diff options
Diffstat (limited to 'elevate')
52 files changed, 1475 insertions, 0 deletions
diff --git a/elevate/cloud-install.yml b/elevate/cloud-install.yml new file mode 100644 index 00000000..72db81d9 --- /dev/null +++ b/elevate/cloud-install.yml @@ -0,0 +1,10 @@ +--- +- name: cook variables for host + hosts: "{{ install_hostname }}" + gather_facts: no + tasks: + - set_fact: + install: "{{ install | default({}) }}" + network: "{{ network | default({}) }}" + +- import_playbook: ../common/cloud-install.yml diff --git a/elevate/common.yml b/elevate/common.yml new file mode 100644 index 00000000..af4b4fda --- /dev/null +++ b/elevate/common.yml @@ -0,0 +1,10 @@ +--- +- name: Basic Setup + hosts: "{{ install_hostname }}" + roles: + - role: apt-repo/base + when: ansible_pkg_mgr == "apt" + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp diff --git a/elevate/ele-calypso.yml b/elevate/ele-calypso.yml new file mode 100644 index 00000000..5d8e51ce --- /dev/null +++ b/elevate/ele-calypso.yml @@ -0,0 +1,56 @@ +--- +- name: Basic Setup + hosts: ele-calypso + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-calypso + roles: + - role: apt-repo/spreadspace + - role: streaming/blackmagic/desktopvideo + - role: storage/lvm/base + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: streaming/player + - role: nginx/base + - role: monitoring/sachet + - role: monitoring/prometheus/server + - role: monitoring/prometheus/exporter + - role: monitoring/prometheus/alertmanager + - role: monitoring/grafana + - role: monitoring/landingpage + post_tasks: + ## TODO: move to network/interfaces when this is done + - name: install vlan interfaces + loop: "{{ network.vlans | dict2items }}" + loop_control: + label: "{{ item.key }} ({{ item.value | join(',') }})" + copy: + dest: "/etc/network/interfaces.d/{{ item.key }}" + content: | + auto {{ item.key }} + iface {{ item.key }} inet manual + {% for vlan in item.value %} + {% set vlan_ifname = item.key + '.' + (vlan | string) %} + {% set vlan_iface = (network.interfaces | selectattr('name', 'eq', vlan_ifname)) %} + + auto {{ vlan_ifname }} + {% if vlan_iface %} + iface {{ vlan_ifname }} inet static + address {{ (vlan_iface | first).address }} + {% for route in vlan_iface[0].static_routes | default([]) %} + up /bin/ip route add {{ route.destination }} via {{ route.gateway }}{% if 'source' in route %} src {{ route.source }}{% endif %}{{ '' }} + {% endfor %} + {% for route in vlan_iface[0].static_routes | default([]) | reverse %} + down /bin/ip route del {{ route.destination }} via {{ route.gateway }}{% if 'source' in route %} src {{ route.source }}{% endif %}{{ '' }} + {% endfor %} + {% else %} + iface {{ vlan_ifname }} inet manual + {% endif %} + {% endfor %} diff --git a/elevate/ele-chromebook.yml b/elevate/ele-chromebook.yml new file mode 100644 index 00000000..411c49b7 --- /dev/null +++ b/elevate/ele-chromebook.yml @@ -0,0 +1,28 @@ +--- +- name: Basic Setup + hosts: ele-chromebook + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-chromebook + roles: + - role: ws/base + - role: core/users + - role: ws/flatpak + post_tasks: + - name: install script to configure hdmi out + copy: + dest: /usr/local/bin/display-setup.sh + mode: 0755 + content: | + #!/bin/bash + xrandr --output eDP --mode 1920x1080 --primary + xrandr --output DisplayPort-3 --mode 1920x1080 --rate 50 --left-of eDP + exit 0 + +## TODO: vlan setup was done manually... diff --git a/elevate/ele-companion-raspi.yml b/elevate/ele-companion-raspi.yml new file mode 100644 index 00000000..e16c4d70 --- /dev/null +++ b/elevate/ele-companion-raspi.yml @@ -0,0 +1,36 @@ +--- +- name: Basic Setup + hosts: ele-companion-raspi + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-companion-raspi + roles: + - role: apt-repo/spreadspace + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: streaming/companion + - role: streaming/ontime + post_tasks: + - name: install vlan package + apt: + name: vlan + state: present + + ## TODO: this should be moved to a generac interfaces role... + - name: add vlan config for mixer vlan + blockinfile: + path: /etc/network/interfaces + block: | + + auto {{ network.primary.name }}.{{ network_zones.mixer.vlan }} + iface {{ network.primary.name }}.{{ network_zones.mixer.vlan }} inet static + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/accept_ra + up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf + address {{ network_zones.mixer.prefix | ansible.utils.ipaddr(network_zones.mixer.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }} + netmask {{ network_zones.mixer.prefix | ansible.utils.ipaddr(network_zones.mixer.offsets[inventory_hostname]) | ansible.utils.ipaddr('netmask') }} diff --git a/elevate/ele-coturn.yml b/elevate/ele-coturn.yml new file mode 100644 index 00000000..4111f156 --- /dev/null +++ b/elevate/ele-coturn.yml @@ -0,0 +1,19 @@ +--- +- name: Basic Setup + hosts: ele-coturn + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-coturn + roles: + - role: apt-repo/spreadspace + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: x509/acmetool/base + - role: apps/coturn + - role: apps/mumble diff --git a/elevate/ele-dione.yml b/elevate/ele-dione.yml new file mode 100644 index 00000000..95800036 --- /dev/null +++ b/elevate/ele-dione.yml @@ -0,0 +1,77 @@ +--- +- name: Basic Setup + hosts: ele-dione + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-dione + roles: + - role: core/users + - role: storage/zfs/base + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: streaming/blackmagic/desktopvideo + post_tasks: + - name: install lm-sensors and i7z + apt: + name: + - lm-sensors + - i7z + - s-tui + + - name: load modules for lm-sensors + vars: + sensors_modules: + - coretemp + block: + - name: load special modules for lm-sensors + loop: "{{ sensors_modules }}" + modprobe: + name: "{{ item }}" + state: present + + - name: make sure sensor modules are loaded on reboot + copy: + content: | + # Ansible managed + + {% for module in sensors_modules %} + {{ module }} + {% endfor %} + dest: /etc/modules-load.d/sensors.conf + + ## TODO: move to network/interfaces when this is done + - name: install vlan interfaces + loop: "{{ network.vlans | dict2items }}" + loop_control: + label: "{{ item.key }} ({{ item.value | join(',') }})" + copy: + dest: "/etc/network/interfaces.d/{{ item.key }}" + content: | + auto {{ item.key }} + iface {{ item.key }} inet manual + {% for vlan in item.value %} + {% set vlan_ifname = item.key + '.' + (vlan | string) %} + {% set vlan_iface = (network.interfaces | selectattr('name', 'eq', vlan_ifname)) %} + + auto {{ vlan_ifname }} + {% if vlan_iface %} + iface {{ vlan_ifname }} inet static + address {{ (vlan_iface | first).address }} + {% for route in vlan_iface[0].static_routes | default([]) %} + up /bin/ip route add {{ route.destination }} via {{ route.gateway }}{% if 'source' in route %} src {{ route.source }}{% endif %}{{ '' }} + {% endfor %} + {% for route in vlan_iface[0].static_routes | default([]) | reverse %} + down /bin/ip route del {{ route.destination }} via {{ route.gateway }}{% if 'source' in route %} src {{ route.source }}{% endif %}{{ '' }} + {% endfor %} + {% else %} + iface {{ vlan_ifname }} inet manual + {% endif %} + {% endfor %} diff --git a/elevate/ele-dolmetsch-raspi.yml b/elevate/ele-dolmetsch-raspi.yml new file mode 100644 index 00000000..cbb2ca58 --- /dev/null +++ b/elevate/ele-dolmetsch-raspi.yml @@ -0,0 +1,31 @@ +--- +- name: Basic Setup + hosts: "{{ install_hostname }}" + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + +- name: Payload Setup + hosts: "{{ install_hostname }}" + roles: + - role: streaming/dolmetsch-raspi + post_tasks: + - when: inventory_hostname == "ele-dol-raspi0" + loop: + - rtp-recv.service + - dolmetschctld.service + systemd: + name: "{{ item }}" + state: started + enabled: yes + + - when: inventory_hostname == "ele-dol-raspi1" + loop: + - rtp-send.service + - dolmetschctl.service + systemd: + name: "{{ item }}" + state: started + enabled: yes diff --git a/elevate/ele-emc-ctrl.yml b/elevate/ele-emc-ctrl.yml new file mode 100644 index 00000000..b24d8df4 --- /dev/null +++ b/elevate/ele-emc-ctrl.yml @@ -0,0 +1,18 @@ +--- +- name: Basic Setup + hosts: ele-emc-ctrl + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-emc-ctrl + roles: + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: storage/lvm/base + - role: elevate/emc-stats diff --git a/elevate/ele-emcplayer.yml b/elevate/ele-emcplayer.yml new file mode 100644 index 00000000..0b9d7568 --- /dev/null +++ b/elevate/ele-emcplayer.yml @@ -0,0 +1,32 @@ +--- +- name: Basic Setup + hosts: "{{ install_hostname }}" + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: "{{ install_hostname }}" + roles: + - role: ws/base + - role: core/users + post_tasks: + - name: generate play script + copy: + content: | + #!