cwchristerw/tjas-infra
1
0
Fork 0
mirror of https://github.com/cwchristerw/tjas-infra synced 2025-12-02 11:33:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: cwchristerw:8d04583f0f6a75c69cd40c483cb8a570f063cf7b
Branches Tags
cwchristerw:master
...
compare: cwchristerw:da74f99bb79f26463613700336925603f364faba
Branches Tags
cwchristerw:master

3 Commits
8d04583f0f ... da74f99bb7

Author SHA1 Message Date
Christer Warén
da74f99bb7 Move Ansible to different directory 2025-09-30 12:12:04 +03:00
Christer Warén
d8f5a8fd77 Init: Move Ansible to different directory and remove sudo 2025-09-30 11:59:45 +03:00
Christer Warén
61e167e43f INSTRUCTIONS: Kirjaudu pääkäyttäjänä tai kohota oikeudet 2025-09-30 11:58:07 +03:00
6 changed files with 158 additions and 58 deletions
Expand all files Collapse all files

12
INSTRUCTIONS.md
View File

@@ -18,14 +18,16 @@
2. Vaihda oletusarvoinen käyttöjärjestelmä `wsl --set-default Debian`
3. Käynnistä uudelleen käyttöjärjestelmä `wsl -t Debian`
4. Sulje ikkuna
6. Avaa Debian käynnistävalikosta tai suorita Powershellissä komento järjestelmänvalvojana `wsl -d Debian`
7. Asenna curl-paketti käyttämällä APT-paketinhallintaa `sudo apt update && sudo apt install curl`
8. Lataa ja suorita Init.sh skripti `bash <(curl https://raw.githubusercontent.com/cwchristerw/tjas-infra/refs/heads/master/init.sh)`
6. Avaa Debian käynnistävalikosta tai suorita Powershellissä komento järjestelmänvalvojana `wsl -d Debian`
7. Kohota oikeudet `sudo su`
8. Asenna curl-paketti käyttämällä APT-paketinhallintaa `apt update && apt install curl`
9. Lataa ja suorita Init.sh skripti `bash <(curl https://raw.githubusercontent.com/cwchristerw/tjas-infra/refs/heads/master/init.sh)`
**Palvelimen asennus**
1. Asenna Debian-käyttöjärjestelmä
2. Asenna curl-paketti käyttämällä APT-paketinhallintaa `apt update && apt install curl`
3. Lataa ja suorita Init.sh skripti `bash <(curl https://raw.githubusercontent.com/cwchristerw/tjas-infra/refs/heads/master/init.sh)`
2. Kirjaudu root käyttäjänä tai kohota oikeudet `sudo su`
3. Asenna curl-paketti käyttämällä APT-paketinhallintaa `apt update && apt install curl`
4. Lataa ja suorita Init.sh skripti `bash <(curl https://raw.githubusercontent.com/cwchristerw/tjas-infra/refs/heads/master/init.sh)`
**Verkkolaitteiden konfigurointi**
1. Kytke verkkolaitteen Console (Ethernet) porttiin serial portti adapteri sekä yhdistä siihen serial portti USB-adapteri

14
init.sh
View File

@@ -38,27 +38,27 @@ exit 1
}
ti-header "Haetaan pakettien tiedot..."
sudo apt update
apt update
echo -e "\n\n"
ti-header "Asennetaan Ansiblen järjestelmäpaketti riippuvuudet..."
sudo apt-get install -y python3-pip python3-venv jq git curl lsb-release
apt-get install -y python3-pip python3-venv jq git curl lsb-release
echo -e "\n\n"
ti-header "Luodaan Ansiblelle virtuaalinen ympäristö..."
python3 -m venv $HOME/.venv/ansible
python3 -m venv /opt/ansible
echo -e "\n\n"
ti-header "Asennetaan Ansiblen Python-kirjasto riippuvuudet..."
$HOME/.venv/ansible/bin/pip3 install cryptography dnspython hvac jmespath netaddr pexpect
/opt/ansible/bin/pip3 install cryptography dnspython hvac jmespath netaddr pexpect
echo -e "\n\n"
ti-header "Asennetaan Ansible..."
$HOME/.venv/ansible/bin/pip3 install ansible
/opt/ansible/bin/pip3 install ansible
echo -e "\n\n"
ti-header "Asennetaan Ansible kokoelmat..."
$HOME/.venv/ansible/bin/ansible-galaxy collection install ansible.posix containers.podman --upgrade
/opt/ansible/bin/ansible-galaxy collection install ansible.posix containers.podman --upgrade
echo -e "\n\n"
mkdir -p $HOME/.ssh/keys &> /dev/null
@@ -97,7 +97,7 @@ then
fi
ti-header "Suoritetaan Infran asennus..."
$HOME/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d $HOME/.ansible/pull/infra --accept-host-key --private-key $HOME/.ssh/keys/infra --vault-password-file $HOME/.ansible/vault/infra tasks.yml -t installer
/opt/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d $HOME/.ansible/pull/infra --accept-host-key --private-key $HOME/.ssh/keys/infra --vault-password-file $HOME/.ansible/vault/infra tasks.yml -t installer
echo -e "\n\n"
echo "

