xrdp_apphost: Upgrade EstlCam from 11244 to 11245

roles/dns_intern/templates/bind/23.172.in-addr.arpa.zone.j2

@@ -1,7 +1,7 @@
 $ORIGIN 23.172.in-addr.arpa.	; base for unqualified names
 $TTL 1h				; default time-to-live
 @				IN	SOA ns1.binary.kitchen. hostmaster.binary.kitchen. (
-					2023011601; serial
+					2024030100; serial
 					1d; refresh
 					2h; retry
 					4w; expire

roles/dns_intern/templates/bind/binary.kitchen.zone.j2

@@ -1,7 +1,7 @@
 $ORIGIN binary.kitchen		; base for unqualified names
 $TTL 1h				; default time-to-live
 @				IN	SOA ns1.binary.kitchen. hostmaster.binary.kitchen. (
-					2023011601; serial
+					2024030100; serial
 					1d; refresh
 					2h; retry
 					4w; expire
@@ -30,7 +30,6 @@ netbox				IN	A	172.23.2.7
 ns1				IN	A	172.23.2.3
 ns2				IN	A	172.23.2.4
 omm				IN	A	172.23.2.35
-racktables			IN	A	172.23.2.6
 radius				IN	A	172.23.2.3
 radius				IN	A	172.23.2.4
 ; Loopback

roles/gitea/defaults/main.yml

@@ -3,5 +3,5 @@
 gitea_user: gogs
 gitea_group: gogs
 
-gitea_version: 1.21.6
+gitea_version: 1.21.7
 gitea_url: https://github.com/go-gitea/gitea/releases/download/v{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64

roles/icinga-monitor/tasks/disk.yml

@@ -0,0 +1,17 @@
+---
+
+- name: Configure monitoring for disk
+  template:
+    src: disk.j2
+    dest: /etc/icinga2/conf.d/hosts/{{ inventory_hostname }}.disk
+    owner: "{{ icinga_user }}"
+    group: "{{ icinga_group }}"
+  delegate_to: "{{ icinga_server }}"
+
+- name: Regenerate hosts.conf
+  assemble:
+    src: /etc/icinga2/conf.d/hosts
+    dest: /etc/icinga2/conf.d/hosts.conf
+#   validate: /usr/sbin/icinga2 daemon -c %s --validate
+  notify: Restart icinga2
+  delegate_to: "{{ icinga_server }}"

roles/icinga-monitor/templates/disk.j2

@@ -0,0 +1,8 @@
+{% for disk in disks %}
+
+  vars.disks["disk {{ disk }}"] = {
+    disk_partitions = "{{ disk }}"
+    disk_wfree = "10%"
+    disk_cfree = "5%"
+  }
+{% endfor %}

roles/icinga-monitor/templates/http.j2

@@ -1,5 +1,6 @@
 
   vars.http_vhosts["{{ vhost }}"] = {
+    http_onredirect = "follow"
     http_sni = "true"
     http_ssl = "true"
     http_vhost = "{{ vhost }}"

roles/icinga_agent/defaults/main.yml

@@ -0,0 +1,4 @@
+---
+
+icinga_user: nagios
+icinga_group: nagios

roles/icinga_agent/handlers/main.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Run acertmgr
+  command: /usr/bin/acertmgr
+
+- name: Restart icinga2
+  service: name=icinga2 state=restarted
+
+- name: Restart nginx
+  service: name=nginx state=restarted

roles/icinga_agent/tasks/main.yml

@@ -0,0 +1,77 @@
+---
+
+- name: Install icinga
+  apt: name=icinga2
+
+- name: Check if client is already enrolled
+  stat:
+    path: /var/lib/icinga2/certs/{{ ansible_fqdn }}.crt
+  register: cert_file
+
+- name: Enroll agent on master server
+  block:
+  - name: Ensure certificate directory exists
+    file:
+      path: /var/lib/icinga2/certs
+      state: directory
+      owner: "{{ icinga_user }}"
+      group: "{{ icinga_group }}"
+
+  - name: Copy certificate from master
+    fetch:
+      src: /var/lib/icinga2/certs/{{ icinga_server }}.crt
+      dest: /tmp/{{ icinga_server }}.crt
+      flat: true
+    delegate_to: "{{ icinga_server }}"
+
+  - name: Copy certificate to host
+    copy:
+      src: /tmp/{{ icinga_server }}.crt
+      dest: /var/lib/icinga2/certs/{{ icinga_server }}.crt
+      owner: "{{ icinga_user }}"
+      group: "{{ icinga_group }}"
+
+  - name: Get ticket from master
+    shell: "icinga2 pki ticket --cn {{ ansible_fqdn }}"
+    register: "icinga_ticket"
+    changed_when: "False"
+    delegate_to: "{{ icinga_server }}"
+
+  - name: Setup node
+    command:
+      argv:
+      - icinga2
+      - node
+      - setup
+      - --ticket
+      - "{{ icinga_ticket.stdout | trim }}"
+      - --endpoint
+      - "{{ icinga_server }}"
+      - --zone
+      - "{{ ansible_fqdn }}"
+      - --parent_host
+      - "{{ icinga_server }}"
+      - --trustedcert
+      - "/var/lib/icinga2/certs/{{ icinga_server }}.crt"
+      - --accept-commands
+      - --accept-config
+  when: not cert_file.stat.exists
+
+- name: Set agent address on master
+  template: src=hosts.agent.j2 dest=/etc/icinga2/conf.d/hosts/{{ inventory_hostname }}.01_agent owner={{ icinga_user }} group={{ icinga_group }}
+  delegate_to: "{{ icinga_server }}"
+
+- name: Regenerate hosts.conf
+  assemble:
+    src: /etc/icinga2/conf.d/hosts
+    dest: /etc/icinga2/conf.d/hosts.conf
+#   validate: /usr/sbin/icinga2 daemon -c %s --validate
+  notify: Restart icinga2
+  delegate_to: "{{ icinga_server }}"
+
+# TODO expand this to cover more than just the root partition
+- name: Monitor disks
+  include_role: name=icinga-monitor tasks_from=disk
+  vars:
+    disks:
+    - "/"

roles/icinga_agent/templates/hosts.agent.j2

@@ -0,0 +1,3 @@
+
+  /* Set custom variable `agent_endpoint` for use in `services.conf`. */
+  vars.agent_endpoint = "{{ inventory_hostname }}"

roles/xrdp_apphost/README.md

@@ -15,5 +15,5 @@ by a admin user.
         $ export WINEARCH=win32
         $ wineboot
         $ winetricks dotnet40 gdiplus d3dx9_36
-        $ wget http://www.estlcam.de/downloads/Estlcam_32_11244.exe
-        $ wine Estlcam_32_11243.exe
+        $ wget http://www.estlcam.de/downloads/Estlcam_32_11245.exe
+        $ wine Estlcam_32_11245.exe

roles/xrdp_apphost/defaults/main.yml

@@ -31,8 +31,8 @@ xrdp_applications:
     salt: "{{ vault_xrdp_apphost_lightburn_salt }}"
     git_config_folder: /home/lightburn/.config/LightBurn/
 
-    checksum: sha256:2b3770a113d22afd37943306c9996537e13633c97ea806e2aedce5d428704a85
-    version: 1.3.01
+    checksum: sha256:c366f542a32b93e2e0f9e9b03c3cba4dcedecbadec09d94a053c19dae2f69cc8
+    version: 1.5.03
 
   Estlcam:
     user: estlcam
@@ -48,9 +48,9 @@ xrdp_applications:
     salt: "{{ vault_xrdp_apphost_slicer_salt }}"
     git_config_folder: /home/slicer/.config/PrusaSlicer/
 
-    checksum: sha256:95123af8b82035add43ceef6d31ef0b91b1a5c7280261cb9db4a0de08387b9d5
-    version_base: 2.5.0
-    version: 2.5.0+linux-x64-GTK3-202209060725
+    checksum: sha256:08af39db787abcdc46cc5da76a51be06cf91c67c2b6871cb3327db0c1d0c8832
+    version_base: 2.7.2
+    version: 2.7.2+linux-x64-GTK3-202402291307
 
 lightburn_url: https://github.com/LightBurnSoftware/deployment/releases/download/{{ xrdp_applications.LightBurn.version }}/LightBurn-Linux64-v{{ xrdp_applications.LightBurn.version }}.run
 lightburn_target: /home/{{ xrdp_applications.LightBurn.user }}/LightBurn-Linux64-v{{ xrdp_applications.LightBurn.version }}.run

roles/xrdp_apphost/tasks/lightburn.yml

@@ -6,6 +6,11 @@
     - libpulse-mainloop-glib0
     - libnss3
     - libxkbcommon-x11-0
+    - libxcb-icccm4-dev
+    - libxcb-image0
+    - libxcb-keysyms1
+    - libxcb-render-util0
+    - libxcb-xinerama0
 
 - name: Download LightBurn binary
   get_url: url={{ lightburn_url }} dest={{ lightburn_target }} checksum={{ xrdp_applications.LightBurn.checksum }} mode=0755