updated README, added tags, fixed knownhosts, added cron mount
This commit is contained in:
parent
c0f1f9051e
commit
9057c75b1f
15
Makefile
15
Makefile
@ -1,16 +1,19 @@
|
||||
.PHONY: all deploy check clean create debug
|
||||
|
||||
|
||||
TOKEN = $(shell ansible-vault decrypt --vault-password-file \
|
||||
~/.config/ansible/hcloud.secret --output - group_vars/all/vars.yaml | cut -d' ' -f2)
|
||||
~/.config/ansible/hcloud.secret --output - \
|
||||
group_vars/all/vars.yaml | cut -d' ' -f2)
|
||||
|
||||
SNAPSHOT = $(shell hcloud image list -t snapshot -o yaml | \
|
||||
yq '. | map(select(.description == "FreeBSD-14.1-RELEASE-hcloud-init")) | .[].id')
|
||||
|
||||
CREATE_COMMAND = ansible-playbook create.yaml -i inventory
|
||||
DEPLOY_COMMAND = ansible-playbook deploy.yaml -i inventory
|
||||
CLEAN_COMMAND = ansible-playbook cleanup.yaml -i inventory
|
||||
HOSTS_COMMAND = ansible-playbook knownhosts.yaml -i inventory
|
||||
DEBUG_COMMAND = ansible-playbook debug.yaml -i inventory
|
||||
OPTIONS = -i inventory -t active
|
||||
CREATE_COMMAND = ansible-playbook create.yaml $(OPTIONS)
|
||||
DEPLOY_COMMAND = ansible-playbook deploy.yaml $(OPTIONS)
|
||||
CLEAN_COMMAND = ansible-playbook cleanup.yaml $(OPTIONS)
|
||||
HOSTS_COMMAND = ansible-playbook knownhosts.yaml $(OPTIONS)
|
||||
DEBUG_COMMAND = ansible-playbook debug.yaml $(OPTIONS)
|
||||
|
||||
ENV = HCLOUD_TOKEN="$(TOKEN)" SNAPSHOT="$(SNAPSHOT)" ANSIBLE_VERBOSITY=$(verbose)
|
||||
|
||||
|
||||
14
README.md
14
README.md
@ -44,12 +44,20 @@ the yaml file containing the token might be part of your public repo,
|
||||
it is a ansible vauld, properly encrypted and the key stays local on
|
||||
your work machine.
|
||||
|
||||
The token is then being used as an environment variable setup in the Makefile.
|
||||
|
||||
### To use
|
||||
|
||||
- `make deploy`: deploy a new shell VPS and configure it
|
||||
if it already exists, only configure
|
||||
- `make`: create a new VPS and configure it
|
||||
|
||||
- `make create`: create a new VPS and auxillary services
|
||||
|
||||
- `make deploy`: configure the VPS
|
||||
|
||||
- `make clean`: remove the shell VPC. Do not do this with the production instance!
|
||||
|
||||
|
||||
To make the output more verbose, add `-v[vvv]` to the target, e.g.: `make depoy-vvvv`
|
||||
To make the output more verbose, add `verbose=N` to the target, e.g.:
|
||||
`make depoy verbose=2` where N is the verbosity level (0-4)
|
||||
|
||||
If you want to execute only a subset of a playbook, remove the `active` tag from it.
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
- name: Remove BSDNIX Servers
|
||||
tags: active
|
||||
hosts: vps
|
||||
connection: local
|
||||
gather_facts: False
|
||||
|
||||
14
create.yaml
14
create.yaml
@ -1,11 +1,12 @@
|
||||
- name: Create the home volume
|
||||
tags: active
|
||||
hosts: localhost
|
||||
connection: local
|
||||
# FIXME: create volume role
|
||||
roles:
|
||||
- storage
|
||||
|
||||
- name: Create BSDNIX Servers
|
||||
tags: active
|
||||
hosts: vps
|
||||
connection: local
|
||||
gather_facts: False
|
||||
@ -15,8 +16,8 @@
|
||||
|
||||
# during testing the ip addresses change all the time, so tune the
|
||||
# known_hosts file accordingly after setup
|
||||
# FIXME: doesn't work correctly yet
|
||||
- name: Add/cleanup public keys of all vps' to known_hosts file
|
||||
tags: active
|
||||
hosts: localhost
|
||||
connection: local
|
||||
gather_facts: false
|
||||
@ -24,12 +25,5 @@
|
||||
ssh_known_hosts_file: "{{ lookup('env','HOME') + '/.ssh/known_hosts' }}"
|
||||
ssh_known_hosts: "{{ groups['running'] }}"
|
||||
tasks:
|
||||
- known_hosts:
|
||||
path: "{{ ssh_known_hosts_file }}"
|
||||
name: "{{ item }}"
|
||||
key: "{{ lookup('pipe','ssh-keyscan -T 10 ' + item + ',' + lookup('dig',item)) }}"
|
||||
state: present
|
||||
- shell: "ssh-keygen -f '/home/scip/.ssh/known_hosts' -R {{ item }}"
|
||||
loop: "{{ ssh_known_hosts | map('extract', hostvars, ['ipv6']) | list }}"
|
||||
become: no
|
||||
|
||||
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
- name: Configure BSDNIX Servers
|
||||
tags: active
|
||||
hosts: running
|
||||
gather_facts: true
|
||||
user: root
|
||||
|
||||
@ -24,8 +24,12 @@ jails:
|
||||
octet: 2
|
||||
|
||||
storage:
|
||||
home:
|
||||
volume:
|
||||
size: 10
|
||||
name: zhcloud # zfs pool name
|
||||
mount: /home
|
||||
device: da1
|
||||
mounts:
|
||||
- mount: /home
|
||||
name: /home
|
||||
- mount: /var/cron/tabs
|
||||
name: /crontabs
|
||||
|
||||
@ -9,11 +9,11 @@
|
||||
state: present
|
||||
ssh_keys: "{{ ssh_keys }}"
|
||||
# FIXME: https://github.com/ansible-collections/hetzner.hcloud/issues/585
|
||||
#volumes: "{{ storage.home.name }}"
|
||||
#volumes: "{{ storage.volume.name }}"
|
||||
register: server
|
||||
|
||||
- name: Attach the home volume
|
||||
hetzner.hcloud.volume:
|
||||
name: "{{ storage.home.name }}"
|
||||
name: "{{ storage.volume.name }}"
|
||||
server: "{{ hostname }}"
|
||||
state: present
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
- name: Remove volume
|
||||
hetzner.hcloud.volume:
|
||||
name: "{{ storage.home.name }}"
|
||||
name: "{{ storage.volume.name }}"
|
||||
state: absent
|
||||
|
||||
- name: Remove server
|
||||
|
||||
@ -4,13 +4,20 @@
|
||||
state: present
|
||||
name: "{{ packages }}"
|
||||
|
||||
# FIXME: remove the symlink in the release snapshot
|
||||
# FIXME: remove the symlink in the next release snapshot
|
||||
- name: Remove old home sym link
|
||||
shell: |
|
||||
rm /home
|
||||
touch /tmp/.ansible.home
|
||||
args:
|
||||
creates: "/tmp/.ansible.home"
|
||||
|
||||
- name: Remove original cron tab dir
|
||||
shell: |
|
||||
rm -rf /var/cron/tabs
|
||||
touch /tmp/.ansible.crontabs
|
||||
args:
|
||||
creates: "/tmp/.ansible.crontabs"
|
||||
|
||||
- name: Setup home volume partition
|
||||
shell: |
|
||||
@ -20,17 +27,20 @@
|
||||
creates: "/tmp/.ansible.gpt"
|
||||
|
||||
- name: Setup home fs type
|
||||
shell: "gpart add -t freebsd-zfs -l {{ storage.home.name }} -a 1M {{ storage.home.device }}"
|
||||
shell: |
|
||||
gpart add -t freebsd-zfs -l {{ storage.volume.name }} -a 1M {{ storage.volume.device }}
|
||||
touch /tmp/.ansible.add
|
||||
args:
|
||||
creates: "/dev/da1p1"
|
||||
creates: "/tmp/.ansible.add"
|
||||
|
||||
|
||||
- name: Create zpool using home volume
|
||||
shell: "zpool create -f {{ storage.home.name }} {{ storage.home.device }}"
|
||||
shell: "zpool create -f {{ storage.volume.name }} {{ storage.volume.device }}"
|
||||
args:
|
||||
creates: "/{{ storage.home.name }}"
|
||||
creates: "/{{ storage.volume.name }}"
|
||||
|
||||
- name: Create zfs home dataset
|
||||
shell: "zfs create -o mountpoint={{ storage.home.mount }} {{ storage.home.name }}/home"
|
||||
loop: "{{ storage.mounts }}"
|
||||
shell: "zfs create -o mountpoint={{ item.mount }} {{ storage.volume.name }}{{ item.name }}"
|
||||
args:
|
||||
creates: "/home"
|
||||
creates: "{{ item.mount }}"
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
- name: Create the home volume
|
||||
hetzner.hcloud.volume:
|
||||
name: "{{ storage.home.name }}"
|
||||
name: "{{ storage.volume.name }}"
|
||||
location: "{{ location }}"
|
||||
size: "{{ storage.home.size }}"
|
||||
size: "{{ storage.volume.size }}"
|
||||
state: present
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user