redbrick/nomad
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of https://github.com/redbrick/nomad

Browse source
This commit is contained in:
James Hackett 2022-12-19 23:09:23 +00:00
commit e3cdfb5785
7 changed files with 67 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
ansible/bin/adhoc.sh Normal file
View file

@ -0,0 +1,30 @@
#!/bin/bash
if [ $1 = "help" ]; then
cat << EOH
-- Ad-hoc help --
This command is designed as a helper for running ad-hoc ansible commands.
It takes 2 arguments;
1. The host pattern match, and
2. The module followed by the command to run with that module.
-- Examples --
\$ bin/adhoc.sh all ping
# will run ping on 'all' hosts
\$ bin/adhoc.sh glados shell "cmd='echo hello world'"
# will run the shell module on the 'glados' host
EOH
exit 0
fi
if [ $# -eq 2 ]; then
ansible -i hosts $1 -m $2
exit 0
else
ansible -i hosts $1 -m $2 -a "${@:3}"
exit 0
fi

11
ansible/redbrick-ansible.yml
View file

@ -1,10 +1,17 @@
--- ---
# check local head is the same as remote head
# fail if not
# this is to ensure that the local repository is up to date
# before running the playbook, ignores uncommitted changes
- name: Check local repository is up to date
hosts: localhost
roles:
- { role: git-compare-head } # Prevent execution on out-of-date or divergent branches
- name: Redbrick general management - name: Redbrick general management
hosts: all hosts: all
gather_facts: true
roles: roles:
- { role: apt } # update all packages, equivalent to `apt update && apt upgrade` #- { role: apt } # update all packages, equivalent to `apt update && apt upgrade`
#- { role: ssh } # add users defined in roles/defaults/main.yml #- { role: ssh } # add users defined in roles/defaults/main.yml
#- { role: fail2ban } # add and configure fail2ban with jail file located in `templates/fail2ban.jail` #- { role: fail2ban } # add and configure fail2ban with jail file located in `templates/fail2ban.jail`

5
ansible/roles/configure-consul/tasks/main.yml
View file

@ -5,6 +5,7 @@
name: consul name: consul
state: latest state: latest
update_cache: yes update_cache: yes
when: ansible_check_mode == false
- name: Add consul user - name: Add consul user
become: true become: true
@ -32,12 +33,16 @@
name: consul name: consul
enabled: yes enabled: yes
state: started state: started
when: ansible_check_mode == false
- name: Check if consul is running - name: Check if consul is running
become: true become: true
shell: consul members shell: consul members
register: consul_members register: consul_members
when: ansible_check_mode == false
- name: Print consul members - name: Print consul members
debug: debug:
msg: "{{ consul_members.stdout_lines }}" msg: "{{ consul_members.stdout_lines }}"
when: ansible_check_mode == false

6
ansible/roles/configure-nomad/tasks/main.yml
View file

@ -5,6 +5,7 @@
name: nomad name: nomad
state: latest state: latest
update_cache: yes update_cache: yes
when: ansible_check_mode == false
- name: Add nomad user - name: Add nomad user
become: true become: true
@ -39,21 +40,26 @@
name: nomad name: nomad
enabled: yes enabled: yes
state: started state: started
when: ansible_check_mode == false
- name: Check nomad status - name: Check nomad status
become: true become: true
shell: nomad status shell: nomad status
register: nomad_status register: nomad_status
when: ansible_check_mode == false
- name: Print nomad status - name: Print nomad status
debug: debug:
msg: '{{ nomad_status.stdout }}' msg: '{{ nomad_status.stdout }}'
when: ansible_check_mode == false
- name: Check nomad members - name: Check nomad members
become: true become: true
shell: nomad members shell: nomad members
register: nomad_members register: nomad_members
when: ansible_check_mode == false
- name: Print nomad members - name: Print nomad members
debug: debug:
msg: '{{ nomad_members.stdout }}' msg: '{{ nomad_members.stdout }}'
when: ansible_check_mode == false

13
ansible/roles/git-compare-head/tasks/main.yml Normal file
View file

@ -0,0 +1,13 @@
---
- name: Get local HEAD id
local_action: command git rev-parse HEAD
register: local_head
- name: Get remote HEAD id
local_action: command git ls-remote origin HEAD
register: remote_head
- name: Compare local and remote
fail:
msg: "Local repository is not up to date. Please pull latest changes from remote or push your local changes."
when: (local_head.stdout != (remote_head.stdout | split('\t') | first)) and ansible_check_mode == false

25
ansible/roles/hashicorp-apt/tasks/main.yml
View file

@ -1,29 +1,4 @@
--- ---
#- name: Add hashicorp GPG key
# become: true
# apt_key:
# url: https://apt.releases.hashicorp.com/gpg
# state: present
#
#- name: Add hashicorp repository
# become: true
# apt_repository:
# repo: deb [arch=amd64] https://apt.releases.hashicorp.com {{ ansible_distribution_release }} main
# state: present
#- name: Add Vault/Hashicorp apt key
# apt_key:
# url: "https://apt.releases.hashicorp.com/gpg"
# state: present
# become: true
# when: ansible_pkg_mgr == 'apt'
#
#- name: Add Vault/Hashicorp apt repo
# apt_repository:
# repo: "deb https://apt.releases.hashicorp.com/gpg {{ ansible_distribution_release }} main"
# state: present
# become: true
# when: ansible_pkg_mgr == 'apt'
- name: Add Hashicorp apt key - name: Add Hashicorp apt key
become: true become: true

4
ansible/roles/ssh/tasks/main.yml
View file

@ -25,3 +25,7 @@
ignore_errors: yes ignore_errors: yes
register: task_result register: task_result
failed_when: "'blah' in task_result" failed_when: "'blah' in task_result"
- name: Tell user to generate openVPN configuration for users
debug:
msg: "Please generate openVPN configuration for users: {{ task_result.results | map(attribute='item') | map(attribute='user') | list | join(', ') }}. See https://docs.redbrick.dcu.ie/aperture/vpn/ for more information."