add: emails & log rotation space saver

2025-12-06 06:41:36 +01:00 · 2024-12-23 10:34:30 +00:00
parent 39fe939e6b
commit fca50fb390
6 changed files with 49 additions and 27 deletions
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -29,6 +29,11 @@ slapd_backup_submit_token: HISTORY_PURGED_SECRET

 tube_archivist_elasticsearch_password: HISTORY_PURGED_SECRET

+keep_journal_for_days: 3
+
+michy_email: HISTORY_PURGED_SECRET
+sheppy_email: HISTORY_PURGED_SECRET
+
 reactive_resume_postgres_password: HISTORY_PURGED_SECRET
 reactive_resume_minio_password: HISTORY_PURGED_SECRET
 reactive_resume_refresh_token: HISTORY_PURGED_SECRET
--- a/roles/base/tasks/main.yaml
+++ b/roles/base/tasks/main.yaml
@@ -56,4 +56,19 @@
    name: "check dirs"
    minute: "0"
    hour: "0"
-    job: "/usr/bin/journalctl --vacuum-time=7d"
+    job: "/usr/bin/journalctl --vacuum-time={{ keep_journal_for_days }}d"
+
+- name: Remove mails in var-mail
+  ansible.builtin.cron:
+    name: "Cleanup local mails"
+    minute: "0"
+    hour: "0"
+    job: "/usr/bin/rm -f /var/mail/*"
+
+- name: Template Logrotate configs
+  template:
+    src: "{{ item }}"
+    dest: "/etc/logrotate/logrotate.d/"
+  with_items:
+    - daemon.conf
+    - syslog.conf
--- a/roles/base/templates/daemon.conf
+++ b/roles/base/templates/daemon.conf
@@ -0,0 +1,9 @@
+/var/log/daemon.log {
+    daily
+    rotate {{ keep_journal_for_days }}
+    compress
+    delaycompress
+    missingok
+    notifempty
+    create
+}
--- a/roles/base/templates/syslog.conf
+++ b/roles/base/templates/syslog.conf
@@ -0,0 +1,9 @@
+/var/log/syslog.log {
+    daily
+    rotate {{ keep_journal_for_days }}
+    compress
+    delaycompress
+    missingok
+    notifempty
+    create
+}
--- a/roles/monitoring-master/files/users.conf
+++ b/roles/monitoring-master/files/users.conf
@@ -1,25 +0,0 @@
-object User "michy" {
-  import "generic-user"
-
-  display_name = "Michy Monitoring"
-  groups =  ["ese"]
-
-  email = "HISTORY_PURGED_SECRET"
-}
-
-object User "icingaadmin" {
-  import "generic-user"
-
-  display_name = "Icinga 2 Admin"
-  groups = [ "icingaadmins" ]
-
-  email = "HISTORY_PURGED_SECRET"
-}
-
-object UserGroup "icingaadmins" {
-  display_name = "Icinga 2 Admin Group"
-}
-
-object UserGroup "ese" {
-  display_name = "ESports-Erlangen Gruppe"
-}
--- a/roles/monitoring-master/tasks/icinga.yaml
+++ b/roles/monitoring-master/tasks/icinga.yaml
@@ -76,6 +76,16 @@
    state: started
    enabled: yes

+- name: Copy icinga configuration
+  template:
+    src: "{{ item }}"
+    dest: /etc/icinga2/conf.d/
+    owner: root
+    group: nagios
+    mode: 0640
+  with_items:
+    - users.conf
+
 - name: Copy icinga configuration
  copy:
    src: "{{ item }}"
@@ -89,7 +99,6 @@
    - services_passive.conf
    - services_passive_mail_extern.conf
    - services_async.conf
-    - users.conf
    - michy-ese-server.conf
    - async-icinga-services-dynamic.conf
  notify: