Roxedus/Infra
1
0
Fork 0
Code Issues 1 Pull Requests 6 Projects Releases Wiki Activity

Updates

Browse Source
This commit is contained in:
Roxedus 2021-02-13 15:39:14 +01:00
parent fb00381598
commit 477c574e49
Signed by: Roxedus
GPG Key ID: 9B4E311961C63639
7 changed files with 156 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ansible/group_vars/docker.yml Normal file
View File

@ -0,0 +1,3 @@
docker_install_compose: false
docker_users:
- "{{ users.0.username }}"

1
ansible/group_vars/kube.yml Normal file
View File

@ -0,0 +1 @@
kube_ver: 1.19.4-00

10
ansible/hosts
View File

@ -1,2 +1,12 @@
[piholes] [piholes]
pihole set_hostname=pihole."{{ secret_local_domain }}" pihole set_hostname=pihole."{{ secret_local_domain }}"
;[docker]
;10.0.0.40
;10.0.0.41
;10.0.0.42
;[kube]
;10.0.0.40 set_hostname=kube."{{ secret_local_domain }}"
;10.0.0.41 set_hostname=kube-node1."{{ secret_local_domain }}"
;10.0.0.42 set_hostname=kube-node2."{{ secret_local_domain }}"

15
ansible/roles/pi_dnsmasq/templates/02-custom.conf.j2
View File

@ -1,8 +1,17 @@
{{ ansible_managed | comment}} {{ ansible_managed | comment}}
# http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
addn-hosts=/etc/hosts.custom addn-hosts=/etc/hosts.custom
address=/.{{ secret_wan_domain }}/10.0.0.29 address=/.{{ secret_wan_domain }}/10.0.0.29
#rev-server=10.0.2.1/26,10.0.2.1 rev-server=10.0.0.0/24,10.0.0.1
#server=/man.{{ dmasq_local_domain }}/10.0.2.1 server=/{{ dmasq_local_domain }}/10.0.0.1
#server=/2.0.10.in-addr.arpa/10.0.2.1
rev-server=10.253.0.0/24,10.253.0.1
server=/wg.{{ dmasq_local_domain }}/10.253.0.1
server=/2.0.10.in-addr.arpa/10.0.2.65
server=/vm.{{ dmasq_local_domain }}/10.0.2.65
server=/2.0.10.in-addr.arpa/10.0.2.0
server=/man.{{ dmasq_local_domain }}/10.0.2.1

5
ansible/roles/pi_dnsmasq/templates/hosts.custom.j2
View File

@ -2,3 +2,8 @@
10.0.0.29 {{ secret_wan_domain }} 10.0.0.29 {{ secret_wan_domain }}
10.0.0.30 {{ secret_unraid_uuid }}.unraid.net 10.0.0.30 {{ secret_unraid_uuid }}.unraid.net
10.0.2.3 vcenter.man.{{ dmasq_local_domain }}
10.0.2.5 9010.esxi.man.{{ dmasq_local_domain }}
10.0.2.6 r710.esxi.man.{{ dmasq_local_domain }}
10.0.2.16 r710.man.{{ dmasq_local_domain }}

111
ansible/run.yml
View File

@ -6,14 +6,19 @@
collections: collections:
- ansible.builtin.apt - ansible.builtin.apt
- ansible.builtin.apt_key
- ansible.builtin.git - ansible.builtin.git
- ansible.builtin.group - ansible.builtin.group
- ansible.builtin.hostname - ansible.builtin.hostname
- ansible.builtin.lineinfile
- ansible.builtin.pip
- ansible.builtin.reboot - ansible.builtin.reboot
- ansible.builtin.user - ansible.builtin.user
- ansible.posix.authorized_key - ansible.posix.authorized_key
- ansible.builtin.lineinfile - ansible.posix.mount
- ansible.builtin.git - ansible.builtin.command
- ansible.builtin.apt_repository
- ansible.builtin.dpkg_selections
pre_tasks: pre_tasks:
- name: Ensure groups exists - name: Ensure groups exists
@ -78,17 +83,84 @@
with_items: with_items:
- "{{package_list}}" - "{{package_list}}"
- hosts: docker
become: yes
tags: [never, init, docker]
vars_files:
- "vars/vault.yml"
post_tasks:
- name: Install pip packages
ansible.builtin.pip:
name:
- docker
- docker-compose
roles:
- role: geerlingguy.docker
- hosts: kube
become: yes
tags: [never, init, kube]
vars_files:
- "vars/vault.yml"
tasks:
- name: Disable SWAP
# ansible.builtin.comman
command: swapoff -a
- name: Remove swapfile from /etc/fstab
ansible.posix.mount:
name: "{{ item }}"
fstype: swap
state: absent
with_items:
- swap
- name: Add Apt signing key Google
ansible.builtin.apt_key:
url: "{{ item }}"
state: present
loop:
- https://packages.cloud.google.com/apt/doc/apt-key.gpg
- name: Add repo for kubernetes
ansible.builtin.apt_repository:
filename: kubernetes
repo: "deb https://apt.kubernetes.io/ kubernetes-xenial main"
mode: "0666"
update_cache: yes
- name: Install packages
ansible.builtin.apt:
name: "{{ item }}={{ kube_ver }}"
state: present
with_items:
- kubelet
- kubeadm
- kubectl
- name: Hold kubernetes version
become: yes
ansible.builtin.dpkg_selections:
name: "{{ item }}"
selection: "hold"
with_items:
- kubelet
- kubeadm
- kubectl
- hosts: piholes - hosts: piholes
vars_files: vars_files:
- "vars/vault.yml" - "vars/vault.yml"
pre_tasks: pre_tasks:
- name: Checkout pihole - name: Checkout pihole
tags: [never, init, pihole] tags: [never, init, pihole]
become: yes
ansible.builtin.git: ansible.builtin.git:
repo: "https://github.com/pi-hole/pi-hole.git" repo: "https://github.com/pi-hole/pi-hole.git"
clone: yes clone: yes
dest: "/home/{{ users.0.username }}/pihole" dest: "/etc/.pihole"
depth: 1 depth: 1
umask: "022"
- name: Checkout pihole_updatelist - name: Checkout pihole_updatelist
tags: [never, init, pihole] tags: [never, init, pihole]
@ -104,17 +176,35 @@
ansible.builtin.apt: ansible.builtin.apt:
name: name:
[ [
"cron",
"curl",
"dhcpcd5",
"dns-root-data", "dns-root-data",
"dns-root-data",
"dnsutils",
"git",
"idn2", "idn2",
"idn2",
"iputils-ping",
"libcap2-bin",
"libcap2",
"lighttpd", "lighttpd",
"lsof",
"netcat",
"php-cgi", "php-cgi",
"php-cli", "php-cli",
"php-curl", "php-curl",
"php-intl", "php-intl",
"php-sqlite3", "php-sqlite3",
"php-sqlite3",
"php-xml", "php-xml",
"psmisc",
"sqlite3", "sqlite3",
"sudo",
"unzip", "unzip",
"unzip",
"wget",
"whiptail",
] ]
state: latest state: latest
@ -122,6 +212,7 @@
- role: pi_updatelist - role: pi_updatelist
tags: [update] tags: [update]
- role: pi_dnsmasq - role: pi_dnsmasq
tags: [update]
- hosts: all - hosts: all
become: yes become: yes
@ -133,10 +224,10 @@
# https://www.cyberciti.biz/faq/ansible-apt-update-all-packages-on-ubuntu-debian-linux/ # https://www.cyberciti.biz/faq/ansible-apt-update-all-packages-on-ubuntu-debian-linux/
- name: Update packages - name: Update packages
ansible.builtin.apt: ansible.builtin.apt:
update_cache: yes update_cache: true
force_apt_get: yes force_apt_get: true
cache_valid_time: 3600 cache_valid_time: 3600
upgrade: yes upgrade: true
- name: Remove ubuntu motd spam - name: Remove ubuntu motd spam
ansible.builtin.file: ansible.builtin.file:
@ -150,6 +241,14 @@
- 95-hwe-eol - 95-hwe-eol
when: ansible_distribution == 'Ubuntu' when: ansible_distribution == 'Ubuntu'
- name: Update PiHole
when: inventory_hostname in groups['piholes']
become: true
ansible.builtin.command:
argv:
- pihole
- -up
- name: Check if a reboot is needed for Debian and Ubuntu boxes - name: Check if a reboot is needed for Debian and Ubuntu boxes
register: reboot_required_file register: reboot_required_file
stat: path=/var/run/reboot-required get_md5=no stat: path=/var/run/reboot-required get_md5=no

40
ansible/vars/vault.yml
View File

@ -1,21 +1,21 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
63613666633537303031393636363930316663373334333131313233663033366634313934366665 34373738623761326237666631646431663163613066306164316230616336643265333763316662
6166373661616530626361306338383262376661313161380a313536313462326165323636303163 3337656665626235323662366130663434636366353737340a313261316466343938656639303938
33663431326665353630366337356634663837306564616436303831616137626238613337616238 66346665333933343964393337326665643339393765343365393431626566663166303532333062
6638323363376330650a643163613131346537613966356433666364653239633333643265626339 6362626134346338370a353066623565353664626533626537663632646632633333386262323634
32353339353966316636656139616262376135396237316162383230633438366434366566373737 65653463633262313562386233306533356532613534306662643333623231663963326433373337
39366339333061393564353739373463336537303162353630303239303238643934646639383366 37363366646632373266636663643830343538623530343365653638656536313463346437616633
61643537343834613063306131623265363933323835313034393761393637313662623163396364 31633762393862646338626530656636643665306633353634353565643733616336653030343664
64656630343131613366343238643836396365616336663330366461396537373966316261383861 30373166376534323966633534396533616634353630396130306637393038343833626535336131
38386138333561383831323530643235333636313338633462616163366134643634363131663530 36323332323862643763666432623362323534303263333362353936613331643565663930346566
61303761306336373739346162303466303664336563303634326639343138303938363638373237 62366464396638343465316566306564373230366365323435353362323238636661353830336235
61303733353237613234343165363233393762616661623233653430323538626135333833616337 35643137393130613334636165376664633933663837363932306365633734636432343133666462
36333264616130633364303663653831343562643537623236653632656131353137613730393530 39363239393337656632326539316531366661366439663866663431353766636337323938366663
62383733323534623064656233306638643236613766396635313436356665653663353137613964 33376433363865363132316632663336383130616332633661373634366338646334373432343366
31346534613662336235316566636464306165323933636365636464633762303135616433383234 64303737383135623066343735646530393833613034626137386430303330343539336239303465
37303633313932643439396435373438363039306136336334666436393166363934363436303365 37386234323363383135373832313162613562313761386166393563636236656665626564356566
35613462656230653339383533303737313364386266366134633964633937383333316238323861 66373930336166366135666132636564393861383539663064353830346363643966356462316663
34383237376432303164316431313565653666316130363931373365356634343966613737613162 39656631336438663435626337373162323531633835373666343336383736316566623937323832
37373533613134353362623965316537373463303365323034336464313562613734316436346536 32316465353033386464326335386664323862626437656561356266663132333132323266663736
33646335356330643034653862626531663063613230646432353761623365373332373738643931 31376363653530626139393236633065623632666133646666306230633962376631653735353738
63316236343038393266 63623836666338653835