commit 5f802adeb6e654e20b7ea4eb553cd5c6bf0c228e Author: Christer Warén Date: Tue Jun 18 21:34:48 2024 +0300 Initial Commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..51fab92 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +!/collections/.gitkeep +/collections +/vault +__pycache__ diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..247bf3e --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,6 @@ +{ + "files.trimTrailingWhitespace": true, + "files.insertFinalNewline": true, + "files.trimFinalNewlines": true, + "editor.renderFinalNewline": false +} diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..d5ea22a --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2024 Warén Group + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..f2c8ed4 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +# MatteZ02 - Infra diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..7cab009 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,16 @@ +[defaults] +inventory = inventories/xxx +hash_behaviour = merge +gathering = smart +transport = local +display_skipped_hosts = false +interpreter_python = auto_silent +localhost_warning = false +collections_path = collections:~/.ansible/collections +inject_facts_as_vars = false +force_handlers = true +action_warnings = false +inventory_unparsed_warning = false + +[inventory] +host_pattern_mismatch = ignore diff --git a/files/.gitkeep b/files/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/install.sh b/install.sh new file mode 100644 index 0000000..fcb5f78 --- /dev/null +++ b/install.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +if [ ! "$BASH_VERSION" ] ; then + exit 1 +fi + +echo " +============================== + +MatteZ02 - Infra +Install Script + +------------------------------ +" + +stop () { + +echo " +============================== +" + +exit 1 + +} + +mkdir -p ~/.ssh &> /dev/null + +apt-get update &> /dev/null +apt-get install -y python3-pip python3-venv jq git curl &> /dev/null +python3 -m venv /opt/ansible &> /dev/null +/opt/ansible/bin/pip3 install ansible hvac netaddr jmespath pexpect &> /dev/null + +/opt/ansible/bin/ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null + +mkdir -p ~/.ansible &> /dev/null + +if [[ ! -f ~/.ansible/vault.yml ]] +then + echo -n "Vault Password: " + read PASSWORD + echo "$PASSWORD" > ~/.ansible/vault.yml +fi + +/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t installer + +echo " +============================== +" diff --git a/inventories/.gitkeep b/inventories/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/protect.sh b/protect.sh new file mode 100755 index 0000000..3bb5743 --- /dev/null +++ b/protect.sh @@ -0,0 +1,57 @@ +#!/bin/bash + +underline=`tput smul` +nounderline=`tput rmul` +bold=$(tput bold) +normal=$(tput sgr0) + +echo "${bold}MatteZ02 / Infra / Protect${normal}" +action=$1 + +encrypt() { + echo "${underline}Encrypting...${nounderline}" + execute "ansible-vault encrypt --vault-id default@vault/mkj" +} + +decrypt() { + echo "${underline}Decrypting...${nounderline}" + execute "ansible-vault decrypt --vault-id default@vault/mkj" +} + +list() { + echo "${underline}Listing...${nounderline}" + i=0 + for file in inventories/*/group_vars/* inventories/*/host_vars/*; + do + i=$((i + 1)) + echo $i")"$file + done +} + +execute() { +for file in inventories/*/group_vars/* inventories/*/host_vars/*; + do + i=$((i + 1)) + echo $i")"$file + $1 $file + done +} + + +case $action in + encrypt) + encrypt + ;; + decrypt) + decrypt + ;; + list) + list + ;; + help) + echo "encrypt, decrypt, list" + ;; + *) + echo "..." + ;; +esac diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..68b4a8e --- /dev/null +++ b/requirements.yml @@ -0,0 +1,3 @@ +--- +collections: + - containers.podman diff --git a/tasks.yml b/tasks.yml new file mode 100644 index 0000000..62bee9d --- /dev/null +++ b/tasks.yml @@ -0,0 +1,25 @@ +--- +- name: "Tasks" + hosts: all + module_defaults: + ansible.builtin.gather_facts: + gather_timeout: 10 + + tasks: + - name: "Installer" + import_tasks: tasks/installer.yml + tags: + - installer + - never + + - name: "Maintenance" + import_tasks: tasks/maintenance.yml + tags: + - maintenance + - never + + - name: "Deployer" + import_tasks: tasks/deployer.yml + tags: + - deployer + - never diff --git a/tasks/.gitkeep b/tasks/.gitkeep new file mode 100644 index 0000000..e69de29