lafrite
/
Ansible_workstation
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: lafrite:6d24a2624cb18f54345c0489dcb27945dbedc2f5
Branches Tags
lafrite:master
lafrite:refact
...
compare: lafrite:cb8662d63dc8ab3326f6cdfdb541235f30aba872
Branches Tags
lafrite:master
lafrite:refact

9 Commits
6d24a2624c ... cb8662d63d

Author SHA1 Message Date
Bertrand Benjamin cb8662d63d feat: start collectd role 2022-03-30 21:23:16 +02:00
Bertrand Benjamin ac3f412d63 Feat: validate borgconfig and verify repository 2022-03-20 18:56:58 +01:00
Bertrand Benjamin 34f2494e6f Feat: config for first deployment of backup 2022-03-13 14:39:34 +01:00
Bertrand Benjamin 2ffabd234a Feat: rename templates and add borgmatic_name 2022-03-13 14:39:14 +01:00
Bertrand Benjamin c23bebed74 Feat: borgmatic on boot works in molecule 2022-03-13 11:20:57 +01:00
Bertrand Benjamin a4688b6f99 Feat: init nfs client role 2022-03-09 14:17:07 +01:00
Bertrand Benjamin 19658ae596 Feat: borgmatic start after boot 2022-03-09 10:46:21 +01:00
Bertrand Benjamin 04d221778b Feat: basic borgmatic role 2022-03-08 14:42:14 +01:00
Bertrand Benjamin 2d42c5a943 Feat: init borgmatic role 2022-03-04 15:24:09 +01:00
47 changed files with 1250 additions and 0 deletions
Show Stats Expand all files Collapse all files

16
home.yml Normal file
View File

@ -0,0 +1,16 @@
---
- name: backup
hosts: backup
vars_files:
- vars/backup.yml
- vars/backup_secret.yml
tasks:
- name: NFS shares client
include_role:
name: nfs_client
- name: Set up borgmatic
include_role:
name: borgmatic

2
inventories/home.ini Normal file
View File

@ -0,0 +1,2 @@
[backup]
ChouxBackupVM

29
roles/borgmatic/.travis.yml Normal file
View File

@ -0,0 +1,29 @@
---
language: python
python: "2.7"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

33
roles/borgmatic/.yamllint Normal file
View File

@ -0,0 +1,33 @@
---
# Based on ansible-lint config
extends: default
rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
colons:
max-spaces-after: -1
level: error
commas:
max-spaces-after: -1
level: error
comments: disable
comments-indentation: disable
document-start: disable
empty-lines:
max: 3
level: error
hyphens:
level: error
indentation: disable
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines:
type: unix
trailing-spaces: disable
truthy: disable

28
roles/borgmatic/README.md Normal file
View File

@ -0,0 +1,28 @@
Borgmatic
=========
Deploy borgmatic and configure it.
Role Variables
--------------
Available variables are listed below, along with default values (see defaults/main.yml):
borg_source_directories # list of folder to backup
borg_repository # list of repositories
Dependencies
------------
None
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }

35
roles/borgmatic/defaults/main.yml Normal file
View File

@ -0,0 +1,35 @@
---
# defaults file for borgmatic
borgmatic_name: default
borg_encryption_passphrase: ''
borg_source_directories: []
borg_repository: []
borg_exclude_patterns: []
borgmatic_config_file: "/etc/borgmatic/{{ borgmatic_name }}.yaml"
borgmatic_large_repo: true
borgmatic_hooks:
on_error:
- echo "`date` - Error while creating a backup."
before_backup:
- echo "`date` - Starting backup."
after_backup:
- echo "`date` - Finished backup."
borgmatic_checks:
- repository
borgmatic_check_last: 3
borgmatic_store_atime: true
borgmatic_store_ctime: true
borgmatic_relocated_repo_access_is_ok: false
borg_one_file_system: true
borg_exclude_from: []
borg_encryption_passcommand: false
borg_lock_wait_time: 5
borg_ssh_command: false
borg_remote_path: false
borg_remote_rate_limit: 0
borg_retention_policy:
keep_hourly: 3
keep_daily: 7
keep_weekly: 4
keep_monthly: 6
create_repo: False

5
roles/borgmatic/handlers/main.yml Normal file
View File

@ -0,0 +1,5 @@
---
# handlers file for borgmatic
- name: reload systemd
systemd:
daemon_reload: yes

23
roles/borgmatic/molecule/default/INSTALL.rst Normal file
View File

@ -0,0 +1,23 @@
*********************************
Vagrant driver installation guide
*********************************
Requirements
============
* Vagrant
* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule_vagrant'

26
roles/borgmatic/molecule/default/converge.yml Normal file
View File

@ -0,0 +1,26 @@
---
- name: Converge
hosts: all
become: yes
vars:
- borg_source_directories:
- /media/test1/
- /media/test2/
- borg_repository:
- /backup/
pre_tasks:
- name: Update apt cache
apt:
update_cache: yes
- name: Create sources directories
file:
path: "{{ item }}"
state: directory
with_items: "{{ borg_source_directories + borg_repository}}"
tasks:
- name: "Include borgmatic"
include_role:
name: "borgmatic"

19
roles/borgmatic/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,19 @@
---
dependency:
name: galaxy
driver:
name: vagrant
provider:
name: virtualbox
platforms:
- name: Debian
box: "debian/bullseye64"
pre_build_image: true
provisioner:
name: ansible
verifier:
name: testinfra
options:
sudo: true
v: 3

22
roles/borgmatic/molecule/default/tests/conftest.py Normal file
View File

@ -0,0 +1,22 @@
"""PyTest Fixtures."""
from __future__ import absolute_import
import os
import pytest
def pytest_runtest_setup(item):
"""Run tests only when under molecule with testinfra installed."""
try:
import testinfra
except ImportError:
pytest.skip("Test requires testinfra", allow_module_level=True)
if "MOLECULE_INVENTORY_FILE" in os.environ:
pytest.testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
else:
pytest.skip(
"Test should run only from inside molecule.", allow_module_level=True
)

20
roles/borgmatic/molecule/default/tests/test_default.py Normal file
View File

@ -0,0 +1,20 @@
"""Role testing files using testinfra."""
import pytest
def test_installed_packages(host):
borgbackup = host.package("borgbackup")
assert borgbackup.is_installed
borgmatic = host.package("borgmatic")
assert borgmatic.is_installed
def test_borgmatic_config(host):
config_file = "/etc/borgmatic/default.yaml"
config = host.file(config_file)
assert config.exists
valid_config = host.run(f"sudo validate-borgmatic-config -c {config_file}")
assert valid_config.succeeded
def test_borgmatic_service(host):
borgmatic_service = host.service("borgmatic_default")
assert borgmatic_service.is_valid
assert borgmatic_service.is_enabled

67
roles/borgmatic/tasks/main.yml Normal file
View File

@ -0,0 +1,67 @@
---
# tasks file for borgmatic
- name: debug
debug:
msg: "{{ borgmatic_config_file }}"
- name: Assert borg_source_directories not empty
assert:
that: "{{ borg_source_directories != [] }}"
- name: Assert borg_repository not empty
assert:
that: "{{ borg_repository != [] }}"
- name: stat on sources
stat:
path: "{{ item }}"
with_items: "{{ borg_source_directories }}"
register: sources_exists
- name: Assert sources exists
assert:
that: "{{ item }}.stat.exists"
with_items: "{{ sources_exists.results }}"
- name: Install borg and borgmatic
apt:
name: "{{ item }}"
state: present
with_items:
- borgbackup
- borgmatic
- name: Make dir for borgmatic in etc
file:
path: "/etc/borgmatic"
state: directory
- name: Borgmatic config
template:
src: config.yaml.j2
dest: "{{ borgmatic_config_file }}"
mode: 644
validate: "validate-borgmatic-config -c %s"
- name: copy systemd service
template:
src: service.j2
dest: "/lib/systemd/system/borgmatic_{{ borgmatic_name }}.service"
mode: 644
notify: "reload systemd"
- name: copy systemd timer for executing borgmatic after boot
template:
src: afterboot.timer.j2
dest: "/lib/systemd/system/borgmatic_{{ borgmatic_name }}.timer"
notify: "reload systemd"
- name: disable service
systemd:
name: "borgmatic_{{ borgmatic_name }}.service"
enabled: no
- name: enable timer
systemd:
name: "borgmatic_{{ borgmatic_name }}.timer"
enabled: yes

11
roles/borgmatic/templates/afterboot.timer.j2 Normal file
View File

@ -0,0 +1,11 @@
#jinja2: lstrip_blocks: "True", trim_blocks: "True"
{{ ansible_managed | comment }}
[Unit]
Description=Run borgmatic {{ borgmatic_name }} backup
[Timer]
OnBootSec=2min
Persistent=true
[Install]
WantedBy=timers.target

187
roles/borgmatic/templates/config.yaml.j2 Normal file
View File

@ -0,0 +1,187 @@
#jinja2: lstrip_blocks: "True", trim_blocks: "True"
---
# From borgbase/ansible-role-borgbackup
{{ ansible_managed | comment }}
# Full config: https://torsion.org/borgmatic/docs/reference/config.yaml
location:
source_directories:
{% for dir in borg_source_directories %}
- {{ dir }}
{% endfor %}
# Stay in same file system (do not cross mount points).
one_file_system: {{ borg_one_file_system }}
repositories:
{% if borg_repository is iterable and (borg_repository is not string and borg_repository is not mapping) %}
{% for repo in borg_repository %}
- {{ repo }}
{% endfor %}
{% elif borg_repository is defined and borg_repository is string %}
- {{ borg_repository }}
{% endif %}
# Store atime into archive.
atime: {{ borgmatic_store_atime }}
# Store ctime into archive.
ctime: {{ borgmatic_store_ctime }}
{% if borg_exclude_patterns %}
# Any paths matching these patterns are excluded from backups. Globs and tildes
# are expanded. See the output of "borg help patterns" for more details.
exclude_patterns:
{% for dir in borg_exclude_patterns %}
- '{{ dir }}'
{% endfor %}
{% endif %}
{% if borg_exclude_from %}
# Read exclude patterns from one or more separate named files, one pattern per
# line. See the output of "borg help patterns" for more details.
exclude_from:
{% for dir in borg_exclude_from %}
- {{ dir }}
{% endfor %}
{% endif %}
# Exclude directories that contain a CACHEDIR.TAG file. See
# http://www.brynosaurus.com/cachedir/spec.html for details.
exclude_caches: true
# Exclude directories that contain a file with the given filename.
exclude_if_present: .nobackup
# Alternate Borg remote executable. Defaults to "borg".
# remote_path: borg1
{% if borg_remote_path %}
remote_path: {{ borg_remote_path }}
{% endif %}
# Repository storage options. See
# https://borgbackup.readthedocs.io/en/stable/usage.html#borg-create and
# https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables for
# details.
storage:
encryption_passphrase: {{ borg_encryption_passphrase }}
# The standard output of this command is used to unlock the encryption key. Only
# use on repositories that were initialized with passcommand/repokey encryption.
# Note that if both encryption_passcommand and encryption_passphrase are set,
# then encryption_passphrase takes precedence.
# encryption_passcommand: secret-tool lookup borg-repository repo-name
{% if borg_encryption_passcommand %}
encryption_passcommand: {{ borg_encryption_passcommand }}
{% endif %}
# Type of compression to use when creating archives. See
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-create for details.
# Defaults to no compression.
compression: auto,zstd
# Remote network upload rate limit in kiBytes/second.
{% if borg_remote_rate_limit %}
remote_rate_limit: {{ borg_remote_rate_limit }}
{% endif %}
# Command to use instead of just "ssh". This can be used to specify ssh options.
# ssh_command: ssh -i ~/.ssh/id_ed25519
{% if borg_ssh_command %}
ssh_command: {{ borg_ssh_command }}
{% endif %}
# Umask to be used for borg create.
umask: 0077
# Maximum seconds to wait for acquiring a repository/cache lock.
lock_wait: {{ borg_lock_wait_time }}
# Name of the archive. Borg placeholders can be used. See the output of
# "borg help placeholders" for details. Default is
# "{hostname}-{now:%Y-%m-%dT%H:%M:%S.%f}". If you specify this option, you must
# also specify a prefix in the retention section to avoid accidental pruning of
# archives with a different archive name format. And you should also specify a
# prefix in the consistency section as well.
archive_name_format: '{hostname}-{{ borgmatic_name }}-{now:%Y-%m-%d-%H%M%S}'
# Bypass Borg error about a repository that has been moved.
relocated_repo_access_is_ok: {{ borgmatic_relocated_repo_access_is_ok }}
# Retention policy for how many backups to keep in each category. See
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-prune for details.
# At least one of the "keep" options is required for pruning to work.
retention:
{% if borg_retention_policy.keep_secondly is defined %}
# Number of secondly archives to keep.
keep_secondly: {{ borg_retention_policy.keep_secondly }}
{% endif %}
{% if borg_retention_policy.keep_minutely is defined %}
# Number of minutely archives to keep.
keep_minutely: {{ borg_retention_policy.keep_minutely }}
{% endif %}
{% if borg_retention_policy.keep_hourly is defined %}
# Number of hourly archives to keep.
keep_hourly: {{ borg_retention_policy.keep_hourly }}
{% endif %}
{% if borg_retention_policy.keep_daily is defined %}
# Number of daily archives to keep.
keep_daily: {{ borg_retention_policy.keep_daily }}
{% endif %}
{% if borg_retention_policy.keep_weekly is defined %}
# Number of weekly archives to keep.
keep_weekly: {{ borg_retention_policy.keep_weekly }}
{% endif %}
{% if borg_retention_policy.keep_monthly is defined %}
# Number of monthly archives to keep.
keep_monthly: {{ borg_retention_policy.keep_monthly }}
{% endif %}
{% if borg_retention_policy.keep_yearly is defined %}
# Number of yearly archives to keep.
keep_yearly: {{ borg_retention_policy.keep_yearly }}
{% endif %}
# When pruning, only consider archive names starting with this prefix.
# Borg placeholders can be used. See the output of "borg help placeholders" for
# details. Default is "{hostname}-".
prefix: '{hostname}-{{ borgmatic_name }}'
# Consistency checks to run after backups. See
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-check and
# https://borgbackup.readthedocs.org/en/stable/usage.html#borg-extract for details.
consistency:
# List of one or more consistency checks to run: "repository",
# "archives", "data", and/or "extract". Defaults to
# "repository" and "archives". Set to "disabled" to disable
# all consistency checks. "repository" checks the consistency
# of the repository, "archives" checks all of the archives,
# "data" verifies the integrity of the data within the
# archives, and "extract" does an extraction dry-run of the
# most recent archive. Note that "data" implies "archives".
checks:
{% for checks in borgmatic_checks %}
- {{ checks }}
{% endfor %}
# Restrict the number of checked archives to the last n. Applies only to the "archives" check.
check_last: {{ borgmatic_check_last }}
# When performing the "archives" check, only consider archive names starting with
# this prefix. Borg placeholders can be used. See the output of
# "borg help placeholders" for details. Default is "{hostname}-".
prefix: '{hostname}-{{ borgmatic_name }}'
# Shell commands or scripts to execute before and after a backup or if an error has occurred.
# IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic.
# Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to
# prevent potential shell injection or privilege escalation.
hooks:
{% for hook in borgmatic_hooks %}
{{ hook }}:
{{ borgmatic_hooks[hook] | to_nice_yaml(indent=2) | trim | indent(8) }}
{% endfor %}

14
roles/borgmatic/templates/service.j2 Normal file
View File

@ -0,0 +1,14 @@
#jinja2: lstrip_blocks: "True", trim_blocks: "True"
{{ ansible_managed | comment }}
[Unit]
Description=borgmatic {{ borgmatic_name }}backup
Wants=network-online.target
After=network-online.target
[Service]
Type=oneshot
# Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and
# dbus-user-session to be installed.
ExecStart=/usr/bin/systemd-inhibit --who="borgmatic {{ borgmatic_name }}" --why="Prevent interrupting scheduled backup" /usr/bin/borgmatic -c {{ borgmatic_config_file }} --verbosity -1 --syslog-verbosity 1

2
roles/borgmatic/tests/inventory Normal file
View File

@ -0,0 +1,2 @@
localhost

5
roles/borgmatic/tests/test.yml Normal file
View File

@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- borgmatic

2
roles/borgmatic/vars/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# vars file for borgmatic

2
roles/collectd/defaults/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# defaults file for collectd

316
roles/collectd/files/types.db Normal file
View File

@ -0,0 +1,316 @@
absolute value:ABSOLUTE:0:U
apache_bytes value:DERIVE:0:U
apache_connections value:GAUGE:0:65535
apache_idle_workers value:GAUGE:0:65535
apache_requests value:DERIVE:0:U
apache_scoreboard value:GAUGE:0:65535
ath_nodes value:GAUGE:0:65535
ath_stat value:DERIVE:0:U
backends value:GAUGE:0:65535
bad_peb_count value:COUNTER:0:U
bitrate value:GAUGE:0:4294967295
blocked_clients value:GAUGE:0:U
bool value:GAUGE:0:1
bucket value:GAUGE:0:U
buffer value:GAUGE:0:18446744073709551615
bytes value:GAUGE:0:U
cache_eviction value:DERIVE:0:U
cache_operation value:DERIVE:0:U
cache_ratio value:GAUGE:0:100
cache_result value:DERIVE:0:U
cache_size value:GAUGE:0:1125899906842623
capacity value:GAUGE:0:U
ceph_bytes value:GAUGE:U:U
ceph_latency value:GAUGE:U:U
ceph_rate value:DERIVE:0:U
changes_since_last_save value:GAUGE:0:U
charge value:GAUGE:0:U
clock_last_meas value:GAUGE:0:U
clock_last_update value:GAUGE:U:U
clock_mode value:GAUGE:0:U
clock_reachability value:GAUGE:0:U
clock_skew_ppm value:GAUGE:0:1000000
clock_state value:GAUGE:0:U
clock_stratum value:GAUGE:0:U
compression uncompressed:DERIVE:0:U, compressed:DERIVE:0:U
compression_ratio value:GAUGE:0:2
commands value:DERIVE:0:U
connections value:DERIVE:0:U
conntrack value:GAUGE:0:4294967295
contextswitch value:DERIVE:0:U
controller value:GAUGE:0:18446744073709551615
cookies value:DERIVE:0:U
count value:GAUGE:0:U
counter value:COUNTER:U:U
cpu value:DERIVE:0:U
cpu_affinity value:GAUGE:0:1
cpufreq value:GAUGE:0:U
current value:GAUGE:U:U
current_connections value:GAUGE:0:U
current_sessions value:GAUGE:0:U
delay value:GAUGE:-1000000:1000000
delay_rate value:GAUGE:0:U
derive value:DERIVE:0:U
df used:GAUGE:0:1125899906842623, free:GAUGE:0:1125899906842623
df_complex value:GAUGE:0:U
df_inodes value:GAUGE:0:U
dilution_of_precision value:GAUGE:0:U
disk_allocation value:GAUGE:0:U
disk_capacity value:GAUGE:0:U
disk_error value:GAUGE:0:U
disk_io_time io_time:DERIVE:0:U, weighted_io_time:DERIVE:0:U
disk_latency read:GAUGE:0:U, write:GAUGE:0:U
disk_merged read:DERIVE:0:U, write:DERIVE:0:U
disk_octets read:DERIVE:0:U, write:DERIVE:0:U
disk_ops read:DERIVE:0:U, write:DERIVE:0:U
disk_ops_complex value:DERIVE:0:U
disk_physical value:GAUGE:0:U
disk_time read:DERIVE:0:U, write:DERIVE:0:U
dns_answer value:DERIVE:0:U
dns_notify value:DERIVE:0:U
dns_octets queries:DERIVE:0:U, responses:DERIVE:0:U
dns_opcode value:DERIVE:0:U
dns_qtype value:DERIVE:0:U
dns_qtype_cached value:GAUGE:0:4294967295
dns_query value:DERIVE:0:U
dns_question value:DERIVE:0:U
dns_rcode value:DERIVE:0:U
dns_reject value:DERIVE:0:U
dns_request value:DERIVE:0:U
dns_resolver value:DERIVE:0:U
dns_response value:DERIVE:0:U
dns_transfer value:DERIVE:0:U
dns_update value:DERIVE:0:U
dns_zops value:DERIVE:0:U
domain_state state:GAUGE:0:U, reason:GAUGE:0:U
dpdk_telemetry value:COUNTER:0:U
drbd_resource value:DERIVE:0:U
duration seconds:GAUGE:0:U
email_check value:GAUGE:0:U
email_count value:GAUGE:0:U
email_size value:GAUGE:0:U
energy value:GAUGE:U:U
energy_wh value:GAUGE:U:U
entropy value:GAUGE:0:4294967295
errors value:DERIVE:0:U
evicted_keys value:DERIVE:0:U
expired_keys value:DERIVE:0:U
fanspeed value:GAUGE:0:U
file_handles value:GAUGE:0:U
file_size value:GAUGE:0:U
files value:GAUGE:0:U
filter_result value:DERIVE:0:U
flow value:GAUGE:0:U
fork_rate value:DERIVE:0:U
freepages value:GAUGE:0:U
frequency value:GAUGE:0:U
frequency_error value:GAUGE:-1000000:1000000
frequency_offset value:GAUGE:-1000000:1000000
fscache_stat value:DERIVE:0:U
gauge value:GAUGE:U:U
hash_collisions value:DERIVE:0:U
health value:GAUGE:0:18446744073709551615
http_request_methods value:DERIVE:0:U
http_requests value:DERIVE:0:U
http_response_codes value:DERIVE:0:U
humidity value:GAUGE:0:100
if_collisions value:DERIVE:0:U
if_dropped rx:DERIVE:0:U, tx:DERIVE:0:U
if_errors rx:DERIVE:0:U, tx:DERIVE:0:U
if_multicast value:DERIVE:0:U
if_octets rx:DERIVE:0:U, tx:DERIVE:0:U
if_packets rx:DERIVE:0:U, tx:DERIVE:0:U
if_rx_dropped value:DERIVE:0:U
if_rx_errors value:DERIVE:0:U
if_rx_nohandler value:DERIVE:0:U
if_rx_octets value:DERIVE:0:U
if_rx_packets value:DERIVE:0:U
if_tx_dropped value:DERIVE:0:U
if_tx_errors value:DERIVE:0:U
if_tx_octets value:DERIVE:0:U
if_tx_packets value:DERIVE:0:U
invocations value:DERIVE:0:U
io_octets rx:DERIVE:0:U, tx:DERIVE:0:U
io_ops read:DERIVE:0:U, write:DERIVE:0:U
io_packets rx:DERIVE:0:U, tx:DERIVE:0:U
ipc value:GAUGE:0:U
ipt_bytes value:DERIVE:0:U
ipt_packets value:DERIVE:0:U
irq value:DERIVE:0:U
job_stats value:DERIVE:0:U
latency value:GAUGE:0:U
links value:GAUGE:0:U
load shortterm:GAUGE:0:5000, midterm:GAUGE:0:5000, longterm:GAUGE:0:5000
max_ec value:COUNTER:0:U
media value:GAUGE:0:18446744073709551615
memory_bandwidth value:DERIVE:0:U
md_disks value:GAUGE:0:U
memcached_command value:DERIVE:0:U
memcached_connections value:GAUGE:0:U
memcached_items value:GAUGE:0:U
memcached_octets rx:DERIVE:0:U, tx:DERIVE:0:U
memcached_ops value:DERIVE:0:U
memory value:GAUGE:0:281474976710656
memory_lua value:GAUGE:0:281474976710656
memory_throttle_count value:DERIVE:0:U
multimeter value:GAUGE:U:U
mutex_operations value:DERIVE:0:U
mysql_bpool_bytes value:GAUGE:0:U
mysql_bpool_counters value:DERIVE:0:U
mysql_bpool_pages value:GAUGE:0:U
mysql_commands value:DERIVE:0:U
mysql_handler value:DERIVE:0:U
mysql_innodb_data value:DERIVE:0:U
mysql_innodb_dblwr value:DERIVE:0:U
mysql_innodb_log value:DERIVE:0:U
mysql_innodb_pages value:DERIVE:0:U
mysql_innodb_row_lock value:DERIVE:0:U
mysql_innodb_rows value:DERIVE:0:U
mysql_locks value:DERIVE:0:U
mysql_log_position value:DERIVE:0:U
mysql_octets rx:DERIVE:0:U, tx:DERIVE:0:U
mysql_select value:DERIVE:0:U
mysql_sort value:DERIVE:0:U
mysql_sort_merge_passes value:DERIVE:0:U
mysql_sort_rows value:DERIVE:0:U
mysql_slow_queries value:DERIVE:0:U
nfs_procedure value:DERIVE:0:U
nginx_connections value:GAUGE:0:U
nginx_requests value:DERIVE:0:U
node_octets rx:DERIVE:0:U, tx:DERIVE:0:U
node_rssi value:GAUGE:0:255
node_stat value:DERIVE:0:U
node_tx_rate value:GAUGE:0:127
objects value:GAUGE:0:U
operations value:DERIVE:0:U
operations_per_second value:GAUGE:0:U
packets value:DERIVE:0:U
pending_operations value:GAUGE:0:U
percent value:GAUGE:0:100.1
percent_bytes value:GAUGE:0:100.1
percent_inodes value:GAUGE:0:100.1
perf value:DERIVE:0:U
pf_counters value:DERIVE:0:U
pf_limits value:DERIVE:0:U
pf_source value:DERIVE:0:U
pf_state value:DERIVE:0:U
pf_states value:GAUGE:0:U
pg_blks value:DERIVE:0:U
pg_db_size value:GAUGE:0:U
pg_n_tup_c value:DERIVE:0:U
pg_n_tup_g value:GAUGE:0:U
pg_numbackends value:GAUGE:0:U
pg_scan value:DERIVE:0:U
pg_xact value:DERIVE:0:U
ping value:GAUGE:0:65535
ping_droprate value:GAUGE:0:1
ping_stddev value:GAUGE:0:65535
players value:GAUGE:0:1000000
pools value:GAUGE:0:U
power value:GAUGE:U:U
pressure value:GAUGE:0:U
protocol_counter value:DERIVE:0:U
ps_code value:GAUGE:0:9223372036854775807
ps_count processes:GAUGE:0:1000000, threads:GAUGE:0:1000000
ps_cputime user:DERIVE:0:U, syst:DERIVE:0:U
ps_data value:GAUGE:0:9223372036854775807
ps_disk_octets read:DERIVE:0:U, write:DERIVE:0:U
ps_disk_ops read:DERIVE:0:U, write:DERIVE:0:U
ps_pagefaults minflt:DERIVE:0:U, majflt:DERIVE:0:U
ps_rss value:GAUGE:0:9223372036854775807
ps_stacksize value:GAUGE:0:9223372036854775807
ps_state value:GAUGE:0:65535
ps_vm value:GAUGE:0:9223372036854775807
pstates_enabled value:GAUGE:0:1
pubsub value:GAUGE:0:U
queue_length value:GAUGE:0:U
records value:GAUGE:0:U
redis_command_cputime value:DERIVE:0:U
requests value:GAUGE:0:U
response_code value:GAUGE:0:U
response_time value:GAUGE:0:U
root_delay value:GAUGE:U:U
root_dispersion value:GAUGE:U:U
route_etx value:GAUGE:0:U
route_metric value:GAUGE:0:U
routes value:GAUGE:0:U
satellites value:GAUGE:0:U
segments value:GAUGE:0:65535
serial_octets rx:DERIVE:0:U, tx:DERIVE:0:U
signal_noise value:GAUGE:U:0
signal_power value:GAUGE:U:0
signal_quality value:GAUGE:0:U
slurm_job_state value:GAUGE:0:U
slurm_node_state value:GAUGE:0:U
slurm_backfilled_jobs value:DERIVE:0:U
slurm_cycles value:DERIVE:0:U
slurm_cycle_last value:GAUGE:0:U
slurm_cycle_duration value:DERIVE:0:U
slurm_last_cycle_depth value:GAUGE:0:U
slurm_cycle_depth value:DERIVE:0:U
slurm_job_stats value:DERIVE:0:U
slurm_queue_length value:DERIVE:0:U
smart_attribute current:GAUGE:0:255, worst:GAUGE:0:255, threshold:GAUGE:0:255, pretty:GAUGE:0:U
smart_badsectors value:GAUGE:0:U
smart_powercycles value:GAUGE:0:U
smart_poweron value:GAUGE:0:U
smart_temperature value:GAUGE:-300:300
snr value:GAUGE:0:U
spam_check value:GAUGE:0:U
spam_score value:GAUGE:U:U
spl value:GAUGE:U:U
swap value:GAUGE:0:1099511627776
swap_io value:DERIVE:0:U
sysevent value:GAUGE:0:1
tcp_connections value:GAUGE:0:4294967295
tdp value:GAUGE:U:U
temperature value:GAUGE:U:U
threads value:GAUGE:0:U
time_dispersion value:GAUGE:-1000000:1000000
time_offset value:GAUGE:-1000000:1000000
time_offset_ntp value:GAUGE:-1000000:1000000
time_offset_rms value:GAUGE:-1000000:1000000
time_ref value:GAUGE:0:U
timeleft value:GAUGE:0:U
timestamp value:GAUGE:0:18446744073709551615
total_bytes value:DERIVE:0:U
total_connections value:DERIVE:0:U
total_events value:DERIVE:0:U
total_objects value:DERIVE:0:U
total_operations value:DERIVE:0:U
total_requests value:DERIVE:0:U
total_sessions value:DERIVE:0:U
total_threads value:DERIVE:0:U
total_time_in_ms value:DERIVE:0:U
total_values value:DERIVE:0:U
turbo_enabled value:GAUGE:0:1
transitions value:DERIVE:0:U
uptime value:GAUGE:0:4294967295
uncore_ratio value:GAUGE:0:U
users value:GAUGE:0:65535
vcl value:GAUGE:0:65535
vcpu value:GAUGE:0:U
virt_cpu_total value:DERIVE:0:U
virt_vcpu value:DERIVE:0:U
vmpage_action value:DERIVE:0:U
vmpage_faults minflt:DERIVE:0:U, majflt:DERIVE:0:U
vmpage_io in:DERIVE:0:U, out:DERIVE:0:U
vmpage_number value:GAUGE:0:4294967295
volatile_changes value:GAUGE:0:U
voltage value:GAUGE:U:U
voltage_threshold value:GAUGE:U:U, threshold:GAUGE:U:U
vs_memory value:GAUGE:0:9223372036854775807
vs_processes value:GAUGE:0:65535
vs_threads value:GAUGE:0:65535
#
# Legacy types
# (required for the v5 upgrade target)
#
arc_counts demand_data:COUNTER:0:U, demand_metadata:COUNTER:0:U, prefetch_data:COUNTER:0:U, prefetch_metadata:COUNTER:0:U
arc_l2_bytes read:COUNTER:0:U, write:COUNTER:0:U
arc_l2_size value:GAUGE:0:U
arc_ratio value:GAUGE:0:U
arc_size current:GAUGE:0:U, target:GAUGE:0:U, minlimit:GAUGE:0:U, maxlimit:GAUGE:0:U
mysql_qcache hits:COUNTER:0:U, inserts:COUNTER:0:U, not_cached:COUNTER:0:U, lowmem_prunes:COUNTER:0:U, queries_in_cache:GAUGE:0:U
mysql_threads running:GAUGE:0:U, connected:GAUGE:0:U, cached:GAUGE:0:U, created:COUNTER:0:U

6
roles/collectd/handlers/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
# handlers file for collectd
- name: Restart collectd
systemd:
name: collectd
state: restarted

23
roles/collectd/molecule/default/INSTALL.rst Normal file
View File

@ -0,0 +1,23 @@
*********************************
Vagrant driver installation guide
*********************************
Requirements
============
* Vagrant
* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule_vagrant'

20
roles/collectd/molecule/default/converge.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Converge
become: yes
hosts: all
vars:
- collectd_network_server: testvagrant
- collectd_network_server: 192.168.2.240
- collectd_network_port: 25826
pre_tasks:
- name: Update apt cache
apt:
update_cache: yes
- name: set hostname
hostname:
name: vagrantcollectd
tasks:
- name: "Include collectd"
include_role:
name: "collectd"

19
roles/collectd/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,19 @@
---
dependency:
name: galaxy
driver:
name: vagrant
provider:
name: virtualbox
platforms:
- name: Debian
box: "debian/bullseye64"
pre_build_image: true
provisioner:
name: ansible
verifier:
name: testinfra
options:
sudo: true
v: 3

22
roles/collectd/molecule/default/tests/conftest.py Normal file
View File

@ -0,0 +1,22 @@
"""PyTest Fixtures."""
from __future__ import absolute_import
import os
import pytest
def pytest_runtest_setup(item):
"""Run tests only when under molecule with testinfra installed."""
try:
import testinfra
except ImportError:
pytest.skip("Test requires testinfra", allow_module_level=True)
if "MOLECULE_INVENTORY_FILE" in os.environ:
pytest.testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
else:
pytest.skip(
"Test should run only from inside molecule.", allow_module_level=True
)

18
roles/collectd/molecule/default/tests/test_default.py Normal file
View File

@ -0,0 +1,18 @@
"""Role testing files using testinfra."""
import pytest
def test_installed_packages(host):
collectd = host.package("collectd-core")
assert collectd.is_installed
def test_config(host):
collectd_config = host.file("/etc/collectd/collectd.conf")
assert collectd_config.exists
dtypes = host.file("/usr/share/collectd/types.db")
assert dtypes.exists
def test_service(host):
collectd = host.service("collectd")
assert collectd.is_enabled
assert collectd.is_running

10
roles/collectd/molecule/default/verify.yml Normal file
View File

@ -0,0 +1,10 @@
---
# This is an example playbook to execute Ansible tests.
- name: Verify
hosts: all
gather_facts: false
tasks:
- name: Example assertion
assert:
that: true

30
roles/collectd/tasks/main.yml Normal file
View File

@ -0,0 +1,30 @@
---
# tasks file for collectd
- name: Install collectd
apt:
name: collectd-core
state: present
- name: Make config dir
file:
path: "/etc/collectd/"
state: directory
- name: Copy dtypes.db
copy:
src: types.db
dest: /usr/share/collectd/types.db
- name: Feed config
template:
src: collectd.conf.j2
dest: /etc/collectd/collectd.conf
mode: 644
notify:
- Restart collectd
- name: Enable collectd service
systemd:
name: "collectd.service"
enabled: yes

18
roles/collectd/templates/collectd.conf.j2 Normal file
View File

@ -0,0 +1,18 @@
Hostname "{{ collectd_hostname | default(inventory_hostname) }}"
TypesDB "/usr/share/collectd/types.db"
LoadPlugin network
<Plugin "network">
Server "{{ collectd_network_server }}" "{{ collectd_network_port }}"
</Plugin>
LoadPlugin cpu
LoadPlugin load
LoadPlugin memory
LoadPlugin df
<Plugin "df">
IgnoreSelected true
</Plugin>

2
roles/collectd/tests/inventory Normal file
View File

@ -0,0 +1,2 @@
localhost

5
roles/collectd/tests/test.yml Normal file
View File

@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- collectd

2
roles/collectd/vars/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# vars file for collectd

38
roles/nfs_client/README.md Normal file
View File

@ -0,0 +1,38 @@
Role Name
=========
A brief description of the role goes here.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

7
roles/nfs_client/defaults/main.yml Normal file
View File

@ -0,0 +1,7 @@
---
# defaults file for nfs_client
shares:
- mount_point: /media/nfs/default
server: test.lan
export: /test
options: defaults

2
roles/nfs_client/handlers/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# handlers file for nfs_client

23
roles/nfs_client/molecule/default/INSTALL.rst Normal file
View File

@ -0,0 +1,23 @@
*********************************
Vagrant driver installation guide
*********************************
Requirements
============
* Vagrant
* Virtualbox, Parallels, VMware Fusion, VMware Workstation or VMware Desktop
Install
=======
Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.
.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
.. code-block:: bash
$ pip install 'molecule_vagrant'

24
roles/nfs_client/molecule/default/converge.yml Normal file
View File

@ -0,0 +1,24 @@
---
- name: Converge
hosts: all
become: yes
vars:
- shares:
- mount_point: /media/nfs/default
server: test.lan
export: /test
options: defaults
- mount_point: /media/nfs/other
server: test.lan
export: /other
options: defaults
pre_tasks:
- name: Update apt cache
apt:
update_cache: yes
tasks:
- name: "Include nfs_client"
include_role:
name: "nfs_client"

19
roles/nfs_client/molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,19 @@
---
dependency:
name: galaxy
driver:
name: vagrant
provider:
name: virtualbox
platforms:
- name: Debian
box: "debian/bullseye64"
pre_build_image: true
provisioner:
name: ansible
verifier:
name: testinfra
options:
sudo: true
v: 3

22
roles/nfs_client/molecule/default/tests/conftest.py Normal file
View File

@ -0,0 +1,22 @@
"""PyTest Fixtures."""
from __future__ import absolute_import
import os
import pytest
def pytest_runtest_setup(item):
"""Run tests only when under molecule with testinfra installed."""
try:
import testinfra
except ImportError:
pytest.skip("Test requires testinfra", allow_module_level=True)
if "MOLECULE_INVENTORY_FILE" in os.environ:
pytest.testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
else:
pytest.skip(
"Test should run only from inside molecule.", allow_module_level=True
)

7
roles/nfs_client/molecule/default/tests/test_default.py Normal file
View File

@ -0,0 +1,7 @@
"""Role testing files using testinfra."""
import pytest
def test_installed_packages(host):
nfs_common = host.package("nfs-common")
assert nfs_common.is_installed

31
roles/nfs_client/tasks/main.yml Normal file
View File

@ -0,0 +1,31 @@
---
# tasks file for nfs_client
- name: Install nfs-common
apt:
name: "{{ item }}"
state: present
with_items:
- nfs-common
- name: Ensure rpcbind is running (Debian)
systemd:
name: rpcbind
state: started
enabled: yes
- name: Ensure nfs mount points exist
file:
path: "{{ item.mount_point }}"
state: directory
with_items: "{{ nfs_shares }}"
- name: Add nfs shares to fstab
mount:
src: "{{ item.server }}:{{ item.export }}"
path: "{{ item.mount_point }}"
opts: "{{ item.options }}"
state: mounted
fstype: nfs
with_items: "{{ nfs_shares }}"

2
roles/nfs_client/tests/inventory Normal file
View File

@ -0,0 +1,2 @@
localhost

5
roles/nfs_client/tests/test.yml Normal file
View File

@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- nfs_client

2
roles/nfs_client/vars/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# vars file for nfs_client

21
vars/backup.yml Normal file
View File

@ -0,0 +1,21 @@
---
nfs_shares:
- mount_point: /mnt/Benjamin
server: nas.lan
export: /mnt/DocNas/Benjamin
options: "defaults,_netdev,rsize=8192,wsize=8192"
- mount_point: /mnt/Margot
server: nas.lan
export: /mnt/DocNas/Margot
options: "defaults,_netdev,rsize=8192,wsize=8192"
- mount_point: /mnt/Commun
server: nas.lan
export: /mnt/DocNas/Commun
options: defaults,_netdev,rsize=8192,wsize=8192
borg_source_directories: "{{ nfs_shares | map(attribute='mount_point') }}"
borg_repository: /backup/borgmatic

8
vars/backup_secret.yml Normal file
View File

@ -0,0 +1,8 @@
$ANSIBLE_VAULT;1.1;AES256
65636636393063666662376230316363666163336137353337613263316262396264623536363466
6531663935326330653465633663663161393538303661310a626635303731323732303966373836
31316233653365396335343034386232326661626537616439663433396439633538393138366334
6261633730636132340a376364363466336638646463323436633938633536376633636265666635
31666436306230643461626565353761316631376664366135316231616137646631343534653038
65646632303234333164373738666361316439386139346430343035323530666662356435313331
656364386339323039653433633962353166