ansible: finalize config
This commit is contained in:
parent
9118f64a03
commit
0cc199dd1f
5 changed files with 102 additions and 16 deletions
|
@ -3,5 +3,6 @@
|
||||||
sshwifty_internal_port: 8080
|
sshwifty_internal_port: 8080
|
||||||
sshwifty_configuration_directory: "/etc/sshwifty"
|
sshwifty_configuration_directory: "/etc/sshwifty"
|
||||||
sshwifty_work_directory: "/var/lib/sshwifty"
|
sshwifty_work_directory: "/var/lib/sshwifty"
|
||||||
|
sshwifty_gateway_access: false
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
---
|
|
@ -1,4 +1,20 @@
|
||||||
---
|
---
|
||||||
|
# - name: Check sshwifty_* variables are not empty
|
||||||
|
# assert:
|
||||||
|
# that:
|
||||||
|
# sshwifty_configuration_directory
|
||||||
|
# sshwifty_hostname
|
||||||
|
# sshwifty_public_port
|
||||||
|
# sshwifty_shared_key
|
||||||
|
# sshwifty_authentication
|
||||||
|
# sshwifty_ssh_password
|
||||||
|
# sshwifty_ssh_user
|
||||||
|
# sshwifty_internal_port
|
||||||
|
# sshwifty_configuration_directory
|
||||||
|
# sshwifty_work_directory
|
||||||
|
# sshwifty_gateway_access
|
||||||
|
# msg: ""
|
||||||
|
|
||||||
- name: Install required system packages
|
- name: Install required system packages
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
|
@ -43,7 +59,7 @@
|
||||||
- name: Run SSHwifty
|
- name: Run SSHwifty
|
||||||
community.docker.docker_compose:
|
community.docker.docker_compose:
|
||||||
project_src: "{{ sshwifty_work_directory }}"
|
project_src: "{{ sshwifty_work_directory }}"
|
||||||
recreate: smart
|
recreate: always
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
#
|
#
|
||||||
|
|
66
ansible/templates/sshwifty.conf-with-gateway.j2
Normal file
66
ansible/templates/sshwifty.conf-with-gateway.j2
Normal file
|
@ -0,0 +1,66 @@
|
||||||
|
{# vim: set ts=2 sw=2 et ft=jinja2,json : #}
|
||||||
|
{
|
||||||
|
{# "HostName": "localhost", #}
|
||||||
|
"SharedKey": "{{ sshwifty_shared_key }}",
|
||||||
|
"DialTimeout": 10,
|
||||||
|
"Servers": [
|
||||||
|
{
|
||||||
|
"ListenInterface": "0.0.0.0",
|
||||||
|
"ListenPort": 8182,
|
||||||
|
"InitialTimeout": 3,
|
||||||
|
"ReadTimeout": 60,
|
||||||
|
"WriteTimeout": 60,
|
||||||
|
"HeartbeatTimeout": 20,
|
||||||
|
"ReadDelay": 10,
|
||||||
|
"WriteDelay": 10 {# , #}
|
||||||
|
{# "TLSCertificateFile": "", #}
|
||||||
|
{# "TLSCertificateKeyFile": "" #}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Presets": [
|
||||||
|
{% for host in groups['role_mongo'] %}
|
||||||
|
{% set server_group_id = loop.index0 // mongo_replicas_count %}
|
||||||
|
{% set server_index = loop.index0 % mongo_replicas_count %}
|
||||||
|
{% set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] %}
|
||||||
|
{% if server_group_id == mongo_group_id %}
|
||||||
|
{
|
||||||
|
"Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})",
|
||||||
|
"Type": "SSH",
|
||||||
|
"Host": "{{ server_ip_addr }}:22",
|
||||||
|
"Meta": {
|
||||||
|
"User": "{{ sshwifty_ssh_user }}",
|
||||||
|
{% if "password" == sshwifty_authentication | lower %}
|
||||||
|
"Authentication": "Password",
|
||||||
|
"Password": "{{ sshwifty_ssh_password }}",
|
||||||
|
{% else %}
|
||||||
|
"Authentication": "Private Key",
|
||||||
|
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||||
|
{% endif %}
|
||||||
|
{# "Fingerprint": home"SHA256:bgO...." #}
|
||||||
|
"Encoding": "utf-8"
|
||||||
|
}
|
||||||
|
}{% if not loop.last %},{% endif %}
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
||||||
|
{#
|
||||||
|
{
|
||||||
|
"Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})",
|
||||||
|
"Type": "SSH",
|
||||||
|
"Host": "{{ ansible_ssh_host }}:22",
|
||||||
|
"Meta": {
|
||||||
|
"User": "{{ sshwifty_ssh_user }}",
|
||||||
|
{% if "password" == sshwifty_authentication | lower %}
|
||||||
|
"Authentication": "Password",
|
||||||
|
"Password": "{{ sshwifty_ssh_password }}",
|
||||||
|
{% else %}
|
||||||
|
"Authentication": "Private Key",
|
||||||
|
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||||
|
{% endif %}
|
||||||
|
{# "Fingerprint": "SHA256:bgO...." #}
|
||||||
|
"Encoding": "utf-8"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#}
|
||||||
|
],
|
||||||
|
"OnlyAllowPresetRemotes": true
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{# vim: set ts=2 sw=2 et ft=jinja2,json : #}
|
{# vim: set ts=2 sw=2 et ft=jinja2 : #}
|
||||||
{
|
{
|
||||||
{# "HostName": "localhost", #}
|
{# "HostName": "localhost", #}
|
||||||
"SharedKey": "{{ sshwifty_shared_key }}",
|
"SharedKey": "{{ sshwifty_shared_key }}",
|
||||||
|
@ -18,47 +18,49 @@
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"Presets": [
|
"Presets": [
|
||||||
{% for host in groups['role_mongo'] %}
|
{%- for host in groups['role_mongo'] -%}
|
||||||
{% set server_group_id = loop.index0 // mongo_replicas_count %}
|
{%- set server_group_id = loop.index0 // mongo_replicas_count -%}
|
||||||
{% set server_index = loop.index0 % mongo_replicas_count %}
|
{%- set server_index = loop.index0 % mongo_replicas_count -%}
|
||||||
{% set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] %}
|
{%- set server_ip_addr = hostvars[host]['ansible_facts']['default_ipv4']['address'] -%}
|
||||||
{% if server_group_id == mongo_group_id %}
|
{%- if server_group_id == mongo_group_id -%}
|
||||||
{
|
{
|
||||||
"Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})",
|
"Title": "Group {{ server_group_id }} - Server {{ server_index }} ({{ host }})",
|
||||||
"Type": "SSH",
|
"Type": "SSH",
|
||||||
"Host": "{{ server_ip_addr }}:22",
|
"Host": "{{ server_ip_addr }}:22",
|
||||||
"Meta": {
|
"Meta": {
|
||||||
"User": "{{ sshwifty_ssh_user }}",
|
"User": "{{ sshwifty_ssh_user }}",
|
||||||
{% if "password" == sshwifty_authentication | lower %}
|
{%- if "password" == sshwifty_authentication | lower -%}
|
||||||
"Authentication": "Password",
|
"Authentication": "Password",
|
||||||
"Password": "{{ sshwifty_ssh_password }}",
|
"Password": "{{ sshwifty_ssh_password }}",
|
||||||
{% else %}
|
{%- else -%}
|
||||||
"Authentication": "Private Key",
|
"Authentication": "Private Key",
|
||||||
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||||
{% endif %}
|
{%- endif -%}
|
||||||
{# "Fingerprint": home"SHA256:bgO...." #}
|
{# "Fingerprint": home"SHA256:bgO...." #}
|
||||||
"Encoding": "utf-8"
|
"Encoding": "utf-8"
|
||||||
}
|
}
|
||||||
},
|
}{%- if sshwifty_gateway_access or (server_index + 1) < mongo_replicas_count -%},{%- endif -%}
|
||||||
{% endif %}
|
{%- endif -%}
|
||||||
{% endfor %}
|
{%- endfor -%}
|
||||||
|
{%- if sshwifty_gateway_access -%}
|
||||||
{
|
{
|
||||||
"Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})",
|
"Title": "Group {{ mongo_group_id }} - Gateway ({{ ansible_facts['hostname'] }})",
|
||||||
"Type": "SSH",
|
"Type": "SSH",
|
||||||
"Host": "{{ ansible_ssh_host }}:22",
|
"Host": "{{ ansible_ssh_host }}:22",
|
||||||
"Meta": {
|
"Meta": {
|
||||||
"User": "{{ sshwifty_ssh_user }}",
|
"User": "{{ sshwifty_ssh_user }}",
|
||||||
{% if "password" == sshwifty_authentication | lower %}
|
{%- if "password" == sshwifty_authentication | lower -%}
|
||||||
"Authentication": "Password",
|
"Authentication": "Password",
|
||||||
"Password": "{{ sshwifty_ssh_password }}",
|
"Password": "{{ sshwifty_ssh_password }}",
|
||||||
{% else %}
|
{%- else -%}
|
||||||
"Authentication": "Private Key",
|
"Authentication": "Private Key",
|
||||||
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
"Private Key": "file://{{ sshwifty_ssh_private_key }}",
|
||||||
{% endif %}
|
{%- endif -%}
|
||||||
{# "Fingerprint": "SHA256:bgO...." #}
|
{# "Fingerprint": "SHA256:bgO...." #}
|
||||||
"Encoding": "utf-8"
|
"Encoding": "utf-8"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
{%- endif -%}
|
||||||
],
|
],
|
||||||
"OnlyAllowPresetRemotes": true
|
"OnlyAllowPresetRemotes": true
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue