diff --git a/README.md b/README.md index c26ef76..f09b818 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,3 @@ # Ansible -Catalogue of Ansible playbooks and helper scripts for server management - -#### Test ansible scripts locally -ansible-playbook playbook.yml --connection=local --inventory=127.0.0.1, --limit 127.0.0.1 +Catalogue of Ansible playbooks and helper scripts for server management \ No newline at end of file diff --git a/backup.yml b/backup.yml new file mode 100644 index 0000000..9238854 --- /dev/null +++ b/backup.yml @@ -0,0 +1,6 @@ +--- +- hosts: all + + roles: + - role: gitlab + tags: backup diff --git a/devops/README.md b/devops/README.md deleted file mode 100644 index c2c73bf..0000000 --- a/devops/README.md +++ /dev/null @@ -1,8 +0,0 @@ -# Ansible - -Catalogue of Ansible playbooks and helper scripts for server management - -## Gitlab backups - -#### Test ansible scripts locally -ansible-playbook playbook.yml --connection=local --inventory=127.0.0.1, --limit 127.0.0.1 diff --git a/devops/backup.yml b/devops/backup.yml deleted file mode 100644 index e2153f1..0000000 --- a/devops/backup.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: all - - roles: - - backup diff --git a/devops/backup/.travis.yml b/devops/backup/.travis.yml deleted file mode 100644 index 36bbf62..0000000 --- a/devops/backup/.travis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -language: python -python: "2.7" - -# Use the new container infrastructure -sudo: false - -# Install ansible -addons: - apt: - packages: - - python-pip - -install: - # Install ansible - - pip install ansible - - # Check ansible version - - ansible --version - - # Create ansible.cfg with correct roles_path - - printf '[defaults]\nroles_path=../' >ansible.cfg - -script: - # Basic role syntax check - - ansible-playbook tests/test.yml -i tests/inventory --syntax-check - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ \ No newline at end of file diff --git a/devops/backup/defaults/main.yml b/devops/backup/defaults/main.yml deleted file mode 100644 index a2216a5..0000000 --- a/devops/backup/defaults/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# defaults file for gitlab - -gitlab_container_name: gitlab -gitlab_backup_directory: # Remote path to the mounted volume containing backups -gitlab_local_backup_directory: # Local path to store gitlab backups remotely diff --git a/devops/backup/handlers/main.yml b/devops/backup/handlers/main.yml deleted file mode 100644 index fbd0ddd..0000000 --- a/devops/backup/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for gitlab diff --git a/devops/backup/meta/main.yml b/devops/backup/meta/main.yml deleted file mode 100644 index f27bd5c..0000000 --- a/devops/backup/meta/main.yml +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. diff --git a/devops/backup/tasks/gitlab.yml b/devops/backup/tasks/gitlab.yml deleted file mode 100644 index 187a38f..0000000 --- a/devops/backup/tasks/gitlab.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# tasks file for gitlab -- name: Ensure a gitlab container is running. - docker_container: - name: "{{ gitlab_container_name }}" - state: present - image: gitlab/gitlab-ce:14.7.0-ce.0 - comparisons: - '*': ignore - -- name: Start gitlab backup - community.docker.docker_container_exec: - container: "{{ gitlab_container_name }}" - command: gitlab-backup create GZIP_RSYNCABLE=yes SKIP=registry - -- name: Get list of backups - find: - paths: "{{ gitlab_backup_directory }}" - register: found_files - -- name: Get latest backup - set_fact: - latest_file: "{{ found_files.files | sort(attribute='mtime',reverse=true) | first }}" - -- name: Download latest backup from remote - ansible.posix.synchronize: - src: "{{ latest_file.path }}" - dest: "{{ gitlab_local_backup_directory }}" - mode: pull diff --git a/devops/backup/tasks/main.yml b/devops/backup/tasks/main.yml deleted file mode 100644 index f9372b3..0000000 --- a/devops/backup/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- name: Backup gitlab - include_tasks: gitlab.yml - when: inventory_hostname in groups['mainframe'] - tags: - - gitlab diff --git a/devops/backup/vars/main.yml b/devops/backup/vars/main.yml deleted file mode 100644 index 94bd35b..0000000 --- a/devops/backup/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for gitlab diff --git a/devops/hosts.yml b/devops/hosts.yml deleted file mode 100644 index 5fb00b3..0000000 --- a/devops/hosts.yml +++ /dev/null @@ -1,8 +0,0 @@ -[mainframe] - - -[girder_production] - -[all:vars] -ansible_ssh_private_key_file=~/.ssh/key -ansible_python_interpreter=/usr/bin/python3 diff --git a/gitlab/defaults/main.yml b/gitlab/defaults/main.yml index 0f20e03..c5ea08c 100644 --- a/gitlab/defaults/main.yml +++ b/gitlab/defaults/main.yml @@ -1,5 +1,6 @@ --- # defaults file for gitlab gitlab_container_name: gitlab -gitlab_backup_directory: . # Remote path to the mounted volume containing backups -gitlab_local_backup_directory: # Local path to store gitlab backups remotely +gitlab_backup_directory: /opt/services/gitlab +gitlab_local_backup_directory: /home/tanguy/backups/ +gitlab_host: pythagoras-b diff --git a/devops/backup/tasks/girder.yml b/gitlab/tasks/backup.yml similarity index 89% rename from devops/backup/tasks/girder.yml rename to gitlab/tasks/backup.yml index 187a38f..67f63a0 100644 --- a/devops/backup/tasks/girder.yml +++ b/gitlab/tasks/backup.yml @@ -4,7 +4,7 @@ docker_container: name: "{{ gitlab_container_name }}" state: present - image: gitlab/gitlab-ce:14.7.0-ce.0 + image: gitlab/gitlab-ce comparisons: '*': ignore @@ -25,5 +25,5 @@ - name: Download latest backup from remote ansible.posix.synchronize: src: "{{ latest_file.path }}" - dest: "{{ gitlab_local_backup_directory }}" + dest: "{{ gitlab_local_backup_directory }}"/backups mode: pull diff --git a/gitlab/tasks/main.yml b/gitlab/tasks/main.yml index 244937a..9288571 100644 --- a/gitlab/tasks/main.yml +++ b/gitlab/tasks/main.yml @@ -1,28 +1,7 @@ --- -# tasks file for gitlab -- name: Ensure a gitlab container is running. - docker_container: - name: "{{ gitlab_container_name }}" - state: present - image: gitlab/gitlab-ce - container_default_behavior: no_defaults -- name: Start gitlab backup - community.docker.docker_container_exec: - container: "{{ gitlab_container_name }}" - command: gitlab-backup create GZIP_RSYNCABLE=yes - -- name: Get list of backups - find: - paths: "{{ gitlab_backup_directory }}" - register: found_files - -- name: Get latest backup - set_fact: - latest_file: "{{ found_files.files | sort(attribute='mtime',reverse=true) | first }}" - -- name: Download latest backup from remote - ansible.posix.synchronize: - src: "{{ latest_file.path }}" - dest: "{{ gitlab_local_backup_directory }}" - delegate_to: delegate.host +- name: Init backup procedure + include_tasks: backup.yml + when: inventory_hostname in groups['{{ gitlab_host }}'] + tags: + - gitlab diff --git a/devops/backup/README.md b/misc/README.md similarity index 100% rename from devops/backup/README.md rename to misc/README.md diff --git a/misc/defaults/main.yml b/misc/defaults/main.yml new file mode 100644 index 0000000..6caa488 --- /dev/null +++ b/misc/defaults/main.yml @@ -0,0 +1,4 @@ +--- +# defaults file for misc +ansible_default_user: autositos +ssh_key_filename: id_autositos_rsa diff --git a/misc/handlers/main.yml b/misc/handlers/main.yml new file mode 100644 index 0000000..a0648b5 --- /dev/null +++ b/misc/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for misc diff --git a/misc/meta/main.yml b/misc/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/misc/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/misc/tasks/main.yml b/misc/tasks/main.yml new file mode 100644 index 0000000..f86811d --- /dev/null +++ b/misc/tasks/main.yml @@ -0,0 +1,2 @@ +--- +# tasks file for misc diff --git a/misc/tasks/user.yml b/misc/tasks/user.yml new file mode 100644 index 0000000..8f4f446 --- /dev/null +++ b/misc/tasks/user.yml @@ -0,0 +1,32 @@ +--- +- name: Create provisioning user + hosts: all + become: true + gather_facts: false + tasks: + - name: Create user + ansible.builtin.user: + name: "{{ ansible_default_user }}" + comment: Automation user for ansible + state: present + append: yes + system: True + create_home: True + + - name: Generate master SSH key + community.crypto.openssh_keypair: + path: "/home/{{ ansible_default_user }}/.ssh/{{ ssh_key_filename }}" + type: rsa + size: 4096 + state: present + force: no + tags: + - init + + - name: Deploy SSH public key + ansible.posix.authorized_key: + user: "{{ ansible_default_user }}" + state: present + key: "{{ lookup('file', '/home/{{ ansible_default_user }}/.ssh/{{ ssh_key_filename }}.pub') }}" + when: "'init' not in ansible_run_tags" + diff --git a/devops/backup/tests/inventory b/misc/tests/inventory similarity index 100% rename from devops/backup/tests/inventory rename to misc/tests/inventory diff --git a/devops/backup/tests/test.yml b/misc/tests/test.yml similarity index 80% rename from devops/backup/tests/test.yml rename to misc/tests/test.yml index 11cf798..98779a7 100644 --- a/devops/backup/tests/test.yml +++ b/misc/tests/test.yml @@ -2,4 +2,4 @@ - hosts: localhost remote_user: root roles: - - gitlab + - misc diff --git a/misc/vars/main.yml b/misc/vars/main.yml new file mode 100644 index 0000000..a719f69 --- /dev/null +++ b/misc/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for misc diff --git a/playbook.yml b/playbook.yml deleted file mode 100644 index 1301852..0000000 --- a/playbook.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - - roles: - - gitlab diff --git a/tmp_hosts b/tmp_hosts deleted file mode 100644 index 1706c4e..0000000 --- a/tmp_hosts +++ /dev/null @@ -1 +0,0 @@ -10.10.0.23