Merge branch 'main' into feat_improve_discord_notification

ansible/configuration/fail2ban/config-f2b-protect-sshd.yaml

@@ -4,16 +4,16 @@
   become: yes
   tasks:
   - name: install fail2ban
-    apt:
+    ansible.builtin.apt:
       name:
         - fail2ban
       update_cache: yes
   - name: copy fail2ban configfiles
-    copy:
+    ansible.builtin.copy:
       src: configfiles/debian-sshd-default.conf
       dest: /etc/fail2ban/jail.d/debian-sshd-default.conf
   - name: restart fail2ban
-    systemd:
+    ansible.builtin.systemd_service:
       state: restarted
       daemon_reload: yes
       name: fail2ban

ansible/configuration/ssh/config-add-sshkey.yaml

@@ -9,7 +9,7 @@
       state: present
       key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
   - name: change sudoers file
-    lineinfile:
+    ansible.builtin.lineinfile:
       path: /etc/sudoers
       state: present
       regexp: '^%sudo'

ansible/installation/inst-core.yaml

@@ -3,7 +3,7 @@
   become: yes
   tasks:
   - name: install core packages
-    apt:
+    ansible.builtin.apt:
       name:
         - prometheus-node-exporter
         - nfs-common

ansible/installation/inst-docker-ubuntu.yaml

@@ -4,7 +4,7 @@
   become: yes
   tasks:
     - name: install docker dependencies
-      apt:
+      ansible.builtin.apt:
         name:
           - apt-transport-https
           - ca-certificates
@@ -13,17 +13,17 @@
           - software-properties-common
         update_cache: yes
     - name: add docker gpg key
-      apt_key:
+      ansible.builtin.apt_key:
         url: https://download.docker.com/linux/ubuntu/gpg
         state: present
         keyring: /etc/apt/keyrings/docker.gpg
     - name: add docker repository
-      apt_repository:
+      ansible.builtin.apt_repository:
         filename: docker 
         repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename|lower }} stable
         state: present
     - name: install docker engine
-      apt:
+      ansible.builtin.apt:
         name:
           - docker-ce
           - docker-ce-cli

ansible/installation/inst-microk8s.yaml

@@ -4,8 +4,8 @@
   become: yes
   tasks:
     - name: install microk8s
-      snap:
+      community.general.snap:
         classic: yes
         name: microk8s
     - name: add userpermissions
-      shell: "usermod -aG microk8s {{ lookup('env','USER') }}"
+      ansible.builtin.shell: "usermod -aG microk8s {{ lookup('env','USER') }}"

ansible/installation/inst-qemu-agent.yaml

@@ -5,6 +5,6 @@
   become_method: sudo
   tasks:
     - name: Install qemu-guest-agent
-      apt:
+      ansible.builtin.apt:
         name: qemu-guest-agent
         state: present

ansible/installation/inst-vm-core.yaml

@@ -4,14 +4,14 @@
   become: yes
   tasks:
   - name: install packages
-    apt:
+    ansible.builtin.apt:
       name:
         - prometheus-node-exporter
         - nfs-common
         - qemu-guest-agent
       update_cache: yes
   - name: start guest qemu-guest-agent
-    service:
+    ansible.builtin.service:
       name: qemu-guest-agent
       state: started
       enabled: yes

ansible/installation/inst-wireguard.yaml

@@ -4,11 +4,11 @@
   become: yes
   tasks:
     - name: install wireguard
-      apt:
+      ansible.builtin.apt:
         name: wireguard
         update_cache: yes
     - name: generate private and public keypair
-      shell: |
+      ansible.builtin.shell: |
         wg genkey | tee privatekey | wg pubkey > publickey
         chmod 0400 privatekey
         chmod 0400 publickey

ansible/installation/inst-zsh.yaml

@@ -4,7 +4,7 @@
   become: yes
   tasks:
     - name: install zsh
-      apt:
+      ansible.builtin.apt:
         name: zsh
         state: present
         update_cache: true

ansible/maintenance/maint-diskspace.yaml

@@ -3,10 +3,10 @@
   hosts: "{{ hosts }}"
   tasks:
     - name: get disk usage
-      command: df -h
+      ansible.builtin.command: df -h
       register: disk_usage
     - name: check disk space available
-      shell: df -Ph / | awk 'NR==2 {print $5}'
+      ansible.builtin.shell: df -Ph / | awk 'NR==2 {print $5}'
       register: disk_usage
     # - name: send discord message when disk space is over 80%
     #   uri:

ansible/maintenance/maint-reboot-required.yaml

@@ -5,9 +5,9 @@
   tasks:
     - name: check if system reboot is required
       become: true
-      stat:
+      ansible.builtin.stat:
         path: /var/run/reboot-required
       register: reboot_required
-    - debug:
+    - ansible.builtin.debug:
         msg: "Reboot is required"
       when: reboot_required.stat.exists

ansible/maintenance/maint-reboot.yaml

@@ -4,5 +4,5 @@
   become: yes
   tasks:
   - name: reboot machine
-    reboot:
+    ansible.builtin.reboot:
       reboot_timeout: 3600

ansible/update/upd-apt.yaml

@@ -4,23 +4,23 @@
   tasks:
     - name: Update packages with apt
       when: ansible_pkg_mgr == 'apt'
-      apt:
+      ansible.builtin.apt:
         update_cache: yes
 
     - name: Update packages with yum
       when: ansible_pkg_mgr == 'yum'
-      yum:
+      ansible.builtin.yum:
         name: '*'
         state: latest
 
     - name: Upgrade packages with apt
       when: ansible_pkg_mgr == 'apt'
-      apt:
+      ansible.builtin.apt:
         upgrade: dist
 
     - name: Upgrade packages with yum
       when: ansible_pkg_mgr == 'yum'
-      yum:
+      ansible.builtin.yum:
         name: '*'
         state: latest
         exclude: kernel*

docker-compose/heimdall/docker-compose.yaml

@@ -1,7 +1,7 @@
 ---
 services:
   heimdall:
-    image: lscr.io/linuxserver/heimdall:2.5.6
+    image: lscr.io/linuxserver/heimdall:2.6.1
     container_name: heimdall
     environment:
       - PUID=1000

docker-compose/pihole/docker-compose.yaml

@@ -1,5 +1,12 @@
+---
 version: '3'
 
+volumes:
+  dnsmasq:
+    driver: local
+  etcd:
+    driver: local
+
 services:
   pihole:
     container_name: pihole
@@ -14,6 +21,6 @@ services:
       - TZ=Europe/Berlin
       - WEBPASSWORD=your-secret-password
     volumes:
-      - etcd:/etc/pihole
       - dnsmasq:/etc/dnsmasq.d
+      - etcd:/etc/pihole
     restart: unless-stopped

docker-compose/prometheus/docker-compose.yaml

@@ -4,7 +4,7 @@ volumes:
     driver: local
 services:
   prometheus:
-    image: prom/prometheus:v2.50.0
+    image: prom/prometheus:v2.50.1
     container_name: prometheus
     ports:
       - 9090:9090

docker-compose/uptimekuma/docker-compose.yaml

@@ -4,7 +4,7 @@ volumes:
     driver: local
 services:
   uptimekuma:
-    image: louislam/uptime-kuma:latest
+    image: louislam/uptime-kuma:1.23.11
     container_name: uptimekuma
     ports:
       - 3001:3001

vagrant/hyperv/ubuntu/docker/playbook.yaml

@@ -3,7 +3,7 @@
   become: yes
   tasks:
     - name: install prerequisites
-      apt:
+      ansible.builtin.apt:
         name:
           - apt-transport-https
           - ca-certificates 
@@ -12,13 +12,13 @@
           - software-properties-common
         update_cache: yes
     - name: add apt-key
-      apt_key:
+      ansible.builtin.apt_key:
         url: https://download.docker.com/linux/ubuntu/gpg
     - name: add docker repo
-      apt_repository:
+      ansible.builtin.apt_repository:
         repo: deb https://download.docker.com/linux/ubuntu focal stable
     - name: install docker 
-      apt:
+      ansible.builtin.apt:
         name: 
           - docker-ce
           - docker-ce-cli
@@ -26,4 +26,4 @@
           - docker-compose
         update_cache: yes
     - name: add userpermissions
-      shell: "usermod -aG docker vagrant"
+      ansible.builtin.shell: "usermod -aG docker vagrant"

vagrant/hyperv/ubuntu/microk8s-installed/playbook.yaml

@@ -3,9 +3,9 @@
   become: yes
   tasks:
   - name: install microk8s
-    snap:
+    community.general.snap:
       classic: yes
       name: microk8s
   - name: add userpermissions
-    shell: "usermod -aG microk8s vagrant"
+    ansible.builtin.shell: "usermod -aG microk8s vagrant"
 

vagrant/hyperv/ubuntu/plain-with-cockpit/playbook.yaml

@@ -3,6 +3,6 @@
   become: yes
   tasks:
   - name: install cockpit
-    apt:
+    ansible.builtin.apt:
       name: cockpit
       update_cache: yes