ryan/Terraform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding addtinal files

Browse Source
This commit is contained in:
Ryan Toler
2024-10-02 01:29:06 -05:00
parent 216f3bb81d
commit 43647d5eb2
11 changed files with 319 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.ansible.d/setup.sh Executable file
View File

@@ -0,0 +1,5 @@
$!/bin/bash
until timeout 5 bash -c '</dev/tcp/192.168.0.56/22'; do
ansible-playbook --key-file "~/.ssh/setuproot.key.priv" -i 192.168.0.56, ./.ansible.d/setup.yml
sleep 1
done

46
.ansible.d/setup.yml Normal file
View File

@@ -0,0 +1,46 @@
---
- name: Setup Ansible User and Environment
hosts: all
remote_user: root
become: yes
vars:
tasks:
- name: Install Python3
apt:
name: python3
state: present
- name: Install sudo
apt:
name: sudo
state: present
- name: Create ansible user
user:
name: ansible
state: present
create_home: yes
shell: /bin/bash
groups: ["users", "sudo"]
password: "$6$F.AQzOBfVmeadQ3N$QYqzkqZ0qQiet0TlfYsWQelTJaBIiWjSVGuahrhCN5Ir7qX6goUjariH0YiD0muqd9c9r9xUWbZm3xExfK3Ri1"
- name: Set ansible password
command: echo "ansible:$(cat ./ansible.pass)" | chpasswd
become: yes
- name: Create .ssh directory
file:
path: "/home/ansible/.ssh"
state: directory
owner: ansible
group: ansible
mode: '0700'
- name: Set Ansible authorized_keys
ansible.posix.authorized_key:
user: "ansible"
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjMDDhinpnCPFUMERa/tLYymzRI8oJoAvXZnBH9wpA4 fake@gmail.com"
state: present

30
.ansible.d/vault Normal file
View File

@@ -0,0 +1,30 @@
$ANSIBLE_VAULT;1.1;AES256
31376333323862323764646330396335616231663032363037346437343333363961363832363063
6661616138373738316565356561333863633435366331350a383866336130646139363461633862
66653933363737616230356438663365383963656538633539663933633531613264343734313132
3662616330666563340a656265393631393435666237613164656636646338636565373136333735
39383031623361613634343033623332373131313961346637353333613234346164396562643166
64396162373930656665303664346562383066646139383839353633383231653437376661633934
63633764643832626566643862316364316334623931363032616561663330383538363731653237
37643032326231363931623539333336653466343964346435626236633536363232376465613030
61323334373261313861373239333963383163353737653232333336623734393665316133613063
38393566386166613135353161613564643739626463366330306330633137666434393765623761
33373066646630306264663365363631303864396561656237613263373261656361396562356232
31303763656532393830653331633839643135646539333066613061326463373939643231383666
32326233336235633430326639656163386636306532653166323335373863396266656331623232
30363366663038373736643837386166396231643530306561616261623261363938666538343334
34383236313561666661373937633732663261613264616531616566653837343637623136363066
39303134643633663864396466366363653134326630316139323462613764336139303966653337
39316636643238393836373932383866336234626263363263396438616334353534386263343061
34336335646435346337376635303935633632636131346364306437633761623531623135366138
30376438376438313162303932313838323430396466656239393838326266383535656434326565
65303661333630633331336632326662333031343138386437666465643332633237373864396261
63356333656665363139396261666661313035653364643361356332356236663739376339616162
62366131333731343536373638303365373663663330373637346263663634326264303166383963
30316363643966616162323032316439393862323032383436636334363262616464396461373165
63656563313764613535353936306262343032306530303831616434366535616464643964616564
35386661393864343361356366646262643634633332623734653163346338313863343030333330
38393738313633373863386632383138666339666461633239326364653865373039346235323666
33346530353564353865616265646238313565363439646364646362663435323861616363383761
33396133623639623337636439313037613962363035663631396661343765356663336138623434
6333

6
ansible.cfg Normal file
View File

@@ -0,0 +1,6 @@
[defaults]
vault_password_file: ./.ansible.d/vault.pass
#ansible_private_key_file: ./.ansible.d/ansible.key
timeout = 30
[ssh_connection]
ssh_args = '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no'

42
bookstack.tf Normal file
View File

@@ -0,0 +1,42 @@
resource "proxmox_lxc" "LXC" {
target_node = "pve"
hostname = "bookstack"
vmid = 217
ostemplate = "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst"
password = "terraform"
unprivileged = true
nesting = true
cores = 5
memory = 4096
swap = 1024
start = true
tags = "terraform"
nameserver = "192.168.0.24"
ssh_public_keys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINFw70PrMsilcsqCrwW1I6PAt3anQbhmVg+t/HUfomug ryan@mxDesktop"
rootfs {
storage = "nvme"
size = "32G"
}
mountpoint{
key = "0"
slot = 0
storage = "Cephtest"
mp = "/data"
size = "400G"
}
network {
name = "eth0"
bridge = "vmbr0"
ip = "192.168.0.56/24"
gw = "192.168.0.1"
}
provisioner "local-exec" {
command = "./.ansible.d/setup.sh"
}
}

49
full-clone.tf Normal file
View File

@@ -0,0 +1,49 @@
# Proxmox Full-Clone
# ---
# Create a new VM from a clone
#resource "proxmox_vm_qemu" "your-vm" {
#
# # VM General Settings
# target_node = "your-proxmox-node"
# vmid = "100"
# name = "vm-name"
# desc = "Description"
# VM Advanced General Settings
# onboot = true
# VM OS Settings
# clone = "your-clone"
# VM System Settings
# agent = 1
# VM CPU Settings
#cores = 1
#sockets = 1
#cpu = "host"
# VM Memory Settings
#memory = 1024
# VM Network Settings
#network {
# bridge = "vmbr0"
# model = "virtio"
#}
# VM Cloud-Init Settings
#os_type = "cloud-init"
# (Optional) IP Address and Gateway
# ipconfig0 = "ip=0.0.0.0/0,gw=0.0.0.0"
# (Optional) Default User
# ciuser = "your-username"
# (Optional) Add your SSH KEY
# sshkeys = <<EOF
# #YOUR-PUBLIC-SSH-KEY
# EOF
#}

BIN
packages/setup.tar.gz Normal file
View File

Binary file not shown.

64
roles/ind/bookstack-install.yml Normal file
View File

@@ -0,0 +1,64 @@
---
- hosts: all
become: yes
remote_user: ansible
gather_facts: false
vars:
docker_compose_definition: |
services:
bookstack:
image: lscr.io/linuxserver/bookstack
container_name: bookstack
environment:
- PUID=2000
- PGID=996
- TZ=America/Chicago
- APP_URL=http://192.168.0.56:8080
- DB_HOST=bookstack_db
- DB_PORT=3306
- DB_USER=bookstack
- DB_PASS=Wp6DwHwFCAToFhEYDhcrMI3
- DB_DATABASE=bookstackapp
volumes:
- /data/app:/config
ports:
- 8080:80
restart: unless-stopped
depends_on:
- bookstack_db
bookstack_db:
image: lscr.io/linuxserver/mariadb
container_name: bookstack_db
environment:
- PUID=2000
- PGID=996
- TZ=America/Chicago
- MYSQL_ROOT_PASSWORD=yNTUxOQAAACADSWp6DwHwFCA
- MYSQL_DATABASE=bookstackapp
- MYSQL_USER=bookstack
- MYSQL_PASSWORD=Wp6DwHwFCAToFhEYDhcrMI3
volumes:
- /data/db:/config
restart: unless-stopped
tasks:
- name: Upgrade-packages.yml - update packages
include: ../lib/upgrade-packages.yml
- name: Install-docker.yml - setting up docker
include: ../lib/install-docker.yml
- name: Write docker-compose.yml
ansible.builtin.copy:
content: "{{ docker_compose_definition }}"
dest: /home/docker/docker-compose.yml
owner: docker
group: docker
mode: u=rw,g=r,o=r
- name: Start services
community.docker.docker_compose_v2:
project_src: /home/docker/
register: output

53
roles/lib/install-docker.yml Normal file
View File

@@ -0,0 +1,53 @@
- name: Install required packages
apt:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg2
- software-properties-common
state: present
update_cache: yes
- name: Add Docker GPG key
apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
- name: Add Docker repository
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/debian bookworm stable
state: present
- name: Install Docker Engine
apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose-plugin
state: present
update_cache: yes
- name: Create docker user
user:
name: docker
uid: 2000
group: docker
state: present
create_home: yes
home: /home/docker
shell: /bin/bash
- name: Add key for docker user
ansible.posix.authorized_key:
user: docker
state: present
key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIjMDDhinpnCPFUMERa/tLYymzRI8oJoAvXZnBH9wpA4 fake@gmail.com"
- name: Start Docker service
systemd:
name: docker
state: started
enabled: yes

0
roles/lib/setup-restic.yml Normal file
View File

24
roles/lib/upgrade-packages.yml Normal file
View File

@@ -0,0 +1,24 @@
- name: Update apt cache
ansible.builtin.apt:
update_cache: yes
cache_valid_time: 3600
- name: Upgrade all packages
ansible.builtin.apt:
upgrade: dist
force_apt_get: yes
- name: Check if reboot is required
ansible.builtin.stat:
path: /var/run/reboot-required
get_checksum: no
register: reboot_required
- name: Reboot the system if required
ansible.builtin.reboot:
msg: "{{ reboot_message }}"
when: reboot_required.stat.exists
- name: Clean up old packages
ansible.builtin.apt:
autoclean: yes