jlay/deploy-base
1
1
Fork 0
Code Issues Pull requests Activity

add 'btrfs' role, move vars to host_vars

Browse source
This commit is contained in:
Josh Lay 2024-03-23 11:53:01 -05:00
parent 13da397c76
commit 55d37e10ac
Signed by: jlay
GPG key ID: B265E45CACAD108A
7 changed files with 127 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
host_vars/lalilulelo.yml Normal file
View file

@ -0,0 +1,23 @@
---
tuned_base_profile: "network-latency"
tuned_custom_profile:
name: tweaks
sections:
- name: main
params:
- option: summary
value: "Boosts RAID and iGPU speeds, managed by Ansible"
- option: include
value: "{{ tuned_base_profile }}"
- name: sysctl
params:
- option: dev.raid.speed_limit_min
value: "1000000"
- option: dev.raid.speed_limit_max
value: "9500000"
- option: net.core.somaxconn
value: "16384"
- name: sysfs
params:
- option: /sys/class/drm/*/device/power_dpm_force_performance_level
value: highest

43
host_vars/workstation.yml Normal file
View file

@ -0,0 +1,43 @@
---
tuned_base_profile: "network-latency"
tuned_custom_profile:
name: tweaks
sections:
- name: main
params:
- option: summary
value: "Ansible-managed/customized profile"
- option: include
value: "{{ tuned_base_profile }}"
- name: virtsched
params:
- option: type
value: "disk"
- option: devices_udev_regex
value: "(ID_MODEL=QEMU_HARDDISK)|(ID_VENDOR=HC)"
- option: elevator
value: "mq-deadline"
- name: ssdnosched
params:
- option: type
value: "disk"
- option: devices_udev_regex
value: "(ID_ATA_ROTATION_RATE_RPM=0)"
- option: elevator
value: "none"
- name: sysctl
params:
# - option: net.core.default_qdisc
# value: "fq"
# - option: net.ipv4.tcp_congestion_control
# value: "bbr"
# - option: net.core.rmem_max
# value: "4194304"
# - option: net.core.wmem_max
# value: "1048576"
- option: dev.raid.speed_limit_min
value: "600000"
- option: dev.raid.speed_limit_max
value: "9000000"
- option: net.core.somaxconn
value: "8192"

48
play.yml
View file

@ -3,57 +3,15 @@
gather_facts: yes gather_facts: yes
vars: vars:
# auto_update: "true" # would configure dnf-automatic # auto_update: "true" # would configure dnf-automatic
hardened_ssh_port: "1181" # tcp is assumed in selinux/firewalld allowance # hardened_ssh_port: "1181" # tcp is assumed in selinux/firewalld allowance
URL_PUBKEYS: "https://github.com/joshlay.keys" # https://github.com/user.keys URL_PUBKEYS: "https://github.com/joshlay.keys" # https://github.com/user.keys
tuned_base_profile: "network-latency"
tuned_custom_profile:
name: tweaks
sections:
- name: main
params:
- option: summary
value: "Custom tuned profile created by jlay - virt. IO scheduler, TCP, etc"
- option: include
value: "{{ tuned_base_profile }}"
- name: virtsched
params:
- option: type
value: "disk"
- option: devices_udev_regex
value: "(ID_MODEL=QEMU_HARDDISK)|(ID_VENDOR=HC)"
- option: elevator
value: "mq-deadline"
- name: ssdnosched
params:
- option: type
value: "disk"
- option: devices_udev_regex
value: "(ID_ATA_ROTATION_RATE_RPM=0)"
- option: elevator
value: "none"
- name: sysctl
params:
- option: net.core.default_qdisc
value: "fq"
- option: net.ipv4.tcp_congestion_control
value: "bbr"
- option: net.core.rmem_max
value: "4194304"
- option: net.core.wmem_max
value: "1048576"
- option: dev.raid.speed_limit_min
value: "600000"
- option: dev.raid.speed_limit_max
value: "9000000"
- option: net.core.somaxconn
value: "8192"
roles: roles:
# - {role: btrfs} # sets up scrubbing - {role: btrfs} # sets up scrubbing
- {role: bootstrap} - {role: bootstrap}
- {role: tuned} - {role: tuned}
- {role: install-packages} - {role: install-packages}
- {role: update-packages} # depends on 'is_atomic' in bootstrap - {role: update-packages} # depends on 'is_atomic' in bootstrap
- {role: fedora-upgrade} # consider renaming to dist-upgrade / supporting more than fedora - {role: fedora-upgrade} # consider renaming to dist-upgrade / supporting more than fedora
- {role: create-user} - {role: create-user} # this should always follow packages; they often provide groups the user may want to join
- {role: hardening} - {role: hardening}
- {role: docker} - {role: docker}

10
roles/btrfs/files/btrfs-scrub@.service Normal file
View file

@ -0,0 +1,10 @@
[Unit]
Description=Btrfs scrub on %f
ConditionPathIsMountPoint=%f
RequiresMountsFor=%f
[Service]
Nice=19
IOSchedulingClass=idle
KillSignal=SIGINT
ExecStart=/usr/bin/btrfs scrub start -B %f

11
roles/btrfs/files/btrfs-scrub@.timer Normal file
View file

@ -0,0 +1,11 @@
[Unit]
Description=Monthly Btrfs scrub on %f
[Timer]
OnCalendar=monthly
AccuracySec=1d
RandomizedDelaySec=1w
Persistent=true
[Install]
WantedBy=timers.target

5
roles/btrfs/handlers/main.yml Normal file
View file

@ -0,0 +1,5 @@
- name: Reload systemd
ansible.builtin.systemd:
daemon_reload: true
become: true
listen: daemon_reload

32
roles/btrfs/tasks/main.yml Normal file
View file

@ -0,0 +1,32 @@
- name: Setup scrub units
ansible.builtin.copy:
src: "{{ item }}"
dest: /etc/systemd/system/
mode: "0644"
owner: root
group: root
with_items:
- 'btrfs-scrub@.service'
- 'btrfs-scrub@.timer'
notify: daemon_reload
become: true
- name: Run pending handlers
ansible.builtin.meta: flush_handlers
- name: Determine btrfs mounts
ansible.builtin.set_fact:
btrfs_mounts: "{{ ansible_facts['mounts'] | selectattr('fstype', 'equalto', 'btrfs') | map(attribute='mount') | list }}"
- name: Determine systemd-friendly refs for BTRFS mount points
ansible.builtin.command: "systemd-escape -p -- {{ item }}"
register: sanitized_mounts
loop: "{{ btrfs_mounts }}"
changed_when: false
- name: Ensure the scrub timer is enabled for discovered BTRFS filesystems
ansible.builtin.systemd:
name: "btrfs-scrub@{{ item.stdout }}.timer"
enabled: true
with_items: "{{ sanitized_mounts.results }}"
become: true