il/ilnmors-homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(roles): update binary application installation flow

Browse Source 
update notes:
- keep set_cli_tools responsible only for console CLI tools
- download and install kopia from the kopia role
- download and install blocky from the blocky role
- download and install alloy from the alloy role
- reduce console artifact staging for service binaries
This commit is contained in:
Il Lee
2026-05-09 10:26:07 +09:00
parent a05951f883
commit f820e89cf6
5 changed files with 82 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ansible/playbooks/console/site.yaml
+8
View File
@@ -122,3 +122,11 @@
apply: apply:
tags: ["init", "site", "tools"] tags: ["init", "site", "tools"]
tags: ["init", "site", "tools"] tags: ["init", "site", "tools"]
- name: Set kopia
ansible.builtin.include_role:
name: "common"
tasks_from: "services/set_kopia"
apply:
tags: ["init", "site", "kopia"]
tags: ["init", "site", "kopia"]
ansible/roles/common/tasks/services/set_alloy.yaml
+9 -6
View File
@@ -5,9 +5,10 @@
- hardware - hardware
become: true become: true
- name: Deploy alloy deb file (x86_64) - name: Download alloy deb file (x86_64)
ansible.builtin.copy: ansible.builtin.get_url:
src: "{{ hostvars['console']['node']['data_path'] }}/bin/alloy-{{ version['packages']['alloy'] }}-amd64.deb" url: "https://github.com/grafana/alloy/releases/download/v{{ version['packages']['alloy'] }}/\
alloy-{{ version['packages']['alloy'] }}-1.amd64.deb"
dest: "/var/cache/apt/archives/alloy-{{ version['packages']['alloy'] }}.deb" dest: "/var/cache/apt/archives/alloy-{{ version['packages']['alloy'] }}.deb"
owner: "root" owner: "root"
group: "root" group: "root"
@@ -15,9 +16,10 @@
become: true become: true
when: ansible_facts['architecture'] == "x86_64" when: ansible_facts['architecture'] == "x86_64"
- name: Deploy alloy deb file (aarch64) - name: Download alloy deb file (aarch64)
ansible.builtin.copy: ansible.builtin.get_url:
src: "{{ hostvars['console']['node']['data_path'] }}/bin/alloy-{{ version['packages']['alloy'] }}-arm64.deb" url: "https://github.com/grafana/alloy/releases/download/v{{ version['packages']['alloy'] }}/\
alloy-{{ version['packages']['alloy'] }}-1.arm64.deb"
dest: "/var/cache/apt/archives/alloy-{{ version['packages']['alloy'] }}.deb" dest: "/var/cache/apt/archives/alloy-{{ version['packages']['alloy'] }}.deb"
owner: "root" owner: "root"
group: "root" group: "root"
@@ -30,6 +32,7 @@
deb: "/var/cache/apt/archives/alloy-{{ version['packages']['alloy'] }}.deb" deb: "/var/cache/apt/archives/alloy-{{ version['packages']['alloy'] }}.deb"
state: "present" state: "present"
become: true become: true
notify: "notification_restart_alloy"
- name: Deploy alloy config - name: Deploy alloy config
ansible.builtin.template: ansible.builtin.template:
ansible/roles/common/tasks/services/set_kopia.yaml
+36 -24
View File
@@ -5,34 +5,36 @@
- hardware - hardware
become: true become: true
- name: Check kopia installation
ansible.builtin.shell: |
command -v kopia
changed_when: false
failed_when: false
register: "is_kopia_installed"
ignore_errors: true
- name: Set console kopia - name: Set console kopia
when: node['name'] == 'console' when: node['name'] == 'console'
block: block:
- name: Apply cli tools (x86_64) - name: Download kopia
ansible.builtin.get_url:
url: "https://github.com/kopia/kopia/releases/download/v{{ version['packages']['kopia'] }}/\
kopia_{{ version['packages']['kopia'] }}_linux_{{ item }}.deb"
dest: "{{ node['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-{{ item }}.deb"
owner: "{{ ansible_user }}"
group: "svadmins"
mode: "0600"
loop:
- "amd64"
- "arm64"
- name: Install kopia (x86_64)
ansible.builtin.apt: ansible.builtin.apt:
deb: "{{ node['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-amd64.deb" deb: "{{ node['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-amd64.deb"
state: "present" state: "present"
become: true become: true
when: when: ansible_facts['architecture'] == "x86_64"
- ansible_facts['architecture'] == "x86_64"
- is_kopia_installed.rc != 0 - name: Install kopia (aarch64)
- name: Apply cli tools (aarch64)
ansible.builtin.apt: ansible.builtin.apt:
deb: "{{ node['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-arm64.deb" deb: "{{ node['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-arm64.deb"
state: "present" state: "present"
become: true become: true
when: when: ansible_facts['architecture'] == "aarch64"
- ansible_facts['architecture'] == "aarch64"
- is_kopia_installed.rc != 0 - name: Connect console kopia server
- name: Connect kopia server
environment: environment:
KOPIA_PASSWORD: "{{ hostvars['console']['kopia']['user']['console'] }}" KOPIA_PASSWORD: "{{ hostvars['console']['kopia']['user']['console'] }}"
ansible.builtin.shell: | ansible.builtin.shell: |
@@ -51,30 +53,36 @@
- name: Set kopia uid - name: Set kopia uid
ansible.builtin.set_fact: ansible.builtin.set_fact:
kopia_uid: 951 kopia_uid: 951
- name: Deploy kopia deb file (x86_64)
ansible.builtin.copy: - name: Download kopia deb file (x86_64)
src: "{{ hostvars['console']['node']['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-amd64.deb" ansible.builtin.get_url:
url: "https://github.com/kopia/kopia/releases/download/v{{ version['packages']['kopia'] }}/\
kopia_{{ version['packages']['kopia'] }}_linux_amd64.deb"
dest: "/var/cache/apt/archives/kopia-{{ version['packages']['kopia'] }}.deb" dest: "/var/cache/apt/archives/kopia-{{ version['packages']['kopia'] }}.deb"
owner: "root" owner: "root"
group: "root" group: "root"
mode: "0644" mode: "0644"
become: true become: true
when: ansible_facts['architecture'] == "x86_64" when: ansible_facts['architecture'] == "x86_64"
- name: Deploy kopia deb file (aarch64)
ansible.builtin.copy: - name: Download kopia deb file (aarch64)
src: "{{ hostvars['console']['node']['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-arm64.deb" ansible.builtin.get_url:
url: "https://github.com/kopia/kopia/releases/download/v{{ version['packages']['kopia'] }}/\
kopia_{{ version['packages']['kopia'] }}_linux_arm64.deb"
dest: "/var/cache/apt/archives/kopia-{{ version['packages']['kopia'] }}.deb" dest: "/var/cache/apt/archives/kopia-{{ version['packages']['kopia'] }}.deb"
owner: "root" owner: "root"
group: "root" group: "root"
mode: "0644" mode: "0644"
become: true become: true
when: ansible_facts['architecture'] == "aarch64" when: ansible_facts['architecture'] == "aarch64"
- name: Create kopia group - name: Create kopia group
ansible.builtin.group: ansible.builtin.group:
name: "kopia" name: "kopia"
gid: "{{ kopia_uid }}" gid: "{{ kopia_uid }}"
