abbey's private institutional parameters, =private/vars.yml=, can be
found in [[file:Institute/private/vars.yml][=Institute/private/vars.yml=]].
-#+CAPTION: =public/vars.yml=
+#+CAPTION: [[file:public/vars.yml][=public/vars.yml=]]
#+BEGIN_SRC conf :tangle public/vars.yml :mkdirp yes
---
domain_name: birchwood-abbey.net
The monks of the abbey are masters of the staff (bo) and Emacs.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml :mkdirp yes
---
- name: Install Emacs.
to the machine's privileged account (~sysadm~). The abbey takes it
from there, forwarding ~sysadm~ to a real person.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml :noweb no-export
- name: Install abbey email aliases.
notify: New aliases.
#+END_SRC
-#+CAPTION: =roles_t/abbey-front/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/handlers/main.yml][=roles_t/abbey-front/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/handlers/main.yml :mkdirp yes
---
- name: New aliases.
support does the duplication, by multiple references to code blocks
like ~git-tasks~ and ~git-handlers~.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml :noweb no-export
<<git-tasks>>
mode: u=rwx,g=srwx,o=rx
#+END_SRC
-#+CAPTION: =roles_t/abbey-front/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/handlers/main.yml][=roles_t/abbey-front/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/handlers/main.yml :noweb no-export
<<git-handlers>>
declares most the native source files in the current directory tree to
be plain text, so that they are displayed rather than downloaded.
-#+CAPTION: =.htaccess=
+#+CAPTION: [[file:.htaccess][=.htaccess=]]
#+BEGIN_SRC conf :tangle .htaccess
ReadmeName notfound.html
IndexIgnore README.org
rest of the Let's Encrypt configuration is discussed in the following
[[*Install Let's Encrypt][Install Let's Encrypt]] section.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml :noweb no-export
- name: Configure Apache.
<<apache-gitweb-tasks>>
#+END_SRC
-#+CAPTION: =roles_t/abbey-front/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/handlers/main.yml][=roles_t/abbey-front/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/handlers/main.yml :noweb no-export
<<apache-gitweb-handlers>>
The replacement =logrotate-mailer= does, and includes it in a
~Subject~ header prepended to ~logrotate~'s message.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml
- name: Configure Apache log archival.
mode: u=rwx,g=rx,o=rx
#+END_SRC
-#+CAPTION: =roles_t/abbey-front/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/handlers/main.yml][=roles_t/abbey-front/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/handlers/main.yml
- name: Reload systemd.
See the description of ~ExecStart~ in the ~systemd.service(5)~ manual
page.)
-#+CAPTION: =roles_t/abbey-front/files/logrotate-mailer.conf=
+#+CAPTION: [[file:roles_t/abbey-front/files/logrotate-mailer.conf][=roles_t/abbey-front/files/logrotate-mailer.conf=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/files/logrotate-mailer.conf :mkdirp yes
[Service]
ExecStart=
This is a low priority because much of the data is available to
Droplet's ISP's Mom, the NSA/CIA/NWO.
-#+CAPTION: =roles_t/abbey-front/files/logrotate-mailer=
+#+CAPTION: [[file:roles_t/abbey-front/files/logrotate-mailer][=roles_t/abbey-front/files/logrotate-mailer=]]
#+BEGIN_SRC sh :tangle roles_t/abbey-front/files/logrotate-mailer
#!/bin/bash -e
(quarterly). The following tasks ensure the ~python3-cerbot-apache~
package is installed and its =live/= subdirectory is world readable.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml
- name: Install Certbot for Apache.
=/etc/letsencrypt/= was restored from a backup, the servers should be
restarted manually.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml
- name: Use Let's Encrypt certificate&key.
The following task arranges to rotate Certbot's logs files.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml
- name: Install Certbot logrotate configuration.
mode: u=rw,g=r,o=r
#+END_SRC
-#+CAPTION: =roles_t/abbey-front/files/certbot_logrotate=
+#+CAPTION: [[file:roles_t/abbey-front/files/certbot_logrotate][=roles_t/abbey-front/files/certbot_logrotate=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/files/certbot_logrotate
/var/log/letsencrypt/*.log {
rotate 12
~root@core~ in S/MIME encrypted email every time it changes. Changes
are detected by keeping a copy in =/etc/letsencrypt~/= for comparison.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml
- name: Install Let's Encrypt archive script.
mode: u=rwx,g=rx,o=rx
#+END_SRC
-#+CAPTION: =roles_t/abbey-front/files/cron.daily_letsencrypt=
+#+CAPTION: [[file:roles_t/abbey-front/files/cron.daily_letsencrypt][=roles_t/abbey-front/files/cron.daily_letsencrypt=]]
#+BEGIN_SRC sh :tangle roles_t/abbey-front/files/cron.daily_letsencrypt
#!/bin/bash -e
The message is encrypted with ~root@core~'s public key, which is
imported into ~root@front~'s GnuPG key file.
-#+CAPTION: =roles_t/abbey-front/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/tasks/main.yml][=roles_t/abbey-front/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/tasks/main.yml
- name: Copy root@core's public key.
notify: Import root@core's public key.
#+END_SRC
-#+CAPTION: =roles_t/abbey-front/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-front/handlers/main.yml][=roles_t/abbey-front/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-front/handlers/main.yml
- name: Import root@core's public key.
=private/vars-abbey.yml=. The file path is relative to the playbook's
directory, =playbooks/=.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml :mkdirp yes
---
- name: Include private abbey variables.
Weather scripts use ~mit-scheme~ and ~gnuplot~ (in pseudonymous
packages).
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Install additional packages.
which delivers any ~.birchwood-abbey.net~ email,
e.g. ~mythtv@mythtv.birchwood-abbey.net~, locally.)
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml :noweb no-export
- name: Install abbey email aliases.
notify: New aliases.
#+END_SRC
-#+CAPTION: =roles_t/abbey-core/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/handlers/main.yml][=roles_t/abbey-core/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/handlers/main.yml :mkdirp yes
---
- name: New aliases.
services on Front and Core. See [[Configure Git Daemon on Front]] and
[[*Configure Gitweb on Front][Configure Gitweb on Front]] for more information.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml :noweb no-export
<<git-tasks>>
#+END_SRC
-#+CAPTION: =roles_t/abbey-core/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/handlers/main.yml][=roles_t/abbey-core/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/handlers/main.yml :noweb no-export
<<git-handlers>>
site on Front. Their configurations include the same [[apache-abbey][~apache-abbey~]],
[[apache-photos][~apache-photos~]], and [[apache-gitweb][~apache-gitweb~]] used on Front.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml :noweb no-export
- name: Configure live website.
<<apache-gitweb-tasks>>
#+END_SRC
-#+CAPTION: =roles_t/abbey-core/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/handlers/main.yml][=roles_t/abbey-core/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/handlers/main.yml :noweb no-export
<<apache-gitweb-handlers>>
Core and not on typical desktop clients. Also included: the Apache2
directives that enable user Git publishing with Gitweb (defined [[apache-gitweb][here]]).
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml :noweb no-export
- name: Configure house website.
The abbey uses the Apt-Cacher:TNG package cache on Core. The
~apt-cacher~ domain name is defined in =private/db.domain=.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Install Apt-Cacher:TNG.
Core itself will benefit from using the package cache.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Use the local Apt package cache.
=/home/= on Core. (The small institute only monitors the space
remaining on roots.)
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Configure NAGIOS monitoring for Core /home/.
notify: Reload NAGIOS4.
#+END_SRC
-#+CAPTION: =roles_t/abbey-core/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/handlers/main.yml][=roles_t/abbey-core/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/handlers/main.yml
- name: Reload NAGIOS4.
includes yet another version, ~abbey_pisensors~, that reports any
recognizable temperature in the ~sensors~ output.
-#+CAPTION: =roles_t/abbey-core/files/abbey_pisensors=
+#+CAPTION: [[file:roles_t/abbey-core/files/abbey_pisensors][=roles_t/abbey-core/files/abbey_pisensors=]]
#+BEGIN_SRC sh :tangle roles_t/abbey-core/files/abbey_pisensors :mkdirp yes
#!/bin/sh
configuration (to avoid depending on name service) and so are
included in =private/vars-abbey.yml=.
-#+CAPTION: =private/vars-abbey.yml=
+#+CAPTION: [[file:private/vars-abbey.yml][=private/vars-abbey.yml=]]
#+BEGIN_SRC conf
devaron_addr: 10.84.138.10
kamino_addr: 192.168.56.14
that Kamino is not included. It is currently unmonitored as it is now
rarely powered up.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Configure cloister NAGIOS monitoring.
*** NAGIOS Monitoring of Devaron
-#+CAPTION: =roles_t/abbey-core/templates/nagios-devaron.cfg=
+#+CAPTION: [[file:roles_t/abbey-core/templates/nagios-devaron.cfg][=roles_t/abbey-core/templates/nagios-devaron.cfg=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/templates/nagios-devaron.cfg :mkdirp yes
define host {
use linux-server
*** NAGIOS Monitoring of Kamino
-#+CAPTION: =roles_t/abbey-core/templates/nagios-kamino.cfg=
+#+CAPTION: [[file:roles_t/abbey-core/templates/nagios-kamino.cfg][=roles_t/abbey-core/templates/nagios-kamino.cfg=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/templates/nagios-kamino.cfg
define host {
use linux-server
*** NAGIOS Monitoring of Kessel
-#+CAPTION: =roles_t/abbey-core/templates/nagios-kessel.cfg=
+#+CAPTION: [[file:roles_t/abbey-core/templates/nagios-kessel.cfg][=roles_t/abbey-core/templates/nagios-kessel.cfg=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/templates/nagios-kessel.cfg
define host {
use linux-server
and runs ~analog~ to generate =/WWW/campus/analog.html=, available to
the campus as ~http://www/analog.html~.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Install Analog.
=InstantUpload/Camera/2021/01/IMG_20210115_092838.jpg= in
=/var/www/nextcloud/data/$USER/files/=.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Add Monkey to Nextcloud group.
Monkey's photo processing scripts use ~netpbm~ commands like
~jpegtopnm~.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-core/tasks/main.yml
- name: Install netpbm.
Monkey on Core runs =/WWW/campus/Weather/Private/cronjob= every 5
minutes and =cronjob-midnight= at midnight.
-#+CAPTION: =roles_t/abbey-core/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-core/tasks/main.yml][=roles_t/abbey-core/tasks/main.yml=]]
#+BEGIN_SRC :tangle roles_t/abbey-core/tasks/main.yml
- name: Create Monkey's weather job.
Depending on the quality of the Internet connection, this may take a
while.
-#+CAPTION: =roles_t/abbey-cloister/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-cloister/tasks/main.yml][=roles_t/abbey-cloister/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-cloister/tasks/main.yml :mkdirp yes
---
- name: Use the local Apt package cache.
another ~check_sensors~ variant, ~abbey_pisensors~, installed on
Raspberry Pis (architecture ~aarch64~) only.
-#+CAPTION: =roles_t/abbey-cloister/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-cloister/tasks/main.yml][=roles_t/abbey-cloister/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-cloister/tasks/main.yml
- name: Install abbey_pisensors NAGIOS plugin.
notify: Reload NRPE server.
#+END_SRC
-#+CAPTION: =roles_t/abbey-cloister/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-cloister/handlers/main.yml][=roles_t/abbey-cloister/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-cloister/handlers/main.yml :mkdirp yes
- name: Reload NRPE server.
The monks of the abbey are masters of the staff and Emacs.
-#+CAPTION: =roles_t/abbey-cloister/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-cloister/tasks/main.yml][=roles_t/abbey-cloister/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-cloister/tasks/main.yml
- name: Install monastic software.
IDs of each host's devices). At the moment there is just the
one weather host, ~anoat~.
-#+CAPTION: =roles_t/abbey-weather/files/daemon-anoat=
+#+CAPTION: [[file:roles_t/abbey-weather/files/daemon-anoat][=roles_t/abbey-weather/files/daemon-anoat=]]
#+BEGIN_SRC perl :tangle roles_t/abbey-weather/files/daemon-anoat :mkdirp yes
#!/usr/bin/perl -w
# -*- CPerl -*-
The above Perl script uses the ~Date::Format~ module, which is
installed by the following task.
-#+CAPTION: =roles_t/abbey-weather/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-weather/tasks/main.yml][=roles_t/abbey-weather/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-weather/tasks/main.yml :mkdirp yes
---
- name: Install weather daemon packages.
on all its weather hosts, so it also configures the server to use the
USB adapter (rather than a test "fake" adapter).
-#+CAPTION: =roles_t/abbey-weather/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-weather/tasks/main.yml][=roles_t/abbey-weather/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-weather/tasks/main.yml
- name: Install 1-Wire server.
Monkey on Core will want to download log records (files) using
~rsync(1)~.
-#+CAPTION: =roles_t/abbey-weather/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-weather/tasks/main.yml][=roles_t/abbey-weather/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-weather/tasks/main.yml
- name: Install Rsync.
test access to the 1-Wire adapter and devices. To facilitate
debugging the ~sysadm~ account is included in the ~monkey~ group.
-#+CAPTION: =roles_t/abbey-weather/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-weather/tasks/main.yml][=roles_t/abbey-weather/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-weather/tasks/main.yml
- name: Create monkey.
The ~ExecStartPre=/bin/sleep 30~ is intended to avoid recent hangs in
~owread~.
-#+CAPTION: =roles_t/abbey-weather/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-weather/tasks/main.yml][=roles_t/abbey-weather/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-weather/tasks/main.yml :noweb no-export
- name: Install weather directory.
when: weather.stat.exists
#+END_SRC
-#+CAPTION: =roles_t/abbey-weather/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-weather/handlers/main.yml][=roles_t/abbey-weather/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-weather/handlers/main.yml :mkdirp yes
---
- name: Reload Systemd.
here, as in the ~abbey-core~ role. The file path is relative to the
playbook's directory, =playbooks/=.
-#+CAPTION: =roles_t/abbey-dvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-dvr/tasks/main.yml][=roles_t/abbey-dvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-dvr/tasks/main.yml :mkdirp yes
---
- name: Include private abbey variables.
and configured per the instructions in sections "Web server set-up"
and "Time Zone" in =/usr/share/doc/zoneminder/README.Debian.gz=.
-#+CAPTION: =roles_t/abbey-dvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-dvr/tasks/main.yml][=roles_t/abbey-dvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-dvr/tasks/main.yml
- name: Install Zoneminder.
state: started
#+END_SRC
-#+CAPTION: =roles_t/abbey-dvr/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-dvr/handlers/main.yml][=roles_t/abbey-dvr/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-dvr/handlers/main.yml :mkdirp yes
---
- name: Restart MySQL.
The following Rsyslog configuration drop-in gets Zoneminder's natter
out of =/var/log/syslog=.
-#+CAPTION: =roles_t/abbey-dvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-dvr/tasks/main.yml][=roles_t/abbey-dvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-dvr/tasks/main.yml
- name: Use /var/log/zoneminder.log
variable, kept in =private/vars-abbey.yml=, and generated e.g. with
the ~apg -n 1 -x 12 -m 12~ command.
-#+CAPTION: =private/vars-abbey.yml=
+#+CAPTION: [[file:private/vars-abbey.yml][=private/vars-abbey.yml=]]
#+BEGIN_SRC conf
zoneminder_dbpass: gakJopbikJadsEdd
#+END_SRC
last "Link..." task below "forces" the link, whether the target exists
or not (yet).
-#+CAPTION: =roles_t/abbey-dvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-dvr/tasks/main.yml][=roles_t/abbey-dvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-dvr/tasks/main.yml
- name: Test for /Zoneminder/.
The remaining tasks ensure that the =/etc/zm/zm.conf= file has the
proper permissions and contains the correct password.
-#+CAPTION: =roles_t/abbey-dvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-dvr/tasks/main.yml][=roles_t/abbey-dvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-dvr/tasks/main.yml
- name: Set /etc/zm/zm.conf permissions.
the ~zm~ database has also been created, and the service is ready to
run.
