Полная очистка при uninstall: VPS и output/<server>/

Скрипт --remove снимает только бинарник и systemd; Ansible дочищает конфиг,
пользователя, ufw, пакеты и всегда удаляет локальную папку экспорта.
This commit is contained in:
Sergey Antropoff
2026-07-01 13:28:00 +03:00
parent bdc316efac
commit 4b5a1ef51f
4 changed files with 61 additions and 36 deletions
+9 -8
View File
@@ -83,7 +83,6 @@ make install LIMIT=vps-de
make update LIMIT=vps-nl make update LIMIT=vps-nl
make export make export
make uninstall LIMIT=vps-de make uninstall LIMIT=vps-de
make uninstall LIMIT=vps-de EXTRA_VARS='hysteria2_uninstall_remove_local_output=false'
make update EXTRA_VARS='hysteria2_force_export=true' # перевыпустить URL/QR для всех make update EXTRA_VARS='hysteria2_force_export=true' # перевыпустить URL/QR для всех
make install EXTRA_VARS='hysteria2_open_browser=false' make install EXTRA_VARS='hysteria2_open_browser=false'
make update EXTRA_VARS='hysteria2_wait_for_acme=false' make update EXTRA_VARS='hysteria2_wait_for_acme=false'
@@ -280,17 +279,20 @@ hysteria2_obfs_password: "{{ vault_hysteria2_obfs_passwords[inventory_hostname]
## `make uninstall` — полная очистка ## `make uninstall` — полная очистка
На **VPS** удаляется: На **VPS** (официальный `install_server.sh --remove` + дочистка Ansible):
- сервис и бинарник Hysteria2; - бинарник `/usr/local/bin/hysteria` и unit-файлы systemd;
- `/etc/hysteria/` (конфиг и ACME); - `/etc/hysteria/` (конфиг и ACME);
- пользователь `hysteria` и его home; - `/var/lib/hysteria` и пользователь `hysteria`;
- symlink'и `multi-user.target.wants/hysteria-server*`;
- временные `/tmp/hysteria-client-*.yaml`;
- правила ufw: `443/tcp`, `443/udp` (порт из `hysteria2_listen_port`); - правила ufw: `443/tcp`, `443/udp` (порт из `hysteria2_listen_port`);
- пакеты `curl`, `micro`, `qrencode`. - пакеты `curl`, `micro`, `qrencode`.
На **control node**: `output/<server>/` и пересборка `output/index.html`. На **control node**:
Сохранить локальный экспорт: `EXTRA_VARS='hysteria2_uninstall_remove_local_output=false'`. - удаляется `output/<имя_сервера>/`;
- пересобирается общий `output/index.html`.
--- ---
@@ -383,8 +385,7 @@ ASCII QR — `hysteria share --qr` → `user.qr.txt`.
| `hysteria2_generate_qr_png` | group | PNG QR через `qrencode` | | `hysteria2_generate_qr_png` | group | PNG QR через `qrencode` |
| `hysteria2_wait_for_acme` | group | Пауза при первом ACME | | `hysteria2_wait_for_acme` | group | Пауза при первом ACME |
| `hysteria2_open_browser` | group | Открыть `output/index.html` после экспорта | | `hysteria2_open_browser` | group | Открыть `output/index.html` после экспорта |
| `hysteria2_uninstall_remove_local_output` | group | Удалить `output/<server>/` при uninstall (`true`) | | `hysteria2_uninstall_rebuild_global_index` | group | Пересобрать `output/index.html` после uninstall (`true`) |
| `hysteria2_uninstall_rebuild_global_index` | group | Пересобрать `output/index.html` (`true`) |
| `vault_ssh_passwords` | vault | SSH-пароли root | | `vault_ssh_passwords` | vault | SSH-пароли root |
| `vault_hysteria2_user_passwords` | vault | VPN-пароли по серверам | | `vault_hysteria2_user_passwords` | vault | VPN-пароли по серверам |
| `vault_hysteria2_obfs_passwords` | vault | obfs-пароли по серверам | | `vault_hysteria2_obfs_passwords` | vault | obfs-пароли по серверам |
-5
View File
@@ -48,12 +48,7 @@ hysteria2_force_export: false
# --- uninstall (см. также defaults/uninstall.yml) --- # --- uninstall (см. также defaults/uninstall.yml) ---
hysteria2_system_user: hysteria hysteria2_system_user: hysteria
hysteria2_uninstall_remove_config: true
hysteria2_uninstall_remove_masq: false hysteria2_uninstall_remove_masq: false
hysteria2_uninstall_remove_system_user: true
hysteria2_uninstall_remove_packages: true
hysteria2_uninstall_remove_firewall_rules: true
hysteria2_uninstall_remove_local_output: true
hysteria2_uninstall_rebuild_global_index: true hysteria2_uninstall_rebuild_global_index: true
hysteria2_uninstall_ufw_rules: hysteria2_uninstall_ufw_rules:
- "{{ hysteria2_listen_port }}/tcp" - "{{ hysteria2_listen_port }}/tcp"
+2 -6
View File
@@ -2,13 +2,9 @@
# Системный пользователь Hysteria (создаётся install_server.sh) # Системный пользователь Hysteria (создаётся install_server.sh)
hysteria2_system_user: hysteria hysteria2_system_user: hysteria
# --- uninstall (Salamander: без masq, порты 443/tcp+udp) --- # --- uninstall (Salamander: без masq, порты listen_port/tcp+udp) ---
hysteria2_uninstall_remove_config: true # install_server.sh --remove: бинарник + systemd; остальное — задачи uninstall.yml
hysteria2_uninstall_remove_masq: false hysteria2_uninstall_remove_masq: false
hysteria2_uninstall_remove_system_user: true
hysteria2_uninstall_remove_packages: true
hysteria2_uninstall_remove_firewall_rules: true
hysteria2_uninstall_remove_local_output: true
hysteria2_uninstall_rebuild_global_index: true hysteria2_uninstall_rebuild_global_index: true
hysteria2_uninstall_ufw_rules: hysteria2_uninstall_ufw_rules:
- "{{ hysteria2_listen_port }}/tcp" - "{{ hysteria2_listen_port }}/tcp"
+50 -17
View File
@@ -1,12 +1,12 @@
--- ---
- name: Stop and disable hysteria-server - name: Stop and disable hysteria-server before removal
ansible.builtin.systemd: ansible.builtin.systemd:
name: "{{ hysteria2_service_name }}" name: "{{ hysteria2_service_name }}"
enabled: false enabled: false
state: stopped state: stopped
failed_when: false failed_when: false
- name: Copy Hysteria2 install script to server for removal - name: Copy Hysteria2 install script to server
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ hysteria2_install_script_name }}" src: "{{ hysteria2_install_script_name }}"
dest: "{{ hysteria2_install_script_remote_path }}" dest: "{{ hysteria2_install_script_remote_path }}"
@@ -19,18 +19,60 @@
changed_when: _hysteria2_remove.rc == 0 changed_when: _hysteria2_remove.rc == 0
failed_when: false failed_when: false
- name: Show official script removal output
ansible.builtin.debug:
msg: "{{ _hysteria2_remove.stdout_lines | default(['install_server.sh --remove: no output']) }}"
when: _hysteria2_remove.stdout_lines is defined
- name: Remove Hysteria2 configuration and ACME data - name: Remove Hysteria2 configuration and ACME data
ansible.builtin.file: ansible.builtin.file:
path: "{{ hysteria2_config_path | dirname }}" path: "{{ item }}"
state: absent state: absent
when: hysteria2_uninstall_remove_config | default(true) | bool loop:
- "{{ hysteria2_config_path | dirname }}"
- "/var/lib/{{ hysteria2_system_user | default('hysteria') }}"
- name: Remove enabled hysteria-server systemd symlink
ansible.builtin.file:
path: /etc/systemd/system/multi-user.target.wants/hysteria-server.service
state: absent
failed_when: false
- name: Find enabled hysteria-server@ systemd symlinks
ansible.builtin.find:
paths: /etc/systemd/system/multi-user.target.wants
patterns: hysteria-server@*.service
file_type: file
register: _hysteria2_systemd_instance_wants
failed_when: false
- name: Remove enabled hysteria-server@ systemd symlinks
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop: "{{ _hysteria2_systemd_instance_wants.files | default([]) }}"
failed_when: false
- name: Remove Hysteria system user and home directory - name: Remove Hysteria system user and home directory
ansible.builtin.user: ansible.builtin.user:
name: "{{ hysteria2_system_user | default('hysteria') }}" name: "{{ hysteria2_system_user | default('hysteria') }}"
state: absent state: absent
remove: true remove: true
when: hysteria2_uninstall_remove_system_user | default(true) | bool failed_when: false
- name: Find temporary Hysteria client configs on server
ansible.builtin.find:
paths: /tmp
patterns: hysteria-client-*.yaml
file_type: file
register: _hysteria2_tmp_client_configs
failed_when: false
- name: Remove temporary Hysteria client configs on server
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop: "{{ _hysteria2_tmp_client_configs.files | default([]) }}"
failed_when: false failed_when: false
- name: Check if ufw is available and active - name: Check if ufw is available and active
@@ -38,7 +80,6 @@
register: _hysteria2_ufw_status register: _hysteria2_ufw_status
changed_when: false changed_when: false
failed_when: false failed_when: false
when: hysteria2_uninstall_remove_firewall_rules | default(true) | bool
- name: Remove firewall rules added during install - name: Remove firewall rules added during install
ansible.builtin.command: "ufw delete allow {{ item }}" ansible.builtin.command: "ufw delete allow {{ item }}"
@@ -49,9 +90,7 @@
and 'Could not delete' not in (_hysteria2_ufw_delete.stdout | default('')) and 'Could not delete' not in (_hysteria2_ufw_delete.stdout | default(''))
and 'Could not find' not in (_hysteria2_ufw_delete.stderr | default('')) and 'Could not find' not in (_hysteria2_ufw_delete.stderr | default(''))
failed_when: false failed_when: false
when: when: "'active' in (_hysteria2_ufw_status.stdout | default(''))"
- hysteria2_uninstall_remove_firewall_rules | default(true) | bool
- "'active' in (_hysteria2_ufw_status.stdout | default(''))"
- name: Remove packages installed for Hysteria2 - name: Remove packages installed for Hysteria2
ansible.builtin.apt: ansible.builtin.apt:
@@ -65,7 +104,6 @@
['curl', 'micro'] ['curl', 'micro']
+ (['qrencode'] if hysteria2_generate_qr_png | default(true) | bool else []) + (['qrencode'] if hysteria2_generate_qr_png | default(true) | bool else [])
}} }}
when: hysteria2_uninstall_remove_packages | default(true) | bool
- name: Remove copied install script from server - name: Remove copied install script from server
ansible.builtin.file: ansible.builtin.file:
@@ -76,23 +114,18 @@
ansible.builtin.systemd: ansible.builtin.systemd:
daemon_reload: true daemon_reload: true
- name: Remove local exported client files - name: Remove local output directory for this server
ansible.builtin.file: ansible.builtin.file:
path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}" path: "{{ hysteria2_output_dir }}/{{ hysteria2_output_name }}"
state: absent state: absent
delegate_to: localhost delegate_to: localhost
become: false become: false
when: hysteria2_uninstall_remove_local_output | default(true) | bool
- name: Show uninstall result - name: Show uninstall result
ansible.builtin.debug: ansible.builtin.debug:
msg: >- msg: >-
Hysteria2 (Salamander) полностью удалён с {{ inventory_hostname }}. Hysteria2 (Salamander) полностью удалён с {{ inventory_hostname }}.
{% if hysteria2_uninstall_remove_local_output | default(true) | bool %} Локальная папка {{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/ удалена.
Локальные URL/QR в {{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/ удалены.
{% if hysteria2_uninstall_rebuild_global_index | default(true) | bool %} {% if hysteria2_uninstall_rebuild_global_index | default(true) | bool %}
Глобальный {{ hysteria2_output_dir }}/index.html будет пересобран. Глобальный {{ hysteria2_output_dir }}/index.html будет пересобран.
{% endif %} {% endif %}
{% else %}
Локальные URL/QR в {{ hysteria2_output_dir }}/{{ hysteria2_output_name }}/ сохранены.
{% endif %}