/inventory/host_vars/ch-prometheus.yml @@ -42,7 +42,7 @@ apt_repo_components: ssh_keys_root_extra: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9AkOBxvf1wZ0B3wEyf7O3GbaIGx5o2f6cVuQIrOjeFfgMSAr1LwiB/gmHhMSEq6OSauD37TA5yDIrzk6NPPjVs/wiklsHgYtTqIxSPItTZFPX4gLvNwwGuRvEW9bTEiHd+bVPIiIT7HOje0kgacjan44rdgppX9DgcUp2j7uSZZabsxDCS/ms0slhwBNU1gtR31PoQ56vIya23D2uMauNAbRJzDEOfAjy4pHF8njYcXPas/yrbLi8PUZ1YO1u/AZto96EIYfHaCLWlstqeCX+R2JrTunvfTr8TF3AkFw8lHMzk3neUR+tPAAFQaqeTlqGPiSNq1Oyf+52XR16qwhd equinox@mail - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjZEFZLrl2KIqYl/GU8Vkp7mlhAbFbjwf4Ht9zQRmI8 ZFS Backup syncoid@epimetheus spreadspace_apt_repo_components: diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index 6da127ca..8d4f439c 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -29,7 +29,7 @@ ssh_users_root: - dan ssh_keys_root_extra: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBjZEFZLrl2KIqYl/GU8Vkp7mlhAbFbjwf4Ht9zQRmI8 ZFS Backup syncoid@epimetheus apt_repo_components: - main diff --git a/inventory/hosts.ini b/inventory/hosts.ini index c7c21ef0..8e41304d 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -305,6 +305,12 @@ ansible_python_interpreter=/usr/local/bin/python3 ch-router-obsd +[raspios] +ch-cm4-test +ch-mclr +ch-epimetheus + + ## legacy python version [python2:vars] ansible_python_interpreter=/usr/bin/python diff --git a/roles/prepare-dkms/tasks/main.yml b/roles/prepare-dkms/tasks/main.yml index 23533345..052d2684 100644 --- a/roles/prepare-dkms/tasks/main.yml +++ b/roles/prepare-dkms/tasks/main.yml @@ -1,14 +1,15 @@ --- - name: prepare dkms on scaleway boxes - include_tasks: scaleway.yml when: "'scaleway-kernel' in group_names" + include_tasks: scaleway.yml - name: prepare dkms on for raspberry-pi + when: "('id' in ansible_lsb and ansible_lsb.id == 'Raspbian') or ('raspios' in group_names)" include_tasks: raspberrypi.yml - when: "('id' in ansible_lsb and ansible_lsb.id == 'Raspbian')" - name: prepare dkms on normal debian boxes - include_tasks: default.yml when: - "'scaleway-kernel' not in group_names" + - "'raspios' not in group_names" - "('id' not in ansible_lsb or ansible_lsb.id != 'Raspbian')" + include_tasks: default.yml diff --git a/roles/raspios/image/tasks/main.yml b/roles/raspios/image/tasks/main.yml index 95fd1407..e7e0cbba 100644 --- a/roles/raspios/image/tasks/main.yml +++ b/roles/raspios/image/tasks/main.yml @@ -1,4 +1,10 @@ --- +- name: check if host is member of the raspios group + assert: + msg: "please add the host to the group 'raspios'" + that: + - "'raspios' in group_names" + - name: fetch os list from download server check_mode: no uri: diff --git a/roles/storage/zfs/syncoid/tasks/main.yml b/roles/storage/zfs/syncoid/tasks/main.yml index 9e573db7..6b3e227e 100644 --- a/roles/storage/zfs/syncoid/tasks/main.yml +++ b/roles/storage/zfs/syncoid/tasks/main.yml @@ -22,7 +22,13 @@ dest: /var/lib/syncoid/syncoid_pull mode: 0755 +- name: check if lvm.conf does exist + stat: + path: /etc/lvm/lvm.conf + register: zfs_syncoid_lvm_conf + - name: configure lvm to ignore zfs volumes + when: zfs_syncoid_lvm_conf.stat.exists lineinfile: path: /etc/lvm/lvm.conf backrefs: yes -- cgit v1.2.3