Commit f8854a06 authored by Christian Blechert's avatar Christian Blechert

after-lidl cleanup

parent e4747bda
......@@ -10,5 +10,7 @@ all:
common_user_selection: [ 'kai' ]
172.23.17.231:
hostname: docker
172.23.17.233:
hostname: gameserver
# EOF
......@@ -4,16 +4,13 @@
name: Apply default settings to lidl systems
hosts: all
vars: {}
tasks:
# lidl
-
name: Apply default settings to lidl systems
hosts: all
vars: {}
vars:
cmk_path_agentdebfile: "../../pkg-debian/check-mk-agent_1.5.0p7-1_all.deb"
cmk_path_inventoryplugin: "../../pkg-debian/mk_inventory"
cmk_path_aptplugin: "../../pkg-debian/mk_apt"
cmk_path_checkrebootscript: "../../pkg-debian/check_reboot.sh"
cmk_servicehost: "moni.management.daskn.de"
cmk_defaultacl: "172.23.8.0/24 172.23.19.0/24 127.0.0.1"
tasks:
......@@ -138,3 +135,9 @@
- /home/ekbadmin/.vimrc
tags:
- config
-
import_role:
name: checkmk
tags:
- checkmk
......@@ -7,6 +7,7 @@
vars:
datadir: "/media/containerdata"
containernetname: "julievents"
containerinternalnetwork: "julieventsinternal"
containerregistry: "registry.git.nerdbridge.de"
tasks:
......@@ -165,6 +166,14 @@
- containers
- dockernetwork
-
name: Add JuLi event internal network
docker_network:
name: "{{containerinternalnetwork}}"
tags:
- containers
- dockernetwork
-
name: Log into private registry
docker_login:
......@@ -257,6 +266,42 @@
- containers
- mumble
-
name: Create MariaDB container
block:
-
name: Create container data directory
file:
path: "{{containerdir}}"
state: directory
-
name: Create MariaDB container
docker_container:
name: "{{containername}}"
hostname: "{{containername}}"
image: "{{containerimage}}"
restart: no
detach: yes
recreate: no
pull: no
restart_policy: "unless-stopped"
state: started
purge_networks: yes
env:
MYSQL_ROOT_PASSWORD: "{{common_users.mariadb.petze.password}}"
networks:
-
name: "{{containerinternalnetwork}}"
volumes:
- "{{containerdir}}:/var/lib/mysql"
vars:
containername: lidl-mariadb-petze
containerdir: "{{datadir}}/{{containername}}"
containerimage: "mariadb:latest"
tags:
- containers
- mariadb
#
# -> Cleanup after container creation
......
......@@ -42,6 +42,8 @@
group:
name: "{{item.name}}"
loop: "{{sharegroups}}"
tags:
- fs
-
name: Map access group members
......@@ -52,6 +54,8 @@
with_subelements:
- "{{sharegroups}}"
- members
tags:
- fs
-
name: Create share folders
......@@ -62,6 +66,8 @@
mode: "{{item.mode}}"
state: directory
loop: "{{shares}}"
tags:
- fs
-
name: Create readme files
......@@ -72,12 +78,16 @@
group: root
mode: "u=rw,go=r"
loop: "{{shares}}"
tags:
- fs
-
name: Install samba
package:
name: samba
state: present
tags:
- smb
-
name: Configure samba
......@@ -89,12 +99,13 @@
[global]
server string = LidL fileserver
workgroup = WORKGROUP
wins support = no
wins support = yes
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
netbios name = lanfiles
####### Authentication #######
server role = standalone server
......@@ -105,24 +116,12 @@
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
restrict anonymous = 0
security = user
map to guest = bad user
map to guest = Bad User
guest ok = yes
guest account = nobody
browse list = yes
invalid users = root ekbadmin
####### Share defaults #######
[template]
available = yes
browseable = yes
read only = yes
writable = no
guest ok = yes
case sensitive = no
hide dot files = yes
####### Shares #######
[media]
......@@ -137,7 +136,6 @@
hide dot files = yes
[tausch]
copy = template
path = /media/data/shares/tausch
comment = Tauschverzeichnis
read only = no
......@@ -152,6 +150,8 @@
force user = nobody
force group = share_tausch
register: smb_conf
tags:
- smb
-
name: Restart samba
......@@ -159,6 +159,8 @@
name: smbd
state: restarted
when: smb_conf.changed
tags:
- smb
-
name: Install nginx
......@@ -168,6 +170,8 @@
loop:
- nginx-full
- libnginx-mod-http-fancyindex
tags:
- web
-
name: Install fancy index template
......@@ -303,7 +307,8 @@
</html>
<!--# endblock -->
<!--# include virtual="$request_uri/.directory_footer.html" stub="default_footer" -->
tags: indextpl
tags:
- web
-
name: Configure nginx
......@@ -353,6 +358,8 @@
}
}
register: nginxconf
tags:
- web
-
name: Restart nginx
......@@ -360,5 +367,7 @@
name: nginx
state: restarted
when: nginxconf.changed
tags:
- web
# EOF
\ No newline at end of file
This diff is collapsed.
---
###
#
# Ansible Playbook to bootstrap a steamcache environment
# by Christian Blechert <christian@anysrc.net> (2018-11-07)
#
# - prepare directories
# - install cache docker container
# - install dns docker container
# - install sni proxy docker container
#
# https://github.com/uklans/cache-domains
# https://github.com/steamcache/steamcache-dns
# https://github.com/steamcache/generic
#
##
-
name: Setup docker containers
hosts: 172.23.17.240
become: yes
become_method: sudo
become_user: root
remote_user: ekbadmin
vars:
# basefolder for the cache data
basedir: "/mnt/lanfiles"
# prefix for all containernames
containerprefix: cache-
# name of the cache container image
cacheimage: steamcache/generic:latest
# environment variables for the cache containers
cachedefaultmemsize: 500m
cachedefaultdisksize: 500000m
cachedefaultmaxage: 3650d
# name of the sni proxy container
snicontainername: sniproxy
# name of the sni proxy container image
sniproxyimage: steamcache/sniproxy:latest
# name of the dns container
dnscontainername: dns
# name of the dns container image
dnsimage: steamcache/steamcache-dns:latest
# bind ip address for the dns service
dnsbindip: 172.23.17.240
# upstream dns server
dnsupstreamip: 172.23.17.254
# cache container definitions
caches:
-
# container and directory name
name: arenanet
# container ip address
bindip: 172.23.17.241
# environment variable name for dns server config
envname: ARENANET
disksize: 200000m
-
name: blizzard
bindip: 172.23.17.242
envname: BLIZZARD
disksize: 200000m
-
name: minecraft
bindip: 172.23.17.243
envname: MINECRAFT
disksize: 200000m
-
name: origin
bindip: 172.23.17.244
envname: ORIGIN
disksize: 500000m
-
name: riot
bindip: 172.23.17.245
envname: RIOT
disksize: 200000m
-
name: rockstar
bindip: 172.23.17.246
envname: ROCKSTAR
disksize: 200000m
-
name: sony
bindip: 172.23.17.247
envname: SONY
disksize: 200000m
-
name: steam
bindip: 172.23.17.248
envname: STEAM
disksize: 500000m
-
name: uplay
bindip: 172.23.17.249
envname: UPLAY
disksize: 500000m
-
name: wargaming
bindip: 172.23.17.250
envname: WARGAMING
disksize: 200000m
-
name: wsus
bindip: 172.23.17.251
envname: WSUS
disksize: 200000m
tasks:
#-> Dependencies
-
name: install pip
package:
name: python-pip
state: present
-
name: install docker python lib
pip:
name: docker
state: latest
#-> Directories
-
name: Create data and log directories
file:
path: "{{basedir}}/{{item[0].name}}/{{item[1]}}"
mode: "ug=rwx,o=rwx"
state: directory
with_nested:
- "{{caches}}"
- [ 'data', 'logs' ]
tags:
- fs
#-> Cache Services
-
name: Delete cache containers
docker_container:
name: "{{containerprefix}}{{item.name}}"
state: absent
loop: "{{caches}}"
tags:
- caches
- killall
- killcaches
-
name: Create cache containers
docker_container:
name: "{{containerprefix}}{{item.name}}"
image: "{{cacheimage}}"
state: started
restart_policy: always
volumes:
- "{{basedir}}/{{item.name}}/data:/data/cache"
- "{{basedir}}/{{item.name}}/logs:/data/logs"
ports:
- "{{item.bindip}}:80:80"
env:
CACHE_MEM_SIZE: "{{item.memsize|default(cachedefaultmemsize)}}"
CACHE_DISK_SIZE: "{{item.disksize|default(cachedefaultdisksize)}}"
CACHE_MAX_AGE: "{{item.maxage|default(cachedefaultmaxage)}}"
loop: "{{caches}}"
tags:
- caches
- createcaches
#-> SNI Proxy
-
name: Create environment variables for sni proxy binding
set_fact:
sniproxyports: "{{ (sniproxyports|default([])) + [ item.bindip+':443:443' ] }}"
loop: "{{caches}}"
tags:
- sni
- info
-
name: "Show bindings for SNI Proxy container"
debug:
var: sniproxyports
tags:
- sni
- info
-
name: Delete the SNI proxy for TLS connections
docker_container:
name: "{{containerprefix}}{{snicontainername}}"
state: absent
tags:
- sni
- killall
- killsni
-
name: Create the SNI proxy for TLS connections
docker_container:
name: "{{containerprefix}}{{snicontainername}}"
image: "{{sniproxyimage}}"
state: started
restart_policy: always
ports: "{{sniproxyports}}"
tags:
- sni
#-> DNS
-
name: Create environment variables for dns container
set_fact:
dnsenv: "{{ (dnsenv|default({})) | combine({ item.envname+'CACHE_IP': item.bindip }) }}"
loop: "{{caches}}"
tags:
- dns
- info
-
name: Append upstream ip
set_fact:
dnsenv: "{{ dnsenv | combine({ 'UPSTREAM_DNS': dnsupstreamip }) }}"
tags:
- dns
- info
-
name: "Show envitonment settings for dns container"
debug:
var: dnsenv
tags:
- dns
- info
-
name: Delete dns container
docker_container:
name: "{{containerprefix}}{{dnscontainername}}"
state: absent
tags:
- dns
- killall
- killdns
-
name: Create dns container
docker_container:
name: "{{containerprefix}}{{dnscontainername}}"
image: "{{dnsimage}}"
state: started
restart_policy: always
ports:
- "{{dnsbindip}}:53:53/udp"
env: "{{dnsenv}}"
tags:
- dns
#-> Show running docker containers
-
name: Fetch docker status
raw: docker ps -a
register: script
tags:
- info
-
name: Echo docker status
debug: msg="{{ script.stdout.split('\n') }}"
when: script is defined and script is succeeded
tags:
- info
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment