15 changed files with 209 additions and 2 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -0,0 +1,24 @@
+---
+kind: pipeline
+type: docker
+name: pull_request
+image_pull_secrets:
+  - dockerconfigjson
+
+steps:
+  - name: lint yaml
+    image: registry.fedy95.com/baseimage-yamllint:latest
+    commands:
+      - yamllint -c /yamllint/relaxed.yaml group_vars/all.yml
+      - yamllint -c /yamllint/relaxed.yaml roles/common/tasks/main.yml
+      - yamllint -c /yamllint/relaxed.yaml roles/docker/defaults/main.yml
+      - yamllint -c /yamllint/relaxed.yaml roles/docker/handlers/main.yml
+      - yamllint -c /yamllint/relaxed.yaml roles/docker/tasks/docker.yml
+      - yamllint -c /yamllint/relaxed.yaml roles/docker/tasks/docker-compose.yml
+      - yamllint -c /yamllint/relaxed.yaml roles/docker/tasks/main.yml
+      - yamllint -c /yamllint/relaxed.yaml roles/docker/vars/main.yml
+      - yamllint -c /yamllint/relaxed.yaml .drone.yml
+      - yamllint -c /yamllint/relaxed.yaml ansible-desktop.yml
+    when:
+      event: pull_request
+...
--- a/29
+++ b/29
@ -0,0 +1,29 @@
+MAKEFLAGS += --silent
+.PHONY: *
+
+REGISTRY=registry.fedy95.com
+YAMLLINT_TAG=baseimage-yamllint:latest
+
+lint: lint-yaml
+
+LINT-YAML-CMD=docker run --rm -it -v $(PWD):/data ${REGISTRY}/${YAMLLINT_TAG}
+lint-yaml:
+	docker pull ${REGISTRY}/${YAMLLINT_TAG}
+	$(LINT-YAML-CMD) group_vars/all.yml
+	$(LINT-YAML-CMD) roles/common/tasks/main.yml
+	$(LINT-YAML-CMD) roles/docker/defaults/main.yml
+	$(LINT-YAML-CMD) roles/docker/handlers/main.yml
+	$(LINT-YAML-CMD) roles/docker/tasks/docker.yml
+	$(LINT-YAML-CMD) roles/docker/tasks/docker-compose.yml
+	$(LINT-YAML-CMD) roles/docker/tasks/main.yml
+	$(LINT-YAML-CMD) roles/docker/vars/main.yml
+	$(LINT-YAML-CMD) .drone.yml
+	$(LINT-YAML-CMD) ansible-desktop.yml
+
+run:
+	ansible-playbook ansible-desktop.yml -i hosts --ask-become-pass
+
+ping:
+	ansible -i hosts all -m ping
+
+.DEFAULT_GOAL := lint
--- a/README.md
+++ b/README.md
@ -1,3 +1,7 @@
-### template [![Build Status](https://drone.fedy95.com/api/badges/infra/template/status.svg)](https://drone.fedy95.com/infra/template)
+### ansible-servers [![Build Status](https://drone.fedy95.com/api/badges/infra/ansible-servers/status.svg)](https://drone.fedy95.com/infra/ansible-servers)

-Base repository for new infra-repos
+### docs
+- [ansible](https://www.ansible.com/)
+
+### how to run
+- see Makefile
--- a/ansible-desktop.yml
+++ b/ansible-desktop.yml
@ -0,0 +1,7 @@
+---
+- name: Base playbook
+  hosts: docker-units
+  roles:
+    - { role: common, become: true }
+    - { role: docker, become: true }
+...
--- a/ansible.cfg
+++ b/ansible.cfg
@ -0,0 +1,6 @@
+[defaults]
+hostfile = hosts
+nocows = 1
+
+[privilege_escalation]
+become_method = sudo
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@ -0,0 +1,5 @@
+---
+aptcachetime: 3600
+locale: "en_US.UTF-8"
+timezone: "Europe/Moscow"
+...
--- a/8
+++ b/8
@ -0,0 +1,8 @@
+[docker-units]
+10.10.10.6
+192.168.1.151
+
+[docker-units:vars]
+ansible_connection=ssh
+ansible_ssh_private_key_file=/home/fedy95/.ssh/id_rsa
+ansible_user=fedy95
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@ -0,0 +1,28 @@
+---
+- name: Ensure the system can use the HTTPS transport for APT
+  stat: path=/usr/lib/apt/methods/https
+  register: apt_https_transport
+
+- name: Install HTTPS transport for APT
+  apt: pkg=apt-transport-https state=installed
+  when: not apt_https_transport.stat.exists
+
+- name: Enable all repositories in sources.list
+  replace: dest=/etc/apt/sources.list regexp='^#\s?deb(.+)http://(.+)/ubuntu(.+)$' replace='deb\1http://\2/ubuntu\3' backup=yes
+
+- name: Ensure that Aptitude repositories are up to date
+  apt:
+    update_cache: yes
+    cache_valid_time: "{{ aptcachetime }}"
+
+- name: Install common packages
+  apt:
+    name: "{{ item }}"
+    state: latest
+    update_cache: yes
+    cache_valid_time: "{{ aptcachetime }}"
+  loop: [ 'git', 'make', 'nano', 'net-tools' ]
+
+- name: Upgrade installed packages
+  apt: upgrade=yes
+...
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@ -0,0 +1,5 @@
+---
+docker:
+  start: false
+  service_enabled: no
+...
--- a/roles/docker/handlers/main.yml
+++ b/roles/docker/handlers/main.yml
@ -0,0 +1,4 @@
+---
+- name: Restart Docker
+  service: "name=docker state={{ docker_restart_handler_state }}"
+...
--- a/roles/docker/tasks/docker-compose.yml
+++ b/roles/docker/tasks/docker-compose.yml
@ -0,0 +1,24 @@
+---
+- name: Check current docker-compose version
+  command: "{{ docker_compose_bin }} --version"
+  register: docker_compose_current_version
+  changed_when: false
+  failed_when: false
+
+- name: Renew existing docker-compose version if it's different
+  file:
+    path: "{{ docker_compose_bin }}"
+    state: absent
+  when: >
+    docker_compose_current_version.stdout is defined
+    and docker_compose_version not in docker_compose_current_version.stdout
+
+- name: Install Docker Compose
+  get_url:
+    url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
+    dest: "{{ docker_compose_bin }}"
+    mode: 0755
+  when: >
+    docker_compose_current_version.stdout is not defined
+    or docker_compose_version not in docker_compose_current_version.stdout
+...
--- a/roles/docker/tasks/docker.yml
+++ b/roles/docker/tasks/docker.yml
@ -0,0 +1,52 @@
+---
+- name: Update apt cache
+  apt:
+    update_cache: yes
+    cache_valid_time: "{{ aptcachetime }}"
+
+- name: Upgrade all apt packages
+  apt: upgrade=dist
+
+- name: Install docker packages
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+  loop:
+    - 'apt-transport-https'
+    - 'ca-certificates'
+    - 'curl'
+    - 'gnupg'
+    - 'lsb-release'
+
+- name: Add Docker GPG key
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+
+- name: Add deb repository
+  apt_repository:
+    repo: deb https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
+    state: present
+    update_cache: yes
+
+- name: Install docker
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+  loop:
+    - 'docker-ce'
+    - 'docker-ce-cli'
+    - 'containerd.io'
+
+- name: Ensure docker users are added to the docker group.
+  user:
+    name: "{{ item }}"
+    groups: docker
+    append: true
+  with_items: "{{ ansible_env.USER }}"
+
+- name: "Ensure Docker is {{ docker.start | ternary('started','stopped') }}"
+  service: name=docker state={{ docker.start | ternary('restarted','stopped') }} enabled={{ docker.service_enabled }}
+...
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@ -0,0 +1,4 @@
+---
+- include_tasks: docker.yml
+- include_tasks: docker-compose.yml
+...
--- a/roles/docker/vars/main.yml
+++ b/roles/docker/vars/main.yml
@ -0,0 +1,4 @@
+---
+docker_compose_version: "1.29.1"
+docker_compose_bin: "/usr/local/bin/docker-compose"
+...
--- a/run.sh
+++ b/run.sh
@ -0,0 +1,3 @@
+#!/bin/sh
+
+ansible-playbook ansible-desktop.yml -i hosts --ask-become-pass