From 3a874fa4f868c18ed27bdd20dc2c5a586bea0320 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Tue, 6 Feb 2024 23:28:17 +0100 Subject: [PATCH] install jsondiff and pyyaml for docker swarm --- .../ansible/playbooks/setup-nixos.yml | 23 ------- .../docker_swarm/ansible/playbooks/setup.yml | 63 +++---------------- .../ansible/playbooks/stacks2.yml | 5 ++ .../roles/cyberchef2/docker-stack.yml.j2 | 8 +++ .../ansible/roles/cyberchef2/tasks/main.yml | 5 ++ nixos/machines/default.nix | 6 ++ 6 files changed, 31 insertions(+), 79 deletions(-) delete mode 100644 legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml create mode 100644 legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml create mode 100644 legacy/projects/docker_swarm/ansible/roles/cyberchef2/docker-stack.yml.j2 create mode 100644 legacy/projects/docker_swarm/ansible/roles/cyberchef2/tasks/main.yml diff --git a/legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml b/legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml deleted file mode 100644 index fcd02b3..0000000 --- a/legacy/projects/docker_swarm/ansible/playbooks/setup-nixos.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- - -- name: Setup Docker Swarm primary - hosts: primary - tasks: - - name: Create Docker Swarm - docker_swarm: - - - name: Get Docker Swarm primary info - docker_swarm_info: - nodes: yes - nodes_filters: - name: primary - register: swarm_info - -- hosts: secondaries - tasks: - - name: Join Docker Swarm - docker_swarm: - state: join - join_token: "{{ hostvars.primary.swarm_info.swarm_facts.JoinTokens.Manager }}" - remote_addrs: - - "{{ hostvars.primary.ansible_default_ipv4.address }}" diff --git a/legacy/projects/docker_swarm/ansible/playbooks/setup.yml b/legacy/projects/docker_swarm/ansible/playbooks/setup.yml index 56ae015..ca4fec6 100644 --- a/legacy/projects/docker_swarm/ansible/playbooks/setup.yml +++ b/legacy/projects/docker_swarm/ansible/playbooks/setup.yml @@ -1,72 +1,23 @@ --- -- name: Wait for Cloud-init to finish - hosts: manager, workers - gather_facts: no - roles: - - cloudinit_wait -- name: Initialize Docker Swarm nodes - hosts: manager, workers - pre_tasks: - - name: Delete externally managed environment file - shell: - cmd: "rm /usr/lib/python*/EXTERNALLY-MANAGED" - register: rm - changed_when: "rm.rc == 0" - failed_when: "false" - - roles: - - setup_apt - - post_tasks: - - name: Install Docker - include_role: - name: docker - vars: - docker_daemon_config: {} - # log-driver: fluentd - # log-opts: - # fluentd-address: "localhost:22222" - # tag: "docker.{{ '{{' }}.Name{{ '}}' }}" - -- name: Setup Docker Swarm manager - hosts: manager +- name: Setup Docker Swarm primary + hosts: primary tasks: - - name: Install pip packages - pip: - name: - - jsondiff - - pyyaml - - name: Create Docker Swarm docker_swarm: - - name: Get Docker Swarm manager info + - name: Get Docker Swarm primary info docker_swarm_info: nodes: yes nodes_filters: - name: manager + name: primary register: swarm_info -- hosts: workers +- hosts: secondaries tasks: - name: Join Docker Swarm docker_swarm: state: join - join_token: "{{ hostvars.manager.swarm_info.swarm_facts.JoinTokens.Worker }}" + join_token: "{{ hostvars.primary.swarm_info.swarm_facts.JoinTokens.Worker }}" remote_addrs: - - "{{ hostvars.manager.ansible_default_ipv4.address }}" - -- hosts: manager - tasks: - - name: Add concourse to authorized keys - authorized_key: - user: root - key: "{{ concourse_public_key }}" - -- hosts: manager, workers - tasks: - - name: Increase vm.max_map_count - sysctl: - name: vm.max_map_count - value: 262144 + - "{{ hostvars.primary.ansible_default_ipv4.address }}" diff --git a/legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml b/legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml new file mode 100644 index 0000000..e17e903 --- /dev/null +++ b/legacy/projects/docker_swarm/ansible/playbooks/stacks2.yml @@ -0,0 +1,5 @@ +--- +- name: Start Docker stacks + hosts: primary + roles: + - {role: cyberchef2, tags: cyberchef2} diff --git a/legacy/projects/docker_swarm/ansible/roles/cyberchef2/docker-stack.yml.j2 b/legacy/projects/docker_swarm/ansible/roles/cyberchef2/docker-stack.yml.j2 new file mode 100644 index 0000000..e394858 --- /dev/null +++ b/legacy/projects/docker_swarm/ansible/roles/cyberchef2/docker-stack.yml.j2 @@ -0,0 +1,8 @@ +# vi: ft=yaml +version: "3.7" + +services: + cyberchef: + image: mpepping/cyberchef + ports: + - 8000:8000 diff --git a/legacy/projects/docker_swarm/ansible/roles/cyberchef2/tasks/main.yml b/legacy/projects/docker_swarm/ansible/roles/cyberchef2/tasks/main.yml new file mode 100644 index 0000000..553f2e8 --- /dev/null +++ b/legacy/projects/docker_swarm/ansible/roles/cyberchef2/tasks/main.yml @@ -0,0 +1,5 @@ +- name: Deploy Docker stack + docker_stack: + name: cyberchef + compose: + - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}" diff --git a/nixos/machines/default.nix b/nixos/machines/default.nix index 2560698..c036de7 100644 --- a/nixos/machines/default.nix +++ b/nixos/machines/default.nix @@ -120,6 +120,8 @@ (python311.withPackages (python-pkgs: [ python-pkgs.docker python-pkgs.requests + python-pkgs.jsondiff + python-pkgs.pyyaml ])) ]; }; @@ -154,6 +156,8 @@ (python311.withPackages (python-pkgs: [ python-pkgs.docker python-pkgs.requests + python-pkgs.jsondiff + python-pkgs.pyyaml ])) ]; }; @@ -188,6 +192,8 @@ (python311.withPackages (python-pkgs: [ python-pkgs.docker python-pkgs.requests + python-pkgs.jsondiff + python-pkgs.pyyaml ])) ]; };