From 987d15f6d936c07487138961140d45449ce6fda4 Mon Sep 17 00:00:00 2001 From: Someone Date: Fri, 4 Oct 2024 13:42:29 +0200 Subject: [PATCH] Somesible public base. Self updating and ansible-pull/auto-selfhealing ready. --- .ssh/config | 26 +++++++ .ssh/key | 99 ++++++++++++++++++++++++ .ssh/key.pub | 1 + THIS_IS_SUPPOSED_TO_BE_A_GIT_SUBMODULE | 7 ++ ansible.cfg | 15 ++++ ansible.inventory | 1 + example.somesible.conf | 15 ++++ group_files | 1 + group_vars | 1 + host_files | 1 + host_playbooks | 1 + host_vars | 1 + run_somesible.sh | 86 +++++++++++++++++++++ site_base.yml | 39 ++++++++++ site_parent.yml | 16 ++++ update_somesible.sh | 101 +++++++++++++++++++++++++ 16 files changed, 411 insertions(+) create mode 100644 .ssh/config create mode 100644 .ssh/key create mode 100644 .ssh/key.pub create mode 100644 THIS_IS_SUPPOSED_TO_BE_A_GIT_SUBMODULE create mode 100644 ansible.cfg create mode 120000 ansible.inventory create mode 100644 example.somesible.conf create mode 120000 group_files create mode 120000 group_vars create mode 120000 host_files create mode 120000 host_playbooks create mode 120000 host_vars create mode 100755 run_somesible.sh create mode 100644 site_base.yml create mode 100644 site_parent.yml create mode 100755 update_somesible.sh diff --git a/.ssh/config b/.ssh/config new file mode 100644 index 0000000..709e24d --- /dev/null +++ b/.ssh/config @@ -0,0 +1,26 @@ +# +############################## +## somenet.org ansible tool ## +############################## +# +# For each parameter, the first obtained value will be used. +# + +Protocol 2 +BatchMode yes +HashKnownHosts no +IdentitiesOnly yes + +Host git.somenet.org + Compression yes + StrictHostKeyChecking no + Port 2 + User git + PubkeyAuthentication yes + # ansible "pull/first-run" updater + IdentityFile ~/.ssh/somesible_autoupdater_key + # "autoupdater" + IdentityFile ./.ssh/key + +Host * + PubkeyAuthentication no diff --git a/.ssh/key b/.ssh/key new file mode 100644 index 0000000..021b0fa --- /dev/null +++ b/.ssh/key @@ -0,0 +1,99 @@ +-----BEGIN RSA PRIVATE KEY----- +MIISKAIBAAKCBAEApbb70Svr2dX+K8xuc7j/BIaHdSCwFl0fBeS7pa0b8/aB3DJT +PxyjpNbthFSau3T2Xl2y23svXllQ3IOOGugKM++DUCQJ8Tl1jOoJa/4mX5bIbD8i +NH3CAd0+cQxmqOyL7lV2NXOzL0r8hLxCWC5D1y0ku1+1MJA51w9SOWhPP7TXX6fA +E2G2R8ThQ4+UtYCSSFKS++lgoIej1hiyGOY2p01v7eOieMa+DMxtAureSj9Bnj5U +ZbwGdqXyi+w35j+t6OA740I44z8NqxHWd5rzjVJIBfCftTo6Q7Hjj9yuPWgBQHQK +0ua+FphE+o+AfuylX/RiVQmVoRajZlRUgBC5h1yeVjsf5WlCHmqwpRN0bqkVW+6+ +4qKhmQKFpbvOdPT9o4yi/ZIFZ2VT8kgsrYifNvWPwLaPsz19iqvEBeciAe9lzPbE +ln6ZYmihxiKhL8QS2+m2fsVogngwxGigi/Dzxw0ff6GAV89k/+v+4kFCpwAF0qI+ +mkpICWn2+Snq9ZQBF50M9dNlVIOFgdddCE5BbLP9TMSNd0HWQ7kcScs3HikoW1Dn +3bPm/iB3O7XKpM6i6Gk+KD0Q8UtIFfepBrKmtSOI8yv17fNQBoNqDS3ojMDh0esz +WcMp0DYXnZ4XtjAxD8DuqP/8uieSwzxYqgy5QEvKKvbTrytltotQuiNCFIakGJVs +McPpLaeSqzKT0GbQ/0jg8l91KDNMaUC2PDFprEUz1Bm3zZAOzKe74Oi68LKOC64P +GZrIUc00bPpGIzLWNXtn+obDdUagcsQgzL3ih/yzm8e3onHbdx//SMM5qnihl6L5 +T0MC8CfeT45NkeyA/inAg57j1xKnSWIs95KZ2eDmK23rKhc1qd41H8F41OYfanUK +xNQZXWI4LsIh+iqaGBN9v7GRhN79BGcIQsNLZZaNqdYeI8YVIiinT9LjvFPDk9KI +/u4esxTwzUZBdaArQF/QOiXrHHbYyqAPID8kaOaTg2Y9OxjlhyS+gvz11tmfVOp+ +bou2lICW5yWlE14dX9rLEGFivaiyvnHx04CWHZuyvOwbrlWZzf6K94pUSkZab7Io +YP9uB47gYcqm6txC78G/IVBf57L7S/S/mdmoe1l1Ls60eVfeNbBFkiPnYXq1dz3c +8V6jLx6aVfm+YL4q67p1IvijHCMue+2RFeJCQJ7wZXuUEC5wX2tT+HISuQQt/Q+3 +8KNMdkQPz+SSVOsurOVO2JOKbJA7f2S0gtvpGNl3LtjwRBBCpp+kFH2pK+qN7lwj +afsc8oaE0n/ihkyzKGkXZKRP64BNasb8uxCFouN0Qd5oq6JykKrdeSDALIz0uMqQ +zV4x8Iw21Lf5GLmhy7x15WInTwoLbdJaV4HgtQIDAQABAoIEAQCOCYpLnlbYbvgd +uGrPm7hRu7FtLmhfss99cLF57yevcxGZmDUMOlL1XhdVPmMl27mz5qIAR9SxDOMn +L0dlPpBINboavdkbvsFH1+3dd4iSlB4T0gVScpwQlv8HTLbNgXrq/KuGYzYpih9o +8if3hyg0zgfW5tDZ4DUDZal3dTXACBQ2dAVJV44yc8kU7INtEtfPT5+WdlGRJtHC +F4bHmsMroU8X2u4OkWKie7HQN1nyz8dBiHE0hfYQSmrbjcvX+arpmREb2E4EUa44 +e+CUweaRsf3zwWxSnKcGEPpY+7EJBxVTlmMUpBw4J6mwDcH4iIOy/DgwZTewTEQf +2JZY8nzjTfqVNLZBH3hBs/bWdxdsJlcdZkSM4xKZoLTG+nOagcbJISkvKLKjDhHm +8AADeb/mDpJ5fsEqw8DQVCt/V74pZHWgOb8Es1xrIf3PYy0/UNNNVURL4o6SjcxW +/MrnR87bRR9DeT0VhrkuNqxQZ9lmZLmY8eGww4x9LSs4I7q1ZXeOMtnB9sC6sMSF +JwAht1mSf6/T1gDfQDoT8B0UDy+eFW723iDvQVzzYwZv0oDvxAGULWjOepEEER+n +XJCvIf+L8PpYW8y+eLeV7Zu/0iKqSkUEdZGdFY/IXCTfv3rZePMEarzldAy9zl+Y +IihpEODUAGI3czq7wPm8firicIgaKG/gpTOdgPXZKn9wg+Una0Fk53t6gzAAPeH7 +nIgpFh4jZXMFOQwr0ToDL+idUHi/HH65gnYT0PP5Jq6l8GHeZ3ohlXHsHvukUJey +ShpxxYdSHS/17o/QVA1kyirP/4D20saGJUeKSQSQF5gh1DtqaLkPpgslKmOCoy6t +Euswn9E+cpgg3+rNlPEk52vj08onQhvIUj9p/gPQRKXXwsBkWYOHIytdAoJ5YOV1 +1TCZijcSCnNGJOlC/ocz/Dt7qNtB35k31cFR/MbuTT+EbTM+rnbF4oTeg4UXkZkm +N3oaoKpFP1hVXbDAIUsUpV914Q+TfuKdWOJac/ESNE3RYR0R4JkdztgqqXDZ3ZKn +o6b1S5EYc/aIDOpJ9DJotYcG2gHGSNSpv7M4c5nQO9CmYZIYceBoLcqHePScytqj +DAv0OYpmV/Nh5wPKbKgYg0AYzjIFKx0W4+NpHmI+fyb/8gnW9YDlEYdW4IhS9yf9 +ZG869CY2xT85pAp46LIfYPW98r3fdt4rd2nW4MZcYMZwXW+nWzTd8noVJHglCfdd +OG+G+JsgaO6Jlt7NBNp2fdikgKO484P8CT/UIWKdjm1snvM1lbMPH2WyaZlrlz3c +n7VvFDS0zuw5oAJQRog5tv6/672iFTEZUnM0/UX7wM1LvecL6LnEjRbHUd8Zv6mf +8TNU6jn9AoICAQDaMSa0Q/EeSGSfpkWKAtyuSILXxu4/RDl0PkM7xyX0qMYE7n9h +n7Ao/GdmIDlFx36uZ8taVQSTIoAwxAOrQE5Mx8s2QdOr+KFl5iVkSBywqVMbaHvn +OjMLlLSLy7e69T26L/XCNJQuCYUgR7o3Lyc4Cextp4NGUT3GZYJ47xEF8stfAdDV +6zdnAKWkOLPVz9iVWNwqDc2IkSzA7vaabue3Z2y9VNVNPiLuBVr/tKc+gS750/9t +FFvp+KADxJwOEb5FxvyeKTvq9xjO+yRku0JEkDOAn2EyXpj4fC0ZTxf6AXFp7Fnv +8wJJefmi+AYd8NxhPG2VBWW51GMx1gwzoDLspHZmxXCFfKvZmPUYHazOP2frLvij +yZblj55AAHBexB9FR+xC1HXndl4ZrN66AkCrJbt9ZbYqbW0OajAmnLhPamF9F4vA +9N4PzUGsehCeWwRLUand8ylz+OSqAMiV5gLFTCuoSG/tj9mje30s1pgKBzLqAt71 +C7EUNm2AytmTB6zccwUIC8TkL1/aAUFLxgPsw/xUMVnS67sIWUM32gKrVY1Sj/fp +t1LIg9VX5H1fG5x5XZdkcPcpCtsQhb68T3XuhmiQkx/FzYxov0XuVfiMdQpQmdC+ +WMTx+4Dkcu+Hne0zeeXrvk9n+eKQy7kSKfQk7qUh0Nf9UVN950zZJGC8vwKCAgEA +wm36kGnfMQZyUfeNmrYlFO+1iCtcmY7Ms+z2V7M11bkLlrN9bXVw//wFPHVXx030 +4MsM8zh3Yf8ol8aN1RpU0FYDxzyGoZ5qEK1JvjfypLGesD6RkxkB4IKofCa2raSA +UeRy2cfjE+o2Z2qNe97aXE6z1FHJCsx9d5K7aXDL6KG3qFoCBUiSzZA6/dFIxebG +9/VJasPcm2M/FfwAct8Tb1hZe+pC/wvObz6Ce0T3Bznrv5Ce6r0Lz/VN9fkby9eI +o6bJUxzV/JzhUnHWNjLLzK6udyYGjep1DKCkf0VP0CfEEgCkSM6d1GmW4RpQM6h4 +1l6LuXmZXQPCAr5QwPBwJva4TBhwKGc1T7kgTmDvZFXa7x3lv8lMYZ1iLRzlNZ8w +H+mhxUzsBul31JLnjqvzGD82EuVPHMz8pnnSIN1sKuoexF7DuHYavNMtYAD9s9M4 +F3n4oU2Prr/yl1rJzGTEwihbwGDadmmq3rQ8+1p+3YiNvqqtC5sRfMWtZ8aFGVaZ +01loWSzpwjOsJ9aYcoBJ33hpC4kOztymM9vqT/DlJ1q0vAXDjSpOugvt3NA7UKj4 +d1yc+FWXq9lWMODP3HXO6bB/NUZOvaMQuJGvI8+T6CqcD8CEI3KYHnBjwyudb+4C +mlsAGIfryeGhqfO1GfB9l6xbAOp1b27h3TsTS9d824sCggIAWJiKobnQxz4X9ad7 +Jw4Ac5gn4Nv605+tQKEjhbtYkx6QwWHiQU6pJgtPJO3Cs63Mp56nuLc600+4A5Uj +9D55TL33qsFR5MthJdIsrqqFU8p9X2yumvZL0dEA+p6urPB1rwtYXBIjdQoSj0fw +ugWghCWrZd8V89B7J/sB3n8cR3EN2TcQiDwpU960Y5lOlGwAAqyBQWY3ZdOk+3ZM +leqglh0dz0cKEYJAhquQBrJhEoU8AN9vIOiaZce5ma4Uu7XCr+ybmNEfbkoFPc5G +Ocy7nMF82CZfPiehL4ykd1lhX/eECMGax07CR/mKPv085p1truHtkQwPAUTXPl4u +uCu9Yc9p8FMNXHaCBSoRo0gxadHfLWT2OvNZHT+Sv2QuPJygIe6RZZWFhoXOsdg6 +3AacIaKBnepV7KZgGPFPOe56/Gwyx6tu6NvE61+p4hHye4pzlO3E7sWUuG2A0/Lb +f9pUl65VL9Cx+iFl+vbinflI5RGFP/YIeDHWJmHvVtOHQydjrmPZ0CmPOiRuZEQM +MmtmHpZ59+nOElH7sOkl3SDd4pordzHUNYdlytuVHko+CgdZIwK4vWUNRxIMX4of +J7GQLllPTh0fUp8i+0lnaN5pvQatOIssco3y8lrwPFLbJhMfRL6jeHTfI1YZBDhk +npaAdxqb3L5DZa3HHCF2V9lomlsCggIAGDbeN9IXq+Fjp3WvOw9oOt1HvHe6Bp3U +PKxMWcvF7qInIVOlUVaJBjh65nauwfGhh8WCDWCA7cF7arudumaXHYM44T1WfxZd +m0oZnwkUvRIp80U3mBxLMYzUMvIXWjTcjlZnP1w3malXsTWB/WVZyJk8qDqvURr6 +nUO294DGxGgvmVXsXoAVWGiYEDhaWdtN+F+iDxvpg6iumKxT2fqSTxGvw1D/mwf7 +Y7tjQLrsEQhTpf367L0ylWm1lea6YX6sU8VX2XQD6nwXS89FoGZfH1S6AbjIpDAI +99Oh6P/W2tO5BYzy6OZinauw0MQYLPbUZc5MlILiaMUpCnJtWDoZnaCof0Gj5kRE +TXN+5IQKDHLs207b6DDHxHh3W6r3mOAEfFT6grn7wzicZesNz6T2l5R3xY6tdabJ +6GnPk6w/5nBV+JrcwUJkPhQG2KgG8Lhjifj00BH6zQa2zcbOzxfVsWCZXLIzQwAR ++b50wdEZb7mr/Y0AFCvx15o+6Ge+99LjQYEnD8QaMMeCr0t4nPoBOUWjv34ITBcK +0/aVjfMwduBDFg+ZtSEJwP3vV8rPOFJy71qnaf4u74YXx+qXuJsrc8s5bIcfE1sV +oAb0yv71KrrzyLpvOoLxEwloQ0xRRTldNaATuPpkkTX6jlH9wgdDfPpIMysACSrE +EmtjEdT6hdUCggIAVR6o4/IpZ3mRE9lftDxan150v+IBuQlgsi0rTmqzIt5oza3M +utvIEHDVcqzzhNOIiaQRu0ZugPw70jmgD03U+QvkXQeg7eLzujC9v7E4L3WTrTTY +cef+NR+IHjAouNqrji5AxPPt42jtRUH6iIx87nVdPtgMNqKsChIHe/Ma2B+wOam1 +8kFT0L80pQdybHDQyRBP4p+rphGpTC2ns2NOrmYlgqbZHtRxnsDa0YFoyw71OnLw +KAUEpABb7AYk/qXkZFE1Hidew9N14ngF+3i9c0fj4Ko3k56dO57Yg9NbOCU55lu3 +2Ok1XHcPFFhSqi5vLVl91vcD2OSZiX4NrQOYys5YI/awOYxSJAD8ksMbmIMqgm1K +IkA5al0lt7w9WLicQlWuZVn/Bs66kgpevqxpue9KGG+8hhdz24OHEp1CEtQiRaTm +9OTTPkUbn22LgnfIMA3rpx8Lqv+ncIYnzWxyLH3NQdeQRYBmU6DUAT2oiXd0lBzm +2sJpbidUzNu4dMScjebbGihvPowMZSFpnOAFRnkC04FL5TAcukAQxa2MxHkLadfh +MfV9HTH80DtuHnx/aokX5GKcdXtmyjNVYsokp1HWYLKHV3OUrOKJ6oDw2XI9ySs1 +L3B+ucMsjqdJoGqns6fhYiVM4DbOJbP5clNtkoltp9jWxBRXhpjy8xkDkD0= +-----END RSA PRIVATE KEY----- diff --git a/.ssh/key.pub b/.ssh/key.pub new file mode 100644 index 0000000..08db9e3 --- /dev/null +++ b/.ssh/key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQCltvvRK+vZ1f4rzG5zuP8Ehod1ILAWXR8F5LulrRvz9oHcMlM/HKOk1u2EVJq7dPZeXbLbey9eWVDcg44a6Aoz74NQJAnxOXWM6glr/iZflshsPyI0fcIB3T5xDGao7IvuVXY1c7MvSvyEvEJYLkPXLSS7X7UwkDnXD1I5aE8/tNdfp8ATYbZHxOFDj5S1gJJIUpL76WCgh6PWGLIY5janTW/t46J4xr4MzG0C6t5KP0GePlRlvAZ2pfKL7DfmP63o4DvjQjjjPw2rEdZ3mvONUkgF8J+1OjpDseOP3K49aAFAdArS5r4WmET6j4B+7KVf9GJVCZWhFqNmVFSAELmHXJ5WOx/laUIearClE3RuqRVb7r7ioqGZAoWlu8509P2jjKL9kgVnZVPySCytiJ829Y/Ato+zPX2Kq8QF5yIB72XM9sSWfpliaKHGIqEvxBLb6bZ+xWiCeDDEaKCL8PPHDR9/oYBXz2T/6/7iQUKnAAXSoj6aSkgJafb5Ker1lAEXnQz102VUg4WB110ITkFss/1MxI13QdZDuRxJyzceKShbUOfds+b+IHc7tcqkzqLoaT4oPRDxS0gV96kGsqa1I4jzK/Xt81AGg2oNLeiMwOHR6zNZwynQNhednhe2MDEPwO6o//y6J5LDPFiqDLlAS8oq9tOvK2W2i1C6I0IUhqQYlWwxw+ktp5KrMpPQZtD/SODyX3UoM0xpQLY8MWmsRTPUGbfNkA7Mp7vg6Lrwso4Lrg8ZmshRzTRs+kYjMtY1e2f6hsN1RqByxCDMveKH/LObx7eicdt3H/9IwzmqeKGXovlPQwLwJ95Pjk2R7ID+KcCDnuPXEqdJYiz3kpnZ4OYrbesqFzWp3jUfwXjU5h9qdQrE1BldYjguwiH6KpoYE32/sZGE3v0EZwhCw0tllo2p1h4jxhUiKKdP0uO8U8OT0oj+7h6zFPDNRkF1oCtAX9A6JescdtjKoA8gPyRo5pODZj07GOWHJL6C/PXW2Z9U6n5ui7aUgJbnJaUTXh1f2ssQYWK9qLK+cfHTgJYdm7K87BuuVZnN/or3ilRKRlpvsihg/24HjuBhyqbq3ELvwb8hUF/nsvtL9L+Z2ah7WXUuzrR5V941sEWSI+dherV3PdzxXqMvHppV+b5gvirrunUi+KMcIy577ZEV4kJAnvBle5QQLnBfa1P4chK5BC39D7fwo0x2RA/P5JJU6y6s5U7Yk4pskDt/ZLSC2+kY2Xcu2PBEEEKmn6QUfakr6o3uXCNp+xzyhoTSf+KGTLMoaRdkpE/rgE1qxvy7EIWi43RB3mironKQqt15IMAsjPS4ypDNXjHwjDbUt/kYuaHLvHXlYidPCgtt0lpXgeC1 somesibleupdater.2017 diff --git a/THIS_IS_SUPPOSED_TO_BE_A_GIT_SUBMODULE b/THIS_IS_SUPPOSED_TO_BE_A_GIT_SUBMODULE new file mode 100644 index 0000000..6977219 --- /dev/null +++ b/THIS_IS_SUPPOSED_TO_BE_A_GIT_SUBMODULE @@ -0,0 +1,7 @@ +########################################## +# THIS IS SUPPOSED TO BE A GIT SUBMODULE # +########################################## + +But should work for localhost with: + +ansible-playbook site_base.yml diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..a860574 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,15 @@ +##################################### +### someone's ansible provisioner ### +##################################### +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# + +[defaults] +inventory = ./ansible.inventory +roles_path = ./roles +retry_files_enabled = False +display_skipped_hosts = False +retries = 1 +force_handlers = True +pipelining = True diff --git a/ansible.inventory b/ansible.inventory new file mode 120000 index 0000000..fb8fe9b --- /dev/null +++ b/ansible.inventory @@ -0,0 +1 @@ +../ansible.inventory \ No newline at end of file diff --git a/example.somesible.conf b/example.somesible.conf new file mode 100644 index 0000000..e881a88 --- /dev/null +++ b/example.somesible.conf @@ -0,0 +1,15 @@ +# +##################################### +### someone's ansible provisioner ### +##################################### +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# +# +# Config file. +# read from parent directory to "somesible" directory/git-submodule. +# +# Uncomment to change version-tag +# dont change unless you know what you do +#SOMESIBLE_VERSION="activeVersion" + diff --git a/group_files b/group_files new file mode 120000 index 0000000..6161096 --- /dev/null +++ b/group_files @@ -0,0 +1 @@ +../group_files \ No newline at end of file diff --git a/group_vars b/group_vars new file mode 120000 index 0000000..cc7e7a9 --- /dev/null +++ b/group_vars @@ -0,0 +1 @@ +../group_vars \ No newline at end of file diff --git a/host_files b/host_files new file mode 120000 index 0000000..7d7f21a --- /dev/null +++ b/host_files @@ -0,0 +1 @@ +../host_files \ No newline at end of file diff --git a/host_playbooks b/host_playbooks new file mode 120000 index 0000000..d39689d --- /dev/null +++ b/host_playbooks @@ -0,0 +1 @@ +../host_playbooks \ No newline at end of file diff --git a/host_vars b/host_vars new file mode 120000 index 0000000..e0ccba1 --- /dev/null +++ b/host_vars @@ -0,0 +1 @@ +../host_vars \ No newline at end of file diff --git a/run_somesible.sh b/run_somesible.sh new file mode 100755 index 0000000..ae7167a --- /dev/null +++ b/run_somesible.sh @@ -0,0 +1,86 @@ +#!