Created shell, ansible-dependencies, common, and gitea roles

2026-03-24 22:34:42 +00:00 · 2018-07-27 00:59:24 +00:00
parent 090805b618
commit 2490fba2a2
15 changed files with 320 additions and 0 deletions
--- a/14
+++ b/14
@@ -0,0 +1,14 @@
 [[source]]
 url = "https://pypi.python.org/simple"
 verify_ssl = true
 name = "pypi"
 [dev-packages]
 [packages]
 ansible = "==2.4.0.0"
--- a/group_vars/all
+++ b/group_vars/all
@@ -0,0 +1,12 @@
 ---
 # Variables listed here are applicable to all host groups
 docker_compose_version_to_install: 1.18.0
 docker_ce_version_to_install: 17.09.1~ce-0~ubuntu
 nvm_version: v0.33.5
 node_version: 8.4.0
 rcontent.com/jcwimer/ubuntu-template/master/post/id_rsa.pub
 standard_user: cody
 git_user: "Jacob Cody Wimer"
 git_email: "jacob.wimer@gmail.com"
 chosen_timezone: "America/New_York"
--- a/0
+++ b/0
--- a/playbooks/multi-instance.yml
+++ b/playbooks/multi-instance.yml
@@ -0,0 +1,27 @@
 ---
 # This playbook deploys a development machine
 # EXAMPLE:
 # ansible-playbook -i ${project_dir}/hosts ${project_dir}/playbooks/site.yml \
 # -extra-vars "home_pub_key=<pub-key-location-to-curl> standard_user=<user_name> git_user=<git-user> git_email=<git-email>"
 - name: Install ansible dependencies
  hosts: all
  user: root
  gather_facts: no
  serial: 100%
  tasks:
    - include: ../roles/ansible-dependencies/tasks/main.yml
 - name: Apply common configuration to all nodes
  hosts: all
  user: root
  serial: 100%
  tasks:
   - include: ../roles/common/tasks/main.yml
 - name: Deploy gitea
  hosts: gitea
  user: root
  serial: 100%
  tasks:
    - include: ../roles/gitea/tasks/main.yml
--- a/requirements.txt
+++ b/requirements.txt
@@ -0,0 +1 @@
 ansible==2.4.0.0
--- a/roles/ansible-dependencies/tasks/main.yml
+++ b/roles/ansible-dependencies/tasks/main.yml
@@ -0,0 +1,11 @@
 ---
 - name: Install package dependencies
  raw: apt-get update -qq && apt-get install -y python-simplejson python-urllib3 python-openssl python-pyasn1 python-pip ca-certificates
 - name: Install pip dependencies
  raw: pip install ndg-httpsclient
  ignore_errors: true
 - name: Install pip dependencies again because it fails sometimes
  raw: pip install ndg-httpsclient
  ignore_errors: true
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -0,0 +1,101 @@
 ---
 # This playbook contains plays that will run on all nodes
 - name: Add docker key
  apt_key:
    url: https://download.docker.com/linux/ubuntu/gpg
    state: present
 - name: Add docker repo
  apt_repository:
    repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
    state: present
 - name: Update apt
  apt: update_cache=yes
 #- name: Upgrade APT to the lastest packages
 #  apt: upgrade=dist
 - name: Install standard programs
  apt: name={{ item }}  state=present force=yes
  with_items:
    - htop
    - curl
    - openssh-server
    - git
    - rsync
    - zip
    - unzip
    - fail2ban
    - ntp
    - mysql-client
    - wget
    - nfs-common
    - docker-ce={{docker_ce_version_to_install}}
    - sshpass
    - ack-grep
    - dnsutils
    - nmon
    - build-essential
    - tmux
 - name: Create standard user
  user:
    name: "{{ standard_user }}"
    groups:
      - sudo
      - docker
    state: present
    shell: /bin/bash
 - name: Add standard_user to docker group
  user:
    name: "{{ standard_user }}"
    groups: docker
    append: yes
 - name: Set authorized key took from url
  become: yes
  become_user: "{{ standard_user }}"
  authorized_key:
    user: "{{ standard_user }}"
    state: present
    key: "{{ home_pub_key }}"
 - name: Docker compose version
  get_url:
    url: "https://github.com/docker/compose/releases/download/{{docker_compose_version_to_install}}/docker-compose-{{ ansible_system }}-{{ ansible_userspace_architecture }}"
    dest: /usr/local/bin/docker-compose
    validate_certs: false
    mode: 755
    group: docker
 - name: Set timezone to NewYork
  timezone:
      name: "{{ chosen_timezone }}"
  ignore_errors: true
 - name: Replace sudoers file
  template: src=../roles/common/templates/sudoers.j2 dest=/etc/sudoers
 - name: Create /etc/docker
  file:
    path: /etc/docker
    group: root
    owner: root
    mode: 700
    state: directory
 - name: Replace docker daemon file
  template: src=../roles/common/templates/docker-daemon.json.j2 dest=/etc/docker/daemon.json
  register: dockerdaemon
 - name: Restart docker if daemon changes
  service:
    name: docker
    state: restarted
  when: dockerdaemon.changed
 - name: Creates directory
  file: path=/data state=directory
--- a/roles/common/templates/docker-daemon.json.j2
+++ b/roles/common/templates/docker-daemon.json.j2
@@ -0,0 +1,5 @@
 {
  "insecure-registries" : ["{{ registry_location }}","10.0.0.221:5000"],
  "metrics-addr" : "0.0.0.0:9323",
  "experimental" : true
 }
--- a/roles/common/templates/sudoers.j2
+++ b/roles/common/templates/sudoers.j2
@@ -0,0 +1,30 @@
 #
 # This file MUST be edited with the 'visudo' command as root.
 #
 # Please consider adding local content in /etc/sudoers.d/ instead of
 # directly modifying this file.
 #
 # See the man page for details on how to write a sudoers file.
 #
 Defaults	env_reset
 Defaults	mail_badpass
 Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 # Host alias specification
 # User alias specification
 # Cmnd alias specification
 # User privilege specification
 root	ALL=(ALL:ALL) ALL
 # Members of the admin group may gain root privileges
 %admin ALL=(ALL) ALL
 # Allow members of group sudo to execute any command
 %sudo	ALL=(ALL) NOPASSWD:ALL
 # See sudoers(5) for more information on "#include" directives:
 #includedir /etc/sudoers.d
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -0,0 +1,6 @@
 ---
 - name: Replace sudoers file
  template: src=../roles/gitea/templates/docker-compose.yml.j2 dest=/data/gitea.yml
 - name: Run docker-compose
  shell: cd /data && docker-compose -f gitea.yml up -d
--- a/roles/gitea/templates/docker-compose.yml.j2
+++ b/roles/gitea/templates/docker-compose.yml.j2
@@ -0,0 +1,28 @@
 version: '2'
 services:
  web:
    image: gitea/gitea:1.3.2
    volumes:
      - ./data:/data
    ports:
      - "80:3000"
      - "2222:22"
    restart: always
 #    networks:
 #      - db
 #    depends_on:
 #      - db
 #  db:
 #    image: mariadb:10
 #    restart: always
 #    networks:
 #      - db
 #    environment:
 #      - MYSQL_ROOT_PASSWORD=changeme
 #      - MYSQL_DATABASE=gitea
 #      - MYSQL_USER=gitea
 #      - MYSQL_PASSWORD=changeme
 #    volumes:
 #      - ./db/:/var/lib/mysql
 #networks:
 #  db:
--- a/supporting-scripts/multi-instance-deploy.sh
+++ b/supporting-scripts/multi-instance-deploy.sh
@@ -0,0 +1,4 @@
 #!/bin/bash
 #keep adding dirname's to go up more directories.
 project_dir="$(dirname $( dirname $(readlink -f ${BASH_SOURCE[0]})))"
 ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ${project_dir}/multi-instance-hosts ${project_dir}/playbooks/multi-instance.yml
--- a/tasks/ansible-dependencies.yml
+++ b/tasks/ansible-dependencies.yml
@@ -0,0 +1,11 @@
 ---
 - name: Install package dependencies
  raw: apt-get update -qq && apt-get install -y python-dev python-simplejson python-urllib3 python-openssl python-pyasn1 python-pip ca-certificates
 - name: Install pip dependencies
  raw: pip install ndg-httpsclient
  ignore_errors: true
 - name: Install pip dependencies again because it fails sometimes
  raw: pip install ndg-httpsclient
  ignore_errors: true
--- a/tasks/swarm-bootstrap.yml
+++ b/tasks/swarm-bootstrap.yml
@@ -0,0 +1,22 @@
 ---
 - name: Initialize swarm on the bootstrap manager
  command: >
    docker swarm init --advertise-addr "{{ ansible_eth1.ipv4.address }}"
  register: docker_swarm_init
  changed_when: docker_swarm_init.rc == 0
  ignore_errors: true
 - name: Set manager key variable
  command: docker swarm join-token -q manager
  register: manager_key
  changed_when: manager_key.rc == 0
 - name: Set worker key variable
  command: docker swarm join-token -q worker
  register: worker_key
  changed_when: worker_key.rc == 0
 - name: Set work and manager key facts
  set_fact:
    manager_key: "{{ manager_key }}"
    worker_key: "{{ worker_key }}"
--- a/tasks/ubuntu-common.yml
+++ b/tasks/ubuntu-common.yml
@@ -0,0 +1,48 @@
 ---
 - name: Add docker key
  apt_key:
    url: https://download.docker.com/linux/ubuntu/gpg
    state: present
 - name: Add docker repo
  apt_repository:
    repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
    state: present
 - name: Update apt
  apt: update_cache=yes
 - name: Install standard programs
  apt: name={{ item }}  state=present force=yes
  with_items:
    - htop
    - curl
    - openssh-server
    - git
    - rsync
    - zip
    - unzip
    - fail2ban
    - ntp
    - mysql-client
    - wget
    - nfs-common
    - docker-ce={{docker_ce_version_to_install}}
    - sshpass
    - ack-grep
    - dnsutils
    - nmon
    - build-essential
    - tmux
 - name: Docker compose version
  get_url:
    url: "https://github.com/docker/compose/releases/download/{{docker_compose_version_to_install}}/docker-compose-{{ ansible_system }}-{{ ansible_userspace_architecture }}"
    dest: /usr/local/bin/docker-compose
    validate_certs: false
    mode: 0755
 - name: Set timezone to NewYork
  timezone:
      name: America/New_York
  ignore_errors: true