diff --git a/docs/services/system.md b/docs/services/system.md index 55b3d16..dc96c07 100644 --- a/docs/services/system.md +++ b/docs/services/system.md @@ -67,6 +67,43 @@ With this configuration, the default `/etc/ssh/sshd_config` file on your server There are various configuration options - check the defaults and adjust them to your needs. +### cleanup + +Playbook may perform some housekeeping automatically, cleaning up unused docker resources, logs, even kernels (debian-only) and packages (debian-only). Here is how to enable different housekeeping tasks that will run on `setup-all`, `setup-cleanup`, `install-cleanup`: + + +```yaml +######################################################################## +# # +# system # +# # +######################################################################## + +# runs `docker system prune -a -f --volumes` to remove unused images and containers +system_cleanup_docker: true + +# configures a systemd unit (and timer) that runs `journalctl --vacuum-time=7d` daily, you can control schedules using system_cleanup_logs_* vars +system_cleanup_logs: true + +# list of arbitrary absolute paths to remove on each invocation +system_cleanup_paths: [] + +# The following options are Debian only, will have no effect on any other distro family + +# runs safe-upgrade, apt autoclean, aptautoremove, etc. +system_cleanup_apt: true + +# WARNING: very dangerous! Purges old linux kernels, and their modules +system_cleanup_kernels: false + +######################################################################## +# # +# /system # +# # +######################################################################## +``` + + ### fail2ban To enable [fail2ban](https://fail2ban.org/wiki/index.php/Main_Page) installation, management and integration with SSHd, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: diff --git a/templates/requirements.yml b/templates/requirements.yml index 78256e1..0cca3b5 100644 --- a/templates/requirements.yml +++ b/templates/requirements.yml @@ -28,6 +28,9 @@ version: v0.45.5-0 name: changedetection activation_prefix: changedetection_ +- src: git+https://gitlab.com/etke.cc/roles/cleanup.git + version: main + activation_prefix: system_cleanup_ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-clickhouse.git version: v23.10.5.20-0 name: clickhouse diff --git a/templates/setup.yml b/templates/setup.yml index 85676a7..7b6b482 100644 --- a/templates/setup.yml +++ b/templates/setup.yml @@ -53,6 +53,10 @@ - role: galaxy/swap # /role-specific:swap + # role-specific:cleanup + - role: galaxy/cleanup + # /role-specific:cleanup + # role-specific:ssh - when: system_security_ssh_enabled | bool role: galaxy/ssh