transatoshi/grinminer.net
1
0
Fork 0
mirror of https://github.com/transatoshi-mw/grinminer.net.git synced 2025-10-07 06:12:46 +00:00
Code Issues 3 Packages Projects 1 Releases Wiki Activity

added playbooks

Browse Source
This commit is contained in:
transatoshi
2024-12-28 15:31:42 -08:00
parent 64c5fa955d
commit 211e15ea7b
11 changed files with 376 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
ansible/borg-server-install.yml Normal file
View File

@@ -0,0 +1,71 @@
- hosts: backup
vars:
user: backup
group: backup
home: /home/backup
pool: "{{ home }}/repos"
auth_users:
- host: node00.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/node00.grinminer.net.pub') }}"
- host: node01.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/node01.grinminer.net.pub') }}"
- host: node02.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/ha-testnet.grinminer.net.pub') }}"
- host: node03.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/ha-testnet.grinminer.net.pub') }}"
- host: core00.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/core00.grinminer.net.pub') }}"
- host: core01.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/core01.grinminer.net.pub') }}"
- host: freenode00.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/freenode00.grinminer.net.pub') }}"
- host: freenode01.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/freenode01.grinminer.net.pub') }}"
- host: freenode02.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/freenode02.grinminer.net.pub') }}"
- host: freenode03.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/freenode03.grinminer.net.pub') }}"
- host: freenode04.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/freenode04.grinminer.net.pub') }}"
- host: freenode05.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/freenode05.grinminer.net.pub') }}"
- host: ha-mainnet.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/ha-testnet.grinminer.net.pub') }}"
- host: ha-testnet.grinminer.net
key: "{{ lookup('file', '/etc/ssh/ha-testnet.grinminer.net.pub') }}"
- host: ha-node.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/ha-node.grinminer.net.pub') }}"
- host: ha-testnode.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/ha-testnode.grinminer.net.pub') }}"
- host: ha-mine.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/ha-mine.grinminer.net.pub') }}"
- host: dns.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/dns.grinminer.net.pub') }}"
- host: dns1.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/dns1.grinminer.net.pub') }}"
- host: www.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/www.grinminer.net.pub') }}"
- host: proxy.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/proxy.grinminer.net.pub') }}"
- host: stats.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/stats.grinminer.net.pub') }}"
- host: zabbix.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/zabbix.grinminer.net.pub') }}"
- host: matrix.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/matrix.grinminer.net.pub') }}"
- host: ansible.grinminer.net
key: "{{ lookup('file', '/etc/ssh/keys/ansible.grinminer.net.pub') }}"
tasks:
- package: name=borg state=present
- group: name="{{ group }}" state=present
- user: name="{{ user }}" shell=/bin/bash home="{{ home }}" createhome=yes group="{{ group }}" groups= state=present
- file: path="{{ home }}" owner="{{ user }}" group="{{ group }}" mode=0700 state=directory
- file: path="{{ home }}/.ssh" owner="{{ user }}" group="{{ group }}" mode=0700 state=directory
- file: path="{{ pool }}" owner="{{ user }}" group="{{ group }}" mode=0700 state=directory
- authorized_key: user="{{ user }}"
key="{{ item.key }}"
key_options='command="cd {{ pool }}/{{ item.host }};borg serve --restrict-to-path {{ pool }}/{{ item.host }}",restrict'
with_items: "{{ auth_users }}"
- file: path="{{ home }}/.ssh/authorized_keys" owner="{{ user }}" group="{{ group }}" mode=0600 state=file
- file: path="{{ pool }}/{{ item.host }}" owner="{{ user }}" group="{{ group }}" mode=0700 state=directory
with_items: "{{ auth_users }}"