Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Sébastien Luttringer
infrastructure
Commits
6085c220
Verified
Commit
6085c220
authored
Mar 19, 2019
by
Giancarlo Razzolini
Browse files
Merge branch 'master' of arch-git:/srv/git/infrastructure
parents
5f5c0d56
eb391730
Changes
15
Hide whitespace changes
Inline
Side-by-side
group_vars/all/common.yml
View file @
6085c220
...
...
@@ -5,7 +5,7 @@ configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter
:
/usr/bin/python3
.7
ansible_python_interpreter
:
/usr/bin/python3
zabbix_agent_templates
:
-
Template OS Linux
host_vars/apollo.archlinux.org
View file @
6085c220
...
...
@@ -37,9 +37,3 @@ zabbix_agent_templates:
zabbix_agent_host_groups:
- Linux servers
- Zabbix servers
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/dragon.archlinux.org
0 → 100644
View file @
6085c220
---
hostname: "dragon"
network_interface: "eth2"
ipv4_address: "195.201.167.210"
ipv4_netmask: "/26"
ipv6_address: "2a01:4f8:13a:102a::2"
ipv6_netmask: "/128"
ipv4_gateway: "195.201.167.193"
ipv6_gateway: "fe80::1"
filesystem: btrfs
raid_level: raid0
system_disks:
- /dev/nvme0n1
- /dev/nvme1n1
archbuild_fs: 'btrfs'
zabbix_agent_templates:
- Template OS Linux
host_vars/ind.mirror.pkgbuild.com
View file @
6085c220
...
...
@@ -6,9 +6,3 @@ network_interface: "eno2"
ipv4_address: "169.38.85.99"
ipv4_netmask: "/26"
ipv4_gateway: "169.38.85.65"
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/jpn.mirror.pkgbuild.com
View file @
6085c220
...
...
@@ -6,9 +6,3 @@ network_interface: "eno2"
ipv4_address: "161.202.225.107"
ipv4_netmask: "/26"
ipv4_gateway: "161.202.225.65"
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/luna.archlinux.org/misc
View file @
6085c220
...
...
@@ -18,9 +18,3 @@ zabbix_agent_templates:
- Template App Mailman
- Template App MySQL
- Template App Nginx
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/mex.mirror.pkgbuild.com
View file @
6085c220
...
...
@@ -6,9 +6,3 @@ network_interface: "eno2"
ipv4_address: "169.57.35.94"
ipv4_netmask: "/26"
ipv4_gateway: "169.57.35.65"
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/orion.archlinux.org/misc
View file @
6085c220
...
...
@@ -21,8 +21,3 @@ zabbix_agent_templates:
- Template OS Linux
- Template App Borg Backup
- Template App Nginx
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/packer-base-image
View file @
6085c220
...
...
@@ -6,5 +6,3 @@ network_interface: "en*"
filesystem: btrfs
system_disks:
- /dev/sda
ansible_python_interpreter: /usr/bin/python3
host_vars/sgp.mirror.pkgbuild.com
View file @
6085c220
...
...
@@ -7,9 +7,3 @@ network_interface: "eno2"
ipv4_address: "161.202.204.205"
ipv4_netmask: "/26"
ipv4_gateway: "161.202.204.193"
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/soyuz.archlinux.org
View file @
6085c220
...
...
@@ -20,9 +20,3 @@ zabbix_agent_templates:
- Template App Borg Backup
- Template App Syncrepo
- Template App PostgreSQL
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
host_vars/vostok.archlinux.org
View file @
6085c220
...
...
@@ -14,9 +14,3 @@ system_disks:
zabbix_agent_templates:
- Template OS Linux
configure_firewall: true
# this is needed to make ansible find the firewalld python
# module when deploying firewalld tasks
ansible_python_interpreter: /usr/bin/python3.7
hosts
View file @
6085c220
...
...
@@ -4,6 +4,7 @@ vostok.archlinux.org
apollo.archlinux.org
soyuz.archlinux.org
luna.archlinux.org
dragon.archlinux.org
[pia]
ind.mirror.pkgbuild.com
...
...
@@ -40,6 +41,7 @@ luna.archlinux.org
orion.archlinux.org
[buildservers]
dragon.archlinux.org
soyuz.archlinux.org
sgp.mirror.pkgbuild.com
...
...
playbooks/dragon.yml
0 → 100644
View file @
6085c220
---
-
name
:
setup dragon
hosts
:
dragon.archlinux.org
remote_user
:
root
roles
:
-
{
role
:
common
,
tags
:
[
'
common'
]
}
-
{
role
:
tools
,
tags
:
[
'
tools'
]
}
-
{
role
:
sshd
,
tags
:
[
'
sshd'
]
}
-
{
role
:
unbound
}
-
{
role
:
root_ssh
,
tags
:
[
'
root_ssh'
]
}
-
{
role
:
archusers
,
tags
:
[
'
archusers'
]
}
-
{
role
:
sudo
,
tags
:
[
'
sudo'
,
'
archusers'
]
}
-
{
role
:
archbuild
,
tags
:
[
'
archbuild'
]
}
roles/install_arch/tasks/main.yml
View file @
6085c220
...
...
@@ -9,7 +9,7 @@
when
:
"
'Hetzner
Rescue'
not
in
motd_contents.stdout"
-
name
:
partition and format the disks (btrfs)
command
:
mkfs.btrfs -f -L rootfs -d raid
1 /dev/sda /dev/sdb
command
:
mkfs.btrfs -f -L rootfs -d
{{
raid
_level|default(raid1) }} {{ system_disks|join(' ') }}
when
:
filesystem == "btrfs" and system_disks|length ==
2
-
name
:
partition and format the disks (btrfs)
...
...
@@ -49,11 +49,11 @@
-
name
:
download bootstrap image
get_url
:
url
:
https://mirrors.kernel.org/archlinux/iso/
latest
/archlinux-bootstrap-2019.0
2
.01-x86_64.tar.gz
url
:
https://mirrors.kernel.org/archlinux/iso/
2019.03.01
/archlinux-bootstrap-2019.0
3
.01-x86_64.tar.gz
dest
:
/tmp/
-
name
:
extract boostrap image
command
:
tar xf archlinux-bootstrap-2019.0
2
.01-x86_64.tar.gz
command
:
tar xf archlinux-bootstrap-2019.0
3
.01-x86_64.tar.gz
args
:
chdir
:
/tmp
creates
:
/tmp/root.x86_64
...
...
@@ -82,8 +82,16 @@
-
name
:
populate pacman keyring inside bootstrap chroot
command
:
chroot /tmp/root.x86_64 pacman-key --populate archlinux
-
name
:
install ucode update for Intel
set_fact
:
ucode="intel-ucode"
when
:
"
'GenuineIntel'
in
ansible_facts['processor']"
-
name
:
install ucode update for AMD
set_fact
:
ucode="amd-ucode"
when
:
"
'AuthenticAMD'
in
ansible_facts['processor']"
-
name
:
install arch base from bootstrap chroot
command
:
chroot /tmp/root.x86_64 pacstrap /mnt base base-devel btrfs-progs grub openssh python creates=/tmp/root.x86_64/mnt/bin
command
:
chroot /tmp/root.x86_64 pacstrap /mnt base base-devel btrfs-progs grub openssh python
{{ ucode }}
creates=/tmp/root.x86_64/mnt/bin
-
name
:
mount /proc to new chroot
command
:
mount --rbind /proc /mnt/proc creates=/mnt/proc/uptime
...
...
@@ -148,7 +156,7 @@
line
:
'
hosts:
files
mymachines
resolve
myhostname'
-
name
:
enable services inside chroot
command
:
chroot /mnt systemctl enable sshd systemd-networkd systemd-resolved
command
:
chroot /mnt systemctl enable sshd systemd-networkd systemd-resolved
fstrim
-
set_fact
:
pubkey_list="{{ lookup('file', "{{ playbook_dir }}/../../pubkeys/" + item) }}"
register
:
pubkeys
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment