sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-06 07:51:35 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

add: emails & log rotation space saver

Browse Source
This commit is contained in:
Johnathen Sheppard
2024-12-23 10:34:30 +00:00
parent 39fe939e6b
commit fca50fb390
6 changed files with 49 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
group_vars/all.yaml
View File

@@ -29,6 +29,11 @@ slapd_backup_submit_token: HISTORY_PURGED_SECRET
tube_archivist_elasticsearch_password: HISTORY_PURGED_SECRET tube_archivist_elasticsearch_password: HISTORY_PURGED_SECRET
keep_journal_for_days: 3
michy_email: HISTORY_PURGED_SECRET
sheppy_email: HISTORY_PURGED_SECRET
reactive_resume_postgres_password: HISTORY_PURGED_SECRET reactive_resume_postgres_password: HISTORY_PURGED_SECRET
reactive_resume_minio_password: HISTORY_PURGED_SECRET reactive_resume_minio_password: HISTORY_PURGED_SECRET
reactive_resume_refresh_token: HISTORY_PURGED_SECRET reactive_resume_refresh_token: HISTORY_PURGED_SECRET

17
roles/base/tasks/main.yaml
View File

@@ -56,4 +56,19 @@
name: "check dirs" name: "check dirs"
minute: "0" minute: "0"
hour: "0" hour: "0"
job: "/usr/bin/journalctl --vacuum-time=7d" job: "/usr/bin/journalctl --vacuum-time={{ keep_journal_for_days }}d"
- name: Remove mails in var-mail
ansible.builtin.cron:
name: "Cleanup local mails"
minute: "0"
hour: "0"
job: "/usr/bin/rm -f /var/mail/*"
- name: Template Logrotate configs
template:
src: "{{ item }}"
dest: "/etc/logrotate/logrotate.d/"
with_items:
- daemon.conf
- syslog.conf

9
roles/base/templates/daemon.conf Normal file
View File

@@ -0,0 +1,9 @@
/var/log/daemon.log {
daily
rotate {{ keep_journal_for_days }}
compress
delaycompress
missingok
notifempty
create
}

9
roles/base/templates/syslog.conf Normal file
View File

@@ -0,0 +1,9 @@
/var/log/syslog.log {
daily
rotate {{ keep_journal_for_days }}
compress
delaycompress
missingok
notifempty
create
}

25
roles/monitoring-master/files/users.conf
View File

@@ -1,25 +0,0 @@
object User "michy" {
import "generic-user"
display_name = "Michy Monitoring"
groups = ["ese"]
email = "HISTORY_PURGED_SECRET"
}
object User "icingaadmin" {
import "generic-user"
display_name = "Icinga 2 Admin"
groups = [ "icingaadmins" ]
email = "HISTORY_PURGED_SECRET"
}
object UserGroup "icingaadmins" {
display_name = "Icinga 2 Admin Group"
}
object UserGroup "ese" {
display_name = "ESports-Erlangen Gruppe"
}

11
roles/monitoring-master/tasks/icinga.yaml
View File

@@ -76,6 +76,16 @@
state: started state: started
enabled: yes enabled: yes
- name: Copy icinga configuration
template:
src: "{{ item }}"
dest: /etc/icinga2/conf.d/
owner: root
group: nagios
mode: 0640
with_items:
- users.conf
- name: Copy icinga configuration - name: Copy icinga configuration
copy: copy:
src: "{{ item }}" src: "{{ item }}"
@@ -89,7 +99,6 @@
- services_passive.conf - services_passive.conf
- services_passive_mail_extern.conf - services_passive_mail_extern.conf
- services_async.conf - services_async.conf
- users.conf
- michy-ese-server.conf - michy-ese-server.conf
- async-icinga-services-dynamic.conf - async-icinga-services-dynamic.conf
notify: notify: