MHA-Team/PTS-Team
1
0
Fork 0
mirror of https://github.com/MHA-Team/PTS-Team.git synced 2026-02-21 13:13:37 +00:00
Code Issues 19 Actions Packages Projects Releases Wiki Activity

cbox implemet part

Browse Source
This commit is contained in:
MrDoobPG
2019-08-24 00:55:31 +02:00
parent b6a4125b7b
commit 46d7553069
22 changed files with 873 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
menu/functions/install.sh
View File

@@ -77,6 +77,8 @@ pginstall() {
core mergerinstall
core dockerinstall
core docstart
core kernel
core cloudflare
touch /var/plexguide/install.roles
rolenumber=3
@@ -105,6 +107,8 @@ pginstall() {
core mountcheck
emergency
pgdeploy
core kernel
core cloudflare
}
core() {
@@ -155,6 +159,18 @@ docstart() {
ansible-playbook /opt/plexguide/menu/pg.yml --tags docstart
}
kernel () {
ansible-playbook /opt/plexguide/menu/pg.yml --tags kernel
}
cloudflare () {
ansible-playbook /opt/plexguide/menu/pg.yml --tags cloudflare
}
nvidia () {
ansible-playbook /opt/plexguide/menu/pg.yml --tags nvidia
}
emergency() {
variable /var/plexguide/emergency.display "On"
if [[ $(ls /opt/appdata/plexguide/emergency) != "" ]]; then

5
menu/pg.yml
View File

@@ -10,4 +10,7 @@
- { role: autodelete, tags: ['autodelete'] }
- { role: clean, tags: ['clean'] }
- { role: clean-encrypt, tags: ['clean-encrypt'] }
- { role: kernel, tags: ['kernel'] }
- { role: kernel, tags: ['kernel'] }
- { role: cloudflare, tags: ['cloudflare'] }
- { role: nvidia, tags: ['nvidia'] }
- { role: system, tags: ['system'] }

40
menu/roles/cloudflare/tasks/main.yml Normal file
View File

@@ -0,0 +1,40 @@
#########################################################################
# Title: Cloudbox: Cloudflare Role #
# Author(s): l3uddz, desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Install 'dnsutils'
apt: "name=dnsutils state=present"
- name: Get Public IP Address
shell: dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'\"' '{ print $2}'
register: public_ip_lookup
- name: Set 'public_ip' variable
set_fact:
public_ip: "{{ public_ip_lookup.stdout }}"
- name: Set 'record' variable
set_fact:
record: "{{ (subdomain == user.domain) | ternary(user.domain,subdomain + '.' + user.domain) }}"
- name: Set DNS Record
cloudflare_dns:
account_api_token: "{{ cloudflare.api }}"
account_email: "{{ cloudflare.email }}"
zone: "{{ user.domain }}"
state: present
solo: true
proxied: no
type: A
value: "{{ public_ip }}"
record: "{{ subdomain }}"
- name: Display DNS Record
debug:
msg: "DNS Record for '{{ record }}' set to '{{ public_ip }}'."

3
menu/roles/nvidia/files/blacklist-nouveau.conf Normal file
View File

@@ -0,0 +1,3 @@
# generated by cloudbox nvidia role
blacklist nouveau
options nouveau modeset=0

110
menu/roles/nvidia/tasks/main.yml Normal file
View File

@@ -0,0 +1,110 @@
#########################################################################
# Title: Cloudbox: Nvidia Role #
# Author(s): desimaniac, l3uddz #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Install common pip modules
pip:
state: present
name:
- jmespath
- name: Fetch Nvidia card info
shell: |
if [ `lspci | grep -c -E '.*VGA.*NVIDIA'` -eq 1 ]; then
lspci -s $(lspci | grep -E '.*VGA.*NVIDIA' | cut -d' ' -f 1)
else
echo ""
fi
register: lspci_resp
- name: Nvidia Setup block
block:
# Install Ubuntu drivers
- name: Install Ubuntu drivers
apt:
name: ubuntu-drivers-common
update_cache: yes
state: present
- name: Get list of devices
shell: ubuntu-drivers devices
register: ubuntu_devices
# Install Nvidia Drivers
- name: Nvidia Kernel and Driver Tasks
block:
- name: Check if 'blacklist-nouveau.conf' exists
stat:
path: "/etc/modprobe.d/blacklist-nouveau.conf"
register: blacklist_nouveau_conf
- name: "Nvidia Kernel Task"
include_tasks: "nvidia_kernel.yml"
when: (not blacklist_nouveau_conf.stat.exists)
- name: "Nvidia Driver Task"
include_tasks: "nvidia_driver.yml"
when: '("manual_install: True" not in ubuntu_devices.stdout)'
# Install Nvidia Driver Patch to remove transcode limit
- name: Nvidia Driver Patch Tasks
block:
- name: Check to see if patch backup files exist
find:
paths: "/opt/nvidia/libnvidia-encode-backup"
file_type: file
recurse: yes
patterns: '*.so*'
register: nvidia_patch_backup_files
- name: "Nvidia Driver Patch Task"
include_tasks: "nvidia_patch.yml"
when: (nvidia_patch_backup_files.matched|int == 0)
when: ('GeForce' in lspci_resp.stdout)
# Install Nvidia Runtime Container
- name: Nvidia Runtime Container Tasks
block:
- name: Get contents of 'daemon.json'
shell: cat /etc/docker/daemon.json
register: docker_daemon_json
- name: Set 'docker_default_runtime'
set_fact:
docker_default_runtime: "{{ docker_daemon_json.stdout | from_json | json_query('\"default-runtime\"') }}"
- name: "Nvidia Docker Task"
include_tasks: "nvidia_docker.yml"
when: (docker_default_runtime != 'nvidia')
# Install Nvidia Nvtop Tool
- name: Nvidia Nvtop Tasks
block:
- name: Check nvtop exists
stat:
path: "/usr/local/bin/nvtop"
register: nvtop_binary
- name: "Nvidia Nvtop Task"
include_tasks: "nvidia_nvtop.yml"
when: not nvtop_binary.stat.exists
when: (ansible_distribution == 'Ubuntu') and ('NVIDIA' in lspci_resp.stdout)

65
menu/roles/nvidia/tasks/nvidia_docker.yml Normal file
View File

@@ -0,0 +1,65 @@
#########################################################################
# Title: Nvidia: Nvidia Docker Task #
# Author(s): desimaniac, l3uddz #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Add nvidia repository
shell: |
curl -s -L https://nvidia.github.io/nvidia-container-runtime/gpgkey | \
sudo apt-key add -
distribution=$(. /etc/os-release;echo $ID$VERSION_ID)
curl -s -L https://nvidia.github.io/nvidia-container-runtime/$distribution/nvidia-container-runtime.list | \
sudo tee /etc/apt/sources.list.d/nvidia-container-runtime.list
- name: Install 'nvidia-container-runtime'
apt:
name: nvidia-container-runtime
update_cache: yes
state: present
- name: Populate Service Facts
service_facts:
- name: Get Docker service state
set_fact:
docker_service_running: "{{ (services['docker.service'] is defined) and (services['docker.service']['state'] == 'running') }}"
- name: Gather list of running Docker containers
shell: "docker ps --format '{{ '{{' }} .Names{{ '}}' }}' | xargs echo -n"
register: docker_running_containers
ignore_errors: yes
when: (docker_service_running)
- name: Stop all running Docker containers
shell: "docker stop {{ docker_running_containers.stdout }}"
ignore_errors: yes
when: (docker_service_running) and not (docker_running_containers.stdout | trim | length == 0)
- name: Stop docker service
systemd:
name: docker
state: stopped
when: (docker_service_running)
# https://github.com/linkernetworks/vortex-installer/blob/master/roles/common/tasks/nvidia-docker.yml
- name: Add runtime to '/etc/docker/daemon.json'
shell: |
jq '."default-runtime" = "nvidia" | .runtimes.nvidia.path = "/usr/bin/nvidia-container-runtime" | .runtimes.nvidia.runtimeArgs = []' \
/etc/docker/daemon.json | jq . > /etc/docker/daemon.json_tmp \
&& mv /etc/docker/daemon.json_tmp /etc/docker/daemon.json
- name: Start docker service
systemd:
name: docker
state: started
when: (docker_service_running)
- name: "Re-start all previously running Docker containers"
shell: 'docker start {{ docker_running_containers.stdout }}'
ignore_errors: yes
when: (docker_service_running) and not (docker_running_containers.stdout | trim | length == 0)

42
menu/roles/nvidia/tasks/nvidia_driver.yml Normal file
View File

@@ -0,0 +1,42 @@
#########################################################################
# Title: Nvidia: Nvidia Driver Task #
# Author(s): desimaniac, l3uddz #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Download Nvidia drivers
get_url:
url: "https://download.nvidia.com/XFree86/Linux-x86_64/410.78/NVIDIA-Linux-x86_64-410.78.run"
dest: /tmp/NVIDIA-Linux-x86_64-410.78.run
mode: 0775
owner: root
group: root
force: yes
validate_certs: no
register: driver_download
- name: Install 'build-essential'
apt:
name: build-essential
update_cache: yes
state: present
- name: Install Nvidia drivers
shell: /tmp/NVIDIA-Linux-x86_64-410.78.run --silent
register: driver_install
ignore_errors: yes
- name: Nvidia driver did not install
debug:
when: (driver_install is failed) or ('ERROR' in driver_install.stdout)
- name: Nvidia driver did not install
fail:
msg:
- "{{ driver_install.stdout }}"
- "Nvidia driver did not install"
when: (driver_install is failed) or ('ERROR' in driver_install.stdout)

37
menu/roles/nvidia/tasks/nvidia_kernel.yml Normal file
View File

@@ -0,0 +1,37 @@
#########################################################################
# Title: Nvidia: Nvidia Kernel Task #
# Author(s): desimaniac, l3uddz #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Copy 'blacklist-nouveau.conf'
copy:
src: "blacklist-nouveau.conf"
dest: "/etc/modprobe.d/blacklist-nouveau.conf"
owner: "root"
group: "root"
mode: 0664
register: r
- name: Continue with tasks
block:
- name: Success message
debug:
msg: "Disabled nouveau driver. System will now reboot ..."
- name: Update initramfs
command: update-initramfs -u
- name: Reboot command
shell: reboot
- name: Reboot message
fail:
msg: "Disabled nouveau driver. You will need to restart the server for changes to take effect."
when: (r.changed)

39
menu/roles/nvidia/tasks/nvidia_nvtop.yml Normal file
View File

@@ -0,0 +1,39 @@
#########################################################################
# Title: Nvidia: Nvidia Nvtop Task #
# Author(s): desimaniac, l3uddz #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Install nvtop dependencies
apt: name="{{ item }}" state=present update_cache=yes
become: true
with_items:
- cmake
- libncurses5-dev
- libncursesw5-dev
- name: Pull nvtop repo from github
git: clone=yes repo=https://github.com/Syllo/nvtop dest=/tmp/nvtop/
register: diff
- name: Build and install nvtop
shell: "cd /tmp/nvtop && \
mkdir build && \
cd build && \
cmake .. -DNVML_RETRIEVE_HEADER_ONLINE=True && \
make && \
make install"
when: diff.changed
- name: "Get nvtop version"
shell: "/usr/local/bin/nvtop --version | head -n 1 | awk '{print $3}' | cut -f1,2 -d'-'"
register: nvtop_version
ignore_errors: yes
- name: "Display nvtop version"
debug:
msg: "nvtop {{ nvtop_version.stdout }} installed."

39
menu/roles/nvidia/tasks/nvidia_patch.yml Normal file
View File

@@ -0,0 +1,39 @@
#########################################################################
# Title: Nvidia: Nvidia Patch Task #
# Author(s): desimaniac, l3uddz #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Download Nvidia patch
get_url:
url: "https://raw.githubusercontent.com/keylase/nvidia-patch/master/patch.sh"
dest: /tmp/NVIDIA-patch.sh
mode: 0775
owner: root
group: root
force: yes
validate_certs: no
- name: Install Nvidia patch
shell: /tmp/NVIDIA-patch.sh
args:
executable: /bin/bash
warn: no
register: patch_install
ignore_errors: yes
- name: Nvidia patch installed!
debug:
msg: "Nvidia patch installed!"
when: (patch_install is succeeded) and ('Patched!' in patch_install.stdout)
- name: Nvidia patch did not install!
fail:
msg:
- "Nvidia patch did not install!"
- "{{ patch_install.stdout }}"
when: (patch_install is failed) or ('Patched!' not in patch_install.stdout)

14
menu/roles/system/files/etc/rc.local Normal file
View File

@@ -0,0 +1,14 @@
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
exit 0

15
menu/roles/system/handlers/main.yml Normal file
View File

@@ -0,0 +1,15 @@
#########################################################################
# Title: Cloudbox: System Handler #
# Author(s): desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: update locales
command: dpkg-reconfigure --frontend noninteractive locales
- name: update tzdata
command: dpkg-reconfigure --frontend noninteractive tzdata

