various updates

2026-03-30 20:55:41 +03:00
parent 55e423ec8b
commit ec68be996a
18 changed files with 140 additions and 96 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+inventory.*
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 ## Requirements

 ```
-ansible-galaxy install -r requirements.yml
+ansible-galaxy install -r requirements.yaml
 ```

 ## Roles
@@ -13,6 +13,7 @@ Basic server setup:
 - `hostname`    Set hostname, FQDN.
 - `tz`          Set TZ `Europe/Moscow`.
 - `locale`      Generate and set locale `en_US.utf-8`.
+- `apt`         Configute APT.
 - `packages`    Install admin tools e.g. vim, tree, etc.
 - `dotfiles`    Add dotfiles for root and /etc/skel.
 - `motd`        Modify MOTD.
@@ -21,5 +22,6 @@ Basic server setup:

 Other:

- `avahi`       Install and configure Avahi daemon for mDNS.
- `docker`      Install Docker Engine.
+- `avahi`           Install and configure Avahi daemon for mDNS.
+- `docker`          Install Docker Engine from OS repository.
+- `docker-upstream` Install Docker Engine from upstream repository.
--- a/inventory.yaml
+++ b/inventory.yaml
@@ -1,35 +0,0 @@
-all:
-  vars:
-    architectures:
-      x86_64: amd64
-      aarch64: arm64
-      armv7l: armhf
-  children:
-    external:
-      hosts:
-        mainframe:
-          server_hostname: mainframe
-          server_fqdn: mainframe.phreepunk.network
-          ansible_host: 147.45.233.134
-          ansible_user: root
-          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
-    internal:
-      hosts:
-        opipcplus:
-          server_hostname: opipcplus
-          server_fqdn: opipcplus.local
-          ansible_host: 192.168.3.8
-          ansible_user: root
-          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
-        opi3b:
-          server_hostname: opi3b
-          server_fqdn: opi3b.local
-          ansible_host: 192.168.3.6
-          ansible_user: root
-          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
-        pnx:
-          server_hostname: pnx
-          server_fqdn: pnx.local
-          ansible_host: 192.168.3.128
-          ansible_user: root
-          ansible_ssh_private_key_file: /home/ge/.ssh/id_ed25519
--- a/playbooks/base.yaml
+++ b/playbooks/base.yaml
@@ -5,4 +5,5 @@
    - locale
    - motd
    - dotfiles
+    - apt
    - packages
--- a/playbooks/external.yaml
+++ b/playbooks/external.yaml
@@ -3,4 +3,4 @@
    - sshd
    - ufw
    - role: docker
-      when: server_hostname in ['mainframe']
+      when: server_hostname in ['mainframe', 'frontier', 'montreal']
--- a/playbooks/internal.yaml
+++ b/playbooks/internal.yaml
@@ -2,4 +2,4 @@
  roles:
    - avahi
    - role: docker
-      when: server_hostname != 'pnx'
+      when: server_hostname != 'amude'
--- a/roles/apt/files/no-languages
+++ b/roles/apt/files/no-languages
@@ -0,0 +1 @@
+Acquire::Languages "none";
--- a/roles/apt/files/no-pager
+++ b/roles/apt/files/no-pager
@@ -0,0 +1 @@
+Binary::apt::Pager "false";
--- a/roles/apt/files/no-recommends
+++ b/roles/apt/files/no-recommends
@@ -0,0 +1,2 @@
+APT::Install-Recommends "0";
+APT::Install-Suggests "0";
--- a/roles/apt/tasks/main.yaml
+++ b/roles/apt/tasks/main.yaml
@@ -0,0 +1,11 @@
+- name: Configure APT
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "/etc/apt/apt.conf.d/10-custom-{{ item }}"
+    owner: root
+    group: root
+    mode: 0644
+  with_items:
+    - no-recommends
+    - no-languages
+    - no-pager
--- a/roles/docker-upstream/handlers/main.yaml
+++ b/roles/docker-upstream/handlers/main.yaml
@@ -0,0 +1,4 @@
+- name: Autoremove and autoclean packages
+  ansible.builtin.apt:
+    autoremove: yes
+    autoclean: yes
--- a/roles/docker-upstream/tasks/main.yaml
+++ b/roles/docker-upstream/tasks/main.yaml
@@ -0,0 +1,46 @@
+- name: Check and install prerequisites
+  ansible.builtin.apt:
+    name: "{{ item }}"
+    state: latest
+    update_cache: yes
+    install_recommends: no
+  with_items:
+    - ca-certificates
+    - curl
+    - gnupg
+    - lsb-release
+
+- name: Add Docker repository
+  block:
+  - name: Make APT keyrings dir
+    ansible.builtin.file:
+      path: /etc/apt/keyrings
+      state: directory
+      owner: root
+      group: root
+      mode: 0755
+
+  - name: Add Docker APT key
+    ansible.builtin.get_url:
+      url: "https://download.docker.com/linux/debian/gpg"
+      dest: /etc/apt/keyrings/docker.asc
+
+  - name: Add Docker APT list
+    ansible.builtin.apt_repository:
+      repo: "deb [arch={{ architectures[ansible_architecture] }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
+      filename: docker
+      state: present
+
+- name: Install Docker Engine (Upstream)
+  ansible.builtin.apt:
+    name: "{{ item }}"
+    state: latest
+    update_cache: yes
+    install_recommends: no
+  with_items:
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io
+    - docker-buildx-plugin
+    - docker-compose-plugin
+  notify: Autoremove and autoclean packages
--- a/roles/docker/tasks/main.yaml
+++ b/roles/docker/tasks/main.yaml
@@ -1,46 +1,12 @@
- name: Check and install prerequisites
+- name: Install Docker Engine (Debian)
  ansible.builtin.apt:
    name: "{{ item }}"
    state: latest
    update_cache: yes
    install_recommends: no
  with_items:
-    - ca-certificates
-    - curl
-    - gnupg
-    - lsb-release
-
- name: Add Docker repository
-  block:
-    - name: Make APT keyrings dir
-      ansible.builtin.file:
-        path: /etc/apt/keyrings
-        state: directory
-        owner: root
-        group: root
-        mode: 0755
-
-    - name: Add Docker APT key
-      ansible.builtin.get_url:
-        url: "https://download.docker.com/linux/debian/gpg"
-        dest: /etc/apt/keyrings/docker.asc
-
-    - name: Add Docker APT list
-      ansible.builtin.apt_repository:
-        repo: "deb [arch={{ architectures[ansible_architecture] }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
-        filename: docker
-        state: present
-
- name: Install Docker Engine
-  ansible.builtin.apt:
-    name: "{{ item }}"
-    state: latest
-    update_cache: yes
-    install_recommends: no
-  with_items:
-    - docker-ce
-    - docker-ce-cli
-    - containerd.io
-    - docker-buildx-plugin
-    - docker-compose-plugin
+    - docker.io
+    - docker-cli
+    - docker-buildx
+    - docker-compose
  notify: Autoremove and autoclean packages
--- a/roles/dotfiles/files/dot.bashrc
+++ b/roles/dotfiles/files/dot.bashrc
@@ -2,7 +2,7 @@

 [ -f ~/.profile ] && . ~/.profile

-[ -f ~/.profile.extra ] && . ~/.profile.extra
+[ -f ~/.profile.local ] && . ~/.profile.local

 alias grep='grep --color=auto'
 alias diff='diff --color=auto'
@@ -21,8 +21,10 @@ HISTFILESIZE=1000000
 HISTTIMEFORMAT="%d %b %Y %T %z "

 if [ "$EUID" -eq 0 ]; then
-    if [ -f /etc/armbian-release ]; then
+    if [ $(grep -m 1 -oi orange /etc/armbian-image-release 2>/dev/null) ]; then
        PS1='\[\033[38;5;208;1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ '
+    elif [ $(grep -m 1 -oi rockpi /etc/armbian-image-release 2>/dev/null) ]; then
+        PS1='\[\033[32;5;208;1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ '
    else
        PS1='\[\033[1m\]\u@\H\[\033[00m\]:\w\[\033[00m\]\$ '
    fi
--- a/roles/dotfiles/files/dot.profile
+++ b/roles/dotfiles/files/dot.profile
@@ -1,7 +1,6 @@
 # Ansible managed

-PATH=$HOME/.local/bin:$PATH
-EDITOR=vim
-VISUAL=vim
-LESS=-R
-export PATH EDITOR VISUAL LESS
+export PATH=$HOME/.local/bin:$PATH
+export EDITOR=vim
+export VISUAL=vim
+export LESS=-R
--- a/roles/locale/tasks/main.yaml
+++ b/roles/locale/tasks/main.yaml
@@ -3,6 +3,6 @@
    name: en_US.UTF-8
    state: present

- name: Set en_US.UTF-8 as default locale
-  ansible.builtin.command: localectl set-locale LANG=en_US.utf8
-  when: ansible_env.LANG != "en_US.utf8"
+# - name: Set en_US.UTF-8 as default locale
+#   ansible.builtin.command: localectl set-locale LANG=en_US.utf8
+#   when: ansible_env.LANG != "en_US.utf8"
--- a/roles/motd/files/motd.radxa
+++ b/roles/motd/files/motd.radxa
@@ -0,0 +1,8 @@
+   ____________
+  | /\      /\ |
+  | \ \    / / |
+  |   \_\/_/   |
+  |   / /\ \   |
+  | / /    \ \ | 
+  |_\/______\/_|
+
--- a/roles/motd/tasks/main.yaml
+++ b/roles/motd/tasks/main.yaml
@@ -15,19 +15,54 @@
    path: /etc/motd
    state: absent

- name: Detect Armbian
-  ansible.builtin.stat:
-    path: /etc/armbian-release
-  register: armbian
+- name: Set facts about platform
+  ansible.builtin.set_fact:
+    is_orangepi: false
+    is_rockpi: false

- name: Add custom /etc/motd for Armbian
+- name: Try to detect Orange Pi
+  ansible.builtin.lineinfile:
+    path: /etc/armbian-release
+    regex: 'orange'
+    state: absent
+  changed_when: false
+  register: orangepi_armbian
+
+- name: Set fact about Orange Pi
+  ansible.builtin.set_fact:
+    is_orangepi: true
+  when: 'orangepi_armbian.found == 1'
+
+- name: Try to detect Rock Pi
+  ansible.builtin.lineinfile:
+    path: /etc/armbian-release
+    regex: 'rockpi'
+    state: absent
+  changed_when: false
+  register: rockpi_armbian
+
+- name: Set fact about Rock Pi
+  ansible.builtin.set_fact:
+    is_rockpi: true
+  when: 'rockpi_armbian.found == 1'
+
+- name: Add custom /etc/motd for Orange Pi
  ansible.builtin.copy:
    src: motd.orangepi
    dest: /etc/motd
    owner: root
    group: root
    mode: 0755
-  when: armbian.stat.exists == True
+  when: is_orangepi == True
+
+- name: Add custom /etc/motd for Rock Pi
+  ansible.builtin.copy:
+    src: motd.radxa
+    dest: /etc/motd
+    owner: root
+    group: root
+    mode: 0755
+  when: is_rockpi == True

 - name: Add common custom /etc/motd
  ansible.builtin.copy:
@@ -36,4 +71,4 @@
    owner: root
    group: root
    mode: 0755
-  when: armbian.stat.exists == False
+  when: 'is_orangepi == False and is_rockpi == False'