ansible playbook to set up a laminar container Ci build
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ansible_laminar/playbook.yml

202 lines
6.2 KiB

---
- hosts: all
vars_files:
- vars.yml
vars:
laminar_home: "/var/lib/laminar/"
registry: "localhost:5000"
prometheus_pushgateway: "http://localhost:9091"
pre_tasks:
- name: Update apt cache if needed
apt: update_cache=yes cache_valid_time=3600
handlers:
- name: restart laminar
service: name=laminar state=restarted
- name: restart webhook
service: name=webhook state=restarted
- name: restart docker registry
service: name=docker-registry state=restarted
- name: restart nginx
service: name=nginx state=restarted
- name: delete keyring
file: dest="{{ laminar_home }}/.gnupg" state=absent
- name: import openpgp keys
command: "gpg --homedir .gnupg --import keys.asc"
args:
chdir: "{{ laminar_home }}"
notify: laminar owns .gnupg
- name: laminar owns .gnupg
file:
path: "{{ laminar_home }}/.gnupg"
owner: laminar
group: laminar
recurse: yes
tasks:
- name: install laminar dependencies
apt:
name:
- laminar
- gnupg
- docker.io
- docker-registry
- nginx
- mmdebstrap
- jq
- prometheus-pushgateway
state: latest
- name: config docker registry
lineinfile:
dest: /etc/docker/registry/config.yml
regexp: ' addr'
line: ' addr: 127.0.0.1:5000'
notify: restart docker registry
- name: enable docker registry
service: name=docker-registry state=started enabled=yes
- name: config nginx registry site
template:
src: nginx-registry
dest: /etc/nginx/sites-available/registry
notify: restart nginx
- name: delete nginx default site
file: dest="/etc/nginx/sites-enabled/default" state=absent
notify: restart nginx
- name: activate nginx regitry site
file:
src: /etc/nginx/sites-available/registry
dest: /etc/nginx/sites-enabled/registry
state: link
notify: restart nginx
- name: enable nginx
service: name=nginx state=started enabled=yes
- name: add the registry to the host file
lineinfile:
dest: /etc/hosts
regexp: '.*{{ registry_domain }}$'
line: '127.0.0.1 {{ registry_domain }}'
- name: add laminar to docker group
user: name=laminar group=docker
notify: restart laminar
- name: copy openpgp keys
copy:
src: keys.asc
dest: "{{ laminar_home }}"
owner: laminar
group: laminar
mode: u=rwx,g=rx,o=rx
notify:
- delete keyring
- import openpgp keys
- name: create the repos folder for laminar jobs
file:
path: "{{ laminar_home }}/repos"
state: directory
owner: laminar
group: laminar
mode: u=rwx,g=rx,o=rx
- name: create the version folder for laminar jobs
file:
path: "{{ laminar_home }}/version"
state: directory
owner: laminar
group: laminar
mode: u=rwx,g=rx,o=rx
- name: configure laminar scripts
template:
src: "{{ item }}"
dest: "{{ laminar_home }}/cfg/scripts/{{ item }}"
owner: laminar
group: laminar
mode: u=rwx,g=rwx,o=rx
with_items:
- update_images
- check_updates
- verify_commits
- name: configure jobs
template:
src: "{{ item }}"
dest: "{{ laminar_home }}/cfg/jobs/{{ item }}"
owner: laminar
group: laminar
mode: u=rwx,g=rwx,o=rx
with_items:
- build_image.run
- base_image.run
- check_updates.run
- name: enable laminar
service: name=laminar state=started enabled=yes
- name: set nightly check for image updates
cron:
name: "check image updates"
hour: "2"
minute: "0"
job: "/usr/bin/laminarc queue check_updates"
- name: copy build_image script
copy:
src: build_image
dest: /usr/local/bin/build_image
owner: root
group: root
mode: u=rwx,g=rx,o=rx
- name: set nightly purge docker images
cron:
name: "purge docker images"
hour: "4"
minute: "0"
job: "docker system prune -a -f"
- name: set nightly registry garbage collector
cron:
name: "purge docker images"
hour: "4"
minute: "30"
job: "docker-registry garbage-collect /etc/docker/registry/config.yml -m"
- name: install webhook
apt: name=webhook state=latest
- name: configure webhook job
template:
src: webhook.conf
dest: /etc/webhook.conf
owner: laminar
group: laminar
mode: u=rwx,g=rwx,o=rx
notify: restart webhook
- name: enable webhook
service: name=webhook state=started enabled=yes
- name: enable prometheus pushgateway
service: name=prometheus-pushgateway state=started enabled=yes
- name: configure after for metrics
template:
src: after
dest: "{{ laminar_home }}/cfg/after"
owner: laminar
group: laminar
mode: u=rwx,g=rwx,o=rx