-
-
Notifications
You must be signed in to change notification settings - Fork 244
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #65 from ChristianLempa:7-migrate-promox-project
testing proxmox 1
- Loading branch information
Showing
11 changed files
with
371 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
name: "Update VMS" | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
- test | ||
- dev | ||
paths: | ||
- 'proxmox/prx-prod-2/terraform/*.tf' | ||
pull_request: | ||
branches: | ||
- main | ||
- test | ||
- dev | ||
paths: | ||
- 'proxmox/prx-prod-2/terraform/*.tf' | ||
workflow_dispatch: | ||
|
||
defaults: | ||
run: | ||
working-directory: proxmox/prx-prod-2/terraform | ||
|
||
env: | ||
TF_VAR_PRX_PROD_2_URL: ${{ secrets.PRX_PROD_2_URL }} | ||
TF_VAR_PRX_PROD_2_USER: ${{ secrets.PRX_PROD_2_USER }} | ||
TF_VAR_PRX_PROD_2_TOKEN: ${{ secrets.PRX_PROD_2_TOKEN }} | ||
|
||
jobs: | ||
terraform: | ||
runs-on: "self-hosted" | ||
steps: | ||
|
||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Setup Terraform | ||
uses: hashicorp/setup-terraform@v1 | ||
with: | ||
# terraform_version: 0.13.0: | ||
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | ||
|
||
- name: Terraform Format | ||
id: fmt | ||
run: terraform fmt -check | ||
|
||
- name: Terraform Init | ||
id: init | ||
run: terraform init | ||
|
||
- name: Terraform Validate | ||
id: validate | ||
run: terraform validate -no-color | ||
|
||
- name: Terraform Plan | ||
id: plan | ||
if: github.event_name == 'pull_request' | ||
run: terraform plan -no-color -input=false | ||
continue-on-error: true | ||
|
||
- uses: actions/github-script@v6 | ||
if: github.event_name == 'pull_request' | ||
env: | ||
PLAN: "terraform\n${{ steps.plan.outputs.stdout }}" | ||
with: | ||
github-token: ${{ secrets.GITHUB_TOKEN }} | ||
script: | | ||
const output = `#### Terraform Format and Style 🖌\`${{ steps.fmt.outcome }}\` | ||
#### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\` | ||
#### Terraform Validation 🤖\`${{ steps.validate.outcome }}\` | ||
#### Terraform Plan 📖\`${{ steps.plan.outcome }}\` | ||
<details><summary>Show Plan</summary> | ||
\`\`\`\n | ||
${process.env.PLAN} | ||
\`\`\` | ||
</details> | ||
*Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`; | ||
github.rest.issues.createComment({ | ||
issue_number: context.issue.number, | ||
owner: context.repo.owner, | ||
repo: context.repo.repo, | ||
body: output | ||
}) | ||
- name: Terraform Plan Status | ||
if: steps.plan.outcome == 'failure' | ||
run: exit 1 | ||
|
||
- name: Terraform Apply | ||
if: github.event_name == 'push' | ||
run: terraform apply -auto-approve -input=false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
- hosts: "{{ hosts }}" | ||
|
||
become: yes | ||
tasks: | ||
|
||
- name: install core packages | ||
apt: | ||
name: | ||
- prometheus-node-exporter | ||
- nfs-common | ||
update_cache: yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
- hosts: | ||
- srv-prod-1.home.clcreative.de | ||
- srv-prod-2.home.clcreative.de | ||
|
||
become: yes | ||
tasks: | ||
|
||
# Breaks existing Docker Servers! | ||
# Change Tasks for separate group! | ||
|
||
# Install Docker | ||
# - name: install prerequisites | ||
# apt: | ||
# name: | ||
# - docker.io | ||
# update_cache: yes | ||
|
||
# - name: add user permissions | ||
# shell: "usermod -aG docker {{ ansible_env.SUDO_USER }}" | ||
|
||
# - name: Reset ssh connection for changes to take effect | ||
# meta: "reset_connection" | ||
|
||
# Install Docker Compose | ||
- name: install docker-compose | ||
apt: | ||
name: | ||
- docker-compose | ||
update_cache: yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
- hosts: all | ||
|
||
become: yes | ||
tasks: | ||
|
||
# Deploy SSH Key | ||
# -- | ||
- name: install public keys | ||
ansible.posix.authorized_key: | ||
user: "{{ lookup('env','USER') }}" | ||
state: present | ||
key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}" | ||
|
||
|
||
# Set all sudoers to no password | ||
# -- | ||
- name: change sudoers file | ||
lineinfile: | ||
path: /etc/sudoers | ||
state: present | ||
regexp: '^%sudo' | ||
line: '%sudo ALL=(ALL) NOPASSWD: ALL' | ||
validate: /usr/sbin/visudo -cf %s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
- hosts: "{{ hosts }}" | ||
|
||
become: yes | ||
tasks: | ||
|
||
- name: install core packages | ||
apt: | ||
name: | ||
- prometheus-node-exporter | ||
- nfs-common | ||
- qemu-guest-agent | ||
- unzip | ||
update_cache: yes | ||
|
||
- name: start guest qemu-guest-agent | ||
service: | ||
name: qemu-guest-agent | ||
state: started | ||
enabled: yes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
- hosts: "{{ hosts }}" | ||
|
||
become: yes | ||
tasks: | ||
# Upgrade packages | ||
- name: upgrade apt packages | ||
become: true | ||
apt: | ||
upgrade: yes | ||
update_cache: yes | ||
|
||
# Check if reboot is required | ||
- name: check if system reboot is required | ||
become: true | ||
stat: | ||
path: /var/run/reboot-required | ||
register: reboot_required | ||
|
||
# Send Discord message when reboot is required | ||
- name: Send Discord message | ||
uri: | ||
url: "{{ discord_webhook_url }}" | ||
method: POST | ||
body_format: json | ||
body: '{"content": "Reboot required on {{ inventory_hostname }}"}' | ||
headers: | ||
Content-Type: application/json | ||
status_code: 204 | ||
when: reboot_required.stat.exists |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
- hosts: "{{ hosts }}" | ||
|
||
tasks: | ||
|
||
- name: Get disk usage | ||
command: df -h | ||
register: disk_usage | ||
|
||
- name: Check disk space available | ||
shell: df -h / | awk 'NR==2 {print $5}' | ||
register: disk_usage | ||
|
||
# Send Discord message when disk space is over 80% | ||
- name: Send Discord message | ||
uri: | ||
url: "{{ discord_webhook_url }}" | ||
method: POST | ||
body_format: json | ||
body: '{"content": "Disk space on {{ inventory_hostname }} is above 80%!"}' | ||
headers: | ||
Content-Type: application/json | ||
status_code: 204 | ||
when: disk_usage.stdout[:-1]|int > 80 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
- hosts: "{{ hosts }}" | ||
|
||
tasks: | ||
|
||
- name: Prune non-dangling, and dangling images | ||
community.docker.docker_prune: | ||
containers: false | ||
images: true | ||
images_filters: | ||
dangling: false | ||
networks: false | ||
volumes: false | ||
builder_cache: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
terraform { | ||
required_version = ">= 0.13.0" | ||
|
||
required_providers { | ||
proxmox = { | ||
source = "telmate/proxmox" | ||
version = "=2.9.14" | ||
} | ||
} | ||
cloud { | ||
organization = "clcreative" | ||
|
||
workspaces { | ||
name = "prx-prod-2" | ||
} | ||
} | ||
} | ||
|
||
variable "PRX_PROD_2_URL" { | ||
type = string | ||
} | ||
|
||
variable "PRX_PROD_2_USER" { | ||
type = string | ||
} | ||
|
||
variable "PRX_PROD_2_TOKEN" { | ||
type = string | ||
sensitive = true | ||
} | ||
|
||
provider "proxmox" { | ||
pm_api_url = var.PRX_PROD_2_URL | ||
pm_api_token_id = var.PRX_PROD_2_USER | ||
pm_api_token_secret = var.PRX_PROD_2_TOKEN | ||
pm_tls_insecure = false | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
resource "proxmox_vm_qemu" "srv-demo-5" { | ||
name = "srv-demo-5" | ||
desc = "Demo Server 5" | ||
agent = 1 | ||
target_node = "prx-prod-1" | ||
|
||
tags = "test" | ||
|
||
onboot = true | ||
automatic_reboot = true | ||
qemu_os = "other" | ||
|
||
vmid = 307 | ||
clone = "ubuntu-server-test-1" | ||
full_clone = true | ||
define_connection_info = true | ||
|
||
cores = 1 | ||
sockets = 1 | ||
cpu = "host" | ||
memory = 2048 | ||
|
||
network { | ||
bridge = "vmbr0" | ||
model = "virtio" | ||
} | ||
|
||
scsihw = "virtio-scsi-pci" | ||
|
||
disk { | ||
storage = "local-ssd" | ||
type = "virtio" | ||
size = "40G" | ||
} | ||
|
||
# Cloud Init Settings | ||
os_type = "cloud-init" | ||
ipconfig0 = "ip=10.20.3.7/16,gw=10.20.0.1" | ||
nameserver = "10.20.0.1" | ||
ciuser = "xcad" | ||
cipassword = "testtest" | ||
sshkeys = <<EOF | ||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsYvxYCpI90al2rJiyccPYNrvjHKLhvgTJVDssAL29jAPhl46gQctL98yZ+Rx9E3dLiHhs8SP14X2m50XbxX+QnjEjq2ywCqu359YMiitvaOgWMzKIaeiwnDngHc5NY+eC8t88bhhKmQPjejmdLSApLu7ObJ/9by2fjWptmqrkkhc1WQs58oYwNDenOd9UNaWcXtyPf2AGIIze2r1cFaEwAPyNtTlzCeqj41jKHLYorvU0CU5KUqgcgswXSgOC+moYac4WIUJCZCCU/s354NpKcJMYN/eiEpK1nZR/jhIe/pEsG4oIbCHy7f+PZruNhF6hi8UvhT+MHS0wwID/gj+UQPyg9GVieiQ1hv+NpLImkTdVJKemMf02548jEPhcrgLowuBemvtf4NHJE0FUH3chTu/Ioi66XKiedWdHMGLTBlWIUMuIYzHeFWLzCg8BqpQK0D7H48W7aku6JgWfhBdy5COvaglpRxlTAac8KURNtR1FRjxX9Lh1hHU+i5nLhIc= WSL2/XWIN | ||
EOF | ||
} | ||
|
||
resource "proxmox_vm_qemu" "srv-demo-6" { | ||
name = "srv-demo-6" | ||
desc = "Demo Server 6" | ||
agent = 1 | ||
target_node = "prx-prod-1" | ||
|
||
tags = "test" | ||
|
||
onboot = true | ||
automatic_reboot = true | ||
qemu_os = "other" | ||
|
||
vmid = 308 | ||
clone = "ubuntu-server-test-1" | ||
full_clone = true | ||
define_connection_info = true | ||
|
||
cores = 1 | ||
sockets = 1 | ||
cpu = "host" | ||
memory = 2048 | ||
|
||
network { | ||
bridge = "vmbr0" | ||
model = "virtio" | ||
} | ||
|
||
scsihw = "virtio-scsi-pci" | ||
|
||
disk { | ||
storage = "local-ssd" | ||
type = "virtio" | ||
size = "40G" | ||
} | ||
|
||
# Cloud Init Settings | ||
os_type = "cloud-init" | ||
ipconfig0 = "ip=10.20.3.8/16,gw=10.20.0.1" | ||
nameserver = "10.20.0.1" | ||
ciuser = "xcad" | ||
sshkeys = <<EOF | ||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsYvxYCpI90al2rJiyccPYNrvjHKLhvgTJVDssAL29jAPhl46gQctL98yZ+Rx9E3dLiHhs8SP14X2m50XbxX+QnjEjq2ywCqu359YMiitvaOgWMzKIaeiwnDngHc5NY+eC8t88bhhKmQPjejmdLSApLu7ObJ/9by2fjWptmqrkkhc1WQs58oYwNDenOd9UNaWcXtyPf2AGIIze2r1cFaEwAPyNtTlzCeqj41jKHLYorvU0CU5KUqgcgswXSgOC+moYac4WIUJCZCCU/s354NpKcJMYN/eiEpK1nZR/jhIe/pEsG4oIbCHy7f+PZruNhF6hi8UvhT+MHS0wwID/gj+UQPyg9GVieiQ1hv+NpLImkTdVJKemMf02548jEPhcrgLowuBemvtf4NHJE0FUH3chTu/Ioi66XKiedWdHMGLTBlWIUMuIYzHeFWLzCg8BqpQK0D7H48W7aku6JgWfhBdy5COvaglpRxlTAac8KURNtR1FRjxX9Lh1hHU+i5nLhIc= WSL2/XWIN | ||
EOF | ||
} |