From ec68be996a7926bdaeaa0f7cf35ef090401e7a31 Mon Sep 17 00:00:00 2001 From: ge Date: Mon, 30 Mar 2026 20:55:41 +0300 Subject: [PATCH] various updates --- .gitignore | 1 + README.md | 8 ++-- inventory.yaml | 35 ----------------- playbooks/base.yaml | 1 + playbooks/external.yaml | 2 +- playbooks/internal.yaml | 2 +- roles/apt/files/no-languages | 1 + roles/apt/files/no-pager | 1 + roles/apt/files/no-recommends | 2 + roles/apt/tasks/main.yaml | 11 ++++++ roles/docker-upstream/handlers/main.yaml | 4 ++ roles/docker-upstream/tasks/main.yaml | 46 ++++++++++++++++++++++ roles/docker/tasks/main.yaml | 44 +++------------------ roles/dotfiles/files/dot.bashrc | 6 ++- roles/dotfiles/files/dot.profile | 9 ++--- roles/locale/tasks/main.yaml | 6 +-- roles/motd/files/motd.radxa | 8 ++++ roles/motd/tasks/main.yaml | 49 ++++++++++++++++++++---- 18 files changed, 140 insertions(+), 96 deletions(-) create mode 100644 .gitignore delete mode 100644 inventory.yaml create mode 100644 roles/apt/files/no-languages create mode 100644 roles/apt/files/no-pager create mode 100644 roles/apt/files/no-recommends create mode 100644 roles/apt/tasks/main.yaml create mode 100644 roles/docker-upstream/handlers/main.yaml create mode 100644 roles/docker-upstream/tasks/main.yaml create mode 100644 roles/motd/files/motd.radxa diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..27b0bac --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +inventory.* diff --git a/README.md b/README.md index ca058e0..45dc062 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ ## Requirements ``` -ansible-galaxy install -r requirements.yml +ansible-galaxy install -r requirements.yaml ``` ## Roles @@ -13,6 +13,7 @@ Basic server setup: - `hostname` Set hostname, FQDN. - `tz` Set TZ `Europe/Moscow`. - `locale` Generate and set locale `en_US.utf-8`. +- `apt` Configute APT. - `packages` Install admin tools e.g. vim, tree, etc. - `dotfiles` Add dotfiles for root and /etc/skel. - `motd` Modify MOTD. @@ -21,5 +22,6 @@ Basic server setup: Other: -- `avahi` Install and configure Avahi daemon for mDNS. -- `docker` Install Docker Engine. +- `avahi` Install and configure Avahi daemon for mDNS. +- `docker` Install Docker Engine from OS repository. +- `docker-upstream` Install Docker Engine from upstream repository. diff --git a/inventory.yaml b/inventory.yaml deleted file mode 100644 index 10fada7..0000000 --- a/inventory.yaml +++ /dev/null @@ -1,35 +0,0 @@ -all: - vars: - architectures: - x86_64: amd64 - aarch64: arm64 - armv7l: armhf - children: - external: - hosts: - mainframe: - server_hostname: mainframe - server_fqdn: mainframe.phreepunk.network - ansible_host: 147.45.233.134 - ansible_user: root - ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519 - internal: - hosts: - opipcplus: - server_hostname: opipcplus - server_fqdn: opipcplus.local - ansible_host: 192.168.3.8 - ansible_user: root - ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519 - opi3b: - server_hostname: opi3b - server_fqdn: opi3b.local - ansible_host: 192.168.3.6 - ansible_user: root - ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519 - pnx: - server_hostname: pnx - server_fqdn: pnx.local - ansible_host: 192.168.3.128 - ansible_user: root - ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519 diff --git a/playbooks/base.yaml b/playbooks/base.yaml index ddd6883..18f6cc4 100644 --- a/playbooks/base.yaml +++ b/playbooks/base.yaml @@ -5,4 +5,5 @@ - locale - motd - dotfiles + - apt - packages diff --git a/playbooks/external.yaml b/playbooks/external.yaml index f68dbbb..5919ddd 100644 --- a/playbooks/external.yaml +++ b/playbooks/external.yaml @@ -3,4 +3,4 @@ - sshd - ufw - role: docker - when: server_hostname in ['mainframe'] + when: server_hostname in ['mainframe', 'frontier', 'montreal'] diff --git a/playbooks/internal.yaml b/playbooks/internal.yaml index 7d1eed8..d9d9dd2 100644 --- a/playbooks/internal.yaml +++ b/playbooks/internal.yaml @@ -2,4 +2,4 @@ roles: - avahi - role: docker - when: server_hostname != 'pnx' + when: server_hostname != 'amude' diff --git a/roles/apt/files/no-languages b/roles/apt/files/no-languages new file mode 100644 index 0000000..2318f84 --- /dev/null +++ b/roles/apt/files/no-languages @@ -0,0 +1 @@ +Acquire::Languages "none"; diff --git a/roles/apt/files/no-pager b/roles/apt/files/no-pager new file mode 100644 index 0000000..58e39a5 --- /dev/null +++ b/roles/apt/files/no-pager @@ -0,0 +1 @@ +Binary::apt::Pager "false"; diff --git a/roles/apt/files/no-recommends b/roles/apt/files/no-recommends new file mode 100644 index 0000000..a62feb1 --- /dev/null +++ b/roles/apt/files/no-recommends @@ -0,0 +1,2 @@ +APT::Install-Recommends "0"; +APT::Install-Suggests "0"; diff --git a/roles/apt/tasks/main.yaml b/roles/apt/tasks/main.yaml new file mode 100644 index 0000000..94b37ac --- /dev/null +++ b/roles/apt/tasks/main.yaml @@ -0,0 +1,11 @@ +- name: Configure APT + ansible.builtin.copy: + src: "{{ item }}" + dest: "/etc/apt/apt.conf.d/10-custom-{{ item }}" + owner: root + group: root + mode: 0644 + with_items: + - no-recommends + - no-languages + - no-pager diff --git a/roles/docker-upstream/handlers/main.yaml b/roles/docker-upstream/handlers/main.yaml new file mode 100644 index 0000000..e56c07b --- /dev/null +++ b/roles/docker-upstream/handlers/main.yaml @@ -0,0 +1,4 @@ +- name: Autoremove and autoclean packages + ansible.builtin.apt: + autoremove: yes + autoclean: yes diff --git a/roles/docker-upstream/tasks/main.yaml b/roles/docker-upstream/tasks/main.yaml new file mode 100644 index 0000000..6e56fcb --- /dev/null +++ b/roles/docker-upstream/tasks/main.yaml @@ -0,0 +1,46 @@ +- name: Check and install prerequisites + ansible.builtin.apt: + name: "{{ item }}" + state: latest + update_cache: yes + install_recommends: no + with_items: + - ca-certificates + - curl + - gnupg + - lsb-release + +- name: Add Docker repository + block: + - name: Make APT keyrings dir + ansible.builtin.file: + path: /etc/apt/keyrings + state: directory + owner: root + group: root + mode: 0755 + + - name: Add Docker APT key + ansible.builtin.get_url: + url: "https://download.docker.com/linux/debian/gpg" + dest: /etc/apt/keyrings/docker.asc + + - name: Add Docker APT list + ansible.builtin.apt_repository: + repo: "deb [arch={{ architectures[ansible_architecture] }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable" + filename: docker + state: present + +- name: Install Docker Engine (Upstream) + ansible.builtin.apt: + name: "{{ item }}" + state: latest + update_cache: yes + install_recommends: no + with_items: + - docker-ce + - docker-ce-cli + - containerd.io + - docker-buildx-plugin + - docker-compose-plugin + notify: Autoremove and autoclean packages diff --git a/roles/docker/tasks/main.yaml b/roles/docker/tasks/main.yaml index 3e37524..5e89431 100644 --- a/roles/docker/tasks/main.yaml +++ b/roles/docker/tasks/main.yaml @@ -1,46 +1,12 @@ -- name: Check and install prerequisites +- name: Install Docker Engine (Debian) ansible.builtin.apt: name: "{{ item }}" state: latest update_cache: yes install_recommends: no with_items: - - ca-certificates - - curl - - gnupg - - lsb-release - -- name: Add Docker repository - block: - - name: Make APT keyrings dir - ansible.builtin.file: - path: /etc/apt/keyrings - state: directory - owner: root - group: root - mode: 0755 - - - name: Add Docker APT key - ansible.builtin.get_url: - url: "https://download.docker.com/linux/debian/gpg" - dest: /etc/apt/keyrings/docker.asc - - - name: Add Docker APT list - ansible.builtin.apt_repository: - repo: "deb [arch={{ architectures[ansible_architecture] }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable" - filename: docker - state: present - -- name: Install Docker Engine - ansible.builtin.apt: - name: "{{ item }}" - state: latest - update_cache: yes - install_recommends: no - with_items: - - docker-ce - - docker-ce-cli - - containerd.io - - docker-buildx-plugin - - docker-compose-plugin + - docker.io + - docker-cli + - docker-buildx + - docker-compose notify: Autoremove and autoclean packages diff --git a/roles/dotfiles/files/dot.bashrc b/roles/dotfiles/files/dot.bashrc index 8758c60..a4513f9 100644 --- a/roles/dotfiles/files/dot.bashrc +++ b/roles/dotfiles/files/dot.bashrc @@ -2,7 +2,7 @@ [ -f ~/.profile ] && . ~/.profile -[ -f ~/.profile.extra ] && . ~/.profile.extra +[ -f ~/.profile.local ] && . ~/.profile.local alias grep='grep --color=auto' alias diff='diff --color=auto' @@ -21,8 +21,10 @@ HISTFILESIZE=1000000 HISTTIMEFORMAT="%d %b %Y %T %z " if [ "$EUID" -eq 0 ]; then - if [ -f /etc/armbian-release ]; then + if [ $(grep -m 1 -oi orange /etc/armbian-image-release 2>/dev/null) ]; then PS1='\[\033[38;5;208;1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ ' + elif [ $(grep -m 1 -oi rockpi /etc/armbian-image-release 2>/dev/null) ]; then + PS1='\[\033[32;5;208;1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ ' else PS1='\[\033[1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ ' fi diff --git a/roles/dotfiles/files/dot.profile b/roles/dotfiles/files/dot.profile index bb5d322..07a643f 100644 --- a/roles/dotfiles/files/dot.profile +++ b/roles/dotfiles/files/dot.profile @@ -1,7 +1,6 @@ # Ansible managed -PATH=$HOME/.local/bin:$PATH -EDITOR=vim -VISUAL=vim -LESS=-R -export PATH EDITOR VISUAL LESS +export PATH=$HOME/.local/bin:$PATH +export EDITOR=vim +export VISUAL=vim +export LESS=-R diff --git a/roles/locale/tasks/main.yaml b/roles/locale/tasks/main.yaml index e8a5335..221c327 100644 --- a/roles/locale/tasks/main.yaml +++ b/roles/locale/tasks/main.yaml @@ -3,6 +3,6 @@ name: en_US.UTF-8 state: present -- name: Set en_US.UTF-8 as default locale - ansible.builtin.command: localectl set-locale LANG=en_US.utf8 - when: ansible_env.LANG != "en_US.utf8" +# - name: Set en_US.UTF-8 as default locale +# ansible.builtin.command: localectl set-locale LANG=en_US.utf8 +# when: ansible_env.LANG != "en_US.utf8" diff --git a/roles/motd/files/motd.radxa b/roles/motd/files/motd.radxa new file mode 100644 index 0000000..b8b25ba --- /dev/null +++ b/roles/motd/files/motd.radxa @@ -0,0 +1,8 @@ + ____________ + | /\ /\ | + | \ \ / / | + | \_\/_/ | + | / /\ \ | + | / / \ \ | + |_\/______\/_| + diff --git a/roles/motd/tasks/main.yaml b/roles/motd/tasks/main.yaml index 97dec89..36e06a9 100644 --- a/roles/motd/tasks/main.yaml +++ b/roles/motd/tasks/main.yaml @@ -15,19 +15,54 @@ path: /etc/motd state: absent -- name: Detect Armbian - ansible.builtin.stat: - path: /etc/armbian-release - register: armbian +- name: Set facts about platform + ansible.builtin.set_fact: + is_orangepi: false + is_rockpi: false -- name: Add custom /etc/motd for Armbian +- name: Try to detect Orange Pi + ansible.builtin.lineinfile: + path: /etc/armbian-release + regex: 'orange' + state: absent + changed_when: false + register: orangepi_armbian + +- name: Set fact about Orange Pi + ansible.builtin.set_fact: + is_orangepi: true + when: 'orangepi_armbian.found == 1' + +- name: Try to detect Rock Pi + ansible.builtin.lineinfile: + path: /etc/armbian-release + regex: 'rockpi' + state: absent + changed_when: false + register: rockpi_armbian + +- name: Set fact about Rock Pi + ansible.builtin.set_fact: + is_rockpi: true + when: 'rockpi_armbian.found == 1' + +- name: Add custom /etc/motd for Orange Pi ansible.builtin.copy: src: motd.orangepi dest: /etc/motd owner: root group: root mode: 0755 - when: armbian.stat.exists == True + when: is_orangepi == True + +- name: Add custom /etc/motd for Rock Pi + ansible.builtin.copy: + src: motd.radxa + dest: /etc/motd + owner: root + group: root + mode: 0755 + when: is_rockpi == True - name: Add common custom /etc/motd ansible.builtin.copy: @@ -36,4 +71,4 @@ owner: root group: root mode: 0755 - when: armbian.stat.exists == False + when: 'is_orangepi == False and is_rockpi == False'