Add ssh external

Update network
Update octoprint
2021-02-24 02:53:29 +01:00 · 2021-02-23 19:37:52 +01:00 · 2021-02-23 19:37:36 +01:00
13 changed files with 225 additions and 56 deletions
--- a/inventory/hosts.yml
+++ b/inventory/hosts.yml
@ -1,17 +1,93 @@
 ---
 all:
  hosts:
-    prusa.lan:
+    router:
-    iron-man.lan:
+      ansible_host: 192.168.50.2
-    router.lan:
+      vars:
        ip: 2
        mac: 2c:b0:5d:4a:72:62
    bender:
      ansible_host: 192.168.50.3
      vars:
        ip: 3
        mac: e0:3f:49:6f:03:c2
    home-assistant:
      ansible_host: 192.168.50.5
      vars:
        ip: 5
        mac: dc:a6:32:8b:7b:ab
        mac2: 6a:1b:c8:63:58:7a
    prusa:
      ansible_host: 192.168.50.6
      vars:
        ip: 6
        mac: b8:27:eb:96:f3:3f
        mac2: b8:27:eb:c3:a6:6a
 #    rpi3-02:
    iron-man:
      ansible_host: 192.168.50.7
      vars:
        ip: 7
        mac: b8:27:eb:19:f8:0d
    rpi3a:
      ansible_host: 192.168.50.8
      vars:
        ip: 8
        mac: b8:27:eb:ff:2a:86
    kvm-bender:
      ansible_host: 192.168.50.11
      vars:
        ip: 11
        mac: dc:a6:32:f6:63:c1
    android-sgs9:
      vars:
        ip: 41
        mac: 24:18:1d:bc:fe:4f
    ipad:
      vars:
        ip: 42
        mac: b8:63:4d:b6:4c:bc
    node-01.lan:
      ansible_host: 192.168.50.101
      vars:
        ip: 101
        mac: dc:a6:32:03:6d:fa
    node-02.lan:
      ansible_host: 192.168.50.102
      vars:
        ip: 102
        mac: dc:a6:32:3c:0f:ff
    node-03.lan:
      ansible_host: 192.168.50.103
      vars:
        ip: 103
        mac: dc:a6:32:3c:1a:ec
    node-x86.lan:
      ansible_host: 192.168.50.186
      vars:
        ip: 186
  children:
-    docker_cluster:
+    raspberry:
      hosts:
        node-01.lan:
          ansible_host: 192.168.50.101
        node-02.lan:
          ansible_host: 192.168.50.102
        node-03.lan:
-          ansible_host: 192.168.50.103
+    lan:
-        node-x86.lan:
+      hosts:
-          ansible_host: 192.168.50.186
+        router:
        bender:
        home-assistant:
        rpi3-01:
 #        rpi3-02:
        iron-man:
        prusa:
      children:
        docker_cluster:
          hosts:
            node-01.lan:
            node-02.lan:
            node-03.lan:
            node-x86.lan:
--- a/main.yml
+++ b/main.yml
@ -4,18 +4,22 @@
 #    - ssh
 #    - ubuntu
 #
-#- hosts: prusa.lan
+- hosts: prusa
 #  roles:
 #    - ssh
 #    - octoprint
 #    - ubuntu
 - hosts: docker_cluster
  roles:
    - ssh
-    - docker-cluster
+    - octoprint
    - ubuntu
 #- hosts: docker_cluster
 #  roles:
 #    - ssh
 #    - docker-cluster
 #    - ubuntu
 #
 #- hosts: raspberry
 #  roles:
 #    - i2c-clock
 #- hosts: router.lan
 #  roles:
 #    - router
--- a/roles/docker-cluster/files/etc/ha.d/haresources
+++ b/roles/docker-cluster/files/etc/ha.d/haresources
@ -1 +1,2 @@
 node-02 IPaddr::192.168.50.100/24/eth0:0
 node-02 ssh-external
--- a/roles/docker-cluster/files/etc/ha.d/resource.d/ssh-external
+++ b/roles/docker-cluster/files/etc/ha.d/resource.d/ssh-external
@ -0,0 +1,28 @@
 #!/usr/bin/env bash
 SERVICE=sshd-external
 case "$1" in
  start)
    systemctl start "${SERVICE}"
    ;;
  stop)
    systemctl stop "${SERVICE}"
    ;;
  reload)
    systemctl reload "${SERVICE}"
    ;;
  force-reload)
    systemctl force-reload "${SERVICE}"
    ;;
  restart)
    systemctl restart "${SERVICE}"
    ;;
  status)
    systemctl status "${SERVICE}"
    ;;
  *)
    echo "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|status}" || true
    exit 1
    ;;
 esac
--- a/roles/docker-cluster/files/lib/systemd/system/sshd-external.service
+++ b/roles/docker-cluster/files/lib/systemd/system/sshd-external.service
@ -0,0 +1,19 @@
 [Unit]
 Description=OpenBSD Secure Shell server
 After=network.target auditd.service
 ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
 [Service]
 EnvironmentFile=-/etc/default/ssh
 ExecStartPre=/usr/sbin/sshd -t
 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS -f /etc/ssh/sshd_config_external
 ExecReload=/usr/sbin/sshd -t
 ExecReload=/bin/kill -HUP $MAINPID
 KillMode=process
 Restart=on-failure
 RestartPreventExitStatus=255
 Type=notify
 [Install]
 WantedBy=multi-user.target
 Alias=sshd-external.service
--- a/roles/docker-cluster/tasks/main.yml
+++ b/roles/docker-cluster/tasks/main.yml
@ -11,4 +11,6 @@
 - import_tasks: hostfile.yml
- import_tasks: docker-watcher.yml
+- import_tasks: docker-watcher.yml
 - import_tasks: ssh-external.yml
--- a/roles/docker-cluster/tasks/ssh-external.yml
+++ b/roles/docker-cluster/tasks/ssh-external.yml
@ -0,0 +1,24 @@
 ---
 - become: yes
  block:
    - name: copy config
      copy:
        owner: root
        group: root
        mode: 0600
        directory_mode: yes
        src: etc/ssh
        dest: /etc
    - name: copy ha.d resource ssh-external
      copy:
        owner: root
        group: root
        mode: 0755
        src: etc/ha.d/resource.d/ssh-external
        dest: /etc/ha.d/resource.d/ssh-external
    - name: add systemd service
      copy:
        src: lib/systemd/system/sshd-external.service
        dest: /lib/systemd/system/sshd-external.service
--- a/roles/network/tasks/dns-file.yml
+++ b/roles/network/tasks/dns-file.yml
@ -12,3 +12,12 @@
  vars:
    network: "{{ lan }}"
    serial: "{{ ansible_date_time.year }}{{ ansible_date_time.month }}{{ ansible_date_time.day }}02"
 - name: Create db.lan
 #  become: yes
  template:
    src: etc/bind/db.reverse.j2
    dest: build/dns/db.{{ lan.network_reverse }}
  vars:
    network: "{{ lan }}"
    serial: "{{ ansible_date_time.year }}{{ ansible_date_time.month }}{{ ansible_date_time.day }}02"
--- a/roles/network/templates/etc/bind/db.lan.j2
+++ b/roles/network/templates/etc/bind/db.lan.j2
@ -8,7 +8,7 @@ $ORIGIN {{ network.network_name }}.
        86400;
 )
-@   IN  NS  dns.lan.
+@   IN  NS  dns.{{ network.network_name }}.
 DNS     IN  A   {{ network.network_prefix }}.100
--- a/roles/network/templates/etc/bind/db.reverse.j2
+++ b/roles/network/templates/etc/bind/db.reverse.j2
@ -0,0 +1,15 @@
 $TTL    86400
 $ORIGIN {{ network.network_name }}.
@       IN      SOA     {{ network.network_name }}. dns.{{ network.network_name }}. (
        {{ serial }};
        604800;
        86400;
        2419200;
        86400;
 )
 {{ network.network_reverse }}   IN  A   dns.{{ network.network_name }}
 {% for host in network.hosts %}
 {{ host.ip }}   IN      PTR     {{ host.name }}
 {% endfor %}
--- a/roles/network/vars/main.yml
+++ b/roles/network/vars/main.yml
@ -1,6 +1,7 @@
 ---
 lan:
  network_prefix: 192.168.50
  network_reverse: 50.168.192
  network_name: lan
  address: 192.168.50.0
  mask: 255.255.255.0
@ -15,29 +16,36 @@ lan:
    - name: bender
      ip: 3
      mac: e0:3f:49:6f:03:c2
    - name: prusa-new
      ip: 4
      mac: b8:27:eb:96:f3:3f
      mac2: b8:27:eb:c3:a6:6a
    - name: home-assistant
      ip: 5
      mac: dc:a6:32:8b:7b:ab
      mac2: 6a:1b:c8:63:58:7a
    - name: prusa
      ip: 6
      mac: b8:27:eb:96:f3:3f
      mac2: b8:27:eb:c3:a6:6a
 #    - name: rpi3
    - name: iron-man
      ip: 7
      mac: dc:a6:32:03:6d:fa
-    - name: prusa
+    - name: rpi3a
      ip: 8
      mac: b8:27:eb:ff:2a:86
-    - name: farnsworth
+    - name: kvm-bender
      ip: 11
      mac: dc:a6:32:f6:63:c1
    - name: hulk
      ip: 21
      mac: 24:4b:fe:05:e2:8b
    - name: farnsworth
      ip: 22
      mac: e0:3f:49:83:e8:dd
    - name: ipad
      ip: 46
      mac: b8:63:4d:b6:4c:bc
    - name: android-sgs9
-      ip: 47
+      ip: 41
      mac: 24:18:1d:bc:fe:4f
    - name: ipad
      ip: 42
      mac: b8:63:4d:b6:4c:bc
    - name: node-01
      ip: 101
      mac: dc:a6:32:03:6d:fa
--- a/roles/octoprint/files/octoprint.service
+++ b/roles/octoprint/files/octoprint.service
@ -6,7 +6,7 @@ After=network.target
 User=octoprint
 Group=octoprint
 Restart=always
-ExecStart=/home/octoprint/.local/bin/octoprint
+ExecStart=/home/octoprint/bin/octoprint
 Type=simple
 [Install]
--- a/roles/octoprint/tasks/install.yml
+++ b/roles/octoprint/tasks/install.yml
@ -5,44 +5,29 @@
    apt:
      update_cache: yes
      pkg:
-        - python-pip
+        - python3-pip
-        - python-dev
+        - python3-all-dev
-        - python-setuptools
+        - python3-setuptools
-        - python-virtualenv
+        - python3-virtualenv
        - python-pillow
        - git
        - libyaml-dev
        - build-essential
        - acl
        - libjpeg8-dev
  - name: install octoprint software
    become: true
    become_user: octoprint
    shell:
      chdir: /home/octoprint
      cmd: |
        virtualenv --system-site-packages .
        source bin/activate
-        pip install pip --upgrade
+        pip3 install pip --upgrade
-        pip install octoprint
+        pip3 install octoprint
    args:
      executable: /bin/bash
  - name: enable system wide packages
    file:
      path: /home/octoprint/lib/python2.7/no-global-site-packages.txt
      state: absent
  - name: Create symbolic link for PIL package
    file:
      src: /usr/lib/python2.7/dist-packages/PIL
      dest: /home/octoprint/lib/python2.7/site-packages/PIL
      state: link
  - name: Create symbolic link for pillow package
    file:
      src: /usr/lib/python2.7/dist-packages/Pillow-5.1.0.egg-info
      dest: /home/octoprint/lib/python2.7/site-packages/Pillow-5.1.0.egg-info
      state: link
  - name: install plugins
    become_user: octoprint
    pip:
@ -58,6 +43,4 @@
        - https://github.com/paukstelis/OctoPrint-Cancelobject/archive/master.zip
        - https://github.com/Renaud11232/OctoPrint-Resource-Monitor/archive/master.zip
        - https://github.com/agrif/OctoPrint-InfluxDB/archive/master.zip
        - https://github.com/juergenpabel/OctoPrint-Procastinator/archive/master.zip
        - https://github.com/ManuelMcLure/OctoPrint-WiFiStatus/archive/master.zip
Author	SHA1	Message	Date
pgrondek	925289b675	Add ssh external	2021-02-24 02:53:29 +01:00
pgrondek	79497476c2	Update network	2021-02-23 19:37:52 +01:00
pgrondek	318c638df7	Update octoprint	2021-02-23 19:37:36 +01:00
`@ -1 +1,2 @@`
	`node-02 IPaddr::192.168.50.100/24/eth0:0`	`node-02 IPaddr::192.168.50.100/24/eth0:0`
		`node-02 ssh-external`