diff --git a/Makefile b/Makefile index 7cb3ad0..0fd9669 100644 --- a/Makefile +++ b/Makefile @@ -35,17 +35,23 @@ install_libvirt: @echo "Creating components using libvirt..." @vagrant up --provider=libvirt - wg: @cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml init.yml --extra-vars "enable_setup=false enable_wireguard=true enable_k3s=false" ansible: - @cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml init.yml --extra-vars "enable_setup=true enable_wireguard=true enable_k3s=true" + INV_LIST="-i ../inventory/lab.yml"; \ + if [ x"${VPS}" != "x" ]; then \ + INV_LIST="$${INV_LIST} -i ../inventory/outside.yml"; \ + fi; \ + if [ x"${NAS}" != "x" ]; then \ + INV_LIST="$${INV_LIST} -i ../inventory/nas.yml"; \ + fi; \ + cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook $${INV_LIST} init.yml --extra-vars 'enable_setup=true enable_wireguard=true enable_k3s=true' @make get_k3s_credentials k3s_reset: @echo "Resetting k3s configuration..." - @cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/lab.yml -i ../inventory/outsider.yml k3s-ansible/reset.yml + @cd ansible && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ../inventory/nas.yml -i ../inventory/lab.yml -i ../inventory/outsider.yml k3s-ansible/reset.yml @make ansible @make get_k3s_credentials @@ -61,6 +67,6 @@ get_k3s_credentials: @echo "Retrieving k3s credentials locally..." @vagrant ssh -c "sudo cat /home/creator/.kube/config" hb-wide-1 > ~/.kube/config-halia @sed -i 's/127.0.*:/192.168.56.101:/g' ~/.kube/config-halia - @kube-merge + @curl https://git.halis.io/therbron/dotfiles/raw/branch/master/.bin/kube-merge | bash @kubectl get nodes --context halia diff --git a/README.md b/README.md index 324ffa0..f031d58 100644 --- a/README.md +++ b/README.md @@ -6,11 +6,40 @@ - vagrant-scp ## Setup +Clone the whole repository, including submodules +``` +git clone --recurse-submodules -j8 https://git.halis.io/athens-school/Homelab +``` +Update submodules after cloning the repository +``` +git submodule update --init --recursive +``` + +### Enable ingress for internet access For ingress node connected to the internet, I recommend using a VPS of either choice, acting as the public input to the cluster.
To do so, complete the IP in the `inventory/outsider.yml` file. This VPS needs to be pre-configured with [this script](https://git.halis.io/athens-school/ISO-repository/raw/branch/master/quick-installer.sh). +## Run +### Basic +To run the project as is, creating k3s nodes only +``` +make up +``` + +### Enable NAS +If you wish to also create a NAS VM, set the `NAS` environment variable +``` +NAS=true make up +``` + +### Enable ingress +If you wish to also enable a Kubernetes Ingress using an external VPS, set the `VPS` environment variable after setting your VPS up in the `Setup` section +``` +VPS=true make up +``` + ## TODO - Detect default network interface diff --git a/Vagrantfile b/Vagrantfile index d3dae89..7f2a33b 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,3 +1,5 @@ +enable_nas = ENV["NAS"] || false + Vagrant.configure("2") do |config| config.vm.box = "debian/bullseye64" config.vm.synced_folder '.', '/vagrant', disabled: true # Allows WSL call to work within WSL filesystem @@ -16,13 +18,14 @@ Vagrant.configure("2") do |config| boxes = [ { :name => "hb-slim-1", :ip => "192.168.56.11"}, { :name => "hb-slim-2", :ip => "192.168.56.12"}, - { :name => "hb-slim-3", :ip => "192.168.56.13"}, { :name => "hb-wide-1", :ip => "192.168.56.101", :cpus => 2, :memory => 4096}, { :name => "hb-wide-2", :ip => "192.168.56.102", :cpus => 2, :memory => 4096}, - { :name => "hb-wide-3", :ip => "192.168.56.103", :cpus => 2, :memory => 4096}, - { :name => "nas", :ip => "192.168.56.200", :cpus => 2, :memory => 4096, :drive => { name: "extra_disk", size: "30GB" }}, ] + if enable_nas != false + boxes.push({ :name => "nas", :ip => "192.168.56.200", :cpus => 2, :memory => 4096, :drive => { name: "extra_disk", size: "30GB" }}) + end + boxes.each do |opts| config.vm.define opts[:name] do |box| box.vm.hostname = opts[:name] diff --git a/inventory/lab.yml b/inventory/lab.yml index a20f271..cff2c1a 100644 --- a/inventory/lab.yml +++ b/inventory/lab.yml @@ -50,13 +50,6 @@ all: - size=slim headscale: network: beta - nas: - ansible_host: 192.168.56.200 - is_nas: true - hostname: nas - wireguard_ip: 10.20.0.100 - headscale: - network: beta children: master: hosts: @@ -85,7 +78,6 @@ all: hb-slim-1: hb-slim-2: hb-slim-3: - nas: vars: ansible_ssh_private_key_file: ~/.ssh/creator ansible_user: creator diff --git a/inventory/nas.yml b/inventory/nas.yml new file mode 100644 index 0000000..5dc54e2 --- /dev/null +++ b/inventory/nas.yml @@ -0,0 +1,22 @@ +all: + hosts: + nas: + ansible_host: 192.168.56.200 + is_nas: true + hostname: nas + wireguard_ip: 10.20.0.100 + headscale: + network: beta + children: + headscale_client: + nas: + vars: + ansible_ssh_private_key_file: ~/.ssh/creator + ansible_user: creator + ansible_become_password: aberation + ansible_ssh_port: 22 + k3s_version: v1.28.5+k3s1 + token: "aberation" # Use ansible vault if you want to keep it secret + api_endpoint: "{{ hostvars[groups['server'][0]]['ansible_tailscale0'].ipv4.address | default(groups['server'][0]) }}" + extra_server_args: "--disable traefik --advertise-address {{hostvars[inventory_hostname]['ansible_tailscale0'].ipv4.address}} --flannel-iface tailscale0 --tls-san {{ ansible_host }} --disable servicelb {{ ['--node-label']|product(hostvars[inventory_hostname]['k3s_label'])|map('join', ' ')|join(' ') }}" + extra_agent_args: "--flannel-iface tailscale0 --node-external-ip {{hostvars[inventory_hostname]['ansible_default_ipv4']['address']}} {{ ['--node-label']|product(hostvars[inventory_hostname]['k3s_label'])|map('join', ' ')|join(' ') }}"