cyclane/kovalhome
1
1
Fork 0
Code Issues 7 Pull Requests 1 Actions Packages Projects 3 Releases Activity

WIP: Joplin VM #3

Closed
cyclane wants to merge 12 commits from joplin-initial into main
pull from: joplin-initial
merge into: cyclane:main
Conversation 2 Commits 12 Files Changed 5 +128 -8
5 changed files with 128 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
.github/workflows/infra.yaml vendored
View File

@@ -4,14 +4,15 @@ on:
branches:
- main
paths:
- infra/**-playbook.yaml
- infra/**playbook.yaml
- .github/workflows/infra.yaml
push:
branches:
- main
env:
DEPLOY: ${{ github.ref == 'refs/heads/main' && ((startsWith(github.event.head_commit.message, '[deploy-all]') && 'all') || ('some')) || 'none' }}
# DEPLOY: ${{ github.ref == 'refs/heads/main' && ((startsWith(github.event.head_commit.message, '[deploy-all]') && 'all') || ('some')) || 'none' }}
DEPLOY: all
jobs:
ansible-playbooks:
@@ -35,8 +36,8 @@ jobs:
- name: Check playbooks
run: |
for file in $(find . -wholename "*/infra/*-playbook.yaml" -type f); do
ansible-playbook --inventory ./inventory --check "$file"
for file in $(find . -wholename "*/infra/*playbook.yaml" -type f); do
ansible-playbook --inventory ./inventory --syntax-check "$file"
done
- name: Get changed playbooks
@@ -44,7 +45,7 @@ jobs:
if: env.DEPLOY == 'some'
uses: tj-actions/changed-files@v38
with:
files: infra/**/*-playbook.yaml
files: infra/**/*playbook.yaml
- name: Get playbooks
id: playbooks
@@ -53,12 +54,19 @@ jobs:
if [[ "${{ env.DEPLOY }}" == "some" ]]; then
export TO_RUN="${{ steps.files.outputs.all_changed_files }}"
else
export TO_RUN="$(find . -wholename './infra/*-playbook.yaml' -type f)"
export TO_RUN="$(find . -wholename './infra/*playbook.yaml' -type f)"
fi
export TO_RUN="$( echo -n $TO_RUN | tr ' ' '\n' | sort | tr '\n' ' ' )" # run things in order :)
echo "will run playbooks: $TO_RUN"
echo "to_run=$TO_RUN" >> "$GITHUB_OUTPUT"
- name: Setup environment
if: env.DEPLOY != 'none' && steps.playbooks.outputs.to_run != ''
run: |
mkdir -p -m 700 ~/.ssh
echo "${{ secrets.SSH_PRIVATE }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
- name: Run playbooks
if: env.DEPLOY != 'none' && steps.playbooks.outputs.to_run != ''
env:
@@ -66,4 +74,5 @@ jobs:
PROXMOX_USER: ${{ secrets.PROXMOX_USER }}
PROXMOX_TOKEN_ID: ${{ secrets.PROXMOX_TOKEN_ID }}
PROXMOX_TOKEN_SECRET: ${{ secrets.PROXMOX_TOKEN_SECRET }}
SSH_PUBLIC: ${{ secrets.SSH_PUBLIC }}
run: ansible-playbook --inventory ./inventory ${{ steps.playbooks.outputs.to_run }}

2
README.md
View File

@@ -7,4 +7,4 @@ This repository contains any automations used in deploying *.koval.net services.
All 'managed' infrastructure is deployed and provisioned with [Ansible](https://www.ansible.com/).
However, some 'unmanaged' (manually managed) resources also exist - primarily everything required for this repository to work (I don't want to make a dependency loop).
Ansible playbooks are ran in alphanumerical order and are expected idempotent.
Ansible playbooks are ran in alphanumerical order and are expected to be idempotent.

85
infra/joplin/0000_proxmox_playbook.yaml Normal file
View File

@@ -0,0 +1,85 @@
- name: Provision joplin Proxmox VM
hosts: localhost
vars:
api_user: "{{ lookup('ansible.builtin.env', 'PROXMOX_USER') }}"
api_host: "{{ lookup('ansible.builtin.env', 'PROXMOX_HOST' ) }}"
api_token_id: "{{ lookup('ansible.builtin.env', 'PROXMOX_TOKEN_ID') }}"
api_token_secret: "{{ lookup('ansible.builtin.env', 'PROXMOX_TOKEN_SECRET') }}"
ssh_public: "{{ lookup('ansible.builtin.env', 'SSH_PUBLIC') }}"
vmname: joplin
node: pve
module_defaults:
community.general.proxmox_kvm:
api_user: "{{ api_user }}"
api_host: "{{ api_host }}"
api_token_id: "{{ api_token_id }}"
api_token_secret: "{{ api_token_secret }}"
name: "{{ vmname }}"
node: "{{ node }}"
community.general.proxmox_nic:
api_user: "{{ api_user }}"
api_host: "{{ api_host }}"
api_token_id: "{{ api_token_id }}"
api_token_secret: "{{ api_token_secret }}"
name: "{{ vmname }}"
community.general.proxmox_disk:
api_user: "{{ api_user }}"
api_host: "{{ api_host }}"
api_token_id: "{{ api_token_id }}"
api_token_secret: "{{ api_token_secret }}"
name: "{{ vmname }}"
tasks:
- name: Create VM
community.general.proxmox_kvm:
clone: "{{ node }}-debian-12"
storage: nvme
- name: Wait for VM to exist
community.general.proxmox_kvm:
state: current
register: vm
retries: 30
delay: 10
until: vm.status is defined
- name: Add HOME NIC
community.general.proxmox_nic:
interface: net0
firewall: false
bridge: HOME
- name: Add SRV NIC
community.general.proxmox_nic:
interface: net1
firewall: false
bridge: SRV
- name: Resize disk
community.general.proxmox_disk:
disk: scsi0
size: 64G
state: resized
- name: Update VM
community.general.proxmox_kvm:
update: true
ciuser: debian
sshkeys: "{{ ssh_public }}"
ipconfig:
ipconfig0: ip=dhcp,ip6=auto
ipconfig1: ip=dhcp,ip6=auto
agent: enabled=1
tags:
- debian-12
- managed
onboot: true
cores: 2
memory: 2048
- name: Retart VM # doesn't start if stopped
when:
- vm.status is defined
- vm.status == "running"
community.general.proxmox_kvm:
state: restarted
timeout: 60
- name: Start VM # start if stopped
when:
- vm.status is defined
- vm.status != "running"
community.general.proxmox_kvm:
state: started

19
infra/joplin/0001_docker_playbook.yaml Normal file
View File

@@ -0,0 +1,19 @@
- name: Setup Docker
hosts: joplin
gather_facts: false
tasks:
- name: Debug
ansible.builtin.debug:
msg: "{{ inventory_hostname }}"
- name: Wait for connection
ansible.builtin.wait_for:
host: "{{ inventory_hostname }}"
port: 22
timeout: 300
- name: Test some stuff
ansible.builtin.shell: |
touch ~/hmm
echo test > ~/test
echo test2 >> ~/test
args:
executable: /bin/bash

7
inventory/proxmox.yaml
View File

@@ -7,6 +7,13 @@ proxmox:
pve.mgmt.home.local.koval.net:
pve2.mgmt.home.local.koval.net:
managed:
children:
joplin:
hosts:
joplin.srv.home.local.koval.net:
vars:
ansible_user: debian
ansible_ssh_private_key_file: ~/.ssh/id_rsa
ansible_ssh_common_args: -o StrictHostKeyChecking=accept-new # TODO: Improve this
unmanaged:
hosts: