Convert build script to Ansible
This commit is contained in:
parent
e81a08fb89
commit
62a57712ed
|
@ -0,0 +1,2 @@
|
||||||
|
[akanda]
|
||||||
|
10.10.10.76 ansible_ssh_user=akanda
|
|
@ -0,0 +1,26 @@
|
||||||
|
---
|
||||||
|
- hosts: all
|
||||||
|
sudo: true
|
||||||
|
|
||||||
|
vars:
|
||||||
|
bird_enable: True
|
||||||
|
bird6_enable: True
|
||||||
|
bird_enable_service: False
|
||||||
|
dnsmasq_conf_dir: /etc/dnsmasq.d
|
||||||
|
dnsmasq_conf_file: /etc/dnsmasq.conf
|
||||||
|
install_extras: False
|
||||||
|
do_cleanup: True
|
||||||
|
router_appliance: True
|
||||||
|
update_kernel: False
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- include: tasks/debian_backports.yml
|
||||||
|
when: ansible_distribution == "Debian" and ansible_distribution_release == "wheezy"
|
||||||
|
- include: tasks/update_kernel.yml
|
||||||
|
when: update_kernel
|
||||||
|
- include: tasks/base.yml
|
||||||
|
- include: tasks/akanda.yml
|
||||||
|
- include: tasks/bird.yml
|
||||||
|
- include: tasks/dnsmasq.yml
|
||||||
|
- include: tasks/extras.yml
|
||||||
|
when: install_extras
|
|
@ -0,0 +1,52 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: install base packages
|
||||||
|
apt: name={{item}} state=installed install_recommends=no
|
||||||
|
with_items:
|
||||||
|
- python-pip
|
||||||
|
- python-dev
|
||||||
|
|
||||||
|
- name: copy akanda-appliance code
|
||||||
|
synchronize: src={{ playbook_dir }}/.. dest=/tmp/akanda-appliance
|
||||||
|
|
||||||
|
- name: ensure latest setuptools
|
||||||
|
pip: name=setuptools state=latest
|
||||||
|
|
||||||
|
- name: install required files
|
||||||
|
pip: requirements=/tmp/akanda-appliance/requirements.txt
|
||||||
|
|
||||||
|
- name: install akanda-appliance
|
||||||
|
command: python setup.py install chdir=/tmp/akanda-appliance
|
||||||
|
|
||||||
|
- name: install init.d files
|
||||||
|
copy: src={{playbook_dir}}/../scripts/etc/init.d/{{item}} dest=/etc/init.d/{{item}} mode=0555
|
||||||
|
with_items:
|
||||||
|
- metadata
|
||||||
|
- akanda-router-api-server
|
||||||
|
|
||||||
|
- name: update-rc
|
||||||
|
command: update-rc.d akanda-router-api-server start
|
||||||
|
|
||||||
|
- name: add timestamp
|
||||||
|
shell: date > arg1 creates=/etc/akanda-release
|
||||||
|
|
||||||
|
- name: enable forwarding
|
||||||
|
sysctl: name={{item}} value=1 sysctl_set=yes state=present reload=yes
|
||||||
|
with_items:
|
||||||
|
- net.ipv4.ip_forward
|
||||||
|
- net.ipv6.conf.all.forwarding
|
||||||
|
when: router_appliance
|
||||||
|
|
||||||
|
- name: remove packages only needed for build
|
||||||
|
apt: name={{item}} state=absent
|
||||||
|
with_items:
|
||||||
|
- python-pip
|
||||||
|
- python-dev
|
||||||
|
- build-essential
|
||||||
|
when: do_cleanup
|
||||||
|
|
||||||
|
- name: Autoremove unused packages
|
||||||
|
command: apt-get -y autoremove
|
||||||
|
when: do_cleanup
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: install base packages
|
||||||
|
apt: name={{item}} state=installed install_recommends=no
|
||||||
|
with_items:
|
||||||
|
- wget
|
||||||
|
- iptables
|
||||||
|
- iptables-persistent
|
||||||
|
- conntrack
|
||||||
|
- ntp
|
||||||
|
|
||||||
|
- name: latest bash (CVE-2014-6271)
|
||||||
|
apt: name=bash state=latest install_recommends=no
|
||||||
|
|
||||||
|
- name: remove timezone
|
||||||
|
command: rm -f arg1 removes=/etc/localtime
|
||||||
|
|
||||||
|
- name: set timezone to UTC
|
||||||
|
command: ln -s /usr/share/zoneinfo/UTC arg1 creates=/etc/localtime
|
||||||
|
|
||||||
|
- name: setting hostname
|
||||||
|
copy: content="akanda-linux" dest=/etc/hostname
|
||||||
|
|
||||||
|
- name: set default nameserver
|
||||||
|
copy: content="nameserver 8.8.8.8" dest=/etc/resolv.conf
|
||||||
|
|
||||||
|
- name: vanity motd
|
||||||
|
template: src=motd.j2 dest=/etc/motd
|
||||||
|
|
||||||
|
- name: disable fsck on boot via fastboot
|
||||||
|
file: path=/fastboot state=touch
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: install bird
|
||||||
|
apt: name=bird state=installed install_recommends=no default_release=wheezy-backports
|
||||||
|
when: bird_enable
|
||||||
