From a04b3cf1fda673dd7c7413a4019bef17edf46b8b Mon Sep 17 00:00:00 2001 From: Administrator Date: Tue, 14 Oct 2025 12:39:42 +0000 Subject: [PATCH] Update 10 files - /roles/proxmox_lxc/handlers/main.yml - /roles/proxmox_lxc/tasks/main.yml - /gateway-deploy.yml - /ansible.cfg - /roles/base_setup/tasks/ssh.yml - /group_vars/all.yml - /olimp-deploy.yml - /inventories/hosts.yml - /roles/base_setup/tasks/main.yml - /roles/base_setup/handlers/main.yml --- ansible.cfg | 9 ---- gateway-deploy.yml | 17 ------- group_vars/all.yml | 22 ++------- inventories/hosts.yml | 22 +-------- olimp-deploy.yml | 30 ++---------- roles/base_setup/handlers/main.yml | 11 +++-- roles/base_setup/tasks/main.yml | 27 +++++++---- roles/base_setup/tasks/ssh.yml | 21 --------- roles/proxmox_lxc/handlers/main.yml | 0 roles/proxmox_lxc/tasks/main.yml | 73 ----------------------------- 10 files changed, 36 insertions(+), 196 deletions(-) delete mode 100644 ansible.cfg delete mode 100644 gateway-deploy.yml delete mode 100644 roles/base_setup/tasks/ssh.yml delete mode 100644 roles/proxmox_lxc/handlers/main.yml delete mode 100644 roles/proxmox_lxc/tasks/main.yml diff --git a/ansible.cfg b/ansible.cfg deleted file mode 100644 index ca536d3..0000000 --- a/ansible.cfg +++ /dev/null @@ -1,9 +0,0 @@ -[defaults] -collections_path = /root/.ansible/collections:/usr/share/ansible/collections -inventory = inventories/hosts.yml -host_key_checking = False -remote_user = root -private_key_file = /root/.ssh/ansible_id_rsa - -[inventory] -enable_plugins = auto, yaml, toml \ No newline at end of file diff --git a/gateway-deploy.yml b/gateway-deploy.yml deleted file mode 100644 index 94df566..0000000 --- a/gateway-deploy.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Create Gateway LXC container - hosts: proxmox_servers - gather_facts: false - vars_files: - - vault.yml - roles: - - role: proxmox_lxc - tags: deploy_lxc - -- name: Deploy Gateway services - hosts: gateway_servers - vars_files: - - vault.yml - roles: - - role: gateway - tags: gateway_services \ No newline at end of file diff --git a/group_vars/all.yml b/group_vars/all.yml index 685e717..f154eab 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -24,20 +24,8 @@ base_packages: - dnsutils - iputils-ping - traceroute - -# SSH ключи -ssh_public_keys: - - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCbvnGZxQEGYuScClONbkbfVn2+Uo1kYYztXqMf9ku1lHkw+7IZa00LOMwv7QGBRvrtBcw+TWqaMst5FZ3R6oWcQc+nkBEYoRXe4f3AuuFAl9C9F6sEYM8fX6mAHIlWQhFyVslazZtVTQwnfRV0rnbtCduCu9liywM3fShFqBVwq7Y4nBjG648Zq+VfCHpbBE9XkZaMDyeOXdtppmLetywnBS33mbXMDgH09PMlRz097xfZLkpFdSi8WtDOtKSBiEHtZ+H0EZ42Cda2xMnqlgVtPxWGUirvv6CvDyTmuMzrjALZoSKhl3iD6Szd1YOJcAw6bv9gbJKxPkZchrB65ZXT ZailonOlimp" - - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvRBW+2Xpck2tznhWJyls5J/4wUoVYdyFM6JTU7uogK ansible@olimp" - -# Настройки контейнеров -containers: - - vmid: 221 - hostname: gateway - ip: 192.168.1.221 - template_path: "/mnt/pve/vmbackup/template/cache/ubuntu-24.04-standard_24.04-2_amd64.tar.zst" - storage: "vmsystem" - disk_size: 5 - cores: 1 - memory: 2048 - swap: 512 \ No newline at end of file +# Дополнительные настройки +system_scripts: [] +custom_directories: + - /opt/scripts + - /etc/apt/keyrings \ No newline at end of file diff --git a/inventories/hosts.yml b/inventories/hosts.yml index 8e4d555..070456c 100644 --- a/inventories/hosts.yml +++ b/inventories/hosts.yml @@ -1,20 +1,2 @@ -all: - children: - proxmox_server: - hosts: - proxmox: - ansible_host: 192.168.1.200 - ansible_user: root - - gateway_server: - hosts: - gateway: - ansible_host: 192.168.1.221 - ansible_user: root - - # Остальные хосты добавим позже - # database: - # hosts: - # database: - # ansible_host: 192.168.1.222 - # ansible_user: root \ No newline at end of file +[infra] +gateway ansible_host=192.168.1.221 int_ip=192.168.1.221 \ No newline at end of file diff --git a/olimp-deploy.yml b/olimp-deploy.yml index f6a3bc5..d043834 100644 --- a/olimp-deploy.yml +++ b/olimp-deploy.yml @@ -1,28 +1,4 @@ --- -- name: Deploy Olimp Infrastructure - hosts: localhost - gather_facts: false - vars_files: - - vault.yml - - tasks: - - name: Include gateway deployment - include_tasks: gateway-deploy.yml - tags: gateway - - - name: Display deployment summary - debug: - msg: | - Olimp Infrastructure deployed successfully! - - Gateway Services: - - Heimdall: http://192.168.1.221:45131 - - NPM Admin: http://192.168.1.221:81 - - Next steps: - 1. Configure NPM proxy hosts - 2. Deploy database host (222) - 3. Deploy media host (223) - when: > - 'deploy_lxc' in ansible_run_tags or - 'gateway_services' in ansible_run_tags \ No newline at end of file +- hosts: all + roles: + - {role: base_setup, tags: deploy_base } \ No newline at end of file diff --git a/roles/base_setup/handlers/main.yml b/roles/base_setup/handlers/main.yml index 25a256f..e694ce5 100644 --- a/roles/base_setup/handlers/main.yml +++ b/roles/base_setup/handlers/main.yml @@ -1,5 +1,8 @@ --- -- name: restart ssh - service: - name: ssh - state: restarted \ No newline at end of file +- name: Reboot system + reboot: + msg: "Reboot triggered by base setup" + connect_timeout: 5 + reboot_timeout: 300 + pre_reboot_delay: 0 + post_reboot_delay: 30 \ No newline at end of file diff --git a/roles/base_setup/tasks/main.yml b/roles/base_setup/tasks/main.yml index 6fc398b..937a0de 100644 --- a/roles/base_setup/tasks/main.yml +++ b/roles/base_setup/tasks/main.yml @@ -1,6 +1,7 @@ --- -- name: Update apt package cache +- name: Update and upgrade apt packages apt: + upgrade: yes update_cache: yes cache_valid_time: 3600 @@ -8,19 +9,29 @@ apt: name: "{{ base_packages }}" state: present + update_cache: yes -- name: Set timezone +- name: Configure timezone timezone: name: "{{ timezone }}" -- name: Set system locale +- name: Configure locale locale_gen: name: "{{ system_locale }}" state: present -- name: Ensure hostname is set correctly - hostname: - name: "{{ inventory_hostname }}" +- name: Set default locale + lineinfile: + path: /etc/default/locale + line: "LANG={{ system_locale }}" + state: present + create: yes -- name: Include SSH configuration - include_tasks: ssh.yml \ No newline at end of file +- name: Ensure required directories exist + file: + path: "{{ item }}" + state: directory + mode: 0755 + loop: + - /opt/scripts + - /etc/apt/keyrings \ No newline at end of file diff --git a/roles/base_setup/tasks/ssh.yml b/roles/base_setup/tasks/ssh.yml deleted file mode 100644 index 20527d7..0000000 --- a/roles/base_setup/tasks/ssh.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Disable SSH password authentication - lineinfile: - path: /etc/ssh/sshd_config - regexp: '^#?PasswordAuthentication' - line: 'PasswordAuthentication no' - state: present - notify: restart ssh - -- name: Ensure SSH directory exists - file: - path: /root/.ssh - state: directory - mode: '0700' - -- name: Add SSH public keys for root access - authorized_key: - user: root - key: "{{ item }}" - state: present - loop: "{{ ssh_public_keys }}" \ No newline at end of file diff --git a/roles/proxmox_lxc/handlers/main.yml b/roles/proxmox_lxc/handlers/main.yml deleted file mode 100644 index e69de29..0000000 diff --git a/roles/proxmox_lxc/tasks/main.yml b/roles/proxmox_lxc/tasks/main.yml deleted file mode 100644 index 602c8bc..0000000 --- a/roles/proxmox_lxc/tasks/main.yml +++ /dev/null @@ -1,73 +0,0 @@ ---- -- name: Check if container already exists - shell: pct list | grep "{{ item.vmid }}" || true - register: container_check - delegate_to: proxmox - loop: "{{ containers }}" - loop_control: - label: "{{ item.hostname }}" - -- name: Create temporary SSH keys file on Proxmox - copy: - content: "{{ ssh_public_keys | join('\n') }}" - dest: "/tmp/ssh_keys_{{ item.vmid }}.txt" - mode: '0644' - delegate_to: proxmox - loop: "{{ containers }}" - when: "item.vmid not in container_check.results[0].stdout" - loop_control: - label: "{{ item.hostname }}" - -- name: Create LXC containers - shell: | - pct create {{ item.vmid }} \ - "{{ item.template_path }}" \ - --rootfs {{ item.storage }}:{{ item.disk_size }} \ - --cores {{ item.cores }} \ - --memory {{ item.memory }} \ - --swap {{ item.swap }} \ - --hostname {{ item.hostname }} \ - --net0 name=eth0,bridge=vmbr0,ip={{ item.ip }}/24,gw=192.168.1.1 \ - --storage {{ item.storage }} \ - --password "{{ proxmox_root_password }}" \ - --unprivileged 0 \ - --features nesting=1 \ - --ssh-public-keys /tmp/ssh_keys_{{ item.vmid }}.txt \ - --start 1 - args: - executable: /bin/bash - delegate_to: proxmox - loop: "{{ containers }}" - when: "item.vmid not in container_check.results[0].stdout" - loop_control: - label: "{{ item.hostname }}" - -- name: Remove temporary SSH keys files - file: - path: "/tmp/ssh_keys_{{ item.vmid }}.txt" - state: absent - delegate_to: proxmox - loop: "{{ containers }}" - loop_control: - label: "{{ item.hostname }}" - -- name: Configure LXC for Docker support - shell: | - pct set {{ item.vmid }} -lxc.apparmor.profile=unconfined - pct set {{ item.vmid }} -lxc.cgroup.devices.allow=a - pct set {{ item.vmid }} -lxc.cap.drop= - delegate_to: proxmox - loop: "{{ containers }}" - loop_control: - label: "{{ item.hostname }}" - -- name: Wait for containers to be ready - wait_for: - host: "{{ item.ip }}" - port: 22 - timeout: 120 - delay: 10 - delegate_to: localhost - loop: "{{ containers }}" - loop_control: - label: "{{ item.hostname }}" \ No newline at end of file