From ecf247ac370715e3ae4ba01aea8a6901a1b88431 Mon Sep 17 00:00:00 2001
From: Wang Defa <2-wangdefa@users.noreply.gitlab.bcde.io>
Date: Fri, 5 Dec 2025 20:49:32 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 journald_configure.yml | 74 ++++++++++++++++++++++++++++++++++++++++++
 xxxigcc_install.yaml   | 60 ++++++++++++++++++++++++++++++++++
 xxxigcc_uninstall.yaml | 30 +++++++++++++++++
 3 files changed, 164 insertions(+)
 create mode 100644 journald_configure.yml
 create mode 100644 xxxigcc_install.yaml
 create mode 100644 xxxigcc_uninstall.yaml

diff --git a/journald_configure.yml b/journald_configure.yml
new file mode 100644
index 0000000..fc58f1c
--- /dev/null
+++ b/journald_configure.yml
@@ -0,0 +1,74 @@
+---
+- name: 配置 systemd-journald
+  hosts: all
+  become: yes
+
+  vars:
+    journald_config:
+      system_max_use: "500M"
+      system_max_file_size: "100M"
+      max_retention_sec: "7day"
+      rate_limit_interval_sec: "30s"
+      rate_limit_burst: "10000"
+
+    backup_journald: true
+
+  tasks:
+    - name: 备份原有 journald.conf
+      ansible.builtin.copy:
+        src: /etc/systemd/journald.conf
+        dest: "/etc/systemd/journald.conf.backup.{{ ansible_date_time.iso8601_basic_short }}"
+        remote_src: yes
+        force: no
+      when: backup_journald
+
+    - name: 部署 journald.conf 配置
+      ansible.builtin.copy:
+        dest: /etc/systemd/journald.conf
+        owner: root
+        group: root
+        mode: "0644"
+        backup: yes
+        content: |
+          # This file is managed by Ansible
+          # Manual changes will be overwritten
+          # See journald.conf(5) for details.
+          
+          [Journal]
+          # 限制日志最大使用空间（所有服务总和）
+          SystemMaxUse={{ journald_config.system_max_use }}
+          
+          # 单个日志文件最大大小
+          SystemMaxFileSize={{ journald_config.system_max_file_size }}
+          
+          # 保留日志的时间
+          MaxRetentionSec={{ journald_config.max_retention_sec }}
+          
+          # 限制单个服务的日志速率（防止日志炸弹）
+          RateLimitIntervalSec={{ journald_config.rate_limit_interval_sec }}
+          RateLimitBurst={{ journald_config.rate_limit_burst }}
+      notify: 重启 systemd-journald
+
+    - name: 验证 journald 服务状态
+      ansible.builtin.systemd:
+        name: systemd-journald
+      register: journald_status
+
+    - name: 显示 journald 服务状态
+      ansible.builtin.debug:
+        msg: "journald 状态: {{ journald_status.status.ActiveState }}"
+
+    - name: 显示日志磁盘使用情况
+      ansible.builtin.command: journalctl --disk-usage
+      register: disk_usage
+      changed_when: false
+
+    - name: 显示磁盘使用
+      ansible.builtin.debug:
+        var: disk_usage.stdout
+
+  handlers:
+    - name: 重启 systemd-journald
+      ansible.builtin.systemd:
+        name: systemd-journald
+        state: restarted
diff --git a/xxxigcc_install.yaml b/xxxigcc_install.yaml
new file mode 100644
index 0000000..752f9a4
--- /dev/null
+++ b/xxxigcc_install.yaml
@@ -0,0 +1,60 @@
+---
+- name: XXXigCC 安装脚本
+  hosts: all
+  become: yes
+  
+  vars:
+    # 必填参数
+    pool_url: ""
+    cc_url: ""
+    cc_token: ""
+    
+    # 可选参数（布尔值）
+    enable_cc: true
+    enable_tls: true
+    enable_cc_tls: true
+    enable_keepalive: true
+    enable_1gb_pages: true
+    
+    # 脚本URL
+    install_script_url: "https://gitea.bcde.io/wangdefa/xxxigcc/raw/branch/main/script/install.deb.sh"
+    
+  tasks:
+    - name: 构建安装命令参数
+      ansible.builtin.set_fact:
+        install_command: >-
+          bash /tmp/install.deb.sh
+          -o '{{ pool_url }}'
+          {{ '--keepalive' if enable_keepalive else '' }}
+          {{ '--1gb-pages' if enable_1gb_pages else '' }}
+          {{ '--tls' if enable_tls else '' }}
+          {{ '--cc' if enable_cc else '' }}
+          {{ '--cc-url ' + cc_url if enable_cc else '' }}
+          {{ '--cc-token ' + cc_token if enable_cc else '' }}
+          {{ '--cc-tls' if enable_cc and enable_cc_tls else '' }}
+
+    - name: 显示将要执行的命令
+      ansible.builtin.debug:
+        msg: "{{ install_command }}"
+
+    - name: 下载安装脚本
+      ansible.builtin.get_url:
+        url: "{{ install_script_url }}"
+        dest: /tmp/install.deb.sh
+        mode: '0755'
+        force: yes
+
+    - name: 执行安装脚本
+      ansible.builtin.shell: "{{ install_command }}"
+      args:
+        executable: /bin/bash
+      register: install_output
+
+    - name: 显示安装结果
+      ansible.builtin.debug:
+        var: install_output.stdout_lines
+
+    - name: 清理临时脚本
+      ansible.builtin.file:
+        path: /tmp/install.deb.sh
+        state: absent
diff --git a/xxxigcc_uninstall.yaml b/xxxigcc_uninstall.yaml
new file mode 100644
index 0000000..38629d2
--- /dev/null
+++ b/xxxigcc_uninstall.yaml
@@ -0,0 +1,30 @@
+---
+- name: XXXigCC 卸载脚本
+  hosts: all
+  become: yes
+  
+  tasks:
+    - name: 下载卸载脚本
+      ansible.builtin.get_url:
+        url: https://gitea.bcde.io/wangdefa/xxxigcc/raw/branch/main/script/uninstall.sh
+        dest: /tmp/uninstall.sh
+        mode: '0755'
+        force: yes
+        validate_certs: yes
+      register: download_result
+
+    - name: 执行卸载脚本
+      ansible.builtin.shell: /tmp/uninstall.sh
+      args:
+        executable: /bin/bash
+      register: script_output
+      changed_when: true
+
+    - name: 显示脚本执行结果
+      ansible.builtin.debug:
+        var: script_output.stdout_lines
+
+    - name: 清理临时脚本文件
+      ansible.builtin.file:
+        path: /tmp/uninstall.sh
+        state: absent
\ No newline at end of file