Add configuration playbooks for setting up various system components

playbooks/configure-docker.yml

@@ -0,0 +1,33 @@
+---
+- import_playbook: meta.yml
+
+- name: Configure docker hosts
+  hosts: servers
+  roles:
+    - role: docker
+  tasks:
+    - name: Configure portainer volume
+      docker_volume:
+        volume_name: portainer
+
+    - name: Run portainer
+      docker_container:
+        name: omni.portainer
+        image: portainer/portainer
+        restart_policy: unless-stopped
+        published_ports:
+          - 0.0.0.0:8000:8000
+          - 0.0.0.0:9000:9000
+        volumes:
+          - /var/run/docker.sock:/var/run/docker.sock
+          - portainer:/data
+
+- name: Configure swarm master
+  hosts:
+    - jupiter
+    - vigil-nox
+  tasks:
+    - name: Initialize swarm
+      docker_swarm:
+        name: omni
+        advertise_addr: "{{ omni_networking.eno2.address[0] }}"

playbooks/configure-network.yml

@@ -0,0 +1,37 @@
+---
+- import_playbook: meta.yml
+
+- name: Configure router
+  hosts: router
+  gather_facts: false
+  pre_tasks:
+    - name: Collect EdgeOS facts
+      edgeos_facts:
+        gather_subset: "!config"
+  tasks:
+    - name: Configure interfaces
+      edgeos_config:
+        lines:
+          - set interfaces ethernet eth0 address dhcp
+          - set interfaces ethernet eth0 description EXTERNAL
+          - set interfaces ethernet eth1 address 10.42.100.1/24
+          - set interfaces ethernet eth1 address 10.42.99.1/24
+          - set interfaces ethernet eth1 description LOCAL
+          - set interfaces ethernet eth2 address 10.42.101.1/24
+          - set interfaces ethernet eth2 description DOMAIN
+
+- name: Configure servers
+  hosts: servers
+  roles:
+    - role: networkd
+  tasks:
+    - name: Configure local hostsfile
+      become: true
+      lineinfile:
+        path: /etc/hosts
+        state: present
+        line: "{{ item }}"
+      loop:
+        - "192.168.42.10  jupiter.svr.local"
+        - "192.168.42.20  remus.svr.local"
+        - "192.168.42.30  romulus.svr.local"

playbooks/configure-system.yml

@@ -0,0 +1,26 @@
+---
+- import_playbook: meta.yml
+
+- name: Update system
+  hosts: all
+  pre_tasks:
+    - import_tasks: tasks/centos-8-kernelplus.yml
+      tags: kernel
+      when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
+  roles:
+    - role: packages
+      vars:
+        omni_pkg_update: true
+        omni_pkg_clean: true
+    - role: sshd
+      vars:
+        omni_restart_services: true
+    - role: common_env
+  tasks:
+    - name: Enable cockpit
+      become: true
+      when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
+      systemd:
+        name: cockpit
+        enabled: true
+        state: started

playbooks/configure.yml

@@ -0,0 +1,6 @@
+---
+- import_playbook: configure-system.yml
+
+- import_playbook: configure-auth.yml
+
+- import_playbook: configure-network.yml

playbooks/update.yml

@@ -1,29 +0,0 @@
----
-- import_playbook: meta.yml
-
-- name: Configure system
-  hosts: all:!network
-  tags:
-    - initialize
-  vars:
-    omni_restart_services: true
-  roles:
-    - role: packages
-      vars:
-        omni_pkg_update: true
-        omni_pkg_exclude: [] # Override the default kernel exclusion
-        omni_pkg_clean: true
-    - role: sshd
-  tasks:
-    - name: Set hostname
-      become: true
-      hostname:
-        name: "{{ ansible_host }}"
-    - name: Install global bashrc
-      become: true
-      copy:
-        src: bashrc.sh
-        dest: /etc/profile.d/ZA-enpn-bashrc.sh
-        mode: 0644
-
-#- import_playbook: configure-auth.yml