v4l3n71n/covas-deployment
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: v4l3n71n:k8s-deploy
Branches Tags
v4l3n71n:master v4l3n71n:k8s-deploy
...
compare: v4l3n71n:87db6ddf40955555e5d23eef9b6d5f9006f4ec73
Branches Tags
v4l3n71n:master v4l3n71n:k8s-deploy

11 Commits
k8s-deploy ... 87db6ddf40

Author SHA1 Message Date
Valentin CZERYBA
87db6ddf40 ignore file 2022-11-02 22:16:46 +01:00
Valentin CZERYBA
c9a0e48346 essai drone 2022-11-02 22:15:31 +01:00
Valentin CZERYBA
284e86c424 test drone check syntax 2022-10-31 20:30:26 +01:00
Valentin CZERYBA
1caaac3485 add drone yml
Some checks reported errors
continuous-integration/drone Build was killed
Details
continuous-integration/drone/push Build was killed
Details
2022-10-28 21:33:15 +02:00
Valentin CZERYBA
372f1d7c18 add debug message 2022-10-28 20:20:16 +02:00
Valentin CZERYBA
c26a6c6f84 fix url 2022-10-28 17:38:56 +02:00
Valentin CZERYBA
e4ee762c65 add drone groups 2022-10-28 17:35:49 +02:00
Valentin CZERYBA
91d441b38e remove localhost from db group 2022-10-20 17:05:48 +02:00
Valentin CZERYBA
42f2a14d87 add passwordé 2022-10-20 17:00:58 +02:00
Valentin CZERYBA
93eca7fec9 fix password 2022-10-20 16:56:51 +02:00
v4l3n71n
541eda55f6 Merge pull request 'k8s-deploy' (#2) from k8s-deploy into master 
Reviewed-on: #2
 2022-10-20 14:52:28 +00:00
21 changed files with 197 additions and 48 deletions
Expand all files Collapse all files

1
.dockerignore Normal file
View File

@@ -0,0 +1 @@
Dockerfile

19
.drone.yml Normal file
View File

@@ -0,0 +1,19 @@
kind: pipeline
name: default
type: docker
steps:
- name: deploy
image: v4l3n71n/covas:latest
pull: if-not-exists
commands:
- eval $(ssh-agent -s)
- id -u ansible
- sshpass -p 50ford5080850 ssh-add ssh_keys/id_rsa_nas
- sshpass -p 23v4l3n71n02cz3ry841993 ssh-add ssh_keys/id_rsa_vps
- ansible-playbook -i inventory --syntax-check playbook.yml
- ansible --ask-vault-password -i inventory -m ping playbook.yml
image_pull_secrets:
- dockerconfig

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
ssh_keys/

9
Dockerfile Normal file
View File

@@ -0,0 +1,9 @@
FROM debian:bookworm-slim
RUN apt-get update --yes && apt-get upgrade --yes && apt-get install --yes python3 python3-pip openssh-client sshpass && rm -rf /var/lib/apt/lists/*
RUN groupadd -r ansible && useradd -m -r -g ansible ansible
USER ansible
RUN pip install ansible
WORKDIR /home/ansible
ENV PATH="${PATH}:/home/ansible/.local/bin"
COPY --chown=ansible:ansible . /home/ansible
RUN ansible-galaxy install -vvvv -r requirements.yml

1
inventory/group_vars/db
View File

@@ -1,3 +1,4 @@
msg: db
postgres_url: db.valczeryba.ovh postgres_url: db.valczeryba.ovh
postgres_db: toto postgres_db: toto
postgres_port: 54321 postgres_port: 54321

27
inventory/group_vars/db_vault
View File

@@ -1,14 +1,15 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
30326462626436373330386637633864316430623235306239353439313932383964646435393965 31393434663833363061653862663138393835663538346465383065323231616163343964303966
3662326631306134363862626638616330633765666538360a323264646135393935343434343362 3437316337383464323933306632393766386234366133360a313466356333343939396134333430
36666566316465383833386433623565373837353233366435346633313566623361653937306336 38376636663234666534666637663638633766623034323164393234656365613437643738393833
6362383331643665300a393561643837376461326663663235343434363438623637306263626163 3466616536353935340a366165346464343863613133373739366534373835396436343138326532
38336162383331383732643765323763656130653432386534376335336338663663363439666361 37376261383631366531333061353133643432623164633335373037393732366132346438326163
31306530666264323130333561356564626536643533356337383631613534383730666338313664 32386639396661626431616463383165393035396139333336316263636236323130656534636237
34626261616430623063323836616130383335383965326239636362616531623565323734613532 36636536613064393632343564343734626666323037303630623764316338346161373134656165
33313830663666633432666135346234643834316239633132383862393636623230316532616365 64666133663364633064323763303964663964393139646663306334353435633839383164313734
30336564306336393064613330336436363631316236353237343838396637353735356461323331 61373731356331336265663835346234323934656236646363663562396131336161663662393634
34343637336532373539663565666337383837373235613734303831376636303361376533346333 65383761363763326366313063333337633039383830663066663261393464646437663366366565
32316430613936366464383832376237633036353737353566613638396236316664356638373635 39366661653934626337656336306435363263373534323239353831343231303134613338623236
35303239353937316236323339633335373761623032313231383937306236303861306265646333 63306464393031666666613530326138646535613534303365323965323466366131343236663030
65633638623065303761646562373936336235373533333265643534616663343538 37323032656136383661333331363635643234333138626239383733336135333637353930316338
6537303238333962313362376434383038666133376134383132

22
inventory/group_vars/drone Normal file
View File

@@ -0,0 +1,22 @@
drone_gitea_server: https://git.valczeryba.ovh
drone_server_host: drone.valczeryba.ovh:8000
drone_agents_enabled: true
drone_server_proto: http
drone_tls_autocert: false
drone_open: false
drone_host: http://localhost:8000
drone_rpc_server: drone-server:8000
msg: drone
project_src: "/home/valentin/drone"
project_directory:
- "{{ project_src }}"
project_env: env-drone.j2
docker_compose_file: "docker-compose-drone.yml"
ports_tcp:
- 8000
- 9000

18
inventory/group_vars/drone_vault Normal file
View File

@@ -0,0 +1,18 @@
$ANSIBLE_VAULT;1.1;AES256
38303932316262306464333166316363643239366561323234643563623362336335613237376239
3535393466323064333163363932663731663031663933350a323431653239396663343666373765
31373066383234303139663135326462613539626363373930346366383831646536316465373563
3537653761373233300a383637623932616663393763643066326238633932643730336339336330
38366430336561613866373634313130616438313234666431396638366161613839303864353561
35613234326539383765666637323236303161623061633164646430663834393764623931656638
63336533383065343738373564393266653738656163643165383434623836666434646337336565
32373261636363396363343236353336306331313761623531653834346536353039656564316138
66643166653435666162383333366233353165393837303539646538353765653465363532346231
65633365353131613437623663313934626461313437373730623164636364393362366537373162
62363965323662356638633661363236326437353366356134346333313466323139336362363234
62376262346338643339363566303339366165636566623565363238363736646637646635303531
38343031666635323539353431316164353830363838313662613063616532623730346561333665
33316137613666636439383364353735653535346537383831323333646238356534393935643435
31643637323366616230633039336633313631316330323064306638663039393330376366633930
65643861363231313033333662396339636432343133336561356438636233643762313539323166
6261

19
inventory/group_vars/local_vault
View File

@@ -1,10 +1,11 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
38396665356139383861356137373362393834373765663937373730333434356565383864333137 30366237393836333338316164656633656435383866666462663830643463633064356261396431
3763386361323938326462393632346565386432336531620a616261656133323236343464303837 3066613335326464373833346430373663333736353537630a653934316366383165346238663134
39613966333435393336396361666337306438393138363961336462383666326363326439373762 30376439373634323636613566373534353138653964613236326464653662306136653964313861
6139623462323133330a646432336365666164643435383430616137313130646137623463373636 6135623361346639650a646533383761393435303833336138346164633161613739323765323664
32313561383838366437633634376434616438633665363465626633633537383435616537336339 65623039633039343039303931626138316132613433666136633336326433653561343761316363
64313836613730613135363739363536356362373762313431353938653738613666313966393163 66666230343165383130353939303633623264663161663030336533663437363630383565353064
33336234363964633633663431353966666530353432643461656336356166393837316634313164 35376633323564623361613663356230663664323261383564653433656638306432343132343631
65653033636338363563666363326433636163323363656530323834303464356136346163353466 32386232316234643464326533303065653535633064393438663931336334373965313064386532
3533 66306664303937356636366564623830623764386136663830636634326438373963666134613430
6530323937303637393934376466396565343133613736663166

11
inventory/group_vars/nas_vault
View File

@@ -1,6 +1,7 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
35333863396561393462653263323133343233346534616138616530643066323161656534653738 61643965343735653231363764646132363434653530346532343765663036376434353334356330
3335306466663636623236383435663337393466633437660a303961663331653463343933353966 6133383634643439353338383039653234303666306661350a636366343465356639646535663234
35636161393663386137306561613965653438626432323865323233636662653333616532636665 31356434363130663961653638363463333330346561333933643263643362343132376131313764
3562333936366238640a646262373233363665366437653032303238313266356138343239303936 3439663335386235610a396435303138666166383363303038663163393538323362313965613933
36663531303061663763653637333365303664666563353631303435633462343537 65666338653533386234336365316664313266326130313064653864386235323461303938386333
3239646561363831643530633466613035643630363761326666

3
inventory/group_vars/registry
View File

@@ -1,9 +1,10 @@
msg: registry
project_src: "/home/valentin/registry" project_src: "/home/valentin/registry"
project_directory: project_directory:
- "{{ project_src }}" - "{{ project_src }}"
docker_compose_file: "docker-compose-registry.yml" docker_compose_file: "docker-compose-registry.yml"

14
inventory/hosts
View File

@@ -1,10 +1,10 @@
vps ansible_connection=ssh ansible_host=51.222.107.37 ansible_port=2424 ansible_user=valentin vps ansible_connection=ssh ansible_host=51.222.107.37 ansible_port=2424 ansible_user=valentin
valentin-nas ansible_connection=ssh ansible_host=151.80.37.38 ansible_port=2424 ansible_user=valentin valentin-nas ansible_connection=ssh ansible_host=151.80.37.38 ansible_port=2424 ansible_user=valentin
drone-host ansible_connection=ssh ansible_host=151.80.37.38 ansible_port=2424 ansible_user=valentin
localhost ansible_host=127.0.0.1 localhost ansible_host=127.0.0.1
[db] [db]
vps vps
localhost
[db_vault:children] [db_vault:children]
db db
@@ -12,8 +12,16 @@ db
[nas] [nas]
valentin-nas valentin-nas
[registry:children]
nas [registry]
valentin-nas
[drone]
drone-host
[drone_vault:children]
drone
[nas_vault:children] [nas_vault:children]
nas nas

3
playbook.yml
View File

@@ -1,9 +1,10 @@
--- ---
- hosts: registry db - hosts: registry db drone
remote_user: valentin remote_user: valentin
roles: roles:
- server - server
- hosts: local - hosts: local
remote_user: valentin remote_user: valentin
roles: roles:

5
requirements.yml
View File

@@ -1,7 +1,4 @@
/home/valentin/.ansible/collections/ansible_collections: collections:
community.docker:
version: 3.1.0
/usr/lib/python3.10/site-packages/ansible_collections:
amazon.aws: amazon.aws:
version: 3.4.0 version: 3.4.0
ansible.netcommon: ansible.netcommon:

8
scaleway-k8s/tasks/main.yml
View File

@@ -1,15 +1,15 @@
- name: Create folder for image - name: Create folder for image
ansible.builtin.import_tasks: create-build.yml import_tasks: create-build.yml
tags: ["create-build"] tags: ["create-build"]
- name: Create cluster k8s scaleway via terraform - name: Create cluster k8s scaleway via terraform
ansible.builtin.import_tasks: create-cluster.yml import_tasks: create-cluster.yml
tags: ["create-cluster"] tags: ["create-cluster"]
- name: Get id Cluster - name: Get id Cluster
ansible.builtin.import_tasks: kubeconfig.yml import_tasks: kubeconfig.yml
tags: ["create-cluster", "kubeconfig"] tags: ["create-cluster", "kubeconfig"]
- name: Destroy cluster k8s scaleway via terraform - name: Destroy cluster k8s scaleway via terraform
ansible.builtin.import_tasks: destroy-cluster.yml import_tasks: destroy-cluster.yml
tags: ["destroy-cluster"] tags: ["destroy-cluster"]

51
server/files/docker-compose-drone.yml Normal file
View File

@@ -0,0 +1,51 @@
version: '3.5'
services:
drone-server:
image: drone/drone:2
ports:
- 8000:80
- 9000:443
networks:
- drone
volumes:
- ./drone-data:/var/lib/drone/
- /var/run/docker.sock:/var/run/docker.sock
env_file:
- .env
restart: always
environment:
- DRONE_GITHUB_SKIP_VERIFY=true
- DRONE_AGENTS_ENABLED=true
- DRONE_SERVER_PROTO=http
- DRONE_TLS_AUTOCERT=false
- DRONE_OPEN=false
- DRONE_HOST=http://drone.valczeryba.ovh:8000
- DRONE_GITHUB=true
# Variables below set via drone.env file
# - DRONE_USER_CREATE=
# - DRONE_USER_FILTER=
# - DRONE_GITHUB_CLIENT_ID=
# - DRONE_GITHUB_CLIENT_SECRET=
# - DRONE_RPC_SECRET=
drone-agent:
image: drone/agent:1.2.1
command: agent
restart: always
depends_on:
- drone-server
networks:
- drone
volumes:
- /var/run/docker.sock:/var/run/docker.sock
env_file:
- .env
environment:
- DRONE_RPC_SERVER=drone-server:8000
# Variables below set via drone.env file
# - DRONE_RPC_SECRET=
networks:
drone:
name: drone_network

1
server/files/docker-compose-registry.yml
View File

@@ -7,5 +7,6 @@ services:
- "5000:5000" - "5000:5000"
environment: environment:
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data
volumes: volumes:
- ./data:/data - ./data:/data

3
server/tasks/debug.yml Normal file
View File

@@ -0,0 +1,3 @@
- name: debug
debug:
msg: "coucou {{ msg }}"

13
server/tasks/main.yml
View File

@@ -1,19 +1,24 @@
--- ---
# tasks file for server # tasks file for server
- name: Debug role
import_tasks: debug.yml
tags: ["debug"]
- name: Deploy services - name: Deploy services
ansible.builtin.import_tasks: deploy.yml import_tasks: deploy.yml
tags: ["deploy", "create"] tags: ["deploy", "create"]
- name: Start services - name: Start services
ansible.builtin.import_tasks: start.yml import_tasks: start.yml
tags: ["deploy", "start"] tags: ["deploy", "start"]
- name: stop services - name: stop services
ansible.builtin.import_tasks: stop.yml import_tasks: stop.yml
tags: ["destroy", "stop"] tags: ["destroy", "stop"]
- name: Remove services - name: Remove services
ansible.builtin.import_tasks: remove.yml import_tasks: remove.yml
tags: ["destroy"] tags: ["destroy"]

8
server/templates/env-drone.j2 Normal file
View File

@@ -0,0 +1,8 @@
# Drone secret key, used for private communication between agents and web UI
DRONE_USER_CREATE=
DRONE_USER_FILTER= {{ drone_user_filter }}
DRONE_GITEA_SERVER={{ drone_gitea_server }}
DRONE_GITEA_CLIENT_ID={{ drone_gitea_client_id }}
DRONE_GITEA_CLIENT_SECRET={{ drone_gitea_client_secret }}
DRONE_RPC_SECRET={{ drone_rpc_secret }}
DRONE_SERVER_HOST={{ drone_server_host }}