WIP: backups with borg and borgmatic #39
33 changed files with 718 additions and 200 deletions
.ansible-lint
group_vars/all
host_vars
hostslog.ymlmonitoring.ymlroles
nginx
tasks
templates/nginx
conf.d
sites-available
snippets
router/templates
rsyslog_collector
defaults
files
handlers
meta
tasks
templates
rsyslog_common
defaults
handlers
tasks
templates
|
@ -2,7 +2,7 @@ skip_list:
|
||||||
- no-changed-when
|
- no-changed-when
|
||||||
- load-failure
|
- load-failure
|
||||||
- document-start
|
- document-start
|
||||||
- package-latest
|
- meta-no-info
|
||||||
|
|
||||||
warn_list:
|
warn_list:
|
||||||
- experimental # all rules tagged as experimental
|
- experimental # all rules tagged as experimental
|
||||||
|
|
|
@ -24,6 +24,10 @@ postgresql_etherpad_passwd: "{{ vault_postgresql_etherpad_passwd }}"
|
||||||
postgresql_kanboard_passwd: "{{ vault_postgresql_kanboard_passwd }}"
|
postgresql_kanboard_passwd: "{{ vault_postgresql_kanboard_passwd }}"
|
||||||
postgresql_grafana_passwd: "{{ vault_postgresql_grafana_passwd }}"
|
postgresql_grafana_passwd: "{{ vault_postgresql_grafana_passwd }}"
|
||||||
postgresql_cas_passwd: "{{ vault_postgresql_cas_passwd }}"
|
postgresql_cas_passwd: "{{ vault_postgresql_cas_passwd }}"
|
||||||
|
postgresql_drone_passwd: "{{ vault_postgresql_drone_passwd }}"
|
||||||
|
postgresql_wikijs_passwd: "{{ vault_postgresql_wikijs_passwd }}"
|
||||||
|
postgresql_nextcloud_passwd: "{{ vault_postgresql_nextcloud_passwd }}"
|
||||||
|
postgresql_gitea_passwd: "{{ vault_postgresql_gitea_passwd }}"
|
||||||
|
|
||||||
# Scripts will tell users to go there to manage their account
|
# Scripts will tell users to go there to manage their account
|
||||||
intranet_url: 'https://re2o.auro.re/'
|
intranet_url: 'https://re2o.auro.re/'
|
||||||
|
@ -106,3 +110,9 @@ borg_backup_exclude:
|
||||||
borg_encryption_passphrase: "{{ vault_borg_encryption_passphrase }}"
|
borg_encryption_passphrase: "{{ vault_borg_encryption_passphrase }}"
|
||||||
|
|
||||||
borg_server_host: 10.128.0.4
|
borg_server_host: 10.128.0.4
|
||||||
|
|
||||||
|
rsyslog_outputs:
|
||||||
|
- proto: relp
|
||||||
|
address: 10.128.0.241
|
||||||
|
port: 20514
|
||||||
|
...
|
||||||
|
|
|
@ -1,198 +1,214 @@
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
61316365323636633262643334366235633639633534646562353032666465623937323833313561
|
65616665376265626636393064366339323264623332323337356438303634646361303530626536
|
||||||
6562643130663731633435646332663365373265346635330a636266303066356364353431393335
|
3134646236376339666130646239626333613866383766340a366465373839396639623862636436
|
||||||
32626431366331363338363237663862643464393937626530366332353735393866366261643465
|
34336636326332313432373162356565383034636366613135353037393138363466626235353261
|
||||||
3036623765663362630a343439363134386236633236336332626366386461373965646266366234
|
3634306231333966350a323133396531626565633433313761343433303964316163643365626466
|
||||||
65643765343438666339633738303566343661636134386234363261306335393061316463373332
|
33376632643937663566386232383161303231326638356338383536626531313462636335363166
|
||||||
32613630393438626337623837373765633462336430663561663433363531373635323365353566
|
35353138393964663063613331386138363030356661633530313533336138336362306437626431
|
||||||
62333233313835366534386263623132656363623235393030363833633665646633633336373435
|
34613435383966333538363734613730386634393532653334393766613262666434303666386537
|
||||||
31636437393137323236383330653265336333663635373331383866393435316139393635633339
|
33643832653236313136663761613762656334356466623431383533333563646135336332653331
|
||||||
61303532626537346336653836636263373466386139343734623937383161333561656164363439
|
39376164363533383930343237366638323534313232613561643936336330353538393136363534
|
||||||
37316631393536373635633239393939356437383633646261663536306239646434646664323866
|
37353536623939386131616638623531326531316233656166383133316564393731623366353833
|
||||||
35363332306538613265326239613931343934303733653133613639363431666434343832616534
|
31613665303532303435363765373434653933386530356433653061623232306239316534653432
|
||||||
34396362373939376335323766323633333733393638626231336432653262326437346562643761
|
39663938616637363238623866303439326666303438613066633866343830303762633233383333
|
||||||
33646563393632326166363463373734653730316439343931376566363065643034393365653937
|
65343332616430613839636337396238666466666430383031663939323239383964346638356538
|
||||||
64393231363839336531326164623637383162646163326532643132393163343365393135393930
|
65306463303330373534316438313932373864626637643935636165333835373662623737613734
|
||||||
65323464643465616235323165373465373061386135323530323761373339653433666162383139
|
36373161386163383831623065323763356637313364303539343763653065383139623934353638
|
||||||
66636136663563613964643761623332333438373632313832653430323066663537343165373061
|
34373861616336363861363761373665393465623566393063346331333861326337316363373163
|
||||||
66303864653563386536383430343130383863623238643232636134633964346234353134333031
|
31633532373966656565303866653335356364633063313665386335663863363163303431656165
|
||||||
37626232656130343863636463663839373161626364356561343434623832396632653064313963
|
61383231666665346162303635393838323462613261663231356531393734313063663231616632
|
||||||
30616534633634313933616334333537646663636433636664313730303733636162323233353162
|
30343562366433363261393037313062343036663139353431663330383263316662313330636534
|
||||||
35373264316166636535313735643135356437353332333864393733653462393438653262656662
|
33666463393664636538376365663236613536633663303738373034303136383939343039316463
|
||||||
64616565326533353530366536636330643733346264306536616636313935633863613032666336
|
38363731333435333262383064336138303062303836303735383836626430623738666635383637
|
||||||
66393338383933323166383862653635326666316132363036383032626162653664643761613562
|
36383031646561666632666339616632366138383534393030636331323037643564306363303864
|
||||||
36653066623332336632306637376437623164643965353733633765646266323833376364346435
|
33616664326330656136336538363539623039376565383166373032386230383639326564343961
|
||||||
32613538336465386465643035633630663164663136666638333333636638333164626237633439
|
39623465366233383663383433313862306366643432623130363037643033366531376163386165
|
||||||
32636363393362656230356261363839326266376233326237393634393433323739386365363266
|
64353930386233373561356530316361623665643531333632376266633963303262346532386633
|
||||||
61363132313137646630306131653339313833633739366338333335613966653563306331363361
|
34363938363765313366636134636364616634393061333264386262386261383236386532393966
|
||||||
39396538373831356436313837343066363033306563636364303738666163336561323661303331
|
62636332633165383730313365366631303032336339346138633231656165646465643039666362
|
||||||
34633739343465326335613039663537616233626138343730643234346333633666643264313566
|
39613534303532616433646433616261653739663366383566303862386666383363633736306265
|
||||||
38616462336265373737356561376336626366323238313239333535376561303033376536643966
|
65366434626634303033616463316433393730373034666463663333376633656630386665313934
|
||||||
33333563336262396433336433346132616530363039663164306234363231626331396662663334
|
36626337383236373533623830326134303931653434613837353961366130623665623336303139
|
||||||
31306337313533343239383063613532303132346638663035656635393733323031303937356636
|
63616265366638393064666166343331306530313438636436306264636235643762623564653762
|
||||||
37633334356235613437656439626261613565643538613435616364633334663034666464386565
|
65393435363564366266313161393631383836396464643635643361363034306134626535353962
|
||||||
61666530633138346664313237393130326263623032346539646365656631316334353530633864
|
63393530313438383731303666343637303666616239643334626338393864613635363330653062
|
||||||
65306264343233373564333064396461623232363462306531653838333164623239633134363464
|
31633030396362666237376232306238373065616238373934313930313234353433343934363432
|
||||||
61346134643937333261633632396638396532363035373130333237303137353364653564643438
|
35633636656632643964613431333435656532653038373532343036396136636231306436326639
|
||||||
62373736303636386637616436396565313364663738356466313032316264373563373531626561
|
36376163656634303236396133316664613164346661346565646165303664343735303233636164
|
||||||
65653530376234393730623035643936393839313065626661386263346630373362323965653865
|
38393361343561396336333133326539346561373038613265666364316630363339336565363265
|
||||||
66333964363738326334346338613934613435616331633566653965346138346135313837343861
|
64623063346232346334373836346231353336383931393663373365623838363036643232646330
|
||||||
39376462343933383063336463396632616338646666313737666437346330346663313066306565
|
37303139663166653634336363626637653666363965383632313261326530323236303961343130
|
||||||
65303130346664633336353964633234643233623764336563393537663035316162303437313061
|
39663165303836346339396536313137636462373765313135303039386339393536303263636236
|
||||||
33383131333433613361663335623439313436306339616333346364353064306238353535636639
|
31333534323735373638666364643365396435636533393932643432386630663135633839643965
|
||||||
35353861383738633330656565616335393432373632323630633038303261306263623466643633
|
34346330613132383533393361626333636132616130343266663835616534616562646366366336
|
||||||
65623530373137363866356335363238306439303237353764346561353339373562336266363435
|
38303337373331303638643639373535633331626461613862333562653165306663383237383232
|
||||||
65323663343565393832646539633037396463336136313066646132333731613561633763616337
|
63303331656338656137613162323138333661613834323863633265353737633666336263636665
|
||||||
31393265636232313333393263653230333861363463653365643661363235653838646538373065
|
34393064376330306562343930376337626165373562336630633938316566343434633734613561
|
||||||
34303337663837376231613636626361616337613433626435626238376139656234393633343636
|
39363531383233666437373562663136303834373838383632356436643638306633346434316362
|
||||||
35653537653030613431363436663632356638333036333866336163313832396338303037373561
|
63343866353465396630383562306230313737353863363935346630396134393534353531336535
|
||||||
35323363346139653933316461333965363764376535653638386361396337323132663366376533
|
65366634316230323264366662376133303565626638386635616536303839363737663538353338
|
||||||
63666232303038323363303532623833666539356662383236323639313239666633396163346564
|
32663834636363643034316165303164386430346663303635323634373465326537653132366230
|
||||||
30646438333034663630326539336631323237623936366265366138653564376264336439643262
|
38376361663233646266663330363236666533663861303365303833386465653864656331616162
|
||||||
38386630376237323231376165666166386231313164333266353062613162643065643164346531
|
66323532643737643539643562653335393338643465373838656464326133393466373733343666
|
||||||
31393665333035356230396562366231636265353166653162666464363130623962396164636537
|
39613331376538653934333061376664323230636663336232333361623136393836326262336430
|
||||||
30333538633639326237383832393737616432643339363239353534363438396137356465393138
|
35663930336364376230356537326131323666343330373030303765653763323863646631666136
|
||||||
37396562623532356131653135366237643734663130326235373236393866663664363337323138
|
39623936613762393332303763633966303966396536643236366534316539386136633230653433
|
||||||
34646663623430613832623535343535393865653834633733326635373432666565653332343835
|
65326634323062313730376338343965386338306135393033333161313839333963326134653966
|
||||||
62386631353530323832336566373464323034313161353161633832623263343061643930643638
|
66363365353537323034646537633331336134363239393465363164663263313731666335613032
|
||||||
38393462633063316232303037653834616264323230313732346161363833396632653732346136
|
61643935623064626464346430353033313961326164316637316664363830633137383335316538
|
||||||
38613835656361616462386435653766383638626132306663363864633264616235333365643430
|
31646133623461386434343663313365376230613237326638393464366166633635646462373939
|
||||||
39373863636435323162393031663038643961653330643434316163336635376437373133646638
|
31313165616363373730393733386430633065373433643935643931363965393465323264626164
|
||||||
33393964626437306235616237323439386338333566366631343966656436393438343563613835
|
65333431653566646134646132626136323035323362313163303463393962306631363631383762
|
||||||
33386464336330613233613561356437313163323632323166656231376561323763643439653430
|
63333063633934646332303966666461663566626564643365643232323732646530303834616639
|
||||||
32353634656263303336306233353231636665353734363964343361306337386464373539353235
|
63616262316563636636613764663563323063636331643063373364373337373664333763363464
|
||||||
66393365643537633563613963663363303830323564656132333534383630663330366436646431
|
31346663633866653162323934613532333934626430643138613631653164343063323661383163
|
||||||
64653634386662393564383135623036373039653132393664326163303164353065376566613966
|
36633431376463633334306663346462373166613531663064323238323434346439333936313539
|
||||||
36343230393532303435656137333530363666303130333136333263383131663966323136363666
|
33663036663234383934626661383530666566323336363734336265346235306135336136373864
|
||||||
36323034333532366161613334643835613737393932393939626234653134623138343630373436
|
38313937663965313334653139366430316632313737303639636135666235346633303861626430
|
||||||
37303731626565303636373637396434303434346239336432663836303931356536396630323630
|
34373938633331666535336438313363626636363063333265316166333562616330306563386335
|
||||||
32623631326137363137336663363963326665623632343235323534366235393134663566633638
|
65366366303937376438313032643037656465393263393434623462336430393031373433383532
|
||||||
36373063616531663762323665366361363131396264643362346665383634393465396562313034
|
66306566656437323530323434353835303838303438613662356134343136386630643338333264
|
||||||
35366634366364353534613139303239643738666665306435333435383465626437386539393432
|
30643039666535323736303930336239643730653233393538633235303938623161343437616136
|
||||||
61396463386130313266633263386130306634376464653431646463653933663066633636643465
|
34613337383363656536373737396261396261653264373362313161336435623466366436623736
|
||||||
37303435663437653562626464313134356339333462336265313535633636366636346232323736
|
61313036383063656537613664633437336361396665633764313062396265323766346363656666
|
||||||
66386638653231363338656361366237353236376131383563616265633637663464643030356331
|
33656130316566633563353631323438343532393563633830343131653063353331323961343636
|
||||||
65663835376265336537303364363033373535666137653130333636643666376164613137626637
|
38303239623566383337356262313538316437323731326166366139623665356132313563663734
|
||||||
30663466363164623535616639646364346462646162383632356137333232393061336238373131
|
34353065316164653638313439303466316338373565323435343937653632313566656438333730
|
||||||
66383533343631613536326532366639353439373537353732373161636631653838623632313131
|
62373366333335643366356438613838373963363436393035623132626233373830666238323464
|
||||||
35646666346534666332303662636635353739373462306337323664313036643237333437313936
|
33356562636261376665303262633665323830316137306239626432323330393863613938313539
|
||||||
33376635643333306538623663306337643965373534316235316561363432646234376132313236
|
33613438373733633661633266353866373834346436383466636138393736373638623136383639
|
||||||
38373736636266343934643730356236363532656236386631343063616130653464616361633033
|
38653439373230353265386166663562633738306232623132636333396135343461646136303162
|
||||||
34643565643532626561633664396335326633666563646436333937666537613961633061393832
|
36343636306333376564383764356433653362356434306566376565653736643035336433303331
|
||||||
66333265326435316264646530323433616266356630643930623961643134353561636534633533
|
38626430623633313336653261633834323430323137313533333166393966633662613561643863
|
||||||
65376461346161623831326633616163336331326134643162323438616534613564356531653434
|
65653237636436373739633862313132623831623461643063626361613231343537383032346132
|
||||||
37316634383366376430333162623162636261343466613431613537636637303166336166376563
|
61383666383134373061643061656164366364656231343434616366356237303766343166613964
|
||||||
61366235333635376264343561336666396535333162633236653462623933303933636530636234
|
36376461366663373132326263616263316663323039626239643361363362306334633636343064
|
||||||
61316533373032656166303338353031363533353033346339383665333964396635326633373132
|
66336533626562323832633133653366323137616431363566653561363233626239616262346165
|
||||||
39626235366363633333663366386630623233393030396635633339306535616130323465373030
|
30396466343639383665383762383765396638323761653065356339343965373032306136656563
|
||||||
62646231613763636538396236343434376131616461313436663034333266353934373730643262
|
31353033343532366339303331366235373838356461353564623430333561356635336163396466
|
||||||
61386339313364313237306336356330373265663131343066333435353038653036306435383764
|
38303438616436383763386538663039393862636333326630623862353732343961646162653933
|
||||||
65636262353038646639383930323037346531663065666563663063353563363138613231613561
|
35633235303530353065343434333164306530363839663366316235333563663965623934383634
|
||||||
64366139303835306432383066356661363836356231323561636364313734366331393737333136
|
32616565313232373964366163323739353261643432363037666639663664303861383033333462
|
||||||
63633039336634326239303635353765303530343336386231633933653265616161646434653264
|
62333633626263393637306365353565306636386238613365643537353861396638643065616236
|
||||||
61333865333735336438313434323237326133613734336430623230663834343033353064633533
|
63303130313363326333663936393765623930636331663837313835333862386263303238386262
|
||||||
31303064623930376532333034363763383061633831633564343065373730303132336331363965
|
35646634663163626438356536346239666461306462326465613339653337326436356638323666
|
||||||
34353661313239346263383364373663356435353837303164633330393965336466393632396663
|
38323134396238356532623430303233303636343839646436363066383136366436336536313766
|
||||||
36316563313632333335666462303434633731616232343430383362363131613762393165343432
|
33373036386465623737316435643430616434336165343832386539666432613365326664663237
|
||||||
36303033656139353261646561663930656163393639343938633365623161393638653330373736
|
61333166343438313131643635663234626638623139363034616263643463356632353932383938
|
||||||
37313437626465663132343534663835303237396632336561306437366330356538666565653231
|
61383065343231633438313536633039633266323563336531663365326137666535623230336134
|
||||||
38306638396139376239376164316661363863383137316363626662346264333731316136353832
|
34646661306330653631383364343566386531313137643233376265313461396538373132396366
|
||||||
63666339303631313564396262653532653361636136626633346132333263366532396430323039
|
66313534386133346161373130386465383139623831653566326434646461306139633433656630
|
||||||
64313761633265616364353264336235653235373437346139303239333839306334356436616330
|
64623164376361643062396139356464373131653036336361623738633263326234323066613661
|
||||||
34666231343565383136373938326434653565656133366130663739633266646339613838343233
|
31306163313038333861656561356661383436363534366665376362346661616464633065303234
|
||||||
62303438663461653434643132633033393061303839356163646666363036656365353330613831
|
61616237313434363761636261313630356639346434636465363763373235636462666338343265
|
||||||
65613834353935393739646636633338316338313963643438643663613763393031363165376362
|
34336533376366393339306539633238326663656266373965623962623665626238366333393734
|
||||||
63336132626362653334666161366565333563616363653565383035666234323839363634303631
|
35646636666535396638373134376362396134353035633566336461326630323833383734356161
|
||||||
33666533376263396661616366313166376162653966613039356463303564626332353734326666
|
62303738343662633735663965336435316630653061373736643035653337363635623863626533
|
||||||
31356430383032343463363830613337386164343233373162356162326238303633303266646338
|
31306138313839616131363333326439323863646236613133333163366162353063366561656631
|
||||||
39376332663066343438343265633139653633663036356134323034613939663836383931626138
|
61623237633361313631633463666335643935616237656134383830393335346632393066666632
|
||||||
38393164356538616431373934333966356330346365383635343333393737336666326639336631
|
66326331653430633165333037316637303138353133313264643739626566353137383265366264
|
||||||
31323232356162333639643236393433666263353461633163323965663532363339653466313134
|
38353533613863353431656665363339633265303463613565636565393836616230643932333762
|
||||||
61383838356237386165363230353563376130366437323237323935343135656562383131653365
|
30353437343761613236613431626536666538336234633166623961363031393235333763626337
|
||||||
38643630616132366332616461333332343339363934313966326263306238356166313764636365
|
65623836323538653730393533383532626133393834376339303630626533613339623666353839
|
||||||
36643439643939373533393462626231353964323062376433666538376637636637313431393932
|
38613833623830306566333035336334383733626166363239356661353965353462393161626136
|
||||||
66656461343839386365303064366337393330366465653062353631333265313934343937643239
|
37336365663863393963653031303337396666653262646635386337386230383562616564653966
|
||||||
61303063303164316538333330353366373263656365376338626531343761393961313762613737
|
34393831383639303562333464653736363330326462623266383038326561323264363563623065
|
||||||
39323036343564646538616330643235623233666236393739336138353364623630303538336437
|
30366435323961613463653636666238383632353661326439346430356134643866396531623039
|
||||||
37353033356634333636323561373166626130646562663331383331346439636131626238373334
|
66663830353732663863393762626161383263663535333032393632633066363836363939316262
|
||||||
35663962386661303866366535366633373839323761326237663633373235663539323335653938
|
30373766363637316535306538663235656137363038623936366465376636393535326437666334
|
||||||
64366530333964363233343161326138626231383737393130616466376463323263376365303762
|
30343437326362613761376262383265313264383464383838386638653065313864353235373331
|
||||||
35303639393739666561613632353431333037663837366162303266363837613335396362343631
|
62646366333137643931316339373761663731633766363864633461323266663236613231656633
|
||||||
39643464306338663832346336333663353738326462353038306631653165363835373864363662
|
31653132343031313535656538663761386266333062646439383633336531373764366166646165
|
||||||
35626339623237653863643938653538646338333730633431623836636430376663653163303238
|
64343439386336323064616634363532353166353531633332663862653666666436666564356236
|
||||||
35613965623439343162333132386536643062363137306435666631643261653038366131383935
|
62336332386437626137386566333934393636313933386466366361633232383135383066396263
|
||||||
38613634666330383432656539353734336630396333393166636661636239333864643636336166
|
38343432323865353563363631646535633438336333316134343862336666313063643036343030
|
||||||
34633335336534366430326139653030313735626265363030626337393935313866393539643863
|
62323732353837363639376564336665343265663861303938316564646533346337306338623834
|
||||||
33666130306638373535333562656130626561633062666236613764376330306164396165346432
|
62353835356465303561346337366136396664383961663237653538643462666263346638303363
|
||||||
36346638363530303262373334313339633930613363663265313937663866316634303132373936
|
32663564646333343532613861336132396530363435626361643631666464383364613336383235
|
||||||
62633062363934666264633264646334616339666331363637386538633338636131333030633534
|
64376465636238633765643234383665663637643565626663393066316538313563393730396430
|
||||||
37666239336366316330363961363566666361333436383866636161383030396130653965376636
|
36373037396264613731353337393261346534343263393862376464393565353739393431313031
|
||||||
65373337323937353331613861366532313565353963333235616264376563323535346162336537
|
61353538366439383234316530326338633635393035376335616565356630633964636639386639
|
||||||
61303032643566346231306232313062666164326133633536643963343063336438333761333932
|
63356666653532666435663564393332303234363465636335316365326365633837663930616233
|
||||||
36636531653230616234386662333938353230376337656366386634306336343464366536643263
|
61343933653232666138613866666430376439396336353535663361373564366262646663653064
|
||||||
37613234613730393039613835653935356363313363353837383236616335653031303231383963
|
31353765386537656235613131323763323930363162646236333632663034356237363231313762
|
||||||
34396637346661363737646536666133376562636364663832346362356535333162663863386635
|
39323531333264633863363163333735303636333866653763373362626265396265356564303533
|
||||||
35633836313232356235373938303761376539633437623235383062356536373533646630643238
|
31353838333337393732633961353561633430616637396235626261316433366339356239633737
|
||||||
39303165643266333364323331363737636135656236633538383266376663366539363834343361
|
64333636333566366237303231376337613539643464663839303438313532323538643738353866
|
||||||
37323230623038663765623665313264656336646239613165326231333830646637353262636332
|
38626438303033346531323836336534633732366631376665663139323037643161326561363635
|
||||||
33643764303730663733353338623035343566386663666364653861656531653838643535653163
|
34633237623537383466316433336636633962623161383338656339613139346138366132356365
|
||||||
33666639306165656231343830653735376661383762616532396632316135343239353165663534
|
38363635666234616532316333366236396639353130646234626533666133363661393038353666
|
||||||
65633165343132653466613034343231363339396431326334363163633232313236626237663230
|
38343530306239336234336463646332356462356565376463383930656561336239656465303231
|
||||||
64363635646463313061643365633935393038353761656461346262303366663363343163333532
|
61323862333032343137636434643335383163366236373161653366323139646235306564366637
|
||||||
66393665386561323236663537636563636163613138666464633038313763376236636235386430
|
31313335653732633434616436636532343037383861393931323734383964346437323933653737
|
||||||
35333837666663633035646630306666343631373366323564633436366562326135346563376437
|
39653633663064313933346231663931343163336166663662333239376634386135666230393563
|
||||||
32363533396231613833653431326536663966363430396165663662623236353638383830366336
|
34333163653935326532386662613537373161366331633737653539333161386461313638643034
|
||||||
66343836303930353866363036326461356166626131306230653665343564376364343662393261
|
62323433613164383731653534383662316364333538613433623731376234306538663766363965
|
||||||
66383765656462386537633162613066616164353933336533396232373531346130363531663632
|
64376432396361636637343539393330323835353562393031616137393363333662346332616464
|
||||||
36336236343233333530353732646334626239616164616237373262383230663034656462323336
|
32643939663266343038356539656464393665616637383030666630333834613830373837353738
|
||||||
34666634636562636661383131373339633866376563383131326633353438333935643030666133
|
63623130653465386135636635643637366231383765623761356563323061343337306538633031
|
||||||
64343661613737316563623461316430373930343137366132376235303963323339353738393331
|
66326334303539623763636362333534643431383962383539613964613531353135663463373266
|
||||||
63353335363938613763383561616337623838363336303263346366666532653635643164353865
|
37326632353861383964653430656362613930353138316566636531323733396231333361663431
|
||||||
39623666356663643238373337663564636230303766626135653534303637626261663930393932
|
66356561366634323832386437336130363535343132333436633761613731636561333039303965
|
||||||
37656637323737326362623634356135316336383930373662633139343866353131373461656237
|
33336532373764303334636461646464633866656237656466613361613131613764366339336233
|
||||||
38613133643338373966343131656538343564363530636162623739356165666265393664356131
|
38373030366130613230636365303233393631383538316230366434326137336532333261383236
|
||||||
64376365336263316138323737383337326437643934396439383439333139386432646662623764
|
64306566343964643139646438633066373261363836386361316138326362373361316536313839
|
||||||
62346235323865346339333565653363313231366138306365616161346335326633386234663937
|
39663633343330663732376230633638626533313963306266363030306431373862633833383532
|
||||||
66626132353665663734373038303030646331613534623733646565353730356233613035626238
|
36623537323532373934613962613761376463363337393666316434383463393962616366643436
|
||||||
35396366646161623037656437393264613962306639393466333039666637663930613939393464
|
34326566383666663266396165613534633464656130313535383963353238623238393837353133
|
||||||
39316166323632316238653733626137343161343438396665653530633466666161626363396233
|
66396661626432313038306362393136616166653962363736363133303835376264616561343736
|
||||||
34633732326166313066333536353834386634396233333061323963623234626230646565313762
|
38383531623733326366333661393262613335653238343235353165613339393535316236353563
|
||||||
37653763333434663734646439383934653666346134343832353134353162623931373139626565
|
35663037363935386634623064636333666135313361303837383630643665613863373931626333
|
||||||
36623063653265333863643265646338376332653139376661343334376663646438643563316432
|
36316138343462636538616466383461353639613264653831323133333262626633353766643730
|
||||||
34346432333530643761643832626530353637303933656434306436343830633939663261333762
|
63343030346536616539643832303238393539383362316137386437356630313438623436636465
|
||||||
35643037626533633039363835303432303532626234656437346338623862353131616661326561
|
35363436306634393764386362616330373732623763373064306562326337303732333733346563
|
||||||
63636134663634303935613831306432343334376362656162366139393564613338653730353039
|
63356231343165653132303338343439356666646162626639646232623064656664336133666233
|
||||||
39343832653764326663613531623337346133316566666161336532313430323030323266383437
|
36366366363264663033333731616632383438306435663631613439646466663434343931663764
|
||||||
65346332346633373231336335363637663638643363653937333038613233653863346137626266
|
36623437666232323336366363333333373430303639393761636463333135626263333066656538
|
||||||
62653131623263353262633230333064663736626138306266383964633533616530653861623639
|
35336431623265663239633963353162366534653864653530623935333137653761336234616133
|
||||||
35633966623632396639343937633061626436366561303161656364303162323033633536323234
|
61643231663033393535383063373236363538623964303435623337383031653734626461623731
|
||||||
34653830636363306236616135343538363337643362636430656637646236386233326634633033
|
62306565303739313166333663363935313362356362303066323635626638393961623138613864
|
||||||
38623234653739326434336234626630613931363934383864666634396261396130663139623764
|
33626639323030306461326232323533303131633630316437333936653839626362613162336339
|
||||||
36313734376564393665636664373231336263653933303663326534366462363732303331326431
|
39373339626238303238306363356166646532623963306438626264633961643765353434326430
|
||||||
66666437666265313637633439653939356238613761373130396232313961643037363131643931
|
65323535306566343537663632393866616239613732643032356536303764636564306630383633
|
||||||
63633261323863663335373166343137656662323736386133383634336232353334303634386163
|
66356435616237376538653539366636636533343866623764316462346634313032333636336166
|
||||||
61616439626364623331323563633436323163396532323439323933383666396630343437353332
|
33653231336563363336303936336430343137653966393530393532323563393532353434393231
|
||||||
32366133653837396361623432356539656337633333303134626466646364393439353439666363
|
38363662613161626132383266323635613165363433623630653663396562366262376634326561
|
||||||
32613664303633356362313764373666393562646437636562363131376333323265666431643465
|
66643938306331663931386535613833613761313639363038616139343966656662646432663666
|
||||||
65353765376661386461633561613934396331336363396563373932623938306463653239333236
|
63393931373738373536323631353361303366343330306565393230396332373932303866333034
|
||||||
64326339323866333031303239313634666564353436316232633335623066376236646164316363
|
35396166633165396537373638333730303730613939386663653032626439363466623231303833
|
||||||
38633435306238653234613665323134316562323463643762643032346232636361633430663933
|
63656338656435383531613734643165613536353632393535646132303034663731396631303237
|
||||||
35343332656139663230316234613436643133326665396138343461383264393061653333663737
|
64376438373538373362353766303963396639333732373266343766363534623063313138616139
|
||||||
30613633306439653964386233353533646436303063366639326465656436643431393232356536
|
39313861616164613031643934313466633431316230656566306666303932343039383737313565
|
||||||
63353539613430376264386130643232616638306362373761623537643562663166356230653630
|
66356432336663636631666138636538323238303462376330663134616365323536386234666136
|
||||||
66333136323836653038623562313832626662616432323434383463336366653562313666323565
|
63343032383465616437303437303063626335363333656166393435343834646634313435653334
|
||||||
38306335343034653661383137326163643536353631646432396336656264353637636562316630
|
31366465386238393133366364376565656639656230343161613463393931373537383564353866
|
||||||
66396238396536663736386130666461613664373062623833386433356363313934313963383932
|
31313464663531353165646665356231646634383936643539323866376631666635306334616261
|
||||||
66323835303264393132613161323465636635393038356166353563376634343531623930663361
|
39383439366664386563386133356239333133306162316466343334356631616434623363643535
|
||||||
37396464666265393430363965363631396332326166623130613734333531363535626433396561
|
38663530623063373965666530386632323034623139303839323761376638313362316430373536
|
||||||
66366234366435316333323831653739306131633430363564313730303735653738386463346261
|
62363265366537656237633663663266653631653561303965616635363438613061306362336430
|
||||||
62656330303335396236393632343038316266323439646433663631303564356237353138326230
|
35303461633864353735613330643966396230623434323132383135623331353361633134663931
|
||||||
38623865656666626438383533366639343366376463343133353963646136323438313236303935
|
33333435306635313161613930656239346461623931356430306364383937353433626435633832
|
||||||
34646635343734633436356265633663363133636632393138316334396265303363636432373264
|
64613437313464323861356338643733386432656233663333343437353935353236346561366330
|
||||||
36646534323333616133343830623139343963626662656134396336643737313039363631626237
|
32396465333833343732653136616636663736623434363765336161383433356333313135313161
|
||||||
36643637326136316461303136373739646665646337663339613364633534346234636534393736
|
33373764393265376661613465626638353636653931323162363031666262653062626166363930
|
||||||
32313430653632373461613965326363356163396261613366336136616661393132633761333535
|
39613931356338393862356537343332633635366134343037633765616634316362386335663036
|
||||||
33616662633766356239343262343263623138656137633061656234353938303936653634376635
|
32666465323538356634346662383238326663333339623430376362306534363630613337626266
|
||||||
31323063353232313339323966313061623764613361316139336261616666376630356437313465
|
39326361383435623939663163373835626439643433393839383730666166666266356361633731
|
||||||
37376263666534306662356230633262363039303631633435613234313633356436653539303564
|
33336265613531303735613239316362633538386632343836613230326164366165616265313066
|
||||||
3131
|
35333361303734343231633930346230343432336665383337343431303031383962383366343433
|
||||||
|
63363364333063313632663765633831323863626636643862323865356461366361343563383363
|
||||||
|
33363138646366333136326435376537356338633862623531393938373935353466376266333664
|
||||||
|
31633039336362363237376266346561313064393537613832663130653761636633313562316639
|
||||||
|
36633432613931663263343861396632356136366636336163343333323661666663346365626564
|
||||||
|
32613734313663656164333537653666313033643262336239623961313638306634343666303938
|
||||||
|
62636236353161336134323430336263643038623663353965656236623465326661633766363765
|
||||||
|
35653261663335313065383266383833393431333631653363363030363939323862653262316637
|
||||||
|
62343263623037643435656165623466326365363532353434643665336632383765313937666535
|
||||||
|
37663463303034363531386465383663393534393435633764646138313962373735393334326137
|
||||||
|
61653933316435363130333335323066386532626234626534396435383061333961363739333033
|
||||||
|
61656364313963303132623837666463633066653165316633373166373161343539393132316665
|
||||||
|
37646631643265333665643262666265653339616530336361333333633939373839323264613761
|
||||||
|
62643363356431306330313761623933623333383066333364663439646536333232386232623238
|
||||||
|
62356533636632396330353430653935613965383938643638353632643865323832623737646635
|
||||||
|
32636464343734653765396236653538343463373662653733326362363330643038663766383861
|
||||||
|
34316338343064393862353364613037393231343366633364393535343965623431
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
---
|
---
|
||||||
postgresql:
|
postgresql:
|
||||||
version: 13
|
version: 13
|
||||||
|
|
||||||
postgresql_hosts:
|
postgresql_hosts:
|
||||||
- database: nextcloud
|
- database: nextcloud
|
||||||
user: nextcloud
|
user: nextcloud
|
||||||
|
@ -18,11 +19,13 @@ postgresql_hosts:
|
||||||
user: drone
|
user: drone
|
||||||
net: 10.128.0.64/32
|
net: 10.128.0.64/32
|
||||||
method: md5
|
method: md5
|
||||||
|
|
||||||
postgresql_databases:
|
postgresql_databases:
|
||||||
- nextcloud
|
- nextcloud
|
||||||
- gitea
|
- gitea
|
||||||
- wikijs
|
- wikijs
|
||||||
- drone
|
- drone
|
||||||
|
|
||||||
postgresql_users:
|
postgresql_users:
|
||||||
- name: nextcloud
|
- name: nextcloud
|
||||||
database: nextcloud
|
database: nextcloud
|
||||||
|
|
|
@ -3,4 +3,12 @@ borg_backup_directories:
|
||||||
- "/etc/"
|
- "/etc/"
|
||||||
- "/var/"
|
- "/var/"
|
||||||
borg_backup_exclude: []
|
borg_backup_exclude: []
|
||||||
|
|
||||||
|
rsyslog_collector_base_dir: /var/log/remote
|
||||||
|
rsyslog_inputs:
|
||||||
|
- proto: relp
|
||||||
|
port: 20514
|
||||||
|
- proto: udp
|
||||||
|
port: 514
|
||||||
|
rsyslog_outputs: []
|
||||||
...
|
...
|
||||||
|
|
1
hosts
1
hosts
|
@ -35,6 +35,7 @@ wikijs.adm.auro.re
|
||||||
prometheus-aurore.adm.auro.re
|
prometheus-aurore.adm.auro.re
|
||||||
portail.adm.auro.re
|
portail.adm.auro.re
|
||||||
jitsi-aurore.adm.auro.re
|
jitsi-aurore.adm.auro.re
|
||||||
|
log.adm.auro.re
|
||||||
bdd.adm.auro.re
|
bdd.adm.auro.re
|
||||||
bdd-ovh.adm.auro.re
|
bdd-ovh.adm.auro.re
|
||||||
litl.adm.auro.re
|
litl.adm.auro.re
|
||||||
|
|
5
log.yml
Normal file
5
log.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- hosts: log.adm.auro.re
|
||||||
|
roles:
|
||||||
|
- rsyslog_collector
|
||||||
|
...
|
|
@ -100,6 +100,19 @@
|
||||||
prometheus_switch_snmp_targets:
|
prometheus_switch_snmp_targets:
|
||||||
- targets:
|
- targets:
|
||||||
- yggdrasil.switch.auro.re
|
- yggdrasil.switch.auro.re
|
||||||
|
- sw-pn-serveurs.switch.auro.re
|
||||||
|
- sw-ec-serveurs.switch.auro.re
|
||||||
|
- sw-gk-serveurs.switch.auro.re
|
||||||
|
- sw-fl-serveurs.switch.auro.re
|
||||||
|
- sw-ff-uplink.switch.auro.re
|
||||||
|
- sw-fl-core.switch.auro.re
|
||||||
|
- sw-fd-vcore.switch.auro.re
|
||||||
|
- sw-fl-vcore.switch.auro.re
|
||||||
|
- sw-ff-vcore.switch.auro.re
|
||||||
|
- sw-pn-core.switch.auro.re
|
||||||
|
- sw-ec-core.switch.auro.re
|
||||||
|
- sw-gk-core.switch.auro.re
|
||||||
|
- sw-r3-core.switch.auro.re
|
||||||
roles:
|
roles:
|
||||||
- prometheus
|
- prometheus
|
||||||
|
|
||||||
|
|
|
@ -29,6 +29,24 @@
|
||||||
dest: "/etc/nginx/sites-enabled/default"
|
dest: "/etc/nginx/sites-enabled/default"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
||||||
|
- name: Add 'extended' log format
|
||||||
|
template:
|
||||||
|
src: nginx/conf.d/extended_log.conf.j2
|
||||||
|
dest: /etc/nginx/conf.d/extended_log.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
notify: Reload nginx
|
||||||
|
|
||||||
|
- name: Add syslog snippet
|
||||||
|
template:
|
||||||
|
src: nginx/snippets/syslog.conf.j2
|
||||||
|
dest: /etc/nginx/snippets/syslog.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
notify: Reload nginx
|
||||||
|
|
||||||
- name: Copy reverse proxy sites
|
- name: Copy reverse proxy sites
|
||||||
when: reverseproxy is defined
|
when: reverseproxy is defined
|
||||||
template:
|
template:
|
||||||
|
|
7
roles/nginx/templates/nginx/conf.d/extended_log.conf.j2
Normal file
7
roles/nginx/templates/nginx/conf.d/extended_log.conf.j2
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
log_format extended
|
||||||
|
'$remote_addr - $http_x_forwarded_for - $connection '
|
||||||
|
'$remote_user [$time_local] '
|
||||||
|
'"$host" "$request" $status $body_bytes_sent '
|
||||||
|
'"$http_referer" "$http_user_agent"';
|
|
@ -8,6 +8,8 @@ server {
|
||||||
|
|
||||||
server_name {{ site.from }};
|
server_name {{ site.from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -25,6 +27,8 @@ server {
|
||||||
|
|
||||||
server_name {{ site.from }};
|
server_name {{ site.from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# SSL common conf
|
# SSL common conf
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||||
|
|
||||||
|
@ -52,6 +56,8 @@ server {
|
||||||
|
|
||||||
server_name {{ from }};
|
server_name {{ from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -72,6 +78,8 @@ server {
|
||||||
# SSL common conf
|
# SSL common conf
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
|
@ -15,6 +15,8 @@ server {
|
||||||
|
|
||||||
server_name {{ site.from }};
|
server_name {{ site.from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -39,6 +41,8 @@ server {
|
||||||
access_log /var/log/nginx/{{ site.from }}.log;
|
access_log /var/log/nginx/{{ site.from }}.log;
|
||||||
error_log /var/log/nginx/{{ site.from }}_error.log;
|
error_log /var/log/nginx/{{ site.from }}_error.log;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# Keep the TCP connection open a bit for faster browsing
|
# Keep the TCP connection open a bit for faster browsing
|
||||||
keepalive_timeout 70;
|
keepalive_timeout 70;
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,8 @@ server {
|
||||||
|
|
||||||
server_name {{ from }};
|
server_name {{ from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -29,6 +31,8 @@ server {
|
||||||
|
|
||||||
server_name {{ from }};
|
server_name {{ from }};
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# SSL common conf
|
# SSL common conf
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,9 @@ upstream {{ upstream.name }} {
|
||||||
server {
|
server {
|
||||||
listen 443 default_server ssl;
|
listen 443 default_server ssl;
|
||||||
listen [::]:443 default_server ssl;
|
listen [::]:443 default_server ssl;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
include "/etc/nginx/snippets/options-ssl.{{ nginx.default_ssl_domain }}.conf";
|
include "/etc/nginx/snippets/options-ssl.{{ nginx.default_ssl_domain }}.conf";
|
||||||
|
|
||||||
server_name _;
|
server_name _;
|
||||||
|
@ -50,6 +53,8 @@ server {
|
||||||
# Hide Nginx version
|
# Hide Nginx version
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
{% for realip in nginx.real_ip_from %}
|
{% for realip in nginx.real_ip_from %}
|
||||||
set_real_ip_from {{ realip }};
|
set_real_ip_from {{ realip }};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
@ -71,6 +76,8 @@ server {
|
||||||
server_name {{ server.server_name|join(" ") }};
|
server_name {{ server.server_name|join(" ") }};
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# Hide Nginx version
|
# Hide Nginx version
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
|
|
||||||
|
@ -98,6 +105,8 @@ server {
|
||||||
server_name {{ server.server_name|join(" ") }};
|
server_name {{ server.server_name|join(" ") }};
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
|
|
||||||
|
include "/etc/nginx/snippets/syslog.conf";
|
||||||
|
|
||||||
# Hide Nginx version
|
# Hide Nginx version
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
|
|
||||||
|
|
4
roles/nginx/templates/nginx/snippets/syslog.conf.j2
Normal file
4
roles/nginx/templates/nginx/snippets/syslog.conf.j2
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
access_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=info extended;
|
||||||
|
error_log syslog:server=unix:/dev/log,tag=nginx,nohostname,severity=error;
|
|
@ -36,6 +36,11 @@ interfaces_type = {
|
||||||
'admin' : ['ens18']
|
'admin' : ['ens18']
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log_ignore_v4 = [
|
||||||
|
'224.0.0.0/24',
|
||||||
|
'224.0.1.0/24',
|
||||||
|
'239.0.0.0/8',
|
||||||
|
]
|
||||||
|
|
||||||
### Specify nat settings: name, interfaces with range, and global range for nat
|
### Specify nat settings: name, interfaces with range, and global range for nat
|
||||||
### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST
|
### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST
|
||||||
|
|
|
@ -33,6 +33,12 @@ interfaces_type = {
|
||||||
'admin' : ['ens19', 'ens20', 'ens23']
|
'admin' : ['ens19', 'ens20', 'ens23']
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log_ignore_v4 = [
|
||||||
|
'224.0.0.0/24',
|
||||||
|
'224.0.1.0/24',
|
||||||
|
'239.0.0.0/8',
|
||||||
|
]
|
||||||
|
|
||||||
### Specify nat settings: name, interfaces with range, and global range for nat
|
### Specify nat settings: name, interfaces with range, and global range for nat
|
||||||
### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST
|
### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST
|
||||||
### contain /16 range
|
### contain /16 range
|
||||||
|
|
|
@ -11,7 +11,6 @@ iface lo inet loopback
|
||||||
auto ens18
|
auto ens18
|
||||||
iface ens18 inet static
|
iface ens18 inet static
|
||||||
address 10.129.0.{{ router_hard_ip_suffix }}/16
|
address 10.129.0.{{ router_hard_ip_suffix }}/16
|
||||||
gateway 10.129.0.1
|
|
||||||
|
|
||||||
iface ens18 inet6 static
|
iface ens18 inet6 static
|
||||||
address 2a09:6840:129::0:{{ router_hard_ip_suffix }}/64
|
address 2a09:6840:129::0:{{ router_hard_ip_suffix }}/64
|
||||||
|
|
|
@ -39,7 +39,7 @@ vrrp_instance VI_ROUT_aurore_IPv4 {
|
||||||
10.129.0.254/16 brd 10.129.255.255 dev ens18 scope global
|
10.129.0.254/16 brd 10.129.255.255 dev ens18 scope global
|
||||||
|
|
||||||
# Adm
|
# Adm
|
||||||
10.128.0.254/16 brd 10.129.255.255 dev ens19 scope global
|
10.128.0.254/16 brd 10.128.255.255 dev ens19 scope global
|
||||||
|
|
||||||
# Switches
|
# Switches
|
||||||
10.130.0.254/16 brd 10.130.255.255 dev ens20 scope global
|
10.130.0.254/16 brd 10.130.255.255 dev ens20 scope global
|
||||||
|
|
7
roles/rsyslog_collector/defaults/main.yml
Normal file
7
roles/rsyslog_collector/defaults/main.yml
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
rsyslog_inputs: []
|
||||||
|
rsyslog_collector_base_dir: /var/log/remote
|
||||||
|
rsyslog_collector_rotate_path: /usr/local/sbin/rotate_remote_logs
|
||||||
|
rsyslog_collector_keep_days: 0
|
||||||
|
rsyslog_collector_compress_days: 1
|
||||||
|
...
|
60
roles/rsyslog_collector/files/rotate
Normal file
60
roles/rsyslog_collector/files/rotate
Normal file
|
@ -0,0 +1,60 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
import argparse
|
||||||
|
import datetime
|
||||||
|
import logging
|
||||||
|
import pathlib
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
|
||||||
|
def compress_file(filename):
|
||||||
|
subprocess.run(["xz", "-z", str(filename)])
|
||||||
|
|
||||||
|
|
||||||
|
def find_files(base_dir, extension, days):
|
||||||
|
delta = datetime.timedelta(days=days)
|
||||||
|
now = datetime.datetime.now()
|
||||||
|
for path in base_dir.rglob(f"*{extension}"):
|
||||||
|
stem = path.name.removesuffix(extension)
|
||||||
|
date = datetime.datetime.fromisoformat(stem)
|
||||||
|
if date < now - delta:
|
||||||
|
yield path
|
||||||
|
|
||||||
|
|
||||||
|
def compress_logs(base_dir, days):
|
||||||
|
for path in find_files(base_dir, ".log", days):
|
||||||
|
logging.info("Compressing log file %s", str(path))
|
||||||
|
compress_file(path)
|
||||||
|
|
||||||
|
|
||||||
|
def remove_logs(base_dir, days):
|
||||||
|
for path in find_files(base_dir, ".log.xz", days):
|
||||||
|
logging.info("Removing log file %s", str(path))
|
||||||
|
path.unlink()
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser()
|
||||||
|
parser.add_argument("--compress-days", type=int, default=0)
|
||||||
|
parser.add_argument("--keep-days", type=int, default=0)
|
||||||
|
parser.add_argument(
|
||||||
|
"--base-dir", type=pathlib.Path, default="/var/log/remote"
|
||||||
|
)
|
||||||
|
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
logging.basicConfig(format="%(levelname)s %(message)s", level=logging.INFO)
|
||||||
|
|
||||||
|
logging.info("Rotate script started")
|
||||||
|
|
||||||
|
if args.compress_days > 0:
|
||||||
|
compress_logs(args.base_dir, args.compress_days)
|
||||||
|
|
||||||
|
if args.keep_days > 0:
|
||||||
|
remove_logs(args.base_dir, args.keep_days)
|
||||||
|
|
||||||
|
logging.info("Rotate script done")
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
main()
|
5
roles/rsyslog_collector/handlers/main.yml
Normal file
5
roles/rsyslog_collector/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- name: Run systemd daemon-reload
|
||||||
|
systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
...
|
4
roles/rsyslog_collector/meta/main.yml
Normal file
4
roles/rsyslog_collector/meta/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
dependencies:
|
||||||
|
- role: rsyslog_common
|
||||||
|
...
|
57
roles/rsyslog_collector/tasks/main.yml
Normal file
57
roles/rsyslog_collector/tasks/main.yml
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
---
|
||||||
|
- name: Install rsyslog-relp if needed
|
||||||
|
become: true
|
||||||
|
apt:
|
||||||
|
name: rsyslog-relp
|
||||||
|
state: present
|
||||||
|
when: "rsyslog_inputs | selectattr('proto', 'eq', 'relp') | list"
|
||||||
|
|
||||||
|
- name: Ensure log storage directory exists
|
||||||
|
become: true
|
||||||
|
file:
|
||||||
|
path: "{{ rsyslog_collector_base_dir }}"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: adm
|
||||||
|
mode: u=rwx,g=rwx,o=
|
||||||
|
|
||||||
|
- name: Deploy rsyslog input configuration file
|
||||||
|
become: true
|
||||||
|
template:
|
||||||
|
src: 20-collector.conf.j2
|
||||||
|
dest: /etc/rsyslog.d/20-collector.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rw,g=r,o=r
|
||||||
|
notify: Restart rsyslog
|
||||||
|
|
||||||
|
- name: Install rotate script
|
||||||
|
become: true
|
||||||
|
copy:
|
||||||
|
src: rotate
|
||||||
|
dest: "{{ rsyslog_collector_rotate_path }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rwx,g=rx,o=
|
||||||
|
|
||||||
|
- name: Install timer and service for rotate script
|
||||||
|
become: true
|
||||||
|
template:
|
||||||
|
src: "{{ item }}.j2"
|
||||||
|
dest: "/etc/systemd/system/{{ item }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rw,g=r,o=
|
||||||
|
loop:
|
||||||
|
- rotate-remote-logs.timer
|
||||||
|
- rotate-remote-logs.service
|
||||||
|
notify:
|
||||||
|
- Run systemd daemon-reload
|
||||||
|
|
||||||
|
- name: Enable timer for log rotation
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: rotate-remote-logs.timer
|
||||||
|
enabled: true
|
||||||
|
state: started
|
||||||
|
...
|
54
roles/rsyslog_collector/templates/20-collector.conf.j2
Normal file
54
roles/rsyslog_collector/templates/20-collector.conf.j2
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
module(load="mmrm1stspace")
|
||||||
|
|
||||||
|
{%
|
||||||
|
set input_modules = {
|
||||||
|
"relp": "imrelp",
|
||||||
|
"udp": "imudp",
|
||||||
|
}
|
||||||
|
%}
|
||||||
|
|
||||||
|
{%
|
||||||
|
for module in rsyslog_inputs
|
||||||
|
| map(attribute="proto")
|
||||||
|
| map("extract", input_modules)
|
||||||
|
| list
|
||||||
|
| unique
|
||||||
|
%}
|
||||||
|
module(load="{{ module }}")
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
template(name="incomingFilename" type="list") {
|
||||||
|
constant(value="{{ rsyslog_collector_base_dir }}/")
|
||||||
|
property(name="fromhost-ip")
|
||||||
|
constant(value="/")
|
||||||
|
property(name="timegenerated" dateFormat="year")
|
||||||
|
constant(value="-")
|
||||||
|
property(name="timegenerated" dateFormat="month")
|
||||||
|
constant(value="-")
|
||||||
|
property(name="timegenerated" dateFormat="day")
|
||||||
|
constant(value=".log")
|
||||||
|
}
|
||||||
|
|
||||||
|
ruleset(name="handleIncomingLogs") {
|
||||||
|
action(type="mmrm1stspace")
|
||||||
|
action(
|
||||||
|
type="omfile"
|
||||||
|
dynaFile="incomingFilename"
|
||||||
|
template="RSYSLOG_FileFormat"
|
||||||
|
)
|
||||||
|
call sendLogsToRemote
|
||||||
|
}
|
||||||
|
|
||||||
|
# TODO: add protocol-specific options (eg. TLS)
|
||||||
|
{% for input in rsyslog_inputs %}
|
||||||
|
input(
|
||||||
|
type="{{ input_modules[input.proto] }}"
|
||||||
|
{% if "address" in input %}
|
||||||
|
address="{{ input.address }}"
|
||||||
|
{% endif %}
|
||||||
|
port="{{ input.port }}"
|
||||||
|
ruleset="handleIncomingLogs"
|
||||||
|
)
|
||||||
|
{% endfor %}
|
|
@ -0,0 +1,12 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
[Unit]
|
||||||
|
Description=Rotate remote logs
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=root
|
||||||
|
Type=simple
|
||||||
|
ExecStart={{ rsyslog_collector_rotate_path }} \
|
||||||
|
--base-dir {{ rsyslog_collector_base_dir }} \
|
||||||
|
--compress-days {{ rsyslog_collector_compress_days }} \
|
||||||
|
--keep-days {{ rsyslog_collector_keep_days }}
|
|
@ -0,0 +1,10 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
[Unit]
|
||||||
|
Description=Rotate remote logs daily
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=daily
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=timers.target
|
3
roles/rsyslog_common/defaults/main.yml
Normal file
3
roles/rsyslog_common/defaults/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
rsyslog_outputs: []
|
||||||
|
...
|
13
roles/rsyslog_common/handlers/main.yml
Normal file
13
roles/rsyslog_common/handlers/main.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
- name: Restart rsyslog
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: rsyslog.service
|
||||||
|
state: restarted
|
||||||
|
|
||||||
|
- name: Restart systemd-journald
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: systemd-journald.service
|
||||||
|
state: restarted
|
||||||
|
...
|
60
roles/rsyslog_common/tasks/main.yml
Normal file
60
roles/rsyslog_common/tasks/main.yml
Normal file
|
@ -0,0 +1,60 @@
|
||||||
|
---
|
||||||
|
- name: Install rsyslog
|
||||||
|
become: true
|
||||||
|
apt:
|
||||||
|
name: rsyslog
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Install rsyslog modules if needed
|
||||||
|
become: true
|
||||||
|
apt:
|
||||||
|
name: "{{ item.pkg }}"
|
||||||
|
state: present
|
||||||
|
when: "rsyslog_outputs | selectattr('proto', 'eq', item.proto) | list"
|
||||||
|
loop:
|
||||||
|
- proto: relp
|
||||||
|
pkg: rsyslog-relp
|
||||||
|
- proto: redis
|
||||||
|
pkg: rsyslog-hiredis
|
||||||
|
|
||||||
|
- name: Deploy main rsyslog configuration
|
||||||
|
become: true
|
||||||
|
template:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ item.dest }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rw,g=r,o=r
|
||||||
|
loop:
|
||||||
|
- src: rsyslog.conf.j2
|
||||||
|
dest: /etc/rsyslog.conf
|
||||||
|
- src: 10-common.conf.j2
|
||||||
|
dest: /etc/rsyslog.d/10-common.conf
|
||||||
|
notify: Restart rsyslog
|
||||||
|
|
||||||
|
- name: Create journald.conf.d directory
|
||||||
|
become: true
|
||||||
|
file:
|
||||||
|
path: /etc/systemd/journald.conf.d
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
|
||||||
|
- name: Deploy journald configuration
|
||||||
|
become: true
|
||||||
|
template:
|
||||||
|
src: forward-syslog.conf.j2
|
||||||
|
dest: /etc/systemd/journald.conf.d/forward-syslog.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rw,g=r,o=r
|
||||||
|
notify: Restart systemd-journald
|
||||||
|
|
||||||
|
- name: Enable rsyslog service
|
||||||
|
become: true
|
||||||
|
systemd:
|
||||||
|
name: rsyslog.service
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
...
|
105
roles/rsyslog_common/templates/10-common.conf.j2
Normal file
105
roles/rsyslog_common/templates/10-common.conf.j2
Normal file
|
@ -0,0 +1,105 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
{%
|
||||||
|
set output_modules = {
|
||||||
|
"relp": "omrelp",
|
||||||
|
"udp": "omfwd",
|
||||||
|
"redis": "omhiredis",
|
||||||
|
}
|
||||||
|
%}
|
||||||
|
|
||||||
|
global(
|
||||||
|
workDirectory="/var/spool/rsyslog"
|
||||||
|
preserveFQDN="on"
|
||||||
|
)
|
||||||
|
|
||||||
|
# Collect logs via /dev/log
|
||||||
|
module(load="imuxsock")
|
||||||
|
|
||||||
|
# Collect kernel logs
|
||||||
|
module(load="imklog")
|
||||||
|
|
||||||
|
# Parse CEE logs
|
||||||
|
module(load="mmjsonparse")
|
||||||
|
|
||||||
|
# Load export modules
|
||||||
|
{%
|
||||||
|
for module in rsyslog_outputs
|
||||||
|
| map(attribute="proto")
|
||||||
|
| map("extract", output_modules)
|
||||||
|
| list
|
||||||
|
| unique
|
||||||
|
%}
|
||||||
|
module(load="{{ module }}")
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
|
# FIXME: Attention, il faut voir si rsyslog arrive bien à créer
|
||||||
|
# les fichiers de plusieurs jours (le 1er est peut-être crée avant
|
||||||
|
# de dropper les privilèges, mais les suivants je pense pas).
|
||||||
|
module(
|
||||||
|
load="builtin:omfile"
|
||||||
|
# Format avec dates précises
|
||||||
|
template="RSYSLOG_FileFormat"
|
||||||
|
fileOwner="root"
|
||||||
|
fileGroup="adm"
|
||||||
|
fileCreateMode="0640"
|
||||||
|
dirCreateMode="0755"
|
||||||
|
)
|
||||||
|
|
||||||
|
template(name="templateJson" type="list" option.jsonf="on") {
|
||||||
|
property(outname="hostname_reported" name="hostname" format="jsonf")
|
||||||
|
property(outname="src" name="fromhost-ip" format="jsonf")
|
||||||
|
property(outname="facility" name="syslogfacility-text" format="jsonf")
|
||||||
|
property(outname="program" name="programname" format="jsonf")
|
||||||
|
property(outname="pid" name="procid" format="jsonf")
|
||||||
|
property(outname="time_reported" name="timereported" format="jsonf"
|
||||||
|
dateformat="rfc3339")
|
||||||
|
property(outname="time_generated" name="timegenerated" format="jsonf"
|
||||||
|
dateformat="rfc3339")
|
||||||
|
property(outname="message" name="msg" format="jsonf")
|
||||||
|
}
|
||||||
|
|
||||||
|
ruleset(name="sendLogsToDisk") {
|
||||||
|
auth,authpriv.* action(type="omfile" file="/var/log/auth.log")
|
||||||
|
mail.* action(type="omfile" file="/var/log/mail.log" sync="off")
|
||||||
|
kern.* action(type="omfile" file="/var/log/kern.log")
|
||||||
|
*.*;auth,authpriv,mail,kern.none action(type="omfile"
|
||||||
|
file="/var/log/syslog.log" sync="off")
|
||||||
|
}
|
||||||
|
|
||||||
|
# Send logs to remote collector(s)
|
||||||
|
ruleset(name="sendLogsToRemote") {
|
||||||
|
{% for output in rsyslog_outputs %}
|
||||||
|
action(
|
||||||
|
type="{{ output_modules[output.proto] }}"
|
||||||
|
|
||||||
|
{% if output_modules[output.proto] == "omfwd" %}
|
||||||
|
protocol="{{ output.proto }}"
|
||||||
|
target="{{ output.address }}"
|
||||||
|
port="{{ output.port }}"
|
||||||
|
{% elif output_modules[output.proto] == "omhiredis" %}
|
||||||
|
server="{{ output.address }}"
|
||||||
|
serverport="{{ output.port }}"
|
||||||
|
mode="publish"
|
||||||
|
key="{{ output.key }}"
|
||||||
|
template="templateJson"
|
||||||
|
{% if output.password is defined %}
|
||||||
|
serverpassword="{{ output.password }}"
|
||||||
|
{% endif %}
|
||||||
|
{% elif output_modules[output.proto] == "omrelp" %}
|
||||||
|
target="{{ output.address }}"
|
||||||
|
port="{{ output.port }}"
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if loop.index > 1 and output.fallback %}
|
||||||
|
action.execOnlyWhenPreviousIsSuspended="on"
|
||||||
|
{% endif %}
|
||||||
|
)
|
||||||
|
{% endfor %}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Send local logs to files (useful for debugging or if the collector is down)
|
||||||
|
call sendLogsToDisk
|
||||||
|
|
||||||
|
# Send local logs to the remote collector
|
||||||
|
call sendLogsToRemote
|
5
roles/rsyslog_common/templates/forward-syslog.conf.j2
Normal file
5
roles/rsyslog_common/templates/forward-syslog.conf.j2
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
[Journal]
|
||||||
|
ForwardToSyslog=yes
|
||||||
|
MaxLevelSyslog=debug
|
3
roles/rsyslog_common/templates/rsyslog.conf.j2
Normal file
3
roles/rsyslog_common/templates/rsyslog.conf.j2
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
include(file="/etc/rsyslog.d/*.conf")
|
Loading…
Reference in a new issue