mirror of https://dev.ccchb.de/ccchb/ansible.git
Compare commits
14 Commits
09cf6f693b
...
f8704927fb
Author | SHA1 | Date |
---|---|---|
Crest | f8704927fb | |
Crest | 50a3a3d270 | |
Crest | 53f05a7071 | |
Crest | e7eeb4039a | |
Crest | b00f1a4c44 | |
Crest | 6a8cee385b | |
Crest | 96b6c8fe4b | |
Crest | 8f23dd83b0 | |
Crest | 493a459466 | |
Crest | 6f18f4a005 | |
Crest | b9d4e0b0d0 | |
Crest | 803ebdbded | |
Crest | 050fb34846 | |
Crest | b7db27558b |
|
@ -1,2 +1,5 @@
|
|||
---
|
||||
ansible_python_interpreter: /usr/local/bin/python3.8
|
||||
s6_etc_dir: /etc/s6-rc
|
||||
s6_live_dir: /run/s6-rc
|
||||
s6_scan_dir: /run/service
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
- name: Define bhyve guest service definitions
|
||||
file:
|
||||
path: '/etc/s6-rc/service/bhyve-{{ item.0.name }}{{ item.1 }}'
|
||||
path: '{{ s6_etc_dir }}/service/bhyve-{{ item.0.name }}{{ item.1 }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -16,7 +16,7 @@
|
|||
|
||||
- name: Instantiating service templates
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/bhyve-{{ item.0.name }}{{ item.1.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/bhyve-{{ item.0.name }}{{ item.1.name }}'
|
||||
src: 'bhyve{{ item.1.name }}.j2'
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -34,7 +34,7 @@
|
|||
|
||||
- name: Start enabled bhyve guests
|
||||
command: >
|
||||
fdmove -c 2 1 s6-rc -v 2 -u change bhyve-{{ item.name }}
|
||||
fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -v 2 -u change bhyve-{{ item.name }}
|
||||
register: change
|
||||
when: item.enabled | default
|
||||
changed_when: change.stdout | length > 0
|
||||
|
@ -52,13 +52,13 @@
|
|||
notify:
|
||||
- Reload s6-rc
|
||||
with_items:
|
||||
- /etc/s6-rc/service/bhyve
|
||||
- /etc/s6-rc/service/bhyve-disabled
|
||||
- /etc/s6-rc/service/bhyve-enabled
|
||||
- '{{ s6_etc_dir }}/service/bhyve'
|
||||
- '{{ s6_etc_dir }}/service/bhyve-disabled'
|
||||
- '{{ s6_etc_dir }}/service/bhyve-enabled'
|
||||
|
||||
- name: Declare bhyve service as bundle
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/{{ item }}/type'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}/type'
|
||||
content: bundle
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -72,7 +72,7 @@
|
|||
|
||||
- name: Define bhyve service bundles
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/{{ item }}/contents'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}/contents'
|
||||
src: '{{ item }}-contents.j2'
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -89,13 +89,13 @@
|
|||
|
||||
- name: Stop disabled bhyve guests
|
||||
command: >
|
||||
fdmove -c 2 1 s6-rc -v 2 -d change bhyve-disabled
|
||||
fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -v 2 -d change bhyve-disabled
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: Autostart enabled bhyve guests
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: '^bhyve-enabled$'
|
||||
line: 'bhyve-enabled'
|
||||
notify:
|
||||
|
|
|
@ -5,10 +5,10 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Reload Dovecot
|
||||
command: s6-svc -h /run/service/dovecot
|
||||
command: s6-svc -h {{ s6_scan_dir }}/dovecot
|
||||
|
||||
- name: Restart Dovecot
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/dovecot
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/dovecot
|
||||
|
||||
- name: Restart Dovecot log
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/dovecot-log
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/dovecot-log
|
||||
|
|
|
@ -63,7 +63,7 @@
|
|||
|
||||
- name: Create Dovecot service directories
|
||||
file:
|
||||
path: '/etc/s6-rc/service/{{ item }}'
|
||||
path: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -76,7 +76,7 @@
|
|||
|
||||
- name: Generate Dovecot service scripts
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/{{ item }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
src: '{{ item }}.j2'
|
||||
mode: 0555
|
||||
owner: root
|
||||
|
@ -89,7 +89,7 @@
|
|||
|
||||
- name: Generate Dovecot service configuration
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/{{ item.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item.name }}'
|
||||
content: '{{ item.content }}'
|
||||
mode: 0444
|
||||
owner: root
|
||||
|
@ -123,7 +123,7 @@
|
|||
group: acme
|
||||
regexp: '^DEPLOY_DOVECOT_PEM_PATH='
|
||||
state: present
|
||||
line: 'DEPLOY_DOVECOT_RELOAD="sudo s6-svc -h /run/service/dovecot"'
|
||||
line: 'DEPLOY_DOVECOT_RELOAD="sudo s6-svc -h {{ s6_scan_dir }}/dovecot"'
|
||||
|
||||
- name: Flush handlers
|
||||
meta: flush_handlers
|
||||
|
@ -137,20 +137,20 @@
|
|||
group: wheel
|
||||
|
||||
- name: Deploy X.509 certificate to Dovecot
|
||||
command: 'env sudo -Hu acme acme.sh --debug --home /var/db/acme --install-cert --domain {{ ansible_fqdn }} --cert-file /usr/local/etc/dovecot/cert.pem --key-file /usr/local/etc/dovecot/privkey.pem --fullchain-file /usr/local/etc/dovecot/fullchain.pem --reloadcmd "sudo s6-svc -h /run/service/dovecot"'
|
||||
command: 'env sudo -Hu acme acme.sh --debug --home /var/db/acme --install-cert --domain {{ ansible_fqdn }} --cert-file /usr/local/etc/dovecot/cert.pem --key-file /usr/local/etc/dovecot/privkey.pem --fullchain-file /usr/local/etc/dovecot/fullchain.pem --reloadcmd "sudo s6-svc -h {{ s6_scan_dir }}/dovecot"'
|
||||
args:
|
||||
creates: /usr/local/etc/dovecot/fullchain.pem
|
||||
notify:
|
||||
- Reload Dovecot
|
||||
|
||||
- name: Start Dovecot
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change dovecot
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 -t 15000 change dovecot
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: Enable Dovecot
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: "^dovecot$"
|
||||
line: dovecot
|
||||
state: present
|
||||
|
|
|
@ -1 +1 @@
|
|||
acme ALL=NOPASSWD:/usr/local/bin/s6-svc -h /run/service/dovecot
|
||||
acme ALL=NOPASSWD:/usr/local/bin/s6-svc -h {{ s6_scan_dir }}/dovecot
|
||||
|
|
|
@ -5,13 +5,13 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Restart HAProxy
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/haproxy
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/haproxy
|
||||
|
||||
- name: Restart HAProxy log
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/haproxy-log
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/haproxy-log
|
||||
|
||||
- name: Reload HAProxy
|
||||
command: s6-svc -2 /run/service/haproxy
|
||||
command: s6-svc -2 {{ s6_scan_dir }}/haproxy
|
||||
|
||||
- name: Restart acme-renew
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/acme-renew
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/acme-renew
|
||||
|
|
|
@ -200,7 +200,7 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start HAProxy
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 change haproxy
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 change haproxy
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
|
@ -243,7 +243,7 @@
|
|||
path: /var/db/acme/account.conf
|
||||
regex: '^DEPLOY_HAPROXY_RELOAD='
|
||||
state: present
|
||||
line: 'DEPLOY_HAPROXY_RELOAD="sudo s6-svc -h /run/service/haproxy"'
|
||||
line: 'DEPLOY_HAPROXY_RELOAD="sudo s6-svc -h {{ s6_scan_dir }}/haproxy"'
|
||||
|
||||
- name: Allow acme user to reload haproxy
|
||||
template:
|
||||
|
@ -309,7 +309,7 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start acme renew service
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 change acme-renew
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 change acme-renew
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
|
|
|
@ -1 +1 @@
|
|||
acme ALL=NOPASSWD:/usr/local/bin/s6-svc -h /run/service/haproxy
|
||||
acme ALL=NOPASSWD:/usr/local/bin/s6-svc -h {{ s6_scan_dir }}/haproxy
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
- name: Restart Postfix
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/postfix
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/postfix
|
||||
|
||||
- name: Reload Postfix
|
||||
command: s6-svc -h /run/service/postfix
|
||||
command: s6-svc -h {{ s6_scan_dir }}/postfix
|
||||
|
||||
- name: Rebuild mlmmj virtual aliases
|
||||
command: postmap hash:/usr/local/etc/postfix/virtual_mlmmj
|
||||
|
@ -17,4 +17,4 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Restart mlmmj-maintd
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/mlmmj-maintd
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/mlmmj-maintd
|
||||
|
|
|
@ -19,7 +19,6 @@
|
|||
home: /var/vmail/mlmmj
|
||||
shell: /sbin/nologin
|
||||
|
||||
|
||||
- name: Create lists directory
|
||||
file:
|
||||
path: /var/vmail/mlmmj
|
||||
|
@ -73,7 +72,7 @@
|
|||
|
||||
- name: Create mlmmj-maintd service directories
|
||||
file:
|
||||
path: '/etc/s6-rc/service/{{ item }}'
|
||||
path: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -85,7 +84,7 @@
|
|||
|
||||
- name: Generate mlmmj-maintd service scripts
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/{{ item }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
src: '{{ item }}.j2'
|
||||
mode: 0555
|
||||
owner: root
|
||||
|
@ -97,7 +96,7 @@
|
|||
|
||||
- name: Generate mlmmj-maintd service configuration
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/{{ item.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item.name }}'
|
||||
content: '{{ item.content }}'
|
||||
mode: 0444
|
||||
owner: root
|
||||
|
@ -113,13 +112,13 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start mlmmj-maintd
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 change mlmmj-maintd
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 change mlmmj-maintd
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: Enable mlmmj-maintd
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: "^mlmmj-maintd$"
|
||||
line: "mlmmj-maintd"
|
||||
notify:
|
||||
|
@ -269,7 +268,7 @@
|
|||
- name: Set moderate subscription
|
||||
copy:
|
||||
dest: '/var/vmail/mlmmj/{{ item.name }}/control/submod'
|
||||
content: ''
|
||||
content: '{{ item.subscription_moderators | default([]) | join("\n") }}'
|
||||
force: no
|
||||
owner: mlmmj
|
||||
group: mlmmj
|
||||
|
|
|
@ -5,10 +5,10 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Reload nsd
|
||||
command: s6-svc -h /run/service/nsd
|
||||
command: s6-svc -h {{ s6_scan_dir }}/nsd
|
||||
|
||||
- name: Restart nsd
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/nsd
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/nsd
|
||||
|
||||
- name: Restart nsd log
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/nsd-log
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/nsd-log
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
- name: Create nsd service directories
|
||||
file:
|
||||
path: '/etc/s6-rc/service/{{ item }}'
|
||||
path: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -27,7 +27,7 @@
|
|||
|
||||
- name: Generate nsd service scripts
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/{{ item }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
src: '{{ item }}.j2'
|
||||
mode: 0555
|
||||
owner: root
|
||||
|
@ -40,7 +40,7 @@
|
|||
|
||||
- name: Generate nsd service configuration
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/{{ item.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item.name }}'
|
||||
content: '{{ item.content }}'
|
||||
mode: 0444
|
||||
owner: root
|
||||
|
@ -67,13 +67,13 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start nsd
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change nsd
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 -t 15000 change nsd
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: Enable nsd
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: "^nsd$"
|
||||
line: nsd
|
||||
state: present
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Restart OpenNTPD
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/openntpd
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/openntpd
|
||||
|
||||
- name: Restart OpenNTPD log
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/openntpd-log
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/openntpd-log
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
|
||||
- name: Create OpenNTPD service directories
|
||||
file:
|
||||
path: '/etc/s6-rc/service/{{ item }}'
|
||||
path: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -27,7 +27,7 @@
|
|||
|
||||
- name: Generate OpenNTPD service scripts
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/{{ item }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
src: '{{ item }}.j2'
|
||||
mode: 0555
|
||||
owner: root
|
||||
|
@ -40,7 +40,7 @@
|
|||
|
||||
- name: Generate OpenNTPD service configuration
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/{{ item.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item.name }}'
|
||||
content: '{{ item.content }}'
|
||||
mode: 0444
|
||||
owner: root
|
||||
|
@ -67,13 +67,13 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start OpenNTPD
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change openntpd
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 -t 15000 change openntpd
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: Enable OpenNTPD
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: "^openntpd$"
|
||||
line: openntpd
|
||||
state: present
|
||||
|
|
|
@ -5,13 +5,13 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Restart Postfix
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/postfix
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/postfix
|
||||
|
||||
- name: Restart Postfix log
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/postfix-log
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/postfix-log
|
||||
|
||||
- name: Reload Postfix
|
||||
command: s6-svc -h /run/service/postfix
|
||||
command: s6-svc -h {{ s6_scan_dir }}/postfix
|
||||
|
||||
- name: Rebuild Postfix maps
|
||||
command: 'postmap {{ item.type }}:{{ item.name }}'
|
||||
|
|
|
@ -53,7 +53,7 @@
|
|||
|
||||
- name: Create Postfix service directories
|
||||
file:
|
||||
path: '/etc/s6-rc/service/{{ item }}'
|
||||
path: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -62,7 +62,7 @@
|
|||
|
||||
- name: Generate Postfix service scripts
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/{{ item }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
src: '{{ item }}.j2'
|
||||
mode: 0555
|
||||
owner: root
|
||||
|
@ -74,7 +74,7 @@
|
|||
|
||||
- name: Generate Postfix service configuration
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/{{ item.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item.name }}'
|
||||
content: '{{ item.content }}'
|
||||
mode: 0444
|
||||
owner: root
|
||||
|
@ -129,13 +129,13 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start Postfix
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 change postfix
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 change postfix
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: Enable Postfix
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: "^postfix$"
|
||||
line: "postfix"
|
||||
notify:
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
state: reloaded
|
||||
|
||||
- name: 'Restart redis-{{ redis_instance }}'
|
||||
command: s6-svc -wR -T 15000 -ru /run/service/redis-{{ redis_instance }}
|
||||
command: s6-svc -wR -T 15000 -ru {{ s6_scan_dir }}/redis-{{ redis_instance }}
|
||||
|
||||
- name: 'Restart redis-{{ redis_instance }} log'
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/redis-{{ redis_instance }}-log
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/redis-{{ redis_instance }}-log
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
|
||||
- name: 'Create redis-{{ redis_instance }} service directories'
|
||||
file:
|
||||
path: '/etc/s6-rc/service/redis-{{ redis_instance}}{{ item }}'
|
||||
path: '{{ s6_etc_dir }}/service/redis-{{ redis_instance}}{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -43,7 +43,7 @@
|
|||
|
||||
- name: 'Generate redis-{{ redis_instance }} service scripts'
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/redis-{{ redis_instance }}{{ item }}'
|
||||
dest: '{{ s6_etc_dir }}/service/redis-{{ redis_instance }}{{ item }}'
|
||||
src: 'redis{{ item }}.j2'
|
||||
mode: 0555
|
||||
owner: root
|
||||
|
@ -56,7 +56,7 @@
|
|||
|
||||
- name: 'Generate redis-{{ redis_instance }} service configuration'
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/redis-{{ redis_instance}}{{ item.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/redis-{{ redis_instance}}{{ item.name }}'
|
||||
content: '{{ item.content }}'
|
||||
mode: 0444
|
||||
owner: root
|
||||
|
@ -83,13 +83,13 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: 'Start redis-{{ redis_instance }}'
|
||||
command: 'fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change redis-{{ redis_instance }}'
|
||||
command: 'fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 -t 15000 change redis-{{ redis_instance }}'
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: 'Enable redis-{{ redis_instance }}'
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: "^redis-{{ redis_instance }}$"
|
||||
line: 'redis-{{ redis_instance }}'
|
||||
state: present
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Restart restic
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/restic
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/restic
|
||||
|
||||
- name: Restart restic-log
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/restic-log
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/restic-log
|
||||
|
|
|
@ -53,7 +53,7 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start restic renew service
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 change restic
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 change restic
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
|
|
|
@ -5,16 +5,16 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Restart Rspamd
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/rspamd
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/rspamd
|
||||
|
||||
- name: Restart Rspamd log
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/rspamd-log
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/rspamd-log
|
||||
|
||||
- name: Restart HAProxy
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/haproxy
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/haproxy
|
||||
|
||||
- name: Restart HAProxy log
|
||||
command: s6-svc -wU -T 5000 -ru /run/service/haproxy-log
|
||||
command: s6-svc -wU -T 5000 -ru {{ s6_scan_dir }}/haproxy-log
|
||||
|
||||
- name: Reload HAProxy
|
||||
command: s6-svc -2 /run/service/haproxy
|
||||
command: s6-svc -2 {{ s6_scan_dir }}/haproxy
|
||||
|
|
|
@ -43,7 +43,7 @@
|
|||
|
||||
- name: Create Rspamd service directories
|
||||
file:
|
||||
path: '/etc/s6-rc/service/{{ item }}'
|
||||
path: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
state: directory
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -56,7 +56,7 @@
|
|||
|
||||
- name: Generate Rspamd service scripts
|
||||
template:
|
||||
dest: '/etc/s6-rc/service/{{ item }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item }}'
|
||||
src: '{{ item }}.j2'
|
||||
mode: 0555
|
||||
owner: root
|
||||
|
@ -69,7 +69,7 @@
|
|||
|
||||
- name: Generate Rspamd service configuration
|
||||
copy:
|
||||
dest: '/etc/s6-rc/service/{{ item.name }}'
|
||||
dest: '{{ s6_etc_dir }}/service/{{ item.name }}'
|
||||
content: '{{ item.content }}'
|
||||
mode: 0444
|
||||
owner: root
|
||||
|
@ -86,13 +86,13 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start Rspamd
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change rspamd
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 -t 15000 change rspamd
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
- name: Enable Rspamd
|
||||
lineinfile:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
regexp: "^rspamd$"
|
||||
line: rspamd
|
||||
state: present
|
||||
|
|
|
@ -11,13 +11,13 @@
|
|||
group: wheel
|
||||
mode: 0755
|
||||
with_items:
|
||||
- /etc/s6-rc
|
||||
- /etc/s6-rc/service
|
||||
- /etc/s6-rc/service/enabled
|
||||
- '{{ s6_etc_dir }}'
|
||||
- '{{ s6_etc_dir }}/service'
|
||||
- '{{ s6_etc_dir }}/service/enabled'
|
||||
|
||||
- name: Define enabled services bundle
|
||||
copy:
|
||||
dest: /etc/s6-rc/service/enabled/type
|
||||
dest: '{{ s6_etc_dir }}/service/enabled/type'
|
||||
content: bundle
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -25,7 +25,7 @@
|
|||
|
||||
- name: Default to an empty set of enabled servics
|
||||
file:
|
||||
path: /etc/s6-rc/service/enabled/contents
|
||||
path: '{{ s6_etc_dir }}/service/enabled/contents'
|
||||
state: touch
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -46,15 +46,15 @@
|
|||
command: >
|
||||
s6-rc-compile -v 2 .compiled.{{ s6_uuid }} service
|
||||
args:
|
||||
creates: /etc/s6-rc/compiled
|
||||
chdir: /etc/s6-rc
|
||||
creates: '{{ s6_etc_dir }}/compiled'
|
||||
chdir: '{{ s6_etc_dir }}'
|
||||
|
||||
- name: Link to the latest service database
|
||||
command: >
|
||||
env ln -shf .compiled.{{ s6_uuid }} compiled
|
||||
args:
|
||||
creates: /etc/s6-rc/compiled
|
||||
chdir: /etc/s6-rc
|
||||
creates: '{{ s6_etc_dir }}/compiled'
|
||||
chdir: '{{ s6_etc_dir }}'
|
||||
|
||||
- name: Make sure that tmpfs support is loaded early
|
||||
lineinfile:
|
||||
|
@ -72,7 +72,7 @@
|
|||
|
||||
- name: Generate s6-svscan startup script
|
||||
template:
|
||||
dest: /etc/s6-rc/scan
|
||||
dest: '{{ s6_etc_dir }}/scan'
|
||||
src: scan.j2
|
||||
owner: root
|
||||
group: wheel
|
||||
|
@ -82,7 +82,7 @@
|
|||
lineinfile:
|
||||
path: /etc/ttys
|
||||
regexp: '^null'
|
||||
line: 'null "/etc/s6-rc/scan" vt100 on secure'
|
||||
line: 'null "{{ s6_etc_dir }}/scan" vt100 on secure'
|
||||
notify:
|
||||
- Reload /etc/ttys
|
||||
|
||||
|
|
|
@ -5,6 +5,13 @@
|
|||
# REQUIRE: NETWORKING daemon
|
||||
# KEYWORD: shutdown
|
||||
|
||||
etc_dir="{{ s6_etc_dir }}"
|
||||
scan_dir="{{ s6_scan_dir }}"
|
||||
live_dir="{{ s6_live_dir }}"
|
||||
|
||||
EX_UNAVAILABLE=69
|
||||
EX_CONFIG=78
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
export PATH="$PATH:/usr/local/bin:/usr/local/sbin"
|
||||
|
@ -27,7 +34,7 @@ s6_wait()
|
|||
{
|
||||
local i=0
|
||||
|
||||
while ! s6-svscanctl -z /run/service 2>/dev/null; do
|
||||
while ! s6-svscanctl -z "$scan_dir" 2>/dev/null; do
|
||||
if [ $i -ge $s6_timeout ]; then
|
||||
echo "Timeout waiting for s6-svscan." >&2
|
||||
return 1
|
||||
|
@ -48,19 +55,19 @@ s6_wait()
|
|||
|
||||
s6_rc_init()
|
||||
{
|
||||
if [ ! -e /run/s6-rc ]; then
|
||||
s6-rc-init /run/service
|
||||
if [ ! -e "$live_dir" ]; then
|
||||
s6-rc-init -l "$live_dir" "$scan_dir"
|
||||
fi
|
||||
}
|
||||
|
||||
s6_rc_up()
|
||||
{
|
||||
s6-rc -v 2 -u -t $up_timeout change enabled
|
||||
s6-rc -l "$live_dir" -v 2 -u -t "$up_timeout" change enabled
|
||||
}
|
||||
|
||||
s6_rc_down()
|
||||
{
|
||||
s6-rc -v 2 -d -a -t $down_timeout change
|
||||
s6-rc -l "$live_dir" -v 2 -d -a -t "$down_timeout" change
|
||||
}
|
||||
|
||||
s6_rc_start()
|
||||
|
@ -82,16 +89,26 @@ s6_rc_reload()
|
|||
{
|
||||
local uuid="$(uuidgen)"
|
||||
|
||||
cd /etc/s6-rc
|
||||
echo "Compiling new s6-rc service database."
|
||||
s6-rc-compile -v 2 ".compiled.$uuid" service
|
||||
cd "$etc_dir"
|
||||
echo "Compiling the s6-rc service definitions into a services database: $etc_dir/service -> $etc_dir/.compiled.$uuid."
|
||||
if ! s6-rc-compile -v 2 ".compiled.$uuid" service; then
|
||||
echo "Failed to compile the service definitions into a services database." >&2
|
||||
return $EX_CONFIG
|
||||
fi
|
||||
|
||||
if s6-rc-update -v 2 -t $update_timeout "/etc/s6-rc/.compiled.$uuid"; then
|
||||
echo "Updating the running s6-rc service manager to the latest compiled services database: $etc_dir/.compiled.$uuid."
|
||||
if s6-rc-update -l "$live_dir" -v 2 -t $update_timeout "$etc_dir/.compiled.$uuid"; then
|
||||
echo "Marking the running services database as selected default configuration: .compiled.$uuid -> compiled."
|
||||
ln -shf ".compiled.$uuid" compiled
|
||||
echo "Updated s6-rc service database."
|
||||
|
||||
echo "Deleting old service databases."
|
||||
find -s . -mindepth 1 -maxdepth 1 -type d -name '.compiled.*' -not -name ".compiled.$uuid" -print0 | xargs -0 rm -r
|
||||
echo "Deleting stale services databases."
|
||||
if ! find -s . -mindepth 1 -maxdepth 1 -type d -name '.compiled.*' -not -name ".compiled.$uuid" -print0 | xargs -0 rm -r; then
|
||||
echo "Failed to delete stale services databases." >&2
|
||||
return $EX_CONFIG
|
||||
fi
|
||||
else
|
||||
echo "Failed to update the running s6-rc manager to the latest service database." >&2
|
||||
return $EX_CONFIG
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -99,19 +116,20 @@ s6_rc_status()
|
|||
{
|
||||
local result=0
|
||||
|
||||
if s6-svscanctl -z /run/service 2>/dev/null; then
|
||||
echo "The s6-svscan supervisor is responsible."
|
||||
# Check if s6-svscan is responsive by asking it to invoke its reaper (almost a NOP)
|
||||
if s6-svscanctl -z "$scan_dir" 2>/dev/null; then
|
||||
echo "The s6-svscan supervisor is responsive."
|
||||
else
|
||||
echo "The s6-svscan supervisor is unavailable."
|
||||
result=1
|
||||
fi
|
||||
|
||||
if [ -e /run/s6-rc ]; then
|
||||
echo "The s6-rc service manager is initialized."
|
||||
if [ -e "$live_dir" ]; then
|
||||
echo "The s6-rc service manager has been initialized."
|
||||
|
||||
echo
|
||||
echo "These services are currently active:"
|
||||
s6-rc -a list
|
||||
s6-rc -l "$live_dir" -a list
|
||||
else
|
||||
echo "The s6-rc service manager is uninitalized."
|
||||
result=1
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/root/bin
|
||||
scan_dir="{{ s6_scan_dir }}"
|
||||
|
||||
install -d -o root -g wheel -m 755 /run/service
|
||||
exec s6-svscan /run/service
|
||||
install -d -o root -g wheel -m 755 -- "$scan_dir"
|
||||
exec s6-svscan "$scan_dir"
|
||||
|
|
|
@ -5,10 +5,10 @@
|
|||
state: reloaded
|
||||
|
||||
- name: Reload unbound
|
||||
command: s6-svc -h /run/service/unbound
|
||||
command: s6-svc -h {{ s6_scan_dir }}/unbound
|
||||
|
||||
- name: Restart unbound
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/unbound
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/unbound
|
||||
|
||||
- name: Restart unbound log
|
||||
command: s6-svc -wR -T 5000 -ru /run/service/unbound-log
|
||||
command: s6-svc -wR -T 5000 -ru {{ s6_scan_dir }}/unbound-log
|
||||
|
|
|
@ -67,7 +67,7 @@
|
|||
meta: flush_handlers
|
||||
|
||||
- name: Start unbound
|
||||
command: fdmove -c 2 1 s6-rc -u -v 2 -t 15000 change unbound
|
||||
command: fdmove -c 2 1 s6-rc -l {{ s6_live_dir }} -u -v 2 -t 15000 change unbound
|
||||
register: change
|
||||
changed_when: change.stdout | length > 0
|
||||
|
||||
|
|
Loading…
Reference in New Issue