arcodange-org/factory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add pi3 to inventory + fixes

Browse Source
This commit is contained in:
Gabriel Radureau
2024-12-15 22:13:03 +01:00
parent fa0df6f175
commit b185999478
7 changed files with 26 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -22,6 +22,9 @@ flowchart
subgraph Home
subgraph pi1
runner[/gitea runners\]
subgraph small HD
backup_data
end
end
subgraph pi2
PG[(Postgres)]
@@ -33,6 +36,11 @@ flowchart
Gitea_data
end
end
subgraph pi3
subgraph ai
ollama
end
end
subgraph "master (macbook pro)"
ansible{{ansible control-node}}
tofu{{opentofu control-node}}

3
ansible/arcodange/factory/galaxy.yml
View File

@@ -58,8 +58,7 @@ issues: http://example.com/issue/tracker
# artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This
# uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry',
# and '.git' are always filtered. Mutually exclusive with 'manifest'
build_ignore:
- playwright/
build_ignore: []
# A dict controlling use of manifest directives used in building the collection artifact. The key 'directives' is a
# list of MANIFEST.in style

7
ansible/arcodange/factory/inventory/hosts.yml
View File

@@ -6,6 +6,9 @@ raspberries:
pi2:
ansible_host: pi2.home
ansible_ssh_extra_args: '-o StrictHostKeyChecking=no'
pi3:
ansible_host: pi3.home
ansible_ssh_extra_args: '-o StrictHostKeyChecking=no'
internetPi1:
ansible_host: arcodange.duckdns.org
@@ -13,6 +16,9 @@ raspberries:
internetPi2:
ansible_host: arcodange.duckdns.org
ansible_port: 52022
internetPi3:
ansible_host: arcodange.duckdns.org
ansible_port: 53022
vars:
ansible_user: pi
@@ -24,6 +30,7 @@ local:
ansible_python_interpreter: /Users/gabrielradureau/.local/pipx/venvs/ansible-core/bin/python
pi1:
pi2:
pi3:
hard_disk:
hosts:

11
ansible/arcodange/factory/playbooks/01_system.yml
View File

@@ -75,8 +75,7 @@
ansible.builtin.import_playbook: k3s.orchestration.site
# ansible.builtin.import_playbook: k3s.orchestration.reset
vars:
k3s_version: v1.30.3+k3s1
token: changeme!
k3s_version: v1.31.3+k3s1
extra_server_args: "--docker --disable traefik"
extra_agent_args: "--docker"
api_endpoint: "{{ hostvars[groups['server'][0]]['ansible_host'] | default(groups['server'][0]) }}"
@@ -139,7 +138,7 @@
acme-challenge:
rule: Host(`arcodange.duckdns.org`) && PathPrefix(`/.well-known/acme-challenge`)
service: acme-http@internal
tls: &tls_opts
tls:
certResolver: letsencrypt
domains:
- main: "arcodange.duckdns.org"
@@ -154,7 +153,11 @@
middlewares:
- localIp
tls:
<<: *tls_opts
certResolver: letsencrypt
domains:
- main: "arcodange.duckdns.org"
sans:
- "gitea.arcodange.duckdns.org"
entrypoints:
- websecure
middlewares:

2
ansible/arcodange/factory/playbooks/03_cicd.yml
View File

@@ -175,7 +175,7 @@
gitea_token_delete: true
- name: Deploy Gitea Action
- name: Deploy Argo CD
hosts: localhost
roles:
- arcodange.factory.gitea_token # generate gitea_api_token used to replace generated token with set name if required

1
ansible/arcodange/factory/playbooks/setup/roles/nfs_setup/tasks/mount.yml
View File

@@ -12,6 +12,7 @@
owner: pi
group: docker
mode: '0774'
ignore_errors: true
- name: Mount NFS share
mount:

2
ansible/arcodange/factory/roles/traefik_certs/tasks/main.yml
View File

@@ -4,7 +4,7 @@
kubectl -n kube-system exec
$(kubectl -n kube-system get pod -l app.kubernetes.io/name=traefik
-o jsonpath="{.items[0]['.metadata.name']}") --
cat /data/acme.json | jq '(.letsencrypt.Certificates | map(select(.domain.main=="arcodange.duckdns.org")))[0]'
cat /data/acme.json | jq '(.letsencrypt.Certificates | map(select(.domain.main=="*.arcodange.duckdns.org")))[0]'
| jq '.certificate' -r | base64 -d | openssl x509
register: traefik_certs_cmd
- set_fact: