From 20e43036f59a526754eeea31265a3ad285a9612e Mon Sep 17 00:00:00 2001 From: Hayato Date: Sun, 5 Jan 2025 04:16:41 +0900 Subject: [PATCH] Install Jenkins into LXC --- inventories/group_vars/all.yml | 11 ++++ inventories/host_vars/jenkins.yml | 3 +- inventories/hosts | 2 +- jenkins.yml | 2 +- tasks/all/main.yml | 40 ++++++------- tasks/all/usermod.yml | 6 ++ tasks/jenkins/jenkins_install.yml | 98 ++++++++++++++----------------- tasks/zram.yml | 32 ++++++---- 8 files changed, 104 insertions(+), 90 deletions(-) diff --git a/inventories/group_vars/all.yml b/inventories/group_vars/all.yml index 997bd40..f24b2ad 100644 --- a/inventories/group_vars/all.yml +++ b/inventories/group_vars/all.yml @@ -37,6 +37,17 @@ all: 64376335353461373666373433313462366436373631303436666139336365623263643162653563 3535316564646334350a376361666362643737383539366133363763663162313236643634343437 6564 + password_hashed: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 35336639383466396331626537346436333238323133613538346563383733366636633739383936 + 3731393936363534323039653936396134643264316639630a356337373464626563636264663066 + 38333533396163333866653161383732363630333164363762363364613435326133323837666630 + 3432316165623430320a653964323261376263613933666632373764633166353561386164396633 + 61613232313933306539393464343437616633666161353032383239626534306232373233636266 + 62353363656562306363626337333734366339656363663135336530316531663636623139323032 + 30306163303166656364346138366562666436313037336539636136313031323735393130363261 + 33316336613865386532343434313538646334666632353961363031343635653933386436623234 + 30353465636131383032323530633336643238306134356232346332363961343665 gid: 1000 uid: 1000 homedir: "/home/hayato" diff --git a/inventories/host_vars/jenkins.yml b/inventories/host_vars/jenkins.yml index 827c341..56358cf 100644 --- a/inventories/host_vars/jenkins.yml +++ b/inventories/host_vars/jenkins.yml @@ -6,13 +6,12 @@ apt: - htop - jq - openjdk-21-jdk + - p7zip - python3-pip - - qemu-guest-agent - unzip services_start: - jenkins - - qemu-guest-agent - ssh jenkins: diff --git a/inventories/hosts b/inventories/hosts index 1b4cdfc..c903c51 100644 --- a/inventories/hosts +++ b/inventories/hosts @@ -17,7 +17,7 @@ 192.168.1.112 ansible_user=hayato [jenkins] -192.168.1.131 ansible_user=hayato +192.168.1.131 ansible_user=root [mai] 192.168.1.150 ansible_user=hayato diff --git a/jenkins.yml b/jenkins.yml index 8140d9b..7e573a2 100644 --- a/jenkins.yml +++ b/jenkins.yml @@ -3,7 +3,7 @@ hosts: jenkins remote_user: hayato gather_facts: true - become: true +# become: true vars_files: - inventories/host_vars/jenkins.yml diff --git a/tasks/all/main.yml b/tasks/all/main.yml index a56d84e..f624350 100644 --- a/tasks/all/main.yml +++ b/tasks/all/main.yml @@ -1,26 +1,26 @@ --- -- name: "Common / Set Hostname" - ansible.builtin.import_tasks: - file: tasks/all/hostname.yml +- name: "Common / Networking" + when: + ansible_facts.virtualization_type != 'lxc' tags: - network + block: + - name: "Common / Set Hostname" + ansible.builtin.import_tasks: + file: tasks/all/hostname.yml -- name: "Common / Setting Network" - ansible.builtin.import_tasks: - file: tasks/all/netplan.yml - tags: - - network + - name: "Common / Setting Network" + ansible.builtin.import_tasks: + file: tasks/all/netplan.yml + + - name: "Common / Stop Systemd-resolved" + ansible.builtin.import_tasks: + file: tasks/all/stop-systemd-resolved.yml - name: "Common / Change apt mirror" ansible.builtin.import_tasks: file: tasks/all/apt_mirror.yml -- name: "Common / Stop Systemd-resolved" - ansible.builtin.import_tasks: - file: tasks/all/stop-systemd-resolved.yml - tags: - - network - - name: "Common / Set Timezones" ansible.builtin.import_tasks: file: tasks/all/timezone.yml @@ -35,6 +35,12 @@ tags: - ntp +- name: "Common / Usermod" + ansible.builtin.import_tasks: + file: tasks/all/usermod.yml + tags: + - users + - name: "Common / Put authorized Key for hayato" ansible.builtin.import_tasks: file: tasks/all/authorized_keys.yml @@ -64,9 +70,3 @@ file: tasks/all/hayaworld_rootCA.yml tags: - ca - -- name: "Common / Usermod" - ansible.builtin.import_tasks: - file: tasks/all/usermod.yml - tags: - - users diff --git a/tasks/all/usermod.yml b/tasks/all/usermod.yml index bfc5b54..88c3e25 100644 --- a/tasks/all/usermod.yml +++ b/tasks/all/usermod.yml @@ -11,7 +11,13 @@ block: - name: "Common / Usermod (Ubuntu)" ansible.builtin.user: + append: true + group: "{{ item.username }}" + groups: + - "{{ item.username }}" + - "sudo" name: "{{ item.username }}" + password: "{{ item.password_hashed }}" shell: "{{ item.shell }}" state: "present" system: true diff --git a/tasks/jenkins/jenkins_install.yml b/tasks/jenkins/jenkins_install.yml index 1d8a9d7..3a617de 100644 --- a/tasks/jenkins/jenkins_install.yml +++ b/tasks/jenkins/jenkins_install.yml @@ -1,65 +1,57 @@ --- -- name: "Jenkins / Install btrfs modules" - ansible.builtin.apt: - pkg: - - btrfs-progs - - btrfs-compsize - update_cache: true +- name: "Jenkins Prepartion" + when: + ansible_facts.virtualization_type != 'lxc' tags: - jenkins + block: + - name: "Jenkins / Install btrfs modules" + ansible.builtin.apt: + pkg: + - btrfs-progs + - btrfs-compsize + update_cache: true -- name: "Jenkins / Make Jenkins group" - ansible.builtin.group: - name: jenkins - state: present - tags: - - jenkins + - name: "Jenkins / Make Jenkins group" + ansible.builtin.group: + name: jenkins + state: present -- name: "Jenkins / Make Jenkins user" - ansible.builtin.user: - name: jenkins - comment: "Jenkins running user" - group: jenkins - tags: - - jenkins + - name: "Jenkins / Make Jenkins user" + ansible.builtin.user: + name: jenkins + comment: "Jenkins running user" + group: jenkins -- name: "Jenkins / Makedir JENKINS_HOME" - ansible.builtin.file: - path: "{{ jenkins.home }}" - state: directory - owner: jenkins - group: jenkins - mode: '0755' - tags: - - jenkins + - name: "Jenkins / Makedir JENKINS_HOME" + ansible.builtin.file: + path: "{{ jenkins.home }}" + state: directory + owner: jenkins + group: jenkins + mode: '0755' -- name: "Jenkins / Check if exists JENKINS_HOME" - ansible.builtin.stat: - path: "{{ jenkins.home }}" - follow: true - register: dir_stat - failed_when: dir_stat.stat.isdir == false - tags: - - jenkins + - name: "Jenkins / Check if exists JENKINS_HOME" + ansible.builtin.stat: + path: "{{ jenkins.home }}" + follow: true + register: dir_stat + failed_when: dir_stat.stat.isdir == false -- name: "Jenkins / Check if exists drive for JENKINS_HOME" - ansible.builtin.stat: - path: "/dev/disk/by-uuid/{{ jenkins.UUID }}" - follow: true - register: home_drive - failed_when: home_drive.stat.isblk == false - tags: - - jenkins + - name: "Jenkins / Check if exists drive for JENKINS_HOME" + ansible.builtin.stat: + path: "/dev/disk/by-uuid/{{ jenkins.UUID }}" + follow: true + register: home_drive + failed_when: home_drive.stat.isblk == false -- name: "Jenkins / Mount JENKINS_HOME Drive" - ansible.posix.mount: - src: "UUID={{ jenkins.UUID }}" - path: "{{ jenkins.home }}" - opts: "defaults,compress=zstd" - fstype: btrfs - state: mounted - tags: - - jenkins + - name: "Jenkins / Mount JENKINS_HOME Drive" + ansible.posix.mount: + src: "UUID={{ jenkins.UUID }}" + path: "{{ jenkins.home }}" + opts: "defaults,compress=zstd" + fstype: btrfs + state: mounted - name: "Jenkins / Install Jenkins" ansible.builtin.import_role: diff --git a/tasks/zram.yml b/tasks/zram.yml index be4d55d..aa457d0 100644 --- a/tasks/zram.yml +++ b/tasks/zram.yml @@ -1,15 +1,21 @@ --- -- name: "Install zram-tools" - ansible.builtin.apt: - name: "zram-tools" - state: present - update_cache: true +- name: "Install and config zram-tools" + when: + ansible_facts.virtualization_type != 'lxc' + tags: + - zram + block: + - name: "Install zram-tools" + ansible.builtin.apt: + name: "zram-tools" + state: present + update_cache: true -- name: "Setting zram configurations" - ansible.builtin.template: - src: templates/all/etc/default/zramswap.j2 - dest: /etc/default/zramswap - owner: root - group: root - mode: '0644' - notify: "Restart zramswap" + - name: "Setting zram configurations" + ansible.builtin.template: + src: templates/all/etc/default/zramswap.j2 + dest: /etc/default/zramswap + owner: root + group: root + mode: '0644' + notify: "Restart zramswap"