-
-
Notifications
You must be signed in to change notification settings - Fork 19
/
ansible-playbook-docker.yml
134 lines (116 loc) · 3.22 KB
/
ansible-playbook-docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
- hosts: all
become: yes
become_user: root
become_method: sudo
tasks:
- name: Baixando binario do minikube
ansible.builtin.get_url:
url: https://storage.googleapis.com/minikube/releases/latest/minikube_latest_amd64.deb
dest: /tmp/
- name: Install minikube .deb package
ansible.builtin.apt:
deb: /tmp/minikube_latest_amd64.deb
- name: Baixando binario do kubectl
ansible.builtin.get_url:
url: https://dl.k8s.io/release/v1.23.0/bin/linux/amd64/kubectl
dest: /tmp/
- name: Instalando binario do kubectl
shell: install -o root -g root -m 0755 /tmp/kubectl /usr/local/bin/kubectl
- name: Adiciona uma chave de assinatura apt para o Docker
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Adiciona repositorio apt para versao estavel
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable
state: present
- name: Instala o Docker e mais alguns pacotes
apt:
name: "{{ packages }}"
state: present
update_cache: yes
vars:
packages:
- docker-ce
- docker-ce-cli
- containerd.io
- conntrack
- apt-transport-https
- python3
- python3-pip
- name: Start Docker, if not started
ansible.builtin.service:
name: docker
state: started
- name: Instala o helm
snap:
name: helm
classic: yes
- name: install pre-requisites
pip:
name:
- openshift
- pyyaml
- kubernetes
- name: Desativando swap
shell: swapoff -a
- name: Inicializando minikube
shell: minikube start --driver=none --kubernetes-version v1.22.12
## Ansible playbook that prepares a Linux machine for a web server
---
- name: Prepare Linux machine for web server
hosts: homelab
become: true
vars:
packages:
- nginx
- ufw
- fail2ban
- python3-pip
firewall_ports:
- 80/tcp
- 443/tcp
tasks:
- name: Install packages
apt:
name: "{{ packages }}"
state: present
- name: Enable firewall ports
ufw:
rule: allow
port: "{{ firewall_ports }}"
- name: Configure fail2ban
copy:
src: files/fail2ban/jail.local
dest: /etc/fail2ban/
mode: '0644'
notify:
- restart fail2ban
- name: Copy nginx config
copy:
src: files/nginx/nginx.conf
dest: /etc/nginx/nginx.conf
mode: '0644'
notify:
- restart nginx
handlers:
- name: restart nginx
service:
name: nginx
state: restarted
- name: restart fail2ban
service:
name: fail2ban
state: restarted
## Example playbook that copies a file from the local machine to a remote host:
---
- name: Copy file to remote host
hosts: homelab
become: true
tasks:
- name: Copy file
copy:
src: /path/to/local/file
dest: /path/to/remote/file
mode: 0644