|
|
||||||
|
- name: install bird6
|
||||||
|
apt: name=bird6 state=installed install_recommends=no default_release=wheezy-backports
|
||||||
|
when: bird6_enable
|
||||||
|
|
||||||
|
# Debian version does not support status ensure that it exists
|
||||||
|
- name: ensure bird status works in init.d
|
||||||
|
replace: dest=/etc/init.d/bird regexp='(\;\;\s*)\n(\s*reload\|)' replace='\1\n status)\n status_of_proc $DAEMON $NAME && exit 0 || exit $?\n ;;\n\2'
|
||||||
|
when: bird_enable
|
||||||
|
|
||||||
|
- name: ensure bird6 status works in init.d
|
||||||
|
replace: dest=/etc/init.d/bird6 regexp='(\;\;\s*)\n(\s*reload\|)' replace='\1\n status)\n status_of_proc $DAEMON $NAME && exit 0 || exit $?\n ;;\n\2'
|
||||||
|
when: bird6_enable
|
||||||
|
|
||||||
|
- name: Ensure bird is started
|
||||||
|
service: name=bird state=started enabled=yes
|
||||||
|
when: bird_enable and bird_enable_service
|
||||||
|
|
||||||
|
- name: Ensure bird6 is started
|
||||||
|
service: name=bird6 state=started enabled=yes
|
||||||
|
when: bird6_enable and bird_enable_service
|
|
@ -0,0 +1,5 @@
|
||||||
|
- name: Install Wheezy Backports and update
|
||||||
|
apt_repository: repo="deb http://http.debian.net/debian wheezy-backports main"
|
||||||
|
|
||||||
|
- name: Update Cache
|
||||||
|
apt: update_cache=yes cache_valid_time=3600
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
- name: install dnsmasq (Debian)
|
||||||
|
apt: name=dnsmasq state=installed install_recommends=no
|
||||||
|
|
||||||
|
- name: Create config directory
|
||||||
|
file: path={{dnsmasq_conf_dir}} state=directory mode=0755
|
||||||
|
|
||||||
|
- name: Generate Config
|
||||||
|
template: src=dnsmasq.conf.j2 dest={{dnsmasq_conf_file}}
|
||||||
|
|
||||||
|
- name: Ensure dnsmasq is started
|
||||||
|
service: name=dnsmasq state=started enabled=yes
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: install extras
|
||||||
|
apt: name={{item}} state=installed install_recommends=no
|
||||||
|
with_items:
|
||||||
|
- mtr
|
||||||
|
- tcpdump
|
||||||
|
- tshark
|
|
@ -0,0 +1,21 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- stat: path=/boot/grub
|
||||||
|
register: grub_dir
|
||||||
|
|
||||||
|
- stat: path=/boot
|
||||||
|
register: boot_dir
|
||||||
|
|
||||||
|
- name: install kernel (Debian)
|
||||||
|
apt: name=linux-image-amd64 state=latest install_recommends=no
|
||||||
|
|
||||||
|
- name: update grub conf
|
||||||
|
when: grub_dir.stat.exists == True
|
||||||
|
template: src=default_grub dest=/etc/default/grub
|
||||||
|
|
||||||
|
- stat: path=/boot
|
||||||
|
register: boot_dir_after
|
||||||
|
|
||||||
|
- name: update-grub
|
||||||
|
when: boot_dir_after.stat.mtime > boot_dir.stat.mtime
|
||||||
|
command: update-grub
|
|
@ -0,0 +1,9 @@
|
||||||
|
# If you change this file, run 'update-grub' afterwards to update
|
||||||
|
# /boot/grub/grub.cfg.
|
||||||
|
|
||||||
|
GRUB_DEFAULT=0
|
||||||
|
GRUB_TIMEOUT=0
|
||||||
|
GRUB_DISTRIBUTOR=Debian
|
||||||
|
GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0,115200n8"
|
||||||
|
# Disable GSO (Generic Segmentation Offload) in order to improve IPv6 forwarding performance
|
||||||
|
GRUB_CMDLINE_LINUX="debian-installer=en_US virtio_net.gso=0"
|
|
@ -0,0 +1,9 @@
|
||||||
|
bind-interfaces
|
||||||
|
leasefile-ro
|
||||||
|
domain-needed
|
||||||
|
bogus-priv
|
||||||
|
no-hosts
|
||||||
|
no-poll
|
||||||
|
strict-order
|
||||||
|
dhcp-lease-max=256
|
||||||
|
conf-dir={{dnsmasq_conf_dir}}
|
|
@ -0,0 +1,8 @@
|
||||||
|
___ ___ .___
|
||||||
|
/ \\ \\ | - L3 for OpenStack - | _/
|
||||||
|
/ _ \\ | | _______ ____ __| | ____
|
||||||
|
/ /_\\ \\| |/ /\\__ \\ / \\ / __ |\\__ \\
|
||||||
|
/ | \\ < / __ \\| | \\/ /_/ | / __ \\_
|
||||||
|
\\____|__ /__|_ \\(____ /___| /\\____ |(____ /
|
||||||
|
\\/ \\/ \\/ \\/ \\/ \\/
|
||||||
|
Welcome to Akanda: Powered by Unicorns.
|
|
@ -0,0 +1,8 @@
|
||||||
|
flask>=0.9
|
||||||
|
dogpile.cache>=0.5.4
|
||||||
|
gunicorn>=0.14.6,<19
|
||||||
|
netaddr>=0.7.7
|
||||||
|
eventlet>=0.9.17
|
||||||
|
requests>=0.14.1,<=1.2.0
|
||||||
|
greenlet>=0.4.0
|
||||||
|
|
Loading…
Reference in New Issue