cwchristerw/tjas-infra
1
0
Fork 0
mirror of https://github.com/cwchristerw/tjas-infra synced 2025-09-01 08:59:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5008c1be97eb52db9c0ac642471cf3f52a6ef657
tjas-infra/tasks/installer.yml
Christer Warén 5008c1be97 Allow DHCP & DNS from FirewallD
2025-08-26 12:49:41 +03:00

257 lines
6.1 KiB
YAML
Raw Blame History

---
- name: "Init : Python 3 : Install"
ansible.builtin.raw: apt install -y python3 python3-pip python3-setuptools python3-venv python3-dev
register: task
changed_when:
- "task.stdout.find('0 upgraded, 0 newly installed, 0 to remove') == -1"
- name: "Init: Python 3 : Libraries - APT"
ansible.builtin.raw: apt install -y python3-apt
register: task
changed_when:
- "task.stdout.find('0 upgraded, 0 newly installed, 0 to remove') == -1"
- name: "Init : Python 3 : Configure - Virtual Environment : Test"
ansible.builtin.raw: "/root/.venv/ansible/bin/pip3"
register: task632
changed_when: false
failed_when: false
- name: "Init : Python 3 : Configure - Virtual Environment : Delete"
ansible.builtin.file:
path: "/root/.venv/ansible"
state: absent
when:
- "task632.stdout.find(\"ModuleNotFoundError: No module named 'pip'\") != -1"
- name: "Init : Python 3 : Configure - Virtual Environment : Create"
ansible.builtin.pip:
name: pip
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv_command: "python3 -m venv"
- name: "Installer : Tools : Install"
ansible.builtin.apt:
name: "{{ package }}"
state: latest
vars:
packages:
- git
- rsync
- unzip
- nano
- tar
- gnupg
- screen
- jq
- sudo
- pkg-config
- etckeeper
- picocom
- vlan
loop: "{{ packages }}"
loop_control:
label: "{{ package }}"
loop_var: "package"
- name: "Installer : Issue : Configure - Copy File"
ansible.builtin.template:
src: './files/issue'
dest: '/etc/{{ file }}'
vars:
files:
- "issue"
- "issue.net"
loop: "{{ files }}"
loop_control:
label: "{{ file }}"
loop_var: "file"
tags:
- issue
- name: "Installer : Motd : Configure - Copy File"
ansible.builtin.template:
src: './files/motd'
dest: '/etc/motd'
tags:
- motd
- name: "Installer : Networking : Configure - Copy Configuration"
ansible.builtin.template:
src: './files/networking/interfaces'
dest: '/etc/network/interfaces'
tags:
- networking
- network
- name: "Installer : Networking : Start - Restart Service"
ansible.builtin.systemd_service:
name: networking
state: restarted
tags:
- networking
- network
- name: "Installer : FirewallD : Dependencies - Packages"
ansible.builtin.apt:
name:
- python3-firewall
- iptables
state: latest
tags:
- firewalld
- firewall
- name: "Installer : FirewallD : Install"
ansible.builtin.apt:
name: "firewalld"
state: latest
tags:
- firewalld
- firewall
- name: "Installer : FirewallD : Start"
ansible.builtin.systemd_service:
name: firewalld
state: started
enabled: true
tags:
- firewalld
- firewall
- name: "Installer : FirewallD : Rules"
ansible.posix.firewalld:
service: "{{ service }}"
state: enabled
permanent: true
immediate: true
offline: true
vars:
services:
- http
- https
- ssh
- dhcp
- dns
loop: "{{ services }}"
loop_control:
label: "{{ service }}"
loop_var: "service"
tags:
- firewalld
- firewall
- name: "Installer - Ansible - Python Library"
ansible.builtin.pip:
name: ansible
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv_command: "python3 -m venv"
tags:
- ansible
- name: "Installer : Ansible : Create Folder"
ansible.builtin.file:
path: /root/bin
state: directory
tags:
- ansible
- name: "Installer : Ansible : Create Symbolic Links"
ansible.builtin.file:
src: /root/.venv/ansible/bin/{{ binary }}
dest: /root/bin/{{ binary }}
state: link
vars:
binaries:
- ansible
- ansible-community
- ansible-config
- ansible-console
- ansible-doc
- ansible-galaxy
- ansible-inventory
- ansible-playbook
- ansible-pull
- ansible-test
- ansible-vault
loop: "{{ binaries }}"
loop_control:
label: "{{ binary }}"
loop_var: "binary"
tags:
- ansible
- name: "Installer - Ansible - Dependencies - Python Libraries"
ansible.builtin.pip:
name: "{{ library }}"
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv_command: "python3 -m venv"
vars:
libraries:
- cryptography
- dnspython
- hvac
- jmespath
- netaddr
- pexpect
loop: "{{ libraries }}"
loop_control:
label: "{{ library }}"
loop_var: "library"
tags:
- ansible
- name: "Installer : MariaDB : Dependencies - Python Library : pymysql"
ansible.builtin.pip:
name: pymysql
state: latest
extra_args: --upgrade
virtualenv: /root/.venv/ansible
virtualenv_command: "python3 -m venv"
tags:
- mariadb
- database
- name: "Installer : MariaDB : Dependencies - Package : mariadb-client"
ansible.builtin.apt:
name: "mariadb-client"
state: latest
tags:
- mariadb
- database
- name: "Installer : Podman : Install"
ansible.builtin.apt:
name:
- podman
- podman-compose
- netavark
- buildah
- slirp4netns
state: latest
tags:
- podman
- name: "Installer : Schedule : Maintenance"
ansible.builtin.cron:
name: "PVJJK 1.VOS TJAS - Infra - Maintenance"
hour: "*/3"
minute: "0"
job: "/root/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/pvjjk-1vos-niinisalo/infra --accept-host-key --private-key /root/.ssh/keys/pvjjk-1vos-niinisalo/infra --vault-password-file /root/.ansible/vault/pvjjk-1vos-niinisalo tasks.yml -t maintenance"
tags:
- cron
- name: "Installer : Schedule : Deployer"
ansible.builtin.cron:
name: "PVJJK 1.VOS TJAS - Infra - Deployer"
minute: "*/5"
job: "/root/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d /root/.ansible/pull/pvjjk-1vos-niinisalo/infra --accept-host-key --private-key /root/.ssh/keys/pvjjk-1vos-niinisalo/infra --vault-password-file /root/.ansible/vault/pvjjk-1vos-niinisalo tasks.yml -t deployer"
tags:
- cron
Reference in New Issue View Git Blame Copy Permalink