software-infrastructure/site.yml

---
# Master playbook for eom.dev
- name: Initialize systems 
  hosts: all
  become: true
  pre_tasks:
    - name: Install debconf-utils
      apt:
        name: debconf-utils
        state: present
    - name: Check if /root/preseed.txt exists
      stat:
        path: /root/preseed.txt
      register: preseed_file
    - name: Create preseed file
      command: echo "#_preseed_V1" > /root/preseed.txt
      when: not preseed_file.stat.exists
    - name: Append installer's debconf database to the preseed file
      command: debconf-get-selections --installer >> /root/preseed.txt
      when: not preseed_file.stat.exists
    - name: Append debconf database to the preseed file
      command: debconf-get-selections >> /root/preseed.txt
      when: not preseed_file.stat.exists
    - name: Copy nftables configuration template
      template:
        src: "nftables.conf.j2"
        dest: /etc/nftables.conf
    - name: Enable nftables
      service:
        name: nftables
        state: started
        enabled: true
  roles:
    - role: ericomeehan.ericomeehan

# TODO: prepare raid array during os installation
# TODO: install helm on control plane
- name: Prepare cluster environments
  hosts: clusters
  become: true
  pre_tasks:
    - name: Update sysctl configuration to enable IPv4 packet forwarding
      lineinfile:
        path: /etc/sysctl.conf
        line: 'net.ipv4.ip_forward = 1'
        state: present
    - name: Update sysctl configuration to enable IPv6 packet forwarding
      lineinfile:
        path: /etc/sysctl.conf
        line: 'net.ipv6.conf.all.forwarding = 1'
        state: present
    - name: Reload sysctl configuration
      command: sysctl --system
    - name: Enable br_netfilter kernel module
      command: modprobe br_netfilter
    - name: Add the module to a configuration file for persistence
      lineinfile:
        path: /etc/modules-load.d/modules.conf
        line: "br_netfilter"
    - name: Install kubernetes library
      apt:
        name: python3-kubernetes
        state: present
  roles:
    - role: geerlingguy.containerd
    - role: geerlingguy.kubernetes
    - role: ericomeehan.nvidia_driver_debian
      when: nvidia == true
  tasks:
    - name: Create production namespace
      k8s:
        state: present
        definition:
          apiVersion: v1
          kind: Namespace
          metadata:
            name: production
      when: kubernetes_role == control_plane
    - name: Create testing namespace
      k8s:
        state: present
        definition:
          apiVersion: v1
          kind: Namespace
          metadata:
            name: testing
      when: kubernetes_role == control_plane

- name: Deploy core network services
  hosts: alpha-control-plane
  become: true
  roles:
    - role: ericomeehan.openldap.eom.dev
    - role: ericomeehan.openvpn-server.eom.dev
    - role: ericomeehan.mariadb.eom.dev
    - role: ericomeehan.influxdb.eom.dev
    - role: ericomeehan.telegraf.eom.dev
    - role: ericomeehan.grafana.eom.dev
    - role: ericomeehan.mediawiki.eom.dev
    - role: ericomeehan.gitlab.eom.dev