digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.

Server stats:

812
active users

#ansible

14 posts14 participants0 posts today

Der absolute Spitzenreiter an alten Servern ist einer mit 470 ausstehenden Updates, davon 420 kritisch.

Die Uptime liegt bei 825 Tagen.

Binde gerade mit meinem Ansible Playbook viele VMs in das Monitoring und in das Loganalyse-Tool ein und erfahre viel über das Netzwerk.

WTF...

I've just published version 25.7.1 of 'kpfleming.systemd_networkd', my collection of Ansible roles for managing systemd-networkd configuration. New in this release are a half-dozen 'advanced' features in the 'network' role, along with a new 'bridge' role. Most of these changes originated from my recent project to switch to DHCPv6-PD on my home network, and also eliminate the standalone DHCPv4 servers I was using.

If you're an Ansible user and use systemd-networkd on your managed machines, take a look! Here's an example of a moderately-complex configuration:

github.com/kpfleming/ansible-s

I've got more complex ones if you're really interested 🙂

#Ansible #systemd #networking #systemd-networkd

A collection of Ansible roles for managing the configuration of systemd-networkd. - kpfleming/ansible-systemd-networkd
GitHubGitHub - kpfleming/ansible-systemd-networkd: A collection of Ansible roles for managing the configuration of systemd-networkd.A collection of Ansible roles for managing the configuration of systemd-networkd. - kpfleming/ansible-systemd-networkd

#Ansible Users: what would you consider 'best practice' ..

* having a dedicated ansible user with a common password, ssh keys and sudo access across systems, or
* just using your own user and giving yourself a common password across systems?

i want to play with something like woodpecker at some point, but now i have made some progress with the existing setup:

* the nvchecker triggerscript (checks for new releases):
* posts to vikunja now (mail+applescript+omnifocus too fragile)
* checks if the updated app is configured as playbook
* runs the matching playbook
* from post_tasks, a conditional webhook is triggered using ansible_play_hosts/ansible_play_hosts_all:
#ansible

Upgraded 13 servers to #Debian 13 #trixie yesterday 🙂

Minor problems:

- On two servers, #Linux kernel changed network interface names. Fortunately, local servers, so I could login and fix it.

- Four #nginx instances did not start, because long deprecated "ssl on" is now an error. Again, easy to fix.

What are currently the best #ansible resources to deploy #ceph these days in a fresh env?

There are a lot of outdated or non-collection/role like resources out there, some only have partial "bootstrap" scripts, other say "please install first and the manage via this one".

- cephadm-ansible
- stackhpc/ansible-collection-cephadm
- ceph/ceph.automation

etc.

Continued thread

6. Hetzner-Images scheinen systemd-timesyncd vorkonfiguriert zu haben.
7. Zusätzliche Debian-Repos angenehm mit Ansible: deb822_repository.
8. saslauthd ist buggy: In der systemd-Unit musste ich das PIDFile setzen.
9. policyd-weight: ExecStart braucht "start".
10. Postfix-Konfig in eine Sackgasse gelaufen, siehe:
bugs.debian.org/cgi-bin/bugrep

bugs.debian.org#1106740 - postfix: cyrus_sasl_config_path needs to be set explicitly for trixie (not needed for older debian releases) - Debian Bug report logs