From d5f9132b73222315ba0a945ccfa7758db4990e47 Mon Sep 17 00:00:00 2001 From: Bernd Wachter Date: Thu, 29 Feb 2024 13:30:05 +0200 Subject: [PATCH] Print wireguard confdir location for easier debugging --- tasks/_manage_wireguard_install.yml | 2 +- tasks/add_systemd_timer.yml | 26 +++++++++ tasks/remove_systemd_timer.yml | 19 +++++++ tasks/systemd_timer.yml | 86 +++++++++++++++++++++++++++++ 4 files changed, 132 insertions(+), 1 deletion(-) create mode 100644 tasks/add_systemd_timer.yml create mode 100644 tasks/remove_systemd_timer.yml create mode 100644 tasks/systemd_timer.yml diff --git a/tasks/_manage_wireguard_install.yml b/tasks/_manage_wireguard_install.yml index c5b27b6..ef34f4d 100644 --- a/tasks/_manage_wireguard_install.yml +++ b/tasks/_manage_wireguard_install.yml @@ -1,7 +1,7 @@ - set_fact: _wg_installed: true -- name: make sure wireguard configuration directory exists +- name: make sure wireguard configuration directory exists ({{_wireguard_confdir}}) ansible.builtin.file: path: "{{_wireguard_confdir}}" owner: root diff --git a/tasks/add_systemd_timer.yml b/tasks/add_systemd_timer.yml new file mode 100644 index 0000000..20fc608 --- /dev/null +++ b/tasks/add_systemd_timer.yml @@ -0,0 +1,26 @@ +# this is a convenience method to add systemd timers +# +# - name: do dummy timer +# include_role: +# name: basic-host +# tasks_from: add_timer +# vars: +# systemd_timer_name: dummy-timer +# systemd_timer_oncalendar: "*-*-* *:50:00" +# systemd_timer_command: /bin/true + +- set_fact: + systemd_timers: > + {{ {} | combine({ + systemd_timer_name: { + 'description': systemd_timer_description|default(systemd_timer_name), + 'oncalendar': systemd_timer_oncalendar, + 'command': systemd_timer_command|default('/bin/true'), + 'add_service': systemd_timer_add_service|default(True), + 'user': systemd_timer_user|default('root'), + 'randomized_delay_sec': systemd_timer_randomized_delay_sec|default(0), + } + })}} + +- name: setup timer + include_tasks: systemd_timer.yml diff --git a/tasks/remove_systemd_timer.yml b/tasks/remove_systemd_timer.yml new file mode 100644 index 0000000..7a8afdc --- /dev/null +++ b/tasks/remove_systemd_timer.yml @@ -0,0 +1,19 @@ +# this is a convenience method to delete systemd timers +# +# - name: remove dummy timer +# include_role: +# name: basic-host +# tasks_from: remove_timer +# vars: +# systemd_timer_name: dummy-timer + +- set_fact: + systemd_timers: > + {{ {} | combine({ + systemd_timer_name: { + 'state': 'absent', + } + })}} + +- name: setup timer + include_tasks: systemd_timer.yml diff --git a/tasks/systemd_timer.yml b/tasks/systemd_timer.yml new file mode 100644 index 0000000..617a11a --- /dev/null +++ b/tasks/systemd_timer.yml @@ -0,0 +1,86 @@ +# So far this supports simple timers with OnCalendar trigger as cron replacement. +# Eventually it should get expanded to fully support systemd timers, though the +# convenience wrappers might receive less functionality. +# +# The ability to use both a copied script or a command is present in the timer +# file, but not yet supported by this role. If a script is present it should be +# copied, and used as command. +# +# This file is the main entry point for adding more than one timer, and for +# adding host-specific timers through 'systemd_timers' on basic_host run. +# +# For adding/removing a single timer include add_timer or remove_timer. See +# documentation in those files for details. + +- set_fact: + _timer_types: + - timer + - service + +- set_fact: + _timer_types: + - timer + when: + +- name: add systemd timers with service + template: + src: systemd-timer-{{item.0}}.j2 + dest: "/etc/systemd/system/{{item.1}}.{{item.0}}" + mode: 0644 + with_nested: + - ['timer', 'service'] + - "{{systemd_timers}}" + when: > + (systemd_timers[item.1].state is undefined or + (systemd_timers[item.1].state is defined and systemd_timers[item.1].state != "absent")) and + (systemd_timers[item.1].add_service is undefined or + (systemd_timers[item.1].add_service is defined and systemd_timers[item.1].add_service != False)) + +# this could be written simpler, but to make it easier for future changes it's +# intentionally written as the above one +- name: add systemd timers without service + template: + src: systemd-timer-{{item.0}}.j2 + dest: "/etc/systemd/system/{{item.1}}.{{item.0}}" + mode: 0644 + with_nested: + - ['timer'] + - "{{systemd_timers}}" + when: > + (systemd_timers[item.1].state is undefined or + (systemd_timers[item.1].state is defined and systemd_timers[item.1].state != "absent")) and + (systemd_timers[item.1].add_service is defined and systemd_timers[item.1].add_service == False) + +- name: enable timer + systemd: + daemon_reload: yes + name: "{{item.key}}.timer" + state: started + enabled: yes + with_dict: "{{systemd_timers}}" + when: > + (item.value.state is undefined or + (item.value.state is defined and item.value.state != "absent")) + +- name: disable timer + systemd: + daemon_reload: yes + name: "{{item.key}}.timer" + state: stopped + enabled: no + with_dict: "{{systemd_timers}}" + # on re-runs timers might already have been removed and can't be disabled: + # ignore errors + ignore_errors: True + when: > + item.value.state is defined and item.value.state == "absent" + +- name: remove systemd timers + file: + path: /etc/systemd/system/{{item.1}}.{{item.0}} + state: absent + with_nested: + - ['timer', 'service'] + - "{{systemd_timers}}" + when: > + systemd_timers[item.1].state is defined and systemd_timers[item.1].state == "absent"