blob: 6dd662f0b50e4a9bce09ede50d5659c6832d9c4c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
- hosts: qvisqve
remote_user: root
become: yes
roles:
- sane_debian_system
- letsencrypt
- haproxy
- qvisqve
vars:
letsencrypt_email: liw@liw.fi
letsencrypt_domain: "{{ qvisqve_domain }}"
qvisqve_token_public_key: "{{ lookup('pipe', 'pass show ick2/token_key.pub') }}"
qvisqve_token_private_key: "{{ lookup('pipe', 'pass show ick2/token_key') }}"
qvisqve_client_hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}"
qvisqve_client_salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}"
qvisqve_clients:
admin:
allowed_scopes:
- uapi_version_get
- uapi_projects_get
- uapi_status_get
- uapi_projects_post
- uapi_projects_id_get
- uapi_projects_id_put
- uapi_projects_id_delete
- uapi_pipelines_get
- uapi_pipelines_id_delete
- uapi_projects_id_status_get
- uapi_projects_id_status_put
- uapi_pipelines_post
- uapi_pipelines_id_put
- uapi_builds_get
- uapi_logs_get
- uapi_logs_id_get
- uapi_workers_get
- uapi_workers_id_get
- uapi_notify_post
client_secret:
hash: "{{ lookup('pipe', 'pass show ick2/liw_hash') }}"
salt: "{{ lookup('pipe', 'pass show ick2/liw_salt') }}"
N: 16384
key_len: 128
p: 1
r: 8
version: 1
ick2:
allowed_scopes:
- uapi_version_get
- uapi_workers_post
- uapi_work_get
- uapi_work_post
- uapi_blobs_id_put
- uapi_blobs_id_get
client_secret:
hash: "{{ lookup('pipe', 'pass show ick2/worker1_hash') }}"
salt: "{{ lookup('pipe', 'pass show ick2/worker1_salt') }}"
N: 16384
key_len: 128
p: 1
r: 8
version: 1
- hosts: ick2
remote_user: root
become: yes
roles:
- sane_debian_system
- comfortable
- unix_users
- letsencrypt
- haproxy
- ick-controller
- ick-worker
- ick-artifact-store
- apt_repository
vars:
hostname: ick2
debian_codename: stretch
controller_domain: 127.0.0.1
controller_port: 12765
artifact_store_domain: 127.0.0.1
artifact_store_port: 12766
controller_url: "https://{{ controller_domain }}"
unix_users:
- username: _ickwm
sudo: yes
ssh_key: "{{ wm_ssh_key }}"
ssh_key_pub: "{{ wm_ssh_key_pub }}"
letsencrypt_email: liw@liw.fi
letsencrypt_domain: "{{ artifact_store_domain }}"
apt_distributions:
- codename: stretch
description: Release packages for stretch
- codename: stretch-ci
description: CI builds for stretch
- codename: unstable
description: Release packages for unstable
- codename: unstable-ci
description: CI builds for unstable
- codename: liw-ci
description: CI builds for unstable from liw
|