spanskiduh
/
forc_ad_automated
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Lets fucking go

main
Gasper Spagnolo 2022-11-08 21:19:47 +01:00
parent a8bd509bf3
commit c01e07e838
11 changed files with 215 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -27,16 +27,6 @@ You shuold firstly specify server in the `invenvtory` file. Then start the root
## Todo: ## Todo:
> So heh, plan is fist run ansible script to setup main server, then when everything is setup, run another ansible script inisde host (wich only one has access to all services)
- So from remoe:
* setup lxc
* setup python
* setup ansible
* copy ansible files to host
* start new ansible script inside ansible script
- Then on host
* maybe firstly create a wireguard lxc container (inside it docker running wireguard) and forward it to host (create `N(teams)*M(players` configurations) (NOT THE BEST THINIKING MUST FIGURE OUT BETTER) then create N containers with docker services started
* then create another lxc container for FORCAD and set it up
- [x] create N teams - [x] create N teams
- [x] fix docker installation - [x] fix docker installation

40
containers_init/deploy_forcad.yml
View File

@ -1,5 +1,5 @@
--- ---
- name: Setup ForcAD infra - name: Setup team Virtual machines
hosts: localhost hosts: localhost
become: true become: true
vars_files: vars_files:
@ -11,20 +11,20 @@
private: false private: false
tasks: tasks:
- name: Setup team lxc containers and services - name: Setup team lxc virtual machines and services
include_role: include_role:
name: lxd_teams name: lxd_teams
tasks_from: main tasks_from: main
- name: Setup ForcAD infra - name: Setup team services
hosts: just_created hosts: just_created
become: true become: true
connection: lxd connection: ssh
vars_files: vars_files:
- './vars/main.yml' - './vars/main.yml'
tasks: tasks:
- name: Install docker on all containers - name: Install docker on all vms
include_role: include_role:
name: docker name: docker
tasks_from: main tasks_from: main
@ -34,3 +34,33 @@
name: services name: services
tasks_from: main tasks_from: main
- name: Setup main ForcAD vm
hosts: localhost
become: true
vars_files:
- './vars/main.yml'
tasks:
- name: Setup main ForcAD vm
include_role:
name: lxd_forcad
tasks_from: main
- name: Setup ForcAD infra
hosts: main_forcad_group
become: true
connection: ssh
vars_files:
- './vars/main.yml'
tasks:
- name: Install docker on all containers
include_role:
name: docker
tasks_from: main
- name: Setup forcAD
include_role:
name: forcad
tasks_from: main

7
containers_init/requirements.yml
View File

@ -5,3 +5,10 @@ collections:
- name: community.general - name: community.general
version: '5.6.0' version: '5.6.0'
- name: community.crypto
version: '2.8.1'
- name: ansible.posix
version: '1.4.0'

22
containers_init/roles/forcad/tasks/main.yml
View File

@ -1,4 +1,12 @@
--- ---
- name: Make sure python and python-venv are installed
ansible.builtin.apt:
pkg:
- tar
- unzip
- python3
- python3-venv
- virtualenv
- name: Create forcAD directory - name: Create forcAD directory
ansible.builtin.file: ansible.builtin.file:
@ -21,12 +29,6 @@
ansible.builtin.set_fact: ansible.builtin.set_fact:
forc_ad_directory: "{{ forc_ad_directory }}/{{ forc_ad_zipfile.split('.z')[0] }}" forc_ad_directory: "{{ forc_ad_directory }}/{{ forc_ad_zipfile.split('.z')[0] }}"
- name: Make sure python and python-venv are installed
ansible.builtin.apt:
pkg:
- python3
- python3-venv
- name: Create venv - name: Create venv
ansible.builtin.pip: ansible.builtin.pip:
requirements: "{{ item }}" requirements: "{{ item }}"
@ -44,7 +46,13 @@
- name: Generate n teams - name: Generate n teams
set_fact: teams="{{ teams|default([]) + [ item ] }}" set_fact: teams="{{ teams|default([]) + [ item ] }}"
loop: "{{ range(1, n_teams|int + 1 , 1) | list }}" loop: "{{ range(0, n_teams|int , 1) | list }}"
- set_fact:
teams_ip: "{{ groups.just_created|
map('extract', hostvars, 'ansible_all_ipv4_addresses')|
map('first')|
list }}"
- name: Copy forcAD config - name: Copy forcAD config
ansible.builtin.template: ansible.builtin.template:

2
containers_init/roles/forcad/templates/config.yml.j2
View File

@ -40,7 +40,7 @@ tasks:
teams: teams:
{% for team in teams %} {% for team in teams %}
- ip: 192.168.1.{{ team }} - ip: {{ teams_ip[team] }}
name: "Team {{ team }}" name: "Team {{ team }}"
highlighted: true highlighted: true
{% endfor %} {% endfor %}

67
containers_init/roles/lxd_forcad/tasks/main.yml Normal file
View File

@ -0,0 +1,67 @@
---
- name: "Create MAIN forcAD vm"
community.general.lxd_container:
name: "main-forcad-vm"
ignore_volatile_options: true
state: started
type: virtual-machine
source:
protocol: simplestreams
type: image
mode: pull
server: https://images.linuxcontainers.org
alias: ubuntu/22.04/cloud
profiles: ["default"]
wait_for_ipv4_addresses: true
timeout: 600
register: lxc_container_create_output
- name: Make sure ssh_keys directory exists
ansible.builtin.file:
path: /root/ssh_keys
state: directory
mode: '0755'
- name: Generate an OpenSSH keypair with the default values (4096 bits, rsa)
community.crypto.openssh_keypair:
path: "/root/ssh_keys/id_rsa_main_vm"
- name: Ensure that ssh is installed
delegate_to: "main-forcad-vm"
connection: lxd
ansible.builtin.apt:
pkg:
- ssh
update_cache: true
- name: Install public key on server
delegate_to: "main-forcad-vm"
connection: lxd
ansible.posix.authorized_key:
user: root
state: present
key: "{{ lookup('file', '/root/ssh_keys/id_rsa_main_vm.pub')}}"
- name: Enable Root Login
delegate_to: "main-forcad-vm"
connection: lxd
lineinfile:
dest: /etc/ssh/sshd_config
regexp: '^PermitRootLogin'
line: "PermitRootLogin yes"
state: present
backup: yes
- name: restart ssh daemon
delegate_to: "main-forcad-vm"
connection: lxd
ansible.builtin.service:
name: sshd
state: restarted
- add_host:
hostname: "{{ lxc_container_create_output.result.addresses.enp5s0[0] }}"
groups: main_forcad_group
connection: ssh
ansible_ssh_private_key_file: "/root/ssh_keys/id_rsa_main_vm.pub"
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"

78
containers_init/roles/lxd_teams/tasks/main.yml
View File

@ -1,44 +1,74 @@
--- ---
- name: Create N started containers - name: "Create {{ n_teams }} started containers"
community.general.lxd_container: community.general.lxd_container:
name: "team{{ item }}" name: "team{{ item }}"
ignore_volatile_options: true ignore_volatile_options: true
state: started state: started
config: type: virtual-machine
"security.nesting": "true"
source: source:
protocol: simplestreams protocol: simplestreams
type: image type: image
mode: pull mode: pull
server: https://images.linuxcontainers.org server: https://images.linuxcontainers.org
alias: ubuntu/20.04/cloud alias: ubuntu/22.04/cloud
profiles: ["default"] profiles: ["default"]
wait_for_ipv4_addresses: true wait_for_ipv4_addresses: true
timeout: 600 timeout: 600
loop: "{{ range(1, n_teams|int + 1 , 1) | list }}" loop: "{{ range(0, n_teams|int, 1) | list }}"
register: lxc_container_create_output register: lxc_container_create_output
# - name: Make sure ssh_keys directory exists
#- name: Check python is installed in container ansible.builtin.file:
# delegate_to: "team{{ item }}" path: /root/ssh_keys
# ansible.builtin.raw: dpkg -s python state: directory
# register: python_install_check mode: '0755'
# failed_when: python_install_check.rc not in [0, 1]
# changed_when: false
# loop: "{{ range(1, n_teams|int + 1 , 1) | list }}"
#
#
#- name: Install python in container
# delegate_to: "team{{ item }}"
# ansible.builtin.raw: apt-get install -y python
# when: python_install_check.rc == 1
# loop: "{{ range(1, n_teams|int + 1 , 1) | list }}"
- name: h - name: Generate an OpenSSH keypair with the default values (4096 bits, rsa)
debug: community.crypto.openssh_keypair:
msg: "{{ lxc_container_create_output.results[0].invocation.module_args.name }}" path: "/root/ssh_keys/id_rsa_vm_team-{{ item}}"
loop: "{{ range(0, n_teams|int, 1) | list }}"
- name: Ensure that ssh is installed
delegate_to: "team{{item}}"
connection: lxd
ansible.builtin.apt:
pkg:
- ssh
update_cache: true
loop: "{{ range(0, n_teams|int, 1) | list }}"
- name: Install public key on server
delegate_to: "team{{item}}"
connection: lxd
ansible.posix.authorized_key:
user: root
state: present
key: "{{ lookup('file', '/root/ssh_keys/id_rsa_vm_team-{{ item}}.pub')}}"
loop: "{{ range(0, n_teams|int , 1) | list }}"
- name: Enable Root Login
delegate_to: "team{{item}}"
connection: lxd
lineinfile:
dest: /etc/ssh/sshd_config
regexp: '^PermitRootLogin'
line: "PermitRootLogin yes"
state: present
backup: yes
loop: "{{ range(0, n_teams|int , 1) | list }}"
- name: restart ssh daemon
delegate_to: "team{{item}}"
connection: lxd
ansible.builtin.service:
name: sshd
state: restarted
loop: "{{ range(0, n_teams|int , 1) | list }}"
- add_host: - add_host:
hostname: "{{ lxc_container_create_output.results[item].invocation.module_args.name }}" hostname: "{{ lxc_container_create_output.results[item].addresses.enp5s0[0] }}"
groups: just_created groups: just_created
connection: ssh
ansible_ssh_private_key_file: "/root/ssh_keys/id_rsa_vm_team-{{ item }}"
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
loop: "{{ range(0, n_teams|int, 1) | list }}" loop: "{{ range(0, n_teams|int, 1) | list }}"

7
containers_init/roles/services/tasks/main.yml
View File

@ -15,9 +15,8 @@
# maybe list the services in directory firstly, for now its ok # maybe list the services in directory firstly, for now its ok
- name: Start services - name: Start services
community.docker.docker_compose: ansible.builtin.shell: "docker-compose -f /root/services/{{ item }}/service/docker-compose.yml up -d"
project_src: "/root/services/{{ item }}/service"
state: present
with_items: with_items:
- BabySql - Dummy
- HashMePlease

3
containers_init/vars/main.yml
View File

@ -14,3 +14,6 @@ admin_password: 'forcad420'
# Startime for the game # Startime for the game
start_time: '2019-11-30 15:30:00' start_time: '2019-11-30 15:30:00'
## delete this
n_teams: 2

2
server_init/inventory
View File

@ -1,2 +1,2 @@
[forc_ad] [forc_ad]
192.168.88.160 ansible_connection=ssh ansible_user=root ansible_ssh_pass=root 192.168.88.181 ansible_connection=ssh ansible_user=root ansible_ssh_pass=root

58
server_init/roles/ansible_lxd/tasks/main.yml
View File

@ -1,35 +1,35 @@
--- ---
# - name: Make sure apt packages are available - name: Make sure apt packages are available
# ansible.builtin.apt: ansible.builtin.apt:
# pkg: pkg:
# - python3 - python3
# - python3-venv - python3-venv
# - python3-pip - python3-pip
# - virtualenv - virtualenv
# - snap - snap
# update_cache: true update_cache: true
#
# - name: Ensure lxd is installed
# community.general.snap:
# name:
# - lxd
#
# - name: Run lxd init
# ansible.builtin.command:
# cmd: 'lxd init --auto'
#
# - name: Create a project directory
# ansible.builtin.file:
# path: /root/deploy
# state: directory
# mode: '0755'
#- name: Copy project directory - name: Ensure lxd is installed
# ansible.builtin.copy: community.general.snap:
# src: '../../../../containers_init' name:
# dest: /root/deploy - lxd
# mode: '0655'
- name: Run lxd init
ansible.builtin.command:
cmd: 'lxd init --auto'
- name: Create a project directory
ansible.builtin.file:
path: /root/deploy
state: directory
mode: '0755'
- name: Copy project directory
ansible.builtin.copy:
src: '../../../../containers_init'
dest: /root/deploy
mode: '0655'
- name: Create venv ans install requirements - name: Create venv ans install requirements
ansible.builtin.pip: ansible.builtin.pip: