-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathsite.yml
254 lines (232 loc) · 6.18 KB
/
site.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
---
- name: ensure connectivity to all nodes
hosts: all:!vyatta-*
gather_facts: false
pre_tasks:
- name: make sure python is installed
raw: test -e /usr/bin/python || (apt -y update && apt install -y python)
changed_when: false
tasks:
- name: ping all hosts
action: ping
tags: ['ping']
- name: ansible setup
action: setup
tags: ['ping']
any_errors_fatal: true
max_fail_percentage: 0
- name: sitecontroller base
hosts: all:!vyatta-*
roles:
- role: _cuttle
tags: ['sc', 'cuttle']
environment: "{{ env_vars|default({}) }}"
tags: ['always']
any_errors_fatal: true
- name: common items
hosts: all:!vyatta-*
roles:
- role: common
tags: ['common']
- role: manage-disks
tags: ['manage-disks']
when: manage_disks.enabled|default("False")|bool
- role: dnsmasq
tags: ['dnsmasq']
when: dnsmasq.enabled|default("False")|bool
- role: sensu/client
tags: ['sensu-client']
when: sensu.client.enabled|default("True")|bool
- role: logging
tags: ['logging']
when: logging.enabled|default("True")|bool
- role: collectd
tags: ['collectd']
when: collectd.enabled|default("False")|bool
- role: docker
tags: ['docker']
when: docker.enabled|default("False")|bool
- role: netdata
tags: ['netdata']
when: netdata.enabled|default("False")|bool
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: bastion server
hosts: bastion
serial: 1
roles:
- role: ttyspy/ttyspy-client
tags: ['ttyspy-client', 'ttyspy']
when: ttyspy.client.enabled|default("False")|bool
- role: sshagentmux
tags: ['sshagentmux']
when: sshagentmux.enabled|default("False")|bool
- role: bastion
tags: ['bastion-role','bastion']
# - role: support-tools
# tags: ['support-tools']
# when: support_tools.enabled|default("False")|bool
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: ttyspy server
hosts: ttyspy-server
roles:
- role: ttyspy/ttyspy-server
tags: ['ttyspy-server', 'ttyspy']
when: ttyspy.server.enabled|default("False")|bool
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: ipsec
hosts: ipsec
roles:
- role: ipsec
tags: ['ipsec']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: squid server
hosts: squid
roles:
- role: squid
tags: ['squid']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: netdata dashboard
hosts: netdata_dashboard:netdata-dashboard
roles:
- role: netdata-dashboard
tags: ['netdata-dashboard','netdata_dashboard']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: mirror server
hosts: mirror
roles:
- role: apt-mirror
tags: ['apt-mirror', 'debmirror']
when: apt_mirror.enabled|default('True')|bool
- role: pypi-mirror
tags: ['pypi-mirror']
when: pypi_mirror.enabled|default('True')|bool
- role: gem-mirror
tags: ['gem-mirror']
when: gem_mirror.enabled|default('True')|bool
- role: file-mirror
tags: ['file-mirror']
when: file_mirror.enabled|default('True')|bool
- role: yum_mirror
tags: ['yum-mirror']
when: yum_mirror.enabled|default('True')|bool
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: elasticsearch
hosts: elk:elasticsearch
roles:
- role: elk/elasticsearch
tags: ['elasticsearch']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: logstash
hosts: elk:logstash
roles:
- role: elk/logstash
tags: ['logstash']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: kibana
hosts: elk:kibana
roles:
- role: elk/kibana
tags: ['kibana']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: rally benchmark host
hosts: rally
roles:
- rally
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: percona server
hosts: percona
roles:
- role: percona
tags: ['percona']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: monitor server
hosts: monitor
roles:
- role: rabbitmq
tags: ['rabbitmq']
- role: sensu/server
tags: ['sensu-server']
when: sensu.server.enabled|default("True")|bool
- role: graphite
tags: ['graphite']
when: graphite.enabled|default("True")|bool
- role: grafana
tags: ['grafana']
when: grafana.enabled|default("True")|bool
- role: flapjack
tags: ['flapjack']
when: flapjack.enabled|default("False")|bool
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: pxe server
hosts: pxe
roles:
- role: pxe
tags: ['pxe']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: consul
hosts: consul
roles:
- role: consul
tags: ['consul']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: vault
hosts: vault
roles:
- role: vault
tags: ['vault']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: control-dashboard
hosts: control-dashboard:control_dashboard
roles:
- role: control-dashboard
tags: ['control-dashboard', 'control_dashboard']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: netman server
hosts: netman
roles:
- role: harden
tags: ['harden']
- role: postfix-simple
tags: ['postfix-simple']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: ipmi proxy server
hosts: ipmi-proxy
roles:
- role: ipmi-proxy
tags: ['ipmi-proxy']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: boxpanel worker queue
hosts: bpw-queue
serial: 1
roles:
- role: rabbitmq
tags: ['rabbitmq']
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true
- name: security
hosts: all:!vyatta-*
roles:
- role: security
tags: ['security', 'always']
when: security.enabled|default('true')|bool
environment: "{{ env_vars|default({}) }}"
any_errors_fatal: true