From a61419a2d513394ffe29b34fbbb6dfaf34e56c9c Mon Sep 17 00:00:00 2001
From: 3D <3d@n3rd3d.com>
Date: Tue, 21 Feb 2023 16:55:43 +0100
Subject: [PATCH] prepare new remote servers hex and hix
---
functions | 2 +-
host_vars/hex | 40 +++++++++++++++
host_vars/hix | 117 +++++++++++++++++++++++++++++++++++++++++++
host_vars/weatherwax | 1 +
hosts | 6 +++
site.yml | 22 +++++++-
6 files changed, 185 insertions(+), 3 deletions(-)
create mode 100644 host_vars/hex
create mode 100644 host_vars/hix
diff --git a/functions b/functions
index e8a04941..900377e4 160000
--- a/functions
+++ b/functions
@@ -1 +1 @@
-Subproject commit e8a049414bca2b14b158444dac1b94c2ca90d9be
+Subproject commit 900377e4f72486f6699ecf736f96adfbc04e92da
diff --git a/host_vars/hex b/host_vars/hex
new file mode 100644
index 00000000..4f939e67
--- /dev/null
+++ b/host_vars/hex
@@ -0,0 +1,40 @@
+
+# Host spezifische Variablen
+
+motd_lines:
+ - "Weathermax - Interner Proxmox Server @ warpzone"
+ - "IPs: {{ansible_bond0.ipv4.address}}"
+
+debian_sources:
+ - "deb http://deb.debian.org/debian/ bullseye main non-free contrib"
+ - "deb http://security.debian.org/debian-security bullseye-security main contrib non-free"
+ - "deb http://deb.debian.org/debian/ bullseye-updates main contrib non-free"
+ - "deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription"
+
+debian_keys_id:
+
+debian_keys_url:
+ - "https://enterprise.proxmox.com/debian/proxmox-release-bullseye.gpg"
+
+
+# Art des Hosts: physical, vm, docker
+host_type: "physical"
+
+# Primäre IP Adressen des Hosts
+int_ip4: 10.111.10.100
+
+administratorenteam:
+ - "void"
+ - "sandhome"
+ - "3d"
+ - "jabertwo"
+
+# Monitoring aktivieren
+alert:
+ load:
+ warn: 4
+ crit: 8
+ disks:
+ - { mountpoint: "/", warn: "10 GB", crit: "3 GB" }
+ - { mountpoint: "/mnt/data", warn: "10 GB", crit: "3 GB" }
+
diff --git a/host_vars/hix b/host_vars/hix
new file mode 100644
index 00000000..ea4836dc
--- /dev/null
+++ b/host_vars/hix
@@ -0,0 +1,117 @@
+
+# Host spezifische Variablen
+
+motd_lines:
+ - "Ogg - Interne Services @ warpzone"
+ - "Haupt-IP @ eth0: {{ansible_eth0.ipv4.address}}"
+
+debian_sources:
+ - "deb http://ftp2.de.debian.org/debian/ bullseye main contrib non-free"
+ - "deb http://ftp.debian.org/debian bullseye-updates main contrib non-free"
+ - "deb http://security.debian.org/ bullseye-security main contrib non-free"
+ - "deb https://download.docker.com/linux/debian bullseye stable"
+
+debian_keys_id:
+
+debian_keys_url:
+ - "https://download.docker.com/linux/debian/gpg"
+
+
+# Primäre IP Adressen des Hosts
+#ext_ip4: <keine>
+#ext_ip6: <keine>
+int_ip4: 10.111.10.101
+
+
+# Art des Hosts: physical, vm, lxc
+host_type: "lxc"
+
+# SSL deaktivieren
+webserver_ssl: false
+
+# Liste der gehosteten Domänen
+webserver_domains:
+ - "esphome.warpzone"
+ - "unifi.warpzone"
+
+administratorenteam:
+ - "void"
+ - "sandhome"
+ - "3d"
+ - "jabertwo"
+
+# Docker konfigurationen
+docker:
+ # Interne Docker-Netzwerke
+ internal_networks:
+ - web
+
+# Monitoring aktivieren
+alert:
+ load:
+ warn: 2
+ crit: 4
+ containers:
+ - { name: "dockerstats_app_1" }
+ - { name: "mqtt_app_1" }
+ - { name: "mqtt_influxdb_1" }
+ - { name: "mqtt_telegraf_1" }
+ - { name: "nodered_app_1" }
+ - { name: "unifi_app_1" }
+ disks:
+ - { mountpoint: "/", warn: "5 GB", crit: "1 GB" }
+ - { mountpoint: "/srv", warn: "5 GB", crit: "1 GB" }
+ - { mountpoint: "/var/lib/docker", warn: "5 GB", crit: "1 GB" }
+
+
+# Definition von Borgbackup Repositories
+borgbackup_repos:
+
+ borgbase:
+
+ # URL des Repos
+ repo: "juxt0t1v@juxt0t1v.repo.borgbase.com:repo"
+
+ # Repo-spezifische Optionen zum Aufruf von Borgbackup
+ # z.B. bei Sicherungen zu rsync.net ist --remote-path=borg1 erforderlich
+ options: ""
+
+ # Compression Options, z,b. "zlib,5, "zstd,5"
+ compression: "zlib,5"
+
+ # Prune Optionen
+ prune: "--keep-within=2d --keep-daily=7 --keep-weekly=4 --keep-monthly=6"
+
+ # Backup Schedule
+ weekday: "*"
+ hour: "*/4"
+ minute: "40"
+
+ # Zusätzliche Verzeichnisse, die nur in diesem Backup gesichtert werden sollen
+ # directories:
+
+ # Monitoring
+ alert: true
+ warning_age: 10
+ critical_age: 20
+ warning_count: 10
+ critical_count: 5
+
+
+# Definition der Verzeichnisse, die in allen Borgbackup Repos gesichert werden sollen
+borgbackup_directories:
+ - "/etc/"
+ - "/srv/"
+
+
+wled_devices:
+ - { id: "ampel", groups: "gHauptraum" }
+ - { id: "kuehlschrank", groups: "gHauptraum" }
+ - { id: "klo", groups: "gToilet" }
+ - { id: "lightsaber", groups: "gHauptraum" }
+ - { id: "loungedecke", groups: "gLounge" }
+ - { id: "theke", groups: "gKueche" }
+ - { id: "trocknerschlauch", groups: "gHauptraum" }
+ - { id: "rack", groups: "gLounge" }
+ - { id: "warpcubes", groups: "gLounge" }
+
diff --git a/host_vars/weatherwax b/host_vars/weatherwax
index 552226bb..48fd99fd 100644
--- a/host_vars/weatherwax
+++ b/host_vars/weatherwax
@@ -26,6 +26,7 @@ int_ip4: 192.168.0.200
administratorenteam:
- "void"
- "sandhome"
+ - "3d"
- "jabertwo"
# Monitoring aktivieren
diff --git a/hosts b/hosts
index 9010cf80..700bcdeb 100644
--- a/hosts
+++ b/hosts
@@ -37,4 +37,10 @@ webserver ansible_ssh_host=159.69.57.51
# Auch erreichbar unter verwaltung.warpzone.ms
verwaltung ansible_ssh_host=195.201.179.60
+# warpzone.remote Proxmox-Server
+hex ansible_ssh_host=10.111.10.100
+# Server für remote Dienste
+# Container auf dem warpzone.remote Proxmox-Server
+# Wichtige Optionen: Nesting = Yes, keyctl = enabled
+hix ansible_ssh_host=10.111.10.101
\ No newline at end of file
diff --git a/site.yml b/site.yml
index d7fba519..6993ef78 100644
--- a/site.yml
+++ b/site.yml
@@ -285,7 +285,25 @@
role: verwaltung/x2goserver, tags: x2goserver
}
+##################################################
+# warpzone.remote Server
+##################################################
+- hosts: hex
+ remote_user: root
+ roles:
+ - { role: common/proxmox, tags: proxmox }
+ - { role: common/cronapt, tags: cronapt }
-
-
+- hosts: hix
+ remote_user: root
+ roles:
+ - { role: common/borgbackup, tags: borgbackup }
+ - { role: common/cronapt, tags: cronapt }
+ - { role: common/docker, tags: docker }
+ - { role: common/prometheus-node, tags: prometheus-node }
+ - {
+ role: common/docker_dockerstats, tags: dockerstats,
+ servicename: dockerstats,
+ basedir: /srv/dockerstats
+ }
\ No newline at end of file
--
GitLab