diff options
| -rw-r--r-- | dan/sk-testvm.yml | 95 | ||||
| -rw-r--r-- | inventory/host_vars/sk-testvm.yml | 25 | ||||
| -rw-r--r-- | inventory/hosts.ini | 1 | ||||
| -rw-r--r-- | roles/apps/mumble/defaults/main.yml | 3 | ||||
| -rw-r--r-- | roles/apps/mumble/tasks/main.yml | 2 |
5 files changed, 87 insertions, 39 deletions
diff --git a/dan/sk-testvm.yml b/dan/sk-testvm.yml index bffb2c9b..698eb7de 100644 --- a/dan/sk-testvm.yml +++ b/dan/sk-testvm.yml @@ -12,13 +12,32 @@ hosts: sk-testvm vars: # acme_client: uacme - # acme_client: acmetool - # cert_provider: "{{ acme_client }}" + acme_client: acmetool + cert_provider: "{{ acme_client }}" # cert_provider: static - cert_provider: selfsigned + # cert_provider: selfsigned roles: + - role: apt-repo/spreadspace + - role: kubernetes/base + - role: kubernetes/standalone/base - role: "x509/{{ cert_provider }}/base" - role: nginx/base + - role: apps/mumble + mumble_version: v1.4.274-4 + mumble_instance: spreadspace + mumble_hostnames: + - test.spreadspace.org + - test.spreadspace.com + - test.spreadspace.net + - test.spreadspace.systems + mumble_superuser_password: "very-secret" + mumble_config_options: + bonjour: false + sslCiphers: "ECDHE+AESGCM:DHE+AESGCM:ECDHE+AES256:DHE+AES256:ECDHE+AES128:DHE+AES128:!RSA:!ADH:!AECDH:!MD5" + welcometext: "Welcome to the spreadspace Mumble Test-Server" + rememberchannel: true + mumble_tls: + certificate_provider: "{{ cert_provider }}" post_tasks: - name: make sure document root directories exist loop: @@ -64,39 +83,39 @@ name: nginx/vhost - - name: install index.html for test server - copy: - dest: /var/www/test/index.html - content: | - <html> - <head> - <title>This is Test</title> - </head> - <body style="font-family: Helvetica, Arial, Sans-Serif; color: white; background: black;"> - <div style="text-align: center; margin-top: 4em; margin-left:auto; margin-right:auto;"> - <h2 style="">If you can read this the test was successful.</h2> - </div> - </body> - </html> + # - name: install index.html for test server + # copy: + # dest: /var/www/test/index.html + # content: | + # <html> + # <head> + # <title>This is Test</title> + # </head> + # <body style="font-family: Helvetica, Arial, Sans-Serif; color: white; background: black;"> + # <div style="text-align: center; margin-top: 4em; margin-left:auto; margin-right:auto;"> + # <h2 style="">If you can read this the test was successful.</h2> + # </div> + # </body> + # </html> - - name: install test vhost - vars: - nginx_vhost: - name: test - template: generic - tls: - certificate_provider: "{{ cert_provider }}" - hsts: no - hostnames: - - test.spreadspace.org - - test.spreadspace.com - - test.spreadspace.net - - test.spreadspace.systems - locations: - '/': - root: /var/www/test - index: index.html - static_cert_config: "{{ static_cert_config__test }}" - selfsigned_cert_config: "{{ selfsigned_cert_config__test }}" - include_role: - name: nginx/vhost + # - name: install test vhost + # vars: + # nginx_vhost: + # name: test + # template: generic + # tls: + # certificate_provider: "{{ cert_provider }}" + # hsts: no + # hostnames: + # - test.spreadspace.org + # - test.spreadspace.com + # - test.spreadspace.net + # - test.spreadspace.systems + # locations: + # '/': + # root: /var/www/test + # index: index.html + # static_cert_config: "{{ static_cert_config__test }}" + # selfsigned_cert_config: "{{ selfsigned_cert_config__test }}" + # include_role: + # name: nginx/vhost diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml index 1592914a..f5dca015 100644 --- a/inventory/host_vars/sk-testvm.yml +++ b/inventory/host_vars/sk-testvm.yml @@ -37,6 +37,31 @@ external_ip: "{{ network.primary.overlay }}" # # https://owncloud.org/news/upgrading-owncloud-on-debian-stable-to-official-packages/ # + +spreadspace_apt_repo_components: + - container + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 2G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 1G + fs: ext4 + +kubernetes_version: 1.27.4 +kubernetes_cri_tools_pkg_version: 1.26.0-00 +kubernetes_container_runtime: docker +kubernetes_standalone_max_pods: 100 +kubernetes_standalone_cni_variant: with-portmap + + nginx_server_names_hash_bucket_size: 64 diff --git a/inventory/hosts.ini b/inventory/hosts.ini index e58673ce..6b8622db 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -611,6 +611,7 @@ glt-telesto glt-tsdatacop glt-thetys sgg-icecast +sk-testvm [kubernetes:children] kubernetes-cluster diff --git a/roles/apps/mumble/defaults/main.yml b/roles/apps/mumble/defaults/main.yml index 627af125..c9cd9db3 100644 --- a/roles/apps/mumble/defaults/main.yml +++ b/roles/apps/mumble/defaults/main.yml @@ -14,6 +14,9 @@ mumble_dhparam_size: 2048 mumble_timezone: "Europe/Vienna" +# mumble_tls: +# certificate_provider: ... + mumble_config_options: bonjour: false sslCiphers: "ECDHE+AESGCM:DHE+AESGCM:ECDHE+AES256:DHE+AES256:ECDHE+AES128:DHE+AES128:!RSA:!ADH:!AECDH:!MD5" diff --git a/roles/apps/mumble/tasks/main.yml b/roles/apps/mumble/tasks/main.yml index 92659b66..5cd1f7a9 100644 --- a/roles/apps/mumble/tasks/main.yml +++ b/roles/apps/mumble/tasks/main.yml @@ -3,7 +3,7 @@ assert: msg: "this role currently only works with acmetool" that: - - acme_client == "acmetool" + - mumble_tls.certificate_provider == "acmetool" - name: add group for mumble group: |