Initial import

2023-02-17 15:48:29 +01:00 · 2023-02-17 15:48:29 +01:00 · 79e70690d6
commit 79e70690d6
12 changed files with 235 additions and 0 deletions
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@ -0,0 +1,2 @@
+[defaults]
+allow_world_readable_tmpfiles = true
--- a/ansible/files/etc.network.interfaces.d.svc0
+++ b/ansible/files/etc.network.interfaces.d.svc0
@ -0,0 +1,9 @@
+
+auto svc0
+iface svc0 inet static
+        address 192.168.254.254
+        netmask 255.255.255.0
+        network 192.168.254.0
+        pre-up ip link add dev svc0 type dummy
+        post-down ip link del dev svc0
+
--- a/ansible/files/etc.sudoers.d.vagrant
+++ b/ansible/files/etc.sudoers.d.vagrant
@ -0,0 +1,7 @@
+Cmnd_Alias VAGRANT_EXPORTS_CHOWN = /bin/chown 0\:0 /tmp/vagrant-exports
+Cmnd_Alias VAGRANT_EXPORTS_MV = /bin/mv -f /tmp/vagrant-exports /etc/exports
+Cmnd_Alias VAGRANT_NFSD_CHECK = /etc/init.d/nfs-kernel-server status
+Cmnd_Alias VAGRANT_NFSD_START = /etc/init.d/nfs-kernel-server start
+Cmnd_Alias VAGRANT_NFSD_APPLY = /usr/sbin/exportfs -ar
+%vagrant ALL=(root) NOPASSWD: VAGRANT_EXPORTS_CHOWN, VAGRANT_EXPORTS_MV, VAGRANT_NFSD_CHECK, VAGRANT_NFSD_START, VAGRANT_NFSD_APPLY
+
--- a/ansible/files/home.developer.src.Vagrantfile
+++ b/ansible/files/home.developer.src.Vagrantfile
@ -0,0 +1,31 @@
+ENV['VAGRANT_EXPERIMENTAL']='1'
+
+Vagrant.configure('2') do |config|
+  config.vm.box = 'debian/bullseye64'
+
+  config.vm.provider 'libvirt' do |domain|
+    domain.memory = 2000
+    domain.nested = true
+    domain.cpus = 2
+  	domain.cpu_mode = "host-model"
+   	domain.management_network_name = 'vagrant-libvirt-new'
+   	domain.management_network_address = '192.168.124.0/24'
+  end
+
+  # nouveau serveur applicatif
+  config.vm.define 'bisket-jatra' do |machine|
+    machine.vm.hostname = 'bisket-jatra'
+  end
+
+  # nouveau serveur backups
+  config.vm.define 'nag-panchami' do |machine|
+    machine.vm.hostname = 'nag-panchami'
+  end
+
+  config.vm.provision 'shell', inline: <<-MARK
+    apt-get update
+    apt-get install -y python3
+  MARK
+  config.vm.provision 'shell', inline: 'echo "SUCCESS"'
+end
+
--- a/ansible/install.yml
+++ b/ansible/install.yml
@ -0,0 +1,15 @@
+---
+- hosts: all
+  become: true
+  tasks:
+    - name: Install vim
+      apt:
+        name:
+          - vim
+          - acl
+        state: present
+    - include_tasks: tasks/buildtools.yml
+    - include_tasks: tasks/libvirt.yml
+    - include_tasks: tasks/vagrant.yml
+    - include_tasks: tasks/nfs.yml
+    - include_tasks: tasks/user.yml
--- a/ansible/tasks/buildtools.yml
+++ b/ansible/tasks/buildtools.yml
@ -0,0 +1,8 @@
+---
+- name: Install build tools
+  apt:
+    name:
+      - gcc
+      - make
+    state: present
+
--- a/ansible/tasks/libvirt.yml
+++ b/ansible/tasks/libvirt.yml
@ -0,0 +1,34 @@
+---
+- name: Install LibVirt dependencies
+  apt:
+    name:
+      - qemu
+      - libvirt-daemon-system
+      - libvirt-daemon-config-network
+      - libvirt-dev
+      - ebtables
+      - libguestfs-tools
+    state: present
+
+- name: Test libvirt default network
+  shell: virsh net-list | grep -q default
+  register: virsh_net_test
+  ignore_errors: true
+  changed_when: false
+
+- ansible.builtin.service:
+    name: libvirtd
+    state: restarted
+  when: virsh_net_test.rc != 0
+
+- name: Autostart libvirt default network
+  command:
+    cmd: virsh net-autostart default
+  when: virsh_net_test.rc != 0
+
+- name: Start default network
+  command:
+    cmd: virsh net-start default
+  when: virsh_net_test.rc != 0
+
+#
--- a/ansible/tasks/nfs.yml
+++ b/ansible/tasks/nfs.yml
@ -0,0 +1,34 @@
+---
+- name: Add extra internal network interface for NFS
+  ansible.builtin.copy:
+    src: files/etc.network.interfaces.d.svc0
+    dest: /etc/network/interfaces.d/svc0
+    owner: root
+    group: root
+  register: nfs_net_iface
+
+- name: Restart network interface
+  shell:
+    cmd: ifdown svc0 && ifup svc0
+  when: nfs_net_iface.changed == true
+
+- name: Install nfs
+  apt:
+    name: nfs-kernel-server
+    state: present
+
+- name: Limit nfs service to localhost and svc0
+  ansible.builtin.blockinfile:
+    path: /etc/default/nfs-kernel-server
+    insertafter: '^RPCSVCGSSDOPTS='
+    block: |
+      # Listen only on localhost and svc0
+      RPCNFSDOPTS="-H 127.0.0.1 -H 192.168.254.254"
+  register: nfs_config_limit
+
+- ansible.builtin.service:
+    name: nfs-kernel-server
+    state: restarted
+  when: nfs_config_limit.changed == true
+
+#
--- a/ansible/tasks/user.yml
+++ b/ansible/tasks/user.yml
@ -0,0 +1,38 @@
+---
+- name: Add the user 'developer'
+  ansible.builtin.user:
+    name: developer
+    shell: /bin/bash
+    groups: libvirt,vagrant
+    append: 'yes'
+    ssh_key_file: .ssh/id_rsa
+    password: '$6$mysecretsalt$QjSLl.VQoxPKJkBE9.oLX82C5P4tAMH8UfFRpkxgkqSg2GNob8Y39hj5/cl7o0gbpPXVBGaB9oLuCPfVhIhyA0'
+
+- name: Add src directory
+  ansible.builtin.file:
+    path: /home/developer/src
+    owner: developer
+    group: developer
+    state: directory
+
+- name: Add vagrantfile
+  ansible.builtin.copy:
+    src: files/home.developer.src.Vagrantfile
+    dest: /home/developer/src/Vagrantfile
+    owner: developer
+    group: developer
+
+- name: Test Vagrant plugin presence
+  become_user: developer
+  shell:
+    cmd: vagrant plugin list  |grep -q vagrant-libvirt
+  register: vagrant_libvirt_test
+  ignore_errors: true
+  changed_when: false
+
+- name: Install Vagrant plugin for libvirt
+  # become: yes
+  become_user: developer
+  command:
+    cmd: vagrant plugin install vagrant-libvirt
+  when: vagrant_libvirt_test.rc != 0
--- a/ansible/tasks/vagrant.yml
+++ b/ansible/tasks/vagrant.yml
@ -0,0 +1,32 @@
+- name: Install Vagrant key
+  get_url:
+    url: https://apt.releases.hashicorp.com/gpg
+    dest: /etc/apt/trusted.gpg.d/vagrant.asc
+
+- name: Ensure vagrant group exists
+  ansible.builtin.group:
+    name: vagrant
+    state: present
+
+- name: Add sudoers file
+  ansible.builtin.copy:
+    src: files/etc.sudoers.d.vagrant
+    dest: /etc/sudoers.d/vagrant
+    owner: root
+    group: root
+
+- name: Add Vagrant repository
+  apt_repository:
+    repo: >
+      deb
+      [signed-by=/etc/apt/trusted.gpg.d/vagrant.asc]
+      https://apt.releases.hashicorp.com bullseye main
+    state: present
+    update_cache: true
+
+- name: Install Vagrant
+  apt:
+    name: vagrant
+    state: present
+
+#
--- a/inventories/real.ini
+++ b/inventories/real.ini
@ -0,0 +1,2 @@
+
+vagrant-host ansible_host=5.135.143.189 ansible_user=debian ansible_become=yes
--- a/vagrant/Vagrantfile
+++ b/vagrant/Vagrantfile
@ -0,0 +1,23 @@
+Vagrant.configure("2") do |config|
+  config.vm.box = 'debian/bullseye64'
+
+  config.vm.provider 'libvirt' do |domain|
+    domain.memory = 8000
+    domain.nested = true
+    domain.cpus = 2
+  end
+
+  config.vm.provision 'shell', inline: <<-MARK
+    apt-get update
+    apt-get install -y python3
+  MARK
+  config.vm.provision 'shell', inline: 'echo "SUCCESS"'
+
+  config.vm.provision 'ansible', after: :all do |ansible|
+    ansible.limit = 'all'
+    ansible.playbook = '../ansible/install.yml'
+    # ansible.inventory_path = '../inventories/vagrant.ini'
+  end
+
+
+end
				`@ -0,0 +1,2 @@`

				`vagrant-host ansible_host=5.135.143.189 ansible_user=debian ansible_become=yes`