summaryrefslogtreecommitdiffstats
path: root/tools/cicdansible/roles
diff options
context:
space:
mode:
Diffstat (limited to 'tools/cicdansible/roles')
-rw-r--r--tools/cicdansible/roles/configure_instances/tasks/cicd_registry.yml10
-rw-r--r--tools/cicdansible/roles/configure_instances/tasks/general.yml26
-rw-r--r--tools/cicdansible/roles/configure_instances/tasks/main.yml5
-rw-r--r--tools/cicdansible/roles/configure_instances/templates/daemon.json.j23
4 files changed, 44 insertions, 0 deletions
diff --git a/tools/cicdansible/roles/configure_instances/tasks/cicd_registry.yml b/tools/cicdansible/roles/configure_instances/tasks/cicd_registry.yml
new file mode 100644
index 00000000..f3c54ca3
--- /dev/null
+++ b/tools/cicdansible/roles/configure_instances/tasks/cicd_registry.yml
@@ -0,0 +1,10 @@
+#Configure access to cicd docker registry.
+- name: "Ensure that docker config directory exists"
+ file:
+ path: /etc/docker
+ mode: 0700
+ state: directory
+- name: "Allow insecure access to cicd docker registry"
+ template:
+ src: daemon.json.j2
+ dest: /etc/docker/daemon.json
diff --git a/tools/cicdansible/roles/configure_instances/tasks/general.yml b/tools/cicdansible/roles/configure_instances/tasks/general.yml
new file mode 100644
index 00000000..6ed9982e
--- /dev/null
+++ b/tools/cicdansible/roles/configure_instances/tasks/general.yml
@@ -0,0 +1,26 @@
+#General instance configuration.
+#Modify /etc/hosts on every instance to add every instance there including itself.
+- name: "Add hosts to /etc/hosts"
+ lineinfile:
+ path: /etc/hosts
+ insertafter: EOF
+ regexp: "^[^ ]+ {{ item }}$"
+ state: present
+ line: "{{ hostvars[item].ansible_default_ipv4.address }} {{ item }}"
+ loop: "{{ groups['instances'] }}"
+#Copy private ssh key to instances for easy connecting between them.
+- name: "Ensure ssh directory exists"
+ file:
+ path: /root/.ssh
+ owner: root
+ group: root
+ mode: 0700
+ state: directory
+- name: "Install ssh private key"
+ copy:
+ src: "{{ ansible_private_key_file }}"
+ dest: /root/.ssh/id_rsa
+ mode: 0400
+#Add public ssh host keys of all instances to trust them.
+- name: "Add host keys of instances to known_hosts"
+ shell: "ssh-keyscan {{ groups['instances'] | join(' ') }} > /root/.ssh/known_hosts"
diff --git a/tools/cicdansible/roles/configure_instances/tasks/main.yml b/tools/cicdansible/roles/configure_instances/tasks/main.yml
new file mode 100644
index 00000000..fe5b4b7d
--- /dev/null
+++ b/tools/cicdansible/roles/configure_instances/tasks/main.yml
@@ -0,0 +1,5 @@
+#Initial instance configuration.
+- include_tasks: general.yml
+#Configure cicd registry access, but skip installer.
+- include_tasks: cicd_registry.yml
+ when: "inventory_hostname != 'installer'"
diff --git a/tools/cicdansible/roles/configure_instances/templates/daemon.json.j2 b/tools/cicdansible/roles/configure_instances/templates/daemon.json.j2
new file mode 100644
index 00000000..1c3ca9bb
--- /dev/null
+++ b/tools/cicdansible/roles/configure_instances/templates/daemon.json.j2
@@ -0,0 +1,3 @@
+{
+"insecure-registries": ["{{ cicd_docker_registry }}"]
+}