diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..777d4c0 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,3 @@ +exclude_paths: + - templates/ + - .ansible-lint diff --git a/dockerservice.yml b/dockerservice.yml index 8f5da6e..20414e5 100644 --- a/dockerservice.yml +++ b/dockerservice.yml @@ -6,7 +6,7 @@ become: true vars_files: - - inventories/host_vars/docker_service.yml + - inventories/host_vars/dockerservice.yml - inventories/host_vars/networks.yml handlers: @@ -21,6 +21,10 @@ ansible.builtin.import_tasks: file: tasks/all/main.yml + - name: Mount docker + ansible.builtin.import_tasks: + file: tasks/dockerservice/mount_docker.yml + - name: Install Docker(ce) ansible.builtin.import_role: name: geerlingguy.docker @@ -34,9 +38,20 @@ docker_users: - hayato - - name: Mount skylark + - name: Put Docker config + ansible.builtin.template: + src: templates/dockerservice/etc/docker/daemon.json.j2 + dest: /etc/docker/daemon.json + owner: root + group: root + mode: '0644' + notify: "Restart docker" + + - name: "Predefined docker-compose up" ansible.builtin.import_tasks: - file: tasks/dockerservice/mount_docker.yml + file: tasks/dockerservice/docker_compose_exec.yml + tags: + - docker - name: Install/Config Zramswap ansible.builtin.import_tasks: diff --git a/inventories/host_vars/docker_service.yml b/inventories/host_vars/dockerservice.yml similarity index 93% rename from inventories/host_vars/docker_service.yml rename to inventories/host_vars/dockerservice.yml index b074468..7a16456 100644 --- a/inventories/host_vars/docker_service.yml +++ b/inventories/host_vars/dockerservice.yml @@ -22,6 +22,10 @@ services_start: dockerdir: UUID: "6db90b73-6dbd-4c00-9b13-724f0cb4e636" +docker_network: + base: "172.18.0.0/12" + size: "24" + firewall: policy: deny allow_rules: diff --git a/inventories/host_vars/jenkins.yml b/inventories/host_vars/jenkins.yml index 3902830..4357e34 100644 --- a/inventories/host_vars/jenkins.yml +++ b/inventories/host_vars/jenkins.yml @@ -33,7 +33,7 @@ jenkins: hostname: jenkins.hayaworld.home http_port: 8080 java_options: "-Djenkins.install.runSetupWizard=false" - pkg_url: "https://ftp.yz.yamagata-u.ac.jp/pub/misc/jenkins/debian" + pkg_url: "http://jenkins-deb.hayaworld.home/" plugins: - build-timeout - discord-notifier diff --git a/inventories/host_vars/rui/CNAME.yml b/inventories/host_vars/rui/CNAME.yml new file mode 100644 index 0000000..51a4865 --- /dev/null +++ b/inventories/host_vars/rui/CNAME.yml @@ -0,0 +1,4 @@ +--- +cname: + - name: jenkins-deb.hayaworld.home + real: dockerservice.hayaworld.home diff --git a/requirements.yml b/requirements.yml index e2da767..dbb9096 100644 --- a/requirements.yml +++ b/requirements.yml @@ -10,4 +10,5 @@ roles: collections: - name: ansible.posix + - name: community.docker - name: community.general diff --git a/rui.yml b/rui.yml index 3555a88..8fc2f57 100644 --- a/rui.yml +++ b/rui.yml @@ -7,6 +7,7 @@ vars_files: - inventories/host_vars/rui/NXDOMAIN.yml + - inventories/host_vars/rui/CNAME.yml - inventories/host_vars/rui.yml - inventories/host_vars/networks.yml diff --git a/tasks/dockerservice/docker_compose_exec.yml b/tasks/dockerservice/docker_compose_exec.yml new file mode 100644 index 0000000..1d3ab25 --- /dev/null +++ b/tasks/dockerservice/docker_compose_exec.yml @@ -0,0 +1,27 @@ +--- +- name: "Install docker python module" + ansible.builtin.pip: + name: "docker" + break_system_packages: true + extra_args: "--upgrade" + +- name: "Copy docker-compose.yml to homedir" + ansible.builtin.copy: + src: templates/dockerservice/home/hayato/compose + dest: /home/hayato/ + owner: hayato + group: hayato + directory_mode: '0755' + mode: '0644' + +- name: "Create a reverse-proxy network" + community.docker.docker_network: + name: reverse-proxy + +- name: "Up Jenkins deb repository containers" + community.docker.docker_compose_v2: + project_src: "/home/hayato/compose/jenkins-deb/" + +- name: "Up Reverse Proxy containers" + community.docker.docker_compose_v2: + project_src: "/home/hayato/compose/reverseproxy/" diff --git a/tasks/rui/dnsmasq.yml b/tasks/rui/dnsmasq.yml index 5107ed6..5ad240e 100644 --- a/tasks/rui/dnsmasq.yml +++ b/tasks/rui/dnsmasq.yml @@ -26,6 +26,15 @@ mode: '0644' notify: "Restart dnsmasq" +- name: Add CNAME config + ansible.builtin.template: + src: templates/rui/etc/dnsmasq.d/cname.conf.j2 + dest: /etc/dnsmasq.d/cname.conf.j2 + owner: root + group: root + mode: '0644' + notify: "Restart dnsmasq" + - name: Add hosts(5) ansible.builtin.template: src: templates/rui/etc/hosts.j2 diff --git a/templates/dockerservice/etc/docker/daemon.json.j2 b/templates/dockerservice/etc/docker/daemon.json.j2 new file mode 100644 index 0000000..428b219 --- /dev/null +++ b/templates/dockerservice/etc/docker/daemon.json.j2 @@ -0,0 +1,8 @@ +{ + "default-address-pools" : [ + { + "base" : "{{ docker_network.base }}", + "size" : {{ docker_network.size }} + } + ] +} \ No newline at end of file diff --git a/templates/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml b/templates/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml new file mode 100644 index 0000000..4071311 --- /dev/null +++ b/templates/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml @@ -0,0 +1,18 @@ +services: + jenkins-deb-container: + container_name: jenkins-deb-container + image: nginx:latest + restart: always + stdin_open: true + tty: true + networks: + - reverse-proxy + volumes: + - jenkins_deb:/usr/share/nginx/html + +volumes: + jenkins_deb: + +networks: + reverse-proxy: + external: true diff --git a/templates/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml b/templates/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml new file mode 100644 index 0000000..eba07a6 --- /dev/null +++ b/templates/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml @@ -0,0 +1,17 @@ +services: + reverseProxy: + container_name: reverse-proxy + image: nginx:latest + restart: always + stdin_open: true + tty: true + ports: + - 80:80 + volumes: + - ./nginx.conf:/etc/nginx/nginx.conf:ro + networks: + - reverse-proxy + +networks: + reverse-proxy: + external: true diff --git a/templates/dockerservice/home/hayato/compose/reverseproxy/nginx.conf b/templates/dockerservice/home/hayato/compose/reverseproxy/nginx.conf new file mode 100644 index 0000000..d0b96aa --- /dev/null +++ b/templates/dockerservice/home/hayato/compose/reverseproxy/nginx.conf @@ -0,0 +1,34 @@ + +user nginx; +worker_processes auto; + +error_log /var/log/nginx/error.log notice; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + keepalive_timeout 65; + + server { + server_name jenkins-deb.hayaworld.home; + proxy_set_header Host $host; + listen 80; + location / { + proxy_pass http://jenkins-deb-container/; + } + } +} diff --git a/templates/rui/etc/dnsmasq.d/cname.conf.j2 b/templates/rui/etc/dnsmasq.d/cname.conf.j2 new file mode 100644 index 0000000..057eb8e --- /dev/null +++ b/templates/rui/etc/dnsmasq.d/cname.conf.j2 @@ -0,0 +1,3 @@ +{% for item in cname %} +cname={{ item.name }},{{ item.real }} +{% endfor %}