Merge branch 'main' into 8025-awxRefactor-debianBootStrap
This commit is contained in:
commit
fa8a788a94
|
@ -0,0 +1,17 @@
|
|||
Copyright (C) 2020 - Verdnatura Levante S.L.
|
||||
|
||||
This package is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
On Debian systems, the complete text of the GNU General Public
|
||||
License can be found in "/usr/share/common-licenses/GPL-3".
|
11
README.md
11
README.md
|
@ -18,15 +18,14 @@ Create a Python virtual environment.
|
|||
python3 -m venv venv
|
||||
source venv/bin/activate
|
||||
pip install --upgrade pip ansible==10.1.0 ansible-builder==3.1.0
|
||||
pip install -r requirements.txt
|
||||
```
|
||||
|
||||
Before running any Ansible command, activate the Python virtual environment.
|
||||
Before running any Python dependent command, activate the virtual environment.
|
||||
```
|
||||
source venv/bin/activate
|
||||
```
|
||||
|
||||
Once you're done, deactivate the virtual environment.
|
||||
Once you are done, deactivate the virtual environment.
|
||||
```
|
||||
deactivate
|
||||
```
|
||||
|
@ -35,14 +34,16 @@ deactivate
|
|||
|
||||
Install dependencies.
|
||||
```
|
||||
pip install -r requirements.txt
|
||||
ansible-galaxy collection install -r collections/requirements.yml
|
||||
```
|
||||
|
||||
## Run playbook
|
||||
|
||||
Before merging changes into protected branches, playbooks should be tested
|
||||
locally to ensure they work properly. The *local* inventory can also be used,
|
||||
wich is not uploaded to the repository.
|
||||
locally to ensure they work properly. The *inventories/local* inventory is not
|
||||
uploaded to the repository and can be used for local testing. In any case, it
|
||||
is advisable to use a different repository to store inventories.
|
||||
|
||||
Run playbook on inventory host.
|
||||
```
|
||||
|
|
|
@ -1,31 +0,0 @@
|
|||
[all:vars]
|
||||
host_domain=core.dc.verdnatura.es
|
||||
|
||||
[backup:vars]
|
||||
host_domain=backup.dc.verdnatura.es
|
||||
|
||||
[ceph]
|
||||
ceph[1:3]
|
||||
|
||||
[ceph_gw]
|
||||
ceph-gw[1:2]
|
||||
|
||||
[pve]
|
||||
pve[01:05]
|
||||
|
||||
[infra:children]
|
||||
ceph
|
||||
ceph_gw
|
||||
pve
|
||||
|
||||
[core]
|
||||
core-agent
|
||||
core-proxy
|
||||
|
||||
[backup]
|
||||
bacula-dir
|
||||
bacula-db
|
||||
bacularis
|
||||
backup-nas
|
||||
tftp
|
||||
kube-backup
|
|
@ -2,22 +2,22 @@ hostname_fqdn: "{{inventory_hostname_short}}.{{host_domain}}"
|
|||
ansible_host: "{{hostname_fqdn}}"
|
||||
passbolt: 'anatomicjc.passbolt.passbolt'
|
||||
passbolt_inventory: 'anatomicjc.passbolt.passbolt_inventory'
|
||||
sysadmin_mail: sysadmin@verdnatura.es
|
||||
sysadmin_mail: sysadmin@domain.local
|
||||
sysadmin_group: sysadmin
|
||||
smtp_server: smtp.verdnatura.es
|
||||
homes_server: homes.servers.dc.verdnatura.es
|
||||
nagios_server: nagios.verdnatura.es
|
||||
time_server: time1.verdnatura.es time2.verdnatura.es
|
||||
main_dns_server: ns1.verdnatura.es
|
||||
ldap_uri: ldap://ldap.verdnatura.es
|
||||
ldap_base: dc=verdnatura,dc=es
|
||||
smtp_server: smtp.domain.local
|
||||
homes_server: homes.domain.local
|
||||
nagios_server: nagios.domain.local
|
||||
time_server: time1.domain.local time2.domain.local
|
||||
main_dns_server: ns1.domain.local
|
||||
ldap_uri: ldap://ldap.domain.local
|
||||
ldap_base: dc=domain,dc=local
|
||||
dc_net: "10.0.0.0/16"
|
||||
resolvers:
|
||||
- '10.0.0.4'
|
||||
- '10.0.0.5'
|
||||
awx_email: awx@verdnatura.es
|
||||
- '8.8.8.8'
|
||||
- '8.8.4.4'
|
||||
awx_email: awx@domain.local
|
||||
awx_pub_key: >
|
||||
ssh-ed25519
|
||||
AAAAC3NzaC1lZDI1NTE5AAAAIKzAwWm+IsqZCgMzjdZ7Do3xWtVtoUCpWJpH7KSi2a/H
|
||||
awx@verdnatura.es
|
||||
passbolt_folder: e0d517be-6783-4b97-9742-acaa9b09742f
|
||||
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
||||
awx@domain.local
|
||||
passbolt_folder: 00000000-0000-0000-0000-000000000000
|
||||
|
|
|
@ -1,39 +0,0 @@
|
|||
[all:vars]
|
||||
host_domain=lab.verdnatura.es
|
||||
|
||||
[cephlab]
|
||||
cephlab[01:03]
|
||||
|
||||
[pvelab]
|
||||
pvelab[01:03]
|
||||
|
||||
[infra:children]
|
||||
cephlab
|
||||
pvelab
|
||||
|
||||
[cephtest]
|
||||
cephtest[01:03]
|
||||
|
||||
[kubepre]
|
||||
kubepre-helm
|
||||
kubepre-proxy1
|
||||
kubepre-master[1:3]
|
||||
kubepre-worker[1:4]
|
||||
|
||||
[kubetest]
|
||||
kubetest-helm
|
||||
kubetest-master[01:03]
|
||||
kubetest-worker[01:04]
|
||||
|
||||
[laboratory]
|
||||
ansible-test
|
||||
corelab-proxy1
|
||||
zammad
|
||||
matrix
|
||||
ansible-client
|
||||
|
||||
[guest:children]
|
||||
cephtest
|
||||
kubepre
|
||||
kubetest
|
||||
laboratory
|
|
@ -1,81 +0,0 @@
|
|||
[all:vars]
|
||||
host_domain=servers.dc.verdnatura.es
|
||||
|
||||
[kube_master]
|
||||
kube-master[1:5]
|
||||
|
||||
[kube_worker]
|
||||
kube-worker[1:5]
|
||||
|
||||
[kube_proxy]
|
||||
kube-proxy[1:2]
|
||||
|
||||
[kube_helper]
|
||||
kube-helm
|
||||
|
||||
[kubernetes:children]
|
||||
kube_master
|
||||
kube_worker
|
||||
kube_proxy
|
||||
kube_helper
|
||||
|
||||
[ad]
|
||||
dc[1:2]
|
||||
server
|
||||
|
||||
[db]
|
||||
db-proxy[1:2]
|
||||
db[1:2]
|
||||
|
||||
[ldap]
|
||||
ldap-proxy[1:2]
|
||||
ldap[1:3]
|
||||
|
||||
[mail]
|
||||
dovecot
|
||||
mailgw[1:2]
|
||||
postfix
|
||||
spamd
|
||||
spamd-db
|
||||
|
||||
[monitoring]
|
||||
cacti
|
||||
logger
|
||||
nagios
|
||||
nagiosql-db
|
||||
librenms
|
||||
|
||||
[network]
|
||||
dhcp[1:2]
|
||||
ns[1:2]
|
||||
unifi
|
||||
vpn
|
||||
time[1:2]
|
||||
|
||||
[princ]
|
||||
pbx
|
||||
homes
|
||||
doku
|
||||
iventoy
|
||||
|
||||
[rds]
|
||||
ts-proxy[1:2]
|
||||
profiles
|
||||
|
||||
[test]
|
||||
test-db1
|
||||
test-db-proxy[1:2]
|
||||
monthly-db
|
||||
dev-db
|
||||
|
||||
[guest:children]
|
||||
ad
|
||||
db
|
||||
kubernetes
|
||||
ldap
|
||||
mail
|
||||
monitoring
|
||||
network
|
||||
princ
|
||||
rds
|
||||
test
|
|
@ -0,0 +1,20 @@
|
|||
[all:vars]
|
||||
host_domain=domain.local
|
||||
|
||||
[pve:vars]
|
||||
host_domain=core.domain.local
|
||||
|
||||
[ceph]
|
||||
ceph[1:3]
|
||||
|
||||
[pve]
|
||||
pve[1:5]
|
||||
|
||||
[infra:children]
|
||||
ceph
|
||||
pve
|
||||
|
||||
[servers]
|
||||
server1 ansible_host=10.0.0.1
|
||||
server1 ansible_host=10.0.0.2
|
||||
server3 ansible_host=10.0.0.3
|
|
@ -5,8 +5,8 @@ EXTRA_ARGS=()
|
|||
if [ -f .passbolt.yml ]; then
|
||||
EXTRA_ARGS+=("--extra-vars" "@.passbolt.yml")
|
||||
fi
|
||||
if [ -f .vaultpass ]; then
|
||||
EXTRA_ARGS+=("--vault-password-file" ".vaultpass")
|
||||
if [ -f .vault-pass ]; then
|
||||
EXTRA_ARGS+=("--vault-password-file" ".vault-pass")
|
||||
fi
|
||||
|
||||
#export PYTHONPATH=./venv/lib/python3.12/site-packages/
|
||||
|
|
Loading…
Reference in New Issue