From 6e7ee42c1e188b902eac1a13c8d7c61726ee921c Mon Sep 17 00:00:00 2001 From: eric o meehan Date: Mon, 11 Nov 2024 15:46:28 -0500 Subject: [PATCH] v1.0.0 --- .gitmodules | 12 +- cluster.yaml | 3 - group_vars/all.yml | 1 + group_vars/alpha.yaml | 6 +- group_vars/beta.yaml | 6 +- group_vars/clusters.yml | 4 + group_vars/gamma.yaml | 6 +- group_vars/vms.yaml | 7 +- group_vars/workstations.yaml | 6 +- host_vars/gateway.yaml | 59 ----- host_vars/inspiron-3670.yaml | 15 +- host_vars/latitude-7230.yaml | 2 +- host_vars/poweredge-r350.yaml | 3 +- host_vars/poweredge-t640.yaml | 9 +- host_vars/vpn.yaml | 18 -- inventories/{attlocal.yml => eom.dev.yml} | 3 - hypervisors.yaml => main.yaml | 220 +++++++++++++++--- roles/ericomeehan.eom | 2 +- roles/ericomeehan.ericomeehan | 2 +- roles/ericomeehan.gondwana | 2 +- roles/ericomeehan.libvirt-factory | 1 - .../README.md | 38 --- .../defaults/main.yml | 5 - .../handlers/main.yml | 2 - .../meta/main.yml | 34 --- .../tasks/main.yml | 9 - .../tasks/nouveau-mesa.yml | 18 -- .../tasks/nvidia-proprietary-old.yml | 38 --- .../tasks/nvidia-proprietary.yml | 61 ----- .../tests/inventory | 2 - .../tests/test.yml | 5 - .../vars/main.yml | 2 - roles/ericomeehan.qemu-network | 1 - roles/geerlingguy.nfs/.ansible-lint | 3 + roles/geerlingguy.nfs/.github/FUNDING.yml | 4 + .../geerlingguy.nfs/.github/workflows/ci.yml | 66 ++++++ .../.github/workflows/release.yml | 40 ++++ .../.github/workflows/stale.yml | 34 +++ roles/geerlingguy.nfs/.gitignore | 5 + roles/geerlingguy.nfs/.yamllint | 10 + roles/geerlingguy.nfs/LICENSE | 20 ++ roles/geerlingguy.nfs/README.md | 40 ++++ roles/geerlingguy.nfs/defaults/main.yml | 5 + roles/geerlingguy.nfs/handlers/main.yml | 3 + .../geerlingguy.nfs/meta/.galaxy_install_info | 2 + roles/geerlingguy.nfs/meta/main.yml | 27 +++ .../molecule/default/converge.yml | 13 ++ .../molecule/default/molecule.yml | 21 ++ roles/geerlingguy.nfs/tasks/main.yml | 36 +++ roles/geerlingguy.nfs/tasks/setup-Debian.yml | 7 + roles/geerlingguy.nfs/tasks/setup-RedHat.yml | 9 + roles/geerlingguy.nfs/templates/exports.j2 | 13 ++ roles/geerlingguy.nfs/vars/Debian.yml | 2 + roles/geerlingguy.nfs/vars/Fedora.yml | 2 + roles/geerlingguy.nfs/vars/RedHat.yml | 2 + templates/user-data.j2 | 3 +- test.yaml | 7 +- workstations.yaml | 27 +-- 58 files changed, 600 insertions(+), 403 deletions(-) delete mode 100644 host_vars/gateway.yaml delete mode 100644 host_vars/vpn.yaml rename inventories/{attlocal.yml => eom.dev.yml} (96%) rename hypervisors.yaml => main.yaml (56%) delete mode 120000 roles/ericomeehan.libvirt-factory delete mode 100644 roles/ericomeehan.nvidia_driver_debian/README.md delete mode 100644 roles/ericomeehan.nvidia_driver_debian/defaults/main.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/handlers/main.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/meta/main.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/tasks/main.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/tasks/nouveau-mesa.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary-old.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/tests/inventory delete mode 100644 roles/ericomeehan.nvidia_driver_debian/tests/test.yml delete mode 100644 roles/ericomeehan.nvidia_driver_debian/vars/main.yml delete mode 160000 roles/ericomeehan.qemu-network create mode 100644 roles/geerlingguy.nfs/.ansible-lint create mode 100644 roles/geerlingguy.nfs/.github/FUNDING.yml create mode 100644 roles/geerlingguy.nfs/.github/workflows/ci.yml create mode 100644 roles/geerlingguy.nfs/.github/workflows/release.yml create mode 100644 roles/geerlingguy.nfs/.github/workflows/stale.yml create mode 100644 roles/geerlingguy.nfs/.gitignore create mode 100644 roles/geerlingguy.nfs/.yamllint create mode 100644 roles/geerlingguy.nfs/LICENSE create mode 100644 roles/geerlingguy.nfs/README.md create mode 100644 roles/geerlingguy.nfs/defaults/main.yml create mode 100644 roles/geerlingguy.nfs/handlers/main.yml create mode 100644 roles/geerlingguy.nfs/meta/.galaxy_install_info create mode 100644 roles/geerlingguy.nfs/meta/main.yml create mode 100644 roles/geerlingguy.nfs/molecule/default/converge.yml create mode 100644 roles/geerlingguy.nfs/molecule/default/molecule.yml create mode 100644 roles/geerlingguy.nfs/tasks/main.yml create mode 100644 roles/geerlingguy.nfs/tasks/setup-Debian.yml create mode 100644 roles/geerlingguy.nfs/tasks/setup-RedHat.yml create mode 100644 roles/geerlingguy.nfs/templates/exports.j2 create mode 100644 roles/geerlingguy.nfs/vars/Debian.yml create mode 100644 roles/geerlingguy.nfs/vars/Fedora.yml create mode 100644 roles/geerlingguy.nfs/vars/RedHat.yml diff --git a/.gitmodules b/.gitmodules index 8e06023..0b5ee87 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,21 +1,21 @@ [submodule "roles/ericomeehan.eom"] path = roles/ericomeehan.eom - url = https://git.eom.dev/ansible-role-eom + url = https://git.eom.dev/eric/ansible-role-eom.git [submodule "roles/ericomeehan.debian"] path = roles/ericomeehan.debian - url = https://git.eom.dev/ansible-role-debian + url = https://git.eom.dev/eric/ansible-role-deban.git [submodule "roles/ericomeehan.gondwana"] path = roles/ericomeehan.gondwana - url = https://git.eom.dev/ansible-role-gondwana + url = https://git.eom.dev/eric/ansible-role-gondwana.git [submodule "roles/ericomeehan.ericomeehan"] path = roles/ericomeehan.ericomeehan - url = https://git.eom.dev/ansible-role-ericomeehan + url = https://git.eom.dev/eric/ansible-role-ericomeehan.git [submodule "roles/ericomeehan.nvidia_driver"] path = roles/ericomeehan.nvidia_driver - url = https://git.eom.dev/ansible-role-nvidia-driver + url = https://git.eom.dev/eric/ansible-role-nvidia-driver.git [submodule "roles/ericomeehan.kraken-bot"] path = roles/ericomeehan.kraken-bot - url = https://git.eom.dev/ansible-role-kraken-bot + url = https://git.eom.dev/eric/ansible-role-kraken-bot.git [submodule "roles/ericomeehan.qemu-network"] path = roles/ericomeehan.qemu-network url = https://git.eom.dev/ansible-role-qemu-network diff --git a/cluster.yaml b/cluster.yaml index ac356b9..8853152 100644 --- a/cluster.yaml +++ b/cluster.yaml @@ -1,8 +1,5 @@ --- # Playbook for deploying a Kubernetes cluster -- name: Create network bridge -- name: Create virtual machines - - name: Prepare cluster environments hosts: cluster_nodes become: true diff --git a/group_vars/all.yml b/group_vars/all.yml index 172a934..26ee2a2 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,3 +1,4 @@ --- # Global defaults +docker_needed: false nvidia_driver_needed: false diff --git a/group_vars/alpha.yaml b/group_vars/alpha.yaml index 87a788d..54b1a6e 100644 --- a/group_vars/alpha.yaml +++ b/group_vars/alpha.yaml @@ -1 +1,5 @@ -nfs_path: alpha +cluster_name: alpha +metallb_addresses: + - 192.168.1.160-192.168.1.191 +metallb_asn: 6501 +letsencrypt_url: https://acme-v02.api.letsencrypt.org/directory diff --git a/group_vars/beta.yaml b/group_vars/beta.yaml index 0cdd134..c248077 100644 --- a/group_vars/beta.yaml +++ b/group_vars/beta.yaml @@ -1 +1,5 @@ -nfs_path: beta +cluster_name: beta +metallb_addresses: + - 192.168.1.192-192.168.1.223 +metallb_asn: 6502 +letsencrypt_url: https://acme-staging-v02.api.letsencrypt.org/directory diff --git a/group_vars/clusters.yml b/group_vars/clusters.yml index 9bf2b74..7240c9f 100644 --- a/group_vars/clusters.yml +++ b/group_vars/clusters.yml @@ -1,3 +1,7 @@ --- # Group vars for clusters containerd_config_cgroup_driver_systemd: true +kubernetes_version: '1.31' +kubernetes_version_rehl_package: '1.31.1' +kubernetes_allow_pods_on_control_plane: false +kubernetes_join_command_extra_opts: "--ignore-preflight-errors=Port-10250" diff --git a/group_vars/gamma.yaml b/group_vars/gamma.yaml index bc3a38f..6fa3dca 100644 --- a/group_vars/gamma.yaml +++ b/group_vars/gamma.yaml @@ -1 +1,5 @@ -nfs_path: gamma +cluster_name: gamma +metallb_addresses: + - 192.168.1.96-224.168.1.255 +metallb_asn: 6503 +letsencrypt_url: https://acme-staging-v02.api.letsencrypt.org/directory diff --git a/group_vars/vms.yaml b/group_vars/vms.yaml index dd37467..d4b9e29 100644 --- a/group_vars/vms.yaml +++ b/group_vars/vms.yaml @@ -4,19 +4,16 @@ type: kvm name: my_vm_name instance_id: "iid-{{ name }}" packages: + - nfs-common - openssh-server - prometheus-node-exporter - qemu-guest-agent -open_ports: - - interface: any - protocol: tcp - port: 22 memory: unit: MiB value: 4096 vcpu: placement: static - value: 2 + value: 1 os: type: arch: x86_64 diff --git a/group_vars/workstations.yaml b/group_vars/workstations.yaml index 12b86a6..2635792 100644 --- a/group_vars/workstations.yaml +++ b/group_vars/workstations.yaml @@ -1,2 +1,6 @@ # Vars file for workstations -open_ports: "" +docker_needed: true +open_ports: + - interface: any + protocol: tcp + port: 22 diff --git a/host_vars/gateway.yaml b/host_vars/gateway.yaml deleted file mode 100644 index b6e56f4..0000000 --- a/host_vars/gateway.yaml +++ /dev/null @@ -1,59 +0,0 @@ ---- -# Host vars for gateway -name: gateway -interfaces: - - type: network - source: - network: lan - model: - type: virtio - address: - type: pci - domain: 0x0000 - bus: 0x01 - slot: 0x00 - function: 0x0 - - type: network - source: - network: wan - model: - type: virtio - address: - type: pci - domain: 0x0000 - bus: 0x02 - slot: 0x00 - function: 0x0 - - type: network - source: - network: alpha - model: - type: virtio - address: - type: pci - domain: 0x0000 - bus: 0x03 - slot: 0x00 - function: 0x0 - - type: network - source: - network: beta - model: - type: virtio - address: - type: pci - domain: 0x0000 - bus: 0x04 - slot: 0x00 - function: 0x0 - - type: network - source: - network: gamma - model: - type: virtio - address: - type: pci - domain: 0x0000 - bus: 0x08 - slot: 0x00 - function: 0x0 diff --git a/host_vars/inspiron-3670.yaml b/host_vars/inspiron-3670.yaml index 16455de..64d7065 100644 --- a/host_vars/inspiron-3670.yaml +++ b/host_vars/inspiron-3670.yaml @@ -1,16 +1,3 @@ # Host vars for inspiron-3670 +docker_needed: false nvidia_driver_needed: true -packages: - - curl - - davfs2 - - gimp - - git - - gphoto2 - - latexml - - neovim - - passwordsafe - - texlive-full - - thunderbird - - tmux - - torbrowser-launcher - - w3m diff --git a/host_vars/latitude-7230.yaml b/host_vars/latitude-7230.yaml index f5de822..75f9364 100644 --- a/host_vars/latitude-7230.yaml +++ b/host_vars/latitude-7230.yaml @@ -1,3 +1,3 @@ # Host vars for latitude-7230 - ansible_connection: local +open_ports: "" diff --git a/host_vars/poweredge-r350.yaml b/host_vars/poweredge-r350.yaml index cdd837e..52b8a8d 100644 --- a/host_vars/poweredge-r350.yaml +++ b/host_vars/poweredge-r350.yaml @@ -12,5 +12,4 @@ libvirt_networks: bridge: name: lan dev: eno8403 -libvirt_guests: - - vpn +libvirt_guests: "" diff --git a/host_vars/poweredge-t640.yaml b/host_vars/poweredge-t640.yaml index dc3e2f7..997c95a 100644 --- a/host_vars/poweredge-t640.yaml +++ b/host_vars/poweredge-t640.yaml @@ -7,8 +7,13 @@ libvirt_networks: bridge: name: wan dev: eno1np0 + - name: lan + forward: + mode: bridge + bridge: + name: lan + dev: eno2np1 libvirt_guests: - - network-file-system - alpha-control-plane - alpha-worker-0 - alpha-worker-1 @@ -24,3 +29,5 @@ libvirt_guests: - gamma-worker-1 - gamma-worker-2 - gamma-worker-3 +nfs_exports: ["/data *(rw,sync,no_root_squash)"] +nvidia_driver_needed: true diff --git a/host_vars/vpn.yaml b/host_vars/vpn.yaml deleted file mode 100644 index dbae9e7..0000000 --- a/host_vars/vpn.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# Host vars for vpn -name: vpn -packages: - - openssh-server - - openvpn - - prometheus-node-exporter -interfaces: - - type: network - source: - network: wan - model: - type: virtio - - type: network - source: - network: lan - model: - type: virtio diff --git a/inventories/attlocal.yml b/inventories/eom.dev.yml similarity index 96% rename from inventories/attlocal.yml rename to inventories/eom.dev.yml index 22a6107..98e742a 100644 --- a/inventories/attlocal.yml +++ b/inventories/eom.dev.yml @@ -13,9 +13,6 @@ all: poweredge-t640: vms: - hosts: - network-file-system: - vpn: children: clusters: children: diff --git a/hypervisors.yaml b/main.yaml similarity index 56% rename from hypervisors.yaml rename to main.yaml index 320be74..2c2d0c4 100644 --- a/hypervisors.yaml +++ b/main.yaml @@ -1,18 +1,49 @@ --- -# Playbook for hypervisors -- name: Initialize hypervisors - hosts: hypervisors +# Playbook for eom.dev +- name: Initialize workstations + hosts: workstations become: true + vars_files: + - ../secrets.yaml roles: - role: ericomeehan.debian - role: ericomeehan.ericomeehan + - role: ericomeehan.nvidia_driver + when: nvidia_driver_needed == true + - role: geerlingguy.docker + when: docker_needed == true -- name: Deploy virtual machines +- name: Initialize hypervisors hosts: hypervisors become: true vars_files: - ../secrets.yaml - pre_tasks: + roles: + - role: ericomeehan.debian + - role: ericomeehan.ericomeehan + - role: ericomeehan.nvidia_driver + when: nvidia_driver_needed == true + +- name: Initialize Network File Systems + hosts: poweredge-t640 + become: true + roles: + - role: geerlingguy.nfs + tasks: + - name: Create NFS directories + file: + path: "{{ item }}" + state: directory + loop: + - /data/alpha + - /data/beta + - /data/gamma + - /data/eric + +- name: Prepare virtualization environments + hosts: hypervisors + become: true + tasks: - name: Install packages for virtualization apt: update_cache: yes @@ -38,9 +69,25 @@ line: 'net.ipv6.conf.all.forwarding = 1' state: present + - name: Copy interfaces template + template: + src: interfaces.j2 + dest: /etc/network/interfaces + - name: Reload sysctl configuration command: sysctl --system + - name: Reload network service + service: + name: networking + state: restarted + +- name: Deploy virtual machines + hosts: hypervisors + become: true + vars_files: + - ../secrets.yaml + tasks: - name: Define libvirt networks community.libvirt.virt_net: name: "{{ item.name }}" @@ -134,33 +181,21 @@ command: "virsh reset {{ item }}" loop: "{{ libvirt_guests }}" -- name: Copy SSH keys +- name: Wait for manual tasks hosts: localhost tasks: - - name: Wait for manual tasks + - name: Trust SSH identities pause: - prompt: "Press Enter to continue..." + prompt: "Press Enter to continue..." - name: Initialize virtual machines hosts: vms become: true - pre_tasks: - - name: Append text from files/motd to the beginning of remote motd file - blockinfile: - path: /etc/motd - marker: "" - block: | - {{ lookup('file', 'motd') }} - + vars_files: + - ../secrets.yaml roles: - role: ericomeehan.ericomeehan -- name: Initialize Network File Systems - hosts: network-file-system - become: true - roles: - - role: geerlingguy.nfs - - name: Initialize Kubernetes clusters hosts: clusters become: true @@ -220,32 +255,141 @@ roles: - role: geerlingguy.helm -- name: Install NFS Common - hosts: workers +- name: Deploy base Kubernetes resources + hosts: control_planes become: true tasks: - - name: Install nfs-common - apt: - name: nfs-common - state: present - -- name: Configure default storage class - hosts: control-planes - become: true - tasks: - - name: Install helm repo + - name: Add NFS Provisioner repository kubernetes.core.helm_repository: name: nfs-subdir-external-provisioner repo_url: https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/ - - name: Deploy nfs provisioner + - name: Add MetalLB repository + kubernetes.core.helm_repository: + name: metallb + repo_url: https://metallb.github.io/metallb + + - name: Add Ingress Nginx repository + kubernetes.core.helm_repository: + name: ingress-nginx + repo_url: https://kubernetes.github.io/ingress-nginx + + - name: Add cert-manager repository + kubernetes.core.helm_repository: + name: jetstack + repo_url: https://charts.jetstack.io + + - name: Update Helm repos + command: helm repo update + + - name: Deploy NFS Provisioner kubernetes.core.helm: name: nfs-subdir-external-provisioner chart_ref: nfs-subdir-external-provisioner/nfs-subdir-external-provisioner - release_namespace: default + release_namespace: nfs-provisioner + create_namespace: true values: nfs: - server: network-file-system - path: "/data/{{ nfs_path }}" + server: poweredge-t640 + path: "/data/{{ cluster_name }}" storageClass: defaultClass: true + + - name: Deploy MetalLB + kubernetes.core.helm: + name: metallb + chart_ref: metallb/metallb + release_namespace: metallb + create_namespace: true + + - name: Wait for MetalLB to initialize + wait_for: + timeout: 120 + + - name: Deploy BGP Peer + k8s: + state: present + definition: + apiVersion: metallb.io/v1beta2 + kind: BGPPeer + metadata: + name: bgp-peer + namespace: metallb + spec: + myASN: "{{ metallb_asn }}" + peerASN: 6500 + peerAddress: 192.168.1.1 + + - name: Deploy address pool + k8s: + state: present + definition: + apiVersion: metallb.io/v1beta1 + kind: IPAddressPool + metadata: + name: pool0 + namespace: metallb + spec: + addresses: "{{ metallb_addresses }}" + + - name: Deploy BGP Advertisement + k8s: + state: present + definition: + apiVersion: metallb.io/v1beta1 + kind: BGPAdvertisement + metadata: + name: bgp-advertisement + namespace: metallb + spec: + ipAddressPools: + - pool0 + + - name: Deploy Ingress Nginx + kubernetes.core.helm: + name: ingress-nginx + chart_ref: ingress-nginx/ingress-nginx + release_namespace: ingress-nginx + create_namespace: true + values: + controller: + annotations: + acme.cert-manager.io/http01-edit-in-place: 'true' + extraArgs: + update-status: "false" + + - name: Deploy cert-manager + kubernetes.core.helm: + name: cert-manager + chart_ref: jetstack/cert-manager + release_namespace: cert-manager + create_namespace: true + values: + crds: + enabled: true + + - name: Deploy Cluster Issuer + k8s: + state: present + definition: + apiVersion: cert-manager.io/v1 + kind: ClusterIssuer + metadata: + name: ca-issuer + spec: + acme: + server: "{{ letsencrypt_url }}" + email: eric@eom.dev + privateKeySecretRef: + name: letsencrypt-issuer-key + solvers: + - http01: + ingress: + ingressClassName: nginx + +- name: Port forward HTTP(S) to Ingress Controllers + hosts: localhost + tasks: + - name: Wait for manual tasks + pause: + prompt: "Press Enter to continue..." diff --git a/roles/ericomeehan.eom b/roles/ericomeehan.eom index 2d39534..be231a9 160000 --- a/roles/ericomeehan.eom +++ b/roles/ericomeehan.eom @@ -1 +1 @@ -Subproject commit 2d395340236352edaeb15cea56a9e65cc740453a +Subproject commit be231a903113d5092a8b1ea6830c1bbbaad424b6 diff --git a/roles/ericomeehan.ericomeehan b/roles/ericomeehan.ericomeehan index ba6296a..4dc7f79 160000 --- a/roles/ericomeehan.ericomeehan +++ b/roles/ericomeehan.ericomeehan @@ -1 +1 @@ -Subproject commit ba6296a2ec7fdbdea8d9676e6423d326b4c3a4d0 +Subproject commit 4dc7f7917edb012b15268a4e94c81b55592130a5 diff --git a/roles/ericomeehan.gondwana b/roles/ericomeehan.gondwana index 0ca51b4..c1bed4e 160000 --- a/roles/ericomeehan.gondwana +++ b/roles/ericomeehan.gondwana @@ -1 +1 @@ -Subproject commit 0ca51b452a430820c15bb0a8424c6d65eb7db349 +Subproject commit c1bed4ec3766ae456ca7e55ec2699e640d76a884 diff --git a/roles/ericomeehan.libvirt-factory b/roles/ericomeehan.libvirt-factory deleted file mode 120000 index 3066ea0..0000000 --- a/roles/ericomeehan.libvirt-factory +++ /dev/null @@ -1 +0,0 @@ -/home/eric/Desktop/ansible-role-libvirt-vm \ No newline at end of file diff --git a/roles/ericomeehan.nvidia_driver_debian/README.md b/roles/ericomeehan.nvidia_driver_debian/README.md deleted file mode 100644 index 225dd44..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/ericomeehan.nvidia_driver_debian/defaults/main.yml b/roles/ericomeehan.nvidia_driver_debian/defaults/main.yml deleted file mode 100644 index 9eb6825..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/defaults/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# defaults file for ericomeehan.nvidia_driver_debian -nvidia_driver_skip_reboot: false -nvidia_driver_source: nvidia -nvidia_driver_tesla: false diff --git a/roles/ericomeehan.nvidia_driver_debian/handlers/main.yml b/roles/ericomeehan.nvidia_driver_debian/handlers/main.yml deleted file mode 100644 index 2438b4d..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for ericomeehan.nvidia_driver_debian diff --git a/roles/ericomeehan.nvidia_driver_debian/meta/main.yml b/roles/ericomeehan.nvidia_driver_debian/meta/main.yml deleted file mode 100644 index ea68190..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/meta/main.yml +++ /dev/null @@ -1,34 +0,0 @@ -galaxy_info: - author: your name - description: your role description - company: your company (optional) - - # If the issue tracker for your role is not on github, uncomment the - # next line and provide a value - # issue_tracker_url: http://example.com/issue/tracker - - # Choose a valid license ID from https://spdx.org - some suggested licenses: - # - BSD-3-Clause (default) - # - MIT - # - GPL-2.0-or-later - # - GPL-3.0-only - # - Apache-2.0 - # - CC-BY-4.0 - license: license (GPL-2.0-or-later, MIT, etc) - - min_ansible_version: 2.1 - - # If this a Container Enabled role, provide the minimum Ansible Container version. - # min_ansible_container_version: - - galaxy_tags: [] - # List tags for your role here, one per line. A tag is a keyword that describes - # and categorizes the role. Users find roles by searching for tags. Be sure to - # remove the '[]' above, if you add tags to this list. - # - # NOTE: A tag is limited to a single word comprised of alphanumeric characters. - # Maximum 20 tags per role. - -dependencies: [] - # List your role dependencies here, one per line. Be sure to remove the '[]' above, - # if you add dependencies to this list. diff --git a/roles/ericomeehan.nvidia_driver_debian/tasks/main.yml b/roles/ericomeehan.nvidia_driver_debian/tasks/main.yml deleted file mode 100644 index 037fca0..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/tasks/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -# tasks file for ericomeehan.nvidia_driver_debian -- name: Install Nvidia proprietary drivers - include_tasks: nvidia-proprietary.yml - when: nvidia_driver_source == "nvidia" - -- name: Install nouveau and mesa drivers - include_tasks: nouveau-mesa.yml - when: nvidia_driver_source == "nouveau" diff --git a/roles/ericomeehan.nvidia_driver_debian/tasks/nouveau-mesa.yml b/roles/ericomeehan.nvidia_driver_debian/tasks/nouveau-mesa.yml deleted file mode 100644 index 3045db4..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/tasks/nouveau-mesa.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -# tasks file for nouveau-mesa -- name: Update apt - become: yes - apt: - update_cache: yes - -- name: Install nouveau and mesa - apt: - state: present - name: - - xserver-xorg-video-nouveau - - mesa-utils - register: install_driver - -- name: Reboot after driver install - reboot: - when: install_driver.changed and not nvidia_driver_skip_reboot diff --git a/roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary-old.yml b/roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary-old.yml deleted file mode 100644 index 5b3c6d2..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary-old.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -# tasks file for nvidia-proprietary -- name: Add contrib & non-free repository - replace: - dest: /etc/apt/sources.list - regexp: '^(deb(?!.* contrib).*)' - replace: '\1 contrib non-free' - -- name: Update apt - become: yes - apt: - update_cache: yes - -- name: Install Linux headers - apt: - name: linux-headers-{{ ansible_kernel }} - state: present - -- name: Install Nvidia and CUDA drivers - apt: - state: present - name: - - nvidia-driver - - firmware-misc-nonfree - - nvidia-cuda-dev - - nvidia-cuda-toolkit - register: install_driver - -- name: Install tesla drivers - apt: - state: present - name: - - nvidia-tesla-470-driver - when: nvidia_driver_tesla == true - -- name: Reboot after driver install - reboot: - when: install_driver.changed and not nvidia_driver_skip_reboot diff --git a/roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary.yml b/roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary.yml deleted file mode 100644 index e58ea56..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/tasks/nvidia-proprietary.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- -# tasks file for nvidia-proprietary -- name: Add contrib & non-free repository - replace: - dest: /etc/apt/sources.list - regexp: '^(deb(?!.* contrib).*)' - replace: '\1 contrib non-free' - -- name: Install Linux headers - apt: - name: linux-headers-{{ ansible_kernel }} - state: present - -- name: Download Nvidia driver local repo - get_url: - url: https://us.download.nvidia.com/tesla/550.90.07/nvidia-driver-local-repo-debian12-550.90.07_1.0-1_amd64.deb - dest: /tmp/nvidia-driver-local-repo-debian12-550.90.07_1.0-1_amd64.deb - -- name: Install Nvidia driver local repo - apt: - deb: /tmp/nvidia-driver-local-repo-debian12-550.90.07_1.0-1_amd64.deb - state: present - -- name: Add Nvidia driver local repo keyring - copy: - remote_src: true - src: /var/nvidia-driver-local-repo-debian12-550.90.07/nvidia-driver-local-3FEEC8FF-keyring.gpg - dest: /usr/share/keyrings/nvidia-driver-local-3FEEC8FF-keyring.gpg - -- name: Download CUDA repo - get_url: - url: https://developer.download.nvidia.com/compute/cuda/12.4.1/local_installers/cuda-repo-debian12-12-4-local_12.4.1-550.54.15-1_amd64.deb - dest: /tmp/cuda-repo-debian12-12-4-local_12.4.1-550.54.15-1_amd64.deb - -- name: Install CUDA repo - apt: - deb: /tmp/cuda-repo-debian12-12-4-local_12.4.1-550.54.15-1_amd64.deb - state: present - -- name: Add CUDA repo keyring - copy: - remote_src: true - src: /var/cuda-repo-debian12-12-4-local/cuda-C5AA6424-keyring.gpg - dest: /usr/share/keyrings/cuda-C5AA6424-keyring.gpg - -- name: Update package list - apt: - update_cache: yes - -- name: Install Nvidia driver and CUDA toolkit - apt: - name: - - firmware-misc-nonfree - - cuda-toolkit-12-4 - - nvidia-driver=550.90.07-1 - state: present - register: install_driver - -- name: Reboot after driver install - reboot: - when: install_driver.changed and not nvidia_driver_skip_reboot diff --git a/roles/ericomeehan.nvidia_driver_debian/tests/inventory b/roles/ericomeehan.nvidia_driver_debian/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/ericomeehan.nvidia_driver_debian/tests/test.yml b/roles/ericomeehan.nvidia_driver_debian/tests/test.yml deleted file mode 100644 index 077a721..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - ericomeehan.nvidia_driver_debian diff --git a/roles/ericomeehan.nvidia_driver_debian/vars/main.yml b/roles/ericomeehan.nvidia_driver_debian/vars/main.yml deleted file mode 100644 index fd95536..0000000 --- a/roles/ericomeehan.nvidia_driver_debian/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for ericomeehan.nvidia_driver_debian diff --git a/roles/ericomeehan.qemu-network b/roles/ericomeehan.qemu-network deleted file mode 160000 index aa1a12a..0000000 --- a/roles/ericomeehan.qemu-network +++ /dev/null @@ -1 +0,0 @@ -Subproject commit aa1a12a3f5cdf6398b4f6dbc2df00e48a55542c4 diff --git a/roles/geerlingguy.nfs/.ansible-lint b/roles/geerlingguy.nfs/.ansible-lint new file mode 100644 index 0000000..acc8255 --- /dev/null +++ b/roles/geerlingguy.nfs/.ansible-lint @@ -0,0 +1,3 @@ +skip_list: + - 'yaml' + - 'role-name' diff --git a/roles/geerlingguy.nfs/.github/FUNDING.yml b/roles/geerlingguy.nfs/.github/FUNDING.yml new file mode 100644 index 0000000..96b4938 --- /dev/null +++ b/roles/geerlingguy.nfs/.github/FUNDING.yml @@ -0,0 +1,4 @@ +# These are supported funding model platforms +--- +github: geerlingguy +patreon: geerlingguy diff --git a/roles/geerlingguy.nfs/.github/workflows/ci.yml b/roles/geerlingguy.nfs/.github/workflows/ci.yml new file mode 100644 index 0000000..b65f8da --- /dev/null +++ b/roles/geerlingguy.nfs/.github/workflows/ci.yml @@ -0,0 +1,66 @@ +--- +name: CI +'on': + pull_request: + push: + branches: + - master + schedule: + - cron: "30 1 * * 3" + +defaults: + run: + working-directory: 'geerlingguy.nfs' + +jobs: + + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - name: Check out the codebase. + uses: actions/checkout@v4 + with: + path: 'geerlingguy.nfs' + + - name: Set up Python 3. + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Install test dependencies. + run: pip3 install yamllint + + - name: Lint code. + run: | + yamllint . + + molecule: + name: Molecule + runs-on: ubuntu-latest + strategy: + matrix: + distro: + - rockylinux9 + - ubuntu2004 + + steps: + - name: Check out the codebase. + uses: actions/checkout@v4 + with: + path: 'geerlingguy.nfs' + + - name: Set up Python 3. + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Install test dependencies. + run: pip3 install ansible molecule molecule-plugins[docker] docker + + - name: Run Molecule tests. + run: molecule test + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_DISTRO: ${{ matrix.distro }} diff --git a/roles/geerlingguy.nfs/.github/workflows/release.yml b/roles/geerlingguy.nfs/.github/workflows/release.yml new file mode 100644 index 0000000..2af56ea --- /dev/null +++ b/roles/geerlingguy.nfs/.github/workflows/release.yml @@ -0,0 +1,40 @@ +--- +# This workflow requires a GALAXY_API_KEY secret present in the GitHub +# repository or organization. +# +# See: https://github.com/marketplace/actions/publish-ansible-role-to-galaxy +# See: https://github.com/ansible/galaxy/issues/46 + +name: Release +'on': + push: + tags: + - '*' + +defaults: + run: + working-directory: 'geerlingguy.nfs' + +jobs: + + release: + name: Release + runs-on: ubuntu-latest + steps: + - name: Check out the codebase. + uses: actions/checkout@v4 + with: + path: 'geerlingguy.nfs' + + - name: Set up Python 3. + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Install Ansible. + run: pip3 install ansible-core + + - name: Trigger a new import on Galaxy. + run: >- + ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} + $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) diff --git a/roles/geerlingguy.nfs/.github/workflows/stale.yml b/roles/geerlingguy.nfs/.github/workflows/stale.yml new file mode 100644 index 0000000..451cea1 --- /dev/null +++ b/roles/geerlingguy.nfs/.github/workflows/stale.yml @@ -0,0 +1,34 @@ +--- +name: Close inactive issues +'on': + schedule: + - cron: "55 19 * * 6" # semi-random time + +jobs: + close-issues: + runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + steps: + - uses: actions/stale@v8 + with: + days-before-stale: 120 + days-before-close: 60 + exempt-issue-labels: bug,pinned,security,planned + exempt-pr-labels: bug,pinned,security,planned + stale-issue-label: "stale" + stale-pr-label: "stale" + stale-issue-message: | + This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution! + + Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark issues as stale. + close-issue-message: | + This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details. + stale-pr-message: | + This pr has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution! + + Please read [this blog post](https://www.jeffgeerling.com/blog/2020/enabling-stale-issue-bot-on-my-github-repositories) to see the reasons why I mark issues as stale. + close-pr-message: | + This pr has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details. + repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/roles/geerlingguy.nfs/.gitignore b/roles/geerlingguy.nfs/.gitignore new file mode 100644 index 0000000..8840c8f --- /dev/null +++ b/roles/geerlingguy.nfs/.gitignore @@ -0,0 +1,5 @@ +*.retry +*/__pycache__ +*.pyc +.cache + diff --git a/roles/geerlingguy.nfs/.yamllint b/roles/geerlingguy.nfs/.yamllint new file mode 100644 index 0000000..6dcebf7 --- /dev/null +++ b/roles/geerlingguy.nfs/.yamllint @@ -0,0 +1,10 @@ +--- +extends: default + +rules: + line-length: + max: 120 + level: warning + +ignore: | + .github/workflows/stale.yml diff --git a/roles/geerlingguy.nfs/LICENSE b/roles/geerlingguy.nfs/LICENSE new file mode 100644 index 0000000..4275cf3 --- /dev/null +++ b/roles/geerlingguy.nfs/LICENSE @@ -0,0 +1,20 @@ +The MIT License (MIT) + +Copyright (c) 2017 Jeff Geerling + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/roles/geerlingguy.nfs/README.md b/roles/geerlingguy.nfs/README.md new file mode 100644 index 0000000..97e7f04 --- /dev/null +++ b/roles/geerlingguy.nfs/README.md @@ -0,0 +1,40 @@ +# Ansible Role: NFS + +[![CI](https://github.com/geerlingguy/ansible-role-nfs/workflows/CI/badge.svg?event=push)](https://github.com/geerlingguy/ansible-role-nfs/actions?query=workflow%3ACI) + +Installs NFS utilities on RedHat/CentOS or Debian/Ubuntu. + +## Requirements + +None. + +## Role Variables + +Available variables are listed below, along with default values (see `defaults/main.yml`): + + nfs_exports: [] + +A list of exports which will be placed in the `/etc/exports` file. See Ubuntu's simple [Network File System (NFS)](https://ubuntu.com/server/docs/service-nfs) guide for more info and examples. (Simple example: `nfs_exports: [ "/home/public *(rw,sync,no_root_squash)" ]`). + + nfs_rpcbind_state: started + nfs_rpcbind_enabled: true + +(RedHat/CentOS/Fedora only) The state of the `rpcbind` service, and whether it should be enabled at system boot. + +## Dependencies + +None. + +## Example Playbook + + - hosts: db-servers + roles: + - { role: geerlingguy.nfs } + +## License + +MIT / BSD + +## Author Information + +This role was created in 2014 by [Jeff Geerling](https://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/roles/geerlingguy.nfs/defaults/main.yml b/roles/geerlingguy.nfs/defaults/main.yml new file mode 100644 index 0000000..0bc919f --- /dev/null +++ b/roles/geerlingguy.nfs/defaults/main.yml @@ -0,0 +1,5 @@ +--- +nfs_exports: [] + +nfs_rpcbind_state: started +nfs_rpcbind_enabled: true diff --git a/roles/geerlingguy.nfs/handlers/main.yml b/roles/geerlingguy.nfs/handlers/main.yml new file mode 100644 index 0000000..4cdcec5 --- /dev/null +++ b/roles/geerlingguy.nfs/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: reload nfs + command: 'exportfs -ra' diff --git a/roles/geerlingguy.nfs/meta/.galaxy_install_info b/roles/geerlingguy.nfs/meta/.galaxy_install_info new file mode 100644 index 0000000..a4a67d1 --- /dev/null +++ b/roles/geerlingguy.nfs/meta/.galaxy_install_info @@ -0,0 +1,2 @@ +install_date: 'Mon 11 Nov 2024 01:39:36 AM ' +version: 2.1.0 diff --git a/roles/geerlingguy.nfs/meta/main.yml b/roles/geerlingguy.nfs/meta/main.yml new file mode 100644 index 0000000..b65052a --- /dev/null +++ b/roles/geerlingguy.nfs/meta/main.yml @@ -0,0 +1,27 @@ +--- +dependencies: [] + +galaxy_info: + role_name: nfs + author: geerlingguy + description: NFS installation for Linux. + company: "Midwestern Mac, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 2.10 + platforms: + - name: Fedora + versions: + - all + - name: Debian + versions: + - all + - name: Ubuntu + versions: + - all + galaxy_tags: + - system + - nfs + - filesystem + - share + - nfsv4 + - efs diff --git a/roles/geerlingguy.nfs/molecule/default/converge.yml b/roles/geerlingguy.nfs/molecule/default/converge.yml new file mode 100644 index 0000000..ee8ce1d --- /dev/null +++ b/roles/geerlingguy.nfs/molecule/default/converge.yml @@ -0,0 +1,13 @@ +--- +- name: Converge + hosts: all + become: true + + pre_tasks: + - name: Update apt cache. + apt: update_cache=yes cache_valid_time=600 + when: ansible_os_family == 'Debian' + changed_when: false + + roles: + - role: geerlingguy.nfs diff --git a/roles/geerlingguy.nfs/molecule/default/molecule.yml b/roles/geerlingguy.nfs/molecule/default/molecule.yml new file mode 100644 index 0000000..3c2f1e5 --- /dev/null +++ b/roles/geerlingguy.nfs/molecule/default/molecule.yml @@ -0,0 +1,21 @@ +--- +role_name_check: 1 +dependency: + name: galaxy + options: + ignore-errors: true +driver: + name: docker +platforms: + - name: instance + image: "geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux9}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + cgroupns_mode: host + privileged: true + pre_build_image: true +provisioner: + name: ansible + playbooks: + converge: ${MOLECULE_PLAYBOOK:-converge.yml} diff --git a/roles/geerlingguy.nfs/tasks/main.yml b/roles/geerlingguy.nfs/tasks/main.yml new file mode 100644 index 0000000..bb8884d --- /dev/null +++ b/roles/geerlingguy.nfs/tasks/main.yml @@ -0,0 +1,36 @@ +--- +# Include variables and define needed variables. +- name: Include OS-specific variables. + include_vars: "{{ ansible_os_family }}.yml" + +- name: Include overrides specific to Fedora. + include_vars: Fedora.yml + when: + - ansible_os_family == 'RedHat' + - ansible_distribution == "Fedora" + +# Setup/install tasks. +- include_tasks: setup-RedHat.yml + when: ansible_os_family == 'RedHat' + +- include_tasks: setup-Debian.yml + when: ansible_os_family == 'Debian' + +- name: Ensure directories to export exist + file: # noqa 208 + path: "{{ item }}" + state: directory + with_items: "{{ nfs_exports | map('split') | map('first') | unique }}" + +- name: Copy exports file. + template: + src: exports.j2 + dest: /etc/exports + owner: root + group: root + mode: 0644 + notify: reload nfs + +- name: Ensure nfs is running. + service: "name={{ nfs_server_daemon }} state=started enabled=yes" + when: nfs_exports|length diff --git a/roles/geerlingguy.nfs/tasks/setup-Debian.yml b/roles/geerlingguy.nfs/tasks/setup-Debian.yml new file mode 100644 index 0000000..829b614 --- /dev/null +++ b/roles/geerlingguy.nfs/tasks/setup-Debian.yml @@ -0,0 +1,7 @@ +--- +- name: Ensure NFS utilities are installed. + apt: + name: + - nfs-common + - nfs-kernel-server + state: present diff --git a/roles/geerlingguy.nfs/tasks/setup-RedHat.yml b/roles/geerlingguy.nfs/tasks/setup-RedHat.yml new file mode 100644 index 0000000..d7198af --- /dev/null +++ b/roles/geerlingguy.nfs/tasks/setup-RedHat.yml @@ -0,0 +1,9 @@ +--- +- name: Ensure NFS utilities are installed. + package: name=nfs-utils state=present + +- name: Ensure rpcbind is running as configured. + service: + name: rpcbind + state: "{{ nfs_rpcbind_state }}" + enabled: "{{ nfs_rpcbind_enabled }}" diff --git a/roles/geerlingguy.nfs/templates/exports.j2 b/roles/geerlingguy.nfs/templates/exports.j2 new file mode 100644 index 0000000..fa27c55 --- /dev/null +++ b/roles/geerlingguy.nfs/templates/exports.j2 @@ -0,0 +1,13 @@ +# /etc/exports: the access control list for filesystems which may be exported +# to NFS clients. See exports(5). +# +# Example for NFSv2 and NFSv3: +# /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) +# +# Example for NFSv4: +# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) +# /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) +# +{% for export in nfs_exports %} +{{ export }} +{% endfor %} \ No newline at end of file diff --git a/roles/geerlingguy.nfs/vars/Debian.yml b/roles/geerlingguy.nfs/vars/Debian.yml new file mode 100644 index 0000000..d7ee6b5 --- /dev/null +++ b/roles/geerlingguy.nfs/vars/Debian.yml @@ -0,0 +1,2 @@ +--- +nfs_server_daemon: nfs-kernel-server diff --git a/roles/geerlingguy.nfs/vars/Fedora.yml b/roles/geerlingguy.nfs/vars/Fedora.yml new file mode 100644 index 0000000..0538858 --- /dev/null +++ b/roles/geerlingguy.nfs/vars/Fedora.yml @@ -0,0 +1,2 @@ +--- +nfs_server_daemon: nfs-server diff --git a/roles/geerlingguy.nfs/vars/RedHat.yml b/roles/geerlingguy.nfs/vars/RedHat.yml new file mode 100644 index 0000000..0538858 --- /dev/null +++ b/roles/geerlingguy.nfs/vars/RedHat.yml @@ -0,0 +1,2 @@ +--- +nfs_server_daemon: nfs-server diff --git a/templates/user-data.j2 b/templates/user-data.j2 index 5e22a78..ee0d50c 100644 --- a/templates/user-data.j2 +++ b/templates/user-data.j2 @@ -24,8 +24,7 @@ chpasswd: expire: false users: - name: eric - type: text - password: 123abc + type: RANDOM ssh_pwauth: false diff --git a/test.yaml b/test.yaml index 167a156..7166056 100644 --- a/test.yaml +++ b/test.yaml @@ -1,6 +1,7 @@ ---- - name: Execute test - hosts: gamma-control-plane + hosts: alpha-control-plane become: true + vars_files: + - ../secrets.yaml roles: - - ericomeehan.gondwana + - role: ericomeehan.eom diff --git a/workstations.yaml b/workstations.yaml index 8c1c213..7d85b1d 100644 --- a/workstations.yaml +++ b/workstations.yaml @@ -6,30 +6,7 @@ roles: - role: ericomeehan.debian - role: ericomeehan.ericomeehan + - role: ericomeehan.nvidia_driver + when: nvidia_driver_needed == true - role: geerlingguy.docker when: docker_needed == true - - tasks: - - name: Add contrib repository - replace: - dest: /etc/apt/sources.list - regexp: '^(deb(?!.* contrib).*)' - replace: '\1 contrib' - - - name: Install packages for user environment - become: yes - apt: - update_cache: yes - name: - - ansible - - curl - - davfs2 - - gimp - - git - - gnome-boxes - - neovim - - passwordsafe - - python3-venv - - tmux - - torbrowser-launcher - state: present