diff --git a/ansible/xoa-role/defaults/main.yml b/ansible/xoa-role/defaults/main.yml new file mode 100644 index 0000000..abe5f3f --- /dev/null +++ b/ansible/xoa-role/defaults/main.yml @@ -0,0 +1,15 @@ +# defaults file +# The default username and password are applied, and admin for the password +xoa_install_url: https://raw.githubusercontent.com/Jarli01/xenorchestra_installer/master/xo_install.sh +xoa_install_script: xo_install.sh +xoa_update_url: https://raw.githubusercontent.com/Jarli01/xenorchestra_updater/master/xo-update.sh +xoa_update_script: xo_update.sh +git_email: "" +git_user: "" +xoa_default_user: "admin@admin.net" +xoa_default_password: "admin" +xoa_user: xoa +xoa_password: xoa +xcpng_servers: [{"label": "localhost", "ip": "127.0.1"}] +xcpng_user: root +xcpng_password: xcpng diff --git a/ansible/xoa-role/handlers/main.yml b/ansible/xoa-role/handlers/main.yml new file mode 100644 index 0000000..90c052b --- /dev/null +++ b/ansible/xoa-role/handlers/main.yml @@ -0,0 +1,22 @@ +- name: reload_systemd + shell: systemctl daemon-reload + args: + warn: no + +- name: cleaning_packages_metadata + shell: yum clean all && rm -rf /var/cache/yum + when: ansible_distribution == 'Red Hat Enterprise Linux' or ansible_distribution == 'XCP-ng' + args: + warn: no + +- name: cleaning_packages_metadata + shell: zypper clean && rm -rf /var/cache/zypp + when: ansible_distribution == 'openSUSE Leap' + args: + warn: no + +- name: cleaning_packages_metadata + shell: apt clean + when: ansible_distribution == 'Debian' + args: + warn: no diff --git a/ansible/xoa-role/meta/main.yml b/ansible/xoa-role/meta/main.yml new file mode 100644 index 0000000..7223799 --- /dev/null +++ b/ansible/xoa-role/meta/main.yml @@ -0,0 +1,57 @@ +galaxy_info: + author: your name + description: your description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Some suggested licenses: + # - BSD (default) + # - MIT + # - GPLv2 + # - GPLv3 + # - Apache + # - CC-BY + license: license (GPLv2, CC-BY, etc) + + min_ansible_version: 1.2 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # Optionally specify the branch Galaxy will use when accessing the GitHub + # repo for this role. During role install, if no tags are available, + # Galaxy will use this branch. During import Galaxy will access files on + # this branch. If Travis integration is configured, only notifications for this + # branch will be accepted. Otherwise, in all cases, the repo's default branch + # (usually master) will be used. + #github_branch: + + # + # platforms is a list of platforms, and each platform has a name and a list of versions. + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. \ No newline at end of file diff --git a/ansible/xoa-role/tasks/main.yml b/ansible/xoa-role/tasks/main.yml new file mode 100644 index 0000000..859365d --- /dev/null +++ b/ansible/xoa-role/tasks/main.yml @@ -0,0 +1,250 @@ +- name: Updating packages + shell: apt-get update -y && apt-get upgrade -y + when: ansible_distribution == 'Debian' + ignore_errors: True + args: + warn: no + notify: cleaning_packages_metadata + tags: + - install + - update + +- name: Installing packages + package: name={{item}} state=present + when: ansible_distribution == 'Debian' + with_items: + - curl + - git + notify: cleaning_packages_metadata + tags: + - install + - update + +- name: Check if xoa is already installed + stat: + path: /opt/xen-orchestra + register: xen_orchestra_directory + tags: + - install + - update + +- name: Ensure group xoa exists + ansible.builtin.group: + name: xoa + state: present + tags: + - install + - update + +- name: Check if xoa is already registered in sudoers.d + stat: + path: /etc/sudoers.d/xoa + register: xoa_sudoers_file + tags: + - install + - update + +- name: Add the xoa user + ansible.builtin.user: + name: xoa + shell: /bin/bash + home: /home/xoa + comment: xen-orchestra user + uid: 1040 + groups: xoa,users + append: yes + when: not xoa_sudoers_file.stat.exists + tags: + - install + - update + +- name: Register xoa in sudoers.d + ansible.builtin.file: + path: /etc/sudoers.d/xoa + owner: root + group: root + mode: '0640' + when: not xoa_sudoers_file.stat.exists + tags: + - install + - update + +- name: Allow xoa to have passwordless sudo + lineinfile: + dest: /etc/sudoers.d/xoa + state: present + regexp: '^%xoa' + line: '%xoa ALL=(ALL) NOPASSWD: ALL' + tags: + - install + - update + +- name: Setting git user email + git_config: + name: user.email + scope: global + value: "{{git_email}}" + tags: + - install + - update + +- name: Setting git user + git_config: + name: user.name + scope: global + value: "{{git_user}}" + tags: + - install + - update + +- name: Download installation script + ansible.builtin.get_url: + url: "{{xoa_install_url}}" + dest: "/tmp/{{xoa_install_script}}" + mode: '0770' + when: not xen_orchestra_directory.stat.exists + tags: + - install + - update + +- name: Download update script + ansible.builtin.get_url: + url: "{{xoa_update_url}}" + dest: "/home/xoa/{{xoa_update_script}}" + mode: '0770' + tags: + - install + - update + +- name: Create symbolic link to + file: + src: "/home/xoa/{{xoa_update_script}}" + dest: "/etc/cron.weekly/{{xoa_update_script}}" + state: link + tags: + - install + - update + +- name: Removing existing data structures + shell: "rm -R /var/lib/xo-server" + ignore_errors: False + args: + warn: no + when: not xen_orchestra_directory.stat.exists + tags: + - install + +- name: Removing existing data structures + shell: "rm -R /var/lib/xo-updater" + ignore_errors: False + args: + warn: no + when: not xen_orchestra_directory.stat.exists + tags: + - install + +- name: Removing existing redis data + shell: "redis-cli -n 0 FLUSHALL" + ignore_errors: False + args: + warn: no + when: not xen_orchestra_directory.stat.exists + tags: + - install + +- name: Installing + shell: "/tmp/{{xoa_install_script}}" + ignore_errors: False + args: + warn: no + when: not xen_orchestra_directory.stat.exists + tags: + - install + - update + +- name: Updating + shell: "/home/xoa/{{xoa_update_script}} -n stable" + ignore_errors: False + args: + warn: no + when: xen_orchestra_directory.stat.exists + tags: + - install + - update + +- name: Installing xo-cli + shell: "npm install -g xo-cli" + ignore_errors: False + args: + warn: no + tags: + - add-servers + - install + - update + +- name: Closing existing session using xo-cli + shell: "xo-cli --unregister" + ignore_errors: True + args: + warn: no + tags: + - add-servers + - install + - update + +- name: Opening session using xo-cli + shell: "xo-cli --register --au http://127.0.0.1 {{xoa_default_user}} {{xoa_default_password}}" + ignore_errors: False + args: + warn: no + tags: + - install + +- name: Adding user session using xo-cli + shell: "xo-cli user.create email='{{xoa_user}}' password='{{xoa_password}}' permission='admin'" + ignore_errors: False + args: + warn: no + tags: + - install + +- name: Closing existing session using xo-cli + shell: "xo-cli --unregister" + ignore_errors: True + args: + warn: no + tags: + - add-servers + - install + - update + +- name: Opening session using xo-cli + shell: "xo-cli --register --au http://127.0.0.1 {{xoa_user}} {{xoa_password}}" + ignore_errors: False + args: + warn: no + tags: + - add-servers + - install + - update + +- name: Adding xcp-ng servers using xo-cli + shell: "xo-cli server.add label='{{item.label}}' host='{{item.ip}}' username={{xcpng_user}} password='{{xcpng_password}}' autoConnect=true allowUnauthorized=true" + ignore_errors: False + with_items: "{{xcpng_servers}}" + args: + warn: no + tags: + - add-servers + - install + - update + +- name: Closing session using xo-cli + shell: "xo-cli --unregister" + ignore_errors: False + args: + warn: no + tags: + - add-servers + - install + - update diff --git a/ansible/xoa-role/tests/inventory b/ansible/xoa-role/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/ansible/xoa-role/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/ansible/xoa-role/tests/test.yml b/ansible/xoa-role/tests/test.yml new file mode 100644 index 0000000..3114c1d --- /dev/null +++ b/ansible/xoa-role/tests/test.yml @@ -0,0 +1,4 @@ +- hosts: localhost + remote_user: root + roles: + - xoa diff --git a/ansible/xoa-role/vars/main.yml b/ansible/xoa-role/vars/main.yml new file mode 100644 index 0000000..5a74c51 --- /dev/null +++ b/ansible/xoa-role/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file \ No newline at end of file