/bin/bash +# +############################## +## somenet.org ansible tool ## +############################## +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# +# first-run-pre-requirements: +## git.somenet.org access to somesible repo. +### (presumably: /root/pub/somesible) +# +# does: +## get paths +## update somesible directory/git-submodule (clone and call update.sh) +## rsync over diversions +## cleanup +## run ansible process +# + +SOMESIBLE_OLDPWD=$(pwd) +SOMESIBLE_PWD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +cd $SOMESIBLE_PWD + +if [ -e "update_somesible.sh" ]; then + echo "*** ERROR (run_somesible.sh): this is not supposed to be run inside the somesible git repo. abort." + exit 1 +fi + +# (try to) read config in parent dir. +if [ -e "somesible.conf" ]; then + . "somesible.conf" +fi + + +# delete old lock-file, if too old, allowing to run the update. +find "/tmp/run_somesible_${USER}.sh.lock" -mmin +60 -delete >/dev/null 2>&1 +if [ -e "/tmp/run_somesible_${USER}.sh.lock" ]; then + echo "*** EARLY EXIT: /tmp/run_somesible_${USER}.sh.lock is too new" + echo 'maybe need to: rm -f "/tmp/run_somesible_${USER}.sh.lock"' + exit 0 +fi + +################################### +# update or clone and reset repos # +################################### +git config fetch.recurseSubmodules false + +if [ ! -e "$SOMESIBLE_PWD/somesible/.git" ]; then + echo "*** WARN (run_somesible.sh): somesible git repo not found. cloning..." + git clone git@git.somenet.org:/root/pub/somesible somesible +fi + +cd $SOMESIBLE_PWD/somesible || { echo "*** ERROR (run_somesible.sh): Tried to get a clone of somesible, but it still does not exist. Aborting. ***"; exit 1;} +# allow to skip updating. +if [ -z "$SOMESIBLE_SKIP_UPDATE" ]; then + #(nohup sh ./update_somesible.sh >/dev/null 2>&1) + sh ./update_somesible.sh + + rsync -qclDP "${SOMESIBLE_PWD}/somesible/run_somesible.sh" "${SOMESIBLE_PWD}/" +fi +cd $SOMESIBLE_PWD + + +######################### +# rsync over diversions # +######################### +mkdir -p "${SOMESIBLE_PWD}/override/" +rsync -qcrlDP "${SOMESIBLE_PWD}/override/" "${SOMESIBLE_PWD}/somesible/" + + +############### +# run ansible # +############### +cd $SOMESIBLE_PWD/somesible + +# currently its not possible to have conditional playbook includes. +# hack them in... +if [ -e "${SOMESIBLE_PWD}/site.yml" ]; then + ansible-playbook site_parent.yml -l managed "$@" +else + ansible-playbook site_base.yml -l managed "$@" +fi + +# release lock +rm -f "/tmp/run_somesible_${USER}.sh.lock" diff --git a/site_base.yml b/site_base.yml new file mode 100644 index 0000000..4e3bb0c --- /dev/null +++ b/site_base.yml @@ -0,0 +1,39 @@ +##################################### +### someone's ansible provisioner ### +##################################### +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# +# +# Playbook for provisioning the base-meta-role for all hosts. Also a reference of our vars. +# +# This playbook will be executed always: This is a speed optimization. +# Host-specific playbooks are meant to extend the base. +# +--- +# TODO: WakeOnLan and wait for the boxes to become ready and continue playbook +#- hosts: all +# gather_facts: no +# tasks: +# - name: Send magic Wake-On-Lan packet to turn on individual systems +# wakeonlan: +# mac: "{{wol_mac}}" +# delegate_to: localhost +# - when: wol mac, wolip set +# +# - name: Wait for system to become reachable +# wait_for_connection: +# - timeout: 600 +# - test only 5 sec +# + +- hosts: all + become: true +# set in inventory file for now. +# vars: +# # Intended to only be overridden in the commandline, for self-healing - ignore, if we are down. +# - ignore_online_errors: False + roles: + - { role: custom-command, tags: 'cc', when: 'cc is defined' } + - { role: cleanup, tags: ['cleanup'], when: 'not cc is defined and cleanup_level|int > 0' } + - { role: base, tags: ['base'], when: 'not cc is defined' } diff --git a/site_parent.yml b/site_parent.yml new file mode 100644 index 0000000..33a19d9 --- /dev/null +++ b/site_parent.yml @@ -0,0 +1,16 @@ +##################################### +### someone's ansible provisioner ### +##################################### +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# +# +# This playbook is used, if there is a site.yml in the parent dir/repo. +# +# Includes the "base" playbook to optimize the execution speed. +# +--- +- import_playbook: site_base.yml + +- import_playbook: ../site.yml + when: 'inventory_hostname != "localhost" and not cc is defined' diff --git a/update_somesible.sh b/update_somesible.sh new file mode 100755 index 0000000..37674d6 --- /dev/null +++ b/update_somesible.sh @@ -0,0 +1,101 @@ +#!/bin/sh +# +############################## +## somenet.org ansible tool ## +############################## +# Part of: https://git.somenet.org/root/pub/somesible.git +# 2017-2024 by someone +# +# update git repository +# +# This is always run inside the somesible repo only. +# + +# .git may be a file, if checked out as submodule. +if [ ! -e ".git" ]; then + echo "*** ERROR (update_somesible.sh): this is not a git repo. abort." + exit 1 +fi + +SOMESIBLE_GIT_REV_START="$(git --git-dir ./.git --no-pager log --pretty=format:'%h' -n 1 HEAD --)" + +echo "***" +echo "*** DEBUG (update.sh) start: [${SOMESIBLE_GIT_REV_START}] $(date -Isec)" +echo "***" + +# (try to) read config in parent dir. +if [ -e "../somesible.conf" ]; then + . "../somesible.conf" +fi +if [ -z "$SOMESIBLE_VERSION" ]; then + SOMESIBLE_VERSION="tags/activeVersion" +else + echo "***********************************************************" + echo "*** WARNING (update_somesible.sh): using non-default version: ${SOMESIBLE_VERSION} ***" + echo "***********************************************************" + echo "***" +fi + + +################################ +# update self (somesible repo) # +################################ +chmod -R u=rwX,go-rwx "./" +chmod u+x *.sh + +git config protocol.ext.allow always +git config remote.origin.url "ext::ssh -F ./.ssh/config git.somenet.org %S /root/pub/somesible" +git config remote.update.url 'git@git.somenet.org:/root/pub/somesible' +git config fetch.prune true + +git ls-remote --exit-code -t origin > /dev/null 2>&1 +USERCONFIG_OFFLINE=$? +if [ $USERCONFIG_OFFLINE -ne 0 ]; then + echo "****************************************************************************" + echo "*** INFO (update.sh): git repo unreachable. Offline? - Retry in 120 sec. ***" + echo "****************************************************************************" + echo "***" + sleep 120 + git ls-remote --exit-code -t origin > /dev/null 2>&1 + USERCONFIG_OFFLINE=$? +fi + +if [ $USERCONFIG_OFFLINE -ne 0 ]; then + echo "***************************************************************************" + echo "*** WARNING (update.sh): git repo unreachable. Offline? - Retry failed. ***" + echo "***************************************************************************" + echo "***" +else + git tag | xargs -n1 git tag -d + git fetch origin --tags +fi +unset USERCONFIG_OFFLINE + +git checkout -f "master" +git reset --hard "$SOMESIBLE_VERSION" -- +if [ $? -ne 0 ]; then + echo "******************************************************************" + echo "*** WARNING (update_somesible.sh): invalid SOMESIBLE_VERSION? ***" + echo "******************************************************************" + echo "***" + git reset --hard "tags/activeVersion" -- +fi + +# one --force is not enought! +git clean -ffdx +git gc --prune=all + +# Do this twice to be sure. +chmod -R u=rwX,go-rwx "./" +chmod u+x *.sh + + +echo "***" +echo "*** DONE (update_somesible.sh) [${SOMESIBLE_GIT_REV_START}] -> [$(git --git-dir ./.git --no-pager log --pretty=format:'%h' -n 1 HEAD --)] $(date -Isec)" +echo "***" + +########### +# cleanup # +########### +unset SOMESIBLE_VERSION +unset SOMESIBLE_GIT_REV_START -- 2.43.0