Compare commits
4 Commits
1c30ded1c3
...
c36ea0287e
Author | SHA1 | Date | |
---|---|---|---|
c36ea0287e | |||
2552ada812 | |||
81a0ce0248 | |||
8622ec646f |
57
provision-pinky/firecracker.yml
Normal file
57
provision-pinky/firecracker.yml
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
# Setup Firecracker for VMs
|
||||||
|
- name: Firecracker
|
||||||
|
hosts: servers
|
||||||
|
become_method: ansible.builtin.sudo
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- name: Get firecracker
|
||||||
|
become: false
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: https://github.com/firecracker-microvm/firecracker/releases/download/v1.7.0/firecracker-v1.7.0-aarch64.tgz
|
||||||
|
dest: ~ralsina/firecracker.tgz
|
||||||
|
mode: '0644'
|
||||||
|
- name: Get kernel
|
||||||
|
become: false
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: https://s3.amazonaws.com/spec.ccfc.min/img/quickstart_guide/aarch64/kernels/vmlinux.bin
|
||||||
|
dest: ~ralsina/vmlinux.bin
|
||||||
|
mode: '0644'
|
||||||
|
- name: Get root image
|
||||||
|
become: false
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: https://s3.amazonaws.com/spec.ccfc.min/img/quickstart_guide/aarch64/rootfs/bionic.rootfs.ext4
|
||||||
|
dest: ~ralsina/bionic.rootfs.ext4
|
||||||
|
mode: '0644'
|
||||||
|
- name: Unpack firecracker
|
||||||
|
become: false
|
||||||
|
ansible.builtin.unarchive:
|
||||||
|
src: ~ralsina/firecracker.tgz
|
||||||
|
dest: ~ralsina
|
||||||
|
remote_src: true
|
||||||
|
- name: Install firecracker
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: mv /home/ralsina/release-v1.7.0-aarch64/firecracker-v1.7.0-aarch64 /usr/bin/firecracker
|
||||||
|
creates: /usr/bin/firecracker
|
||||||
|
- name: Setup systemd unit for firecracker
|
||||||
|
become: true
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /etc/systemd/system/firecracker.service
|
||||||
|
content: |
|
||||||
|
[Unit]
|
||||||
|
Description=Firecracker VM Manager
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
ExecStart=/usr/bin/firecracker --api-sock /tmp/firecracker.socket
|
||||||
|
Restart=always
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=default.target
|
||||||
|
mode: '0644'
|
||||||
|
- name: Start and enable service
|
||||||
|
become: true
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: firecracker
|
||||||
|
state: started
|
||||||
|
enabled: true
|
@ -1,6 +1,16 @@
|
|||||||
[servers]
|
[servers]
|
||||||
pinky ansible_user=ralsina
|
pinky
|
||||||
rocky ansible_user=ralsina
|
rocky
|
||||||
|
|
||||||
[servers:vars]
|
[faas]
|
||||||
ansible_connection=ssh
|
lawn
|
||||||
|
|
||||||
|
[interactive]
|
||||||
|
pinky
|
||||||
|
rocky
|
||||||
|
lawn
|
||||||
|
|
||||||
|
[all:vars]
|
||||||
|
ansible_user=ralsina
|
||||||
|
ansible_connection=ssh
|
||||||
|
ansible_python_interpreter=/usr/bin/python3
|
54
provision-pinky/server.yml
Normal file
54
provision-pinky/server.yml
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
# Setup basic server stuff
|
||||||
|
- name: Basic Server Setup
|
||||||
|
hosts: servers
|
||||||
|
become_method: ansible.builtin.sudo
|
||||||
|
tasks:
|
||||||
|
- name: Install some packages
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- docker
|
||||||
|
- docker-compose
|
||||||
|
- btrfs-progs
|
||||||
|
- qemu-system-arm
|
||||||
|
- qemu-utils
|
||||||
|
state: present
|
||||||
|
- name: Install Debian-specific packages
|
||||||
|
become: true
|
||||||
|
when: ansible_os_family == 'Debian'
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name:
|
||||||
|
- qemu-efi-aarch64
|
||||||
|
- net-tools
|
||||||
|
state: present
|
||||||
|
- name: Start and enable service docker
|
||||||
|
become: true
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: docker
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
- name: Add ralsina to docker group
|
||||||
|
become: true
|
||||||
|
ansible.builtin.user:
|
||||||
|
name: ralsina
|
||||||
|
groups: docker
|
||||||
|
append: true
|
||||||
|
- name: Configure Docker
|
||||||
|
become: true
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /etc/docker/daemon.json
|
||||||
|
mode: '0644'
|
||||||
|
content: |
|
||||||
|
{
|
||||||
|
"data-root": "/data/docker"
|
||||||
|
}
|
||||||
|
notify:
|
||||||
|
- Restart Docker
|
||||||
|
|
||||||
|
handlers:
|
||||||
|
- name: Restart Docker
|
||||||
|
become: true
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: docker
|
||||||
|
state: restarted
|
||||||
|
|
@ -1,6 +1,6 @@
|
|||||||
# Setup my user with some QoL packages and settings
|
# Setup my user with some QoL packages and settings
|
||||||
- name: Basic Setup
|
- name: Basic Setup
|
||||||
hosts: servers
|
hosts: interactive
|
||||||
become_method: ansible.builtin.sudo
|
become_method: ansible.builtin.sudo
|
||||||
tasks:
|
tasks:
|
||||||
- name: Install some packages
|
- name: Install some packages
|
||||||
@ -22,6 +22,7 @@
|
|||||||
name:
|
name:
|
||||||
- ncurses-term
|
- ncurses-term
|
||||||
state: present
|
state: present
|
||||||
|
update_cache: true
|
||||||
- name: Add the user ralsina
|
- name: Add the user ralsina
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
|
@ -7,6 +7,7 @@ server {
|
|||||||
location / {
|
location / {
|
||||||
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8080;
|
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8080;
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
|
proxy_set_header Host $host;
|
||||||
}
|
}
|
||||||
error_page 500 502 503 504 /custom_50x.html;
|
error_page 500 502 503 504 /custom_50x.html;
|
||||||
location = /custom_50x.html {
|
location = /custom_50x.html {
|
||||||
@ -24,6 +25,7 @@ server {
|
|||||||
location / {
|
location / {
|
||||||
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8086;
|
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8086;
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
|
proxy_set_header Host $host;
|
||||||
}
|
}
|
||||||
error_page 500 502 503 504 /custom_50x.html;
|
error_page 500 502 503 504 /custom_50x.html;
|
||||||
location = /custom_50x.html {
|
location = /custom_50x.html {
|
||||||
@ -41,6 +43,7 @@ server {
|
|||||||
location / {
|
location / {
|
||||||
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:3000;
|
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:3000;
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
|
proxy_set_header Host $host;
|
||||||
}
|
}
|
||||||
error_page 403 404 500 502 503 504 /custom_50x.html;
|
error_page 403 404 500 502 503 504 /custom_50x.html;
|
||||||
location = /custom_50x.html {
|
location = /custom_50x.html {
|
||||||
@ -67,6 +70,7 @@ server {
|
|||||||
location / {
|
location / {
|
||||||
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:7777;
|
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:7777;
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
|
proxy_set_header Host $host;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /stream {
|
location /stream {
|
||||||
@ -127,23 +131,6 @@ server {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
|
||||||
listen 8080;
|
|
||||||
listen [::]:8080;
|
|
||||||
|
|
||||||
server_name social.ralsina.me;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://pinky.ralsina.github.beta.tailscale.net:3003;
|
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
|
||||||
|
|
||||||
# WebSocket support
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header Connection "upgrade";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
server {
|
||||||
listen 8080;
|
listen 8080;
|
||||||
listen [::]:8080;
|
listen [::]:8080;
|
||||||
|
Loading…
Reference in New Issue
Block a user