├── .travis.yml ├── README.md ├── defaults └── main.yml ├── files ├── bashrc └── tmux.conf ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── base.yml ├── kernel.yml ├── main.yml ├── monitoring.yml ├── networking.yml └── security.yml ├── templates ├── dns.j2 ├── docker-daemon.j2 ├── interfaces.j2 └── promtail.j2 ├── tests ├── inventory └── test.yml └── vars └── main.yml /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sudo: required 3 | language: python 4 | services: 5 | - docker 6 | before_install: 7 | - sudo apt-get -qq update 8 | install: 9 | - pip install molecule docker ansible ansible-lint 10 | script: 11 | - ansible-lint -x 401,405,204,301,305 . 12 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Linux server role 2 | 3 | Role that install a generic setup for a Debian linux: 4 | 5 | - Docker 6 | - Monitoring with prometheus (node exporter + cAdvisor) 7 | - Kernel parameters 8 | - Basic tools and packages 9 | - Import of ssh keys and gpg keys from github 10 | 11 | # Example playbook 12 | 13 | This is an example playbook 14 | 15 | 16 | ```yml 17 | - hosts: all 18 | vars: 19 | hostname: "template" 20 | domain: "strm.sh" 21 | network: 22 | ip: "192.168.0.9" 23 | cidr: "/24" 24 | gateway: "192.168.0.1" 25 | dns: 26 | - "8.8.8.8" 27 | - "1.1.1.1" 28 | extra_ips: 29 | - "192.168.0.2" 30 | - "192.168.0.3" 31 | - "192.168.0.4" 32 | extra_raw: |- 33 | iface tun0 inet static 34 | address 10.0.0.8/24 35 | static_hosts: "{{ lookup('file', 'hosts') }}" 36 | loki: 37 | url: 'http://loki.strm.sh:3100/loki/api/v1/push' 38 | github_user: opsxcq 39 | tasks: 40 | - debug: 41 | msg: "Your other tasks here" 42 | roles: 43 | - ../.. 44 | ``` 45 | 46 | Optional variables: 47 | 48 | - `network.cidr`: default value is `/24`. 49 | - `static_hosts`: if not present, won't change `/etc/hosts`. 50 | - `loki`: When defined will configure the system and container logs to be 51 | shipped to loki. 52 | 53 | # Requirements file 54 | 55 | ```yml 56 | - src: git+https://github.com/opsxcq/ansible-role-linux-server.git 57 | name: "opsxcq.linux_server" 58 | ``` 59 | 60 | # Tmux configuration 61 | 62 | Tmux is added to this setup, but with a difference that it uses `Ctrl+A`, so you 63 | can keep a tmux session (using `Ctrl+B`) locally connected to a tmux remotely. 64 | 65 | # Monitoring 66 | 67 | Alongside the monitoring tools like prometheus, there are some tools which help 68 | you to monitor the resource usage locally. 69 | 70 | - **htop** 71 | - **iostat -x 1** - shows real time io data 72 | - **slurm -i ens192** - shows real time network stats for the interface *ens192* 73 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for linux-server -------------------------------------------------------------------------------- /files/bashrc: -------------------------------------------------------------------------------- 1 | # ~/.bashrc: executed by bash(1) for non-login shells. 2 | # see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) 3 | # for examples 4 | 5 | # If not running interactively, don't do anything 6 | case $- in 7 | *i*) ;; 8 | *) return;; 9 | esac 10 | 11 | # don't put duplicate lines or lines starting with space in the history. 12 | # See bash(1) for more options 13 | HISTCONTROL=ignoreboth 14 | 15 | # append to the history file, don't overwrite it 16 | shopt -s histappend 17 | 18 | # for setting history length see HISTSIZE and HISTFILESIZE in bash(1) 19 | HISTSIZE=1000 20 | HISTFILESIZE=2000 21 | 22 | # check the window size after each command and, if necessary, 23 | # update the values of LINES and COLUMNS. 24 | shopt -s checkwinsize 25 | 26 | # If set, the pattern "**" used in a pathname expansion context will 27 | # match all files and zero or more directories and subdirectories. 28 | #shopt -s globstar 29 | 30 | # make less more friendly for non-text input files, see lesspipe(1) 31 | #[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" 32 | 33 | # set variable identifying the chroot you work in (used in the prompt below) 34 | if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then 35 | debian_chroot=$(cat /etc/debian_chroot) 36 | fi 37 | 38 | 39 | if [ -e /usr/share/terminfo/x/xterm-256color ]; then 40 | export TERM='xterm-256color' 41 | else 42 | export TERM='xterm-color' 43 | fi 44 | 45 | # set a fancy prompt (non-color, unless we know we "want" color) 46 | case "$TERM" in 47 | xterm-color|*-256color) color_prompt=yes;; 48 | esac 49 | 50 | # uncomment for a colored prompt, if the terminal has the capability; turned 51 | # off by default to not distract the user: the focus in a terminal window 52 | # should be on the output of commands, not on the prompt 53 | #force_color_prompt=yes 54 | 55 | if [ -n "$force_color_prompt" ]; then 56 | if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then 57 | # We have color support; assume it's compliant with Ecma-48 58 | # (ISO/IEC-6429). (Lack of such support is extremely rare, and such 59 | # a case would tend to support setf rather than setaf.) 60 | color_prompt=yes 61 | else 62 | color_prompt= 63 | fi 64 | fi 65 | 66 | if [ "$color_prompt" = yes ]; then 67 | PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' 68 | else 69 | PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' 70 | fi 71 | unset color_prompt force_color_prompt 72 | 73 | # If this is an xterm set the title to user@host:dir 74 | case "$TERM" in 75 | xterm*|rxvt*) 76 | PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" 77 | ;; 78 | *) 79 | ;; 80 | esac 81 | 82 | # enable color support of ls and also add handy aliases 83 | if [ -x /usr/bin/dircolors ]; then 84 | test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" 85 | alias ls='ls --color=auto' 86 | #alias dir='dir --color=auto' 87 | #alias vdir='vdir --color=auto' 88 | 89 | #alias grep='grep --color=auto' 90 | #alias fgrep='fgrep --color=auto' 91 | #alias egrep='egrep --color=auto' 92 | fi 93 | 94 | # colored GCC warnings and errors 95 | #export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' 96 | 97 | # some more ls aliases 98 | #alias ll='ls -l' 99 | #alias la='ls -A' 100 | #alias l='ls -CF' 101 | 102 | # Alias definitions. 103 | # You may want to put all your additions into a separate file like 104 | # ~/.bash_aliases, instead of adding them here directly. 105 | # See /usr/share/doc/bash-doc/examples in the bash-doc package. 106 | 107 | if [ -f ~/.bash_aliases ]; then 108 | . ~/.bash_aliases 109 | fi 110 | 111 | # enable programmable completion features (you don't need to enable 112 | # this, if it's already enabled in /etc/bash.bashrc and /etc/profile 113 | # sources /etc/bash.bashrc). 114 | if ! shopt -oq posix; then 115 | if [ -f /usr/share/bash-completion/bash_completion ]; then 116 | . /usr/share/bash-completion/bash_completion 117 | elif [ -f /etc/bash_completion ]; then 118 | . /etc/bash_completion 119 | fi 120 | fi 121 | 122 | export PS1="#" 123 | 124 | set -o vi 125 | 126 | alias l='ls -lha' 127 | alias q='cd ..; l' -------------------------------------------------------------------------------- /files/tmux.conf: -------------------------------------------------------------------------------- 1 | unbind C-b 2 | set -g prefix C-a 3 | 4 | # panes 5 | set -g pane-border-fg black 6 | set -g pane-active-border-fg brightred 7 | 8 | ## Status bar design 9 | # status line 10 | set -g status-justify left 11 | set -g status-bg default 12 | set -g status-fg colour12 13 | set -g status-interval 2 14 | 15 | # messaging 16 | set -g message-fg black 17 | set -g message-bg yellow 18 | set -g message-command-fg blue 19 | set -g message-command-bg black 20 | 21 | #window mode 22 | setw -g mode-bg colour6 23 | setw -g mode-fg colour0 24 | 25 | # window status 26 | setw -g window-status-format " #F#I:#W#F " 27 | setw -g window-status-current-format " #F#I:#W#F " 28 | setw -g window-status-format "#[fg=magenta]#[bg=black] #I #[bg=cyan]#[fg=colour8] #W " 29 | setw -g window-status-current-format "#[bg=brightmagenta]#[fg=colour8] #I #[fg=colour8]#[bg=colour14] #W " 30 | setw -g window-status-current-bg colour0 31 | setw -g window-status-current-fg colour11 32 | setw -g window-status-current-attr dim 33 | setw -g window-status-bg green 34 | setw -g window-status-fg black 35 | setw -g window-status-attr reverse 36 | 37 | # Info on left (I don't have a session display for now 38 | set -g status-left '' 39 | 40 | # loud or quiet? 41 | set-option -g visual-activity off 42 | set-option -g visual-bell off 43 | set-option -g visual-silence off 44 | set-window-option -g monitor-activity off 45 | set-option -g bell-action none 46 | 47 | set -g default-terminal "screen-256color" 48 | 49 | # The modes 50 | setw -g clock-mode-colour colour135 51 | setw -g mode-attr bold 52 | setw -g mode-fg colour196 53 | setw -g mode-bg colour238 54 | 55 | # The panes 56 | set -g pane-border-bg colour235 57 | set -g pane-border-fg colour238 58 | set -g pane-active-border-bg colour236 59 | set -g pane-active-border-fg colour51 60 | 61 | # The statusbar 62 | set -g status-position bottom 63 | set -g status-bg colour234 64 | set -g status-fg colour137 65 | set -g status-attr dim 66 | set -g status-left '' 67 | set -g status-right '#[fg=colour233,bg=colour241,bold] %d/%m #[fg=colour233,bg=colour245,bold] %H:%M:%S ' 68 | set -g status-right-length 50 69 | set -g status-left-length 20 70 | 71 | setw -g window-status-current-fg colour81 72 | setw -g window-status-current-bg colour238 73 | setw -g window-status-current-attr bold 74 | setw -g window-status-current-format ' #I#[fg=colour250]:#[fg=colour255]#W#[fg=colour50]#F ' 75 | 76 | setw -g window-status-fg colour138 77 | setw -g window-status-bg colour235 78 | setw -g window-status-attr none 79 | setw -g window-status-format ' #I#[fg=colour237]:#[fg=colour250]#W#[fg=colour244]#F ' 80 | 81 | setw -g window-status-bell-attr bold 82 | setw -g window-status-bell-fg colour255 83 | setw -g window-status-bell-bg colour1 84 | 85 | # The messages 86 | 87 | set -g message-attr bold 88 | set -g message-fg colour232 89 | set -g message-bg colour166 90 | 91 | ######## 92 | 93 | unbind r 94 | bind r source-file ~/.tmux.conf 95 | set -g automatic-rename off 96 | set -g allow-rename off 97 | set-window-option -g mode-key vi 98 | bind R set -g renumber-windows on\; new-window\; kill-window\; set -g renumber-windows off\; display-message "Windows reordered..." 99 | 100 | ## My panel resize features 101 | bind-key -r - resize-pane -L 1 102 | bind-key -r _ resize-pane -R 1 103 | bind-key -r = resize-pane -U 1 104 | bind-key -r + resize-pane -D 1 105 | 106 | 107 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: network configuration changed 2 | service: 3 | name: networking 4 | state: restarted 5 | 6 | - name: docker configuration changed 7 | service: 8 | name: docker 9 | state: restarted 10 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | galaxy_info: 2 | author: OPSXCQ 3 | role_name: linux_server 4 | description: Linux server configuration 5 | company: STRM 6 | license: GPLv3 7 | min_ansible_version: 2.4 8 | platforms: 9 | - name: Debian 10 | versions: 11 | - bullseye 12 | galaxy_tags: [linux, server] 13 | -------------------------------------------------------------------------------- /tasks/base.yml: -------------------------------------------------------------------------------- 1 | # Basic server packages 2 | 3 | - name: Linux Server | Base | Update apt cache 4 | apt: 5 | update_cache: yes 6 | 7 | - name: Linux Server | Base | Install packages 8 | apt: 9 | state: present 10 | name: 11 | - git 12 | - wget 13 | - curl 14 | - tmux 15 | - docker.io 16 | - python3-docker 17 | - rclone 18 | - rsync 19 | - cryptsetup 20 | - lvm2 21 | - mergerfs 22 | 23 | - name: Linux Server | Base | Configure tmux 24 | copy: 25 | src: files/tmux.conf 26 | dest: /root/.tmux.conf 27 | 28 | - name: Linux Server | Base | Create directory structure 29 | file: 30 | path: "{{ item }}" 31 | state: directory 32 | owner: root 33 | group: root 34 | mode: 0775 35 | with_items: 36 | - /data/ 37 | - /data/tmp 38 | - /data/docker 39 | - /data/backups 40 | - /config/ 41 | 42 | - name: Linux Server | Base | Deploy Docker daemon.json 43 | template: 44 | src: docker-daemon.j2 45 | dest: "{{ test_prefix_dir | default('/etc/docker') }}/daemon.json" 46 | notify: docker configuration changed 47 | 48 | - name: Linux Server | Base | Install custom bashrc 49 | copy: 50 | src: files/bashrc 51 | dest: /root/.bashrc 52 | -------------------------------------------------------------------------------- /tasks/kernel.yml: -------------------------------------------------------------------------------- 1 | # Server swap tweaking 2 | 3 | - name: Linux Server | Kernel | Configure swappiness 4 | sysctl: 5 | name: vm.swappiness 6 | value: '1' 7 | sysctl_set: yes 8 | state: present 9 | reload: yes 10 | 11 | - name: Linux Server | Kernel | Configure grub cgroups/swap 12 | shell: grep GRUB_CMDLINE_LINUX_DEFAULT /etc/default/grub | grep -c "cgroup_enable=memory swapaccount=1" 13 | register: cgroup_status 14 | ignore_errors: true 15 | 16 | - name: Linux Server | Kernel | Configure grub cgroups/swap 17 | lineinfile: dest="/etc/default/grub" regexp='GRUB_CMDLINE_LINUX_DEFAULT="(.*)"' line='GRUB_CMDLINE_LINUX_DEFAULT="\1 cgroup_enable=memory swapaccount=1"' backrefs=yes 18 | when: cgroup_status.stdout == "0" 19 | 20 | - name: Linux Server | Kernel | Configure grub cgroups/swap 21 | shell: update-grub 22 | when: cgroup_status.stdout == "0" 23 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Linux server main task 3 | 4 | - include: base.yml 5 | - include: networking.yml 6 | - include: kernel.yml 7 | - include: security.yml 8 | - include: monitoring.yml 9 | -------------------------------------------------------------------------------- /tasks/monitoring.yml: -------------------------------------------------------------------------------- 1 | # Server monitoring packages and containers 2 | 3 | - name: Linux Server | Monitoring | Install packages 4 | apt: 5 | state: present 6 | name: 7 | - htop 8 | - slurm 9 | - iotop 10 | - dstat 11 | - sysstat 12 | 13 | - name: Linux Server | Monitoring | Create directory structure 14 | file: 15 | path: "{{ item }}" 16 | state: directory 17 | owner: root 18 | group: root 19 | mode: 0775 20 | with_items: 21 | - /data/file-exporter 22 | 23 | # TODO : Check if the log plugin is installed, if is 24 | #docker plugin disable loki 25 | #docker plugin upgrade loki grafana/loki-docker-driver:master 26 | #docker plugin enable loki 27 | # and restart docker 28 | 29 | - name: Linux Server | Monitoring | Add docker plugin for remote logs 30 | command: docker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions 31 | ignore_errors: True 32 | notify: docker configuration changed 33 | when: loki is defined 34 | 35 | - name: Linux Server | Monitoring | Setup node exporter 36 | docker_container: 37 | hostname: "{{ hostname + '.' + domain }}" 38 | name: prometheus-exporter-node 39 | image: prom/node-exporter:master 40 | network_mode: host 41 | pid_mode: host 42 | pull: true 43 | volumes: 44 | - /proc:/host/proc:ro 45 | - /sys:/host/sys:ro 46 | - /:/rootfs:ro 47 | - /data/file-exporter:/file-exporter 48 | command: 49 | - "--path.procfs=/host/proc" 50 | - "--path.sysfs=/host/sys" 51 | - "--no-collector.mdadm" 52 | - "--collector.textfile.directory" 53 | - "/file-exporter" 54 | - "--path.rootfs=/rootfs" 55 | state: started 56 | restart_policy: unless-stopped 57 | memory: '32m' 58 | ports: 59 | - 9100:9100 60 | 61 | - name: Linux Server | Monitoring | Setup cAdvisor 62 | docker_container: 63 | hostname: "{{ hostname + '.' + domain }}" 64 | name: prometheus-exporter-cadvisor 65 | image: gcr.io/google-containers/cadvisor 66 | volumes: 67 | - "/:/rootfs:ro" 68 | - "/var/run:/var/run:rw" 69 | - "/sys:/sys:ro" 70 | - "/var/lib/docker/:/var/lib/docker:ro" 71 | - "/dev/disk/:/dev/disk:ro" 72 | command: 73 | - "--housekeeping_interval=60s" 74 | - "--docker_only=true" 75 | - "--disable_metrics=disk,network,tcp,udp,percpu,sched,process" 76 | privileged: true 77 | state: started 78 | restart_policy: unless-stopped 79 | memory: '96m' 80 | published_ports: 81 | - 9101:8080 82 | 83 | - name: Linux Server | Monitoring | Setup promtail configuration 84 | template: 85 | src: promtail.j2 86 | dest: "{{ test_prefix_dir | default('/config/') }}/promtail.yml" 87 | notify: docker configuration changed 88 | when: loki is defined 89 | 90 | - name: Linux Server | Monitoring | Create promtail volume 91 | docker_volume: 92 | name: "promtail-storage" 93 | when: loki is defined 94 | 95 | - name: Linux Server | Monitoring | Setup promtail 96 | docker_container: 97 | hostname: "{{ hostname + '.' + domain }}" 98 | name: promtail 99 | image: grafana/promtail:latest 100 | volumes: 101 | - "/var/log/journal/:/var/log/journal/" 102 | - "/run/log/journal/:/run/log/journal/" 103 | - "/etc/machine-id:/etc/machine-id" 104 | - "/config/promtail.yml:/etc/promtail.yml" 105 | - "promtail-storage:/promtail" 106 | command: "-config.file=/etc/promtail.yml" 107 | state: started 108 | restart: true 109 | restart_policy: unless-stopped 110 | memory: '32m' 111 | published_ports: 112 | - 9080:9080 113 | when: loki is defined 114 | -------------------------------------------------------------------------------- /tasks/networking.yml: -------------------------------------------------------------------------------- 1 | # Server networking configuration, packages and containers 2 | 3 | - name: Linux Server | Networking | Install packages 4 | apt: 5 | state: present 6 | name: 7 | - tcpdump 8 | - resolvconf 9 | 10 | - name: Linux Server | Networking | Configure /etc/hosts 11 | copy: 12 | dest: "{{ test_prefix_dir | default('/etc') }}/hosts" 13 | content: "{{ static_hosts }}" 14 | when: static_hosts is defined 15 | 16 | - name: Linux Server | Networking | Configure static address 17 | debug: 18 | msg: "Setting static IP on interface {{ ansible_default_ipv4.interface }}" 19 | 20 | - name: Linux Server | Networking | Configure static address 21 | template: 22 | src: interfaces.j2 23 | dest: "{{ test_prefix_dir | default('/etc/network') }}/interfaces" 24 | when: network is defined 25 | 26 | - name: Linux Server | Networking | Configure DNS 27 | template: 28 | src: dns.j2 29 | dest: "{{ test_prefix_dir | default('/etc/resolvconf/resolv.conf.d') }}/base" 30 | when: network is defined 31 | 32 | - name: Linux Server | Networking | Configure hostname 33 | hostname: 34 | name: "{{ hostname }}" 35 | -------------------------------------------------------------------------------- /tasks/security.yml: -------------------------------------------------------------------------------- 1 | # Security 2 | 3 | - name: Linux Server | Security | Install packages 4 | apt: 5 | state: present 6 | name: 7 | - gpg 8 | - pass 9 | 10 | 11 | - name: Linux Server | Security | Download GPG keys 12 | get_url: url=https://github.com/{{ github_user }}.gpg dest=/tmp/gpg 13 | 14 | - name: Linux Server | Security | Install GPG keys 15 | shell: gpg --import /tmp/gpg 16 | 17 | - name: Linux Server | Security | Cleanup GPG keys 18 | file: path=/tmp/gpg state=absent 19 | 20 | - name: Linux Server | Security | Install SSH keys 21 | get_url: url=https://github.com/{{ github_user }}.keys dest=/root/.ssh/authorized_keys 22 | -------------------------------------------------------------------------------- /templates/dns.j2: -------------------------------------------------------------------------------- 1 | {% for dns in network.dns %} 2 | nameserver {{ dns }} 3 | {% endfor %} 4 | -------------------------------------------------------------------------------- /templates/docker-daemon.j2: -------------------------------------------------------------------------------- 1 | { 2 | "graph": "/data/docker", 3 | {% if loki is defined %} 4 | "log-driver": "loki", 5 | "log-opts": { 6 | "loki-url": "{{ loki.url }}", 7 | "loki-batch-size": "5000", 8 | "loki-retries": "5", 9 | "max-size": "10m", 10 | "max-file": "3" 11 | } 12 | {% else %} 13 | "log-driver": "json-file", 14 | "log-opts": { 15 | "max-size": "10m", 16 | "max-file": "3" 17 | } 18 | {% endif %} 19 | } 20 | -------------------------------------------------------------------------------- /templates/interfaces.j2: -------------------------------------------------------------------------------- 1 | # Managed by ansible 2 | # This file describes the network interfaces available on your system 3 | # and how to activate them. For more information, see interfaces(5). 4 | 5 | source /etc/network/interfaces.d/* 6 | 7 | # The loopback network interface 8 | auto lo 9 | iface lo inet loopback 10 | 11 | # The primary network interface 12 | allow-hotplug {{ ansible_default_ipv4.interface }} 13 | iface {{ ansible_default_ipv4.interface }} inet static 14 | address {{ network.ip }}{{ network.cidr | default('/24') }} 15 | gateway {{ network.gateway }} 16 | dns-nameservers {{ network.dns | join(' ') }} 17 | dns-search {{ domain }} 18 | 19 | {% for extra_ip in network.extra_ips %} 20 | iface {{ ansible_default_ipv4.interface }} inet static 21 | address {{ extra_ip }}{{ network.cidr | default('/24') }} 22 | {% endfor %} 23 | 24 | {% if network.raw_extra is defined %} 25 | {{ network.raw_extra }} 26 | {% endif %} 27 | -------------------------------------------------------------------------------- /templates/promtail.j2: -------------------------------------------------------------------------------- 1 | server: 2 | http_listen_port: 9080 3 | grpc_listen_port: 0 4 | 5 | positions: 6 | filename: /promtail/positions.yaml 7 | 8 | clients: 9 | - url: {{ loki.url }} 10 | 11 | scrape_configs: 12 | - job_name: system 13 | static_configs: 14 | - targets: 15 | - localhost 16 | labels: 17 | job: vmware_guest_logs 18 | __path__: /var/log/vmware*.log 19 | - targets: 20 | - localhost 21 | labels: 22 | job: messages 23 | __path__: /var/log/messages 24 | - targets: 25 | - localhost 26 | labels: 27 | job: syslog 28 | __path__: /var/log/syslog 29 | - targets: 30 | - localhost 31 | labels: 32 | job: user_logs 33 | __path__: /var/log/user.log 34 | - targets: 35 | - localhost 36 | labels: 37 | job: daemon_logs 38 | __path__: /var/log/daemon.log 39 | - targets: 40 | - localhost 41 | labels: 42 | job: kernel_logs 43 | __path__: /var/log/kern.log 44 | - targets: 45 | - localhost 46 | labels: 47 | job: auth_logs 48 | __path__: /var/log/auth.log 49 | - targets: 50 | - localhost 51 | labels: 52 | job: varlogs 53 | __path__: /var/log/*log 54 | - job_name: journal 55 | journal: 56 | json: false 57 | max_age: 12h 58 | path: /var/log/journal 59 | labels: 60 | job: systemd-journal 61 | relabel_configs: 62 | - source_labels: ['__journal__systemd_unit'] 63 | target_label: 'unit' 64 | -------------------------------------------------------------------------------- /tests/inventory: -------------------------------------------------------------------------------- 1 | localhost 2 | 3 | -------------------------------------------------------------------------------- /tests/test.yml: -------------------------------------------------------------------------------- 1 | - hosts: all 2 | vars: 3 | hostname: "template" 4 | domain: "strm.sh" 5 | network: 6 | ip: "192.168.0.9" 7 | cidr: "/24" 8 | gateway: "192.168.0.1" 9 | dns: "8.8.8.8" 10 | static_hosts: "{{ lookup('file', 'hosts') }}" 11 | github_user: opsxcq 12 | tasks: 13 | - debug: 14 | msg: "Your other tasks here" 15 | roles: 16 | - ../.. 17 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for linux-server --------------------------------------------------------------------------------