mirror of
https://github.com/MatteZ02/infra.git
synced 2024-11-09 20:40:18 +00:00
Update
This commit is contained in:
parent
f226606aa5
commit
b26fb7d6ab
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,3 +1,4 @@
|
|||||||
!/collections/.gitkeep
|
!/collections/.gitkeep
|
||||||
/collections
|
/collections
|
||||||
|
/vault
|
||||||
__pycache__
|
__pycache__
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
[defaults]
|
[defaults]
|
||||||
inventory = inventory.yml
|
inventory = inventories/mpp
|
||||||
hash_behaviour = merge
|
hash_behaviour = merge
|
||||||
gathering = smart
|
gathering = smart
|
||||||
transport = local
|
transport = local
|
||||||
|
@ -2,4 +2,4 @@
|
|||||||
|
|
||||||
echo -n "$CERTBOT_VALIDATION" > /root/nginx/html/.well-known/acme-challenge/$CERTBOT_TOKEN
|
echo -n "$CERTBOT_VALIDATION" > /root/nginx/html/.well-known/acme-challenge/$CERTBOT_TOKEN
|
||||||
mkdir -p /root/nginx/html/.well-known/acme-challenge
|
mkdir -p /root/nginx/html/.well-known/acme-challenge
|
||||||
/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-ansible --private-key ~/.ssh/id_rsa tasks.yml -t nginx &> /dev/null
|
/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t nginx &> /dev/null
|
||||||
|
@ -1,59 +0,0 @@
|
|||||||
<!DOCTYPE html>
|
|
||||||
<html lang="en">
|
|
||||||
<head>
|
|
||||||
<title>{{ ansible_facts.fqdn }}</title>
|
|
||||||
<meta charset="UTF-8">
|
|
||||||
<meta name="robots" content="noindex">
|
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
||||||
|
|
||||||
<style>
|
|
||||||
body {
|
|
||||||
background-color: #333333;
|
|
||||||
width: 100vw;
|
|
||||||
height: 100vh;
|
|
||||||
margin: 0;
|
|
||||||
display: flex;
|
|
||||||
align-items: center;
|
|
||||||
justify-content: center;
|
|
||||||
text-align: center;
|
|
||||||
}
|
|
||||||
|
|
||||||
*, *:active, *:focus, *:hover, *:visited, *:link {
|
|
||||||
color: #ffffff;
|
|
||||||
font-family: sans-serif;
|
|
||||||
}
|
|
||||||
|
|
||||||
p {
|
|
||||||
margin-bottom: 0px;
|
|
||||||
margin-top: 0px;
|
|
||||||
}
|
|
||||||
|
|
||||||
.org {
|
|
||||||
font-size: xx-large;
|
|
||||||
}
|
|
||||||
|
|
||||||
.link {
|
|
||||||
margin-top: 10px;
|
|
||||||
}
|
|
||||||
|
|
||||||
.server {
|
|
||||||
margin-top: 50px;
|
|
||||||
}
|
|
||||||
|
|
||||||
.server * {
|
|
||||||
color: #555555;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<div>
|
|
||||||
<p class="org">Musix Org</p>
|
|
||||||
<p class="link"><a href="https://musix-org.com">Visit website</a></p>
|
|
||||||
|
|
||||||
<div class="server">
|
|
||||||
<p class="name">{{ ansible_facts.fqdn }}</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</body>
|
|
||||||
</html>
|
|
14
install.sh
14
install.sh
@ -7,7 +7,7 @@ fi
|
|||||||
echo "
|
echo "
|
||||||
==============================
|
==============================
|
||||||
|
|
||||||
Multi Platform Project - Ansible
|
MPP - Infra
|
||||||
Install Script
|
Install Script
|
||||||
|
|
||||||
------------------------------
|
------------------------------
|
||||||
@ -31,8 +31,18 @@ python3 -m venv /opt/ansible &> /dev/null
|
|||||||
|
|
||||||
/opt/ansible/bin/ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
/opt/ansible/bin/ansible-galaxy collection install -r requirements.yml --upgrade &> /dev/null
|
||||||
|
|
||||||
/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-ansible --private-key ~/.ssh/id_rsa tasks.yml -t installer
|
mkdir -p ~/.ansible &> /dev/null
|
||||||
|
|
||||||
|
if [[ ! -f ~/.ansible/vault.yml ]]
|
||||||
|
then
|
||||||
|
echo -n "Vault Password: "
|
||||||
|
read PASSWORD
|
||||||
|
echo "$PASSWORD" > ~/.ansible/vault.yml
|
||||||
|
fi
|
||||||
|
|
||||||
|
ssh-keyscan github.com 1> ~/.ssh/known_hosts 2> /dev/null
|
||||||
|
|
||||||
|
/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-ansible --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t installer
|
||||||
|
|
||||||
echo "
|
echo "
|
||||||
==============================
|
==============================
|
||||||
|
14
inventories/mpp/host_vars/mpp
Normal file
14
inventories/mpp/host_vars/mpp
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
36633733326433396538646338333139653337336137336662666538363861353933386536313164
|
||||||
|
3532643739643661356161653064346436623531656134610a363565386431393536626238356331
|
||||||
|
31326564633533613763366431353661663238313562333763623638653832663236633266373437
|
||||||
|
3061373230313636610a333834303633626663353237396237376465303631396363396535393932
|
||||||
|
61636661373930323931643062343538623231643835636662316138646161626436323937366333
|
||||||
|
35653031363730613166353033343038616534343464393761363033356133306164646666306536
|
||||||
|
31643061333537393333623633366463303335646336656635343434396233333032383037613934
|
||||||
|
31653262396436336537666563376463663430356564623034316634333139656333373863623433
|
||||||
|
63663563383139663561356539393939366333363033666636653763373339336239356334633432
|
||||||
|
37643264386531653265643637373363633038663532333531613963633039653134633465316239
|
||||||
|
34626366373465646535643139363539633138653133623164616431353730313461616638373166
|
||||||
|
34626363643334643663633561336566393437356338343339313661623136323839313066356164
|
||||||
|
65353038626338663736356330333464363366373731646636633064373031616663
|
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
all:
|
all:
|
||||||
hosts:
|
hosts:
|
||||||
localhost:
|
mpp:
|
||||||
vars:
|
vars:
|
||||||
ansible_connection: local
|
ansible_connection: local
|
||||||
ansible_python_interpreter: "{{ansible_playbook_python}}"
|
ansible_python_interpreter: "{{ansible_playbook_python}}"
|
57
protect.sh
Executable file
57
protect.sh
Executable file
@ -0,0 +1,57 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
underline=`tput smul`
|
||||||
|
nounderline=`tput rmul`
|
||||||
|
bold=$(tput bold)
|
||||||
|
normal=$(tput sgr0)
|
||||||
|
|
||||||
|
echo "${bold}MPP / Infra / Protect${normal}"
|
||||||
|
action=$1
|
||||||
|
|
||||||
|
encrypt() {
|
||||||
|
echo "${underline}Encrypting...${nounderline}"
|
||||||
|
execute "ansible-vault encrypt --vault-id default@vault/mpp"
|
||||||
|
}
|
||||||
|
|
||||||
|
decrypt() {
|
||||||
|
echo "${underline}Decrypting...${nounderline}"
|
||||||
|
execute "ansible-vault decrypt --vault-id default@vault/mpp"
|
||||||
|
}
|
||||||
|
|
||||||
|
list() {
|
||||||
|
echo "${underline}Listing...${nounderline}"
|
||||||
|
i=0
|
||||||
|
for file in inventories/*/group_vars/* inventories/*/host_vars/*;
|
||||||
|
do
|
||||||
|
i=$((i + 1))
|
||||||
|
echo $i")"$file
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
execute() {
|
||||||
|
for file in inventories/*/group_vars/* inventories/*/host_vars/*;
|
||||||
|
do
|
||||||
|
i=$((i + 1))
|
||||||
|
echo $i")"$file
|
||||||
|
$1 $file
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
case $action in
|
||||||
|
encrypt)
|
||||||
|
encrypt
|
||||||
|
;;
|
||||||
|
decrypt)
|
||||||
|
decrypt
|
||||||
|
;;
|
||||||
|
list)
|
||||||
|
list
|
||||||
|
;;
|
||||||
|
help)
|
||||||
|
echo "encrypt, decrypt, list"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "..."
|
||||||
|
;;
|
||||||
|
esac
|
@ -35,7 +35,7 @@
|
|||||||
- "/root/mariadb:/var/lib/mysql"
|
- "/root/mariadb:/var/lib/mysql"
|
||||||
restart_policy: always
|
restart_policy: always
|
||||||
env:
|
env:
|
||||||
MYSQL_ROOT_PASSWORD: "y9ZmTmUKLaRrZ4SA"
|
MYSQL_ROOT_PASSWORD: "{{ secrets.mariadb.users.root.password }}"
|
||||||
register: deployerTask102
|
register: deployerTask102
|
||||||
when:
|
when:
|
||||||
- (deployerTask101 is defined and deployerTask101.changed) or deployerTask101 is undefined
|
- (deployerTask101 is defined and deployerTask101.changed) or deployerTask101 is undefined
|
||||||
@ -55,7 +55,7 @@
|
|||||||
- name: "Deployer - MariaDB - Upgrade"
|
- name: "Deployer - MariaDB - Upgrade"
|
||||||
containers.podman.podman_container_exec:
|
containers.podman.podman_container_exec:
|
||||||
name: mariadb
|
name: mariadb
|
||||||
command: "mariadb-upgrade --host=127.0.0.1 --user=root --password=y9ZmTmUKLaRrZ4SA"
|
command: "mariadb-upgrade --host=127.0.0.1 --user=root --password={{ secrets.mariadb.users.root.password }}"
|
||||||
register: task
|
register: task
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
changed_when:
|
changed_when:
|
||||||
@ -70,10 +70,10 @@
|
|||||||
mysql_user:
|
mysql_user:
|
||||||
login_host: "127.0.0.1"
|
login_host: "127.0.0.1"
|
||||||
login_user: root
|
login_user: root
|
||||||
login_password: "y9ZmTmUKLaRrZ4SA"
|
login_password: "{{ secrets.mariadb.users.root.password }}"
|
||||||
name: "mpp"
|
name: "mpp"
|
||||||
host: "%"
|
host: "%"
|
||||||
password: "JRrnk4Gia9gn24y5"
|
password: "{{ secrets.mariadb.users.mpp.password }}"
|
||||||
priv: "mpp.*:ALL"
|
priv: "mpp.*:ALL"
|
||||||
vars:
|
vars:
|
||||||
ansible_python_interpreter: "/opt/ansible/bin/python3"
|
ansible_python_interpreter: "/opt/ansible/bin/python3"
|
||||||
@ -86,7 +86,7 @@
|
|||||||
mysql_db:
|
mysql_db:
|
||||||
login_host: "127.0.0.1"
|
login_host: "127.0.0.1"
|
||||||
login_user: "mpp"
|
login_user: "mpp"
|
||||||
login_password: "JRrnk4Gia9gn24y5"
|
login_password: "{{ secrets.mariadb.users.mpp.password }}"
|
||||||
name: "mpp"
|
name: "mpp"
|
||||||
vars:
|
vars:
|
||||||
ansible_python_interpreter: "/opt/ansible/bin/python3"
|
ansible_python_interpreter: "/opt/ansible/bin/python3"
|
||||||
|
@ -171,7 +171,7 @@
|
|||||||
name: Maintenance
|
name: Maintenance
|
||||||
hour: "*/3"
|
hour: "*/3"
|
||||||
minute: "0"
|
minute: "0"
|
||||||
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-infra --accept-host-key --private-key ~/.ssh/id_rsa tasks.yml -t maintenance"
|
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t maintenance"
|
||||||
tags:
|
tags:
|
||||||
- cron
|
- cron
|
||||||
|
|
||||||
@ -179,6 +179,6 @@
|
|||||||
cron:
|
cron:
|
||||||
name: Deployer
|
name: Deployer
|
||||||
minute: "*/5"
|
minute: "*/5"
|
||||||
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-infra --accept-host-key --private-key ~/.ssh/id_rsa tasks.yml -t deployer"
|
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mpp-infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t deployer"
|
||||||
tags:
|
tags:
|
||||||
- cron
|
- cron
|
||||||
|
Loading…
Reference in New Issue
Block a user