Compare commits
3 Commits
3051d8a299
...
ccad04d544
Author | SHA1 | Date | |
---|---|---|---|
ccad04d544 | |||
4489e87a7b | |||
cbae3438a9 |
@ -33,7 +33,7 @@ before_script:
|
|||||||
zerotier-cli info && \
|
zerotier-cli info && \
|
||||||
zerotier-cli listnetworks
|
zerotier-cli listnetworks
|
||||||
# Get ready for execution
|
# Get ready for execution
|
||||||
- ansible-galaxy install -r roles/requirements.yml -p roles
|
- ansible-galaxy install -r requirements.yml
|
||||||
after_script:
|
after_script:
|
||||||
- |
|
- |
|
||||||
[ -n "$ZEROTIER_NETWORK_ID" ] && \
|
[ -n "$ZEROTIER_NETWORK_ID" ] && \
|
||||||
@ -64,18 +64,18 @@ Test:
|
|||||||
Play_Against_Pis:
|
Play_Against_Pis:
|
||||||
stage: play
|
stage: play
|
||||||
script:
|
script:
|
||||||
- ansible-playbook -l pis site.yml --vault-password-file /vaultpw || error="$?"
|
- ansible-playbook -l tags_pis site.yml --vault-password-file /vaultpw || error="$?"
|
||||||
- if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
|
- if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
|
||||||
- if [ -n "$error" ]; then echo "Return code $error"; false; fi
|
- if [ -n "$error" ]; then echo "Return code $error"; false; fi
|
||||||
Play_Against_Desktops:
|
Play_Against_Desktops:
|
||||||
stage: play
|
stage: play
|
||||||
script:
|
script:
|
||||||
- ansible-playbook -l desktop site.yml --vault-password-file /vaultpw || error="$?"
|
- ansible-playbook -l tags_desktop site.yml --vault-password-file /vaultpw || error="$?"
|
||||||
- if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
|
- if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
|
||||||
- if [ -n "$error" ]; then echo "Return code $error"; false; fi
|
- if [ -n "$error" ]; then echo "Return code $error"; false; fi
|
||||||
Play_Against_Production:
|
Play_Against_Production:
|
||||||
stage: play
|
stage: play
|
||||||
script:
|
script:
|
||||||
- ansible-playbook -l prod site.yml --vault-password-file /vaultpw || error="$?"
|
- ansible-playbook -l tags_prod site.yml --vault-password-file /vaultpw || error="$?"
|
||||||
- if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
|
- if [ "$error" -eq 4 ]; then echo "Some hosts were unreachable; masking error"; unset error; fi
|
||||||
- if [ -n "$error" ]; then echo "Return code $error"; false; fi
|
- if [ -n "$error" ]; then echo "Return code $error"; false; fi
|
||||||
|
@ -48,7 +48,7 @@ if [ -n "$ANSIBLE_SSH_KEY" ]; then
|
|||||||
chown ansible. /etc/ansible
|
chown ansible. /etc/ansible
|
||||||
sudo -u ansible rsync -aHS /etc/ansible.orig/ /etc/ansible/ --exclude .git
|
sudo -u ansible rsync -aHS /etc/ansible.orig/ /etc/ansible/ --exclude .git
|
||||||
printf '\e[37mInstalling roles...\e[0m\n'
|
printf '\e[37mInstalling roles...\e[0m\n'
|
||||||
sudo -u ansible ansible-galaxy install -r roles/requirements.yml -p roles
|
sudo -u ansible ansible-galaxy install -r requirements.yml
|
||||||
cd /etc/ansible
|
cd /etc/ansible
|
||||||
|
|
||||||
# Drop to the ansible user
|
# Drop to the ansible user
|
||||||
|
@ -1,55 +1,15 @@
|
|||||||
# vim:ft=ansible:
|
plugin: netbox.netbox.nb_inventory
|
||||||
all:
|
token: !vault |
|
||||||
vars:
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
ansible_user: ansible
|
31656630386363323836663537383930346336393061363461653532323561386632343063353161
|
||||||
ansible_become: yes
|
6630636535373331633762363738613232636366663430330a356333623466623230616433373036
|
||||||
children:
|
35386162633961616438383332346165323930333662376665616531613837316333653361313332
|
||||||
home:
|
3065343761343338340a336266316339616134336332376336326332663435323937343531636238
|
||||||
children:
|
37323530333463383062396363616263386430356438306133393130626365333932323734383165
|
||||||
pis:
|
3064663435626339393836353837643730333266366436373033
|
||||||
vars:
|
api_endpoint: "https://netbox.desu.ltd"
|
||||||
docker_apt_arch: arm64
|
group_by:
|
||||||
children:
|
- device_roles
|
||||||
pistorage:
|
- tags
|
||||||
hosts:
|
device_query_filters:
|
||||||
pi-storage-1.desu.ltd:
|
- has_primary_ip: "true"
|
||||||
pik8s:
|
|
||||||
children:
|
|
||||||
pik8s_masters:
|
|
||||||
vars:
|
|
||||||
kubernetes_role: master
|
|
||||||
hosts:
|
|
||||||
pi-kub-master-1.desu.ltd:
|
|
||||||
pik8s_nodes:
|
|
||||||
vars:
|
|
||||||
kubernetes_role: node
|
|
||||||
hosts:
|
|
||||||
pi-kub-node-1.desu.ltd:
|
|
||||||
keepalived_state: MASTER
|
|
||||||
keepalived_priority: 50
|
|
||||||
pi-kub-node-2.desu.ltd:
|
|
||||||
keepalived_priority: 49
|
|
||||||
pi-kub-node-3.desu.ltd:
|
|
||||||
keepalived_priority: 48
|
|
||||||
pi-kub-node-4.desu.ltd:
|
|
||||||
keepalived_priority: 47
|
|
||||||
pi-kub-node-5.desu.ltd:
|
|
||||||
keepalived_priority: 46
|
|
||||||
desktop:
|
|
||||||
hosts:
|
|
||||||
dsk-ryzen-0.desu.ltd:
|
|
||||||
lap-s76-lemp9-0.desu.ltd:
|
|
||||||
prod:
|
|
||||||
children:
|
|
||||||
db:
|
|
||||||
hosts:
|
|
||||||
psql1.desu.ltd:
|
|
||||||
web:
|
|
||||||
hosts:
|
|
||||||
web1.desu.ltd:
|
|
||||||
web2.desu.ltd:
|
|
||||||
web3.desu.ltd:
|
|
||||||
game:
|
|
||||||
hosts:
|
|
||||||
game1.desu.ltd:
|
|
||||||
game2.desu.ltd:
|
|
||||||
|
55
inventory/hosts.yml.old
Normal file
55
inventory/hosts.yml.old
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
# vim:ft=ansible:
|
||||||
|
all:
|
||||||
|
vars:
|
||||||
|
ansible_user: ansible
|
||||||
|
ansible_become: yes
|
||||||
|
children:
|
||||||
|
home:
|
||||||
|
children:
|
||||||
|
pis:
|
||||||
|
vars:
|
||||||
|
docker_apt_arch: arm64
|
||||||
|
children:
|
||||||
|
pistorage:
|
||||||
|
hosts:
|
||||||
|
pi-storage-1.desu.ltd:
|
||||||
|
pik8s:
|
||||||
|
children:
|
||||||
|
pik8s_masters:
|
||||||
|
vars:
|
||||||
|
kubernetes_role: master
|
||||||
|
hosts:
|
||||||
|
pi-kub-master-1.desu.ltd:
|
||||||
|
pik8s_nodes:
|
||||||
|
vars:
|
||||||
|
kubernetes_role: node
|
||||||
|
hosts:
|
||||||
|
pi-kub-node-1.desu.ltd:
|
||||||
|
keepalived_state: MASTER
|
||||||
|
keepalived_priority: 50
|
||||||
|
pi-kub-node-2.desu.ltd:
|
||||||
|
keepalived_priority: 49
|
||||||
|
pi-kub-node-3.desu.ltd:
|
||||||
|
keepalived_priority: 48
|
||||||
|
pi-kub-node-4.desu.ltd:
|
||||||
|
keepalived_priority: 47
|
||||||
|
pi-kub-node-5.desu.ltd:
|
||||||
|
keepalived_priority: 46
|
||||||
|
desktop:
|
||||||
|
hosts:
|
||||||
|
dsk-ryzen-0.desu.ltd:
|
||||||
|
lap-s76-lemp9-0.desu.ltd:
|
||||||
|
prod:
|
||||||
|
children:
|
||||||
|
db:
|
||||||
|
hosts:
|
||||||
|
psql1.desu.ltd:
|
||||||
|
web:
|
||||||
|
hosts:
|
||||||
|
web1.desu.ltd:
|
||||||
|
web2.desu.ltd:
|
||||||
|
web3.desu.ltd:
|
||||||
|
game:
|
||||||
|
hosts:
|
||||||
|
game1.desu.ltd:
|
||||||
|
game2.desu.ltd:
|
@ -2,7 +2,7 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
# Home desktops
|
# Home desktops
|
||||||
- hosts: desktop
|
- hosts: tags_desktop
|
||||||
tasks:
|
tasks:
|
||||||
- name: assure pi-storage-1 nfs mountpoint
|
- name: assure pi-storage-1 nfs mountpoint
|
||||||
file: path=/nfs/pi-storage-1.desu.ltd state=directory owner=root mode=0755
|
file: path=/nfs/pi-storage-1.desu.ltd state=directory owner=root mode=0755
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
# Game servers
|
# Game servers
|
||||||
---
|
---
|
||||||
- hosts: game
|
- hosts: tags_game
|
||||||
roles:
|
roles:
|
||||||
- role: backup
|
- role: backup
|
||||||
vars:
|
vars:
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
# k8s
|
# k8s
|
||||||
- hosts: pik8s
|
- hosts: tag_pik8s
|
||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: install nfs-common
|
- name: install nfs-common
|
||||||
@ -17,13 +17,13 @@
|
|||||||
- docker
|
- docker
|
||||||
- kubelet
|
- kubelet
|
||||||
tags: [ k8s, motd ]
|
tags: [ k8s, motd ]
|
||||||
- hosts: pik8s_masters
|
- hosts: tag_pik8s-master
|
||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: install openshift
|
- name: install openshift
|
||||||
pip: name=openshift state=latest
|
pip: name=openshift state=latest
|
||||||
tags: [ k8s, packages, pip ]
|
tags: [ k8s, packages, pip ]
|
||||||
- hosts: pik8s_nodes
|
- hosts: tag_pik8s-node
|
||||||
gather_facts: no
|
gather_facts: no
|
||||||
roles:
|
roles:
|
||||||
- role: keepalived
|
- role: keepalived
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
# vim:ft=ansible:
|
# vim:ft=ansible:
|
||||||
---
|
---
|
||||||
# General configuration
|
# General configuration
|
||||||
- hosts: pis
|
- hosts: tags_pis
|
||||||
roles:
|
roles:
|
||||||
- role: zerotier
|
- role: zerotier
|
||||||
tags: [ pis, zerotier ]
|
tags: [ pis, zerotier ]
|
||||||
|
55
requirements.yml
Normal file
55
requirements.yml
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
# vim:ft=ansible
|
||||||
|
# To install, use pip-style invocation:
|
||||||
|
# ansible-galaxy install -r requirements.yml
|
||||||
|
collections:
|
||||||
|
- netbox.netbox
|
||||||
|
|
||||||
|
roles:
|
||||||
|
# Upstream: https://github.com/willshersystems/ansible-sshd
|
||||||
|
- name: sshd
|
||||||
|
src: willshersystems.sshd
|
||||||
|
version: v0.12.0
|
||||||
|
# Upstream: https://github.com/bertvv/ansible-role-dhcp
|
||||||
|
- name: dhcp
|
||||||
|
src: bertvv.dhcp
|
||||||
|
version: master
|
||||||
|
# Upstream: https://github.com/geerlingguy/ansible-role-nfs
|
||||||
|
- name: nfs
|
||||||
|
src: geerlingguy.nfs
|
||||||
|
version: 2.0.0
|
||||||
|
# Upstream: https://github.com/geerlingguy/ansible-role-docker
|
||||||
|
- name: docker
|
||||||
|
src: geerlingguy.docker
|
||||||
|
version: 3.0.0
|
||||||
|
# Upstream: https://github.com/geerlingguy/ansible-role-kubernetes
|
||||||
|
- name: k8s
|
||||||
|
src: geerlingguy.kubernetes
|
||||||
|
version: 5.0.1
|
||||||
|
# Upstream: https://github.com/geerlingguy/ansible-role-postgresql
|
||||||
|
- name: postgresql
|
||||||
|
src: geerlingguy.postgresql
|
||||||
|
version: 2.2.1
|
||||||
|
# Upstream: https://github.com/geerlingguy/ansible-role-certbot
|
||||||
|
- name: certbot
|
||||||
|
src: geerlingguy.certbot
|
||||||
|
version: 3.1.0
|
||||||
|
# Upstream: https://github.com/geerlingguy/ansible-role-apache
|
||||||
|
- name: apache
|
||||||
|
src: geerlingguy.apache
|
||||||
|
version: 3.1.0
|
||||||
|
# Upstream: https://github.com/geerlingguy/ansible-role-php
|
||||||
|
- name: php
|
||||||
|
src: geerlingguy.php
|
||||||
|
version: 4.5.1
|
||||||
|
# Upstream: https://github.com/thomas-maurice/ansible-role-gitea
|
||||||
|
- name: gitea
|
||||||
|
src: thomas_maurice.ansible_role_gitea
|
||||||
|
version: master
|
||||||
|
# Upstream: https://github.com/nkakouros-original/ansible-role-nextcloud
|
||||||
|
- name: nextcloud
|
||||||
|
src: nkakouros.nextcloud
|
||||||
|
version: master
|
||||||
|
# Upstream: https://github.com/bplower/ansible-factorio
|
||||||
|
- name: factorio
|
||||||
|
src: bplower.factorio
|
||||||
|
version: master
|
@ -1,77 +0,0 @@
|
|||||||
# vim:ft=ansible
|
|
||||||
# To install, use pip-style invocation:
|
|
||||||
# ansible-galaxy install -r requirements.yml
|
|
||||||
|
|
||||||
# MAD PROPS to geerlingguy; if for some reason you end up reading this, hit me
|
|
||||||
# up and I'll buy you a beer or a pizza or something.
|
|
||||||
|
|
||||||
# SSHD
|
|
||||||
# Upstream: https://github.com/willshersystems/ansible-sshd
|
|
||||||
- src: willshersystems.sshd
|
|
||||||
version: v0.12.0
|
|
||||||
name: sshd
|
|
||||||
|
|
||||||
# DHCP
|
|
||||||
# Upstream: https://github.com/bertvv/ansible-role-dhcp
|
|
||||||
- src: bertvv.dhcp
|
|
||||||
version: master
|
|
||||||
name: dhcp
|
|
||||||
|
|
||||||
# NFS
|
|
||||||
# Upstream: https://github.com/geerlingguy/ansible-role-nfs
|
|
||||||
- src: geerlingguy.nfs
|
|
||||||
version: 2.0.0
|
|
||||||
name: nfs
|
|
||||||
|
|
||||||
# Orchestration
|
|
||||||
# Upstream: https://github.com/geerlingguy/ansible-role-docker
|
|
||||||
- src: geerlingguy.docker
|
|
||||||
version: 3.0.0
|
|
||||||
name: docker
|
|
||||||
# Upstream: https://github.com/geerlingguy/ansible-role-kubernetes
|
|
||||||
- src: geerlingguy.kubernetes
|
|
||||||
version: 5.0.1
|
|
||||||
name: k8s
|
|
||||||
|
|
||||||
# DB Server stuff
|
|
||||||
# Upstream: https://github.com/geerlingguy/ansible-role-postgresql
|
|
||||||
- src: geerlingguy.postgresql
|
|
||||||
version: 2.2.1
|
|
||||||
name: postgresql
|
|
||||||
|
|
||||||
# Monitoring
|
|
||||||
# TODO: Find something that doesn't suck
|
|
||||||
|
|
||||||
# Webserver stuff
|
|
||||||
# Upstream: https://github.com/geerlingguy/ansible-role-certbot
|
|
||||||
- src: geerlingguy.certbot
|
|
||||||
version: 3.1.0
|
|
||||||
name: certbot
|
|
||||||
# Upstream: https://github.com/geerlingguy/ansible-role-apache
|
|
||||||
- src: geerlingguy.apache
|
|
||||||
version: 3.1.0
|
|
||||||
name: apache
|
|
||||||
# Upstream: https://github.com/geerlingguy/ansible-role-php
|
|
||||||
- src: geerlingguy.php
|
|
||||||
version: 4.5.1
|
|
||||||
name: php
|
|
||||||
|
|
||||||
# Web applications
|
|
||||||
# Upstream: https://github.com/thomas-maurice/ansible-role-gitea
|
|
||||||
- src: thomas_maurice.ansible_role_gitea
|
|
||||||
version: master
|
|
||||||
name: gitea
|
|
||||||
# Upstream: https://github.com/nkakouros-original/ansible-role-nextcloud
|
|
||||||
- src: nkakouros.nextcloud
|
|
||||||
version: master
|
|
||||||
name: nextcloud
|
|
||||||
# Upstream: https://github.com/ONLYOFFICE/ansible-role-documentserver
|
|
||||||
- src: onlyoffice.documentserver
|
|
||||||
version: v1.0.3
|
|
||||||
name: onlyoffice
|
|
||||||
|
|
||||||
# Game Servers
|
|
||||||
# Upstream: https://github.com/bplower/ansible-factorio
|
|
||||||
- src: bplower.factorio
|
|
||||||
version: master
|
|
||||||
name: factorio
|
|
Loading…
Reference in New Issue
Block a user