av/pet-project-server
1
0
Fork 0
Code Pull Requests Activity

Add docker and upgrade playbooks

Browse Source
This commit is contained in:
Anton Vakhrushev 2024-12-21 14:30:02 +03:00
parent 9c5266deab
commit 22e09afd00
Signed by: av
GPG Key ID: F5BF52FC352E255A
5 changed files with 55 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -15,7 +15,7 @@
```bash ```bash
$ cp ansible-vault-password-file.dist ansible-vault-password-file $ cp ansible-vault-password-file.dist ansible-vault-password-file
$ ansible-galaxy install --role-file ansible/requirements.yml $ ansible-galaxy install --role-file requirements.yml
``` ```
## Структура ## Структура
@ -24,7 +24,7 @@ $ ansible-galaxy install --role-file ansible/requirements.yml
- Для доступа используется ssh-ключ. - Для доступа используется ssh-ключ.
- Докер используется для запуска и изоляции приложений. Для загрузки образов настраивается Yandex Docker Registry. - Докер используется для запуска и изоляции приложений. Для загрузки образов настраивается Yandex Docker Registry.
- Выход во внешнюю сеть через proxy server [Caddy](https://caddyserver.com/). - Выход во внешнюю сеть через proxy server [Caddy](https://caddyserver.com/).
- Чувствительные данные в `ansible/vars/vars.yaml` зашифрованы с помощью Ansible Vault. - Чувствительные данные в `vars/vars.yaml` зашифрованы с помощью Ansible Vault.
- Для мониторинга за сервером устанавливается [netdata](https://github.com/netdata/netdata). - Для мониторинга за сервером устанавливается [netdata](https://github.com/netdata/netdata).
## Частые команды ## Частые команды

23
playbook-configuration.yml
View File

@ -7,21 +7,6 @@
tasks: tasks:
- name: 'Install python docker lib.'
pip:
name: docker
tags:
- docker
- import_role:
name: geerlingguy.docker
vars:
docker_users:
- major
tags:
- docker
- name: 'Ensure networkd service is started (required by Caddy).' - name: 'Ensure networkd service is started (required by Caddy).'
systemd: systemd:
name: systemd-networkd name: systemd-networkd
@ -42,14 +27,6 @@
tags: tags:
- webserver - webserver
- import_role:
name: netdata
vars:
netdata_version: 'v2.0.0'
netdata_exposed_port: '{{ netdata_port }}'
tags:
- monitoring
# Applications # Applications
- import_role: - import_role:

25
playbook-docker.yml Normal file
View File

@ -0,0 +1,25 @@
---
- name: 'Configure docker parameters'
hosts: all
vars_files:
- vars/ports.yml
- vars/vars.yml
tasks:
- name: 'Install python docker lib from pip'
ansible.builtin.pip:
name: docker
- name: 'Install docker'
ansible.builtin.import_role:
name: geerlingguy.docker
vars:
docker_edition: 'ce'
docker_packages:
- "docker-{{ docker_edition }}"
- "docker-{{ docker_edition }}-cli"
- "docker-{{ docker_edition }}-rootless-extras"
docker_users:
- major

27
playbook-upgrade.yml Normal file
View File

@ -0,0 +1,27 @@
---
- name: 'Update and upgrade system packages'
hosts: all
vars_files:
- vars/ports.yml
- vars/vars.yml
tasks:
- name: Perform an upgrade of packages
ansible.builtin.apt:
upgrade: 'yes'
update_cache: yes
- name: Check if a reboot is required
ansible.builtin.stat:
path: /var/run/reboot-required
get_checksum: no
register: reboot_required_file
- name: Reboot the server (if required)
ansible.builtin.reboot:
when: reboot_required_file.stat.exists == true
- name: Remove dependencies that are no longer required
ansible.builtin.apt:
autoremove: yes

2
requirements.yml
View File

@ -6,7 +6,7 @@
version: 2.4.0 version: 2.4.0
- src: geerlingguy.docker - src: geerlingguy.docker
version: 6.1.0 version: 7.4.3
- src: caddy_ansible.caddy_ansible - src: caddy_ansible.caddy_ansible
version: v3.2.0 version: v3.2.0