├── .github └── workflows │ └── auto-plan.yml ├── .gitignore ├── LICENSE ├── ansible ├── ansible.cfg ├── group_vars │ ├── core.yaml │ ├── dev.yaml │ └── status.yaml ├── hosts.ini ├── requirements.yaml ├── roles │ ├── dns │ │ └── tasks │ │ │ └── main.yaml │ ├── ktz-boot-notification │ │ ├── README.md │ │ ├── tasks │ │ │ ├── apprise.yaml │ │ │ ├── arch-setup.yaml │ │ │ └── main.yaml │ │ └── templates │ │ │ └── booted.sh.j2 │ └── sanoid │ │ ├── defaults │ │ └── main.yaml │ │ ├── files │ │ └── sanoid.conf │ │ └── tasks │ │ ├── install.yaml │ │ ├── main.yaml │ │ └── replication.yaml ├── run.yaml └── vars │ └── vault.yaml ├── git-init.sh ├── hardware └── moose │ ├── HL15.md │ ├── hdd-smart-reports │ ├── 2024-08-burnins │ │ ├── WDC_9MG6ARZJ.log │ │ ├── WDC_9MH2BWLU.log │ │ ├── WDC_X1G4EPXL.log │ │ └── WDC_XJG0HXDM.log │ └── 2024-11-pool-degraded │ │ ├── ARZJ.txt │ │ ├── BWLU.txt │ │ ├── EPXL.txt │ │ └── HXDM.txt │ └── nix │ └── configuration.nix ├── makefile └── terraform ├── .envrc.template ├── README.md ├── bootstrap ├── .envrc.template ├── .terraform.lock.hcl ├── README.md ├── main.tf ├── outputs.tf └── versions.tf ├── dns ├── .envrc.template ├── .terraform.lock.hcl ├── README.md ├── backend.tf ├── main.tf ├── terraform.tfvars ├── variables.tf └── versions.tf └── modules └── cloudflare-record ├── main.tf ├── variables.tf └── versions.tf /.github/workflows/auto-plan.yml: -------------------------------------------------------------------------------- 1 | name: Terraform Plan 2 | 3 | # created action based on the following guides: 4 | # - https://learn.hashicorp.com/tutorials/terraform/github-actions 5 | # - https://github.com/marketplace/actions/hashicorp-setup-terraform#usage 6 | 7 | on: 8 | push: 9 | branches: [ master ] 10 | pull_request: 11 | workflow_dispatch: 12 | 13 | 14 | defaults: 15 | run: 16 | # temporary till I write a script to find all terraform files and apply/plan them all 17 | # based off of this: git diff --name-only | grep '.tf$' | xargs -I {} dirname '{}' | sort -u 18 | working-directory: terraform/dns/ 19 | env: 20 | AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}" 21 | AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}" 22 | CLOUDFLARE_API_TOKEN: "${{ secrets.CLOUDFLARE_API_TOKEN }}" 23 | 24 | jobs: 25 | terraform_lint: 26 | runs-on: ubuntu-latest 27 | steps: 28 | - uses: actions/checkout@v2 29 | - uses: hashicorp/setup-terraform@v2 30 | 31 | - name: Terraform fmt 32 | id: fmt 33 | run: terraform fmt -check 34 | # TODO: should be removed after files are formatted 35 | continue-on-error: true 36 | 37 | terraform_plan: 38 | needs: terraform_lint 39 | runs-on: ubuntu-latest 40 | environment: production 41 | steps: 42 | - uses: actions/checkout@v2 43 | - uses: hashicorp/setup-terraform@v2 44 | 45 | - name: Terraform Init 46 | id: init 47 | run: terraform init 48 | 49 | - name: Terraform Validate 50 | id: validate 51 | run: terraform validate -no-color 52 | 53 | - name: Terraform Plan 54 | id: plan 55 | run: terraform plan -no-color -out=terraform.plan 56 | continue-on-error: true 57 | 58 | - uses: actions/github-script@v6 59 | if: github.event_name == 'pull_request' 60 | env: 61 | PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" 62 | with: 63 | github-token: ${{ secrets.GITHUB_TOKEN }} 64 | script: | 65 | // 1. Retrieve existing bot comments for the PR 66 | const { data: comments } = await github.rest.issues.listComments({ 67 | owner: context.repo.owner, 68 | repo: context.repo.repo, 69 | issue_number: context.issue.number, 70 | }) 71 | const botComment = comments.find(comment => { 72 | return comment.user.type === 'Bot' && comment.body.includes('Terraform Format and Style') 73 | }) 74 | 75 | // 2. Prepare format of the comment 76 | const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` 77 | #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` 78 | #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` 79 |
Validation Output 80 | 81 | \`\`\`\n 82 | ${{ steps.validate.outputs.stdout }} 83 | \`\`\` 84 | 85 |
86 | 87 | #### Terraform Plan 📖\`${{ steps.plan.outcome }}\` 88 | 89 |
Show Plan 90 | 91 | \`\`\`\n 92 | ${process.env.PLAN} 93 | \`\`\` 94 | 95 |
96 | 97 | *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*`; 98 | 99 | // 3. If we have a comment, update it, otherwise create a new one 100 | if (botComment) { 101 | github.rest.issues.updateComment({ 102 | owner: context.repo.owner, 103 | repo: context.repo.repo, 104 | comment_id: botComment.id, 105 | body: output 106 | }) 107 | } else { 108 | github.rest.issues.createComment({ 109 | issue_number: context.issue.number, 110 | owner: context.repo.owner, 111 | repo: context.repo.repo, 112 | body: output 113 | }) 114 | } 115 | 116 | - name: Terraform Plan Status 117 | if: steps.plan.outcome == 'failure' 118 | run: exit 1 119 | 120 | - name: Terraform Apply 121 | if: github.ref == 'refs/heads/master' && github.event_name == 'push' 122 | run: terraform apply -auto-approve -input=false terraform.plan 123 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .vault-password 2 | galaxy_roles/ 3 | .vscode 4 | 5 | # Created by https://www.toptal.com/developers/gitignore/api/linux,macos,ansible,terraform,visualstudiocode,direnv 6 | # Edit at https://www.toptal.com/developers/gitignore?templates=linux,macos,ansible,terraform,visualstudiocode,direnv 7 | 8 | ### Ansible ### 9 | *.retry 10 | 11 | ### direnv ### 12 | .direnv 13 | .envrc 14 | 15 | ### Linux ### 16 | *~ 17 | 18 | # temporary files which can be created if a process still has a handle open of a deleted file 19 | .fuse_hidden* 20 | 21 | # KDE directory preferences 22 | .directory 23 | 24 | # Linux trash folder which might appear on any partition or disk 25 | .Trash-* 26 | 27 | # .nfs files are created when an open file is removed but is still being accessed 28 | .nfs* 29 | 30 | ### macOS ### 31 | # General 32 | .DS_Store 33 | .AppleDouble 34 | .LSOverride 35 | 36 | # Icon must end with two \r 37 | Icon 38 | 39 | # Thumbnails 40 | ._* 41 | 42 | # Files that might appear in the root of a volume 43 | .DocumentRevisions-V100 44 | .fseventsd 45 | .Spotlight-V100 46 | .TemporaryItems 47 | .Trashes 48 | .VolumeIcon.icns 49 | .com.apple.timemachine.donotpresent 50 | 51 | # Directories potentially created on remote AFP share 52 | .AppleDB 53 | .AppleDesktop 54 | Network Trash Folder 55 | Temporary Items 56 | .apdisk 57 | 58 | ### macOS Patch ### 59 | # iCloud generated files 60 | *.icloud 61 | 62 | ### Terraform ### 63 | # Local .terraform directories 64 | **/.terraform/* 65 | 66 | # .tfstate files 67 | *.tfstate 68 | *.tfstate.* 69 | 70 | # Crash log files 71 | crash.log 72 | crash.*.log 73 | 74 | # Exclude all .tfvars files, which are likely to contain sensitive data, such as 75 | # password, private keys, and other secrets. These should not be part of version 76 | # control as they are data points which are potentially sensitive and subject 77 | # to change depending on the environment. 78 | *.tfvars 79 | *.tfvars.json 80 | 81 | # Ignore override files as they are usually used to override resources locally and so 82 | # are not checked in 83 | override.tf 84 | override.tf.json 85 | *_override.tf 86 | *_override.tf.json 87 | 88 | # Include override files you do wish to add to version control using negated pattern 89 | # !example_override.tf 90 | 91 | # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan 92 | # example: *tfplan* 93 | 94 | # Ignore CLI configuration files 95 | .terraformrc 96 | terraform.rc 97 | 98 | ### VisualStudioCode ### 99 | .vscode/* 100 | !.vscode/settings.json 101 | !.vscode/tasks.json 102 | !.vscode/launch.json 103 | !.vscode/extensions.json 104 | !.vscode/*.code-snippets 105 | 106 | # Local History for Visual Studio Code 107 | .history/ 108 | 109 | # Built Visual Studio Code Extensions 110 | *.vsix 111 | 112 | ### VisualStudioCode Patch ### 113 | # Ignore all local history of files 114 | .history 115 | .ionide 116 | 117 | # Support for Project snippet scope 118 | .vscode/*.code-snippets 119 | 120 | # Ignore code-workspaces 121 | *.code-workspace 122 | 123 | # End of https://www.toptal.com/developers/gitignore/api/linux,macos,ansible,terraform,visualstudiocode,direnv 124 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 3, 29 June 2007 3 | 4 | Copyright (C) 2007 Free Software Foundation, Inc. 5 | Everyone is permitted to copy and distribute verbatim copies 6 | of this license document, but changing it is not allowed. 7 | 8 | Preamble 9 | 10 | The GNU General Public License is a free, copyleft license for 11 | software and other kinds of works. 12 | 13 | The licenses for most software and other practical works are designed 14 | to take away your freedom to share and change the works. By contrast, 15 | the GNU General Public License is intended to guarantee your freedom to 16 | share and change all versions of a program--to make sure it remains free 17 | software for all its users. We, the Free Software Foundation, use the 18 | GNU General Public License for most of our software; it applies also to 19 | any other work released this way by its authors. You can apply it to 20 | your programs, too. 21 | 22 | When we speak of free software, we are referring to freedom, not 23 | price. Our General Public Licenses are designed to make sure that you 24 | have the freedom to distribute copies of free software (and charge for 25 | them if you wish), that you receive source code or can get it if you 26 | want it, that you can change the software or use pieces of it in new 27 | free programs, and that you know you can do these things. 28 | 29 | To protect your rights, we need to prevent others from denying you 30 | these rights or asking you to surrender the rights. Therefore, you have 31 | certain responsibilities if you distribute copies of the software, or if 32 | you modify it: responsibilities to respect the freedom of others. 33 | 34 | For example, if you distribute copies of such a program, whether 35 | gratis or for a fee, you must pass on to the recipients the same 36 | freedoms that you received. You must make sure that they, too, receive 37 | or can get the source code. And you must show them these terms so they 38 | know their rights. 39 | 40 | Developers that use the GNU GPL protect your rights with two steps: 41 | (1) assert copyright on the software, and (2) offer you this License 42 | giving you legal permission to copy, distribute and/or modify it. 43 | 44 | For the developers' and authors' protection, the GPL clearly explains 45 | that there is no warranty for this free software. For both users' and 46 | authors' sake, the GPL requires that modified versions be marked as 47 | changed, so that their problems will not be attributed erroneously to 48 | authors of previous versions. 49 | 50 | Some devices are designed to deny users access to install or run 51 | modified versions of the software inside them, although the manufacturer 52 | can do so. This is fundamentally incompatible with the aim of 53 | protecting users' freedom to change the software. The systematic 54 | pattern of such abuse occurs in the area of products for individuals to 55 | use, which is precisely where it is most unacceptable. Therefore, we 56 | have designed this version of the GPL to prohibit the practice for those 57 | products. If such problems arise substantially in other domains, we 58 | stand ready to extend this provision to those domains in future versions 59 | of the GPL, as needed to protect the freedom of users. 60 | 61 | Finally, every program is threatened constantly by software patents. 62 | States should not allow patents to restrict development and use of 63 | software on general-purpose computers, but in those that do, we wish to 64 | avoid the special danger that patents applied to a free program could 65 | make it effectively proprietary. To prevent this, the GPL assures that 66 | patents cannot be used to render the program non-free. 67 | 68 | The precise terms and conditions for copying, distribution and 69 | modification follow. 70 | 71 | TERMS AND CONDITIONS 72 | 73 | 0. Definitions. 74 | 75 | "This License" refers to version 3 of the GNU General Public License. 76 | 77 | "Copyright" also means copyright-like laws that apply to other kinds of 78 | works, such as semiconductor masks. 79 | 80 | "The Program" refers to any copyrightable work licensed under this 81 | License. Each licensee is addressed as "you". "Licensees" and 82 | "recipients" may be individuals or organizations. 83 | 84 | To "modify" a work means to copy from or adapt all or part of the work 85 | in a fashion requiring copyright permission, other than the making of an 86 | exact copy. The resulting work is called a "modified version" of the 87 | earlier work or a work "based on" the earlier work. 88 | 89 | A "covered work" means either the unmodified Program or a work based 90 | on the Program. 91 | 92 | To "propagate" a work means to do anything with it that, without 93 | permission, would make you directly or secondarily liable for 94 | infringement under applicable copyright law, except executing it on a 95 | computer or modifying a private copy. Propagation includes copying, 96 | distribution (with or without modification), making available to the 97 | public, and in some countries other activities as well. 98 | 99 | To "convey" a work means any kind of propagation that enables other 100 | parties to make or receive copies. Mere interaction with a user through 101 | a computer network, with no transfer of a copy, is not conveying. 102 | 103 | An interactive user interface displays "Appropriate Legal Notices" 104 | to the extent that it includes a convenient and prominently visible 105 | feature that (1) displays an appropriate copyright notice, and (2) 106 | tells the user that there is no warranty for the work (except to the 107 | extent that warranties are provided), that licensees may convey the 108 | work under this License, and how to view a copy of this License. If 109 | the interface presents a list of user commands or options, such as a 110 | menu, a prominent item in the list meets this criterion. 111 | 112 | 1. Source Code. 113 | 114 | The "source code" for a work means the preferred form of the work 115 | for making modifications to it. "Object code" means any non-source 116 | form of a work. 117 | 118 | A "Standard Interface" means an interface that either is an official 119 | standard defined by a recognized standards body, or, in the case of 120 | interfaces specified for a particular programming language, one that 121 | is widely used among developers working in that language. 122 | 123 | The "System Libraries" of an executable work include anything, other 124 | than the work as a whole, that (a) is included in the normal form of 125 | packaging a Major Component, but which is not part of that Major 126 | Component, and (b) serves only to enable use of the work with that 127 | Major Component, or to implement a Standard Interface for which an 128 | implementation is available to the public in source code form. A 129 | "Major Component", in this context, means a major essential component 130 | (kernel, window system, and so on) of the specific operating system 131 | (if any) on which the executable work runs, or a compiler used to 132 | produce the work, or an object code interpreter used to run it. 133 | 134 | The "Corresponding Source" for a work in object code form means all 135 | the source code needed to generate, install, and (for an executable 136 | work) run the object code and to modify the work, including scripts to 137 | control those activities. However, it does not include the work's 138 | System Libraries, or general-purpose tools or generally available free 139 | programs which are used unmodified in performing those activities but 140 | which are not part of the work. For example, Corresponding Source 141 | includes interface definition files associated with source files for 142 | the work, and the source code for shared libraries and dynamically 143 | linked subprograms that the work is specifically designed to require, 144 | such as by intimate data communication or control flow between those 145 | subprograms and other parts of the work. 146 | 147 | The Corresponding Source need not include anything that users 148 | can regenerate automatically from other parts of the Corresponding 149 | Source. 150 | 151 | The Corresponding Source for a work in source code form is that 152 | same work. 153 | 154 | 2. Basic Permissions. 155 | 156 | All rights granted under this License are granted for the term of 157 | copyright on the Program, and are irrevocable provided the stated 158 | conditions are met. This License explicitly affirms your unlimited 159 | permission to run the unmodified Program. The output from running a 160 | covered work is covered by this License only if the output, given its 161 | content, constitutes a covered work. This License acknowledges your 162 | rights of fair use or other equivalent, as provided by copyright law. 163 | 164 | You may make, run and propagate covered works that you do not 165 | convey, without conditions so long as your license otherwise remains 166 | in force. You may convey covered works to others for the sole purpose 167 | of having them make modifications exclusively for you, or provide you 168 | with facilities for running those works, provided that you comply with 169 | the terms of this License in conveying all material for which you do 170 | not control copyright. Those thus making or running the covered works 171 | for you must do so exclusively on your behalf, under your direction 172 | and control, on terms that prohibit them from making any copies of 173 | your copyrighted material outside their relationship with you. 174 | 175 | Conveying under any other circumstances is permitted solely under 176 | the conditions stated below. Sublicensing is not allowed; section 10 177 | makes it unnecessary. 178 | 179 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law. 180 | 181 | No covered work shall be deemed part of an effective technological 182 | measure under any applicable law fulfilling obligations under article 183 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or 184 | similar laws prohibiting or restricting circumvention of such 185 | measures. 186 | 187 | When you convey a covered work, you waive any legal power to forbid 188 | circumvention of technological measures to the extent such circumvention 189 | is effected by exercising rights under this License with respect to 190 | the covered work, and you disclaim any intention to limit operation or 191 | modification of the work as a means of enforcing, against the work's 192 | users, your or third parties' legal rights to forbid circumvention of 193 | technological measures. 194 | 195 | 4. Conveying Verbatim Copies. 196 | 197 | You may convey verbatim copies of the Program's source code as you 198 | receive it, in any medium, provided that you conspicuously and 199 | appropriately publish on each copy an appropriate copyright notice; 200 | keep intact all notices stating that this License and any 201 | non-permissive terms added in accord with section 7 apply to the code; 202 | keep intact all notices of the absence of any warranty; and give all 203 | recipients a copy of this License along with the Program. 204 | 205 | You may charge any price or no price for each copy that you convey, 206 | and you may offer support or warranty protection for a fee. 207 | 208 | 5. Conveying Modified Source Versions. 209 | 210 | You may convey a work based on the Program, or the modifications to 211 | produce it from the Program, in the form of source code under the 212 | terms of section 4, provided that you also meet all of these conditions: 213 | 214 | a) The work must carry prominent notices stating that you modified 215 | it, and giving a relevant date. 216 | 217 | b) The work must carry prominent notices stating that it is 218 | released under this License and any conditions added under section 219 | 7. This requirement modifies the requirement in section 4 to 220 | "keep intact all notices". 221 | 222 | c) You must license the entire work, as a whole, under this 223 | License to anyone who comes into possession of a copy. This 224 | License will therefore apply, along with any applicable section 7 225 | additional terms, to the whole of the work, and all its parts, 226 | regardless of how they are packaged. This License gives no 227 | permission to license the work in any other way, but it does not 228 | invalidate such permission if you have separately received it. 229 | 230 | d) If the work has interactive user interfaces, each must display 231 | Appropriate Legal Notices; however, if the Program has interactive 232 | interfaces that do not display Appropriate Legal Notices, your 233 | work need not make them do so. 234 | 235 | A compilation of a covered work with other separate and independent 236 | works, which are not by their nature extensions of the covered work, 237 | and which are not combined with it such as to form a larger program, 238 | in or on a volume of a storage or distribution medium, is called an 239 | "aggregate" if the compilation and its resulting copyright are not 240 | used to limit the access or legal rights of the compilation's users 241 | beyond what the individual works permit. Inclusion of a covered work 242 | in an aggregate does not cause this License to apply to the other 243 | parts of the aggregate. 244 | 245 | 6. Conveying Non-Source Forms. 246 | 247 | You may convey a covered work in object code form under the terms 248 | of sections 4 and 5, provided that you also convey the 249 | machine-readable Corresponding Source under the terms of this License, 250 | in one of these ways: 251 | 252 | a) Convey the object code in, or embodied in, a physical product 253 | (including a physical distribution medium), accompanied by the 254 | Corresponding Source fixed on a durable physical medium 255 | customarily used for software interchange. 256 | 257 | b) Convey the object code in, or embodied in, a physical product 258 | (including a physical distribution medium), accompanied by a 259 | written offer, valid for at least three years and valid for as 260 | long as you offer spare parts or customer support for that product 261 | model, to give anyone who possesses the object code either (1) a 262 | copy of the Corresponding Source for all the software in the 263 | product that is covered by this License, on a durable physical 264 | medium customarily used for software interchange, for a price no 265 | more than your reasonable cost of physically performing this 266 | conveying of source, or (2) access to copy the 267 | Corresponding Source from a network server at no charge. 268 | 269 | c) Convey individual copies of the object code with a copy of the 270 | written offer to provide the Corresponding Source. This 271 | alternative is allowed only occasionally and noncommercially, and 272 | only if you received the object code with such an offer, in accord 273 | with subsection 6b. 274 | 275 | d) Convey the object code by offering access from a designated 276 | place (gratis or for a charge), and offer equivalent access to the 277 | Corresponding Source in the same way through the same place at no 278 | further charge. You need not require recipients to copy the 279 | Corresponding Source along with the object code. If the place to 280 | copy the object code is a network server, the Corresponding Source 281 | may be on a different server (operated by you or a third party) 282 | that supports equivalent copying facilities, provided you maintain 283 | clear directions next to the object code saying where to find the 284 | Corresponding Source. Regardless of what server hosts the 285 | Corresponding Source, you remain obligated to ensure that it is 286 | available for as long as needed to satisfy these requirements. 287 | 288 | e) Convey the object code using peer-to-peer transmission, provided 289 | you inform other peers where the object code and Corresponding 290 | Source of the work are being offered to the general public at no 291 | charge under subsection 6d. 292 | 293 | A separable portion of the object code, whose source code is excluded 294 | from the Corresponding Source as a System Library, need not be 295 | included in conveying the object code work. 296 | 297 | A "User Product" is either (1) a "consumer product", which means any 298 | tangible personal property which is normally used for personal, family, 299 | or household purposes, or (2) anything designed or sold for incorporation 300 | into a dwelling. In determining whether a product is a consumer product, 301 | doubtful cases shall be resolved in favor of coverage. For a particular 302 | product received by a particular user, "normally used" refers to a 303 | typical or common use of that class of product, regardless of the status 304 | of the particular user or of the way in which the particular user 305 | actually uses, or expects or is expected to use, the product. A product 306 | is a consumer product regardless of whether the product has substantial 307 | commercial, industrial or non-consumer uses, unless such uses represent 308 | the only significant mode of use of the product. 309 | 310 | "Installation Information" for a User Product means any methods, 311 | procedures, authorization keys, or other information required to install 312 | and execute modified versions of a covered work in that User Product from 313 | a modified version of its Corresponding Source. The information must 314 | suffice to ensure that the continued functioning of the modified object 315 | code is in no case prevented or interfered with solely because 316 | modification has been made. 317 | 318 | If you convey an object code work under this section in, or with, or 319 | specifically for use in, a User Product, and the conveying occurs as 320 | part of a transaction in which the right of possession and use of the 321 | User Product is transferred to the recipient in perpetuity or for a 322 | fixed term (regardless of how the transaction is characterized), the 323 | Corresponding Source conveyed under this section must be accompanied 324 | by the Installation Information. But this requirement does not apply 325 | if neither you nor any third party retains the ability to install 326 | modified object code on the User Product (for example, the work has 327 | been installed in ROM). 328 | 329 | The requirement to provide Installation Information does not include a 330 | requirement to continue to provide support service, warranty, or updates 331 | for a work that has been modified or installed by the recipient, or for 332 | the User Product in which it has been modified or installed. Access to a 333 | network may be denied when the modification itself materially and 334 | adversely affects the operation of the network or violates the rules and 335 | protocols for communication across the network. 336 | 337 | Corresponding Source conveyed, and Installation Information provided, 338 | in accord with this section must be in a format that is publicly 339 | documented (and with an implementation available to the public in 340 | source code form), and must require no special password or key for 341 | unpacking, reading or copying. 342 | 343 | 7. Additional Terms. 344 | 345 | "Additional permissions" are terms that supplement the terms of this 346 | License by making exceptions from one or more of its conditions. 347 | Additional permissions that are applicable to the entire Program shall 348 | be treated as though they were included in this License, to the extent 349 | that they are valid under applicable law. If additional permissions 350 | apply only to part of the Program, that part may be used separately 351 | under those permissions, but the entire Program remains governed by 352 | this License without regard to the additional permissions. 353 | 354 | When you convey a copy of a covered work, you may at your option 355 | remove any additional permissions from that copy, or from any part of 356 | it. (Additional permissions may be written to require their own 357 | removal in certain cases when you modify the work.) You may place 358 | additional permissions on material, added by you to a covered work, 359 | for which you have or can give appropriate copyright permission. 360 | 361 | Notwithstanding any other provision of this License, for material you 362 | add to a covered work, you may (if authorized by the copyright holders of 363 | that material) supplement the terms of this License with terms: 364 | 365 | a) Disclaiming warranty or limiting liability differently from the 366 | terms of sections 15 and 16 of this License; or 367 | 368 | b) Requiring preservation of specified reasonable legal notices or 369 | author attributions in that material or in the Appropriate Legal 370 | Notices displayed by works containing it; or 371 | 372 | c) Prohibiting misrepresentation of the origin of that material, or 373 | requiring that modified versions of such material be marked in 374 | reasonable ways as different from the original version; or 375 | 376 | d) Limiting the use for publicity purposes of names of licensors or 377 | authors of the material; or 378 | 379 | e) Declining to grant rights under trademark law for use of some 380 | trade names, trademarks, or service marks; or 381 | 382 | f) Requiring indemnification of licensors and authors of that 383 | material by anyone who conveys the material (or modified versions of 384 | it) with contractual assumptions of liability to the recipient, for 385 | any liability that these contractual assumptions directly impose on 386 | those licensors and authors. 387 | 388 | All other non-permissive additional terms are considered "further 389 | restrictions" within the meaning of section 10. If the Program as you 390 | received it, or any part of it, contains a notice stating that it is 391 | governed by this License along with a term that is a further 392 | restriction, you may remove that term. If a license document contains 393 | a further restriction but permits relicensing or conveying under this 394 | License, you may add to a covered work material governed by the terms 395 | of that license document, provided that the further restriction does 396 | not survive such relicensing or conveying. 397 | 398 | If you add terms to a covered work in accord with this section, you 399 | must place, in the relevant source files, a statement of the 400 | additional terms that apply to those files, or a notice indicating 401 | where to find the applicable terms. 402 | 403 | Additional terms, permissive or non-permissive, may be stated in the 404 | form of a separately written license, or stated as exceptions; 405 | the above requirements apply either way. 406 | 407 | 8. Termination. 408 | 409 | You may not propagate or modify a covered work except as expressly 410 | provided under this License. Any attempt otherwise to propagate or 411 | modify it is void, and will automatically terminate your rights under 412 | this License (including any patent licenses granted under the third 413 | paragraph of section 11). 414 | 415 | However, if you cease all violation of this License, then your 416 | license from a particular copyright holder is reinstated (a) 417 | provisionally, unless and until the copyright holder explicitly and 418 | finally terminates your license, and (b) permanently, if the copyright 419 | holder fails to notify you of the violation by some reasonable means 420 | prior to 60 days after the cessation. 421 | 422 | Moreover, your license from a particular copyright holder is 423 | reinstated permanently if the copyright holder notifies you of the 424 | violation by some reasonable means, this is the first time you have 425 | received notice of violation of this License (for any work) from that 426 | copyright holder, and you cure the violation prior to 30 days after 427 | your receipt of the notice. 428 | 429 | Termination of your rights under this section does not terminate the 430 | licenses of parties who have received copies or rights from you under 431 | this License. If your rights have been terminated and not permanently 432 | reinstated, you do not qualify to receive new licenses for the same 433 | material under section 10. 434 | 435 | 9. Acceptance Not Required for Having Copies. 436 | 437 | You are not required to accept this License in order to receive or 438 | run a copy of the Program. Ancillary propagation of a covered work 439 | occurring solely as a consequence of using peer-to-peer transmission 440 | to receive a copy likewise does not require acceptance. However, 441 | nothing other than this License grants you permission to propagate or 442 | modify any covered work. These actions infringe copyright if you do 443 | not accept this License. Therefore, by modifying or propagating a 444 | covered work, you indicate your acceptance of this License to do so. 445 | 446 | 10. Automatic Licensing of Downstream Recipients. 447 | 448 | Each time you convey a covered work, the recipient automatically 449 | receives a license from the original licensors, to run, modify and 450 | propagate that work, subject to this License. You are not responsible 451 | for enforcing compliance by third parties with this License. 452 | 453 | An "entity transaction" is a transaction transferring control of an 454 | organization, or substantially all assets of one, or subdividing an 455 | organization, or merging organizations. If propagation of a covered 456 | work results from an entity transaction, each party to that 457 | transaction who receives a copy of the work also receives whatever 458 | licenses to the work the party's predecessor in interest had or could 459 | give under the previous paragraph, plus a right to possession of the 460 | Corresponding Source of the work from the predecessor in interest, if 461 | the predecessor has it or can get it with reasonable efforts. 462 | 463 | You may not impose any further restrictions on the exercise of the 464 | rights granted or affirmed under this License. For example, you may 465 | not impose a license fee, royalty, or other charge for exercise of 466 | rights granted under this License, and you may not initiate litigation 467 | (including a cross-claim or counterclaim in a lawsuit) alleging that 468 | any patent claim is infringed by making, using, selling, offering for 469 | sale, or importing the Program or any portion of it. 470 | 471 | 11. Patents. 472 | 473 | A "contributor" is a copyright holder who authorizes use under this 474 | License of the Program or a work on which the Program is based. The 475 | work thus licensed is called the contributor's "contributor version". 476 | 477 | A contributor's "essential patent claims" are all patent claims 478 | owned or controlled by the contributor, whether already acquired or 479 | hereafter acquired, that would be infringed by some manner, permitted 480 | by this License, of making, using, or selling its contributor version, 481 | but do not include claims that would be infringed only as a 482 | consequence of further modification of the contributor version. For 483 | purposes of this definition, "control" includes the right to grant 484 | patent sublicenses in a manner consistent with the requirements of 485 | this License. 486 | 487 | Each contributor grants you a non-exclusive, worldwide, royalty-free 488 | patent license under the contributor's essential patent claims, to 489 | make, use, sell, offer for sale, import and otherwise run, modify and 490 | propagate the contents of its contributor version. 491 | 492 | In the following three paragraphs, a "patent license" is any express 493 | agreement or commitment, however denominated, not to enforce a patent 494 | (such as an express permission to practice a patent or covenant not to 495 | sue for patent infringement). To "grant" such a patent license to a 496 | party means to make such an agreement or commitment not to enforce a 497 | patent against the party. 498 | 499 | If you convey a covered work, knowingly relying on a patent license, 500 | and the Corresponding Source of the work is not available for anyone 501 | to copy, free of charge and under the terms of this License, through a 502 | publicly available network server or other readily accessible means, 503 | then you must either (1) cause the Corresponding Source to be so 504 | available, or (2) arrange to deprive yourself of the benefit of the 505 | patent license for this particular work, or (3) arrange, in a manner 506 | consistent with the requirements of this License, to extend the patent 507 | license to downstream recipients. "Knowingly relying" means you have 508 | actual knowledge that, but for the patent license, your conveying the 509 | covered work in a country, or your recipient's use of the covered work 510 | in a country, would infringe one or more identifiable patents in that 511 | country that you have reason to believe are valid. 512 | 513 | If, pursuant to or in connection with a single transaction or 514 | arrangement, you convey, or propagate by procuring conveyance of, a 515 | covered work, and grant a patent license to some of the parties 516 | receiving the covered work authorizing them to use, propagate, modify 517 | or convey a specific copy of the covered work, then the patent license 518 | you grant is automatically extended to all recipients of the covered 519 | work and works based on it. 520 | 521 | A patent license is "discriminatory" if it does not include within 522 | the scope of its coverage, prohibits the exercise of, or is 523 | conditioned on the non-exercise of one or more of the rights that are 524 | specifically granted under this License. You may not convey a covered 525 | work if you are a party to an arrangement with a third party that is 526 | in the business of distributing software, under which you make payment 527 | to the third party based on the extent of your activity of conveying 528 | the work, and under which the third party grants, to any of the 529 | parties who would receive the covered work from you, a discriminatory 530 | patent license (a) in connection with copies of the covered work 531 | conveyed by you (or copies made from those copies), or (b) primarily 532 | for and in connection with specific products or compilations that 533 | contain the covered work, unless you entered into that arrangement, 534 | or that patent license was granted, prior to 28 March 2007. 535 | 536 | Nothing in this License shall be construed as excluding or limiting 537 | any implied license or other defenses to infringement that may 538 | otherwise be available to you under applicable patent law. 539 | 540 | 12. No Surrender of Others' Freedom. 541 | 542 | If conditions are imposed on you (whether by court order, agreement or 543 | otherwise) that contradict the conditions of this License, they do not 544 | excuse you from the conditions of this License. If you cannot convey a 545 | covered work so as to satisfy simultaneously your obligations under this 546 | License and any other pertinent obligations, then as a consequence you may 547 | not convey it at all. For example, if you agree to terms that obligate you 548 | to collect a royalty for further conveying from those to whom you convey 549 | the Program, the only way you could satisfy both those terms and this 550 | License would be to refrain entirely from conveying the Program. 551 | 552 | 13. Use with the GNU Affero General Public License. 553 | 554 | Notwithstanding any other provision of this License, you have 555 | permission to link or combine any covered work with a work licensed 556 | under version 3 of the GNU Affero General Public License into a single 557 | combined work, and to convey the resulting work. The terms of this 558 | License will continue to apply to the part which is the covered work, 559 | but the special requirements of the GNU Affero General Public License, 560 | section 13, concerning interaction through a network will apply to the 561 | combination as such. 562 | 563 | 14. Revised Versions of this License. 564 | 565 | The Free Software Foundation may publish revised and/or new versions of 566 | the GNU General Public License from time to time. Such new versions will 567 | be similar in spirit to the present version, but may differ in detail to 568 | address new problems or concerns. 569 | 570 | Each version is given a distinguishing version number. If the 571 | Program specifies that a certain numbered version of the GNU General 572 | Public License "or any later version" applies to it, you have the 573 | option of following the terms and conditions either of that numbered 574 | version or of any later version published by the Free Software 575 | Foundation. If the Program does not specify a version number of the 576 | GNU General Public License, you may choose any version ever published 577 | by the Free Software Foundation. 578 | 579 | If the Program specifies that a proxy can decide which future 580 | versions of the GNU General Public License can be used, that proxy's 581 | public statement of acceptance of a version permanently authorizes you 582 | to choose that version for the Program. 583 | 584 | Later license versions may give you additional or different 585 | permissions. However, no additional obligations are imposed on any 586 | author or copyright holder as a result of your choosing to follow a 587 | later version. 588 | 589 | 15. Disclaimer of Warranty. 590 | 591 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY 592 | APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT 593 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY 594 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, 595 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 596 | PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM 597 | IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF 598 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 599 | 600 | 16. Limitation of Liability. 601 | 602 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 603 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS 604 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY 605 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE 606 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF 607 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD 608 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), 609 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF 610 | SUCH DAMAGES. 611 | 612 | 17. Interpretation of Sections 15 and 16. 613 | 614 | If the disclaimer of warranty and limitation of liability provided 615 | above cannot be given local legal effect according to their terms, 616 | reviewing courts shall apply local law that most closely approximates 617 | an absolute waiver of all civil liability in connection with the 618 | Program, unless a warranty or assumption of liability accompanies a 619 | copy of the Program in return for a fee. 620 | 621 | END OF TERMS AND CONDITIONS 622 | 623 | How to Apply These Terms to Your New Programs 624 | 625 | If you develop a new program, and you want it to be of the greatest 626 | possible use to the public, the best way to achieve this is to make it 627 | free software which everyone can redistribute and change under these terms. 628 | 629 | To do so, attach the following notices to the program. It is safest 630 | to attach them to the start of each source file to most effectively 631 | state the exclusion of warranty; and each file should have at least 632 | the "copyright" line and a pointer to where the full notice is found. 633 | 634 | 635 | Copyright (C) 636 | 637 | This program is free software: you can redistribute it and/or modify 638 | it under the terms of the GNU General Public License as published by 639 | the Free Software Foundation, either version 3 of the License, or 640 | (at your option) any later version. 641 | 642 | This program is distributed in the hope that it will be useful, 643 | but WITHOUT ANY WARRANTY; without even the implied warranty of 644 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 645 | GNU General Public License for more details. 646 | 647 | You should have received a copy of the GNU General Public License 648 | along with this program. If not, see . 649 | 650 | Also add information on how to contact you by electronic and paper mail. 651 | 652 | If the program does terminal interaction, make it output a short 653 | notice like this when it starts in an interactive mode: 654 | 655 | Copyright (C) 656 | This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 657 | This is free software, and you are welcome to redistribute it 658 | under certain conditions; type `show c' for details. 659 | 660 | The hypothetical commands `show w' and `show c' should show the appropriate 661 | parts of the General Public License. Of course, your program's commands 662 | might be different; for a GUI interface, you would use an "about box". 663 | 664 | You should also get your employer (if you work as a programmer) or school, 665 | if any, to sign a "copyright disclaimer" for the program, if necessary. 666 | For more information on this, and how to apply and follow the GNU GPL, see 667 | . 668 | 669 | The GNU General Public License does not permit incorporating your program 670 | into proprietary programs. If your program is a subroutine library, you 671 | may consider it more useful to permit linking proprietary applications with 672 | the library. If this is what you want to do, use the GNU Lesser General 673 | Public License instead of this License. But first, please read 674 | . 675 | -------------------------------------------------------------------------------- /ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | nocows = 1 3 | host_key_checking = False 4 | retry_files_enabled = False 5 | roles_path = $PWD/galaxy_roles:$PWD/roles 6 | inventory = ./hosts.ini 7 | become_ask_pass = True 8 | vault_password_file = ./.vault-password 9 | stdout_callback = yaml 10 | bin_ansible_callbacks = True 11 | 12 | [ssh_connection] 13 | pipelining = True -------------------------------------------------------------------------------- /ansible/group_vars/core.yaml: -------------------------------------------------------------------------------- 1 | # grog.package 2 | package_list: 3 | - name: bash-completion 4 | - name: curl 5 | - name: htop 6 | - name: ncdu 7 | - name: net-tools 8 | - name: nmap 9 | - name: sanoid 10 | - name: sudo 11 | - name: tmux 12 | - name: tree 13 | - name: wget 14 | - name: wireguard 15 | - name: zfsutils-linux 16 | 17 | # geerlingguy.security 18 | security_ssh_port: "{{ demo_ssh_port }}" 19 | security_sudoers_passwordless: 20 | - "{{ main_username }}" 21 | 22 | # geerlingguy.ntp 23 | ntp_timezone: "America/New_York" 24 | 25 | # geerlingguy.docker 26 | docker_compose_version: 1.29.2 27 | 28 | # geerlingguy.github_users 29 | github_users_authorized_keys_exclusive: false 30 | github_users: 31 | # You can specify an object with 'name' (required) and 'groups' (optional): 32 | - name: "{{ main_username }}" 33 | groups: sudo,docker 34 | 35 | # sanoid 36 | #sanoid_config_source: sanoid-morpheus.conf 37 | syncoid_binary_path: /usr/sbin/syncoid 38 | syncoid_status_dataset: "ironicbadger@status:tank/appdata" 39 | syncoid_hc_url: "curl -fsS -m 10 --retry 5 -o /dev/null https://hc.ktz.cloud/ping" 40 | syncoid_cron_jobs: 41 | ## cloud to morpheus 42 | - { job: '{{ syncoid_hc_url }}/{{ syncoid_hc_uuid_status }}/start && {{ syncoid_binary_path }} -r --skip-parent {{ syncoid_status_dataset }} tank/appdata && {{ syncoid_hc_url }}/{{ syncoid_hc_uuid_status }}/$? > /dev/null', name: 'status_replication', weekday: '*', hour: '*/6' } 43 | 44 | # ironicbadger.bash-aliases (formerly ferrarimarco.bash-aliases) 45 | bash_aliases: 46 | - { alias: "dtail", command: "docker logs -tf --tail='50' " } 47 | - { alias: "dstop", command: "docker stop `docker ps -aq`" } 48 | - { alias: "drm", command: "docker rm `docker ps -aq`" } 49 | - { alias: "dcp", command: "docker-compose -f ~/docker-compose.yml " } 50 | - { alias: "dprune", command: "docker image prune" } 51 | - { alias: "dprunesys", command: "docker system prune --all" } 52 | - { alias: "dtop", command: "docker run --name ctop -it --rm -v /var/run/docker.sock:/var/run/docker.sock quay.io/vektorlab/ctop" } 53 | - { alias: "appdata", command: "cd /mnt/tank/appdata" } 54 | - { alias: "zspace", command: "zfs list -o space" } 55 | - { alias: "zsnap", command: "zfs list -t snapshot" } 56 | - { alias: "dfclean", command: "df -h -x tmpfs -t fuse.mergerfs -t xfs -t ext4 -t zfs"} 57 | 58 | global_env_vars: 59 | - "PUID={{ main_uid }}" 60 | - "PGID={{ main_gid }}" 61 | - "TZ={{ ntp_timezone }}" 62 | 63 | appdata_path: "/home/{{ main_username }}/appdata" 64 | appdata_path_zfs: /tank/appdata 65 | 66 | default_dns_ip: "{{ jb_core_ip }}" 67 | containers: 68 | - service_name: traefik 69 | active: true 70 | image: traefik 71 | container_name: tr 72 | ports: 73 | - 80:80 74 | - 443:443 75 | - 8080:8080 76 | command: 77 | - --log.level=info 78 | - --accesslog=false 79 | - --api.insecure=false 80 | - --providers.docker=true 81 | - --providers.docker.exposedbydefault=false 82 | - --entrypoints.web.address=:80 83 | - --entrypoints.web.http.redirections.entryPoint.to=websecure 84 | - --entrypoints.web.http.redirections.entryPoint.scheme=https 85 | - --entrypoints.websecure.address=:443 86 | - --certificatesresolvers.cloudflare.acme.dnschallenge=true 87 | - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare 88 | - "--certificatesresolvers.cloudflare.acme.email={{ cloudflare_account_email }}" 89 | - --certificatesresolvers.cloudflare.acme.storage=/letsencrypt/acme.json 90 | - --serversTransport.insecureSkipVerify=true 91 | volumes: 92 | - "{{ appdata_path_zfs }}/traefik/letsencrypt:/letsencrypt" 93 | - "/var/run/docker.sock:/var/run/docker.sock:ro" 94 | environment: 95 | - "CLOUDFLARE_EMAIL={{ cloudflare_account_email }}" 96 | - "CLOUDFLARE_API_KEY={{ cloudflare_api_key }}" 97 | restart: unless-stopped 98 | ### 99 | - service_name: jb-nginx-sshwiki 100 | active: true 101 | image: nginx 102 | labels: 103 | - traefik.enable=true 104 | - traefik.http.routers.sshwiki.rule=Host(`wiki.selfhosted.show`) 105 | - traefik.http.routers.sshwiki.entrypoints=websecure 106 | - traefik.http.routers.sshwiki.tls.certresolver=cloudflare 107 | volumes: 108 | - "{{ appdata_path_zfs }}/nginx_sshwiki/site:/usr/share/nginx/html:ro" 109 | restart: unless-stopped 110 | ### 111 | - service_name: jb-nginx-shownotes 112 | active: true 113 | image: nginx 114 | labels: 115 | - traefik.enable=true 116 | - traefik.http.routers.jbshownotes.rule=Host(`notes.jupiterbroadcasting.com`) 117 | - traefik.http.routers.jbshownotes.entrypoints=websecure 118 | - traefik.http.routers.jbshownotes.tls.certresolver=cloudflare 119 | volumes: 120 | - "{{ appdata_path_zfs }}/nginx_shownotes/site:/usr/share/nginx/html:ro" 121 | restart: unless-stopped 122 | ### 123 | - service_name: jb-hedgedoc 124 | active: true 125 | image: quay.io/hedgedoc/hedgedoc:1.7.1 126 | volumes: 127 | - "{{ appdata_path_zfs }}/hedgedoc/app:/hedgedoc/public/uploads" 128 | environment: 129 | - "CMD_DB_URL=postgres://{{ hedgedoc_postgres_user }}:{{ hedgedoc_postgres_pass }}@jb-hedgedoc-postgres:5432/{{ hedgedoc_postgres_db }}" 130 | - TZ=America/Seattle 131 | depends_on: 132 | - jb-hedgedoc-postgres 133 | labels: 134 | - traefik.enable=true 135 | - "traefik.http.routers.hedgedoc.rule=Host(`{{ hedgedoc_url }}`)" 136 | - traefik.http.routers.hedgedoc.entrypoints=websecure 137 | - traefik.http.routers.hedgedoc.tls.certresolver=cloudflare 138 | - traefik.http.services.hedgedoc.loadbalancer.server.port=3000 139 | restart: unless-stopped 140 | - service_name: jb-hedgedoc-postgres 141 | active: true 142 | image: postgres:9.6-alpine 143 | environment: 144 | - "POSTGRES_USER={{ hedgedoc_postgres_user }}" 145 | - "POSTGRES_PASSWORD={{ hedgedoc_postgres_pass }}" 146 | - "POSTGRES_DB={{ hedgedoc_postgres_db }}" 147 | volumes: 148 | - "{{ appdata_path_zfs }}/hedgedoc/db:/var/lib/postgresql/data" 149 | restart: unless-stopped 150 | ### 151 | - service_name: jb-exbin 152 | active: true 153 | image: m1dnight/exbin:0.0.7 154 | volumes: 155 | - "{{ appdata_path_zfs }}/exbin/config/jb-rocket.png:/app/priv/static/images/jb-rocket.png" 156 | environment: 157 | - DB_HOST=jb-exbin-postgres 158 | - "TCP_PORT={{ exbin_tcp_port }}" 159 | - "TCP_IP={{ exbin_tcp_ip }}" 160 | - "PORT={{ exbin_http_port }}" 161 | - "DB_NAME={{ exbin_postgres_db }}" 162 | - "DB_PASS={{ exbin_postgres_pass }}" 163 | - "DB_USER={{ exbin_postgres_user }}" 164 | - "MAX_BYTES={{ exbin_max_bytes }}" 165 | - "EXTERNAL_URL={{ exbin_url }}" 166 | - "ADMIN_PASSWORD={{ exbin_admin_password }}" 167 | - DEFAULT_VIEW=reader 168 | - BRAND=Jupiter Broadcasting 169 | - LOGO_FILENAME=jb-rocket.png 170 | - TZ=America/Seattle 171 | depends_on: 172 | - jb-exbin-postgres 173 | labels: 174 | - traefik.enable=true 175 | - "traefik.http.routers.exbin.rule=Host(`{{ exbin_url }}`)" 176 | - traefik.http.routers.exbin.entrypoints=websecure 177 | - traefik.http.routers.exbin.tls.certresolver=cloudflare 178 | - "traefik.http.services.exbin.loadbalancer.server.port={{ exbin_http_port }}" 179 | restart: unless-stopped 180 | - service_name: jb-exbin-postgres 181 | active: true 182 | image: postgres:10-alpine 183 | environment: 184 | - "POSTGRES_USER={{ exbin_postgres_user }}" 185 | - "POSTGRES_PASSWORD={{ exbin_postgres_pass }}" 186 | - "POSTGRES_DB={{ exbin_postgres_db }}" 187 | volumes: 188 | - "{{ appdata_path_zfs }}/exbin/db:/var/lib/postgresql/data" 189 | restart: unless-stopped 190 | ### 191 | - service_name: ktz-smtp 192 | active: true 193 | image: bytemark/smtp 194 | environment: 195 | - "RELAY_HOST={{ plausible_email_host }}" 196 | - RELAY_PORT=465 197 | - "RELAY_USERNAME={{ plausible_email_username }}" 198 | - "RELAY_PASSWORD={{ plausible_email_password }}" 199 | restart: unless-stopped 200 | - service_name: ktz-plausible-db 201 | active: true 202 | image: postgres:14 203 | volumes: 204 | - "{{ appdata_path_zfs }}/ktz_plausible/db:/var/lib/postgresql/data" 205 | environment: 206 | - "POSTGRES_PASSWORD={{ plausible_db_pass }}" 207 | - "POSTGRES_USER={{ plausible_db_user }}" 208 | restart: unless-stopped 209 | - service_name: ktz-plausible-events 210 | active: true 211 | image: yandex/clickhouse-server:21.12-alpine 212 | volumes: 213 | - "{{ appdata_path_zfs }}/ktz_plausible/clickhouse/events:/var/lib/clickhouse" 214 | - "{{ appdata_path_zfs }}/ktz_plausible/clickhouse/clickhouse-config.xml:/etc/clickhouse-server/config.d/logging.xml:ro" 215 | - "{{ appdata_path_zfs }}/ktz_plausible/clickhouse/clickhouse-user-config.xml:/etc/clickhouse-server/users.d/logging.xml:ro" 216 | ulimits: 217 | nofile: 218 | soft: 262144 219 | hard: 262144 220 | tmpfs: 221 | - /var/log/clickhouse-server 222 | restart: unless-stopped 223 | - service_name: ktz-plausible 224 | active: true 225 | image: plausible/analytics:latest 226 | command: sh -c '/entrypoint.sh db migrate && /entrypoint.sh run' 227 | depends_on: 228 | - ktz-smtp 229 | - ktz-plausible-db 230 | - ktz-plausible-events 231 | environment: 232 | - "ADMIN_USER_EMAIL={{ plausible_admin_user_email }}" 233 | - "ADMIN_USER_NAME={{ plausible_admin_user_name }}" 234 | - "ADMIN_USER_PWD={{ plausible_admin_user_pass }}" 235 | - "BASE_URL={{ plausible_base_url }}" 236 | - "SECRET_KEY_BASE={{ plausible_secret_key_base }}" 237 | - "DATABASE_URL=postgres://{{ plausible_db_user }}:{{ plausible_db_pass }}@ktz-plausible-db:5432/plausible" 238 | - CLICKHOUSE_DATABASE_URL=http://ktz-plausible-events:8123/plausible 239 | - CRON_ENABLED=true 240 | - DISABLE_REGISTRATION=false 241 | #- SMTP_HOST_SSL_ENABLED=false 242 | - "SMTP_HOST_ADDR={{ plausible_email_host }}" 243 | - SMTP_HOST_PORT=465 244 | - "SMTP_USER_NAME={{ plausible_email_username }}" 245 | - "SMTP_USER_PWD={{ plausible_email_password }}" 246 | labels: 247 | - traefik.enable=true 248 | - "traefik.http.routers.plausible.rule=Host(`plausible.{{ domain_cloud }}`)" 249 | - traefik.http.routers.plausible.entrypoints=websecure 250 | - traefik.http.routers.plausible.tls.certresolver=cloudflare 251 | - traefik.http.services.plausible.loadbalancer.server.port=8000 252 | restart: unless-stopped 253 | ### 254 | - service_name: jb-jbcom 255 | active: true 256 | image: ghcr.io/jupiterbroadcasting/jupiterbroadcasting.com:latest 257 | labels: 258 | - traefik.enable=true 259 | - traefik.http.routers.jbcom.rule=Host(`www.jupiterbroadcasting.com`) 260 | - traefik.http.routers.jbcom.entrypoints=websecure 261 | - traefik.http.routers.jbcom.tls.certresolver=cloudflare 262 | - traefik.http.services.jbcom.loadbalancer.server.port=80 263 | restart: unless-stopped 264 | 265 | 266 | 267 | 268 | # - service_name: 269 | # active: true 270 | # image: 271 | # container_name: #optional - only required if diff to service_name 272 | # labels: 273 | # - traefik.enable=true 274 | # - traefik.http.routers.nginx.rule=Host(`foo.bar.com`) 275 | # - traefik.http.routers.nginx.entrypoints=websecure 276 | # - traefik.http.routers.nginx.tls.certresolver=cloudflare 277 | # - traefik.http.services.nginx.loadbalancer.server.port=80 278 | # volumes: 279 | # - "{{ appdata_path }}/app:/config" 280 | # environment: 281 | # - 282 | # include_global_env_vars: #optional - defaults to false 283 | # restart: unless-stopped 284 | -------------------------------------------------------------------------------- /ansible/group_vars/dev.yaml: -------------------------------------------------------------------------------- 1 | # grog.package 2 | package_list: 3 | - name: bash-completion 4 | - name: curl 5 | - name: htop 6 | - name: ncdu 7 | - name: net-tools 8 | - name: nmap 9 | - name: sanoid 10 | - name: sudo 11 | - name: tmux 12 | - name: tree 13 | - name: wget 14 | - name: wireguard 15 | - name: zfsutils-linux 16 | 17 | # geerlingguy.security 18 | security_ssh_port: "{{ dev_ssh_port }}" 19 | security_sudoers_passwordless: 20 | - "{{ main_username }}" 21 | 22 | # geerlingguy.ntp 23 | ntp_timezone: "America/New_York" 24 | 25 | # geerlingguy.docker 26 | docker_compose_version: 1.29.2 27 | 28 | # geerlingguy.github_users 29 | github_users_authorized_keys_exclusive: false 30 | github_users: 31 | # You can specify an object with 'name' (required) and 'groups' (optional): 32 | - name: "{{ main_username }}" 33 | groups: sudo,docker 34 | 35 | # ironicbadger.bash-aliases (formerly ferrarimarco.bash-aliases) 36 | bash_aliases: 37 | - { alias: "dtail", command: "docker logs -tf --tail='50' " } 38 | - { alias: "dstop", command: "docker stop `docker ps -aq`" } 39 | - { alias: "drm", command: "docker rm `docker ps -aq`" } 40 | - { alias: "dcp", command: "docker-compose -f ~/docker-compose.yml " } 41 | - { alias: "dprune", command: "docker image prune" } 42 | - { alias: "dprunesys", command: "docker system prune --all" } 43 | - { alias: "dtop", command: "docker run --name ctop -it --rm -v /var/run/docker.sock:/var/run/docker.sock quay.io/vektorlab/ctop" } 44 | - { alias: "appdata", command: "cd /mnt/tank/appdata" } 45 | - { alias: "zspace", command: "zfs list -o space" } 46 | - { alias: "zsnap", command: "zfs list -t snapshot" } 47 | - { alias: "dfclean", command: "df -h -x tmpfs -t fuse.mergerfs -t xfs -t ext4 -t zfs"} 48 | 49 | # ironicbadger.docker_compose_generator 50 | global_env_vars: 51 | - "PUID={{ main_uid }}" 52 | - "PGID={{ main_gid }}" 53 | - "TZ={{ ntp_timezone }}" 54 | 55 | appdata_path: "/home/{{ main_username }}/appdata" 56 | #appdata_path_zfs: /tank/appdata 57 | 58 | default_dns_ip: "{{ jb_dev_ip }}" 59 | containers: 60 | - service_name: traefik 61 | active: true 62 | image: traefik 63 | container_name: tr 64 | ports: 65 | - 80:80 66 | - 443:443 67 | - 8080:8080 68 | command: 69 | - --log.level=info 70 | - --accesslog=false 71 | - --api.insecure=false 72 | - --providers.docker=true 73 | - --providers.docker.exposedbydefault=true 74 | - --entrypoints.web.address=:80 75 | - --entrypoints.web.http.redirections.entryPoint.to=websecure 76 | - --entrypoints.web.http.redirections.entryPoint.scheme=https 77 | - --entrypoints.websecure.address=:443 78 | - --certificatesresolvers.cloudflare.acme.dnschallenge=true 79 | - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare 80 | - "--certificatesresolvers.cloudflare.acme.email={{ cloudflare_account_email }}" 81 | - --certificatesresolvers.cloudflare.acme.storage=/letsencrypt/acme.json 82 | - --serversTransport.insecureSkipVerify=true 83 | volumes: 84 | - "{{ appdata_path }}/traefik/letsencrypt:/letsencrypt" 85 | - "/var/run/docker.sock:/var/run/docker.sock:ro" 86 | environment: 87 | - "CLOUDFLARE_EMAIL={{ cloudflare_account_email }}" 88 | - "CLOUDFLARE_API_KEY={{ cloudflare_api_key }}" 89 | restart: unless-stopped 90 | ### 91 | - service_name: jb-dev-test 92 | active: true 93 | image: nginx 94 | labels: 95 | - traefik.http.routers.devtest.rule=Host(`test.dev.jupiterbroadcasting.com`) 96 | - traefik.http.routers.devtest.entrypoints=websecure 97 | - traefik.http.routers.devtest.tls.certresolver=cloudflare 98 | #volumes: 99 | #- "{{ appdata_path }}/jb-dev-test/:/usr/share/nginx/html:ro" 100 | restart: unless-stopped -------------------------------------------------------------------------------- /ansible/group_vars/status.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # ktz-figurine 3 | figurine_name: jb-status 4 | 5 | # grog.package 6 | package_list: 7 | - name: bash-completion 8 | - name: curl 9 | - name: htop 10 | - name: ncdu 11 | - name: net-tools 12 | - name: nmap 13 | - name: sanoid 14 | - name: sudo 15 | - name: tmux 16 | - name: tree 17 | - name: wget 18 | - name: wireguard 19 | - name: zfsutils-linux 20 | 21 | # geerlingguy.security 22 | security_ssh_port: "{{ demo_ssh_port }}" 23 | security_sudoers_passwordless: 24 | - "{{ main_username }}" 25 | 26 | # geerlingguy.ntp 27 | ntp_timezone: "America/New_York" 28 | 29 | # ironicbadger.bash-aliases (formerly ferrarimarco.bash-aliases) 30 | bash_aliases: 31 | - { alias: "dtail", command: "docker logs -tf --tail='50' " } 32 | - { alias: "dstop", command: "docker stop `docker ps -aq`" } 33 | - { alias: "drm", command: "docker rm `docker ps -aq`" } 34 | - { alias: "dcp", command: "docker-compose -f ~/docker-compose.yml " } 35 | - { alias: "dprune", command: "docker image prune" } 36 | - { alias: "dprunesys", command: "docker system prune --all" } 37 | - { alias: "dtop", command: "docker run --name ctop -it --rm -v /var/run/docker.sock:/var/run/docker.sock quay.io/vektorlab/ctop" } 38 | - { alias: "appdata", command: "cd /mnt/tank/appdata" } 39 | - { alias: "zspace", command: "zfs list -o space" } 40 | - { alias: "zsnap", command: "zfs list -t snapshot" } 41 | - { alias: "dfclean", command: "df -h -x tmpfs -t xfs -t ext4 -t zfs"} 42 | 43 | # ironicbadger.docker_compose_generator 44 | global_env_vars: 45 | - "PUID={{ main_uid }}" 46 | - "PGID={{ main_gid }}" 47 | - "TZ={{ ntp_timezone }}" 48 | appdata_path_zfs: /tank/appdata 49 | 50 | default_dns_ip: "{{ jb_status_ip }}" 51 | containers: 52 | - service_name: traefik 53 | active: true 54 | image: traefik 55 | container_name: tr 56 | ports: 57 | - 80:80 58 | - 443:443 59 | #- 8080:8080 60 | command: 61 | - --log.level=info 62 | - --accesslog=false 63 | - --api.insecure=false 64 | - --providers.docker=true 65 | - --providers.docker.exposedbydefault=false 66 | - --entrypoints.web.address=:80 67 | - --entrypoints.web.http.redirections.entryPoint.to=websecure 68 | - --entrypoints.web.http.redirections.entryPoint.scheme=https 69 | - --entrypoints.websecure.address=:443 70 | - --certificatesresolvers.cloudflare.acme.dnschallenge=true 71 | - --certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare 72 | - "--certificatesresolvers.cloudflare.acme.email={{ cloudflare_account_email }}" 73 | - --certificatesresolvers.cloudflare.acme.storage=/letsencrypt/acme.json 74 | - --serversTransport.insecureSkipVerify=true 75 | volumes: 76 | - "{{ appdata_path_zfs }}/traefik/letsencrypt:/letsencrypt" 77 | - "/var/run/docker.sock:/var/run/docker.sock:ro" 78 | environment: 79 | - "CLOUDFLARE_EMAIL={{ cloudflare_account_email }}" 80 | - "CLOUDFLARE_API_KEY={{ cloudflare_api_key }}" 81 | restart: unless-stopped 82 | ### 83 | - service_name: jb-uptimekuma 84 | active: true 85 | image: louislam/uptime-kuma:1.15.0 86 | labels: 87 | - traefik.enable=true 88 | - traefik.http.routers.uptimekuma.rule=Host(`status.jupiterbroadcasting.com`) 89 | - traefik.http.routers.uptimekuma.entrypoints=websecure 90 | - traefik.http.routers.uptimekuma.tls.certresolver=cloudflare 91 | volumes: 92 | - "{{ appdata_path_zfs }}/jb_uptimekuma:/app/data" 93 | restart: unless-stopped 94 | ### 95 | - service_name: ktz-healthchecks 96 | active: true 97 | image: linuxserver/healthchecks 98 | labels: 99 | - traefik.enable=true 100 | - traefik.http.routers.hc.rule=Host(`hc.{{ domain_cloud }}`) 101 | - traefik.http.routers.hc.entrypoints=websecure 102 | - traefik.http.routers.hc.tls.certresolver=cloudflare 103 | environment: 104 | - "SITE_ROOT=https://hc.{{ domain_cloud }}" 105 | - "SITE_NAME=KTZ Healthchecks" 106 | - "ALLOWED_HOSTS=[\"hc.{{ domain_cloud }}\"]" 107 | - "SUPERUSER_EMAIL={{ gmail_address }}" 108 | - "SUPERUSER_PASSWORD={{ cloud_healthchecks_app_password}}" 109 | - REGENERATE_SETTINGS=True 110 | - "SECRET_KEY={{ cloud_healthchecks_secret_key }}" 111 | - REGISTRATION_OPEN=False 112 | - "PUSHOVER_API_TOKEN={{ pushover_api_healthchecks}}" 113 | - "PUSHOVER_SUBSCRIPTION_URL={{ pushover_healthchecks_subscription_url }}" 114 | - "TELEGRAM_BOT_NAME={{ hc_telegram_bot_name }}" 115 | - "TELEGRAM_TOKEN={{ hc_telegram_token }}" 116 | - "SITE_LOGO_URL=https://avatars.githubusercontent.com/u/2773080" 117 | volumes: 118 | - "{{ appdata_path_zfs }}/ktz-healthchecks:/config" 119 | include_global_env_vars: true 120 | restart: unless-stopped 121 | -------------------------------------------------------------------------------- /ansible/hosts.ini: -------------------------------------------------------------------------------- 1 | [core] 2 | #demo.selfhosted.show ansible_ssh_user=root 3 | jb-core ansible_ssh_user=ironicbadger #ansible_ssh_port=53142 4 | 5 | [dev] 6 | 45.79.206.17 ansible_ssh_user=ironicbadger ansible_ssh_port=53122 7 | 8 | [status] 9 | #status.jupiterbroadcasting.com ansible_ssh_user=root 10 | 50.116.37.88 ansible_ssh_user=ironicbadger ansible_ssh_port=53142 -------------------------------------------------------------------------------- /ansible/requirements.yaml: -------------------------------------------------------------------------------- 1 | - src: geerlingguy.docker 2 | - src: geerlingguy.security 3 | - src: geerlingguy.ntp 4 | - src: geerlingguy.github-users 5 | - src: grog.package 6 | - src: ironicbadger.docker_compose_generator 7 | - src: ironicbadger.bash_aliases 8 | - src: ironicbadger.figurine -------------------------------------------------------------------------------- /ansible/roles/dns/tasks/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Manage DNS records for containers in cloudflare 4 | community.general.cloudflare_dns: 5 | zone: "{{ (item.host_label | regex_search('Host\\(`([\\w\\.]+)`\\)', '\\1') | first | split('.'))[-2:] | join ('.') }}" 6 | record: "{{ (item.host_label | regex_search('Host\\(`([\\w\\.]+)`\\)', '\\1') | first | split('.'))[:-2] | join ('.') }}" 7 | type: A 8 | state: "{{ item.active | ternary('present', 'absent') }}" 9 | value: "{{ dns_ip | default(default_dns_ip) }}" 10 | account_email: "{{ cloudflare_account_email }}" 11 | account_api_key: "{{ cloudflare_api_key }}" 12 | vars: 13 | _query: "[].{\"active\": active, \"host_label\": (labels[?contains(@, 'Host') == `true`]) }" 14 | loop: "{{ containers | json_query(_query) }}" 15 | when: item.host_label != None and (item.host_label | length > 0) -------------------------------------------------------------------------------- /ansible/roles/ktz-boot-notification/README.md: -------------------------------------------------------------------------------- 1 | # ktz-boot-notification 2 | 3 | Uses [apprise](https://github.com/caronc/apprise) to send a notification via Pushover when a system boots. Utilises cron. -------------------------------------------------------------------------------- /ansible/roles/ktz-boot-notification/tasks/apprise.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: ensure python pip is available 4 | package: 5 | name: python3-pip 6 | state: present 7 | 8 | - name: install apprise 9 | pip: 10 | name: apprise 11 | become: true 12 | 13 | - name: install script that cron will execute 14 | template: 15 | src: booted.sh.j2 16 | dest: /root/booted.sh 17 | owner: root 18 | group: root 19 | mode: '700' 20 | 21 | - name: install boot notification script 22 | cron: 23 | name: "boot notification to pushover" 24 | special_time: reboot 25 | job: /bin/bash /root/booted.sh -------------------------------------------------------------------------------- /ansible/roles/ktz-boot-notification/tasks/arch-setup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: install cronie 4 | package: 5 | name: cronie 6 | state: present 7 | 8 | - name: enable cronie service 9 | systemd: 10 | name: cronie 11 | state: restarted 12 | enabled: yes -------------------------------------------------------------------------------- /ansible/roles/ktz-boot-notification/tasks/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: arch specific setup 4 | include_tasks: arch-setup.yaml 5 | when: ansible_distribution == 'Archlinux' 6 | 7 | - name: apprise.yaml 8 | include_tasks: apprise.yaml 9 | -------------------------------------------------------------------------------- /ansible/roles/ktz-boot-notification/templates/booted.sh.j2: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | sleep 10 4 | /usr/bin/apprise -t "{{ ansible_hostname }} booted!" -b "{{ ansible_hostname }} just booted." pover://{{ pushover_user_key }}@{{ pushover_api_bootlace }} -------------------------------------------------------------------------------- /ansible/roles/sanoid/defaults/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | syncoid_cron_jobs: [] -------------------------------------------------------------------------------- /ansible/roles/sanoid/files/sanoid.conf: -------------------------------------------------------------------------------- 1 | [tank/appdata] 2 | use_template = appdata 3 | recursive = yes 4 | process_children_only = yes 5 | 6 | ############# 7 | # Templates # 8 | ############# 9 | 10 | [template_appdata] 11 | frequently = 0 12 | hourly = 2 13 | daily = 7 14 | monthly = 1 15 | yearly = 0 16 | autosnap = yes 17 | autoprune = yes -------------------------------------------------------------------------------- /ansible/roles/sanoid/tasks/install.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install dependencies for Arch based systems 4 | package: 5 | name: "{{ item }}" 6 | loop: 7 | - perl 8 | - perl-capture-tiny 9 | - perl-config-inifiles 10 | - pv 11 | - lzop 12 | when: ansible_os_family == 'Archlinux' 13 | become: true 14 | 15 | - name: Install dependencies for Debian based distros 16 | package: 17 | name: "{{ item }}" 18 | loop: 19 | - libcapture-tiny-perl 20 | - libconfig-inifiles-perl 21 | - pv 22 | - lzop 23 | - mbuffer 24 | when: ansible_os_family == 'Debian' 25 | become: true 26 | 27 | - name: install sanoid 28 | package: 29 | name: sanoid 30 | state: latest 31 | 32 | - name: Create config directory 33 | file: 34 | path: /etc/sanoid 35 | state: directory 36 | mode: "0755" 37 | become: true 38 | 39 | - name: configure sanoid 40 | copy: 41 | #src: sanoid/sanoid.conf 42 | src: "sanoid.conf" 43 | dest: /etc/sanoid/sanoid.conf 44 | owner: root 45 | group: root 46 | mode: '0644' -------------------------------------------------------------------------------- /ansible/roles/sanoid/tasks/main.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: sanoid install 4 | include_tasks: install.yaml 5 | 6 | - name: replication 7 | include_tasks: replication.yaml 8 | tags: 9 | - replication -------------------------------------------------------------------------------- /ansible/roles/sanoid/tasks/replication.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: setup cron job for replication with syncoid 4 | cron: 5 | user: "root" 6 | job: "{{ item.job }}" 7 | name: "{{ item.name }}" 8 | weekday: "{{ item.weekday | default ('*') }}" 9 | minute: "{{ item.minute | default ('00')}}" 10 | hour: "{{ item.hour | default ('00') }}" 11 | dom: "{{ item.dom|default('*') }}" 12 | with_items: 13 | - "{{ syncoid_cron_jobs }}" -------------------------------------------------------------------------------- /ansible/run.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: core 3 | vars_files: 4 | - 'vars/vault.yaml' 5 | roles: 6 | - role: grog.package 7 | - role: geerlingguy.docker 8 | - role: geerlingguy.github-users 9 | - role: geerlingguy.security 10 | - role: geerlingguy.ntp 11 | - role: ironicbadger.figurine 12 | #- role: ktz-boot-notification 13 | - role: ironicbadger.bash_aliases 14 | - role: ironicbadger.docker_compose_generator 15 | tags: compose 16 | # - role: dns 17 | # tags: compose 18 | - role: sanoid 19 | tasks: 20 | - hostname: 21 | name: jb-core 22 | 23 | - hosts: dev 24 | vars_files: 25 | - 'vars/vault.yaml' 26 | roles: 27 | - role: grog.package 28 | - role: geerlingguy.docker 29 | - role: geerlingguy.github-users 30 | - role: geerlingguy.security 31 | - role: geerlingguy.ntp 32 | - role: ironicbadger.figurine 33 | - role: ktz-boot-notification 34 | - role: ironicbadger.bash_aliases 35 | - role: ironicbadger.docker_compose_generator 36 | tags: compose 37 | # - role: dns 38 | # tags: compose 39 | - role: sanoid 40 | tasks: 41 | - hostname: 42 | name: jb-dev 43 | 44 | - hosts: status 45 | vars_files: 46 | - 'vars/vault.yaml' 47 | tasks: 48 | - hostname: 49 | name: jb-status 50 | roles: 51 | - role: grog.package 52 | - role: geerlingguy.docker 53 | - role: geerlingguy.github-users 54 | - role: geerlingguy.security 55 | - role: geerlingguy.ntp 56 | - role: ktz-boot-notification 57 | - role: ironicbadger.figurine 58 | - role: ironicbadger.bash_aliases 59 | - role: ironicbadger.docker_compose_generator 60 | tags: compose 61 | - role: sanoid 62 | - role: dns 63 | tags: dns 64 | -------------------------------------------------------------------------------- /ansible/vars/vault.yaml: -------------------------------------------------------------------------------- 1 | $ANSIBLE_VAULT;1.1;AES256 2 | 37316334353435613964643664343864663861313565336361396130666239663161396235336339 3 | 3630623130373932326632376164313136663932366130350a323033393035393732333135613436 4 | 61653165643065653037303565393239663937303066616461356135303436306563316334316262 5 | 3563383461623031350a663730333739383234616562636166333133333465656239386464383964 6 | 36356532356363313963346635313838326132386536353832393163336437353639646263393734 7 | 64646162333434303830623239373737393630323639343665383565363834346134353333653432 8 | 33323138626131326166336262343638316433363036363137653063363961383861666231353366 9 | 31373539633937316635646130313765306536653438326661653130636238616364643563323232 10 | 63613035646538353765633030383663613835623262663632353365373563666634613737633664 11 | 32626666383038316534303365393638313662313731343435633730643266643734663830656430 12 | 32316164383232363338666634633466323365383165306237656237396638336230326361393263 13 | 66366338373262383164306533343664653661373263323962323736333765623165333735353038 14 | 33646663636534386463616635333137626166653630353235303963663864366263393134663530 15 | 38623761643730383465326564663338323365653334636562383434616631633264383731326161 16 | 39346233383731363837653833353439376239336235653163323633393639636132343335336165 17 | 34653066663034663432396666653534636339616539373233313837666338363865393837663636 18 | 32316563356564363665653066633065373065393037353763616266313132306635616435393631 19 | 30316164396362343732613934323232396266663064303439326266383761613962643132386339 20 | 31376632633635353938633030643139336431306361303932306635373565666563333339356232 21 | 65666235633765313464333330383130326332666165623365363638353161643965363062373138 22 | 34303332646463363236313863333137316332303565316236336633323633663065333632396264 23 | 30613339353266366230373632333134346138393737613934396531366633666336646236373931 24 | 32313037626364343632643362373161303062616339353464316366316430303361383730616136 25 | 61383431303331643433303333643665663935613231666662383232313063343031633161633433 26 | 65656334376431653533376636333431663965383630633439313763613438346163343039653164 27 | 33333331333462353762353262303438303666623963346230646435623933313733333131643032 28 | 32356637623764643133346635353866653336353931323733376538303437383436636464663730 29 | 36376238643138663531646364653335353436386130623734643439643762633330313830663537 30 | 35653238333861623839346265663163633637353965633536306239643866393535316661306330 31 | 66326463613832363265333364636565366137616461623765313533376163633839386662343233 32 | 37353965343666656339363661613735333430666336336439306138353632636134663233383232 33 | 38633033346430366164643638663636643530643930643964303366663863383264316336643333 34 | 35336137323764363264363462616137373831653361306465623638396336653630313533613266 35 | 32613863623330313034376236336432666239393335323635363634373337383964663637663963 36 | 61646534356364623932393137353663663731666263353131636263663364353662313763316639 37 | 39306135633666393964353762623266383236643135383930653638663835313435313065346236 38 | 34306432353262306136396135343133633730623135383038616535666337353831643831363733 39 | 65353534353933666130306634653966303936623132623039333838373539663733663164356633 40 | 31333439653032323631666132303439653231356364623333653735393263353738313932376532 41 | 63343631303238393661313562616539333163383937353366663432313236626631353363363339 42 | 61363832613537333865633234666535313138336161333961316263353937366632316237393839 43 | 63306230373763353763383332643662353039363466616562326234343261393635323132363064 44 | 32326362636234356438623530616135383137643163666138366265356266383766323866303161 45 | 38393264353565396262396664323838646565393939323965386161336532336633623165366634 46 | 35383765346161313161613331363537393835643862303337636365336636386666396538303933 47 | 38373263323366393064613939346439336161313633333138646365666263353764663932653833 48 | 66323830373465633635656138343138393637343137663362393461663536666132356537376232 49 | 30353532623863653839633762356565313566343132373234303733313765306637353465623661 50 | 34663332396565313537323330653561343935623531306635343730373166306362646136316634 51 | 66323533396434643966636664643230316266376136346164386463393431626666346536323735 52 | 61326432663133303963373065363639356332306534303830383633333864383133343137653537 53 | 37663433613964373539343064396132316662653235303434303130376233643466643532323463 54 | 65393064386461636337306439666133343762656532326638303262643439663936396531383761 55 | 35613137626531663439376630633834303165303638323364313932313430336536633136643866 56 | 64313837626330306437356633383737316534623131656264376361633662393234306464313365 57 | 62653436613036613731363562386565363038383163636466383632336334373130613863666361 58 | 64323631393930323435643233633136303564363934316230643139356563336566393665623266 59 | 31356138326138616337313662393263383665633965666136333234393739376466626664373037 60 | 30663535623237623739323834363938326566333934336664333136336266646434396339623365 61 | 64653137396561343433353035346262343638666166353566346234393966653965323664333830 62 | 37393166346437666663616635633638363835393038366563613035353861396133656434666162 63 | 63356436373765313235643637323438393634623238663030626634303639363135333734333333 64 | 34613566626630393166343261326235393663323938363765613835313638393539666534626635 65 | 31393437373164663961353065373066366231643330383430306537393931656464623336376466 66 | 37383637643164363630633461353862363036613764636561366138646234346134656433636561 67 | 61623562383161366361353836376535623564383030663830613436613834363736353035316139 68 | 32643330666534303462303161383162666464663333353566646336396534666330323563326538 69 | 62356534383361396634306361616237613338396231613235626638643936343464646133616632 70 | 39303537363666333366623832613736303765336233643164623635663361336638313964636465 71 | 37656162346635616161333662653764323834663234653731303735663866626365313230646538 72 | 65343966373334346337303038663732663334363632303762313339346135643536643663333266 73 | 63643534356366376538393835306233653737313636653865383734313261393336343333656235 74 | 32653137356563333938633161663963663363393731633832613165386361656161393163623366 75 | 63656266333531323936646437666339393238633534636463643162326131363931613161313662 76 | 33643138396230393765656461643530363839656462383735656462396334303834323865643766 77 | 65363938316439623431306163616363316133626137303634323633363762636661313263333362 78 | 36653563386434393362353930356138623238333033393730393233306630663230353636643261 79 | 33323634326162383233636530633363356137386266393863386637636231623130326664333139 80 | 63386637366463386263653638353862363536393664613038663465313062623331386365663561 81 | 62316535613534323338306536653165396234393230383730393634373932363533363438373535 82 | 36303761326133373831663365663233393837396438346333396432346637383566653036396132 83 | 30653266333939313665363462663236343434626336346365623663396332333466653963343737 84 | 34323065633463353936646133376639393761323938343836303365343964303666313564613161 85 | 34316538316366653131336636313734646666356538356435616664623537323434363264366262 86 | 65323539663137376261386332303161626466636165626139356163373733663933396435623938 87 | 66633962313164616539626665633437396135393664663964383134396437316537653731333064 88 | 31393535336630396637613464366438303365636164386464643033313232373065643834303430 89 | 36656365323065643463353434383831386435323661396534343662306532653566343430613763 90 | 62643436623438393231643365366262393539633930353466346565303965386538306131363939 91 | 31623364323535333733313538393535363236396366343938616435623762373862383338313962 92 | 33303763363762323237666231356665633033626466616661396537366339336266656161366265 93 | 36323235393464633536323733656630366137383465636636346635323337656462303564666539 94 | 64353735393931303265633465326566633634313132383534623334343366363930363335366639 95 | 38663331613333613065393239313838363033653332643636666666303537626534353839323838 96 | 32336431313130333235396461306335376361373033633666373936343466666431636463316662 97 | 66323239316665656464376366386136356162653338356365616537656339326134616434616337 98 | 64326231343439613637636638623536636137343065396233333637643436363839303331396262 99 | 30323738396662323336343832313039623635373430376531653432636332666335346466623133 100 | 31623361333533343462663434323636646261363433386333666332373732326663386366626532 101 | 66306263623334393138323233393239343436313935613531316231373932633865303637316663 102 | 36386430333432316238663765663432373237396338653232333034363063373331363362383134 103 | 34363139306264613633633664656434623161323766343637656334346332383736303031373265 104 | 38663039353335653237623538623631613161643264613130383331396337326662396439396565 105 | 32306364333462353961646130336462326537323633306261656632613138303738616131373136 106 | 30343866663730386366663432376239383530303033353236343466623131643432613938343364 107 | 63353837386464633134336631643262343465656433363661396336626537316661653135633632 108 | 34343335356233666437363066663064386262366537323236316366356336336136373838306462 109 | 63623935366239303737393662656634663832663539343934343263393864343335356365653537 110 | 66356562343038336162393166303637306333336465623335393037353033653265626339376636 111 | 37303363653137333237633735613434636332663036643864613761616261323564353130363335 112 | 62323961626432653038333266313861313238303664303238663839363966363537626237616666 113 | 30653938386463333637663935346635363335633435323963313535636531383231353431383861 114 | 31373834393237613163356239623338323665656563366333333761313134363563386634613964 115 | 30343238313832646234353162346166356638323132306261336434626531306661656134656339 116 | 62353663343635626336343362636133343234343130386165333931643233396638663432363630 117 | 62313034623934393665326163663162613239653362326437653566663438363963653137336234 118 | 66373963616336643433303530336430666630363831633839306237616130343365633830396336 119 | 62663132313033316431303866313634396636656135353930663864336532633137346238646133 120 | 66316233646331656332656562333632346364386464616565363530613133343661313965323164 121 | 66623161336430333866633732613134343432353637326362623539656630636166656531313863 122 | 63636562303438646338663834326531646338303234623861356633343466363831626135653333 123 | 61383962373865656535613634666163323165653930666331356263346435396534666339643037 124 | 65366635656434383061383766376366643536656531646262653863396435663530313039303636 125 | 66616635323433393933343337653934613431383735376164613866316263626337633333343238 126 | 34323932653563653965336633623835333638376235643637393863323435386238336131666631 127 | 34333332633365366630656231643032326161373063323534333438343339353036356162666264 128 | 38336162326161633239656137313561356535353662663563313865333530623133353061633539 129 | 39666366363731353663396261356165613235336361346164313061373562303963393937346434 130 | 31353536653466336163313165386361316436373538393533386662653836346662363730393866 131 | 63643863303262626539636538613034333561383535396534643064393063333035306565666238 132 | 32346634623939623233373663636137666534636261353863343431356238303132663433386565 133 | 61393163306232326362366463656364323830323461366338353036613066626233323064346566 134 | 65363662623835323164383334663561366462363239663066323737346265366564366365373932 135 | 66383037363265656166333737643065656236313933636138626135373136303837376331666136 136 | 35363932393136323336333963353134373831366365323164303261653963643065613766353166 137 | 38383930386264633230366633383063383233613161316562316263383166326239653930616434 138 | 61346630346130333264633162393831376661336630343333666632656533323332393230623066 139 | 37386562623364653331663431363834626138376337316135333964363035376331363639616435 140 | 62336364343936653939636139396135326238663331613363333832623165623632666231313230 141 | 31623832343464353232316465626366313832383336373062353963326565663539306337393064 142 | 33336335313930393461336264383864366366313136336238643339663063346136363637633236 143 | 30393264653734336363393034613063303639643934653664333034623133373638326636626162 144 | 35303764363533653832323539336132643432616431313133353966643063643361386231386263 145 | 38336563623961326236326137623264333566623763646163663537623366336562613537613933 146 | 63633161636166616466646464356466303739613864366239333034316539303138663739396434 147 | 35353738303331653136343038633061313734383737396332313163353037303366663436653463 148 | 30626231353763623032656265366661353934646439313366306362366530393030386364373165 149 | 37366333313063373132356230353335323235323233396634616235646439383133313137373462 150 | 32313763343037363630656633626566653934356536613633326333313933616663346134306163 151 | 34373236613564623232623130636530383564333435666339306330363532386237333361633662 152 | 36626263356562346530623561636462616138383537366236353432613162333766643463336233 153 | 66376564623564333466363462323139396463363839383335613064626466613733396139643233 154 | 64356330316661363935613161373132333562363133303431303031643238373131326362396563 155 | 35326637663666646539613432396633643636623030303864346534633231373135666431666636 156 | 34633338326266383062336432326433323533323063376636303234346162613864633662353831 157 | 63373634623963326264363133306362316231396630363630383334396336303766303965623736 158 | 31663263373034363737343064353538303535326462353337336338396434396461363463623565 159 | 61306365313931366162393463656163353066643934363937643237363333663037653931313333 160 | 62393865393161623763396466616262376535396265376263616630303564306564363261336234 161 | 66623664303336313136353335666331643530613365396465616334306530383130363639363336 162 | 32336339303862383636353732366566376633613938373266376337323534633739 163 | -------------------------------------------------------------------------------- /git-init.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # sets up a pre-commit hook to ensure that vault.yaml is encrypted 3 | # 4 | # credit goes to nick busey from homelabos for this neat little trick 5 | # https://gitlab.com/NickBusey/HomelabOS/-/issues/355 6 | 7 | if [ -d .git/ ]; then 8 | rm .git/hooks/pre-commit 9 | cat <> .git/hooks/pre-commit 10 | if ( cat ansible/vars/vault.yaml | grep -q "\$ANSIBLE_VAULT;" ); then 11 | echo "Vault Encrypted. Safe to commit." 12 | else 13 | echo "Vault not encrypted! Run 'make encrypt' and try again." 14 | exit 1 15 | fi 16 | EOT 17 | 18 | fi 19 | 20 | chmod +x .git/hooks/pre-commit -------------------------------------------------------------------------------- /hardware/moose/HL15.md: -------------------------------------------------------------------------------- 1 | # Server info 2 | 3 | ## Software 4 | 5 | + OS - Proxmox 6 | + ZFS layout 7 | + `rpool` - root dataset 8 | + 2x 256gb nvme in a mirror 9 | + 256gb used for the OS _only_ 10 | + `nvmeu2` 11 | + 2x 2tb nvme in a mirror 12 | + used for vm storage 13 | + `data` - 4x 14tb drives 14 | + 2 mirrored vdevs 15 | + 28tb usable space 16 | + store data here yeah? 17 | 18 | ## Hardware 19 | + HL15 chassis 20 | + CPU - Xeon Silver 4214 12c/24t 21 | + Motherboard - Supermicro X11SPH-NCTF (with onboard dual SFP+) 22 | + Manual link - https://www.supermicro.com/manuals/motherboard/C620/MNL-1949.pdf 23 | + RAM - 64gb ECC 24 | + 2x 16gb SK Hynix PC4-3200AA-RE2-12 25 | + 2x 16gb PC4-3200AA-RE2-12 (original HL15 DIMMs) 26 | + Boot disks 27 | + 2x Samsung 256gb NVME drives 28 | + ZFS mirror with Promox installed on root 29 | + Disk 1 installed directly into motherboard m.2 slot 30 | + Disk 2 installed into PCIe slot 2 31 | + Slot 2 is an 8x physical but is a 4x wired slot 32 | + VM disks 33 | + 2x 2tb u.2 Intel DC4510 NVME SSDs 34 | + ZFS mirror 35 | + Installed via a bifurcated dual u.2 to PCIe caddy card 36 | + NVME card is in PCIe slot 3 (an 8x slot) 37 | + BIOS (del to enter) -> advanced -> chipset configuration -> north bridge -> iio configuration -> cpu configuration -> IOU1 (x4x4x8) 38 | + Data disks 39 | + 4x 14tb HDDs 40 | + Configured in mirrored pairs as a single vdev 41 | 42 | ## Proxmox commands 43 | 44 | In order to passthrough 2 of our disks, which have 4k native sectors, to Proxmox we have to get creative with passing qemu args directly to the VM. This is because passthrough isn't really real, it's emulated. The emulation will only handle 512byte sectors, but two of our 4 14tb data disks are 4Kn (4k native sectors). The answer used here was found [in this reddit thread](https://www.reddit.com/r/Proxmox/comments/s1oat1/passthrough_4knadvanced_format_disks_to_vm/?share_id=UMzEIhrOHmAiD_28AvevQ). 45 | 46 | To combat this we need to invoke `qm showcmd ` and add a hardcoded value of `logical_block_size=4096,physical_block_size=4096`. But first we need to add the disks to our VM so that we get a helping hand with the syntax kvm is expecting. 47 | 48 | ``` 49 | qm set 1001 -scsi5 /dev/disk/by-id/ata-WDC_WUH721414ALE6L4_9MG6ARZJ 50 | qm set 1001 -scsi6 /dev/disk/by-id/ata-WDC_WUH721414ALE6L4_XJG0HXDM 51 | qm set 1001 -scsi7 /dev/disk/by-id/ata-WDC_WUH721414ALN604_9MH2BWLU 52 | qm set 1001 -scsi8 /dev/disk/by-id/ata-WDC_WUH721414ALN604_X1G4EPXL 53 | ``` 54 | 55 | The VM config which lives at `/etc/pve/qemu-server/VMID.conf` will now contain 4 disks mapped to the SCSI controllers assigned above (these numbers must be unique). Now we can run: 56 | 57 | ``` 58 | $ qm showcmd 1001 59 | ``` 60 | 61 | This will spew out a really long and intimidating looking raw kvm command used by Proxmox to interface with the VM. We need to extra the disks from this output. It can be a bit hard to find what you need at first so copy and paste the output into a text editor and make your life easier. 62 | 63 | In the end the command we assemble for all 4 disks looks like this (note it is only required to do this on the 4k sector native disks but I wanted to pass the serial number for each disk through to the VM even on the 512byte disks - this is optional). 64 | 65 | ``` 66 | qm set 1001 -args \ 67 | " -device 'virtio-scsi-pci,id=virtioscsi5,bus=pci.3,addr=0x6' -drive 'file=/dev/disk/by-id/ata-WDC_WUH721414ALE6L4_9MG6ARZJ,if=none,id=drive-scsi5,format=raw,cache=none,aio=io_uring,detect-zeroes=on' -device 'scsi-hd,bus=virtioscsi5.0,channel=0,scsi-id=0,lun=5,drive=drive-scsi5,id=scsi5,serial=9MG6ARZJ' \ 68 | -device 'virtio-scsi-pci,id=virtioscsi6,bus=pci.3,addr=0x7' -drive 'file=/dev/disk/by-id/ata-WDC_WUH721414ALE6L4_XJG0HXDM,if=none,id=drive-scsi6,format=raw,cache=none,aio=io_uring,detect-zeroes=on' -device 'scsi-hd,bus=virtioscsi6.0,channel=0,scsi-id=0,lun=6,drive=drive-scsi6,id=scsi6,serial=XJG0HXDM' \ 69 | -device 'virtio-scsi-pci,id=virtioscsi7,bus=pci.3,addr=0x8' -drive 'file=/dev/disk/by-id/ata-WDC_WUH721414ALN604_9MH2BWLU,if=none,id=drive-scsi7,format=raw,cache=none,aio=io_uring,detect-zeroes=on' -device 'scsi-hd,bus=virtioscsi7.0,channel=0,scsi-id=0,lun=7,logical_block_size=4096,physical_block_size=4096,drive=drive-scsi7,id=scsi7,serial=9MH2BWLU' \ 70 | -device 'virtio-scsi-pci,id=virtioscsi8,bus=pci.3,addr=0x9' -drive 'file=/dev/disk/by-id/ata-WDC_WUH721414ALN604_X1G4EPXL,if=none,id=drive-scsi8,format=raw,cache=none,aio=io_uring,detect-zeroes=on' -device 'scsi-hd,bus=virtioscsi8.0,channel=0,scsi-id=0,lun=8,logical_block_size=4096,physical_block_size=4096,drive=drive-scsi8,id=scsi8,serial=X1G4EPXL' " 71 | ``` 72 | 73 | Now this is done edit the VM config file to remove the originally mapped (and now superflous) scsi device mappings or run: 74 | 75 | ``` 76 | qm unlink 1001 --idlist scsi5 77 | qm unlink 1001 --idlist scsi6 78 | qm unlink 1001 --idlist scsi7 79 | qm unlink 1001 --idlist scsi8 80 | ``` 81 | 82 | Then, if all went well run: 83 | 84 | ``` 85 | qm start 86 | ``` 87 | 88 | And your disks will show up with their native 4k sectors making ZFS and anything else fussy happy. Notice how each disk has a serial too and not just `sda` or whatever? Nice. 89 | 90 | ``` 91 | [root@moose-jbdata:~]# zpool status 92 | pool: jbdata 93 | state: ONLINE 94 | config: 95 | 96 | NAME STATE READ WRITE CKSUM 97 | jbdata ONLINE 0 0 0 98 | mirror-0 ONLINE 0 0 0 99 | scsi-0QEMU_QEMU_HARDDISK_9MG6ARZJ ONLINE 0 0 0 100 | scsi-0QEMU_QEMU_HARDDISK_9MH2BWLU ONLINE 0 0 0 101 | mirror-1 ONLINE 0 0 0 102 | scsi-0QEMU_QEMU_HARDDISK_XJG0HXDM ONLINE 0 0 0 103 | scsi-0QEMU_QEMU_HARDDISK_X1G4EPXL ONLINE 0 0 0 104 | 105 | errors: No known data errors 106 | ``` -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-08-burnins/WDC_9MG6ARZJ.log: -------------------------------------------------------------------------------- 1 | +----------------------------------------------------------------------------- 2 | + Started burn-in: Tue Aug 13 09:34:42 PM EDT 2024 3 | +----------------------------------------------------------------------------- 4 | Host: deepthought 5 | OS: Linux 6 | Drive: /dev/sdc 7 | Disk Type: 7200_rpm 8 | Drive Model: WDC_WUH721414ALE6L4 9 | Serial Number: 9MG6ARZJ 10 | Short test duration: 2 minutes 11 | 120 seconds 12 | Extended test duration: 1512 minutes 13 | 90720 seconds 14 | Log file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALE6L4_9MG6ARZJ.log 15 | Bad blocks file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALE6L4_9MG6ARZJ.bb 16 | +----------------------------------------------------------------------------- 17 | + Running SMART short test: Tue Aug 13 09:34:42 PM EDT 2024 18 | +----------------------------------------------------------------------------- 19 | SMART short test started, awaiting completion for 120 seconds ... 20 | SMART self-test succeeded 21 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 22 | 23 | SMART Self-test log structure revision number 1 24 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 25 | # 1 Short offline Completed without error 00% 2 - 26 | # 2 Short offline Completed without error 00% 0 - 27 | 28 | Finished SMART short test 29 | +----------------------------------------------------------------------------- 30 | + Running badblocks test: Tue Aug 13 09:36:42 PM EDT 2024 31 | +----------------------------------------------------------------------------- 32 | Finished badblocks test 33 | +----------------------------------------------------------------------------- 34 | + Running SMART long test: Tue Aug 20 01:53:45 AM EDT 2024 35 | +----------------------------------------------------------------------------- 36 | SMART long test started, awaiting completion for 90720 seconds ... 37 | SMART self-test succeeded 38 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 39 | 40 | SMART Self-test log structure revision number 1 41 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 42 | # 1 Extended offline Completed without error 00% 174 - 43 | # 2 Short offline Completed without error 00% 2 - 44 | # 3 Short offline Completed without error 00% 0 - 45 | 46 | Finished SMART long test 47 | +----------------------------------------------------------------------------- 48 | + Drive information: Wed Aug 21 03:05:45 AM EDT 2024 49 | +----------------------------------------------------------------------------- 50 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 51 | 52 | === START OF INFORMATION SECTION === 53 | Model Family: Western Digital Ultrastar DC HC530 54 | Device Model: WDC WUH721414ALE6L4 55 | Serial Number: 9MG6ARZJ 56 | LU WWN Device Id: 5 000cca 290c2e28c 57 | Firmware Version: LDGNW400 58 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 59 | Sector Sizes: 512 bytes logical, 4096 bytes physical 60 | Rotation Rate: 7200 rpm 61 | Form Factor: 3.5 inches 62 | Device is: In smartctl database 7.3/5319 63 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 64 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 65 | Local Time is: Wed Aug 21 03:05:45 2024 EDT 66 | SMART support is: Available - device has SMART capability. 67 | SMART support is: Enabled 68 | AAM feature is: Unavailable 69 | APM level is: 254 (maximum performance) 70 | Rd look-ahead is: Enabled 71 | Write cache is: Enabled 72 | DSN feature is: Unavailable 73 | ATA Security is: Disabled, NOT FROZEN [SEC1] 74 | Wt Cache Reorder: Enabled 75 | 76 | SMART overall-health self-assessment test result: PASSED 77 | 78 | General SMART Values: 79 | Offline data collection status: (0x84) Offline data collection activity 80 | was suspended by an interrupting command from host. 81 | Auto Offline Data Collection: Enabled. 82 | Self-test execution status: ( 0) The previous self-test routine completed 83 | without error or no self-test has ever 84 | been run. 85 | Total time to complete Offline 86 | data collection: ( 101) seconds. 87 | Offline data collection 88 | capabilities: (0x5b) SMART execute Offline immediate. 89 | Auto Offline data collection on/off support. 90 | Suspend Offline collection upon new 91 | command. 92 | Offline surface scan supported. 93 | Self-test supported. 94 | No Conveyance Self-test supported. 95 | Selective Self-test supported. 96 | SMART capabilities: (0x0003) Saves SMART data before entering 97 | power-saving mode. 98 | Supports SMART auto save timer. 99 | Error logging capability: (0x01) Error logging supported. 100 | General Purpose Logging supported. 101 | Short self-test routine 102 | recommended polling time: ( 2) minutes. 103 | Extended self-test routine 104 | recommended polling time: (1512) minutes. 105 | SCT capabilities: (0x003d) SCT Status supported. 106 | SCT Error Recovery Control supported. 107 | SCT Feature Control supported. 108 | SCT Data Table supported. 109 | 110 | ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE 111 | 1 Raw_Read_Error_Rate PO-R-- 100 100 001 - 0 112 | 2 Throughput_Performance P-S--- 100 100 054 - 0 113 | 3 Spin_Up_Time POS--- 097 097 001 - 154 114 | 4 Start_Stop_Count -O--C- 100 100 000 - 2 115 | 5 Reallocated_Sector_Ct PO--CK 100 100 001 - 0 116 | 7 Seek_Error_Rate PO-R-- 100 100 001 - 0x000000000000 117 | 8 Seek_Time_Performance P-S--- 100 100 020 - 0 118 | 9 Power_On_Hours -O--C- 100 100 000 - 175 119 | 10 Spin_Retry_Count PO--C- 100 100 001 - 0 120 | 12 Power_Cycle_Count -O--CK 100 100 000 - 2 121 | 22 Helium_Level PO---K 100 100 025 - 100 122 | 192 Power-Off_Retract_Count -O--CK 100 100 000 - 5 123 | 193 Load_Cycle_Count -O--C- 100 100 000 - 5 124 | 194 Temperature_Celsius -O---- 063 063 000 - 32 (Min/Max 24/48) 125 | 196 Reallocated_Event_Count -O--CK 100 100 000 - 0 126 | 197 Current_Pending_Sector -O---K 100 100 000 - 0 127 | 198 Offline_Uncorrectable ---R-- 100 100 000 - 0 128 | 199 UDMA_CRC_Error_Count -O-R-- 100 100 000 - 0 129 | ||||||_ K auto-keep 130 | |||||__ C event count 131 | ||||___ R error rate 132 | |||____ S speed/performance 133 | ||_____ O updated online 134 | |______ P prefailure warning 135 | 136 | General Purpose Log Directory Version 1 137 | SMART Log Directory Version 1 [multi-sector log support] 138 | Address Access R/W Size Description 139 | 0x00 GPL,SL R/O 1 Log Directory 140 | 0x01 SL R/O 1 Summary SMART error log 141 | 0x02 SL R/O 1 Comprehensive SMART error log 142 | 0x03 GPL R/O 1 Ext. Comprehensive SMART error log 143 | 0x04 GPL R/O 256 Device Statistics log 144 | 0x04 SL R/O 255 Device Statistics log 145 | 0x06 SL R/O 1 SMART self-test log 146 | 0x07 GPL R/O 1 Extended self-test log 147 | 0x08 GPL R/O 2 Power Conditions log 148 | 0x09 SL R/W 1 Selective self-test log 149 | 0x0c GPL R/O 5501 Pending Defects log 150 | 0x10 GPL R/O 1 NCQ Command Error log 151 | 0x11 GPL R/O 1 SATA Phy Event Counters log 152 | 0x12 GPL R/O 1 SATA NCQ Non-Data log 153 | 0x13 GPL R/O 1 SATA NCQ Send and Receive log 154 | 0x15 GPL R/W 1 Rebuild Assist log 155 | 0x21 GPL R/O 1 Write stream error log 156 | 0x22 GPL R/O 1 Read stream error log 157 | 0x24 GPL R/O 256 Current Device Internal Status Data log 158 | 0x25 GPL R/O 256 Saved Device Internal Status Data log 159 | 0x2f GPL - 1 Set Sector Configuration 160 | 0x30 GPL,SL R/O 9 IDENTIFY DEVICE data log 161 | 0x80-0x9f GPL,SL R/W 16 Host vendor specific log 162 | 0xe0 GPL,SL R/W 1 SCT Command/Status 163 | 0xe1 GPL,SL R/W 1 SCT Data Transfer 164 | 165 | SMART Extended Comprehensive Error Log Version: 1 (1 sectors) 166 | No Errors Logged 167 | 168 | SMART Extended Self-test Log Version: 1 (1 sectors) 169 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 170 | # 1 Extended offline Completed without error 00% 174 - 171 | # 2 Short offline Completed without error 00% 2 - 172 | # 3 Short offline Completed without error 00% 0 - 173 | 174 | SMART Selective self-test log data structure revision number 1 175 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 176 | 1 0 0 Not_testing 177 | 2 0 0 Not_testing 178 | 3 0 0 Not_testing 179 | 4 0 0 Not_testing 180 | 5 0 0 Not_testing 181 | Selective self-test flags (0x0): 182 | After scanning selected spans, do NOT read-scan remainder of disk. 183 | If Selective self-test is pending on power-up, resume after 0 minute delay. 184 | 185 | SCT Status Version: 3 186 | SCT Version (vendor specific): 256 (0x0100) 187 | Device State: SMART Off-line Data Collection executing in background (4) 188 | Current Temperature: 32 Celsius 189 | Power Cycle Min/Max Temperature: 24/35 Celsius 190 | Lifetime Min/Max Temperature: 24/48 Celsius 191 | Under/Over Temperature Limit Count: 0/0 192 | SMART Status: 0xc24f (PASSED) 193 | Minimum supported ERC Time Limit: 65 (6.5 seconds) 194 | 195 | SCT Temperature History Version: 2 196 | Temperature Sampling Period: 1 minute 197 | Temperature Logging Interval: 1 minute 198 | Min/Max recommended Temperature: 0/60 Celsius 199 | Min/Max Temperature Limit: -40/70 Celsius 200 | Temperature History Size (Index): 128 (124) 201 | 202 | Index Estimated Time Temperature Celsius 203 | 125 2024-08-21 00:58 33 ************** 204 | ... ..( 49 skipped). .. ************** 205 | 47 2024-08-21 01:48 33 ************** 206 | 48 2024-08-21 01:49 32 ************* 207 | ... ..( 5 skipped). .. ************* 208 | 54 2024-08-21 01:55 32 ************* 209 | 55 2024-08-21 01:56 33 ************** 210 | 56 2024-08-21 01:57 32 ************* 211 | ... ..( 66 skipped). .. ************* 212 | 123 2024-08-21 03:04 32 ************* 213 | 124 2024-08-21 03:05 33 ************** 214 | 215 | SCT Error Recovery Control: 216 | Read: Disabled 217 | Write: Disabled 218 | 219 | Device Statistics (GP Log 0x04) 220 | Page Offset Size Value Flags Description 221 | 0x01 ===== = = === == General Statistics (rev 1) == 222 | 0x01 0x008 4 2 --- Lifetime Power-On Resets 223 | 0x01 0x010 4 175 --- Power-on Hours 224 | 0x01 0x018 6 109425414313 --- Logical Sectors Written 225 | 0x01 0x020 6 106891615 --- Number of Write Commands 226 | 0x01 0x028 6 109530363968 --- Logical Sectors Read 227 | 0x01 0x030 6 107315475 --- Number of Read Commands 228 | 0x01 0x038 6 632414150 --- Date and Time TimeStamp 229 | 0x03 ===== = = === == Rotating Media Statistics (rev 1) == 230 | 0x03 0x008 4 175 --- Spindle Motor Power-on Hours 231 | 0x03 0x010 4 175 --- Head Flying Hours 232 | 0x03 0x018 4 5 --- Head Load Events 233 | 0x03 0x020 4 0 --- Number of Reallocated Logical Sectors 234 | 0x03 0x028 4 0 --- Read Recovery Attempts 235 | 0x03 0x030 4 1 --- Number of Mechanical Start Failures 236 | 0x04 ===== = = === == General Errors Statistics (rev 1) == 237 | 0x04 0x008 4 0 --- Number of Reported Uncorrectable Errors 238 | 0x04 0x010 4 0 --- Resets Between Cmd Acceptance and Completion 239 | 0x04 0x018 4 0 --- Physical Element Status Changed 240 | 0x05 ===== = = === == Temperature Statistics (rev 1) == 241 | 0x05 0x008 1 32 --- Current Temperature 242 | 0x05 0x010 1 33 N-- Average Short Term Temperature 243 | 0x05 0x018 1 - N-- Average Long Term Temperature 244 | 0x05 0x020 1 48 --- Highest Temperature 245 | 0x05 0x028 1 24 --- Lowest Temperature 246 | 0x05 0x030 1 43 N-- Highest Average Short Term Temperature 247 | 0x05 0x038 1 25 N-- Lowest Average Short Term Temperature 248 | 0x05 0x040 1 - N-- Highest Average Long Term Temperature 249 | 0x05 0x048 1 - N-- Lowest Average Long Term Temperature 250 | 0x05 0x050 4 0 --- Time in Over-Temperature 251 | 0x05 0x058 1 60 --- Specified Maximum Operating Temperature 252 | 0x05 0x060 4 0 --- Time in Under-Temperature 253 | 0x05 0x068 1 0 --- Specified Minimum Operating Temperature 254 | 0x06 ===== = = === == Transport Statistics (rev 1) == 255 | 0x06 0x008 4 4 --- Number of Hardware Resets 256 | 0x06 0x010 4 0 --- Number of ASR Events 257 | 0x06 0x018 4 0 --- Number of Interface CRC Errors 258 | 0xff ===== = = === == Vendor Specific Statistics (rev 1) == 259 | |||_ C monitored condition met 260 | ||__ D supports DSN 261 | |___ N normalized value 262 | 263 | Pending Defects log (GP Log 0x0c) 264 | No Defects Logged 265 | 266 | SATA Phy Event Counters (GP Log 0x11) 267 | ID Size Value Description 268 | 0x0001 2 0 Command failed due to ICRC error 269 | 0x0002 2 0 R_ERR response for data FIS 270 | 0x0003 2 0 R_ERR response for device-to-host data FIS 271 | 0x0004 2 0 R_ERR response for host-to-device data FIS 272 | 0x0005 2 0 R_ERR response for non-data FIS 273 | 0x0006 2 0 R_ERR response for device-to-host non-data FIS 274 | 0x0007 2 0 R_ERR response for host-to-device non-data FIS 275 | 0x0008 2 0 Device-to-host non-data FIS retries 276 | 0x0009 2 65535+ Transition from drive PhyRdy to drive PhyNRdy 277 | 0x000a 2 3 Device-to-host register FISes sent due to a COMRESET 278 | 0x000b 2 0 CRC errors within host-to-device FIS 279 | 0x000d 2 0 Non-CRC errors within host-to-device FIS 280 | 281 | +----------------------------------------------------------------------------- 282 | + Finished burn-in: Wed Aug 21 03:05:45 AM EDT 2024 283 | +----------------------------------------------------------------------------- -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-08-burnins/WDC_9MH2BWLU.log: -------------------------------------------------------------------------------- 1 | +----------------------------------------------------------------------------- 2 | + Started burn-in: Tue Aug 13 09:34:54 PM EDT 2024 3 | +----------------------------------------------------------------------------- 4 | Host: deepthought 5 | OS: Linux 6 | Drive: /dev/sdd 7 | Disk Type: 7200_rpm 8 | Drive Model: WDC_WUH721414ALN604 9 | Serial Number: 9MH2BWLU 10 | Short test duration: 2 minutes 11 | 120 seconds 12 | Extended test duration: 1562 minutes 13 | 93720 seconds 14 | Log file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALN604_9MH2BWLU.log 15 | Bad blocks file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALN604_9MH2BWLU.bb 16 | +----------------------------------------------------------------------------- 17 | + Running SMART short test: Tue Aug 13 09:34:54 PM EDT 2024 18 | +----------------------------------------------------------------------------- 19 | SMART short test started, awaiting completion for 120 seconds ... 20 | SMART self-test succeeded 21 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 22 | 23 | SMART Self-test log structure revision number 1 24 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 25 | # 1 Short offline Completed without error 00% 0 - 26 | 27 | Finished SMART short test 28 | +----------------------------------------------------------------------------- 29 | + Running badblocks test: Tue Aug 13 09:36:54 PM EDT 2024 30 | +----------------------------------------------------------------------------- 31 | Finished badblocks test 32 | +----------------------------------------------------------------------------- 33 | + Running SMART long test: Tue Aug 20 04:42:52 AM EDT 2024 34 | +----------------------------------------------------------------------------- 35 | SMART long test started, awaiting completion for 93720 seconds ... 36 | SMART self-test succeeded 37 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 38 | 39 | SMART Self-test log structure revision number 1 40 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 41 | # 1 Extended offline Completed without error 00% 176 - 42 | # 2 Short offline Completed without error 00% 0 - 43 | 44 | Finished SMART long test 45 | +----------------------------------------------------------------------------- 46 | + Drive information: Wed Aug 21 06:44:53 AM EDT 2024 47 | +----------------------------------------------------------------------------- 48 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 49 | 50 | === START OF INFORMATION SECTION === 51 | Device Model: WDC WUH721414ALN604 52 | Serial Number: 9MH2BWLU 53 | LU WWN Device Id: 5 000cca 290cf2ce1 54 | Firmware Version: LDGNW400 55 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 56 | Sector Size: 4096 bytes logical/physical 57 | Rotation Rate: 7200 rpm 58 | Form Factor: 3.5 inches 59 | Device is: Not in smartctl database 7.3/5319 60 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 61 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 62 | Local Time is: Wed Aug 21 06:44:53 2024 EDT 63 | SMART support is: Available - device has SMART capability. 64 | SMART support is: Enabled 65 | AAM feature is: Unavailable 66 | APM level is: 254 (maximum performance) 67 | Rd look-ahead is: Enabled 68 | Write cache is: Enabled 69 | DSN feature is: Unavailable 70 | ATA Security is: Disabled, NOT FROZEN [SEC1] 71 | Wt Cache Reorder: Enabled 72 | 73 | SMART overall-health self-assessment test result: PASSED 74 | 75 | General SMART Values: 76 | Offline data collection status: (0x84) Offline data collection activity 77 | was suspended by an interrupting command from host. 78 | Auto Offline Data Collection: Enabled. 79 | Self-test execution status: ( 0) The previous self-test routine completed 80 | without error or no self-test has ever 81 | been run. 82 | Total time to complete Offline 83 | data collection: ( 101) seconds. 84 | Offline data collection 85 | capabilities: (0x5b) SMART execute Offline immediate. 86 | Auto Offline data collection on/off support. 87 | Suspend Offline collection upon new 88 | command. 89 | Offline surface scan supported. 90 | Self-test supported. 91 | No Conveyance Self-test supported. 92 | Selective Self-test supported. 93 | SMART capabilities: (0x0003) Saves SMART data before entering 94 | power-saving mode. 95 | Supports SMART auto save timer. 96 | Error logging capability: (0x01) Error logging supported. 97 | General Purpose Logging supported. 98 | Short self-test routine 99 | recommended polling time: ( 2) minutes. 100 | Extended self-test routine 101 | recommended polling time: (1562) minutes. 102 | SCT capabilities: (0x003d) SCT Status supported. 103 | SCT Error Recovery Control supported. 104 | SCT Feature Control supported. 105 | SCT Data Table supported. 106 | 107 | ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE 108 | 1 Raw_Read_Error_Rate PO-R-- 100 100 001 - 0 109 | 2 Throughput_Performance P-S--- 100 100 054 - 0 110 | 3 Spin_Up_Time POS--- 099 099 001 - 76 111 | 4 Start_Stop_Count -O--C- 100 100 000 - 1 112 | 5 Reallocated_Sector_Ct PO--CK 100 100 001 - 0 113 | 7 Seek_Error_Rate PO-R-- 100 100 001 - 0x000000000000 114 | 8 Seek_Time_Performance P-S--- 100 100 020 - 0 115 | 9 Power_On_Hours -O--C- 100 100 000 - 177 116 | 10 Spin_Retry_Count PO--C- 100 100 001 - 0 117 | 12 Power_Cycle_Count -O--CK 100 100 000 - 1 118 | 22 Unknown_Attribute PO---K 100 100 025 - 100 119 | 192 Power-Off_Retract_Count -O--CK 100 100 000 - 4 120 | 193 Load_Cycle_Count -O--C- 100 100 000 - 4 121 | 194 Temperature_Celsius -O---- 063 063 000 - 32 (Min/Max 25/36) 122 | 196 Reallocated_Event_Count -O--CK 100 100 000 - 0 123 | 197 Current_Pending_Sector -O---K 100 100 000 - 0 124 | 198 Offline_Uncorrectable ---R-- 100 100 000 - 0 125 | 199 UDMA_CRC_Error_Count -O-R-- 100 100 000 - 0 126 | ||||||_ K auto-keep 127 | |||||__ C event count 128 | ||||___ R error rate 129 | |||____ S speed/performance 130 | ||_____ O updated online 131 | |______ P prefailure warning 132 | 133 | General Purpose Log Directory Version 1 134 | SMART Log Directory Version 1 [multi-sector log support] 135 | Address Access R/W Size Description 136 | 0x00 GPL,SL R/O 1 Log Directory 137 | 0x01 SL R/O 1 Summary SMART error log 138 | 0x02 SL R/O 1 Comprehensive SMART error log 139 | 0x03 GPL R/O 1 Ext. Comprehensive SMART error log 140 | 0x04 GPL R/O 256 Device Statistics log 141 | 0x04 SL R/O 255 Device Statistics log 142 | 0x06 SL R/O 1 SMART self-test log 143 | 0x07 GPL R/O 1 Extended self-test log 144 | 0x08 GPL R/O 2 Power Conditions log 145 | 0x09 SL R/W 1 Selective self-test log 146 | 0x0c GPL R/O 688 Pending Defects log 147 | 0x10 GPL R/O 1 NCQ Command Error log 148 | 0x11 GPL R/O 1 SATA Phy Event Counters log 149 | 0x12 GPL R/O 1 SATA NCQ Non-Data log 150 | 0x13 GPL R/O 1 SATA NCQ Send and Receive log 151 | 0x15 GPL R/W 1 Rebuild Assist log 152 | 0x21 GPL R/O 1 Write stream error log 153 | 0x22 GPL R/O 1 Read stream error log 154 | 0x24 GPL R/O 256 Current Device Internal Status Data log 155 | 0x25 GPL R/O 256 Saved Device Internal Status Data log 156 | 0x2f GPL - 1 Set Sector Configuration 157 | 0x30 GPL,SL R/O 9 IDENTIFY DEVICE data log 158 | 0x80-0x9f GPL,SL R/W 16 Host vendor specific log 159 | 0xe0 GPL,SL R/W 1 SCT Command/Status 160 | 0xe1 GPL,SL R/W 1 SCT Data Transfer 161 | 162 | SMART Extended Comprehensive Error Log Version: 1 (1 sectors) 163 | No Errors Logged 164 | 165 | SMART Extended Self-test Log Version: 1 (1 sectors) 166 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 167 | # 1 Extended offline Completed without error 00% 176 - 168 | # 2 Short offline Completed without error 00% 0 - 169 | 170 | SMART Selective self-test log data structure revision number 1 171 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 172 | 1 0 0 Not_testing 173 | 2 0 0 Not_testing 174 | 3 0 0 Not_testing 175 | 4 0 0 Not_testing 176 | 5 0 0 Not_testing 177 | Selective self-test flags (0x0): 178 | After scanning selected spans, do NOT read-scan remainder of disk. 179 | If Selective self-test is pending on power-up, resume after 0 minute delay. 180 | 181 | SCT Status Version: 3 182 | SCT Version (vendor specific): 256 (0x0100) 183 | Device State: SMART Off-line Data Collection executing in background (4) 184 | Current Temperature: 32 Celsius 185 | Power Cycle Min/Max Temperature: 30/36 Celsius 186 | Lifetime Min/Max Temperature: 25/36 Celsius 187 | Under/Over Temperature Limit Count: 0/0 188 | SMART Status: 0xc24f (PASSED) 189 | Minimum supported ERC Time Limit: 65 (6.5 seconds) 190 | 191 | SCT Temperature History Version: 2 192 | Temperature Sampling Period: 1 minute 193 | Temperature Logging Interval: 1 minute 194 | Min/Max recommended Temperature: 0/60 Celsius 195 | Min/Max Temperature Limit: -40/70 Celsius 196 | Temperature History Size (Index): 128 (125) 197 | 198 | Index Estimated Time Temperature Celsius 199 | 126 2024-08-21 04:37 33 ************** 200 | ... ..( 27 skipped). .. ************** 201 | 26 2024-08-21 05:05 33 ************** 202 | 27 2024-08-21 05:06 32 ************* 203 | ... ..( 91 skipped). .. ************* 204 | 119 2024-08-21 06:38 32 ************* 205 | 120 2024-08-21 06:39 31 ************ 206 | 121 2024-08-21 06:40 31 ************ 207 | 122 2024-08-21 06:41 32 ************* 208 | 123 2024-08-21 06:42 32 ************* 209 | 124 2024-08-21 06:43 32 ************* 210 | 125 2024-08-21 06:44 33 ************** 211 | 212 | SCT Error Recovery Control: 213 | Read: Disabled 214 | Write: Disabled 215 | 216 | Device Statistics (GP Log 0x04) 217 | Page Offset Size Value Flags Description 218 | 0x01 ===== = = === == General Statistics (rev 1) == 219 | 0x01 0x008 4 1 --- Lifetime Power-On Resets 220 | 0x01 0x010 4 177 --- Power-on Hours 221 | 0x01 0x018 6 13672382464 --- Logical Sectors Written 222 | 0x01 0x020 6 106815488 --- Number of Write Commands 223 | 0x01 0x028 6 13685707522 --- Logical Sectors Read 224 | 0x01 0x030 6 107232104 --- Number of Read Commands 225 | 0x01 0x038 6 639103300 --- Date and Time TimeStamp 226 | 0x03 ===== = = === == Rotating Media Statistics (rev 1) == 227 | 0x03 0x008 4 177 --- Spindle Motor Power-on Hours 228 | 0x03 0x010 4 177 --- Head Flying Hours 229 | 0x03 0x018 4 4 --- Head Load Events 230 | 0x03 0x020 4 0 --- Number of Reallocated Logical Sectors 231 | 0x03 0x028 4 0 --- Read Recovery Attempts 232 | 0x03 0x030 4 1 --- Number of Mechanical Start Failures 233 | 0x04 ===== = = === == General Errors Statistics (rev 1) == 234 | 0x04 0x008 4 0 --- Number of Reported Uncorrectable Errors 235 | 0x04 0x010 4 0 --- Resets Between Cmd Acceptance and Completion 236 | 0x04 0x018 4 0 --- Physical Element Status Changed 237 | 0x05 ===== = = === == Temperature Statistics (rev 1) == 238 | 0x05 0x008 1 32 --- Current Temperature 239 | 0x05 0x010 1 33 N-- Average Short Term Temperature 240 | 0x05 0x018 1 - N-- Average Long Term Temperature 241 | 0x05 0x020 1 36 --- Highest Temperature 242 | 0x05 0x028 1 25 --- Lowest Temperature 243 | 0x05 0x030 1 35 N-- Highest Average Short Term Temperature 244 | 0x05 0x038 1 25 N-- Lowest Average Short Term Temperature 245 | 0x05 0x040 1 - N-- Highest Average Long Term Temperature 246 | 0x05 0x048 1 - N-- Lowest Average Long Term Temperature 247 | 0x05 0x050 4 0 --- Time in Over-Temperature 248 | 0x05 0x058 1 60 --- Specified Maximum Operating Temperature 249 | 0x05 0x060 4 0 --- Time in Under-Temperature 250 | 0x05 0x068 1 0 --- Specified Minimum Operating Temperature 251 | 0x06 ===== = = === == Transport Statistics (rev 1) == 252 | 0x06 0x008 4 2 --- Number of Hardware Resets 253 | 0x06 0x010 4 0 --- Number of ASR Events 254 | 0x06 0x018 4 0 --- Number of Interface CRC Errors 255 | 0xff ===== = = === == Vendor Specific Statistics (rev 1) == 256 | |||_ C monitored condition met 257 | ||__ D supports DSN 258 | |___ N normalized value 259 | 260 | Pending Defects log (GP Log 0x0c) 261 | No Defects Logged 262 | 263 | SATA Phy Event Counters (GP Log 0x11) 264 | ID Size Value Description 265 | 0x0001 2 0 Command failed due to ICRC error 266 | 0x0002 2 0 R_ERR response for data FIS 267 | 0x0003 2 0 R_ERR response for device-to-host data FIS 268 | 0x0004 2 0 R_ERR response for host-to-device data FIS 269 | 0x0005 2 0 R_ERR response for non-data FIS 270 | 0x0006 2 0 R_ERR response for device-to-host non-data FIS 271 | 0x0007 2 0 R_ERR response for host-to-device non-data FIS 272 | 0x0008 2 0 Device-to-host non-data FIS retries 273 | 0x0009 2 65535+ Transition from drive PhyRdy to drive PhyNRdy 274 | 0x000a 2 2 Device-to-host register FISes sent due to a COMRESET 275 | 0x000b 2 0 CRC errors within host-to-device FIS 276 | 0x000d 2 0 Non-CRC errors within host-to-device FIS 277 | 278 | +----------------------------------------------------------------------------- 279 | + Finished burn-in: Wed Aug 21 06:44:53 AM EDT 2024 280 | +----------------------------------------------------------------------------- -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-08-burnins/WDC_X1G4EPXL.log: -------------------------------------------------------------------------------- 1 | +----------------------------------------------------------------------------- 2 | + Started burn-in: Tue Aug 13 09:35:17 PM EDT 2024 3 | +----------------------------------------------------------------------------- 4 | Host: deepthought 5 | OS: Linux 6 | Drive: /dev/sde 7 | Disk Type: 7200_rpm 8 | Drive Model: WDC_WUH721414ALN604 9 | Serial Number: X1G4EPXL 10 | Short test duration: 2 minutes 11 | 120 seconds 12 | Extended test duration: 1410 minutes 13 | 84600 seconds 14 | Log file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALN604_X1G4EPXL.log 15 | Bad blocks file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALN604_X1G4EPXL.bb 16 | +----------------------------------------------------------------------------- 17 | + Running SMART short test: Tue Aug 13 09:35:17 PM EDT 2024 18 | +----------------------------------------------------------------------------- 19 | SMART short test started, awaiting completion for 120 seconds ... 20 | SMART self-test succeeded 21 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 22 | 23 | SMART Self-test log structure revision number 1 24 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 25 | # 1 Short offline Completed without error 00% 0 - 26 | 27 | Finished SMART short test 28 | +----------------------------------------------------------------------------- 29 | + Running badblocks test: Tue Aug 13 09:37:17 PM EDT 2024 30 | +----------------------------------------------------------------------------- 31 | Finished badblocks test 32 | +----------------------------------------------------------------------------- 33 | + Running SMART long test: Tue Aug 20 06:25:22 AM EDT 2024 34 | +----------------------------------------------------------------------------- 35 | SMART long test started, awaiting completion for 84600 seconds ... 36 | SMART self-test succeeded 37 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 38 | 39 | SMART Self-test log structure revision number 1 40 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 41 | # 1 Extended offline Completed without error 00% 177 - 42 | # 2 Short offline Completed without error 00% 0 - 43 | 44 | Finished SMART long test 45 | +----------------------------------------------------------------------------- 46 | + Drive information: Wed Aug 21 06:54:22 AM EDT 2024 47 | +----------------------------------------------------------------------------- 48 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 49 | 50 | === START OF INFORMATION SECTION === 51 | Device Model: WDC WUH721414ALN604 52 | Serial Number: X1G4EPXL 53 | LU WWN Device Id: 5 000cca 298c204f0 54 | Firmware Version: LDGNW400 55 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 56 | Sector Size: 4096 bytes logical/physical 57 | Rotation Rate: 7200 rpm 58 | Form Factor: 3.5 inches 59 | Device is: Not in smartctl database 7.3/5319 60 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 61 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 62 | Local Time is: Wed Aug 21 06:54:22 2024 EDT 63 | SMART support is: Available - device has SMART capability. 64 | SMART support is: Enabled 65 | AAM feature is: Unavailable 66 | APM level is: 254 (maximum performance) 67 | Rd look-ahead is: Enabled 68 | Write cache is: Enabled 69 | DSN feature is: Unavailable 70 | ATA Security is: Disabled, NOT FROZEN [SEC1] 71 | Wt Cache Reorder: Enabled 72 | 73 | SMART overall-health self-assessment test result: PASSED 74 | 75 | General SMART Values: 76 | Offline data collection status: (0x84) Offline data collection activity 77 | was suspended by an interrupting command from host. 78 | Auto Offline Data Collection: Enabled. 79 | Self-test execution status: ( 0) The previous self-test routine completed 80 | without error or no self-test has ever 81 | been run. 82 | Total time to complete Offline 83 | data collection: ( 101) seconds. 84 | Offline data collection 85 | capabilities: (0x5b) SMART execute Offline immediate. 86 | Auto Offline data collection on/off support. 87 | Suspend Offline collection upon new 88 | command. 89 | Offline surface scan supported. 90 | Self-test supported. 91 | No Conveyance Self-test supported. 92 | Selective Self-test supported. 93 | SMART capabilities: (0x0003) Saves SMART data before entering 94 | power-saving mode. 95 | Supports SMART auto save timer. 96 | Error logging capability: (0x01) Error logging supported. 97 | General Purpose Logging supported. 98 | Short self-test routine 99 | recommended polling time: ( 2) minutes. 100 | Extended self-test routine 101 | recommended polling time: (1410) minutes. 102 | SCT capabilities: (0x003d) SCT Status supported. 103 | SCT Error Recovery Control supported. 104 | SCT Feature Control supported. 105 | SCT Data Table supported. 106 | 107 | ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE 108 | 1 Raw_Read_Error_Rate PO-R-- 100 100 001 - 0 109 | 2 Throughput_Performance P-S--- 100 100 054 - 0 110 | 3 Spin_Up_Time POS--- 099 099 001 - 77 111 | 4 Start_Stop_Count -O--C- 100 100 000 - 1 112 | 5 Reallocated_Sector_Ct PO--CK 100 100 001 - 0 113 | 7 Seek_Error_Rate PO-R-- 100 100 001 - 0x000000000000 114 | 8 Seek_Time_Performance P-S--- 100 100 020 - 0 115 | 9 Power_On_Hours -O--C- 100 100 000 - 177 116 | 10 Spin_Retry_Count PO--C- 100 100 001 - 0 117 | 12 Power_Cycle_Count -O--CK 100 100 000 - 1 118 | 22 Unknown_Attribute PO---K 100 100 025 - 100 119 | 192 Power-Off_Retract_Count -O--CK 100 100 000 - 5 120 | 193 Load_Cycle_Count -O--C- 100 100 000 - 5 121 | 194 Temperature_Celsius -O---- 062 062 000 - 33 (Min/Max 25/37) 122 | 196 Reallocated_Event_Count -O--CK 100 100 000 - 0 123 | 197 Current_Pending_Sector -O---K 100 100 000 - 0 124 | 198 Offline_Uncorrectable ---R-- 100 100 000 - 0 125 | 199 UDMA_CRC_Error_Count -O-R-- 100 100 000 - 0 126 | ||||||_ K auto-keep 127 | |||||__ C event count 128 | ||||___ R error rate 129 | |||____ S speed/performance 130 | ||_____ O updated online 131 | |______ P prefailure warning 132 | 133 | General Purpose Log Directory Version 1 134 | SMART Log Directory Version 1 [multi-sector log support] 135 | Address Access R/W Size Description 136 | 0x00 GPL,SL R/O 1 Log Directory 137 | 0x01 SL R/O 1 Summary SMART error log 138 | 0x02 SL R/O 1 Comprehensive SMART error log 139 | 0x03 GPL R/O 1 Ext. Comprehensive SMART error log 140 | 0x04 GPL R/O 256 Device Statistics log 141 | 0x04 SL R/O 255 Device Statistics log 142 | 0x06 SL R/O 1 SMART self-test log 143 | 0x07 GPL R/O 1 Extended self-test log 144 | 0x08 GPL R/O 2 Power Conditions log 145 | 0x09 SL R/W 1 Selective self-test log 146 | 0x0c GPL R/O 688 Pending Defects log 147 | 0x10 GPL R/O 1 NCQ Command Error log 148 | 0x11 GPL R/O 1 SATA Phy Event Counters log 149 | 0x12 GPL R/O 1 SATA NCQ Non-Data log 150 | 0x13 GPL R/O 1 SATA NCQ Send and Receive log 151 | 0x15 GPL R/W 1 Rebuild Assist log 152 | 0x21 GPL R/O 1 Write stream error log 153 | 0x22 GPL R/O 1 Read stream error log 154 | 0x24 GPL R/O 256 Current Device Internal Status Data log 155 | 0x25 GPL R/O 256 Saved Device Internal Status Data log 156 | 0x2f GPL - 1 Set Sector Configuration 157 | 0x30 GPL,SL R/O 9 IDENTIFY DEVICE data log 158 | 0x80-0x9f GPL,SL R/W 16 Host vendor specific log 159 | 0xe0 GPL,SL R/W 1 SCT Command/Status 160 | 0xe1 GPL,SL R/W 1 SCT Data Transfer 161 | 162 | SMART Extended Comprehensive Error Log Version: 1 (1 sectors) 163 | No Errors Logged 164 | 165 | SMART Extended Self-test Log Version: 1 (1 sectors) 166 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 167 | # 1 Extended offline Completed without error 00% 177 - 168 | # 2 Short offline Completed without error 00% 0 - 169 | 170 | SMART Selective self-test log data structure revision number 1 171 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 172 | 1 0 0 Not_testing 173 | 2 0 0 Not_testing 174 | 3 0 0 Not_testing 175 | 4 0 0 Not_testing 176 | 5 0 0 Not_testing 177 | Selective self-test flags (0x0): 178 | After scanning selected spans, do NOT read-scan remainder of disk. 179 | If Selective self-test is pending on power-up, resume after 0 minute delay. 180 | 181 | SCT Status Version: 3 182 | SCT Version (vendor specific): 256 (0x0100) 183 | Device State: SMART Off-line Data Collection executing in background (4) 184 | Current Temperature: 33 Celsius 185 | Power Cycle Min/Max Temperature: 25/37 Celsius 186 | Lifetime Min/Max Temperature: 25/37 Celsius 187 | Under/Over Temperature Limit Count: 0/0 188 | SMART Status: 0xc24f (PASSED) 189 | Minimum supported ERC Time Limit: 65 (6.5 seconds) 190 | 191 | SCT Temperature History Version: 2 192 | Temperature Sampling Period: 1 minute 193 | Temperature Logging Interval: 1 minute 194 | Min/Max recommended Temperature: 0/60 Celsius 195 | Min/Max Temperature Limit: -40/70 Celsius 196 | Temperature History Size (Index): 128 (19) 197 | 198 | Index Estimated Time Temperature Celsius 199 | 20 2024-08-21 04:47 33 ************** 200 | ... ..( 2 skipped). .. ************** 201 | 23 2024-08-21 04:50 33 ************** 202 | 24 2024-08-21 04:51 34 *************** 203 | ... ..( 3 skipped). .. *************** 204 | 28 2024-08-21 04:55 34 *************** 205 | 29 2024-08-21 04:56 33 ************** 206 | 30 2024-08-21 04:57 33 ************** 207 | 31 2024-08-21 04:58 33 ************** 208 | 32 2024-08-21 04:59 34 *************** 209 | ... ..( 2 skipped). .. *************** 210 | 35 2024-08-21 05:02 34 *************** 211 | 36 2024-08-21 05:03 33 ************** 212 | ... ..( 4 skipped). .. ************** 213 | 41 2024-08-21 05:08 33 ************** 214 | 42 2024-08-21 05:09 34 *************** 215 | 43 2024-08-21 05:10 34 *************** 216 | 44 2024-08-21 05:11 33 ************** 217 | ... ..( 14 skipped). .. ************** 218 | 59 2024-08-21 05:26 33 ************** 219 | 60 2024-08-21 05:27 34 *************** 220 | 61 2024-08-21 05:28 34 *************** 221 | 62 2024-08-21 05:29 33 ************** 222 | ... ..( 84 skipped). .. ************** 223 | 19 2024-08-21 06:54 33 ************** 224 | 225 | SCT Error Recovery Control: 226 | Read: Disabled 227 | Write: Disabled 228 | 229 | Device Statistics (GP Log 0x04) 230 | Page Offset Size Value Flags Description 231 | 0x01 ===== = = === == General Statistics (rev 1) == 232 | 0x01 0x008 4 1 --- Lifetime Power-On Resets 233 | 0x01 0x010 4 177 --- Power-on Hours 234 | 0x01 0x018 6 13672382464 --- Logical Sectors Written 235 | 0x01 0x020 6 106815488 --- Number of Write Commands 236 | 0x01 0x028 6 13685743051 --- Logical Sectors Read 237 | 0x01 0x030 6 107233188 --- Number of Read Commands 238 | 0x01 0x038 6 639627600 --- Date and Time TimeStamp 239 | 0x03 ===== = = === == Rotating Media Statistics (rev 1) == 240 | 0x03 0x008 4 177 --- Spindle Motor Power-on Hours 241 | 0x03 0x010 4 177 --- Head Flying Hours 242 | 0x03 0x018 4 5 --- Head Load Events 243 | 0x03 0x020 4 0 --- Number of Reallocated Logical Sectors 244 | 0x03 0x028 4 0 --- Read Recovery Attempts 245 | 0x03 0x030 4 1 --- Number of Mechanical Start Failures 246 | 0x04 ===== = = === == General Errors Statistics (rev 1) == 247 | 0x04 0x008 4 0 --- Number of Reported Uncorrectable Errors 248 | 0x04 0x010 4 0 --- Resets Between Cmd Acceptance and Completion 249 | 0x04 0x018 4 0 --- Physical Element Status Changed 250 | 0x05 ===== = = === == Temperature Statistics (rev 1) == 251 | 0x05 0x008 1 33 --- Current Temperature 252 | 0x05 0x010 1 33 N-- Average Short Term Temperature 253 | 0x05 0x018 1 - N-- Average Long Term Temperature 254 | 0x05 0x020 1 37 --- Highest Temperature 255 | 0x05 0x028 1 25 --- Lowest Temperature 256 | 0x05 0x030 1 36 N-- Highest Average Short Term Temperature 257 | 0x05 0x038 1 25 N-- Lowest Average Short Term Temperature 258 | 0x05 0x040 1 - N-- Highest Average Long Term Temperature 259 | 0x05 0x048 1 - N-- Lowest Average Long Term Temperature 260 | 0x05 0x050 4 0 --- Time in Over-Temperature 261 | 0x05 0x058 1 60 --- Specified Maximum Operating Temperature 262 | 0x05 0x060 4 0 --- Time in Under-Temperature 263 | 0x05 0x068 1 0 --- Specified Minimum Operating Temperature 264 | 0x06 ===== = = === == Transport Statistics (rev 1) == 265 | 0x06 0x008 4 3 --- Number of Hardware Resets 266 | 0x06 0x010 4 0 --- Number of ASR Events 267 | 0x06 0x018 4 0 --- Number of Interface CRC Errors 268 | 0xff ===== = = === == Vendor Specific Statistics (rev 1) == 269 | |||_ C monitored condition met 270 | ||__ D supports DSN 271 | |___ N normalized value 272 | 273 | Pending Defects log (GP Log 0x0c) 274 | No Defects Logged 275 | 276 | SATA Phy Event Counters (GP Log 0x11) 277 | ID Size Value Description 278 | 0x0001 2 0 Command failed due to ICRC error 279 | 0x0002 2 0 R_ERR response for data FIS 280 | 0x0003 2 0 R_ERR response for device-to-host data FIS 281 | 0x0004 2 0 R_ERR response for host-to-device data FIS 282 | 0x0005 2 0 R_ERR response for non-data FIS 283 | 0x0006 2 0 R_ERR response for device-to-host non-data FIS 284 | 0x0007 2 0 R_ERR response for host-to-device non-data FIS 285 | 0x0008 2 0 Device-to-host non-data FIS retries 286 | 0x0009 2 65535+ Transition from drive PhyRdy to drive PhyNRdy 287 | 0x000a 2 2 Device-to-host register FISes sent due to a COMRESET 288 | 0x000b 2 0 CRC errors within host-to-device FIS 289 | 0x000d 2 0 Non-CRC errors within host-to-device FIS 290 | 291 | +----------------------------------------------------------------------------- 292 | + Finished burn-in: Wed Aug 21 06:54:23 AM EDT 2024 293 | +----------------------------------------------------------------------------- -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-08-burnins/WDC_XJG0HXDM.log: -------------------------------------------------------------------------------- 1 | +----------------------------------------------------------------------------- 2 | + Started burn-in: Tue Aug 13 09:36:19 PM EDT 2024 3 | +----------------------------------------------------------------------------- 4 | Host: deepthought 5 | OS: Linux 6 | Drive: /dev/sdg 7 | Disk Type: 7200_rpm 8 | Drive Model: WDC_WUH721414ALE6L4 9 | Serial Number: XJG0HXDM 10 | Short test duration: 2 minutes 11 | 120 seconds 12 | Extended test duration: 1342 minutes 13 | 80520 seconds 14 | Log file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALE6L4_XJG0HXDM.log 15 | Bad blocks file: /root/disk-burnin-and-testing/burnin-WDC_WUH721414ALE6L4_XJG0HXDM.bb 16 | +----------------------------------------------------------------------------- 17 | + Running SMART short test: Tue Aug 13 09:36:19 PM EDT 2024 18 | +----------------------------------------------------------------------------- 19 | SMART short test started, awaiting completion for 120 seconds ... 20 | SMART self-test succeeded 21 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 22 | 23 | SMART Self-test log structure revision number 1 24 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 25 | # 1 Short offline Completed without error 00% 2 - 26 | # 2 Short offline Completed without error 00% 0 - 27 | 28 | Finished SMART short test 29 | +----------------------------------------------------------------------------- 30 | + Running badblocks test: Tue Aug 13 09:38:19 PM EDT 2024 31 | +----------------------------------------------------------------------------- 32 | Finished badblocks test 33 | +----------------------------------------------------------------------------- 34 | + Running SMART long test: Tue Aug 20 01:59:26 AM EDT 2024 35 | +----------------------------------------------------------------------------- 36 | SMART long test started, awaiting completion for 80520 seconds ... 37 | SMART self-test succeeded 38 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 39 | 40 | SMART Self-test log structure revision number 1 41 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 42 | # 1 Extended offline Completed without error 00% 174 - 43 | # 2 Short offline Completed without error 00% 2 - 44 | # 3 Short offline Completed without error 00% 0 - 45 | 46 | Finished SMART long test 47 | +----------------------------------------------------------------------------- 48 | + Drive information: Wed Aug 21 01:53:48 AM EDT 2024 49 | +----------------------------------------------------------------------------- 50 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-1-pve] (local build) 51 | 52 | === START OF INFORMATION SECTION === 53 | Model Family: Western Digital Ultrastar DC HC530 54 | Device Model: WDC WUH721414ALE6L4 55 | Serial Number: XJG0HXDM 56 | LU WWN Device Id: 5 000cca 29ac03bbf 57 | Firmware Version: LDGNW400 58 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 59 | Sector Sizes: 512 bytes logical, 4096 bytes physical 60 | Rotation Rate: 7200 rpm 61 | Form Factor: 3.5 inches 62 | Device is: In smartctl database 7.3/5319 63 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 64 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 65 | Local Time is: Wed Aug 21 01:53:48 2024 EDT 66 | SMART support is: Available - device has SMART capability. 67 | SMART support is: Enabled 68 | AAM feature is: Unavailable 69 | APM level is: 254 (maximum performance) 70 | Rd look-ahead is: Enabled 71 | Write cache is: Enabled 72 | DSN feature is: Unavailable 73 | ATA Security is: Disabled, NOT FROZEN [SEC1] 74 | Wt Cache Reorder: Enabled 75 | 76 | SMART overall-health self-assessment test result: PASSED 77 | 78 | General SMART Values: 79 | Offline data collection status: (0x84) Offline data collection activity 80 | was suspended by an interrupting command from host. 81 | Auto Offline Data Collection: Enabled. 82 | Self-test execution status: ( 0) The previous self-test routine completed 83 | without error or no self-test has ever 84 | been run. 85 | Total time to complete Offline 86 | data collection: ( 101) seconds. 87 | Offline data collection 88 | capabilities: (0x5b) SMART execute Offline immediate. 89 | Auto Offline data collection on/off support. 90 | Suspend Offline collection upon new 91 | command. 92 | Offline surface scan supported. 93 | Self-test supported. 94 | No Conveyance Self-test supported. 95 | Selective Self-test supported. 96 | SMART capabilities: (0x0003) Saves SMART data before entering 97 | power-saving mode. 98 | Supports SMART auto save timer. 99 | Error logging capability: (0x01) Error logging supported. 100 | General Purpose Logging supported. 101 | Short self-test routine 102 | recommended polling time: ( 2) minutes. 103 | Extended self-test routine 104 | recommended polling time: (1342) minutes. 105 | SCT capabilities: (0x003d) SCT Status supported. 106 | SCT Error Recovery Control supported. 107 | SCT Feature Control supported. 108 | SCT Data Table supported. 109 | 110 | ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE 111 | 1 Raw_Read_Error_Rate PO-R-- 100 100 001 - 0 112 | 2 Throughput_Performance P-S--- 100 100 054 - 0 113 | 3 Spin_Up_Time POS--- 097 097 001 - 154 114 | 4 Start_Stop_Count -O--C- 100 100 000 - 2 115 | 5 Reallocated_Sector_Ct PO--CK 100 100 001 - 0 116 | 7 Seek_Error_Rate PO-R-- 100 100 001 - 0x000000000000 117 | 8 Seek_Time_Performance P-S--- 100 100 020 - 0 118 | 9 Power_On_Hours -O--C- 100 100 000 - 174 119 | 10 Spin_Retry_Count PO--C- 100 100 001 - 0 120 | 12 Power_Cycle_Count -O--CK 100 100 000 - 2 121 | 22 Helium_Level PO---K 100 100 025 - 100 122 | 192 Power-Off_Retract_Count -O--CK 100 100 000 - 4 123 | 193 Load_Cycle_Count -O--C- 100 100 000 - 4 124 | 194 Temperature_Celsius -O---- 060 060 000 - 34 (Min/Max 25/49) 125 | 196 Reallocated_Event_Count -O--CK 100 100 000 - 0 126 | 197 Current_Pending_Sector -O---K 100 100 000 - 0 127 | 198 Offline_Uncorrectable ---R-- 100 100 000 - 0 128 | 199 UDMA_CRC_Error_Count -O-R-- 100 100 000 - 0 129 | ||||||_ K auto-keep 130 | |||||__ C event count 131 | ||||___ R error rate 132 | |||____ S speed/performance 133 | ||_____ O updated online 134 | |______ P prefailure warning 135 | 136 | General Purpose Log Directory Version 1 137 | SMART Log Directory Version 1 [multi-sector log support] 138 | Address Access R/W Size Description 139 | 0x00 GPL,SL R/O 1 Log Directory 140 | 0x01 SL R/O 1 Summary SMART error log 141 | 0x02 SL R/O 1 Comprehensive SMART error log 142 | 0x03 GPL R/O 1 Ext. Comprehensive SMART error log 143 | 0x04 GPL R/O 256 Device Statistics log 144 | 0x04 SL R/O 255 Device Statistics log 145 | 0x06 SL R/O 1 SMART self-test log 146 | 0x07 GPL R/O 1 Extended self-test log 147 | 0x08 GPL R/O 2 Power Conditions log 148 | 0x09 SL R/W 1 Selective self-test log 149 | 0x0c GPL R/O 5501 Pending Defects log 150 | 0x10 GPL R/O 1 NCQ Command Error log 151 | 0x11 GPL R/O 1 SATA Phy Event Counters log 152 | 0x12 GPL R/O 1 SATA NCQ Non-Data log 153 | 0x13 GPL R/O 1 SATA NCQ Send and Receive log 154 | 0x15 GPL R/W 1 Rebuild Assist log 155 | 0x21 GPL R/O 1 Write stream error log 156 | 0x22 GPL R/O 1 Read stream error log 157 | 0x24 GPL R/O 256 Current Device Internal Status Data log 158 | 0x25 GPL R/O 256 Saved Device Internal Status Data log 159 | 0x2f GPL - 1 Set Sector Configuration 160 | 0x30 GPL,SL R/O 9 IDENTIFY DEVICE data log 161 | 0x80-0x9f GPL,SL R/W 16 Host vendor specific log 162 | 0xe0 GPL,SL R/W 1 SCT Command/Status 163 | 0xe1 GPL,SL R/W 1 SCT Data Transfer 164 | 165 | SMART Extended Comprehensive Error Log Version: 1 (1 sectors) 166 | No Errors Logged 167 | 168 | SMART Extended Self-test Log Version: 1 (1 sectors) 169 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 170 | # 1 Extended offline Completed without error 00% 174 - 171 | # 2 Short offline Completed without error 00% 2 - 172 | # 3 Short offline Completed without error 00% 0 - 173 | 174 | SMART Selective self-test log data structure revision number 1 175 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 176 | 1 0 0 Not_testing 177 | 2 0 0 Not_testing 178 | 3 0 0 Not_testing 179 | 4 0 0 Not_testing 180 | 5 0 0 Not_testing 181 | Selective self-test flags (0x0): 182 | After scanning selected spans, do NOT read-scan remainder of disk. 183 | If Selective self-test is pending on power-up, resume after 0 minute delay. 184 | 185 | SCT Status Version: 3 186 | SCT Version (vendor specific): 256 (0x0100) 187 | Device State: SMART Off-line Data Collection executing in background (4) 188 | Current Temperature: 34 Celsius 189 | Power Cycle Min/Max Temperature: 30/37 Celsius 190 | Lifetime Min/Max Temperature: 25/49 Celsius 191 | Under/Over Temperature Limit Count: 0/0 192 | SMART Status: 0xc24f (PASSED) 193 | Minimum supported ERC Time Limit: 65 (6.5 seconds) 194 | 195 | SCT Temperature History Version: 2 196 | Temperature Sampling Period: 1 minute 197 | Temperature Logging Interval: 1 minute 198 | Min/Max recommended Temperature: 0/60 Celsius 199 | Min/Max Temperature Limit: -40/70 Celsius 200 | Temperature History Size (Index): 128 (47) 201 | 202 | Index Estimated Time Temperature Celsius 203 | 48 2024-08-20 23:46 34 *************** 204 | ... ..( 2 skipped). .. *************** 205 | 51 2024-08-20 23:49 34 *************** 206 | 52 2024-08-20 23:50 35 **************** 207 | ... ..( 7 skipped). .. **************** 208 | 60 2024-08-20 23:58 35 **************** 209 | 61 2024-08-20 23:59 34 *************** 210 | 62 2024-08-21 00:00 35 **************** 211 | ... ..( 5 skipped). .. **************** 212 | 68 2024-08-21 00:06 35 **************** 213 | 69 2024-08-21 00:07 34 *************** 214 | ... ..( 2 skipped). .. *************** 215 | 72 2024-08-21 00:10 34 *************** 216 | 73 2024-08-21 00:11 35 **************** 217 | ... ..( 2 skipped). .. **************** 218 | 76 2024-08-21 00:14 35 **************** 219 | 77 2024-08-21 00:15 34 *************** 220 | ... ..( 2 skipped). .. *************** 221 | 80 2024-08-21 00:18 34 *************** 222 | 81 2024-08-21 00:19 35 **************** 223 | ... ..( 3 skipped). .. **************** 224 | 85 2024-08-21 00:23 35 **************** 225 | 86 2024-08-21 00:24 34 *************** 226 | ... ..( 3 skipped). .. *************** 227 | 90 2024-08-21 00:28 34 *************** 228 | 91 2024-08-21 00:29 35 **************** 229 | ... ..( 3 skipped). .. **************** 230 | 95 2024-08-21 00:33 35 **************** 231 | 96 2024-08-21 00:34 34 *************** 232 | 97 2024-08-21 00:35 34 *************** 233 | 98 2024-08-21 00:36 34 *************** 234 | 99 2024-08-21 00:37 35 **************** 235 | ... ..( 6 skipped). .. **************** 236 | 106 2024-08-21 00:44 35 **************** 237 | 107 2024-08-21 00:45 34 *************** 238 | 108 2024-08-21 00:46 34 *************** 239 | 109 2024-08-21 00:47 34 *************** 240 | 110 2024-08-21 00:48 35 **************** 241 | ... ..( 5 skipped). .. **************** 242 | 116 2024-08-21 00:54 35 **************** 243 | 117 2024-08-21 00:55 34 *************** 244 | ... ..( 2 skipped). .. *************** 245 | 120 2024-08-21 00:58 34 *************** 246 | 121 2024-08-21 00:59 35 **************** 247 | ... ..( 4 skipped). .. **************** 248 | 126 2024-08-21 01:04 35 **************** 249 | 127 2024-08-21 01:05 34 *************** 250 | ... ..( 2 skipped). .. *************** 251 | 2 2024-08-21 01:08 34 *************** 252 | 3 2024-08-21 01:09 35 **************** 253 | ... ..( 3 skipped). .. **************** 254 | 7 2024-08-21 01:13 35 **************** 255 | 8 2024-08-21 01:14 34 *************** 256 | ... ..( 3 skipped). .. *************** 257 | 12 2024-08-21 01:18 34 *************** 258 | 13 2024-08-21 01:19 35 **************** 259 | ... ..( 4 skipped). .. **************** 260 | 18 2024-08-21 01:24 35 **************** 261 | 19 2024-08-21 01:25 34 *************** 262 | ... ..( 2 skipped). .. *************** 263 | 22 2024-08-21 01:28 34 *************** 264 | 23 2024-08-21 01:29 35 **************** 265 | 24 2024-08-21 01:30 35 **************** 266 | 25 2024-08-21 01:31 35 **************** 267 | 26 2024-08-21 01:32 34 *************** 268 | ... ..( 4 skipped). .. *************** 269 | 31 2024-08-21 01:37 34 *************** 270 | 32 2024-08-21 01:38 35 **************** 271 | 33 2024-08-21 01:39 35 **************** 272 | 34 2024-08-21 01:40 35 **************** 273 | 35 2024-08-21 01:41 34 *************** 274 | ... ..( 4 skipped). .. *************** 275 | 40 2024-08-21 01:46 34 *************** 276 | 41 2024-08-21 01:47 35 **************** 277 | 42 2024-08-21 01:48 35 **************** 278 | 43 2024-08-21 01:49 35 **************** 279 | 44 2024-08-21 01:50 34 *************** 280 | 45 2024-08-21 01:51 34 *************** 281 | 46 2024-08-21 01:52 34 *************** 282 | 47 2024-08-21 01:53 35 **************** 283 | 284 | SCT Error Recovery Control: 285 | Read: Disabled 286 | Write: Disabled 287 | 288 | Device Statistics (GP Log 0x04) 289 | Page Offset Size Value Flags Description 290 | 0x01 ===== = = === == General Statistics (rev 1) == 291 | 0x01 0x008 4 2 --- Lifetime Power-On Resets 292 | 0x01 0x010 4 174 --- Power-on Hours 293 | 0x01 0x018 6 109424583683 --- Logical Sectors Written 294 | 0x01 0x020 6 106890638 --- Number of Write Commands 295 | 0x01 0x028 6 109528731248 --- Logical Sectors Read 296 | 0x01 0x030 6 107310719 --- Number of Read Commands 297 | 0x01 0x038 6 628170550 --- Date and Time TimeStamp 298 | 0x03 ===== = = === == Rotating Media Statistics (rev 1) == 299 | 0x03 0x008 4 173 --- Spindle Motor Power-on Hours 300 | 0x03 0x010 4 173 --- Head Flying Hours 301 | 0x03 0x018 4 4 --- Head Load Events 302 | 0x03 0x020 4 0 --- Number of Reallocated Logical Sectors 303 | 0x03 0x028 4 2 --- Read Recovery Attempts 304 | 0x03 0x030 4 1 --- Number of Mechanical Start Failures 305 | 0x04 ===== = = === == General Errors Statistics (rev 1) == 306 | 0x04 0x008 4 0 --- Number of Reported Uncorrectable Errors 307 | 0x04 0x010 4 0 --- Resets Between Cmd Acceptance and Completion 308 | 0x04 0x018 4 0 --- Physical Element Status Changed 309 | 0x05 ===== = = === == Temperature Statistics (rev 1) == 310 | 0x05 0x008 1 34 --- Current Temperature 311 | 0x05 0x010 1 34 N-- Average Short Term Temperature 312 | 0x05 0x018 1 - N-- Average Long Term Temperature 313 | 0x05 0x020 1 49 --- Highest Temperature 314 | 0x05 0x028 1 25 --- Lowest Temperature 315 | 0x05 0x030 1 43 N-- Highest Average Short Term Temperature 316 | 0x05 0x038 1 25 N-- Lowest Average Short Term Temperature 317 | 0x05 0x040 1 - N-- Highest Average Long Term Temperature 318 | 0x05 0x048 1 - N-- Lowest Average Long Term Temperature 319 | 0x05 0x050 4 0 --- Time in Over-Temperature 320 | 0x05 0x058 1 60 --- Specified Maximum Operating Temperature 321 | 0x05 0x060 4 0 --- Time in Under-Temperature 322 | 0x05 0x068 1 0 --- Specified Minimum Operating Temperature 323 | 0x06 ===== = = === == Transport Statistics (rev 1) == 324 | 0x06 0x008 4 3 --- Number of Hardware Resets 325 | 0x06 0x010 4 0 --- Number of ASR Events 326 | 0x06 0x018 4 0 --- Number of Interface CRC Errors 327 | 0xff ===== = = === == Vendor Specific Statistics (rev 1) == 328 | |||_ C monitored condition met 329 | ||__ D supports DSN 330 | |___ N normalized value 331 | 332 | Pending Defects log (GP Log 0x0c) 333 | No Defects Logged 334 | 335 | SATA Phy Event Counters (GP Log 0x11) 336 | ID Size Value Description 337 | 0x0001 2 0 Command failed due to ICRC error 338 | 0x0002 2 0 R_ERR response for data FIS 339 | 0x0003 2 0 R_ERR response for device-to-host data FIS 340 | 0x0004 2 0 R_ERR response for host-to-device data FIS 341 | 0x0005 2 0 R_ERR response for non-data FIS 342 | 0x0006 2 0 R_ERR response for device-to-host non-data FIS 343 | 0x0007 2 0 R_ERR response for host-to-device non-data FIS 344 | 0x0008 2 0 Device-to-host non-data FIS retries 345 | 0x0009 2 65535+ Transition from drive PhyRdy to drive PhyNRdy 346 | 0x000a 2 2 Device-to-host register FISes sent due to a COMRESET 347 | 0x000b 2 0 CRC errors within host-to-device FIS 348 | 0x000d 2 0 Non-CRC errors within host-to-device FIS 349 | 350 | +----------------------------------------------------------------------------- 351 | + Finished burn-in: Wed Aug 21 01:53:48 AM EDT 2024 352 | +----------------------------------------------------------------------------- -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-11-pool-degraded/ARZJ.txt: -------------------------------------------------------------------------------- 1 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-4-pve] (local build) 2 | Copyright (C) 2002-22, Bruce Allen, Christian Franke, www.smartmontools.org 3 | 4 | === START OF INFORMATION SECTION === 5 | Model Family: Western Digital Ultrastar DC HC530 6 | Device Model: WDC WUH721414ALE6L4 7 | Serial Number: 9MG6ARZJ 8 | LU WWN Device Id: 5 000cca 290c2e28c 9 | Firmware Version: LDGNW400 10 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 11 | Sector Sizes: 512 bytes logical, 4096 bytes physical 12 | Rotation Rate: 7200 rpm 13 | Form Factor: 3.5 inches 14 | Device is: In smartctl database 7.3/5319 15 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 16 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 17 | Local Time is: Thu Dec 5 10:14:44 2024 EST 18 | SMART support is: Available - device has SMART capability. 19 | SMART support is: Enabled 20 | 21 | === START OF READ SMART DATA SECTION === 22 | SMART overall-health self-assessment test result: PASSED 23 | 24 | General SMART Values: 25 | Offline data collection status: (0x82) Offline data collection activity 26 | was completed without error. 27 | Auto Offline Data Collection: Enabled. 28 | Self-test execution status: ( 0) The previous self-test routine completed 29 | without error or no self-test has ever 30 | been run. 31 | Total time to complete Offline 32 | data collection: ( 101) seconds. 33 | Offline data collection 34 | capabilities: (0x5b) SMART execute Offline immediate. 35 | Auto Offline data collection on/off support. 36 | Suspend Offline collection upon new 37 | command. 38 | Offline surface scan supported. 39 | Self-test supported. 40 | No Conveyance Self-test supported. 41 | Selective Self-test supported. 42 | SMART capabilities: (0x0003) Saves SMART data before entering 43 | power-saving mode. 44 | Supports SMART auto save timer. 45 | Error logging capability: (0x01) Error logging supported. 46 | General Purpose Logging supported. 47 | Short self-test routine 48 | recommended polling time: ( 2) minutes. 49 | Extended self-test routine 50 | recommended polling time: (1512) minutes. 51 | SCT capabilities: (0x003d) SCT Status supported. 52 | SCT Error Recovery Control supported. 53 | SCT Feature Control supported. 54 | SCT Data Table supported. 55 | 56 | SMART Attributes Data Structure revision number: 16 57 | Vendor Specific SMART Attributes with Thresholds: 58 | ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE 59 | 1 Raw_Read_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 60 | 2 Throughput_Performance 0x0005 136 136 054 Pre-fail Offline - 96 61 | 3 Spin_Up_Time 0x0007 089 089 001 Pre-fail Always - 77 (Average 386) 62 | 4 Start_Stop_Count 0x0012 100 100 000 Old_age Always - 6 63 | 5 Reallocated_Sector_Ct 0x0033 100 100 001 Pre-fail Always - 0 64 | 7 Seek_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 65 | 8 Seek_Time_Performance 0x0005 128 128 020 Pre-fail Offline - 18 66 | 9 Power_On_Hours 0x0012 100 100 000 Old_age Always - 2645 67 | 10 Spin_Retry_Count 0x0013 100 100 001 Pre-fail Always - 0 68 | 12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 6 69 | 22 Helium_Level 0x0023 100 100 025 Pre-fail Always - 100 70 | 192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 110 71 | 193 Load_Cycle_Count 0x0012 100 100 000 Old_age Always - 110 72 | 194 Temperature_Celsius 0x0002 100 100 000 Old_age Always - 23 (Min/Max 19/48) 73 | 196 Reallocated_Event_Count 0x0032 100 100 000 Old_age Always - 0 74 | 197 Current_Pending_Sector 0x0022 100 100 000 Old_age Always - 0 75 | 198 Offline_Uncorrectable 0x0008 100 100 000 Old_age Offline - 0 76 | 199 UDMA_CRC_Error_Count 0x000a 100 100 000 Old_age Always - 0 77 | 78 | SMART Error Log Version: 1 79 | No Errors Logged 80 | 81 | SMART Self-test log structure revision number 1 82 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 83 | # 1 Extended offline Completed without error 00% 2629 - 84 | # 2 Extended offline Completed without error 00% 310 - 85 | # 3 Extended offline Completed without error 00% 174 - 86 | # 4 Short offline Completed without error 00% 2 - 87 | # 5 Short offline Completed without error 00% 0 - 88 | 89 | SMART Selective self-test log data structure revision number 1 90 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 91 | 1 0 0 Not_testing 92 | 2 0 0 Not_testing 93 | 3 0 0 Not_testing 94 | 4 0 0 Not_testing 95 | 5 0 0 Not_testing 96 | Selective self-test flags (0x0): 97 | After scanning selected spans, do NOT read-scan remainder of disk. 98 | If Selective self-test is pending on power-up, resume after 0 minute delay. -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-11-pool-degraded/BWLU.txt: -------------------------------------------------------------------------------- 1 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-4-pve] (local build) 2 | Copyright (C) 2002-22, Bruce Allen, Christian Franke, www.smartmontools.org 3 | 4 | === START OF INFORMATION SECTION === 5 | Device Model: WDC WUH721414ALN604 6 | Serial Number: 9MH2BWLU 7 | LU WWN Device Id: 5 000cca 290cf2ce1 8 | Firmware Version: LDGNW400 9 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 10 | Sector Size: 4096 bytes logical/physical 11 | Rotation Rate: 7200 rpm 12 | Form Factor: 3.5 inches 13 | Device is: Not in smartctl database 7.3/5319 14 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 15 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 16 | Local Time is: Thu Dec 5 10:14:01 2024 EST 17 | SMART support is: Available - device has SMART capability. 18 | SMART support is: Enabled 19 | 20 | === START OF READ SMART DATA SECTION === 21 | SMART overall-health self-assessment test result: PASSED 22 | 23 | General SMART Values: 24 | Offline data collection status: (0x82) Offline data collection activity 25 | was completed without error. 26 | Auto Offline Data Collection: Enabled. 27 | Self-test execution status: ( 0) The previous self-test routine completed 28 | without error or no self-test has ever 29 | been run. 30 | Total time to complete Offline 31 | data collection: ( 101) seconds. 32 | Offline data collection 33 | capabilities: (0x5b) SMART execute Offline immediate. 34 | Auto Offline data collection on/off support. 35 | Suspend Offline collection upon new 36 | command. 37 | Offline surface scan supported. 38 | Self-test supported. 39 | No Conveyance Self-test supported. 40 | Selective Self-test supported. 41 | SMART capabilities: (0x0003) Saves SMART data before entering 42 | power-saving mode. 43 | Supports SMART auto save timer. 44 | Error logging capability: (0x01) Error logging supported. 45 | General Purpose Logging supported. 46 | Short self-test routine 47 | recommended polling time: ( 2) minutes. 48 | Extended self-test routine 49 | recommended polling time: (1562) minutes. 50 | SCT capabilities: (0x003d) SCT Status supported. 51 | SCT Error Recovery Control supported. 52 | SCT Feature Control supported. 53 | SCT Data Table supported. 54 | 55 | SMART Attributes Data Structure revision number: 16 56 | Vendor Specific SMART Attributes with Thresholds: 57 | ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE 58 | 1 Raw_Read_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 59 | 2 Throughput_Performance 0x0005 136 136 054 Pre-fail Offline - 96 60 | 3 Spin_Up_Time 0x0007 091 091 001 Pre-fail Always - 0 (Average 383) 61 | 4 Start_Stop_Count 0x0012 100 100 000 Old_age Always - 5 62 | 5 Reallocated_Sector_Ct 0x0033 100 100 001 Pre-fail Always - 0 63 | 7 Seek_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 64 | 8 Seek_Time_Performance 0x0005 128 128 020 Pre-fail Offline - 18 65 | 9 Power_On_Hours 0x0012 100 100 000 Old_age Always - 2643 66 | 10 Spin_Retry_Count 0x0013 100 100 001 Pre-fail Always - 0 67 | 12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 5 68 | 22 Unknown_Attribute 0x0023 100 100 025 Pre-fail Always - 100 69 | 192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 109 70 | 193 Load_Cycle_Count 0x0012 100 100 000 Old_age Always - 109 71 | 194 Temperature_Celsius 0x0002 100 100 000 Old_age Always - 23 (Min/Max 20/36) 72 | 196 Reallocated_Event_Count 0x0032 100 100 000 Old_age Always - 0 73 | 197 Current_Pending_Sector 0x0022 100 100 000 Old_age Always - 0 74 | 198 Offline_Uncorrectable 0x0008 100 100 000 Old_age Offline - 0 75 | 199 UDMA_CRC_Error_Count 0x000a 100 100 000 Old_age Always - 0 76 | 77 | SMART Error Log Version: 1 78 | No Errors Logged 79 | 80 | SMART Self-test log structure revision number 1 81 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 82 | # 1 Extended offline Completed without error 00% 2628 - 83 | # 2 Extended offline Completed without error 00% 309 - 84 | # 3 Extended offline Completed without error 00% 176 - 85 | # 4 Short offline Completed without error 00% 0 - 86 | 87 | SMART Selective self-test log data structure revision number 1 88 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 89 | 1 0 0 Not_testing 90 | 2 0 0 Not_testing 91 | 3 0 0 Not_testing 92 | 4 0 0 Not_testing 93 | 5 0 0 Not_testing 94 | Selective self-test flags (0x0): 95 | After scanning selected spans, do NOT read-scan remainder of disk. 96 | If Selective self-test is pending on power-up, resume after 0 minute delay. -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-11-pool-degraded/EPXL.txt: -------------------------------------------------------------------------------- 1 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-4-pve] (local build) 2 | Copyright (C) 2002-22, Bruce Allen, Christian Franke, www.smartmontools.org 3 | 4 | === START OF INFORMATION SECTION === 5 | Device Model: WDC WUH721414ALN604 6 | Serial Number: X1G4EPXL 7 | LU WWN Device Id: 5 000cca 298c204f0 8 | Firmware Version: LDGNW400 9 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 10 | Sector Size: 4096 bytes logical/physical 11 | Rotation Rate: 7200 rpm 12 | Form Factor: 3.5 inches 13 | Device is: Not in smartctl database 7.3/5319 14 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 15 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 16 | Local Time is: Thu Dec 5 10:11:35 2024 EST 17 | SMART support is: Available - device has SMART capability. 18 | SMART support is: Enabled 19 | 20 | === START OF READ SMART DATA SECTION === 21 | SMART overall-health self-assessment test result: PASSED 22 | 23 | General SMART Values: 24 | Offline data collection status: (0x82) Offline data collection activity 25 | was completed without error. 26 | Auto Offline Data Collection: Enabled. 27 | Self-test execution status: ( 0) The previous self-test routine completed 28 | without error or no self-test has ever 29 | SCT Data Table supported. 30 | 31 | SMART Attributes Data Structure revision number: 16 32 | Vendor Specific SMART Attributes with Thresholds: 33 | ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE 34 | 1 Raw_Read_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 35 | 2 Throughput_Performance 0x0005 137 137 054 Pre-fail Offline - 92 36 | 3 Spin_Up_Time 0x0007 091 091 001 Pre-fail Always - 0 (Average 393) 37 | 4 Start_Stop_Count 0x0012 100 100 000 Old_age Always - 5 38 | 5 Reallocated_Sector_Ct 0x0033 100 100 001 Pre-fail Always - 0 39 | 7 Seek_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 40 | 8 Seek_Time_Performance 0x0005 128 128 020 Pre-fail Offline - 18 41 | 9 Power_On_Hours 0x0012 100 100 000 Old_age Always - 2643 42 | 10 Spin_Retry_Count 0x0013 100 100 001 Pre-fail Always - 0 43 | 12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 5 44 | 22 Unknown_Attribute 0x0023 100 100 025 Pre-fail Always - 100 45 | 192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 110 46 | 193 Load_Cycle_Count 0x0012 100 100 000 Old_age Always - 110 47 | 194 Temperature_Celsius 0x0002 100 100 000 Old_age Always - 21 (Min/Max 18/37) 48 | 196 Reallocated_Event_Count 0x0032 100 100 000 Old_age Always - 0 49 | 197 Current_Pending_Sector 0x0022 100 100 000 Old_age Always - 0 50 | 198 Offline_Uncorrectable 0x0008 100 100 000 Old_age Offline - 0 51 | 199 UDMA_CRC_Error_Count 0x000a 100 100 000 Old_age Always - 0 52 | 53 | SMART Error Log Version: 1 54 | No Errors Logged 55 | 56 | SMART Self-test log structure revision number 1 57 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 58 | # 1 Extended offline Completed without error 00% 2626 - 59 | # 2 Extended offline Completed without error 00% 307 - 60 | # 3 Extended offline Completed without error 00% 177 - 61 | # 4 Short offline Completed without error 00% 0 - 62 | 63 | SMART Selective self-test log data structure revision number 1 64 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 65 | 1 0 0 Not_testing 66 | 2 0 0 Not_testing 67 | 3 0 0 Not_testing 68 | 4 0 0 Not_testing 69 | 5 0 0 Not_testing 70 | Selective self-test flags (0x0): 71 | After scanning selected spans, do NOT read-scan remainder of disk. 72 | If Selective self-test is pending on power-up, resume after 0 minute delay. -------------------------------------------------------------------------------- /hardware/moose/hdd-smart-reports/2024-11-pool-degraded/HXDM.txt: -------------------------------------------------------------------------------- 1 | smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.8.12-4-pve] (local build) 2 | Copyright (C) 2002-22, Bruce Allen, Christian Franke, www.smartmontools.org 3 | 4 | === START OF INFORMATION SECTION === 5 | Model Family: Western Digital Ultrastar DC HC530 6 | Device Model: WDC WUH721414ALE6L4 7 | Serial Number: XJG0HXDM 8 | LU WWN Device Id: 5 000cca 29ac03bbf 9 | Firmware Version: LDGNW400 10 | User Capacity: 14,000,519,643,136 bytes [14.0 TB] 11 | Sector Sizes: 512 bytes logical, 4096 bytes physical 12 | Rotation Rate: 7200 rpm 13 | Form Factor: 3.5 inches 14 | Device is: In smartctl database 7.3/5319 15 | ATA Version is: ACS-2, ATA8-ACS T13/1699-D revision 4 16 | SATA Version is: SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s) 17 | Local Time is: Thu Dec 5 10:15:18 2024 EST 18 | SMART support is: Available - device has SMART capability. 19 | SMART support is: Enabled 20 | 21 | === START OF READ SMART DATA SECTION === 22 | SMART overall-health self-assessment test result: PASSED 23 | 24 | General SMART Values: 25 | Offline data collection status: (0x82) Offline data collection activity 26 | was completed without error. 27 | Auto Offline Data Collection: Enabled. 28 | Self-test execution status: ( 0) The previous self-test routine completed 29 | without error or no self-test has ever 30 | been run. 31 | Total time to complete Offline 32 | data collection: ( 101) seconds. 33 | Offline data collection 34 | capabilities: (0x5b) SMART execute Offline immediate. 35 | Auto Offline data collection on/off support. 36 | Suspend Offline collection upon new 37 | command. 38 | Offline surface scan supported. 39 | Self-test supported. 40 | No Conveyance Self-test supported. 41 | Selective Self-test supported. 42 | SMART capabilities: (0x0003) Saves SMART data before entering 43 | power-saving mode. 44 | Supports SMART auto save timer. 45 | Error logging capability: (0x01) Error logging supported. 46 | General Purpose Logging supported. 47 | Short self-test routine 48 | recommended polling time: ( 2) minutes. 49 | Extended self-test routine 50 | recommended polling time: (1342) minutes. 51 | SCT capabilities: (0x003d) SCT Status supported. 52 | SCT Error Recovery Control supported. 53 | SCT Feature Control supported. 54 | SCT Data Table supported. 55 | 56 | SMART Attributes Data Structure revision number: 16 57 | Vendor Specific SMART Attributes with Thresholds: 58 | ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE 59 | 1 Raw_Read_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 60 | 2 Throughput_Performance 0x0005 137 137 054 Pre-fail Offline - 92 61 | 3 Spin_Up_Time 0x0007 089 089 001 Pre-fail Always - 76 (Average 384) 62 | 4 Start_Stop_Count 0x0012 100 100 000 Old_age Always - 6 63 | 5 Reallocated_Sector_Ct 0x0033 100 100 001 Pre-fail Always - 0 64 | 7 Seek_Error_Rate 0x000b 100 100 001 Pre-fail Always - 0 65 | 8 Seek_Time_Performance 0x0005 128 128 020 Pre-fail Offline - 18 66 | 9 Power_On_Hours 0x0012 100 100 000 Old_age Always - 2645 67 | 10 Spin_Retry_Count 0x0013 100 100 001 Pre-fail Always - 0 68 | 12 Power_Cycle_Count 0x0032 100 100 000 Old_age Always - 6 69 | 22 Helium_Level 0x0023 100 100 025 Pre-fail Always - 100 70 | 192 Power-Off_Retract_Count 0x0032 100 100 000 Old_age Always - 110 71 | 193 Load_Cycle_Count 0x0012 100 100 000 Old_age Always - 110 72 | 194 Temperature_Celsius 0x0002 100 100 000 Old_age Always - 22 (Min/Max 19/49) 73 | 196 Reallocated_Event_Count 0x0032 100 100 000 Old_age Always - 0 74 | 197 Current_Pending_Sector 0x0022 100 100 000 Old_age Always - 0 75 | 198 Offline_Uncorrectable 0x0008 100 100 000 Old_age Offline - 0 76 | 199 UDMA_CRC_Error_Count 0x000a 100 100 000 Old_age Always - 0 77 | 78 | SMART Error Log Version: 1 79 | No Errors Logged 80 | 81 | SMART Self-test log structure revision number 1 82 | Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error 83 | # 1 Extended offline Completed without error 00% 2627 - 84 | # 2 Extended offline Completed without error 00% 308 - 85 | # 3 Extended offline Completed without error 00% 174 - 86 | # 4 Short offline Completed without error 00% 2 - 87 | # 5 Short offline Completed without error 00% 0 - 88 | 89 | SMART Selective self-test log data structure revision number 1 90 | SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS 91 | 1 0 0 Not_testing 92 | 2 0 0 Not_testing 93 | 3 0 0 Not_testing 94 | 4 0 0 Not_testing 95 | 5 0 0 Not_testing 96 | Selective self-test flags (0x0): 97 | After scanning selected spans, do NOT read-scan remainder of disk. 98 | If Selective self-test is pending on power-up, resume after 0 minute delay. -------------------------------------------------------------------------------- /hardware/moose/nix/configuration.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | { 3 | imports = 4 | [ 5 | ./hardware-configuration.nix 6 | (fetchTarball "https://github.com/nix-community/nixos-vscode-server/tarball/master") 7 | ]; 8 | 9 | boot.loader.systemd-boot.enable = true; 10 | boot.loader.efi.canTouchEfiVariables = true; 11 | boot.kernelModules = [ "drivetemp" ]; 12 | 13 | boot.supportedFilesystems = [ "zfs" ]; 14 | boot.zfs.extraPools = [ "jbdata" ]; 15 | services.zfs.autoScrub.enable = true; 16 | 17 | networking.networkmanager.enable = true; 18 | networking.hostName = "moose-jbdata"; 19 | networking.hostId = "a13b14c1"; 20 | time.timeZone = "America/Toronto"; 21 | 22 | i18n.defaultLocale = "en_US.UTF-8"; 23 | services.xserver.xkb.layout = "us"; 24 | 25 | users.users.moose = { 26 | isNormalUser = true; 27 | description = "alex"; 28 | extraGroups = [ "networkmanager" "wheel" ]; 29 | packages = with pkgs; []; 30 | }; 31 | users.defaultUserShell = pkgs.bash; 32 | programs.bash.interactiveShellInit = "figurine -f \"3d.flf\" moose-jbdata"; 33 | 34 | # Allow unfree packages 35 | nixpkgs.config.allowUnfree = true; 36 | environment.systemPackages = with pkgs; [ 37 | ansible 38 | dig 39 | e2fsprogs # badblocks 40 | figurine 41 | gcc 42 | git 43 | htop 44 | inxi 45 | iotop 46 | lm_sensors 47 | mc 48 | molly-guard 49 | ncdu 50 | nmap 51 | python3 52 | smartmontools 53 | tmux 54 | tree 55 | vim 56 | wget 57 | 58 | # zfs send/rec with sanoid/syncoid 59 | lzop 60 | mbuffer 61 | pv 62 | sanoid 63 | zstd 64 | ]; 65 | 66 | services.tailscale.enable = true; 67 | boot.kernel.sysctl."net.ipv4.ip_forward" = 1; 68 | 69 | services.openssh.enable = true; 70 | services.qemuGuest.enable = true; 71 | 72 | system.stateVersion = "24.05"; 73 | } -------------------------------------------------------------------------------- /makefile: -------------------------------------------------------------------------------- 1 | # terraform 2 | tfinit: 3 | cd terraform/dns; terraform init 4 | 5 | dns: 6 | cd terraform/dns; terraform apply 7 | 8 | # core 9 | core: 10 | cd ansible; ansible-playbook -b run.yaml --limit core --ask-become-pass 11 | 12 | corecomp: 13 | cd ansible; ansible-playbook run.yaml --limit core --tags compose 14 | 15 | status: 16 | cd ansible; ansible-playbook -b run.yaml --limit status --ask-become-pass 17 | 18 | statuscomp: 19 | cd ansible; ansible-playbook run.yaml --limit status --tags compose 20 | 21 | dev: 22 | cd ansible; ansible-playbook -b run.yaml --limit dev --ask-become-pass 23 | 24 | devcomp: 25 | cd ansible; ansible-playbook run.yaml --limit dev --tags compose 26 | 27 | # ansible housekeeping 28 | 29 | reqs: 30 | cd ansible; ansible-galaxy install -r requirements.yaml 31 | 32 | forcereqs: 33 | cd ansible; ansible-galaxy install -r requirements.yaml --force 34 | 35 | decrypt: 36 | cd ansible; ansible-vault decrypt vars/vault.yaml 37 | 38 | encrypt: 39 | cd ansible; ansible-vault encrypt vars/vault.yaml 40 | -------------------------------------------------------------------------------- /terraform/.envrc.template: -------------------------------------------------------------------------------- 1 | export AWS_ACCESS_KEY_ID='' \ 2 | AWS_SECRET_ACCESS_KEY='' 3 | -------------------------------------------------------------------------------- /terraform/README.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | ## In this repo 4 | 5 | There are accompanying README.md files in the different terraform directories. 6 | 7 | They in general cover: 8 | 9 | - what terraform is 10 | - how to setup the local development environment so it's similar to the CI 11 | - the current required CI environment variables needing to be setup in the GH repo's settings 12 | 13 | ## What is terraform? 14 | 15 | [![what is terraform](http://img.youtube.com/vi/HmxkYNv1ksg/0.jpg)](https://youtu.be/HmxkYNv1ksg "What is terraform") 16 | 17 | ## Setup 18 | 19 | ### Local Development 20 | 21 | - Install terraform: 22 | - Install direnv: 23 | - :arrow_up: is used to help [export necessary environment variables](https://direnv.net/#how-it-works). 24 | - Copy all the .envrc.template files to .envrc 25 | - Fill out information you can (initial bootstrap will just be [Linode PAT](bootstrap/README.md#linode-pat)) 26 | - When following a guide, make sure you cd into the guide's directory 27 | - do a `direnv allow .` (after you've looked at the file to check for malicious code), after you've filled out the .envrc file with the needed information 28 | 29 | ### CI 30 | 31 | 1. Run the [bootstrap steps](bootstrap/README.md) locally, so you can bootstrap terraform's remote state 32 | 2. Define necessary [environment variables](https://blog.elreydetoda.site/github-action-security/) 33 | 3. API tokens needed so far are: 34 | - AWS_ACCESS_KEY_ID = your linode s3 access key (follow the [bootstrap notes](bootstrap/README.md) to get this) 35 | - AWS_SECRET_ACCESS_KEY = your linode s3 secret key (follow the [bootstrap notes](bootstrap/README.md) to get this) 36 | - CLOUDFLARE_API_KEY = your cloudflare API key (guide [here](dns/README.md#cloudflare-api-key) on how to create) 37 | 38 | ([here](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions) are some security guidelines from GitHub on hardening GitHub Actions (also environment variables).) 39 | -------------------------------------------------------------------------------- /terraform/bootstrap/.envrc.template: -------------------------------------------------------------------------------- 1 | export LINODE_TOKEN='' -------------------------------------------------------------------------------- /terraform/bootstrap/.terraform.lock.hcl: -------------------------------------------------------------------------------- 1 | # This file is maintained automatically by "terraform init". 2 | # Manual edits may be lost in future updates. 3 | 4 | provider "registry.terraform.io/linode/linode" { 5 | version = "1.29.2" 6 | constraints = ">= 1.29.2" 7 | hashes = [ 8 | "h1:hR08w6WxaNnWON0LRok7i/Xz2KfGLS6OKuipDUSmCQ8=", 9 | "zh:1c1e91ada4ed343e27402b29164791a138978c9981956a3066b128ac20092548", 10 | "zh:2e67f6f0d32b7d45e6003a1b700d82b017fbfc4b1be17ac77dd5d4d8146f362a", 11 | "zh:46ab5560d8be984bc651691297d6b758d98b95833060bbef598403399931a170", 12 | "zh:485703179e490b629e7888d9f66f96027ca13340fb6854b3314e5925f819f835", 13 | "zh:4e21a31cceef2d40d4d0f28c2d30f5fd384d355645965db9378424a1e14ad493", 14 | "zh:554e53daf34c5364e810f30d1df6a16fe6951d1e866dd2e44069745b22498b90", 15 | "zh:60cb61aa5d295dc2669c15d7aa78b7a32d0ea92f964ecb51ce64ce34d9f3f745", 16 | "zh:715a735e2630af21e3638e102ed3fa8756e6631ac3e2898a1a1565ed3791b907", 17 | "zh:81399717d25fd3fa44b705895ae0fd91c8b3c4abe18b29acfa92b63a1e532c84", 18 | "zh:87d274362164d48e20b9bb0911ca5b0960655e3b9fa1f18484d152c3cbd27525", 19 | "zh:8e60a7718e4df689a07f4318291c4e80926f0f68497ce59b4ebdca9e7416c608", 20 | "zh:be8dda2f003a00d35bc97d15cad83085bf068239270ccdfb3833b181798ac44f", 21 | "zh:f22617244a7a7d2698d1644e135562ef3843482eb307eeb2e6f33f52c2d86d3c", 22 | "zh:f28af4075aa2456f1603ab1eed3211e6553b0911b5429f4cb8090631eb28b9f1", 23 | ] 24 | } 25 | -------------------------------------------------------------------------------- /terraform/bootstrap/README.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This will create the initial Linode's S3 object storage, which terraform will use ([S3 docs](https://www.terraform.io/docs/backends/types/s3.html)) for hosting the remote [terraform state](https://www.terraform.io/language/settings/backends/configuration). 4 | 5 | ## Setup 6 | 7 | ### Local Development 8 | 9 | Follow steps from [here](../README.md#local-development). 10 | 11 | ### Linode PAT 12 | 13 | Generate a [Linode PAT (Personal Access Token)](https://www.linode.com/docs/products/tools/linode-api/guides/get-access-token/) 14 | 15 | ## Bootstrap 16 | 17 | **NOTE:** Only run this locally! It's only meant for provisioning the initial bootstrap for terraform's remote state. 18 | 19 | 1. After doing the [local setup](#local-development), you can then run `terraform plan` (if you want to see what it'll create) 20 | 2. `terraform apply` and type `yes` if everything looks good 21 | 3. To grab the access & secret key you can run the following command: `terraform output -raw bucket_access_key && echo && terraform output -raw bucket_secret_key` 22 | 4. Then this guide tells you how you need to format your backend.tf: 23 | - an example is [here](../dns/backend.tf) 24 | 5. Fill in the .envrc template at the root of the terraform directory with these keys 25 | -------------------------------------------------------------------------------- /terraform/bootstrap/main.tf: -------------------------------------------------------------------------------- 1 | # generated a PAT (Personal Access Token) from here: https://www.linode.com/docs/products/tools/linode-api/guides/get-access-token/ 2 | # give access to whatever terraform will need to read and write to 3 | 4 | provider "linode" { 5 | # token = var.linode_token 6 | } 7 | 8 | data "linode_object_storage_cluster" "primary" { 9 | id = "us-east-1" 10 | } 11 | 12 | resource "linode_object_storage_key" "terraform_access" { 13 | label = "terraform_backend_access" 14 | } 15 | 16 | resource "linode_object_storage_bucket" "terraform_backend" { 17 | cluster = data.linode_object_storage_cluster.primary.id 18 | label = "terraform-backend" 19 | access_key = linode_object_storage_key.terraform_access.access_key 20 | secret_key = linode_object_storage_key.terraform_access.secret_key 21 | # default enabled in web-ui 22 | acl = "private" 23 | cors_enabled = true 24 | # best practice for terraform state buckets (allows you to rollback if needed) 25 | versioning = true 26 | } -------------------------------------------------------------------------------- /terraform/bootstrap/outputs.tf: -------------------------------------------------------------------------------- 1 | output "bucket_endpoint" { 2 | description = "S3 bucket endpoint URL" 3 | value = linode_object_storage_bucket.terraform_backend.hostname 4 | } 5 | 6 | output "bucket_region" { 7 | description = "Region the bucket is in" 8 | value = data.linode_object_storage_cluster.primary.region 9 | } 10 | 11 | output "bucket_access_key" { 12 | description = "Access Key (Secret)" 13 | value = linode_object_storage_key.terraform_access.access_key 14 | sensitive = true 15 | } 16 | 17 | output "bucket_secret_key" { 18 | description = "Secret Key (Secret)" 19 | value = linode_object_storage_key.terraform_access.secret_key 20 | sensitive = true 21 | } -------------------------------------------------------------------------------- /terraform/bootstrap/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | linode = { 4 | source = "linode/linode" 5 | version = ">=1.29.2" 6 | } 7 | } 8 | } -------------------------------------------------------------------------------- /terraform/dns/.envrc.template: -------------------------------------------------------------------------------- 1 | source ../.envrc 2 | export CLOUDFLARE_API_TOKEN='' -------------------------------------------------------------------------------- /terraform/dns/.terraform.lock.hcl: -------------------------------------------------------------------------------- 1 | # This file is maintained automatically by "terraform init". 2 | # Manual edits may be lost in future updates. 3 | 4 | provider "registry.terraform.io/cloudflare/cloudflare" { 5 | version = "3.22.0" 6 | constraints = "3.22.0" 7 | hashes = [ 8 | "h1:QF87L0J98NgpNMhOfOtFykadyzJ0FfkV2RPF6sf/FrA=", 9 | "zh:12c7d968b14e54990a1c137f1b0b525eacefbcc857baf00c107c7a32ebb3f476", 10 | "zh:2202f5debee417cc367e12183803ecb373c4a7571b79dbb39e826ce88276184c", 11 | "zh:283b16ee3cb1bac96d9a1db588e0bb0272e7a89d5ac101243f8758c81f70ec7c", 12 | "zh:40f635c1c455213cb510adb043c385686077ebeda1d3038b9c1f252a7a662991", 13 | "zh:5c05c8e81d125abf5db9a337de8dbb48ac44eb59bcfa927f1f1addce49449346", 14 | "zh:7f893d384ee4e798391ef0532046e593b95a5ab2b328e6fff1a81ef27cf86133", 15 | "zh:a39c728c083fa695fc6b7134dd3cf57996aeb1098faca2cbc40fb775e01e5d7a", 16 | "zh:b6078ff29c6fcb30217df242c668cf7db0108f57a6711347aa5bbd365a09f4ca", 17 | "zh:c8cb07aad4fc0e4d082f931888e6ac6c0ac093e84a3f8821163d751d605641af", 18 | "zh:d4998ca9a69ac0f4f42b8c02bfbfd572cd16acd9aa1c76e0e28ccc983c09611e", 19 | "zh:d514ada82cfe18e85c203bffd3435deb01d2b59e276261701c802be2f1296f5b", 20 | "zh:e3e58fc11651db0db4fa221a384d78032da6cf603cd74228a57b3b47c8711c30", 21 | "zh:ee2c2290f78c694116bb05955ed5c56165eacf0e3fe28c43eda55e14882b3f7f", 22 | "zh:f4f2dc474dbbee45257fed660782c6967d365bc63520ff5439e7bc4d6ad91acf", 23 | ] 24 | } 25 | -------------------------------------------------------------------------------- /terraform/dns/README.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This is the Cloudflare terraform provider. Docs are here: 4 | 5 | ## Setup 6 | 7 | ### Local Development 8 | 9 | Follow steps from [here](../README.md#local-development). 10 | 11 | ### Cloudflare API Key 12 | 13 | Once logged in to Cloudflare: 14 | 15 | 1. navigate [here](https://dash.cloudflare.com/profile/api-tokens) 16 | 2. Click "Create Token" 17 | 3. Click "Use template" for the "Edit zone DNS" 18 | 4. Click "+ Add more" under the "Permissions" section 19 | 5. Select the following options: 20 | - Zone 21 | - Page Rules 22 | - Edit 23 | 6. Select the specific zone to restrict access, or select "All zones" instead of "Specific zone" 24 | 7. (Optional) add more restrictions (might not be good idea though for CI) 25 | 8. Click "Continue to summary" 26 | 9. Click "Create Token" 27 | 10. Copy the token to a secure location, it won't be shown again -------------------------------------------------------------------------------- /terraform/dns/backend.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | backend "s3" { 3 | # this will be whatever you named the bucket 4 | bucket = "terraform-backend" 5 | # this NEEDS to be unique per folder, or else you'll overwrite terraform state 6 | # (i.e. if we had a subfolder of foo it'd be: dns/foo/terraform.tfstate) 7 | # (i.e. if we had a different folder (instead of dns) called bar it'd be: bar/terraform.tfstate) 8 | key = "dns/terraform.tfstate" 9 | region = "us-east-1" 10 | endpoint = "us-east-1.linodeobjects.com" 11 | skip_credentials_validation = true 12 | # access_key = "" 13 | # secret_key = "" 14 | # instead of adding your creds in plain text use environment variables: 15 | # AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY 16 | } 17 | } -------------------------------------------------------------------------------- /terraform/dns/main.tf: -------------------------------------------------------------------------------- 1 | data "cloudflare_zone" "main_com_domain" { 2 | name = "jupiterbroadcasting.com" 3 | } 4 | 5 | data "cloudflare_zone" "ssh_show_domain" { 6 | name = "selfhosted.show" 7 | } 8 | 9 | resource "cloudflare_record" "jb_com" { 10 | for_each = var.jb_com_subdomains 11 | 12 | zone_id = data.cloudflare_zone.main_com_domain.id 13 | name = each.value["name"] 14 | value = each.value["value"] 15 | type = each.value["type"] 16 | proxied = each.value["proxied"] 17 | } 18 | 19 | resource "cloudflare_record" "ssh_show" { 20 | for_each = var.ssh_show_subdomains 21 | 22 | zone_id = data.cloudflare_zone.ssh_show_domain.id 23 | name = each.value["name"] 24 | value = each.value["value"] 25 | type = each.value["type"] 26 | proxied = each.value["proxied"] 27 | } 28 | 29 | resource "cloudflare_page_rule" "jbcom_pagerules" { 30 | for_each = var.jb_com_pagerules 31 | 32 | zone_id = data.cloudflare_zone.main_com_domain.id 33 | target = each.value["target"] 34 | # added, because it'll continue to say there are modifications 35 | # if not explicitly declared 36 | priority = each.value["priority"] 37 | actions { 38 | forwarding_url { 39 | url = each.value["forwarded_url"] 40 | status_code = each.value["status_code"] 41 | } 42 | } 43 | 44 | } -------------------------------------------------------------------------------- /terraform/dns/terraform.tfvars: -------------------------------------------------------------------------------- 1 | # docs: https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record 2 | 3 | # subdomains to create for jb_com domain in cloudflare 4 | jb_com_subdomains = { 5 | # A Records 6 | "jbcom" = { 7 | name = "@" 8 | value = "45.79.147.12" 9 | type = "A" 10 | proxied = true 11 | ttl = 1 12 | } 13 | 14 | "archive" = { 15 | name = "archive" 16 | value = "23.92.19.250" 17 | type = "A" 18 | proxied = true 19 | ttl = 1 20 | } 21 | 22 | "colony" = { 23 | name = "colony" 24 | value = "45.79.76.52" 25 | type = "A" 26 | proxied = false 27 | ttl = 1 28 | } 29 | 30 | "core" = { 31 | name = "core" 32 | value = "45.79.147.12" 33 | type = "A" 34 | proxied = false 35 | ttl = 1 36 | } 37 | 38 | "dev" = { 39 | name = "dev" 40 | value = "45.79.206.17" 41 | type = "A" 42 | proxied = false 43 | ttl = 1 44 | } 45 | 46 | "donate" = { 47 | name = "donate" 48 | value = "24.16.90.47" 49 | type = "A" 50 | proxied = false 51 | ttl = 1 52 | } 53 | 54 | "legacy" = { 55 | name = "legacy" 56 | value = "216.66.43.105" 57 | type = "A" 58 | proxied = false 59 | ttl = 1 60 | } 61 | 62 | "netdata" = { 63 | name = "netdata" 64 | value = "23.92.19.250" 65 | type = "A" 66 | proxied = false 67 | ttl = 1 68 | } 69 | 70 | "notes" = { 71 | name = "notes" 72 | value = "45.79.147.12" 73 | type = "A" 74 | proxied = true 75 | ttl = 1 76 | } 77 | 78 | "status" = { 79 | name = "status" 80 | value = "50.116.37.88" 81 | type = "A" 82 | proxied = true 83 | ttl = 1 84 | } 85 | 86 | "test.dev" = { 87 | name = "test.dev" 88 | value = "45.79.206.17" 89 | type = "A" 90 | proxied = true 91 | ttl = 1 92 | } 93 | 94 | "www" = { 95 | name = "www" 96 | value = "45.79.147.12" 97 | type = "A" 98 | proxied = true 99 | ttl = 1 100 | } 101 | 102 | # AAAA Records 103 | "archive" = { 104 | name = "archive" 105 | value = "2600:3c03::f03c:93ff:fe35:667b" 106 | type = "AAAA" 107 | proxied = true 108 | ttl = 1 109 | } 110 | 111 | "dev" = { 112 | name = "dev" 113 | value = "2600:3c03::f03c:93ff:fe35:667b" 114 | type = "AAAA" 115 | proxied = true 116 | ttl = 1 117 | } 118 | 119 | "netdata" = { 120 | name = "netdata" 121 | value = "2600:3c03::f03c:93ff:fe35:667b" 122 | type = "AAAA" 123 | proxied = false 124 | ttl = 1 125 | } 126 | 127 | # CNAME Records 128 | "new" = { 129 | name = "new" 130 | value = "jupiterbroadcasting.com" 131 | type = "CNAME" 132 | proxied = true 133 | ttl = 1 134 | } 135 | 136 | # TXT Records 137 | } 138 | 139 | # subdomains to create for ssh_show domain in cloudflare 140 | ssh_show_subdomains = {} 141 | 142 | jb_com_pagerules = { 143 | "new-jb-com" = { 144 | target = "new.jupiterbroadcasting.com" 145 | forwarded_url = "https://www.jupiterbroadcasting.com" 146 | status_code = "301" 147 | priority = 2 148 | } 149 | "www-jb-com" = { 150 | target = "jupiterbroadcasting.com/*" 151 | forwarded_url = "https://www.jupiterbroadcasting.com/$1" 152 | status_code = "301" 153 | priority = 1 154 | } 155 | } 156 | -------------------------------------------------------------------------------- /terraform/dns/variables.tf: -------------------------------------------------------------------------------- 1 | ## Provider configs 2 | provider "cloudflare" { 3 | # https://api.cloudflare.com/#getting-started-resource-ids 4 | ##### 5 | # migrate to using .envrc environment variables 6 | # email = yamldecode(file("~/.config/tokens/cloudflare.yaml"))["account-email"] 7 | # api_key = yamldecode(file("~/.config/tokens/cloudflare.yaml"))["api-key"] 8 | ##### 9 | } 10 | 11 | # https://stackoverflow.com/questions/70785025/terraform-for-each-map-of-objects 12 | variable "jb_com_subdomains" { 13 | type = map(object({ 14 | name = string 15 | proxied = bool 16 | value = string 17 | type = string 18 | ttl = string # value of 1 = auto 19 | })) 20 | } 21 | 22 | variable "ssh_show_subdomains" { 23 | type = map(object({ 24 | name = string 25 | proxied = bool 26 | value = string 27 | type = string 28 | ttl = string # value of 1 = auto 29 | })) 30 | } 31 | 32 | variable "jb_com_pagerules" { 33 | type = map(object({ 34 | target = string 35 | forwarded_url = string 36 | status_code = string 37 | priority = number 38 | })) 39 | } -------------------------------------------------------------------------------- /terraform/dns/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | cloudflare = { 4 | source = "cloudflare/cloudflare" 5 | version = "3.22.0" 6 | } 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /terraform/modules/cloudflare-record/main.tf: -------------------------------------------------------------------------------- 1 | resource "cloudflare_record" "record" { 2 | zone_id = var.zone_id 3 | name = var.record_name 4 | value = var.value 5 | type = var.type 6 | } -------------------------------------------------------------------------------- /terraform/modules/cloudflare-record/variables.tf: -------------------------------------------------------------------------------- 1 | variable "zone_id" { 2 | type = string 3 | } 4 | 5 | variable "name" { 6 | type = string 7 | } 8 | 9 | variable "value" { 10 | type = string 11 | } 12 | 13 | variable "type" { 14 | type = string 15 | } -------------------------------------------------------------------------------- /terraform/modules/cloudflare-record/versions.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | cloudflare = { 4 | source = "terraform-providers/cloudflare" 5 | } 6 | } 7 | required_version = ">= 0.13" 8 | } 9 | --------------------------------------------------------------------------------