salt/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add Zerotier role

Browse Source
This commit is contained in:
Salt 2020-11-08 01:34:05 -06:00
parent 4ad6032708
commit 99adf1356f
5 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
inventory/group_vars/all.yml
View File

@ -5,6 +5,15 @@ ansible_pull_repo: "https://git.9iron.club/salt/ansible"
ansible_pull_commit: rewrite ansible_pull_commit: rewrite
common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible" common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible"
# For zerotier
zerotier_network_id: !vault |
$ANSIBLE_VAULT;1.1;AES256
35646131343239623265663562343333383362366633386462646465643163353866643633636135
6238643231313536323337343663313865323430323437630a353462393830376431376363373232
30656433343263653035333637336165323931363966376264353164326135336131646362623734
3339633961393864330a616437613534643231366634643362383438316233376334636264303361
65313231393433396538663463383731303661633663343066333264303330313133
# For geerlingguy.apache # For geerlingguy.apache
apache_remove_default_vhost: yes apache_remove_default_vhost: yes
apache_ssl_cipher_suite: AES256+EECDH:AES256+EDH apache_ssl_cipher_suite: AES256+EECDH:AES256+EDH

9
roles/zerotier/handlers/main.yml Normal file
View File

@ -0,0 +1,9 @@
#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: restart zerotier
systemd:
daemon_reload: yes
name: zerotier-one.service
state: restarted
become: yes

18
roles/zerotier/tasks/main.yml Normal file
View File

@ -0,0 +1,18 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
---
- name: ensure zerotier repo key
apt_key: url=https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg
- name: ensure zerotier repo
apt_repository: repo="deb http://download.zerotier.com/debian/buster buster main"
- name: update apt cache
apt: update_cache=yes cache_valid_time=86400
- name: ensure packages
apt: name=zerotier-one
- name: template unit file
template: src=zerotier-one.service dest=/etc/systemd/system/zerotier-one.service
notify: restart zerotier
- name: join network
command:
argv: [ zerotier-cli, join, "{{ zerotier_network_id }}" ]
changed_when: no

14
roles/zerotier/templates/zerotier-one.service Normal file
View File

@ -0,0 +1,14 @@
[Unit]
Description=ZeroTier One
After=network.target
Wants=network-online.target
[Service]
ExecStart=/usr/sbin/zerotier-one
Restart=always
KillMode=process
# Issue 738
TimeoutStopSec=10
[Install]
WantedBy=multi-user.target

3
site.yml
View File

@ -23,6 +23,9 @@
- SUBSYSTEM=="usb", ATTR{idVendor}=="0955", MODE="0664", GROUP="plugdev" - SUBSYSTEM=="usb", ATTR{idVendor}=="0955", MODE="0664", GROUP="plugdev"
become: yes become: yes
tags: [ desktop, udev ] tags: [ desktop, udev ]
- role: zerotier
become: yes
tags: [ desktop, zerotier ]
# Database servers # Database servers
- hosts: db1.test.desu.ltd - hosts: db1.test.desu.ltd
roles: roles: