From cf86ac183389f101c320f7a4ffb6151c6c3f3a56 Mon Sep 17 00:00:00 2001
From: "Daniel A. Maierhofer" <git@damadmai.at>
Date: Fri, 13 Jul 2018 14:20:25 +0200
Subject: [PATCH] Put logrotate,iptables,snapper and smartd to common

---
 group_vars/fet_hosts                          |  4 ++++
 host_vars/ariane                              |  3 +++
 roles/ariane/defaults/main.yml                |  4 ----
 roles/ariane/handlers/main.yml                |  9 ---------
 roles/ariane/tasks/iptables.yml               | 13 ------------
 roles/ariane/tasks/logrotate.yml              |  6 ------
 roles/ariane/tasks/main.yml                   | 16 ---------------
 roles/ariane/tasks/smartd.yml                 | 16 ---------------
 roles/ariane/tasks/snapper.yml                | 20 -------------------
 roles/common                                  |  2 +-
 .../iptables_ariane_v4.j2                     |  0
 .../iptables_ariane_v6.j2                     |  0
 12 files changed, 8 insertions(+), 85 deletions(-)
 delete mode 100644 roles/ariane/tasks/iptables.yml
 delete mode 100644 roles/ariane/tasks/logrotate.yml
 delete mode 100644 roles/ariane/tasks/smartd.yml
 delete mode 100644 roles/ariane/tasks/snapper.yml
 rename roles/ariane/templates/iptables_rules_v4.j2 => templates/iptables_ariane_v4.j2 (100%)
 rename roles/ariane/templates/iptables_rules_v6.j2 => templates/iptables_ariane_v6.j2 (100%)

diff --git a/group_vars/fet_hosts b/group_vars/fet_hosts
index 39bddba..2d07311 100644
--- a/group_vars/fet_hosts
+++ b/group_vars/fet_hosts
@@ -52,3 +52,7 @@ common_sysctls:
 
 - key: net.ipv4.conf.default.accept_source_route
   val: 0
+
+common_snapper: True
+common_smartd: True
+
diff --git a/host_vars/ariane b/host_vars/ariane
index 243936f..c3ac110 100644
--- a/host_vars/ariane
+++ b/host_vars/ariane
@@ -2,6 +2,9 @@
 inventory_hostname: ariane.fet.htu.tuwien.ac.at
 inventory_hostname_short: ariane
 
+common_iptables_v4: "iptables_ariane_v4.j2"
+common_iptables_v6: "iptables_ariane_v6.j2"
+
 lxc:
   containers:
   - name: laika
diff --git a/roles/ariane/defaults/main.yml b/roles/ariane/defaults/main.yml
index b01aa21..5ca482c 100644
--- a/roles/ariane/defaults/main.yml
+++ b/roles/ariane/defaults/main.yml
@@ -1,8 +1,4 @@
 ---
-ariane_logrotate: True
-ariane_iptables: True
 ariane_zfs: True
 ariane_lxc: True
 ariane_lxc_void: True
-ariane_snapper: True
-ariane_smartd: True
diff --git a/roles/ariane/handlers/main.yml b/roles/ariane/handlers/main.yml
index 47beca3..902aaf9 100644
--- a/roles/ariane/handlers/main.yml
+++ b/roles/ariane/handlers/main.yml
@@ -1,7 +1,4 @@
 ---
-- name: iptables restore
-  command: iptables-restore /etc/iptables/rules.v4
-
 - name: zfs - start services
   service: "name={{ item }} state=restarted"
   with_items:
@@ -11,12 +8,6 @@
   - zfs-share
   listen: zfs restart
 
-- name: snapper - reload fstab
-  command: mount -a
-
-- name: restart smartd
-  service: name=smartd state=restarted
-
 - name: lxc - create authorized_keys file in VM for root
   listen: lxc - inital ssh authorized_keys
   copy: remote_src=yes src=/root/.ssh/authorized_keys dest="/var/lib/lxc/lxc-{{ item.name }}-{{ item.revision }}/rootfs/root/.ssh/authorized_keys" owner=root group=root mode=0600
diff --git a/roles/ariane/tasks/iptables.yml b/roles/ariane/tasks/iptables.yml
deleted file mode 100644
index 45ad62e..0000000
--- a/roles/ariane/tasks/iptables.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- name: iptables - install iptables-persistent
-  package: name=iptables-persistent
-
-- name: /etc/iptables/rules.v4
-  template: dest=/etc/iptables/rules.v4 src=iptables_rules_v4.j2 owner=root group=root mode=0644
-  notify:
-    iptables restore
-
-- name: /etc/iptables/rules.v6
-  template: dest=/etc/iptables/rules.v6 src=iptables_rules_v6.j2 owner=root group=root mode=0644
-  notify:
-    iptables restore
diff --git a/roles/ariane/tasks/logrotate.yml b/roles/ariane/tasks/logrotate.yml
deleted file mode 100644
index d8e3b72..0000000
--- a/roles/ariane/tasks/logrotate.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: logrotate - set backlog
-  lineinfile:
-    path: /etc/logrotate.conf
-    regexp: '^rotate '
-    line: 'rotate 52'
diff --git a/roles/ariane/tasks/main.yml b/roles/ariane/tasks/main.yml
index ba0f2d4..3c168d0 100644
--- a/roles/ariane/tasks/main.yml
+++ b/roles/ariane/tasks/main.yml
@@ -1,12 +1,4 @@
 ---
-- import_tasks: logrotate.yml
-  when: ariane_logrotate
-  tags: ['ariane_logrotate', 'logrotate']
-
-- import_tasks: iptables.yml
-  when: ariane_iptables
-  tags: ['ariane_iptables', 'iptables']
-
 - import_tasks: zfs.yml
   when: ariane_zfs
   tags: ['ariane_zfs', 'zfs']
@@ -18,11 +10,3 @@
 - import_tasks: lxc_void.yml
   when: ariane_lxc_void
   tags: ['ariane_lxc_void', 'lxc', 'lxc_void']
-
-- import_tasks: snapper.yml
-  when: ariane_snapper
-  tags: ['ariane_snapper', 'snapper']
-
-- import_tasks: smartd.yml
-  when: ariane_smartd
-  tags: ['ariane_smartd', 'smartd']
diff --git a/roles/ariane/tasks/smartd.yml b/roles/ariane/tasks/smartd.yml
deleted file mode 100644
index 433d90f..0000000
--- a/roles/ariane/tasks/smartd.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- name: smartd - install smartmontools
-  package: name=smartmontools
-
-- name: smartd - /etc/default/smartmontools
-  replace:
-    path: /etc/default/smartmontools
-    regexp: "^#start_smartd=.*"
-    replace: "start_smartd=yes"
-  notify: restart smartd
-
-- name: smartd - /etc/smartd.conf
-  copy:
-    dest: /etc/smartd.conf
-    content: "DEVICESCAN -a -d nvme -d sat -o on -s (S/../.././01) -n standby -R 5 -I 9 -R 194 -m root -M exec /usr/share/smartmontools/smartd-runner\n"
-  notify: restart smartd
diff --git a/roles/ariane/tasks/snapper.yml b/roles/ariane/tasks/snapper.yml
deleted file mode 100644
index 29479ee..0000000
--- a/roles/ariane/tasks/snapper.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-- name: snapper - install snapper
-  package: name=snapper
-
-- name: snapper - create-config
-  command: snapper create-config /
-  args:
-    creates: /etc/snapper/configs/root
-
-- name: snapper - get rootfs blkid
-  shell: "blkid -s UUID|grep `mount|grep '/ '|cut -d' ' -f1`|cut -d' ' -f 2"
-  register: snapper_blkid
-  changed_when: False
-
-- name: snapper - /etc/fstab
-  lineinfile:
-    path: /etc/fstab
-    line: "{{ snapper_blkid.stdout_lines[0] }} /.snapshots btrfs subvol=.snapshots 0 1"
-  when: snapper_blkid.stdout_lines is defined
-  notify: snapper - reload fstab
diff --git a/roles/common b/roles/common
index 1a0adb2..f58be41 160000
--- a/roles/common
+++ b/roles/common
@@ -1 +1 @@
-Subproject commit 1a0adb219d09108f3f80748b9056e6215e8cad43
+Subproject commit f58be4106c04a2e829081c8032dd87a52886dc52
diff --git a/roles/ariane/templates/iptables_rules_v4.j2 b/templates/iptables_ariane_v4.j2
similarity index 100%
rename from roles/ariane/templates/iptables_rules_v4.j2
rename to templates/iptables_ariane_v4.j2
diff --git a/roles/ariane/templates/iptables_rules_v6.j2 b/templates/iptables_ariane_v6.j2
similarity index 100%
rename from roles/ariane/templates/iptables_rules_v6.j2
rename to templates/iptables_ariane_v6.j2