├── .gitignore ├── README.md ├── files ├── apcupsd.conf └── debian.bashrc ├── hosts └── playbooks ├── setup-server.yml └── update-server.yml /.gitignore: -------------------------------------------------------------------------------- 1 | ansible.cfg -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Homelab-Ansible 2 | Since I've just gotten started with Ansible, this is a place to showcase my playbooks and other work. The hope here is to share my configs with others, and possibly get feedback and ideas from others as well. 3 | 4 | # Playbooks 5 | The playbooks right now are fairly simple, but they help me a ton! 6 | 7 | * **update-server.ml** - As straightforward as it sounds. Just checks for updates, and applies them, without having to manually `apt update` and `apt upgrade -y` all of the VMs separately. 8 | * **setup-server.yml** - Update packages, install extras (open-vm-tools, apcupsd, etc.), back up the default, and template in an apcupsd config that references pfSense for the master, back up the default .bashrc for my main user, and add color to the prompts. -------------------------------------------------------------------------------- /files/apcupsd.conf: -------------------------------------------------------------------------------- 1 | ## apcupsd.conf v1.1 ## 2 | # 3 | # "apcupsd" POSIX config file 4 | 5 | # 6 | # Note that the apcupsd daemon must be restarted in order for changes to 7 | # this configuration file to become active. 8 | # 9 | 10 | # 11 | # ========= General configuration parameters ============ 12 | # 13 | 14 | # UPSNAME xxx 15 | # Use this to give your UPS a name in log files and such. This 16 | # is particulary useful if you have multiple UPSes. This does not 17 | # set the EEPROM. It should be 8 characters or less. 18 | #UPSNAME 19 | 20 | # UPSCABLE 21 | # Defines the type of cable connecting the UPS to your computer. 22 | # 23 | # Possible generic choices for are: 24 | # simple, smart, ether, usb 25 | # 26 | # Or a specific cable model number may be used: 27 | # 940-0119A, 940-0127A, 940-0128A, 940-0020B, 28 | # 940-0020C, 940-0023A, 940-0024B, 940-0024C, 29 | # 940-1524C, 940-0024G, 940-0095A, 940-0095B, 30 | # 940-0095C, 940-0625A, M-04-02-2000 31 | # 32 | UPSCABLE ether 33 | 34 | # To get apcupsd to work, in addition to defining the cable 35 | # above, you must also define a UPSTYPE, which corresponds to 36 | # the type of UPS you have (see the Description for more details). 37 | # You must also specify a DEVICE, sometimes referred to as a port. 38 | # For USB UPSes, please leave the DEVICE directive blank. For 39 | # other UPS types, you must specify an appropriate port or address. 40 | # 41 | # UPSTYPE DEVICE Description 42 | # apcsmart /dev/tty** Newer serial character device, appropriate for 43 | # SmartUPS models using a serial cable (not USB). 44 | # 45 | # usb Most new UPSes are USB. A blank DEVICE 46 | # setting enables autodetection, which is 47 | # the best choice for most installations. 48 | # 49 | # net hostname:port Network link to a master apcupsd through apcupsd's 50 | # Network Information Server. This is used if the 51 | # UPS powering your computer is connected to a 52 | # different computer for monitoring. 53 | # 54 | # snmp hostname:port:vendor:community 55 | # SNMP network link to an SNMP-enabled UPS device. 56 | # Hostname is the ip address or hostname of the UPS 57 | # on the network. Vendor can be can be "APC" or 58 | # "APC_NOTRAP". "APC_NOTRAP" will disable SNMP trap 59 | # catching; you usually want "APC". Port is usually 60 | # 161. Community is usually "private". 61 | # 62 | # netsnmp hostname:port:vendor:community 63 | # OBSOLETE 64 | # Same as SNMP above but requires use of the 65 | # net-snmp library. Unless you have a specific need 66 | # for this old driver, you should use 'snmp' instead. 67 | # 68 | # dumb /dev/tty** Old serial character device for use with 69 | # simple-signaling UPSes. 70 | # 71 | # pcnet ipaddr:username:passphrase:port 72 | # PowerChute Network Shutdown protocol which can be 73 | # used as an alternative to SNMP with the AP9617 74 | # family of smart slot cards. ipaddr is the IP 75 | # address of the UPS management card. username and 76 | # passphrase are the credentials for which the card 77 | # has been configured. port is the port number on 78 | # which to listen for messages from the UPS, normally 79 | # 3052. If this parameter is empty or missing, the 80 | # default of 3052 will be used. 81 | # 82 | # modbus /dev/tty** Serial device for use with newest SmartUPS models 83 | # supporting the MODBUS protocol. 84 | # modbus Leave the DEVICE setting blank for MODBUS over USB 85 | # or set to the serial number of the UPS to ensure 86 | # that apcupsd binds to that particular unit 87 | # (helpful if you have more than one USB UPS). 88 | # 89 | UPSTYPE net 90 | DEVICE {{ ansible_default_ipv4['gateway'] }}:3551 91 | 92 | # POLLTIME 93 | # Interval (in seconds) at which apcupsd polls the UPS for status. This 94 | # setting applies both to directly-attached UPSes (UPSTYPE apcsmart, usb, 95 | # dumb) and networked UPSes (UPSTYPE net, snmp). Lowering this setting 96 | # will improve apcupsd's responsiveness to certain events at the cost of 97 | # higher CPU utilization. The default of 60 is appropriate for most 98 | # situations. 99 | POLLTIME 10 100 | 101 | # LOCKFILE 102 | # Path for device lock file for UPSes connected via USB or 103 | # serial port. This is the directory into which the lock file 104 | # will be written. The directory must already exist; apcupsd will not create 105 | # it. The actual name of the lock file is computed from DEVICE. 106 | # Not used on Win32. 107 | LOCKFILE /var/lock 108 | 109 | # SCRIPTDIR 110 | # Directory in which apccontrol and event scripts are located. 111 | SCRIPTDIR /etc/apcupsd 112 | 113 | # PWRFAILDIR 114 | # Directory in which to write the powerfail flag file. This file 115 | # is created when apcupsd initiates a system shutdown and is 116 | # checked in the OS halt scripts to determine if a killpower 117 | # (turning off UPS output power) is required. 118 | PWRFAILDIR /etc/apcupsd 119 | 120 | # NOLOGINDIR 121 | # Directory in which to write the nologin file. The existence 122 | # of this flag file tells the OS to disallow new logins. 123 | NOLOGINDIR /etc 124 | 125 | 126 | # 127 | # ======== Configuration parameters used during power failures ========== 128 | # 129 | 130 | # The ONBATTERYDELAY is the time in seconds from when a power failure 131 | # is detected until we react to it with an onbattery event. 132 | # 133 | # This means that, apccontrol will be called with the powerout argument 134 | # immediately when a power failure is detected. However, the 135 | # onbattery argument is passed to apccontrol only after the 136 | # ONBATTERYDELAY time. If you don't want to be annoyed by short 137 | # powerfailures, make sure that apccontrol powerout does nothing 138 | # i.e. comment out the wall. 139 | ONBATTERYDELAY 6 140 | 141 | # 142 | # Note: BATTERYLEVEL, MINUTES, and TIMEOUT work in conjunction, so 143 | # the first that occurs will cause the initation of a shutdown. 144 | # 145 | 146 | # If during a power failure, the remaining battery percentage 147 | # (as reported by the UPS) is below or equal to BATTERYLEVEL, 148 | # apcupsd will initiate a system shutdown. 149 | BATTERYLEVEL 20 150 | 151 | # If during a power failure, the remaining runtime in minutes 152 | # (as calculated internally by the UPS) is below or equal to MINUTES, 153 | # apcupsd, will initiate a system shutdown. 154 | MINUTES 4 155 | 156 | # If during a power failure, the UPS has run on batteries for TIMEOUT 157 | # many seconds or longer, apcupsd will initiate a system shutdown. 158 | # A value of 0 disables this timer. 159 | # 160 | # Note, if you have a Smart UPS, you will most likely want to disable 161 | # this timer by setting it to zero. That way, you UPS will continue 162 | # on batteries until either the % charge remaing drops to or below BATTERYLEVEL, 163 | # or the remaining battery runtime drops to or below MINUTES. Of course, 164 | # if you are testing, setting this to 60 causes a quick system shutdown 165 | # if you pull the power plug. 166 | # If you have an older dumb UPS, you will want to set this to less than 167 | # the time you know you can run on batteries. 168 | TIMEOUT 0 169 | 170 | # Time in seconds between annoying users to signoff prior to 171 | # system shutdown. 0 disables. 172 | ANNOY 300 173 | 174 | # Initial delay after power failure before warning users to get 175 | # off the system. 176 | ANNOYDELAY 60 177 | 178 | # The condition which determines when users are prevented from 179 | # logging in during a power failure. 180 | # NOLOGON [ disable | timeout | percent | minutes | always ] 181 | NOLOGON disable 182 | 183 | # If KILLDELAY is non-zero, apcupsd will continue running after a 184 | # shutdown has been requested, and after the specified time in 185 | # seconds attempt to kill the power. This is for use on systems 186 | # where apcupsd cannot regain control after a shutdown. 187 | # KILLDELAY 0 disables 188 | KILLDELAY 0 189 | 190 | # 191 | # ==== Configuration statements for Network Information Server ==== 192 | # 193 | 194 | # NETSERVER [ on | off ] on enables, off disables the network 195 | # information server. If netstatus is on, a network information 196 | # server process will be started for serving the STATUS and 197 | # EVENT data over the network (used by CGI programs). 198 | NETSERVER on 199 | 200 | # NISIP 201 | # IP address on which NIS server will listen for incoming connections. 202 | # This is useful if your server is multi-homed (has more than one 203 | # network interface and IP address). Default value is 0.0.0.0 which 204 | # means any incoming request will be serviced. Alternatively, you can 205 | # configure this setting to any specific IP address of your server and 206 | # NIS will listen for connections only on that interface. Use the 207 | # loopback address (127.0.0.1) to accept connections only from the 208 | # local machine. 209 | NISIP 127.0.0.1 210 | 211 | # NISPORT default is 3551 as registered with the IANA 212 | # port to use for sending STATUS and EVENTS data over the network. 213 | # It is not used unless NETSERVER is on. If you change this port, 214 | # you will need to change the corresponding value in the cgi directory 215 | # and rebuild the cgi programs. 216 | NISPORT 3551 217 | 218 | # If you want the last few EVENTS to be available over the network 219 | # by the network information server, you must define an EVENTSFILE. 220 | EVENTSFILE /var/log/apcupsd.events 221 | 222 | # EVENTSFILEMAX 223 | # By default, the size of the EVENTSFILE will be not be allowed to exceed 224 | # 10 kilobytes. When the file grows beyond this limit, older EVENTS will 225 | # be removed from the beginning of the file (first in first out). The 226 | # parameter EVENTSFILEMAX can be set to a different kilobyte value, or set 227 | # to zero to allow the EVENTSFILE to grow without limit. 228 | EVENTSFILEMAX 10 229 | 230 | # 231 | # ========== Configuration statements used if sharing ============= 232 | # a UPS with more than one machine 233 | 234 | # 235 | # Remaining items are for ShareUPS (APC expansion card) ONLY 236 | # 237 | 238 | # UPSCLASS [ standalone | shareslave | sharemaster ] 239 | # Normally standalone unless you share an UPS using an APC ShareUPS 240 | # card. 241 | UPSCLASS standalone 242 | 243 | # UPSMODE [ disable | share ] 244 | # Normally disable unless you share an UPS using an APC ShareUPS card. 245 | UPSMODE disable 246 | 247 | # 248 | # ===== Configuration statements to control apcupsd system logging ======== 249 | # 250 | 251 | # Time interval in seconds between writing the STATUS file; 0 disables 252 | STATTIME 0 253 | 254 | # Location of STATUS file (written to only if STATTIME is non-zero) 255 | STATFILE /var/log/apcupsd.status 256 | 257 | # LOGSTATS [ on | off ] on enables, off disables 258 | # Note! This generates a lot of output, so if 259 | # you turn this on, be sure that the 260 | # file defined in syslog.conf for LOG_NOTICE is a named pipe. 261 | # You probably do not want this on. 262 | LOGSTATS off 263 | 264 | # Time interval in seconds between writing the DATA records to 265 | # the log file. 0 disables. 266 | DATATIME 0 267 | 268 | # FACILITY defines the logging facility (class) for logging to syslog. 269 | # If not specified, it defaults to "daemon". This is useful 270 | # if you want to separate the data logged by apcupsd from other 271 | # programs. 272 | #FACILITY DAEMON 273 | 274 | # 275 | # ========== Configuration statements used in updating the UPS EPROM ========= 276 | # 277 | 278 | # 279 | # These statements are used only by apctest when choosing "Set EEPROM with conf 280 | # file values" from the EEPROM menu. THESE STATEMENTS HAVE NO EFFECT ON APCUPSD. 281 | # 282 | 283 | # UPS name, max 8 characters 284 | #UPSNAME UPS_IDEN 285 | 286 | # Battery date - 8 characters 287 | #BATTDATE mm/dd/yy 288 | 289 | # Sensitivity to line voltage quality (H cause faster transfer to batteries) 290 | # SENSITIVITY H M L (default = H) 291 | #SENSITIVITY H 292 | 293 | # UPS delay after power return (seconds) 294 | # WAKEUP 000 060 180 300 (default = 0) 295 | #WAKEUP 60 296 | 297 | # UPS Grace period after request to power off (seconds) 298 | # SLEEP 020 180 300 600 (default = 20) 299 | #SLEEP 180 300 | 301 | # Low line voltage causing transfer to batteries 302 | # The permitted values depend on your model as defined by last letter 303 | # of FIRMWARE or APCMODEL. Some representative values are: 304 | # D 106 103 100 097 305 | # M 177 172 168 182 306 | # A 092 090 088 086 307 | # I 208 204 200 196 (default = 0 => not valid) 308 | #LOTRANSFER 208 309 | 310 | # High line voltage causing transfer to batteries 311 | # The permitted values depend on your model as defined by last letter 312 | # of FIRMWARE or APCMODEL. Some representative values are: 313 | # D 127 130 133 136 314 | # M 229 234 239 224 315 | # A 108 110 112 114 316 | # I 253 257 261 265 (default = 0 => not valid) 317 | #HITRANSFER 253 318 | 319 | # Battery charge needed to restore power 320 | # RETURNCHARGE 00 15 50 90 (default = 15) 321 | #RETURNCHARGE 15 322 | 323 | # Alarm delay 324 | # 0 = zero delay after pwr fail, T = power fail + 30 sec, L = low battery, N = never 325 | # BEEPSTATE 0 T L N (default = 0) 326 | #BEEPSTATE T 327 | 328 | # Low battery warning delay in minutes 329 | # LOWBATT 02 05 07 10 (default = 02) 330 | #LOWBATT 2 331 | 332 | # UPS Output voltage when running on batteries 333 | # The permitted values depend on your model as defined by last letter 334 | # of FIRMWARE or APCMODEL. Some representative values are: 335 | # D 115 336 | # M 208 337 | # A 100 338 | # I 230 240 220 225 (default = 0 => not valid) 339 | #OUTPUTVOLTS 230 340 | 341 | # Self test interval in hours 336=2 weeks, 168=1 week, ON=at power on 342 | # SELFTEST 336 168 ON OFF (default = 336) 343 | #SELFTEST 336 344 | -------------------------------------------------------------------------------- /files/debian.bashrc: -------------------------------------------------------------------------------- 1 | # ~/.bashrc: executed by bash(1) for non-login shells. 2 | # see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) 3 | # for examples 4 | 5 | # If not running interactively, don't do anything 6 | case $- in 7 | *i*) ;; 8 | *) return;; 9 | esac 10 | 11 | # don't put duplicate lines or lines starting with space in the history. 12 | # See bash(1) for more options 13 | HISTCONTROL=ignoreboth 14 | 15 | # append to the history file, don't overwrite it 16 | shopt -s histappend 17 | 18 | # for setting history length see HISTSIZE and HISTFILESIZE in bash(1) 19 | HISTSIZE=1000 20 | HISTFILESIZE=2000 21 | 22 | # check the window size after each command and, if necessary, 23 | # update the values of LINES and COLUMNS. 24 | shopt -s checkwinsize 25 | 26 | # If set, the pattern "**" used in a pathname expansion context will 27 | # match all files and zero or more directories and subdirectories. 28 | #shopt -s globstar 29 | 30 | # make less more friendly for non-text input files, see lesspipe(1) 31 | #[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" 32 | 33 | # set variable identifying the chroot you work in (used in the prompt below) 34 | if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then 35 | debian_chroot=$(cat /etc/debian_chroot) 36 | fi 37 | 38 | # set a fancy prompt (non-color, unless we know we "want" color) 39 | case "$TERM" in 40 | xterm-color|*-256color) color_prompt=yes;; 41 | esac 42 | 43 | # uncomment for a colored prompt, if the terminal has the capability; turned 44 | # off by default to not distract the user: the focus in a terminal window 45 | # should be on the output of commands, not on the prompt 46 | force_color_prompt=yes 47 | 48 | if [ -n "$force_color_prompt" ]; then 49 | if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then 50 | # We have color support; assume it's compliant with Ecma-48 51 | # (ISO/IEC-6429). (Lack of such support is extremely rare, and such 52 | # a case would tend to support setf rather than setaf.) 53 | color_prompt=yes 54 | else 55 | color_prompt= 56 | fi 57 | fi 58 | 59 | if [ "$color_prompt" = yes ]; then 60 | PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' 61 | else 62 | PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' 63 | fi 64 | unset color_prompt force_color_prompt 65 | 66 | # If this is an xterm set the title to user@host:dir 67 | case "$TERM" in 68 | xterm*|rxvt*) 69 | PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" 70 | ;; 71 | *) 72 | ;; 73 | esac 74 | 75 | # enable color support of ls and also add handy aliases 76 | if [ -x /usr/bin/dircolors ]; then 77 | test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" 78 | alias ls='ls --color=auto' 79 | #alias dir='dir --color=auto' 80 | #alias vdir='vdir --color=auto' 81 | 82 | #alias grep='grep --color=auto' 83 | #alias fgrep='fgrep --color=auto' 84 | #alias egrep='egrep --color=auto' 85 | fi 86 | 87 | # colored GCC warnings and errors 88 | #export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' 89 | 90 | # some more ls aliases 91 | #alias ll='ls -l' 92 | #alias la='ls -A' 93 | #alias l='ls -CF' 94 | 95 | # Alias definitions. 96 | # You may want to put all your additions into a separate file like 97 | # ~/.bash_aliases, instead of adding them here directly. 98 | # See /usr/share/doc/bash-doc/examples in the bash-doc package. 99 | 100 | if [ -f ~/.bash_aliases ]; then 101 | . ~/.bash_aliases 102 | fi 103 | 104 | # enable programmable completion features (you don't need to enable 105 | # this, if it's already enabled in /etc/bash.bashrc and /etc/profile 106 | # sources /etc/bash.bashrc). 107 | if ! shopt -oq posix; then 108 | if [ -f /usr/share/bash-completion/bash_completion ]; then 109 | . /usr/share/bash-completion/bash_completion 110 | elif [ -f /etc/bash_completion ]; then 111 | . /etc/bash_completion 112 | fi 113 | fi 114 | -------------------------------------------------------------------------------- /hosts: -------------------------------------------------------------------------------- 1 | # If you have multiple hosts following a pattern you can specify 2 | # them like this: 3 | 4 | ## www[001:006].example.com 5 | 6 | ## db-[99:101]-node.example.com 7 | 8 | [new] 9 | argon 10 | 11 | [new:vars] 12 | ansible_python_interpreter=/usr/bin/python3 13 | 14 | [debian] 15 | oxygen 16 | fluorine 17 | copper 18 | carbon 19 | argon 20 | 10.0.80.254 21 | 10.0.101.50 ansible_user=pi 22 | 23 | [debian:vars] 24 | ansible_python_interpreter=/usr/bin/python3 25 | -------------------------------------------------------------------------------- /playbooks/setup-server.yml: -------------------------------------------------------------------------------- 1 | - name: Set up new machines 2 | hosts: new 3 | become: true 4 | 5 | tasks: 6 | - name: Update package lists 7 | apt: 8 | update_cache: yes 9 | 10 | - name: Update packages 11 | apt: 12 | name: "*" 13 | state: latest 14 | 15 | - name: Install extra packages 16 | apt: 17 | pkg: 18 | - openssh-server 19 | - open-vm-tools 20 | - software-properties-common 21 | - apcupsd 22 | 23 | - name: Back up default apcupsd config 24 | shell: creates=/etc/apcupsd/apcupsd.conf.bak mv /etc/apcupsd/apcupsd.conf /etc/apcupsd/apcupsd.conf.bak 25 | 26 | - name: Copy custom apcupsd config 27 | template: 28 | src: /etc/ansible/files/apcupsd.conf 29 | dest: /etc/apcupsd/apcupsd.conf 30 | owner: root 31 | group: root 32 | mode: 0644 33 | notify: 34 | - restart-apcupsd 35 | 36 | - name: Back up user bashrc 37 | shell: creates=/home/andy/.bashrc.bak mv /home/andy/.bashrc /home/andy/.bashrc.bak 38 | 39 | - name: Adding color to user bashrc 40 | copy: 41 | src: /etc/ansible/files/debian.bashrc 42 | dest: /home/andy/.bashrc 43 | owner: andy 44 | group: andy 45 | mode: 0644 46 | 47 | handlers: 48 | - name: restart-apcupsd 49 | service: 50 | name: apcupsd 51 | state: restarted 52 | -------------------------------------------------------------------------------- /playbooks/update-server.yml: -------------------------------------------------------------------------------- 1 | - name: Update all packages 2 | hosts: debian 3 | become: true 4 | 5 | tasks: 6 | - name: Update package lists 7 | apt: 8 | update_cache: yes 9 | 10 | - name: Update packages 11 | apt: 12 | name: "*" 13 | state: latest 14 | --------------------------------------------------------------------------------