Multiple fixes

- Update apt default packages to include dnsutils
- Update the consul task to set up dns resolution through consul and
  systemd-resolved
- Update the consul server config file to auto join hostnames instead of
  IP addresses, this makes the configuration for the playbook much
  easier
- Add a docker task to install docker (works on arm devices also)
- Updates the hashicorp apt role to allow arm devices to pull from the
  correct upstream repo

ansible/roles/apt/defaults/main.yml

@@ -11,8 +11,6 @@ apt_packages:
   - software-properties-common
   - psmisc
   - sudo
-  - mosh
+  - dnsutils
-  - logstash
-
 apt_install_packages: true
 apt_update_packages: true

ansible/roles/configure-consul/tasks/main.yml

@@ -35,14 +35,39 @@
     state: started
   when: ansible_check_mode == false
 
-- name: Check if consul is running with `consul members`
+- name: Ensure systemd-resolved config directory exists
   become: true
-  shell: consul members
+  file:
-  register: consul_members
+    path: /etc/systemd/resolved.conf.d
+    state: directory
+
+- name: Configure Consul DNS
+  become: true
+  copy:
+    dest: /etc/systemd/resolved.conf.d/consul.conf
+    content: |
+      [Resolve]
+      DNS=127.0.0.1:8600
+      DNSSEC=false
+      Domains=~consul node.consul service.consul
+
+- name: Restart systemd-resolved
+  become: true
+  systemd:
+    name: systemd-resolved
+    enabled: yes
+    state: restarted
   when: ansible_check_mode == false
 
-- name: Print consul members
+- name: Remove resolv.conf symlink
-  debug:
+  become: true
-    msg: "{{ consul_members.stdout_lines }}"
+  file:
-  when: ansible_check_mode == false
+    path: /etc/resolv.conf
-# TODO: CONFIGURE CONSUL DNS
+    state: absent
+
+- name: Create resolv.conf symlink
+  become: true
+  file:
+    src: /run/systemd/resolve/stub-resolv.conf
+    dest: /etc/resolv.conf
+    state: link

ansible/roles/docker/tasks/main.yml

@@ -0,0 +1,47 @@
+---
+# ansible role to install docker-ce onto various operating systems
+- name: Ensure required packages are installed
+  become: true
+  apt:
+    name: "{{ item }}"
+  with_items: ["ca-certificates", "curl", "gnupg"]
+  when: ansible_os_family == "Debian"
+
+# Add docker's key
+#  sudo
+#  curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+#  sudo chmod a+r /etc/apt/keyrings/docker.gpg
+- name: Install the keyring
+  become: true
+  shell:
+    cmd: "install -m 0755 -d /etc/apt/keyrings"
+
+- name: Get the key
+  become: true
+  shell:
+    cmd: "curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --batch --yes --dearmor -o /etc/apt/keyrings/docker.gpg"
+
+- name: Set permissions
+  become: true
+  shell:
+    cmd: "chmod a+r /etc/apt/keyrings/docker.gpg"
+
+# Set up the stable repository
+#  echo \
+# "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
+# "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
+# sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+- name: Set up the stable repository
+  become: true
+  shell:
+    cmd: 'echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null'
+
+- name: Install Docker
+  become: true
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    force_apt_get: yes
+  with_items: ["docker-ce", "docker-ce-cli", "containerd.io", "docker-compose"]
+  when: ansible_os_family == "Debian"

ansible/roles/hashicorp-apt/tasks/main.yml

@@ -1,5 +1,4 @@
 ---
-
 - name: Ensure required packages are installed
   become: true
   apt:
@@ -17,12 +16,26 @@
   debug:
     msg: "{{ result.stdout }}"
 
-- name: Add Hashicorp repository
+- name: Add Hashicorp repository (pis only)
   become: true
   shell:
-    cmd: 'sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"'
+    cmd: 'sudo apt-add-repository -y "deb [arch=arm64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"'
   register: result
+  when: "'pis' in group_names"
 
 - name: Print out results
   debug:
     msg: "{{ result.stdout }}"
+  when: "'pis' in group_names"
+
+- name: Add Hashicorp repository (amd64)
+  become: true
+  shell:
+    cmd: 'sudo apt-add-repository -y "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"'
+  register: result
+  when: "'homelab' in group_names"
+
+- name: Print out results
+  debug:
+    msg: "{{ result.stdout }}"
+  when: "'homelab' in group_names"

ansible/templates/consul-server.hcl.j2

@@ -10,9 +10,5 @@ addresses {
 }
 
 ports {
-  grpc_tls  = 8502
+  grpc_tls  = 8503
-}
+}
-
-ui_config {
-  enabled = true
-}