me/env-ansible
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes & Enhancements #6

Merged
me merged 35 commits from dev into main 2025-10-14 15:01:21 -07:00
Conversation 0 Commits 35 Files Changed 5 +154 -40
5 changed files with 154 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
files/scripts/backup_system.sh Executable file
View File

@@ -0,0 +1,57 @@
#!/usr/bin/env bash
## Variables ##
if [[ -z "$HOSTNAME" ]]; then
echo "*** Pulling Hostname From Command ***"
export HOSTNAME="`hostname`"
fi
if [[ -z "$HOSTNAME" ]]; then
echo "*** Pulling Hostname From /etc/ File ***"
export HOSTNAME="`cat /etc/hostname`"
fi
EXTRA="$1"
TAG="System"
DATE="`date "+%Y%m%d-%H%M%S"`"
BACKUP_DIR="/srv/backup"
BASENAME="Backup"
BACKUP="$BACKUP_DIR/$BASENAME.$DATE.$HOSTNAME.$TAG.zip"
## Initialization ##
echo "*** Creating Backup Directory ***"
sudo mkdir -pv "$BACKUP_DIR"
sudo mkdir -pv "$BACKUP_DIR/TRASH"
sudo chmod -Rv 775 "$BACKUP_DIR"
sudo chown -Rv root:root "$BACKUP_DIR"
## Cleanup ##
echo "*** Removing Old Backups ***"
cd "$BACKUP_DIR"
sudo mv -v "$BASENAME"*"$TAG"* TRASH/
sudo rm -v TRASH/*
## Main
echo "*** Creating backup at '$BACKUP' ***"
sudo zip -rv "$BACKUP" \
/etc /var/{log,mail,spool} /srv /boot \
/usr/local/etc $EXTRA \
-x "/srv/backup/*"
status="$?"
if [[ "$status" != 0 ]]; then
echo "*** ERROR: Failed to create '$BACKUP', file may be incorrect. ***"
fi
if [[ -e "$BACKUP" ]]; then
ls -alh "$BACKUP"
echo "*** '$BACKUP' created successfully! ***"s
else
echo "*** '$BACKUP' not found! ***"
exit 1
fi
exit 0

4
tasks/general/acct_mgmt/provision_config.yml
View File

@@ -132,7 +132,7 @@
pentesting: "{{ lookup('ini', 'pentesting file={{gen_file}} default=false') | bool }}"
no_telem: "{{ lookup('ini', 'no_telem file={{gen_file}} default=false') | bool }}"
battery: "{{ lookup('ini', 'battery file={{gen_file}} default=false') | bool }}"
swap_block: "{{ lookup('ini', 'swap_block file={{gen_file}} default=false') | bool }}"
swap_block: "{{ lookup('ini', 'swap_block file={{gen_file}} default=false') }}"
swap_count: "{{ lookup('ini', 'swap_count file={{gen_file}} default=1') }}"
swap_file: "{{ lookup('ini', 'swap_file file={{gen_file}} default=/swapfile') }}"
sshd_port: "{{ lookup('ini', 'sshd_port file={{gen_file}} default=22') }}"
@@ -215,7 +215,7 @@
workstation: "{{ lookup('ini', 'enable file={{wrk_file}} default=false') | bool }}"
coding: "{{ lookup('ini', 'coding file={{wrk_file}} default=false') | bool }}"
sdks: "{{ lookup('ini', 'sdks file={{wrk_file}} default=false') | bool }}"
editing: "{{ lookup('ini', 'editing file={{wrk_file}} default=false') | bool }}"
editing: "{{ lookup('ini', 'editing file={{wrk_file}} default=false') }}"
gaming: "{{ lookup('ini', 'gaming file={{wrk_file}} default=false') | bool }}"
rdp: "{{ lookup('ini', 'rdp file={{wrk_file}} default=false') | bool }}"
vnc: "{{ lookup('ini', 'vnc file={{wrk_file}} default=false') | bool }}"

114
tasks/general/acct_mgmt/users.yml
View File

@@ -283,6 +283,19 @@
alias edit-config-wrk="sudo $EDITOR {{ wrk_file }}"
alias edit-config-mnr="sudo $EDITOR {{ mnr_file }}"
alias edit-config-srv="sudo $EDITOR {{ srv_file }}"
function_clean_trashed: |
function clean-trashed {
dir="$1"
if [[ -z $dir ]]; then
dir="./"
fi
cd $dir
dir="`pwd`"
echo "Removing '.trashed*' files in '$dir'."
find "$dir" -name ".trashed*" -exec du -h {} \; -delete | sort -h
}
alias trashed-cleanup="clean-trashed"
alias trashed-clean="clean-trashed"
function_check_trash: |
function check-trash() {
unset OPTIND
@@ -378,6 +391,9 @@
fi
echo "Checking but not cleaning /var/mail..."
du -ha /var/mail | sort -h
if [[ $clean == "Y" ]]; then
clean-trashed "~/"
fi
return 0
}
alias check_trash="check-trash"
@@ -386,18 +402,20 @@
alias_trash_clean: alias trash-clean='trash-check --clean'
alias_clean_dir: |
function clean-dir() {
sudo du -hs
clean_dir="`date '+%Y%m%d_%H%M%S'`_CLEANED"
trash_dir="$HOME/TRASH/$clean_dir"
curr_dir="`pwd`"
mkdir -pv "$trash_dir"
echo "$curr_dir is being cleaned at `date`." | tee "$trash_dir"/INFO.txt
mv -v ..?* .[!.]* * "$trash_dir"/ | tee -a "$trash_dir"/INFO.txt
sudo du -hs
}
function_clean: |
function clean() {
sudo du -hs
clean-dir
sudo du -hs
clean-trash
clean-code
clean-backups
}
function_flatpak_usage: |
function flatpak-usage() {
@@ -577,6 +595,11 @@
env-obtainium-hyperling dev
nodejs-website dev
ebook-health-protocol dev
ebook-freedom-flyer dev
ebook-technology-alternatives dev
ebook-narcissism-healing dev
ebook-forest-howto dev
ebook-template main
flutter-expense-tracker dev
flutter-social-traveler-app dev
nodejs-social-traveler-server dev
@@ -682,6 +705,9 @@
done
cd
echo -e "******* PDFs *******"
find ~/Code/ebook-* -name "*.pdf" -exec du -h {} \; -delete | sort -h
echo -e "\n*** Done! ***"
}
alias code-clean="clean-code"
@@ -742,6 +768,7 @@
alias_ls: |
alias l='ls'
alias ll='ls -alh'
alias lh='ls -ash'
alias_progs: |
alias progs='ps -ef'
alias_nethogs: |
@@ -750,47 +777,47 @@
alias ansible-facts='ansible localhost -m setup --connection=local'
function_now: |
function now {
date "+%Y%m%d_%H%M%S"
date "+%Y%m%d-%H%M%S"
}
function today {
date "+%Y%m%d"
}
function_backup: |
function backup {
EXTRA="$1"
BACKUP_DIR="/tmp"
BACKUP_FILENAME="Backup-`now`.zip"
BACKUP="$BACKUP_DIR/$BACKUP_FILENAME"
echo "*** Creating backup at '$BACKUP' ***"
sudo zip -rv "$BACKUP" \
/etc /var/{log,mail,spool} /srv /boot \
/usr/local/etc $EXTRA
status="$?"
if [[ "$status" != 0 ]]; then
echo "*** ERROR: Failed to create '$BACKUP', file may be incorrect. ***"
fi
if [[ -e "$BACKUP" ]]; then
ls -alh "$BACKUP"
echo "*** '$BACKUP' created successfully! ***"
else
echo "*** '$BACKUP' not found! ***"
fi
/usr/local/bin/backup_system.sh
}
alias backup-system="backup"
alias system-backup="backup"
alias check-backups="ll /srv/backup"
function clean-backup {
sh -c "rm -rfv /srv/backup/*"
}
alias clean-backups="clean-backup"
function_log: |
function log {
echo -e "$1"
}
function blog {
echo -e "\n\n$1\n\n"
}
function_debian_upgrade: |
function debian-upgrade {
typeset -l OLD NEW
OLD="$1"
NEW="$2"
echo "*** Upgrading from '$OLD' to '$NEW' ***"
blog "*** Upgrading from '$OLD' to '$NEW' ***"
if [[ -z "$OLD" || -z "$NEW" ]]; then
echo -n "ERROR: Please pass the OLD and NEW version names"
echo ", such as 'debian-upgrade bookworm trixie'. "
return 1
fi
echo "*** Running 'backup' before starting upgrade. ***"
blog "*** Running 'backup' before starting upgrade. ***"
sleep 1
backup
echo "*** Listing the current apt listing for '$OLD' ***"
blog "*** Listing the current apt listing for '$OLD' ***"
sudo grep "$OLD" /etc/apt/sources.list /etc/apt/sources.list.d/*
echo -en "\nAre these the entries you'd like changed to '$NEW'? (y/N) "
@@ -798,49 +825,62 @@
read confirm_change
if [[ -z "$confirm_change" || "$confirm_change" == "N"* ]]; then
echo "*** Aborting upgrade, change rejected. ***"
blog "*** Aborting upgrade, change rejected. ***"
return 1
fi
unset confirm_change
echo "*** Continuing with upgrade. ***"
blog "*** Continuing with upgrade. ***"
sudo sed -i "s/$OLD/$NEW/g" /etc/apt/sources.list
find /etc/apt/sources.list.d -name "*.list" \
find /etc/apt/sources.list.d/ -name "*.list" \
-exec sudo sed -i "s/$OLD/$NEW/g" {} \;
find /etc/apt/sources.list.d/ -name "*.sources" \
-exec sudo sed -i "s/$OLD/$NEW/g" {} \;
sudo grep $OLD /etc/apt/sources.list /etc/apt/sources.list.d/*
sudo grep $NEW /etc/apt/sources.list /etc/apt/sources.list.d/*
sudo grep $OLD /etc/apt/sources.list /etc/apt/sources.list.d/*.{list,sources}
sudo grep $NEW /etc/apt/sources.list /etc/apt/sources.list.d/*.{list,sources}
echo -en "\nDo the source files look correct? (y/N) "
typeset -u confirm_correct
read confirm_correct
if [[ -z "$confirm_correct" || "$confirm_correct" == "N"* ]]; then
echo "*** Aborting upgrade, confirmation rejected. ***"
blog "*** Aborting upgrade, confirmation rejected. ***"
return 1
fi
unset confirm_correct
echo "*** Starting the upgrade. ***"
blog "*** Starting the upgrade. ***"
sleep 1
sudo apt update
sudo apt upgrade --without-new-pkgs
echo "*** Upgrades complete, now add new packages. ***"
blog -e "*** Upgrades complete, now add new packages. ***"
sleep 1
sudo apt full-upgrade
echo "*** New packages complete, clean apt files. ***"
blog "*** New packages complete, clean apt files. ***"
sleep 1
sudo apt autoremove --purge
sudo apt clean
echo "*** All done! '$OLD' is now '$NEW'. Please reboot. ***"
blog "*** All done! '$OLD' is now '$NEW'. Please reboot. ***"
sleep 1
unset OLD NEW
}
alias upgrade-debian="debian-upgrade"
function_ebook_convert: |
# Regenerate all eBook projects at once.
function ebook-convert {
find ~/Code/ebook-* -name "*.pdf" -print -delete
find ~/Code/ebook-* -name convert.sh -print -exec bash "{}" \;
}
alias ebooks="ebook-convert"
alias convert="ebook-convert"
alias_sudo: |
# Allows for alias expansions when using sudo, such as doing "sudo ll".
alias sudo="sudo "
- name: General | Account Management | Users | Files | Common Variable
set_fact:
@@ -878,6 +918,7 @@
{{ metasploit_aliases }}
{{ show_config_aliases }}
{{ edit_config_aliases }}
{{ function_clean_trashed }}
{{ function_check_trash }}
{{ function_clean }}
{{ function_flatpak_usage }}
@@ -911,7 +952,10 @@
{{ alias_ansible_facts }}
{{ function_now }}
{{ function_backup }}
{{ function_log }}
{{ function_debian_upgrade }}
{{ function_ebook_convert }}
{{ alias_sudo }}
- name: General | Account Management | Users | Files | .bashrc
blockinfile:

12
tasks/general/cron/ansible.yml
View File

@@ -1,12 +1,18 @@
---
# Jobs relating to the ansible user.
# $RANDOM is anywhere from 0 to 32767 in BASH. This would be up to ~9 hours.
# $RANDOM / 10 can be up to about 3200 seconds, or ~55 minutes.
# $RANDOM / 20 can be up to about 1600 seconds, or ~27 minutes.
# $RANDOM / 50 can be up to about 650 seconds, or ~11 minutes.
# $RANDOM / 100 can be up to about 320 seconds, or ~5 minutes.
# This prevents multiple systems from hitting it at the exact same time.
- name: General | Cron | Ansible | Create Subscriber Job
cron:
user: ansible
name: "Ansible Sync"
minute: "*/30"
job: "sudo {{ ansible_pull_exec.stdout }} -v -o -U {{ git_repo_http }} --checkout {{ branch }}"
job: "sleep $(( $RANDOM / 20 )); sudo {{ ansible_pull_exec.stdout }} -v -o -U {{ git_repo_http }} --checkout {{ branch }}"
state: present
disabled: "{{ 'yes' if no_telem else 'no' }}"
@@ -14,7 +20,7 @@
cron:
user: ansible
name: "Ansible Weekly Forced Sync"
special_time: weekly
job: "{{ user_root.home }}/bin/scm.sh"
special_time: daily
job: "sleep $(( $RANDOM / 1 )); sudo {{ ansible_pull_exec.stdout }} -v -U {{ git_repo_http }} --checkout {{ branch }}"
state: present
disabled: "{{ 'yes' if no_telem else 'no' }}"

7
tasks/general/software/services.yml
View File

@@ -120,3 +120,10 @@
until: ntp_status.state == "started"
retries: 3
delay: 3
## Timezone ##
# TBD/TODO:
# Add a field to general.yml config file which gets applied via timedatectl and /etc/localtime.
# Example of what to do to file:
# /etc/localtime -> ../usr/share/zoneinfo/America/Phoenix