-#+CAPTION: =roles_t/abbey-dvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-dvr/tasks/main.yml][=roles_t/abbey-dvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-dvr/tasks/main.yml
- name: Enable/Start Zoneminder.
~abbey-core~ role. The file path is relative to the playbook's
directory, =playbooks/=.
-#+CAPTION: =roles_t/abbey-tvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/main.yml][=roles_t/abbey-tvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml :mkdirp yes
---
- name: Include private abbey variables.
'{{ lookup("flattened", deb_pkg_lst ) }}'
#+END_SRC
-#+CAPTION: =roles_t/abbey-tvr/tasks/mains.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/mains.yml][=roles_t/abbey-tvr/tasks/mains.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Install MythTV runtime requisites.
Several of the remaining installation steps are skipped unless
~mythtv.stat.exists~.
-#+CAPTION: =roles_t/abbey-tvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/main.yml][=roles_t/abbey-tvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Test for MythTV binary packages.
MythTV Backend needs to run as its own user: ~mythtv~.
-#+CAPTION: =roles_t/abbey-tvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/main.yml][=roles_t/abbey-tvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Create mythtv.
kept in =private/vars-abbey.yml=, and generated e.g. with the ~apg -n
1 -x 12 -m 12~ command.
-#+CAPTION: =private/vars-abbey.yml=
+#+CAPTION: [[file:private/vars-abbey.yml][=private/vars-abbey.yml=]]
#+BEGIN_SRC conf
mythtv_dbpass: daJkibpoJkag
#+END_SRC
This task installs the =mythtv-backend.service= file.
-#+CAPTION: =roles_t/abbey-tvr/tasks/mains.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/mains.yml][=roles_t/abbey-tvr/tasks/mains.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Create mythtv-backend service.
notify: Reload Systemd.
#+END_SRC
-#+CAPTION: =roles_t/abbey-tvr/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/handlers/main.yml][=roles_t/abbey-tvr/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/handlers/main.yml :mkdirp yes
---
- name: Reload Systemd.
This task checks PHP's timezone. If unset, MythTV's backend logs
bitter complaints.
-#+CAPTION: =roles_t/abbey-tvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/main.yml][=roles_t/abbey-tvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Configure PHP date.timezone.
notify: Restart Apache2.
#+END_SRC
-#+CAPTION: =roles_t/abbey-tvr/handlers/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/handlers/main.yml][=roles_t/abbey-tvr/handlers/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/handlers/main.yml
- name: Restart Apache2.
=/home/mythtv/Recordings/= for MythTV's default storage. This task
creates that directory and ensures it has appropriate permissions.
-#+CAPTION: =roles_t/abbey-tvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/main.yml][=roles_t/abbey-tvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Create MythTV storage area.
The abbey directs MythTV log messages to =/var/log/mythtv.log= (and
away from =/var/log/syslog=) and rotates the log file.
-#+CAPTION: =roles_t/abbey-tvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/main.yml][=roles_t/abbey-tvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Install =/etc/rsyslog.d/40-mythtv.conf.
The following tasks take care of the rest of the installation.
-#+CAPTION: =roles_t/abbey-tvr/tasks/main.yml=
+#+CAPTION: [[file:roles_t/abbey-tvr/tasks/main.yml][=roles_t/abbey-tvr/tasks/main.yml=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/tasks/main.yml
- name: Install MythWeb requisites.
notify: Restart Apache2.
#+END_SRC
-#+CAPTION: =roles_t/abbey-tvr/templates/mythweb.conf.j2=
+#+CAPTION: [[file:roles_t/abbey-tvr/templates/mythweb.conf.j2][=roles_t/abbey-tvr/templates/mythweb.conf.j2=]]
#+BEGIN_SRC conf :tangle roles_t/abbey-tvr/templates/mythweb.conf.j2 :mkdirp yes
#
# Apache configuration directives for MythWeb.
This is much like the example (test) institutional configuration file,
except the roles are found in =Institute/roles/= as well as =roles/=.
-#+CAPTION: =ansible.cfg=
+#+CAPTION: [[file:ansible.cfg][=ansible.cfg=]]
#+BEGIN_SRC conf :tangle ansible.cfg
[defaults]
interpreter_python=/usr/bin/python3
** =hosts=
#+NAME: hosts
-#+CAPTION: =hosts=
+#+CAPTION: [[file:hosts][=hosts=]]
#+BEGIN_SRC conf :tangle hosts
all:
vars:
This playbook provisions the entire network by applying first the
institutional roles, then the liturgical roles.
-#+CAPTION: =playbooks/site.yml=
+#+CAPTION: [[file:playbooks/site.yml][=playbooks/site.yml=]]
#+BEGIN_SRC conf :tangle playbooks/site.yml :mkdirp yes
---
- name: Configure All
The script begins with the following prefix and trampolines.
-#+CAPTION: =abbey=
+#+CAPTION: [[file:abbey][=abbey=]]
#+BEGIN_SRC perl :tangle abbey :tangle-mode u=rwx,g=rx
#!/usr/bin/perl -w
#
code block "duplicates" the action of the institute's
=check-inst-vars.yml=.
-#+CAPTION: =playbooks/check-inst-vars.yml=
+#+CAPTION: [[file:playbooks/check-inst-vars.yml][=playbooks/check-inst-vars.yml=]]
#+BEGIN_SRC conf :tangle playbooks/check-inst-vars.yml
- import_playbook: ../Institute/playbooks/check-inst-vars.yml
#+END_SRC
: ./abbey upgrade -n core
: ./abbey upgrade '!front'
-#+CAPTION: =abbey=
+#+CAPTION: [[file:abbey][=abbey=]]
#+BEGIN_SRC perl :tangle abbey
if ($ARGV[0] eq "upgrade") {
}
#+END_SRC
-#+CAPTION: =playbooks/upgrade.yml=
+#+CAPTION: [[file:playbooks/upgrade.yml][=playbooks/upgrade.yml=]]
#+BEGIN_SRC conf :tangle playbooks/upgrade.yml
- hosts: all
tasks:
The script implements a ~reboots~ sub-command that looks for
=/run/reboot-required= on all abbey managed machines.
-#+CAPTION: =abbey=
+#+CAPTION: [[file:abbey][=abbey=]]
#+BEGIN_SRC perl :tangle abbey
if ($ARGV[0] eq "reboots") {
exec ("ansible-playbook", "-e", "\@Secret/become.yml",
}
#+END_SRC
-#+CAPTION: =playbooks/reboots.yml=
+#+CAPTION: [[file:playbooks/reboots.yml][=playbooks/reboots.yml=]]
#+BEGIN_SRC conf :tangle playbooks/reboots.yml
---
- hosts: all
The script implements a ~versions~ sub-command that reports the
operating system version of all abbey managed machines.
-#+CAPTION: =abbey=
+#+CAPTION: [[file:abbey][=abbey=]]
#+BEGIN_SRC perl :tangle abbey
if ($ARGV[0] eq "versions") {
exec ("ansible-playbook", "-e", "\@Secret/become.yml",
}
#+END_SRC
-#+CAPTION: =playbooks/versarch.yml=
+#+CAPTION: [[file:playbooks/versarch.yml][=playbooks/versarch.yml=]]
#+BEGIN_SRC conf :tangle playbooks/versarch.yml
- hosts: all
tasks:
the ~new_tz~ result registered by it in a previous play and not by the
last host in the previous play.
-#+CAPTION: =abbey=
+#+CAPTION: [[file:abbey][=abbey=]]
#+BEGIN_SRC perl :tangle abbey
if ($ARGV[0] eq "tz") {
my $city = `cat /etc/timezone`; chomp $city;
}
#+END_SRC
-#+CAPTION: =playbooks/timezone.yml=
+#+CAPTION: [[file:playbooks/timezone.yml][=playbooks/timezone.yml=]]
#+BEGIN_SRC conf :tangle playbooks/timezone.yml
---
- hosts: core, dvrs, tvrs
** Abbey Command Help
-#+CAPTION: =abbey=
+#+CAPTION: [[file:abbey][=abbey=]]
#+BEGIN_SRC perl :tangle abbey
my $ops = "config,new,old,pass,client,upgrade,reboots,versions";
die "usage: $0 [$ops]\n";
projects / Network / commitdiff