Lets fucking go
parent
a8bd509bf3
commit
c01e07e838
10
README.md
10
README.md
|
@ -27,16 +27,6 @@ You shuold firstly specify server in the `invenvtory` file. Then start the root
|
|||
|
||||
|
||||
## Todo:
|
||||
> So heh, plan is fist run ansible script to setup main server, then when everything is setup, run another ansible script inisde host (wich only one has access to all services)
|
||||
- So from remoe:
|
||||
* setup lxc
|
||||
* setup python
|
||||
* setup ansible
|
||||
* copy ansible files to host
|
||||
* start new ansible script inside ansible script
|
||||
- Then on host
|
||||
* maybe firstly create a wireguard lxc container (inside it docker running wireguard) and forward it to host (create `N(teams)*M(players` configurations) (NOT THE BEST THINIKING MUST FIGURE OUT BETTER) then create N containers with docker services started
|
||||
* then create another lxc container for FORCAD and set it up
|
||||
|
||||
- [x] create N teams
|
||||
- [x] fix docker installation
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
- name: Setup ForcAD infra
|
||||
- name: Setup team Virtual machines
|
||||
hosts: localhost
|
||||
become: true
|
||||
vars_files:
|
||||
|
@ -11,20 +11,20 @@
|
|||
private: false
|
||||
|
||||
tasks:
|
||||
- name: Setup team lxc containers and services
|
||||
- name: Setup team lxc virtual machines and services
|
||||
include_role:
|
||||
name: lxd_teams
|
||||
tasks_from: main
|
||||
|
||||
- name: Setup ForcAD infra
|
||||
- name: Setup team services
|
||||
hosts: just_created
|
||||
become: true
|
||||
connection: lxd
|
||||
connection: ssh
|
||||
vars_files:
|
||||
- './vars/main.yml'
|
||||
|
||||
tasks:
|
||||
- name: Install docker on all containers
|
||||
- name: Install docker on all vms
|
||||
include_role:
|
||||
name: docker
|
||||
tasks_from: main
|
||||
|
@ -34,3 +34,33 @@
|
|||
name: services
|
||||
tasks_from: main
|
||||
|
||||
|
||||
- name: Setup main ForcAD vm
|
||||
hosts: localhost
|
||||
become: true
|
||||
vars_files:
|
||||
- './vars/main.yml'
|
||||
|
||||
tasks:
|
||||
- name: Setup main ForcAD vm
|
||||
include_role:
|
||||
name: lxd_forcad
|
||||
tasks_from: main
|
||||
|
||||
- name: Setup ForcAD infra
|
||||
hosts: main_forcad_group
|
||||
become: true
|
||||
connection: ssh
|
||||
vars_files:
|
||||
- './vars/main.yml'
|
||||
|
||||
tasks:
|
||||
- name: Install docker on all containers
|
||||
include_role:
|
||||
name: docker
|
||||
tasks_from: main
|
||||
|
||||
- name: Setup forcAD
|
||||
include_role:
|
||||
name: forcad
|
||||
tasks_from: main
|
||||
|
|
|
@ -5,3 +5,10 @@ collections:
|
|||
|
||||
- name: community.general
|
||||
version: '5.6.0'
|
||||
|
||||
- name: community.crypto
|
||||
version: '2.8.1'
|
||||
|
||||
- name: ansible.posix
|
||||
version: '1.4.0'
|
||||
|
||||
|
|
|
@ -1,4 +1,12 @@
|
|||
---
|
||||
- name: Make sure python and python-venv are installed
|
||||
ansible.builtin.apt:
|
||||
pkg:
|
||||
- tar
|
||||
- unzip
|
||||
- python3
|
||||
- python3-venv
|
||||
- virtualenv
|
||||
|
||||
- name: Create forcAD directory
|
||||
ansible.builtin.file:
|
||||
|
@ -21,12 +29,6 @@
|
|||
ansible.builtin.set_fact:
|
||||
forc_ad_directory: "{{ forc_ad_directory }}/{{ forc_ad_zipfile.split('.z')[0] }}"
|
||||
|
||||
- name: Make sure python and python-venv are installed
|
||||
ansible.builtin.apt:
|
||||
pkg:
|
||||
- python3
|
||||
- python3-venv
|
||||
|
||||
- name: Create venv
|
||||
ansible.builtin.pip:
|
||||
requirements: "{{ item }}"
|
||||
|
@ -44,7 +46,13 @@
|
|||
|
||||
- name: Generate n teams
|
||||
set_fact: teams="{{ teams|default([]) + [ item ] }}"
|
||||
loop: "{{ range(1, n_teams|int + 1 , 1) | list }}"
|
||||
loop: "{{ range(0, n_teams|int , 1) | list }}"
|
||||
|
||||
- set_fact:
|
||||
teams_ip: "{{ groups.just_created|
|
||||
map('extract', hostvars, 'ansible_all_ipv4_addresses')|
|
||||
map('first')|
|
||||
list }}"
|
||||
|
||||
- name: Copy forcAD config
|
||||
ansible.builtin.template:
|
||||
|
|
|
@ -40,7 +40,7 @@ tasks:
|
|||
|
||||
teams:
|
||||
{% for team in teams %}
|
||||
- ip: 192.168.1.{{ team }}
|
||||
- ip: {{ teams_ip[team] }}
|
||||
name: "Team {{ team }}"
|
||||
highlighted: true
|
||||
{% endfor %}
|
||||
|
|
|
@ -0,0 +1,67 @@
|
|||
---
|
||||
- name: "Create MAIN forcAD vm"
|
||||
community.general.lxd_container:
|
||||
name: "main-forcad-vm"
|
||||
ignore_volatile_options: true
|
||||
state: started
|
||||
type: virtual-machine
|
||||
source:
|
||||
protocol: simplestreams
|
||||
type: image
|
||||
mode: pull
|
||||
server: https://images.linuxcontainers.org
|
||||
alias: ubuntu/22.04/cloud
|
||||
profiles: ["default"]
|
||||
wait_for_ipv4_addresses: true
|
||||
timeout: 600
|
||||
register: lxc_container_create_output
|
||||
|
||||
- name: Make sure ssh_keys directory exists
|
||||
ansible.builtin.file:
|
||||
path: /root/ssh_keys
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: Generate an OpenSSH keypair with the default values (4096 bits, rsa)
|
||||
community.crypto.openssh_keypair:
|
||||
path: "/root/ssh_keys/id_rsa_main_vm"
|
||||
|
||||
- name: Ensure that ssh is installed
|
||||
delegate_to: "main-forcad-vm"
|
||||
connection: lxd
|
||||
ansible.builtin.apt:
|
||||
pkg:
|
||||
- ssh
|
||||
update_cache: true
|
||||
|
||||
- name: Install public key on server
|
||||
delegate_to: "main-forcad-vm"
|
||||
connection: lxd
|
||||
ansible.posix.authorized_key:
|
||||
user: root
|
||||
state: present
|
||||
key: "{{ lookup('file', '/root/ssh_keys/id_rsa_main_vm.pub')}}"
|
||||
|
||||
- name: Enable Root Login
|
||||
delegate_to: "main-forcad-vm"
|
||||
connection: lxd
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: '^PermitRootLogin'
|
||||
line: "PermitRootLogin yes"
|
||||
state: present
|
||||
backup: yes
|
||||
|
||||
- name: restart ssh daemon
|
||||
delegate_to: "main-forcad-vm"
|
||||
connection: lxd
|
||||
ansible.builtin.service:
|
||||
name: sshd
|
||||
state: restarted
|
||||
|
||||
- add_host:
|
||||
hostname: "{{ lxc_container_create_output.result.addresses.enp5s0[0] }}"
|
||||
groups: main_forcad_group
|
||||
connection: ssh
|
||||
ansible_ssh_private_key_file: "/root/ssh_keys/id_rsa_main_vm.pub"
|
||||
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
|
|
@ -1,44 +1,74 @@
|
|||
---
|
||||
- name: Create N started containers
|
||||
- name: "Create {{ n_teams }} started containers"
|
||||
community.general.lxd_container:
|
||||
name: "team{{ item }}"
|
||||
ignore_volatile_options: true
|
||||
state: started
|
||||
config:
|
||||
"security.nesting": "true"
|
||||
type: virtual-machine
|
||||
source:
|
||||
protocol: simplestreams
|
||||
type: image
|
||||
mode: pull
|
||||
server: https://images.linuxcontainers.org
|
||||
alias: ubuntu/20.04/cloud
|
||||
alias: ubuntu/22.04/cloud
|
||||
profiles: ["default"]
|
||||
wait_for_ipv4_addresses: true
|
||||
timeout: 600
|
||||
loop: "{{ range(1, n_teams|int + 1 , 1) | list }}"
|
||||
loop: "{{ range(0, n_teams|int, 1) | list }}"
|
||||
register: lxc_container_create_output
|
||||
|
||||
#
|
||||
#- name: Check python is installed in container
|
||||
# delegate_to: "team{{ item }}"
|
||||
# ansible.builtin.raw: dpkg -s python
|
||||
# register: python_install_check
|
||||
# failed_when: python_install_check.rc not in [0, 1]
|
||||
# changed_when: false
|
||||
# loop: "{{ range(1, n_teams|int + 1 , 1) | list }}"
|
||||
#
|
||||
#
|
||||
#- name: Install python in container
|
||||
# delegate_to: "team{{ item }}"
|
||||
# ansible.builtin.raw: apt-get install -y python
|
||||
# when: python_install_check.rc == 1
|
||||
# loop: "{{ range(1, n_teams|int + 1 , 1) | list }}"
|
||||
- name: Make sure ssh_keys directory exists
|
||||
ansible.builtin.file:
|
||||
path: /root/ssh_keys
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: h
|
||||
debug:
|
||||
msg: "{{ lxc_container_create_output.results[0].invocation.module_args.name }}"
|
||||
- name: Generate an OpenSSH keypair with the default values (4096 bits, rsa)
|
||||
community.crypto.openssh_keypair:
|
||||
path: "/root/ssh_keys/id_rsa_vm_team-{{ item}}"
|
||||
loop: "{{ range(0, n_teams|int, 1) | list }}"
|
||||
|
||||
- name: Ensure that ssh is installed
|
||||
delegate_to: "team{{item}}"
|
||||
connection: lxd
|
||||
ansible.builtin.apt:
|
||||
pkg:
|
||||
- ssh
|
||||
update_cache: true
|
||||
loop: "{{ range(0, n_teams|int, 1) | list }}"
|
||||
|
||||
- name: Install public key on server
|
||||
delegate_to: "team{{item}}"
|
||||
connection: lxd
|
||||
ansible.posix.authorized_key:
|
||||
user: root
|
||||
state: present
|
||||
key: "{{ lookup('file', '/root/ssh_keys/id_rsa_vm_team-{{ item}}.pub')}}"
|
||||
loop: "{{ range(0, n_teams|int , 1) | list }}"
|
||||
|
||||
- name: Enable Root Login
|
||||
delegate_to: "team{{item}}"
|
||||
connection: lxd
|
||||
lineinfile:
|
||||
dest: /etc/ssh/sshd_config
|
||||
regexp: '^PermitRootLogin'
|
||||
line: "PermitRootLogin yes"
|
||||
state: present
|
||||
backup: yes
|
||||
loop: "{{ range(0, n_teams|int , 1) | list }}"
|
||||
|
||||
- name: restart ssh daemon
|
||||
delegate_to: "team{{item}}"
|
||||
connection: lxd
|
||||
ansible.builtin.service:
|
||||
name: sshd
|
||||
state: restarted
|
||||
loop: "{{ range(0, n_teams|int , 1) | list }}"
|
||||
|
||||
- add_host:
|
||||
hostname: "{{ lxc_container_create_output.results[item].invocation.module_args.name }}"
|
||||
hostname: "{{ lxc_container_create_output.results[item].addresses.enp5s0[0] }}"
|
||||
groups: just_created
|
||||
connection: ssh
|
||||
ansible_ssh_private_key_file: "/root/ssh_keys/id_rsa_vm_team-{{ item }}"
|
||||
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
|
||||
loop: "{{ range(0, n_teams|int, 1) | list }}"
|
||||
|
|
|
@ -15,9 +15,8 @@
|
|||
# maybe list the services in directory firstly, for now its ok
|
||||
|
||||
- name: Start services
|
||||
community.docker.docker_compose:
|
||||
project_src: "/root/services/{{ item }}/service"
|
||||
state: present
|
||||
ansible.builtin.shell: "docker-compose -f /root/services/{{ item }}/service/docker-compose.yml up -d"
|
||||
with_items:
|
||||
- BabySql
|
||||
- Dummy
|
||||
- HashMePlease
|
||||
|
||||
|
|
|
@ -14,3 +14,6 @@ admin_password: 'forcad420'
|
|||
|
||||
# Startime for the game
|
||||
start_time: '2019-11-30 15:30:00'
|
||||
|
||||
## delete this
|
||||
n_teams: 2
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
[forc_ad]
|
||||
192.168.88.160 ansible_connection=ssh ansible_user=root ansible_ssh_pass=root
|
||||
192.168.88.181 ansible_connection=ssh ansible_user=root ansible_ssh_pass=root
|
||||
|
|
|
@ -1,35 +1,35 @@
|
|||
---
|
||||
|
||||
# - name: Make sure apt packages are available
|
||||
# ansible.builtin.apt:
|
||||
# pkg:
|
||||
# - python3
|
||||
# - python3-venv
|
||||
# - python3-pip
|
||||
# - virtualenv
|
||||
# - snap
|
||||
# update_cache: true
|
||||
#
|
||||
# - name: Ensure lxd is installed
|
||||
# community.general.snap:
|
||||
# name:
|
||||
# - lxd
|
||||
#
|
||||
# - name: Run lxd init
|
||||
# ansible.builtin.command:
|
||||
# cmd: 'lxd init --auto'
|
||||
#
|
||||
# - name: Create a project directory
|
||||
# ansible.builtin.file:
|
||||
# path: /root/deploy
|
||||
# state: directory
|
||||
# mode: '0755'
|
||||
- name: Make sure apt packages are available
|
||||
ansible.builtin.apt:
|
||||
pkg:
|
||||
- python3
|
||||
- python3-venv
|
||||
- python3-pip
|
||||
- virtualenv
|
||||
- snap
|
||||
update_cache: true
|
||||
|
||||
#- name: Copy project directory
|
||||
# ansible.builtin.copy:
|
||||
# src: '../../../../containers_init'
|
||||
# dest: /root/deploy
|
||||
# mode: '0655'
|
||||
- name: Ensure lxd is installed
|
||||
community.general.snap:
|
||||
name:
|
||||
- lxd
|
||||
|
||||
- name: Run lxd init
|
||||
ansible.builtin.command:
|
||||
cmd: 'lxd init --auto'
|
||||
|
||||
- name: Create a project directory
|
||||
ansible.builtin.file:
|
||||
path: /root/deploy
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: Copy project directory
|
||||
ansible.builtin.copy:
|
||||
src: '../../../../containers_init'
|
||||
dest: /root/deploy
|
||||
mode: '0655'
|
||||
|
||||
- name: Create venv ans install requirements
|
||||
ansible.builtin.pip:
|
||||
|
|
Loading…
Reference in New Issue