Remove the shit out of ansible-pull

2024-04-23 17:45:02 -05:00 · 2024-04-23 17:45:02 -05:00 · b780551d1d
commit b780551d1d
parent 99845033f1
12 changed files with 0 additions and 106 deletions
--- a/playbooks/prod_web.yml
+++ b/playbooks/prod_web.yml
@ -196,13 +196,6 @@
            command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pvestatd.service
            hostgroup: role-hypervisor
          # Tag-specific checks
          # ansible-pull
          - name: Unit ansible-pull.service
            command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit ansible-pull.service
            hostgroup: tag-ansible-pull
          - name: Unit ansible-pull.timer
            command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit ansible-pull.timer
            hostgroup: tag-ansible-pull
          # docker
          - name: Unit docker.service
            command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit docker.service
--- a/playbooks/site_common.yml
+++ b/playbooks/site_common.yml
@ -3,4 +3,3 @@
 ---
  # Supplementary tags
 - import_playbook: tags_ansible.yml
 - import_playbook: tags_ansible-pull.yml
--- a/playbooks/tags_ansible-pull.yml
+++ b/playbooks/tags_ansible-pull.yml
@ -1,27 +0,0 @@
 #!/usr/bin/env ansible-playbook
 # vim:ft=ansible:
 ---
 - hosts: tags_ansible-pull
  gather_facts: no
  roles:
    - role: ansible-pull
      vars:
        ansible_pull_repo: "https://git.desu.ltd/salt/ansible"
        ansible_pull_commit: master
      tags: [ ansible ]
    - role: git
      vars:
        git_repos:
          - repo: "{{ ansible_pull_repo }}"
            dest: /etc/ansible
      tags: [ ansible ]
 - hosts: all
  gather_facts: no
  tasks:
    - name: disable ansible-pull when not tagged
      ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
      with_items:
        - ansible-pull.timer
        - ansible-pull.service
      when: "'tags_ansible-pull' not in group_names and item in services"
      tags: [ ansible ]
--- a/roles/ansible-pull/README.md
+++ b/roles/ansible-pull/README.md
@ -1,3 +0,0 @@
 # ansible-pull
 This role configures and enables a period `ansible-pull` task through systemd, allowing for machines to ensure proper configuration periodically and of their own volition.
--- a/roles/ansible-pull/defaults/main.yml
+++ b/roles/ansible-pull/defaults/main.yml
@ -1,6 +0,0 @@
 # vim:ft=ansible:
 ansible_pull_boot_delay: 15min
 ansible_pull_commit: master
 ansible_pull_time: "*-*-* 01:00:00"
 ansible_pull_playbook: pull.yml
 ansible_pull_skip_tags: "skip-pull"
--- a/roles/ansible-pull/files/vaultpass
+++ b/roles/ansible-pull/files/vaultpass
@ -1,6 +0,0 @@
 $ANSIBLE_VAULT;1.1;AES256
 31383561303637303735386663306631333063623336643030643634333262336664363461613239
 6230623439393465656161663432393732633662383833640a373433343236353835363130653937
 31346233663237383666306536633962613534623735366531666561656335393964316230633161
 3930636537313364380a376432363431346636363565383734613638316161643036623636656532
 66333038393738663464343534633766643734393165626538633962376161376262
--- a/roles/ansible-pull/handlers/main.yml
+++ b/roles/ansible-pull/handlers/main.yml
@ -1,5 +0,0 @@
 #!/usr/bin/env ansible-playbook
 # vim:ft=ansible:
 - name: restart ansiblepull timer
  ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
  become: yes
--- a/roles/ansible-pull/meta/main.yml
+++ b/roles/ansible-pull/meta/main.yml
@ -1,5 +0,0 @@
 #!/usr/bin/env ansible-playbook
 # vim:ft=ansible:
 ---
 dependencies:
  - role: ansible
--- a/roles/ansible-pull/tasks/main.yml
+++ b/roles/ansible-pull/tasks/main.yml
@ -1,15 +0,0 @@
 #!/usr/bin/env ansible-playbook
 # vim:ft=ansible:
 - name: assure vault password file
  ansible.builtin.copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
  become: yes
  become_user: ansible
 - name: install ansible
  ansible.builtin.pip: name=ansible<5,ansible-lint state=latest
 - name: configure systemd service
  ansible.builtin.template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644
 - name: configure systemd timer
  ansible.builtin.template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644
  notify: restart ansiblepull timer
 - name: enable timer
  ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
--- a/roles/ansible-pull/templates/ansible-pull.service
+++ b/roles/ansible-pull/templates/ansible-pull.service
@ -1,19 +0,0 @@
 # vim:ft=dosini:
 [Unit]
 Description=Ansible pull service
 StartLimitIntervalSec=3600
 StartLimitBurst=5
 After=network-online.target
 Wants=network-online.target
 [Service]
 User=ansible
 Group=ansible
 Type=oneshot
 Environment=ANSIBLE_CONFIG=~/ansible-pull-repo/ansible-pull.cfg
 ExecStart=ansible-pull --accept-host-key -U "{{ ansible_pull_repo }}" -C "{{ ansible_pull_commit }}" -d "~/ansible-pull-repo" --vault-password-file "~/ansiblevaultpass" "{{ ansible_pull_playbook }}" --skip-tags "{{ ansible_pull_skip_tags }}"
 Restart=on-failure
 RestartSec=90
 [Install]
 WantedBy=multi-user.target
--- a/roles/ansible-pull/templates/ansible-pull.timer
+++ b/roles/ansible-pull/templates/ansible-pull.timer
@ -1,11 +0,0 @@
 # vim:ft=dosini:
 [Unit]
 Description=Ansible pull timer
 [Timer]
 Persistent=true
 OnBootSec={{ ansible_pull_boot_delay }}
 OnCalendar={{ ansible_pull_time }}
 [Install]
 WantedBy=timers.target
--- a/roles/motd/defaults/main.yml
+++ b/roles/motd/defaults/main.yml
@ -21,7 +21,6 @@ motd_remove_extra: []
 # Services to monitor with our script
 # Units that can't be found will be skipped
 motd_watch_services:
  - ansible-pull
  - backup
 motd_watch_services_extra: []
 # Docker images to look for. Matches a simple glob (*{{ item }}*)
		`@ -1,3 +0,0 @@`
			`# ansible-pull`

			This role configures and enables a period `ansible-pull` task through systemd, allowing for machines to ensure proper configuration periodically and of their own volition.