ansible playbook to set up a laminar container Ci build.
moved to: https://git.sindominio.net/sindominio/ansible_laminar
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
202 lines
6.2 KiB
202 lines
6.2 KiB
--- |
|
- hosts: all |
|
vars_files: |
|
- vars.yml |
|
vars: |
|
laminar_home: "/var/lib/laminar/" |
|
registry: "localhost:5000" |
|
prometheus_pushgateway: "http://localhost:9091" |
|
|
|
pre_tasks: |
|
- name: Update apt cache if needed |
|
apt: update_cache=yes cache_valid_time=3600 |
|
|
|
handlers: |
|
- name: restart laminar |
|
service: name=laminar state=restarted |
|
|
|
- name: restart webhook |
|
service: name=webhook state=restarted |
|
|
|
- name: restart docker registry |
|
service: name=docker-registry state=restarted |
|
|
|
- name: restart nginx |
|
service: name=nginx state=restarted |
|
|
|
- name: delete keyring |
|
file: dest="{{ laminar_home }}/.gnupg" state=absent |
|
- name: import openpgp keys |
|
command: "gpg --homedir .gnupg --import keys.asc" |
|
args: |
|
chdir: "{{ laminar_home }}" |
|
notify: laminar owns .gnupg |
|
- name: laminar owns .gnupg |
|
file: |
|
path: "{{ laminar_home }}/.gnupg" |
|
owner: laminar |
|
group: laminar |
|
recurse: yes |
|
|
|
tasks: |
|
- name: install laminar dependencies |
|
apt: |
|
name: |
|
- laminar |
|
- gnupg |
|
- docker.io |
|
- docker-registry |
|
- nginx |
|
- mmdebstrap |
|
- jq |
|
- prometheus-pushgateway |
|
state: latest |
|
|
|
- name: config docker registry |
|
lineinfile: |
|
dest: /etc/docker/registry/config.yml |
|
regexp: ' addr' |
|
line: ' addr: 127.0.0.1:5000' |
|
notify: restart docker registry |
|
|
|
- name: enable docker registry |
|
service: name=docker-registry state=started enabled=yes |
|
|
|
- name: config nginx registry site |
|
template: |
|
src: nginx-registry |
|
dest: /etc/nginx/sites-available/registry |
|
notify: restart nginx |
|
|
|
- name: delete nginx default site |
|
file: dest="/etc/nginx/sites-enabled/default" state=absent |
|
notify: restart nginx |
|
|
|
- name: activate nginx regitry site |
|
file: |
|
src: /etc/nginx/sites-available/registry |
|
dest: /etc/nginx/sites-enabled/registry |
|
state: link |
|
notify: restart nginx |
|
|
|
- name: enable nginx |
|
service: name=nginx state=started enabled=yes |
|
|
|
- name: add the registry to the host file |
|
lineinfile: |
|
dest: /etc/hosts |
|
regexp: '.*{{ registry_domain }}$' |
|
line: '127.0.0.1 {{ registry_domain }}' |
|
|
|
- name: add laminar to docker group |
|
user: name=laminar group=docker |
|
notify: restart laminar |
|
|
|
- name: copy openpgp keys |
|
copy: |
|
src: keys.asc |
|
dest: "{{ laminar_home }}" |
|
owner: laminar |
|
group: laminar |
|
mode: u=rwx,g=rx,o=rx |
|
notify: |
|
- delete keyring |
|
- import openpgp keys |
|
|
|
- name: create the repos folder for laminar jobs |
|
file: |
|
path: "{{ laminar_home }}/repos" |
|
state: directory |
|
owner: laminar |
|
group: laminar |
|
mode: u=rwx,g=rx,o=rx |
|
|
|
- name: create the version folder for laminar jobs |
|
file: |
|
path: "{{ laminar_home }}/version" |
|
state: directory |
|
owner: laminar |
|
group: laminar |
|
mode: u=rwx,g=rx,o=rx |
|
|
|
- name: configure laminar scripts |
|
template: |
|
src: "{{ item }}" |
|
dest: "{{ laminar_home }}/cfg/scripts/{{ item }}" |
|
owner: laminar |
|
group: laminar |
|
mode: u=rwx,g=rwx,o=rx |
|
with_items: |
|
- update_images |
|
- check_updates |
|
- verify_commits |
|
|
|
- name: configure jobs |
|
template: |
|
src: "{{ item }}" |
|
dest: "{{ laminar_home }}/cfg/jobs/{{ item }}" |
|
owner: laminar |
|
group: laminar |
|
mode: u=rwx,g=rwx,o=rx |
|
with_items: |
|
- build_image.run |
|
- base_image.run |
|
- check_updates.run |
|
|
|
- name: enable laminar |
|
service: name=laminar state=started enabled=yes |
|
|
|
- name: set nightly check for image updates |
|
cron: |
|
name: "check image updates" |
|
hour: "2" |
|
minute: "0" |
|
job: "/usr/bin/laminarc queue check_updates" |
|
|
|
- name: copy build_image script |
|
copy: |
|
src: build_image |
|
dest: /usr/local/bin/build_image |
|
owner: root |
|
group: root |
|
mode: u=rwx,g=rx,o=rx |
|
|
|
- name: set nightly purge docker images |
|
cron: |
|
name: "purge docker images" |
|
hour: "4" |
|
minute: "0" |
|
job: "docker system prune -a -f" |
|
|
|
- name: set nightly registry garbage collector |
|
cron: |
|
name: "purge docker images" |
|
hour: "4" |
|
minute: "30" |
|
job: "docker-registry garbage-collect /etc/docker/registry/config.yml -m" |
|
|
|
- name: install webhook |
|
apt: name=webhook state=latest |
|
|
|
- name: configure webhook job |
|
template: |
|
src: webhook.conf |
|
dest: /etc/webhook.conf |
|
owner: laminar |
|
group: laminar |
|
mode: u=rwx,g=rwx,o=rx |
|
notify: restart webhook |
|
|
|
- name: enable webhook |
|
service: name=webhook state=started enabled=yes |
|
|
|
- name: enable prometheus pushgateway |
|
service: name=prometheus-pushgateway state=started enabled=yes |
|
|
|
- name: configure after for metrics |
|
template: |
|
src: after |
|
dest: "{{ laminar_home }}/cfg/after" |
|
owner: laminar |
|
group: laminar |
|
mode: u=rwx,g=rwx,o=rx
|
|
|