diff options
Diffstat (limited to 'ansible/radicle.liw.fi.yml')
-rw-r--r-- | ansible/radicle.liw.fi.yml | 118 |
1 files changed, 118 insertions, 0 deletions
diff --git a/ansible/radicle.liw.fi.yml b/ansible/radicle.liw.fi.yml new file mode 100644 index 0000000..dd9a949 --- /dev/null +++ b/ansible/radicle.liw.fi.yml @@ -0,0 +1,118 @@ +- hosts: radicle.liw.fi + remote_user: root + become: yes + roles: + - role: run-finntroll-playbook-instead + - role: sane_debian_system + - role: sshd + - role: unix_users + - role: rust-rustup + - role: radicle_node + tasks: + - name: "install convenience packages" + apt: + name: + - jq + - moreutils + - psmisc + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_hostname: "{{ inventory_hostname }}" + sane_debian_system_codename: bookworm + sane_debian_system_timezone: Europe/Helsinki + sane_debian_system_sources_lists: + - repo: | + deb http://security.debian.org/debian-security bookworm-security main contrib non-free + - repo: deb http://apt.liw.fi/debian unstable main + signing_key: "{{ apt_liw_fi_signing_key }}" + + unix_users_version: 2 + unix_users: + - username: _rad + comment: Radicle node + + sshd_version: 1 + + radicle_node_version: 1 + radicle_node_key: "{{ lookup('pipe', 'pass radicle/radicle.liw.fi/key') }}" + radicle_node_key_pub: "{{ lookup('pipe', 'pass radicle/radicle.liw.fi/key.pub') }}" + radicle_node_connections: [] + radicle_node_repositories: + # heartwood + - rid: "rad:z3gqcJUoA1n9HaHKufZs5FCSGazv5" + + # pathdedup test repo + - rid: "rad:zZnk3hS8C3WAhnv7mWcCUToCqpBs" + + # ansibleness + - rid: "rad:z3sckw1Xm8j5URDJz1zeESHfFYDEc" + + # debian-ansible + - rid: "rad:z3LXXus6Wu93LuSuuuSBPcFkDiyCW" + + # html-page + - rid: "rad:z2i9UF8soK1X6L9hae8UcQPSvdHjW" + + # liw-dot-files + - rid: "rad:z2xcsrnG8dC76bkxXsASZbWGH5N2w" + + # radicle-stress-test + - rid: "rad:z2HXqzZMRhZUiYm33pLgYfqBgcGCj" + + # radicle-ci-broker + - rid: "rad:zwTxygwuz5LDGBq255RA2CbNGrz8" + + # radicle-native-ci + - rid: "rad:z3qg5TKmN83afz2fj9z3fQjU8vaYE" + + # riki + - rid: "rad:zw9BgStPgCkdsMspzs7EGbwnXq3r" + + # wumpus hunter + - rid: "rad:zd4kAF7rQFKbCHAdbcF6zVkx8MyN" + + # missing-dependencies + - rid: "rad:z3PKKNstRjLYqhvGq9rxGy7LoEVr5" + + # vmdb2 + - rid: "rad:z2kxCtBwDQMPcaf9vGTNH5nYkp9qk" + + # vmdb2-web + - rid: "rad:z2mn6wzpVAuJoeWx7TZo33nCHuDfQ" + + # unpack-debian-sources + - rid: "rad:zgYpM7b29D6wTMjEUxxzBjcF9EvK" + radicle_node_domain_name: radicle.liw.fi + radicle_node_wumpus_domain_name: wumpus.liw.fi + radicle_node_ci_domain_name: ci.radicle.liw.fi + radicle_node_ci_broker_config: | + db: /home/_rad/ci-broker.db + report_dir: /srv/http + default_adapter: native + adapters: + native: + command: /bin/radicle-native-ci + env: + RADICLE_NATIVE_CI: /home/_rad/native-ci.yaml + filters: + - !Or + - !And + - !Repository "rad:zZnk3hS8C3WAhnv7mWcCUToCqpBs" + - !AnyPatch + - !And + - !Repository "rad:z3gqcJUoA1n9HaHKufZs5FCSGazv5" + - !AnyPatch + - !And + - !Repository "rad:zwTxygwuz5LDGBq255RA2CbNGrz8" + - !AnyPatch + - !And + - !Repository "rad:z3qg5TKmN83afz2fj9z3fQjU8vaYE" + - !AnyPatch + radicle_node_policy: block + radicle_node_scope: all + + # radicle_node_backup: /home/liw/data/radicle.liw.fi/. + + rust_rustup_user: _rad |