jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2025-01-23 20:39:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

upt playbook

Browse Source
This commit is contained in:
jaydee 2023-10-23 10:52:53 +02:00
parent 6a8b0336f4
commit 17de42280c
6 changed files with 35 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
playbooks/00_initial_adjustments.yml
View File

@ -13,24 +13,19 @@
line: "export HISTCONTROL=ignoreboth"
- name: Set a hostname
ansible.builtin.hostname:
name: odroidc4-1
when: ansible_eth0.macaddress == "00:1e:06:48:b3:0c"
- name: Set a hostname
ansible.builtin.hostname:
name: odroidc4-2
when: ansible_eth0.macaddress == "00:1e:06:48:cd:86"
- name: Set a hostname
ansible.builtin.hostname:
name: odroidc4-3
when: ansible_eth0.macaddress == "00:1e:06:48:d0:01"
- name: Set a hostname
ansible.builtin.hostname:
name: odroidc4-4
when: ansible_eth0.macaddress == "00:1e:06:48:d0:00"
- name: Set a hostname
ansible.builtin.hostname:
name: odroidc4-5
when: ansible_eth0.macaddress == "00:1e:06:48:cd:8e"
name: >-
{%- if ansible_eth0.macaddress == "00:1e:06:48:cd:8e" -%}
odroidc4-1
{%- elif ansible_eth0.macaddress == "00:1e:06:48:d0:00" -%}
odroidc4-2
{%- elif ansible_eth0.macaddress == "00:1e:06:48:d0:01" -%}
odroidc4-3
{%- elif ansible_eth0.macaddress == "00:1e:06:48:cd:86" -%}
odroidc4-4
{%- elif ansible_eth0.macaddress == "00:1e:06:48:b3:0c" -%}
odroidc4-5
{%- endif -%}
- name: Iptables 1
ansible.builtin.command:
iptables -F

12
playbooks/00_install_ldap_client.yml
View File

@ -1,4 +1,4 @@
- hosts: raspberry
- hosts: odroid_cluster
name: Install omv
become: true
tasks:
@ -65,7 +65,7 @@
ansible.builtin.lineinfile:
path: /etc/nslcd.conf
regexp: "^uri ldap.*"
line: "uri ldaps://ldap-server.loc/"
line: "uri ldap://192.168.77.106:389/"
- name: Reconfigure ldap base
@ -84,7 +84,7 @@
ansible.builtin.lineinfile:
path: /etc/nslcd.conf
regexp: "^#bindpw"
line: "bindpw l4c1j4yd33Du5lo"
line: "bindpw {{ ldap_admin_password }}"
# - name: Reconfigure ldap base
# ansible.builtin.lineinfile:
# path: /etc/nslcd.conf
@ -118,7 +118,11 @@
path: /etc/ssh/sshd_config
regexp: "^#AuthorizedKeysCommandUser *"
line: "AuthorizedKeysCommandUser root"
- name: Create a directory LDAP if it does not exist
ansible.builtin.file:
path: /etc/ldap/
state: directory
mode: '0755'
- name: Creating a file with content
copy:
dest: "/etc/ldap/ldap.conf"

6
playbooks/70_install_k3s.yml
View File

@ -34,7 +34,7 @@
- name: (reboot) Wait for server to restart
wait_for_connection:
delay: 75
- name: Wait for service 'myservice' to be running
- name: Wait for service 'k3s.service' to be running
service_facts:
register: result
until: result.ansible_facts.services['k3s.service'].state == 'running'
@ -45,7 +45,7 @@
#get registration token
# curl -u "token-wg66j:p26nwqs9ckqbth4h8gtfd2g7858g8smbtpgmxq9qr52w4795l5jvv9" -X GET -H 'Accept: application/json' -H 'Content-Type: application/json' https://192.168.77.106:8543/v3/clusters/c-xq5pv/clusterRegistrationTokens --insecure|jq
- name: Create new cluster in rancher
ansible.builtin.shell: "curl -u 'token-wg66j:p26nwqs9ckqbth4h8gtfd2g7858g8smbtpgmxq9qr52w4795l5jvv9' -X POST -H 'Accept: application/json' -H 'Content-Type: application/json' -d '{\"name\":\"odroid\"}' 'https://192.168.77.106:8543/v3/clusters' --insecure| jq .id"
ansible.builtin.shell: "curl -u '{{ rancher_api_key }}' -X POST -H 'Accept: application/json' -H 'Content-Type: application/json' -d '{\"name\":\"odroid\"}' 'https://192.168.77.106:8543/v3/clusters' --insecure| jq .id"
changed_when: false
ignore_errors: true
register: cluster_id
@ -54,7 +54,7 @@
ansible.builtin.debug:
msg: "{{ cluster_id.stdout }}"
- name: Create new cluster in rancher
ansible.builtin.shell: "curl -u 'token-wg66j:p26nwqs9ckqbth4h8gtfd2g7858g8smbtpgmxq9qr52w4795l5jvv9' -X GET -H 'Accept: application/json' -H 'Content-Type: application/json' https://192.168.77.106:8543/v3/clusters/{{ cluster_id.stdout }}/clusterRegistrationTokens --insecure| jq .data[0].manifestUrl"
ansible.builtin.shell: "curl -u '{{ rancher_api_key }}' -X GET -H 'Accept: application/json' -H 'Content-Type: application/json' https://192.168.77.106:8543/v3/clusters/{{ cluster_id.stdout }}/clusterRegistrationTokens --insecure| jq .data[0].manifestUrl"
changed_when: false
ignore_errors: true
register: register_id

11
playbooks/72_install_k3s_worker.yml
View File

@ -1,13 +1,16 @@
- hosts: odroid_worker
name: Setup k3s
become: true
vars:
K3S_TOKEN_HOLDER: "{{ hostvars['K3S_TOKEN_HOLDER']['token'] }}"
# K3S_TOKEN_HOLDER: "K10e86c2dee93cc36d405fbeb34ef64e8867c097493ef2e0f2e95feb5bb30ded39b::server:5f3d5033ee0554caab810c863b0587d2"
tasks:
- name: Print token
ansible.builtin.debug:
msg: "[Master] K3S_TOKEN_HOLDER K8S token is {{ hostvars['K3S_TOKEN_HOLDER']['token'] }}"
msg: "[Master] K3S_TOKEN_HOLDER K8S token is {{ K3S_TOKEN_HOLDER }}"
- name: Print msg
ansible.builtin.debug:
msg: "{{ hostvars['K3S_TOKEN_HOLDER']['token'] }}"
msg: "{{ K3S_TOKEN_HOLDER }}"
- name: Get hostname
ansible.builtin.command: uname -n
register: result
@ -18,6 +21,6 @@
- name: Install K3S Worker
ansible.builtin.shell: >-
curl -sfL https://get.k3s.io
| K3S_TOKEN={{ hostvars['K3S_TOKEN_HOLDER']['token'] }}
K3S_URL="https://192.168.77.161:6443" K3S_NODE_NAME="{{ result.stdout }}" INSTALL_K3S_VERSION="v1.24.1+k3s1" sh -
| K3S_TOKEN={{ K3S_TOKEN_HOLDER }}
K3S_URL="https://192.168.77.131:6443" K3S_NODE_NAME="{{ result.stdout }}" INSTALL_K3S_VERSION="v1.24.1+k3s1" sh -
changed_when: false

3
playbooks/99_complete_install.yml
View File

@ -19,5 +19,8 @@
import_playbook: 70_install_k3s.yml
- name: Install worker
import_playbook: 72_install_k3s_worker.yml
- name: Install zabbix agent
import_playbook: 00_install_zabbix_agent.yml
- name: Reboot All
import_playbook: 11_reboot.yml

2
playbooks/sync_mailu2_data.yaml
View File

@ -1,4 +1,4 @@
- hosts: containers
- hosts: 192.168.77.106
name: Sync mailu
ignore_unreachable: false
tasks: