Remove the shit out of ansible-pull

This commit is contained in:
Salt 2024-04-23 17:45:02 -05:00
parent 99845033f1
commit b780551d1d
12 changed files with 0 additions and 106 deletions

View File

@ -196,13 +196,6 @@
command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit pvestatd.service
hostgroup: role-hypervisor
# Tag-specific checks
# ansible-pull
- name: Unit ansible-pull.service
command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit ansible-pull.service
hostgroup: tag-ansible-pull
- name: Unit ansible-pull.timer
command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit ansible-pull.timer
hostgroup: tag-ansible-pull
# docker
- name: Unit docker.service
command: check_by_ssh!/usr/local/bin/monitoring-scripts/check_systemd_unit docker.service

View File

@ -3,4 +3,3 @@
---
# Supplementary tags
- import_playbook: tags_ansible.yml
- import_playbook: tags_ansible-pull.yml

View File

@ -1,27 +0,0 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
---
- hosts: tags_ansible-pull
gather_facts: no
roles:
- role: ansible-pull
vars:
ansible_pull_repo: "https://git.desu.ltd/salt/ansible"
ansible_pull_commit: master
tags: [ ansible ]
- role: git
vars:
git_repos:
- repo: "{{ ansible_pull_repo }}"
dest: /etc/ansible
tags: [ ansible ]
- hosts: all
gather_facts: no
tasks:
- name: disable ansible-pull when not tagged
ansible.builtin.systemd: name={{ item }} state=stopped enabled=no
with_items:
- ansible-pull.timer
- ansible-pull.service
when: "'tags_ansible-pull' not in group_names and item in services"
tags: [ ansible ]

View File

@ -1,3 +0,0 @@
# ansible-pull
This role configures and enables a period `ansible-pull` task through systemd, allowing for machines to ensure proper configuration periodically and of their own volition.

View File

@ -1,6 +0,0 @@
# vim:ft=ansible:
ansible_pull_boot_delay: 15min
ansible_pull_commit: master
ansible_pull_time: "*-*-* 01:00:00"
ansible_pull_playbook: pull.yml
ansible_pull_skip_tags: "skip-pull"

View File

@ -1,6 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
31383561303637303735386663306631333063623336643030643634333262336664363461613239
6230623439393465656161663432393732633662383833640a373433343236353835363130653937
31346233663237383666306536633962613534623735366531666561656335393964316230633161
3930636537313364380a376432363431346636363565383734613638316161643036623636656532
66333038393738663464343534633766643734393165626538633962376161376262

View File

@ -1,5 +0,0 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
- name: restart ansiblepull timer
ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started
become: yes

View File

@ -1,5 +0,0 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
---
dependencies:
- role: ansible

View File

@ -1,15 +0,0 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
- name: assure vault password file
ansible.builtin.copy: src=vaultpass dest="~/ansiblevaultpass" mode="0600"
become: yes
become_user: ansible
- name: install ansible
ansible.builtin.pip: name=ansible<5,ansible-lint state=latest
- name: configure systemd service
ansible.builtin.template: src=ansible-pull.service dest=/etc/systemd/system/ansible-pull.service mode=0644
- name: configure systemd timer
ansible.builtin.template: src=ansible-pull.timer dest=/etc/systemd/system/ansible-pull.timer mode=0644
notify: restart ansiblepull timer
- name: enable timer
ansible.builtin.systemd: daemon_reload=yes name=ansible-pull.timer enabled=yes state=started

View File

@ -1,19 +0,0 @@
# vim:ft=dosini:
[Unit]
Description=Ansible pull service
StartLimitIntervalSec=3600
StartLimitBurst=5
After=network-online.target
Wants=network-online.target
[Service]
User=ansible
Group=ansible
Type=oneshot
Environment=ANSIBLE_CONFIG=~/ansible-pull-repo/ansible-pull.cfg
ExecStart=ansible-pull --accept-host-key -U "{{ ansible_pull_repo }}" -C "{{ ansible_pull_commit }}" -d "~/ansible-pull-repo" --vault-password-file "~/ansiblevaultpass" "{{ ansible_pull_playbook }}" --skip-tags "{{ ansible_pull_skip_tags }}"
Restart=on-failure
RestartSec=90
[Install]
WantedBy=multi-user.target

View File

@ -1,11 +0,0 @@
# vim:ft=dosini:
[Unit]
Description=Ansible pull timer
[Timer]
Persistent=true
OnBootSec={{ ansible_pull_boot_delay }}
OnCalendar={{ ansible_pull_time }}
[Install]
WantedBy=timers.target

View File

@ -21,7 +21,6 @@ motd_remove_extra: []
# Services to monitor with our script
# Units that can't be found will be skipped
motd_watch_services:
- ansible-pull
- backup
motd_watch_services_extra: []
# Docker images to look for. Matches a simple glob (*{{ item }}*)