.gitlab-ci.yml

@@ -60,16 +60,16 @@ Test:
     - if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
     - if [ -n "$error" ]; then echo "Return code $error"; false; fi
 
-Play_Against_PiK8S:
+Play_Against_Pis:
   stage: play
   script:
-    - ansible-playbook -l device_roles_pik8s-master,device_roles_pik8s-node,device_roles_pik8s-storage site.yml --vault-password-file /vaultpw || error="$?"
+    - ansible-playbook -l tags_pis site.yml --vault-password-file /vaultpw || error="$?"
     - if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
     - if [ -n "$error" ]; then echo "Return code $error"; false; fi
 Play_Against_Desktops:
   stage: play
   script:
-    - ansible-playbook -l device_roles_workstation site.yml --vault-password-file /vaultpw || error="$?"
+    - ansible-playbook -l tags_desktop site.yml --vault-password-file /vaultpw || error="$?"
     - if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
     - if [ -n "$error" ]; then echo "Return code $error"; false; fi
 Play_Against_Production:

playbooks/desktop.yml

@@ -2,7 +2,7 @@
 # vim:ft=ansible:
 ---
   # Home desktops
-- hosts: device_roles_workstation
+- hosts: tags_desktop
   tasks:
     - name: assure pi-storage-1 nfs mountpoint
       file: path=/nfs/pi-storage-1.desu.ltd state=directory owner=root mode=0755

playbooks/pik8s.yml

@@ -2,7 +2,7 @@
 # vim:ft=ansible:
 ---
 # k8s
-- hosts: device_roles_pik8s-master,device_roles_pik8s-node
+- hosts: tags_pik8s
   gather_facts: no
   roles:
     - role: k8s
@@ -12,13 +12,13 @@
         backup_s3backup_list_extra:
           - /etc/kubernetes
       tags: [ k8s, backup ]
-- hosts: device_roles_pik8s-master
+- hosts: tags_pik8s-master
   gather_facts: no
   tasks:
     - name: install openshift
       pip: name=openshift state=latest
       tags: [ k8s, packages, pip ]
-- hosts: device_roles_pik8s-node
+- hosts: tags_pik8s-node
   gather_facts: no
   roles:
     - role: keepalived

playbooks/pistorage.yml

@@ -2,10 +2,8 @@
 # vim:ft=ansible:
 ---
 # Mass storage Pis
-- hosts: device_roles_pik8s-storage
+- hosts: tags_pistorage
   tasks:
-    # The specific mount here is because each storage node as an M.2 SSD hooked up to it
-    # So we mount that and use the SD card for normal OS shenanigans
     - name: assure mount directory
       file: path=/data state=directory mode=0755
       tags: [ pis, storage ]

site.yml

@@ -37,21 +37,19 @@
           UsePAM: yes
           X11Forwarding: no
       tags: [ sshd, common ]
-  # Manufacturer configuration
+  # Fundamental daemon configuration
-- import_playbook: playbooks/manufacturers_raspi.yml
+- import_playbook: playbooks/zerotier.yml
-  # Tags for fundamental services
+- import_playbook: playbooks/snmp.yml
-- import_playbook: playbooks/tags_zerotier.yml
+- import_playbook: playbooks/nrpe.yml
-- import_playbook: playbooks/tags_snmp.yml
+  # Application configuration
-- import_playbook: playbooks/tags_nagios-nrpe.yml
+- import_playbook: playbooks/db.yml
-  # Device roles
+- import_playbook: playbooks/web.yml
-- import_playbook: playbooks/device_roles_pik8s-storage.yml
+- import_playbook: playbooks/game.yml
-- import_playbook: playbooks/device_roles_pik8s.yml
+- import_playbook: playbooks/pis.yml
-- import_playbook: playbooks/device_roles_workstation.yml
+- import_playbook: playbooks/pistorage.yml
-  # Production configuration
+- import_playbook: playbooks/pik8s.yml
-- import_playbook: playbooks/prod_db.yml
+- import_playbook: playbooks/desktop.yml
-- import_playbook: playbooks/prod_web.yml
+  # Background task configuration
-- import_playbook: playbooks/prod_game.yml
+- import_playbook: playbooks/ansible-pull.yml
-  # Supplementary tags
+  # Housekeeping
-- import_playbook: playbooks/tags_ansible-pull.yml
+- import_playbook: playbooks/docker-prune.yml
-  # Housekeeping tags for one-off tasks
-- import_playbook: playbooks/tags_docker-prune.yml