feat: deploy NAS on oberon

This commit is contained in:
vincent 2024-02-20 19:31:36 +01:00
parent d1cc5ff299
commit 625bda7fda
10 changed files with 48 additions and 38 deletions

View File

@ -1,3 +1,20 @@
NAS_nomad_folder: NAS_nomad_folder:
- name: openldap - name: openldap
owner: 1001 owner: 1001
nas_bind_source:
- /data/data1/nomad
- /data/data1/music
- /data/data1/download
# - /data/data2/serie
# - /data/data3/film
- /data/data1/photo
- /data/data1/homes
- /data/data1/ebook
nas_bind_target: "/exports"

View File

@ -1,3 +1,3 @@
vsftpd_config: vsftpd_config:
local_root: "/var/local/volume1" local_root: "{{ nfs_bind_target }}"
seccomp_sandbox: False seccomp_sandbox: False

View File

@ -1,22 +1,15 @@
nfs_cluster_list: "{% for server in groups['all']%}{{ hostvars[server]['ansible_default_ipv4']['address'] }}(rw,no_root_squash,async,insecure_locks,sec=sys) {%endfor%}" nfs_cluster_list: "{% for server in groups['all']%} {{hostvars[server]['ansible_' + hostvars[server]['nfs_iface']|default('')].ipv4.address|default(hostvars[server]['ansible_default_ipv4']['address'],true)}}(rw,no_root_squash,async,insecure_locks,sec=sys) {%endfor%}"
nfs_consul_service: true nfs_consul_service: true
nfs_bind_target: "/exports" nfs_bind_target: "/exports"
nfs_bind_source:
- /var/local/volume1/nomad
- /var/local/volume1/music
- /var/local/volume1/media
- /var/local/volume1/photo
- /var/local/volume1/homes
- /var/local/volume1/ebook
nfs_exports: nfs_exports:
- "{{nfs_bind_target }} *(fsid=0,insecure,no_subtree_check)" - "{{ nas_bind_target }} *(fsid=0,insecure,no_subtree_check)"
- "{{ nfs_bind_target }}/nomad {{nfs_cluster_list}}" - "{{ nas_bind_target }}/nomad {{nfs_cluster_list}}"
- "{{ nfs_bind_target }}/music {{nfs_cluster_list}}" - "{{ nas_bind_target }}/download {{nfs_cluster_list}}"
- "{{ nfs_bind_target }}/media {{nfs_cluster_list}}" - "{{ nas_bind_target }}/music {{nfs_cluster_list}}"
- "{{ nfs_bind_target }}/photo {{nfs_cluster_list}}" # - "{{ nas_bind_target }}/film {{nfs_cluster_list}}"
- "{{ nfs_bind_target }}/homes {{nfs_cluster_list}}" # - "{{ nas_bind_target }}/serie {{nfs_cluster_list}}"
- "{{ nfs_bind_target }}/ebook {{nfs_cluster_list}}" - "{{ nas_bind_target }}/photo {{nfs_cluster_list}}"
- "{{ nas_bind_target }}/homes {{nfs_cluster_list}}"
- "{{ nas_bind_target }}/ebook {{nfs_cluster_list}}"

View File

@ -1,21 +1,21 @@
samba_passdb_backend: tdbsam samba_passdb_backend: tdbsam
samba_shares_root: /exports samba_shares_root: /exports
samba_shares: samba_shares:
- name: media # - name: media
comment: "media" # comment: "media"
write_list: @NAS_media # write_list: "@NAS_media"
browseable: true # browseable: true
- name: ebook - name: ebook
comment: "ebook" comment: "ebook"
write_list: @NAS_ebook write_list: "@NAS_ebook"
browseable: true browseable: true
- name: music - name: music
comment: "music" comment: "music"
write_list: @NAS_music write_list: "@NAS_music"
browseable: true browseable: true
- name: photo - name: photo
comment: "photo" comment: "photo"
write_list: @NAS_photo write_list: "@NAS_photo"
browseable: true browseable: true
samba_load_homes: True samba_load_homes: True

View File

@ -4,7 +4,7 @@ ansible_python_interpreter: "/usr/bin/python3"
default_interface: "enp2s0" default_interface: "enp2s0"
consul_iface: "{{ default_interface}}" consul_iface: "{{ default_interface}}"
vault_iface: "{{ default_interface}}" vault_iface: "{{ default_interface}}"
nfs_iface: "{{ default_interface}}"
wireguard_address: "10.0.0.7/24" wireguard_address: "10.0.0.7/24"
wireguard_byhost_allowed_ips: wireguard_byhost_allowed_ips:
merlin: 10.0.0.7,192.168.1.42,192.168.1.0/24 merlin: 10.0.0.7,192.168.1.42,192.168.1.0/24

View File

@ -1,6 +1,6 @@
--- ---
#ansible_host: 10.0.0.1 ansible_host: 10.0.0.1
ansible_host: 135.181.150.203 #ansible_host: 135.181.150.203
default_interface: "eth0" default_interface: "eth0"
wireguard_address: "10.0.0.1/24" wireguard_address: "10.0.0.1/24"
wireguard_endpoint: "135.181.150.203" wireguard_endpoint: "135.181.150.203"

View File

@ -2,6 +2,7 @@
ansible_host: 10.0.0.4 ansible_host: 10.0.0.4
#ansible_host: 65.21.2.14 #ansible_host: 65.21.2.14
default_interface: "ens3" default_interface: "ens3"
nfs_iface: "wg0"
wireguard_address: "10.0.0.4/24" wireguard_address: "10.0.0.4/24"
wireguard_endpoint: "65.21.2.14" wireguard_endpoint: "65.21.2.14"
wireguard_persistent_keepalive: "20" wireguard_persistent_keepalive: "20"

View File

@ -2,7 +2,7 @@
default_interface: "enp2s0" default_interface: "enp2s0"
consul_iface: "{{ default_interface}}" consul_iface: "{{ default_interface}}"
vault_iface: "{{ default_interface}}" vault_iface: "{{ default_interface}}"
nfs_iface: "{{ default_interface}}"
wireguard_address: "10.0.0.2/24" wireguard_address: "10.0.0.2/24"
wireguard_byhost_allowed_ips: wireguard_byhost_allowed_ips:
merlin: 10.0.0.2,192.168.1.40 merlin: 10.0.0.2,192.168.1.40

View File

@ -10,22 +10,22 @@
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
state: directory state: directory
loop: "{{ nfs_bind_source }}" loop: "{{ nas_bind_source }}"
become: true become: true
- name: Bind NFS export - name: Bind NAS export
ansible.posix.mount: ansible.posix.mount:
path: "{{ nfs_bind_target }}/{{ item.split('/')[-1] }}" path: "{{ nas_bind_target }}/{{ item.split('/')[-1] }}"
src: "{{ item }}" src: "{{ item }}"
opts: bind opts: bind
fstype: none fstype: none
state: mounted state: mounted
loop: "{{ nfs_bind_source }}" loop: "{{ nas_bind_source }}"
become: true become: true
- name: create nomad folder - name: create nomad folder
file: ansible.builtin.file:
path: "{{ nfs_bind_target}}/nomad/{{item.name}}" path: "{{ nas_bind_target }}/nomad/{{ item.name }}"
owner: "{{item.owner}}" owner: "{{ item.owner }}"
state: directory state: directory
loop: "{{ NAS_nomad_folder }}" loop: "{{ NAS_nomad_folder }}"
become: true become: true

View File

@ -37,7 +37,6 @@ NAS
cluster cluster
[VPS] [VPS]
corwin
merlin merlin
[region:children] [region:children]
@ -46,10 +45,10 @@ VPS
production production
[production] [production]
corwin
oscar oscar
merlin merlin
gerard gerard
bleys bleys
oberon
[staging] [staging]