James Tombleson
d14c2aaa2c
* docker tests are looking good and nfs is able to connect and containers can talk to each other. * Added pihole support for a new vm * pihole is not working yet via docker. Installed it by hand without ansible for now. * added some docker related tasks and working on collins now to see how to use it. * forgot to push some changes... kube didnt work out as it adds too much overhead for what I need. * added two roles to help working with backup and restore of docker volume data. * did some cleanup on old roles. * pushing for axw testing * moving to requirements.yml. adding cron jobs for maint. * roles are being moved out of this repo. Roles are handled by requirements.yml going forward. Dev roles are still in the repo but if they stick around a new repo will be made for it. * Made a bunch of changes * fixed a problem * Added a playbook to deploy grafana and added prometheus role to monitor things. * Updated cron to test * Updated cron to test * Updated cron * updated discord_webhook and now testing if cron will pick up the changes. * Fixed plex backup for now. * docker updates and working on nginx * pushing pending changes that need to go live for cron testing * fixed debug roles and updated discord test * fixed debug roles and updated discord test * Disabling test cron * its been awhile... I am not sure what I have done anymore but time to push my changes. * added newsbot configs, added to jenkins, starting to migrate to collections. * Updated inventory to support the network changes * jenkinsfile is now working in my local setup. * node2 is unhealthy and is removed from inv. I was doing something to this box months ago, but now i dont remember what it was." * updated images and adding them to jenkins for testing * removed the old image files and moved to my public image * Jenkins will now inform discord of jobs. Added post tasks. Added mediaserver common. * updated the backend update job and adding a jenkins pipeline to handle it for me. * updated the backup job again * Updated all the jekins jobs. Added a jenkins newsbot backup job. Adjusted newsbot plays to add backup and redeploy jobs. * updated newsbot backup playbook to make older backup files as needed. * Added debug message to report in CI what version is getting deployed. * I did something stupid and this device is not letting me login for now. * removing twitter source for now as I found a bandwidth related bug that wont get pushed for a bit * Adding a bunch of changes, some is cleanup and some are adds * updated the images * updated the kube common playbook * Started to work on ceph, stopped due to hardware resources, updated common, added monit, and starting to work on a playbook to handle my ssh access. * Added a role to deploy monit to my servers. Still needs some more updates before its ready * Here is my work on ceph, it might go away but I am not sure yet. * Starting to migrate my common playbook to a role, not done yet. * updated kube and inventory * updated gitignore
88 lines
1.9 KiB
YAML
88 lines
1.9 KiB
YAML
---
|
|
- block:
|
|
- name: Checking for existing cert
|
|
file:
|
|
path: /root/.ssh/ceph_admin
|
|
ignore_errors: true
|
|
register: cert
|
|
|
|
- debug:
|
|
msg: "{{ cert }}"
|
|
|
|
- name: Generate a new cert
|
|
shell: ssh-keygen -t rsa -b 4096 -N '' -f /.ssh/ceph_admin
|
|
when: cert.state == 'absent'
|
|
|
|
- name: Copy public key to a common area
|
|
copy:
|
|
src: /root/.ssh/ceph_admin.pub
|
|
dest: /tmp/ceph_admin.pub
|
|
remote_src: true
|
|
|
|
- name: Copy cert public to ansible control
|
|
fetch:
|
|
src: /tmp/ceph_admin.pub
|
|
dest: /tmp/ceph_admin.pub
|
|
flat: true
|
|
|
|
- name: Check for cephadm public key
|
|
file:
|
|
path: '~/ceph.pub'
|
|
ignore_errors: true
|
|
register: cephPub
|
|
|
|
# - debug:
|
|
# msg: "{{ cephPub }}"
|
|
|
|
- name: Export cephadm public key
|
|
shell: ceph cephadm get-pub-key > ~/ceph.pub
|
|
when: cephPub.state == 'absent'
|
|
|
|
- name: Copy cephadm public key to ansible control
|
|
fetch:
|
|
src: /root/ceph.pub
|
|
dest: /tmp/ceph.pub
|
|
flat: true
|
|
|
|
- name: Configure SSH on primary
|
|
template:
|
|
src: ssh.config.j2
|
|
dest: /root/.ssh/config
|
|
when: ceph_primary == true
|
|
|
|
- block:
|
|
- name: Copy cephadm public key to nodes
|
|
copy:
|
|
src: /tmp/ceph.pub
|
|
dest: /tmp/ceph.pub
|
|
|
|
- name: Copy ceph_admin public key to nodes
|
|
copy:
|
|
src: /tmp/ceph_admin.pub
|
|
dest: /tmp/ceph_admin.pub
|
|
|
|
- name: Add ceph_admin public key to authorized_key
|
|
authorized_key:
|
|
user: root
|
|
state: present
|
|
key: "{{ lookup('file', '/tmp/ceph_admin.pub') }}"
|
|
when: ceph_primary == false
|
|
|
|
|
|
- name: Add cephadm public key to authorized_key
|
|
authorized_key:
|
|
user: root
|
|
state: present
|
|
key: "{{ lookup('file', '/tmp/ceph.pub') }}"
|
|
|
|
- name: Backup the hosts file
|
|
copy:
|
|
src: /etc/hosts
|
|
dest: /etc/hosts.ceph
|
|
|
|
- name: Define cluster servers in the hosts file
|
|
lineinfile:
|
|
path: /etc/hosts
|
|
line: "{{ item.address }} {{ item.hostname }}"
|
|
with_items: "{{ ceph_hosts }}"
|