Initial Commit

2024-09-16 11:21:09 +00:00 · 2024-06-18 21:34:48 +03:00 · 2024-06-18 21:34:48 +03:00 · 5f802adeb6
commit 5f802adeb6
12 changed files with 181 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,4 @@
+!/collections/.gitkeep
+/collections
+/vault
+__pycache__
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -0,0 +1,6 @@
+{
+    "files.trimTrailingWhitespace": true,
+    "files.insertFinalNewline": true,
+    "files.trimFinalNewlines": true,
+    "editor.renderFinalNewline": false
+}
--- a/21
+++ b/21
@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Warén Group
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/README.md
+++ b/README.md
@ -0,0 +1 @@
+# MatteZ02 - Infra
--- a/ansible.cfg
+++ b/ansible.cfg
@ -0,0 +1,16 @@
+[defaults]
+inventory = inventories/xxx
+hash_behaviour = merge
+gathering = smart
+transport = local
+display_skipped_hosts = false
+interpreter_python = auto_silent
+localhost_warning = false
+collections_path = collections:~/.ansible/collections
+inject_facts_as_vars = false
+force_handlers = true
+action_warnings = false
+inventory_unparsed_warning = false
+
+[inventory]
+host_pattern_mismatch = ignore
--- a/files/.gitkeep
+++ b/files/.gitkeep
--- a/install.sh
+++ b/install.sh
@ -0,0 +1,48 @@
+#!/bin/bash
+
+if [ ! "$BASH_VERSION" ] ; then
+    exit 1
+fi
+
+echo "
+==============================
+
+MatteZ02 - Infra
+Install Script
+
+------------------------------
+"
+
+stop () {
+
+echo "
+==============================
+"
+
+exit 1
+
+}
+
+mkdir -p ~/.ssh &> /dev/null
+
+apt-get update &> /dev/null
+apt-get install -y python3-pip python3-venv jq git curl &> /dev/null
+python3 -m venv /opt/ansible &> /dev/null
+/opt/ansible/bin/pip3 install ansible hvac netaddr jmespath pexpect &> /dev/null
+
+/opt/ansible/bin/ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
+
+mkdir -p ~/.ansible &> /dev/null
+
+if [[ ! -f ~/.ansible/vault.yml ]]
+then
+    echo -n "Vault Password: "
+    read PASSWORD
+    echo "$PASSWORD" > ~/.ansible/vault.yml
+fi
+
+/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t installer
+
+echo "
+==============================
+"
--- a/inventories/.gitkeep
+++ b/inventories/.gitkeep
--- a/protect.sh
+++ b/protect.sh
@ -0,0 +1,57 @@
+#!/bin/bash
+
+underline=`tput smul`
+nounderline=`tput rmul`
+bold=$(tput bold)
+normal=$(tput sgr0)
+
+echo "${bold}MatteZ02 / Infra / Protect${normal}"
+action=$1
+
+encrypt() {
+    echo "${underline}Encrypting...${nounderline}"
+    execute "ansible-vault encrypt --vault-id default@vault/mkj"
+}
+
+decrypt() {
+    echo "${underline}Decrypting...${nounderline}"
+    execute "ansible-vault decrypt --vault-id default@vault/mkj"
+}
+
+list() {
+    echo "${underline}Listing...${nounderline}"
+    i=0
+    for file in inventories/*/group_vars/* inventories/*/host_vars/*;
+    do
+        i=$((i + 1))
+        echo $i")"$file
+    done
+}
+
+execute() {
+for file in inventories/*/group_vars/* inventories/*/host_vars/*;
+    do
+        i=$((i + 1))
+        echo $i")"$file
+        $1 $file
+    done
+}
+
+
+case $action in
+    encrypt)
+        encrypt
+        ;;
+    decrypt)
+        decrypt
+        ;;
+    list)
+        list
+        ;;
+    help)
+        echo "encrypt, decrypt, list"
+        ;;
+    *)
+        echo "..."
+        ;;
+esac
--- a/requirements.yml
+++ b/requirements.yml
@ -0,0 +1,3 @@
+---
+collections:
+  - containers.podman
--- a/tasks.yml
+++ b/tasks.yml
@ -0,0 +1,25 @@
+---
+- name: "Tasks"
+  hosts: all
+  module_defaults:
+    ansible.builtin.gather_facts:
+        gather_timeout: 10
+
+  tasks:
+    - name: "Installer"
+      import_tasks: tasks/installer.yml
+      tags:
+        - installer
+        - never
+
+    - name: "Maintenance"
+      import_tasks: tasks/maintenance.yml
+      tags:
+        - maintenance
+        - never
+
+    - name: "Deployer"
+      import_tasks: tasks/deployer.yml
+      tags:
+        - deployer
+        - never
--- a/tasks/.gitkeep
+++ b/tasks/.gitkeep