Starting to get back on the saddle... Looking at getting AWX installed at home so I can use that over something like Jenkins... maybe

This commit is contained in:
James Tombleson 2019-10-18 19:27:09 -07:00
parent e9d2d3e52c
commit 55698826e4
26 changed files with 8908 additions and 3 deletions

12
.vscode/tasks.json vendored Normal file
View File

@ -0,0 +1,12 @@
{
// See https://go.microsoft.com/fwlink/?LinkId=733558
// for the documentation about the tasks.json format
"version": "2.0.0",
"tasks": [
{
"label": "echo",
"type": "shell",
"command": "echo Hello"
}
]
}

View File

@ -9,7 +9,6 @@ This repo contains my configuration and setup for my ansible use. Use at your o
5. Set Vault Secret 5. Set Vault Secret
6. Run Connection tests 6. Run Connection tests
## Installers ## Installers
### New hosts ### New hosts

78
Vagrantfile vendored Normal file
View File

@ -0,0 +1,78 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://vagrantcloud.com/search.
config.vm.box = "generic/ubuntu1804"
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# NOTE: This will enable public access to the opened port
# config.vm.network "forwarded_port", guest: 80, host: 8080
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine and only allow access
# via 127.0.0.1 to disable public access
# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
#config.vm.network "public_network", type: "dhcp"
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "../data", "/vagrant_data"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
config.vm.provider "virtualbox" do |vb|
# Display the VirtualBox GUI when booting the machine
vb.gui = false
# Customize the amount of memory on the VM:
vb.memory = "512"
vb.cpus = 1
vb.name = "1804"
vb.customize ["modifyvm", "1804", "--natdnshostresolver1", "on"]
vb.customize ["modifyvm", "1804", "--natdnsproxy1", "on"]
end
#
# View the documentation for the provider you are using for more
# information on available options.
# Enable provisioning with a shell script. Additional provisioners such as
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
# documentation for more information about their specific syntax and use.
config.vm.provision "shell", inline: <<-SHELL
#apt-get update
#sudo apt update
#sudo apt upgrade
SHELL
end

4230
ansible-vars.all Normal file

File diff suppressed because it is too large Load Diff

View File

@ -11,7 +11,7 @@
# some basic default values... # some basic default values...
inventory = ./test.yml inventory = ./hosts
library = /usr/share/my_modules/ library = /usr/share/my_modules/
module_utils = /usr/share/my_module_utils/ module_utils = /usr/share/my_module_utils/
remote_tmp = ~/.ansible/tmp remote_tmp = ~/.ansible/tmp
@ -137,7 +137,7 @@ roles_path = ./roles/:/etc/ansible/roles
# If set, configures the path to the Vault password file as an alternative to # If set, configures the path to the Vault password file as an alternative to
# specifying --vault-password-file on the command line. # specifying --vault-password-file on the command line.
vault_password_file = ./.ansible_vault #vault_password_file = ./.ansible_vault
# format of string {{ ansible_managed }} available within Jinja2 # format of string {{ ansible_managed }} available within Jinja2
# templates indicates to users editing templates files will be replaced. # templates indicates to users editing templates files will be replaced.

View File

@ -0,0 +1,16 @@
- name: Export all vars
hosts: osx
tasks:
- name: Dump all vars
template:
src: dumpall.j2
dest: /tmp/ansible-vars.all
- name: Copy new file to host
fetch:
src: /tmp/ansible-vars.all
dest: special/ansible-vars.all
flat: yes

19
playbook/dumpall.j2 Normal file
View File

@ -0,0 +1,19 @@
Module Variables ("vars"):
--------------------------------
{{ vars | to_nice_json }}
Environment Variables ("environment"):
--------------------------------
{{ environment | to_nice_json }}
GROUP NAMES Variables ("group_names"):
--------------------------------
{{ group_names | to_nice_json }}
GROUPS Variables ("groups"):
--------------------------------
{{ groups | to_nice_json }}
HOST Variables ("hostvars"):
--------------------------------
{{ hostvars | to_nice_json }}

View File

@ -0,0 +1,11 @@
---
- name: Install MacOS Dev Tools
hosts: osx
tasks:
- name: Install python3
homebrew:
name: python3
state: present
when: ansible_distribution == "MacOS"

File diff suppressed because it is too large Load Diff

2
roles/geerlingguy.awx/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*.retry
tests/test.sh

View File

@ -0,0 +1,22 @@
---
services: docker
env:
- distro: centos7
- distro: ubuntu1604
- distro: debian9
# Test without running the full playbook.
- distro: centos7
playbook: test-no-playbook.yml
script:
# Download test shim.
- wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
- chmod +x ${PWD}/tests/test.sh
# Run tests (increasing the travis_wait timeout).
- tests/custom_travis_wait.sh ${PWD}/tests/test.sh
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

View File

@ -0,0 +1,68 @@
# Ansible Role: AWX (open source Ansible Tower)
[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-awx.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-awx)
Installs and configures [AWX](https://github.com/ansible/awx), the open source version of [Ansible Tower](https://www.ansible.com/tower).
## Requirements
Before this role runs, assuming you want the role to completely set up AWX using it's included installer, you need to make sure the following AWX dependencies are installed:
| Dependency | Suggested Role |
| ----------------------------- | ------------------------ |
| EPEL repo (RedHat OSes only) | `geerlingguy.repo-epel` |
| Git | `geerlingguy.git` |
| Ansible | `geerlingguy.ansible` |
| Docker | `geerlingguy.docker` |
| Python Pip | `geerlingguy.pip` |
| Node.js (6.x) | `geerlingguy.nodejs` |
See this role's `tests/test.yml` playbook for an example that works across many different OSes.
## Role Variables
Available variables are listed below, along with default values (see `defaults/main.yml`):
awx_repo: https://github.com/ansible/awx.git
awx_repo_dir: "~/awx"
awx_version: devel
awx_keep_updated: yes
Variables to control what version of AWX is checked out and installed.
awx_run_install_playbook: yes
By default, this role will run the installation playbook included with AWX (which builds a set of containers and runs them). You can disable the playbook run by setting this variable to `no`.
## Dependencies
None.
## Example Playbook
- hosts: awx-centos
become: yes
vars:
nodejs_version: "6.x"
pip_install_packages:
- name: docker-py
roles:
- geerlingguy.repo-epel
- geerlingguy.git
- geerlingguy.ansible
- geerlingguy.docker
- geerlingguy.pip
- geerlingguy.nodejs
- geerlingguy.awx
After AWX is installed, you can log in with the default username `admin` and password `password`.
## License
MIT / BSD
## Author Information
This role was created in 2017 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).

View File

@ -0,0 +1,7 @@
---
awx_repo: https://github.com/ansible/awx.git
awx_repo_dir: "~/awx"
awx_version: devel
awx_keep_updated: yes
awx_run_install_playbook: yes
postgres_data_dir: /var/lib/pgdocker

View File

@ -0,0 +1,2 @@
install_date: Fri Oct 18 19:16:41 2019
version: 1.2.0

View File

@ -0,0 +1,32 @@
---
dependencies: []
galaxy_info:
author: geerlingguy
description: "Installs and configures AWX (Ansible Tower's open source version)."
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
min_ansible_version: 2.0
platforms:
- name: EL
versions:
- 7
- name: Fedora
versions:
- all
- name: Ubuntu
versions:
- all
- name: Debian
versions:
- all
galaxy_tags:
- automation
- system
- web
- django
- awx
- tower
- playbook
- ci
- cd

View File

@ -0,0 +1,12 @@
---
- name: Run the AWX installation playbook.
command: "ansible-playbook -i inventory install.yml -e postgres_data_dir={{ postgres_data_dir }}"
args:
chdir: "{{ awx_repo_dir }}/installer"
creates: /etc/awx_playbook_complete
- name: Create a file to mark whether this playbook has completed.
file:
path: /etc/awx_playbook_complete
state: touch
changed_when: False

View File

@ -0,0 +1,21 @@
---
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- name: Install AWX dependencies.
package:
name: "{{ item }}"
state: present
with_items: "{{ awx_package_dependencies }}"
- name: Clone AWX into configured directory.
git:
repo: "{{ awx_repo }}"
dest: "{{ awx_repo_dir }}"
version: "{{ awx_version }}"
update: "{{ awx_keep_updated }}"
force: yes
accept_hostkey: yes
- include: awx-install-playbook.yml
when: awx_run_install_playbook

View File

@ -0,0 +1,11 @@
# Ansible Role tests
To run the test playbook(s) in this directory:
1. Install and start Docker.
1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
- `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
1. Make the test shim executable: `chmod +x tests/test.sh`.
1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`

View File

@ -0,0 +1,26 @@
#!/usr/bin/env bash
# Add a custom wait time (limit value, in seconds).
#
# Chose to use a custom script instead of travis_wait, since travis_wait eats
# logged output then spits it out at the end.
set -e
set -u
command=$1
# Launch command in the background.
${command} &
# Ping every second.
seconds=0
limit=45*60
while kill -0 $! >/dev/null 2>&1;
do
echo -n -e " \b"
if [ $seconds == $limit ]; then
break;
fi
seconds=$((seconds + 1))
sleep 1
done

View File

@ -0,0 +1,7 @@
---
- src: geerlingguy.repo-epel
- src: geerlingguy.git
- src: geerlingguy.ansible
- src: geerlingguy.docker
- src: geerlingguy.pip
- src: geerlingguy.nodejs

View File

@ -0,0 +1,15 @@
---
- hosts: all
vars:
awx_run_install_playbook: no
pre_tasks:
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
changed_when: false
roles:
- geerlingguy.git
- role_under_test

View File

@ -0,0 +1,23 @@
---
- hosts: all
vars:
nodejs_version: "6.x"
pip_install_packages:
- name: docker-py
pre_tasks:
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
changed_when: false
roles:
- name: geerlingguy.repo-epel
when: ansible_os_family == "RedHat"
- geerlingguy.git
- geerlingguy.ansible
- geerlingguy.docker
- geerlingguy.pip
- geerlingguy.nodejs
- role_under_test

View File

@ -0,0 +1,6 @@
---
awx_package_dependencies:
- build-essential
- gettext
- g++
- bzip2

View File

@ -0,0 +1,6 @@
---
awx_package_dependencies:
- '@Development tools'
- gettext
- gcc-c++
- bzip2

30
test.yaml Normal file
View File

@ -0,0 +1,30 @@
---
all:
hosts:
dmi-dev01:
children:
linux:
hosts:
172.20.0.142:
vars:
ansible_user: ansible
ansible_connection: ssh
ansible_password:
ansible_become_method: sudo
ansible_become_pass:
ansible_python_interpreter: /usr/bin/python3
windows:
hosts:
dev01:
vars:
ansible_user: ansible
ansible_password:
ansible_connection: winrm
ansible_port: 5985
ansible_winrm_scheme: http
ansible_winrm_transport: ntlm
ansible_winrm_server_cert_validation: ignore
osx:
hosts:
127.0.0.1