ansible: finalize config

This commit is contained in:
Glenn Y. Rolland 2022-06-16 17:53:52 +02:00
parent 9118f64a03
commit 0cc199dd1f
5 changed files with 102 additions and 16 deletions

View file

@ -3,5 +3,6 @@
sshwifty_internal_port: 8080 sshwifty_internal_port: 8080
sshwifty_configuration_directory: "/etc/sshwifty" sshwifty_configuration_directory: "/etc/sshwifty"
sshwifty_work_directory: "/var/lib/sshwifty" sshwifty_work_directory: "/var/lib/sshwifty"
sshwifty_gateway_access: false
# #

View file

@ -0,0 +1 @@
---

View file

@ -1,4 +1,20 @@
--- ---
# - name: Check sshwifty_* variables are not empty
# assert:
# that:
# sshwifty_configuration_directory
# sshwifty_hostname
# sshwifty_public_port
# sshwifty_shared_key
# sshwifty_authentication
# sshwifty_ssh_password
# sshwifty_ssh_user
# sshwifty_internal_port
# sshwifty_configuration_directory
# sshwifty_work_directory
# sshwifty_gateway_access
# msg: ""
- name: Install required system packages - name: Install required system packages
ansible.builtin.apt: ansible.builtin.apt:
name: name:
@ -43,7 +59,7 @@
- name: Run SSHwifty - name: Run SSHwifty
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ sshwifty_work_directory }}" project_src: "{{ sshwifty_work_directory }}"
recreate: smart recreate: always
state: present state: present
# #

View file

@ -0,0 +1,66 @@
{# vim: set ts=2 sw=2 et ft=jinja2,json : #}
{
{# "HostName": "localhost", #}
"SharedKey": "{{ sshwifty_shared_key }}",
"DialTimeout": 10,
"Servers": [
{
"ListenInterface": "0.0.0.0",
"ListenPort": 8182,
"InitialTimeout": 3,
"ReadTimeout": 60,
"WriteTimeout": 60,
"HeartbeatTimeout": 20,
"ReadDelay": 10,
"WriteDelay": 10 {# , #}
{# "TLSCertificateFile": "", #}
{# "TLSCertificateKeyFile": "" #}
}
],
"Presets": [
{% for host in groups['role_mongo'] %}
{% set server_group_id = loop.index0 // mongo_replicas_count %}
{% set server_index = loop.index0 % mongo_replicas_count %}
{% set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] %}
{% if server_group_id == mongo_group_id %}
{
"Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})",
"Type": "SSH",
"Host": "{{ server_ip_addr }}:22",
"Meta": {
"User": "{{ sshwifty_ssh_user }}",
{% if "password" == sshwifty_authentication | lower %}
"Authentication": "Password",
"Password": "{{ sshwifty_ssh_password }}",
{% else %}
"Authentication": "Private Key",
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
{% endif %}
{# "Fingerprint": home"SHA256:bgO...." #}
"Encoding": "utf-8"
}
}{% if not loop.last %},{% endif %}
{% endif %}
{% endfor %}
{#
{
"Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})",
"Type": "SSH",
"Host": "{{ ansible_ssh_host }}:22",
"Meta": {
"User": "{{ sshwifty_ssh_user }}",
{% if "password" == sshwifty_authentication | lower %}
"Authentication": "Password",
"Password": "{{ sshwifty_ssh_password }}",
{% else %}
"Authentication": "Private Key",
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
{% endif %}
{# "Fingerprint": "SHA256:bgO...." #}
"Encoding": "utf-8"
}
}
#}
],
"OnlyAllowPresetRemotes": true
}

View file

@ -1,4 +1,4 @@
{# vim: set ts=2 sw=2 et ft=jinja2,json : #} {# vim: set ts=2 sw=2 et ft=jinja2 : #}
{ {
{# "HostName": "localhost", #} {# "HostName": "localhost", #}
"SharedKey": "{{ sshwifty_shared_key }}", "SharedKey": "{{ sshwifty_shared_key }}",
@ -18,47 +18,49 @@
} }
], ],
"Presets": [ "Presets": [
{% for host in groups['role_mongo'] %} {%- for host in groups['role_mongo'] -%}
{% set server_group_id = loop.index0 // mongo_replicas_count %} {%- set server_group_id = loop.index0 // mongo_replicas_count -%}
{% set server_index = loop.index0 % mongo_replicas_count %} {%- set server_index = loop.index0 % mongo_replicas_count -%}
{% set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] %} {%- set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] -%}
{% if server_group_id == mongo_group_id %} {%- if server_group_id == mongo_group_id -%}
{ {
"Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})", "Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})",
"Type": "SSH", "Type": "SSH",
"Host": "{{ server_ip_addr }}:22", "Host": "{{ server_ip_addr }}:22",
"Meta": { "Meta": {
"User": "{{ sshwifty_ssh_user }}", "User": "{{ sshwifty_ssh_user }}",
{% if "password" == sshwifty_authentication | lower %} {%- if "password" == sshwifty_authentication | lower -%}
"Authentication": "Password", "Authentication": "Password",
"Password": "{{ sshwifty_ssh_password }}", "Password": "{{ sshwifty_ssh_password }}",
{% else %} {%- else -%}
"Authentication": "Private Key", "Authentication": "Private Key",
"Private Key": "file://{{ sshwifty_ssh_private_key }}", "Private Key": "file://{{ sshwifty_ssh_private_key }}",
{% endif %} {%- endif -%}
{# "Fingerprint": home"SHA256:bgO...." #} {# "Fingerprint": home"SHA256:bgO...." #}
"Encoding": "utf-8" "Encoding": "utf-8"
} }
}, }{%- if sshwifty_gateway_access or (server_index + 1) < mongo_replicas_count -%},{%- endif -%}
{% endif %} {%- endif -%}
{% endfor %} {%- endfor -%}
{%- if sshwifty_gateway_access -%}
{ {
"Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})", "Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})",
"Type": "SSH", "Type": "SSH",
"Host": "{{ ansible_ssh_host }}:22", "Host": "{{ ansible_ssh_host }}:22",
"Meta": { "Meta": {
"User": "{{ sshwifty_ssh_user }}", "User": "{{ sshwifty_ssh_user }}",
{% if "password" == sshwifty_authentication | lower %} {%- if "password" == sshwifty_authentication | lower -%}
"Authentication": "Password", "Authentication": "Password",
"Password": "{{ sshwifty_ssh_password }}", "Password": "{{ sshwifty_ssh_password }}",
{% else %} {%- else -%}
"Authentication": "Private Key", "Authentication": "Private Key",
"Private Key": "file://{{ sshwifty_ssh_private_key }}", "Private Key": "file://{{ sshwifty_ssh_private_key }}",
{% endif %} {%- endif -%}
{# "Fingerprint": "SHA256:bgO...." #} {# "Fingerprint": "SHA256:bgO...." #}
"Encoding": "utf-8" "Encoding": "utf-8"
} }
} }
{%- endif -%}
], ],
"OnlyAllowPresetRemotes": true "OnlyAllowPresetRemotes": true
} }