This repository has been archived by the owner on Jan 21, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
install.yaml
174 lines (151 loc) · 4.33 KB
/
install.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
---
- name: Load public ip
hosts: localhost
vars_files:
- ./instance.yaml
tasks:
- add_host:
name: "{{ public_ip }}"
groups: "oci"
changed_when: false
- name: install caprover
hosts: oci
remote_user: "ubuntu"
become: true
vars:
- docker_compose_version: "1.29.0"
- swap_file_path: /swapfile
- swap_file_size: 4G
- swappiness: 1
tasks:
- name: apt update
apt:
update_cache: yes
- name: Install dependencies
apt:
pkg:
- apt-transport-https
- ca-certificates
- curl
- gnupg2
- software-properties-common
- python3-pip
# We have limited ressources, dont want to run oracle agent
- name: Disable oracle-cloud-agent
ansible.builtin.systemd:
name: "{{ item }}"
enabled: no
state: stopped
loop:
- snap.oracle-cloud-agent.oracle-cloud-agent-updater
- snap.oracle-cloud-agent.oracle-cloud-agent
- name: Set swap_file variable
set_fact:
swap_file: "{{swap_file_path}}"
tags:
- swap.set.file.path
- name: Check if swap file exists
stat:
path: "{{ swap_file }}"
register: swap_file_check
tags:
- swap.file.check
- name: Create swap file
command: fallocate -l {{ swap_file_size }} {{ swap_file }}
when: not swap_file_check.stat.exists
tags:
- swap.file.create
- name: Change swap file permissions
file: path="{{ swap_file }}"
owner=root
group=root
mode=0600
tags:
- swap.file.permissions
- name: Format swap file
command: "mkswap {{ swap_file }}"
when: not swap_file_check.stat.exists
tags:
- swap.file.mkswap
- name: Write swap entry in fstab
mount: name=none
src={{ swap_file }}
fstype=swap
opts=sw
passno=0
dump=0
state=present
tags:
- swap.fstab
- name: Turn on swap
command: swapon -a
when: not swap_file_check.stat.exists
tags:
- swap.turn.on
- name: Set swappiness
sysctl:
name: vm.swappiness
value: "{{ swappiness }}"
tags:
- swap.set.swappiness
# Oracle's images have issues with ufw, so just manually doing rules in file.
- name: Copy firewall rules
copy:
src: files/rules.v4
dest: /etc/iptables/rules.v4
owner: root
group: root
mode: '0644'
- name: provision firewall rules
community.general.iptables_state:
state: restored
path: /etc/iptables/rules.v4
async: "{{ ansible_timeout }}"
poll: 0
- name: pip install docker
pip:
name: docker
- name: add docker apt key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: add docker apt repo
apt_repository:
repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
state: present
update_cache: yes
- name: install docker and it's dependencies
apt:
pkg:
- docker-ce
- docker-ce-cli
- containerd.io
state: present
- name: start and enable docker daemon
service:
name: docker
state: restarted
enabled: yes
- name: fetch docker-compose checksum
uri:
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64.sha256
return_content: yes
register: docker_compose_checksum
- name: install docker-compose
get_url:
url: https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-Linux-x86_64
checksum: "sha256:{{ docker_compose_checksum.content.split(' ') | first }}"
dest: /usr/local/bin/docker-compose
mode: '0755'
- name: install caprover docker container
community.docker.docker_container:
name: caprover
image: caprover/caprover
container_default_behavior: no_defaults
ports:
- "80:80"
- "443:443"
- "3000:3000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /captain:/captain