antoine/zx_ansible_tools
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

readd directory

Browse Source
This commit is contained in:
Antoine Ouvrard
2023-03-09 17:27:02 +01:00
parent 0495c4425e
commit 749b7a84a0
21 changed files with 471 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa
+31
View File
@@ -0,0 +1,31 @@
$ANSIBLE_VAULT;1.1;AES256
64363561373735623361616233656633386661313465633163623532393764303732343236646236
6132643166626431356131653334343136353234363166640a396331306635336565393062643834
34643165633463353865393464326262643766393366373261376536373533313365343666386436
3134363764376532630a643932346134353235636632326365346464336464353932623063613334
65663665396465633230643761313831393963653639653063666565306131656465313862623663
33626139643630386562643166363232343130663566383634633161306235313536363561613963
64666636316365393264613732633235306633353861613035306264356631643434323737393132
61623433303063376330303736313337316563353338353835633465646333623435326139336138
35303462316134343031373030323232383765313765393334343135666666356162386463333561
34396433616638613834636164366666613366666237343563653466336137623766333633363765
66623464333335396632366661623262393037656665333862663339653835613063336633616263
64353033313239393730376332366163363332646439393763343665613739393566626538653663
66353561303963353437646636363938616661613366353633303736396266616366626430336165
38643035346539343931653335343933366265373735643437363433336564386265316232383564
38353439346539653439353439616663333162383438643730653430646430386331646566373930
65373065386266373434616161636531363264623133346238336664346535633033353033633634
65386639376635623165633936373539633231626630366663623432383430626662333264396333
34643132333832343437363634363232303035326131303264373137343866353836663466343662
35356332323930353531393761386130396631633439393336353763623939373866386263313266
61616165306163653436636163623935343037613563653261313236326538346534653433323237
61333861636262613463656236663133313239326364653130656161353537623363643033353862
39383239613538646263623864353635666530353263653430326566383564643534383264356639
35633539613365346461336430376365623338333738616333346431383166366135386339623233
62313535616139626138656631666531376336303935623562316366316564386137666631393539
63396363643961616533376633373333646562336135353766326436623531323531353832346439
39366232663862346235656331306464383965386262313762636263626539646230646133613139
33306434616163373939633130313936383839373863393836633266313032356562333134383339
33363433366438313239616365643334633937393830656264323438336138336136323261396464
64396531366665353331656663653932623334323630653239653935653234333137346238356335
3865346663396239643135383137386436663562323338373565
ansible-continuous-delivery/roles/add-user-zextras-ci/files/id_ecdsa.pub
+1
View File
@@ -0,0 +1 @@
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCFfpwmFAsb9j0TovgvNSDXPzewLBrpZsOSpFuCU82fPBNoIq0JjFUPydtQH7x2Ft1C8Q1Uoph27QIKFLI6Ro+M= zextras-ci
ansible-continuous-delivery/roles/add-user-zextras-ci/tasks/main.yml
+24
View File
@@ -0,0 +1,24 @@
---
- name: Add specific zextras-ci account
ansible.builtin.user:
name: zextras-ci
shell: /bin/bash
- name: Set SSH key
ansible.posix.authorized_key:
user: zextras-ci
state: present
key: "{{ lookup('file', '../files/id_ecdsa.pub') }}"
- name: Add environnement variable for systemd --user management
ansible.builtin.lineinfile:
path: /home/zextras-ci/.bashrc
line: 'export XDG_RUNTIME_DIR=/run/user/$(id -u $USER)'
- name: Set credentials file
ansible.builtin.template:
src: credentials.j2
dest: /home/zextras-ci/credentials
owner: zextras-ci
group: zextras-ci
mode: 0600
ansible-continuous-delivery/roles/add-user-zextras-ci/templates/credentials.j2
+1
View File
@@ -0,0 +1 @@
DATABASE_PASSWORD={{ db_password }}
ansible-continuous-delivery/roles/install-postgres/handlers/main.yml
+7
View File
@@ -0,0 +1,7 @@
---
- name: Restart postgres
ansible.builtin.systemd:
name: postgresql
state: restarted
daemon_reload: true
enabled: true
ansible-continuous-delivery/roles/install-postgres/tasks/main.yml
+99
View File
@@ -0,0 +1,99 @@
---
- name: Vérification de la présence des paramètres d'entrées dans les variables
ansible.builtin.fail:
msg: |
La variable {{ item }} est obligatoire pour utiliser le role.
Veuillez la renseigner dans le dossier host_vars.
when:
- item is not defined
loop:
- db_user
- db_password
- db_name
- name: Apt Update and Install Postgres
ansible.builtin.apt:
update_cache: true
name:
- postgresql
- acl
- python3-psycopg2
state: present
when: ansible_pkg_mgr == "apt"
- name: Yum Update and Install Postgres
ansible.builtin.yum:
update_cache: true
name:
- postgresql
- postgresql-server
- postgresql-contrib
- acl
- python3-psycopg2
state: present
when: ansible_pkg_mgr == "yum"
- name: Dnf Update and Install Postgres
ansible.builtin.dnf:
update_cache: true
name:
- postgresql
- postgresql-server
- postgresql-contrib
- acl
- python3-psycopg2
state: present
when: ansible_pkg_mgr == "dnf"
- name: Yum/Dnf management
when: ansible_pkg_mgr == "dnf" or ansible_pkg_mgr == "yum"
block:
- name: Find out if PostgreSQL is initialized
ansible.builtin.stat:
path: "/var/lib/pgsql/data/pg_hba.conf"
register: postgres_data
- name: Init database only for Yum/Dnf OS
ansible.builtin.command: /usr/bin/postgresql-setup --initdb
when: not postgres_data.stat.exists
- name: Start and enable services
ansible.builtin.service:
name: postgresql
state: started
enabled: true
- name: Create db user
community.postgresql.postgresql_user:
state: present
name: "{{ db_user }}"
password: "{{ db_password }}"
role_attr_flags: CREATEDB
become: true
become_user: postgres
- name: Allow md5 connection for the db user
community.postgresql.postgresql_pg_hba:
dest: "/etc/postgresql/12/main/pg_hba.conf"
contype: host
databases: all
method: md5
users: "{{ db_user }}"
create: true
become: true
become_user: postgres
notify: Restart postgres
when: ansible_pkg_mgr == "apt"
- name: Allow md5 connection for the db user
community.postgresql.postgresql_pg_hba:
dest: "~/data/pg_hba.conf"
contype: host
databases: all
method: md5
users: "{{ db_user }}"
create: true
become: true
become_user: postgres
notify: Restart postgres
when: ansible_pkg_mgr == "dnf" or ansible_pkg_mgr == "yum"
ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-apt.yml
+58
View File
@@ -0,0 +1,58 @@
---
- name: Install prerequis
ansible.builtin.apt:
name:
- build-essential
- libz-dev
- libreadline-dev
- nodejs
- nginx
state: present
- name: Become zextras-ci user
become: true
become_user: zextras-ci
block:
- name: Find out if ruby is initialized
ansible.builtin.stat:
path: /home/zextras-ci/.rbenv/versions/{{ ruby_version }}
register: ruby_version_install
- name: Get rbenv from github
ansible.builtin.git:
repo: https://github.com/sstephenson/rbenv.git
dest: /home/zextras-ci/.rbenv
single_branch: true
version: master
when: not ruby_version_install.stat.exists
- name: Get ruby build plugin for rbenv from github
ansible.builtin.git:
repo: https://github.com/sstephenson/ruby-build.git
dest: /home/zextras-ci/.rbenv/plugins/ruby-build
single_branch: true
version: master
when: not ruby_version_install.stat.exists
- name: Install ruby with rbenv
ansible.builtin.command: /home/zextras-ci/.rbenv/bin/rbenv install {{ ruby_version }}
when: not ruby_version_install.stat.exists
- name: Init rbenv in bashrc
ansible.builtin.lineinfile:
path: /home/zextras-ci/.bashrc
line: 'eval "$(/home/zextras-ci/.rbenv/bin/rbenv init - bash)"'
- name: Get setup version of ruby
ansible.builtin.command: /home/zextras-ci/.rbenv/bin/rbenv global
register: ruby_version_set
changed_when: false
check_mode: false
- name: Set version ruby with rbenv
ansible.builtin.command: /home/zextras-ci/.rbenv/bin/rbenv global {{ ruby_version }}
when: not ruby_version_set.stdout == ruby_version
- name: Install bundler
ansible.builtin.command: /home/zextras-ci/.rbenv/versions/{{ ruby_version }}/bin/gem install bundler
when: not ruby_version_set.stdout == ruby_version
ansible-continuous-delivery/roles/install-ruby/tasks/install-ruby-rh8.yml
+70
View File
@@ -0,0 +1,70 @@
---
- name: Add nodejs repo
ansible.builtin.copy:
dest: "/etc/dnf/modules.d/nodejs.module"
content: |
[nodejs]
name=nodejs
stream={{ nodejs_version }}
profiles=
state=enabled
mode: 0644
owner: root
- name: Add yarn repo
ansible.builtin.copy:
dest: "/etc/yum.repos.d/yarn.repo"
content: |
[yarn]
name=Yarn Repository
baseurl=https://dl.yarnpkg.com/rpm/
enabled=1
gpgcheck=1
gpgkey=https://dl.yarnpkg.com/rpm/pubkey.gpg
mode: 0644
owner: root
- name: Import yarn GPG signature
ansible.builtin.rpm_key:
key: https://dl.yarnpkg.com/rpm/pubkey.gpg
environment:
https_proxy: "{{ https_proxy }}"
- name: Install packages
ansible.builtin.dnf:
update_cache: true
state: present
name:
- "@ruby:2.6"
- bison
- bzip2
- curl
- gcc-c++
- git
- libcurl-devel
- libffi-devel
- libpq
- libpq-devel
- libtool
- libyaml
- make
- nodejs
- openssl-devel
- patch
- readline
- readline-devel
- redhat-rpm-config
- ruby-devel
- yarn
- zlib
- zlib-devel
- name: Execute gem command
ansible.builtin.command:
gem install bundler
environment:
https_proxy: "{{ https_proxy }}"
changed_when: false
check_mode: false
become: true
become_user: zextras-ci
ansible-continuous-delivery/roles/install-ruby/tasks/main.yml
+19
View File
@@ -0,0 +1,19 @@
---
- name: Vérification de la présence des paramètres d'entrées dans les variables
ansible.builtin.fail:
msg: |
La variable {{ item }} est obligatoire pour utiliser le role.
Veuillez la renseigner dans le dossier host_vars.
when:
- item is not defined
loop:
- nodejs_version
- ruby_version
- name: Install packages for RH8
ansible.builtin.include_tasks: install-ruby-rh8.yml
when: (ansible_facts['os_family'] == "RedHat" and ansible_facts['distribution_major_version'] == 8)
- name: Install packages for Debian/Ubuntu
ansible.builtin.include_tasks: install-ruby-apt.yml
when: ansible_pkg_mgr == "apt"