tobias/infrastructure
1
0
Fork 0
Code Issues 5 Pull Requests Projects Activity

Rename backup to filehost

Browse Source
This commit is contained in:
Tobias Manske 2024-03-02 22:32:19 +01:00
parent ec8a78aa6a
commit 0106837a3c
Signed by: tobias
GPG Key ID: 9164B527694A0709
12 changed files with 79 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ansible/host_vars/backup.unruhig.eu/main.yml
View File

@ -1,7 +0,0 @@
known_hosts:
- backup.unruhig.eu ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXlm4q3UBK2ChZCujrc9nv45tnntj6E+80UOOzZ6EEFWeUkJ0R+o4z4bnLsWBfFxfwgMDUvFCUCuS7R7xo2pE6vlRhPeD6eTitqNmRMfgmMZLJCdWD5eechg2FNSIht+wB61KEwMBuARXX45nmvIknWiRBK0qAGMLgy46hAx60hf/2uzSuyF6cxQdRqH7TNKZ/06aC7fCo9MCvHbiWvOSKbRx+jYSw8L27DW8WbPTqTGhywidij3nQEjwCFof/IN/hdp7NLpF/8qAoxW9iLWHh7ghESSwHxDF+QC1NjyA1g9QvyX+4p/hzR71wvQ2OVT/R9qx45jJiEi4dVQtsPGbcMzY9gQNbzyzl898cvnp2OuS50kGxuJZaJLMOj2UClbpW+lTrrkKvBZKkAF85v+C6Xcx/waY01eH0PaDBpoo40Y+vS9nWLmnKcvz5iDC6DVL8gUyDxuQj6/qMQuVsr5GL7GnvqIF/jjz6rNqES5Lr88c18ZyWeaupAHNnSgxaGV8=
- backup.unruhig.eu ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNxa8vbJ70oM2PlEKegPu3/SUO7oXz2lM6PvR74Ad+RYjjAQZr/j3WMpeDn15ugexlYmYoHgxgeT0xA6E/ZAM/0=
- backup.unruhig.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvXX75sXWRgslMW/Ufq0t0OJQnTFiWPL4yBUBdGIU9k
ssh:
authorized_keys:
- ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNpGyOWzNNTW7e8PBZCRZ8q4JygBKKtOMWng09b3mnNo9GPvb+V7RhnMf0rnGbwp9q89QFjYbZ8ZKqCoBpgtlT4= backup.unruhig.eu_22

7
ansible/host_vars/backup.unruhig.eu/vault.yaml
View File

@ -1,7 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
64323432633839313739346636383934366264653165373433316239366235613336646462333031
3633326564323431653131653436386563613562633432390a383161343463343366336266303038
36316230323264646532386238363331663364353365643861323536643961613561626265313762
3864373034646433300a623535623532353965333030383065346562393139313437313438623361
63336531373365383463303437343833646531366363353630626134373932303063653530323433
6639623264316133356463333236623032356138636361383966

7
ansible/host_vars/filehost.unruhig.eu/main.yml Normal file
View File

@ -0,0 +1,7 @@
known_hosts:
- filehost.unruhig.eu ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXlm4q3UBK2ChZCujrc9nv45tnntj6E+80UOOzZ6EEFWeUkJ0R+o4z4bnLsWBfFxfwgMDUvFCUCuS7R7xo2pE6vlRhPeD6eTitqNmRMfgmMZLJCdWD5eechg2FNSIht+wB61KEwMBuARXX45nmvIknWiRBK0qAGMLgy46hAx60hf/2uzSuyF6cxQdRqH7TNKZ/06aC7fCo9MCvHbiWvOSKbRx+jYSw8L27DW8WbPTqTGhywidij3nQEjwCFof/IN/hdp7NLpF/8qAoxW9iLWHh7ghESSwHxDF+QC1NjyA1g9QvyX+4p/hzR71wvQ2OVT/R9qx45jJiEi4dVQtsPGbcMzY9gQNbzyzl898cvnp2OuS50kGxuJZaJLMOj2UClbpW+lTrrkKvBZKkAF85v+C6Xcx/waY01eH0PaDBpoo40Y+vS9nWLmnKcvz5iDC6DVL8gUyDxuQj6/qMQuVsr5GL7GnvqIF/jjz6rNqES5Lr88c18ZyWeaupAHNnSgxaGV8=
- filehost.unruhig.eu ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNxa8vbJ70oM2PlEKegPu3/SUO7oXz2lM6PvR74Ad+RYjjAQZr/j3WMpeDn15ugexlYmYoHgxgeT0xA6E/ZAM/0=
- filehost.unruhig.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvXX75sXWRgslMW/Ufq0t0OJQnTFiWPL4yBUBdGIU9k
ssh:
authorized_keys:
- ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNpGyOWzNNTW7e8PBZCRZ8q4JygBKKtOMWng09b3mnNo9GPvb+V7RhnMf0rnGbwp9q89QFjYbZ8ZKqCoBpgtlT4= backup.unruhig.eu_22

17
ansible/host_vars/filehost.unruhig.eu/vault.yaml Normal file
View File

@ -0,0 +1,17 @@
$ANSIBLE_VAULT;1.1;AES256
36336235613033366466623936373035353462656137303937626535653237646633663035363435
3935323464336235353134623634343539383930653066370a623435326437643362386638623735
64393933303561303833326364613736643632376464383632613964313265356565636237653432
6338326433623539310a393261376134626164316230386533333766336130326236333562636665
65663865653663623838656237376262626139643733356461383539383164653338613636383935
39366133623933366631643938643832373264613031393430623132386166643836616362613333
39326666356434343263383934613238663635613234323264363930396136356461386365666538
38376564386339623462646138646461633732313866306365303463356330316535383137666230
31313132663030626562313437623735376338333061306438343761396637613535373633386536
37303535386566303564343938333037356363383561656462393239323736643331646536626633
34663534653165663930663939363936323630643065306462353261616535666338353962643930
30353439653331613165333137626636363064366164626136643234353030336139336535333132
36373934343431363665643631373336396433383732326539663336366234613364363663323238
34333530366634613933363530373935383831653864633462336465366136613730643932303935
35363935343233383733623233316332653061666262633435346532326365326462366366333966
33366364343330313238

76
ansible/host_vars/thonkpad.ka.chaoswg.org/vault.yaml
View File

@ -1,36 +1,42 @@
$ANSIBLE_VAULT;1.2;AES256;secrets $ANSIBLE_VAULT;1.2;AES256;secrets
61376266333439343062396134316539386363343430323265383434353132646537336230643134 30343065306563343765353231366539356463646634363230643639616338663138376666343962
3730643332383438393536366465396435343939383263330a386434626263333934396339373132 6164333837646563356334613035383365636337393362350a343334643838303562363932336263
31376363396361363562396561336232643961323636656632373734383130623364383639623663 33363432393565623631356331343063333332663937343639343739666130646262623364353237
3234313564346335640a323433313365393834313938613938383532373135353930303438333665 6366346434366236370a393063356266333430326362643932303130633635363732623361323736
61386532666130336334343064313432383434323864643463616332323366316332393964363161 63386266333362653530333262383064366462313938646362386338643661343165363839636536
37663365636137643461386362313038383236636261303936366231386566333736306562653366 62613561363637346538323062643664303932666566393537616539353730306164623535313636
37336238396635613839643634343865383164366435653764303962343337393365616464323337 32656230663861363635633839643731326363393838636263313665313466313833363638346566
66303530323233373635303065393032393365383232333632383065316561306265303334306663 33386566346564363963363166326564613366393531366135633430616634323261386263376565
36646635663732323561623438366239656338613863643638386135343639343037346636663037 63663962653039623434643136393564336631613433613433636632623938306365376639326338
34343632366637336235316663613338656537656437343431373535386534656330643237353365 38393465393764666636373430323736303235363238393038353632646365373536313566333238
63373037313336663632356465613631656263353163313234373534623930346533346661303631 32616631666263353132333439653334643737336633663164356337363732366534366537343532
32373831343434373834386435356439343432343963313362643365633739613337353338383933 30383531303663656263353461343166616139306634396432653032313366356265326664666339
33653835343636343937353238396466396266323935643162623235316635333365333931333334 39393432343734336565303034636435623336646639373438363363613538643435653230326630
66323063336463616437383664353266386438653030363161663034333434666331303862393430 32393362376164646335613166643632323861313834386630613932666166303438346461646564
35616233343333383137656363626564316566323530343236316632383537363666636561353039 37646362316662373231666332666530353537376239633664316561363332313565633361393464
64653131323936666137326665376261383361326431626166346238313737353931396536626564 65623635623166613430396638613061613737303739343266643663626134303361633561376135
63376637316431633634396263333537323062643362336162396637636661363731383437343935 32336339356462353864646664633632306338353230663532303963636238636266383137393063
63646665326164633339656236636433323864626534393862633161653638366330646137666230 37663064666539653362376662356265626630636230393230306565313264663961653135363238
64353230366166636531316132303735653836303531656661366133386362393637316562653737 39623436646138656565383662653037623835333631323836343262353830323764663266396634
31623936346336353763613432353461396262373238326230393862363638623237376165656230 62636536653833653932613661373438356138643334363034656339626365613761333764333732
37386634663133353536623232623437636238333634363264303533316561373764356639393566 34303538313134666238663732393933613537383661636463336538393035626438323039353661
66306462663563386237646465336562343430613934396434313831343263343635663363383462 36663939303366386136643335356131643032313934363361373563313965383734613632373631
62306130333464653538623166373636373663383532656135623763616365376565316135616131 38333961613838313863333436356263363432326366353266623266616561323666383931343362
37386239643565343561333535656130366133353139666538383661363237333131323635643932 32616265643133653532383732393739343366366532343461636338333463336466363331303931
65653338396532346464356137353634323265376432326433323164623838356436666532613664 30373833363037643637343662313737383565363164323235306335303938363937626466643066
37363635313738386362393135333235633139316532383463353537383439383366353163326663 62336261373865383234626463333535383662306330306663353438343061383761393165306231
35616438326663663237333262656133323236613036366535336161663164613663656236396335 33303434303734623564616331646166376432343035393231306136343762653038656434653436
61366333613335386535623935313364393363636432633861316239623166313261386632623936 66626639616139666133373063626237616133626334326530636162333930336539613336316330
34383733313466353431623035386430343966616535383637333564643338376630323365376365 62653964353633376164646664376234336535633765616634663266636464393464653435393538
66633139656163386166656130356662343162373834643864626335353864333062333631353461 34363865363338616336363561306461363532363131366534663366353463383134666239393230
66376333663635373835333830343336383936383330666139363161393166356534613366643766 65653864643562333962323832363732616434343736376561643361666138343330653337313266
35366238633334656335386538333930376437646261343565393764393064393437396363366464 31363339356536313832383162643035663538656463373133346265353437323634346539383933
61343531626366356238376635363964663666333839306166363863313639303165303630396164 64613539333566333262656566643935323138393266656361316131623566663164333138656437
30306166333062333031663365366331383430313931363933393439346235386239333665373838 34363830356431666531343938643934373562643232653239373837363336633030666631656361
613161643062353436326338376463663533 36393765333463643365663938636134666664653763663264613032386135356266636236623035
64326239343730326639363133653666643534326362303339373733643164623634613633613138
61313130613434336463363739623430626638323939306462316235663963313233633833313734
66333461613766343130393539613332353131643730623466623365643237653865363262333734
64623164663366326538386331343162336433393466386133323537623536636461613732323734
39613639306562326366336634376263633062386163333964396532326666643539613739313365
31343132313837646235313764396130653764623838396635626462626531303732

6
ansible/inventory.yaml
View File

@ -20,7 +20,7 @@ all:
network_interface: ens3 network_interface: ens3
network_ipv6_addr: "2a03:4000:9:176::1" network_ipv6_addr: "2a03:4000:9:176::1"
wg_addr: 10.1.0.4 wg_addr: 10.1.0.4
backup.unruhig.eu: filehost.unruhig.eu:
ansible_user: core ansible_user: core
network_interface: ens3 network_interface: ens3
network_ipv6_addr: "2a03:4000:56:e17::1" network_ipv6_addr: "2a03:4000:56:e17::1"
@ -42,7 +42,7 @@ all:
host.nc.chaoswg.org: null host.nc.chaoswg.org: null
thonkpad.ka.chaoswg.org: null thonkpad.ka.chaoswg.org: null
infra.unruhig.eu: null infra.unruhig.eu: null
backup.unruhig.eu: null filehost.unruhig.eu: null
mon1.hel1.chaoswg.org: null mon1.hel1.chaoswg.org: null
backup: backup:
hosts: hosts:
@ -58,4 +58,4 @@ all:
host.nc.chaoswg.org: null host.nc.chaoswg.org: null
mon1.hel1.chaoswg.org: null mon1.hel1.chaoswg.org: null
infra.unruhig.eu: null infra.unruhig.eu: null
backup.unruhig.eu: null filehost.unruhig.eu: null

2
ansible/known_hosts
View File

@ -12,3 +12,5 @@ mon1.hel1.chaoswg.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCl6bzWEhtuyKLLOUjRv0
thonkpad.ka.chaoswg.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDq68XLq1mlFsHDfa1mlpNJZ83wCR3ZO5C/fkNe+kVwG9apKmGdCaAWZs9n1MKe08maSLf5Dx01B+m79+l9KrKQ= thonkpad.ka.chaoswg.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDq68XLq1mlFsHDfa1mlpNJZ83wCR3ZO5C/fkNe+kVwG9apKmGdCaAWZs9n1MKe08maSLf5Dx01B+m79+l9KrKQ=
thonkpad.ka.chaoswg.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOY8bK8R5aUnXr/8vxZ6NSznTNGcTu4iQJJo5GYVXflR thonkpad.ka.chaoswg.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOY8bK8R5aUnXr/8vxZ6NSznTNGcTu4iQJJo5GYVXflR
thonkpad.ka.chaoswg.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8b0SqPTmmJYJEcGYMjeeyEZlEjjQTIj+XKZ3Sonbb6xT32SedabIJ8k+xw+yeRjDOhBnx1wl7KrfBhZqZ18qGbB3214d7QmgylWpC5KkQV89ow0c24JI2zSLfC3kMYbGvSSwch+ql8rLUBXGRczzMYuh9kWrXhkK9vF7821/pxBSsO4XD/9fZwEa/VfpakuFJUU0bmFGgi/OmlHf80U08B0LHlg/IYdM+3JemwWbx1swx7ylXwDUWGjyK5mxYR2SEBbwnHuCoanj8SW9xwPLfUOT9t5+IADtFya7J3o0cDAk+6ZjJOZcdtmY6WO1hR/K82aFnecAV4mjr8+fx/GpnbGCt8Jpv88bdhG7LWxzKESrZDbQDiZ2z4itkkq5fbOGeXeUrFuff8Vva/VtsUoLPToS6bctgVqZ2slbI+6J6YJXPE4LzUa57NRj2qyXSbr+q5q9URfrkOmFDwaBq5jLiFcDEDOS7UpAjoN5A1rAkxN7v+uP3gwYainkbx2+7DrM= thonkpad.ka.chaoswg.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC8b0SqPTmmJYJEcGYMjeeyEZlEjjQTIj+XKZ3Sonbb6xT32SedabIJ8k+xw+yeRjDOhBnx1wl7KrfBhZqZ18qGbB3214d7QmgylWpC5KkQV89ow0c24JI2zSLfC3kMYbGvSSwch+ql8rLUBXGRczzMYuh9kWrXhkK9vF7821/pxBSsO4XD/9fZwEa/VfpakuFJUU0bmFGgi/OmlHf80U08B0LHlg/IYdM+3JemwWbx1swx7ylXwDUWGjyK5mxYR2SEBbwnHuCoanj8SW9xwPLfUOT9t5+IADtFya7J3o0cDAk+6ZjJOZcdtmY6WO1hR/K82aFnecAV4mjr8+fx/GpnbGCt8Jpv88bdhG7LWxzKESrZDbQDiZ2z4itkkq5fbOGeXeUrFuff8Vva/VtsUoLPToS6bctgVqZ2slbI+6J6YJXPE4LzUa57NRj2qyXSbr+q5q9URfrkOmFDwaBq5jLiFcDEDOS7UpAjoN5A1rAkxN7v+uP3gwYainkbx2+7DrM=
192.168.0.73 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOY8bK8R5aUnXr/8vxZ6NSznTNGcTu4iQJJo5GYVXflR
filehost.unruhig.eu ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvXX75sXWRgslMW/Ufq0t0OJQnTFiWPL4yBUBdGIU9k

4
ansible/playbook.yaml
View File

@ -23,8 +23,8 @@
ansible.builtin.import_playbook: plays/thonkpad.yaml ansible.builtin.import_playbook: plays/thonkpad.yaml
- name: infra.unruhig.eu - name: infra.unruhig.eu
ansible.builtin.import_playbook: plays/infra.yaml ansible.builtin.import_playbook: plays/infra.yaml
- name: backup.unruhig.eu - name: filehost.unruhig.eu
ansible.builtin.import_playbook: plays/backup.yaml ansible.builtin.import_playbook: plays/filehost.yaml
- name: grp_prometheus - name: grp_prometheus
ansible.builtin.import_playbook: plays/grp_prometheus.yaml ansible.builtin.import_playbook: plays/grp_prometheus.yaml

61
ansible/plays/backup.yaml
View File

@ -1,61 +0,0 @@
- name: Setup Infra Meta Host
hosts: backup.unruhig.eu
gather_facts: false
tasks:
- name: Create user [backup]
become: true
ansible.builtin.user:
name: backup
comment: Used for receiving borg backups
shell: /bin/bash
create_home: true
state: present
generate_ssh_key: true
ssh_key_type: "ed25519"
ssh_key_file: ".ssh/storagebox"
- name: Create mount directory
become: true
become_user: backup
ansible.builtin.file:
path: "/home/backup/storagebox"
state: directory
- name: Create systemd user config directory
become: true
become_user: backup
ansible.builtin.file:
path: "/home/backup/.config/systemd/user"
state: directory
- name: Create mount unit
become: true
become_user: root
ansible.builtin.template:
src: mount-storagebox.mount.j2
owner: root
group: root
mode: "0600" # Credentials
dest: /etc/systemd/system/var-home-backup-storagebox.mount
- name: Create automount unit
become: true
become_user: root
ansible.builtin.template:
src: mount-storagebox.automount.j2
dest: /etc/systemd/system/var-home-backup-storagebox.automount
owner: root
group: root
mode: "0644"
- name: Start storagebox Mount Service
become: true
become_user: root
ansible.builtin.systemd:
name: var-home-backup-storagebox.mount
state: started
enabled: true
daemon_reload: true
- name: enable storagebox automount Mount Unit
become: true
become_user: root
ansible.builtin.systemd:
name: var-home-backup-storagebox.automount
enabled: true
# vim: ft=yaml.ansible

6
ansible/plays/common.yaml
View File

@ -117,7 +117,7 @@
- name: Register SSH Key with backup server - name: Register SSH Key with backup server
become: true become: true
become_user: root become_user: root
delegate_to: backup.unruhig.eu delegate_to: filehost.unruhig.eu
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/ssh/authorized_keys/backup path: /etc/ssh/authorized_keys/backup
state: present state: present
@ -126,9 +126,9 @@
- name: Add Known Hosts entries - name: Add Known Hosts entries
ansible.builtin.known_hosts: ansible.builtin.known_hosts:
path: "/root/.ssh/known_hosts" path: "/root/.ssh/known_hosts"
name: "backup.unruhig.eu" name: "filehost.unruhig.eu"
key: "{{ item }}" key: "{{ item }}"
loop: "{{ hostvars['backup.unruhig.eu']['known_hosts'] }}" loop: "{{ hostvars['filehost.unruhig.eu']['known_hosts'] }}"
- name: Restore from Backup - name: Restore from Backup
hosts: backup hosts: backup
become: true become: true

2
ansible/secrets.yml
View File

@ -5,5 +5,5 @@ SSH_KEY_thonkpad_ka_chaoswg_org: !var:file machine/thonkpad.ka.chaoswg.org/ssh_k
SSH_KEY_host_nc_chaoswg_org: !var:file machine/host.nc.chaoswg.org/ssh_key SSH_KEY_host_nc_chaoswg_org: !var:file machine/host.nc.chaoswg.org/ssh_key
SSH_KEY_mon1_hel1_chaoswg_org: !var:file machine/mon1.hel1.chaoswg.org/ssh_key SSH_KEY_mon1_hel1_chaoswg_org: !var:file machine/mon1.hel1.chaoswg.org/ssh_key
SSH_KEY_infra_unruhig_eu: !var:file machine/infra.unruhig.eu/ssh_key SSH_KEY_infra_unruhig_eu: !var:file machine/infra.unruhig.eu/ssh_key
SSH_KEY_backup_unruhig_eu: !var:file machine/backup.unruhig.eu/ssh_key SSH_KEY_filehost_unruhig_eu: !var:file machine/filehost.unruhig.eu/ssh_key
GOTOSOCIAL_OIDC_CLIENT_SECRET: !var keycloak/gotosocial/secret GOTOSOCIAL_OIDC_CLIENT_SECRET: !var keycloak/gotosocial/secret

5
tf-stage-1/dns-unruhig-eu.tf
View File

@ -7,8 +7,9 @@ module "dns-unruhig-eu" {
records = [ records = [
{ type = "A", name = "infra", value = "37.221.198.143" }, { type = "A", name = "infra", value = "37.221.198.143" },
{ type = "AAAA", name = "infra", value = "2a03:4000:9:176::1" }, { type = "AAAA", name = "infra", value = "2a03:4000:9:176::1" },
{ type = "A", name = "backup", value = "202.61.225.46" }, { type = "A", name = "filehost", value = "202.61.225.46" },
{ type = "AAAA", name = "backup", value = "2a03:4000:56:e17::1" }, { type = "AAAA", name = "filehost", value = "2a03:4000:56:e17::1" },
{ type = "CNAME", name = "backup", value = "filehost.unruhig.eu" },
{ type = "CNAME", name = "@", value = "web.tobiasmanske.de" }, { type = "CNAME", name = "@", value = "web.tobiasmanske.de" },
{ type = "CNAME", name = "www", value = "unruhig.eu" }, { type = "CNAME", name = "www", value = "unruhig.eu" },
{ type = "CNAME", name = "s3", value = "web.tobiasmanske.de" }, { type = "CNAME", name = "s3", value = "web.tobiasmanske.de" },