From 3529072bea2ad9fc3f8b60162f47cb9ecbd1bde9 Mon Sep 17 00:00:00 2001 From: xbazzi Date: Wed, 16 Jul 2025 17:14:16 -0600 Subject: [PATCH] Docker Swag setup --- inventory/group_vars/all.yml | 282 ++++++++++-------- .../group_vars/{prod-vms.yml => prod_vms.yml} | 0 inventory/group_vars/pve-nodes.yml | 2 - inventory/group_vars/pve_nodes.yml | 30 ++ inventory/hosts.yml | 234 +++++++++------ playbooks/apply-firewalld.yml | 4 +- playbooks/build-and-push-caddy-image.yml | 18 ++ playbooks/configure-pve.yml | 5 +- playbooks/deploy-swarm.yml | 74 +++++ playbooks/leave-swarm.yml | 7 + playbooks/provision-alma.yml | 5 +- playbooks/reboot.yml | 6 + portainer-agent-stack.yml | 39 +++ .../build/caddy}/defaults/main.yml | 0 roles/docker/build/caddy/tasks/main.yml | 43 +++ .../build/caddy/templates/caddy-dockerfile.j2 | 16 + roles/docker/setup-lvm/tasks/main.yml | 19 +- .../swarm/leave/defaults}/main.yml | 0 roles/docker/swarm/leave/tasks/main.yml | 6 + .../swarm/mgmt/defaults}/main.yml | 0 roles/docker/swarm/mgmt/tasks/main.yml | 1 + .../swarm/node}/defaults/main.yml | 0 roles/docker/swarm/node/tasks/main.yml | 7 + roles/docker/swarm/prereqs/tasks/main.yml | 18 ++ roles/docker/swarm/stacks/defaults/main.yml | 0 roles/docker/swarm/stacks/tasks/main.yml | 39 +++ .../swarm/stacks/templates/caddy-compose.j2 | 27 ++ .../swarm/stacks/templates/nginx-compose.j2 | 23 ++ .../templates/nouse_portainer-compose.j2 | 28 ++ .../templates/old_portainer-compose.j2.old | 32 ++ .../stacks/templates/portainer-compose.j2 | 40 +++ .../stacks/templates/sleep-forever-compose.j2 | 23 ++ roles/pve/lvm/tasks/main.yml | 72 +++-- roles/server/firewall/tasks/main.yml | 111 ++++++- roles/server/kitty/tasks/main.yml | 14 +- .../mount_nfs/defaults/main.yml | 0 .../{util => server}/mount_nfs/tasks/main.yml | 0 roles/server/nfs/defaults/main.yml | 0 roles/server/nfs/handlers/main.yml | 0 .../alma => server}/nfs/tasks/main.yml | 4 +- roles/server/nfs/templates/main.yml | 0 roles/server/packages/defaults/main.yml | 0 roles/server/{dnf => packages}/tasks/main.yml | 5 +- shell.nix | 10 + 44 files changed, 935 insertions(+), 309 deletions(-) rename inventory/group_vars/{prod-vms.yml => prod_vms.yml} (100%) delete mode 100644 inventory/group_vars/pve-nodes.yml create mode 100644 inventory/group_vars/pve_nodes.yml create mode 100644 playbooks/build-and-push-caddy-image.yml create mode 100644 playbooks/deploy-swarm.yml create mode 100644 playbooks/leave-swarm.yml create mode 100644 playbooks/reboot.yml create mode 100644 portainer-agent-stack.yml rename roles/{provision/alma/nfs => docker/build/caddy}/defaults/main.yml (100%) create mode 100644 roles/docker/build/caddy/tasks/main.yml create mode 100644 roles/docker/build/caddy/templates/caddy-dockerfile.j2 rename roles/{provision/alma/nfs/handlers => docker/swarm/leave/defaults}/main.yml (100%) create mode 100644 roles/docker/swarm/leave/tasks/main.yml rename roles/{provision/alma/nfs/templates => docker/swarm/mgmt/defaults}/main.yml (100%) create mode 100644 roles/docker/swarm/mgmt/tasks/main.yml rename roles/{server/dnf => docker/swarm/node}/defaults/main.yml (100%) create mode 100644 roles/docker/swarm/node/tasks/main.yml create mode 100644 roles/docker/swarm/prereqs/tasks/main.yml create mode 100644 roles/docker/swarm/stacks/defaults/main.yml create mode 100644 roles/docker/swarm/stacks/tasks/main.yml create mode 100644 roles/docker/swarm/stacks/templates/caddy-compose.j2 create mode 100644 roles/docker/swarm/stacks/templates/nginx-compose.j2 create mode 100644 roles/docker/swarm/stacks/templates/nouse_portainer-compose.j2 create mode 100644 roles/docker/swarm/stacks/templates/old_portainer-compose.j2.old create mode 100644 roles/docker/swarm/stacks/templates/portainer-compose.j2 create mode 100644 roles/docker/swarm/stacks/templates/sleep-forever-compose.j2 rename roles/{util => server}/mount_nfs/defaults/main.yml (100%) rename roles/{util => server}/mount_nfs/tasks/main.yml (100%) create mode 100644 roles/server/nfs/defaults/main.yml create mode 100644 roles/server/nfs/handlers/main.yml rename roles/{provision/alma => server}/nfs/tasks/main.yml (91%) create mode 100644 roles/server/nfs/templates/main.yml create mode 100644 roles/server/packages/defaults/main.yml rename roles/server/{dnf => packages}/tasks/main.yml (82%) create mode 100644 shell.nix diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml index 4c9b916..1a3161a 100644 --- a/inventory/group_vars/all.yml +++ b/inventory/group_vars/all.yml @@ -1,130 +1,154 @@ $ANSIBLE_VAULT;1.1;AES256 -39616266383865336462366632626362363833643065393933373338613261373735643832386232 -6336303836636130346365356432643832623532633533350a626531303736363639356234633562 -30643465633332373232356630623366393232343166653633383165303535336139306332366438 -6165646636613135380a613165646136663365373030663662343935393564323761663661396365 -64373438333961303662346666383264383037386564623232623531636462336639363133333431 -33636133613665353066313264386666633763616566623334373232333330613638306264656461 -36306639363138636239663564343161303762373562626634303831613431373861633333326263 -36663733346132666234336232386636633031303663623236623434333532346533376139373261 -36393931393839663934363130626266383638623132303034643862623538643538383065623436 -34633938656466613436633561393165613863336332333166393565313332343230393866333466 -35343930366634646263396239363935313337366135656461656630346466663634616563616633 -30333463326330303032363830336337386431616662316461376565353565343835306464336636 -30623531366230316363393138343932656661343430623164393934333534633764393434323837 -35666233393662353337633136353832366366373265313834373837666635383232383637646333 -39623361626135316138373836633163313265663337333435643030313534643464646636363335 -35393939393733326661393533633766613133333034383864393730663863303536643963626438 -35363437373165383762333862653030333138353737646663616465646431653933313761366163 -35316632613434313239643934643061656164656135303032373332363166303561383932326531 -63346463343331656638386637303762303136313461646361343838613030346533656166396333 -36336334323433626639623737383564353263613364616239336239343733356233353034303135 -32356266653461646336363639303238323835316232316139366631356139353537393435666238 -32346439656238373735626137346332616464363864653963383535313137646666363534326263 -65663162633764646663343263346533363462333836623764643239646430636232636634393938 -62306465663338386337393562306565353163623832343532313263323537653938346562396661 -63643033646534656431303232613634333863343034373066346433346364633036306636616134 -39353830356138616366643931636134336264373635346662396564363038396465386664356336 -30343737613933653631353561636630366633633533336437323031383434643832383264326135 -61343361336430613261666434386266633133333463623638363633306438303232376566336134 -39626461313633656363363661623437303263353233396335663236363730323038396539306266 -37613362643761663661663162613861373261373365376230343737326239323631373537613939 -65303865633931326335303131666161616262306335666639626137323763316562633035376530 -64633532356339313333373435663832663138656132323565633431363631326632383365353361 -65366433323661386465656631396537653738373566356165336337313865383438393831646339 -38343436633263613363313431623765353763376436633035356134396432646466383865323435 -63653066643230326466333066336435343536346566366264386234376462383230366435373237 -37323536343637393264353762613964613335663830623631663364646337326232633462623930 -39383263336266373839643430646331386365326135626231656638373164393062653331643161 -30393732376239396366366334393164333663333435626530386134613162646531623538383931 -37356539666239313332663330653762323232373332376461633936326464323963316136383562 -38303133333466303430626531303762303264636134373935363538366461393831623064656235 -65306261393064633637636266343964373063323536663864353838326138383635363965656233 -37343763353463356630343766383661313665313837663766353638303939333763323436333332 -37333334633463303063623530653261316563666237623266643065306464333238316639366637 -35653562313562333962633939336263666539373935373339633531326533633537633434326533 -63633466653931393733613061373130623565613466616132343066626532376531643939346261 -38623866396264353130636438356134623937653938323837613266623934373531323837646633 -38373334343834663537323566373734626638633836393963323830396639383939376433363766 -31353330643434313630306465303462383038353161393966316434616162393064623330343364 -62626634666232633032663730396232646662346365316236623239353037323137343562613533 -66393132333539323032623734623339326265643839313131386163633833306633386430393362 -36613738383131646530626235393832623261313431366432626539633964643531313965656132 -34383565663434333364353930613765353839313331326366653639616337366438656436383539 -66316235383032636163366361336432656263623166663537343039633161393764383162323137 -34363163346630646363363930333032383137356164653537623539376163366231363664303764 -34656564643833353464326539333737356335376330363031383738306237313934386434343466 -63303439356637373032393663616366353236663834393363613266313535663535613735393731 -38323930333465623434363461613631386238386537356330393461633437303064666261633535 -31616530616438633264626665336362646336353633656231613238353163613638393439653765 -37343433633738616537373835326265656264333561376538313236363434303666363134373438 -33373139363130343733623165393565343637333561623531343730303465313635323264306363 -34343232303233643938626537376333393561386361306439373836633338666464303134396131 -38663137386436363965306265643262353834303765363463386331306333313262363331386432 -62363062326335626264633461363338636562643534336464653738326235633534343461306331 -35376161383534666333356538643837343233643131626433376232313361633034353064343263 -61343965343137383737646232383733653933376463613561303136663135646266313864373438 -61373562363830323130363161343861333964613239393333646364363437376561656463656639 -35656635393732633064613464613331646263396566383836646163386330346162363334646365 -30313335383839303535303833633561363538313133656566353130366638363761633038363562 -34323933313137643837326136653931656661613462393763373832633432393737383631336366 -39393066633638396237373936633931643133366365653032373235633861396465633064343562 -31393635323161363532383364353631616539396432356230383636653435663865373839396462 -39343732326630306534623466333937336530636636636564323762303462646264623036653834 -39663131343762333939343136343965623634633366346239303131346638633837373534666461 -39313436333966656334316461626137353030326533386631353639316264663839653563633635 -36623563626365653338363530616666333030306662626661373063386135636461333231646430 -39383737373761363039646666313461633763316463656134623661613631656466376332616239 -63633930303030633236396664633532363936363735396664656137333831343336623663333037 -33333564383262316436323863396235636337653837376366363539343064366437323366393164 -38373262623130623238326661636630383432656261343264313663326539363962356134393266 -64633636363661336433633662316366613531376632373532626438643336396233353038383662 -64333734653662663666363264363431643534616636626263303638393864613062323364353131 -36356637336138663135306635316666623137363931643734393734316238663661666563343931 -36656463643833653837633539326565373933336634626663333864383866613366613966353636 -63653263626235313635333764303139356162356335666430313038646538303464396631356439 -65363734393230333837633334313762366638366231383535383132353165373063343731353864 -37313463653437326231383338666434323035373664393730326632386533666234623131356263 -65653931663232356663336537636531363835336633366264666162336233633338653334623530 -36636266626630666333313034353262663164363638323335393766373961643366646138653634 -36656131393435623337623663326663313139633862663833663438343463626231363635383834 -34643166653830343235316561333866653536323833353061343737386330303837633233643230 -39643436386562333536376230353865626563393266323737303237303362346463373232383232 -66633939303536343638313132346231386265346232613134306330653934356130626333376662 -66623661353436653263653638626138656331666333653431333661383364313530623437353766 -32636564383132613336303830343164346165386166656433623666363333636532623765623261 -36626466343161363030353036326566646363613238663262653632323137646165316362346161 -35396232666539343366373230393466396434353263383138396662343165383566346537666330 -64316434383938306561353164666534313038653963303330366362363233386638386466353539 -35396266373663343863356538333963363934653439623965376533383066393234616534323565 -66336562353634313139316230646531653432336130363838616434353663653261383061383736 -31376432383531333231396336363936373031313062393437363637336538613431653237353866 -64663630346333333730613765346266663639633766353533343263303166616465623162383530 -66353065346139316635626630623838393166373163313064373637333038333662666363343961 -34343265366539366632613139633339333437663533356538303062393834306335376537326563 -35323137386439303332303032346366656164356634633139353339343731613862396132323464 -31376333656364373361396461386538643765613636323236663736303633643663323163313136 -64326338646639336462306261633535653237333432646238656636303837343134353534363962 -30613132376336326234396138323331613536626663346433393739373761363462373865323931 -63333166623637643033383332393933333137656437366633306232666332626239373065366437 -65633636343263333664336264366237396639663530343965623564653938383032616465643333 -36383933613163626531343762363739353761306630616539666561363834616335616130653039 -64326133623034636133376164663439306539383332373337393864306663366630333337636633 -61623931663237333566663035373965663538666630383934656139643237643733303035303534 -61386662626162616635333739386131623130326165663162333230336666393564303738353265 -38363039616161396534373638633366633432386534363765326134353131303061303965383161 -66623930363831343837303062326433323237306335376331633536626263656338313464323637 -37633563303566396232616432386466666235646631616134643662643664366630343534613632 -31353561623663366237653564626233653136363665646530643563366332386566653965346164 -35356339626365623235306231336634626233653635626235313638396135623437393061653661 -38326636663733663632393561303062613635346237346562666233636563313166623935336631 -33353139633534613333353339373636323563366465383037626537353437396530316235613439 -63306332343038633633366262653732366534363035363564386461303363383763643031373139 -65613930343937306639393130646366333835353463626238336533343030386134323135343131 -37356266666562376431643564643731623439616533353536626461643130363764323262653636 -30363961616636656362633731643563313432316363373461363532366437666133373438353839 -33373564383231343936353262383164636336353462303739653135643934386263323061643939 -32643931333030663134636638333561646232353663343761323138626539336431633539363937 -38643435373539623961386135613232616466653665323231383631383462613565363265376261 -63383934663662643832343835626364383035313663666561653233653430346661343936616164 -38333463653034393965613338313336396666646236316338383065333733386633 +62383366386230336630626434386666316235646463373139323933663532643732643063616333 +6130626166363661393036626536316262663436343362320a306533643533666462366365666436 +64643666626266316334346263626531303738366130336161316438626363383465613539626561 +3439663333393633640a346431366436356265613931313230383735623636663162386335653039 +31646565643831376334346530613634383937633266363431303164613265323662393262303161 +32386334346335306334633865303933636331323834653563613333306332643261323766353534 +63373864626530396265633036306133303134336432363036373032663366346438363763623931 +39633838666662353334303735633566333532396363386539333263383938373630356364353433 +37656664343030653331656165383232336438626636333337363331663438393938666564356461 +63613264633631393138656466643138376333613430326166613932356238363063303064396639 +38306136663563383638623863366561623535633864386635366433366432306631653036663639 +30636135313738363565303437333238663766616337376664303031306435353961646330643939 +64353064383762323938333638373138393065626262383362386562656432376134316630333532 +66623661356366386361373536613932656465393161663033626232643832666461326234646331 +33623061653561616661633737313035383163316239383137316263306466383733363263376633 +66343663633536306232346530353065333765626132666663363637633065633565303862326661 +63313066363438613737616661313133383638313934666637303836366665353564333964363030 +31623566623365313133316432643465386466383230666135653530333439326566323833383833 +38346335326363346465613636613033333865666138313932653333323666336439663535646235 +36666462393061353639383332363837343837636161396134343638663936663461636363623937 +39326165663233653966343663323031656639356538373233383438303065393036373931303263 +64363937663535326530393539363965303131303036323663646264313233393464656336343935 +39336463313163653134356231656134333765656536663639393064663264333861333531633232 +37333035666264656166636534306433656265386133393033656634356335336532356339333031 +61363633373266343738343137653162313064643166383266346435646464386630393032303433 +64323434376432653234346237323362386463633832303133666331613965643333303234616665 +33383732383064623832363939373931313433393966633131623462343033616363616564336332 +34363635303762653262313930616435313935636536383161663136373932383438373634666164 +31666335303336633035643266646131333030303165623866346466653936653961613234366338 +34616434613966666636376161633336653561383438323335366632633561323235623635356437 +34636433636266643633306436613033353761303037636333306439616534383330616466383362 +64373065353065643439343766313338626537616663653739373832616261346661303937326437 +39386562303632383134393563646236376439636664363866623864626637613332326266663038 +63383632313737323637623732343635656238323531383164303733613965396634663937313532 +36633238396637373663663164623137353262646135626564343938386133396534343336623266 +30636161386165663435323634376337303665316366366336373763396531653330393461353934 +62336332336262363962613463633031363734353262333134656364353439303434653364353738 +65373739373939643931343139316438383330626264613538646532336366386636613034366634 +63396239353865306230303137626463663134663762363335653533343432663964666138396262 +62326431623366323531666638646633663765616230396633316464333533316562663236353863 +64646163356132356131613832666536653962316136626430323037656531616363306337346663 +35626339636633653136363661333663363439386265346530623832323062623931383065333534 +33633633393135643763363961623065383737663937373965613166653335393565653066653139 +66643563626533373966353835336433353036336239363763643763636631303333363165313738 +62336466326533366330633265393535663938383436613533373838316162313138646166393539 +61383265326535333963313537626139306332613638353434316130306263313061333162303639 +30636137613466653663363935666535373939363236643238613638666266323532346234306666 +62383937646436656239316633393736333731643834663838643431663636353138316566636130 +35373166303936636336623862353331626331336163383262316262306339623735633037376437 +37336265613164353766623363303734633262333037353036393931643134323539613432346264 +62356263666632343763386432623066303633353862366135643564323239373762396234343464 +35366666396331636564643464323236373665663239666666636430646438666563336235346536 +32356531363864303033366435613539633335636565643536653862386536646664306165633764 +66646663396238366563313536303036383765306530356332396438633835376166343266633161 +62356334643438366565616131396561616339396533376534623164323237666435623030633139 +62383633626631616664303966313833373635376165376339663231353730306639643638316664 +65636533613565383834656462393139623433333761396235356231383836373736646636353766 +34343564396461363438616263616131386537663861326663666137303566643165623462366165 +65643232396536343430343039313337653139366137633937316239666465626236373966353831 +30643866623663313337616337626365623137646262626564303663653936393865323030306130 +39643263646239343466626235613862376262633535613232653336633931393662363065393135 +30643463326130633561316533363566393666396636303632383230333164326565353430376537 +30626261666639303736343338323062653633303130376530303632366633633261326435333162 +38653638313233643832373437363764363432303432333765613631613931303931616163333439 +63616439373862306466333939366234653531666363303234353939613136626336396630346261 +30623661643165326432386134616332313564393431393761633763663834363234323937616262 +63646132373335313165656434653166623038636165366631643935626330616330353231663763 +33646163313038383730633332656338313161646234363438626636636634316162363034623733 +39393362366661306332636334633864323034376661393932633232643233393039343032623830 +65383230316434336566363735646339353739333962633061326631396265363530333239376337 +36636435623139316261643037393036333861646566313330346565323838643464353563333635 +31343530383535356136333262636566383934633831333938373130346538663531636563646637 +62616632373631663935643237373863383235363433636463333339363236353662356364313038 +62373563663263633834616361666135303137623663653436616463393737303238336230383037 +33303761346536613334653230656638613438656439663437383431613966643563613331386635 +36663130396663303963386562313030373737333065623534373433336264303233663535633638 +61303562313663376263616334383134373534346563373962613961623932653337323730373737 +63346339323232636161613336393935633837383739316232646139323536326262366164313635 +63653663383061353131373365666262663166633161613432346130356265343731643035316561 +34383635313866373134313164613461333734616539636561323935643633643338613136313661 +64646232356664303939386634386130646333326365663235376661626464326262616430383932 +32663533323436333337306533373636666165323437613537376261663535353335326166616539 +66663532313631646236393762633863393866636337353131633430643565346435313330386533 +34303931326163623039616338386662376136376563303738306237306137356533313663326538 +32623230303036323439623034353635313230323635653838306535653464323230323632613763 +36393431373933383064343030623535323438653761303333316466306136383330646330386562 +35626438646439626265663337363534363132616461663034326363663632653038346666363066 +35616566626362646664373663376136356663646434353438613039373135666532336461343332 +36613763636634386263623830643633653766313738376437663133316431363361363565343632 +65633338663463356463323531653164323866336536346662313563643764356139323862393439 +65623930623465363230346565353933306266353264653034643135313333386666646262393437 +34356535613938643038616265336436653638636631386162343939653239323533656238643637 +36373935643437353537623534326132643935363636656630303330376535623632653962643966 +31393432336238636336643033366161623833356637376564663435313936636431653632343732 +36363863343533366535643834653064326662353061323964336666666137386337616233616133 +66383762663734656337373336653665373765303066626563663866346463353937323063363136 +62373039306338633834373631386163616234303961393437633037643965653435653366656466 +38653666373734623232646135393639393031656632303566333839646339353738343362356231 +62633535303261666636326634396634333835323432366332663535303536346533666530343037 +33363366306462366131323062633865613361326438666662353936346437313836333235333536 +66363638656631383433323931343661623135356264386135613831326563643665646538326435 +65353465316264633265376331613166306264636661626330646334633662666233363431373037 +37323231333134343030613361616631336462313435373431333331316639376637366532613262 +37373365633361663934373232376562313139316366323734353162313961333134646635616532 +39653636623165643864356664366231326532326236613061393339306336383432646230653333 +30643964646433323764643461396134663264346232616438373336303338343662336333363334 +35613438356534306464656332306539643631343063306230363661376133353937393339363038 +66613034376633393936303537343034626636333466316532356238323239343739343631343961 +38353638623762353836353061383865623430633432393966306433316631363061343032636162 +62316264366435383935373161356463393531636534303830383039656139643031306261636561 +65306330306233636164313064343462393135316161373837343565616530646632383038366136 +64653162616463366338623131313832623432316232633366633636396162393639653339333664 +33336664333930643430346332373237653630333262353965313261393562356639623665666636 +61656636646262663664336465383965643536346561363731656366626533666633303161323732 +30656362656337353764616330643934646433343364343435636538343236303964353064363961 +33633438356632383934303134653134386666323732646161646339396661373664323833633363 +37616361623566333631646534353039643931666335333730633738383834326538376533343937 +34376666313335383566313838656539326537333739656563343736646534333764383034333830 +39356366653033373861626238353766343462366165363530653930333562306336393165303562 +37616662613136393138396662316466376561346564353035336439323563616333363638366236 +64626130343430616334383531663539326165363231653964613232333132303661373066646663 +38303366653864656234376463363665306230643265313732356636323164393738383534383133 +37346564353736316461653265656330353730326337353962313462373934626531626666366232 +31366263623935636230383634623539356534323739616439613834633030366563386539366665 +38646136653736613130623231623236613639396534626636333339663638363461646464326163 +38376638643063616431666465623563353966373364663739393763396334663630323263626162 +37353239616331623466393939323835323935646336623963326162333832303535303231613038 +32323265636436313635643533613334336666353934333739303062386262373338336234343866 +38623330666435636565393164626438616531313264656131336261363064343831643734383230 +31393333623065353035376165333939643165636666613739383036306139653536333237626465 +33356564393738616438353562306437616565346439306634626333326438336663366665333837 +34353032356337306662343039313939336331363030303537313736393761313736663235323138 +37333061326664323730383834326164313630613265396237626531656232356436386434366638 +31313465623763323761363861316434653032613863306364613235333039313733666337383833 +33646362616239376664376534396630326436363235336234306439386432626130306338616337 +65306538623830623336623362343465323731646364613263623462373331313337626161303536 +33313036386563383337323734656163626466323036353233663862303730356561343564393764 +36343330613634373561303039316464313233336137666339353739356631363365303231306332 +33613336333562376266346238373438633862323234613864336633653932353037383935666637 +35326235336161316162643366653334626365323733623534353439313239396230333133343238 +37633263336165646234646332623931383432396137643765373135303265363739386236353463 +37373061663035383837346463313139393864653035346434343664633037383434363136373739 +62303963636263306337613163303134306637623333363061386132653563343835386264346239 +35643461343962613637663438613263373266626531653530376437363230386531336461366334 +63313963616334623937346437646630656439636264623737303839363336323261333634303236 +32623664383431366531623236663565396332353639336634616439353233383331383434353136 +66663666396438353231363433366434313465316633346536333930613832373065633566626532 +33663530326164383032383530663339643838343533326230616435633964343833313830643137 +33393064313139656434666563666663383236656562663937643532646539313666303034306633 +65383133663338623033353233653366386639633264613338306437343432356462653033323136 +38376434386361306137323336356463623533653364666664313064336139353564363162363633 +31346139616635363131346361333262333763653737373063306463376132363862356662633865 +6464 diff --git a/inventory/group_vars/prod-vms.yml b/inventory/group_vars/prod_vms.yml similarity index 100% rename from inventory/group_vars/prod-vms.yml rename to inventory/group_vars/prod_vms.yml diff --git a/inventory/group_vars/pve-nodes.yml b/inventory/group_vars/pve-nodes.yml deleted file mode 100644 index ba8d206..0000000 --- a/inventory/group_vars/pve-nodes.yml +++ /dev/null @@ -1,2 +0,0 @@ -# Either wheel or sudo, usually -admin_group: sudo \ No newline at end of file diff --git a/inventory/group_vars/pve_nodes.yml b/inventory/group_vars/pve_nodes.yml new file mode 100644 index 0000000..06f608f --- /dev/null +++ b/inventory/group_vars/pve_nodes.yml @@ -0,0 +1,30 @@ +$ANSIBLE_VAULT;1.1;AES256 +37643564643838303332353264393632633132346563613935393837386230363836646433316237 +6666323032363632323636316334643334343233333833330a336236313566643033333165653564 +63663837626362393930326234663735633231333762653964306636386466346366633432386533 +6233326361633434660a323633363438643231383739633335623932613964316165356633616335 +33323833656461663961303064343565333335353935633935336161303336326535363538303465 +66313338326333333534376562633933626438633134303739653261613464633435393133613439 +31653634616339316164336231303430393665323830616262363639656438353562373766396164 +64663766323635366332333634643864323439393539303063396334653563393139613932626433 +39306661393665333337613031386635623363343235616233613233363134363533346635316533 +62343633636665313539666431356164373538613261396136363761643634343734373237396237 +62376663663565353835363030643230383639363337636331616166323430343033343633643261 +39633736653266666539316337333162643334663037313639633164333961616237333430643163 +66316536353130653363366533663864623264393030393638666361666238353565363135356432 +36353437666231343035313565393137616166303734373432636130363433393561363235383235 +35333835343763343663616161636339663036336462316161396232313937663339336331333062 +31616639356338323637646564373034643963393830653365656337666461643762643439353864 +33356430393636353365313165396562653063666432323462623430663932623938373338386430 +63336165316364323136363432333839643730333365333962353733323666643766643461626630 +63343630653830333765333936366363396436663736333235393734363962336363336436346234 +33613133653232613833376663396536343936326565633731633433373731396439373265323366 +38356539376335396138623633336133656139383133663131643064353064353631356537313065 +33353962313139366538343463616562353965666636643563613636646165636130613330393431 +61303831343561656132383363313461663738316534396132326135373533376362356363326233 +35636337623133363364656630376132613739383135653330613466626164383637336164393634 +64323861363233613964393039383262353732666564366434643837653832616137323431623232 +38643566306537373334356430613639633763303733636633346637373437343937653031643431 +39313861333239353730366265623535333735373762386162363036303432306632373439363634 +65366630366130396339373539663266646637633539393937353038363562313337303462373466 +38326133306161383364646265656265643533623638343938303933656137386239 diff --git a/inventory/hosts.yml b/inventory/hosts.yml index 9bf8279..5ea4849 100644 --- a/inventory/hosts.yml +++ b/inventory/hosts.yml @@ -1,96 +1,140 @@ $ANSIBLE_VAULT;1.1;AES256 -62366335643230323366613161383861316439656434313330623464306432356461346231336566 -6435613935306131376665396137323438643866343237320a316637626430353565386436626265 -61643937323530323336636431373533306366393336383230656634343730353834366435643130 -3165303635333336620a346339653238636236336138636438626334663537363166626465663931 -62306561663364633038353166643134643830623463313864343030353264396631383563326537 -32626261363738366364333536353466333933313663383464363831313438643966623166643562 -35633832643832363731616164343235363365396436646262336238666663383437343231323634 -30346164613735333531366638306362646464363238346636383930353636623561333839643464 -65613665633438353737313538626137323234363666346335386130396264363665333763633966 -31326137326666393839306361396164353333306636303431623038626466613337633662363130 -35633564646361336561303135313135353933376635373965633165653032396430363266333964 -38653033326435336437336339373866373761336533336432336562633965316663663230343138 -33656135653238363733313565313837386334613339316432613763386536313437323161376264 -32386333383933653966666530646339326434656634343563316364393561653262343231343039 -37656266396330383262616661343239333436396333643665646563653037613835666435393432 -35643730613830643938646664653231383336653238333137653639373966393830323562623064 -30383433396265633430303266643839643936373631393164386437633733363430363630323235 -33636538613634333333396135626633336335343663396336353764383262323231373366383163 -36366634303465323531653138623564343963656335646134343333333732356262623737356138 -66313034326537373039373962336333616232663164373736366463646165363530306165316330 -35656533306464646561616166326466633864386630363636323631663766393932643332623736 -39323334666264663665336330383739356130373661616532373665643766623939316262313066 -34623561383861653433363161376334383738623937383535646638646462376238333530386435 -34646238613334363237303035353963323935393464613437633364343061386562373264633862 -64393439636162633138653332343237663039316565613730336338343638323034383931663831 -38663666393831363635613138306439356238313735396439363739316439396465656264653663 -66356263336331393264353432666463353566653736613035303834396639323330623366653838 -36313566623066656363636166623133383533376637656262323738656234396262363736343564 -37363964386338333336646462333865653636393138663738653538306435376435626335303466 -61373532316138386330303564663038633261363632386531323836646335626566616333626366 -65616366303131653266626164633838366433623839353863316363396362383564396539376537 -33626236356438346233333463633137323064373234333633316534653339613830333836343039 -31313836363361613431326464626365303365393464363765633637373362616438386330633838 -34373238333761646466353233613431346262666330633631353239623635616538316261663137 -35616636333861323031343365623937363935656236393861346164306662343832323034623034 -61656535613836646436393634613462346633393630303634663137333139303737636139633961 -62393230663164306230363036613365666431623662623632313364333666373361303832363534 -36383134383662323135613334326633323131646339626439393732386536613764393634333462 -35643966313231323338666435643037623434626163633362663161653635666161653236343634 -62353039346633336134346662303531326565636332663764333631303833633436373166326338 -63396466613161316430626235653962336232376263303231313562373938646637316162316438 -36636366363634393335633365623435366162636131363762666666656530303765343364656233 -39653961656564333736326335666462623631363739653938333131366139323566356564393136 -37396463616138643635306237613238356539643032633963616665383939313337376232616664 -36623262646639636161353564303135653637333166656231653766313532326439383236356234 -62623132313739346530643261656535386362613935333063636663653333346632636665333330 -39343335623738656631393666386433343761336566326235343433353235336436663535343964 -34336334356531353665363165643165346635343164313137303834336364383735666361663037 -63386562323533663564333232613466343137393531336633653064373833303966613639363530 -65633765306230663965373863633935316531653834666662346436383664656463346463383839 -35323166343937643635633039666530366365623038363437313738393062646233356637363366 -35303330383538333632616132313632313365313531313665633564343937333833393832626362 -36333862386537303464623336393737643439626264633532633034656666353638386635373561 -62313534313531613533623032616163663130393638326566396630373030653437633466326231 -32396631663864393031643233663139306263356266646266363033336466343535383238313238 -38366238326235666235383264353331383334653964626538386361373430306332613530616435 -30393163313434613135633066653861346132373130653639613965363861323131666266323663 -62333662313862313736346533363934303362633862363632363863323566303334326537633966 -64356138373465613430303636336631363939383463656565326633353036653436643331343037 -34396364396365383733366638623765313737326335396539343638613932363765353636303465 -39323337656566393433656437643437353034316665323836376639353961383031336261386534 -62393431303939633163376463386365613037653565656639393436383432623434623532623065 -64636233633539363033613339363238343832393435333639323539643830346433366364346161 -62366430653237313132353531653135306632393631633139616136643631383239336565613735 -31636532616465633361353232353562663864376561666233353863326534303334333238396638 -31316332613363363265343836623335616464366631353035343831663436333863333430313133 -36353035373865346262376534313565653566663139343165393235356132303130353535333434 -32376532663732616332376136363137613137386465646133626632346461386266336562316563 -61373836616434333934623563643133376466316431336561396630353537383631663333316266 -64656234323463643531343365313338336634396239383264373339303163333830396239393830 -32646334306138316464376662646539633962356532376361396538313630306237393931616339 -30383765643666313763663865303465306438336433653362303335633565613466346439646435 -34323464346430303930303736643761636633316262313737656134373165306165393133613534 -32623263336634353065356335633536373938656532333139386439323137653633363130653333 -61323338323735396533383366336637313636373937666163373866313636656164356438303964 -32643638326565616133396130373039376562663961663563356166666630356538646562353632 -30656638393066656466626435663635643238353435363765623964633831313538636330343866 -35616331633933653633396565383530383631616366343939663666316532376436323863366630 -65336463373162623834663962353534633033323532636463326238306231613461366266316562 -33373564373436666366646566366335616234653636633165303762343230333131316635646363 -63313563363137316566393839643236393864643762623665623635376563323365383834643836 -62393036393261346162623135346435623332653163663732313461613137663339373161373235 -37323235386337303830306633353839393333353461313839383163383361383962323435373364 -63336638613861646233653536356131366633643464326432656563343636383230373162336435 -33373533623164303534643165613435636135376339313338356366616461316133663138643339 -38366330623561383830313762386634326466663134323164333064376635323865323131313464 -34316237663066323134656239306533333839616239616663646135323133343433313335323336 -31373434393236383464303736663935663039643365373431336338383339616663393765616131 -63353730326636393563366261623736623466346661363366343261353363306466313330373234 -34613134643966346134363139303161306531396234363865363065316161613438653938326464 -38333838636635323061633637663563633765313735663232303663633231613939346437343766 -32646332383535356330663838633866643834343466613731373438653136623831656630313463 -38323734333861623866363433346231616439376237313562636263613464643632326361623738 -31633930616238393237633062353535303266333566663265306339616661646639306238653062 -366566633238363235376430633464656237 +64316466653738626630326463346363323439386264373961656466343230653332333061656435 +6630343738383162376666616637366430333630353437360a613638353235326536313236383266 +61303939333732646535623063313638363632393334386466303834303838653935373532353162 +3464663661363063320a356636366132633464346133613731663361663337613538666631303833 +38353038316533373637376463646630336335326532666664353632303864333135333562373633 +33633466643162636662623239323239666166353762383861636238343364393438613839356237 +64303566306432666238313330363330353862343730356666636637383333303639346663373966 +31633836353234366135636266623639306539623263643461323338326564646537636538616637 +63306330663265373932306533666137616634633661373066343730633432306230306264643137 +36643965343331333435393064613537363536663236636434373438633336373536333865383239 +66323538396239303030633934613230343938633962396632326166656634623439383737363637 +37646464323834646562656231653833666562616461356530646565333932633964313865313565 +38363636383136333732393537383162343765623563373863393137333031653136333735653831 +61336437613535633265363435653338323033303035343432653033343630666438663434326533 +37303439633364666462333438366131626265616661643064663462656239633938363965366364 +63366534626439653839343730323432313765396361316530363161396334363863356438636431 +64363534353135323732323739333331623237393463386238356164633462396532393564316331 +33333335306161303962313565646134653263666266313638663463653237663837616365613639 +61383232646130396631336262373437343830626238623430316531306239323231336331356339 +64373065303262653038663863353565616665643766323138646230373435623761656265393863 +35623530323663393332393830346366633332383637383330383735653630356537633530333765 +35313361306531633366343032636166323963303231623939386134333832323038303963333433 +30343332656335346465323233633433613334323033646663663866363238373831386534663564 +63313639303762646261626566623863313732363633336562393338336334346466346637666266 +36386234386331386434633832616661626462313034643839363131656462643665613765366337 +66366337633839633761633535336263623034336131613464653936666238356464376434383336 +39363638643133636161646662613639663237303933633231303336646366356138333832393531 +36323437393966303662663664666566643764333061343363383734346536336237313837383832 +65363637663034306439633265613336386564373932393062656263353633306664303738373562 +66373066363766643431333266613065306430383061326561636366313662633936636239363934 +37346133353262323638326237623534653464306439643830613432363130646635353162643735 +32303033643865646130316666643333303866326132383662323964333564326439643833356632 +31346634336666323266613535333339363733663035663434363231626433376439643739313162 +31353664316436376436336331613638626535663033343138346537326338613863373932333531 +31373161646137386264643264323863396139623464653062373866616433633132386435323037 +64383330376432666434303264336636333163346138386239346565636436633866333464363064 +33343034663239303738373431323432333839663539313330373537346530396232356435653830 +61613464376531393632633539653936633139323131306564343761636136383066633534353365 +62326134396236636439303839303066346135323963313530346461383665343432663838393632 +39313039643634626361343134663634313734376561653866653838633363383038663366663963 +61613334646362336338313631353263636134393238336466646566616561613665636463623738 +64656566346562633535326639353063363931313730386135373431653165343332386535303837 +32663336393435373830336535646531303130306431363034663034633630633365656565663161 +64386264383863343130656433613561316334306461656662633265326234666536333935343164 +34323533636534313966613331633966306534376532383561373763303566313535326266636535 +38386165653232623238353165363636393138396637633439616264393561306363363838626438 +32363431383864326661343533356632333033626230626432643332363437306236633232663063 +64623332643739383439363565343038643531326166353835323561323034343937303265636432 +34656639616462616664646132306436643062346662663135663337666430643536396161623530 +34366666653034336364336134636564356561366539633664663738313432623333663035313833 +38306337636536636562393237393030356334633930376662363936323764633636353566303732 +33666636353762626664636534356665363661303732326562373335303538393662353434326234 +64663262343937373430656535623362663163626465666565343461303339363534613431396230 +66353232633866663139653064636334303765353131313230636665313234623433636136353837 +64323335353864313434323366343662373561653863663563333464383465333766393835303534 +62633864373731396132306562353130666263393530316331663039323230323130616431636539 +31613933323764313838646631636365316164646231323562616239313936636635323034356466 +37333139656231623136333139303335393533373230343962306438373964373863633464363134 +36633839666335636562306238656165633231363031343566386538393365666533636332666232 +62323563343634303661383865653730316132376562613636373338643236393565303938323563 +62306363343535316336383238386166393339633737383037626136336539386234303562656336 +39333137383864643630666337623962653539646335663766313536326466653961366138323838 +37343665386634626430653939613866333836663961393464353062343533353933306338623561 +61653235353636633034363864366137653334616333643734363934366264613334316538616139 +61623030323131303436636131326532303563313861663835353936626661653461646435393734 +35636331663633363066373631666437366365316261336331396163333337353233353734373938 +66653439323062303362383165646136386561636131613334356565653539346339633265383863 +64643735373539313038663939616536393263356533353734333165373765356335623230323762 +38666264393561663039363763613264393235616139346438613830626163613763346438663539 +35363631643466303737356130623063383930623665666363356332633934366466613464643539 +61386362666530616364393836363336356436353833643734613164313239663134386237356164 +38613261383339636534343264633363346237326562333033623137626363316531376562636633 +66383933623964363636393034653865373732666336306266613633373035353461386134613132 +62376164613334626633383034346664373739393938373762333065646564393937306665643539 +30646462323166353630633763393338333336336237343435326166343465626161353464366361 +62656664346135386333383866623662663839356431616636343364303430636632636438353733 +32353334316163636263633935653434393539666131306530643464323065306136366432386466 +61373035396233303635323233303532313465346262383932653638643834326135373962333335 +36396532656362356533313337373738653230373364393133346561633464396661306230373238 +62336462393439333066386637343965343733633362626339363136366431346662383836316233 +30353262636134343764343363613634313866623538643761323335663464633666306433353161 +38393834376564636265366435646331393835626635366631343862656433616133363934336430 +62376238346634356263303937623566353436326161313038336334326562613638393330303934 +61656662633336333137663438326663633062663162326432653662646461356237346533666530 +36613439326562666561396632396135343731663862333466663138303062666462616136336462 +36366662636436333534363935653464613036663963643536663333333634303037653334663865 +63346435396335333464383261363935376536616262346365633963666535623131646262653063 +39363361366235663736626532646631313230363138343936363438613863663734326331633736 +31386639303331353534333632393563313663396164356232366135373361666435363936346339 +36653138313434636161353636303231613536633332346264653534313934633737313061373039 +62663130396130306266633462646663356435373730616564366635313861616638306163323361 +30353030376331336430313639373939323832396438366262383434616466646366376330623436 +34646166396238623632633065343531636162616139373938396532386331636265313864303365 +63306365353031613534633463616663363964643032316439313733323463373261623233396564 +61323631383839613366353530373366653066653034383137613836353964616630303733666563 +64363431326362626662393832626636663932643231356332316436663965626235346539353632 +37656438623734343234323439363133636563343235373334643165653431366231353065323631 +64613564633437353330633364626239303530663734333862356435643332336162303432323438 +62386339646564653532323965316434623535363234303261653862373264663036623663336265 +61613262353035376463653237636434306434353330386639633230623430373762343936353539 +61373161323438613662623030336339633964356231326133303333663931373132346364343238 +38626163623331666530663833316266656437303663323239353232363337326465363237666431 +37316361306430616466383139386331356530643361383739376638313734373536623738343532 +37306533653632316639613639666531313965363432386536613031363736323933656639303231 +33376464366166336437393230383431343635656636646535343030643763653564323936336332 +66303238656163623936656533303535643733613338313339396232353237643432323261626535 +30303632633161333831623734366565306636396262393161333263616232356638386263323331 +33356361333436613739373862653961323239326133636338646438313931393235653730616336 +35656134366330633434396432386237613133323234356165313665383433613338353337316337 +33623533346630663831343733303132366265656539366639646265306335623064303730613362 +64326336363637646436333961373333666635376564396164633537356561343433313762396435 +34366237303130653437343831373937326336346633366663323534386361613030316236323861 +34373762663464626431356165386665613962616435306439393963383631383034323863626335 +38626430356463353636373764646561376332316132623135376334616464363033656333353963 +65656436363361356361613461316232303835386663303630333030636433623630656131623466 +65313236313063616335613038336337373631646230353930303961623835623261613735646535 +35383365346538663734333066613965646564656234613936336138323335666239656562633335 +33343066333231303037613334376137363932366462373132376666623861613863643933646531 +33656330316333383337623462663838326537343666663633353239303933316164373863393533 +30346466346466623134336262356531306332303664323438623530393863663437316561346330 +64336562326331623865616430353165306438626365356336623162616632356563643439326463 +64303136326434666564613338653435653030646430646363396666313066383637366136396536 +31386139333738366136643330386335393262366635616630356364636330666533346335333063 +38346635623235396236373536633934316163353061353835373966613233636564313466636435 +62343935613437396431653933383364363264643665343766303262373337613138326532366363 +37326335373565666637323361393631633561653963393431656561376235333936653738306234 +34373364383466363339333933623333623430666661373766376164613964663035656332376161 +64303234616365316563613237376364393934376339346137376435343062336663306366366330 +65336333356334626137373162666366376430316635653435366332316332356262306363656466 +34396634313333356239633932323133343533356636376264323165323138623265366635653533 +65313339313562326661353737306130613136363232643933656432643966383439363163366534 +37303665373336653165353238616166393266626364323034313435636663623939613039646632 +31313261636533383131396263376236306535383231323963613264343338613362316364343266 +32656636393163313230343665333366396230623062306233613663636539633630663163623064 +38663234636433346135653434313332643338653639346163336133613866643934323237633430 +38326531343463396464636664313732653233643335383736383136343161623263393030656561 +39616437353236613235623433303161383263363137653665343861313637633737343032656234 +31376262666663366336376338326434393631323933646339656166633536336431616639313332 +626565393465323937383264373436336134 diff --git a/playbooks/apply-firewalld.yml b/playbooks/apply-firewalld.yml index 0cac4bb..83c0937 100644 --- a/playbooks/apply-firewalld.yml +++ b/playbooks/apply-firewalld.yml @@ -1,5 +1,5 @@ - name: Apply firewalld config - hosts: staging-vm + hosts: prod_vms become: yes roles: - - role: provision/alma/firewall \ No newline at end of file + - role: server/firewall \ No newline at end of file diff --git a/playbooks/build-and-push-caddy-image.yml b/playbooks/build-and-push-caddy-image.yml new file mode 100644 index 0000000..632dd89 --- /dev/null +++ b/playbooks/build-and-push-caddy-image.yml @@ -0,0 +1,18 @@ +- name: Build custom Caddy image + # hosts: 127.0.0.1 + # connection: local + hosts: prod2 + become: true + + roles: + # - role: docker/swarm/prereqs + - role: docker/build/caddy + vars: + images: + - name: caddy + dockerfile: caddy-dockerfile.j2 + image_name: caddy-pimped + os: alpine + version: "2.10" + registry: "gitgud.foo" + repository: "xbazzi" diff --git a/playbooks/configure-pve.yml b/playbooks/configure-pve.yml index c2c531a..2c2e41a 100644 --- a/playbooks/configure-pve.yml +++ b/playbooks/configure-pve.yml @@ -1,6 +1,7 @@ --- - name: Configure networking for a new node - hosts: pve-nodes + hosts: pve_nodes become: true roles: - - role: pve/setup_networking \ No newline at end of file + # - role: pve/setup_networking + - role: pve/lvm \ No newline at end of file diff --git a/playbooks/deploy-swarm.yml b/playbooks/deploy-swarm.yml new file mode 100644 index 0000000..b156208 --- /dev/null +++ b/playbooks/deploy-swarm.yml @@ -0,0 +1,74 @@ +- name: Deploy Docker Swarm mgmt & stacks + hosts: prod_vms + become: true + + roles: + - role: docker/swarm/mgmt + when: "'swarm_manager' in hostvars[inventory_hostname]['vm_roles']" + + - role: docker/swarm/node + when: "'swarm_manager' in hostvars[inventory_hostname]['vm_roles']" + + - role: docker/swarm/stacks + when: "'swarm_manager' in hostvars[inventory_hostname]['vm_roles']" + vars: + stacks: + - name: portainer + compose_path: portainer-compose.j2 + restart_condition: on-failure + replicas: 1 + labels: + com.xbazzi.stack: portainer + com.xbazzi.critical: "true" + constraints: + - node.role == manager + - node.hostname == prod2 + - node.labels.zone == core + + - name: caddy + compose_path: caddy-compose.j2 + deploy_mode: replicated + replicas: 1 + restart_condition: on-failure + labels: + com.xbazzi.stack: caddy + com.xbazzi.critical: "true" + constraints: + - node.role == manager + - node.labels.zone == core + - node.labels.type != db + volumes: + - /docker-shared/stacks/data/caddy/conf:/etc/caddy + - /docker-shared/stacks/data/caddy/site:/srv + - /docker-shared/stacks/data/caddy/caddy_data:/data + - /docker-shared/stacks/data/caddy/caddy_config:/config + - /var/run/docker.sock:/var/run/docker.sock + mount_dirs: + - /docker-shared/stacks/data/caddy/conf + - /docker-shared/stacks/data/caddy/site + - /docker-shared/stacks/data/caddy/caddy_data + - /docker-shared/stacks/data/caddy/caddy_config + + - name: nginx + compose_path: nginx-compose.j2 + deploy_mode: replicated + replicas: 1 + restart_condition: on-failure + labels: + com.xbazzi.stack: nginx + com.xbazzi.critical: "false" + constraints: + - node.labels.zone == core + - node.labels.type != db + + # - name: sleep + # compose_path: sleep-forever-compose.j2 + # deploy_mode: replicated + # replicas: 5 + # restart_condition: on-failure + # labels: + # com.xbazzi.stack: sleep + # com.xbazzi.critical: "false" + # constraints: + # - node.labels.zone == core + # - node.labels.type != db \ No newline at end of file diff --git a/playbooks/leave-swarm.yml b/playbooks/leave-swarm.yml new file mode 100644 index 0000000..362db2a --- /dev/null +++ b/playbooks/leave-swarm.yml @@ -0,0 +1,7 @@ +- name: Leave the swarm + hosts: prod_vms + become: true + + roles: + - role: docker/swarm/prereqs + - role: docker/swarm/leave diff --git a/playbooks/provision-alma.yml b/playbooks/provision-alma.yml index 0421624..a2bda5c 100644 --- a/playbooks/provision-alma.yml +++ b/playbooks/provision-alma.yml @@ -6,7 +6,7 @@ # - role: server/hostname # - role: server/users # - role: server/sshkey - # - role: server/dnf + - role: server/packages # - role: server/network - role: server/firewall # - role: provision/alma/common @@ -16,4 +16,5 @@ # - role: docker/setup-lvm # - role: server/fstrim # - role: server/kitty - # - role: server/reboot \ No newline at end of file + # - role: server/reboot + # - role: server/nfs \ No newline at end of file diff --git a/playbooks/reboot.yml b/playbooks/reboot.yml new file mode 100644 index 0000000..87bb4d1 --- /dev/null +++ b/playbooks/reboot.yml @@ -0,0 +1,6 @@ +- name: Deploy Docker Swarm mgmt & stacks + hosts: prod_vms + become: true + + roles: + - role: server/reboot \ No newline at end of file diff --git a/portainer-agent-stack.yml b/portainer-agent-stack.yml new file mode 100644 index 0000000..4cc3588 --- /dev/null +++ b/portainer-agent-stack.yml @@ -0,0 +1,39 @@ +version: '3.2' + +services: + agent: + image: portainer/agent:lts + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /var/lib/docker/volumes:/var/lib/docker/volumes + networks: + - agent_network + deploy: + mode: global + placement: + constraints: [node.platform.os == linux] + + portainer: + image: portainer/portainer-ce:lts + command: -H tcp://tasks.agent:9001 --tlsskipverify + ports: + - "9443:9443" + - "9000:9000" + - "8000:8000" + volumes: + - portainer_data:/data + networks: + - agent_network + deploy: + mode: replicated + replicas: 1 + placement: + constraints: [node.role == manager] + +networks: + agent_network: + driver: overlay + attachable: true + +volumes: + portainer_data: diff --git a/roles/provision/alma/nfs/defaults/main.yml b/roles/docker/build/caddy/defaults/main.yml similarity index 100% rename from roles/provision/alma/nfs/defaults/main.yml rename to roles/docker/build/caddy/defaults/main.yml diff --git a/roles/docker/build/caddy/tasks/main.yml b/roles/docker/build/caddy/tasks/main.yml new file mode 100644 index 0000000..5428e2b --- /dev/null +++ b/roles/docker/build/caddy/tasks/main.yml @@ -0,0 +1,43 @@ +--- +- name: Push Dockerfiles to nfs share + ansible.builtin.template: + src: "{{ item.dockerfile }}" + dest: "/docker-shared/build/{{ item.name }}/Dockerfile" + owner: root + group: root + mode: '0644' + loop: "{{ images }}" + +- name: Authenticate to Gitea registry + community.docker.docker_login: + registry_url: "{{ gitea_registry }}" + username: xbazzi + password: "{{ gitea_token }}" + +- name: Build (versioned) images and push to Gitea + community.docker.docker_image: + build: + path: "/docker-shared/build/{{ item.name }}" + name: "{{ item.registry }}/{{ item.repository }}/{{ item.image_name }}" + tag: "{{ item.version }}-{{ item.os }}" + push: true + source: build + force_source: true + force_tag: true + timeout: 60 + state: present + loop: "{{ images }}" + +- name: Build (latest) images and push to Gitea + community.docker.docker_image: + build: + path: "/docker-shared/build/{{ item.name }}" + name: "{{ item.registry }}/{{ item.repository }}/{{ item.image_name }}" + tag: "latest" + push: true + source: build + force_source: true + force_tag: true + timeout: 60 + state: present + loop: "{{ images }}" diff --git a/roles/docker/build/caddy/templates/caddy-dockerfile.j2 b/roles/docker/build/caddy/templates/caddy-dockerfile.j2 new file mode 100644 index 0000000..a7a8693 --- /dev/null +++ b/roles/docker/build/caddy/templates/caddy-dockerfile.j2 @@ -0,0 +1,16 @@ +ARG CADDY_VERSION={{ item.version }} +FROM caddy:{{ item.version }}-builder AS builder + +RUN xcaddy build \ + --with github.com/lucaslorentz/caddy-docker-proxy/v2 \ + --with github.com/hairyhenderson/caddy-teapot-module \ + --with github.com/caddy-dns/cloudflare + +FROM caddy:{{ item.version }}-{{ item.os }} + +COPY --from=builder /usr/bin/caddy /usr/bin/caddy + +#CMD ["caddy", "run", "--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"] + +CMD ["caddy", "docker-proxy"] + diff --git a/roles/docker/setup-lvm/tasks/main.yml b/roles/docker/setup-lvm/tasks/main.yml index e96437c..939da6c 100644 --- a/roles/docker/setup-lvm/tasks/main.yml +++ b/roles/docker/setup-lvm/tasks/main.yml @@ -1,5 +1,4 @@ -# roles/setup_docker_storage/tasks/main.yml - +--- - name: Install LVM tools (if not present) ansible.builtin.package: name: lvm2 @@ -20,9 +19,6 @@ lv: "{{ docker_lv }}" size: "{{ docker_lv_size }}" state: present - # when: docker_lv not in lvs_output.stdout - # vars: - # docker_lv: "{{ docker_lv }}" - name: Format logical volume with XFS community.general.filesystem: @@ -58,19 +54,6 @@ opts: bind state: mounted -# - name: Bind mount new Docker data dir to /var/lib/docker -# ansible.builtin.file: -# path: /var/lib/docker -# state: directory -# mode: '0755' - -# - name: Add fstab entry for Docker bind mount -# ansible.builtin.blockinfile: -# path: /etc/fstab -# block: | -# /mnt/docker-data /var/lib/docker none bind 0 0 -# marker: "# {mark} ANSIBLE MANAGED BLOCK - DOCKER BIND" - - name: Start Docker service ansible.builtin.systemd: name: docker diff --git a/roles/provision/alma/nfs/handlers/main.yml b/roles/docker/swarm/leave/defaults/main.yml similarity index 100% rename from roles/provision/alma/nfs/handlers/main.yml rename to roles/docker/swarm/leave/defaults/main.yml diff --git a/roles/docker/swarm/leave/tasks/main.yml b/roles/docker/swarm/leave/tasks/main.yml new file mode 100644 index 0000000..6d00fa8 --- /dev/null +++ b/roles/docker/swarm/leave/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Ensure Docker node left swarm (if exists) + community.docker.docker_swarm: + state: absent + force: true # Manager leaves too + # ignore_errors: yes diff --git a/roles/provision/alma/nfs/templates/main.yml b/roles/docker/swarm/mgmt/defaults/main.yml similarity index 100% rename from roles/provision/alma/nfs/templates/main.yml rename to roles/docker/swarm/mgmt/defaults/main.yml diff --git a/roles/docker/swarm/mgmt/tasks/main.yml b/roles/docker/swarm/mgmt/tasks/main.yml new file mode 100644 index 0000000..73b314f --- /dev/null +++ b/roles/docker/swarm/mgmt/tasks/main.yml @@ -0,0 +1 @@ +--- \ No newline at end of file diff --git a/roles/server/dnf/defaults/main.yml b/roles/docker/swarm/node/defaults/main.yml similarity index 100% rename from roles/server/dnf/defaults/main.yml rename to roles/docker/swarm/node/defaults/main.yml diff --git a/roles/docker/swarm/node/tasks/main.yml b/roles/docker/swarm/node/tasks/main.yml new file mode 100644 index 0000000..77a8dc7 --- /dev/null +++ b/roles/docker/swarm/node/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Set node labels on all Swarm nodes + community.docker.docker_node: + hostname: "{{ item.name }}" + labels: "{{ item.labels }}" + labels_state: replace + loop: "{{ swarm_nodes }}" \ No newline at end of file diff --git a/roles/docker/swarm/prereqs/tasks/main.yml b/roles/docker/swarm/prereqs/tasks/main.yml new file mode 100644 index 0000000..17313c2 --- /dev/null +++ b/roles/docker/swarm/prereqs/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: Ensure pip is installed + ansible.builtin.package: + name: + - python3 + - python3-pip + state: present + become: true + +- name: Install Docker SDK and requests for Python + ansible.builtin.pip: + name: + - docker + - requests + - jsondiff + - packaging + state: present + become: true \ No newline at end of file diff --git a/roles/docker/swarm/stacks/defaults/main.yml b/roles/docker/swarm/stacks/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/docker/swarm/stacks/tasks/main.yml b/roles/docker/swarm/stacks/tasks/main.yml new file mode 100644 index 0000000..2f5dac5 --- /dev/null +++ b/roles/docker/swarm/stacks/tasks/main.yml @@ -0,0 +1,39 @@ +--- +- name: Create stack directory + ansible.builtin.file: + path: "/docker-shared/stacks/compose/{{ item.name }}" + state: directory + owner: root + group: root + mode: '0755' + loop: "{{ stacks }}" + # when: "'swarm_manager' in hostvars[inventory_hostname]['vm_roles']" + +- name: Render docker-compose.yml for each stack + ansible.builtin.template: + src: "{{ item.compose_path }}" + dest: "/docker-shared/stacks/compose/{{ item.name }}/docker-compose.yml" + owner: root + group: root + mode: '0644' + loop: "{{ stacks }}" + # when: "'swarm_manager' in hostvars[inventory_hostname]['vm_roles']" + +- name: Ensure Docker bind mount directories exist + ansible.builtin.file: + path: "{{ item_dir }}" + state: directory + owner: root + group: root + mode: '0755' + loop: "{{ stacks | selectattr('mount_dirs', 'defined') | map(attribute='mount_dirs') | list | flatten }}" + loop_control: + loop_var: item_dir + +- name: Deploy stackzzz + community.docker.docker_stack: + name: "{{ item.name }}" + compose: + - "/docker-shared/stacks/compose/{{ item.name }}/docker-compose.yml" + state: present + loop: "{{ stacks }}" \ No newline at end of file diff --git a/roles/docker/swarm/stacks/templates/caddy-compose.j2 b/roles/docker/swarm/stacks/templates/caddy-compose.j2 new file mode 100644 index 0000000..950ea22 --- /dev/null +++ b/roles/docker/swarm/stacks/templates/caddy-compose.j2 @@ -0,0 +1,27 @@ +services: + caddy: + image: gitgud.foo/xbazzi/caddy-pimped:latest + restart: unless-stopped + ports: + - "80:80" + - "443:443" + - "2019:2019" + - "443:443/udp" + volumes: +{% for volume in item.volumes %} + - {{ volume }} +{% endfor %} + deploy: + mode: replicated + replicas: {{ item.replicas }} + restart_policy: + condition: {{ item.restart_condition }} + labels: +{% for key, val in item.labels.items() %} + {{ key }}: "{{ val }}" +{% endfor %} + placement: + constraints: +{% for constraint in item.constraints %} + - {{ constraint }} +{% endfor %} \ No newline at end of file diff --git a/roles/docker/swarm/stacks/templates/nginx-compose.j2 b/roles/docker/swarm/stacks/templates/nginx-compose.j2 new file mode 100644 index 0000000..3dedf5e --- /dev/null +++ b/roles/docker/swarm/stacks/templates/nginx-compose.j2 @@ -0,0 +1,23 @@ + +services: + nginx: + image: nginx:latest + ports: + - target: 80 + published: 8080 + protocol: tcp + mode: ingress + deploy: + mode: replicated + replicas: {{ item.replicas }} + restart_policy: + condition: {{ item.restart_condition }} + labels: +{% for key, val in item.labels.items() %} + {{ key }}: "{{ val }}" +{% endfor %} + placement: + constraints: +{% for constraint in item.constraints %} + - {{ constraint }} +{% endfor %} diff --git a/roles/docker/swarm/stacks/templates/nouse_portainer-compose.j2 b/roles/docker/swarm/stacks/templates/nouse_portainer-compose.j2 new file mode 100644 index 0000000..bd25052 --- /dev/null +++ b/roles/docker/swarm/stacks/templates/nouse_portainer-compose.j2 @@ -0,0 +1,28 @@ +version: '3.9' +services: + ui: + image: 'portainer/portainer-ce:lts' + volumes: + - '/docker-shared/stacks/data/portainer:/data' + - '/var/run/docker.sock:/var/run/docker.sock' + ports: + - target: 9443 + published: 9443 + protocol: tcp + mode: ingress + - target: 8000 + published: 8000 + protocol: tcp + mode: ingress + networks: + - swarmnet + deploy: + mode: replicated + replicas: 1 + placement: + constraints: + - node.role == manager + +networks: + swarmnet: + external: true \ No newline at end of file diff --git a/roles/docker/swarm/stacks/templates/old_portainer-compose.j2.old b/roles/docker/swarm/stacks/templates/old_portainer-compose.j2.old new file mode 100644 index 0000000..035d5fb --- /dev/null +++ b/roles/docker/swarm/stacks/templates/old_portainer-compose.j2.old @@ -0,0 +1,32 @@ +version: '3.9' +services: + ui: + image: 'portainer/portainer-ce:lts' + container_name: portainer + volumes: + - '/docker-shared/stacks/data/portainer:/data' + - '/var/run/docker.sock:/var/run/docker.sock' + ports: + - '9443:9443' + - '8000:8000' + deploy: + mode: replicated + replicas: 1 + labels: +{% for labels in swarm_nodes %} + {% for key, val in labels %} + {{ key }}: "{{ val }}" + {% endfor %} +{% endfor %} + placement: + constraints: +{% for constraints in swarm_nodes %} + {% for constraint in constraints %} + - {{ constraint }} + {% endfor %} +{% endfor %} + networks: + - swarm-core + +networks: + swarm-core: diff --git a/roles/docker/swarm/stacks/templates/portainer-compose.j2 b/roles/docker/swarm/stacks/templates/portainer-compose.j2 new file mode 100644 index 0000000..6901220 --- /dev/null +++ b/roles/docker/swarm/stacks/templates/portainer-compose.j2 @@ -0,0 +1,40 @@ +version: '3.2' + +services: + agent: + image: portainer/agent:lts + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /var/lib/docker/volumes:/var/lib/docker/volumes + networks: + - agent_network + deploy: + mode: global + placement: + constraints: [node.platform.os == linux] + + portainer: + image: portainer/portainer-ce:lts + command: -H tcp://tasks.agent:9001 --tlsskipverify + ports: + - "9443:9443" + - "9000:9000" + - "8000:8000" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /docker-shared/stacks/data/portainer:/data + networks: + - agent_network + deploy: + mode: replicated + replicas: {{ item.replicas }} + restart_policy: + condition: {{ item.restart_condition }} + placement: + constraints: [node.role == manager] + privileged: true + +networks: + agent_network: + driver: overlay + attachable: true \ No newline at end of file diff --git a/roles/docker/swarm/stacks/templates/sleep-forever-compose.j2 b/roles/docker/swarm/stacks/templates/sleep-forever-compose.j2 new file mode 100644 index 0000000..c1fae42 --- /dev/null +++ b/roles/docker/swarm/stacks/templates/sleep-forever-compose.j2 @@ -0,0 +1,23 @@ +services: + network-keepalive: + image: alpine + command: sleep infinity + networks: + - depinga + deploy: + mode: replicated + replicas: {{ item.replicas }} + restart_policy: + condition: {{ item.restart_condition }} + labels: +{% for key, val in item.labels.items() %} + {{ key }}: "{{ val }}" +{% endfor %} + placement: + constraints: +{% for constraint in item.constraints %} + - {{ constraint }} +{% endfor %} + +networks: + depinga: diff --git a/roles/pve/lvm/tasks/main.yml b/roles/pve/lvm/tasks/main.yml index 4597ea4..51c8e2f 100644 --- a/roles/pve/lvm/tasks/main.yml +++ b/roles/pve/lvm/tasks/main.yml @@ -4,38 +4,52 @@ name: lvm2 state: present -- name: Check if Docker LV exists - ansible.builtin.command: > - "lvs --noheadings -o lv_name {{ hostvars[inventory_hostname]['vmid'] }}" - +- name: Check current LVs for VMs + ansible.builtin.shell: > + lvs -o lv_name | grep vm register: lvs_output +- debug: + var: lvs_output.stdout_lines + +- debug: + msg: "vm-{{ item.vmid }}-disk-{{ pve_docker_disk_id }}" + loop: "{{ vms }}" + loop_control: + label: "{{ item.vmid }}" + - name: Create logical volume for Docker community.general.lvol: - vg: "{{ docker_vg }}" - lv: "{{ docker_lv }}" - size: "{{ docker_lv_size }}" + lv: "vm-{{ item.vmid }}-disk-{{ pve_docker_disk_id }}" + vg: "{{ pve_vg }}" + shrink: false + size: "{{ pve_docker_lv_size }}" state: present - # when: docker_lv not in lvs_output.stdout - # vars: - # docker_lv: "{{ docker_lv }}" + when: "'docker' in item.roles" + loop: "{{ vms }}" + loop_control: + label: "{{ item.vmid }}" -- name: Format logical volume with XFS - community.general.filesystem: - fstype: xfs - dev: "/dev/{{ docker_vg }}/{{ docker_lv }}" - opts: "-n ftype=1" - -- name: Create mount point for Docker volume - ansible.builtin.file: - path: "{{ docker_mountpoint }}" - state: directory - mode: '0755' - -- name: Mount Docker LV to VM filesystem - ansible.posix.mount: - path: "{{ docker_mountpoint }}" - src: "/dev/{{ docker_vg }}/{{ docker_lv }}" - fstype: xfs - opts: defaults - state: mounted \ No newline at end of file +- name: Attach Docker disk to VM + ansible.builtin.shell: > + qm set {{ item.vmid }} + --scsi{{ pve_docker_disk_id }} + ha-lvm:vm-{{ item.vmid }}-disk-{{ pve_docker_disk_id }},cache=writeback,discard=on,iothread=1,ssd=1 + delegate_to: "{{ item.node }}" + run_once: true + loop: "{{ vms }}" + when: "'docker' in item.roles" + loop_control: + label: "VM {{ item.vmid }} on {{ item.node }}" + +- name: Create logical volume for DB + community.general.lvol: + lv: "vm-{{ item.vmid }}-disk-{{ pve_db_disk_id }}" + vg: "{{ pve_vg }}" + shrink: false + size: "{{ pve_db_lv_size }}" + state: present + when: "'db' in item.roles" + loop: "{{ vms }}" + loop_control: + label: "{{ item.vmid }}" diff --git a/roles/server/firewall/tasks/main.yml b/roles/server/firewall/tasks/main.yml index a1182c0..76e32df 100644 --- a/roles/server/firewall/tasks/main.yml +++ b/roles/server/firewall/tasks/main.yml @@ -26,42 +26,59 @@ state: enabled permanent: true -- name: Set core to default - ansible.builtin.command: firewall-cmd --set-default-zone=core +# - name: Set core to default +# ansible.builtin.command: firewall-cmd --set-default-zone=core -# - name: Remove ens18 from public -# ansible.builtin.command: firewall-cmd --zone=public --remove-interface=ens18 - - name: Reload firewalld to apply changes ansible.builtin.command: firewall-cmd --reload -- debug: - var: hostvars[inventory_hostname]['roles'] +- name: DROP all traffic on dmz by default + ansible.builtin.firewalld: + zone: dmz + target: "DROP" + permanent: true + state: enabled ################ SWARM SETUP ################ -- name: Open Docker Swarm manager port 2377/tcp +- name: Open Docker Swarm manager inbound port 2377/tcp ansible.builtin.firewalld: - zone: core + zone: mgmt port: 2377/tcp permanent: true state: enabled - when: "'swarm' in hostvars[inventory_hostname]['roles']" + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" -- name: Open Docker Swarm overlay node discovery port 7946/tcp +- name: Open Docker Swarm data overlay node discovery port 7946/tcp ansible.builtin.firewalld: zone: core port: 7946/tcp permanent: true state: enabled - when: "'swarm' in hostvars[inventory_hostname]['roles']" + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" -- name: Open Docker Swarm overlay node discovery port 7946/udp +- name: Open Docker Swarm mgmt overlay node discovery port 7946/tcp + ansible.builtin.firewalld: + zone: mgmt + port: 7946/tcp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Open Docker Swarm core overlay node discovery port 7946/udp ansible.builtin.firewalld: zone: core port: 7946/udp permanent: true state: enabled - when: "'swarm' in hostvars[inventory_hostname]['roles']" + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Open Docker Swarm mgmt overlay node discovery port 7946/udp + ansible.builtin.firewalld: + zone: mgmt + port: 7946/udp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" - name: Open Docker Swarm overlay network traffic 4789/udp ansible.builtin.firewalld: @@ -69,4 +86,68 @@ port: 4789/udp permanent: true state: enabled - when: "'swarm' in hostvars[inventory_hostname]['roles']" + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +############# Docker Services ########### +- name: Open Docker Stack portainer 9443/tcp + ansible.builtin.firewalld: + zone: core + port: 9443/tcp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Open Docker Stack nginx 8080/tcp + ansible.builtin.firewalld: + zone: core + port: 8080/tcp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Open Caddy 443/tcp + ansible.builtin.firewalld: + zone: core + port: 443/tcp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Open Caddy 80/tcp + ansible.builtin.firewalld: + zone: core + port: 80/tcp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Open Caddy 80/tcp + ansible.builtin.firewalld: + zone: core + port: 80/tcp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Open Caddy 2019/tcp + ansible.builtin.firewalld: + zone: core + port: 2019/tcp + permanent: true + state: enabled + when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +# - name: Open Portainer env port 9001/tcp +# ansible.builtin.firewalld: +# zone: core +# port: 9001/tcp +# permanent: true +# state: enabled +# when: "'swarm' in hostvars[inventory_hostname]['vm_roles']" + +- name: Restart firewalld service + ansible.builtin.systemd_service: + name: firewalld + state: restarted + enabled: true + \ No newline at end of file diff --git a/roles/server/kitty/tasks/main.yml b/roles/server/kitty/tasks/main.yml index a754605..60a7856 100644 --- a/roles/server/kitty/tasks/main.yml +++ b/roles/server/kitty/tasks/main.yml @@ -1,19 +1,11 @@ --- # Pre-requisite: # ❯ infocmp -a xterm-kitty > ~/.xterm-kitty.terminfo -- name: Copy pre-generated kitty terminfo to remote users - copy: - src: /home/xbazzi/.xterm-kitty.terminfo - dest: /home/{{ item }}/xterm-kitty.terminfo - owner: "{{ item }}" - group: "{{ item }}" - mode: '0644' - loop: "{{ users }}" - name: Upload xterm-kitty.terminfo to each user’s home ansible.builtin.copy: src: "/home/xbazzi/.xterm-kitty.terminfo" - dest: "/home/{{ item }}/xterm-kitty.terminfo" + dest: "/home/{{ item }}/.xterm-kitty.terminfo" owner: "{{ item }}" group: "{{ item }}" mode: '0644' @@ -21,13 +13,13 @@ - name: Compile terminfo for each user ansible.builtin.command: > - tic -x -o /home/{{ item }}/.terminfo /home/{{ item }}/xterm-kitty.terminfo + tic -x -o /home/{{ item }}/.terminfo /home/{{ item }}/.xterm-kitty.terminfo become: true become_user: root #"{{ item }}" loop: "{{ users }}" - name: Clean up xterm-kitty.terminfo from home directory ansible.builtin.file: - path: "/home/{{ item }}/xterm-kitty.terminfo" + path: "/home/{{ item }}/.xterm-kitty.terminfo" state: absent loop: "{{ users }}" diff --git a/roles/util/mount_nfs/defaults/main.yml b/roles/server/mount_nfs/defaults/main.yml similarity index 100% rename from roles/util/mount_nfs/defaults/main.yml rename to roles/server/mount_nfs/defaults/main.yml diff --git a/roles/util/mount_nfs/tasks/main.yml b/roles/server/mount_nfs/tasks/main.yml similarity index 100% rename from roles/util/mount_nfs/tasks/main.yml rename to roles/server/mount_nfs/tasks/main.yml diff --git a/roles/server/nfs/defaults/main.yml b/roles/server/nfs/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/nfs/handlers/main.yml b/roles/server/nfs/handlers/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/provision/alma/nfs/tasks/main.yml b/roles/server/nfs/tasks/main.yml similarity index 91% rename from roles/provision/alma/nfs/tasks/main.yml rename to roles/server/nfs/tasks/main.yml index 05602e7..998a6db 100644 --- a/roles/provision/alma/nfs/tasks/main.yml +++ b/roles/server/nfs/tasks/main.yml @@ -8,8 +8,8 @@ ansible.builtin.file: path: "{{ item.path }}" state: directory - owner: nfsuser - group: nfsuser + owner: root + group: root mode: '0755' loop: "{{ nfs_mounts }}" diff --git a/roles/server/nfs/templates/main.yml b/roles/server/nfs/templates/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/packages/defaults/main.yml b/roles/server/packages/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/server/dnf/tasks/main.yml b/roles/server/packages/tasks/main.yml similarity index 82% rename from roles/server/dnf/tasks/main.yml rename to roles/server/packages/tasks/main.yml index 519129e..ec766f5 100644 --- a/roles/server/dnf/tasks/main.yml +++ b/roles/server/packages/tasks/main.yml @@ -1,6 +1,6 @@ --- -- name: Install dnf packages - ansible.builtin.dnf: +- name: Install packages + ansible.builtin.package: name: - systemd-networkd - systemd-resolved @@ -16,5 +16,6 @@ - nmap - tcpdump - rsync + - tree state: latest update_cache: true diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..97c7b9a --- /dev/null +++ b/shell.nix @@ -0,0 +1,10 @@ +let + pkgs = import {}; +in pkgs.mkShell { + packages = [ + (pkgs.python3.withPackages (python-pkgs: [ + python-pkgs.pandas + python-pkgs.requests + ])) + ]; +} \ No newline at end of file