/bin/bash + exec mpv -fs --loop=inf --af-add="channelmap=0|1:stereo" rtmp://{{ network_zones.guest.prefix | ansible.utils.ipaddr(network_zones.guest.offsets['ele-helene']) | ansible.utils.ipaddr('address') }}/emc/full + dest: /usr/local/bin/emc-play.sh + mode: 0755 + +## TODO: +# * add user "player" (no admin rights) +# * set background for user player +# * configure power management: +# * activate "Presentaion Mode" +# * change power button to "shutdown" +# * add emc-play.sh to autostart diff --git a/elevate/ele-gwhetzner.yml b/elevate/ele-gwhetzner.yml new file mode 100644 index 00000000..754fae65 --- /dev/null +++ b/elevate/ele-gwhetzner.yml @@ -0,0 +1,17 @@ +--- +- name: Basic Setup + hosts: ele-gwhetzner + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-gwhetzner + roles: + - role: network/wireguard/base + - role: network/wireguard/p2p + - role: network/nftables/base + - role: network/wireguard/gateway diff --git a/elevate/ele-helene.yml b/elevate/ele-helene.yml new file mode 100644 index 00000000..dda7134f --- /dev/null +++ b/elevate/ele-helene.yml @@ -0,0 +1,43 @@ +--- +- name: Basic Setup + hosts: ele-helene + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-helene + roles: + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: streaming/blackmagic/desktopvideo + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: streaming/handbrake + - role: vm/host/base + - role: vm/host/network + - role: installer/debian/base + - role: apt-repo/backports + post_tasks: + - name: install kernel from backports + apt: + name: + - linux-image-amd64 + default_release: bookworm-backports + state: latest + + - name: install firmware and tools needed for GPU + apt: + name: + - firmware-misc-nonfree ## we should probably install this from backports as well, + - intel-media-va-driver-non-free ## alas there are currently no backports for this packages + - intel-gpu-tools + - vainfo + state: present + + # Test VA-API with: vainfo --display drm --device /dev/dri/renderD129 diff --git a/elevate/ele-hpws-maxi.yml b/elevate/ele-hpws-maxi.yml new file mode 100644 index 00000000..1661de96 --- /dev/null +++ b/elevate/ele-hpws-maxi.yml @@ -0,0 +1,18 @@ +--- +- name: Basic Setup + hosts: ele-hpws-maxi + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-hpws-maxi + roles: + - role: apt-repo/obs-studio + - role: apt-repo/spreadspace + - role: ws/base + - role: core/users diff --git a/elevate/ele-hpws-mini1.yml b/elevate/ele-hpws-mini1.yml new file mode 100644 index 00000000..2d2690b6 --- /dev/null +++ b/elevate/ele-hpws-mini1.yml @@ -0,0 +1,15 @@ +--- +- name: Basic Setup + hosts: ele-hpws-mini1 + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-hpws-mini1 + roles: + - role: streaming/browser-kiosk diff --git a/elevate/ele-hpws-mini2.yml b/elevate/ele-hpws-mini2.yml new file mode 100644 index 00000000..83341a64 --- /dev/null +++ b/elevate/ele-hpws-mini2.yml @@ -0,0 +1,31 @@ +--- +- name: Basic Setup + hosts: ele-hpws-mini2 + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-hpws-mini2 + roles: + - role: apt-repo/spreadspace + - role: ws/base + - role: core/users + post_tasks: + - name: install chromium start script + copy: + content: | + #!/bin/sh + + SITE=$1 + if [ -z "$SITE"]; then + SITE="https://remote.elev8.at/stream-ui/player.html#control={{ hostvars['ele-jitsi'].jitsi_meet_streamui.default_control_room }}&displayName={{ host_name }}" + fi + export DISPLAY=:0.0 + exec chromium-browser "$SITE" --disable-infobars --use-fake-ui-for-media-stream --kiosk --temp-profile --start-maximized --enabled --enable-logging --autoplay-policy=no-user-gesture-required + dest: /usr/local/bin/jitsi-display.sh + mode: 0755 diff --git a/elevate/ele-hyperion.yml b/elevate/ele-hyperion.yml new file mode 100644 index 00000000..3402de41 --- /dev/null +++ b/elevate/ele-hyperion.yml @@ -0,0 +1,67 @@ +--- +- name: Basic Setup + hosts: ele-hyperion + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-hyperion + roles: + - role: apt-repo/obs-studio + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: ws/base + - role: core/users + - role: streaming/blackmagic/desktopvideo + - role: streaming/blackmagic/mediaexpress + - role: docker/engine + post_tasks: + ## TODO: move to network/netplan when this is done + - name: install vlan interfaces + loop: "{{ network.vlans | dict2items }}" + loop_control: + label: "{{ item.key }} ({{ item.value | join(',') }})" + copy: + dest: "/etc/netplan/20-{{ item.key }}.yaml" + content: | + network: + vlans: + {% for vlan in item.value %} + {% set vlan_ifname = item.key + '.' + (vlan | string) %} + {% set vlan_iface = (network.interfaces | selectattr('name', 'eq', vlan_ifname)) %} + {{ vlan_ifname }}: + id: {{ vlan }} + link: {{ item.key }} + {% if vlan_iface %} + addresses: + - {{ (vlan_iface | first).address }} + {% endif %} + {% endfor %} + + - name: install script to play videos via decklink card + copy: + dest: /usr/local/bin/play-video.sh + mode: 0755 + content: | + #!/bin/bash + + if [ -z "$1" ]; then + echo "Usage: $0 <vidoe-file>" + exit 1 + fi + video_path_full=$(realpath "$1") + video_name=$(basename "$video_path_full") + + decklink_device="DeckLink Duo (2)" + + exec docker run --rm -it --device=/dev/blackmagic:/dev/blackmagic -v /usr/lib/libDeckLinkAPI.so:/usr/lib/libDeckLinkAPI.so \ + -v /usr/lib/libDeckLinkAPI.so:/usr/lib/libDeckLinkAPI.so -v /usr/lib/blackmagic:/usr/lib/blackmagic \ + -v "$video_path_full:/srv/$video_name" \ + registry.gitlab.com/spreadspace/docker/ffmpeg:bookworm-decklink12.5-2024-02-18.33 \ + /usr/bin/ffmpeg -i "/srv/$video_name" -ac 2 -pix_fmt uyvy422 -s 1920x1080 -r 25 -f decklink "$decklink_device" diff --git a/elevate/ele-jitsi.yml b/elevate/ele-jitsi.yml new file mode 100644 index 00000000..7fd463d8 --- /dev/null +++ b/elevate/ele-jitsi.yml @@ -0,0 +1,21 @@ +--- +- name: Basic Setup + hosts: ele-jitsi + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-jitsi + roles: + - role: apt-repo/spreadspace + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: x509/acmetool/base + - role: nginx/base + - role: apps/jitsi/meet + - role: apps/mumble + - role: monitoring/prometheus/exporter diff --git a/elevate/ele-lt.yml b/elevate/ele-lt.yml new file mode 100644 index 00000000..67eaafcd --- /dev/null +++ b/elevate/ele-lt.yml @@ -0,0 +1,17 @@ +--- +- name: Basic Setup + hosts: ele-lt + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-lt + roles: + - role: apt-repo/spreadspace + - role: x509/acmetool/base + - role: nginx/base + - role: elevate/liquidtruth diff --git a/elevate/ele-media.yml b/elevate/ele-media.yml new file mode 100644 index 00000000..d22f91dd --- /dev/null +++ b/elevate/ele-media.yml @@ -0,0 +1,25 @@ +--- +- name: Basic Setup + hosts: ele-media + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-media + roles: + - role: core/users + - role: storage/zfs/base + - role: apt-repo/spreadspace + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: network/wireguard/base + - role: network/wireguard/gateway + - role: x509/acmetool/base + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: elevate/media diff --git a/elevate/ele-router.yml b/elevate/ele-router.yml new file mode 100644 index 00000000..e160b57a --- /dev/null +++ b/elevate/ele-router.yml @@ -0,0 +1,105 @@ +--- +- name: generate TLS CA for openvpn + hosts: ele-router + connection: local + gather_facts: no + tasks: + - name: generate CA key and certificate + run_once: yes + block: + - name: generate CA keys + community.crypto.openssl_privatekey_pipe: + type: "Ed25519" + content: "{{ vault_ovpn_ca_key | default(omit) }}" + return_current_key: yes + register: ovpn_ca_key_result + no_log: true + + - name: create signing request for CA certificate + community.crypto.openssl_csr_pipe: + privatekey_content: "{{ ovpn_ca_key_result.privatekey }}" + CN: "CA for ele-router vpn" + useCommonNameForSAN: no + key_usage: + - cRLSign + - keyCertSign + key_usage_critical: yes + basic_constraints: + - 'CA:TRUE' + - 'pathlen:0' + basic_constraints_critical: yes + register: ovpn_ca_csr_result + changed_when: false + + - name: create self-signed CA certificate + community.crypto.x509_certificate_pipe: + content: "{{ vault_ovpn_ca_cert | default(omit) }}" + csr_content: "{{ ovpn_ca_csr_result.csr }}" + privatekey_content: "{{ ovpn_ca_key_result.privatekey }}" + provider: selfsigned + selfsigned_digest: sha256 + selfsigned_not_after: "+18250d" ## 50 years + selfsigned_create_subject_key_identifier: always_create + register: ovpn_ca_cert_result + + + - name: generate key + community.crypto.openssl_privatekey_pipe: + type: "Ed25519" + content: "{{ vault_ovpn_keys[inventory_hostname] | default(omit) }}" + return_current_key: yes + register: ovpn_key_result + no_log: true + + - name: create signing request for certificate + community.crypto.openssl_csr_pipe: + privatekey_content: "{{ ovpn_key_result.privatekey }}" + CN: "{{ inventory_hostname }}" + key_usage: + - digitalSignature + - keyEncipherment + key_usage_critical: yes + extended_key_usage: + - "{{ (inventory_hostname == 'ele-router-hmtsaal') | ternary('serverAuth', 'clientAuth') }}" + extended_key_usage_critical: yes + basic_constraints: + - 'CA:FALSE' + basic_constraints_critical: yes + register: ovpn_csr_result + changed_when: false + + - name: create certificate + community.crypto.x509_certificate_pipe: + content: "{{ vault_ovpn_certs[inventory_hostname] | default(omit) }}" + csr_content: "{{ ovpn_csr_result.csr }}" + privatekey_content: "{{ ovpn_key_result.privatekey }}" + provider: ownca + ownca_content: "{{ ovpn_ca_cert_result.certificate }}" + ownca_privatekey_content: "{{ ovpn_ca_key_result.privatekey }}" + ownca_digest: sha256 + ownca_not_after: "+18250d" ## 50 years + register: ovpn_cert_result + + + - run_once: yes + set_fact: + vault_content: | + --- + vault_ovpn_ca_key: | + {{ ovpn_ca_key_result.privatekey | indent(2) }} + vault_ovpn_ca_cert: | + {{ ovpn_ca_cert_result.certificate | indent(2) }} + vault_ovpn_keys: + {% for host in play_hosts %} + {{ host }}: | + {{ hostvars[host].ovpn_key_result.privatekey | indent(4) }} + {% endfor %} + vault_ovpn_certs: + {% for host in play_hosts %} + {{ host }}: | + {{ hostvars[host].ovpn_cert_result.certificate | indent(4) }} + {% endfor %} + + - pause: + prompt: "Please put this into a vault file: \n\n{{ vault_content }}" + seconds: 1 diff --git a/elevate/ele-stage-raspi.yml b/elevate/ele-stage-raspi.yml new file mode 100644 index 00000000..b19389c4 --- /dev/null +++ b/elevate/ele-stage-raspi.yml @@ -0,0 +1,14 @@ +--- +- name: Basic Setup + hosts: ele-stage-raspi + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-stage-raspi + roles: + - role: streaming/browser-kiosk diff --git a/elevate/ele-tarvos.yml b/elevate/ele-tarvos.yml new file mode 100644 index 00000000..d034d970 --- /dev/null +++ b/elevate/ele-tarvos.yml @@ -0,0 +1,15 @@ +--- +- name: Basic Setup + hosts: ele-tarvos + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-tarvos + roles: + - role: streaming/mpv-headless diff --git a/elevate/ele-telesto.yml b/elevate/ele-telesto.yml new file mode 100644 index 00000000..f8f7f55a --- /dev/null +++ b/elevate/ele-telesto.yml @@ -0,0 +1,55 @@ +--- +- name: Basic Setup + hosts: ele-telesto + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-telesto + roles: + - role: core/users + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: streaming/blackmagic/desktopvideo + post_tasks: + ## this is needed for local icecast relay + # - name: install interface config for guest vlan + # copy: + # content: | + # auto {{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }} + # iface {{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }} inet static + # address {{ network_zones.guest.prefix | ansible.utils.ipaddr(network_zones.guest.offsets[inventory_hostname]) }} + # dest: "/etc/network/interfaces.d/{{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }}" + + - name: install lm-sensors and i7z + apt: + name: + - lm-sensors + - s-tui + + - name: load modules for lm-sensors + vars: + sensors_modules: + - nct6775 + block: + - name: load special modules for lm-sensors + loop: "{{ sensors_modules }}" + modprobe: + name: "{{ item }}" + state: present + + - name: make sure sensor modules are loaded on reboot + copy: + content: | + # Ansible managed + + {% for module in sensors_modules %} + {{ module }} + {% endfor %} + dest: /etc/modules-load.d/sensors.conf diff --git a/elevate/ele-thetys.yml b/elevate/ele-thetys.yml new file mode 100644 index 00000000..a1a259d2 --- /dev/null +++ b/elevate/ele-thetys.yml @@ -0,0 +1,52 @@ +--- +- name: Basic Setup + hosts: ele-thetys + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-thetys + roles: + - role: storage/lvm/base + - role: core/users + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: streaming/blackmagic/desktopvideo + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: streaming/streamer/rtmp + post_tasks: + - name: install lm-sensors and i7z + apt: + name: + - lm-sensors + - i7z + - s-tui + + - name: load modules for lm-sensors + vars: + sensors_modules: + - coretemp + - it87 + block: + - name: load special modules for lm-sensors + loop: "{{ sensors_modules }}" + modprobe: + name: "{{ item }}" + state: present + + - name: make sure sensor modules are loaded on reboot + copy: + content: | + # Ansible managed + + {% for module in sensors_modules %} + {{ module }} + {% endfor %} + dest: /etc/modules-load.d/sensors.conf diff --git a/elevate/ele-tsdatacop.yml b/elevate/ele-tsdatacop.yml new file mode 100644 index 00000000..949bbba2 --- /dev/null +++ b/elevate/ele-tsdatacop.yml @@ -0,0 +1,48 @@ +--- +- name: Basic Setup + hosts: ele-tsdatacop + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-tsdatacop + roles: + - role: apt-repo/obs-studio + - role: apt-repo/spreadspace + - role: ws/base + - role: core/users + - role: streaming/blackmagic/desktopvideo + - role: streaming/blackmagic/mediaexpress + post_tasks: + - name: install lm-sensors and i7z + apt: + name: + - lm-sensors + - i7z + - s-tui + + - name: load modules for lm-sensors + vars: + sensors_modules: + - coretemp + block: + - name: load special modules for lm-sensors + loop: "{{ sensors_modules }}" + modprobe: + name: "{{ item }}" + state: present + + - name: make sure sensor modules are loaded on reboot + copy: + content: | + # Ansible managed + + {% for module in sensors_modules %} + {{ module }} + {% endfor %} + dest: /etc/modules-load.d/sensors.conf diff --git a/elevate/ele-uhrturm.yml b/elevate/ele-uhrturm.yml new file mode 100644 index 00000000..2b102803 --- /dev/null +++ b/elevate/ele-uhrturm.yml @@ -0,0 +1,16 @@ +--- +- name: Basic Setup + hosts: ele-uhrturm + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-uhrturm + roles: + - role: streaming/blackmagic/desktopvideo + - role: apt-repo/spreadspace + - role: docker/engine diff --git a/elevate/ele-winvm.yml b/elevate/ele-winvm.yml new file mode 100644 index 00000000..1af6ad58 --- /dev/null +++ b/elevate/ele-winvm.yml @@ -0,0 +1,18 @@ +--- +- name: Basic Setup + hosts: ele-winvm + gather_facts: no + pre_tasks: + - name: prepare disk + loop: "{{ install.disks.virtio | default({}) | combine(install.disks.scsi | default({})) | dict2items | selectattr('value.type', 'eq', 'lvm') | list }}" + loop_control: + label: "{{ item.value.vg }} / {{ item.value.lv }} ({{ item.value.size }})" + delegate_to: "{{ vm_host.name }}" + lvol: + vg: "{{ item.value.vg }}" + lv: "{{ item.value.lv }}" + size: "{{ item.value.size }}" + state: present + + roles: + - role: vm/guest/create diff --git a/elevate/ele-ymir.yml b/elevate/ele-ymir.yml new file mode 100644 index 00000000..ac94cbee --- /dev/null +++ b/elevate/ele-ymir.yml @@ -0,0 +1,51 @@ +--- +- name: Basic Setup + hosts: ele-ymir + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-ymir + roles: + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter + - role: ws/base + - role: core/users + post_tasks: + ## TODO: move to network/netplan when this is done + - name: install vlan interfaces + loop: "{{ network.vlans | dict2items }}" + loop_control: + label: "{{ item.key }} ({{ item.value | join(',') }})" + copy: + dest: "/etc/netplan/20-{{ item.key }}.yaml" + content: | + network: + vlans: + {% for vlan in item.value %} + {% set vlan_ifname = item.key + '.' + (vlan | string) %} + {% set vlan_iface = (network.interfaces | selectattr('name', 'eq', vlan_ifname)) %} + {{ vlan_ifname }}: + id: {{ vlan }} + link: {{ item.key }} + {% if vlan_iface %} + addresses: + - {{ (vlan_iface | first).address }} + {% endif %} + {% endfor %} + + - name: install script to play videos fullscreen + copy: + dest: /usr/local/bin/play-video.sh + mode: 0755 + content: | + #!/bin/bash + + exec mpv --vo=gpu --keep-open=yes --geometry=1920x1080+1920+0 --fs --osd-level=0 \ + --term-status-msg='${?pause==yes:(Paused) }${time-remaining} ${time-pos} / ${duration} (${percent-pos}%) A-V: ${avsync}' "$@" diff --git a/elevate/emc-cdn.yml b/elevate/emc-cdn.yml new file mode 100644 index 00000000..94697fdf --- /dev/null +++ b/elevate/emc-cdn.yml @@ -0,0 +1,17 @@ +--- +- name: Basic Setup + hosts: "{{ install_hostname }}" + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: "{{ install_hostname }}" + roles: + - role: storage/lvm/base + - role: apt-repo/spreadspace + - role: nginx/base + - role: monitoring/prometheus/exporter diff --git a/elevate/generic.yml b/elevate/generic.yml new file mode 100644 index 00000000..bc8866c5 --- /dev/null +++ b/elevate/generic.yml @@ -0,0 +1,5 @@ +--- +- name: "Apply role {{ myrole }} to hosts: {{ myhosts }}" + hosts: "{{ myhosts }}" + roles: + - role: "{{ myrole }}" diff --git a/elevate/group_vars/all.yml b/elevate/group_vars/all.yml new file mode 100644 index 00000000..ce5422e5 --- /dev/null +++ b/elevate/group_vars/all.yml @@ -0,0 +1,12 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +30393539363138333165306261633761333339366433643761376566383738343861313234356565 +3936386363353665666363633635656562373731383666360a366631356230653935343266393535 +36346435333232356139396436373166623066633265336533336661303032666535666437643037 +3864333634376565370a353831366234353037323731396665633262636637346366336639366664 +36333034396530316237646635626635666466363030656665666535396131366436326365363530 +37643531353633633831643938623730313630636666363639626564306131353339623463366365 +34376666336532643237613862613138303462303765333531323166363233366264373336613530 +39303832336438616265626530666439313734616237353033616266623365616338363237386433 +61666532393233306563313033306165303133613338393231663465336632633861646462303838 +65363763313236656461663338333534626436376661346239653462393537303863643531383266 +643130373130326262333533626263343261 diff --git a/elevate/group_vars/ele-router.yml b/elevate/group_vars/ele-router.yml new file mode 100644 index 00000000..250d7572 --- /dev/null +++ b/elevate/group_vars/ele-router.yml @@ -0,0 +1,167 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +30313236663032633534666365353639363464313732343039386338613036616561663331336561 +6234306334643432646235643132626639366538636165630a623939663664356532626231346664 +65386433653163303635623262323232343961643239356339643037316137383132633834643938 +3238646130313465370a623332306664646238336635353131363461313161656364613938363833 +64333837633262336462333765623731313165353539356535333431313432633264376463376462 +61343732323762643463396364386339646566643337636635613335383061363662346339373164 +35643934643937356665386135666336386532366564386538656663353262393235656665306665 +33333635616639316463396265386638656362636432393165663131653166343063383466663430 +38383463363834333362383736343833326666336334393861666232383734393165313932316538 +66626531393765313632636534363566666339633434626130633663333365323364333531383538 +39616361376264343963393837663633343065366234633533383563323737363434643961633733 +66616231343137306234623538643739393466396165396466393162353035353039643865353562 +31333162383664383565656239653262396532356466333238356364646132336235656637366663 +66383533363130316336323736356563336230633539613961623562306364323466383232353466 +33336635636331306363663238653931376438376231386330346266303037663139363861653938 +31633761353039366661653831386437343263643465396363623761356663366662383763393265 +31306535343135626164643532323539383838636563663336386364653532303566666164353836 +66316435346139393239366164323032396665323562373830636563316336346362393132363764 +30346133393766343366613561633531313434343235333335613835306238643539333066313762 +65643831343464643232303465653362646130353230323532636366326233346561643866623364 +66363366613363333339386466666431346364343765646465356338333836653232356434353437 +37366631336164636331633932643731616665346665326161376563316233326231663034353765 +62613234333735376566313934393734383764633139663731666236323461386538383161633432 +61386165326163646337313831663838363431386138616131343034313936323737373264373064 +65336162643530303838363434663733346461633362396137376162656238643165656363373536 +62626135373338356438326132346365643263323937643536643139383566373538613234383962 +32383038633565376630663966633133366236643336346135376533393732366130623930333464 +38663033366332313761383164346635393438633136366464636364303137663430616238336366 +31396135393330656238656562366333323236363336306531613537613738623564613734373637 +61616637626435393834646266393530633530626665386166393039653236393039303862353663 +66616137353265653737376334333366303162343331356130383637333131613962633862633263 +61313535663134303566646137396237323231323763346365316133363065356561316161373166 +31376432643334666438623362626337636130373435646637313935303832636133613530333932 +31663138333937346466333664366532366339306266303238303634623330323336633561643034 +65366539353332653530643865633030363464333165393163333335336366356562373337383966 +34343631626665396164353034643438383362366165343433356362353933383361346530666137 +39383932636662653062386535636234366464613130626333646430336561616462633864363034 +34303166316361626339346431663665393833353764653462356133393539616339656330343166 +36613962316633333432623237396633323362323266353938373137636364333131323231353863 +33646265663735383533336639386237643433626539346535336339616130393464363362376436 +39383636373963326366346332383863363832303433366438303331653436613165613235623034 +33343962626433633264633331323932313839613833643530303138656666633363313662386530 +35303738653631383264643230326264333462356166396635663037623736303966353233613136 +39313137656132376230383431393239626135356430343439613061303865336161386234313730 +35663932323134313064643266363464343537663536373935336531666466373366616364643638 +35346561366536643966313966303338653832656662343162636234646461653431353931333831 +32666635666664303332366132353132396233313938343162353265653633323532633432613539 +65366464383430393232646435373739373562656237616637643832623338636532653535636436 +63303964653934336232633562623634343730646331663464613035646266666338623265313539 +39303033616631383139386561386330383834343337313961636234376239646236313166383235 +37643564386566623266343531396437623836366463383937646266613639343165623530326266 +30333361303532336262623038616230336164653863346236633635633862613030373830343037 +36663034636234626163333933343563346263623665303863323763336331333963616333623731 +34666431353530373762353032636437363132333966393235373866633265353861313037313066 +34363464666365316238663530333264626135313239623161653337393330363138663030326630 +39313465663337373163376563333130353133326638343763613037616365653331663566333138 +32393439353532323734373864323531373133373462376561303333656633613439643263363264 +37653962306261386262346463623361346563343866366339376433356635336665353962393131 +30386130643537343635313565356663386638353933336161386632373533326634393265383830 +30653939666531363832333230376133306135306536336134366133313664643338363438643062 +66326631623366356639653331343066633966666431393339393339366566366637663130333639 +62376239373636653166623532643333326131623836613462396663656134393965326330363065 +63313437633133623537383665633732653937386362306439613332343938303039623463303633 +65366536313436646430313666616434626366656330636262313662636462613663333563383665 +61653336626439373166623231663466393966323466356361356639356364613963326433613638 +62303863306537366238373163613736303765623939656564363531386235623133396665663832 +62383735313038636439633038633666353235636335653732313063363566616335396236613337 +62633439643339306462356165393462376466303837666632393133313865326134303663343764 +35613733336363623333396432316565616165306666353038393762663839336337656166613030 +36653239313437653735336666623232303437366531623032663739653638613438633630643337 +34623132376237373365316431373664656336653030393965323761653333356362666233313738 +35623962303139326530383831396136623638316633346133303532313239343034343461373930 +35646163303234343837633736313436366133386236386139313236363534303365636164646531 +64656639633331326236346439383637393933363430643461376166376434343338343130663762 +32316235616338643264303162623939346232376631316135666637383030666337336339643264 +30656536636666633130626537616363373065313537643664386162363265633838343038383730 +34363765396534373530623238616437346634366638353161383238636661393366303334316232 +61323832373265643430383234643363313339313037366236653531663136643032383039326231 +32383031613831366539353637356335363565343931666638353264633430663762633734633462 +37653636643932386137306161313364353061373061393261653933326230643961313933326164 +34306465353564396432613133663739303133306431643732646165653566313135643333326363 +31353935353863303936613661613438373565386666356236303537643466366135363237663666 +65646565643330393062636665356435613138356465353064626132363331626338373939353836 +37386533616130353837306635626164383663336136363261373163356336636436636232366331 +37356435393763663336386235613136653566363065326137376461323534316365333064363135 +32366364373162343331646363623834666331336161383266376262316433613830393463386632 +39643738363262313932303535623866306263623839323962393666313466316533386235636139 +36356166363963613761353233343661383230633434303263303931613835393431343830376661 +38343066393034313339346334306232303435666137326136386135316462396565343031333835 +63376533326337333965376537326334323834653532313839616364376535326531303233313734 +35376130326239376661356631666531633434633036623437306535626335643236623664346664 +37316630366239333036386661636436643839663630366534333839396134313839623534653461 +31303831336239636137663039343336643363633864303137376437356664653938363831356331 +33353532313861626661323036383063646233616261623036616163643339633439303035616433 +39643664373530343962626165303036323238346130663033303933306338653137653461653337 +63376434333965656434386236633832363137656432343032376430343066396163316434366365 +30636365666431303463646463333636363664316639336266623062633330363131313262623839 +30613564366364623131333262653830303137373934393766633066343136633937353638643765 +64626566363839636539326235383639346237393566333865653064383165396131343035373937 +32616233636162373565383531346130383339346333373536623165393062633131356438383931 +38366231613234363737313265613266303363313564386361316439353166626563333030356666 +32356432353666323361353239383033653365666137393333343034373734333933636234653063 +63323530636131366138643537313963396166373533366232396131373966366635663931646331 +63316531343963333239363164383364373530396439353830383532653730323935333862383332 +37613639323332636632333862643262333737663039633938393230663063373366356237393663 +34376332616632636630653133376435373637633037653562333331373861316136623730643132 +62343064316134343135303736643630656564643137313737343834623661623161613334393765 +65333032343438663631326432333232633039386465386466326230303066343364313965303435 +35373065316432336663363035326464363333393534616364333039316137613261376165393961 +37393664623332646639376238393936663930663361333638656234643235333337383866643966 +33366663666234376330643534666666346365653162396264633036343837306165663230663537 +66643638613233366636396565663135636666393639386237323237383131316561313631666361 +32623433306132323835643062336338653666363462666533306430643035363939343336333634 +34363235303465313233633038646131333735633639303233666239336265623031356639383236 +66353232373935373464363839306532356562326134303863356331323838333236366162313333 +64373031613536353539383562613738633062623665643063326238343637356666393462363033 +61636664633231353736623661393264326538366661373766653134376134623431373164336533 +64383132316538376336306366366338663639616665663662633730623439646339653139303534 +65353739616363633935383039346439613934303838666339376639636162343138366233666339 +31613531393535633565396539313564373465306138326463643736316566643935623236623433 +36376265643931306263373965316637393232313261373034646666306431616531353735376266 +61373763393734626162646635336663353764623163343631653863343566346336616664626533 +34306337333462336238333062623465346532363233353931303934656431666662396338323030 +33623236643762373761643235386366366462363665323831366636666365373331613630356233 +35333566636565656663376332663234623237643639613631336561393838616662626232356262 +38346435643361623466643137633763653335376437313462373333373966656165383534303665 +33396330633963353438313930623535336163656166306262633333393538363965653961633763 +34313535646562333363653862336565616134373663386131343131363261633666623533666534 +65333537653933616230316564336461653939393433393837393439316461643031646231643134 +31633338643764366637343737623164633762343037636562323565623730373735656463393135 +39373338343333363338343933363461306463356462303933636630626139613961643035396266 +64626535363038306565313534616536636536653261616233306461643361373965333136623664 +36313566623638666130613434633235653230633835376361646338613338653735343562373063 +63326466666339323931333763336237326264623636393465633864366632613865386439306235 +39663663376130366334373338643333356537383132623262616539656132396164373932316434 +35336166656437313965363361346235663031323062386336643534306664353863646436356336 +66663037323537616665366235363634636664616662373365343863626434376462626265376532 +61643635393135653965353964346538643165323661393839316131336230656161626362396439 +38323164653136656163366534303236353337663937666364333932653363643832656637383830 +37393662373936333663356431303936633835346631383835383862626530333834346237396332 +61646666316439653365613865346466333330666538316532326533386635373061386465393832 +32623336643736396238316230616165343565643239373739646463653361616637396430393036 +62633739376662643733626530656436323837653537373465373331326664323337393639363233 +35643966373634313632666264643031326134623333366336343031373965353735626633663161 +64653533386464326237616632393939336164616163356133383630386431316334366462366139 +34653239366637316365653166636462363139356135656333633066626530336666393364356231 +30353337353965323564393664333462383564656264396361616262396261353630353339663432 +34356164313866626462376666333034303133666632653234343365363966393731353036636331 +33353962326636343636616262633331313165323938396437656438666234623161323531356331 +31313930353937343931303532313032636464306232323532663835333538383038326665623461 +61633433383737663238663962363337323634386636643664393762666139386464323432303264 +66653663356335393931306366386130613963633964656364386235363162393238366237643463 +38636237393962653834356531653430633534653232356230373732323833346262313631343639 +39313730366434333564343730343733643030323133303133363165383930343732643431623139 +30363634316631323131306535353234623434353362663933623939656165346438393535656539 +37373533663763623464386165346532353763386461616232323161656130356532363131336664 +31623963616134643361366166613335656436363363653138346434376638346261363163306336 +64643465343931386233363432323435373633656232353565646538653931613135306631303333 +36643434343765633832373738336132336165363938313966396661303438393365613464343562 +33306433633666633834646130303031663464666537376264636433653539353263643436336533 +35663531633938303366306165623331326465323733316561396538303137336266636231353438 +37316338386138333030626339323237633632303565316638653331303638646532393134326335 +61653664633238633539346439323337323161626234306431343762393834333265303137383162 +38656661626636623262383064316562313132313137313162613766346238336132353530623663 +63336437303336633066636137663662613931656662656430333732316631663031653561633838 +3236633033633165653762356165656664646432613139373965 diff --git a/elevate/group_vars/elevate-festival.yml b/elevate/group_vars/elevate-festival.yml new file mode 100644 index 00000000..de98a87f --- /dev/null +++ b/elevate/group_vars/elevate-festival.yml @@ -0,0 +1,15 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +32653933396132613661663565393466373638643434393364356564333433303630356263653336 +6366313935323539343662386135646262343161393435330a353861356462613337316130393636 +34646231373138356134303865343236626536356535366138346433343464313064356266363761 +3336353332653563350a636134353762363965613761633333356239306631633163323630353931 +36396230353439643937383764353834383065646332363232346165373836313336363432636630 +61663232363738666663346630323530326235316639336266356561646339336661623063633437 +33663632623262336138633834323566376463333464646234323330383733333666363165656566 +36313531393939383762303439636366343636343836343738326435633135333861643833363833 +61306562363466633566313533656336306530656534396661386330653039636636303562646430 +38323762396434656131646537346461633036326335633438363063393966636538663666633934 +39306537333238353237333361363964316562373936646337383133643463316563373461393638 +63643831646638353036306237626130613032333364386462643139343938343366376439343862 +39623936326531363332623836323338653638326336626666303536393335306566356535636566 +3463616238393332366364653864643864653938356564393932 diff --git a/elevate/group_vars/elevate-mediachannel.yml b/elevate/group_vars/elevate-mediachannel.yml new file mode 100644 index 00000000..978bfa05 --- /dev/null +++ b/elevate/group_vars/elevate-mediachannel.yml @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +33636266386666653435383034336336636362326466613062623036343931613836356632323435 +6138623537666638366534316131643338353134343535620a386362353235373136373030653031 +33363237653266666463633164663732396666643536646566366631646539303739643064353864 +3733353664333937620a623066663364306466636530376433663937663064323534613365643236 +38356565323335373031393936353537356465313234646336323166323862353565666635663333 +31653738383931383166336637376365613139356130623234366162336232393333366663333139 +35323663613739633431306564613666653066323061343265653038663131363030333632666461 +36663636343138636136666133636566356532316631316264623134333838643738373238383466 +6331 diff --git a/elevate/group_vars/elevate.yml b/elevate/group_vars/elevate.yml new file mode 100644 index 00000000..a5cfd2b1 --- /dev/null +++ b/elevate/group_vars/elevate.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +62383831363463313638313037383265326236633466373436373632373236316261623735666338 +3232623363623037653838643438323233653730363663390a333663633932313630333532353936 +63646661613639656532363339646232643764373339393634636266383261343536666532313261 +3765643666633436390a376531656164323737356436373366373462646561343466313534633461 +37386366646436333664613639613561356536333035346464656661663330663535336562383837 +66636639356563353935376236633630336364643264383735633961323032353535623465303061 +34356539383933306538336435656539643466393036386564616133613435633266326438326165 +65383730363331343239 diff --git a/elevate/group_vars/k8s-emc.yml b/elevate/group_vars/k8s-emc.yml new file mode 100644 index 00000000..37e1e27e --- /dev/null +++ b/elevate/group_vars/k8s-emc.yml @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +63633762663537383737616533666365306562643765306164303831383161393664656430653736 +6133636536353261313032643036326539303062373466370a303936663931303432383835346264 +63653865373466343164643665613938353634613765313761323763353537346464656636303036 +6464643234636163650a633431363938363263323537643533363337353363383634333136383761 +66363138313263383832613732326639633332336266666665616332626337636632383232366461 +35366639316561363563343466616135623632323834303739663465616333373935343935643230 +66323866313836393036343236336236663934613364393331383830393065646162303636616465 +37323634393837356262633361356665316664643033636530313039393066626439623763633932 +31396165316664336538653730663934333264373536303432386639626335303439 diff --git a/elevate/host_vars/ele-calypso.yml b/elevate/host_vars/ele-calypso.yml new file mode 100644 index 00000000..0caab9ab --- /dev/null +++ b/elevate/host_vars/ele-calypso.yml @@ -0,0 +1,22 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +38396664336363636636333132323162626365623633653761653064616137666637346234343331 +3865633038646465393464303430633731646230626261320a373637333231366566643434653838 +32616330663864616433343461646362613166313134613031383936396135393934373137626563 +3163313531613136370a643861303630393535336332326237366430383763616664303664316637 +31363136653265363834613836613039626362313435393336306661633762353532626333636233 +61663138356632363037333532393638386462356162316136326463306162613235336265366239 +30646366353835643838363534373933666663633930386334656135653061393239613739383534 +32646231313666313038363539373665303030643235303938616232623433336337323834343830 +38393330393662663635346236656331366364653234326631316261326338316633323736623338 +31393436633833323734656135343866316634396539646462396566663161373836396664353764 +36643733386139663162346337643363633863653735306339356331366230343861326161306636 +33366562353738343630356462356338373739393038396236353263343339363562303234363932 +31643163643335383237613838633631643138633231666635383261626264343338363631633136 +33383633333161323365313636343861383230363362646435373139343565643066633663333564 +63393130323837656661373663343565653530666536623331373764613831643735316335313930 +39336533363439663962373262393136326162343562653036633936633563323934326235653837 +61616539363764643130646663373966386566623366306364326531323730623534353333353439 +39393032376264396139336465366462643835383466666161626265303632613133636165323032 +32323266373664366566333130613636626231623661633064323437626633636566343434366130 +39316334613230303163663638306464386134343733633431616566313265336338313363653234 +3063 diff --git a/elevate/host_vars/ele-coturn.yml b/elevate/host_vars/ele-coturn.yml new file mode 100644 index 00000000..783d5b89 --- /dev/null +++ b/elevate/host_vars/ele-coturn.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +35363465636633653332646237663638653761356538396666643762373835313466333330383539 +3032363763386532376564346134623164653239376664300a393063333866323266333230303238 +30363765616337376565363233313166663335393763336562366535643466323435623032393631 +6434386232653331380a306262303962313462343537396164376133313531663830303232303436 +64336235373364353835306430613833396132616436646435353133336538386666386330393566 +61326462363362383362343935663563373730613233313834643937653438356237633761396266 +33333033323563663261646263633738613161343662356465636630646461333766626365343031 +30353866323866393161303230363431326432376266373062333432353133323061363138656435 +38303130366539356139373032333633303532666434643261623539623163383365616232666265 +34306265613764303235313235353037343439323135623537383437313463353663306436373764 +37313162656636636165366361353133353932643037633630306265623034333462363632663164 +33623835376435373762383761343934636664396462626533356539666639343536383436656239 +32643365663636323162376337646534623863653934373939663236393965326634333238356265 +30356531363938626530653136346362626665393264646561303537366531396532663163323162 +61646337626638663835366234316533353334396162636533373035646137366439623961303734 +64316632363531303666646335393336366235366435386364393466303133336335643932373837 +3431 diff --git a/elevate/host_vars/ele-gwhetzner.yml b/elevate/host_vars/ele-gwhetzner.yml new file mode 100644 index 00000000..abc2743a --- /dev/null +++ b/elevate/host_vars/ele-gwhetzner.yml @@ -0,0 +1,17 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +33666238613731336263663662633166303038316639396534353761623838393538393930316234 +3932373938353637386365663934356264326230383363390a333064636665313562333732663863 +30316364366662616365333834366132323763353932663133323831653334396530663634313538 +3262306234373865310a373531646439626661313531373863303239653362316438666138326561 +64653239333937333234616133366565306436386335343333656138376431653664356139326364 +65613363366434666435386434656132326562386562366230363066393362616663643862613431 +32363339646534636531623661363732306562616665366437336638316533656538616462616465 +35613061343038323865393164343339396361376531373164653335303833306463343832633564 +31343936643462376263323732326462666433633130623363386133386436346461663234383162 +65343531616439623262616539313032616461396539373962623163306133366365356563323565 +64663432313931313861326361616432623635303336613562663735353736653765323063323034 +64343665343466346536666662316135326330633364663235616561303861356337656362313539 +63333533323439346561323066656166393663386536343839326539376564376666373935396430 +65366636343333653735333830343266653831643661353436386364343665653165666234636331 +62373463303734383837323033386534333238336330303838376436646562633033363730346134 +64363464386465306639 diff --git a/elevate/host_vars/ele-jitsi.yml b/elevate/host_vars/ele-jitsi.yml new file mode 100644 index 00000000..f0c1d80d --- /dev/null +++ b/elevate/host_vars/ele-jitsi.yml @@ -0,0 +1,26 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +64363833346333666661396162336461613535303530373664663962303838373161616566363163 +6464393533623034393530626163653433623931333461360a613637306661396636313234316666 +34346665363732623163663335386466356463313763333364326634303439306462643736623665 +6639623435306563320a383936623837363961316630643631303765336533303536323064343233 +63663037653364633631623761633331663765623931613465396162626538626335623338613938 +35643262653531613164373931313732343266313038316663666338313437613236636530626362 +32363431336233356532383030303166623363626234396137333430336365393865333237313439 +30623666663666623939666532336338326230306332633162363866326330616333323339613537 +36306663393931396636393730333862653930323832383863316562313531326333303637313932 +32376264316663666139353832666530306532663564313237366239663765643230306335646131 +64376632363131626636356633653734633965383039363830333733363762343262303738623239 +62643064333665643832653434386336373539323466363936653732636131653562346465333835 +34306436303661343932323566376431323266323532393237303532323239643663616538346531 +63346233636261373535666136323762636139356433326233396430383534346533623535353264 +36376266616361646630366339383065326666366166383932663237653935323362623161373532 +64616632663964613131663134316566303265356137356364373534376538303934643539653233 +35313536633036626639623731663465623131343635303762616166313237663434643966343931 +31393336613432376563663432663362353937393363383361376433323839363331653439623264 +36663836663065376535373438363164343565626639363361636566346538653836323765343433 +65656362333837303865643164356130666435333635663939323135336535333937653836653261 +62626632666132626462343032363264373863373235333266393232646133653130353139626339 +37386236653362633530393561613266626664643035373832643832386136323162333364663539 +30656533326239333364316536303033303733616233653237646463393538326161323334366439 +65363831326433316337316663356331633636636163323565383134656333613065653433383931 +3766 diff --git a/elevate/host_vars/ele-lt.yml b/elevate/host_vars/ele-lt.yml new file mode 100644 index 00000000..27a5fc5b --- /dev/null +++ b/elevate/host_vars/ele-lt.yml @@ -0,0 +1,20 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +31643430396134323836663063656635366534373236646335346630663263633836643965383362 +3463633864656231323731376462613165326461376137310a336361306137376431613265323931 +30626466643962376632636263653735623663616335643963333763323966393163323337383365 +3435323338666530310a346265336535306630376439396239386364656366313562333033616634 +38633461373061393163653534323533306138633361633237396136626265633731313363363330 +30343636376536633836353135343235333133383161643862326535396262353661616237633537 +31373163623234613333396336306366396637376536643161353361313731386530646335613134 +64633539393736383835333166396334313534333539346330313237343464373238326334336130 +35396262626435363838316161376635616564396337633035336539323164356263303738343533 +61633834333462393464306361663761393430363762373836303332343535643965373537646265 +66323464396537613366326138316631663465643233666237623236633335366166633437636639 +64323761333964653137343138376430396564656139363232303132656565633938383734396134 +30393964636232646230653562383131663030643165393636353363393564396264653138663962 +35303932376261303337323337356539316636653763616166303266373638356462363362306232 +33396333656535626430656661396264663566303733353164623035393239343361613130643038 +31373331613762613936323565646565333662393634333934316539376332323565613036373633 +65336463386466316634613930353063343966633136623366316338613464636565373533396361 +39363833633863373963626330643838633365356461343264376264613863353233663931353437 +373432626563346432613832616333373261 diff --git a/elevate/host_vars/ele-media.yml b/elevate/host_vars/ele-media.yml new file mode 100644 index 00000000..821a9ad6 --- /dev/null +++ b/elevate/host_vars/ele-media.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.2;AES256;elevate +61643762383461616132626431383463636633303539333866626462346434386331646136326532 +3938646637323162306333643232333537626135663665360a633866646633333161376165356431 +62613533363633623936343338643335323662366235356236386438326638393032623665313466 +3839356630356130650a363838613662323839643734306631646262356538323163643934383161 +31643665376362376461373732376435333566373938626334393937353736383038363837333831 +61313961346163613366633636616632666434633135323934333933613663353939333537383537 +63656165363138333336666461616331363566333965636634373132616261636564623131373862 +66363738663638383335346636313335343635656564316330336666333562656434653664323536 +66643438623163636132343035333531346639633632343061666566356234353036663764386532 +34343666636666643462363333323331663866376335336431613735643930393736336562336362 +39373538346266373862383065653235306563663264646439363730393730643038363135643634 +34646638613035636562303539633666336236373735353238363163363533376134373035366462 +38356538653639393331623064656533316161303661373261376338386537333266363833393132 +32653437366438626330333765613232386235656139353431303733376336373565306634313033 +37393239363961663230666665633538343465666131303231326230623538306534333137376539 +31653764653132363430626333616337316539303137353662323163326465663331303930626461 +6566 diff --git a/elevate/image-generate.yml b/elevate/image-generate.yml new file mode 100644 index 00000000..1b11f1eb --- /dev/null +++ b/elevate/image-generate.yml @@ -0,0 +1,20 @@ +--- +- name: generate os image + hosts: "{{ install_hostnames }}" + connection: local + gather_facts: no + roles: + - role: "installer/{{ install_distro }}/image" + post_tasks: + - pause: + seconds: 0 + prompt: | + The resulting images can be found here: + + {% for host in play_hosts %} + {{ host }}: + {% for image in hostvars[host].output_images %} + - {{ image }} + {% endfor %} + + {% endfor %} diff --git a/elevate/info-beamer.yml b/elevate/info-beamer.yml new file mode 100644 index 00000000..6160e9f2 --- /dev/null +++ b/elevate/info-beamer.yml @@ -0,0 +1,14 @@ +--- +- name: configure info-beamer + hosts: "{{ infobeamer_hostname }}" + connection: local + gather_facts: no + + vars_prompt: + - name: info_beamer_base_path + prompt: Where is the SD-Card mounted to? + default: "" + private: no + + roles: + - role: info-beamer/config diff --git a/elevate/iso-generate.yml b/elevate/iso-generate.yml new file mode 100644 index 00000000..584b8914 --- /dev/null +++ b/elevate/iso-generate.yml @@ -0,0 +1,10 @@ +--- +- name: cook variables for host + hosts: "{{ install_hostnames }}" + gather_facts: no + tasks: + - set_fact: + install: "{{ install | default({}) }}" + network: "{{ network | default({}) }}" + +- import_playbook: ../common/iso-generate.yml diff --git a/elevate/iso-install.yml b/elevate/iso-install.yml new file mode 100644 index 00000000..5defe6d3 --- /dev/null +++ b/elevate/iso-install.yml @@ -0,0 +1,10 @@ +--- +- name: cook variables for host + hosts: "{{ install_hostname }}" + gather_facts: no + tasks: + - set_fact: + install: "{{ install | default({}) }}" + network: "{{ network | default({}) }}" + +- import_playbook: ../common/iso-install.yml diff --git a/elevate/k8s-emc.yml b/elevate/k8s-emc.yml new file mode 100644 index 00000000..206c0211 --- /dev/null +++ b/elevate/k8s-emc.yml @@ -0,0 +1,52 @@ +--- +- name: Basic Node Setup + hosts: k8s-emc + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: apt-repo/spreadspace + - role: nginx/base +# - role: monitoring/prometheus/exporter + +- name: TLS Certificate and storage volumes for Edge Nodes + hosts: elevate-mediachannel-edge + roles: + - role: x509/acmetool/base + - role: x509/acmetool/cert + acmetool_cert_hostnames: + - "{{ host_name }}.{{ host_domain }}" + - role: storage/lvm/base + +- import_playbook: ../common/kubernetes-cluster-layout.yml + vars: + kubernetes_cluster_layout: + nodes_group: k8s-emc + controlplane_nodes: + - ele-emc-ctrl + +### hack hack hack... +- name: cook kubernetes secrets + hosts: _kubernetes_nodes_ + gather_facts: no + tasks: + - set_fact: + kubernetes_secrets: "{{ kubernetes_secrets }}" + - when: external_ip is defined + set_fact: + external_ip: "{{ external_ip }}" + +- import_playbook: ../common/kubernetes-cluster.yml +- import_playbook: ../common/kubernetes-cluster-cleanup.yml + +- name: install addons + hosts: _kubernetes_nodes_ + roles: + - role: kubernetes/addons/metrics-server + #- role: kubernetes/addons/openebs-zfs + - role: kubernetes/addons/cert-manager + - role: kubernetes/addons/ingress-nginx + #- role: kubernetes/addons/node-feature-discovery + #- role: kubernetes/addons/intel-gpu-device-plugin diff --git a/elevate/openwrt-deploy.yml b/elevate/openwrt-deploy.yml new file mode 100644 index 00000000..e7cc49fa --- /dev/null +++ b/elevate/openwrt-deploy.yml @@ -0,0 +1,9 @@ +--- +- name: generate os image + hosts: "{{ install_hostname }}" + connection: local + gather_facts: no + roles: + - role: installer/openwrt/image + +- import_playbook: ../common/openwrt-deploy.yml diff --git a/elevate/usb-generate.yml b/elevate/usb-generate.yml new file mode 100644 index 00000000..7f633f1e --- /dev/null +++ b/elevate/usb-generate.yml @@ -0,0 +1,10 @@ +--- +- name: cook variables for host + hosts: "{{ install_hostnames }}" + gather_facts: no + tasks: + - set_fact: + install: "{{ install | default({}) }}" + network: "{{ network | default({}) }}" + +- import_playbook: ../common/usb-generate.yml diff --git a/elevate/usb-install.yml b/elevate/usb-install.yml new file mode 100644 index 00000000..0f62bc85 --- /dev/null +++ b/elevate/usb-install.yml @@ -0,0 +1,10 @@ +--- +- name: cook variables for host + hosts: "{{ install_hostname }}" + gather_facts: no + tasks: + - set_fact: + install: "{{ install | default({}) }}" + network: "{{ network | default({}) }}" + +- import_playbook: ../common/usb-install.yml diff --git a/elevate/vm-deploy.yml b/elevate/vm-deploy.yml new file mode 100644 index 00000000..8530b14a --- /dev/null +++ b/elevate/vm-deploy.yml @@ -0,0 +1,18 @@ +--- +- name: generate os image + hosts: "{{ install_hostname }}" + connection: local + gather_facts: no + roles: + - role: "installer/{{ install_distro }}/image" + +- name: cook variables for host + hosts: "{{ install_hostname }}" + gather_facts: no + tasks: + - set_fact: + install: "{{ install | default({}) }}" + network: "{{ network | default({}) }}" + vm_host: "{{ vm_host | default({}) }}" + +- import_playbook: ../common/vm-deploy.yml diff --git a/elevate/vm-install.yml b/elevate/vm-install.yml new file mode 100644 index 00000000..da6a29a5 --- /dev/null +++ b/elevate/vm-install.yml @@ -0,0 +1,11 @@ +--- +- name: cook variables for host + hosts: "{{ install_hostname }}" + gather_facts: no + tasks: + - set_fact: + install: "{{ install | default({}) }}" + network: "{{ network | default({}) }}" + vm_host: "{{ vm_host | default({}) }}" + +- import_playbook: ../common/vm-install.yml |