Compare commits
4 Commits
Author | SHA1 | Date | |
---|---|---|---|
9df47229c7 | |||
991a221b20 | |||
3be2bf2e0b | |||
1835fb7b2d |
10
.ansible/inventory
Normal file
10
.ansible/inventory
Normal file
@ -0,0 +1,10 @@
|
||||
[all:vars]
|
||||
ansible_user='debian'
|
||||
ansible_become=yes
|
||||
ansible_become_method=sudo
|
||||
ansible_python_interpreter='/usr/bin/env python3'
|
||||
project='CyfroweAukcje'
|
||||
main_packages="vim, vim-common, curl, wget"
|
||||
|
||||
[servers]
|
||||
# example1 ansible_host=ip ansible_port=65522
|
39
.ansible/playbook.yml
Normal file
39
.ansible/playbook.yml
Normal file
@ -0,0 +1,39 @@
|
||||
---
|
||||
- name: System preconfiguration
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Prepare motd
|
||||
template:
|
||||
src: templates/motd.jinja
|
||||
dest: /etc/motd
|
||||
- name: Trusted ca
|
||||
template:
|
||||
src: templates/trusted-user-ca-keys.pem
|
||||
dest: /etc/ssh/trusted-user-ca-keys.pem
|
||||
- name: Configure sshd
|
||||
template:
|
||||
src: templates/sshd_config
|
||||
dest: /etc/ssh/sshd_config
|
||||
- name: Restart sshd service
|
||||
systemd:
|
||||
name: sshd
|
||||
state: reloaded
|
||||
|
||||
- name: Upgrade system
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Update apt-get repo and cache
|
||||
apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
|
||||
- name: Upgrade all apt packages
|
||||
apt: upgrade=dist force_apt_get=yes
|
||||
- name: Remove dependencies that are no longer required
|
||||
apt:
|
||||
autoremove: yes
|
||||
|
||||
- name: Install my packages
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Install main packages
|
||||
apt:
|
||||
name: "{{ main_packages }}"
|
||||
state: present
|
14
.ansible/templates/motd.jinja
Normal file
14
.ansible/templates/motd.jinja
Normal file
@ -0,0 +1,14 @@
|
||||
_____
|
||||
/ \
|
||||
vvvvvvv /|__/|
|
||||
I /O,O |
|
||||
I /_____ | /|/|
|
||||
J|/^ ^ ^ \ | /00 | _//|
|
||||
|^ ^ ^ ^ |W| |/^^\ | /oo |
|
||||
\m___m__|_| \m_m_| \mm_|
|
||||
|
||||
======================================: cynarski.dev
|
||||
|
||||
Development by ansible for {{project}}
|
||||
|
||||
====================================================:
|
9
.ansible/templates/sshd_config
Normal file
9
.ansible/templates/sshd_config
Normal file
@ -0,0 +1,9 @@
|
||||
Port 65522
|
||||
PasswordAuthentication no
|
||||
ChallengeResponseAuthentication yes
|
||||
UsePAM yes
|
||||
X11Forwarding yes
|
||||
PrintMotd no
|
||||
AcceptEnv LANG LC_*
|
||||
Subsystem sftp /usr/lib/openssh/sftp-server
|
||||
TrustedUserCAKeys /etc/ssh/trusted-user-ca-keys.pem
|
1
.ansible/templates/trusted-user-ca-keys.pem
Normal file
1
.ansible/templates/trusted-user-ca-keys.pem
Normal file
@ -0,0 +1 @@
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCazcKMgWAnC5ignX4kt1gjVmZ/L0Sl+SYVn7UIIIydwFdmnlpEjzC4leZegSHTgb8VmhPGFzsM6wLw7zNr2cW2J32q4RtScaez1lU6+fApX3SNWu5kUPsuraNWoQTbWjEQKRyHae8B/F2L8lsirRflgIe9qtUMVFAZBJppsKIjPMACGCTo++Dp+VJT7pseXyx7BEHee582xZi1SJVvlDFsPaWJja/aEhJZSlryBRGF/1tkRsOG98XID0jaNKcBDPN199ZKsrZDG18Sw33GG7qaVMQubMJrJ7uTD1wzgFRBqcU4/XC4HLpD+2klrel67lAphuCqQVWpmTuZwEVlieexywsMrYliV7X+aMBVE5lC0z7oi/f1slV1XAAc4VpCF1yQS5VuCJmaXNYFMSp9GNPLU1pIW5hmBanfVRDk1m6UIyK7rlA15jtb8A/cRexAvcmmPG7tyzWFh3hTrsNpYxUEvcqbg2MFnbDRmpyfQ+Qd/nybIuyGhoviTzxRUeH+NNm4Zss8eZoR0SS//QL1wQjKhpQ5v75gHALrPoISsA/mWVI3wkMbCCdZekwLuqzmuKp9UmlNYTWuHK/+GJLrK7mOMHf/EzMEQ0rNzp4l/7/quoxFwjvPecUg1tr6L9KaFWLUUPeA2yLQccn9hoiKczLElXlt+gVksye5JPUbUFfkKQ==
|
45
.drone.yml
45
.drone.yml
@ -2,31 +2,28 @@ kind: pipeline
|
||||
name: default
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: plugins/hugo
|
||||
- name: check ansible syntax
|
||||
image: paramah/drone-ansible
|
||||
settings:
|
||||
pull: always
|
||||
url:
|
||||
from_secret: domain
|
||||
validate: true
|
||||
|
||||
- name: deploy
|
||||
image: appleboy/drone-scp
|
||||
settings:
|
||||
host:
|
||||
from_secret: ssh_host
|
||||
target:
|
||||
from_secret: site_path
|
||||
source: public/*
|
||||
username:
|
||||
from_secret: ssh_username
|
||||
password:
|
||||
from_secret: ssh_password
|
||||
port:
|
||||
from_secret: ssh_port
|
||||
playbook: .ansible/playbook.yml
|
||||
inventory: .ansible/inventory
|
||||
syntax_check: true
|
||||
when:
|
||||
branch:
|
||||
- master
|
||||
event:
|
||||
exclude:
|
||||
- pull_request
|
||||
- push
|
||||
|
||||
- name: apply ansible playbook
|
||||
image: paramah/drone-ansible
|
||||
environment:
|
||||
ANSIBLE_STRATEGY_PLUGINS: /usr/lib/python3.8/site-packages/ansible_mitogen/plugins/strategy
|
||||
ANSIBLE_STRATEGY: mitogen_linear
|
||||
settings:
|
||||
playbook: .ansible/playbook.yml
|
||||
inventory: .ansible/inventory
|
||||
private_key:
|
||||
from_secret: ansible_private_key
|
||||
verbose: 1
|
||||
when:
|
||||
event:
|
||||
- tag
|
@ -1,19 +0,0 @@
|
||||
# Drone hugo
|
||||
|
||||
## Użycie
|
||||
|
||||
```
|
||||
cat ${args[0]} |awk -F\= '{system("drone secret add --repository='${args[1]}' --name="$1 " --data="$2)}'
|
||||
```
|
||||
|
||||
Wymagane zmienne:
|
||||
|
||||
```
|
||||
domain=
|
||||
site_path=
|
||||
ssh_host=
|
||||
ssh_username=
|
||||
ssh_password=
|
||||
ssh_port=
|
||||
```
|
||||
|
Loading…
Reference in New Issue
Block a user