6
tasks.yml
View File

@@ -8,8 +8,6 @@
tasks:
- name: "Installer"
import_tasks: tasks/installer.yml
vars:
ansible_python_interpreter: "/root/.venv/ansible/bin/python3"
when:
- inventory_hostname == "olympus.juva.tjas"
tags:
@@ -18,8 +16,6 @@
- name: "Maintenance"
import_tasks: tasks/maintenance.yml
vars:
ansible_python_interpreter: "/root/.venv/ansible/bin/python3"
when:
- inventory_hostname == "olympus.juva.tjas"
tags:
@@ -28,8 +24,6 @@
- name: "Deployer"
import_tasks: tasks/deployer.yml
vars:
ansible_python_interpreter: "/root/.venv/ansible/bin/python3"
when:
- inventory_hostname == "olympus.juva.tjas"
tags:

83
tasks/installer.yml
View File

@@ -1,35 +1,35 @@
---
- name: "Init : Python 3 : Install"
- name: "Installer : Python 3 : Install"
ansible.builtin.raw: apt install -y python3 python3-pip python3-setuptools python3-venv python3-dev
register: task
changed_when:
- "task.stdout.find('0 upgraded, 0 newly installed, 0 to remove') == -1"
- name: "Init: Python 3 : Libraries - APT"
- name: "Installer: Python 3 : Libraries - APT"
ansible.builtin.raw: apt install -y python3-apt
register: task
changed_when:
- "task.stdout.find('0 upgraded, 0 newly installed, 0 to remove') == -1"
- name: "Init : Python 3 : Configure - Virtual Environment : Test"
ansible.builtin.raw: "/root/.venv/ansible/bin/pip3"
- name: "Installer : Python 3 : Configure - Virtual Environment : Test"
ansible.builtin.raw: "/opt/ansible/bin/pip3"
register: task632
changed_when: false
failed_when: false
- name: "Init : Python 3 : Configure - Virtual Environment : Delete"
- name: "Installer : Python 3 : Configure - Virtual Environment : Delete"
ansible.builtin.file:
path: "/root/.venv/ansible"
path: "/opt/ansible"
state: absent
when:
- "task632.stdout.find(\"ModuleNotFoundError: No module named 'pip'\") != -1"
- name: "Init : Python 3 : Configure - Virtual Environment : Create"
- name: "Installer : Python 3 : Configure - Virtual Environment : Create"
ansible.builtin.pip:
name: pip
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
- name: "Installer : Tools : Install"
@@ -150,12 +150,47 @@
- firewalld
- firewall
- name: "Installer : Ansible : Dependencies - Packages (APT / Debian & Ubuntu & Linux Mint)"
ansible.builtin.apt:
name: "{{ packages }}"
state: latest
vars:
ansible_python_interpreter: /usr/bin/python3
packages:
- sshpass
- lsb-release
loop: "{{ packages }}"
loop_control:
label: "{{ package }}"
loop_var: "package"
- name: "Installer : Ansible : Dependencies - Python Libraries"
ansible.builtin.pip:
name: "{{ library }}"
state: latest
extra_args: --upgrade
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
vars:
libraries:
- cryptography
- dnspython
- hvac
- jmespath
- netaddr
- pexpect
- xmltodict
loop: "{{ libraries }}"
loop_control:
label: "{{ library }}"
loop_var: "library"
- name: "Installer - Ansible - Python Library"
ansible.builtin.pip:
name: ansible
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
tags:
- ansible
@@ -169,7 +204,7 @@
- name: "Installer : Ansible : Create Symbolic Links"
ansible.builtin.file:
src: /root/.venv/ansible/bin/{{ binary }}
src: /opt/ansible/bin/{{ binary }}
dest: /root/bin/{{ binary }}
state: link
vars:
@@ -192,34 +227,12 @@
tags:
- ansible
- name: "Installer - Ansible - Dependencies - Python Libraries"
ansible.builtin.pip:
name: "{{ library }}"
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv_command: "python3 -m venv"
vars:
libraries:
- cryptography
- dnspython
- hvac
- jmespath
- netaddr
- pexpect
loop: "{{ libraries }}"
loop_control:
label: "{{ library }}"
loop_var: "library"
tags:
- ansible
- name: "Installer : MariaDB : Dependencies - Python Library : pymysql"
ansible.builtin.pip:
name: pymysql
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
tags:
- mariadb
@@ -250,7 +263,7 @@
name: "Tietojärjestelmäasentajien Infra - Maintenance"
hour: "*/3"
minute: "0"
job: "/root/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t maintenance"
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t maintenance"
tags:
- cron
@@ -258,6 +271,6 @@
ansible.builtin.cron:
name: "Tietojärjestelmäasentajien Infra - Deployer"
minute: "*/5"
job: "/root/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t deployer"
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t deployer"
tags:
- cron

6
tasks/maintenance.yml
View File

@@ -4,7 +4,7 @@
name: "{{ library }}"
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
vars:
libraries:
@@ -24,7 +24,7 @@
name: ansible
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
- name: "Maintenance : MariaDB : Dependencies / Python Library : pymysql"
@@ -32,7 +32,7 @@
name: pymysql
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
- name: "Maintenance : Podman : Prune"

95
tasks/migrater.yml
View File

@@ -10,18 +10,109 @@
- src: /root/.ansible/vault/{{ location | lower | replace('.', '') | replace(' ', '-') }}/infra
dest: /root/.ansible/vault/infra
- name: "Migrater : Python 3 : Configure - Virtual Environment : Test"
ansible.builtin.raw: "/opt/ansible/bin/pip3"
register: task632
changed_when: false
failed_when: false
- name: "Migrater : Python 3 : Configure - Virtual Environment : Delete"
ansible.builtin.file:
path: "/opt/ansible"
state: absent
when:
- "task632.stdout.find(\"ModuleNotFoundError: No module named 'pip'\") != -1"
- name: "Migrater : Python 3 : Configure - Virtual Environment : Create"
ansible.builtin.pip:
name: pip
state: latest
extra_args: --upgrade
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
- name: "Migrater : Ansible : Dependencies - Packages"
ansible.builtin.apt:
name: "{{ packages }}"
state: latest
vars:
ansible_python_interpreter: /usr/bin/python3
packages:
- sshpass
- lsb-release
loop: "{{ packages }}"
loop_control:
label: "{{ package }}"
loop_var: "package"
- name: "Migrater : Ansible : Dependencies - Python Libraries"
ansible.builtin.pip:
name: "{{ library }}"
state: latest
extra_args: --upgrade
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
vars:
libraries:
- cryptography
- dnspython
- hvac
- jmespath
- netaddr
- pexpect
- xmltodict
loop: "{{ libraries }}"
loop_control:
label: "{{ library }}"
loop_var: "library"
- name: "Migrater - Ansible - Python Library"
ansible.builtin.pip:
name: ansible
state: latest
extra_args: --upgrade
virtualenv: /opt/ansible
virtualenv_command: "python3 -m venv"
tags:
- ansible
- name: "Migrater : Ansible : Create Symbolic Links"
ansible.builtin.file:
src: /opt/ansible/bin/{{ binary }}
dest: /bin/{{ binary }}
state: link
vars:
binaries:
- ansible
- ansible-community
- ansible-config
- ansible-console
- ansible-doc
- ansible-galaxy
- ansible-inventory
- ansible-playbook
- ansible-pull
- ansible-test
- ansible-vault
loop: "{{ binaries }}"
loop_control:
label: "{{ binary }}"
loop_var: "binary"
tags:
- ansible
- name: "Migrater - Schedule : Maintenance"
ansible.builtin.cron:
name: "Tietojärjestelmäasentajien Infra - Maintenance"
hour: "*/3"
minute: "0"
job: "/root/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t maintenance"
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t maintenance"
- name: "Migrater - Schedule : Maintenance"
ansible.builtin.cron:
name: "Tietojärjestelmäasentajien Infra - Maintenance"
minute: "*/5"
job: "/root/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t deployer"
job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/infra --accept-host-key --private-key /root/.ssh/keys/infra --vault-password-file /root/.ansible/vault/infra tasks.yml -t deployer"
- name: "Migrater - Schedule : Deployer"
ansible.builtin.cron: