Compare commits
14 Commits
9251406426
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
0a3171b9bc | ||
|
|
3068a5a8fb | ||
|
|
ef652fac20 | ||
|
|
22c1b534ab | ||
|
|
9cb90a8020 | ||
|
|
d9181515bb | ||
|
|
c3905ed144 | ||
|
|
5fb50ab4b2 | ||
|
|
2909d6e16c | ||
|
|
0aed818be5 | ||
|
|
fbdeec93ce | ||
|
|
44626101de | ||
|
|
c1d6f13275 | ||
|
|
282e98e90a |
@@ -13,6 +13,8 @@ skip_list:
|
||||
- fqcn-builtins
|
||||
- no-handler
|
||||
- var-naming
|
||||
- no-changed-when
|
||||
- risky-shell-pipe
|
||||
|
||||
# Enforce certain rules that are not enabled by default.
|
||||
enable_list:
|
||||
|
||||
8
.gitattributes
vendored
Normal file
8
.gitattributes
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
vars/group_vars/proxmox/secrets_vm.yml diff=ansible-vault merge=binary
|
||||
vars/group_vars/all/secrets.yml diff=ansible-vault merge=binary
|
||||
vars/group_vars/docker/secrets.yml diff=ansible-vault merge=binary
|
||||
vars/group_vars/k3s/secrets.yml diff=ansible-vault merge=binary
|
||||
vars/group_vars/k3s/secrets_token.yml diff=ansible-vault merge=binary
|
||||
vars/group_vars/kubernetes/secrets.yml diff=ansible-vault merge=binary
|
||||
vars/group_vars/proxmox/secrets.yml diff=ansible-vault merge=binary
|
||||
vars/group_vars/proxmox/secrets_vm.yml diff=ansible-vault merge=binary
|
||||
@@ -10,7 +10,7 @@ repos:
|
||||
hooks:
|
||||
- id: ansible-galaxy-install
|
||||
name: Install ansible-galaxy collections
|
||||
entry: ansible-galaxy collection install -r requirements.yml
|
||||
entry: ansible-galaxy collection install -r requirements.yaml
|
||||
language: system
|
||||
pass_filenames: false
|
||||
always_run: true
|
||||
@@ -18,6 +18,6 @@ repos:
|
||||
rev: v6.22.2
|
||||
hooks:
|
||||
- id: ansible-lint
|
||||
files: \.(yaml|yml)$
|
||||
files: \.(yaml)$
|
||||
additional_dependencies:
|
||||
- ansible-core==2.15.8
|
||||
|
||||
11
README.md
11
README.md
@@ -66,6 +66,17 @@ The following roles are defined:
|
||||
ansible-playbook -i vars/k3s.ini playbooks/kubernetes_setup.yml
|
||||
```
|
||||
|
||||
## Notes
|
||||
|
||||
### Vault Git Diff
|
||||
|
||||
This repo has a `.gitattributes` which points at the repos ansible-vault files.
|
||||
These can be temporarily decrypted for git diff by adding this in conjunction with the `.gitattributes`:
|
||||
```sh
|
||||
# https://stackoverflow.com/questions/29937195/how-to-diff-ansible-vault-changes
|
||||
git config --global diff.ansible-vault.textconv "ansible-vault view"
|
||||
```
|
||||
|
||||
## Disclaimer
|
||||
|
||||
This project is highly customized for the author's specific environment. Using it without modification is not recommended.
|
||||
|
||||
@@ -14,7 +14,7 @@ vault_password_file=/media/veracrypt1/scripts/ansible_vault.sh
|
||||
|
||||
# (list) Check all of these extensions when looking for 'variable' files which should be YAML or JSON or vaulted versions of these.
|
||||
# This affects vars_files, include_vars, inventory and vars plugins among others.
|
||||
yaml_valid_extensions=.yml
|
||||
yaml_valid_extensions=.yaml
|
||||
|
||||
# (boolean) Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host
|
||||
host_key_checking=False
|
||||
|
||||
@@ -3,9 +3,9 @@
|
||||
hosts: docker_host
|
||||
gather_facts: true
|
||||
roles:
|
||||
- role: common
|
||||
tags:
|
||||
- common
|
||||
# - role: common
|
||||
# tags:
|
||||
# - common
|
||||
- role: docker_host
|
||||
tags:
|
||||
- docker_host
|
||||
5
playbooks/docker.yaml
Normal file
5
playbooks/docker.yaml
Normal file
@@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: Setup Docker Hosts
|
||||
ansible.builtin.import_playbook: docker-host.yaml
|
||||
- name: Setup Docker load balancer
|
||||
ansible.builtin.import_playbook: docker-lb.yaml
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
- name: Setup Docker Hosts
|
||||
ansible.builtin.import_playbook: docker-host.yml
|
||||
- name: Setup Docker load balancer
|
||||
ansible.builtin.import_playbook: docker-lb.yml
|
||||
6
playbooks/proxmox-k3s-add-agent.yaml
Normal file
6
playbooks/proxmox-k3s-add-agent.yaml
Normal file
@@ -0,0 +1,6 @@
|
||||
---
|
||||
- name: Create new VM(s)
|
||||
ansible.builtin.import_playbook: proxmox.yaml
|
||||
|
||||
- name: Provision VM
|
||||
ansible.builtin.import_playbook: k3s-agents.yaml
|
||||
@@ -79,12 +79,13 @@
|
||||
path: ~/.config/nvim
|
||||
register: nvim_config
|
||||
|
||||
- name: Clone LazyVim starter to Neovim config directory
|
||||
- name: Clone personal Neovim config directory
|
||||
ansible.builtin.git:
|
||||
repo: https://github.com/LazyVim/starter
|
||||
repo: https://codeberg.org/tudattr/nvim
|
||||
dest: ~/.config/nvim
|
||||
clone: true
|
||||
update: false
|
||||
version: 1.0.0
|
||||
when: not nvim_config.stat.exists
|
||||
|
||||
- name: Remove .git directory from Neovim config
|
||||
13
roles/common/tasks/main.yaml
Normal file
13
roles/common/tasks/main.yaml
Normal file
@@ -0,0 +1,13 @@
|
||||
---
|
||||
- name: Configure Time
|
||||
ansible.builtin.include_tasks: time.yaml
|
||||
- name: Configure Packages
|
||||
ansible.builtin.include_tasks: packages.yaml
|
||||
- name: Configure Hostname
|
||||
ansible.builtin.include_tasks: hostname.yaml
|
||||
- name: Configure Extra-Packages
|
||||
ansible.builtin.include_tasks: extra_packages.yaml
|
||||
- name: Configure Bash
|
||||
ansible.builtin.include_tasks: bash.yaml
|
||||
- name: Configure SSH
|
||||
ansible.builtin.include_tasks: sshd.yaml
|
||||
@@ -1,13 +0,0 @@
|
||||
---
|
||||
- name: Configure Time
|
||||
ansible.builtin.include_tasks: time.yml
|
||||
- name: Configure Packages
|
||||
ansible.builtin.include_tasks: packages.yml
|
||||
- name: Configure Hostname
|
||||
ansible.builtin.include_tasks: hostname.yml
|
||||
- name: Configure Extra-Packages
|
||||
ansible.builtin.include_tasks: extra_packages.yml
|
||||
- name: Configure Bash
|
||||
ansible.builtin.include_tasks: bash.yml
|
||||
- name: Configure SSH
|
||||
ansible.builtin.include_tasks: sshd.yml
|
||||
@@ -15,3 +15,4 @@ common_packages:
|
||||
- ripgrep
|
||||
- nfs-common
|
||||
- open-iscsi
|
||||
- parted
|
||||
@@ -5,7 +5,6 @@
|
||||
state: directory
|
||||
mode: "0755"
|
||||
loop:
|
||||
- /media/docker
|
||||
- /media/series
|
||||
- /media/movies
|
||||
- /media/songs
|
||||
@@ -38,4 +37,5 @@
|
||||
- /media/series
|
||||
- /media/movies
|
||||
- /media/songs
|
||||
- /media/downloads
|
||||
become: true
|
||||
21
roles/docker_host/tasks/main.yaml
Normal file
21
roles/docker_host/tasks/main.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
---
|
||||
- name: Setup VM
|
||||
ansible.builtin.include_tasks: 10_setup.yaml
|
||||
|
||||
- name: Install docker
|
||||
ansible.builtin.include_tasks: 20_installation.yaml
|
||||
|
||||
- name: Setup user and group for docker
|
||||
ansible.builtin.include_tasks: 30_user_group_setup.yaml
|
||||
|
||||
- name: Setup directory structure for docker
|
||||
ansible.builtin.include_tasks: 40_directory_setup.yaml
|
||||
|
||||
# - name: Deploy configs
|
||||
# ansible.builtin.include_tasks: 50_provision.yaml
|
||||
|
||||
- name: Deploy docker compose
|
||||
ansible.builtin.include_tasks: 60_deploy_compose.yaml
|
||||
|
||||
- name: Publish metrics
|
||||
ansible.builtin.include_tasks: 70_export.yaml
|
||||
@@ -1,21 +0,0 @@
|
||||
---
|
||||
- name: Setup VM
|
||||
ansible.builtin.include_tasks: 10_setup.yml
|
||||
|
||||
- name: Install docker
|
||||
ansible.builtin.include_tasks: 20_installation.yml
|
||||
|
||||
- name: Setup user and group for docker
|
||||
ansible.builtin.include_tasks: 30_user_group_setup.yml
|
||||
|
||||
- name: Setup directory structure for docker
|
||||
ansible.builtin.include_tasks: 40_directory_setup.yml
|
||||
|
||||
- name: Deploy configs
|
||||
ansible.builtin.include_tasks: 50_provision.yml
|
||||
|
||||
- name: Deploy docker compose
|
||||
ansible.builtin.include_tasks: 60_deploy_compose.yml
|
||||
|
||||
- name: Publish metrics
|
||||
ansible.builtin.include_tasks: 70_export.yml
|
||||
@@ -1,7 +1,5 @@
|
||||
docker_host_package_common_dependencies:
|
||||
- nfs-common
|
||||
- firmware-misc-nonfree
|
||||
- linux-image-amd64
|
||||
|
||||
apt_lock_files:
|
||||
- /var/lib/dpkg/lock
|
||||
3
roles/k3s_agent/tasks/main.yaml
Normal file
3
roles/k3s_agent/tasks/main.yaml
Normal file
@@ -0,0 +1,3 @@
|
||||
---
|
||||
- name: Install k3s agent
|
||||
include_tasks: installation.yaml
|
||||
@@ -1,3 +0,0 @@
|
||||
---
|
||||
- name: Install k3s agent
|
||||
include_tasks: installation.yml
|
||||
@@ -1,9 +1,9 @@
|
||||
---
|
||||
- name: Installation
|
||||
ansible.builtin.include_tasks: installation.yml
|
||||
ansible.builtin.include_tasks: installation.yaml
|
||||
|
||||
- name: Configure
|
||||
ansible.builtin.include_tasks: configuration.yml
|
||||
ansible.builtin.include_tasks: configuration.yaml
|
||||
|
||||
- name: Setup DNS on Netcup
|
||||
community.general.netcup_dns:
|
||||
@@ -14,16 +14,16 @@
|
||||
register: k3s_status
|
||||
|
||||
- name: Install primary k3s server
|
||||
include_tasks: primary_installation.yml
|
||||
include_tasks: primary_installation.yaml
|
||||
when: ansible_default_ipv4.address == k3s_primary_server_ip
|
||||
|
||||
- name: Get token from primary k3s server
|
||||
include_tasks: pull_token.yml
|
||||
include_tasks: pull_token.yaml
|
||||
|
||||
- name: Install seconary k3s servers
|
||||
include_tasks: secondary_installation.yml
|
||||
include_tasks: secondary_installation.yaml
|
||||
when: ansible_default_ipv4.address != k3s_primary_server_ip
|
||||
|
||||
- name: Set kubeconfig on localhost
|
||||
include_tasks: create_kubeconfig.yml
|
||||
include_tasks: create_kubeconfig.yaml
|
||||
when: ansible_default_ipv4.address == k3s_primary_server_ip
|
||||
@@ -1 +1 @@
|
||||
k3s_server_token_vault_file: ../vars/group_vars/k3s/secrets_token.yml
|
||||
k3s_server_token_vault_file: ../vars/group_vars/k3s/secrets_token.yaml
|
||||
5
roles/k3s_storage/tasks/main.yaml
Normal file
5
roles/k3s_storage/tasks/main.yaml
Normal file
@@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: Install dependencies
|
||||
ansible.builtin.include_tasks: requirements.yaml
|
||||
- name: Install k3s
|
||||
ansible.builtin.include_tasks: installation.yaml
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
- name: Install dependencies
|
||||
ansible.builtin.include_tasks: requirements.yml
|
||||
- name: Install k3s
|
||||
ansible.builtin.include_tasks: installation.yml
|
||||
@@ -33,7 +33,7 @@
|
||||
|
||||
- name: Apply ArgoCD Ingress
|
||||
kubernetes.core.k8s:
|
||||
definition: "{{ lookup('ansible.builtin.template', 'ingress.yml.j2') | from_yaml }}"
|
||||
definition: "{{ lookup('ansible.builtin.template', 'ingress.yaml.j2') | from_yaml }}"
|
||||
state: present
|
||||
namespace: "{{ argocd_namespace }}"
|
||||
register: apply_manifests
|
||||
@@ -53,7 +53,7 @@
|
||||
|
||||
- name: Apply ArgoCD repository
|
||||
kubernetes.core.k8s:
|
||||
definition: "{{ lookup('ansible.builtin.template', 'repository.yml.j2') | from_yaml }}"
|
||||
definition: "{{ lookup('ansible.builtin.template', 'repository.yaml.j2') | from_yaml }}"
|
||||
state: present
|
||||
namespace: "{{ argocd_namespace }}"
|
||||
register: apply_manifests
|
||||
@@ -63,7 +63,7 @@
|
||||
|
||||
- name: Apply ArgoCD Root Application
|
||||
kubernetes.core.k8s:
|
||||
definition: "{{ lookup('ansible.builtin.template', 'root_application.yml.j2') | from_yaml }}"
|
||||
definition: "{{ lookup('ansible.builtin.template', 'root_application.yaml.j2') | from_yaml }}"
|
||||
state: present
|
||||
namespace: "{{ argocd_namespace }}"
|
||||
register: apply_manifests
|
||||
6
roles/node_exporter/tasks/main.yaml
Normal file
6
roles/node_exporter/tasks/main.yaml
Normal file
@@ -0,0 +1,6 @@
|
||||
- name: Get Version
|
||||
ansible.builtin.include_tasks: get_version.yaml
|
||||
- name: Install
|
||||
ansible.builtin.include_tasks: install.yaml
|
||||
- name: Setup Service
|
||||
ansible.builtin.include_tasks: systemd.yaml
|
||||
@@ -1,6 +0,0 @@
|
||||
- name: Get Version
|
||||
ansible.builtin.include_tasks: get_version.yml
|
||||
- name: Install
|
||||
ansible.builtin.include_tasks: install.yml
|
||||
- name: Setup Service
|
||||
ansible.builtin.include_tasks: systemd.yml
|
||||
@@ -2,11 +2,6 @@
|
||||
|
||||
This role facilitates the management of Proxmox VE resources, including virtual machines (VMs) and LXC containers. It automates the setup of Proxmox nodes and the creation, configuration, and destruction of guests.
|
||||
|
||||
## Requirements
|
||||
|
||||
- `community.general.proxmox_vm_info`
|
||||
- `community.general.proxmox_kvm`
|
||||
|
||||
## Role Variables
|
||||
|
||||
| Variable | Description | Default Value |
|
||||
|
||||
@@ -65,11 +65,11 @@ restart_vm() {
|
||||
}
|
||||
|
||||
# Main execution
|
||||
log_message "Starting monitoring of VM $VM_ID on port $PORT..."
|
||||
# log_message "Starting monitoring of VM $VM_ID on port $PORT..."
|
||||
|
||||
# Check if port 22 is open
|
||||
if ! check_port; then
|
||||
restart_vm
|
||||
else
|
||||
log_message "Port $PORT is reachable. VM is running normally."
|
||||
# else
|
||||
# log_message "Port $PORT is reachable. VM is running normally."
|
||||
fi
|
||||
|
||||
8
roles/proxmox/tasks/00_setup_machines.yaml
Normal file
8
roles/proxmox/tasks/00_setup_machines.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Prepare Localhost
|
||||
ansible.builtin.include_tasks: ./01_setup_localhost.yaml
|
||||
when: is_localhost
|
||||
|
||||
- name: Prepare Localhost
|
||||
ansible.builtin.include_tasks: ./05_setup_node.yaml
|
||||
when: is_proxmox_node
|
||||
@@ -1,8 +0,0 @@
|
||||
---
|
||||
- name: Prepare Localhost
|
||||
ansible.builtin.include_tasks: ./01_setup_localhost.yml
|
||||
when: is_localhost
|
||||
|
||||
- name: Prepare Localhost
|
||||
ansible.builtin.include_tasks: ./05_setup_node.yml
|
||||
when: is_proxmox_node
|
||||
@@ -7,4 +7,4 @@
|
||||
loop: "{{ proxmox_node_dependencies }}"
|
||||
|
||||
- name: Ensure Harware Acceleration on node
|
||||
ansible.builtin.include_tasks: 06_hardware_acceleration.yml
|
||||
ansible.builtin.include_tasks: 06_hardware_acceleration.yaml
|
||||
@@ -23,6 +23,7 @@
|
||||
vfio_virqfd
|
||||
create: true
|
||||
backup: true
|
||||
mode: 644
|
||||
register: vfio_result
|
||||
|
||||
- name: Update initramfs
|
||||
@@ -6,7 +6,7 @@
|
||||
mode: "0600"
|
||||
|
||||
- name: Update Vault data
|
||||
ansible.builtin.include_tasks: 15_create_secret.yml
|
||||
ansible.builtin.include_tasks: 15_create_secret.yaml
|
||||
loop: "{{ vms | map(attribute='name') }}"
|
||||
loop_control:
|
||||
loop_var: "vm_name"
|
||||
@@ -1,7 +1,6 @@
|
||||
---
|
||||
- name: Decrypt vm vault file
|
||||
ansible.builtin.shell: cd ../; ansible-vault decrypt "./playbooks/{{ proxmox_vault_file }}"
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
|
||||
- name: Load existing vault content
|
||||
@@ -43,5 +42,4 @@
|
||||
|
||||
- name: Encrypt vm vault file
|
||||
ansible.builtin.shell: cd ../; ansible-vault encrypt "./playbooks/{{ proxmox_vault_file }}"
|
||||
ignore_errors: true
|
||||
no_log: true
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
- name: Download Cloud Init Isos
|
||||
ansible.builtin.include_tasks: 42_download_isos.yml
|
||||
ansible.builtin.include_tasks: 42_download_isos.yaml
|
||||
loop: "{{ proxmox_cloud_init_images | dict2items | map(attribute='value') }}"
|
||||
loop_control:
|
||||
loop_var: distro
|
||||
@@ -5,13 +5,13 @@
|
||||
name: vm_secrets
|
||||
|
||||
# - name: Destroy vms (Only during rapid testing)
|
||||
# ansible.builtin.include_tasks: 54_destroy_vm.yml
|
||||
# ansible.builtin.include_tasks: 54_destroy_vm.yaml
|
||||
# loop: "{{ vms }}"
|
||||
# loop_control:
|
||||
# loop_var: "vm"
|
||||
|
||||
- name: Create vms
|
||||
ansible.builtin.include_tasks: 55_create_vm.yml
|
||||
ansible.builtin.include_tasks: 55_create_vm.yaml
|
||||
loop: "{{ vms }}"
|
||||
loop_control:
|
||||
loop_var: "vm"
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
- name: Gather info about VM
|
||||
community.general.proxmox_vm_info:
|
||||
community.proxmox.proxmox_vm_info:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -9,7 +9,7 @@
|
||||
register: vm_info
|
||||
|
||||
- name: Stop VM
|
||||
community.general.proxmox_kvm:
|
||||
community.proxmox.proxmox_kvm:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -21,7 +21,7 @@
|
||||
when: vm_info.proxmox_vms | length > 0
|
||||
|
||||
- name: Destroy VM
|
||||
community.general.proxmox_kvm:
|
||||
community.proxmox.proxmox_kvm:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
- name: Create VM
|
||||
community.general.proxmox_kvm:
|
||||
community.proxmox.proxmox_kvm:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -27,5 +27,5 @@
|
||||
register: proxmox_deploy_info
|
||||
|
||||
- name: Provision created VM
|
||||
ansible.builtin.include_tasks: 56_provision_new_vm.yml
|
||||
ansible.builtin.include_tasks: 56_provision_new_vm.yaml
|
||||
when: proxmox_deploy_info.changed
|
||||
@@ -25,7 +25,7 @@
|
||||
delegate_to: "{{ vm.node }}"
|
||||
|
||||
- name: Start VM
|
||||
community.general.proxmox_kvm:
|
||||
community.proxmox.proxmox_kvm:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -35,14 +35,14 @@
|
||||
state: started
|
||||
|
||||
- name: Retry stopping VM
|
||||
ansible.builtin.include_tasks: ./57_stop_and_verify_vm.yml
|
||||
ansible.builtin.include_tasks: ./57_stop_and_verify_vm.yaml
|
||||
|
||||
- name: Pause for 5 seconds for api
|
||||
ansible.builtin.pause:
|
||||
seconds: 5
|
||||
|
||||
- name: Start VM
|
||||
community.general.proxmox_kvm:
|
||||
community.proxmox.proxmox_kvm:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -99,7 +99,7 @@
|
||||
- name: Creates PATH-entry for crontab
|
||||
ansible.builtin.cron:
|
||||
name: PATH
|
||||
env: yes
|
||||
env: true
|
||||
job: /usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||
delegate_to: "{{ vm.node }}"
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
retry_count: "{{ 0 if retry_count is undefined else retry_count | int + 1 }}"
|
||||
|
||||
- name: Stop VM
|
||||
community.general.proxmox_kvm:
|
||||
community.proxmox.proxmox_kvm:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -16,7 +16,7 @@
|
||||
force: true
|
||||
|
||||
- name: Wait until VM is fully stopped
|
||||
community.general.proxmox_vm_info:
|
||||
community.proxmox.proxmox_vm_info:
|
||||
api_user: "{{ proxmox_api_user }}@pam"
|
||||
api_token_id: "{{ proxmox_api_token_id }}"
|
||||
api_token_secret: "{{ proxmox_api_token_secret }}"
|
||||
@@ -36,4 +36,4 @@
|
||||
seconds: 5
|
||||
|
||||
- name: "Failed to stop VM - Retrying..."
|
||||
include_tasks: ./57_stop_and_verify_vm.yml
|
||||
include_tasks: ./57_stop_and_verify_vm.yaml
|
||||
@@ -5,7 +5,7 @@
|
||||
name: vm_secrets
|
||||
|
||||
- name: Create vms
|
||||
ansible.builtin.include_tasks: 65_create_container.yml
|
||||
ansible.builtin.include_tasks: 65_create_container.yaml
|
||||
loop: "{{ lxcs }}"
|
||||
loop_control:
|
||||
loop_var: "container"
|
||||
19
roles/proxmox/tasks/main.yaml
Normal file
19
roles/proxmox/tasks/main.yaml
Normal file
@@ -0,0 +1,19 @@
|
||||
---
|
||||
- name: Prepare Machines
|
||||
ansible.builtin.include_tasks: 00_setup_machines.yaml
|
||||
|
||||
- name: Create VM vault
|
||||
ansible.builtin.include_tasks: 10_create_secrets.yaml
|
||||
when: is_localhost
|
||||
|
||||
- name: Prime node for VM
|
||||
ansible.builtin.include_tasks: 40_prepare_vm_creation.yaml
|
||||
when: is_proxmox_node
|
||||
|
||||
- name: Create VMs
|
||||
ansible.builtin.include_tasks: 50_create_vms.yaml
|
||||
when: is_localhost
|
||||
|
||||
- name: Create LXC containers
|
||||
ansible.builtin.include_tasks: 60_create_containers.yaml
|
||||
when: is_localhost
|
||||
@@ -1,19 +0,0 @@
|
||||
---
|
||||
- name: Prepare Machines
|
||||
ansible.builtin.include_tasks: 00_setup_machines.yml
|
||||
|
||||
- name: Create VM vault
|
||||
ansible.builtin.include_tasks: 10_create_secrets.yml
|
||||
when: is_localhost
|
||||
|
||||
- name: Prime node for VM
|
||||
ansible.builtin.include_tasks: 40_prepare_vm_creation.yml
|
||||
when: is_proxmox_node
|
||||
|
||||
- name: Create VMs
|
||||
ansible.builtin.include_tasks: 50_create_vms.yml
|
||||
when: is_localhost
|
||||
|
||||
- name: Create LXC containers
|
||||
ansible.builtin.include_tasks: 60_create_containers.yml
|
||||
when: is_localhost
|
||||
@@ -3,7 +3,7 @@ proxmox_creator: ansible
|
||||
|
||||
proxmox_storage: proxmox
|
||||
|
||||
proxmox_vault_file: ../vars/group_vars/proxmox/secrets_vm.yml
|
||||
proxmox_vault_file: ../vars/group_vars/proxmox/secrets_vm.yaml
|
||||
proxmox_secrets_prefix: secrets_vm
|
||||
proxmox_cloud_init_images:
|
||||
debian:
|
||||
@@ -25,7 +25,7 @@
|
||||
become: true
|
||||
|
||||
- name: Build Custom Caddy with netcup
|
||||
ansible.builtin.command: xcaddy build --with github.com/caddy-dns/netcup
|
||||
ansible.builtin.command: xcaddy build --with github.com/caddy-dns/cloudflare
|
||||
environment:
|
||||
PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin"
|
||||
register: xcaddy_build
|
||||
14
roles/reverse_proxy/tasks/50_netcup_dns.yaml
Normal file
14
roles/reverse_proxy/tasks/50_netcup_dns.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
---
|
||||
# - name: Setup DNS on Netcup
|
||||
# community.general.netcup_dns:
|
||||
# api_key: "{{ netcup_api_key }}"
|
||||
# api_password: "{{ netcup_api_password }}"
|
||||
# customer_id: "{{ netcup_customer_id }}"
|
||||
# domain: "{{ domain }}"
|
||||
# name: "{{ service.name }}"
|
||||
# type: "A"
|
||||
# value: "{{ hostvars['docker-lb'].ansible_default_ipv4.address }}"
|
||||
# loop: "{{ services }}"
|
||||
# loop_control:
|
||||
# loop_var: service
|
||||
# delegate_to: localhost
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
- name: Setup DNS on Netcup
|
||||
community.general.netcup_dns:
|
||||
api_key: "{{ netcup_api_key }}"
|
||||
api_password: "{{ netcup_api_password }}"
|
||||
customer_id: "{{ netcup_customer_id }}"
|
||||
domain: "{{ domain }}"
|
||||
name: "{{ service.name }}"
|
||||
type: "A"
|
||||
value: "{{ hostvars['docker-lb'].ansible_default_ipv4.address }}"
|
||||
loop: "{{ services }}"
|
||||
loop_control:
|
||||
loop_var: service
|
||||
delegate_to: localhost
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user