--- - hosts: all vars_files: - vars.yml vars: laminar_home: "/var/lib/laminar/" registry: "localhost:5000" prometheus_pushgateway: "http://localhost:9091" pre_tasks: - name: Update apt cache if needed apt: update_cache=yes cache_valid_time=3600 handlers: - name: restart laminar service: name=laminar state=restarted - name: restart webhook service: name=webhook state=restarted - name: restart docker registry service: name=docker-registry state=restarted - name: restart nginx service: name=nginx state=restarted - name: delete keyring file: dest="{{ laminar_home }}/.gnupg" state=absent - name: import openpgp keys command: "gpg --homedir .gnupg --import keys.asc" args: chdir: "{{ laminar_home }}" notify: laminar owns .gnupg - name: laminar owns .gnupg file: path: "{{ laminar_home }}/.gnupg" owner: laminar group: laminar recurse: yes tasks: - name: install laminar dependencies apt: name: - laminar - gnupg - docker.io - docker-registry - nginx - mmdebstrap - jq - prometheus-pushgateway state: latest - name: config docker registry lineinfile: dest: /etc/docker/registry/config.yml regexp: ' addr' line: ' addr: 127.0.0.1:5000' notify: restart docker registry - name: enable docker registry service: name=docker-registry state=started enabled=yes - name: config nginx registry site template: src: nginx-registry dest: /etc/nginx/sites-available/registry notify: restart nginx - name: delete nginx default site file: dest="/etc/nginx/sites-enabled/default" state=absent notify: restart nginx - name: activate nginx regitry site file: src: /etc/nginx/sites-available/registry dest: /etc/nginx/sites-enabled/registry state: link notify: restart nginx - name: enable nginx service: name=nginx state=started enabled=yes - name: add the registry to the host file lineinfile: dest: /etc/hosts regexp: '.*{{ registry_domain }}$' line: '127.0.0.1 {{ registry_domain }}' - name: add laminar to docker group user: name=laminar group=docker notify: restart laminar - name: copy openpgp keys copy: src: keys.asc dest: "{{ laminar_home }}" owner: laminar group: laminar mode: u=rwx,g=rx,o=rx notify: - delete keyring - import openpgp keys - name: create the repos folder for laminar jobs file: path: "{{ laminar_home }}/repos" state: directory owner: laminar group: laminar mode: u=rwx,g=rx,o=rx - name: create the version folder for laminar jobs file: path: "{{ laminar_home }}/version" state: directory owner: laminar group: laminar mode: u=rwx,g=rx,o=rx - name: configure laminar scripts template: src: "{{ item }}" dest: "{{ laminar_home }}/cfg/scripts/{{ item }}" owner: laminar group: laminar mode: u=rwx,g=rwx,o=rx with_items: - update_images - check_updates - verify_commits - name: configure jobs template: src: "{{ item }}" dest: "{{ laminar_home }}/cfg/jobs/{{ item }}" owner: laminar group: laminar mode: u=rwx,g=rwx,o=rx with_items: - build_image.run - base_image.run - check_updates.run - name: enable laminar service: name=laminar state=started enabled=yes - name: set nightly check for image updates cron: name: "check image updates" hour: "2" minute: "0" job: "/usr/bin/laminarc queue check_updates" - name: copy build_image script copy: src: build_image dest: /usr/local/bin/build_image owner: root group: root mode: u=rwx,g=rx,o=rx - name: set nightly purge docker images cron: name: "purge docker images" hour: "4" minute: "0" job: "docker system prune -a -f" - name: set nightly registry garbage collector cron: name: "purge docker images" hour: "4" minute: "30" job: "docker-registry garbage-collect /etc/docker/registry/config.yml -m" - name: install webhook apt: name=webhook state=latest - name: configure webhook job template: src: webhook.conf dest: /etc/webhook.conf owner: laminar group: laminar mode: u=rwx,g=rwx,o=rx notify: restart webhook - name: enable webhook service: name=webhook state=started enabled=yes - name: enable prometheus pushgateway service: name=prometheus-pushgateway state=started enabled=yes - name: configure after for metrics template: src: after dest: "{{ laminar_home }}/cfg/after" owner: laminar group: laminar mode: u=rwx,g=rwx,o=rx