From 5ca07cf48d2270d290481fed0c2c82eed8e7a1fd Mon Sep 17 00:00:00 2001 From: aleidk Date: Thu, 29 May 2025 16:53:28 -0400 Subject: [PATCH] feat: add basic setup playbook --- ansible.cfg | 2 +- files/alpine/motd.j2 | 29 ++++++++++++------- hosts/inventory.yaml | 34 ---------------------- playbooks/initial-setup.yaml | 55 +++++++++++++++++++++++++++++++++--- 4 files changed, 71 insertions(+), 49 deletions(-) diff --git a/ansible.cfg b/ansible.cfg index cd92a60..45f1c2c 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -324,7 +324,7 @@ roles_path=$HOME/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:./ro ;inject_facts_as_vars=True # (string) Path to the Python interpreter to be used for module execution on remote targets, or an automatic discovery mode. Supported discovery modes are ``auto`` (the default), ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes employ a lookup table to use the included system Python (on distributions known to include one), falling back to a fixed ordered list of well-known Python interpreter locations if a platform-specific default is not available. The fallback behavior will issue a warning that the interpreter should be set explicitly (since interpreters installed later may change which one is used). This warning behavior can be disabled by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy`` provides all the same behavior, but for backwards-compatibility with older Ansible releases that always defaulted to ``/usr/bin/python``, will use that interpreter if present. -;interpreter_python=auto +interpreter_python=auto_silent # (boolean) If 'false', invalid attributes for a task will result in warnings instead of errors ;invalid_task_attribute_failed=True diff --git a/files/alpine/motd.j2 b/files/alpine/motd.j2 index 55f3344..0e2f36e 100644 --- a/files/alpine/motd.j2 +++ b/files/alpine/motd.j2 @@ -1,15 +1,24 @@ - This system is managed by Ansible. - _ _ _ _ _ - / \ | |_ __ (_)_ __ ___ | | (_)_ __ _ ___ __ - / _ \ | | '_ \| | '_ \ / _ \ | | | | '_ \| | | \ \/ / - / ___ \| | |_) | | | | | __/ | |___| | | | | |_| |> < - /_/ \_\_| .__/|_|_| |_|\___| |_____|_|_| |_|\__,_/_/\_\ - |_| + /$$$$$$ /$$ /$$ + /$$__ $$| $$ | $$ + | $$ \ $$| $$ /$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ + | $$$$$$$$| $$ /$$__ $$ /$$_____/ /$$__ $$ /$$__ $$ /$$__ $$ /$$_____/ + | $$__ $$| $$| $$$$$$$$| $$ | $$ \ $$| $$ | $$| $$$$$$$$| $$$$$$ + | $$ | $$| $$| $$_____/| $$ | $$ | $$| $$ | $$| $$_____/ \____ $$ + | $$ | $$| $$| $$$$$$$| $$$$$$$| $$$$$$/| $$$$$$$| $$$$$$$ /$$$$$$$/ + |__/ |__/|__/ \_______/ \_______/ \______/ \_______/ \_______/|_______/ + /$$ /$$ /$$ /$$ + | $$ | $$ | $$ | $$ + | $$ | $$ /$$$$$$ /$$$$$$/$$$$ /$$$$$$ | $$ /$$$$$$ | $$$$$$$ + | $$$$$$$$ /$$__ $$| $$_ $$_ $$ /$$__ $$| $$ |____ $$| $$__ $$ + | $$__ $$| $$ \ $$| $$ \ $$ \ $$| $$$$$$$$| $$ /$$$$$$$| $$ \ $$ + | $$ | $$| $$ | $$| $$ | $$ | $$| $$_____/| $$ /$$__ $$| $$ | $$ + | $$ | $$| $$$$$$/| $$ | $$ | $$| $$$$$$$| $$| $$$$$$$| $$$$$$$/ + |__/ |__/ \______/ |__/ |__/ |__/ \_______/|__/ \_______/|_______/ + + System type : {{ ansible_system }} OS : {{ ansible_distribution }} {{ ansible_distribution_version }} Hostname : {{ ansible_hostname }} - IP address : {{ ansible_eth0.ipv4.address }} - System type : {{ ansible_system }} - Kernel : {{ ansible_kernel }} + FQDM : {{ ansible_hostname + ansible_domain}} diff --git a/hosts/inventory.yaml b/hosts/inventory.yaml index 406ed41..8b13789 100644 --- a/hosts/inventory.yaml +++ b/hosts/inventory.yaml @@ -1,35 +1 @@ -homelab: - vars: - ansible_become_method: doas - children: - docker: -storage: - children: s3 - -s3: - vars: - ansible_become_method: doas - hosts: - 10.0.10.160 - -docker: - vars: - robo_allowed_commands: - - "docker system dial-stdio" - children: - docker_managers: - docker_workers: - -docker_managers: - hosts: - 10.0.10.50: - -docker_workers: - hosts: - 10.0.10.51: - node_labels: - services_kind: projects - 10.0.10.52: - node_labels: - services_kind: common diff --git a/playbooks/initial-setup.yaml b/playbooks/initial-setup.yaml index a5d9bb6..347a0c3 100644 --- a/playbooks/initial-setup.yaml +++ b/playbooks/initial-setup.yaml @@ -1,8 +1,55 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/ansible/ansible-lint/refs/heads/main/src/ansiblelint/schemas/playbook.json --- -- hosts: localhost +- name: Initial setup for VM's in homelab + hosts: proxmox_all + user: root vars: - secret: "{{ lookup('rbw', 'Work Laptop') }}" tasks: + - name: Create motd.d dir + file: + path: /etc/motd.d + state: directory + owner: root + group: root + mode: 0755 + - name: Change login message + template: + src: ../files/alpine/motd.j2 + dest: /etc/motd.d/00-homelab + owner: root + group: root + mode: 0644 + force: true - - debug: - msg: the value of the secret is {{ secret.data.public_key }} +- name: Setup alpine machines + hosts: distro_alpine + user: root + vars: + alpine_version: latest-stable + tasks: + - name: Update repositories + template: + src: ../files/alpine/repositories.j2 + dest: /etc/apk/repositories + owner: root + group: root + mode: 0644 + backup: true + notify: + Update Apk Packages + + - name: Be sure python is installed + command: /sbin/apk add python3 + args: + creates: /usr/bin/python3 + + - name: Allow users of the weel group to use doas command + ansible.builtin.lineinfile: + path: /etc/doas.conf + regexp: '^#\s*permit persist :wheel' + line: 'permit persist :wheel' + state: present + + handlers: + - name: Update Apk Packages + command: /sbin/apk upgrade -U -a