various updates

2026-03-30 20:55:41 +03:00
parent 55e423ec8b
commit ec68be996a
18 changed files with 140 additions and 96 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
 inventory.*
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 ## Requirements
 ```
-ansible-galaxy install -r requirements.yml
+ansible-galaxy install -r requirements.yaml
 ```
 ## Roles
@@ -13,6 +13,7 @@ Basic server setup:
 - `hostname`    Set hostname, FQDN.
 - `tz`          Set TZ `Europe/Moscow`.
 - `locale`      Generate and set locale `en_US.utf-8`.
 - `apt`         Configute APT.
 - `packages`    Install admin tools e.g. vim, tree, etc.
 - `dotfiles`    Add dotfiles for root and /etc/skel.
 - `motd`        Modify MOTD.
@@ -21,5 +22,6 @@ Basic server setup:
 Other:
- `avahi`       Install and configure Avahi daemon for mDNS.
+- `avahi`           Install and configure Avahi daemon for mDNS.
- `docker`      Install Docker Engine.
+- `docker`          Install Docker Engine from OS repository.
 - `docker-upstream` Install Docker Engine from upstream repository.
--- a/inventory.yaml
+++ b/inventory.yaml
@@ -1,35 +0,0 @@
 all:
  vars:
    architectures:
      x86_64: amd64
      aarch64: arm64
      armv7l: armhf
  children:
    external:
      hosts:
        mainframe:
          server_hostname: mainframe
          server_fqdn: mainframe.phreepunk.network
          ansible_host: 147.45.233.134
          ansible_user: root
          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
    internal:
      hosts:
        opipcplus:
          server_hostname: opipcplus
          server_fqdn: opipcplus.local
          ansible_host: 192.168.3.8
          ansible_user: root
          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
        opi3b:
          server_hostname: opi3b
          server_fqdn: opi3b.local
          ansible_host: 192.168.3.6
          ansible_user: root
          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
        pnx:
          server_hostname: pnx
          server_fqdn: pnx.local
          ansible_host: 192.168.3.128
          ansible_user: root
          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
--- a/playbooks/base.yaml
+++ b/playbooks/base.yaml
@@ -5,4 +5,5 @@
    - locale
    - motd
    - dotfiles
    - apt
    - packages
--- a/playbooks/external.yaml
+++ b/playbooks/external.yaml
@@ -3,4 +3,4 @@
    - sshd
    - ufw
    - role: docker
-      when: server_hostname in ['mainframe']
+      when: server_hostname in ['mainframe', 'frontier', 'montreal']
--- a/playbooks/internal.yaml
+++ b/playbooks/internal.yaml
@@ -2,4 +2,4 @@
  roles:
    - avahi
    - role: docker
-      when: server_hostname != 'pnx'
+      when: server_hostname != 'amude'
--- a/roles/apt/files/no-languages
+++ b/roles/apt/files/no-languages
@@ -0,0 +1 @@
 Acquire::Languages "none";
--- a/roles/apt/files/no-pager
+++ b/roles/apt/files/no-pager
@@ -0,0 +1 @@
 Binary::apt::Pager "false";
--- a/roles/apt/files/no-recommends
+++ b/roles/apt/files/no-recommends
@@ -0,0 +1,2 @@
 APT::Install-Recommends "0";
 APT::Install-Suggests "0";
--- a/roles/apt/tasks/main.yaml
+++ b/roles/apt/tasks/main.yaml
@@ -0,0 +1,11 @@
 - name: Configure APT
  ansible.builtin.copy:
    src: "{{ item }}"
    dest: "/etc/apt/apt.conf.d/10-custom-{{ item }}"
    owner: root
    group: root
    mode: 0644
  with_items:
    - no-recommends
    - no-languages
    - no-pager
--- a/roles/docker-upstream/handlers/main.yaml
+++ b/roles/docker-upstream/handlers/main.yaml
@@ -0,0 +1,4 @@
 - name: Autoremove and autoclean packages
  ansible.builtin.apt:
    autoremove: yes
    autoclean: yes
--- a/roles/docker-upstream/tasks/main.yaml
+++ b/roles/docker-upstream/tasks/main.yaml
@@ -0,0 +1,46 @@
 - name: Check and install prerequisites
  ansible.builtin.apt:
    name: "{{ item }}"
    state: latest
    update_cache: yes
    install_recommends: no
  with_items:
    - ca-certificates
    - curl
    - gnupg
    - lsb-release
 - name: Add Docker repository
  block:
  - name: Make APT keyrings dir
    ansible.builtin.file:
      path: /etc/apt/keyrings
      state: directory
      owner: root
      group: root
      mode: 0755
  - name: Add Docker APT key
    ansible.builtin.get_url:
      url: "https://download.docker.com/linux/debian/gpg"
      dest: /etc/apt/keyrings/docker.asc
  - name: Add Docker APT list
    ansible.builtin.apt_repository:
      repo: "deb [arch={{ architectures[ansible_architecture] }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
      filename: docker
      state: present
 - name: Install Docker Engine (Upstream)
  ansible.builtin.apt:
    name: "{{ item }}"
    state: latest
    update_cache: yes
    install_recommends: no
  with_items:
    - docker-ce
    - docker-ce-cli
    - containerd.io
    - docker-buildx-plugin
    - docker-compose-plugin
  notify: Autoremove and autoclean packages
--- a/roles/docker/tasks/main.yaml
+++ b/roles/docker/tasks/main.yaml
@@ -1,46 +1,12 @@
- name: Check and install prerequisites
+- name: Install Docker Engine (Debian)
  ansible.builtin.apt:
    name: "{{ item }}"
    state: latest
    update_cache: yes
    install_recommends: no
  with_items:
-    - ca-certificates
+    - docker.io
-    - curl
+    - docker-cli
-    - gnupg
+    - docker-buildx
-    - lsb-release
+    - docker-compose
 - name: Add Docker repository
  block:
    - name: Make APT keyrings dir
      ansible.builtin.file:
        path: /etc/apt/keyrings
        state: directory
        owner: root
        group: root
        mode: 0755
    - name: Add Docker APT key
      ansible.builtin.get_url:
        url: "https://download.docker.com/linux/debian/gpg"
        dest: /etc/apt/keyrings/docker.asc
    - name: Add Docker APT list
      ansible.builtin.apt_repository:
        repo: "deb [arch={{ architectures[ansible_architecture] }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
        filename: docker
        state: present
 - name: Install Docker Engine
  ansible.builtin.apt:
    name: "{{ item }}"
    state: latest
    update_cache: yes
    install_recommends: no
  with_items:
    - docker-ce
    - docker-ce-cli
    - containerd.io
    - docker-buildx-plugin
    - docker-compose-plugin
  notify: Autoremove and autoclean packages
--- a/roles/dotfiles/files/dot.bashrc
+++ b/roles/dotfiles/files/dot.bashrc
@@ -2,7 +2,7 @@
 [ -f ~/.profile ] && . ~/.profile
-[ -f ~/.profile.extra ] && . ~/.profile.extra
+[ -f ~/.profile.local ] && . ~/.profile.local
 alias grep='grep --color=auto'
 alias diff='diff --color=auto'
@@ -21,8 +21,10 @@ HISTFILESIZE=1000000
 HISTTIMEFORMAT="%d %b %Y %T %z "
 if [ "$EUID" -eq 0 ]; then
-    if [ -f /etc/armbian-release ]; then
+    if [ $(grep -m 1 -oi orange /etc/armbian-image-release 2>/dev/null) ]; then
        PS1='\[\033[38;5;208;1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ '
    elif [ $(grep -m 1 -oi rockpi /etc/armbian-image-release 2>/dev/null) ]; then
        PS1='\[\033[32;5;208;1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ '
    else
        PS1='\[\033[1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ '
    fi
--- a/roles/dotfiles/files/dot.profile
+++ b/roles/dotfiles/files/dot.profile
@@ -1,7 +1,6 @@
 # Ansible managed
-PATH=$HOME/.local/bin:$PATH
+export PATH=$HOME/.local/bin:$PATH
-EDITOR=vim
+export EDITOR=vim
-VISUAL=vim
+export VISUAL=vim
-LESS=-R
+export LESS=-R
 export PATH EDITOR VISUAL LESS
--- a/roles/locale/tasks/main.yaml
+++ b/roles/locale/tasks/main.yaml
@@ -3,6 +3,6 @@
    name: en_US.UTF-8
    state: present
- name: Set en_US.UTF-8 as default locale
+# - name: Set en_US.UTF-8 as default locale
-  ansible.builtin.command: localectl set-locale LANG=en_US.utf8
+#   ansible.builtin.command: localectl set-locale LANG=en_US.utf8
-  when: ansible_env.LANG != "en_US.utf8"
+#   when: ansible_env.LANG != "en_US.utf8"
--- a/roles/motd/files/motd.radxa
+++ b/roles/motd/files/motd.radxa
@@ -0,0 +1,8 @@
   ____________
  | /\      /\ |
  | \ \    / / |
  |   \_\/_/   |
  |   / /\ \   |
  | / /    \ \ | 
  |_\/______\/_|
--- a/roles/motd/tasks/main.yaml
+++ b/roles/motd/tasks/main.yaml
@@ -15,19 +15,54 @@
    path: /etc/motd
    state: absent
- name: Detect Armbian
+- name: Set facts about platform
-  ansible.builtin.stat:
+  ansible.builtin.set_fact:
-    path: /etc/armbian-release
+    is_orangepi: false
-  register: armbian
+    is_rockpi: false
- name: Add custom /etc/motd for Armbian
+- name: Try to detect Orange Pi
  ansible.builtin.lineinfile:
    path: /etc/armbian-release
    regex: 'orange'
    state: absent
  changed_when: false
  register: orangepi_armbian
 - name: Set fact about Orange Pi
  ansible.builtin.set_fact:
    is_orangepi: true
  when: 'orangepi_armbian.found == 1'
 - name: Try to detect Rock Pi
  ansible.builtin.lineinfile:
    path: /etc/armbian-release
    regex: 'rockpi'
    state: absent
  changed_when: false
  register: rockpi_armbian
 - name: Set fact about Rock Pi
  ansible.builtin.set_fact:
    is_rockpi: true
  when: 'rockpi_armbian.found == 1'
 - name: Add custom /etc/motd for Orange Pi
  ansible.builtin.copy:
    src: motd.orangepi
    dest: /etc/motd
    owner: root
    group: root
    mode: 0755
-  when: armbian.stat.exists == True
+  when: is_orangepi == True
 - name: Add custom /etc/motd for Rock Pi
  ansible.builtin.copy:
    src: motd.radxa
    dest: /etc/motd
    owner: root
    group: root
    mode: 0755
  when: is_rockpi == True
 - name: Add common custom /etc/motd
  ansible.builtin.copy:
@@ -36,4 +71,4 @@
    owner: root
    group: root
    mode: 0755
-  when: armbian.stat.exists == False
+  when: 'is_orangepi == False and is_rockpi == False'
		`@@ -0,0 +1,2 @@`
							`APT::Install-Recommends "0";`
							`APT::Install-Suggests "0";`