Compare commits

...

7 commits

8 changed files with 40 additions and 11 deletions

View file

@ -7,7 +7,7 @@ admin_email_address: amarpreet@minhas.io
hashi_arch: amd64
# consul
consul_version: 1.9.4
consul_version: 1.9.7
consul_domain: masked.name
# vault
@ -60,14 +60,14 @@ vault_ca_cert_payload: |
-----END CERTIFICATE-----
# nomad
nomad_version: 1.0.1
nomad_version: 1.1.1
nomad_podman_driver_version: 0.1.0
# podman
podman_version: 3.0.1+dfsg1-2+b1
podman_version: 3.0.1+dfsg1-3+b1
# lnd
lnd_version: 0.12.1-beta
lnd_version: 0.13.1-beta
# lego
lego_version: 4.1.3

View file

@ -0,0 +1,11 @@
---
nomad_meta_values:
- { name: "storage_optimized", value: "false" }
- { name: "ram_optimized", value: "true" }
nomad_ug_map:
- { name: "jenkins", id: "15000" }
nomad_bind_mounts:
- { path: /opt/jenkins_home, owner: jenkins }
...

View file

@ -1,6 +1,7 @@
---
nomad_meta_values:
- { name: "long_lived", value: "true" }
- { name: "storage_optimized", value: "true" }
- { name: "ram_optimized", value: "false" }
nomad_ug_map:
- { name: "jenkins", id: "15000" }

View file

@ -18,9 +18,10 @@ ivyking.minhas.io
[nomad_client]
sedan.minhas.io
ivyking.minhas.io
[nomad_server]
ivyking.minhas.io
ranger.minhas.io
[vault_server]
ivyking.minhas.io

View file

@ -87,9 +87,14 @@
check_mode: False
- name: get consul
pkgng:
name: consul-{{ consul_version }}
state: present
unarchive:
src: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_freebsd_amd64.zip"
dest: /usr/local/bin/
mode: 0755
owner: root
group: consul
remote_src: True
when: installed_consul_version.stdout != consul_version
- name: template consul config
template:

View file

@ -105,7 +105,7 @@
name: "{{ item.name }} renewal"
hour: "4"
user: lego
job: 'source /etc/default/lego && /usr/local/bin/lego --pem --path {{ lego_path }} --email {{ lego_email_address }} --dns {{ item.dns }} --domains "{{ item.domain }}" renew --days 30'
job: 'source /etc/default/lego && /usr/local/bin/lego --pem --path {{ lego_path }} --email {{ lego_email_address }} --dns {{ item.dns }} --domains "{{ item.domain }}" renew --days 45'
loop: "{{ lego_certs }}"
- name: create haproxy reload crontab

View file

@ -24,9 +24,17 @@
state: stopped
when: (lnd_binary.stat.exists == False) or (lnd_version != lnd_installed_version.stdout)
- name: remove old lnd files
file:
name: "/home/bitcoind/go/bin/{{ item }}"
state: absent
with_items:
- lncli
- lnd
- name: update lnd
unarchive:
src: 'https://github.com/lightningnetwork/lnd/releases/download/v{{ lnd_version }}/lnd-linux-{{ lnd_arch }}-v{{ lnd_version }}.tar.gz'
src: "https://github.com/lightningnetwork/lnd/releases/download/v{{ lnd_version }}/lnd-linux-{{ lnd_arch }}-v{{ lnd_version }}.tar.gz"
dest: /home/bitcoind/go/bin
owner: bitcoind
group: bitcoind

View file

@ -5,6 +5,7 @@
gid: "{{ item.id }}"
system: True
loop: "{{ nomad_ug_map }}"
when: nomad_ug_map is defined
- name: setup user mappings
user:
@ -12,6 +13,7 @@
uid: "{{ item.id }}"
system: True
loop: "{{ nomad_ug_map }}"
when: nomad_ug_map is defined
- name: ensure mounts
file:
@ -21,4 +23,5 @@
group: "{{ item.owner }}"
mode: 0755
loop: "{{ nomad_bind_mounts }}"
when: nomad_bind_mounts is defined
...