diff --git a/.github/workflows/glances.yml b/.github/workflows/diagnostic.yml similarity index 78% rename from .github/workflows/glances.yml rename to .github/workflows/diagnostic.yml index f081fc1..dd5acb9 100644 --- a/.github/workflows/glances.yml +++ b/.github/workflows/diagnostic.yml @@ -1,5 +1,5 @@ --- -name: "alphanodes.setup.glances" +name: "alphanodes.setup.diagnostic" 'on': pull_request: push: @@ -9,13 +9,13 @@ name: "alphanodes.setup.glances" - 'roles/python/**' - 'molecule/python/**' - '.github/workflows/python.yml' - - 'roles/glances/**' - - 'molecule/glances/**' - - '.github/workflows/glances.yml' + - 'roles/diagnostic/**' + - 'molecule/diagnostic/**' + - '.github/workflows/diagnostic.yml' defaults: run: - working-directory: 'glances' + working-directory: 'diagnostic' jobs: build: @@ -34,7 +34,7 @@ jobs: - name: Check out the codebase. uses: actions/checkout@v4 with: - path: 'glances' + path: 'diagnostic' - name: Set up Python 3. uses: actions/setup-python@v4 @@ -49,6 +49,6 @@ jobs: - name: Run Molecule tests. run: | molecule --version - molecule test -s glances + molecule test -s diagnostic env: MOLECULE_DISTRO: ${{ matrix.distro }} diff --git a/README.md b/README.md index 111f550..365f181 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ All provided roles do not use docker as container system. - [alphanodes.setup.git](roles/git/) - [alphanodes.setup.git_config](roles/git_config/) - [alphanodes.setup.gitlab](roles/gitlab/) -- [alphanodes.setup.glances](roles/glances/) +- [alphanodes.setup.diagnostic](roles/diagnostic/) - [alphanodes.setup.goaccess](roles/goaccess/) - [alphanodes.setup.golang](roles/golang/) - [alphanodes.setup.hedgedoc](roles/hedgedoc/) @@ -54,6 +54,7 @@ All provided roles do not use docker as container system. - [alphanodes.setup.redmine](roles/redmine/) - [alphanodes.setup.rocketchat](roles/rocketchat/) - [alphanodes.setup.rsync](roles/rsync/) +- [alphanodes.setup.rvm](roles/rvm/) - [alphanodes.setup.sphinx](roles/sphinx/) - [alphanodes.setup.ssh](roles/ssh/) - [alphanodes.setup.ssl](roles/ssl/) diff --git a/molecule/glances/converge.yml b/molecule/diagnostic/converge.yml similarity index 92% rename from molecule/glances/converge.yml rename to molecule/diagnostic/converge.yml index b8ae8ec..dd78993 100644 --- a/molecule/glances/converge.yml +++ b/molecule/diagnostic/converge.yml @@ -22,4 +22,4 @@ force: true roles: - - role: alphanodes.setup.glances + - role: alphanodes.setup.diagnostic diff --git a/molecule/glances/molecule.yml b/molecule/diagnostic/molecule.yml similarity index 100% rename from molecule/glances/molecule.yml rename to molecule/diagnostic/molecule.yml diff --git a/roles/diagnostic/README.md b/roles/diagnostic/README.md new file mode 100644 index 0000000..a8b18ca --- /dev/null +++ b/roles/diagnostic/README.md @@ -0,0 +1,21 @@ +# Ansible Role: Diagnostic tools + +Setup diagnostic tools on Debian and Ubuntu servers. + +## Role Variables + +Available variables can be found in [defaults/main.yml](defaults/main.yml) + +## Example Playbook + +```yaml + - hosts: all + + vars: + diagnostic_with_btop: true + diagnostic_with_glances: true + diagnostic_with_htop: true + + roles: + - alphanodes.setup.diagnostic +``` diff --git a/roles/diagnostic/defaults/main.yml b/roles/diagnostic/defaults/main.yml new file mode 100644 index 0000000..ebc0171 --- /dev/null +++ b/roles/diagnostic/defaults/main.yml @@ -0,0 +1,23 @@ +--- +# defaults file for diagnostic tools + +diagnostic_with_atop: false +diagnostic_with_bottom: false +# bottom is not implemented at the moment +diagnostic_with_btop: true +# make sure pip is installed for glances +diagnostic_with_glances: tfalse +diagnostic_with_htop: false +diagnostic_with_nmap: false +diagnostic_with_sysstat: false + +diagnostic_packages: + - deborphan + +# required a lot of packages for glances without pip (e.g. nginx) +glances_with_pip: true +glances_pip_packages: + - glances +glances_pip_venv: glances + +sysstat_enable_data_collecting: true diff --git a/roles/diagnostic/files/htoprc b/roles/diagnostic/files/htoprc new file mode 100644 index 0000000..c0818ba --- /dev/null +++ b/roles/diagnostic/files/htoprc @@ -0,0 +1,26 @@ +# Beware! This file is rewritten by htop when settings are changed in the interface. +# The parser is also very primitive, and not human-friendly. +fields=50 0 48 17 18 38 39 40 2 46 47 49 1 +sort_key=111 +sort_direction=1 +hide_threads=1 +hide_kernel_threads=1 +hide_userland_threads=1 +shadow_other_users=0 +show_thread_names=0 +show_program_path=1 +highlight_base_name=0 +highlight_megabytes=0 +highlight_threads=0 +tree_view=1 +header_margin=1 +detailed_cpu_time=1 +cpu_count_from_zero=1 +update_process_names=0 +account_guest_in_cpu_meter=0 +color_scheme=6 +delay=15 +left_meters=CPU AllCPUs +left_meter_modes=2 1 +right_meters=Blank Clock Memory Swap +right_meter_modes=2 2 2 1 diff --git a/roles/glances/meta/main.yml b/roles/diagnostic/meta/main.yml similarity index 77% rename from roles/glances/meta/main.yml rename to roles/diagnostic/meta/main.yml index 8899745..d01d304 100644 --- a/roles/glances/meta/main.yml +++ b/roles/diagnostic/meta/main.yml @@ -4,7 +4,7 @@ dependencies: public: true galaxy_info: - description: Setup glances + description: Setup diagnostic tools author: alexandermeindl company: AlphaNodes GmbH license: Apache License 2.0 @@ -16,8 +16,13 @@ galaxy_info: - jammy - name: Debian versions: - - buster - bullseye - bookworm galaxy_tags: + - atop + - bottom + - btop + - htop - glances + - nmap + - sysstat diff --git a/roles/diagnostic/tasks/main.yml b/roles/diagnostic/tasks/main.yml new file mode 100644 index 0000000..9c2679e --- /dev/null +++ b/roles/diagnostic/tasks/main.yml @@ -0,0 +1,6 @@ +--- + +- name: Include setup tasks + ansible.builtin.import_tasks: setup.yml + tags: + - diagnostic diff --git a/roles/diagnostic/tasks/setup.yml b/roles/diagnostic/tasks/setup.yml new file mode 100644 index 0000000..0f641b1 --- /dev/null +++ b/roles/diagnostic/tasks/setup.yml @@ -0,0 +1,50 @@ +--- + +- name: Set facts + ansible.builtin.set_fact: + managing_user: "{{ ansible_user | default(ansible_env.USER) }}" + +# Update should never be updated here because user already exists, +# but we have to specify it because otherwise ansible user reset password to empty string +- name: Get user information for non-root + ansible.builtin.user: + name: '{{ managing_user }}' + update_password: on_create + state: present + register: user_infos + when: managing_user != 'root' + +- name: Be sure diagnostic packages are installed + ansible.builtin.apt: + name: '{{ diagnostic_packages }}' + state: present + +- name: Include setup atop tasks + ansible.builtin.import_tasks: setup_atop.yml + tags: + - atop + +- name: Include setup bottom tasks + ansible.builtin.import_tasks: setup_bottom.yml + tags: + - bottom + +- name: Include setup btop tasks + ansible.builtin.import_tasks: setup_btop.yml + tags: + - btop + +- name: Include setup glances tasks + ansible.builtin.import_tasks: setup_glances.yml + tags: + - glances + +- name: Include setup htop tasks + ansible.builtin.import_tasks: setup_htop.yml + tags: + - htop + +- name: Include setup sysstat tasks + ansible.builtin.import_tasks: setup_sysstat.yml + tags: + - sysstat diff --git a/roles/diagnostic/tasks/setup_atop.yml b/roles/diagnostic/tasks/setup_atop.yml new file mode 100644 index 0000000..98b0b22 --- /dev/null +++ b/roles/diagnostic/tasks/setup_atop.yml @@ -0,0 +1,26 @@ +--- + +# see https://www.atoptool.nl/ +# see https://github.com/Atoptool/atop + +- name: Activated atop + when: diagnostic_with_atop + block: + - name: Be sure atop package are installed + ansible.builtin.apt: + name: atop + state: present + +- name: Disabled atop + when: not diagnostic_with_atop + block: + - name: Remove atop packages + ansible.builtin.apt: + name: atop + purge: true + state: absent + + - name: Remove atop user configuration + ansible.builtin.file: + path: "{{ '/root' if managing_user == 'root' else user_infos.home }}/.atoprc" + state: absent diff --git a/roles/diagnostic/tasks/setup_bottom.yml b/roles/diagnostic/tasks/setup_bottom.yml new file mode 100644 index 0000000..30fd045 --- /dev/null +++ b/roles/diagnostic/tasks/setup_bottom.yml @@ -0,0 +1,20 @@ +--- + +# see https://github.com/ClementTsang/bottom + +- name: Activated bottom + when: diagnostic_with_bottom + block: + - name: Be sure bottom package are installed + ansible.builtin.apt: + name: bottom + state: present + +- name: Disabled bottom + when: not diagnostic_with_bottom + block: + - name: Remove bottom packages + ansible.builtin.apt: + name: bottom + purge: true + state: absent diff --git a/roles/diagnostic/tasks/setup_btop.yml b/roles/diagnostic/tasks/setup_btop.yml new file mode 100644 index 0000000..c88769e --- /dev/null +++ b/roles/diagnostic/tasks/setup_btop.yml @@ -0,0 +1,25 @@ +--- + +# see https://github.com/aristocratos/btop + +- name: Activated btop + when: diagnostic_with_btop + block: + - name: Be sure btop package are installed + ansible.builtin.apt: + name: btop + state: present + +- name: Disabled btop + when: not diagnostic_with_btop + block: + - name: Remove btop packages + ansible.builtin.apt: + name: btop + purge: true + state: absent + + - name: Remove btop user configuration + ansible.builtin.file: + path: "{{ '/root' if managing_user == 'root' else user_infos.home }}/.config/btop" + state: absent diff --git a/roles/diagnostic/tasks/setup_glances.yml b/roles/diagnostic/tasks/setup_glances.yml new file mode 100644 index 0000000..1cabad0 --- /dev/null +++ b/roles/diagnostic/tasks/setup_glances.yml @@ -0,0 +1,48 @@ +--- + +# see https://github.com/nicolargo/glances + +- name: Activated glances + when: diagnostic_with_glances + block: + - name: Use pip + when: glances_with_pip + block: + - name: Include python role + ansible.builtin.include_role: + name: alphanodes.setup.python + vars: + python_pip_packages: '{{ glances_pip_packages }}' + python_pip_default_venv: '{{ glances_pip_venv }}' + + - name: Use debian package + when: not glances_with_pip + block: + - name: Be sure glances not installed with debian packages + ansible.builtin.apt: + name: glances + state: absent + +- name: Remove obsolete glances without venv + ansible.builtin.file: + path: /usr/local/bin/glances + state: absent + +- name: Disabled glances + when: not diagnostic_with_glances + block: + - name: Remove glances venv + ansible.builtin.file: + path: '{{ python_venv_parent }}/{{ glances_pip_venv }}' + state: absent + + - name: Remove glance package + ansible.builtin.apt: + name: glances + purge: true + state: absent + + - name: Remove glances user configuration + ansible.builtin.file: + path: "{{ '/root' if managing_user == 'root' else user_infos.home }}/.local/share/glances" + state: absent diff --git a/roles/diagnostic/tasks/setup_htop.yml b/roles/diagnostic/tasks/setup_htop.yml new file mode 100644 index 0000000..5caf11a --- /dev/null +++ b/roles/diagnostic/tasks/setup_htop.yml @@ -0,0 +1,34 @@ +--- + +# see https://github.com/htop-dev/htop + +- name: Activated htop + when: diagnostic_with_htop + block: + - name: Be sure htop package are installed + ansible.builtin.apt: + name: htop + state: present + + # @see https://haydenjames.io/htop-heres-how-to-customize-it/ + - name: Install htop configration + ansible.builtin.copy: + src: htoprc + dest: "{{ '/root' if managing_user == 'root' else user_infos.home }}/.config/htop/" + mode: 0644 + owner: '{{ managing_user }}' + group: "{{ 'root' if managing_user == 'root' else user_infos.group }}" + +- name: Disabled htop + when: not diagnostic_with_htop + block: + - name: Remove htop packages + ansible.builtin.apt: + name: htop + purge: true + state: absent + + - name: Remove htop user configuration + ansible.builtin.file: + path: "{{ '/root' if managing_user == 'root' else user_infos.home }}/.config/htop" + state: absent diff --git a/roles/diagnostic/tasks/setup_nmap.yml b/roles/diagnostic/tasks/setup_nmap.yml new file mode 100644 index 0000000..348bbdd --- /dev/null +++ b/roles/diagnostic/tasks/setup_nmap.yml @@ -0,0 +1,20 @@ +--- + +# see https://nmap.org/ + +- name: Activated nmap + when: diagnostic_with_nmap + block: + - name: Be sure nmap package are installed + ansible.builtin.apt: + name: nmap + state: present + +- name: Disabled nmap + when: not diagnostic_with_nmap + block: + - name: Remove nmap packages + ansible.builtin.apt: + name: nmap + purge: true + state: absent diff --git a/roles/diagnostic/tasks/setup_sysstat.yml b/roles/diagnostic/tasks/setup_sysstat.yml new file mode 100644 index 0000000..552a839 --- /dev/null +++ b/roles/diagnostic/tasks/setup_sysstat.yml @@ -0,0 +1,36 @@ +--- + +# see https://wiki.debian.org/sysstat +# see https://www.thomas-krenn.com/de/wiki/Linux_Performance_Aufzeichnung_und_Auswertung_mit_sar +# Anzeige der RAM Auslastung: sar -r + +- name: Activated sysstat + when: diagnostic_with_sysstat + block: + - name: Be sure sysstat package are installed + ansible.builtin.apt: + name: sysstat + state: present + + - name: Enable data collection + when: sysstat_enable_data_collecting + ansible.builtin.lineinfile: + dest: /etc/default/sysstat + regexp: '^ENABLED=.*' + line: 'ENABLED="true"' + + - name: Disable data collection + when: not sysstat_enable_data_collecting + ansible.builtin.lineinfile: + dest: /etc/default/sysstat + regexp: '^ENABLED=.*' + line: 'ENABLED="false"' + +- name: Disabled sysstat + when: not diagnostic_with_sysstat + block: + - name: Remove sysstat packages + ansible.builtin.apt: + name: sysstat + purge: true + state: absent diff --git a/roles/glances/README.md b/roles/glances/README.md deleted file mode 100644 index aff0136..0000000 --- a/roles/glances/README.md +++ /dev/null @@ -1,19 +0,0 @@ -# Ansible Role: Glances - -Setup [Glances](https://github.com/nicolargo/glances) on Debian and Ubuntu servers. - -## Role Variables - -Available variables can be found in [defaults/main.yml](defaults/main.yml) - -## Example Playbook - -```yaml - - hosts: all - - vars: - glances_with_pip: true - - roles: - - alphanodes.setup.glances -``` diff --git a/roles/glances/defaults/main.yml b/roles/glances/defaults/main.yml deleted file mode 100644 index 0c9f56d..0000000 --- a/roles/glances/defaults/main.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# defaults file for glances - -# if true, glances_packages are not installed -glances_with_pip: true - -glances_pip_packages: - - glances - -glances_pip_venv: glances - -# problem with glances package is, that a lot packages are -# installed, if nginx is installed -> do not use it, if nginx is installed -glances_packages: - - glances - -glances_remove: false diff --git a/roles/glances/tasks/main.yml b/roles/glances/tasks/main.yml deleted file mode 100644 index 1c9b7af..0000000 --- a/roles/glances/tasks/main.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- name: Include setup tasks - ansible.builtin.import_tasks: setup.yml - when: not glances_remove - tags: - - glances - -- name: Include remove tasks - ansible.builtin.import_tasks: remove.yml - when: glances_remove - tags: - - glances - - remove diff --git a/roles/glances/tasks/remove.yml b/roles/glances/tasks/remove.yml deleted file mode 100644 index c231e39..0000000 --- a/roles/glances/tasks/remove.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -- name: Remove glances venv - ansible.builtin.file: - path: '{{ python_venv_parent }}/{{ glances_pip_venv }}' - state: absent - -- name: Remove glance package - ansible.builtin.apt: - name: '{{ glances_packages }}' - state: absent - become: true diff --git a/roles/glances/tasks/setup.yml b/roles/glances/tasks/setup.yml deleted file mode 100644 index fdbbfe1..0000000 --- a/roles/glances/tasks/setup.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- - -- name: Use pip - when: glances_with_pip - block: - - name: Be sure glances not installed with debian packages - ansible.builtin.apt: - name: glances - state: absent - - - name: Include python role - ansible.builtin.include_role: - name: alphanodes.setup.python - vars: - python_pip_packages: '{{ glances_pip_packages }}' - python_pip_default_venv: '{{ glances_pip_venv }}' - -- name: Remove obsolete glances without venv - ansible.builtin.file: - path: /usr/local/bin/glances - state: absent - -- name: Use debian package - when: not glances_with_pip - block: - - name: Be sure glaces package are installed - ansible.builtin.apt: - name: '{{ glances_packages }}' - state: present diff --git a/roles/mysql/defaults/main.yml b/roles/mysql/defaults/main.yml index 903b470..0b3318a 100644 --- a/roles/mysql/defaults/main.yml +++ b/roles/mysql/defaults/main.yml @@ -153,7 +153,6 @@ mysql_table_definition_cache: 2048 mysql_server_debian_sys_maint_password: '{{ [ansible_machine_id, ansible_hostname, mysql_server_password_salt, "debian-sys-maint"] | join | hash("md5") }}' mysql_mysqltuner_url: https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl -mysql_tuning_primer_url: https://raw.githubusercontent.com/RootService/tuning-primer/master/tuning-primer.sh mysql_with_ssl: false mysql_ssl_ca: /etc/ssl/certs/mysql_ca.crt diff --git a/roles/mysql/tasks/setup.yml b/roles/mysql/tasks/setup.yml index 84bea6c..1fad73a 100644 --- a/roles/mysql/tasks/setup.yml +++ b/roles/mysql/tasks/setup.yml @@ -95,12 +95,6 @@ - name: Include mysqltuner tasks ansible.builtin.include_tasks: mysqltuner.yml -# tuning-primer is obsolete - remove it -- name: Remove tuning-primer script - ansible.builtin.file: - path: /usr/local/bin/tuning-primer.sh - state: absent - - name: Include zabbix tasks ansible.builtin.include_tasks: zabbix.yml tags: