wip IaC

ansible/README.md

@@ -0,0 +1,3 @@
+# Ansible
+
+## Running

ansible/hosts.ini

@@ -0,0 +1,3 @@
+[workers]
+jenkins-server ansible_host=192.168.100.30
+vm-mixed-100-98 ansible_host=192.168.100.98

ansible/init_worker_vm.yaml

@@ -0,0 +1,43 @@
+---
+- name: Initialise worker VM
+  hosts: workers
+  become: yes
+
+  tasks:
+  - name: Install essentials
+    apt:
+      pkg:
+        - apt-transport-https
+        - ca-certificates
+        - curl
+        - software-properties-common
+        - python3-pip
+        - virtualenv
+        - python3-setuptools
+        - vim
+        - git
+        - btop
+      state: latest
+      update_cache: true
+
+  - name: Add Docker GPG apt Key
+    apt_key:
+      url: https://download.docker.com/linux/ubuntu/gpg
+      state: present
+
+  - name: Add Docker Repository
+    apt_repository:
+      repo: deb https://download.docker.com/linux/ubuntu focal stable
+      state: present
+
+  - name: Update apt and install docker-ce
+    apt:
+      name: docker-ce
+      state: latest
+      update_cache: true
+
+  - name: Start and enable Docker
+    service:
+      name: docker
+      state: started
+      enabled: yes

ansible/run_ansible

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+if ! command -v ansible &> /dev/null; then
+    sudo apt update
+    sudo apt install ansible
+fi
+
+ansible-playbook -i hosts.ini --ask-become-pass $@

docker/vm-tools-100-55/export_ip.py

@@ -0,0 +1,21 @@
+import json
+
+data = json.loads(json_data)
+
+env_file = "env_vars.sh"
+
+with open(env_file, "w") as f:
+    f.write("# Environment variables generated from JSON data\n")
+    for ip, services in data.items():
+        if services:
+            for service in services:
+                _service = service["name"]
+                ports = service["ports"]
+                i = 1
+                for port in ports:
+                    f.write(f"export {_service}_{i}_IP={ip}\n")
+                    f.write(f"export {_service}_{i}_PORT={port['port']}\n")
+                    i += 1
+
+import os
+os.chmod(env_file, 0o755)

docker/vm-tools-100-55/gitea/.env

@@ -0,0 +1,3 @@
+DOCKER_PARENT_PATH="/home/${USER}/docker"
+SVC_PATH="${DOCKER_PARENT_PATH}/audiobookshelf"
+MEDIA_PATH="/home/${USER}/Media"

docker/vm-tools-100-55/gitea/docker-compose.yml

@@ -0,0 +1,18 @@
+version: "3"
+services:
+  server:
+    image: docker.io/gitea/gitea:1.23.1
+    container_name: gitea
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    restart: always
+    networks:
+      - gitea
+    volumes:
+      - ./gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "3000:3000"
+      - "22:22"

docker/vm-tools-100-55/gitea/init.sh

@@ -0,0 +1,10 @@
+#! /usr/bin/bash
+
+source ./.env
+set -xe
+
+mkdir -p "${DOCKER_PARENT_PATH}"
+mkdir -p "${SVC_PATH}"
+mkdir -p "${SVC_PATH}/config"
+mkdir -p "${SVC_PATH}/metadata"
+

docker/vm-tools-100-55/services.env

@@ -0,0 +1 @@
+# Environment variables generated from JSON data

jenkins/.env

@@ -0,0 +1,2 @@
+APPS_JENKINS=/home/${USER}/apps/jenkins
+JENKINS_EXT_ADDRESS="192.168.100.30:4456"

jenkins/Dockerfile

@@ -0,0 +1,13 @@
+FROM jenkins/jenkins:2.479.3-jdk17
+USER root
+RUN apt-get update && apt-get install -y lsb-release
+RUN curl -fsSLo /usr/share/keyrings/docker-archive-keyring.asc \
+  https://download.docker.com/linux/debian/gpg
+RUN echo "deb [arch=$(dpkg --print-architecture) \
+  signed-by=/usr/share/keyrings/docker-archive-keyring.asc] \
+  https://download.docker.com/linux/debian \
+  $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list
+RUN apt-get update && apt-get install -y docker-ce-cli
+USER jenkins
+COPY plugins.txt /var/jenkins_home/plugins.txt
+RUN jenkins-plugin-cli --plugin-dir /var/jenkins_home/plugins --plugins $(cat /var/jenkins_home/plugins.txt)

jenkins/docker-compose.yml

@@ -0,0 +1,21 @@
+version: '3'
+
+services:
+  jenkins-docker:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: jenkins-docker
+    restart: unless-stopped
+    privileged: true
+    environment:
+      - DOCKER_TLS_CERTDIR=/certs
+    volumes:
+      - jenkins-docker-certs:/certs/client
+      - ${APPS_JENKINS}:/var/jenkins_home
+    ports:
+      - "${JENKINS_EXT_ADDRESS}:2376"
+    command: --storage-driver overlay2
+
+volumes:
+  jenkins-docker-certs: