From dd33f3c82361d111773cdfce349dfed0b529a948 Mon Sep 17 00:00:00 2001 From: tylen Date: Mon, 3 Feb 2025 00:23:16 +0000 Subject: [PATCH] ansible: create init for worker --- ansible/README.md | 6 ++- ansible/common_vars.yaml | 25 ++++++++++++ ansible/hosts.ini | 3 +- ansible/init_worker_vm.yaml | 43 --------------------- ansible/localhost/init.yaml | 28 ++++++++++++++ ansible/localhost/local_vars.yaml | 1 + ansible/worker/init.yaml | 64 +++++++++++++++++++++++++++++++ ansible/worker/smb.yaml | 40 +++++++++++++++++++ ansible/worker/worker_vars.yaml | 7 ++++ 9 files changed, 171 insertions(+), 46 deletions(-) create mode 100644 ansible/common_vars.yaml delete mode 100644 ansible/init_worker_vm.yaml create mode 100644 ansible/localhost/init.yaml create mode 100644 ansible/localhost/local_vars.yaml create mode 100644 ansible/worker/init.yaml create mode 100644 ansible/worker/smb.yaml create mode 100644 ansible/worker/worker_vars.yaml diff --git a/ansible/README.md b/ansible/README.md index cf937d3..0f5514e 100644 --- a/ansible/README.md +++ b/ansible/README.md @@ -1,3 +1,7 @@ # Ansible -## Running \ No newline at end of file +## Generate a password for a user + +```bash +mkpasswd --method=sha-512 +``` diff --git a/ansible/common_vars.yaml b/ansible/common_vars.yaml new file mode 100644 index 0000000..52e51b3 --- /dev/null +++ b/ansible/common_vars.yaml @@ -0,0 +1,25 @@ +--- +keys_repo_path: "{{ lookup('env', 'HOME') }}/keys" +vm_user_smb_access_file: "{{ keys_repo_path }}/users/{{ vm_username }}/smb" +ssh_access_keys: "{{ keys_repo_path }}/common/vm_access_authorized_keys" +nas_ip: "192.168.100.50" + +rc_files_url: "https://git.tylencloud.com/tylen/rc-files" +bashrc_file_url: "{{ rc_files_url }}/raw/branch/main/bashrc" +vimrc_file_url: "{{ rc_files_url }}/raw/branch/main/vimrc" + +common_base_packages: + - apt-transport-https + - btop + - ca-certificates + - cifs-utils + - curl + - exa + - git + - python3-pip + - python3-setuptools + - software-properties-common + - tree + - virtualenv + - vim + - whois diff --git a/ansible/hosts.ini b/ansible/hosts.ini index c3e50fb..1ce9d33 100644 --- a/ansible/hosts.ini +++ b/ansible/hosts.ini @@ -1,3 +1,2 @@ [workers] -jenkins-server ansible_host=192.168.100.30 -vm-mixed-100-98 ansible_host=192.168.100.98 \ No newline at end of file +vm-gitea-100-11 ansible_host=192.168.100.11 ansible_user=tylen \ No newline at end of file diff --git a/ansible/init_worker_vm.yaml b/ansible/init_worker_vm.yaml deleted file mode 100644 index 6f14eea..0000000 --- a/ansible/init_worker_vm.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -- name: Initialise worker VM - hosts: workers - become: yes - - tasks: - - name: Install essentials - apt: - pkg: - - apt-transport-https - - ca-certificates - - curl - - software-properties-common - - python3-pip - - virtualenv - - python3-setuptools - - vim - - git - - btop - state: latest - update_cache: true - - - name: Add Docker GPG apt Key - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - state: present - - - name: Add Docker Repository - apt_repository: - repo: deb https://download.docker.com/linux/ubuntu focal stable - state: present - - - name: Update apt and install docker-ce - apt: - name: docker-ce - state: latest - update_cache: true - - - name: Start and enable Docker - service: - name: docker - state: started - enabled: yes diff --git a/ansible/localhost/init.yaml b/ansible/localhost/init.yaml new file mode 100644 index 0000000..4a9ed80 --- /dev/null +++ b/ansible/localhost/init.yaml @@ -0,0 +1,28 @@ +- name: Initialise worker VM + hosts: localhost + become: yes + vars_files: + - local_vars.yaml + - ../common_vars.yaml + + tasks: + - name: Install essentials + apt: + pkg: + - apt-transport-https + - ca-certificates + - curl + - software-properties-common + - python3-pip + - virtualenv + - python3-setuptools + - vim + - git + - btop + - whois + - cifs-utils + - tree + - exa + state: latest + update_cache: true + ignore_errors: yes \ No newline at end of file diff --git a/ansible/localhost/local_vars.yaml b/ansible/localhost/local_vars.yaml new file mode 100644 index 0000000..ed97d53 --- /dev/null +++ b/ansible/localhost/local_vars.yaml @@ -0,0 +1 @@ +--- diff --git a/ansible/worker/init.yaml b/ansible/worker/init.yaml new file mode 100644 index 0000000..60765c3 --- /dev/null +++ b/ansible/worker/init.yaml @@ -0,0 +1,64 @@ +--- +- name: Initialise worker VM + hosts: workers + become: yes + vars_files: + - worker_vars.yaml + - ../common_vars.yaml + + tasks: + - name: Install essentials + apt: + name: "{{ common_base_packages }}" + state: latest + update_cache: true + ignore_errors: yes + + - name: Add Docker GPG apt Key + apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + + - name: Add Docker Repository + apt_repository: + repo: deb https://download.docker.com/linux/ubuntu focal stable + state: present + + - name: Update apt and install docker-ce + apt: + name: docker-ce + state: latest + update_cache: true + + - name: Start and enable Docker + service: + name: docker + state: started + enabled: yes + + - name: Create a login user + user: + name: "{{ vm_username }}" + password: "$6$OhH/TOtjPdxJgC9i$1ytWcV0yBuv5b4Momkka57tErCc4UqvG0zqydyyGQm3OXSaWPHTLHxvPjeCdA9B8T0./eXawj62xZ7gVtzokG/" + groups: + - docker + - sudo + state: present + shell: /usr/bin/bash + + - name: Copy authorized keys + authorized_key: + user: "{{ vm_username }}" + key: "{{ lookup('file', '{{ ssh_access_keys }}') }}" + + - name: Download rc files + get_url: + url: "{{ item.url }}" + dest: "{{ item.dest }}" + mode: '0644' + loop: + - { url: '{{ bashrc_file_url }}', dest: '{{ bashrc_mount_path }}' } + - { url: '{{ vimrc_file_url }}', dest: '{{ vimrc_mount_path }}' } + + + diff --git a/ansible/worker/smb.yaml b/ansible/worker/smb.yaml new file mode 100644 index 0000000..d4ed96d --- /dev/null +++ b/ansible/worker/smb.yaml @@ -0,0 +1,40 @@ +--- +- name: Set Up SMB access to /apps + hosts: workers + become: yes + vars_files: + - worker_vars.yaml + - ../common_vars.yaml + + tasks: + - name: Create .cred directory + file: + path: "{{ cred_path }}" + state: directory + owner: "{{ vm_username }}" + group: "{{ vm_username }}" + + - name: Create remote-apps directory + file: + path: "{{ mount_path }}" + state: directory + owner: "{{ vm_username }}" + group: "{{ vm_username }}" + + - name: Copy file to .cred directory + copy: + content: "{{ lookup('file', '{{ vm_user_smb_access_file }}') }}" + dest: "{{ cred_path }}/smb" + mode: '0404' + owner: "{{ vm_username }}" + group: "{{ vm_username }}" + + - name: Add ~/remote-apps entry to fstab + lineinfile: + dest: /etc/fstab + line: '//{{ nas_ip }}/apps {{ mount_path }} cifs credentials={{ cred_path }}/smb,uid=vm-user 0 0' + state: present + + - name: Mount all disks + command: mount -a + diff --git a/ansible/worker/worker_vars.yaml b/ansible/worker/worker_vars.yaml new file mode 100644 index 0000000..2a6267c --- /dev/null +++ b/ansible/worker/worker_vars.yaml @@ -0,0 +1,7 @@ +--- +vm_username: vm-user +vm_home: "/home/{{ vm_username }}" +cred_path: "{{ vm_home }}/.cred" +mount_path: "{{ vm_home }}/remote-apps" +bashrc_mount_path: "{{ vm_home }}/.bashrc" +vimrc_mount_path: "{{ vm_home }}/.vimrc" \ No newline at end of file