Updates

ansible/group_vars/docker.yml

@@ -0,0 +1,3 @@
+docker_install_compose: false
+docker_users:
+    - "{{ users.0.username }}"

ansible/group_vars/kube.yml

@@ -0,0 +1 @@
+kube_ver: 1.19.4-00

ansible/hosts

@@ -1,2 +1,12 @@
 [piholes]
 pihole set_hostname=pihole."{{ secret_local_domain }}"
+
+;[docker]
+;10.0.0.40
+;10.0.0.41
+;10.0.0.42
+
+;[kube]
+;10.0.0.40 set_hostname=kube."{{ secret_local_domain }}"
+;10.0.0.41 set_hostname=kube-node1."{{ secret_local_domain }}"
+;10.0.0.42 set_hostname=kube-node2."{{ secret_local_domain }}"

ansible/roles/pi_dnsmasq/templates/02-custom.conf.j2

@@ -1,8 +1,17 @@
 {{ ansible_managed | comment}}
+# http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
 addn-hosts=/etc/hosts.custom
 
 address=/.{{ secret_wan_domain }}/10.0.0.29
 
-#rev-server=10.0.2.1/26,10.0.2.1
-#server=/man.{{ dmasq_local_domain }}/10.0.2.1
-#server=/2.0.10.in-addr.arpa/10.0.2.1
+rev-server=10.0.0.0/24,10.0.0.1
+server=/{{ dmasq_local_domain }}/10.0.0.1
+
+rev-server=10.253.0.0/24,10.253.0.1
+server=/wg.{{ dmasq_local_domain }}/10.253.0.1
+
+server=/2.0.10.in-addr.arpa/10.0.2.65
+server=/vm.{{ dmasq_local_domain }}/10.0.2.65
+
+server=/2.0.10.in-addr.arpa/10.0.2.0
+server=/man.{{ dmasq_local_domain }}/10.0.2.1

ansible/roles/pi_dnsmasq/templates/hosts.custom.j2

@@ -2,3 +2,8 @@
 
 10.0.0.29 {{ secret_wan_domain }}
 10.0.0.30 {{ secret_unraid_uuid }}.unraid.net
+
+10.0.2.3 vcenter.man.{{ dmasq_local_domain }}
+10.0.2.5 9010.esxi.man.{{ dmasq_local_domain }}
+10.0.2.6 r710.esxi.man.{{ dmasq_local_domain }}
+10.0.2.16 r710.man.{{ dmasq_local_domain }}

ansible/run.yml

@@ -6,14 +6,19 @@
 
   collections:
     - ansible.builtin.apt
+    - ansible.builtin.apt_key
     - ansible.builtin.git
     - ansible.builtin.group
     - ansible.builtin.hostname
+    - ansible.builtin.lineinfile
+    - ansible.builtin.pip
     - ansible.builtin.reboot
     - ansible.builtin.user
     - ansible.posix.authorized_key
-    - ansible.builtin.lineinfile
-    - ansible.builtin.git
+    - ansible.posix.mount
+    - ansible.builtin.command
+    - ansible.builtin.apt_repository
+    - ansible.builtin.dpkg_selections
 
   pre_tasks:
     - name: Ensure groups exists
@@ -78,17 +83,84 @@
       with_items:
         - "{{package_list}}"
 
+- hosts: docker
+  become: yes
+  tags: [never, init, docker]
+  vars_files:
+    - "vars/vault.yml"
+  post_tasks:
+    - name: Install pip packages
+      ansible.builtin.pip:
+        name:
+          - docker
+          - docker-compose
+  roles:
+    - role: geerlingguy.docker
+
+- hosts: kube
+  become: yes
+  tags: [never, init, kube]
+  vars_files:
+    - "vars/vault.yml"
+  tasks:
+    - name: Disable SWAP
+      # ansible.builtin.comman
+      command: swapoff -a
+
+    - name: Remove swapfile from /etc/fstab
+      ansible.posix.mount:
+        name: "{{ item }}"
+        fstype: swap
+        state: absent
+      with_items:
+        - swap
+
+    - name: Add Apt signing key Google
+      ansible.builtin.apt_key:
+        url: "{{ item }}"
+        state: present
+      loop:
+        - https://packages.cloud.google.com/apt/doc/apt-key.gpg
+
+    - name: Add repo for kubernetes
+      ansible.builtin.apt_repository:
+        filename: kubernetes
+        repo: "deb https://apt.kubernetes.io/ kubernetes-xenial main"
+        mode: "0666"
+        update_cache: yes
+
+    - name: Install packages
+      ansible.builtin.apt:
+        name: "{{ item }}={{ kube_ver }}"
+        state: present
+      with_items:
+        - kubelet
+        - kubeadm
+        - kubectl
+
+    - name: Hold kubernetes version
+      become: yes
+      ansible.builtin.dpkg_selections:
+        name: "{{ item }}"
+        selection: "hold"
+      with_items:
+        - kubelet
+        - kubeadm
+        - kubectl
+
 - hosts: piholes
   vars_files:
     - "vars/vault.yml"
   pre_tasks:
     - name: Checkout pihole
       tags: [never, init, pihole]
+      become: yes
       ansible.builtin.git:
         repo: "https://github.com/pi-hole/pi-hole.git"
         clone: yes
-        dest: "/home/{{ users.0.username }}/pihole"
+        dest: "/etc/.pihole"
         depth: 1
+        umask: "022"
 
     - name: Checkout pihole_updatelist
       tags: [never, init, pihole]
@@ -104,17 +176,35 @@
       ansible.builtin.apt:
         name:
           [
+            "cron",
+            "curl",
+            "dhcpcd5",
             "dns-root-data",
+            "dns-root-data",
+            "dnsutils",
+            "git",
             "idn2",
+            "idn2",
+            "iputils-ping",
+            "libcap2-bin",
+            "libcap2",
             "lighttpd",
+            "lsof",
+            "netcat",
             "php-cgi",
             "php-cli",
             "php-curl",
             "php-intl",
             "php-sqlite3",
+            "php-sqlite3",
             "php-xml",
+            "psmisc",
             "sqlite3",
+            "sudo",
             "unzip",
+            "unzip",
+            "wget",
+            "whiptail",
           ]
         state: latest
 
@@ -122,6 +212,7 @@
     - role: pi_updatelist
       tags: [update]
     - role: pi_dnsmasq
+      tags: [update]
 
 - hosts: all
   become: yes
@@ -133,10 +224,10 @@
     # https://www.cyberciti.biz/faq/ansible-apt-update-all-packages-on-ubuntu-debian-linux/
     - name: Update packages
       ansible.builtin.apt:
-        update_cache: yes
-        force_apt_get: yes
+        update_cache: true
+        force_apt_get: true
         cache_valid_time: 3600
-        upgrade: yes
+        upgrade: true
 
     - name: Remove ubuntu motd spam
       ansible.builtin.file:
@@ -150,6 +241,14 @@
         - 95-hwe-eol
       when: ansible_distribution == 'Ubuntu'
 
+    - name: Update PiHole
+      when: inventory_hostname in groups['piholes']
+      become: true
+      ansible.builtin.command:
+        argv:
+          - pihole
+          - -up
+
     - name: Check if a reboot is needed for Debian and Ubuntu boxes
       register: reboot_required_file
       stat: path=/var/run/reboot-required get_md5=no

ansible/vars/vault.yml

@@ -1,21 +1,21 @@
 $ANSIBLE_VAULT;1.1;AES256
-63613666633537303031393636363930316663373334333131313233663033366634313934366665
-6166373661616530626361306338383262376661313161380a313536313462326165323636303163
-33663431326665353630366337356634663837306564616436303831616137626238613337616238
-6638323363376330650a643163613131346537613966356433666364653239633333643265626339
-32353339353966316636656139616262376135396237316162383230633438366434366566373737
-39366339333061393564353739373463336537303162353630303239303238643934646639383366
-61643537343834613063306131623265363933323835313034393761393637313662623163396364
-64656630343131613366343238643836396365616336663330366461396537373966316261383861
-38386138333561383831323530643235333636313338633462616163366134643634363131663530
-61303761306336373739346162303466303664336563303634326639343138303938363638373237
-61303733353237613234343165363233393762616661623233653430323538626135333833616337
-36333264616130633364303663653831343562643537623236653632656131353137613730393530
-62383733323534623064656233306638643236613766396635313436356665653663353137613964
-31346534613662336235316566636464306165323933636365636464633762303135616433383234
-37303633313932643439396435373438363039306136336334666436393166363934363436303365
-35613462656230653339383533303737313364386266366134633964633937383333316238323861
-34383237376432303164316431313565653666316130363931373365356634343966613737613162
-37373533613134353362623965316537373463303365323034336464313562613734316436346536
-33646335356330643034653862626531663063613230646432353761623365373332373738643931
-63316236343038393266
+34373738623761326237666631646431663163613066306164316230616336643265333763316662
+3337656665626235323662366130663434636366353737340a313261316466343938656639303938
+66346665333933343964393337326665643339393765343365393431626566663166303532333062
+6362626134346338370a353066623565353664626533626537663632646632633333386262323634
+65653463633262313562386233306533356532613534306662643333623231663963326433373337
+37363366646632373266636663643830343538623530343365653638656536313463346437616633
+31633762393862646338626530656636643665306633353634353565643733616336653030343664
+30373166376534323966633534396533616634353630396130306637393038343833626535336131
+36323332323862643763666432623362323534303263333362353936613331643565663930346566
+62366464396638343465316566306564373230366365323435353362323238636661353830336235
+35643137393130613334636165376664633933663837363932306365633734636432343133666462
+39363239393337656632326539316531366661366439663866663431353766636337323938366663
+33376433363865363132316632663336383130616332633661373634366338646334373432343366
+64303737383135623066343735646530393833613034626137386430303330343539336239303465
+37386234323363383135373832313162613562313761386166393563636236656665626564356566
+66373930336166366135666132636564393861383539663064353830346363643966356462316663
+39656631336438663435626337373162323531633835373666343336383736316566623937323832
+32316465353033386464326335386664323862626437656561356266663132333132323266663736
+31376363653530626139393236633065623632666133646666306230633962376631653735353738
+63623836666338653835