state: "present" state: "present"
become: true become: true
- name: Create kopia user - name: Create kopia user
ansible.builtin.user: ansible.builtin.user:
name: "kopia" name: "kopia"
@@ -85,6 +93,7 @@
comment: "Kopia backup User" comment: "Kopia backup User"
state: "present" state: "present"
become: true become: true
- name: Create kopia directory - name: Create kopia directory
ansible.builtin.file: ansible.builtin.file:
path: "{{ item.name }}" path: "{{ item.name }}"
@@ -101,12 +110,13 @@
mode: "0700" mode: "0700"
become: true become: true
no_log: true no_log: true
- name: Install kopia - name: Install kopia
ansible.builtin.apt: ansible.builtin.apt:
deb: "/var/cache/apt/archives/kopia-{{ version['packages']['kopia'] }}.deb" deb: "/var/cache/apt/archives/kopia-{{ version['packages']['kopia'] }}.deb"
state: "present" state: "present"
become: true become: true
when: is_kopia_installed.rc != 0
- name: Deploy kopia env - name: Deploy kopia env
ansible.builtin.template: ansible.builtin.template:
src: "{{ hostvars['console']['node']['config_path'] }}/services/systemd/common/kopia/kopia.env.j2" src: "{{ hostvars['console']['node']['config_path'] }}/services/systemd/common/kopia/kopia.env.j2"
@@ -116,6 +126,7 @@
mode: "0400" mode: "0400"
become: true become: true
no_log: true no_log: true
- name: Deploy kopia service files - name: Deploy kopia service files
ansible.builtin.template: ansible.builtin.template:
src: "{{ hostvars['console']['node']['config_path'] }}/services/systemd/common/kopia/{{ item }}.j2" src: "{{ hostvars['console']['node']['config_path'] }}/services/systemd/common/kopia/{{ item }}.j2"
@@ -128,6 +139,7 @@
- "kopia-backup.service" - "kopia-backup.service"
- "kopia-backup.timer" - "kopia-backup.timer"
become: true become: true
- name: Enable auto kopia rules update - name: Enable auto kopia rules update
ansible.builtin.systemd: ansible.builtin.systemd:
name: "kopia-backup.timer" name: "kopia-backup.timer"
ansible/roles/console/tasks/services/set_cli_tools.yaml
-38
View File
@@ -49,42 +49,6 @@
- "amd64" - "amd64"
- "arm64" - "arm64"
- name: Download kopia
ansible.builtin.get_url:
url: "https://github.com/kopia/kopia/releases/download/v{{ version['packages']['kopia'] }}/\
kopia_{{ version['packages']['kopia'] }}_linux_{{ item }}.deb"
dest: "{{ node['data_path'] }}/bin/kopia-{{ version['packages']['kopia'] }}-{{ item }}.deb"
owner: "{{ ansible_user }}"
group: "svadmins"
mode: "0600"
loop:
- "amd64"
- "arm64"
- name: Download blocky
ansible.builtin.get_url:
url: "https://github.com/0xERR0R/blocky/releases/download/v{{ version['packages']['blocky'] }}/\
blocky_v{{ version['packages']['blocky'] }}_Linux_{{ item }}.tar.gz"
dest: "{{ node['data_path'] }}/bin/blocky-{{ version['packages']['blocky'] }}-{{ item }}.tar.gz"
owner: "{{ ansible_user }}"
group: "svadmins"
mode: "0600"
loop:
- "x86_64"
- "arm64"
- name: Download alloy
ansible.builtin.get_url:
url: "https://github.com/grafana/alloy/releases/download/v{{ version['packages']['alloy'] }}/\
alloy-{{ version['packages']['alloy'] }}-1.{{ item }}.deb"
dest: "{{ node['data_path'] }}/bin/alloy-{{ version['packages']['alloy'] }}-{{ item }}.deb"
owner: "{{ ansible_user }}"
group: "svadmins"
mode: "0600"
loop:
- "amd64"
- "arm64"
- name: Apply cli tools (x86_64) - name: Apply cli tools (x86_64)
ansible.builtin.apt: ansible.builtin.apt:
deb: "{{ node['data_path'] }}/bin/{{ item }}" deb: "{{ node['data_path'] }}/bin/{{ item }}"
@@ -92,7 +56,6 @@
loop: loop:
- "sops-{{ version['packages']['sops'] }}-amd64.deb" - "sops-{{ version['packages']['sops'] }}-amd64.deb"
- "step-{{ version['packages']['step'] }}-amd64.deb" - "step-{{ version['packages']['step'] }}-amd64.deb"
- "kopia-{{ version['packages']['kopia'] }}-amd64.deb"
become: true become: true
when: ansible_facts['architecture'] == "x86_64" when: ansible_facts['architecture'] == "x86_64"
@@ -103,6 +66,5 @@
loop: loop:
- "sops-{{ version['packages']['sops'] }}-arm64.deb" - "sops-{{ version['packages']['sops'] }}-arm64.deb"
- "step-{{ version['packages']['step'] }}-arm64.deb" - "step-{{ version['packages']['step'] }}-arm64.deb"
- "kopia-{{ version['packages']['kopia'] }}-arm64.deb"
become: true become: true
when: ansible_facts['architecture'] == "aarch64" when: ansible_facts['architecture'] == "aarch64"
ansible/roles/fw/tasks/services/set_blocky.yaml
+29 -3
View File
@@ -23,7 +23,7 @@
state: "present" state: "present"
become: true become: true
- name: Create blocky etc directory - name: Create blocky directory
ansible.builtin.file: ansible.builtin.file:
path: "{{ item }}" path: "{{ item }}"
owner: "blocky" owner: "blocky"
@@ -31,13 +31,38 @@
mode: "0750" mode: "0750"
state: "directory" state: "directory"
loop: loop:
- "/home/blocky"
- "/home/blocky/bin"
- "/etc/blocky" - "/etc/blocky"
- "/etc/blocky/ssl" - "/etc/blocky/ssl"
become: true become: true
- name: Download blocky (x86_64)
ansible.builtin.get_url:
url: "https://github.com/0xERR0R/blocky/releases/download/v{{ version['packages']['blocky'] }}/\
blocky_v{{ version['packages']['blocky'] }}_Linux_x86_64.tar.gz"
dest: "/home/blocky/bin/blocky-{{ version['packages']['blocky'] }}-x86_64.tar.gz"
owner: "blocky"
group: "blocky"
mode: "0600"
become: true
when: ansible_facts['architecture'] == "x86_64"
- name: Download blocky (aarch64)
ansible.builtin.get_url:
url: "https://github.com/0xERR0R/blocky/releases/download/v{{ version['packages']['blocky'] }}/\
blocky_v{{ version['packages']['blocky'] }}_Linux_arm64.tar.gz"
dest: "/home/blocky/bin/blocky-{{ version['packages']['blocky'] }}-arm64.tar.gz"
owner: "blocky"
group: "blocky"
mode: "0600"
become: true
when: ansible_facts['architecture'] == "aarch64"
- name: Deploy blocky binary file (x86_64) - name: Deploy blocky binary file (x86_64)
ansible.builtin.unarchive: ansible.builtin.unarchive:
src: "{{ hostvars['console']['node']['data_path'] }}/bin/blocky-{{ version['packages']['blocky'] }}-x86_64.tar.gz" src: "/home/blocky/bin/blocky-{{ version['packages']['blocky'] }}-x86_64.tar.gz"
remote_src: true
dest: "/usr/local/bin/" dest: "/usr/local/bin/"
owner: "root" owner: "root"
group: "root" group: "root"
@@ -52,7 +77,8 @@
- name: Deploy blocky binary file (aarch64) - name: Deploy blocky binary file (aarch64)
ansible.builtin.unarchive: ansible.builtin.unarchive:
src: "{{ hostvars['console']['node']['data_path'] }}/bin/blocky-{{ version['packages']['blocky'] }}-arm64.tar.gz" src: "/home/blocky/bin/blocky-{{ version['packages']['blocky'] }}-arm64.tar.gz"
remote_src: true
dest: "/usr/local/bin/" dest: "/usr/local/bin/"
owner: "root" owner: "root"
group: "root" group: "root"