From 72d3bded7407e01a1e76128438648b8932183cbf Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 4 Sep 2023 19:59:57 +0100 Subject: [PATCH 01/35] cloud-vm --- .github/workflows/infra.yaml | 28 ++++--- README.md | 2 +- infra/cloud/0000_proxmox_playbook.yaml | 104 ++++++++++++++++++++++++ infra/cloud/0001_software_playbook.yaml | 53 ++++++++++++ inventory/proxmox.yaml | 9 +- 5 files changed, 183 insertions(+), 13 deletions(-) create mode 100644 infra/cloud/0000_proxmox_playbook.yaml create mode 100644 infra/cloud/0001_software_playbook.yaml diff --git a/.github/workflows/infra.yaml b/.github/workflows/infra.yaml index 6b1c861..53c21f2 100644 --- a/.github/workflows/infra.yaml +++ b/.github/workflows/infra.yaml @@ -4,14 +4,15 @@ on: branches: - main paths: - - infra/**-playbook.yaml + - infra/**playbook.yaml - .github/workflows/infra.yaml push: branches: - main env: - DEPLOY: ${{ github.ref == 'refs/heads/main' && ((startsWith(github.event.head_commit.message, '[deploy-all]') && 'all') || ('some')) || 'none' }} + # DEPLOY: ${{ github.ref == 'refs/heads/main' && ((startsWith(github.event.head_commit.message, '[deploy-all]') && 'all') || ('some')) || 'none' }} + DEPLOY: all jobs: ansible-playbooks: @@ -23,20 +24,17 @@ jobs: with: fetch-depth: ${{ env.DEPLOY == 'some' && 2 || 1 }} - - name: Setup Python - uses: actions/setup-python@v4 - with: - python-version: "3.11" - - name: Install dependencies run: | + apt update + apt install -y python3-pip pip3 install -r requirements.txt ansible-galaxy collection install community.general - name: Check playbooks run: | - for file in $(find . -wholename "*/infra/*-playbook.yaml" -type f); do - ansible-playbook --inventory ./inventory --check "$file" + for file in $(find . -wholename "*/infra/*playbook.yaml" -type f); do + ansible-playbook --inventory ./inventory --syntax-check "$file" done - name: Get changed playbooks @@ -44,7 +42,7 @@ jobs: if: env.DEPLOY == 'some' uses: tj-actions/changed-files@v38 with: - files: infra/**/*-playbook.yaml + files: infra/**/*playbook.yaml - name: Get playbooks id: playbooks @@ -53,12 +51,19 @@ jobs: if [[ "${{ env.DEPLOY }}" == "some" ]]; then export TO_RUN="${{ steps.files.outputs.all_changed_files }}" else - export TO_RUN="$(find . -wholename './infra/*-playbook.yaml' -type f)" + export TO_RUN="$(find . -wholename './infra/*playbook.yaml' -type f)" fi export TO_RUN="$( echo -n $TO_RUN | tr ' ' '\n' | sort | tr '\n' ' ' )" # run things in order :) echo "will run playbooks: $TO_RUN" echo "to_run=$TO_RUN" >> "$GITHUB_OUTPUT" + - name: Setup environment + if: env.DEPLOY != 'none' && steps.playbooks.outputs.to_run != '' + run: | + mkdir -p -m 700 ~/.ssh + echo "${{ secrets.SSH_PRIVATE }}" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + - name: Run playbooks if: env.DEPLOY != 'none' && steps.playbooks.outputs.to_run != '' env: @@ -66,4 +71,5 @@ jobs: PROXMOX_USER: ${{ secrets.PROXMOX_USER }} PROXMOX_TOKEN_ID: ${{ secrets.PROXMOX_TOKEN_ID }} PROXMOX_TOKEN_SECRET: ${{ secrets.PROXMOX_TOKEN_SECRET }} + SSH_PUBLIC: ${{ secrets.SSH_PUBLIC }} run: ansible-playbook --inventory ./inventory ${{ steps.playbooks.outputs.to_run }} diff --git a/README.md b/README.md index 6c43ecb..0397ccc 100644 --- a/README.md +++ b/README.md @@ -7,4 +7,4 @@ This repository contains any automations used in deploying *.koval.net services. All 'managed' infrastructure is deployed and provisioned with [Ansible](https://www.ansible.com/). However, some 'unmanaged' (manually managed) resources also exist - primarily everything required for this repository to work (I don't want to make a dependency loop). -Ansible playbooks are ran in alphanumerical order and are expected idempotent. +Ansible playbooks are ran in alphanumerical order and are expected to be idempotent. diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml new file mode 100644 index 0000000..46872e0 --- /dev/null +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -0,0 +1,104 @@ +- name: Provision cloud Proxmox VM + hosts: cloud + connection: ansible.builtin.local + gather_facts: false + vars: + api_user: "{{ lookup('ansible.builtin.env', 'PROXMOX_USER') }}" + api_host: "{{ lookup('ansible.builtin.env', 'PROXMOX_HOST' ) }}" + api_token_id: "{{ lookup('ansible.builtin.env', 'PROXMOX_TOKEN_ID') }}" + api_token_secret: "{{ lookup('ansible.builtin.env', 'PROXMOX_TOKEN_SECRET') }}" + ssh_public: "{{ lookup('ansible.builtin.env', 'SSH_PUBLIC') }}" + vmname: "{{ inventory_hostname | regex_replace('^([^\\.]+)\\..+$', '\\1') }}" + node: pve + module_defaults: + community.general.proxmox_kvm: + api_user: "{{ api_user }}" + api_host: "{{ api_host }}" + api_token_id: "{{ api_token_id }}" + api_token_secret: "{{ api_token_secret }}" + name: "{{ vmname }}" + node: "{{ node }}" + community.general.proxmox_nic: + api_user: "{{ api_user }}" + api_host: "{{ api_host }}" + api_token_id: "{{ api_token_id }}" + api_token_secret: "{{ api_token_secret }}" + name: "{{ vmname }}" + community.general.proxmox_disk: + api_user: "{{ api_user }}" + api_host: "{{ api_host }}" + api_token_id: "{{ api_token_id }}" + api_token_secret: "{{ api_token_secret }}" + name: "{{ vmname }}" + tasks: + # Initial setup + - name: Create VM + community.general.proxmox_kvm: + clone: "{{ node }}-debian-12" + storage: nvme + register: create + - name: Wait for status + community.general.proxmox_kvm: + state: current + register: vm + retries: 30 + delay: 10 + until: vm.status is defined + + # Networking and initial config + - name: Add HOME NIC + community.general.proxmox_nic: + interface: net0 + firewall: false + bridge: HOME + - name: Add SRV NIC + community.general.proxmox_nic: + interface: net1 + firewall: false + bridge: SRV + - name: Configure cloud-init + community.general.proxmox_kvm: + update: true + ciuser: debian + sshkeys: "{{ ssh_public }}" + ipconfig: + ipconfig0: ip=dhcp,ip6=auto + ipconfig1: ip=dhcp + + # Initial boot + # For some reason debian cloud images don't use + # cloud-init for networking on first boot (cloud-init files + # are regenerated AFTER networking starts). But we need the + # hostname to be registered with DHCP later on so ¯\_(ツ)_/¯ + - name: Initial boot + when: create.changed is true + block: + - name: Start + community.general.proxmox_kvm: + state: started + register: start + - name: Wait 3 min # Initial apt update, apt upgrade, cloud-init + ansible.builtin.wait_for: + timeout: 180 + + # VM Configuration + - name: Resize disk + community.general.proxmox_disk: + disk: scsi0 + size: 64G + state: resized + - name: Update VM + community.general.proxmox_kvm: + update: true + agent: enabled=1 + tags: + - debian-12 + - managed + onboot: true + cores: 2 + memory: 2048 + + - name: Retart VM + community.general.proxmox_kvm: + state: restarted + timeout: 60 diff --git a/infra/cloud/0001_software_playbook.yaml b/infra/cloud/0001_software_playbook.yaml new file mode 100644 index 0000000..1f89839 --- /dev/null +++ b/infra/cloud/0001_software_playbook.yaml @@ -0,0 +1,53 @@ +- name: Setup Software + hosts: joplin + gather_facts: false + tasks: + - name: Wait for connection + ansible.builtin.wait_for_connection: + timeout: 300 + - name: Install system packages + ansible.builtin.apt: + package: qemu-guest-agent + state: latest + become: true + - name: Install docker + block: + - name: Install dependencies + ansible.builtin.apt: + package: + - curl + - python3-apt + - gpg + state: latest + become: true + - name: Add key + ansible.builtin.apt_key: + url: https://download.docker.com/linux/debian/gpg + become: true + - name: Add repo + ansible.builtin.apt_repository: + update_cache: true + repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable + become: true + - name: Install docker + ansible.builtin.apt: + pacakge: + - docker-ce + - docker-ce-cli + - containerd.io + - docker-buildx-plugin + - docker-compose-plugin + state: latest + become: true + - name: Enable docker + ansible.builtin.systemd: + name: docker + state: started + enabled: true + become: true + - name: Enable qemu-guest-agent + ansible.builtin.systemd: + name: qemu-guest-agent + state: started + enabled: true + become: true diff --git a/inventory/proxmox.yaml b/inventory/proxmox.yaml index 6b4033d..04520dd 100644 --- a/inventory/proxmox.yaml +++ b/inventory/proxmox.yaml @@ -7,6 +7,13 @@ proxmox: pve.mgmt.home.local.koval.net: pve2.mgmt.home.local.koval.net: managed: - hosts: + children: + cloud: + hosts: + cloud.srv.home.local.koval.net: + vars: + ansible_user: debian + ansible_ssh_private_key_file: ~/.ssh/id_rsa + ansible_ssh_common_args: -o StrictHostKeyChecking=accept-new # TODO: Improve this unmanaged: hosts: -- 2.40.1 From edbd1cd9f90b724ad13b8e0a608b192e675c9c68 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 21:01:50 +0100 Subject: [PATCH 02/35] update hosts target 0001 --- infra/cloud/0001_software_playbook.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/cloud/0001_software_playbook.yaml b/infra/cloud/0001_software_playbook.yaml index 1f89839..0c96915 100644 --- a/infra/cloud/0001_software_playbook.yaml +++ b/infra/cloud/0001_software_playbook.yaml @@ -1,5 +1,5 @@ - name: Setup Software - hosts: joplin + hosts: cloud gather_facts: false tasks: - name: Wait for connection -- 2.40.1 From 0a479039e21977be6dd1cd8d94e23d9845114941 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 21:48:29 +0100 Subject: [PATCH 03/35] separate playbooks --- infra/cloud/0001_initialise_playbook.yaml | 18 ++++++++ infra/cloud/0001_software_playbook.yaml | 53 ----------------------- infra/cloud/0002_software_playbook.yaml | 40 +++++++++++++++++ 3 files changed, 58 insertions(+), 53 deletions(-) create mode 100644 infra/cloud/0001_initialise_playbook.yaml delete mode 100644 infra/cloud/0001_software_playbook.yaml create mode 100644 infra/cloud/0002_software_playbook.yaml diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml new file mode 100644 index 0000000..5ece9eb --- /dev/null +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -0,0 +1,18 @@ +- name: Initialise VM + hosts: cloud + gather_facts: false + tasks: + - name: Wait for connection + ansible.builtin.wait_for_connection: + timeout: 300 + - name: Install system packages + ansible.builtin.apt: + package: qemu-guest-agent + state: latest + become: true + - name: Enable qemu-guest-agent + ansible.builtin.systemd: + name: qemu-guest-agent + state: started + enabled: true + become: true diff --git a/infra/cloud/0001_software_playbook.yaml b/infra/cloud/0001_software_playbook.yaml deleted file mode 100644 index 0c96915..0000000 --- a/infra/cloud/0001_software_playbook.yaml +++ /dev/null @@ -1,53 +0,0 @@ -- name: Setup Software - hosts: cloud - gather_facts: false - tasks: - - name: Wait for connection - ansible.builtin.wait_for_connection: - timeout: 300 - - name: Install system packages - ansible.builtin.apt: - package: qemu-guest-agent - state: latest - become: true - - name: Install docker - block: - - name: Install dependencies - ansible.builtin.apt: - package: - - curl - - python3-apt - - gpg - state: latest - become: true - - name: Add key - ansible.builtin.apt_key: - url: https://download.docker.com/linux/debian/gpg - become: true - - name: Add repo - ansible.builtin.apt_repository: - update_cache: true - repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable - become: true - - name: Install docker - ansible.builtin.apt: - pacakge: - - docker-ce - - docker-ce-cli - - containerd.io - - docker-buildx-plugin - - docker-compose-plugin - state: latest - become: true - - name: Enable docker - ansible.builtin.systemd: - name: docker - state: started - enabled: true - become: true - - name: Enable qemu-guest-agent - ansible.builtin.systemd: - name: qemu-guest-agent - state: started - enabled: true - become: true diff --git a/infra/cloud/0002_software_playbook.yaml b/infra/cloud/0002_software_playbook.yaml new file mode 100644 index 0000000..8849650 --- /dev/null +++ b/infra/cloud/0002_software_playbook.yaml @@ -0,0 +1,40 @@ +- name: Install software + hosts: cloud + gather_facts: false + tasks: + - name: Wait for connection + ansible.builtin.wait_for_connection: + timeout: 300 + - name: Install dependencies + ansible.builtin.apt: + package: + - curl + - python3-apt + - gpg + state: latest + become: true + - name: Add docker key + ansible.builtin.apt_key: + url: https://download.docker.com/linux/debian/gpg + become: true + - name: Add docker repo + ansible.builtin.apt_repository: + update_cache: true + repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable + become: true + - name: Install docker + ansible.builtin.apt: + pacakge: + - docker-ce + - docker-ce-cli + - containerd.io + - docker-buildx-plugin + - docker-compose-plugin + state: latest + become: true + - name: Enable docker + ansible.builtin.systemd: + name: docker + state: started + enabled: true + become: true \ No newline at end of file -- 2.40.1 From f75abf978a87dc476f7fa6577bb70ab86a06fc23 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 21:57:43 +0100 Subject: [PATCH 04/35] always update cache --- infra/cloud/0001_initialise_playbook.yaml | 1 + infra/cloud/0002_software_playbook.yaml | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index 5ece9eb..e0553bb 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -7,6 +7,7 @@ timeout: 300 - name: Install system packages ansible.builtin.apt: + update_cache: true package: qemu-guest-agent state: latest become: true diff --git a/infra/cloud/0002_software_playbook.yaml b/infra/cloud/0002_software_playbook.yaml index 8849650..36d4aad 100644 --- a/infra/cloud/0002_software_playbook.yaml +++ b/infra/cloud/0002_software_playbook.yaml @@ -7,6 +7,7 @@ timeout: 300 - name: Install dependencies ansible.builtin.apt: + update_cache: true package: - curl - python3-apt @@ -19,11 +20,11 @@ become: true - name: Add docker repo ansible.builtin.apt_repository: - update_cache: true repo: deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bookworm stable become: true - name: Install docker ansible.builtin.apt: + update_cache: true pacakge: - docker-ce - docker-ce-cli -- 2.40.1 From 97995a95dde2af8449501792ed3ba4ec5483bf6b Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 22:12:03 +0100 Subject: [PATCH 05/35] fix keyring --- infra/cloud/0002_software_playbook.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/cloud/0002_software_playbook.yaml b/infra/cloud/0002_software_playbook.yaml index 36d4aad..b0561e3 100644 --- a/infra/cloud/0002_software_playbook.yaml +++ b/infra/cloud/0002_software_playbook.yaml @@ -17,6 +17,7 @@ - name: Add docker key ansible.builtin.apt_key: url: https://download.docker.com/linux/debian/gpg + keyring: /etc/apt/keyrings/docker.gpg become: true - name: Add docker repo ansible.builtin.apt_repository: -- 2.40.1 From 04e660c838c33f28029c0e05495e1e72b0060e01 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 22:30:52 +0100 Subject: [PATCH 06/35] fix cloud playbooks --- infra/cloud/0001_initialise_playbook.yaml | 5 ++--- infra/cloud/0002_software_playbook.yaml | 8 +++----- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index e0553bb..69d68ae 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -1,5 +1,5 @@ - name: Initialise VM - hosts: cloud + hosts: cloud gather_facts: false tasks: - name: Wait for connection @@ -8,8 +8,7 @@ - name: Install system packages ansible.builtin.apt: update_cache: true - package: qemu-guest-agent - state: latest + pkg: qemu-guest-agent become: true - name: Enable qemu-guest-agent ansible.builtin.systemd: diff --git a/infra/cloud/0002_software_playbook.yaml b/infra/cloud/0002_software_playbook.yaml index b0561e3..964a76b 100644 --- a/infra/cloud/0002_software_playbook.yaml +++ b/infra/cloud/0002_software_playbook.yaml @@ -8,11 +8,10 @@ - name: Install dependencies ansible.builtin.apt: update_cache: true - package: + pkg: - curl - python3-apt - gpg - state: latest become: true - name: Add docker key ansible.builtin.apt_key: @@ -26,17 +25,16 @@ - name: Install docker ansible.builtin.apt: update_cache: true - pacakge: + pkg: - docker-ce - docker-ce-cli - containerd.io - docker-buildx-plugin - docker-compose-plugin - state: latest become: true - name: Enable docker ansible.builtin.systemd: name: docker state: started enabled: true - become: true \ No newline at end of file + become: true -- 2.40.1 From 2bba6dfa859dfc5ed00db6a2ecbd366247b2416c Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 22:51:05 +0100 Subject: [PATCH 07/35] rename 0002 --- ...002_software_playbook.yaml => 0002_docker_playbook.yaml} | 6 ++++++ 1 file changed, 6 insertions(+) rename infra/cloud/{0002_software_playbook.yaml => 0002_docker_playbook.yaml} (88%) diff --git a/infra/cloud/0002_software_playbook.yaml b/infra/cloud/0002_docker_playbook.yaml similarity index 88% rename from infra/cloud/0002_software_playbook.yaml rename to infra/cloud/0002_docker_playbook.yaml index 964a76b..35dab71 100644 --- a/infra/cloud/0002_software_playbook.yaml +++ b/infra/cloud/0002_docker_playbook.yaml @@ -38,3 +38,9 @@ state: started enabled: true become: true + - name: Add user to docker group + ansible.builtin.user: + user: debian + groups: + - docker + append: true -- 2.40.1 From e1c0eb6265047c6cff767f66e692eaf87808298d Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 23:23:58 +0100 Subject: [PATCH 08/35] data disk --- infra/cloud/0000_proxmox_playbook.yaml | 14 ++++++++++---- infra/cloud/0001_initialise_playbook.yaml | 23 +++++++++++++++++++++++ 2 files changed, 33 insertions(+), 4 deletions(-) diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index 46872e0..7bc6dbe 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -77,16 +77,22 @@ community.general.proxmox_kvm: state: started register: start - - name: Wait 3 min # Initial apt update, apt upgrade, cloud-init + - name: Wait 1 min # Initial apt update, apt upgrade, cloud-init ansible.builtin.wait_for: - timeout: 180 + timeout: 60 # VM Configuration - - name: Resize disk + - name: Resize root disk community.general.proxmox_disk: disk: scsi0 - size: 64G + size: 16G state: resized + - name: Create data disk + community.general.proxmox_disk: + disk: scsi1 + backup: true + storage: nvme + size: 2048G - name: Update VM community.general.proxmox_kvm: update: true diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index 69d68ae..29f3ec1 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -16,3 +16,26 @@ state: started enabled: true become: true + + - name: Create data partition + community.general.parted: + device: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1 + label: gpt + name: data + number: 1 + fs_type: ext4 + state: present + become: true + - name: Mount data partition + ansible.posix.mount: + src: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1-part1 + path: /mnt/data + fstype: ext4 + state: present + become: true + - name: Set data partition permissions + ansible.builtin.file: + path: /mnt/data + owner: debian + group: debian + become: true -- 2.40.1 From 51a0ca3938044f85705fa23c8ddb6f8c2f68969e Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 23:30:22 +0100 Subject: [PATCH 09/35] fix playbook --- infra/cloud/docker-compose.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 infra/cloud/docker-compose.yaml diff --git a/infra/cloud/docker-compose.yaml b/infra/cloud/docker-compose.yaml new file mode 100644 index 0000000..e69de29 -- 2.40.1 From 2506402fae2ce8651f621bfab1121fab0b75d928 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 23:39:20 +0100 Subject: [PATCH 10/35] logging :) --- .github/workflows/infra.yaml | 2 +- infra/cloud/0000_proxmox_playbook.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/infra.yaml b/.github/workflows/infra.yaml index 53c21f2..0f51db8 100644 --- a/.github/workflows/infra.yaml +++ b/.github/workflows/infra.yaml @@ -72,4 +72,4 @@ jobs: PROXMOX_TOKEN_ID: ${{ secrets.PROXMOX_TOKEN_ID }} PROXMOX_TOKEN_SECRET: ${{ secrets.PROXMOX_TOKEN_SECRET }} SSH_PUBLIC: ${{ secrets.SSH_PUBLIC }} - run: ansible-playbook --inventory ./inventory ${{ steps.playbooks.outputs.to_run }} + run: ansible-playbook --inventory ./inventory ${{ steps.playbooks.outputs.to_run }} -vv diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index 7bc6dbe..990bf43 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -85,14 +85,14 @@ - name: Resize root disk community.general.proxmox_disk: disk: scsi0 - size: 16G + size: 16 state: resized - name: Create data disk community.general.proxmox_disk: disk: scsi1 backup: true storage: nvme - size: 2048G + size: 2048 - name: Update VM community.general.proxmox_kvm: update: true -- 2.40.1 From 46303021f5ac864165e3f4d29f2980044e706e37 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 23:48:06 +0100 Subject: [PATCH 11/35] fix parted --- infra/cloud/0001_initialise_playbook.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index 29f3ec1..f914f89 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -8,7 +8,9 @@ - name: Install system packages ansible.builtin.apt: update_cache: true - pkg: qemu-guest-agent + pkg: + - qemu-guest-agent + - parted become: true - name: Enable qemu-guest-agent ansible.builtin.systemd: -- 2.40.1 From 69e609d52275e2a630a1f732dc21defbd9747e5d Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Mon, 25 Sep 2023 23:54:41 +0100 Subject: [PATCH 12/35] mount partition --- infra/cloud/0001_initialise_playbook.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index f914f89..fbaeaa7 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -33,7 +33,7 @@ src: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1-part1 path: /mnt/data fstype: ext4 - state: present + state: mounted become: true - name: Set data partition permissions ansible.builtin.file: -- 2.40.1 From d005032c97628c9972594b405c919a5c892ace1b Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 00:15:19 +0100 Subject: [PATCH 13/35] create data filesystem --- infra/cloud/0001_initialise_playbook.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index fbaeaa7..4103dec 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -25,9 +25,12 @@ label: gpt name: data number: 1 - fs_type: ext4 state: present become: true + - name: Create data filesystem + community.general.filesystem: + dev: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1-part1 + fstype: ext4 - name: Mount data partition ansible.posix.mount: src: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1-part1 -- 2.40.1 From 00cad09f371d09abc8ab8fc51533044d5441908a Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 00:23:05 +0100 Subject: [PATCH 14/35] become root for filesystem --- infra/cloud/0001_initialise_playbook.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index 4103dec..fd5b45b 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -31,6 +31,7 @@ community.general.filesystem: dev: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1-part1 fstype: ext4 + become: true - name: Mount data partition ansible.posix.mount: src: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1-part1 -- 2.40.1 From 400ce1590e731268a0b34f510d1ff1682f70ae86 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 00:29:21 +0100 Subject: [PATCH 15/35] become root for docker group --- infra/cloud/0002_docker_playbook.