Ansible/DevOpsLab
Template
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix2

Browse Source
This commit is contained in:
Sergey Antropoff
2025-03-13 10:51:03 +03:00
parent 382395b909
commit 4e5ae1e78b
11 changed files with 92 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
roles/role/vars/secrets.yml → .ansible/.lock
View File

54
Dockerfile
View File

@@ -1,18 +1,52 @@
FROM python:3.9-slim # Use the official Python 3.12.9 Bullseye image as the base
FROM python:3.12.9-bullseye
# Устанавливаем зависимости # Set environment variables
RUN apt-get update && apt-get install -y \ ENV PYTHONUNBUFFERED=1
# Install system dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
git \ git \
curl \ ssh \
docker.io \ gcc \
docker-compose \ libffi-dev \
libssl-dev \
make \
sudo \
sshpass \ sshpass \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
RUN pip3 install --no-cache-dir ansible ansible-lint ansible-vault molecule docker molecule-docker # Install Docker CLI
RUN apt-get update && \
apt-get install -y --no-install-recommends \
ca-certificates \
curl \
gnupg \
lsb-release \
&& mkdir -p /etc/apt/keyrings \
&& curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bullseye stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null \
&& apt-get update && \
apt-get install -y --no-install-recommends \
docker-ce-cli \
&& rm -rf /var/lib/apt/lists/*
# Устанавливаем Docker CLI
RUN curl -fsSL https://get.docker.com | sh
# Install Python dependencies for Ansible and Molecule
RUN pip install --upgrade pip && \
pip install \
ansible \
ansible-lint \
ansible-vault \
molecule \
molecule-docker \
molecule-plugins ansible-compat \
docker
# Set the working directory
WORKDIR /ansible WORKDIR /ansible
ENTRYPOINT ["/bin/bash"]
# Default command
CMD ["/bin/bash"]

13
Makefile
View File

@@ -15,7 +15,7 @@ build:
rebuild: rebuild:
docker compose build --no-cache $(c) docker compose build --no-cache $(c)
docker compose down docker compose down
docker compose up -d # docker compose up -d
# Создание и запуск docker-контейнеров # Создание и запуск docker-контейнеров
up: up:
@@ -62,14 +62,17 @@ test: ## Запуск тестов с molecule
docker compose run --rm ansible bash -c "molecule test" docker compose run --rm ansible bash -c "molecule test"
lint: ## Проверка кода с ansible-lint lint: ## Проверка кода с ansible-lint
docker compose run --rm ansible sh -c "ansible-lint roles/role" docker compose run --rm ansible bash -c "ansible-lint roles/role"
vault: ## Шифрование/дешифрование с ansible-vault vault_create: ## Шифрование/дешифрование с ansible-vault
docker compose run --rm ansible sh -c "ansible-vault edit --vault-password-file vault-password.txt vars/secrets.yml" docker compose run --rm ansible bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt roles/role/vars/secrets.yml"
vault_edit: ## Шифрование/дешифрование с ansible-vault
docker compose run --rm ansible bash -c "ansible-vault edit --vault-password-file vault-password.txt roles/role/vars/secrets.yml"
deploy: test ## Деплой на реальные машины, если тест прошел успешно deploy: test ## Деплой на реальные машины, если тест прошел успешно
@echo "Deploying roles to production..." @echo "Deploying roles to production..."
docker compose run --rm ansible sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt" docker compose run --rm ansible /usr/bin/sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt"
#################################################################################################### ####################################################################################################
# Работа с Git # Работа с Git

9
ansible.cfg
View File

@@ -1,6 +1,7 @@
[defaults] [defaults]
inventory = /workspace/inventory inventory = /ansible/inventory
vault_password_file = /workspace/vault_password_file vault_password_file = /ansible/vault_password.txt
remote_user = devops remote_user = ansible
host_key_checking = False host_key_checking = False
enable_plugins = yaml, ini enable_plugins = yaml, ini
roles_path = /ansible/roles

5
docker-compose.yaml
View File

@@ -4,6 +4,9 @@ services:
container_name: ansible container_name: ansible
volumes: volumes:
- .:/ansible - .:/ansible
- /var/run/docker.sock:/var/run/docker.sock
environment: environment:
- ANSIBLE_VAULT_PASSWORD_FILE=/ansible/vault-password.txt - ANSIBLE_VAULT_PASSWORD_FILE=/ansible/vault-password.txt
tty: true tty: true
privileged: true
working_dir: /ansible

2
molecule/default/converge.yml
View File

@@ -2,4 +2,4 @@
- name: Converge - name: Converge
hosts: all hosts: all
roles: roles:
- role: role - role: /ansible/roles/role

3
molecule/default/molecule.yml
View File

@@ -1,6 +1,9 @@
--- ---
dependency: dependency:
name: galaxy name: galaxy
enabled: true
options:
requirements-file: /ansible/requirements.yml
driver: driver:
name: docker name: docker
platforms: platforms:

11
molecule/default/prepare.yml
View File

@@ -0,0 +1,11 @@
---
- name: Prepare
hosts: all
tasks:
- name: Install required packages
debug:
msg: "Hello, Prepare!"
# apt:
# name:
# - git
# state: present

7
molecule/default/verify.yml
View File

@@ -0,0 +1,7 @@
---
- name: Prepare
hosts: all
tasks:
- name: Install required packages
debug:
msg: "Hello, Verify!"

5
requirements.yaml
View File

@@ -1,5 +0,0 @@
---
- src: geerlingguy.nginx
version: 3.1.0
- src: geerlingguy.docker
version: 6.0.1

9
requirements.yml Normal file
View File

@@ -0,0 +1,9 @@
---
collections:
- name: maxhoesel.proxmox
version: 5.0.1
- name: community.general
version: 6.0.0
- name: ansible.posix
version: 1.4.0