diff --git a/ansible/def.ansible.mk b/ansible/def.ansible.mk index 2ac576e..bb74485 100644 --- a/ansible/def.ansible.mk +++ b/ansible/def.ansible.mk @@ -10,11 +10,12 @@ ANSIBLE_DISKS_NFS_PATH ?= $(NFS_PATH) ANSIBLE_DOCKER_IMAGE_TAG ?= $(DOCKER_IMAGE_TAG) ANSIBLE_DOCKER_REGISTRY ?= $(DOCKER_REGISTRY) ANSIBLE_EXTRA_VARS ?= target=localhost -ANSIBLE_GIT_DIRECTORY ?= /src/$(subst $(space),/,$(strip $(call reverse,$(subst ., ,$(APP_REPOSITORY_HOST)))))/$(APP_REPOSITORY_PATH) +ANSIBLE_GIT_DIRECTORY ?= /dns/$(subst $(space),/,$(strip $(call reverse,$(subst ., ,$(APP_REPOSITORY_HOST)))))/$(APP_REPOSITORY_PATH) ANSIBLE_GIT_KEY_FILE ?= $(if $(ANSIBLE_SSH_PRIVATE_KEYS),~$(ANSIBLE_USERNAME)/.ssh/$(notdir $(firstword $(ANSIBLE_SSH_PRIVATE_KEYS)))) ANSIBLE_GIT_REPOSITORY ?= $(GIT_REPOSITORY) ANSIBLE_GIT_VERSION ?= $(BRANCH) ANSIBLE_INVENTORY ?= ansible/inventories +ANSIBLE_MYOS ?= $(ANSIBLE_GIT_DIRECTORY) ANSIBLE_PLAYBOOK ?= ansible/playbook.yml ANSIBLE_SSH_AUTHORIZED_KEYS ?= $(strip $(SSH_AUTHORIZED_KEYS)) ANSIBLE_SSH_BASTION_HOSTNAME ?= $(firstword $(SSH_BASTION_HOSTNAME)) @@ -28,7 +29,7 @@ ANSIBLE_USERNAME ?= $(USER) ANSIBLE_VERBOSE ?= $(if $(DEBUG),-vvvv,$(if $(VERBOSE),-v)) CMDS += ansible ansible-playbook DOCKER_RUN_OPTIONS += $(if $(DOCKER_INTERNAL_DOCKER_HOST),--add-host=host.docker.internal:$(DOCKER_INTERNAL_DOCKER_HOST)) -ENV_VARS += ANSIBLE_AWS_ACCESS_KEY_ID ANSIBLE_AWS_DEFAULT_OUTPUT ANSIBLE_AWS_DEFAULT_REGION ANSIBLE_AWS_SECRET_ACCESS_KEY ANSIBLE_CONFIG ANSIBLE_DISKS_NFS_DISK ANSIBLE_DISKS_NFS_OPTIONS ANSIBLE_DISKS_NFS_PATH ANSIBLE_DOCKER_IMAGE_TAG ANSIBLE_DOCKER_REGISTRY ANSIBLE_EXTRA_VARS ANSIBLE_GIT_DIRECTORY ANSIBLE_GIT_KEY_FILE ANSIBLE_GIT_REPOSITORY ANSIBLE_GIT_VERSION ANSIBLE_INVENTORY ANSIBLE_PLAYBOOK ANSIBLE_SSH_AUTHORIZED_KEYS ANSIBLE_SSH_BASTION_HOSTNAME ANSIBLE_SSH_BASTION_USERNAME ANSIBLE_SSH_PRIVATE_IP_RANGE ANSIBLE_SSH_PRIVATE_KEYS ANSIBLE_SSH_PUBLIC_HOSTS ANSIBLE_SSH_USERNAME ANSIBLE_USERNAME ANSIBLE_VERBOSE +ENV_VARS += ANSIBLE_AWS_ACCESS_KEY_ID ANSIBLE_AWS_DEFAULT_OUTPUT ANSIBLE_AWS_DEFAULT_REGION ANSIBLE_AWS_SECRET_ACCESS_KEY ANSIBLE_CONFIG ANSIBLE_DISKS_NFS_DISK ANSIBLE_DISKS_NFS_OPTIONS ANSIBLE_DISKS_NFS_PATH ANSIBLE_DOCKER_IMAGE_TAG ANSIBLE_DOCKER_REGISTRY ANSIBLE_EXTRA_VARS ANSIBLE_GIT_DIRECTORY ANSIBLE_GIT_KEY_FILE ANSIBLE_GIT_REPOSITORY ANSIBLE_GIT_VERSION ANSIBLE_INVENTORY ANSIBLE_MYOS ANSIBLE_PLAYBOOK ANSIBLE_SSH_AUTHORIZED_KEYS ANSIBLE_SSH_BASTION_HOSTNAME ANSIBLE_SSH_BASTION_USERNAME ANSIBLE_SSH_PRIVATE_IP_RANGE ANSIBLE_SSH_PRIVATE_KEYS ANSIBLE_SSH_PUBLIC_HOSTS ANSIBLE_SSH_USERNAME ANSIBLE_USERNAME ANSIBLE_VERBOSE # function ansible: Call run ansible ANSIBLE_ARGS with arg 1 define ansible diff --git a/ansible/inventories/host_vars/default b/ansible/inventories/host_vars/default index 4ae18f6..94fc782 100644 --- a/ansible/inventories/host_vars/default +++ b/ansible/inventories/host_vars/default @@ -8,12 +8,11 @@ aws_secret_access_key: "{{ lookup('env','ANSIBLE_AWS_SECRET_ACCESS_KEY') }}" disks_packages: - { "name": "e2fsprogs-extra", "state": "present" } - { "name": "nfs-utils", "state": "present" } -git_repositories: +hosts_git_repositories: - { "repo": "{{ lookup('env','ANSIBLE_GIT_REPOSITORY') }}", "dest": "{{ lookup('env','ANSIBLE_GIT_DIRECTORY') }}", "key_file": "{{ lookup('env','ANSIBLE_GIT_KEY_FILE') or '~/.ssh/id_rsa' }}", "version": "{{ lookup('env','ANSIBLE_GIT_VERSION') }}" } hosts_packages: - { "name": "ansible", "state": "present" } hosts_services: -- { "name": "local", "state": "started", "enabled": "yes" } - { "name": "zram", "state": "started", "enabled": "yes" } hosts_user_env: - ANSIBLE_AWS_ACCESS_KEY_ID @@ -29,9 +28,9 @@ hosts_user_env: - ANSIBLE_GIT_KEY_FILE - ANSIBLE_GIT_REPOSITORY - ANSIBLE_INVENTORY +- ANSIBLE_MYOS - ANSIBLE_PLAYBOOK - ENV -- MYOS hosts_user_rc_enable: true hosts_user_rc_functions: - { "path": "10_prompt_set", "state": "touch" } diff --git a/ansible/inventories/host_vars/localhost b/ansible/inventories/host_vars/localhost index e959cea..1e71f69 100644 --- a/ansible/inventories/host_vars/localhost +++ b/ansible/inventories/host_vars/localhost @@ -6,12 +6,10 @@ disks_packages: - { "name": "xfsprogs", "state": "present" } docker_image_tag: "{{ lookup('env','ANSIBLE_DOCKER_IMAGE_TAG') or 'latest' }}" docker_registry: "{{ lookup('env','ANSIBLE_DOCKER_REGISTRY') }}" -git_repositories: +hosts_git_repositories: - { "repo": "{{ lookup('env','ANSIBLE_GIT_REPOSITORY') }}", "dest": "{{ lookup('env','ANSIBLE_GIT_DIRECTORY') }}", "key_file": "{{ lookup('env','ANSIBLE_GIT_KEY_FILE') or '~/.ssh/id_rsa' }}", "version": "{{ lookup('env','ANSIBLE_GIT_VERSION') }}" } -hosts_packages: -- { "name": "ansible", "state": "present" } hosts_services: -- { "name": "local", "state": "started", "enabled": "yes" } +- { "name": "myos", "state": "stopped", "enabled": "yes" } - { "name": "zram", "state": "started", "enabled": "yes" } hosts_user_env: - ANSIBLE_CONFIG @@ -22,7 +20,7 @@ hosts_user_env: - ANSIBLE_GIT_KEY_FILE - ANSIBLE_GIT_REPOSITORY - ANSIBLE_INVENTORY +- ANSIBLE_MYOS - ANSIBLE_PLAYBOOK - ENV -- MYOS hosts_user_rc_enable: true diff --git a/ansible/inventories/host_vars/myos b/ansible/inventories/host_vars/myos index 57b4ac9..abd3c23 100644 --- a/ansible/inventories/host_vars/myos +++ b/ansible/inventories/host_vars/myos @@ -23,8 +23,9 @@ docker_registry: "{{ lookup('env','ANSIBLE_DOCKER_REGISTRY') }}" hosts_packages: - { "name": "ansible", "state": "present" } hosts_services: -- { "name": "local", "state": "started", "enabled": "yes" } +- { "name": "myos", "state": "stopped", "enabled": "yes" } - { "name": "zram", "state": "started", "enabled": "yes" } +hosts_update: true hosts_user_env: - ANSIBLE_AWS_ACCESS_KEY_ID - ANSIBLE_AWS_SECRET_ACCESS_KEY @@ -39,10 +40,10 @@ hosts_user_env: - ANSIBLE_GIT_KEY_FILE - ANSIBLE_GIT_REPOSITORY - ANSIBLE_INVENTORY +- ANSIBLE_MYOS - ANSIBLE_PLAYBOOK - COMPOSE_PROJECT_NAME - ENV -- MYOS - MYOS_TAGS hosts_user_rc_enable: true hosts_user_rc_functions: @@ -51,3 +52,5 @@ hosts_user_rc_functions: - { "path": "30_pfetch", "state": "touch" } - { "path": "30_screen_attach", "state": "touch" } - { "path": "40_ssh_add", "state": "touch" } +remotes_services: +- { "name": "ansible", "state": "stopped", "enabled": "yes" } diff --git a/ansible/roles/disks/README.md b/ansible/roles/disks/README.md index 9d2f88a..12a47e8 100644 --- a/ansible/roles/disks/README.md +++ b/ansible/roles/disks/README.md @@ -22,7 +22,7 @@ disks_to_mount: - disk: /dev/sdb fstype: ext4 mount_options: defaults - mount: /data + mount: /data1 user: www-data group: www-data disable_periodic_fsck: false @@ -31,14 +31,10 @@ disks_to_mount: fstype: xfs mount_options: defaults,noatime mount: /data2 - - device_name: /dev/sdf - fstype: ext4 - mount_options: defaults - mount: /data - disk: nfs-host:/nfs/export fstype: nfs mount_options: defaults,noatime - mount: /srv/nfs + mount: /data3 ``` The following filesystems are currently supported: diff --git a/ansible/roles/disks/tasks/filesystems-btrfs.yml b/ansible/roles/disks/tasks/filesystems-btrfs.yml index 113eb09..ce8a887 100644 --- a/ansible/roles/disks/tasks/filesystems-btrfs.yml +++ b/ansible/roles/disks/tasks/filesystems-btrfs.yml @@ -1,25 +1,3 @@ --- # file: tasks/filesystems-btrfs.yml -- name: filesystems-btrfs - create filesystem on the first partition - when: item.1.stat.exists - with_together: - - '{{ disks_to_mount }}' - - '{{ disks_stat.results }}' - filesystem: - dev: '{{ item.0.part | default(item.0.disk + "1") }}' - force: '{{ item.0.force|d(omit) }}' - fstype: '{{ item.0.fstype }}' - opts: '{{ item.0.fsopts|d(omit) }}' - become: yes - -- name: filesystems-btrfs - disable periodic fsck and reserved space on ext3 or ext4 formatted disks - when: "disks_to_mount and ( item.0.fstype == 'ext4' or item.0.fstype == 'ext3' ) and item.0.disable_periodic_fsck|default(false)|bool and item.1.stat.exists" - with_together: - - '{{ disks_to_mount }}' - - '{{ disks_stat.results }}' - environment: - PATH: "{{ ansible_env.PATH }}:/usr/sbin:/sbin" - shell: tune2fs -c0 -i0 -m0 {{ item.0.part | default(item.0.disk + "1") }} - become: yes - diff --git a/ansible/roles/disks/tasks/packages.yml b/ansible/roles/disks/tasks/packages.yml index 6e0856a..4d510dc 100644 --- a/ansible/roles/disks/tasks/packages.yml +++ b/ansible/roles/disks/tasks/packages.yml @@ -2,7 +2,7 @@ # file: tasks/packages.yml - name: packages - install parted - when: disks_to_mount + when: disks_to_mount is defined package: name: parted state: present diff --git a/ansible/roles/disks/tasks/services.yml b/ansible/roles/disks/tasks/services.yml index 8759a7d..ab607f3 100644 --- a/ansible/roles/disks/tasks/services.yml +++ b/ansible/roles/disks/tasks/services.yml @@ -2,7 +2,7 @@ # file: tasks/services.yml - name: services - enable/disable disks services - when: ansible_service_mgr|lower != "openrc" + when: disks_services is defined and ansible_service_mgr|lower != "openrc" with_items: "{{ disks_services|default([]) }}" service: name: "{{item.name}}" @@ -11,7 +11,7 @@ become: yes - name: services - openrc - enable/disable disks services - when: ansible_service_mgr|lower == "openrc" + when: disks_services is defined and ansible_service_mgr|lower == "openrc" with_items: "{{ disks_services|default([]) }}" service: name: "{{item.name}}" diff --git a/ansible/roles/docker/README.md b/ansible/roles/docker/README.md index dd92ecd..579404d 100644 --- a/ansible/roles/docker/README.md +++ b/ansible/roles/docker/README.md @@ -12,10 +12,28 @@ Install and configure the [docker](https://www.docker.com/) daemon docker_check_kernel: '3.10' ``` -* `docker_check_machine` - Hosts architecture needed to run docker +* `docker_daemon_config_directory` - Path to docker daemon configuration files ``` yaml -docker_check_machine: 'x86_64' +docker_daemon_config_directory: '/etc/docker' +``` + +* `docker_daemon_config_file` - Docker daemon configuration file + +``` yaml +docker_daemon_config_file: "{{docker_daemon_config_directory}}/daemon.json" +``` + +* `docker_daemon_config_file` - Docker daemon configuration file + +``` yaml +docker_daemon_config_storage: 'overlay2' +``` + +* `docker_daemon_config` - docker daemon yaml config + +``` yaml +docker_daemon_config: { "storage-driver": "devicemapper" } ``` * `docker_package` - Name of the docker package diff --git a/ansible/roles/docker/defaults/main.yml b/ansible/roles/docker/defaults/main.yml index 77dab29..e28f1b8 100644 --- a/ansible/roles/docker/defaults/main.yml +++ b/ansible/roles/docker/defaults/main.yml @@ -11,7 +11,7 @@ docker_daemon_config_directory: "/etc/docker" docker_daemon_config_file: "{{docker_daemon_config_directory}}/daemon.json" # configure docker daemon storage driver -docker_daemon_config_storage: "{% if ansible_cmdline.fstype == 'btrfs'%}btrfs{% endif %}" +docker_daemon_config_storage: "overlay2" # docker daemon configuration docker_daemon_config: {} diff --git a/ansible/roles/docker/tasks/config.yml b/ansible/roles/docker/tasks/config.yml index 260c332..fe1ee9e 100644 --- a/ansible/roles/docker/tasks/config.yml +++ b/ansible/roles/docker/tasks/config.yml @@ -12,8 +12,8 @@ docker_daemon_config: "{{ lookup('file',docker_daemon_config_file)|default('{}')|from_json}}" ignore_errors: true -- name: config - add docker daemon storage configuration for btrfs - when: docker_package|length > 0 +- name: config - add docker daemon storage configuration + when: false and docker_package|length > 0 template: src: daemon.json.j2 dest: "{{docker_daemon_config_file}}" diff --git a/ansible/roles/docker/tasks/myos.yml b/ansible/roles/docker/tasks/myos.yml index f43d778..f6afb4f 100644 --- a/ansible/roles/docker/tasks/myos.yml +++ b/ansible/roles/docker/tasks/myos.yml @@ -3,7 +3,7 @@ - name: myos - register myos.tags set_fact: - myos_tags: "{{ lookup('env', 'MYOS_TAGS_JSON')|from_json or lookup('file', '~/.env') }}" + myos_tags: "{{ lookup('env', 'MYOS_TAGS_JSON')|from_json }}" tags: debug - debug: diff --git a/ansible/roles/docker/tasks/packages.yml b/ansible/roles/docker/tasks/packages.yml index e2d1005..cf69341 100644 --- a/ansible/roles/docker/tasks/packages.yml +++ b/ansible/roles/docker/tasks/packages.yml @@ -2,6 +2,7 @@ # file: tasks/packages.yml - name: packages - install/remove docker packages + when: docker_packages is defined with_items: "{{ docker_packages|default([]) }}" package: name="{{item.name}}" state="{{item.state}}" become: yes diff --git a/ansible/roles/docker/tasks/services.yml b/ansible/roles/docker/tasks/services.yml index 38d3262..099f2a7 100644 --- a/ansible/roles/docker/tasks/services.yml +++ b/ansible/roles/docker/tasks/services.yml @@ -2,7 +2,7 @@ # file: tasks/services.yml - name: services - enable/disable docker services - when: ansible_service_mgr|lower != "openrc" + when: docker_services is defined and ansible_service_mgr|lower != "openrc" with_items: "{{ docker_services|default([]) }}" service: name: "{{item.name}}" @@ -11,13 +11,13 @@ become: yes - name: services - openrc - force service status - when: ansible_service_mgr|lower == "openrc" + when: docker_services is defined and ansible_service_mgr|lower == "openrc" shell: "kill -0 $(cat /run/{{item.name}}.pid) && [ ! -h /run/openrc/started/{{item.name}} ] && ln -s /etc/init.d/{{item.name}} /run/openrc/started/{{item.name}} && service {{item.name}} restart ||:" with_items: "{{ docker_services|default([]) }}" become: yes - name: services - openrc - enable/disable docker services - when: ansible_service_mgr|lower == "openrc" + when: docker_services is defined and ansible_service_mgr|lower == "openrc" with_items: "{{ docker_services|default([]) }}" service: name: "{{item.name}}" diff --git a/ansible/roles/docker/vars/debian.yml b/ansible/roles/docker/vars/debian.yml index 19a4d12..be21242 100644 --- a/ansible/roles/docker/vars/debian.yml +++ b/ansible/roles/docker/vars/debian.yml @@ -8,6 +8,7 @@ docker_packages: - { "name": "apt-transport-https", "state": "present" } - { "name": "ca-certificates", "state": "present" } - { "name": "curl", "state": "present" } + - { "name": "docker-compose", "state": "present" } - { "name": "gnupg2", "state": "present" } - { "name": "software-properties-common", "state": "present" } diff --git a/ansible/roles/hosts/README.md b/ansible/roles/hosts/README.md index 711e6b2..1963522 100644 --- a/ansible/roles/hosts/README.md +++ b/ansible/roles/hosts/README.md @@ -23,6 +23,13 @@ hosts_cloudinit_config: hosts_cloudinit_enable: false ``` +* `hosts_git_repositories` - Clone git repositories + +``` yaml +hosts_git_repositories: +- { "repo": "https://github.com/aynicos/myos", "dest": "/dns/com/github/aynicos/myos", "key_file": "~/.ssh/id_rsa", "version": "master" } +``` + * `hosts_packages` - List of packages to install/remove on your hosts, should be overrided for a specific distro ``` yaml @@ -99,7 +106,13 @@ hosts_ssh_public_hosts: hosts_ssh_username: root ``` -* `hosts_user_env` - List of environment variables added in ~/.env +* `hosts_update` - Update hosts every day + +``` yaml +hosts_update: false +``` + +* `hosts_user_env` - List of environment variables to add in file ~/.myos ``` yaml hosts_user_env: diff --git a/ansible/roles/hosts/defaults/main.yml b/ansible/roles/hosts/defaults/main.yml index 63c9786..5f930e1 100644 --- a/ansible/roles/hosts/defaults/main.yml +++ b/ansible/roles/hosts/defaults/main.yml @@ -78,6 +78,9 @@ hosts_cloudinit_config: # enable cloud-init hosts_cloudinit_enable: false +# git repositories to clone +hosts_git_repositories: [] + # packages to install/remove hosts_packages: [] @@ -125,7 +128,10 @@ hosts_ssh_public_hosts: "{{ lookup('env','ANSIBLE_SSH_PUBLIC_HOSTS').split(' ') # remote ssh user hosts_ssh_username: "{{ lookup('env','ANSIBLE_SSH_USERNAME') or ansible_user }}" -# list of environment variables to write to user ~/.env +# update hosts every day +hosts_update: false + +# list of environment variables to add in ~/.myos hosts_user_env: [] # run specific functions on user login diff --git a/ansible/roles/hosts/files/.profile b/ansible/roles/hosts/files/.profile index 3ecd639..0a3cb24 100644 --- a/ansible/roles/hosts/files/.profile +++ b/ansible/roles/hosts/files/.profile @@ -1,6 +1,5 @@ # ~/.profile: executed by the command interpreter for login shells. # set -x -umask 027 # source ~/.*aliases and ~/.*functions files for source in aliases functions; do diff --git a/ansible/roles/hosts/files/.resty_aliases b/ansible/roles/hosts/files/.resty_aliases deleted file mode 100644 index 2fb9e14..0000000 --- a/ansible/roles/hosts/files/.resty_aliases +++ /dev/null @@ -1,8 +0,0 @@ -alias DELETE='resty-delete' -alias GET='resty-get' -alias HEAD='resty-head' -alias OPTIONS='resty-options' -alias PATCH='resty-patch' -alias POST='resty-post' -alias PUT='resty-put' -alias TRACE='resty-trace' diff --git a/ansible/roles/hosts/files/.sh_functions b/ansible/roles/hosts/files/.sh_functions deleted file mode 100644 index e698463..0000000 --- a/ansible/roles/hosts/files/.sh_functions +++ /dev/null @@ -1,2 +0,0 @@ -gam () { "~/.gam/gam" "$@" ; } -gyb () { "~/.gyb/gyb" "$@" ; } diff --git a/ansible/roles/hosts/files/etc/cron.d/myos b/ansible/roles/hosts/files/etc/cron.d/myos new file mode 100644 index 0000000..9a0d83d --- /dev/null +++ b/ansible/roles/hosts/files/etc/cron.d/myos @@ -0,0 +1,2 @@ +PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin +0 0 * * * root /etc/init.d/myos ansible-pull diff --git a/ansible/roles/hosts/files/etc/init.d/myos b/ansible/roles/hosts/files/etc/init.d/myos index dae2f70..804e34e 100755 --- a/ansible/roles/hosts/files/etc/init.d/myos +++ b/ansible/roles/hosts/files/etc/init.d/myos @@ -1,24 +1,23 @@ -#!/bin/sh +#!/bin/bash ### BEGIN INIT INFO # Provides: myos # Required-Start: # Required-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 -# Description: System calls from https://github.com/aynicos/myos +# Description: MYOS system call ### END INIT INFO set -e -# load system configs -[ -r /etc/default/myos ] && . /etc/default/myos -[ -r /etc/sysconfig/myos ] && . /etc/sysconfig/myos - # check system config -[ -r ~/.env ] && . ~/.env || exit 1 +[ -r /etc/default/myos ] && . /etc/default/myos || exit 1 type make >/dev/null 2>&1 && [ -d "${MYOS}" ] || exit 2 +# load user config +[ -r ~/.myos ] && . ~/.myos + case "$1" in *) - IFS=$'\n'; exec env $(cat ~/.env 2>/dev/null) make -C "${MYOS}" $@ + IFS=$'\n'; exec sh -c "cd ${MYOS} && exec make $@ $(cat /etc/default/myos ~/.myos 2>/dev/null)" esac diff --git a/ansible/roles/hosts/files/etc/init.d/myos-openrc b/ansible/roles/hosts/files/etc/init.d/myos-openrc index b3f7776..a86eff2 100755 --- a/ansible/roles/hosts/files/etc/init.d/myos-openrc +++ b/ansible/roles/hosts/files/etc/init.d/myos-openrc @@ -9,10 +9,10 @@ start() { /etc/init.d/myos start } +status() { + /etc/init.d/myos ps +} + stop() { /etc/init.d/myos stop } - -status() { - /etc/init.d/myos status -} diff --git a/ansible/roles/hosts/files/etc/profile.d/rc.sh b/ansible/roles/hosts/files/etc/profile.d/rc.sh index b37a503..b9116e6 100644 --- a/ansible/roles/hosts/files/etc/profile.d/rc.sh +++ b/ansible/roles/hosts/files/etc/profile.d/rc.sh @@ -1,8 +1,8 @@ # shellcheck shell=sh # file rc.sh: Call user defined functions ## author: Yann "aya" Autissier -## license: MIT -## version: 20210620 +## license: GPL +## version: 20210714 case $- in # if this is an interactive shell diff --git a/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh b/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh index fadf001..9f4fec9 100644 --- a/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh +++ b/ansible/roles/hosts/files/etc/profile.d/rc_functions.sh @@ -1,8 +1,8 @@ # shellcheck shell=sh # file rc_functions.sh: Define shell functions ## author: Yann "aya" Autissier -## license: MIT -## version: 20210711 +## license: GPL +## version: 20210714 # function force: Run a command sine die force() { diff --git a/ansible/roles/hosts/files/etc/systemd/system/ansible.service b/ansible/roles/hosts/files/etc/systemd/system/ansible.service new file mode 100644 index 0000000..d608107 --- /dev/null +++ b/ansible/roles/hosts/files/etc/systemd/system/ansible.service @@ -0,0 +1,9 @@ +[Unit] +Description=Call myos ansible-pull + +[Service] +Type=oneshot +ExecStart=/etc/init.d/myos ansible-pull + +[Install] +WantedBy=multi-user.target diff --git a/ansible/roles/hosts/files/etc/systemd/system/ansible.timer b/ansible/roles/hosts/files/etc/systemd/system/ansible.timer new file mode 100644 index 0000000..9ada182 --- /dev/null +++ b/ansible/roles/hosts/files/etc/systemd/system/ansible.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Call ansible + +[Timer] +OnCalendar=*-*-* 00:00:00 +Unit=ansible.service + +[Install] +WantedBy=timers.target diff --git a/ansible/roles/hosts/tasks/config.yml b/ansible/roles/hosts/tasks/config.yml new file mode 100644 index 0000000..73e6ab6 --- /dev/null +++ b/ansible/roles/hosts/tasks/config.yml @@ -0,0 +1,14 @@ +--- +# file: tasks/config.yml + +- name: config - arch != x86 - do not run docker-compose in docker + when: ansible_machine|lower != "x86_64" + lineinfile: dest="/etc/default/myos" state="present" line="DOCKER=false" + become: yes + +- name: config - set MYOS config in /etc/default/myos + with_items: + - MYOS={{ lookup('env','ANSIBLE_MYOS') }} + lineinfile: dest="/etc/default/myos" create="yes" line="{{ item }}" mode="0644" + become: yes + diff --git a/ansible/roles/hosts/tasks/files.yml b/ansible/roles/hosts/tasks/files.yml index 3742b8f..d6a2ad7 100644 --- a/ansible/roles/hosts/tasks/files.yml +++ b/ansible/roles/hosts/tasks/files.yml @@ -9,6 +9,13 @@ copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644 become: yes +- name: files - copy myos cron file + when: hosts_update + with_items: + - /etc/cron.d/myos + copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644 + become: yes + - name: files - copy binary files with_items: - /etc/init.d/myos @@ -19,6 +26,8 @@ - name: files - systemd - copy files when: ansible_service_mgr|lower == "systemd" with_items: + - /etc/systemd/system/ansible.service + - /etc/systemd/system/ansible.timer - /etc/systemd/system/myos.service - /etc/systemd/system/zram.service copy: src=../files/{{item}} dest={{item}} owner=root group=root mode=0644 diff --git a/ansible/roles/hosts/tasks/git.yml b/ansible/roles/hosts/tasks/git.yml new file mode 100644 index 0000000..c814f03 --- /dev/null +++ b/ansible/roles/hosts/tasks/git.yml @@ -0,0 +1,14 @@ +--- +# file: tasks/git.yml + +- name: git - clone repositories + with_items: "{{ hosts_git_repositories|default([]) }}" + git: + repo: "{{ item.repo }}" + dest: "{{ item.dest|default('/dns') }}" + umask: "022" + key_file: "{{ item.key_file|default('~/.ssh/id_rsa') }}" + version: "{{ item.version|default('HEAD') }}" + ignore_errors: true + become: yes + diff --git a/ansible/roles/hosts/tasks/main.yml b/ansible/roles/hosts/tasks/main.yml index aa7ccc8..5d656db 100644 --- a/ansible/roles/hosts/tasks/main.yml +++ b/ansible/roles/hosts/tasks/main.yml @@ -10,6 +10,9 @@ - import_tasks: cloudinit.yml tags: - cloudinit +- import_tasks: config.yml + tags: + - cloudinit - import_tasks: dir.yml tags: - dir @@ -25,6 +28,9 @@ - import_tasks: services.yml tags: - services +- import_tasks: git.yml + tags: + - git - import_tasks: ssh.yml tags: - ssh diff --git a/ansible/roles/hosts/tasks/services.yml b/ansible/roles/hosts/tasks/services.yml index a33c3c3..36e1abd 100644 --- a/ansible/roles/hosts/tasks/services.yml +++ b/ansible/roles/hosts/tasks/services.yml @@ -2,7 +2,7 @@ # file: tasks/services.yml - name: services - enable/disable hosts services - when: ansible_service_mgr|lower != "openrc" + when: hosts_services is defined and ansible_service_mgr|lower != "openrc" with_items: "{{ hosts_services|default([]) }}" service: name: "{{item.name}}" @@ -11,7 +11,7 @@ become: yes - name: services - openrc - enable/disable hosts services - when: ansible_service_mgr|lower == "openrc" + when: hosts_services is defined and ansible_service_mgr|lower == "openrc" with_items: "{{ hosts_services|default([]) }}" service: name: "{{item.name}}" diff --git a/ansible/roles/hosts/tasks/user.yml b/ansible/roles/hosts/tasks/user.yml index 1648a7c..d108102 100644 --- a/ansible/roles/hosts/tasks/user.yml +++ b/ansible/roles/hosts/tasks/user.yml @@ -11,10 +11,10 @@ copy: src="{{ item }}" dest=~/.ssh/ mode=0400 ignore_errors: true -- name: user - create ~/.env +- name: user - create ~/.myos template: - src: env.j2 - dest: ~/.env + src: myos.j2 + dest: ~/.myos force: no mode: 0400 @@ -32,13 +32,11 @@ with_items: "{{ hosts_user_rc_functions|default([]) }}" file: path="~/.rc.d/{{item.path}}" state="{{item.state}}" -- name: user - copy ~/.*aliases ~/.*functions ~/.*profile ~/.shrc +- name: user - copy ~/.*aliases ~/.*profile ~/.shrc with_items: - ".dircolors_aliases" - ".docker_aliases" - - ".resty_aliases" - ".vim_aliases" - - ".sh_functions" - ".bash_profile" - ".profile" - ".shrc" diff --git a/ansible/roles/hosts/templates/Makefile.j2 b/ansible/roles/hosts/templates/Makefile.j2 index bee34ef..39927ca 100644 --- a/ansible/roles/hosts/templates/Makefile.j2 +++ b/ansible/roles/hosts/templates/Makefile.j2 @@ -1,6 +1,6 @@ CMDS := exec SERVICE ?= cli --include .env +-include .myos ansible: @make -C $(ANSIBLE_GIT_DIRECTORY) ansible-run-localhost diff --git a/ansible/roles/hosts/templates/env.j2 b/ansible/roles/hosts/templates/myos.j2 similarity index 68% rename from ansible/roles/hosts/templates/env.j2 rename to ansible/roles/hosts/templates/myos.j2 index 1f461ff..f2fcf92 100644 --- a/ansible/roles/hosts/templates/env.j2 +++ b/ansible/roles/hosts/templates/myos.j2 @@ -1,3 +1,4 @@ +MYOS={{ lookup('env','ANSIBLE_MYOS') }} {% for var in hosts_user_env|default([]) %} {{var}}={{ lookup('env',var) }} {% endfor %} diff --git a/ansible/roles/remotes/tasks/git.yml b/ansible/roles/remotes/tasks/git.yml index ff0975a..d7ac7a3 100644 --- a/ansible/roles/remotes/tasks/git.yml +++ b/ansible/roles/remotes/tasks/git.yml @@ -6,6 +6,7 @@ git: repo: "{{ item.repo }}" dest: "{{ item.dest|default('/src') }}" + umask: "022" key_file: "{{ item.key_file|default('~/.ssh/id_rsa') }}" version: "{{ item.version|default('HEAD') }}" ignore_errors: true diff --git a/ansible/roles/remotes/tasks/packages.yml b/ansible/roles/remotes/tasks/packages.yml index 6e0856a..66edc0d 100644 --- a/ansible/roles/remotes/tasks/packages.yml +++ b/ansible/roles/remotes/tasks/packages.yml @@ -1,16 +1,9 @@ --- # file: tasks/packages.yml -- name: packages - install parted - when: disks_to_mount - package: - name: parted - state: present - become: yes - -- name: packages - install/remove disks packages - when: disks_packages is defined - with_items: "{{ disks_packages|default([]) }}" +- name: packages - install/remove remotes packages + when: remotes_packages is defined + with_items: "{{ remotes_packages|default([]) }}" package: name: "{{item.name}}" state: "{{item.state}}" diff --git a/ansible/roles/remotes/tasks/services.yml b/ansible/roles/remotes/tasks/services.yml index 8759a7d..91009c8 100644 --- a/ansible/roles/remotes/tasks/services.yml +++ b/ansible/roles/remotes/tasks/services.yml @@ -1,18 +1,18 @@ --- # file: tasks/services.yml -- name: services - enable/disable disks services - when: ansible_service_mgr|lower != "openrc" - with_items: "{{ disks_services|default([]) }}" +- name: services - enable/disable remotes services + when: remotes_services is defined and ansible_service_mgr|lower != "openrc" + with_items: "{{ remotes_services|default([]) }}" service: name: "{{item.name}}" state: "{{item.state}}" enabled: "{{item.enabled}}" become: yes -- name: services - openrc - enable/disable disks services - when: ansible_service_mgr|lower == "openrc" - with_items: "{{ disks_services|default([]) }}" +- name: services - openrc - enable/disable remotes services + when: remotes_services is defined and ansible_service_mgr|lower == "openrc" + with_items: "{{ remotes_services|default([]) }}" service: name: "{{item.name}}" state: "{{item.state}}" diff --git a/make/apps/def.docker.mk b/make/apps/def.docker.mk index 688de3c..fcf31d5 100644 --- a/make/apps/def.docker.mk +++ b/make/apps/def.docker.mk @@ -37,7 +37,7 @@ DOCKER_PLUGIN_S3FS_OPTIONS ?= allow_other,nonempty,use_path_request_style,u DOCKER_PLUGIN_S3FS_SECRETKEY ?= $(AWS_SECRET_ACCESS_KEY) DOCKER_PLUGIN_S3FS_REGION ?= eu-west-1 DOCKER_PLUGIN_VARS ?= S3FS_ACCESSKEY S3FS_OPTIONS S3FS_SECRETKEY S3FS_REGION -DOCKER_REGISTRY ?= docker.io +DOCKER_REGISTRY ?= my.os DOCKER_REGISTRY_USERNAME ?= $(USER) DOCKER_REGISTRY_REPOSITORY ?= $(addsuffix /,$(DOCKER_REGISTRY))$(subst $(USER),$(DOCKER_REGISTRY_USERNAME),$(DOCKER_REPOSITORY)) DOCKER_REPOSITORY ?= $(subst _,/,$(COMPOSE_PROJECT_NAME)) diff --git a/make/apps/myos/def.mk b/make/apps/myos/def.mk index d7332c0..64c7378 100644 --- a/make/apps/myos/def.mk +++ b/make/apps/myos/def.mk @@ -7,7 +7,7 @@ MYOS_TAGS_ARGS ?= $(foreach var,$(filter $(MYOS_TAGS_VARS),$(MA MYOS_TAGS_JSON ?= "{$(foreach var,$(filter $(MYOS_TAGS_VARS),$(MAKE_FILE_VARS)),$(if $($(var)), '$(var)': '$($(var))'$(comma))) }" NFS_DISK ?= $(NFS_HOST):/$(notdir $(SHARED)) NFS_OPTIONS ?= rw,rsize=8192,wsize=8192,bg,hard,intr,nfsvers=3,noatime,nodiratime,actimeo=3 -NFS_PATH ?= /srv/$(subst $(space),/,$(strip $(call reverse,$(subst ., ,$(NFS_HOST)))))$(subst ..,,$(SHARED)) +NFS_PATH ?= /dns/$(subst $(space),/,$(strip $(call reverse,$(subst ., ,$(NFS_HOST)))))$(subst ..,,$(SHARED)) SHELL ?= /bin/sh STACK ?= base