Merge branch 'main' into renovate/vaultwarden-server-1.x

.forgejo/workflows/tofu.yml

@@ -41,7 +41,29 @@ jobs:
             af0ed579-05f8-405f-b0f3-b208000620ca > vlan_gateway
 
       
-
+      - name: Create tfvars file
+        working-directory: ./terraform
+        run: |
+          cat <<EOF > terraform.tfvars
+          arrbuntu_ip_address = "${{ steps.bitwarden-secrets.outputs.arrbuntu_ip_address }}"
+          aws_access_key_id = "${{ steps.bitwarden-secrets.outputs.aws_access_key_id }}"
+          aws_secret_access_key = "${{ steps.bitwarden-secrets.outputs.aws_secret_access_key }}"
+          downloaders_ip_address = "${{ steps.bitwarden-secrets.outputs.downloaders_ip_address }}"
+          init_password = "${{ steps.bitwarden-secrets.outputs.init_password }}"
+          init_username = "${{ steps.bitwarden-secrets.outputs.init_username }}"
+          kasm_ip = "${{ steps.bitwarden-secrets.outputs.kasm_ip }}"
+          kasm_ssh_ip = "${{ steps.bitwarden-secrets.outputs.kasm_ssh_ip }}"
+          npm_ip_address = "${{ steps.bitwarden-secrets.outputs.npm_ip_address }}"
+          prox_ip_address = "${{ steps.bitwarden-secrets.outputs.prox_ip_address }}"
+          pve2_ip_address = "${{ steps.bitwarden-secrets.outputs.pve2_ip_address }}"
+          s3_endpoint = "${{ steps.bitwarden-secrets.outputs.s3_endpoint }}"
+          ssh_password = "${{ steps.bitwarden-secrets.outputs.ssh_password }}"
+          ssh_username = "${{ steps.bitwarden-secrets.outputs.ssh_username }}"
+          ubu_ip_address = "${{ steps.bitwarden-secrets.outputs.ubu_ip_address }}"
+          virtual_environment_api = "${{ steps.bitwarden-secrets.outputs.virtual_environment_api }}"
+          virtual_environment_endpoint = "${{ steps.bitwarden-secrets.outputs.virtual_environment_endpoint }}"
+          vlan_gateway = "${{ steps.bitwarden-secrets.outputs.vlan_gateway }}"
+          EOF
 
       - name: Setup OpenTofu
         uses: https://github.com/opentofu/setup-opentofu@v1.0.4
@@ -49,25 +71,7 @@ jobs:
       - name: Run OpenTofu Init
         working-directory: ./terraform
         run: |
-          tofu init \
+          tofu init -var-file=terraform.tfvars
-            -var "arrbuntu_ip_address=${{ steps.bitwarden-secrets.outputs.arrbuntu_ip_address }}" \
-            -var "aws_access_key_id=${{ steps.bitwarden-secrets.outputs.aws_access_key_id }}" \
-            -var "aws_secret_access_key=${{ steps.bitwarden-secrets.outputs.aws_secret_access_key }}" \
-            -var "downloaders_ip_address=${{ steps.bitwarden-secrets.outputs.downloaders_ip_address }}" \
-            -var "init_password=${{ steps.bitwarden-secrets.outputs.init_password }}" \
-            -var "init_username=${{ steps.bitwarden-secrets.outputs.init_username }}" \
-            -var "kasm_ip=${{ steps.bitwarden-secrets.outputs.kasm_ip }}" \
-            -var "kasm_ssh_ip=${{ steps.bitwarden-secrets.outputs.kasm_ssh_ip }}" \
-            -var "npm_ip_address=${{ steps.bitwarden-secrets.outputs.npm_ip_address }}" \
-            -var "prox_ip_address=${{ steps.bitwarden-secrets.outputs.prox_ip_address }}" \
-            -var "pve2_ip_address=${{ steps.bitwarden-secrets.outputs.pve2_ip_address }}" \
-            -var "s3_endpoint=${{ steps.bitwarden-secrets.outputs.s3_endpoint }}" \
-            -var "ssh_password=${{ steps.bitwarden-secrets.outputs.ssh_password }}" \
-            -var "ssh_username=${{ steps.bitwarden-secrets.outputs.ssh_username }}" \
-            -var "ubu_ip_address=${{ steps.bitwarden-secrets.outputs.ubu_ip_address }}" \
-            -var "virtual_environment_api=${{ steps.bitwarden-secrets.outputs.virtual_environment_api }}" \
-            -var "virtual_environment_endpoint=${{ steps.bitwarden-secrets.outputs.virtual_environment_endpoint }}" \
-            -var "vlan_gateway=${{ steps.bitwarden-secrets.outputs.vlan_gateway }}"
 
 
       - name: Run OpenTofu Plan

ansible/playbooks/ntp.yml

@@ -0,0 +1,29 @@
+---
+- name: Configure systemd-timesyncd to use router NTP server
+  hosts: all
+  become: true
+
+  tasks:
+    - name: Ensure systemd-timesyncd is installed
+      apt:
+        name: systemd-timesyncd
+        state: present
+        update_cache: yes
+
+    - name: Configure timesyncd to use the router's NTP server
+      shell: sed -i '/^NTP=/c\NTP=10.0.0.1' /etc/systemd/timesyncd.conf
+
+
+    - name: Restart systemd-timesyncd to apply changes
+      systemd:
+        name: systemd-timesyncd
+        state: restarted
+        enabled: yes
+
+    - name: Verify the NTP configuration
+      command: timedatectl status
+      register: timesync_status
+
+    - name: Show the status of time synchronization
+      debug:
+        msg: "{{ timesync_status.stdout }}"

terraform/cloud-init.tf

@@ -1,9 +1,6 @@
-data "local_file" "ssh_public_key" {
+locals {
-  filename = "/home/mafyuh/.ssh/main_key.pub"
+  ssh_public_key_1 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDndt2pi7jZx0qY1qn/UEn2AcZThxCQBvIGNytlPDz1cFNHjB1lGgHdI4uCw7fu2ET6/vpqHxjdQqB/Ehj2fajw1L2zncKB93NMv3pcq7ZJGwIgdw26vfBQZWFazaPk7O5rOGO1hWohE4YlejpOHYGCFs1pUxaC8DQPR0M6GvnccWxzJhpiO+NUeU8F/NC1uKLyypK8CpTmjVQaiTSgn/RorTf7A6sdzfWFndM7k6hw5NqqKVk0OhDfy/XCGQrIRh6/yxFbbthAUJgd8/djELlc7XQaG0nMSBtu6m8+VmMN8XO7FZmus8PwlcXPIhwos+vJlh2+xU+E7Ciwyw4WytCjuw67rL4REbdOh+zqZm//OMswvTxtDiRbTXTsOXqgyh5cOUcNub3UdAl6e7c2ZQT5lz5ZVCNNLVrFigvRE813YlKsoYu1p4XrtyHodeYEXgoLjU0jgRj0EmBEDriafo84lamHK7zItZllNH9hHKWs+iXiQQ4nVD65Ng0mYmM9OF76corqfIuQWkQd8kN2r5a0UHrl+tkhZOY3x3PB9r88yCPRdSkW8ICFObQ069yE4HU9kA41rVPXOU8zxK8UT2svTM0YRcDcfr2VUktU0wEP1ASv8nOAdvq7+pcqpoKrw3sZyyeLncxSAfJCRMjJvUDww92YSTjG4TCwY2gcPXRsww== Generated By Termius"
-}
+  ssh_public_key_2 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCt9kj7JcJVf8zfzLlsDv12d9dV7J4SM+Wrq7fWMUseCzl7BK3SX+cNFYWbkZsDsp81VtXrqXDpImIGc9KtRy1tvNmrd/+xlj6aVFH9tHYq//5pOC2C4wcf3wVlSazdhZ64qVwY4glr1Bs4M02GZ92VDjb51JvByl5kfgiKLqRiFyJHv9f5FYEfZqdLY+SKjd7H6fjhMTFTcyfXeGaifUTqogDXPLzk0iP0rx7C3oHOfsKKhZvUe/la9uYJGdbSeQX1H59KOVJQ7UQxr7wn+uu5e7IPPXiBoR4dBU8pAmtWgLo9F0ZdXgu2bOunUBIeL2/dj6xFCI3ZrQ3mLe+upoyhqLKh4+qi5SeQNcqXi7pHhcA1hGzmOMDrPXV/2DA0NcJ6v43qJFRn+Qp8Oy/zApvQ6F/opLhX0yghEc5ltmj+MPMom4ykKxpuGPUHxNplMgmVG+V/YlRXG9BATsQX35kt2lqivX9L4XppgJHhby0bJnZQKozExCn67w1rSW7MvYyo/W7aXK7ZGLIeH7sxqwwisQlbMjhVzYcods1p+JDi1VhNQUsc4nDA0ghk9PiSY11pwAvvzds46wZLMrxlNeIs2cEdghIi+5QO68qvZHODHrtiAn3yJ7qjarx5qOx5oe2DX2duY6/7cUEnwQFNX5z4hfeCCThz9jIn316Jk/oeXQ== admin@mafyuh.io"
-
-data "local_file" "ssh_public_key_2" {
-  filename = "/home/mafyuh/.ssh/id_rsa.pub"
 }
 
 resource "proxmox_virtual_environment_file" "cloud_config" {
@@ -22,8 +19,8 @@ resource "proxmox_virtual_environment_file" "cloud_config" {
           - docker
         shell: /bin/bash
         ssh_authorized_keys:
-          - ${trimspace(data.local_file.ssh_public_key.content)}
+          - ${trimspace(local.ssh_public_key_1)}
-          - ${trimspace(data.local_file.ssh_public_key_2.content)}
+          - ${trimspace(local.ssh_public_key_2)}
         sudo: ALL=(ALL) NOPASSWD:ALL
     runcmd:
         - apt update
@@ -58,8 +55,8 @@ resource "proxmox_virtual_environment_file" "cloud_config2" {
           - docker
         shell: /bin/bash
         ssh_authorized_keys:
-          - ${trimspace(data.local_file.ssh_public_key.content)}
+          - ${trimspace(local.ssh_public_key_1)}
-          - ${trimspace(data.local_file.ssh_public_key_2.content)}
+          - ${trimspace(local.ssh_public_key_2)}
         sudo: ALL=(ALL) NOPASSWD:ALL
     runcmd:
         - apt update