131 lines
5.3 KiB
YAML
131 lines
5.3 KiB
YAML
|
---
|
||
|
- name: Prepare System
|
||
|
hosts: kubernetes
|
||
|
become: true
|
||
|
gather_facts: true
|
||
|
any_errors_fatal: true
|
||
|
pre_tasks:
|
||
|
- name: Pausing for 2 seconds...
|
||
|
ansible.builtin.pause:
|
||
|
seconds: 2
|
||
|
tasks:
|
||
|
- name: Locale
|
||
|
block:
|
||
|
- name: Locale | Set timezone
|
||
|
community.general.timezone:
|
||
|
name: "{{ timezone | default('Etc/UTC') }}"
|
||
|
|
||
|
- name: Packages
|
||
|
block:
|
||
|
- name: Packages | Add non-free repository
|
||
|
ansible.builtin.apt_repository:
|
||
|
repo: deb http://deb.debian.org/debian/ stable main contrib non-free
|
||
|
filename: non-free
|
||
|
update_cache: true
|
||
|
- name: Packages | Install Intel common packages
|
||
|
when: inventory_hostname == 'orome'
|
||
|
ansible.builtin.apt:
|
||
|
name: vim,i965-va-driver-shaders,apt-transport-https,ca-certificates,conntrack,curl,dirmngr,gdisk,
|
||
|
gnupg,hdparm,htop,btop,intel-gpu-tools,intel-media-va-driver-non-free,iperf3,iptables,iputils-ping,ipvsadm,
|
||
|
libseccomp2,lm-sensors,neofetch,net-tools,nfs-common,nvme-cli,open-iscsi,parted,psmisc,python3,
|
||
|
python3-apt,python3-openshift,python3-kubernetes,python3-yaml,smartmontools,socat,software-properties-common,
|
||
|
unzip,util-linux
|
||
|
install_recommends: false
|
||
|
- name: Packages | Install AMD common packages
|
||
|
when: inventory_hostname != 'orome'
|
||
|
ansible.builtin.apt:
|
||
|
name: vim,apt-transport-https,ca-certificates,conntrack,curl,dirmngr,gdisk,
|
||
|
gnupg,hdparm,htop,btop,iperf3,iptables,iputils-ping,ipvsadm,
|
||
|
libseccomp2,lm-sensors,neofetch,net-tools,nfs-common,nvme-cli,open-iscsi,parted,psmisc,python3,
|
||
|
python3-apt,python3-openshift,python3-kubernetes,python3-yaml,smartmontools,socat,software-properties-common,
|
||
|
unzip,util-linux
|
||
|
install_recommends: false
|
||
|
|
||
|
|
||
|
- name: Fish
|
||
|
block:
|
||
|
- name: Fish | Add fish apt key
|
||
|
ansible.builtin.get_url:
|
||
|
url: https://download.opensuse.org/repositories/shells:fish:release:3/Debian_12/Release.key
|
||
|
dest: /etc/apt/trusted.gpg.d/fish.asc
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: "0644"
|
||
|
- name: Fish | Add fish repository
|
||
|
ansible.builtin.apt_repository:
|
||
|
repo: deb [signed-by=/etc/apt/trusted.gpg.d/fish.asc] http://download.opensuse.org/repositories/shells:/fish:/release:/3/Debian_12/ /
|
||
|
filename: fish
|
||
|
update_cache: true
|
||
|
- name: Fish | Install fish
|
||
|
ansible.builtin.apt:
|
||
|
name: fish
|
||
|
install_recommends: false
|
||
|
- name: Fish | Set as default shell
|
||
|
ansible.builtin.user:
|
||
|
name: "{{ ansible_user }}"
|
||
|
shell: /usr/bin/fish
|
||
|
- name: Fish | Create configuration directory
|
||
|
ansible.builtin.file:
|
||
|
path: "{{ '/home/' + ansible_user if ansible_user != 'root' else '/root' }}/.config/fish/functions"
|
||
|
state: directory
|
||
|
owner: "{{ ansible_user }}"
|
||
|
group: "{{ ansible_user }}"
|
||
|
recurse: true
|
||
|
- name: Fish | Create neofetch greeting
|
||
|
ansible.builtin.copy:
|
||
|
dest: "{{ '/home/' + ansible_user if ansible_user != 'root' else '/root' }}/.config/fish/functions/fish_greeting.fish"
|
||
|
owner: "{{ ansible_user }}"
|
||
|
group: "{{ ansible_user }}"
|
||
|
mode: "0755"
|
||
|
content: neofetch --config none
|
||
|
- name: Fish | Create kubectl shorthand
|
||
|
ansible.builtin.copy:
|
||
|
dest: "{{ '/home/' + ansible_user if ansible_user != 'root' else '/root' }}/.config/fish/functions/k.fish"
|
||
|
owner: "{{ ansible_user }}"
|
||
|
group: "{{ ansible_user }}"
|
||
|
mode: "0755"
|
||
|
content: |
|
||
|
function k --wraps=kubectl --description 'kubectl shorthand'
|
||
|
kubectl $argv
|
||
|
end
|
||
|
|
||
|
- name: System Configuration
|
||
|
notify: Reboot
|
||
|
block:
|
||
|
- name: System Configuration | Disable swap
|
||
|
ansible.posix.mount:
|
||
|
name: "{{ item }}"
|
||
|
fstype: swap
|
||
|
state: absent
|
||
|
loop: ["none", "swap"]
|
||
|
- name: System Configuration | Create Kernel modules
|
||
|
ansible.builtin.copy:
|
||
|
dest: "/etc/modules-load.d/{{ item }}.conf"
|
||
|
mode: "0644"
|
||
|
content: "{{ item }}"
|
||
|
loop: ["br_netfilter", "ceph", "ip_vs", "ip_vs_rr", "nbd", "overlay", "rbd", "tcp_bbr"]
|
||
|
register: modules_status
|
||
|
- name: System Configuration | Reload Kernel modules # noqa: no-changed-when no-handler
|
||
|
when: modules_status.changed
|
||
|
ansible.builtin.systemd:
|
||
|
name: systemd-modules-load
|
||
|
state: restarted
|
||
|
- name: System Configuration | Sysctl
|
||
|
ansible.posix.sysctl:
|
||
|
name: "{{ item.key }}"
|
||
|
value: "{{ item.value }}"
|
||
|
sysctl_file: /etc/sysctl.d/99-kubernetes.conf
|
||
|
reload: true
|
||
|
with_dict: "{{ sysctl_config }}"
|
||
|
vars:
|
||
|
sysctl_config:
|
||
|
fs.inotify.max_queued_events: 65536
|
||
|
fs.inotify.max_user_watches: 524288
|
||
|
fs.inotify.max_user_instances: 8192
|
||
|
|
||
|
handlers:
|
||
|
- name: Reboot
|
||
|
ansible.builtin.reboot:
|
||
|
msg: Rebooting nodes
|
||
|
reboot_timeout: 3600
|