-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: ansible: add ansible tower playbook #1390
Closed
Closed
Changes from all commits
Commits
Show all changes
3 commits
Select commit
Hold shift + click to select a range
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
--- | ||
|
||
# | ||
# sets up the host that runs ansible.nodejs.org | ||
# | ||
|
||
- hosts: infra-softlayer-ubuntu1804-x64-2 | ||
gather_facts: yes | ||
roles: | ||
- bootstrap | ||
- package-upgrade | ||
- ansible-tower | ||
|
||
pre_tasks: | ||
- name: check if secrets are properly set | ||
fail: | ||
failed_when: not {{ secret }} | ||
loop_control: | ||
loop_var: secret | ||
with_items: | ||
- awx_password | ||
- awx_org |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,160 @@ | ||
--- | ||
|
||
- name: set hostname | ||
hostname: name="ansible.nodejs.org" | ||
|
||
- name: update /etc/hosts file - 127.0.0.1 | ||
lineinfile: | ||
dest: /etc/hosts | ||
regexp: "^(.*)127.0.0.1 ansible.nodejs.org(.*)$" | ||
line: "127.0.0.1 ansible.nodejs.org ansible-tower" | ||
state: present | ||
backup: yes | ||
|
||
- name: import docker gpg key | ||
apt_key: | ||
url: https://download.docker.com/linux/ubuntu/gpg | ||
state: present | ||
|
||
- name: import docker apt repostory | ||
apt_repository: | ||
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable | ||
state: present | ||
|
||
- name: import ansible apt repostory | ||
apt_repository: | ||
repo: ppa:ansible/ansible | ||
state: present | ||
|
||
- name: install apt dependencies | ||
apt: | ||
name: "{{ packages }}" | ||
update_cache: yes | ||
vars: | ||
packages: | ||
- ansible | ||
- apt-transport-https | ||
- binutils | ||
- ca-certificates | ||
- curl | ||
- dkms | ||
- docker-ce | ||
- gcc | ||
- git | ||
- make | ||
- patch | ||
- python-pip | ||
- python3-pip | ||
- software-properties-common | ||
- vim | ||
|
||
- name: install pip dependencies | ||
pip: | ||
name: "{{ packages }}" | ||
vars: | ||
packages: | ||
- ansible-tower-cli | ||
- django | ||
- docker | ||
- pexpect | ||
|
||
- name: start the docker service | ||
service: | ||
name: docker | ||
state: started | ||
|
||
- name: create /opt/awx_install_files | ||
file: path=/opt/awx_install_files state=directory | ||
|
||
- name: clone awx github repository | ||
git: | ||
repo: https://github.com/ansible/awx.git | ||
dest: /opt/awx_install_files/awx | ||
force: yes | ||
|
||
- name: run awx install files, this can take ~20 mins | ||
command: chdir=/opt/awx_install_files/awx/installer/ ansible-playbook -i inventory install.yml | ||
|
||
- name: change awx admin password | ||
expect: | ||
command: docker exec -it awx_task awx-manage changepassword admin | ||
responses: | ||
(?i)password: "{{ awx_password }}" | ||
|
||
#TODO: change this to be https://ansible.nodejs.org and remove verify_ssl | ||
- name: create /root/.tower_cli.cfg | ||
blockinfile: | ||
path: /root/.tower_cli.cfg | ||
block: | | ||
host: http://169.62.77.235 | ||
username: admin | ||
password: {{ awx_password }} | ||
verify_ssl: False | ||
create: yes | ||
mode: 0700 | ||
|
||
- name: delete Default organization created at install | ||
command: tower-cli organization delete Default | ||
|
||
- name: create new organization (set in hosts file) | ||
command: tower-cli organization create --name {{ awx_org }} | ||
|
||
- name: create new team belonging to organization | ||
command: tower-cli team create --name {{ awx_org }} --organization {{ awx_org }} | ||
|
||
- name: add nodejs/build repo to AWX | ||
command: tower-cli project create --organization {{ awx_org }} --name nodejs/build --scm-type git --scm-url https://github.com/nodejs/build --scm-branch master --scm-update-on-launch true | ||
|
||
- name: create inventory | ||
command: tower-cli inventory create --organization {{ awx_org }} --name nodejs_inventory_github | ||
|
||
- name: create automate fetching inventory from inventory.yml | ||
command: tower-cli inventory_source create --name github --inventory nodejs_inventory_github --source scm --source-project nodejs/build --source-path ansible/plugins/inventory/nodejs_yaml.py --overwrite true --overwrite-vars true --update-on-launch true | ||
|
||
- name: prevent ubuntu deleting /tmp folder on reboot | ||
command: echo > /etc/init/mounted-tmp.conf | ||
|
||
- name: patch ubuntu weekly at 5 Sundays | ||
cron: | ||
name: "apt-get update" | ||
minute: "0" | ||
hour: "5" | ||
weekday: "sun" | ||
job: "apt-get update" | ||
|
||
- name: upgrade ubuntu weekly at 5:15 Sundays | ||
cron: | ||
name: "apt-get -y upgrade" | ||
minute: "15" | ||
hour: "5" | ||
weekday: "sun" | ||
job: "apt-get -y upgrade" | ||
|
||
- name: create /backup | ||
file: path=/backup state=directory | ||
|
||
- name: setup Backups for AWX docker containers | ||
blockinfile: | ||
path: /backup/backup_docker_AWX.sh | ||
block: | | ||
DATE=`date +%m-%d-%Y` | ||
# Create Tar backups from the containers | ||
docker save -o /backup/awx_test_backup_$DATE.tar ansible/awx_task | ||
docker save -o /backup/awx_web_backup_$DATE.tar ansible/awx_web | ||
docker save -o /backup/rabbitmq_backup_$DATE.tar rabbitmq | ||
docker save -o /backup/postgres_backup_$DATE.tar postgres | ||
docker save -o /backup/memcached_backup_$DATE.tar memcached | ||
tar -cvf /backup/postgres_tmp_backup_$DATE.tar /tmp/pgdocker | ||
create: yes | ||
|
||
- name: make backup_docker_AWX.sh executable | ||
command: chmod +x /backup/backup_docker_AWX.sh | ||
|
||
- name: backup AWX's docker containers weekly at 5am on Mondays | ||
cron: | ||
name: "/backup/backup_docker_AWX.sh" | ||
minute: "0" | ||
hour: "5" | ||
weekday: "mon" | ||
job: "/backup/backup_docker_AWX.sh" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
|
||
# | ||
# ubuntu 18.04 | ||
# | ||
|
||
- name: check for python | ||
raw: stat /usr/bin/python | ||
failed_when: has_python.rc > 1 | ||
register: has_python | ||
|
||
- name: check for aptitude | ||
raw: stat /usr/bin/aptitude | ||
failed_when: has_aptitude.rc > 1 | ||
register: has_aptitude | ||
|
||
- name: install python and aptitude | ||
when: has_python.rc == 1 or has_aptitude.rc == 1 | ||
raw: apt-get update && apt install -y python-minimal aptitude |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This comment was marked as off-topic.
Sorry, something went wrong.