cleanup bastion deployment a bit

update k3s to 1.31.4
add openai.badjware.dev endpoint
2024-12-28 16:41:41 -05:00 · 2024-12-28 16:41:21 -05:00 · 2024-12-05 00:22:12 -05:00 · 2024-12-04 23:25:39 -05:00
8 changed files with 13 additions and 12 deletions
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@ -47,6 +47,7 @@ haproxy:
          - deluge.badjware.dev
          - tavern.badjware.dev
          - actual.badjware.dev
+          - openai.badjware.dev
        backend:
          - server: 192.168.20.20:8443
          - server: 192.168.20.21:8443
--- a/group_vars/k3s.yml
+++ b/group_vars/k3s.yml
@ -1,4 +1,4 @@
 k3s:
-  version: v1.28.8+k3s1
+  version:  v1.31.4+k3s1
  # disable local-path-provisioner, we use longhorn instead
  extra_server_args: --disable local-storage
--- a/4
+++ b/4
@ -36,8 +36,8 @@ all:
          nut_client:
            ups: liebert-psi
            sched:
-              # We want to shutdown this server quick
-              on_bat: 15
+              # We want to shutdown this server quicker
+              on_bat: 60
    bastion:
      hosts:
        bastion:
--- a/reboot-rpi.yml
+++ b/reboot-rpi.yml
@ -0,0 +1,3 @@
+- hosts: k3s-agent0,k3s-agent1,k3s-agent2,k3s-agent3
+  tasks:
+    - reboot:
--- a/roles/haproxy/tasks/main.yml
+++ b/roles/haproxy/tasks/main.yml
@ -42,9 +42,3 @@
    dest: /opt/certbot/certbot-deploy.sh
    mode: '0700'
  notify: Run certbot
-
- name: Install weekly haproxy reload
-  cron:
-    name: "haproxy reload"
-    special_time: weekly
-    job: "/bin/systemctl reload haproxy"
--- a/roles/haproxy/templates/certbot-deploy.sh
+++ b/roles/haproxy/templates/certbot-deploy.sh
@ -1,2 +1,3 @@
 #!/bin/sh
 cat /etc/letsencrypt/live/{{ letsencrypt.domains[0] }}/fullchain.pem /etc/letsencrypt/live/{{ letsencrypt.domains[0] }}/privkey.pem >/etc/letsencrypt/live/{{ letsencrypt.domains[0] }}/{{ letsencrypt.domains[0] }}.pem
+systemctl restart haproxy
--- a/roles/nut-server/templates/62-nut-usbups.rules
+++ b/roles/nut-server/templates/62-nut-usbups.rules
@ -1,7 +1,7 @@
 SUBSYSTEM!="usb", GOTO="nut-usbups_rules_end"

 {% for name, config in nut_server.ups.items() %}
-ACTION=="add|change", SUBSYSTEM=="usb|usb_device", SUBSYSTEMS=="usb|usb_device", ATTR{idVendor}=="{{ config.vendorid }}", ATTR{idProduct}=="{{ config.productid }}", MODE="664", GROUP="nut", RUN+="/sbin/upsdrvctl stop; /sbin/upsdrvctl start"
+ACTION=="add|change", SUBSYSTEM=="usb|usb_device", SUBSYSTEMS=="usb|usb_device", ATTR{idVendor}=="{{ config.vendorid }}", ATTR{idProduct}=="{{ config.productid }}", MODE="664", GROUP="nut", RUN+="/sbin/upsdrvctl stop || /sbin/upsdrvctl start"
 {% endfor %}

 LABEL="nut-usbups_rules_end"
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@ -22,17 +22,19 @@
    creates: /etc/wireguard/private.key
  register: private_key_gen

- name: Fetch private key
+- name: Read private key
  command: cat /etc/wireguard/private.key
  register: private_key
+  changed_when: false

 - name: Generate public key
  shell: cat /etc/wireguard/private.key | wg pubkey >/etc/wireguard/public.key
  when: not public_key_stats.stat.exists or private_key_gen.changed

- name: Fetch public key
+- name: Read public key
  command: cat /etc/wireguard/public.key
  register: public_key
+  changed_when: false

 - name: Print public key
  debug:
Author	SHA1	Message	Date
Massaki Archambault	61a891ae24	cleanup bastion deployment a bit	2024-12-28 16:41:41 -05:00
Massaki Archambault	bc5f1ec01c	update k3s to 1.31.4	2024-12-28 16:41:21 -05:00
Massaki Archambault	48ca9f85d9	add openai.badjware.dev endpoint	2024-12-05 00:22:12 -05:00
Massaki Archambault	9781bb161d	tweak NUT config	2024-12-04 23:25:39 -05:00