40
menu/roles/system/tasks/main.yml Normal file
View File

@@ -0,0 +1,40 @@
#########################################################################
# Title: Cloudbox: System Role #
# Author(s): l3uddz, desimaniac, EnorMOZ #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: APT tasks
include_tasks: "subtasks/apt.yml"
- name: Network tasks
import_tasks: "subtasks/network.yml"
- name: SYSCTL tasks
include_tasks: "subtasks/sysctl.yml"
- name: Check if intel_pstate directory exists.
stat:
path: /sys/devices/system/cpu/intel_pstate
register: p
- name: CPU Frequency tasks
include_tasks: "subtasks/cpufrequency.yml"
when: p.stat.isdir is defined and p.stat.isdir
- name: Remove CPU Power task
include_tasks: "subtasks/remove_cpupower.yml"
- name: Set Time Zone task
import_tasks: "subtasks/timezone.yml"
tags: set-timezone
- name: Set Locale task
import_tasks: "subtasks/locale.yml"
tags: set-locale
- meta: flush_handlers

65
menu/roles/system/tasks/subtasks/apt.yml Normal file
View File

@@ -0,0 +1,65 @@
#########################################################################
# Title: System: APT Tasks #
# Author(s): l3uddz, desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Set env variables
set_fact:
env_vars:
DEBIAN_FRONTEND: noninteractive
DEBIAN_PRIORITY: critical
- name: Fix any potential dpkg issues
shell: dpkg --configure --pending
- name: Kill existing apt and apt-get
shell: "killall apt apt-get >/dev/null 2>&1 || :"
ignore_errors: yes
- name: Fix any potential apt issues
shell: apt-get install --fix-broken --quiet --yes
environment: "{{ env_vars }}"
ignore_errors: yes
- name: Install required packages
apt:
state: present
name:
- apt-utils
- byobu
- name: APT update
apt:
update_cache: yes
ignore_errors: yes
# https://serverfault.com/a/839563
# https://raymii.org/s/tutorials/Silent-automatic-apt-get-upgrade.html
- name: APT upgrade
shell: apt-get upgrade --quiet --yes --allow-unauthenticated -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"
environment: "{{ env_vars }}"
when: not continuous_integration
ignore_errors: yes
# https://serverfault.com/a/839563
# https://raymii.org/s/tutorials/Silent-automatic-apt-get-upgrade.html
- name: APT dist-upgrade
shell: apt-get dist-upgrade --quiet --yes --allow-unauthenticated -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"
environment: "{{ env_vars }}"
when: not continuous_integration
ignore_errors: yes
- name: Remove useless packages from the cache
apt:
autoclean: yes
ignore_errors: yes
- name: Remove dependencies that are no longer required
apt:
autoremove: yes
ignore_errors: yes

68
menu/roles/system/tasks/subtasks/cpufrequency.yml Normal file
View File

@@ -0,0 +1,68 @@
#########################################################################
# Title: System: CPU Frequency Tasks #
# Author(s): l3uddz, EnorMOZ, desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Install 'cpufrequtils'
apt:
name: cpufrequtils
state: present
- name: Install 'linux-tools' for Ubuntu
apt:
state: present
name:
- linux-tools-common
- linux-tools-generic
when: ansible_distribution == 'Ubuntu'
- name: Install 'linux-tools' for Debian
apt:
name: linux-tools
state: present
when: ansible_distribution == 'Debian'
- name: "Install linux-tools-{{ ansible_kernel }}"
shell: "apt-get install -qq $(apt-cache search -n linux-tools-{{ ansible_kernel }} | awk '{print $1}' | tail -n 1)"
ignore_errors: yes
- name: Check /etc/default/cpufrequtils exists
stat:
path: /etc/default/cpufrequtils
register: cpufrequtils_file
- name: Create /etc/default/cpufrequtils
file:
path: /etc/default/cpufrequtils
state: touch
when: not cpufrequtils_file.stat.exists
- name: Set CPU frequency scaling governor to performance
lineinfile:
path: "/etc/default/cpufrequtils"
regexp: '^GOVENOR\s?='
line: 'GOVENOR="performance"'
state: present
- name: Set CPU frequency scaling governor to performance
lineinfile:
path: "/etc/default/cpufrequtils"
regexp: '^GOVERNOR\s?='
line: 'GOVERNOR="performance"'
state: present
- name: Ensure governor is enabled
lineinfile:
path: "/etc/default/cpufrequtils"
regexp: '^ENABLE\s?='
line: 'ENABLE="true"'
state: present
- name: Disable ondemand CPU frequency scaling daemon
shell: "update-rc.d ondemand disable"
when: ansible_distribution_version == "16.04"

36
menu/roles/system/tasks/subtasks/locale.yml Normal file
View File

@@ -0,0 +1,36 @@
#########################################################################
# Title: System: Locale Tasks #
# Author(s): desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: "Install 'locales'"
apt:
name: locales
state: present
- name: "Generate 'locales'"
locale_gen:
name: "en_US.UTF-8"
state: present
notify: update locales
- name: "Uncomment 'LANG='"
replace:
path: "/etc/default/locale"
regexp: '^#(LANG=.*)'
replace: '\1'
- name: "Set Default 'locale'"
ini_file:
path: "/etc/default/locale"
section: null
option: "LANG"
value: "en_US.UTF-8"
state: present
no_extra_spaces: yes
notify: update locales

23
menu/roles/system/tasks/subtasks/mounts.yml Normal file
View File

@@ -0,0 +1,23 @@
#########################################################################
# Title: System: Mounts Tasks #
# Author(s): l3uddz, desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- debug:
msg: "System mounts: are {{ ansible_mounts }}"
- name: Set noatime,nobarrier opts for / mount
mount:
path: /
opts: defaults,noatime,nobarrier
state: present
fstype: ext4
src: "{{ item.device }}"
with_items:
- "{{ ansible_mounts }}"
when: (item.mount == '/') and (item.fstype == 'ext4')

63
menu/roles/system/tasks/subtasks/network.yml Normal file
View File

@@ -0,0 +1,63 @@
#########################################################################
# Title: System: Network Tasks #
# Author(s): desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Install common packages
apt:
state: present
name:
- vnstat
- pciutils
- block:
- name: Check for '/etc/vnstat.conf'
stat:
path: "/etc/vnstat.conf"
register: vnstat_conf
- name: Set vnstat to proper default interface
lineinfile:
path: "/etc/vnstat.conf"
regexp: '(Interface)\s?.*'
line: '\1 "{{ ansible_default_ipv4.interface }}"'
state: present
backrefs: yes
when: (vnstat_conf.stat.exists)
- name: Import rc.local if missing
copy:
src: "etc/rc.local"
dest: "/etc/rc.local"
owner: "root"
group: "root"
mode: 0755
force: no
- name: Get nic info
shell: lspci
register: nic
- name: Disable TSO / TX
blockinfile:
path: "/etc/rc.local"
state: present
create: no
marker: "### {mark} CLOUDBOX MANAGED BLOCK ###"
block: |
/sbin/ifconfig {{ ansible_default_ipv4.interface }} txqueuelen 10000
ethtool -G {{ ansible_default_ipv4.interface }} rx 4096 tx 4096
ethtool -K {{ ansible_default_ipv4.interface }} tso off tx off
insertbefore: "^exit 0"
owner: "root"
group: "root"
mode: 0755
when: ('I218' in nic.stdout) or ('I219' in nic.stdout)
when: (ansible_default_ipv4 is defined) and (ansible_default_ipv4.type == "ether")

29
menu/roles/system/tasks/subtasks/remove_cpupower.yml Normal file
View File

@@ -0,0 +1,29 @@
#########################################################################
# Title: System: Remove CPU Power Tasks #
# Author(s): desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Check if cpupower.service exists
stat:
path: "/etc/systemd/system/cpupower.service"
register: cpupower_service
- name: Stop and disable cpupower.service
systemd:
state: stopped
name: cpupower
daemon_reload: yes
enabled: no
ignore_errors: yes
when: cpupower_service.stat.exists
- name: Delete cpupower.service
file:
path: /etc/systemd/system/cpupower.service
state: absent
when: cpupower_service.stat.exists

92
menu/roles/system/tasks/subtasks/sysctl.yml Normal file
View File

@@ -0,0 +1,92 @@
#########################################################################
# Title: System: SYSCTL Tasks #
# Author(s): l3uddz, desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: SYSCTL Tuning
ignore_errors: yes
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
loop:
# Enable tcp_window_scaling
- { name: net.ipv4.tcp_window_scaling, value: 1 }
# Increase rmem_max test buffer limit to 64 MB
- { name: net.core.rmem_max, value: 67108864 }
# Increase wmem_max test buffer limit to 64 MB
- { name: net.core.wmem_max, value: 67108864 }
# Increase tcp_rmem autotune buffer limit to 32 MB
- { name: net.ipv4.tcp_rmem, value: "4096 87380 33554432" }
# Increase tcp_wmem autotune buffer limit to 32 MB
- { name: net.ipv4.tcp_wmem, value: "4096 87380 33554432" }
# Set tcp_congestion_control to bbr
- { name: net.ipv4.tcp_congestion_control, value: bbr }
# Increase system file descriptor limit
- { name: fs.file-max, value: 100000 }
# Reduce swappiness
- { name: vm.swappiness, value: 10 }
# Set dirty_ratio
- { name: vm.dirty_ratio, value: 15 }
# Set dirty_background_ratio
- { name: vm.dirty_background_ratio, value: 10 }
# Set somaxconn to 1024
- { name: net.core.somaxconn, value: 1024 }
# Increase netdev_max_backlog
- { name: net.core.netdev_max_backlog, value: 100000 }
# Increase tcp_max_syn_backlog
- { name: net.ipv4.tcp_max_syn_backlog, value: 30000 }
# Increase tcp_max_tw_buckets
- { name: net.ipv4.tcp_max_tw_buckets, value: 2000000 }
# Enable tcp_tw_reuse
- { name: net.ipv4.tcp_tw_reuse, value: 1 }
# Enable tcp_mtu_probing
- { name: net.ipv4.tcp_mtu_probing, value: 1 }
# Enable tcp_sack
- { name: net.ipv4.tcp_sack, value: 1 }
# Increase tcp_adv_win_scale
- { name: net.ipv4.tcp_adv_win_scale, value: 2 }
# Enable tcp_rfc1337
- { name: net.ipv4.tcp_rfc1337, value: 1 }
# Increase tcp_fin_timeout
- { name: net.ipv4.tcp_fin_timeout, value: 10 }
# Disable tcp_slow_start_after_idle
- { name: net.ipv4.tcp_slow_start_after_idle, value: 0 }
# Increase udp_rmem_min
- { name: net.ipv4.udp_rmem_min, value: 8192 }
# Increase udp_wmem_min
- { name: net.ipv4.udp_wmem_min, value: 8192 }
# Disable accept_source_route
- { name: net.ipv4.conf.all.accept_source_route, value: 0 }
# Disable accept_redirects
- { name: net.ipv4.conf.all.accept_redirects, value: 0 }
# Disable secure_redirects
- { name: net.ipv4.conf.all.secure_redirects, value: 0 }
# Set default_qdisc to fq
- { name: net.core.default_qdisc, value: fq }
# Set max_user_watches for plex inotify
- { name: fs.inotify.max_user_watches, value: 131072 }
# Set net.core.netdev_budget
- { name: net.core.netdev_budget, value: 50000 }
- name: Check to see if '/proc/sys/net/core/netdev_budget_usecs' exists
stat:
path: "/proc/sys/net/core/netdev_budget_usecs"
register: netdev_budget_usecs
- name: "SYSCTL Tuning - 'netdev_budget_usecs'"
ignore_errors: yes
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
loop:
# Set netdev_budget_usecs
- { name: net.core.netdev_budget_usecs, value: 5000 }
when: netdev_budget_usecs.stat.exists

32
menu/roles/system/tasks/subtasks/timezone.yml Normal file
View File

@@ -0,0 +1,32 @@
#########################################################################
# Title: System: Time Zone Tasks #
# Author(s): desimaniac #
# URL: https://github.com/cloudbox/cloudbox #
# -- #
# Part of the Cloudbox project: https://cloudbox.works #
#########################################################################
# GNU General Public License v3.0 #
#########################################################################
---
- name: Remove '/etc/localtime'
file:
path: "/etc/localtime"
state: absent
- name: Install tzdata
apt:
name: tzdata
state: present
- name: Set time zone
timezone:
name: "{{ tz }}"
notify: update tzdata
- name: Import '/etc/timezone'
template:
src: "etc/timezone.j2"
dest: "/etc/timezone"
mode: 0644
force: yes
notify: update tzdata

1
menu/roles/system/templates/etc/timezone.j2 Normal file
View File

@@ -0,0 +1 @@
{{ tz }}