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/cloud/0002_docker_playbook.yaml b/infra/cloud/0002_docker_playbook.yaml index 35dab71..0c9ab20 100644 --- a/infra/cloud/0002_docker_playbook.yaml +++ b/infra/cloud/0002_docker_playbook.yaml @@ -44,3 +44,4 @@ groups: - docker append: true + become: true -- 2.40.1 From 6a900ecbc4906f0cd869660cca31c826f93a3e16 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 00:40:09 +0100 Subject: [PATCH 16/35] docker compose --- infra/cloud/0002_docker_playbook.yaml | 12 ++++++------ infra/cloud/0003_app_playbook.yaml | 24 ++++++++++++++++++++++++ infra/cloud/cloud/docker-compose.yaml | 5 +++++ infra/cloud/docker-compose.yaml | 0 4 files changed, 35 insertions(+), 6 deletions(-) create mode 100644 infra/cloud/0003_app_playbook.yaml create mode 100644 infra/cloud/cloud/docker-compose.yaml delete mode 100644 infra/cloud/docker-compose.yaml diff --git a/infra/cloud/0002_docker_playbook.yaml b/infra/cloud/0002_docker_playbook.yaml index 0c9ab20..b2a09fe 100644 --- a/infra/cloud/0002_docker_playbook.yaml +++ b/infra/cloud/0002_docker_playbook.yaml @@ -32,12 +32,6 @@ - docker-buildx-plugin - docker-compose-plugin become: true - - name: Enable docker - ansible.builtin.systemd: - name: docker - state: started - enabled: true - become: true - name: Add user to docker group ansible.builtin.user: user: debian @@ -45,3 +39,9 @@ - docker append: true become: true + - name: Enable docker + ansible.builtin.systemd: + name: docker + state: started + enabled: true + become: true diff --git a/infra/cloud/0003_app_playbook.yaml b/infra/cloud/0003_app_playbook.yaml new file mode 100644 index 0000000..ffd3c81 --- /dev/null +++ b/infra/cloud/0003_app_playbook.yaml @@ -0,0 +1,24 @@ +- name: Deploy app + hosts: cloud + gather_facts: false + vars: + project_src: /home/debian/cloud + module_defaults: + community.docker.docker_compose: + project_src: "{{ project_src }}" + tasks: + - name: Wait for connection + ansible.builtin.wait_for_connection: + timeout: 300 + - name: Copy project + ansible.builtin.copy: + directory_mode: true + src: ./cloud + mode: "0744" + dest: "{{ project_src }}" + - name: Docker compose down + community.docker.docker_compose: + state: absent + - name: Docker compose up + community.docker.docker_compose: + state: present diff --git a/infra/cloud/cloud/docker-compose.yaml b/infra/cloud/cloud/docker-compose.yaml new file mode 100644 index 0000000..ccce18f --- /dev/null +++ b/infra/cloud/cloud/docker-compose.yaml @@ -0,0 +1,5 @@ +version: "3" + +services: + test: + image: nginx \ No newline at end of file diff --git a/infra/cloud/docker-compose.yaml b/infra/cloud/docker-compose.yaml deleted file mode 100644 index e69de29..0000000 -- 2.40.1 From a2debba06a17372880d4ffcd07c2aa4eaff3d30b Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 01:05:26 +0100 Subject: [PATCH 17/35] fix docker compose --- infra/cloud/0003_app_playbook.yaml | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/infra/cloud/0003_app_playbook.yaml b/infra/cloud/0003_app_playbook.yaml index ffd3c81..36af173 100644 --- a/infra/cloud/0003_app_playbook.yaml +++ b/infra/cloud/0003_app_playbook.yaml @@ -2,23 +2,29 @@ hosts: cloud gather_facts: false vars: - project_src: /home/debian/cloud - module_defaults: - community.docker.docker_compose: - project_src: "{{ project_src }}" + project: cloud tasks: - name: Wait for connection ansible.builtin.wait_for_connection: timeout: 300 + - name: Get user + ansible.builtin.user: + name: debian + register: user - name: Copy project ansible.builtin.copy: directory_mode: true - src: ./cloud + src: ./{{ project }} mode: "0744" - dest: "{{ project_src }}" - - name: Docker compose down - community.docker.docker_compose: - state: absent - - name: Docker compose up - community.docker.docker_compose: - state: present + dest: "{{ user.home }}" + - name: Docker compose + module_defaults: + community.docker.docker_compose: + project_src: "{{ user.home }}/{{ project }}" + block: + - name: Down + community.docker.docker_compose: + state: absent + - name: Up + community.docker.docker_compose: + state: present -- 2.40.1 From 67b02cfe6dee0b2312fd5412a1f197ca5a4c7783 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 01:15:39 +0100 Subject: [PATCH 18/35] fix copy? --- infra/cloud/0003_app_playbook.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/infra/cloud/0003_app_playbook.yaml b/infra/cloud/0003_app_playbook.yaml index 36af173..48c790d 100644 --- a/infra/cloud/0003_app_playbook.yaml +++ b/infra/cloud/0003_app_playbook.yaml @@ -13,9 +13,7 @@ register: user - name: Copy project ansible.builtin.copy: - directory_mode: true src: ./{{ project }} - mode: "0744" dest: "{{ user.home }}" - name: Docker compose module_defaults: -- 2.40.1 From 2e612889f60e60b0869873ab2cb4621f2698e6ad Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 01:20:36 +0100 Subject: [PATCH 19/35] set copy permissions --- infra/cloud/0003_app_playbook.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/cloud/0003_app_playbook.yaml b/infra/cloud/0003_app_playbook.yaml index 48c790d..26b5aac 100644 --- a/infra/cloud/0003_app_playbook.yaml +++ b/infra/cloud/0003_app_playbook.yaml @@ -15,6 +15,7 @@ ansible.builtin.copy: src: ./{{ project }} dest: "{{ user.home }}" + mode: "0744" - name: Docker compose module_defaults: community.docker.docker_compose: -- 2.40.1 From ad5b65e694a85db8c6a4e7a62e1b571afd0009f3 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 01:25:53 +0100 Subject: [PATCH 20/35] install python3-docker --- infra/cloud/0002_docker_playbook.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/cloud/0002_docker_playbook.yaml b/infra/cloud/0002_docker_playbook.yaml index b2a09fe..cff249e 100644 --- a/infra/cloud/0002_docker_playbook.yaml +++ b/infra/cloud/0002_docker_playbook.yaml @@ -31,6 +31,7 @@ - containerd.io - docker-buildx-plugin - docker-compose-plugin + - python3-docker become: true - name: Add user to docker group ansible.builtin.user: -- 2.40.1 From 562f0a2983bda71e548c1027076ebf7da343f462 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 01:49:40 +0100 Subject: [PATCH 21/35] don't use docker_compose module --- infra/cloud/0000_proxmox_playbook.yaml | 2 +- infra/cloud/0002_docker_playbook.yaml | 1 - infra/cloud/0003_app_playbook.yaml | 21 ++++++++++----------- 3 files changed, 11 insertions(+), 13 deletions(-) diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index 990bf43..e90aa9b 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -85,7 +85,7 @@ - name: Resize root disk community.general.proxmox_disk: disk: scsi0 - size: 16 + size: 16G state: resized - name: Create data disk community.general.proxmox_disk: diff --git a/infra/cloud/0002_docker_playbook.yaml b/infra/cloud/0002_docker_playbook.yaml index cff249e..b2a09fe 100644 --- a/infra/cloud/0002_docker_playbook.yaml +++ b/infra/cloud/0002_docker_playbook.yaml @@ -31,7 +31,6 @@ - containerd.io - docker-buildx-plugin - docker-compose-plugin - - python3-docker become: true - name: Add user to docker group ansible.builtin.user: diff --git a/infra/cloud/0003_app_playbook.yaml b/infra/cloud/0003_app_playbook.yaml index 26b5aac..0736263 100644 --- a/infra/cloud/0003_app_playbook.yaml +++ b/infra/cloud/0003_app_playbook.yaml @@ -16,14 +16,13 @@ src: ./{{ project }} dest: "{{ user.home }}" mode: "0744" - - name: Docker compose - module_defaults: - community.docker.docker_compose: - project_src: "{{ user.home }}/{{ project }}" - block: - - name: Down - community.docker.docker_compose: - state: absent - - name: Up - community.docker.docker_compose: - state: present + notify: re-deploy + handlers: + - name: Restart Docker compose + ansible.builtin.shell: | + docker compose down + docker compose up -d + exit 0 + args: + chdir: "{{ user.home }}/{{ project }}" + listen: re-deploy -- 2.40.1 From c74a696d256ce7c320e3a3984635dcba36859bcf Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 02:03:59 +0100 Subject: [PATCH 22/35] growfs & compose update --- infra/cloud/0001_initialise_playbook.yaml | 1 + infra/cloud/cloud/docker-compose.yaml | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/infra/cloud/0001_initialise_playbook.yaml b/infra/cloud/0001_initialise_playbook.yaml index fd5b45b..579ebcc 100644 --- a/infra/cloud/0001_initialise_playbook.yaml +++ b/infra/cloud/0001_initialise_playbook.yaml @@ -37,6 +37,7 @@ src: /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1-part1 path: /mnt/data fstype: ext4 + opts: rw,errors=remount-ro,x-systemd.growfs state: mounted become: true - name: Set data partition permissions diff --git a/infra/cloud/cloud/docker-compose.yaml b/infra/cloud/cloud/docker-compose.yaml index ccce18f..2645159 100644 --- a/infra/cloud/cloud/docker-compose.yaml +++ b/infra/cloud/cloud/docker-compose.yaml @@ -2,4 +2,5 @@ version: "3" services: test: - image: nginx \ No newline at end of file + image: nginx + restart: unless-stopped \ No newline at end of file -- 2.40.1 From 4f0dde1da87315bb01391d8f9d639acdf8b237f5 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 03:13:11 +0100 Subject: [PATCH 23/35] nextcloud aio --- ...yaml => 0003_nextcloud_playbook copy.yaml} | 16 ++++-------- infra/cloud/0004_immich_playbook.yaml | 26 +++++++++++++++++++ .../{cloud => immich}/docker-compose.yaml | 4 +-- infra/cloud/nextcloud/all-in-one.sh | 16 ++++++++++++ 4 files changed, 49 insertions(+), 13 deletions(-) rename infra/cloud/{0003_app_playbook.yaml => 0003_nextcloud_playbook copy.yaml} (56%) create mode 100644 infra/cloud/0004_immich_playbook.yaml rename infra/cloud/{cloud => immich}/docker-compose.yaml (52%) create mode 100644 infra/cloud/nextcloud/all-in-one.sh diff --git a/infra/cloud/0003_app_playbook.yaml b/infra/cloud/0003_nextcloud_playbook copy.yaml similarity index 56% rename from infra/cloud/0003_app_playbook.yaml rename to infra/cloud/0003_nextcloud_playbook copy.yaml index 0736263..114f215 100644 --- a/infra/cloud/0003_app_playbook.yaml +++ b/infra/cloud/0003_nextcloud_playbook copy.yaml @@ -2,7 +2,7 @@ hosts: cloud gather_facts: false vars: - project: cloud + app: nextcloud tasks: - name: Wait for connection ansible.builtin.wait_for_connection: @@ -13,16 +13,10 @@ register: user - name: Copy project ansible.builtin.copy: - src: ./{{ project }} + src: ./{{ app }} dest: "{{ user.home }}" mode: "0744" - notify: re-deploy - handlers: - - name: Restart Docker compose - ansible.builtin.shell: | - docker compose down - docker compose up -d - exit 0 + - name: Re-deploy + ansible.builtin.command: bash all-in-one.sh args: - chdir: "{{ user.home }}/{{ project }}" - listen: re-deploy + chdir: "{{ user.home }}/{{ app }}" diff --git a/infra/cloud/0004_immich_playbook.yaml b/infra/cloud/0004_immich_playbook.yaml new file mode 100644 index 0000000..984fb2d --- /dev/null +++ b/infra/cloud/0004_immich_playbook.yaml @@ -0,0 +1,26 @@ +- name: Deploy app + hosts: cloud + gather_facts: false + vars: + app: immich + tasks: + - name: Wait for connection + ansible.builtin.wait_for_connection: + timeout: 300 + - name: Get user + ansible.builtin.user: + name: debian + register: user + - name: Docker compose down + ansible.builtin.command: docker compose down + args: + chdir: "{{ user.home }}/{{ app }}" + - name: Copy project + ansible.builtin.copy: + src: ./{{ app }} + dest: "{{ user.home }}" + mode: "0744" + - name: Docker compose up -d + ansible.builtin.command: docker compose up -d + args: + chdir: "{{ user.home }}/{{ app }}" diff --git a/infra/cloud/cloud/docker-compose.yaml b/infra/cloud/immich/docker-compose.yaml similarity index 52% rename from infra/cloud/cloud/docker-compose.yaml rename to infra/cloud/immich/docker-compose.yaml index 2645159..90b74f4 100644 --- a/infra/cloud/cloud/docker-compose.yaml +++ b/infra/cloud/immich/docker-compose.yaml @@ -1,6 +1,6 @@ version: "3" services: - test: + dummy: image: nginx - restart: unless-stopped \ No newline at end of file + restart: unless-stopped diff --git a/infra/cloud/nextcloud/all-in-one.sh b/infra/cloud/nextcloud/all-in-one.sh new file mode 100644 index 0000000..713aa9f --- /dev/null +++ b/infra/cloud/nextcloud/all-in-one.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +docker stop nextcloud-aio-mastercontainer || true +docker rm nextcloud-aio-mastercontainer || true + +docker run \ +--init \ +--sig-proxy=false \ +--name nextcloud-aio-mastercontainer \ +--restart unless-stopped \ +--publish 8080:8080 \ +--env APACHE_PORT=11000 \ +--env APACHE_IP_BINDING=0.0.0.0 \ +--volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ +--volume /var/run/docker.sock:/var/run/docker.sock:ro \ +-d nextcloud/all-in-one:latestdocker run -- 2.40.1 From c5c41643839794e95c4bfc331dd428c54ae0e1dd Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 03:20:08 +0100 Subject: [PATCH 24/35] ignore docker compose down errors --- infra/cloud/0004_immich_playbook.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/infra/cloud/0004_immich_playbook.yaml b/infra/cloud/0004_immich_playbook.yaml index 984fb2d..2b38c4f 100644 --- a/infra/cloud/0004_immich_playbook.yaml +++ b/infra/cloud/0004_immich_playbook.yaml @@ -15,6 +15,7 @@ ansible.builtin.command: docker compose down args: chdir: "{{ user.home }}/{{ app }}" + ignore_errors: true - name: Copy project ansible.builtin.copy: src: ./{{ app }} -- 2.40.1 From 8609446a553f19d019983405c7933eb3b02a3bcc Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 03:36:16 +0100 Subject: [PATCH 25/35] fix playbook --- ..._nextcloud_playbook copy.yaml => 0003_nextcloud_playbook.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename infra/cloud/{0003_nextcloud_playbook copy.yaml => 0003_nextcloud_playbook.yaml} (100%) diff --git a/infra/cloud/0003_nextcloud_playbook copy.yaml b/infra/cloud/0003_nextcloud_playbook.yaml similarity index 100% rename from infra/cloud/0003_nextcloud_playbook copy.yaml rename to infra/cloud/0003_nextcloud_playbook.yaml -- 2.40.1 From 8550753a861560f05dc38473c1cdb1d2118bae0d Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 03:48:20 +0100 Subject: [PATCH 26/35] fix nextcloud --- infra/cloud/nextcloud/all-in-one.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/cloud/nextcloud/all-in-one.sh b/infra/cloud/nextcloud/all-in-one.sh index 713aa9f..4324cc6 100644 --- a/infra/cloud/nextcloud/all-in-one.sh +++ b/infra/cloud/nextcloud/all-in-one.sh @@ -13,4 +13,4 @@ docker run \ --env APACHE_IP_BINDING=0.0.0.0 \ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ --volume /var/run/docker.sock:/var/run/docker.sock:ro \ --d nextcloud/all-in-one:latestdocker run +-d nextcloud/all-in-one:latest -- 2.40.1 From 01ec3c9bceef3206e73c2211dc7c8a5dacefe32f Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 04:03:27 +0100 Subject: [PATCH 27/35] use public services NIC --- infra/cloud/0000_proxmox_playbook.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index e90aa9b..4f40cac 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -46,11 +46,11 @@ until: vm.status is defined # Networking and initial config - - name: Add HOME NIC + - name: Add PUB NIC community.general.proxmox_nic: interface: net0 firewall: false - bridge: HOME + bridge: PUB - name: Add SRV NIC community.general.proxmox_nic: interface: net1 -- 2.40.1 From 6e21bb7e292249828707c5a05886d7abc971a8e3 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 04:07:54 +0100 Subject: [PATCH 28/35] wait for a bit longer --- infra/cloud/0000_proxmox_playbook.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index 4f40cac..5ff21d0 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -79,7 +79,7 @@ register: start - name: Wait 1 min # Initial apt update, apt upgrade, cloud-init ansible.builtin.wait_for: - timeout: 60 + timeout: 90 # VM Configuration - name: Resize root disk -- 2.40.1 From 70fbba002efc307b90930df5ef8066dd84d10868 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 04:10:11 +0100 Subject: [PATCH 29/35] correct task name --- infra/cloud/0000_proxmox_playbook.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index 5ff21d0..ab97e0b 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -77,7 +77,7 @@ community.general.proxmox_kvm: state: started register: start - - name: Wait 1 min # Initial apt update, apt upgrade, cloud-init + - name: Wait 1.5 min # Initial apt update, apt upgrade, cloud-init ansible.builtin.wait_for: timeout: 90 -- 2.40.1 From 5e9daf3cfab93feb978fa3b419fb217770910400 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 04:21:25 +0100 Subject: [PATCH 30/35] upgrade cloud vm --- infra/cloud/0000_proxmox_playbook.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index ab97e0b..2ed0f49 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -101,8 +101,8 @@ - debian-12 - managed onboot: true - cores: 2 - memory: 2048 + cores: 8 + memory: 16384 - name: Retart VM community.general.proxmox_kvm: -- 2.40.1 From 6b8ca3d5e09d3f1452ead2bc20bedb9cf696a5f7 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 18:42:27 +0100 Subject: [PATCH 31/35] empty immich docker compose --- infra/cloud/immich/docker-compose.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/infra/cloud/immich/docker-compose.yaml b/infra/cloud/immich/docker-compose.yaml index 90b74f4..5db6fe9 100644 --- a/infra/cloud/immich/docker-compose.yaml +++ b/infra/cloud/immich/docker-compose.yaml @@ -1,6 +1 @@ version: "3" - -services: - dummy: - image: nginx - restart: unless-stopped -- 2.40.1 From 2706b4253aabc8d68dd7a28739496a141c5339ec Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 19:13:41 +0100 Subject: [PATCH 32/35] dummy service --- infra/cloud/immich/docker-compose.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/infra/cloud/immich/docker-compose.yaml b/infra/cloud/immich/docker-compose.yaml index 5db6fe9..2cd6cbf 100644 --- a/infra/cloud/immich/docker-compose.yaml +++ b/infra/cloud/immich/docker-compose.yaml @@ -1 +1,5 @@ version: "3" + +services: + immich: + image: nginx -- 2.40.1 From e8da0d80d47d2730d99c19f1542d63b779b35ce7 Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 20:42:27 +0100 Subject: [PATCH 33/35] improve nextcloud-aio and disable immich --- infra/cloud/0004_immich_playbook.yaml | 28 ++++---- infra/cloud/immich/docker-compose.yaml | 92 +++++++++++++++++++++++++- infra/cloud/nextcloud/all-in-one.sh | 3 + 3 files changed, 107 insertions(+), 16 deletions(-) diff --git a/infra/cloud/0004_immich_playbook.yaml b/infra/cloud/0004_immich_playbook.yaml index 2b38c4f..f5ec067 100644 --- a/infra/cloud/0004_immich_playbook.yaml +++ b/infra/cloud/0004_immich_playbook.yaml @@ -11,17 +11,17 @@ ansible.builtin.user: name: debian register: user - - name: Docker compose down - ansible.builtin.command: docker compose down - args: - chdir: "{{ user.home }}/{{ app }}" - ignore_errors: true - - name: Copy project - ansible.builtin.copy: - src: ./{{ app }} - dest: "{{ user.home }}" - mode: "0744" - - name: Docker compose up -d - ansible.builtin.command: docker compose up -d - args: - chdir: "{{ user.home }}/{{ app }}" + # - name: Docker compose down + # ansible.builtin.command: docker compose down + # args: + # chdir: "{{ user.home }}/{{ app }}" + # ignore_errors: true + # - name: Copy project + # ansible.builtin.copy: + # src: ./{{ app }} + # dest: "{{ user.home }}" + # mode: "0744" + # - name: Docker compose up -d + # ansible.builtin.command: docker compose up -d + # args: + # chdir: "{{ user.home }}/{{ app }}" diff --git a/infra/cloud/immich/docker-compose.yaml b/infra/cloud/immich/docker-compose.yaml index 2cd6cbf..3caaf6f 100644 --- a/infra/cloud/immich/docker-compose.yaml +++ b/infra/cloud/immich/docker-compose.yaml @@ -1,5 +1,93 @@ version: "3" services: - immich: - image: nginx + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + command: [ "start.sh", "immich" ] + volumes: + - ${UPLOAD_LOCATION}:/usr/src/app/upload + env_file: + - .env + depends_on: + - redis + - database + - typesense + restart: always + + immich-microservices: + container_name: immich_microservices + image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} + # extends: + # file: hwaccel.yml + # service: hwaccel + command: [ "start.sh", "microservices" ] + volumes: + - ${UPLOAD_LOCATION}:/usr/src/app/upload + env_file: + - .env + depends_on: + - redis + - database + - typesense + restart: always + + immich-machine-learning: + container_name: immich_machine_learning + image: ghcr.io/immich-app/immich-machine-learning:${IMMICH_VERSION:-release} + volumes: + - /mnt/data/immich-model-cache:/cache + env_file: + - .env + restart: always + + immich-web: + container_name: immich_web + image: ghcr.io/immich-app/immich-web:${IMMICH_VERSION:-release} + env_file: + - .env + restart: always + + typesense: + container_name: immich_typesense + image: typesense/typesense:0.24.1@sha256:9bcff2b829f12074426ca044b56160ca9d777a0c488303469143dd9f8259d4dd + environment: + - TYPESENSE_API_KEY=${TYPESENSE_API_KEY} + - TYPESENSE_DATA_DIR=/data + # remove this to get debug messages + - GLOG_minloglevel=1 + volumes: + - /mnt/data/immich-typesense:/data + restart: always + + redis: + container_name: immich_redis + image: redis:6.2-alpine@sha256:70a7a5b641117670beae0d80658430853896b5ef269ccf00d1827427e3263fa3 + restart: always + + database: + container_name: immich_postgres + image: postgres:14-alpine@sha256:28407a9961e76f2d285dc6991e8e48893503cc3836a4755bbc2d40bcc272a441 + env_file: + - .env + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + volumes: + - /mnt/data/immich-pgdata:/var/lib/postgresql/data + restart: always + + immich-proxy: + container_name: immich_proxy + image: ghcr.io/immich-app/immich-proxy:${IMMICH_VERSION:-release} + environment: + # Make sure these values get passed through from the env file + - IMMICH_SERVER_URL + - IMMICH_WEB_URL + ports: + - 2283:8080 + depends_on: + - immich-server + - immich-web + restart: always diff --git a/infra/cloud/nextcloud/all-in-one.sh b/infra/cloud/nextcloud/all-in-one.sh index 4324cc6..fd21e5d 100644 --- a/infra/cloud/nextcloud/all-in-one.sh +++ b/infra/cloud/nextcloud/all-in-one.sh @@ -9,8 +9,11 @@ docker run \ --name nextcloud-aio-mastercontainer \ --restart unless-stopped \ --publish 8080:8080 \ +--env NEXTCLOUD_DATADIR=/mnt/data/nextcloud \ --env APACHE_PORT=11000 \ --env APACHE_IP_BINDING=0.0.0.0 \ +--env TZ=Europe/London \ +--env AIO_DISABLE_BACKUP_SECTION=true \ --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ --volume /var/run/docker.sock:/var/run/docker.sock:ro \ -d nextcloud/all-in-one:latest -- 2.40.1 From 9605f72366462a53c9a475264019b880f1dab82a Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 20:42:46 +0100 Subject: [PATCH 34/35] don't deploy all --- .github/workflows/infra.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/infra.yaml b/.github/workflows/infra.yaml index 0f51db8..cb0cc9c 100644 --- a/.github/workflows/infra.yaml +++ b/.github/workflows/infra.yaml @@ -11,8 +11,7 @@ on: - main env: - # DEPLOY: ${{ github.ref == 'refs/heads/main' && ((startsWith(github.event.head_commit.message, '[deploy-all]') && 'all') || ('some')) || 'none' }} - DEPLOY: all + DEPLOY: ${{ github.ref == 'refs/heads/main' && ((startsWith(github.event.head_commit.message, '[deploy-all]') && 'all') || ('some')) || 'none' }} jobs: ansible-playbooks: -- 2.40.1 From 50994b700b9e005c4935d0171b072b3f2397f76e Mon Sep 17 00:00:00 2001 From: Gleb Koval Date: Tue, 26 Sep 2023 20:47:30 +0100 Subject: [PATCH 35/35] double size of vm --- infra/cloud/0000_proxmox_playbook.yaml | 4 ++-- infra/cloud/nextcloud/all-in-one.sh | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/infra/cloud/0000_proxmox_playbook.yaml b/infra/cloud/0000_proxmox_playbook.yaml index 2ed0f49..7efb04a 100644 --- a/infra/cloud/0000_proxmox_playbook.yaml +++ b/infra/cloud/0000_proxmox_playbook.yaml @@ -101,8 +101,8 @@ - debian-12 - managed onboot: true - cores: 8 - memory: 16384 + cores: 16 + memory: 32768 - name: Retart VM community.general.proxmox_kvm: diff --git a/infra/cloud/nextcloud/all-in-one.sh b/infra/cloud/nextcloud/all-in-one.sh index fd21e5d..b169620 100644 --- a/infra/cloud/nextcloud/all-in-one.sh +++ b/infra/cloud/nextcloud/all-in-one.sh @@ -10,6 +10,8 @@ docker run \ --restart unless-stopped \ --publish 8080:8080 \ --env NEXTCLOUD_DATADIR=/mnt/data/nextcloud \ +--env NEXTCLOUD_UPLOAD_LIMIT=16G \ +--env NEXTCLOUD_MAX_TIME=7200 \ --env APACHE_PORT=11000 \ --env APACHE_IP_BINDING=0.0.0.0 \ --env TZ=Europe/London \ -- 2.40.1