diff options
| author | alex <alex@pdp7.net> | 2023-02-02 23:58:36 +0100 |
|---|---|---|
| committer | alex <alex@pdp7.net> | 2023-02-02 23:58:36 +0100 |
| commit | 8e54f471100c737585c89a69efcd1eb0ea22f52e (patch) | |
| tree | 89c61d6d37af7637f34b44ef9b20b3cbac7af7e1 | |
| parent | 2b3bebbb4729643b612f8494486ba1fc50f7a4e6 (diff) | |
Deploy ragent
| -rwxr-xr-x | personal_infra/playbooks/roles/deploy_ragent/files/get.py | 16 | ||||
| -rw-r--r-- | personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml | 39 | ||||
| -rw-r--r-- | personal_infra/playbooks/roles/deploy_ragent/vars/main.yml | 26 | ||||
| -rw-r--r-- | personal_infra/playbooks/site.yaml | 6 | ||||
| -rw-r--r-- | personal_infra/puppet/site/00-common.pp | 5 | ||||
| -rw-r--r-- | personal_infra/requirements.txt | 1 |
6 files changed, 93 insertions, 0 deletions
diff --git a/personal_infra/playbooks/roles/deploy_ragent/files/get.py b/personal_infra/playbooks/roles/deploy_ragent/files/get.py new file mode 100755 index 00000000..d0a78618 --- /dev/null +++ b/personal_infra/playbooks/roles/deploy_ragent/files/get.py @@ -0,0 +1,16 @@ +#!/usr/bin/env python3 + +import json +import sys +import urllib.request + +run_id = sys.argv[1] + +if run_id == "last": + runs = json.loads(urllib.request.urlopen("https://api.github.com/repos/alexpdp7/ragent/actions/runs?branch=master").read().decode('utf8')) + run_id = runs["workflow_runs"][0]["id"] + +run = json.loads(urllib.request.urlopen("https://api.github.com/repos/alexpdp7/ragent/actions/runs/%s" % run_id).read().decode('utf8')) +artifacts = json.loads(urllib.request.urlopen(run['artifacts_url']).read().decode('utf8'))['artifacts'] +urls = {a['name']: 'https://api.github.com/repos/alexpdp7/ragent/actions/artifacts/%s/zip' % a["id"] for a in artifacts} +print(json.dumps(urls)) diff --git a/personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml b/personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml new file mode 100644 index 00000000..77398677 --- /dev/null +++ b/personal_infra/playbooks/roles/deploy_ragent/tasks/main.yml @@ -0,0 +1,39 @@ +--- +- name: get url + local_action: + module: command + cmd: "{{ inventory_dir }}/playbooks/roles/deploy_ragent/files/get.py {{ run_id|default('last') }}" + run_once: True + register: url +- name: download package + uri: + url: "{{ url.stdout|from_json|json_query(ragent['package_key'][ansible_os_family][ansible_distribution_major_version][ansible_architecture]) }}" + dest: /tmp/ragent_downloaded_package.zip + user: " {{ ragent_download['user'] }}" + password: "{{ ragent_download['token'] }}" + force_basic_auth: yes + follow_redirects: all +- name: unzip + unarchive: + src: /tmp/ragent_downloaded_package.zip + dest: /tmp + list_files: yes + remote_src: yes + register: unzipped +- name: remove previous + package: + name: ragent + state: absent +- name: install package + command: "{{ ragent['install_command'][ansible_os_family] }} /tmp/{{ unzipped.files[0] }}" +- name: configure service + service: + name: ragent + enabled: yes + state: restarted +- name: open firewall + command: firewall-cmd --permanent --add-port=21488/tcp + when: ansible_os_family == "RedHat" and ansible_distribution_major_version in ("7", "8", "9") and ansible_virtualization_type != "lxc" +- name: reload firewall + command: firewall-cmd --reload + when: ansible_os_family == "RedHat" and ansible_distribution_major_version in ("7", "8", "9") and ansible_virtualization_type != "lxc" diff --git a/personal_infra/playbooks/roles/deploy_ragent/vars/main.yml b/personal_infra/playbooks/roles/deploy_ragent/vars/main.yml new file mode 100644 index 00000000..9a67c50d --- /dev/null +++ b/personal_infra/playbooks/roles/deploy_ragent/vars/main.yml @@ -0,0 +1,26 @@ +--- +ragent: + package_key: + Debian: + '9': + x86_64: debian_stretch + armv7l: debian_stretch_rpi3 + '10': # apparently the stretch package works for buster + x86_64: debian_stretch + armv7l: debian_stretch_rpi3 + '11': # apparently the stretch package works for bullseye + x86_64: debian_stretch + armv7l: debian_stretch_rpi3 + '20': # and it also works for Ubuntu 20.04 + x86_64: debian_stretch + RedHat: + '7': + x86_64: el7 + '8': + x86_64: el8 + aarch64: el8_rpi4 + '9': + x86_64: el8 + install_command: + Debian: "dpkg -i" + RedHat: "rpm -i" diff --git a/personal_infra/playbooks/site.yaml b/personal_infra/playbooks/site.yaml index 571e0f1d..c6d11b04 100644 --- a/personal_infra/playbooks/site.yaml +++ b/personal_infra/playbooks/site.yaml @@ -18,6 +18,12 @@ roles: - join_ipa +- name: deploy ragent + hosts: all + tags: deploy_ragent + roles: + - deploy_ragent + - name: verify root mail hosts: all tags: verify_root_mail diff --git a/personal_infra/puppet/site/00-common.pp b/personal_infra/puppet/site/00-common.pp index 58c035cd..cb0126bb 100644 --- a/personal_infra/puppet/site/00-common.pp +++ b/personal_infra/puppet/site/00-common.pp @@ -22,3 +22,8 @@ nagios_service {"${nagios_host}-ssh": service_description => "ssh", check_command => "check_ssh", } + +# https://github.com/alexpdp7/ragent/issues/352 +if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] == '9' { + package {'compat-openssl11':} +} diff --git a/personal_infra/requirements.txt b/personal_infra/requirements.txt index b8934aae..769f7252 100644 --- a/personal_infra/requirements.txt +++ b/personal_infra/requirements.txt @@ -3,6 +3,7 @@ ansible-core==2.14.1 cffi==1.15.1 cryptography==38.0.4 Jinja2==3.1.2 +jmespath==1.0.1 MarkupSafe==2.1.1 packaging==22.0 pycparser==2.21 |