From 22625ac4e802a2317d0ad723a8d7f292ecf10fbe Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Mon, 11 May 2020 03:47:35 +0200 Subject: add host sk-tomnext --- inventory/host_vars/sk-tomnext.yml | 55 ++++++++++++++++++++++++++++++++++++++ inventory/hosts.ini | 3 +++ 2 files changed, 58 insertions(+) create mode 100644 inventory/host_vars/sk-tomnext.yml (limited to 'inventory') diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml new file mode 100644 index 00000000..725fbbb6 --- /dev/null +++ b/inventory/host_vars/sk-tomnext.yml @@ -0,0 +1,55 @@ +--- +install: + cloud: + credentials: "{{ vault_hroot_robot_account }}" + server_name: "{{ host_name }}" + disks: + layout: nvme_raid + root_lvm_size: 10G + +network: {} + +base_intel_nic_stability_fix: true + +vm_host: + network: + dns: + - 213.133.100.100 + - 213.133.98.98 + - 213.133.99.99 + bridges: + public: + prefix: 192.168.250.254/24 + offsets: + sk-tomnext-nc: 103 + sk-tomnext-hp: 104 + nat: yes + overlay: + prefix: 94.130.206.64/26 + offsets: + sk-tomnext-nc: 39 + sk-tomnext-hp: 40 + +ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" + +apt_repo_components: + - main + - contrib + +cryptdisk_volumes: + crypto-nvme0: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.00000000000000018ce38e0500157a42-part3 + crypto-nvme1: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme1'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.00000000000000018ce38e0500157b3d-part3 + + +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 + +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 8 * 1024 * 1024 * 1024 }}" diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 89d073a8..6f7d7a72 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -128,6 +128,7 @@ env_group=dan sk-2019 host_name=2019 sk-cloudia host_name=cloudia sk-2019vm host_name=2019vm +sk-tomnext host_name=tomnext sk-testvm host_name=testvm sk-torrent host_name=torrent @@ -228,6 +229,7 @@ ch-gnocchi r3-cccamp19-dione r3-cccamp19-helene sk-2019vm +sk-tomnext [kvmguests] emc-master @@ -254,6 +256,7 @@ ele-mur sk-2019 sk-cloudia sk-2019vm +sk-tomnext [hcloud] ch-mimas2 -- cgit v1.2.3 From a6a1e9bf9b42cd54cd46202dee9212b3001f3213 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Mon, 18 May 2020 03:58:53 +0200 Subject: add temporary workaround for network interface stability fix --- dan/sk-tomnext.yml | 19 +++++++++++++++++++ inventory/host_vars/sk-2019vm.yml | 10 +++++----- inventory/host_vars/sk-tomnext.yml | 5 +++-- roles/base/tasks/Debian.yml | 4 ++++ 4 files changed, 31 insertions(+), 7 deletions(-) (limited to 'inventory') diff --git a/dan/sk-tomnext.yml b/dan/sk-tomnext.yml index 54c31bfd..2fd81699 100644 --- a/dan/sk-tomnext.yml +++ b/dan/sk-tomnext.yml @@ -11,3 +11,22 @@ - role: zfs/base - role: vm/host - role: installer/debian/base + tasks: + - name: install post-boot script + copy: + dest: /usr/local/bin/post-boot + mode: 0755 + content: | + #!/bin/bash + set -e + + {% for name, volume in cryptdisk_volumes.items() %} + cryptsetup luksOpen '{{ volume.device }}' '{{ name }}' + {% endfor %} + systemctl restart zfs-import-cache.service + systemctl restart zfs-mount.service + systemctl restart zfs-share.service + mount -a + + sleep 2 + systemctl restart libvirtd.service diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index 4584813e..723d0b5c 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -11,11 +11,6 @@ network: {} base_intel_nic_stability_fix: true -apt_repo_components: -- main -- contrib ## for zfs -- non-free ## for microcode updates - vm_host: network: dns: @@ -45,6 +40,11 @@ vm_host: ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" +apt_repo_components: +- main +- contrib ## for zfs +- non-free ## for microcode updates + cryptdisk_volumes: crypto-nvme0: passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml index 725fbbb6..840de6f6 100644 --- a/inventory/host_vars/sk-tomnext.yml +++ b/inventory/host_vars/sk-tomnext.yml @@ -33,8 +33,9 @@ vm_host: ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" apt_repo_components: - - main - - contrib +- main +- contrib ## for zfs +- non-free ## for microcode updates cryptdisk_volumes: crypto-nvme0: diff --git a/roles/base/tasks/Debian.yml b/roles/base/tasks/Debian.yml index 185c3616..7551670f 100644 --- a/roles/base/tasks/Debian.yml +++ b/roles/base/tasks/Debian.yml @@ -114,11 +114,15 @@ - name: disable TSO (intel nic stability fix) when: base_intel_nic_stability_fix copy: + # TODO: copy settings from /usr/lib/systemd/network/99-default.link content: | [Match] MACAddress={{ ansible_default_ipv4.macaddress }} [Link] + NamePolicy=keep kernel database onboard slot path + MACAddressPolicy=persistent + TCPSegmentationOffload=false GenericSegmentationOffload=false GenericReceiveOffload=false -- cgit v1.2.3 From dac9084c7038992d275cde0723cf05a9741a44e3 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 23 May 2020 01:45:06 +0200 Subject: make use of zfs-mount-generator configureable --- inventory/host_vars/sk-2019.yml | 14 +++--- inventory/host_vars/sk-2019vm.yml | 52 +++++++++++----------- inventory/host_vars/sk-cloudia/vars.yml | 10 +++-- roles/zfs/base/defaults/main.yml | 9 ++-- .../base/tasks/enable-systemd-mount-generator.yml | 23 ++++++++++ roles/zfs/base/tasks/main.yml | 22 ++------- 6 files changed, 72 insertions(+), 58 deletions(-) create mode 100644 roles/zfs/base/tasks/enable-systemd-mount-generator.yml (limited to 'inventory') diff --git a/inventory/host_vars/sk-2019.yml b/inventory/host_vars/sk-2019.yml index 9de2b04a..f54d852f 100644 --- a/inventory/host_vars/sk-2019.yml +++ b/inventory/host_vars/sk-2019.yml @@ -10,12 +10,13 @@ install: network: {} base_intel_nic_stability_fix: true +ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan + ssh_keys.brt }}" +ssh_allowusers_host: "{{ admin_user_host | map(attribute='name') | list }}" + admin_user_host: - "{{ brt_user }}" -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan + ssh_keys.brt }}" -ssh_allowusers_host: "{{ admin_user_host | map(attribute='name') | list }}" cryptdisk_volumes: @@ -27,11 +28,12 @@ cryptdisk_volumes: device: /dev/disk/by-id/nvme-eui.0025388791050fdc-part3 +zfs_use_systemd_mount_generator: no +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 12 * 1024 * 1024 * 1024 }}" + zfs_zpools: storage: mountpoint: /srv/storage create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 - -# zfs_arc_size: -# min: "{{ 2 * 1024 * 1024 * 1024 }}" -# max: "{{ 16 * 1024 * 1024 * 1024 }}" diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index 723d0b5c..f9bfb0bb 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -10,6 +10,33 @@ install: network: {} base_intel_nic_stability_fix: true +ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" + +apt_repo_components: +- main +- contrib ## for zfs +- non-free ## for microcode updates + + +cryptdisk_volumes: + crypto-nvme0: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.0025388291b201dc-part3 + crypto-nvme1: + passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme1'].passphrase }}" + device: /dev/disk/by-id/nvme-eui.0025388291b201cb-part3 + + +zfs_use_systemd_mount_generator: no +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 8 * 1024 * 1024 * 1024 }}" + +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 + vm_host: network: @@ -37,28 +64,3 @@ vm_host: ele-gwhetzner: 2 ch-mimas: 6 sk-testvm: 7 - -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" - -apt_repo_components: -- main -- contrib ## for zfs -- non-free ## for microcode updates - -cryptdisk_volumes: - crypto-nvme0: - passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" - device: /dev/disk/by-id/nvme-eui.0025388291b201dc-part3 - crypto-nvme1: - passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme1'].passphrase }}" - device: /dev/disk/by-id/nvme-eui.0025388291b201cb-part3 - - -zfs_zpools: - storage: - mountpoint: /srv/storage - create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 - -zfs_arc_size: - min: "{{ 2 * 1024 * 1024 * 1024 }}" - max: "{{ 8 * 1024 * 1024 * 1024 }}" diff --git a/inventory/host_vars/sk-cloudia/vars.yml b/inventory/host_vars/sk-cloudia/vars.yml index 15dcb860..085a9c95 100644 --- a/inventory/host_vars/sk-cloudia/vars.yml +++ b/inventory/host_vars/sk-cloudia/vars.yml @@ -11,15 +11,17 @@ network: {} base_intel_nic_stability_fix: true -zfs_zpools: - storage: - mountpoint: /srv/storage - create_vdevs: mirror nvme0n1p3 nvme1n1p3 +zfs_use_systemd_mount_generator: no zfs_arc_size: min: "{{ 2 * 1024 * 1024 * 1024 }}" max: "{{ 16 * 1024 * 1024 * 1024 }}" +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: mirror nvme0n1p3 nvme1n1p3 + docker_zfs: pool: storage diff --git a/roles/zfs/base/defaults/main.yml b/roles/zfs/base/defaults/main.yml index f3dfbce9..c275b981 100644 --- a/roles/zfs/base/defaults/main.yml +++ b/roles/zfs/base/defaults/main.yml @@ -1,4 +1,9 @@ --- +zfs_use_systemd_mount_generator: yes +#zfs_arc_size: +# min: {{ 2 * 1024 * 1024 * 1024 }} +# max: {{ 8 * 1024 * 1024 * 1024 }} + zfs_zpool_properties: ashift: 12 @@ -12,7 +17,3 @@ zfs_zpool_properties: # properties: # ashift: 12 # prop: value - -#zfs_arc_size: -# min: {{ 2 * 1024 * 1024 * 1024 }} -# max: {{ 8 * 1024 * 1024 * 1024 }} diff --git a/roles/zfs/base/tasks/enable-systemd-mount-generator.yml b/roles/zfs/base/tasks/enable-systemd-mount-generator.yml new file mode 100644 index 00000000..abefbeb1 --- /dev/null +++ b/roles/zfs/base/tasks/enable-systemd-mount-generator.yml @@ -0,0 +1,23 @@ +--- +- name: enable zfs-list-cacher zlet + file: + src: /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh + dest: /etc/zfs/zed.d/history_event-zfs-list-cacher.sh + state: link + +- name: create base-directory for zfs-list.cache + file: + path: /etc/zfs/zfs-list.cache/ + state: directory + +- name: create zfs-list.cache file for zpools + loop: "{{ zfs_zpools | dict2items }}" + loop_control: + label: "{{ item.key }}" + copy: + content: "" + dest: "/etc/zfs/zfs-list.cache/{{ item.key }}" + force: no + +## TODO: if this is installed after the zpool has already been created zed needs to be triggered +## using someing like: zfs set canmount=on DATASET diff --git a/roles/zfs/base/tasks/main.yml b/roles/zfs/base/tasks/main.yml index e86b974b..ad5d1ce2 100644 --- a/roles/zfs/base/tasks/main.yml +++ b/roles/zfs/base/tasks/main.yml @@ -22,25 +22,9 @@ - zfs-zed state: present -- name: enable zfs-list-cacher zlet for systemd zfs-mount-generator - file: - src: /usr/lib/zfs-linux/zed.d/history_event-zfs-list-cacher.sh - dest: /etc/zfs/zed.d/history_event-zfs-list-cacher.sh - state: link - -- name: create base-directory for zfs-list.cache - file: - path: /etc/zfs/zfs-list.cache/ - state: directory - -- name: create zfs-list.cache file for zpools - loop: "{{ zfs_zpools | dict2items }}" - loop_control: - label: "{{ item.key }}" - copy: - content: "" - dest: "/etc/zfs/zfs-list.cache/{{ item.key }}" - force: no +- name: enable systemd -mount-generator + when: zfs_use_systemd_mount_generator + import_tasks: enable-systemd-mount-generator.yml - name: create zpools loop: "{{ zfs_zpools | dict2items }}" -- cgit v1.2.3 From d5a8dc1066615935b6de278b31d7007e7a6c4597 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 23 May 2020 04:02:28 +0200 Subject: add role zfs sanoid --- dan/sk-tomnext.yml | 2 ++ inventory/host_vars/sk-tomnext.yml | 17 ++++++++++++++--- roles/zfs/sanoid/defaults/main.yml | 26 ++++++++++++++++++++++++++ roles/zfs/sanoid/tasks/main.yml | 15 +++++++++++++++ roles/zfs/sanoid/templates/sanoid.conf.j2 | 22 ++++++++++++++++++++++ 5 files changed, 79 insertions(+), 3 deletions(-) create mode 100644 roles/zfs/sanoid/defaults/main.yml create mode 100644 roles/zfs/sanoid/tasks/main.yml create mode 100644 roles/zfs/sanoid/templates/sanoid.conf.j2 (limited to 'inventory') diff --git a/dan/sk-tomnext.yml b/dan/sk-tomnext.yml index 1aa9baa9..4294880d 100644 --- a/dan/sk-tomnext.yml +++ b/dan/sk-tomnext.yml @@ -9,6 +9,8 @@ - role: apt-repo/base - role: cryptdisk - role: zfs/base + - role: apt-repo/spreadspace + - role: zfs/sanoid - role: vm/host - role: installer/debian/base tasks: diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml index 840de6f6..d570f1b2 100644 --- a/inventory/host_vars/sk-tomnext.yml +++ b/inventory/host_vars/sk-tomnext.yml @@ -46,11 +46,22 @@ cryptdisk_volumes: device: /dev/disk/by-id/nvme-eui.00000000000000018ce38e0500157b3d-part3 +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 8 * 1024 * 1024 * 1024 }}" + zfs_zpools: storage: mountpoint: /srv/storage create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 -zfs_arc_size: - min: "{{ 2 * 1024 * 1024 * 1024 }}" - max: "{{ 8 * 1024 * 1024 * 1024 }}" + +zfs_sanoid_modules: + storage/docker: + use_template: ignore + storage/kubelet: + use_template: ignore + storage/vm: + use_template: production + recursive: yes + process_children_only: yes diff --git a/roles/zfs/sanoid/defaults/main.yml b/roles/zfs/sanoid/defaults/main.yml new file mode 100644 index 00000000..55ebbd9d --- /dev/null +++ b/roles/zfs/sanoid/defaults/main.yml @@ -0,0 +1,26 @@ +--- +zfs_sanoid_modules: {} + +zfs_sanoid_templates: + production: + frequently: 0 + hourly: 36 + daily: 7 + monthly: 0 + yearly: 0 + autosnap: yes + autoprune: yes + + backup: + frequently: 0 + hourly: 0 + daily: 60 + monthly: 6 + yearly: 0 + autosnap: no + autoprune: yes + + ignore: + autoprune: no + autosnap: no + monitor: no diff --git a/roles/zfs/sanoid/tasks/main.yml b/roles/zfs/sanoid/tasks/main.yml new file mode 100644 index 00000000..e35190e9 --- /dev/null +++ b/roles/zfs/sanoid/tasks/main.yml @@ -0,0 +1,15 @@ +--- +- name: install sanoid + apt: + name: sanoid + state: present + +- name: create sanoid config directory + file: + path: /etc/sanoid + state: directory + +- name: genarate sanoid config + template: + src: sanoid.conf.j2 + dest: /etc/sanoid/sanoid.conf diff --git a/roles/zfs/sanoid/templates/sanoid.conf.j2 b/roles/zfs/sanoid/templates/sanoid.conf.j2 new file mode 100644 index 00000000..2f2b29b4 --- /dev/null +++ b/roles/zfs/sanoid/templates/sanoid.conf.j2 @@ -0,0 +1,22 @@ +############################### +## modules +############################### +{% for name,options in zfs_sanoid_modules.items() %} + +[{{ name }}] +{% for option,value in options.items() %} + {{ option }} = {{ value }} +{% endfor %} +{% endfor %} + + +############################### +## templates +############################### +{% for name,options in zfs_sanoid_templates.items() %} + +[template_{{ name }}] +{% for option,value in options.items() %} + {{ option }} = {{ value }} +{% endfor %} +{% endfor %} -- cgit v1.2.3 From 7783703ff07eb90fea5a1251032dc2901602219d Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 23 May 2020 05:40:09 +0200 Subject: major revamp for zfs based vm images --- inventory/host_vars/sk-tomnext-nc.yml | 36 +++++++++++++++++++++ inventory/host_vars/sk-tomnext.yml | 43 ++++++++++++++----------- inventory/hosts.ini | 5 ++- roles/vm/define/templates/libvirt-domain.xml.j2 | 4 +-- roles/vm/host/tasks/main.yml | 6 +++- roles/vm/host/tasks/zfs.yml | 12 +++++++ roles/vm/install/tasks/main.yml | 23 ++++++++----- 7 files changed, 98 insertions(+), 31 deletions(-) create mode 100644 inventory/host_vars/sk-tomnext-nc.yml create mode 100644 roles/vm/host/tasks/zfs.yml (limited to 'inventory') diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml new file mode 100644 index 00000000..a302a298 --- /dev/null +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -0,0 +1,36 @@ +--- +vm_host: sk-tomnext + +install: + host: "{{ vm_host }}" + mem: 16384 + numcpu: 8 + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 50g + sdb: + type: zfs + name: data + size: 20g + interfaces: + - bridge: br-public + name: primary0 + autostart: False + +network: + nameservers: "{{ hostvars[vm_host].vm_host.network.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: + interface: primary0 + ip: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address') }}" + mask: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('netmask') }}" + gateway: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('address') }}" + overlay: "{{ (hostvars[vm_host].vm_host.network.bridges.public.overlay.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}" + +external_ip: "{{ network.primary.overlay }}" diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml index d570f1b2..57f3dcf1 100644 --- a/inventory/host_vars/sk-tomnext.yml +++ b/inventory/host_vars/sk-tomnext.yml @@ -11,25 +11,6 @@ network: {} base_intel_nic_stability_fix: true -vm_host: - network: - dns: - - 213.133.100.100 - - 213.133.98.98 - - 213.133.99.99 - bridges: - public: - prefix: 192.168.250.254/24 - offsets: - sk-tomnext-nc: 103 - sk-tomnext-hp: 104 - nat: yes - overlay: - prefix: 94.130.206.64/26 - offsets: - sk-tomnext-nc: 39 - sk-tomnext-hp: 40 - ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" apt_repo_components: @@ -65,3 +46,27 @@ zfs_sanoid_modules: use_template: production recursive: yes process_children_only: yes + + +vm_host: + network: + dns: + - 213.133.100.100 + - 213.133.98.98 + - 213.133.99.99 + bridges: + public: + prefix: 192.168.250.254/24 + offsets: + sk-tomnext-nc: 103 + sk-tomnext-hp: 104 + nat: yes + overlay: + prefix: 94.130.206.64/26 + offsets: + sk-tomnext-nc: 39 + sk-tomnext-hp: 40 + zfs: + default: + pool: storage + name: vm diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 6f7d7a72..02d900e2 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -129,6 +129,8 @@ sk-2019 host_name=2019 sk-cloudia host_name=cloudia sk-2019vm host_name=2019vm sk-tomnext host_name=tomnext +sk-tomnext-nc host_name=tomnext-nc +sk-tomnext-hp sk-testvm host_name=testvm sk-torrent host_name=torrent @@ -250,7 +252,8 @@ sk-torrent ch-mimas ele-gwhetzner ele-mur - +sk-tomnext-nc +sk-tomnext-hp [hroot] sk-2019 diff --git a/roles/vm/define/templates/libvirt-domain.xml.j2 b/roles/vm/define/templates/libvirt-domain.xml.j2 index 3465cec0..12c4f624 100644 --- a/roles/vm/define/templates/libvirt-domain.xml.j2 +++ b/roles/vm/define/templates/libvirt-domain.xml.j2 @@ -57,7 +57,7 @@ {% if src.type == 'lvm' %} {% elif src.type == 'zfs' %} - + {% endif %} @@ -72,7 +72,7 @@ {% if src.type == 'lvm' %} {% elif src.type == 'zfs' %} - + {% endif %} diff --git a/roles/vm/host/tasks/main.yml b/roles/vm/host/tasks/main.yml index 0e11da3d..390016a2 100644 --- a/roles/vm/host/tasks/main.yml +++ b/roles/vm/host/tasks/main.yml @@ -19,9 +19,13 @@ notify: restart haveged - name: install vm-host network - when: vm_host.network is defined + when: "'network' in vm_host" include_tasks: network.yml +- name: prepare zfs volumes + when: "'zfs' in vm_host" + include_tasks: zfs.yml + - name: create lvm-based disk for installers when: installer_lvm is defined block: diff --git a/roles/vm/host/tasks/zfs.yml b/roles/vm/host/tasks/zfs.yml new file mode 100644 index 00000000..00de48a9 --- /dev/null +++ b/roles/vm/host/tasks/zfs.yml @@ -0,0 +1,12 @@ +--- +- name: create zfs base datasets + loop: "{{ lookup('dict', vm_host.zfs, wantlist=True) }}" + loop_control: + label: "{{ item.key }} -> {{ item.value.pool }}/{{ item.value.name }}{% if 'quota' in item.value %}={{ item.value.quota }}{% endif %}" + zfs: + name: "{{ item.value.pool }}/{{ item.value.name }}" + state: present + extra_zfs_properties: + quota: "{{ item.value.quota | default(omit) }}" + canmount: no + mountpoint: none diff --git a/roles/vm/install/tasks/main.yml b/roles/vm/install/tasks/main.yml index 50772e53..4fa673c5 100644 --- a/roles/vm/install/tasks/main.yml +++ b/roles/vm/install/tasks/main.yml @@ -1,22 +1,29 @@ --- - name: create lvm-based disks for vm - loop: "{{ hostvars[install_hostname].install_cooked.disks.virtio | default({}) | combine(hostvars[install_hostname].install_cooked.disks.scsi | default({})) | dict2items }}" + loop: "{{ hostvars[install_hostname].install_cooked.disks.virtio | default({}) | combine(hostvars[install_hostname].install_cooked.disks.scsi | default({})) | dict2items | selectattr('value.type', 'eq', 'lvm') | list }}" loop_control: - label: "{% if item.value.type == 'lvm' %}{{ item.value.vg }} / {{ item.value.lv }} ({{ item.value.size }}){% else %}unused{% endif %}" - when: item.value.type == 'lvm' + label: "{{ item.value.vg }} / {{ item.value.lv }} ({{ item.value.size }})" lvol: vg: "{{ item.value.vg }}" lv: "{{ item.value.lv }}" size: "{{ item.value.size }}" state: present -- name: create zfs-based disks for vm - loop: "{{ hostvars[install_hostname].install_cooked.disks.virtio | default({}) | combine(hostvars[install_hostname].install_cooked.disks.scsi | default({})) | dict2items }}" +- name: create zfs base datasets for vm + loop: "{{ hostvars[install_hostname].install_cooked.disks.virtio | default({}) | combine(hostvars[install_hostname].install_cooked.disks.scsi | default({})) | dict2items | selectattr('value.type', 'eq', 'zfs') | map(attribute='value.backend') | map('default', 'default') | unique | list }}" + zfs: + name: "{{ vm_host.zfs[item].pool }}/{{ vm_host.zfs[item].name }}/{{ install_hostname }}" + state: present + extra_zfs_properties: + canmount: no + mountpoint: none + +- name: create zfs-based disk volumes for vm + loop: "{{ hostvars[install_hostname].install_cooked.disks.virtio | default({}) | combine(hostvars[install_hostname].install_cooked.disks.scsi | default({})) | dict2items | selectattr('value.type', 'eq', 'zfs') | list }}" loop_control: - label: "{% if item.value.type == 'zfs' %}{{ item.value.pool }} / {{ item.value.name }} ({{ item.value.size }}){% else %}unused{% endif %}" - when: item.value.type == 'zfs' + label: "{{ item.value.name }} on backend {{ item.value.backend | default('default') }} ({{ item.value.size }})" zfs: - name: "{{ item.value.pool }}/{{ item.value.name }}" + name: "{{ vm_host.zfs[item.value.backend | default('default')].pool }}/{{ vm_host.zfs[item.value.backend | default('default')].name }}/{{ install_hostname }}/{{ item.value.name }}" state: present extra_zfs_properties: volsize: "{{ item.value.size }}" -- cgit v1.2.3 From 2a442070a042e2e27a64a6c4119df7a7fd635798 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 23 May 2020 07:50:16 +0200 Subject: sk-tomnext and both VMs running on it are finally done --- common/cloud-install.yml | 16 ++++----- common/vm-install.yml | 16 ++++----- dan/host_vars/sk-tomnext-nc.yml | 14 ++++++++ dan/sk-tomnext-hp.yml | 6 ++++ dan/sk-tomnext-nc.yml | 17 +++++++++ inventory/host_vars/sk-tomnext-hp.yml | 32 +++++++++++++++++ inventory/host_vars/sk-tomnext-nc.yml | 66 +++++++++++++++++++++++++++++++++-- inventory/host_vars/sk-tomnext.yml | 10 +++--- inventory/hosts.ini | 3 +- remove-known-host.sh | 12 +++++-- 10 files changed, 163 insertions(+), 29 deletions(-) create mode 100644 dan/host_vars/sk-tomnext-nc.yml create mode 100644 dan/sk-tomnext-hp.yml create mode 100644 dan/sk-tomnext-nc.yml create mode 100644 inventory/host_vars/sk-tomnext-hp.yml (limited to 'inventory') diff --git a/common/cloud-install.yml b/common/cloud-install.yml index e21d4bf1..414cabd1 100644 --- a/common/cloud-install.yml +++ b/common/cloud-install.yml @@ -29,14 +29,6 @@ roles: - role: cloud/post-install -- name: run host playbook - vars: - params: - files: - - "../{{ install_environment }}/{{ install_hostname }}.yml" - - "../{{ install_environment }}/{{ install_playbook | default('common') }}.yml" - import_playbook: "{{ q('first_found', params) | first }}" - - name: reboot and wait for machine come back hosts: "{{ install_hostname }}" gather_facts: no @@ -44,3 +36,11 @@ - role: reboot-and-wait reboot_delay: 10 reboot_timeout: 120 + +- name: run host playbook + vars: + params: + files: + - "../{{ install_environment }}/{{ install_hostname }}.yml" + - "../{{ install_environment }}/{{ install_playbook | default('common') }}.yml" + import_playbook: "{{ q('first_found', params) | first }}" diff --git a/common/vm-install.yml b/common/vm-install.yml index d449926e..7aaf32fc 100644 --- a/common/vm-install.yml +++ b/common/vm-install.yml @@ -58,14 +58,6 @@ - role: vm/guest when: install_distro in ['debian', 'ubuntu'] -- name: run host playbook - vars: - params: - files: - - "../{{ install_environment }}/{{ install_hostname }}.yml" - - "../{{ install_environment }}/{{ install_playbook | default('common') }}.yml" - import_playbook: "{{ q('first_found', params) | first }}" - - name: reboot and wait for VM come back hosts: "{{ install_hostname }}" gather_facts: no @@ -73,3 +65,11 @@ - role: reboot-and-wait reboot_delay: 10 reboot_timeout: 120 + +- name: run host playbook + vars: + params: + files: + - "../{{ install_environment }}/{{ install_hostname }}.yml" + - "../{{ install_environment }}/{{ install_playbook | default('common') }}.yml" + import_playbook: "{{ q('first_found', params) | first }}" diff --git a/dan/host_vars/sk-tomnext-nc.yml b/dan/host_vars/sk-tomnext-nc.yml new file mode 100644 index 00000000..74badcb1 --- /dev/null +++ b/dan/host_vars/sk-tomnext-nc.yml @@ -0,0 +1,14 @@ +$ANSIBLE_VAULT;1.2;AES256;dan +39383530376638633762616162653834303633316365353238316464373534653462623962646662 +3536616637633035613832663331396236383936393331640a373033623664316136343239373935 +65323762663761333164326638363530393033626561663964313536303036333631363237613437 +3238336132626632300a636166386434646332613630623563633835306235373463633234303634 +31363236396139353833656139353537396337353864653738316631663638633539613865613864 +66343761366438373435326232616333316135313464623737333830316364333165396361383065 +39346232336662653239343837333138626263383337613762306464343231393932386635666237 +61336133316631306666633666653162653836613761363030393462633965336335316165346436 +64633032623633663761663266646234633961303531383761363064616231376163666665346563 +65646239343938313766346236616436313862623765326233656531383733663437313563613433 +33313532643436653234313833653962636265653864306331373433396338623435646562643631 +61306531663065653164663431653735633933616662663264656538343364373436366365383132 +3833 diff --git a/dan/sk-tomnext-hp.yml b/dan/sk-tomnext-hp.yml new file mode 100644 index 00000000..b0c38093 --- /dev/null +++ b/dan/sk-tomnext-hp.yml @@ -0,0 +1,6 @@ +--- +- name: do nothing + hosts: sk-tomnext-hp + tasks: + - debug: + msg: this host is not managed by ansible ... nothing to do here diff --git a/dan/sk-tomnext-nc.yml b/dan/sk-tomnext-nc.yml new file mode 100644 index 00000000..b1cf028a --- /dev/null +++ b/dan/sk-tomnext-nc.yml @@ -0,0 +1,17 @@ +--- +- name: Basic Setup + hosts: sk-tomnext-nc + roles: + - role: base + - role: sshd + - role: zsh + - role: apt-repo/base + - role: admin-user + - role: zfs/base + - role: apt-repo/spreadspace + - role: zfs/sanoid + - role: kubernetes/base + - role: kubernetes/standalone + - role: acmetool/base + - role: nginx/base + - role: apps/nextcloud diff --git a/inventory/host_vars/sk-tomnext-hp.yml b/inventory/host_vars/sk-tomnext-hp.yml new file mode 100644 index 00000000..68b924c7 --- /dev/null +++ b/inventory/host_vars/sk-tomnext-hp.yml @@ -0,0 +1,32 @@ +--- +vm_host: sk-tomnext + +install: + host: "{{ vm_host }}" + mem: 8192 + numcpu: 4 + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 50g + interfaces: + - bridge: br-public + name: primary0 + autostart: True + +network: + nameservers: "{{ hostvars[vm_host].vm_host.network.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: + interface: primary0 + ip: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.offsets[inventory_hostname]) | ipaddr('address') }}" + mask: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('netmask') }}" + gateway: "{{ hostvars[vm_host].vm_host.network.bridges.public.prefix | ipaddr('address') }}" + overlay: "{{ (hostvars[vm_host].vm_host.network.bridges.public.overlay.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}" + +external_ip: "{{ network.primary.overlay }}" diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index a302a298..19117003 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -11,15 +11,15 @@ install: sda: type: zfs name: root - size: 50g + size: 15g sdb: type: zfs name: data - size: 20g + size: 600g interfaces: - bridge: br-public name: primary0 - autostart: False + autostart: True network: nameservers: "{{ hostvars[vm_host].vm_host.network.dns }}" @@ -34,3 +34,63 @@ network: overlay: "{{ (hostvars[vm_host].vm_host.network.bridges.public.overlay.prefix | ipaddr(hostvars[vm_host].vm_host.network.bridges.public.overlay.offsets[inventory_hostname])).split('/')[0] }}" external_ip: "{{ network.primary.overlay }}" + + +apt_repo_components: +- main +- contrib ## for zfs + + +zfs_arc_size: + min: "{{ 2 * 1024 * 1024 * 1024 }}" + max: "{{ 8 * 1024 * 1024 * 1024 }}" + +zfs_zpools: + storage: + mountpoint: /srv/storage + create_vdevs: /dev/sdb + +zfs_sanoid_modules: + storage/nextcloud: + use_template: production + recursive: yes + process_children_only: yes + + +docker_zfs: + pool: storage + name: docker + size: 15G + +kubelet_zfs: + pool: storage + name: kubelet + size: 15G + +kubernetes_version: 1.18.3 +kubernetes_container_runtime: docker +kubernetes_standalone_max_pods: 15 +kubernetes_standalone_pod_cidr: 192.168.255.0/24 +kubernetes_standalone_cni_variant: with-portmap + + +acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" + + +nextcloud_zfs: + pool: storage + name: nextcloud + size: 500G + +nextcloud_instances: + team.tomwaitz.eu: + # new: true + version: 18.0.4 + port: 8100 + hostnames: + - team.tomwaitz.eu + quota: 100G + database: + type: mariadb + version: 10.5.3 + password: "{{ vault_nextcloud_database_passwords['team.tomwaitz.eu'] }}" diff --git a/inventory/host_vars/sk-tomnext.yml b/inventory/host_vars/sk-tomnext.yml index 57f3dcf1..22a96897 100644 --- a/inventory/host_vars/sk-tomnext.yml +++ b/inventory/host_vars/sk-tomnext.yml @@ -10,7 +10,6 @@ install: network: {} base_intel_nic_stability_fix: true - ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" apt_repo_components: @@ -18,6 +17,7 @@ apt_repo_components: - contrib ## for zfs - non-free ## for microcode updates + cryptdisk_volumes: crypto-nvme0: passphrase: "{{ vault_cryptdisk_volumes['crypto-nvme0'].passphrase }}" @@ -36,16 +36,14 @@ zfs_zpools: mountpoint: /srv/storage create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 - zfs_sanoid_modules: - storage/docker: - use_template: ignore - storage/kubelet: - use_template: ignore storage/vm: use_template: production recursive: yes process_children_only: yes + storage/vm/sk-tomnext-nc: + use_template: ignore + recursive: yes vm_host: diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 02d900e2..edc73ac1 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -130,7 +130,7 @@ sk-cloudia host_name=cloudia sk-2019vm host_name=2019vm sk-tomnext host_name=tomnext sk-tomnext-nc host_name=tomnext-nc -sk-tomnext-hp +sk-tomnext-hp host_name=homepage host_domain="" sk-testvm host_name=testvm sk-torrent host_name=torrent @@ -311,6 +311,7 @@ k8s-lwl sk-cloudia ele-thetys lw-thetys +sk-tomnext-nc [kubernetes:children] kubernetes-cluster diff --git a/remove-known-host.sh b/remove-known-host.sh index aab40144..647909ea 100755 --- a/remove-known-host.sh +++ b/remove-known-host.sh @@ -11,13 +11,19 @@ ssh_port=$(ssh -G "$short" | grep "^port " | awk '{ print($2) }' ) known_hosts_file=$(ssh -G "$short" | grep "^userknownhostsfile " | awk '{ print($2) }' ) known_hosts_file=${known_hosts_file/#\~/$HOME} +declare -a names +names+=("$short") +names+=("$ssh_host") +names+=("$ssh_host:$ssh_port") +names+=("[$ssh_host]:$ssh_port") + cd "${BASH_SOURCE%/*}" source common/utils.sh ansible_variable__get host_name "$short" || exit 1 -ansible_variable__get host_domain "$short" || exit 1 - +names+=("$host_name") +ansible_variable__get host_domain "$short" > /dev/null 2>&1 && names+=("$host_name.$host_domain") -for name in "$short" "$ssh_host" "$ssh_host:$ssh_port" "[$ssh_host]:$ssh_port" "$host_name" "$host_name.$host_domain"; do +for name in ${names[@]} ; do ssh-keygen -f "$known_hosts_file" -R "$name" done -- cgit v1.2.3 From 542f8b190c67141e7307c189dab050aabeebf13a Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 23 May 2020 08:09:02 +0200 Subject: reduce disk size of sk-tomnext-hp --- inventory/host_vars/sk-tomnext-hp.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'inventory') diff --git a/inventory/host_vars/sk-tomnext-hp.yml b/inventory/host_vars/sk-tomnext-hp.yml index 68b924c7..72f116b9 100644 --- a/inventory/host_vars/sk-tomnext-hp.yml +++ b/inventory/host_vars/sk-tomnext-hp.yml @@ -11,7 +11,7 @@ install: sda: type: zfs name: root - size: 50g + size: 20g interfaces: - bridge: br-public name: primary0 -- cgit v1.2.3 From b08dd03e155543fb6e3d4721c3588e79fdef40a0 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 23 May 2020 08:44:21 +0200 Subject: increase quota for tomnext nextcloud to 700G --- inventory/host_vars/sk-tomnext-nc.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'inventory') diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index 19117003..4394db99 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -15,7 +15,7 @@ install: sdb: type: zfs name: data - size: 600g + size: 800g interfaces: - bridge: br-public name: primary0 @@ -80,7 +80,7 @@ acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" nextcloud_zfs: pool: storage name: nextcloud - size: 500G + size: 700G nextcloud_instances: team.tomwaitz.eu: @@ -89,7 +89,7 @@ nextcloud_instances: port: 8100 hostnames: - team.tomwaitz.eu - quota: 100G + quota: 700G database: type: mariadb version: 10.5.3 -- cgit v1.2.3 From c047b38f9116bf3343a07436b9036b590192c484 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 23 May 2020 21:10:29 +0200 Subject: add collabora code to sk-tomwatz-nc --- dan/host_vars/sk-tomnext-nc.yml | 26 +++++++++++++------------- dan/sk-tomnext-nc.yml | 1 + inventory/host_vars/sk-tomnext-nc.yml | 16 +++++++++++++++- 3 files changed, 29 insertions(+), 14 deletions(-) (limited to 'inventory') diff --git a/dan/host_vars/sk-tomnext-nc.yml b/dan/host_vars/sk-tomnext-nc.yml index 74badcb1..4d3758a1 100644 --- a/dan/host_vars/sk-tomnext-nc.yml +++ b/dan/host_vars/sk-tomnext-nc.yml @@ -1,14 +1,14 @@ $ANSIBLE_VAULT;1.2;AES256;dan -39383530376638633762616162653834303633316365353238316464373534653462623962646662 -3536616637633035613832663331396236383936393331640a373033623664316136343239373935 -65323762663761333164326638363530393033626561663964313536303036333631363237613437 -3238336132626632300a636166386434646332613630623563633835306235373463633234303634 -31363236396139353833656139353537396337353864653738316631663638633539613865613864 -66343761366438373435326232616333316135313464623737333830316364333165396361383065 -39346232336662653239343837333138626263383337613762306464343231393932386635666237 -61336133316631306666633666653162653836613761363030393462633965336335316165346436 -64633032623633663761663266646234633961303531383761363064616231376163666665346563 -65646239343938313766346236616436313862623765326233656531383733663437313563613433 -33313532643436653234313833653962636265653864306331373433396338623435646562643631 -61306531663065653164663431653735633933616662663264656538343364373436366365383132 -3833 +31356637373366366135373964373331383431333233356234613565616139666262393362636261 +3664303764633061666262326134656162346438303634610a303434636562376435333733633164 +35323734313462363936386231363962643631313033363766323230633134616532373639373936 +3439646464326230380a353638343834303036353335396236626239393330393466383064306266 +36396631393366333932323761343933316266386632363032656566343530323236353539313763 +39353463333466373335313230623361393434353939623039646235346566306535613865363263 +38313432633632316435373139333263636635636563356266396434373733313538643865363939 +62343862336666393261383336376163373038623165313966643839626166613066323536646135 +66646565323135656665316263653132633432306630386262313933666435316435663436363865 +39643965353664376237636266623437336339376465333834663139656630633731383762313766 +66306437396437623938353734646161373534646362666639646138663264333830633332386130 +61616231346561346332326637373864303562626538313461386238626435356665373766303535 +3966 diff --git a/dan/sk-tomnext-nc.yml b/dan/sk-tomnext-nc.yml index b1cf028a..ff475fb9 100644 --- a/dan/sk-tomnext-nc.yml +++ b/dan/sk-tomnext-nc.yml @@ -15,3 +15,4 @@ - role: acmetool/base - role: nginx/base - role: apps/nextcloud + - role: apps/collabora/code diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index 4394db99..a163c35d 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -75,7 +75,7 @@ kubernetes_standalone_cni_variant: with-portmap acmetool_directory_server: "{{ acmetool_directory_server_le_live_v2 }}" - +nginx_server_names_hash_bucket_size: 64 nextcloud_zfs: pool: storage @@ -94,3 +94,17 @@ nextcloud_instances: type: mariadb version: 10.5.3 password: "{{ vault_nextcloud_database_passwords['team.tomwaitz.eu'] }}" + + +collabora_code_base_path: /srv/storage/collabora/code + +collabora_code_instances: + o.tomwaitz.eu: + version: 4.2.3.1 + port: 8200 + hostname: o.tomwaitz.eu + admin: + username: admin + password: "{{ vault_collabora_code_admin_passwords['o.tomwaitz.eu'] }}" + backend_storages: + - team.tomwaitz.eu -- cgit v1.2.3 From a0bbfef03f7d3267727c665444a22a0e27318504 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 24 May 2020 02:51:01 +0200 Subject: sk-2019vm migrated to new zfs schema --- dan/sk-2019vm.yml | 4 ++++ dan/sk-tomnext.yml | 2 +- inventory/host_vars/ch-mimas.yml | 3 +-- inventory/host_vars/ele-gwhetzner.yml | 3 +-- inventory/host_vars/emc-master.yml | 11 ++++------- inventory/host_vars/lw-master.yml | 11 ++++------- inventory/host_vars/sk-2019vm.yml | 14 +++++++++++++- inventory/host_vars/sk-testvm.yml | 3 +-- inventory/host_vars/sk-torrent.yml | 6 ++---- 9 files changed, 31 insertions(+), 26 deletions(-) (limited to 'inventory') diff --git a/dan/sk-2019vm.yml b/dan/sk-2019vm.yml index 6479636d..0aa1ed31 100644 --- a/dan/sk-2019vm.yml +++ b/dan/sk-2019vm.yml @@ -9,6 +9,8 @@ - role: admin-user - role: cryptdisk - role: zfs/base + - role: apt-repo/spreadspace + - role: zfs/sanoid - role: vm/host - role: installer/debian/base tasks: @@ -25,6 +27,8 @@ {% endfor %} systemctl restart zfs-import-cache.service systemctl restart zfs-mount.service + systemctl restart zfs-share.service + systemctl restart zfs-zed.service mount -a sleep 2 diff --git a/dan/sk-tomnext.yml b/dan/sk-tomnext.yml index 4294880d..d5d0fec6 100644 --- a/dan/sk-tomnext.yml +++ b/dan/sk-tomnext.yml @@ -5,8 +5,8 @@ - role: base - role: sshd - role: zsh - - role: admin-user - role: apt-repo/base + - role: admin-user - role: cryptdisk - role: zfs/base - role: apt-repo/spreadspace diff --git a/inventory/host_vars/ch-mimas.yml b/inventory/host_vars/ch-mimas.yml index 9a89fe7c..194ecbb7 100644 --- a/inventory/host_vars/ch-mimas.yml +++ b/inventory/host_vars/ch-mimas.yml @@ -10,8 +10,7 @@ install: virtio: vda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 62g interfaces: - bridge: br-public diff --git a/inventory/host_vars/ele-gwhetzner.yml b/inventory/host_vars/ele-gwhetzner.yml index 7ebda8ff..98f5fb6e 100644 --- a/inventory/host_vars/ele-gwhetzner.yml +++ b/inventory/host_vars/ele-gwhetzner.yml @@ -10,8 +10,7 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 5g interfaces: - bridge: br-public diff --git a/inventory/host_vars/emc-master.yml b/inventory/host_vars/emc-master.yml index e89463a9..71fe8c75 100644 --- a/inventory/host_vars/emc-master.yml +++ b/inventory/host_vars/emc-master.yml @@ -10,14 +10,11 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 20g - sdb: - type: zfs - pool: storage - name: "streamstats" - size: 50g + # sdb: + # type: image + # path: /dev/zvol/storage/streamstats interfaces: - bridge: br-public name: primary0 diff --git a/inventory/host_vars/lw-master.yml b/inventory/host_vars/lw-master.yml index e89463a9..71fe8c75 100644 --- a/inventory/host_vars/lw-master.yml +++ b/inventory/host_vars/lw-master.yml @@ -10,14 +10,11 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 20g - sdb: - type: zfs - pool: storage - name: "streamstats" - size: 50g + # sdb: + # type: image + # path: /dev/zvol/storage/streamstats interfaces: - bridge: br-public name: primary0 diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml index f9bfb0bb..705ff929 100644 --- a/inventory/host_vars/sk-2019vm.yml +++ b/inventory/host_vars/sk-2019vm.yml @@ -27,7 +27,6 @@ cryptdisk_volumes: device: /dev/disk/by-id/nvme-eui.0025388291b201cb-part3 -zfs_use_systemd_mount_generator: no zfs_arc_size: min: "{{ 2 * 1024 * 1024 * 1024 }}" max: "{{ 8 * 1024 * 1024 * 1024 }}" @@ -37,6 +36,15 @@ zfs_zpools: mountpoint: /srv/storage create_vdevs: mirror /dev/mapper/crypto-nvme0 /dev/mapper/crypto-nvme1 +zfs_sanoid_modules: + storage/vm: + use_template: production + recursive: yes + process_children_only: yes + storage/vm/sk-testvm: + use_template: ignore + recursive: yes + vm_host: network: @@ -64,3 +72,7 @@ vm_host: ele-gwhetzner: 2 ch-mimas: 6 sk-testvm: 7 + zfs: + default: + pool: storage + name: vm diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index 6ee92378..5d9561f0 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -10,8 +10,7 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 10g interfaces: - bridge: br-public diff --git a/inventory/host_vars/sk-torrent.yml b/inventory/host_vars/sk-torrent.yml index cdf5f94a..8135dde0 100644 --- a/inventory/host_vars/sk-torrent.yml +++ b/inventory/host_vars/sk-torrent.yml @@ -10,13 +10,11 @@ install: scsi: sda: type: zfs - pool: storage - name: "{{ inventory_hostname }}" + name: root size: 10g sdb: type: zfs - pool: storage - name: "{{ inventory_hostname }}-data" + name: data size: 180g interfaces: - bridge: br-public -- cgit v1.2.3 From 6d4f60950c57b663484147fbc30bc07782b8ce67 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 24 May 2020 19:12:00 +0200 Subject: sk-tomnext-nc: custom image for collabora code and nextcloud --- inventory/host_vars/sk-tomnext-nc.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'inventory') diff --git a/inventory/host_vars/sk-tomnext-nc.yml b/inventory/host_vars/sk-tomnext-nc.yml index a163c35d..296a9e28 100644 --- a/inventory/host_vars/sk-tomnext-nc.yml +++ b/inventory/host_vars/sk-tomnext-nc.yml @@ -94,6 +94,13 @@ nextcloud_instances: type: mariadb version: 10.5.3 password: "{{ vault_nextcloud_database_passwords['team.tomwaitz.eu'] }}" + custom_image: + dockerfile: | + RUN set -x \ + && sed 's/main$/main contrib non-free/' -i /etc/apt/sources.list \ + && apt-get update -q \ + && apt-get install -y -q unrar \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* collabora_code_base_path: /srv/storage/collabora/code @@ -108,3 +115,12 @@ collabora_code_instances: password: "{{ vault_collabora_code_admin_passwords['o.tomwaitz.eu'] }}" backend_storages: - team.tomwaitz.eu + custom_image: + dockerfile: | + USER root + RUN set -x \ + && echo ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true | debconf-set-selections \ + && apt-get update -q \ + && apt-get install -y -q ttf-mscorefonts-installer \ + && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + USER 101 -- cgit v1.2.3 From bb486c7e489f80e9b5a28569c18ea0d32fe3c11b Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 26 May 2020 23:44:41 +0200 Subject: cleanup old configs and playbooks --- chaos-at-home/r3-cccamp19-av.yml | 8 -------- chaos-at-home/r3-cccamp19-dione.yml | 7 ------- chaos-at-home/r3-cccamp19-flora.yml | 8 -------- chaos-at-home/r3-cccamp19-helene.yml | 7 ------- chaos-at-home/r3-cccamp19-verr.yml | 8 -------- chaos-at-home/r3-cccamp19_vm.yml | 8 ++++++++ inventory/host_vars/ch-gnocchi.yml | 4 ++-- inventory/host_vars/r3-cccamp19-av.yml | 2 ++ inventory/host_vars/r3-cccamp19-flora.yml | 2 ++ inventory/host_vars/r3-cccamp19-verr.yml | 2 ++ inventory/hosts.ini | 2 +- spreadspace/s2-build.yml | 5 +++++ 12 files changed, 22 insertions(+), 41 deletions(-) delete mode 100644 chaos-at-home/r3-cccamp19-av.yml delete mode 100644 chaos-at-home/r3-cccamp19-dione.yml delete mode 100644 chaos-at-home/r3-cccamp19-flora.yml delete mode 100644 chaos-at-home/r3-cccamp19-helene.yml delete mode 100644 chaos-at-home/r3-cccamp19-verr.yml create mode 100644 chaos-at-home/r3-cccamp19_vm.yml create mode 100644 spreadspace/s2-build.yml (limited to 'inventory') diff --git a/chaos-at-home/r3-cccamp19-av.yml b/chaos-at-home/r3-cccamp19-av.yml deleted file mode 100644 index 511776de..00000000 --- a/chaos-at-home/r3-cccamp19-av.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Basic Setup - hosts: r3-cccamp19-av - roles: - - role: base - - role: sshd - - role: zsh - - role: dyndns/client diff --git a/chaos-at-home/r3-cccamp19-dione.yml b/chaos-at-home/r3-cccamp19-dione.yml deleted file mode 100644 index 6a4933a1..00000000 --- a/chaos-at-home/r3-cccamp19-dione.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Basic Setup - hosts: r3-cccamp19-dione - roles: - - role: base - - role: sshd - - role: zsh diff --git a/chaos-at-home/r3-cccamp19-flora.yml b/chaos-at-home/r3-cccamp19-flora.yml deleted file mode 100644 index 0208c1db..00000000 --- a/chaos-at-home/r3-cccamp19-flora.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Basic Setup - hosts: r3-cccamp19-flora - roles: - - role: base - - role: sshd - - role: zsh - - role: dyndns/client diff --git a/chaos-at-home/r3-cccamp19-helene.yml b/chaos-at-home/r3-cccamp19-helene.yml deleted file mode 100644 index 35344505..00000000 --- a/chaos-at-home/r3-cccamp19-helene.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Basic Setup - hosts: r3-cccamp19-helene - roles: - - role: base - - role: sshd - - role: zsh diff --git a/chaos-at-home/r3-cccamp19-verr.yml b/chaos-at-home/r3-cccamp19-verr.yml deleted file mode 100644 index 187d76ad..00000000 --- a/chaos-at-home/r3-cccamp19-verr.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Basic Setup - hosts: r3-cccamp19-verr - roles: - - role: base - - role: sshd - - role: zsh - - role: dyndns/client diff --git a/chaos-at-home/r3-cccamp19_vm.yml b/chaos-at-home/r3-cccamp19_vm.yml new file mode 100644 index 00000000..ca8d230b --- /dev/null +++ b/chaos-at-home/r3-cccamp19_vm.yml @@ -0,0 +1,8 @@ +--- +- name: Basic Setup + hosts: "{{ install_hostname }}" + roles: + - role: base + - role: sshd + - role: zsh + - role: dyndns/client diff --git a/inventory/host_vars/ch-gnocchi.yml b/inventory/host_vars/ch-gnocchi.yml index 35527e2d..d5525443 100644 --- a/inventory/host_vars/ch-gnocchi.yml +++ b/inventory/host_vars/ch-gnocchi.yml @@ -33,7 +33,7 @@ __interface_zones__: __interface_zones_yaml__: | - {% for interface in __interface_zones__.keys() %} + {% for interface in (__interface_zones__.keys() | sort) %} {% for zone in __interface_zones__[interface] %} {% if zone is mapping %} {{ zone.name }}: @@ -61,7 +61,7 @@ __interface_configs__: | # The loopback network interface auto lo iface lo inet loopback - {% for interface in __interface_zones__.keys() %} + {% for interface in (__interface_zones__.keys() | sort) %} auto {{ interface }} diff --git a/inventory/host_vars/r3-cccamp19-av.yml b/inventory/host_vars/r3-cccamp19-av.yml index 378f459c..54f6c5da 100644 --- a/inventory/host_vars/r3-cccamp19-av.yml +++ b/inventory/host_vars/r3-cccamp19-av.yml @@ -31,5 +31,7 @@ network: mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}" gateway: "{{ network_zones.lan.gateway }}" +install_playbook: r3-cccamp19_vm + dyndns: server: ch-pan diff --git a/inventory/host_vars/r3-cccamp19-flora.yml b/inventory/host_vars/r3-cccamp19-flora.yml index 378f459c..54f6c5da 100644 --- a/inventory/host_vars/r3-cccamp19-flora.yml +++ b/inventory/host_vars/r3-cccamp19-flora.yml @@ -31,5 +31,7 @@ network: mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}" gateway: "{{ network_zones.lan.gateway }}" +install_playbook: r3-cccamp19_vm + dyndns: server: ch-pan diff --git a/inventory/host_vars/r3-cccamp19-verr.yml b/inventory/host_vars/r3-cccamp19-verr.yml index 03b32e4c..81cbe05b 100644 --- a/inventory/host_vars/r3-cccamp19-verr.yml +++ b/inventory/host_vars/r3-cccamp19-verr.yml @@ -31,5 +31,7 @@ network: mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}" gateway: "{{ network_zones.lan.gateway }}" +install_playbook: r3-cccamp19_vm + dyndns: server: ch-pan diff --git a/inventory/hosts.ini b/inventory/hosts.ini index edc73ac1..2e55d5dd 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -15,9 +15,9 @@ env_group=chaos-at-home ch-equinox-ws host_name=equinox-ws ch-atlas host_name=atlas ch-pan host_name=pan -ch-mimas host_name=mimas ch-keyserver host_name=keyserver ch-testvm host_name=testvm +ch-mimas host_name=mimas ch-mimas2 host_name=mimas ch-gnocchi host_name=gnocchi ch-router host_name=router diff --git a/spreadspace/s2-build.yml b/spreadspace/s2-build.yml new file mode 100644 index 00000000..0fc9de6e --- /dev/null +++ b/spreadspace/s2-build.yml @@ -0,0 +1,5 @@ +--- +- name: Basic Setup + hosts: s2-build + roles: + - role: zsh -- cgit v1.2.3