amirmoghi3
/
ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ops/playbooks/server/buildSingleServerFtsco.yml

135 lines
2.7 KiB
YAML
Raw Blame History

---
- name: server initial command
hosts: 'fts'
become: yes
become_method: sudo
become_user: root
vars_files:
- var/registry.yml
tasks:
# - name: set shecan dns
# copy:
# src: ../dns/resolv.conf
# dest: /etc/resolv.conf
# owner: root
# group: root
# mode: u=rwx,g=rwx,o=rwx
# - name: disable ufw
# shell: ufw disable
# - name: disable swap
# shell: swapoff -a
# - name: sid swap off in fstab
# shell: sed -i '/swap/d' /etc/fstab
# - name: set timezone
# shell: timedatectl set-timezone Asia/Tehran
# - name: apt-get update
# apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
# - name: add docker key and add docker repo
# shell: |
# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
# sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
# - name: installing docker dependencies
# apt:
# name: "{{item}}"
# state: present
# update_cache: yes
# with_items:
# - ca-certificates
# - curl
# - gnupg
# - lsb-release
# - name: installing docker-ce and docker-ce-cli and
# apt:
# name: "{{item}}"
# state: present
# update_cache: yes
# with_items:
# - docker-ce
# - docker-ce-cli
# - containerd.io
- name: start and enable docker and containerd
service:
name: "{{item}}"
state: started
enabled: yes
with_items:
- docker
- containerd
- name: installing nginx and certbot
apt:
name: "{{item}}"
state: present
update_cache: yes
with_items:
- nginx
- letsencrypt
- python3-certbot-nginx
- name: create the docker user account
user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
- name: allow 'dockerman' to use sudo without needing a password
lineinfile:
dest: /etc/sudoers
line: 'dockerman ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
- name: add user to docker group
user:
name: dockerman
groups: docker
state: present
- name: reset and enable docker
shell: |
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
# add docker home to enviroment variable
- name: login docker
become: dockerman
shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }}
- name: reboot
shell: reboot
ignore_errors: yes
Reference in New Issue View Git Blame Copy Permalink