Created shell, ansible-dependencies, common, and gitea roles

2026-03-24 22:34:42 +00:00 · 2018-07-27 00:59:24 +00:00
parent 090805b618
commit 2490fba2a2
15 changed files with 320 additions and 0 deletions
--- a/14
+++ b/14
@@ -0,0 +1,14 @@
+[[source]]
+
+url = "https://pypi.python.org/simple"
+verify_ssl = true
+name = "pypi"
+
+
+[dev-packages]
+
+
+
+[packages]
+
+ansible = "==2.4.0.0"
--- a/group_vars/all
+++ b/group_vars/all
@@ -0,0 +1,12 @@
+---
+# Variables listed here are applicable to all host groups
+
+docker_compose_version_to_install: 1.18.0
+docker_ce_version_to_install: 17.09.1~ce-0~ubuntu
+nvm_version: v0.33.5
+node_version: 8.4.0
+rcontent.com/jcwimer/ubuntu-template/master/post/id_rsa.pub
+standard_user: cody
+git_user: "Jacob Cody Wimer"
+git_email: "jacob.wimer@gmail.com"
+chosen_timezone: "America/New_York"
--- a/0
+++ b/0
--- a/playbooks/multi-instance.yml
+++ b/playbooks/multi-instance.yml
@@ -0,0 +1,27 @@
+---
+# This playbook deploys a development machine
+# EXAMPLE:
+# ansible-playbook -i ${project_dir}/hosts ${project_dir}/playbooks/site.yml \
+# -extra-vars "home_pub_key=<pub-key-location-to-curl> standard_user=<user_name> git_user=<git-user> git_email=<git-email>"
+
+- name: Install ansible dependencies
+  hosts: all
+  user: root
+  gather_facts: no
+  serial: 100%
+  tasks:
+    - include: ../roles/ansible-dependencies/tasks/main.yml
+
+- name: Apply common configuration to all nodes
+  hosts: all
+  user: root
+  serial: 100%
+  tasks:
+   - include: ../roles/common/tasks/main.yml
+
+- name: Deploy gitea
+  hosts: gitea
+  user: root
+  serial: 100%
+  tasks:
+    - include: ../roles/gitea/tasks/main.yml
--- a/requirements.txt
+++ b/requirements.txt
@@ -0,0 +1 @@
+ansible==2.4.0.0
--- a/roles/ansible-dependencies/tasks/main.yml
+++ b/roles/ansible-dependencies/tasks/main.yml
@@ -0,0 +1,11 @@
+---
+- name: Install package dependencies
+  raw: apt-get update -qq && apt-get install -y python-simplejson python-urllib3 python-openssl python-pyasn1 python-pip ca-certificates
+
+- name: Install pip dependencies
+  raw: pip install ndg-httpsclient
+  ignore_errors: true
+
+- name: Install pip dependencies again because it fails sometimes
+  raw: pip install ndg-httpsclient
+  ignore_errors: true
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -0,0 +1,101 @@
+---
+# This playbook contains plays that will run on all nodes
+
+- name: Add docker key
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+
+- name: Add docker repo
+  apt_repository:
+    repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
+    state: present
+
+- name: Update apt
+  apt: update_cache=yes
+
+#- name: Upgrade APT to the lastest packages
+#  apt: upgrade=dist
+
+- name: Install standard programs
+  apt: name={{ item }}  state=present force=yes
+  with_items:
+    - htop
+    - curl
+    - openssh-server
+    - git
+    - rsync
+    - zip
+    - unzip
+    - fail2ban
+    - ntp
+    - mysql-client
+    - wget
+    - nfs-common
+    - docker-ce={{docker_ce_version_to_install}}
+    - sshpass
+    - ack-grep
+    - dnsutils
+    - nmon
+    - build-essential
+    - tmux
+
+- name: Create standard user
+  user:
+    name: "{{ standard_user }}"
+    groups:
+      - sudo
+      - docker
+    state: present
+    shell: /bin/bash
+
+- name: Add standard_user to docker group
+  user:
+    name: "{{ standard_user }}"
+    groups: docker
+    append: yes
+
+- name: Set authorized key took from url
+  become: yes
+  become_user: "{{ standard_user }}"
+  authorized_key:
+    user: "{{ standard_user }}"
+    state: present
+    key: "{{ home_pub_key }}"
+
+- name: Docker compose version
+  get_url:
+    url: "https://github.com/docker/compose/releases/download/{{docker_compose_version_to_install}}/docker-compose-{{ ansible_system }}-{{ ansible_userspace_architecture }}"
+    dest: /usr/local/bin/docker-compose
+    validate_certs: false
+    mode: 755
+    group: docker
+
+- name: Set timezone to NewYork
+  timezone:
+      name: "{{ chosen_timezone }}"
+  ignore_errors: true
+
+- name: Replace sudoers file
+  template: src=../roles/common/templates/sudoers.j2 dest=/etc/sudoers
+
+- name: Create /etc/docker
+  file:
+    path: /etc/docker
+    group: root
+    owner: root
+    mode: 700
+    state: directory
+
+- name: Replace docker daemon file
+  template: src=../roles/common/templates/docker-daemon.json.j2 dest=/etc/docker/daemon.json
+  register: dockerdaemon
+
+- name: Restart docker if daemon changes
+  service:
+    name: docker
+    state: restarted
+  when: dockerdaemon.changed
+
+- name: Creates directory
+  file: path=/data state=directory
--- a/roles/common/templates/docker-daemon.json.j2
+++ b/roles/common/templates/docker-daemon.json.j2
@@ -0,0 +1,5 @@
+{
+  "insecure-registries" : ["{{ registry_location }}","10.0.0.221:5000"],
+  "metrics-addr" : "0.0.0.0:9323",
+  "experimental" : true
+}
--- a/roles/common/templates/sudoers.j2
+++ b/roles/common/templates/sudoers.j2
@@ -0,0 +1,30 @@
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Please consider adding local content in /etc/sudoers.d/ instead of
+# directly modifying this file.
+#
+# See the man page for details on how to write a sudoers file.
+#
+Defaults	env_reset
+Defaults	mail_badpass
+Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root	ALL=(ALL:ALL) ALL
+
+# Members of the admin group may gain root privileges
+%admin ALL=(ALL) ALL
+
+# Allow members of group sudo to execute any command
+%sudo	ALL=(ALL) NOPASSWD:ALL
+# See sudoers(5) for more information on "#include" directives:
+
+#includedir /etc/sudoers.d
+
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Replace sudoers file
+  template: src=../roles/gitea/templates/docker-compose.yml.j2 dest=/data/gitea.yml
+
+- name: Run docker-compose
+  shell: cd /data && docker-compose -f gitea.yml up -d
--- a/roles/gitea/templates/docker-compose.yml.j2
+++ b/roles/gitea/templates/docker-compose.yml.j2
@@ -0,0 +1,28 @@
+version: '2'
+services:
+  web:
+    image: gitea/gitea:1.3.2
+    volumes:
+      - ./data:/data
+    ports:
+      - "80:3000"
+      - "2222:22"
+    restart: always
+#    networks:
+#      - db
+#    depends_on:
+#      - db
+#  db:
+#    image: mariadb:10
+#    restart: always
+#    networks:
+#      - db
+#    environment:
+#      - MYSQL_ROOT_PASSWORD=changeme
+#      - MYSQL_DATABASE=gitea
+#      - MYSQL_USER=gitea
+#      - MYSQL_PASSWORD=changeme
+#    volumes:
+#      - ./db/:/var/lib/mysql
+#networks:
+#  db:
--- a/supporting-scripts/multi-instance-deploy.sh
+++ b/supporting-scripts/multi-instance-deploy.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+#keep adding dirname's to go up more directories.
+project_dir="$(dirname $( dirname $(readlink -f ${BASH_SOURCE[0]})))"
+ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ${project_dir}/multi-instance-hosts ${project_dir}/playbooks/multi-instance.yml
--- a/tasks/ansible-dependencies.yml
+++ b/tasks/ansible-dependencies.yml
@@ -0,0 +1,11 @@
+---
+- name: Install package dependencies
+  raw: apt-get update -qq && apt-get install -y python-dev python-simplejson python-urllib3 python-openssl python-pyasn1 python-pip ca-certificates
+
+- name: Install pip dependencies
+  raw: pip install ndg-httpsclient
+  ignore_errors: true
+
+- name: Install pip dependencies again because it fails sometimes
+  raw: pip install ndg-httpsclient
+  ignore_errors: true
--- a/tasks/swarm-bootstrap.yml
+++ b/tasks/swarm-bootstrap.yml
@@ -0,0 +1,22 @@
+---
+- name: Initialize swarm on the bootstrap manager
+  command: >
+    docker swarm init --advertise-addr "{{ ansible_eth1.ipv4.address }}"
+  register: docker_swarm_init
+  changed_when: docker_swarm_init.rc == 0
+  ignore_errors: true
+
+- name: Set manager key variable
+  command: docker swarm join-token -q manager
+  register: manager_key
+  changed_when: manager_key.rc == 0
+
+- name: Set worker key variable
+  command: docker swarm join-token -q worker
+  register: worker_key
+  changed_when: worker_key.rc == 0
+
+- name: Set work and manager key facts
+  set_fact:
+    manager_key: "{{ manager_key }}"
+    worker_key: "{{ worker_key }}"
--- a/tasks/ubuntu-common.yml
+++ b/tasks/ubuntu-common.yml
@@ -0,0 +1,48 @@
+---
+- name: Add docker key
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+
+- name: Add docker repo
+  apt_repository:
+    repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
+    state: present
+
+- name: Update apt
+  apt: update_cache=yes
+
+- name: Install standard programs
+  apt: name={{ item }}  state=present force=yes
+  with_items:
+    - htop
+    - curl
+    - openssh-server
+    - git
+    - rsync
+    - zip
+    - unzip
+    - fail2ban
+    - ntp
+    - mysql-client
+    - wget
+    - nfs-common
+    - docker-ce={{docker_ce_version_to_install}}
+    - sshpass
+    - ack-grep
+    - dnsutils
+    - nmon
+    - build-essential
+    - tmux
+
+- name: Docker compose version
+  get_url:
+    url: "https://github.com/docker/compose/releases/download/{{docker_compose_version_to_install}}/docker-compose-{{ ansible_system }}-{{ ansible_userspace_architecture }}"
+    dest: /usr/local/bin/docker-compose
+    validate_certs: false
+    mode: 0755
+
+- name: Set timezone to NewYork
+  timezone:
+      name: America/New_York
+  ignore_errors: true