me/env-ansible
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Hosts Variable Refactor, User Name Refactor, Metasploit, Brave on Fedora, Aliases (#19)

Browse Source 
* Add Brave to Fedora (DNF).

* First attempt to add metasploit installer.

* Fix check for Linux and macOS to use System, not Distro.

* Add more memorable aliases for msfconsole.

* Telegraf is attemping to install doube-time since hosts match both localhost and hostname.

* Add missing pipe.

* Attempt to fix flatpak play no longer being able to find user_ling var. Don't see anything in the dev branch which would have changed this behavior though.

* Add note for future removal.

* Use general gather for all groups. Move user variables to it.

* Feodra Workstation succeeds now! Add newline to end of file.

* First attempt at doing host variables via local files.

* Try using ini as lookup.

* Remove "-" typo.

* Add an initial gather even though it may not have all values properly populated on a machine's first run.

* Fix typo in ignore.

* Try default values.

* Try defaults without quotes.

* Add a section header. Add a default back.

* Rename section to global.

* Add workstation provision file. Change variables to require true. Only load config file if hosts is not being used.

* Put flags back on Dell so that programs are not removed while configuring files.

* Add provision config read to workstation.

* Go ahead and force config files for hosts. Only affects dev branch until PR. Start making miner and server files.

* Change {{}} to (()) in comments to avoid undefined variable error.

* Attempt to modify existing task groups instead of moving all tasks to one large group.

* Try to use blocks.

* Name blocks and remove redundant calls.

* Do the bare minimum for miner and server so the variables are at least defined.

* Ensure Server and Miner look at their own files.

* Test how block variables are handled.

* Are the variables true Booleans, not strings??

* Change exits to tests so we can see which ones work.

* Add more tests.

* Add the test results.

* Add config_dir for plays to use when making any config files.

* Move provision config dir.

* Add results of test.

* Remove the exit. Fix the blocks' whens.

* Do provision after starting, that way all facts exist.

* Fix all "true"'s.

* Adjust variable checks for provision_config changes.

* Change gui to wrk. Add aliases to cat files.

* Comment entire hosts file.

* Add localhost,

* Try localhost rather than host file group.

* Fix typo in "prov_dir".

* Add newline to end of file.

* Add newline to end of file.

* Add newline to end of file.

* Debug variable. Should be getting set but receiving errors on Fedora.

* Add newline to end of file.

* Fix debug property, var not name.

* Fix show-config. Change show-config-all to only hit active files, not backups.

* Uncomment commented workstation.

* Add commands to edit files.

* Attempt to fix gitlab installer variables.

* Attempt to fix gitlab play variable.

* Replacing `ling` for `{{ user }}`.

* Remove TODO.

* Remove `config_dir` and move provision config back near top.

* `user_root` is not needed, already moved to /usr/local/etc/.

* Add value for running anything at all. This allows user to set up files before first run.

* Reduce the check frequency,

* Ensure files are printed in correct order. Also add a newline between each.

* Only send file if it exists, and then remove it if it sends successfully.

* Always set the destination variables.

* Only run the scp for systems without sshfs. Forgot that system variables were shared between the two, and do not want to scp the files to themselves then delete the files from the mount.
This commit is contained in:
Hyperling
2021-12-05 18:08:51 -06:00
committed by GitHub
parent b3b2874ad3
commit 8e4247fd58
49 changed files with 735 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tasks/general/acct_mgmt/groups.yml
View File

@ -9,4 +9,4 @@
loop:
- sudo
- video
- render
- render

2
tasks/general/acct_mgmt/keys.yml
View File

@ -13,4 +13,4 @@
ignore_errors: yes
- name: General | Account Management | Keys | Root | Copy SSH to 1337
shell: ssh-copy-id -i /root/.ssh/id_rsa {{ leet_ssh }}
shell: ssh-copy-id -i /root/.ssh/id_rsa {{ leet_ssh }}

2
tasks/general/acct_mgmt/mounts.yml
View File

@ -66,4 +66,4 @@
- name: General | Account Management | Mounts | Refresh Variable leet_drive_details
stat:
path: "{{ leet_drive }}/Temp/ansible"
register: leet_drive_details
register: leet_drive_details

262
tasks/general/acct_mgmt/provision_config.yml Normal file
View File

@ -0,0 +1,262 @@
---
# Set up directory and files for specifying software needs rather than using hosts file.
- name: General | Account Management | Provisioning Configuration | Variables 1
set_fact:
prov_dir: "/usr/local/etc/hyperling-scm"
- name: General | Account Management | Provisioning Configuration | Variables 2
set_fact:
gen_file: "{{ prov_dir }}/general.ini"
wrk_file: "{{ prov_dir }}/workstation.ini"
mnr_file: "{{ prov_dir }}/miner.ini"
srv_file: "{{ prov_dir }}/server.ini"
- name: General | Account Management | Provisioning Configuration | Create Directory
file:
path: "{{ prov_dir }}"
state: directory
mode: '0755'
## General ##
- name: General | Account Management | Provisioning Configuration | General | Create
blockinfile:
path: "{{ gen_file }}"
block: |
;;;;;;; Available options - all require lowercase values ;;;;;;
;
; enable : Provide true for the provision to occur.
;
; user : Provide the name of the user account.
; Example: tom, jerry, kim, sarah
;
; user_desc : Provide the description of the user account.
; Example: Thomas, Jerry, Kimberly, Sarah
;
; branch : Provide the Github branch that the machine should poll.
; Example: main, dev
;
; pentesting : Set to true to install tools such as metasploit (nmap is already provided for reporting)
;
[global]
marker: '; {mark} MANAGED BY ANSIBLE | Generic Config'
state: present
create: yes
backup: yes
- name: General | Account Management | Provisioning Configuration | General | Load
set_fact:
provision: "{{ lookup('ini', 'enable file={{gen_file}} default=false') }}"
user: "{{ lookup('ini', 'user file={{gen_file}} default=ling') }}"
user_desc: "{{ lookup('ini', 'user_desc file={{gen_file}} default=Hyperling') }}"
branch: "{{ lookup('ini', 'branch file={{gen_file}} default=main') }}"
pentesting: "{{ lookup('ini', 'pentesting file={{gen_file}} default=false') }}"
- name: General | Account Management | Provisioning Configuration | General | Print
debug:
var: "{{ item }}"
loop:
- provision
- user
- user_desc
- branch
- pentesting
## Workstation ##
- name: General | Account Management | Provisioning Configuration | Workstation | Create
blockinfile:
path: "{{ wrk_file }}"
block: |
;;;;;;; Available options - all require lowercase values ;;;;;;
;
; enable : Set to true for system to be considered a workstation.
;
; coding : Set to true for installation of code editors (VSCode, PyCharm, Android Studio)
;
; editing : Set to true for installation of Audio/Video editors (Shotcut, Audacity, OBS Stdio, GIMP)
;
; gaming : Set to true for installation of gaming software (Steam, Lutris)
;
; rdp : Set to true for installation of RDP protocol
; CURRENTLY FREEBSD-ONLY
;
; vnc : Set to true for installation of VNC protocol
; NOT IMPLEMENTED YET
;
[global]
marker: '; {mark} MANAGED BY ANSIBLE | Workstation Config'
state: present
create: yes
backup: yes
- name: General | Account Management | Provisioning Configuration | Workstation | Load
set_fact:
workstation: "{{ lookup('ini', 'enable file={{wrk_file}} default=false') }}"
coding: "{{ lookup('ini', 'coding file={{wrk_file}} default=false') }}"
editing: "{{ lookup('ini', 'editing file={{wrk_file}} default=false') }}"
gaming: "{{ lookup('ini', 'gaming file={{wrk_file}} default=false') }}"
rdp: "{{ lookup('ini', 'rdp file={{wrk_file}} default=false') }}"
vnc: "{{ lookup('ini', 'vnc file={{wrk_file}} default=false') }}"
- name: General | Account Management | Provisioning Configuration | Workstation | Print
debug:
var: "{{ item }}"
loop:
- workstation
- coding
- editing
- gaming
- rdp
- vnc
## Miner ##
- name: General | Account Management | Provisioning Configuration | Miner | Create
blockinfile:
path: "{{ mnr_file }}"
block: |
;;;;;;; Available options - all require lowercase values ;;;;;;
;
; enable : Set to true for system to be considered a miner.
;
; amdgpu : Set to true for installation of AMDGPU-Pro drivers on Ubuntu (20.04 preferred)
;
; nanominer : Set to true for installation of nanominer
;
; nanominer_cpu : Set to coin code that you'd like the CPU to work on
; Valid values: xmr
;
; nanominer_cpu_pool : Set to pool organization to use for CPU mining
; Valid values: nanopool
;
; nanominer_gpu : Set to coin code that you'd like the GPU to work on
; Valid values: eth
;
; nanominer_gpus : Set to comma list of GPU devices that should be used for nanominer
; Example: 0,2,3
;
; nanominer_gpu_pool : Set to pool organization to use for GPU mining
; Valid values: nanopool etherpool f2pool
;
; eth_minhashrate : Set to minimum hashrate over 10 minutes before restarting. Can accept M for Million and K for thousand.
; Example: 100K
;
; ethminer : Set to true for installation of ethminer
;
; nvidia : Set to true for NVidia support in ethminer.
;
[global]
marker: '; {mark} MANAGED BY ANSIBLE | Miner Config'
state: present
create: yes
backup: yes
- name: General | Account Management | Provisioning Configuration | Miner | Load
set_fact:
miner: "{{ lookup('ini', 'enable file={{mnr_file}} default=false') }}"
amdgpu: "{{ lookup('ini', 'amdgpu file={{mnr_file}} default=false') }}"
nanominer: "{{ lookup('ini', 'nanominer file={{mnr_file}} default=false') }}"
nanominer_cpu: "{{ lookup('ini', 'nanominer_cpu file={{mnr_file}} default=false') }}"
nanominer_cpu_pool: "{{ lookup('ini', 'nanominer_cpu_pool file={{mnr_file}} default=false') }}"
nanominer_gpu: "{{ lookup('ini', 'nanominer_gpu file={{mnr_file}} default=false') }}"
nanominer_gpus: "{{ lookup('ini', 'nanominer_gpus file={{mnr_file}} default=false') }}"
nanominer_gpu_pool: "{{ lookup('ini', 'nanominer_gpu_pool file={{mnr_file}} default=false') }}"
eth_minhashrate: "{{ lookup('ini', 'eth_minhashrate file={{mnr_file}} default=false') }}"
ethminer: "{{ lookup('ini', 'ethminer file={{mnr_file}} default=false') }}"
nvidia: "{{ lookup('ini', 'nvidia file={{mnr_file}} default=false') }}"
- name: General | Account Management | Provisioning Configuration | Miner | Print
debug:
var: "{{ item }}"
loop:
- miner
- amdgpu
- nanominer
- nanominer_cpu
- nanominer_cpu_pool
- nanominer_gpu
- nanominer_gpus
- nanominer_gpu_pool
- eth_minhashrate
- ethminer
- nvidia
## Server ##
- name: General | Account Management | Provisioning Configuration | Server | Create
blockinfile:
path: "{{ srv_file }}"
block: |
;;;;;;; Parameters ;;;;;;
;
; enable : Set to true for system to be considered a server.
;
; domain : Set to the domain which gives the server its FQDN.
; Example: hyperling.com
;
; onlyoffice : Set to true for this server to be configured as an OnlyOffice server.
;
; grafana : Set to true for this server to be configured as an Grafana web server.
;
; influxdb1 : Set to true for this server to be configured as an Influx 1 DB server.
;
; influxdb2 : Set to true for this server to be configured as an Influx 2 DB + web server.
;
; certbot : Set to true to add cron job for `certbot renew`.
;
; hugo : Set to true to install HUGO static website generator.
;
; gitlab : ee - Installs Enterprise Edition Free Tier. Basically CE with an easier upgrade path for Paid Features.
; ce - Installs Community Edition. Excludes paid features if you'll never use them. Supposedly difficult to move to EE.
; Example: ce
;
; gitlab_url : The URL prefix for the server. Using 'http://mygitlabserver' would result in "http://mygitlabserver.((domain))".
; Regardless of whether you choose http or https, the Certbot config will be skipped since the maintainer uses a reverse proxy.
; Example: https://gitlab
;
[global]
marker: '; {mark} MANAGED BY ANSIBLE | Server Config'
state: present
create: yes
backup: yes
- name: General | Account Management | Provisioning Configuration | Server | Load
set_fact:
server: "{{ lookup('ini', 'enable file={{srv_file}} default=false') }}"
domain: "{{ lookup('ini', 'domain file={{srv_file}} default=hyperling.com') }}"
onlyoffice: "{{ lookup('ini', 'onlyoffice file={{srv_file}} default=false') }}"
grafana: "{{ lookup('ini', 'grafana file={{srv_file}} default=false') }}"
influxdb1: "{{ lookup('ini', 'influxdb1 file={{srv_file}} default=false') }}"
influxdb2: "{{ lookup('ini', 'influxdb2 file={{srv_file}} default=false') }}"
certbot: "{{ lookup('ini', 'certbot file={{srv_file}} default=false') }}"
hugo: "{{ lookup('ini', 'hugo file={{srv_file}} default=false') }}"
gitlab: "{{ lookup('ini', 'gitlab file={{srv_file}} default=false') }}"
gitlab_url: "{{ lookup('ini', 'gitlab_url file={{srv_file}} default=false') }}"
- name: General | Account Management | Provisioning Configuration | Server | Print
debug:
var: "{{ item }}"
loop:
- server
- domain
- onlyoffice
- grafana
- influxdb1
- influxdb2
- certbot
- hugo
- gitlab
- gitlab_url
## Exit if not turned on yet ##
- name: General | Account Management | Provisioning Configuration | Exit Check
shell: echo "Please configure the config files in {{ prov_dir }} then try again." && exit 1
when: provision != true

2
tasks/general/acct_mgmt/sudo.yml
View File

@ -15,4 +15,4 @@
dest: "{{ sudoers_install_dir }}"
owner: root
group: "{{ root_group }}"
mode: 0440
mode: 0440

54
tasks/general/acct_mgmt/users.yml
View File

@ -5,11 +5,11 @@
- name: General | Account Management | Users | Use BASH (Default)
set_fact:
ling_shell: "{{ bash_exec.stdout }}"
user_shell: "{{ bash_exec.stdout }}"
- name: General | Account Management | Users | Use ZSH (Arch+Manjaro)
set_fact:
ling_shell: "{{ zsh_exec.stdout }}"
user_shell: "{{ zsh_exec.stdout }}"
when: ansible_distribution == "Archlinux"
@ -38,23 +38,23 @@
- name: General | Account Management | Users | Hyperling
user:
name: ling
comment: Hyperling
name: "{{ user }}"
comment: "{{ user_desc }}"
groups:
- sudo
- video
- render
append: yes
shell: "{{ ling_shell }}"
shell: "{{ user_shell }}"
create_home: yes
generate_ssh_key: yes
register: user_ling
register: user_user
- name: General | Account Management | Users | Hyperling | Test Logging In
shell: "echo SUCCESS"
args:
executable: "{{ ling_shell }}"
become_user: ling
executable: "{{ user_shell }}"
become_user: "{{ user }}"
## Folders ##
@ -76,14 +76,14 @@
state: directory
mode: '0755'
loop:
- "{{ user_ling.home }}/bin"
- "{{ user_ling.home }}/LBRY"
- "{{ user_ling.home }}/TRASH"
become_user: ling
when: user_ling.home != ""
- "{{ user_user.home }}/bin"
- "{{ user_user.home }}/LBRY"
- "{{ user_user.home }}/TRASH"
become_user: "{{ user }}"
when: user_user.home != ""
- name: General | Account Management | Users | Folders | Home Directories 700
shell: "chmod 700 {{ user_ling.home }}/../*"
shell: "chmod 700 {{ user_user.home }}/../*"
## Files ##
@ -153,6 +153,21 @@
bye: |
alias bye="{{ shutdown_command }}"
alias goodbye="update -y && bye"
metasploit: |
alias metasploit="msfconsole"
alias hax="metasploit"
show_config: |
alias show-config-gen="cat {{ gen_file }}"
alias show-config-wrk="cat {{ wrk_file }}"
alias show-config-mnr="cat {{ mnr_file }}"
alias show-config-srv="cat {{ srv_file }}"
alias show-config-all="show-config-gen && echo '' && show-config-wrk && echo '' && show-config-mnr && echo '' && show-config-srv"
alias show-config="show-config-all"
edit_config: |
alias edit-config-gen="sudo $EDITOR {{ gen_file }}"
alias edit-config-wrk="sudo $EDITOR {{ wrk_file }}"
alias edit-config-mnr="sudo $EDITOR {{ mnr_file }}"
alias edit-config-srv="sudo $EDITOR {{ srv_file }}"
- name: General | Account Management | Users | Files | Common Variable
set_fact:
@ -171,6 +186,9 @@
{{ editor }}
{{ init_aliases }}
{{ bye }}
{{ metasploit }}
{{ show_config }}
{{ edit_config }}
- name: General | Account Management | Users | Files | .bashrc
blockinfile:
@ -184,9 +202,9 @@
backup: yes
loop:
- "{{ user_root.home }}"
- "{{ user_ling.home }}"
- "{{ user_user.home }}"
ignore_errors: yes
when: user_root.home != "" and user_ling.home != ""
when: user_root.home != "" and user_user.home != ""
- name: General | Account Management | Users | Files | .zshrc
blockinfile:
@ -200,6 +218,6 @@
backup: yes
loop:
- "{{ user_root.home }}"
- "{{ user_ling.home }}"
- "{{ user_user.home }}"
ignore_errors: yes
when: user_root.home != "" and user_ling.home != ""
when: user_root.home != "" and user_user.home != ""

6
tasks/general/cron/ansible.yml
View File

@ -5,7 +5,7 @@
cron:
user: ansible
name: "Ansible Sync"
minute: "*/15"
minute: "*/30"
job: "sudo {{ ansible_pull_exec.stdout }} -o -U https://github.com/Hyperling/ansible.git --checkout {{ branch }}"
state: present
disabled: no
@ -33,7 +33,7 @@
user: ansible
name: "{{ item.name }}"
minute: "05,20,35,50"
job: "sudo scp {{ item.src }} {{ item.dest }}"
job: "ls {{ item.src }} 2>/dev/null 1>&2 && sudo scp {{ item.src }} {{ item.dest }} && sudo sh -c 'rm -rfv {{ item.src }}'"
state: present
disabled: no
loop:
@ -55,4 +55,4 @@
- { name: 'Heartbeat Report' }
- { name: 'Lynis Report' }
- { name: 'NMap Report' }
when: leet_drive_details.stat.exists
when: leet_drive_details.stat.exists

2
tasks/general/cron/root.yml
View File

@ -28,4 +28,4 @@
job: "As a wise man once said, I'm disabled."
state: absent
disabled: yes
when: leet_drive_details.stat.exists
when: leet_drive_details.stat.exists

5
tasks/general/finish.yml
View File

@ -2,6 +2,11 @@
# Tasks related to finishing ansible-pull
# EG: End timer, start conflicting jobs, etc
- name: General | Finish | Ansible Pull Report | Debug
debug:
var: leet_drive_details
when: leet_drive_details is defined
- name: General | Finish | Ansible Pull Report | Finish File
shell: "echo 'FINISH' >> {{ ansible_pull_report }}"
when: leet_drive_details.stat.exists

2
tasks/general/scripts/root.yml
View File

@ -25,7 +25,7 @@
path: "{{ user_root.home }}/bin/push.sh"
block: |
# 20210215 - Make life even easier!
ssh ling@leet "cd Code/Ansible/ansible-pull; git push"
ssh {{ user }}@leet "cd Code/Ansible/ansible-pull; git push"
marker: '{mark}'
marker_begin: "#!{{ bash_exec.stdout }}"
marker_end: "exit 0"

14
tasks/general/scripts/user.yml
View File

@ -3,7 +3,7 @@
- name: General | Scripts | User | scm.sh
blockinfile:
path: "{{ user_ling.home }}/bin/scm.sh"
path: "{{ user_user.home }}/bin/scm.sh"
block: |
# 20210211 - Make life easier!
push.sh
@ -16,16 +16,16 @@
- name: General | Scripts | User | scm.sh Permissions
file:
path: "{{ user_ling.home }}/bin/scm.sh"
path: "{{ user_user.home }}/bin/scm.sh"
mode: '0755'
- name: General | Scripts | User | push.sh
blockinfile:
path: "{{ user_ling.home }}/bin/push.sh"
path: "{{ user_user.home }}/bin/push.sh"
block: |
# 20210215 - Make life even easier!
ssh ling@leet "cd Code/Ansible/ansible-pull; git push"
ssh {{ user }}@leet "cd Code/Ansible/ansible-pull; git push"
marker: '{mark}'
marker_begin: "#!{{ bash_exec.stdout }}"
marker_end: "exit 0"
@ -34,13 +34,13 @@
- name: General | Scripts | User | push.sh Permissions
file:
path: "{{ user_ling.home }}/bin/push.sh"
path: "{{ user_user.home }}/bin/push.sh"
mode: '0755'
- name: General | Scripts | User | scm-dev.sh
blockinfile:
path: "{{ user_ling.home }}/bin/scm-dev.sh"
path: "{{ user_user.home }}/bin/scm-dev.sh"
block: |
# 20210713 - Make life easier for development!
@ -66,5 +66,5 @@
- name: General | Scripts | User | scm-dev.sh Permissions
file:
path: "{{ user_ling.home }}/bin/scm-dev.sh"
path: "{{ user_user.home }}/bin/scm-dev.sh"
mode: '0755'

12
tasks/general/software/metasploit.yml Normal file
View File

@ -0,0 +1,12 @@
---
# Install Metasploit Framework
- name: General | Software | Metasploit | Install
shell: "{{ item }}"
loop:
- curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
- chmod 755 msfinstall
- mkdir -p /usr/local/bin/
- mv ./msfinstall /usr/local/bin/msfinstall
- msfinstall
when: ansible_system in ("Linux", "Darwin")

6
tasks/general/software/services.yml
View File

@ -60,7 +60,7 @@
create: no
backup: yes
loop:
- { "key": '^[\#]?AllowUsers', "value": 'AllowUsers ling'}
- { "key": '^[\#]?AllowUsers', "value": 'AllowUsers {{ user }}'}
- { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin no'}
- { "key": '^[\#]?AllowTcpForwarding', "value": 'AllowTcpForwarding no'}
- { "key": '^[\#]?ClientAliveInterval', "value": 'ClientAliveInterval 60'}
@ -84,7 +84,7 @@
create: no
backup: yes
loop:
- { "key": '^[\#]?AllowUsers', "value": 'AllowUsers root ling'}
- { "key": '^[\#]?AllowUsers', "value": 'AllowUsers root {{ user }}'}
- { "key": '^[\#]?PermitRootLogin', "value": 'PermitRootLogin yes'}
- { "key": '^[\#]?MaxSessions', "value": 'MaxSessions 5'}
when: "'pve' in ansible_kernel"
@ -94,4 +94,4 @@
name: "{{ sshd }}"
pattern: "{{ sshd_pattern }}"
state: reloaded
enabled: yes
enabled: yes

2
tasks/general/start.yml
View File

@ -14,4 +14,4 @@
- name: General | Start | Ansible Pull Report | Add Date Entry
shell: "date >> {{ ansible_pull_report }}"
when: leet_drive_details.stat.exists
when: leet_drive_details.stat.exists

2
tasks/general/tests/lynis.yml
View File

@ -30,4 +30,4 @@
- name: General | Tests | Lynis | Make Report Readable
file:
path: "{{ lynis_report }}"
mode: '0777'
mode: '0777'

2
tasks/general/tests/nmap.yml
View File

@ -10,4 +10,4 @@
- name: General | Tests | nmap | Make Viewable
file:
path: "{{ nmap_report }}"
mode: '0777'
mode: '0777'

2
tasks/miner/acct_mgmt/users.yml
View File

@ -20,4 +20,4 @@
- render
append: yes
shell: "{{ bash_exec.stdout }}"
register: user_mfn
register: user_mfn

2
tasks/miner/cron/mfn.yml
View File

@ -20,4 +20,4 @@
job: "{{ item.command }}"
state: present
disabled: "{{ not(item.enabled) }}"
loop: "{{ miners }}"
loop: "{{ miners }}"

2
tasks/miner/debug.yml
View File

@ -9,4 +9,4 @@
- nanominer
- nanominer_cpu
- nanominer_gpu
- nanominer_gpus
- nanominer_gpus

4
tasks/miner/drivers/amdgpu.yml
View File

@ -161,7 +161,7 @@
## Step 3/3: Install AMD PRO Driver ##
- name: Miner | Driver | AMDGPU | Download Driver
shell: 'scp ling@leet:InstallFiles/Drivers/amdgpu-pro-20.45-1188099-ubuntu-20.04.tar.xz {{ root_home.stdout }}/Downloads/'
shell: 'scp {{ user }}@leet:InstallFiles/Drivers/amdgpu-pro-20.45-1188099-ubuntu-20.04.tar.xz {{ root_home.stdout }}/Downloads/'
when: amdgpu_install.failed or "1" == "1"
- name: Miner | Driver | AMDGPU | Extract Tarball
@ -205,4 +205,4 @@
- name: Miner | Driver | AMDGPU | Test Results
debug:
var: clinfo
ignore_errors: yes
ignore_errors: yes

8
tasks/miner/software/ethminer.yml
View File

@ -69,12 +69,12 @@
set_fact:
opencl_flag: "ON"
sys_opencl_flag: "OFF"
when: amdgpu is defined
when: amdgpu == true
- name: Miner | Software | Ethminer | Determine CUDA Flag
set_fact:
cuda_flag: "ON"
when: nvidia is defined
when: nvidia == true
- name: Miner | Software | Ethminer | Determine DBUS Flag
set_fact:
@ -110,6 +110,6 @@
- name: Miner | Software | Ethminer | Script
shell: "{{ item }}"
loop:
- "scp ling@leet:InstallFiles/Miners/ethminer/ethminer.sh {{ user_mfn.home }}/"
- "scp {{ user }}@leet:InstallFiles/Miners/ethminer/ethminer.sh {{ user_mfn.home }}/"
- "chmod 755 {{ user_mfn.home }}/ethminer.sh"
- "chown {{ user_mfn.user }} {{ user_mfn.home }}/ethminer.sh"
- "chown {{ user_mfn.user }} {{ user_mfn.home }}/ethminer.sh"

14
tasks/miner/software/nanominer.yml
View File

@ -52,7 +52,7 @@
loop:
- { "algorithm": "RandomX", "wallet": '{{ wallet_xmr }}', "state": "{{ (nanominer_cpu == 'xmr') | ternary('present', 'absent') }}"}
become_user: mfn
when: nanominer_cpu is defined
when: nanominer_cpu != false
- name: Miner | Software | Nanominer | Configuration | CPU | Add Pools
lineinfile:
@ -62,7 +62,7 @@
create: no
loop: "{{ cpu_pool }}"
become_user: mfn
when: nanominer_cpu is defined
when: nanominer_cpu != false
- name: Miner | Software | Nanominer | Configuration | CPU | End Section
lineinfile:
@ -71,7 +71,7 @@
state: present
create: no
become_user: mfn
when: nanominer_cpu is defined
when: nanominer_cpu != false
# Add Spacing #
@ -117,7 +117,7 @@
loop:
- { "algorithm": "Ethash", "wallet": '{{ wallet_eth }}', "state": "{{ (nanominer_gpu == 'eth') | ternary('present', 'absent') }}"}
become_user: mfn
when: nanominer_gpu is defined
when: nanominer_gpu != false
- name: Miner | Software | Nanominer | Configuration | GPU | Add Pools
lineinfile:
@ -127,7 +127,7 @@
create: no
loop: "{{ gpu_pool }}"
become_user: mfn
when: nanominer_gpu is defined
when: nanominer_gpu != false
- name: Miner | Software | Nanominer | Configuration | GPU | End Section
lineinfile:
@ -136,7 +136,7 @@
state: present
create: no
become_user: mfn
when: nanominer_gpu is defined
when: nanominer_gpu != false
@ -184,4 +184,4 @@
- name: Miner | Software | Nanominer | Reload
shell: "killall {{ nanominer_script }}; killall {{ nanominer_exec }}; killall nanominer.sh; killall nanominer"
become_user: mfn
ignore_errors: yes
ignore_errors: yes

2
tasks/miner/software/xmr-stak-cpu.yml
View File

@ -3,4 +3,4 @@
- name: Miner | Software | XMR-Stak-CPU
shell: exit 0
when: '"1" == "0"'
when: '"1" == "0"'

2
tasks/server/cron/certbot.yml
View File

@ -13,4 +13,4 @@
special_time: weekly
state: present
disabled: no
when: certbot is defined and certbot.stdout is defined
when: certbot == true and certbot.stdout is defined

2
tasks/server/software/gitlab.yml
View File

@ -10,7 +10,7 @@
- name: "Server | Software | GitLab | Checks | Host Variable [gitlab_url]={{ gitlab_url }}"
set_fact:
gitlab_url: "https://gitlab"
when: gitlab_url is not defined
when: gitlab_url is not defined or not gitlab
- name: Server | Software | GitLab | Checks | Play Variables
set_fact:

2
tasks/server/software/grafana.yml
View File

@ -37,4 +37,4 @@
- systemctl start grafana-server
## SMTP ##
# TODO allow server to send mail for invites, alerting, and password resets.
# TODO allow server to send mail for invites, alerting, and password resets.

2
tasks/server/software/influxdb1.yml
View File

@ -25,4 +25,4 @@
- influx -execute "create database main"
- influx -execute "show databases"
- influx -database main -execute "INSERT cpu,host=success,region=test value=1.00"
when: influxdb_check.failed
when: influxdb_check.failed

2
tasks/server/software/influxdb2.yml
View File

@ -22,4 +22,4 @@
- name: Server | InfluxDB2 | Config
shell: "{{ item }}"
loop:
- influx setup -f -u ling -p initpassword -o Hyperling -b main -r 0
- influx setup -f -u {{ user }} -p initpassword -o Hyperling -b main -r 0

2
tasks/server/software/onlyoffice.yml
View File

@ -93,4 +93,4 @@
- name: Server | OnlyOffice | HTTPS | Reload nginx
service:
name: nginx
status: reloaded
status: reloaded

1
tasks/workstation/freebsd/cron/ansible.yml
View File

@ -9,4 +9,3 @@
job: "sudo freebsd-update cron -t me@hyperling.com"
state: present
disabled: no

4
tasks/workstation/linux/cron/ansible.yml
View File

@ -16,7 +16,7 @@
user: ansible
name: "Update User Flatpaks"
special_time: hourly
job: "sudo -u ling flatpak update --noninteractive"
job: "sudo -u {{ user }} flatpak update --noninteractive"
state: present
disabled: no
when: flatpak_distro
when: flatpak_distro

25
tasks/workstation/linux/software/brave.yml
View File

@ -1,22 +1,37 @@
---
# Everything needed to install Brave with apt
# Everything needed to install Brave
- name: Workstation | Software | Brave | Pre-Reqs
- name: Workstation | Software | Brave | Pre-Reqs [apt]
package:
name:
- apt-transport-https
- curl
state: present
when: ansible_pkg_mgr == "apt"
- name: Workstation | Software | Brave | Add Repo
- name: Workstation | Software | Brave | Pre-Reqs [dnf]
package:
name:
- dnf-plugins-core
state: present
when: ansible_pkg_mgr == "dnf"
- name: Workstation | Software | Brave | Add Repo [apt]
shell: "{{ item }}"
loop:
- curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
- echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main" | tee /etc/apt/sources.list.d/brave-browser-release.list
- apt update
when: ansible_pkg_mgr == "apt"
- name: Workstation | Software | Brave | Add Repo [dnf]
shell: "{{ item }}"
loop:
- dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/x86_64/
- rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc
when: ansible_pkg_mgr == "dnf"
- name: Workstation | Software | Brave | Install
package:
name:
- brave-browser
state: present
state: present

2
tasks/workstation/linux/software/debs.yml
View File

@ -7,4 +7,4 @@
state: present
loop:
- atomicwallet
ignore_errors: yes
ignore_errors: yes

44
tasks/workstation/linux/software/flatpaks.yml
View File

@ -27,7 +27,7 @@
- name: Workstation | Linux | Flatpak Distro | Flatpak | Variables
set_fact:
flatpak_exec_dir: "{{ user_ling.home }}/bin"
flatpak_exec_dir: "{{ user_user.home }}/bin"
flatpak_exec: "flatpak run"
- name: Workstation | Linux | Flatpak Distro | Flatpak | Arrays
@ -83,7 +83,7 @@
state: present
create: yes
loop: "{{ flatpaks_generic }}"
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Linux | Flatpak Distro | Flatpak | Generic | Executable Permissions
file:
@ -101,7 +101,7 @@
state: present
loop: "{{ flatpaks_coding }}"
ignore_errors: yes
when: coding is defined
when: coding == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Executables
blockinfile:
@ -114,8 +114,8 @@
state: present
create: yes
loop: "{{ flatpaks_coding }}"
become_user: ling
when: coding is defined
become_user: "{{ user }}"
when: coding == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Executable Permissions
file:
@ -123,7 +123,7 @@
state: file
mode: '0755'
loop: "{{ flatpaks_coding }}"
when: coding is defined
when: coding == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Uninstall
flatpak:
@ -132,7 +132,7 @@
state: absent
loop: "{{ flatpaks_coding }}"
ignore_errors: yes
when: coding is not defined
when: not coding == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Coding | Remove Executables
file:
@ -140,7 +140,7 @@
state: absent
loop: "{{ flatpaks_coding }}"
ignore_errors: yes
when: coding is not defined
when: not coding == true
# Media Editors #
@ -151,7 +151,7 @@
state: present
loop: "{{ flatpaks_editing }}"
ignore_errors: yes
when: editing is defined
when: editing == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editors | Executables
blockinfile:
@ -164,8 +164,8 @@
state: present
create: yes
loop: "{{ flatpaks_editing }}"
become_user: ling
when: editing is defined
become_user: "{{ user }}"
when: editing == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editors | Executable Permissions
file:
@ -173,7 +173,7 @@
state: file
mode: '0755'
loop: "{{ flatpaks_editing }}"
when: editing is defined
when: editing == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editor Uninstalls
flatpak:
@ -182,7 +182,7 @@
state: absent
loop: "{{ flatpaks_editing }}"
ignore_errors: yes
when: editing is not defined
when: not editing == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Audio/Video Editors | Remove Executables
file:
@ -190,7 +190,7 @@
state: absent
loop: "{{ flatpaks_editing }}"
ignore_errors: yes
when: editing is not defined
when: not editing == true
# Gaming #
@ -201,7 +201,7 @@
state: present
loop: "{{ flatpaks_gaming }}"
ignore_errors: yes
when: gaming is defined
when: gaming == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Executables
blockinfile:
@ -214,8 +214,8 @@
state: present
create: yes
loop: "{{ flatpaks_gaming }}"
become_user: ling
when: gaming is defined
become_user: "{{ user }}"
when: gaming == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Executable Permissions
file:
@ -223,7 +223,7 @@
state: file
mode: '0755'
loop: "{{ flatpaks_gaming }}"
when: gaming is defined
when: gaming == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Uninstalls
flatpak:
@ -232,7 +232,7 @@
state: absent
loop: "{{ flatpaks_gaming }}"
ignore_errors: yes
when: gaming is not defined
when: not gaming == true
- name: Workstation | Linux | Flatpak Distro | Flatpak | Gaming | Remove Executables
file:
@ -240,7 +240,7 @@
state: absent
loop: "{{ flatpaks_gaming }}"
ignore_errors: yes
when: gaming is not defined
when: not gaming == true
# Removals #
@ -288,7 +288,7 @@
repo: ppa:lutris-team/lutris
update_cache: yes
state: present
when: ansible_distribution == "Ubuntu" and gaming is defined
when: ansible_distribution == "Ubuntu" and gaming == true
ignore_errors: yes
- name: Workstation | Linux | Flatpak Distro | Package Manager | Add Lutris (besides ARM)
@ -296,7 +296,7 @@
name:
- lutris
state: present
when: ansible_architecture != "aarch64" and gaming is defined
when: ansible_architecture != "aarch64" and gaming == true
ignore_errors: yes
- name: Workstation | Linux | Flatpak Distro | Package Manager | Remove Lutris (besides ARM)

8
tasks/workstation/mac-os/software/brew.yml
View File

@ -20,7 +20,7 @@
- firefox-esr
- visual-studio-code
status: present
when: coding is defined
when: coding == true
- name: Workstation | Mac OS | Software | Brew | Install Packages (Editing)
package:
@ -28,7 +28,7 @@
- audacity
- shotcut
status: present
when: editing is defined
when: editing == true
- name: Workstation | Mac OS | Software | Brew | Install Packages (Gaming)
package:
@ -36,14 +36,14 @@
- battle-net
- steam
status: present
when: gaming is defined
when: gaming == true
- name: Workstation | Mac OS | Software | Brew | Install Packages (Cycling)
package:
name:
- zwift
status: present
when: cycling is defined
when: cycling == true
#- name: Workstation | Mac OS | Software | Brew | Remove Packages
# package:

38
tasks/workstation/settings/gnome.yml
View File

@ -42,7 +42,7 @@
- name: Workstation | Account Management | GNOME | Dash To Dock | Check
shell: "cd ~/.local/share/gnome-shell/extensions/dash-to-dock@micxgx.gmail.com/"
become_user: ling
become_user: "{{ user }}"
register: dash_to_dock_exists
ignore_errors: yes
@ -56,7 +56,7 @@
clone: yes
force: no
version: master
become_user: ling
become_user: "{{ user }}"
when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
- name: Workstation | Account Management | GNOME | Dash To Dock | Install | Dependencies
@ -70,14 +70,14 @@
- name: Workstation | Account Management | GNOME | Dash To Dock | Install | Make
shell: "cd ~/TRASH/dash-to-dock/; {{ make }}; {{ make }} install"
become_user: ling
become_user: "{{ user }}"
when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
- name: Workstation | Account Management | GNOME | Dash To Dock | Read Enabled Extension Array
dconf:
key: /org/gnome/shell/enabled-extensions
state: read
become_user: ling
become_user: "{{ user }}"
register: gnome_enabled_extensions
when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
@ -134,7 +134,7 @@
key: /org/gnome/shell/enabled-extensions
value: "{{ gnome_enabled_extensions | replace(']', dash_to_dock_ext_name) }}"
state: present
become_user: ling
become_user: "{{ user }}"
when: ansible_distribution not in ("Ubuntu") and dash_to_dock_exists.failed
# Settings #
@ -144,21 +144,21 @@
key: /org/gnome/shell/extensions/dash-to-dock/dock-position
value: "'LEFT'"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Dash To Dock | Dock Fixed
dconf:
key: /org/gnome/shell/extensions/dash-to-dock/dock-fixed
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Dash To Dock | Icon Size
dconf:
key: /org/gnome/shell/extensions/dash-to-dock/dash-max-icon-size
value: "32"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Favorites (Linux)
dconf:
@ -170,7 +170,7 @@
'io.lbry.lbry-app.desktop',
'com.valvesoftware.Steam.desktop']"
state: present
become_user: ling
become_user: "{{ user }}"
when: ansible_system == "Linux"
- name: Workstation | Account Management | GNOME | Favorites (FreeBSD)
@ -180,7 +180,7 @@
'firefox.desktop', 'org.gnome.Evolution.desktop', 'org.mozilla.Thunderbird.desktop',
'code-oss.desktop', 'org.telegram.desktop.desktop']"
state: present
become_user: ling
become_user: "{{ user }}"
when: ansible_system == "FreeBSD"
@ -192,42 +192,42 @@
key: /org/gnome/desktop/interface/clock-show-date
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Interface - 24h Format
dconf:
key: /org/gnome/desktop/interface/clock-format
value: "'24h'"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Interface - Show Seconds
dconf:
key: /org/gnome/desktop/interface/clock-show-seconds
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Interface - Show Weekday
dconf:
key: /org/gnome/desktop/interface/clock-show-weekday
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Interface - 24h Format
dconf:
key: /org/gnome/desktop/interface/show-battery-percentage
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Interface - Show Week Date
dconf:
key: /org/gnome/desktop/calendar/show-weekdate
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"
# Never Prompt for Removal Media
@ -246,7 +246,7 @@
key: /org/gnome/desktop/wm/preferences/button-layout
value: "'appmenu:minimize,close'"
state: present
become_user: ling
become_user: "{{ user }}"
# Security
@ -255,14 +255,14 @@
key: /org/gnome/desktop/privacy/disable-camera
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"
- name: Workstation | Account Management | GNOME | Privacy - Microphone
dconf:
key: /org/gnome/desktop/privacy/disable-microphone
value: "true"
state: present
become_user: ling
become_user: "{{ user }}"

2
tasks/workstation/settings/nfs.yml
View File

@ -59,4 +59,4 @@
marker: "# {mark} MANAGED BY ANSIBLE | Media"
block: |
htpc:/mnt/hdd_unsafe/media {{ media_folder }} nfs {{ mount_options }} {{ mount_number }} {{ mount_number }}
backup: yes
backup: yes