You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
108 lines
3.3 KiB
YAML
108 lines
3.3 KiB
YAML
---
|
|
- name: Install a package cache.
|
|
# TODO REM this should be all, come up with a solution.
|
|
hosts: all
|
|
|
|
vars:
|
|
install_docker: false
|
|
# For arch distros just run `pacman-mirrors --fasttrack` to grab the fastest
|
|
# repos in your country.
|
|
repos:
|
|
- name: gigenet
|
|
url: mirrors.gigenet.com
|
|
port: 443
|
|
- name: ialab
|
|
url: repo.ialab.dsu.edu
|
|
port: 443
|
|
- name: princeton
|
|
url: mirror.math.princeton.edu
|
|
port: 443
|
|
# TODO remove this if unused.
|
|
# This object represents the uid/gid for the haproxy user/group in the
|
|
# haproxy container.
|
|
haproxy_user:
|
|
# uid: 1003
|
|
# gid: 1007
|
|
uid: &haproxy_uid 99
|
|
gid: &haproxy_gid 99
|
|
persistent_data_directory: /media1/srv/pkg-cache
|
|
host_cert_file: "{{ persistent_data_directory }}/{{ cert_name }}"
|
|
host_config_file: "{{ persistent_data_directory }}/nuster.cfg"
|
|
host_mirrorlist_file: "{{ persistent_data_directory }}/mirrorlist"
|
|
local_mirrorlist_file: ~/dev/pkg-cache-ansible/mirrorlist
|
|
permissions: &persistent_data_permissions
|
|
# owner: gert
|
|
# group: gert
|
|
owner: *haproxy_uid
|
|
group: *haproxy_gid
|
|
mode: '0640'
|
|
cert_name: pkg-cache-shnee-net-key-cert.pem
|
|
container_cert_file: "/etc/ssl/certs/{{ cert_name }}"
|
|
vars_files: ./certs.yml
|
|
|
|
tasks:
|
|
|
|
- name: Install docker.
|
|
ansible.builtin.include_role:
|
|
name: install_docker
|
|
when: install_docker
|
|
|
|
- name: Create hosts directory for data.
|
|
ansible.builtin.file:
|
|
path: "{{ persistent_data_directory }}"
|
|
state: directory
|
|
<<: *persistent_data_permissions
|
|
mode: '0750'
|
|
become: true
|
|
|
|
- name: Create nuster config file.
|
|
ansible.builtin.template:
|
|
src: templates/nuster.cfg.j2
|
|
dest: "{{ host_config_file }}"
|
|
<<: *persistent_data_permissions
|
|
become: true
|
|
|
|
# This is an example mirrorlist to used with this package cache.
|
|
- name: Create the mirrorlist example.
|
|
ansible.builtin.template:
|
|
src: templates/mirrorlist.j2
|
|
dest: "{{ host_mirrorlist_file }}"
|
|
<<: *persistent_data_permissions
|
|
become: true
|
|
|
|
- name: Copy the mirrorlist to localhost.
|
|
ansible.builtin.fetch:
|
|
src: "{{ host_mirrorlist_file }}"
|
|
dest: "{{ local_mirrorlist_file }}"
|
|
flat: true
|
|
become: true
|
|
|
|
- name: Copy over SSL cert.
|
|
ansible.builtin.copy:
|
|
dest: "{{ host_cert_file }}"
|
|
content: "{{ pkg_cache_shnee_net_key_cert_pem }}"
|
|
<<: *persistent_data_permissions
|
|
mode: '0600'
|
|
become: true
|
|
|
|
- name: Start the nuster container.
|
|
community.docker.docker_container:
|
|
image: nuster/nuster:5.3.0.23-alpine
|
|
name: pkg-cache
|
|
state: started
|
|
restart: true
|
|
# recreate: true
|
|
network_mode: default
|
|
# TODO REM this shouldn't be needed becuase of the proxy.
|
|
# published_ports:
|
|
# - 4433:8080
|
|
volumes:
|
|
- "{{ host_config_file }}:/etc/nuster/nuster.cfg"
|
|
- "{{ host_cert_file }}:{{ container_cert_file }}"
|
|
- "{{ persistent_data_directory }}/cache:/cache"
|
|
env:
|
|
VIRTUAL_HOST: pkg.shnee.net,*.pkg.shnee.net
|
|
VIRTUAL_PORT: "8080"
|
|
# NETWORK_ACCESS: internal
|
|
restart_policy: unless-stopped
|