wangdefa/ansible-playbook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加

Browse Source
This commit is contained in:
Wang Defa
2025-12-05 20:49:32 +08:00
commit ecf247ac37
3 changed files with 164 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
journald_configure.yml Normal file
View File

@@ -0,0 +1,74 @@
---
- name: 配置 systemd-journald
hosts: all
become: yes
vars:
journald_config:
system_max_use: "500M"
system_max_file_size: "100M"
max_retention_sec: "7day"
rate_limit_interval_sec: "30s"
rate_limit_burst: "10000"
backup_journald: true
tasks:
- name: 备份原有 journald.conf
ansible.builtin.copy:
src: /etc/systemd/journald.conf
dest: "/etc/systemd/journald.conf.backup.{{ ansible_date_time.iso8601_basic_short }}"
remote_src: yes
force: no
when: backup_journald
- name: 部署 journald.conf 配置
ansible.builtin.copy:
dest: /etc/systemd/journald.conf
owner: root
group: root
mode: "0644"
backup: yes
content: |
# This file is managed by Ansible
# Manual changes will be overwritten
# See journald.conf(5) for details.
[Journal]
# 限制日志最大使用空间(所有服务总和)
SystemMaxUse={{ journald_config.system_max_use }}
# 单个日志文件最大大小
SystemMaxFileSize={{ journald_config.system_max_file_size }}
# 保留日志的时间
MaxRetentionSec={{ journald_config.max_retention_sec }}
# 限制单个服务的日志速率(防止日志炸弹)
RateLimitIntervalSec={{ journald_config.rate_limit_interval_sec }}
RateLimitBurst={{ journald_config.rate_limit_burst }}
notify: 重启 systemd-journald
- name: 验证 journald 服务状态
ansible.builtin.systemd:
name: systemd-journald
register: journald_status
- name: 显示 journald 服务状态
ansible.builtin.debug:
msg: "journald 状态: {{ journald_status.status.ActiveState }}"
- name: 显示日志磁盘使用情况
ansible.builtin.command: journalctl --disk-usage
register: disk_usage
changed_when: false
- name: 显示磁盘使用
ansible.builtin.debug:
var: disk_usage.stdout
handlers:
- name: 重启 systemd-journald
ansible.builtin.systemd:
name: systemd-journald
state: restarted

60
xxxigcc_install.yaml Normal file
View File

@@ -0,0 +1,60 @@
---
- name: XXXigCC 安装脚本
hosts: all
become: yes
vars:
# 必填参数
pool_url: ""
cc_url: ""
cc_token: ""
# 可选参数(布尔值)
enable_cc: true
enable_tls: true
enable_cc_tls: true
enable_keepalive: true
enable_1gb_pages: true
# 脚本URL
install_script_url: "https://gitea.bcde.io/wangdefa/xxxigcc/raw/branch/main/script/install.deb.sh"
tasks:
- name: 构建安装命令参数
ansible.builtin.set_fact:
install_command: >-
bash /tmp/install.deb.sh
-o '{{ pool_url }}'
{{ '--keepalive' if enable_keepalive else '' }}
{{ '--1gb-pages' if enable_1gb_pages else '' }}
{{ '--tls' if enable_tls else '' }}
{{ '--cc' if enable_cc else '' }}
{{ '--cc-url ' + cc_url if enable_cc else '' }}
{{ '--cc-token ' + cc_token if enable_cc else '' }}
{{ '--cc-tls' if enable_cc and enable_cc_tls else '' }}
- name: 显示将要执行的命令
ansible.builtin.debug:
msg: "{{ install_command }}"
- name: 下载安装脚本
ansible.builtin.get_url:
url: "{{ install_script_url }}"
dest: /tmp/install.deb.sh
mode: '0755'
force: yes
- name: 执行安装脚本
ansible.builtin.shell: "{{ install_command }}"
args:
executable: /bin/bash
register: install_output
- name: 显示安装结果
ansible.builtin.debug:
var: install_output.stdout_lines
- name: 清理临时脚本
ansible.builtin.file:
path: /tmp/install.deb.sh
state: absent

30
xxxigcc_uninstall.yaml Normal file
View File

@@ -0,0 +1,30 @@
---
- name: XXXigCC 卸载脚本
hosts: all
become: yes
tasks:
- name: 下载卸载脚本
ansible.builtin.get_url:
url: https://gitea.bcde.io/wangdefa/xxxigcc/raw/branch/main/script/uninstall.sh
dest: /tmp/uninstall.sh
mode: '0755'
force: yes
validate_certs: yes
register: download_result
- name: 执行卸载脚本
ansible.builtin.shell: /tmp/uninstall.sh
args:
executable: /bin/bash
register: script_output
changed_when: true
- name: 显示脚本执行结果
ansible.builtin.debug:
var: script_output.stdout_lines
- name: 清理临时脚本文件
ansible.builtin.file:
path: /tmp/uninstall.sh
state: absent