From a81e761ea7d19437271f307be64a26e5042e42f0 Mon Sep 17 00:00:00 2001 From: tolerryan <105945216+tolerryan@users.noreply.github.com> Date: Tue, 22 Apr 2025 01:04:24 -0500 Subject: [PATCH] semaphore setup --- roles/ind/semaphore/cron.vars | 0 roles/ind/semaphore/docker-compose.yml | 22 ++++++ .../semaphore-install.yml} | 37 ++++------ roles/ind/zabbix/cron.vars | 49 ------------ roles/ind/zabbix/docker-compose.env | 5 -- roles/ind/zabbix/docker-compose.yml | 74 ------------------- roles/lib/setup-zabbix-agent.yml | 33 --------- roles/lib/upgrade-packages.yml | 7 ++ zabbix.tf => semaphore.tf | 12 +-- 9 files changed, 45 insertions(+), 194 deletions(-) create mode 100644 roles/ind/semaphore/cron.vars create mode 100644 roles/ind/semaphore/docker-compose.yml rename roles/ind/{zabbix/zabbix-install.yml => semaphore/semaphore-install.yml} (68%) delete mode 100644 roles/ind/zabbix/cron.vars delete mode 100644 roles/ind/zabbix/docker-compose.env delete mode 100644 roles/ind/zabbix/docker-compose.yml delete mode 100644 roles/lib/setup-zabbix-agent.yml rename zabbix.tf => semaphore.tf (80%) diff --git a/roles/ind/semaphore/cron.vars b/roles/ind/semaphore/cron.vars new file mode 100644 index 0000000..e69de29 diff --git a/roles/ind/semaphore/docker-compose.yml b/roles/ind/semaphore/docker-compose.yml new file mode 100644 index 0000000..97ae20f --- /dev/null +++ b/roles/ind/semaphore/docker-compose.yml @@ -0,0 +1,22 @@ +services: + +# semaphore server + semaphore: + ports: + - 3000:3000 + image: semaphoreui/semaphore:v2.13.14 + environment: + SEMAPHORE_DB_DIALECT: bolt + SEMAPHORE_ADMIN: semaadmin + SEMAPHORE_ADMIN_PASSWORD: G!$yrgMH8XkhPQ + SEMAPHORE_ADMIN_NAME: Admin + SEMAPHORE_ADMIN_EMAIL: admin@localhost + SEMAPHORE_USE_REMOTE_RUNNER: "True" + volumes: + - ./semaphore/data:/var/lib/semaphore + - ./semaphore/etc:/etc/semaphore + - ./semaphore/tmp:/tmp/semaphore +volumes: + ./semaphore/data: + ./semaphore/etc: + ./semaphore/tmp: diff --git a/roles/ind/zabbix/zabbix-install.yml b/roles/ind/semaphore/semaphore-install.yml similarity index 68% rename from roles/ind/zabbix/zabbix-install.yml rename to roles/ind/semaphore/semaphore-install.yml index 77b9afb..e658b9b 100644 --- a/roles/ind/zabbix/zabbix-install.yml +++ b/roles/ind/semaphore/semaphore-install.yml @@ -19,15 +19,6 @@ - name: Setup Restic Cron jobs include: ../../lib/setup-restic-cron.yml - - name: Create zabbix user - user: - name: zabbix - uid: 2005 - group: users - state: present - create_home: yes - home: /home/zabbix - shell: /bin/bash - name: Install Python Packages apt: @@ -39,10 +30,10 @@ - name: Setup Service copy: - dest: /etc/systemd/system/zabbix.service + dest: /etc/systemd/system/semaphone.service content: | [Unit] - Description=zabbix + Description=semaphone After=network.target [Service] @@ -73,27 +64,27 @@ group: docker mode: u=rw,g=r,o=r - - name: Check if zabbix directory exists + - name: Check if semaphone directory exists stat: - path: /zabbix - register: zabbix_stat + path: /semaphone + register: semaphone_stat - - name: Restore zabbix Dir + - name: Restore semaphone Dir shell: | - restic --password-file /home/restic/.resticpassword -r sftp:misamisa://home/restic/$(hostname) --target / --path /zabbix/zabbix-server restore latest - restic --password-file /home/restic/.resticpassword -r sftp:misamisa://home/restic/$(hostname) --target / --path /zabbix/zabbix-web restore latest - restic --password-file /home/restic/.resticpassword -r sftp:misamisa://home/restic/$(hostname) --target / --path /zabbix/zabbix-db/backups restore latest + restic --password-file /home/restic/.resticpassword -r sftp:misamisa://home/restic/$(hostname) --target / --path /semaphone/semaphone-server restore latest + restic --password-file /home/restic/.resticpassword -r sftp:misamisa://home/restic/$(hostname) --target / --path /semaphone/semaphone-web restore latest + restic --password-file /home/restic/.resticpassword -r sftp:misamisa://home/restic/$(hostname) --target / --path /semaphone/semaphone-db/backups restore latest args: - chdir: /home/restic - creates: /zabbix - when: not zabbix_stat.stat.exists or not zabbix_stat.stat.isdir + chdir: /home/semaphone + creates: /semaphone + when: not semaphone_stat.stat.exists or not semaphone_stat.stat.isdir - name: Reload systemd daemon systemd: daemon_reload: yes - - name: Start zabbix Service + - name: Start semaphone Service systemd: - name: zabbix + name: semaphone state: started enabled: yes \ No newline at end of file diff --git a/roles/ind/zabbix/cron.vars b/roles/ind/zabbix/cron.vars deleted file mode 100644 index aa777c0..0000000 --- a/roles/ind/zabbix/cron.vars +++ /dev/null @@ -1,49 +0,0 @@ ---- -cronjob: - - name: Zabbix-server - job_name: "Weekly Zabbix-server Backup" - job_minute: "0" - job_hour: "2" - job_day: "4" - user: "root" - job_command: "/home/restic/restic.sh --backup /zabbix/zabbix-server/" - - - name: Zabbix-web - job_name: "Weekly /zabbix/zabbix-web/ Backup" - job_minute: "0" - job_hour: "4" - job_day: "3" - user: "root" - job_command: "/home/docker/restic.sh --backup /zabbix/zabbix-web/ " - - - name: Zabbix-db - job_name: "Weekly /zabbix/zabbix-db/backups/ Backup" - job_minute: "10" - job_hour: "5" - job_day: "1" - user: "root" - job_command: "/home/docker/restic.sh --backup /zabbix/zabbix-db/backups/" - - - name: verify-Zabbix-server - job_name: "Weekly Zabbix-server verify" - job_minute: "0" - job_hour: "2" - job_day: "5" - user: "root" - job_command: "/home/restic/restic.sh --check /zabbix/zabbix-server/" - - - name: verify-Zabbix-web - job_name: "Weekly /zabbix/zabbix-web/ verify" - job_minute: "0" - job_hour: "4" - job_day: "5" - user: "root" - job_command: "/home/docker/restic.sh --check /zabbix/zabbix-web/ " - - - name: verify-Zabbix-db - job_name: "Weekly /zabbix/zabbix-db/backups/ verification" - job_minute: "10" - job_hour: "5" - job_day: "5" - user: "root" - job_command: "/home/docker/restic.sh --check /zabbix/zabbix-db/backups/" \ No newline at end of file diff --git a/roles/ind/zabbix/docker-compose.env b/roles/ind/zabbix/docker-compose.env deleted file mode 100644 index 087dc74..0000000 --- a/roles/ind/zabbix/docker-compose.env +++ /dev/null @@ -1,5 +0,0 @@ -MYSQL_USER=zabbix -MYSQL_PASSWORD=zabbix -MYSQL_ROOT_PASSWORD=kqjnvq038rn32n4jkn -ZABBIX_DATA_PATH=/zabbix -ZBX_STARTPINGERS=1 \ No newline at end of file diff --git a/roles/ind/zabbix/docker-compose.yml b/roles/ind/zabbix/docker-compose.yml deleted file mode 100644 index f4fc96c..0000000 --- a/roles/ind/zabbix/docker-compose.yml +++ /dev/null @@ -1,74 +0,0 @@ -services: -# Zabbix database - zabbix-db: - container_name: zabbix-db - image: mariadb:11.4.4 - restart: always - volumes: - - ${ZABBIX_DATA_PATH}/zabbix-db/mariadb:/var/lib/mysql:rw - - ${ZABBIX_DATA_PATH}/zabbix-db/backups:/backups - command: - - mariadbd - - --character-set-server=utf8mb4 - - --collation-server=utf8mb4_bin - ##- --default-authentication-plugin=mysql_native_password - environment: - - MYSQL_USER=${MYSQL_USER} - - MYSQL_PASSWORD=${MYSQL_PASSWORD} - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - stop_grace_period: 1m - -# Zabbix server - zabbix-server: - container_name: zabbix-server - image: zabbix/zabbix-server-mysql:ubuntu-7.2-latest - restart: always - ports: - - 10051:10051 - volumes: - - /etc/localtime:/etc/localtime:ro - - ${ZABBIX_DATA_PATH}/zabbix-server/zabbix_server.conf:/etc/zabbix/zabbix_server.conf - - ${ZABBIX_DATA_PATH}/zabbix-server/alertscripts:/usr/lib/zabbix/alertscripts:ro - - ${ZABBIX_DATA_PATH}/zabbix-server/externalscripts:/usr/lib/zabbix/externalscripts:ro - - ${ZABBIX_DATA_PATH}/zabbix-server/dbscripts:/var/lib/zabbix/dbscripts:ro - - ${ZABBIX_DATA_PATH}/zabbix-server/export:/var/lib/zabbix/export:rw - - ${ZABBIX_DATA_PATH}/zabbix-server/modules:/var/lib/zabbix/modules:ro - - ${ZABBIX_DATA_PATH}/zabbix-server/enc:/var/lib/zabbix/enc:ro - - ${ZABBIX_DATA_PATH}/zabbix-server/ssh_keys:/var/lib/zabbix/ssh_keys:ro - - ${ZABBIX_DATA_PATH}/zabbix-server/mibs:/var/lib/zabbix/mibs:ro - environment: - - MYSQL_ROOT_USER=root - - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - - DB_SERVER_HOST=zabbix-db - - ZBX_STARTPINGERS=${ZBX_STARTPINGERS} - depends_on: - - zabbix-db - stop_grace_period: 30s - sysctls: - - net.ipv4.ip_local_port_range=1024 65000 - - net.ipv4.conf.all.accept_redirects=0 - - net.ipv4.conf.all.secure_redirects=0 - - net.ipv4.conf.all.send_redirects=0 - -# Zabbix web UI - zabbix-web: - container_name: zabbix-web - image: zabbix/zabbix-web-nginx-mysql:ubuntu-7.2-latest - restart: always - ports: - - 8080:8080 - volumes: - - /etc/localtime:/etc/localtime:ro - - ${ZABBIX_DATA_PATH}/zabbix-web/nginx:/etc/ssl/nginx:ro - - ${ZABBIX_DATA_PATH}/zabbix-web/modules/:/usr/share/zabbix/modules/:ro - environment: - - MYSQL_USER=${MYSQL_USER} - - MYSQL_PASSWORD=${MYSQL_PASSWORD} - - DB_SERVER_HOST=zabbix-db - - ZBX_SERVER_HOST=zabbix-server - - ZBX_SERVER_NAME=Zabbix Docker - - PHP_TZ=America/Chicago - depends_on: - - zabbix-db - - zabbix-server - stop_grace_period: 10s diff --git a/roles/lib/setup-zabbix-agent.yml b/roles/lib/setup-zabbix-agent.yml deleted file mode 100644 index 8734613..0000000 --- a/roles/lib/setup-zabbix-agent.yml +++ /dev/null @@ -1,33 +0,0 @@ -- name: Download Zabbix Repo - ansible.builtin.get_url: - url: "https://repo.zabbix.com/zabbix/7.2/release/debian/pool/main/z/zabbix-release/zabbix-release_latest_7.2+debian12_all.deb" - dest: "/tmp/zabbix-release_7.2.deb" - -- name: Install Zabbix Repo package - ansible.builtin.apt: - deb: /tmp/zabbix-release_7.2.deb - -- name: Install zabbix-agent2 and plugins - ansible.builtin.apt: - name: - - zabbix-agent2 - - zabbix-agent2-plugin-* - update_cache: yes - -- name: Restart zabbix-agent2 - systemd: - name: zabbix-agent2 - state: restarted - -- name: Enable zabbix-agent2 to start on boot - systemd: - name: zabbix-agent2 - enabled: yes - -- name: Update zabbix-agent2.conf - ansible.builtin.lineinfile: - path: /etc/zabbix/zabbix_agent2.conf - regexp: '^Server=.*' - line: 'Server=192.168.0.59' - state: present - backup: yes \ No newline at end of file diff --git a/roles/lib/upgrade-packages.yml b/roles/lib/upgrade-packages.yml index d04de39..88261e0 100644 --- a/roles/lib/upgrade-packages.yml +++ b/roles/lib/upgrade-packages.yml @@ -6,6 +6,13 @@ create: yes mode: '0644' + - name: Set up apt proxy configuration + copy: + content: | + Acquire::http::Proxy "http://debcache:3142"; + dest: /etc/apt/apt.conf.d/00cacher + mode: '0644' + - name: Update apt cache ansible.builtin.apt: update_cache: yes diff --git a/zabbix.tf b/semaphore.tf similarity index 80% rename from zabbix.tf rename to semaphore.tf index 20c3f69..9224421 100644 --- a/zabbix.tf +++ b/semaphore.tf @@ -1,6 +1,6 @@ -resource "proxmox_lxc" "zabbix" { +resource "proxmox_lxc" "semaphore" { target_node = "pve" - hostname = "zabbix" + hostname = "semaphore" vmid = 220 ostemplate = "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst" password = "terraform" @@ -22,14 +22,6 @@ resource "proxmox_lxc" "zabbix" { size = "64G" } - mountpoint{ - key = "0" - slot = 0 - storage = "Ceph" - mp = "/ceph" - size = "200G" - } - network { name = "eth0" bridge = "vmbr0"