zailon/olimp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Обновить roles/system_cleanup/tasks/main.yml #1

Merged
zailon merged 1 commits from zailon-cleanup-patch into main 2026-05-13 10:51:36 +05:00
Conversation 0 Commits 1 Files Changed 1 +178 -104
1 changed files with 178 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit b880e24c0b - Show all commits

282
roles/system_cleanup/tasks/main.yml
View File

@ -1,104 +1,178 @@
--- ---
- name: Check if Docker is installed # =============================================================================
command: docker --version # SYSTEM CLEANUP ROLE
register: docker_check # =============================================================================
ignore_errors: yes
changed_when: false # ========== Docker Pre-check ==========
- name: Check if Docker is installed
- name: Remove unwanted system packages command: docker --version
apt: register: docker_check
name: "{{ cleanup_packages }}" ignore_errors: yes
state: absent changed_when: false
autoremove: "{{ cleanup_autoremove }}" tags: [cleanup, docker]
purge: true
when: cleanup_packages | length > 0 # ========== APT Cleanup ==========
- name: Remove unwanted system packages
- name: Remove specific SSH authorized keys (if any defined) apt:
authorized_key: name: "{{ cleanup_packages }}"
user: root state: absent
key: "{{ item }}" autoremove: "{{ cleanup_autoremove }}"
state: absent purge: true
loop: "{{ cleanup_ssh_keys | default([]) }}" when: cleanup_packages | default([]) | length > 0
when: cleanup_ssh_keys | length > 0 become: yes
tags: [cleanup, apt]
- name: Prune unused Docker containers
command: docker container prune -f - name: Clean APT cache (remove downloaded .deb files)
when: command: apt-get clean
- cleanup_docker and cleanup_docker_containers changed_when: false
- docker_check.rc == 0 become: yes
changed_when: true tags: [cleanup, apt]
- name: Prune unused Docker images - name: Remove old configuration files (dpkg --purge rc packages)
command: docker image prune -af shell: dpkg --purge $(dpkg --list | grep '^rc' | awk '{print $2}') 2>/dev/null || true
when: changed_when: true
- cleanup_docker and cleanup_docker_images become: yes
- docker_check.rc == 0 tags: [cleanup, apt]
changed_when: true
- name: Remove old kernels (keep current + N last)
- name: Prune unused Docker volumes shell: |
command: docker volume prune -f CURRENT_KERNEL=$(uname -r)
when: dpkg -l 'linux-image-*' 2>/dev/null | awk '/^ii/ {print $2}' | grep -v "$CURRENT_KERNEL" | sort -V | head -n -{{ cleanup_keep_kernels | default(2) }} | xargs -r apt-get purge -y || true
- cleanup_docker and cleanup_docker_volumes changed_when: true
- docker_check.rc == 0 become: yes
changed_when: true tags: [cleanup, apt, kernels]
- name: Prune unused Docker networks # ========== SSH Keys Cleanup ==========
command: docker network prune -f - name: Remove specific SSH authorized keys (if any defined)
when: authorized_key:
- cleanup_docker and cleanup_docker_networks user: root
- docker_check.rc == 0 key: "{{ item }}"
changed_when: true state: absent
loop: "{{ cleanup_ssh_keys | default([]) }}"
- name: Remove custom directories (use with caution!) when: cleanup_ssh_keys | default([]) | length > 0
file: become: yes
path: "{{ item }}" tags: [cleanup, ssh]
state: absent
loop: "{{ cleanup_directories | default([]) }}" # ========== Docker Cleanup ==========
when: cleanup_directories | length > 0 - name: Prune unused Docker containers
command: docker container prune -f
- name: Remove cAdvisor (if cleanup_cadvisor is true) when:
block: - cleanup_docker | default(false)
- name: Check if cAdvisor container exists - cleanup_docker_containers | default(false)
shell: docker ps -a --filter name=cadvisor --format "{{ '{{.Names}}' }}" - docker_check.rc == 0
register: cadvisor_check changed_when: true
changed_when: false become: yes
when: docker_check.rc == 0 tags: [cleanup, docker]
- name: Stop and remove cAdvisor container using docker-compose - name: Prune unused Docker images
community.docker.docker_compose_v2: command: docker image prune -af
project_src: "{{ cadvisor_base_dir | default('/opt/cadvisor') }}" when:
state: absent - cleanup_docker | default(false)
become: yes - cleanup_docker_images | default(false)
when: - docker_check.rc == 0
- docker_check.rc == 0 changed_when: true
- "'cadvisor' in cadvisor_check.stdout" become: yes
tags: [cleanup, docker]
- name: Remove cAdvisor Docker image
command: docker rmi gcr.io/cadvisor/cadvisor || true - name: Prune unused Docker volumes
when: docker_check.rc == 0 command: docker volume prune -f
ignore_errors: yes when:
- cleanup_docker | default(false)
- name: Remove cAdvisor directories - cleanup_docker_volumes | default(false)
file: - docker_check.rc == 0
path: "{{ item }}" changed_when: true
state: absent become: yes
loop: tags: [cleanup, docker]
- "{{ cadvisor_base_dir | default('/opt/cadvisor') }}"
- "{{ cadvisor_config_dir | default('/opt/cadvisor/config') }}" - name: Prune unused Docker networks
ignore_errors: yes command: docker network prune -f
when:
- name: Verify cAdvisor removal - cleanup_docker | default(false)
shell: | - cleanup_docker_networks | default(false)
echo "Containers: $(docker ps -a | grep cadvisor | wc -l 2>/dev/null || echo 0)" - docker_check.rc == 0
echo "Images: $(docker images | grep cadvisor | wc -l 2>/dev/null || echo 0)" changed_when: true
echo "Directories: $(ls -d {{ cadvisor_base_dir | default('/opt/cadvisor') }}* 2>/dev/null | wc -l || echo 0)" become: yes
register: cadvisor_removal_check tags: [cleanup, docker]
changed_when: false
when: docker_check.rc == 0 - name: Prune Docker build cache
command: docker builder prune -f
- name: Show cAdvisor removal status when:
debug: - cleanup_docker | default(false)
msg: "cAdvisor removal status: {{ cadvisor_removal_check.stdout }}" - docker_check.rc == 0
when: cadvisor_removal_check is defined changed_when: true
become: yes
when: cleanup_cadvisor | default(false) and docker_check.rc == 0 tags: [cleanup, docker]
# ========== Journal Logs Vacuum ==========
- name: Vacuum systemd journal logs
command: journalctl --vacuum-size={{ cleanup_max_journal_size | default('100M') }}
changed_when: true
become: yes
tags: [cleanup, logs]
# ========== Old Log Files Cleanup ==========
- name: Find old rotated logs (*.1, *.gz, *.old)
find:
paths: /var/log
patterns: "*.1,*.gz,*.old"
age: "{{ cleanup_logs_age_days | default(7) }}d"
recurse: yes
register: old_logs
become: yes
tags: [cleanup, logs]
- name: Delete found old log files
file:
path: "{{ item.path }}"
state: absent
loop: "{{ old_logs.files }}"
become: yes
tags: [cleanup, logs]
# ========== Temporary Files Cleanup ==========
- name: Clean systemd tmpfiles
command: systemd-tmpfiles --clean
changed_when: true
become: yes
tags: [cleanup, tmp]
- name: Find old files in /tmp (exclude system dirs)
find:
paths: /tmp
age: "{{ cleanup_tmp_age_days | default(3) }}d"
exclude: "systemd-*,ssh-*,tmux-*,.X*,.ICE-unix*"
register: tmp_old_files
become: yes
tags: [cleanup, tmp]
- name: Delete old /tmp files
file:
path: "{{ item.path }}"
state: absent
loop: "{{ tmp_old_files.files }}"
become: yes
tags: [cleanup, tmp]
# ========== Custom Directories Removal ==========
- name: Remove custom directories (if defined)
file:
path: "{{ item }}"
state: absent
loop: "{{ cleanup_directories | default([]) }}"
when: cleanup_directories | default([]) | length > 0
become: yes
tags: [cleanup]
# ========== Summary: Show Disk Usage After Cleanup ==========
- name: Show disk usage after cleanup
command: df -h /
register: disk_after
changed_when: false
tags: [cleanup, summary]
- name: Display cleanup summary
debug:
msg: |
=== 🧹 Cleanup Summary ===
{{ disk_after.stdout_lines | join('\n') }}
tags: [cleanup, summary]