blob: c7ade2af3501a66a99c22395de2132630102e9d1 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
---
- name: Basic Setup
hosts: sgg-icecast
roles:
- role: apt-repo/base
- role: core/base
- role: core/sshd/base
- role: core/zsh
- role: core/ntp
- role: kubernetes/base
- role: kubernetes/standalone/base
- role: streaming/icecast
- role: apt-repo/spreadspace
- role: acmetool/base
- role: nginx/base
- name: storage/lvm/volume
lvm_volume:
vg: "{{ host_name }}"
lv: www
size: 1G
fs: ext4
dest: /srv/www
post_tasks:
- name: create base directory for static www content
file:
path: /srv/www/radio
state: directory
- name: configure default vhost radiogloria.at
vars:
nginx_vhost:
default: yes
name: radio
template: static-files-with-acme
acme: yes
hostnames:
- radiogloria.at
- www.radiogloria.at
locations:
'/':
root: /srv/www/radio
index: index.html
include_role:
name: nginx/vhost
- name: configure default vhost live.radiogloria.at
vars:
nginx_vhost:
name: radio-stream
template: generic-proxy-no-buffering-with-acme
acme: yes
hostnames:
- live.radiogloria.at
locations:
'/':
proxy_pass: http://127.0.0.1:8080
include_role:
name: nginx/vhost
- name: create base directory for stats
file:
path: /srv/www/stats-schlagergarten
state: directory
- name: add user for stats
user:
name: stats
system: yes
home: /nonexistent
create_home: no
- name: create data directory for stats
file:
path: /srv/www/stats-schlagergarten/data
state: directory
group: stats
mode: 0775
- name: install stats collector script
copy:
content: |
#!/bin/bash
STATS_D=$(realpath "${BASH_SOURCE%/*}")
ts=$(date '+%Y-%m-%d_%H-%M-%S')
exec curl -s http://localhost:8080/status-json.xsl | gzip > "$STATS_D/data/$ts.json.gz"
dest: /srv/www/stats-schlagergarten/fetch.sh
mode: 0755
- name: install systemd unit for stats collector
copy:
content: |
[Unit]
Description=Schlagergarten Stream Stats Collector
[Service]
Type=oneshot
User=stats
ExecStart=/srv/www/stats-schlagergarten/fetch.sh
TimeoutStartSec=20s
TimeoutStartFailureMode=kill
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
ProtectSystem=strict
ReadWritePaths=/srv/www/stats-schlagergarten/data
ProtectHome=yes
ProtectKernelTunables=yes
ProtectControlGroups=yes
RestrictRealtime=yes
RestrictAddressFamilies=AF_INET
[Install]
WantedBy=multi-user.target
dest: /etc/systemd/system/stats-schlagergarten.service
- name: install systemd timer for stats collector
copy:
content: |
[Unit]
Description=Schlagergarten Stream Stats Collector
[Timer]
OnCalendar=minutely
AccuracySec=0s
[Install]
WantedBy=timers.target
dest: /etc/systemd/system/stats-schlagergarten.timer
- name: make sure stats collector timer unit is enabled and started
systemd:
name: stats-schlagergarten.timer
daemon_reload: yes
enabled: yes
state: started
|