add expand to two hypervisors
This commit is contained in:
parent
d8787fa9a6
commit
ed6723e1da
11 changed files with 105 additions and 43 deletions
|
@ -1,18 +1,22 @@
|
||||||
docker_node_labels:
|
docker_node_labels:
|
||||||
- hostname: maestro
|
- hostname: maestro
|
||||||
|
labels: {}
|
||||||
|
- hostname: swarmpub1
|
||||||
labels:
|
labels:
|
||||||
traefik: "true"
|
public: "true"
|
||||||
forgejo: "true"
|
|
||||||
- hostname: worker1
|
|
||||||
labels:
|
|
||||||
syncthing: "true"
|
|
||||||
seafile: "true"
|
|
||||||
radicale: "true"
|
|
||||||
mastodon: "true"
|
mastodon: "true"
|
||||||
freshrss: "true"
|
- hostname: swarmpub2
|
||||||
hedgedoc: "true"
|
labels:
|
||||||
|
public: "true"
|
||||||
|
- hostname: swarmpriv1
|
||||||
|
labels:
|
||||||
|
private: "true"
|
||||||
overleaf: "true"
|
overleaf: "true"
|
||||||
|
syncthing: "true"
|
||||||
data_directories:
|
hedgedoc: "true"
|
||||||
- 'traefik'
|
radicale: "true"
|
||||||
- 'forgejo'
|
- hostname: swarmpriv2
|
||||||
|
labels:
|
||||||
|
private: "true"
|
||||||
|
seafile: "true"
|
||||||
|
freshrss: "true"
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
data_directories:
|
|
||||||
- 'syncthing'
|
|
||||||
- 'seafile/data'
|
|
||||||
- 'seafile/db'
|
|
|
@ -5,5 +5,11 @@ all:
|
||||||
children:
|
children:
|
||||||
workers:
|
workers:
|
||||||
hosts:
|
hosts:
|
||||||
worker1:
|
swarmpub1:
|
||||||
ansible_host: worker1.dmz
|
ansible_host: swarmpub1.dmz
|
||||||
|
swarmpub2:
|
||||||
|
ansible_host: swarmpub2.dmz
|
||||||
|
swarmpriv1:
|
||||||
|
ansible_host: swarmpriv1.dmz
|
||||||
|
swarmpriv2:
|
||||||
|
ansible_host: swarmpriv2.dmz
|
||||||
|
|
|
@ -15,15 +15,6 @@
|
||||||
changed_when: "rm.rc == 0"
|
changed_when: "rm.rc == 0"
|
||||||
failed_when: "false"
|
failed_when: "false"
|
||||||
|
|
||||||
# TODO: this creates permission issues. Should create them by hand for now.
|
|
||||||
# - name: Create data directories
|
|
||||||
# file:
|
|
||||||
# state: directory
|
|
||||||
# path: "{{ data_directory_base }}/{{ item }}"
|
|
||||||
# recurse: true
|
|
||||||
# mode: 0777
|
|
||||||
# loop: "{{ data_directories }}"
|
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- setup_apt
|
- setup_apt
|
||||||
- docker
|
- docker
|
||||||
|
|
|
@ -11,6 +11,9 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
deploy:
|
deploy:
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- "node.labels.public == true"
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.http.routers.cyberchef.entrypoints=websecure
|
- traefik.http.routers.cyberchef.entrypoints=websecure
|
||||||
|
|
|
@ -28,7 +28,7 @@ services:
|
||||||
deploy:
|
deploy:
|
||||||
placement:
|
placement:
|
||||||
constraints:
|
constraints:
|
||||||
- "node.labels.forgejo == true"
|
- node.role == manager
|
||||||
labels:
|
labels:
|
||||||
- traefik.port=443
|
- traefik.port=443
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
|
|
|
@ -7,3 +7,7 @@ services:
|
||||||
ports:
|
ports:
|
||||||
- 2500:2500
|
- 2500:2500
|
||||||
- 9000:9000
|
- 9000:9000
|
||||||
|
deploy:
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- "node.labels.public == true"
|
||||||
|
|
|
@ -6,3 +6,7 @@ services:
|
||||||
image: teddysun/kms
|
image: teddysun/kms
|
||||||
ports:
|
ports:
|
||||||
- 1688:1688
|
- 1688:1688
|
||||||
|
deploy:
|
||||||
|
placement:
|
||||||
|
constraints:
|
||||||
|
- "node.labels.public == true"
|
||||||
|
|
|
@ -20,7 +20,8 @@ services:
|
||||||
- 444:444
|
- 444:444
|
||||||
deploy:
|
deploy:
|
||||||
placement:
|
placement:
|
||||||
constraints: [node.labels.traefik == true]
|
constraints:
|
||||||
|
- node.role == manager
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.http.routers.dashboard.entrypoints=localsecure
|
- traefik.http.routers.dashboard.entrypoints=localsecure
|
||||||
|
|
|
@ -1,3 +1,8 @@
|
||||||
|
- name: Create working directory
|
||||||
|
file:
|
||||||
|
path: /srv/traefik
|
||||||
|
state: directory
|
||||||
|
|
||||||
- name: Create Traefik network
|
- name: Create Traefik network
|
||||||
docker_network:
|
docker_network:
|
||||||
name: traefik
|
name: traefik
|
||||||
|
|
|
@ -15,20 +15,68 @@ provider "libvirt" {
|
||||||
uri = "qemu+ssh://root@atlas.hyp/system"
|
uri = "qemu+ssh://root@atlas.hyp/system"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
provider "libvirt" {
|
||||||
|
alias = "jefke"
|
||||||
|
uri = "qemu+ssh://root@jefke.hyp/system"
|
||||||
|
}
|
||||||
|
|
||||||
module "manager" {
|
module "manager" {
|
||||||
source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
||||||
|
source = "/home/pim/repos/tf-modules/debian"
|
||||||
name = "maestro"
|
name = "maestro"
|
||||||
domain_name = "tf-maestro"
|
domain_name = "tf-maestro"
|
||||||
memory = 1024
|
memory = 1024
|
||||||
mac = "CA:FE:C0:FF:EE:08"
|
mac = "CA:FE:C0:FF:EE:08"
|
||||||
|
hypervisor_host = "atlas.hyp"
|
||||||
|
providers = {
|
||||||
|
libvirt = libvirt
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
module "workers" {
|
module "swarmpub1" {
|
||||||
for_each = {
|
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
||||||
worker1 = "tf-worker1"
|
source = "/home/pim/repos/tf-modules/debian"
|
||||||
|
name = "swarmpub1"
|
||||||
|
domain_name = "tf-swarmpub1"
|
||||||
|
memory = 1024 * 5
|
||||||
|
hypervisor_host = "atlas.hyp"
|
||||||
|
providers = {
|
||||||
|
libvirt = libvirt
|
||||||
}
|
}
|
||||||
source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
}
|
||||||
name = each.key
|
|
||||||
domain_name = each.value
|
module "swarmpriv1" {
|
||||||
|
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
||||||
|
source = "/home/pim/repos/tf-modules/debian"
|
||||||
|
name = "swarmpriv1"
|
||||||
|
domain_name = "tf-swarmpriv1"
|
||||||
|
memory = 1024 * 5
|
||||||
|
hypervisor_host = "atlas.hyp"
|
||||||
|
providers = {
|
||||||
|
libvirt = libvirt
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module "swarmpub2" {
|
||||||
|
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
||||||
|
source = "/home/pim/repos/tf-modules/debian"
|
||||||
|
name = "swarmpub2"
|
||||||
|
domain_name = "tf-swarmpub2"
|
||||||
memory = 1024 * 3
|
memory = 1024 * 3
|
||||||
|
hypervisor_host = "jefke.hyp"
|
||||||
|
providers = {
|
||||||
|
libvirt = libvirt.jefke
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module "swarmpriv2" {
|
||||||
|
#source = "git::https://git.pim.kunis.nl/home/tf-modules.git//debian"
|
||||||
|
source = "/home/pim/repos/tf-modules/debian"
|
||||||
|
name = "swarmpriv2"
|
||||||
|
domain_name = "tf-swarmpriv2"
|
||||||
|
memory = 1024 * 3
|
||||||
|
hypervisor_host = "jefke.hyp"
|
||||||
|
providers = {
|
||||||
|
libvirt = libvirt.jefke
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue