Roxedus/Infra
1
0
Fork 0
Code Issues 1 Pull Requests 6 Projects Releases Wiki Activity
51ce124ece
Infra/ansible/run.yml

212 lines
5.3 KiB
YAML
Raw Normal View History

Initial commit
2020-10-28 22:15:23 +01:00
- hosts: all
become: yes
tags: [never, init]
vars_files:
- "vars/vault.yml"
collections:
- ansible.builtin.apt
Updates
2021-02-13 15:39:14 +01:00
- ansible.builtin.apt_key
Initial commit
2020-10-28 22:15:23 +01:00
- ansible.builtin.git
- ansible.builtin.group
- ansible.builtin.hostname
Updates
2021-02-13 15:39:14 +01:00
- ansible.builtin.lineinfile
- ansible.builtin.pip
Initial commit
2020-10-28 22:15:23 +01:00
- ansible.builtin.reboot
- ansible.builtin.user
- ansible.posix.authorized_key
Updates
2021-02-13 15:39:14 +01:00
- ansible.posix.mount
- ansible.builtin.command
- ansible.builtin.apt_repository
- ansible.builtin.dpkg_selections
Initial commit
2020-10-28 22:15:23 +01:00
pre_tasks:
Redo user task
2021-08-16 23:50:14 +02:00
- include_tasks: tasks/users.yml
with_items: "{{ users }}"
loop_control:
loop_var: user
Initial commit
2020-10-28 22:15:23 +01:00
- name: Change hostname
when: "set_hostname is defined"
register: new_hostname
ansible.builtin.hostname:
name: "{{ set_hostname }}"
- name: Change hostname in hosts
when: new_hostname.changed
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: '^127\.0\.0\.1 localhost'
line: "127.0.0.1 localhost {{ set_hostname }}"
owner: root
group: root
mode: "0644"
- name: Reboot the server
ansible.builtin.reboot:
msg: "Reboot initiated by Ansible due to hostname change"
connect_timeout: 5
reboot_timeout: 300
pre_reboot_delay: 2
post_reboot_delay: 30
test_command: uptime
when: new_hostname.changed
roles:
- role: geerlingguy.ntp
- role: geerlingguy.security
tasks:
- name: Install packages
ansible.builtin.apt:
name: "{{ item.name | default(omit) }}"
state: latest
default_release: "{{ item.default_release | default(omit) }}"
with_items:
- "{{package_list}}"
Updates
2021-02-13 15:39:14 +01:00
- hosts: docker
become: yes
Use function in role to set docker daemon options Also install RC of compose plugin
2021-08-16 23:52:40 +02:00
tags: [docker]
Updates
2021-02-13 15:39:14 +01:00
vars_files:
- "vars/vault.yml"
post_tasks:
- name: Install pip packages
ansible.builtin.pip:
name:
- docker
Use function in role to set docker daemon options Also install RC of compose plugin
2021-08-16 23:52:40 +02:00
- name: Get DEB architecture
shell: dpkg --print-architecture
register: deb_architecture
- name: Create plugin directory if not present
ansible.builtin.file:
path: "/home/{{ item.username }}/.docker/cli-plugins/"
state: directory
owner: "{{ item.username }}"
group: "{{ item.groupname }}"
mode: "0775"
loop: "{{ docker_users_obj }}"
- name: Install compose plugin
ansible.builtin.get_url:
url: "https://github.com/docker/compose-cli/releases/download/v2.0.0-rc.1/docker-compose-linux-{{ deb_architecture.stdout }}"
dest: "/home/{{ item.username }}/.docker/cli-plugins/docker-compose"
mode: "0755"
owner: "{{ item.username }}"
group: "{{ item.groupname }}"
loop: "{{ docker_users_obj }}"
Updates
2021-02-13 15:39:14 +01:00
roles:
- role: geerlingguy.docker
- hosts: kube
become: yes
tags: [never, init, kube]
vars_files:
- "vars/vault.yml"
tasks:
- name: Disable SWAP
# ansible.builtin.comman
command: swapoff -a
- name: Remove swapfile from /etc/fstab
ansible.posix.mount:
name: "{{ item }}"
fstype: swap
state: absent
with_items:
- swap
- name: Add Apt signing key Google
ansible.builtin.apt_key:
url: "{{ item }}"
state: present
loop:
- https://packages.cloud.google.com/apt/doc/apt-key.gpg
- name: Add repo for kubernetes
ansible.builtin.apt_repository:
filename: kubernetes
repo: "deb https://apt.kubernetes.io/ kubernetes-xenial main"
mode: "0666"
update_cache: yes
- name: Install packages
ansible.builtin.apt:
name: "{{ item }}={{ kube_ver }}"
state: present
with_items:
- kubelet
- kubeadm
- kubectl
- name: Hold kubernetes version
become: yes
ansible.builtin.dpkg_selections:
name: "{{ item }}"
selection: "hold"
with_items:
- kubelet
- kubeadm
- kubectl
Initial commit
2020-10-28 22:15:23 +01:00
- hosts: piholes
vars_files:
- "vars/vault.yml"
Init PiHole role
2021-08-17 00:05:31 +02:00
tags: [update, pihole]
Initial commit
2020-10-28 22:15:23 +01:00
roles:
Init PiHole role
2021-08-17 00:05:31 +02:00
- role: pihole_updatelist
Initial commit
2020-10-28 22:15:23 +01:00
- role: pi_dnsmasq
Init PiHole role
2021-08-17 00:05:31 +02:00
- role: pihole
Initial commit
2020-10-28 22:15:23 +01:00
- hosts: all
become: yes
tags: [update]
vars_files:
- "vars/vault.yml"
tasks:
# https://www.cyberciti.biz/faq/ansible-apt-update-all-packages-on-ubuntu-debian-linux/
- name: Update packages
ansible.builtin.apt:
Updates
2021-02-13 15:39:14 +01:00
update_cache: true
force_apt_get: true
Initial commit
2020-10-28 22:15:23 +01:00
cache_valid_time: 3600
Updates
2021-02-13 15:39:14 +01:00
upgrade: true
Initial commit
2020-10-28 22:15:23 +01:00
- name: Remove ubuntu motd spam
ansible.builtin.file:
path: "/etc/update-motd.d/{{ item }}"
state: absent
loop:
- 10-help-text
- 50-landscape-sysinfo
- 50-motd-news
- 80-livepatch
- 95-hwe-eol
when: ansible_distribution == 'Ubuntu'
Updates
2021-02-13 15:39:14 +01:00
- name: Update PiHole
when: inventory_hostname in groups['piholes']
become: true
ansible.builtin.command:
argv:
- pihole
- -up
Initial commit
2020-10-28 22:15:23 +01:00
- name: Check if a reboot is needed for Debian and Ubuntu boxes
register: reboot_required_file
stat: path=/var/run/reboot-required get_md5=no
- name: Reboot the server
ansible.builtin.reboot:
msg: "Reboot initiated by Ansible due to kernel updates"
connect_timeout: 5
reboot_timeout: 300
pre_reboot_delay: 0
post_reboot_delay: 30
test_command: uptime
when: reboot_required_file.stat.exists
Reference in New Issue Copy Permalink