feat: Introduce an Ansible common role for base system configuration, including packages, users, and Netplan networking, alongside Semaphore playbooks for system bootstrapping and Proxmox management.

2026-01-19 03:47:55 -05:00
parent 7be62c7a45
commit fcb2119859
11 changed files with 232 additions and 0 deletions
--- a/ansible/playbooks/semaphore/bootstrap.yml
+++ b/ansible/playbooks/semaphore/bootstrap.yml
@@ -0,0 +1,26 @@
 ---
 - name: Register Target Host
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
    - name: Verify target_host is defined
      fail:
        msg: "The 'target_host' variable must be defined (e.g. 192.168.1.10)"
      when: target_host is not defined
    - name: Add target host to inventory
      add_host:
        name: target_node
        ansible_host: "{{ target_host }}"
        ansible_user: "{{ target_user | default('root') }}"
        ansible_ssh_pass: "{{ target_password | default(omit) }}"
        ansible_ssh_private_key_file: "{{ target_private_key_file | default(omit) }}"
        ansible_python_interpreter: /usr/bin/python3
 - name: Bootstrap Node
  hosts: target_node
  become: yes
  gather_facts: yes
  roles:
    - common
--- a/ansible/playbooks/semaphore/configure_networking.yml
+++ b/ansible/playbooks/semaphore/configure_networking.yml
@@ -0,0 +1,29 @@
 ---
 - name: Register Target Host
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
    - name: Verify target_host is defined
      fail:
        msg: "The 'target_host' variable must be defined (e.g. 192.168.1.10)"
      when: target_host is not defined
    - name: Add target host to inventory
      add_host:
        name: target_node
        ansible_host: "{{ target_host }}"
        ansible_user: "{{ target_user | default('root') }}"
        ansible_ssh_pass: "{{ target_password | default(omit) }}"
        ansible_ssh_private_key_file: "{{ target_private_key_file | default(omit) }}"
        ansible_python_interpreter: /usr/bin/python3
 - name: Configure Networking
  hosts: target_node
  become: yes
  gather_facts: yes
  tasks:
    - name: Run networking task from common role
      include_role:
        name: common
        tasks_from: networking.yml
--- a/ansible/playbooks/semaphore/configure_users.yml
+++ b/ansible/playbooks/semaphore/configure_users.yml
@@ -0,0 +1,29 @@
 ---
 - name: Register Target Host
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
    - name: Verify target_host is defined
      fail:
        msg: "The 'target_host' variable must be defined (e.g. 192.168.1.10)"
      when: target_host is not defined
    - name: Add target host to inventory
      add_host:
        name: target_node
        ansible_host: "{{ target_host }}"
        ansible_user: "{{ target_user | default('root') }}"
        ansible_ssh_pass: "{{ target_password | default(omit) }}"
        ansible_ssh_private_key_file: "{{ target_private_key_file | default(omit) }}"
        ansible_python_interpreter: /usr/bin/python3
 - name: Configure Users
  hosts: target_node
  become: yes
  gather_facts: yes
  tasks:
    - name: Run users task from common role
      include_role:
        name: common
        tasks_from: users.yml
--- a/ansible/playbooks/semaphore/manage_proxmox.yml
+++ b/ansible/playbooks/semaphore/manage_proxmox.yml
@@ -0,0 +1,34 @@
 ---
 - name: Register Proxmox Host
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
    - name: Verify proxmox_host is defined
      fail:
        msg: "The 'proxmox_host' variable must be defined."
      when: proxmox_host is not defined
    - name: Verify proxmox_action is defined
      fail:
        msg: "The 'proxmox_action' variable must be defined (e.g. create_vm, create_template, delete_vm)."
      when: proxmox_action is not defined
    - name: Add Proxmox host to inventory
      add_host:
        name: proxmox_node
        ansible_host: "{{ proxmox_host }}"
        ansible_user: "{{ proxmox_user | default('root') }}"
        ansible_ssh_pass: "{{ proxmox_password | default(omit) }}"
        ansible_ssh_private_key_file: "{{ proxmox_private_key_file | default(omit) }}"
        ansible_python_interpreter: /usr/bin/python3
 - name: Execute Proxmox Action
  hosts: proxmox_node
  become: yes
  gather_facts: yes
  vars:
    # Explicitly map the action variable if needed, though role should pick it up from host vars or extra vars
    proxmox_action: "{{ proxmox_action }}"
  roles:
    - proxmox_vm
--- a/ansible/roles/common/defaults/main.yml
+++ b/ansible/roles/common/defaults/main.yml
@@ -0,0 +1,30 @@
 ---
 # Common packages to install
 common_packages:
  - curl
  - wget
  - git
  - vim
  - htop
  - net-tools
  - unzip
  - dnsutils
  - software-properties-common
  - ca-certificates
  - gnupg
  - openssh-server
 # SSH Configuration
 common_ssh_users:
  - name: "{{ ansible_user_id }}"
    keys: [] 
    # Add your keys in inventory or group_vars override
 # Networking
 common_configure_static_ip: false
 common_interface_name: "eth0"
 # common_ip_address: "192.168.1.100/24"
 # common_gateway: "192.168.1.1"
 common_dns_servers:
  - "1.1.1.1"
  - "8.8.8.8"
--- a/ansible/roles/common/handlers/main.yml
+++ b/ansible/roles/common/handlers/main.yml
@@ -0,0 +1,6 @@
 ---
 - name: Apply Netplan
  shell: netplan apply
  async: 45
  poll: 0
  ignore_errors: yes
--- a/ansible/roles/common/tasks/main.yml
+++ b/ansible/roles/common/tasks/main.yml
@@ -0,0 +1,10 @@
 ---
 - name: Install common packages
  import_tasks: packages.yml
 - name: Configure users and SSH keys
  import_tasks: users.yml
 - name: Configure networking
  import_tasks: networking.yml
  when: common_configure_static_ip | bool
--- a/ansible/roles/common/tasks/networking.yml
+++ b/ansible/roles/common/tasks/networking.yml
@@ -0,0 +1,23 @@
 ---
 - name: Verify required variables for static IP
  fail:
    msg: "common_ip_address and common_interface_name must be defined when common_configure_static_ip is true."
  when:
    - common_configure_static_ip | bool
    - (common_ip_address is not defined or common_ip_address | length == 0 or common_interface_name is not defined)
 - name: Install netplan.io
  apt:
    name: netplan.io
    state: present
  when: ansible_os_family == "Debian"
 - name: Configure Netplan
  template:
    src: netplan_config.yaml.j2
    dest: /etc/netplan/01-netcfg.yaml
    owner: root
    group: root
    mode: '0644'
  notify: Apply Netplan
  when: common_configure_static_ip | bool
--- a/ansible/roles/common/tasks/packages.yml
+++ b/ansible/roles/common/tasks/packages.yml
@@ -0,0 +1,12 @@
 ---
 - name: Update apt cache
  apt:
    update_cache: yes
    cache_valid_time: 3600
  when: ansible_os_family == "Debian"
 - name: Install common packages
  apt:
    name: "{{ common_packages }}"
    state: present
  when: ansible_os_family == "Debian"
--- a/ansible/roles/common/tasks/users.yml
+++ b/ansible/roles/common/tasks/users.yml
@@ -0,0 +1,18 @@
 ---
 - name: Ensure users exist
  user:
    name: "{{ item.name }}"
    shell: /bin/bash
    groups: sudo
    append: yes
    state: present
  loop: "{{ common_ssh_users }}"
  when: item.create_user | default(false)
 - name: Add SSH keys
  authorized_key:
    user: "{{ item.0.name }}"
    key: "{{ item.1 }}"
  loop: "{{ common_ssh_users | subelements('keys', skip_missing=True) }}"
  loop_control:
    label: "{{ item.0.name }}"
--- a/ansible/roles/common/templates/netplan_config.yaml.j2
+++ b/ansible/roles/common/templates/netplan_config.yaml.j2
@@ -0,0 +1,15 @@
 network:
  version: 2
  ethernets:
    {{ common_interface_name }}:
      dhcp4: no
      addresses:
        - {{ common_ip_address }}
 {% if common_gateway %}
      gateway4: {{ common_gateway }}
 {% endif %}
      nameservers:
        addresses:
 {% for server in common_dns_servers %}
          - {{ server }}
 {% endfor %}