Restructore project into collection

Bump ansible to ^4.9
Fix incorrect netdev type key name
2021-12-11 15:59:09 -05:00 · 2021-12-11 15:59:09 -05:00 · 2021-12-11 15:59:09 -05:00 · 2021-12-11 15:59:08 -05:00 · 2021-12-11 15:59:08 -05:00 · 2021-12-11 15:59:08 -05:00
66 changed files with 549 additions and 213 deletions
--- a/inventory.yaml
+++ b/inventory.yaml
@ -12,7 +12,7 @@ en1:
    skylab_location: Newton MA
    skylab_dashboard: info.en1.local
    # gross hack for now, will be refactored later
-    _skylab_adguard_nat_rule: 8
+    _skylab_adguard_nat_rule: 9
  hosts:
    core:
@ -42,6 +42,7 @@ en1:
      vars:
        skylab_targets: [cluster, datastore]
        skylab_compose_version: 3.8
        skylab_compose_dir: "{{ skylab_state_dir }}/compose"
      hosts:
        pegasus:  # jupiter
@ -58,13 +59,14 @@ en1:
            interface:
              access: bond0
              internal: bond0.99
          skylab_datastore_device: sdb
          skylab_networking:
            eno1:
              bond: bond0
            eno2:
              bond: bond0
            bond0:
-              type: bond
+              device: bond
              firewall: internal
              gateway: 10.42.101.1/24
              dns:
@ -74,7 +76,7 @@ en1:
                - 192.168.255.255/32
              dhcp: false
            bond0.99:
-              type: vlan
+              device: vlan
              firewall: trusted
              addresses:
                - 192.168.42.10/24
@ -100,7 +102,7 @@ en1:
            eno2:
              bond: bond0
            bond0:
-              type: bond
+              device: bond
              firewall: internal
              dhcp: false
              gateway: 10.42.101.1/24
@ -110,7 +112,7 @@ en1:
              dns:
                - 10.42.101.1
            bond0.99:
-              type: vlan
+              device: vlan
              firewall: trusted
              dhcp: false
              addresses:
@ -137,7 +139,7 @@ en1:
            eno2:
              bond: bond0
            bond0:
-              type: bond
+              device: bond
              firewall: internal
              gateway: 10.42.101.1/24
              dns:
@ -147,7 +149,7 @@ en1:
                - 192.168.255.255/32
              dhcp: false
            bond0.99:
-              type: vlan
+              device: vlan
              firewall: trusted
              addresses:
                - 192.168.42.30/24
--- a/playbooks/files
+++ b/playbooks/files
@ -1 +0,0 @@
 ../resources
--- a/playbooks/roles
+++ b/playbooks/roles
@ -1 +0,0 @@
 ../roles
--- a/playbooks/tasks
+++ b/playbooks/tasks
@ -1 +0,0 @@
 ../tasks
--- a/playbooks/templates
+++ b/playbooks/templates
@ -1 +0,0 @@
 ../resources
--- a/playbooks/vars
+++ b/playbooks/vars
@ -1 +0,0 @@
 ../vars/
--- a/poetry.lock
+++ b/poetry.lock
--- a/pyproject.toml
+++ b/pyproject.toml
@ -7,7 +7,7 @@ license = "MIT"
 [tool.poetry.dependencies]
 python = "^3.8"
-ansible = "^3.4.0"
+ansible = "^4.9.0"
 docker = "^4.2.0"
 docker-compose = "^1.25.4"
 paramiko = "^2.7.1"
--- a/requirements.yml
+++ b/requirements.yml
@ -0,0 +1,4 @@
 ---
 collections:
  - source: ./skylab/
    type: subdirs
--- a/skylab/core/README.md
+++ b/skylab/core/README.md
@ -0,0 +1,3 @@
 # Ansible Collection - skylab.core
 Documentation for the collection.
--- a/skylab/core/galaxy.yml
+++ b/skylab/core/galaxy.yml
@ -0,0 +1,19 @@
 ---
 namespace: skylab
 name: core
 version: 0.0.0
 description: Network deployment procedures and configuration state management
 authors:
  - Ethan Paul <me@enp.one>
 license:
  - MIT
 readme: README.md
 tags: []
 repository: https://vcs.enp.one/skylab/skylab-ansible/
 build_ignore: []
 # Collections that this collection requires to be installed for it to be usable. The key of the dict is the
 # collection label 'namespace.name'. The value is a version range
 # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
 # range specifiers can be set and are separated by ','
 dependencies: {}
--- a/skylab/core/meta/runtime.yml
+++ b/skylab/core/meta/runtime.yml
@ -0,0 +1,2 @@
 ---
 requires_ansible: ">=2.11,<2.15"
--- a/skylab/core/playbooks/configure.yaml
+++ b/skylab/core/playbooks/configure.yaml
--- a/skylab/core/playbooks/deploy.yaml
+++ b/skylab/core/playbooks/deploy.yaml
@ -0,0 +1,200 @@
 ---
 - name: Bootstrap remote ansible environment
  hosts: linux
  tags:
    - always
  tasks:
    - include_tasks: tasks/meta/bootstrap-remote-env.yaml
 - name: Clean up old orechestration data
  hosts: cluster
  gather_facts: false
  tags:
    - cleanup
  vars_files:
    - vars/services.yaml
    - vars/access.yaml
  tasks:
    - name: Create compose storage directory
      become: true
      ansible.builtin.file:
        path: "{{ skylab_compose_dir }}"
        state: directory
        owner: "{{ ansible_user }}"
        group: "{{ skylab_group_admin.name }}"
        mode: 0770
    - name: Fetch existing compose files
      ansible.builtin.command:
        cmd: /usr/bin/ls {{ skylab_compose_dir }}
      changed_when: false
      register: _compose_contents_raw
    - name: Remove legacy compose files
      when: item.replace('.yaml', '') not in skylab_services
      ansible.builtin.file:
        path: "{{ skylab_compose_dir }}/{{ item }}"
        state: absent
      loop: "{{ _compose_contents_raw.stdout_lines }}"
    - name: Fetch existing stacks
      vars:
        ansible_python_interpreter: "{{ skylab_ansible_venv }}/bin/python"
      community.docker.docker_stack_info: {}
      register: _stack_info
    - name: Remove legacy stacks
      vars:
        ansible_python_interpreter: "{{ skylab_ansible_venv }}/bin/python"
      when: item.Orchestrator == 'Swarm' and item.Name not in skylab_services
      community.docker.docker_stack:
        name: "{{ item.Name }}"
        state: absent
      loop: "{{ _stack_info.results }}"
      loop_control:
        label: "{{ item.Name }}"
    - name: Fetch existing Nginx configs
      ansible.builtin.command:
        cmd: ls {{ local_datastore_mount }}/appdata/nginx/conf.d/
      changed_when: false
      register: _nginx_configs
    - name: Remove legacy nginx configs
      when: item.replace('.conf', '') not in skylab_services
      ansible.builtin.file:
        path: "{{ local_datastore_mount }}/appdata/nginx/conf.d/{{ item }}.conf"
        state: absent
      loop: "{{ _nginx_configs.stdout_lines }}"
 - name: Deploy stack service{{ (' ' + service) if service is defined else 's' }}
  hosts: cluster
  gather_facts: false
  vars:
    local_datastore_mount: /mnt/datastore
  vars_files:
    - vars/access.yaml
    - vars/services.yaml
  tasks:
    - name: Validate user input
      when: service is defined
      ansible.builtin.assert:
        that:
          - service in skylab_services
    - name: Determine service stacks to deploy
      ansible.builtin.set_fact:
        _services: "{{ {service: skylab_services[service]} if service is defined else skylab_services }}"
    - name: Determine app account mapping
      vars:
        _service_accounts: {}
      when: item.service | default(false)
      ansible.builtin.set_fact:
        _service_accounts: "{{ _service_accounts | combine({item.name: item}) }}"
      loop: "{{ skylab_accounts }}"
      loop_control:
        label: "{{ item.name }}"
    - name: Create compose directory
      become: true
      ansible.builtin.file:
        path: "{{ skylab_compose_dir }}"
        state: directory
        owner: "{{ ansible_user }}"
        group: "{{ skylab_group_admin.name }}"
        mode: 0770
    - name: Install compose file
      vars:
        app: "{{ item.value }}"
        _app_account: "{{ _service_accounts[item.value.user] if item.value.user is defined else false }}"
      ansible.builtin.template:
        src: docker-compose/{{ item.key }}.yaml.j2
        dest: "{{ skylab_compose_dir }}/{{ item.key }}.yaml"
        owner: "{{ ansible_user }}"
        group: "{{ skylab_group_admin.name }}"
        mode: 0660
      loop: "{{ _services | dict2items }}"
      loop_control:
        label: "{{ item.key }}"
    - name: Create automation groups
      become: true
      when: item.value.user is defined
      ansible.builtin.group:
        name: "{{ item.value.user }}"
        gid: "{{ _service_accounts[item.value.user].uid }}"
        state: present
      loop: "{{ _services | dict2items }}"
      loop_control:
        label: "{{ item.key }}"
    - name: Create automation accounts
      become: true
      when: item.value.user is defined
      ansible.builtin.user:
        name: "{{ item.value.user }}"
        state: present
        uid: "{{ _service_accounts[item.value.user].uid }}"
        group: "{{ item.value.user }}"
        groups: "{{ [skylab_group_automation.name, skylab_group.name] }}"
        system: true
        generate_ssh_key: false
        password: "{{ _service_accounts[item.value.user].password }}"
      loop: "{{ _services | dict2items }}"
      loop_control:
        label: "{{ item.key }}"
    - name: Configure datastore directories
      run_once: true
      block:
        - name: Determine volume directories
          vars:
            _stack_volume_directories: []
          when: item.value.volumes is defined
          ansible.builtin.set_fact:
            _stack_volume_directories: "{{ _stack_volume_directories + [{'user': (item.value.user | default(ansible_user)), 'volumes': (item.value.volumes.values() | list)}] }}"
          loop: "{{ _services | dict2items }}"
          loop_control:
            label: "{{ item.key }}"
        - name: Create service directories
          become: true
          ansible.builtin.file:
            path: "{{ local_datastore_mount }}{{ item.1 }}"
            state: directory
            owner: "{{ item.0.user }}"
            group: "{{ skylab_group_admin.name }}"
            mode: 0770
          loop: "{{ _stack_volume_directories | subelements('volumes') }}"
    - name: Deploy stack
      vars:
        ansible_python_interpreter: "{{ skylab_ansible_venv }}/bin/python"
      community.docker.docker_stack:
        name: "{{ item.key }}"
        compose:
          - "{{ skylab_compose_dir }}/{{ item.key }}.yaml"
        prune: false
        state: present
      loop: "{{ _services | dict2items }}"
      loop_control:
        label: "{{ item.key }}"
    - name: Configure reverse proxy
      run_once: true
      block:
        - name: Create nginx config
          when: item.value.domain is defined
          ansible.builtin.template:
            src: stack-nginx.conf.j2
            dest: "{{ local_datastore_mount }}/appdata/nginx/conf.d/{{ item.key }}.conf"
            owner: "{{ ansible_user }}"
            group: "{{ skylab_group_admin.name }}"
            mode: 0464
          loop: "{{ _services | dict2items }}"
          loop_control:
            label: "{{ item.value.domain | default(item.key) }}"
--- a/skylab/core/playbooks/files/global.sh
+++ b/skylab/core/playbooks/files/global.sh
--- a/skylab/core/playbooks/files/remote-requirements.txt
+++ b/skylab/core/playbooks/files/remote-requirements.txt
--- a/skylab/core/playbooks/node-down.yaml
+++ b/skylab/core/playbooks/node-down.yaml
@ -2,6 +2,9 @@
 - name: Check cluster state
  hosts: cluster
  any_errors_fatal: true
  pre_tasks:
    - name: Configure remot execution environment
      ansible.builtin.import_tasks: tasks/meta/bootstrap-remote-env.yaml
  tasks:
    - name: Validate user input
      run_once: true
--- a/skylab/core/playbooks/node-poweroff.yaml
+++ b/skylab/core/playbooks/node-poweroff.yaml
--- a/skylab/core/playbooks/node-up.yaml
+++ b/skylab/core/playbooks/node-up.yaml
@ -5,6 +5,9 @@
    - name: skylab_datastore_encryption_password
      prompt: Enter datastore block decryption password
      private: true
  pre_tasks:
    - name: Configure remot execution environment
      ansible.builtin.import_tasks: tasks/meta/bootstrap-remote-env.yaml
  roles:
    - role: datastore
  tasks:
--- a/skylab/core/playbooks/provision.yaml
+++ b/skylab/core/playbooks/provision.yaml
--- a/skylab/core/playbooks/tasks/meta/bootstrap-remote-env.yaml
+++ b/skylab/core/playbooks/tasks/meta/bootstrap-remote-env.yaml
--- a/skylab/core/playbooks/tasks/meta/runtime-group-determination.yaml
+++ b/skylab/core/playbooks/tasks/meta/runtime-group-determination.yaml
--- a/skylab/core/playbooks/templates/docker-compose/adguard.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/adguard.yaml.j2
--- a/skylab/core/playbooks/templates/docker-compose/bitwarden.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/bitwarden.yaml.j2
--- a/skylab/core/playbooks/templates/docker-compose/gitea.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/gitea.yaml.j2
--- a/skylab/core/playbooks/templates/docker-compose/meta.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/meta.yaml.j2
--- a/skylab/core/playbooks/templates/docker-compose/minecraft.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/minecraft.yaml.j2
--- a/skylab/core/playbooks/templates/docker-compose/plex.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/plex.yaml.j2
--- a/skylab/core/playbooks/templates/docker-compose/unifi.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/unifi.yaml.j2
--- a/skylab/core/playbooks/templates/docker-compose/vikunja.yaml.j2
+++ b/skylab/core/playbooks/templates/docker-compose/vikunja.yaml.j2
--- a/skylab/core/playbooks/update.yaml
+++ b/skylab/core/playbooks/update.yaml
--- a/skylab/core/playbooks/vars/access.yaml
+++ b/skylab/core/playbooks/vars/access.yaml
--- a/skylab/core/playbooks/vars/packages.yaml
+++ b/skylab/core/playbooks/vars/packages.yaml
--- a/skylab/core/playbooks/vars/services.yaml
+++ b/skylab/core/playbooks/vars/services.yaml
@ -1,6 +1,6 @@
 ---
 skylab_services:
-  _meta:
+  meta:
    networks:
      ext: 192.168.99.0/24
    volumes:
@ -17,7 +17,7 @@ skylab_services:
      loopback_address: 192.168.255.255
  minecraft:
-    user: auto_minecraft
+    user: autocraft
    domain: mcs.enp.one
    networks:
      ext: 192.168.102.0/24
--- a/skylab/core/playbooks/vars/sshkeys.yaml
+++ b/skylab/core/playbooks/vars/sshkeys.yaml
--- a/skylab/core/roles/dashboard/files/grafana.ini
+++ b/skylab/core/roles/dashboard/files/grafana.ini
--- a/skylab/core/roles/dashboard/files/grafana.repo
+++ b/skylab/core/roles/dashboard/files/grafana.repo
--- a/skylab/core/roles/dashboard/files/ssl-options.conf
+++ b/skylab/core/roles/dashboard/files/ssl-options.conf
--- a/skylab/core/roles/dashboard/handlers/main.yaml
+++ b/skylab/core/roles/dashboard/handlers/main.yaml
--- a/skylab/core/roles/dashboard/tasks/grafana.yaml
+++ b/skylab/core/roles/dashboard/tasks/grafana.yaml
--- a/skylab/core/roles/dashboard/tasks/main.yaml
+++ b/skylab/core/roles/dashboard/tasks/main.yaml
--- a/skylab/core/roles/dashboard/tasks/nginx.yaml
+++ b/skylab/core/roles/dashboard/tasks/nginx.yaml
--- a/skylab/core/roles/dashboard/templates/nginx.conf.j2
+++ b/skylab/core/roles/dashboard/templates/nginx.conf.j2
--- a/skylab/core/roles/dashboard/vars/main.yaml
+++ b/skylab/core/roles/dashboard/vars/main.yaml
--- a/skylab/core/roles/datastore/meta/argument_specs.yaml
+++ b/skylab/core/roles/datastore/meta/argument_specs.yaml
--- a/skylab/core/roles/datastore/tasks/gluster.yaml
+++ b/skylab/core/roles/datastore/tasks/gluster.yaml
--- a/skylab/core/roles/datastore/tasks/main.yaml
+++ b/skylab/core/roles/datastore/tasks/main.yaml
--- a/skylab/core/roles/datastore/tasks/mounts.yaml
+++ b/skylab/core/roles/datastore/tasks/mounts.yaml
--- a/skylab/core/roles/datastore/tasks/packages.yaml
+++ b/skylab/core/roles/datastore/tasks/packages.yaml
--- a/skylab/core/roles/server/handlers/main.yaml
+++ b/skylab/core/roles/server/handlers/main.yaml
--- a/skylab/core/roles/server/tasks/firewalld.yaml
+++ b/skylab/core/roles/server/tasks/firewalld.yaml
--- a/skylab/core/roles/server/tasks/hosts.yaml
+++ b/skylab/core/roles/server/tasks/hosts.yaml
--- a/skylab/core/roles/server/tasks/main.yaml
+++ b/skylab/core/roles/server/tasks/main.yaml
--- a/skylab/core/roles/server/tasks/networkd.yaml
+++ b/skylab/core/roles/server/tasks/networkd.yaml
--- a/skylab/core/roles/server/tasks/sshd.yaml
+++ b/skylab/core/roles/server/tasks/sshd.yaml
--- a/skylab/core/roles/server/tasks/sudoers.yaml
+++ b/skylab/core/roles/server/tasks/sudoers.yaml
--- a/skylab/core/roles/server/templates/motd.j2
+++ b/skylab/core/roles/server/templates/motd.j2
--- a/skylab/core/roles/server/templates/netdev.j2
+++ b/skylab/core/roles/server/templates/netdev.j2
--- a/skylab/core/roles/server/templates/network.j2
+++ b/skylab/core/roles/server/templates/network.j2
--- a/skylab/core/roles/swarm/tasks/check.yaml
+++ b/skylab/core/roles/swarm/tasks/check.yaml
--- a/skylab/core/roles/swarm/tasks/configure.yaml
+++ b/skylab/core/roles/swarm/tasks/configure.yaml
--- a/skylab/core/roles/swarm/tasks/gluster.yaml
+++ b/skylab/core/roles/swarm/tasks/gluster.yaml
--- a/skylab/core/roles/swarm/tasks/install.yaml
+++ b/skylab/core/roles/swarm/tasks/install.yaml
--- a/skylab/core/roles/swarm/tasks/join.yaml
+++ b/skylab/core/roles/swarm/tasks/join.yaml
--- a/skylab/core/roles/swarm/tasks/main.yaml
+++ b/skylab/core/roles/swarm/tasks/main.yaml
--- a/skylab/core/roles/swarm/templates/daemon.json.j2
+++ b/skylab/core/roles/swarm/templates/daemon.json.j2
Author	SHA1	Message	Date
Ethan Paul	3001e19c7e	Restructore project into collection	2021-12-11 15:59:09 -05:00
Ethan Paul	85877f8431	Bump ansible to ^4.9	2021-12-11 15:59:09 -05:00
Ethan Paul	425761f0f5	Fix incorrect netdev type key name	2021-12-11 15:59:09 -05:00
Ethan Paul	1e0eb9b426	Add missing datastore config for pegasus	2021-12-11 15:59:08 -05:00
Ethan Paul	f791b43c86	Update nat rule number for adguard server	2021-12-11 15:59:08 -05:00
Ethan Paul	12ceb3558b	Add bootstrap tasks to node up/down playbooks	2021-12-11 15:59:08 -05:00
Ethan Paul	eb1ff31e30	Add initial nginx config to deployment playbook	2021-12-11 15:59:08 -05:00
Ethan Paul	d611301f8a	Add initial (incomplete) stack deployment playbook	2021-12-11 15:59:08 -05:00
Ethan Paul	03574c1560	Fix misnamed automation account for minecraft user	2021-12-11 15:59:08 -05:00
Ethan Paul	ea2f797b30	Fix invalid service name for _meta	2021-12-11 15:59:08 -05:00
		`@ -0,0 +1,3 @@`
							`# Ansible Collection - skylab.core`

							`Documentation for the collection.`