From 910018e3d50d19c0863c87be82646863171a1e0c Mon Sep 17 00:00:00 2001 From: Salt Date: Tue, 9 Jun 2020 01:13:19 -0500 Subject: [PATCH] Add Adam to our server configuration --- gameservers.yml | 13 ++++++++ roles/adam/defaults/main.yml | 4 +++ roles/adam/tasks/main.yml | 52 ++++++++++++++++++++++++++++++ roles/adam/templates/adam@.service | 29 +++++++++++++++++ roles/adam/templates/auth.json | 3 ++ 5 files changed, 101 insertions(+) create mode 100644 roles/adam/defaults/main.yml create mode 100644 roles/adam/tasks/main.yml create mode 100644 roles/adam/templates/adam@.service create mode 100644 roles/adam/templates/auth.json diff --git a/gameservers.yml b/gameservers.yml index 10b8d4b..23301ce 100644 --- a/gameservers.yml +++ b/gameservers.yml @@ -3,6 +3,19 @@ --- - hosts: game1.9iron.club roles: + - role: adam + vars: + adam_name: lain + adam_auth_token: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 33346238356561313736653431666439363835663134303339366536663964333138666530343166 + 6132353938663563316265346630613231616362643937380a616132386464653438343739613937 + 32626230326430396563316363613139306535663832336531636239633364383432373739646436 + 3338376362313539360a383763313439633331313531323232653866633065333933633061326465 + 64343165613961346362353162316530623132633164643461616633633335666232633833313561 + 33306532343963383331623663616161626533633261383238646164663362396261633736636362 + 373764613833343634346333613639626535 + tags: [ discord, adam ] - role: backups tags: [ backups ] - role: minecraft diff --git a/roles/adam/defaults/main.yml b/roles/adam/defaults/main.yml new file mode 100644 index 0000000..5786850 --- /dev/null +++ b/roles/adam/defaults/main.yml @@ -0,0 +1,4 @@ +#!/usr/bin/ansible-playbook +# vim:ft=ansible: +adam_name: adam +adam_repo: "https://git.9iron.club/salt/adam" diff --git a/roles/adam/tasks/main.yml b/roles/adam/tasks/main.yml new file mode 100644 index 0000000..40678d5 --- /dev/null +++ b/roles/adam/tasks/main.yml @@ -0,0 +1,52 @@ +#!/usr/bin/ansible-playbook +# vim:ft=ansible: +- name: Set up Adam + block: + - name: Install Node + apt: + name: + - nodejs + - npm + - name: Create Adam user + user: + name: discord-adam + - name: Assure data directory + file: + path: "/var/adam" + mode: 0755 + owner: root + group: root + - name: Create specific data directory + file: + path: "/var/adam/{{ adam_name }}" + state: directory + mode: 0755 + owner: discord-adam + group: discord-adam + - name: Set up bot root + block: + - name: Clone bot repo + git: + repo: "{{ adam_repo }}" + dest: "/var/adam/{{ adam_name }}" + - name: Initialize NPM modules + npm: + path: "/var/adam/{{ adam_name }}" + - name: Template out authentication token + template: + src: "auth.json" + dest: "/var/adam/{{ adam_name }}/auth.json" + mode: "0700" + owner: discord-adam + group: discord-adam + - name: Template out service + template: + src: "adam@.service" + dest: "/etc/systemd/system/adam@.service" + - name: Start and enable service + systemd: + daemon_reload: yes + name: "adam@{{ adam_name }}.service" + enabled: yes + state: started + become: yes diff --git a/roles/adam/templates/adam@.service b/roles/adam/templates/adam@.service new file mode 100644 index 0000000..d48ad3d --- /dev/null +++ b/roles/adam/templates/adam@.service @@ -0,0 +1,29 @@ +# +# Licensed under the terms of the MIT license +# vim:ft=dosini: +# + +[Unit] +Description=Adam Bot %i +After=network.target + +[Service] +User=discord-adam +Group=discord-adam +WorkingDirectory=/var/adam/%i +PrivateUsers=true +ProtectSystem=full +ProtectHome=true +# Implies MountFlags=slave +ProtectKernelTunables=true +# Implies NoNewPrivileges=yes +ProtectKernelModules=true +# Implies MountAPIVFS=yes +ProtectControlGroups=true + +ExecStart=/usr/bin/node index.js + +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/roles/adam/templates/auth.json b/roles/adam/templates/auth.json new file mode 100644 index 0000000..bdc2868 --- /dev/null +++ b/roles/adam/templates/auth.json @@ -0,0 +1,3 @@ +{ + "token": "{{ adam_auth_token }}" +}