Merge branch 'main' into 8025-awxRefactor-debianBootStrap

2024-10-15 16:17:09 +02:00 · 2024-10-15 16:17:09 +02:00 · fa8a788a94
parent 72e30fa606 070c526ce2
commit fa8a788a94
8 changed files with 59 additions and 172 deletions
--- a/17
+++ b/17
@ -0,0 +1,17 @@
 Copyright (C) 2020 - Verdnatura Levante S.L.
 This package is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program. If not, see <http://www.gnu.org/licenses/>.
 On Debian systems, the complete text of the GNU General Public
 License can be found in "/usr/share/common-licenses/GPL-3".
--- a/README.md
+++ b/README.md
@ -18,15 +18,14 @@ Create a Python virtual environment.
 python3 -m venv venv
 source venv/bin/activate
 pip install --upgrade pip ansible==10.1.0 ansible-builder==3.1.0
 pip install -r requirements.txt
 ```
-Before running any Ansible command, activate the Python virtual environment.
+Before running any Python dependent command, activate the virtual environment.
 ```
 source venv/bin/activate
 ```
-Once you're done, deactivate the virtual environment.
+Once you are done, deactivate the virtual environment.
 ```
 deactivate
 ```
@ -35,14 +34,16 @@ deactivate
 Install dependencies.
 ```
 pip install -r requirements.txt
 ansible-galaxy collection install -r collections/requirements.yml
 ```
 ## Run playbook
 Before merging changes into protected branches, playbooks should be tested 
-locally to ensure they work properly. The *local* inventory can also be used, 
+locally to ensure they work properly. The *inventories/local* inventory is not 
-wich is not uploaded to the repository.
+uploaded to the repository and can be used for local testing. In any case, it 
 is advisable to use a different repository to store inventories.
 Run playbook on inventory host.
 ```
--- a/inventories/core
+++ b/inventories/core
@ -1,31 +0,0 @@
 [all:vars]
 host_domain=core.dc.verdnatura.es
 [backup:vars]
 host_domain=backup.dc.verdnatura.es
 [ceph]
 ceph[1:3]
 [ceph_gw]
 ceph-gw[1:2]
 [pve]
 pve[01:05]
 [infra:children]
 ceph
 ceph_gw
 pve
 [core]
 core-agent
 core-proxy
 [backup]
 bacula-dir
 bacula-db
 bacularis
 backup-nas
 tftp
 kube-backup
--- a/inventories/group_vars/all.yml
+++ b/inventories/group_vars/all.yml
@ -2,22 +2,22 @@ hostname_fqdn: "{{inventory_hostname_short}}.{{host_domain}}"
 ansible_host: "{{hostname_fqdn}}"
 passbolt: 'anatomicjc.passbolt.passbolt'
 passbolt_inventory: 'anatomicjc.passbolt.passbolt_inventory'
-sysadmin_mail: sysadmin@verdnatura.es
+sysadmin_mail: sysadmin@domain.local
 sysadmin_group: sysadmin
-smtp_server: smtp.verdnatura.es
+smtp_server: smtp.domain.local
-homes_server: homes.servers.dc.verdnatura.es
+homes_server: homes.domain.local
-nagios_server: nagios.verdnatura.es
+nagios_server: nagios.domain.local
-time_server: time1.verdnatura.es time2.verdnatura.es
+time_server: time1.domain.local time2.domain.local
-main_dns_server: ns1.verdnatura.es
+main_dns_server: ns1.domain.local
-ldap_uri: ldap://ldap.verdnatura.es
+ldap_uri: ldap://ldap.domain.local
-ldap_base: dc=verdnatura,dc=es
+ldap_base: dc=domain,dc=local
 dc_net: "10.0.0.0/16"
 resolvers:
-  - '10.0.0.4'
+  - '8.8.8.8'
-  - '10.0.0.5'
+  - '8.8.4.4'
-awx_email: awx@verdnatura.es
+awx_email: awx@domain.local
 awx_pub_key: >
  ssh-ed25519 
-  AAAAC3NzaC1lZDI1NTE5AAAAIKzAwWm+IsqZCgMzjdZ7Do3xWtVtoUCpWJpH7KSi2a/H 
+  AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 
-  awx@verdnatura.es
+  awx@domain.local
-passbolt_folder: e0d517be-6783-4b97-9742-acaa9b09742f
+passbolt_folder: 00000000-0000-0000-0000-000000000000
--- a/inventories/lab
+++ b/inventories/lab
@ -1,39 +0,0 @@
 [all:vars]
 host_domain=lab.verdnatura.es
 [cephlab]
 cephlab[01:03]
 [pvelab]
 pvelab[01:03]
 [infra:children]
 cephlab
 pvelab
 [cephtest]
 cephtest[01:03]
 [kubepre]
 kubepre-helm
 kubepre-proxy1
 kubepre-master[1:3]
 kubepre-worker[1:4]
 [kubetest]
 kubetest-helm
 kubetest-master[01:03]
 kubetest-worker[01:04]
 [laboratory]
 ansible-test
 corelab-proxy1
 zammad
 matrix
 ansible-client
 [guest:children]
 cephtest
 kubepre
 kubetest
 laboratory
--- a/inventories/servers
+++ b/inventories/servers
@ -1,81 +0,0 @@
 [all:vars]
 host_domain=servers.dc.verdnatura.es
 [kube_master]
 kube-master[1:5]
 [kube_worker]
 kube-worker[1:5]
 [kube_proxy]
 kube-proxy[1:2]
 [kube_helper]
 kube-helm
 [kubernetes:children]
 kube_master
 kube_worker
 kube_proxy
 kube_helper
 [ad]
 dc[1:2]
 server
 [db]
 db-proxy[1:2]
 db[1:2]
 [ldap]
 ldap-proxy[1:2]
 ldap[1:3]
 [mail]
 dovecot
 mailgw[1:2]
 postfix
 spamd
 spamd-db
 [monitoring]
 cacti
 logger
 nagios
 nagiosql-db
 librenms
 [network]
 dhcp[1:2]
 ns[1:2]
 unifi
 vpn
 time[1:2]
 [princ]
 pbx
 homes
 doku
 iventoy
 [rds]
 ts-proxy[1:2]
 profiles
 [test]
 test-db1
 test-db-proxy[1:2]
 monthly-db
 dev-db
 [guest:children]
 ad
 db
 kubernetes
 ldap
 mail
 monitoring
 network
 princ
 rds
 test
--- a/inventories/template
+++ b/inventories/template
@ -0,0 +1,20 @@
 [all:vars]
 host_domain=domain.local
 [pve:vars]
 host_domain=core.domain.local
 [ceph]
 ceph[1:3]
 [pve]
 pve[1:5]
 [infra:children]
 ceph
 pve
 [servers]
 server1   ansible_host=10.0.0.1
 server1   ansible_host=10.0.0.2
 server3   ansible_host=10.0.0.3
--- a/run-playbook.sh
+++ b/run-playbook.sh
@ -5,8 +5,8 @@ EXTRA_ARGS=()
 if [ -f .passbolt.yml ]; then
    EXTRA_ARGS+=("--extra-vars" "@.passbolt.yml")
 fi
-if [ -f .vaultpass ]; then
+if [ -f .vault-pass ]; then
-    EXTRA_ARGS+=("--vault-password-file" ".vaultpass")
+    EXTRA_ARGS+=("--vault-password-file" ".vault-pass")
 fi
 #export PYTHONPATH=./venv/lib/python3.12/site-packages/