snailed/ansible-example
2
0
Fork 0
Code Activity

add zfs, improve readme

Browse source
This commit is contained in:
Luca Bilke 2024-02-11 19:26:49 +01:00
parent 817b26ccd5
commit 7503d70184
No known key found for this signature in database
GPG key ID: AD6630D0A1E650AC
4 changed files with 46 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
README.md
View file

@ -35,19 +35,37 @@ logpath = /var/log/traefik/access.log
port = http,https port = http,https
``` ```
## Ausführen ### zfs
Unter `devices: ` musst die die ID von deiner HDD angeben, um ein ZFS pool zu erstellen. Mit `ls -l /dev/disk/by-id` kannst du die IDs anzeigen.
___Hier musst du die ID von der Platte angeben, nicht von einer Partition!___
Das Pool (im Beispiel "tank" bennant) wird dann unter `/tank` gemountet.
Hier kannst du dann Docker Volumes ablegen oder einfach Ordner erstellen die dann in Docker gemountet werden.
## Kommandos
### Playbook ausführen
``` ```
ansible-playbook site.yml ansible-playbook site.yml
# oder
ansible-playbook site.yml -l hostname -t tag1,tag2
``` ```
### Variable finden
```
ansible hostname -m debug -a 'var=nft_define_host["input tcp accepted"]'
```
## Dokumentation ## Dokumentation
### nftables ### nftables
- [Rolle](https://github.com/ipr-cnrs/nftables/blob/master/README.md) - [Rolle](https://github.com/ipr-cnrs/nftables/blob/master/README.md)
- [Dokumentation](https://wiki.nftables.org/wiki-nftables/index.php/Main_Page)
### fail2ban ### fail2ban
- [Rolle](https://github.com/Oefenweb/ansible-fail2ban/blob/master/README.md) - [Rolle](https://github.com/Oefenweb/ansible-fail2ban/blob/master/README.md)
- [Konfiguration](https://github.com/fail2ban/fail2ban/wiki/Proper-fail2ban-configuration) - [Dokumentation](https://github.com/fail2ban/fail2ban/wiki)
### zfs ### zfs
- [Rolle](https://github.com/mrlesmithjr/ansible-zfs/blob/master/README.md) - [Rolle](https://github.com/mrlesmithjr/ansible-zfs/blob/master/README.md)
- [Dokumentation](https://openzfs.github.io/openzfs-docs/index.html)

15
host_vars/server.example.com.yml
View file

@ -27,3 +27,18 @@ fail2ban_services:
# logpath: /var/log/nginx/error.log # logpath: /var/log/nginx/error.log
# port: http,https # port: http,https
zfs_create_pools: true
zfs_pools:
- name: tank
action: create
atime: "off"
compression: "off"
devices:
# TODO: Ersetze diese zeile mit der ID von deiner Platte
- ata-ST2000DM001-1CH164_FAKEDISK
type: basic
state: present
scrub_cron:
enable: true
hour: "4"
weekday: sunday

4
requirements.yaml
View file

@ -4,3 +4,7 @@ roles:
- src: Oefenweb.fail2ban - src: Oefenweb.fail2ban
version: v4.0.8 version: v4.0.8
- name: mrlesmithjr.ansible-zfs
src: git+https://github.com/mrlesmithjr/ansible-zfs
version: 9560a44

7
site.yml
View file

@ -1,3 +1,10 @@
---
- name: Import zfs
hosts:
- all
roles:
- mrlesmithjr.ansible-zfs
- name: Import nftables - name: Import nftables
hosts: hosts:
- all - all