sync with second remote

inventory/inventory.sh

@@ -114,6 +114,9 @@ all:
 # Loop through each IP in the comma-separated list
 IFS=',' read -ra IPS <<< "$IP_LIST"
 for IP in "${IPS[@]}"; do
+    ip_check=$(curl -s http://172.25.100.15:15010/ip_check?ip=${IP} | jq .in_subnets)
+    echo $ip_check
+
     inventory_content+="    ${IP}:
       ansible_host: ${IP}
 "

roles/storage_api/files/disk_service.py

@@ -0,0 +1,34 @@
+from flask import Flask, jsonify
+import psutil
+
+app = Flask(__name__)
+app.config['JSONIFY_PRETTYPRINT_REGULAR'] = True
+
+def bytes_to_human_readable(bytes):
+    for unit in ['B', 'KB', 'MB', 'GB', 'TB']:
+        if bytes < 1024.0:
+            return f"{bytes:.2f} {unit}"
+        bytes /= 1024.0
+
+def get_disk_info():
+    disk_info = []
+    partitions = psutil.disk_partitions()
+    for partition in partitions:
+        usage = psutil.disk_usage(partition.mountpoint)
+        disk_info.append({
+            'device': partition.device.replace('\\\\', '\\').rstrip('\\'),
+            #'mountpoint': partition.mountpoint,
+            #'fstype': partition.fstype,
+            'total': bytes_to_human_readable(usage.total),
+            'used': bytes_to_human_readable(usage.used),
+            'free': bytes_to_human_readable(usage.free),
+            'percent': usage.percent
+        })
+    return disk_info
+
+@app.route('/disk', methods=['GET'])
+def disk():
+    return jsonify(get_disk_info())
+
+if __name__ == '__main__':
+    app.run(host='0.0.0.0', port=5000)

roles/user_check/defaults/main.yaml

@@ -0,0 +1,7 @@
+---
+
+
+ip_check_folder: "/opt/cosmos/ip_check"
+
+
+...

roles/user_check/tasks/main.yaml

@@ -0,0 +1,7 @@
+---
+
+- name: Subnet Security Check
+  #when: 'SERVER_SUBNET_GROUP not in subnet_group_check'
+  include_tasks: user_check.yaml
+
+...

roles/user_check/tasks/user_check.yaml

@@ -0,0 +1,71 @@
+---
+- name: user check
+  delegate_to: localhost 
+  block:
+
+  - name: show user vars
+    debug:
+      msg: 
+        - "User email:"
+        - "{{ jenkins_user}}"
+        - "Jenkins Group:"
+        - "{{ jenkins_group}}"
+        - "SERVER_SUBNET_GROUP:"
+        - "{{ SERVER_SUBNET_GROUP }}"
+        - "subnet_group_check:"
+        - "{{ subnet_group_check }}"
+        - "Host IP:"
+        - "{{ ansible_ssh_host }}"
+
+  # Create venv Folder
+  - name: create ip venv folder
+    file:
+      path: "{{ ip_check_folder }}"
+      state: directory
+      #mode: '0755'
+
+  # Copy venv files
+  - name: copy ip venv files
+    copy:
+      src: subnet_check/
+      dest: "{{ ip_check_folder }}"
+      #mode: 0644
+
+  - name: extract venv
+    unarchive:
+      src: /var/jenkins_home/ansible-files/programs/ip_check_venv.tar.gz
+      dest: "{{ ip_check_folder }}"
+      #mode: 0644
+
+  ## build venv
+  ## commenting and using pre-made archived env to save time
+  #- name: build venv
+  #  pip:
+  #    virtualenv: "{{ ip_check_folder }}/venv"
+  #    requirements: "{{ ip_check_folder }}/requirements.txt"
+  #    virtualenv_command: python3 -m venv
+  #    state: present
+
+  # check if IP is restricted
+  - name: check for restricted IP
+    shell: "{{ ip_check_folder }}/venv/bin/python {{ ip_check_folder }}/ip_check.py {{ ansible_ssh_host }}"
+    args:
+      chdir: "{{ ip_check_folder }}"
+    register: restricted_ip_check
+
+  - name: display output of this 
+    debug:
+      msg: 
+        - "{{ restricted_ip_check.cmd }}"
+        - "{{ restricted_ip_check.stdout_lines }}"
+
+  - name: end play if not admin
+    when: restricted_ip_check.stdout_lines[0] | bool
+    block:
+
+      - name: display warning
+        debug:
+          msg: "Warning: Your user account is not authorized to run playbooks on this subnet."
+      - meta: end_play
+
+...