Setup Ansible (#1)

* Complete Ansible hello world

Signed-off-by: GitHub <[email protected]>

* Test installing Docker

Signed-off-by: GitHub <[email protected]>

* Tell Ansible to become

Signed-off-by: GitHub <[email protected]>

* Test linting CI

Signed-off-by: GitHub <[email protected]>

* Trim tailing whitespace

Signed-off-by: GitHub <[email protected]>

* Ignore 'don't use 'latest'' warning

Signed-off-by: GitHub <[email protected]>

* Ignore files generated by Python packaging

Signed-off-by: GitHub <[email protected]>

* Setup pre-commit

Signed-off-by: GitHub <[email protected]>

* Setup Dependabot

Signed-off-by: GitHub <[email protected]>

* Fix self

Signed-off-by: GitHub <[email protected]>

* Test out yamllint

Signed-off-by: GitHub <[email protected]>

* Remove SSH vars from inventory

Signed-off-by: GitHub <[email protected]>

* Rename host

Signed-off-by: GitHub <[email protected]>

* Bump Ubuntu from Focal to Jammy

Signed-off-by: GitHub <[email protected]>

* Don't update cache when installing individual packages

Signed-off-by: GitHub <[email protected]>

* Add a common group to make sure all packages are up to date

Signed-off-by: GitHub <[email protected]>

---------

Signed-off-by: GitHub <[email protected]>

.github/dependabot.yaml

@@ -0,0 +1,14 @@
+---
+version: 2
+updates:
+  - package-ecosystem: devcontainers
+    directory: /
+    schedule:
+      interval: monthly
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: monthly
+    groups:
+      ci-dependencies:
+        patterns: ['*']

.github/workflows/lint-ansible.yaml

@@ -0,0 +1,25 @@
+---
+name: Lint Ansible playbooks
+on:
+  push:
+    branches: [main]
+  pull_request:
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11  # v4.1.1
+      - name: Setup Python
+        uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c  # v5.0.0
+        with:
+          python-version: 3.x
+          allow-prereleases: true
+          cache: pip
+          cache-dependency-path: pyproject.toml
+      - name: Install dependencies
+        run: python -m pip install .[ansible,lint_ansible]
+      - name: Run ansible lint
+        run: |-
+          cd ansible
+          ansible-lint --offline

.github/workflows/lint.yaml

@@ -0,0 +1,9 @@
+---
+name: Lint
+on:
+  push:
+    branches: [main]
+  pull_request:
+jobs:
+  pre-commit:
+    uses: darbiadev/.github/.github/workflows/generic-precommit.yaml@29197a38ef3741064f47b623ede0c1ad22402c57  # v13.0.3

.gitignore

@@ -0,0 +1,2 @@
+# Python generated files
+*.egg-info

.pre-commit-config.yaml

@@ -0,0 +1,18 @@
+---
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.6.0
+    hooks:
+      - id: check-case-conflict
+      - id: check-merge-conflict
+      - id: check-yaml
+      - id: trailing-whitespace
+        args: [--markdown-linebreak-ext=md]
+      - id: mixed-line-ending
+        args: [--fix=lf]
+      - id: end-of-file-fixer
+        exclude: .devcontainer/devcontainer-lock.json
+  - repo: https://github.com/lyz-code/yamlfix/
+    rev: 1.16.0
+    hooks:
+      - id: yamlfix

README.md

@@ -1,2 +1,3 @@
 # infrastructure
+
 Infrastructure for Tailstory

ansible/.ansible-lint

@@ -0,0 +1,2 @@
+---
+skip_list: [package-latest]

ansible/ansible.cfg

@@ -0,0 +1,6 @@
+[defaults]
+inventory = inventory/hosts.yaml
+
+[privilege_escalation]
+become = yes
+become_ask_pass = yes

ansible/inventory/hosts.yaml

@@ -0,0 +1,5 @@
+---
+all:
+  hosts:
+    maddison:
+      ansible_host: maddison.box.tailstory.dev

ansible/playbook.yaml

@@ -0,0 +1,4 @@
+---
+- name: Deploy common services
+  hosts: all
+  roles: [common, docker]

ansible/roles/common/tasks/main.yaml

@@ -0,0 +1,6 @@
+---
+- name: Update all packages to their latest version
+  ansible.builtin.apt:
+    name: '*'
+    state: latest
+    update_cache: true

ansible/roles/docker/tasks/main.yaml

@@ -0,0 +1,21 @@
+---
+- name: Install aptitude
+  ansible.builtin.apt:
+    name: aptitude
+    state: latest
+- name: Install required system packages
+  ansible.builtin.apt:
+    pkg: [ca-certificates, curl]
+    state: latest
+- name: Add Docker GPG apt Key
+  ansible.builtin.apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+- name: Add Docker Repository
+  ansible.builtin.apt_repository:
+    repo: deb https://download.docker.com/linux/ubuntu jammy stable
+    state: present
+- name: Update apt and install docker-ce
+  ansible.builtin.apt:
+    name: docker-ce
+    state: latest

pyproject.toml

@@ -0,0 +1,34 @@
+[project]
+name = "infrastructure"
+version = "0.0.0" # explicity non-versioned
+description = "Infrastructure for Tailstory"
+authors = [
+    { name = "Bradley Reynolds", email = "[email protected]" },
+]
+license = { text = "MIT" }
+readme = "README.md"
+requires-python = ">=3.10"
+dependencies = [
+]
+
+[project.urls]
+repository = "https://github.com/tailstory/infrastructure"
+
+[project.optional-dependencies]
+ansible = [
+    "ansible>=9.4.0",
+]
+lint_ansible = [
+     "ansible-lint>=24.2.2; platform_system != 'Windows'",
+]
+
+[build-system]
+requires = ["setuptools", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[tool.setuptools]
+packages = [] # no python packages
+
+# I want this, but it adds random indents which cause syntax errors
+# [tool.yamlfix]
+# explicit_start = false