--- - name: Setup Automated Maintenance Cron Jobs hosts: localhost gather_facts: no vars: # 定时任务配置 cron_jobs: # 每日快速检查 - name: "Daily system health check" job: "cd /root/mgmt && ./scripts/ops-manager.sh toolkit all --check > /var/log/daily-health-check.log 2>&1" minute: "0" hour: "8" day: "*" month: "*" weekday: "*" # 每周系统清理 - name: "Weekly system cleanup" job: "cd /root/mgmt && ./scripts/ops-manager.sh cleanup all > /var/log/weekly-cleanup.log 2>&1" minute: "0" hour: "2" day: "*" month: "*" weekday: "0" # Sunday # 每月安全检查 - name: "Monthly security hardening check" job: "cd /root/mgmt && ./scripts/ops-manager.sh security all --check > /var/log/monthly-security-check.log 2>&1" minute: "0" hour: "3" day: "1" month: "*" weekday: "*" # 每周证书检查 - name: "Weekly certificate check" job: "cd /root/mgmt && ./scripts/ops-manager.sh cert all > /var/log/weekly-cert-check.log 2>&1" minute: "30" hour: "4" day: "*" month: "*" weekday: "1" # Monday # 每日 Docker 清理 (仅 LXC 组) - name: "Daily Docker cleanup for LXC" job: "cd /root/mgmt && ansible lxc -i ansible/inventory.ini -m shell -a 'docker system prune -f' --become -e 'ansible_ssh_pass=313131' > /var/log/daily-docker-cleanup.log 2>&1" minute: "0" hour: "1" day: "*" month: "*" weekday: "*" # 每周网络连通性检查 - name: "Weekly network connectivity check" job: "cd /root/mgmt && ./scripts/ops-manager.sh network all > /var/log/weekly-network-check.log 2>&1" minute: "0" hour: "6" day: "*" month: "*" weekday: "2" # Tuesday tasks: # 创建日志目录 - name: Create log directory file: path: /var/log/ansible-automation state: directory mode: '0755' become: yes # 设置脚本执行权限 - name: Make ops-manager.sh executable file: path: /root/mgmt/scripts/ops-manager.sh mode: '0755' # 创建定时任务 - name: Setup cron jobs for automated maintenance cron: name: "{{ item.name }}" job: "{{ item.job }}" minute: "{{ item.minute }}" hour: "{{ item.hour }}" day: "{{ item.day }}" month: "{{ item.month }}" weekday: "{{ item.weekday }}" user: root loop: "{{ cron_jobs }}" become: yes # 创建日志轮转配置 - name: Setup log rotation for automation logs copy: content: | /var/log/*-health-check.log /var/log/*-cleanup.log /var/log/*-security-check.log /var/log/*-cert-check.log /var/log/*-docker-cleanup.log /var/log/*-network-check.log { daily missingok rotate 30 compress delaycompress notifempty copytruncate } dest: /etc/logrotate.d/ansible-automation mode: '0644' become: yes # 创建监控脚本 - name: Create monitoring dashboard script copy: content: | #!/bin/bash # Automation Monitoring Dashboard echo "🤖 Ansible Automation Status Dashboard" echo "======================================" echo "" echo "📅 Last Execution Times:" echo "------------------------" for log in /var/log/*-check.log /var/log/*-cleanup.log; do if [ -f "$log" ]; then echo "$(basename "$log" .log): $(stat -c %y "$log" | cut -d. -f1)" fi done echo "" echo "📊 Recent Log Summary:" echo "---------------------" for log in /var/log/daily-health-check.log /var/log/weekly-cleanup.log; do if [ -f "$log" ]; then echo "=== $(basename "$log") ===" tail -5 "$log" | grep -E "(TASK|PLAY RECAP|ERROR|WARNING)" || echo "No recent activity" echo "" fi done echo "⏰ Next Scheduled Jobs:" echo "----------------------" crontab -l | grep -E "(health|cleanup|security|cert|docker|network)" | while read line; do echo "$line" done echo "" echo "💾 Log File Sizes:" echo "-----------------" ls -lh /var/log/*-*.log 2>/dev/null | awk '{print $5, $9}' || echo "No log files found" dest: /usr/local/bin/automation-status mode: '0755' become: yes # 显示设置完成信息 - name: Display setup completion info debug: msg: | 🎉 自动化定时任务设置完成! 📋 已配置的定时任务: • 每日 08:00 - 系统健康检查 • 每日 01:00 - Docker 清理 (LXC 组) • 每周日 02:00 - 系统清理 • 每周一 04:30 - 证书检查 • 每周二 06:00 - 网络连通性检查 • 每月1日 03:00 - 安全检查 📊 监控命令: • 查看状态: automation-status • 查看定时任务: crontab -l • 查看日志: tail -f /var/log/daily-health-check.log 📁 日志位置: /var/log/ 🔄 日志轮转: 30天自动清理 💡 手动执行示例: • ./scripts/ops-manager.sh toolkit all • ./scripts/ops-manager.sh cleanup lxc • ./scripts/ops-manager.sh health proxmox