diff --git a/.gitignore b/.gitignore index 496ee2c..e13b5a4 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ -.DS_Store \ No newline at end of file +.DS_Store +venv +.vault_password diff --git a/configs/README.md b/configs/README.md new file mode 100644 index 0000000..c779004 --- /dev/null +++ b/configs/README.md @@ -0,0 +1,4 @@ +# Configurations Folder + +This folder contains different sets +of configuration files maintained by the IWG. diff --git a/configs/aws-ansible/.pylintrc b/configs/aws-ansible/.pylintrc new file mode 100644 index 0000000..f36a17e --- /dev/null +++ b/configs/aws-ansible/.pylintrc @@ -0,0 +1,6 @@ +[MASTER] +jobs=0 +load-plugins=pylint.extensions.redefined_variable_type, pylint.extensions.docparams +disable=bad-continuation,trailing-newlines +max-line-length=160 + diff --git a/configs/aws-ansible/.yamllint b/configs/aws-ansible/.yamllint new file mode 100644 index 0000000..89d8bf0 --- /dev/null +++ b/configs/aws-ansible/.yamllint @@ -0,0 +1,14 @@ +--- + +extends: default + +ignore: | + roles/test + +rules: + line-length: {max: 320, allow-non-breakable-words: true} + new-line-at-end-of-file: + level: warning + truthy: + allowed-values: ['true', 'false', 'yes', 'no'] + check-keys: true diff --git a/configs/aws-ansible/ansible.cfg b/configs/aws-ansible/ansible.cfg new file mode 100644 index 0000000..2e52d3d --- /dev/null +++ b/configs/aws-ansible/ansible.cfg @@ -0,0 +1,13 @@ +[ssh_connection] +ssh_args = -C -o ControlMaster=auto -o ControlPersist=30m +[defaults] +inventory=inventories/aws + +# Use the YAML callback plugin. +stdout_callback = yaml +# Use the stdout_callback when running ad-hoc commands. +bin_ansible_callbacks = True +vault_password_file=.vault_password + +[local] +localhost ansible_connection=local diff --git a/configs/aws-ansible/files/akor_llvm.key.pub b/configs/aws-ansible/files/akor_llvm.key.pub new file mode 100644 index 0000000..80f7c49 --- /dev/null +++ b/configs/aws-ansible/files/akor_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4n0w8Q2FWRqCCTDnHj+G6l7/0OA/pyhCkP3qVLnhB4Mi5xJngjbiEB8pYz3uYXkT2hxUtKA1veHieET97relZ7LuXZM0VjdTWiaKQgvUw1mjEG+STlXt1jd9qnXf32pon833ioKdwZoeRQoPcDrhtgjHuJadvI11kqEn2GJ/ce10hvy/mtIghSPzPKIdQLryc3k0ghChazcJFl5YUNa6IT6xLOBBA8KGk9vsqQ5+De7viUw1a1++zgpsRZ6ULpL0X8yCNL0FxDZPl1ujdjD4tXUr636RWq9CSE6E8fHAKuI5XM5NfYmsfqaV6nz/cVQWsRMENTM453j6gbdL7hSXRQ== asl@aslstation \ No newline at end of file diff --git a/configs/aws-ansible/files/medwards_llvm.key.pub b/configs/aws-ansible/files/medwards_llvm.key.pub new file mode 100644 index 0000000..ad46af5 --- /dev/null +++ b/configs/aws-ansible/files/medwards_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDk1Cbx+lyBzTPxtOCvOckswHLJ+rNbaWXRzpyqSL2m/d5g8zR0PqF5kk8b9+jFq32Ge7A8vcw8cFmtzVP4hPkB6OrhboFRrBDPfIzbrFWaMNRUC9fJAELczuJMFKxUI6srIC7bWhpkxG/vbzLC8EUotWcXbjfFg5VP2LagRDM31SGw98g28TzizBvYgI8PYEcKmxF+4iY7lG+SWZFTV3p/a2PNyIwHi20OhXZfmlnvPsPtx7thvviQumu4S3CDWR3OhPiSQudNAEwSQ+11tuwkx6M1n4F3RfHtXowIAN0guDRprzopL5i+ue2RK3KclWGWlTliUKSo9kQHhLzRztjebFL/jkBBTraYMJZ5RYqUvE2UX4OJbzI6GL4DudCIpW02A3y3vFHaes8VyxqQMJbmmdbX4wNcVi4F+CDl+8vCVHOGOIUrzl8+zW/Pcp04eYSeca4RHe3/4HJtnA0olaHKeyIaB/xZiQ2oqc1UhV1K5KUDMCIzFXaTLYAF1BpbgpyxYfHUGKDy2zUL6fwvV/NkT6m+UM2QMR6DW6wOpwvawKdFy1bebmYSBHZrWgciKHHudaj3rifuN1seJz04n7xMOALgdpH5PoLm4XugK7ce1fwpwmidm1du1YAQNkxUp7uzGCQmk2zyoLBJX+0NIZYw67uJ50/R/XLpp9SySteMRQ== diff --git a/configs/aws-ansible/files/tstellar_llvm.key.pub b/configs/aws-ansible/files/tstellar_llvm.key.pub new file mode 100644 index 0000000..6f3dff5 --- /dev/null +++ b/configs/aws-ansible/files/tstellar_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDS7hdlT00UDR9rm4SQAMI7yOoS0aDeXQCauaHTnBsE42bkrWJq/TLmjZX6RtTl5aw1+/VVwcazdcHyasUYXUgARy34/aARz1vGUC5h9DW8fyELrnBUGUjbTXO6AXYQ7rEfndtCVC5muNIZPPFTPO9foMKwKode6VjhFIvbRSyde1WsjwuXkdQjp2tHRzGNaTQCh/A8NVcdLR0HJjteHX0PR3sDX+XcPVMRXwL+IMSyxLrooFsDeY7DYPz2Drp6AlMiZ4bcUATN0BZ7aFHUS3eAOTb1iJTTxc7+25EnKEkHsiCnPy4+ZZnpNUNDZaueH9j/taqTvPShByVOzPZefZ5gwls96YCHvidL3Xkf4pYqOLUEryuVb9LWUeuofF6ej8Lrb5T8DJhMpr/QRrDuwyqeGkxzWPd6kdr6rhVyhHz1muKSrFUdGjqBh5OpAt5AnL5nIzVJX8kKpjbmgnbYBaD617/+MRXMOcb+xyoqe3ZOQXbjtdkNTW9At7o+wdnxDk0= tstellar@tstellar.remote.csb \ No newline at end of file diff --git a/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vars.yaml b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vars.yaml new file mode 100644 index 0000000..c4efc1d --- /dev/null +++ b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_python_interpreter: /usr/bin/python3 \ No newline at end of file diff --git a/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vault.yaml b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vault.yaml new file mode 100644 index 0000000..7bbc824 --- /dev/null +++ b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vault.yaml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +37343734393663663661656433383565316231326335366535333161666630656235636133323262 +3665646135376135616230613530636663666532326335300a656366343466386130623137383634 +64623764336363396136613634343363313132326637386136323736336564636236373531396666 +6233316637396263380a396631333930633564386262613236366335303965636638613233653634 +38613366643131376164633665623733303634613839636162353261373436366135376338323764 +36356136613732666134353739336330373163323231653638353336353833316237653363393862 +346236633566336337636237336562386262 diff --git a/configs/aws-ansible/inventories/aws/host_vars/ec2-18-144-11-123.us-west-1.compute.amazonaws.com/vars.yaml b/configs/aws-ansible/inventories/aws/host_vars/ec2-18-144-11-123.us-west-1.compute.amazonaws.com/vars.yaml new file mode 100644 index 0000000..8802b2c --- /dev/null +++ b/configs/aws-ansible/inventories/aws/host_vars/ec2-18-144-11-123.us-west-1.compute.amazonaws.com/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_user: ec2-user diff --git a/configs/aws-ansible/inventories/aws/hosts b/configs/aws-ansible/inventories/aws/hosts new file mode 100644 index 0000000..4391d57 --- /dev/null +++ b/configs/aws-ansible/inventories/aws/hosts @@ -0,0 +1,2 @@ +[aws_ec2] +ec2-18-144-11-123.us-west-1.compute.amazonaws.com \ No newline at end of file diff --git a/configs/aws-ansible/playbooks/playbook_aws_deploy.yaml b/configs/aws-ansible/playbooks/playbook_aws_deploy.yaml new file mode 100644 index 0000000..d7caa96 --- /dev/null +++ b/configs/aws-ansible/playbooks/playbook_aws_deploy.yaml @@ -0,0 +1,12 @@ +--- +- hosts: all + gather_facts: yes + + tasks: + - include_tasks: "../tasks/add_users.yaml" + with_items: + - { username: medwards, uid: 510} + - { username: akor, uid: 511 } + - { username: tstellar, uid: 512 } + loop_control: + loop_var: user_dict diff --git a/configs/aws-ansible/playbooks/playbook_aws_inventory.yaml b/configs/aws-ansible/playbooks/playbook_aws_inventory.yaml new file mode 100644 index 0000000..d669ef9 --- /dev/null +++ b/configs/aws-ansible/playbooks/playbook_aws_inventory.yaml @@ -0,0 +1,5 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts diff --git a/configs/aws-ansible/requirements.txt b/configs/aws-ansible/requirements.txt new file mode 100644 index 0000000..1d45c93 --- /dev/null +++ b/configs/aws-ansible/requirements.txt @@ -0,0 +1,5 @@ +ansible +pylint +yamllint +jmespath + diff --git a/configs/aws-ansible/tasks/add_users.yaml b/configs/aws-ansible/tasks/add_users.yaml new file mode 100644 index 0000000..c32ceac --- /dev/null +++ b/configs/aws-ansible/tasks/add_users.yaml @@ -0,0 +1,34 @@ +--- +- name: Install latest passlib with pip + pip: name=passlib + +- name: "Add the user '{{ user_dict.username }}' with a specific uid and a primary group of 'wheel'" + become: yes + user: + name: "{{ user_dict.username }}" + comment: "{{ user_dict.username }} (LLVM Foundation)" + group: wheel + groups: "adm,wheel,systemd-journal" + shell: /bin/bash + state: present + remove: no + password: "{{ vault_default_user_password | password_hash('sha512') }}" + update_password: on_create + +- name: "Create /home/{{ user_dict.username }}/.ssh dir" + become: yes + ansible.builtin.file: + path: "/home/{{ user_dict.username }}/.ssh" + state: directory + owner: "{{ user_dict.username }}" + group: wheel + mode: '0700' + +- name: "Setup {{ user_dict.username }} public key" + become: yes + ansible.builtin.copy: + src: "../files/{{ user_dict.username }}_llvm.key.pub" + dest: "/home/{{ user_dict.username }}/.ssh/authorized_keys" + owner: "{{ user_dict.username }}" + group: wheel + mode: '0644' diff --git a/configs/ghactions-ansible/.pylintrc b/configs/ghactions-ansible/.pylintrc new file mode 100644 index 0000000..f36a17e --- /dev/null +++ b/configs/ghactions-ansible/.pylintrc @@ -0,0 +1,6 @@ +[MASTER] +jobs=0 +load-plugins=pylint.extensions.redefined_variable_type, pylint.extensions.docparams +disable=bad-continuation,trailing-newlines +max-line-length=160 + diff --git a/configs/ghactions-ansible/.yamllint b/configs/ghactions-ansible/.yamllint new file mode 100644 index 0000000..89d8bf0 --- /dev/null +++ b/configs/ghactions-ansible/.yamllint @@ -0,0 +1,14 @@ +--- + +extends: default + +ignore: | + roles/test + +rules: + line-length: {max: 320, allow-non-breakable-words: true} + new-line-at-end-of-file: + level: warning + truthy: + allowed-values: ['true', 'false', 'yes', 'no'] + check-keys: true diff --git a/configs/ghactions-ansible/ansible.cfg b/configs/ghactions-ansible/ansible.cfg new file mode 100644 index 0000000..8347476 --- /dev/null +++ b/configs/ghactions-ansible/ansible.cfg @@ -0,0 +1,13 @@ +[ssh_connection] +ssh_args = -C -o ControlMaster=auto -o ControlPersist=30m +[defaults] +inventory=inventories/libcxx.yaml + +# Use the YAML callback plugin. +stdout_callback = yaml +# Use the stdout_callback when running ad-hoc commands. +bin_ansible_callbacks = True +vault_password_file=.vault_password + +[local] +localhost ansible_connection=local diff --git a/configs/ghactions-ansible/files/medwards_llvm.key.pub b/configs/ghactions-ansible/files/medwards_llvm.key.pub new file mode 100644 index 0000000..ad46af5 --- /dev/null +++ b/configs/ghactions-ansible/files/medwards_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDk1Cbx+lyBzTPxtOCvOckswHLJ+rNbaWXRzpyqSL2m/d5g8zR0PqF5kk8b9+jFq32Ge7A8vcw8cFmtzVP4hPkB6OrhboFRrBDPfIzbrFWaMNRUC9fJAELczuJMFKxUI6srIC7bWhpkxG/vbzLC8EUotWcXbjfFg5VP2LagRDM31SGw98g28TzizBvYgI8PYEcKmxF+4iY7lG+SWZFTV3p/a2PNyIwHi20OhXZfmlnvPsPtx7thvviQumu4S3CDWR3OhPiSQudNAEwSQ+11tuwkx6M1n4F3RfHtXowIAN0guDRprzopL5i+ue2RK3KclWGWlTliUKSo9kQHhLzRztjebFL/jkBBTraYMJZ5RYqUvE2UX4OJbzI6GL4DudCIpW02A3y3vFHaes8VyxqQMJbmmdbX4wNcVi4F+CDl+8vCVHOGOIUrzl8+zW/Pcp04eYSeca4RHe3/4HJtnA0olaHKeyIaB/xZiQ2oqc1UhV1K5KUDMCIzFXaTLYAF1BpbgpyxYfHUGKDy2zUL6fwvV/NkT6m+UM2QMR6DW6wOpwvawKdFy1bebmYSBHZrWgciKHHudaj3rifuN1seJz04n7xMOALgdpH5PoLm4XugK7ce1fwpwmidm1du1YAQNkxUp7uzGCQmk2zyoLBJX+0NIZYw67uJ50/R/XLpp9SySteMRQ== diff --git a/configs/ghactions-ansible/files/mishal_shah_llvm.key.pub b/configs/ghactions-ansible/files/mishal_shah_llvm.key.pub new file mode 100644 index 0000000..2d133bf --- /dev/null +++ b/configs/ghactions-ansible/files/mishal_shah_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC59swvCE+N33rlEpIHQ6NJJM41/gK71nTKYeS3CEG/pSK91Kln5HSr4/Z3D+qumwHEXfn5jJkkUXYxDqSrpdyudFL8zqtivwbpNCKJn6vygPsE7s0lhdGIck5eYQ5/oG74qcQWtcmP/vX+Y8YwOpcXOnfoRtXmySVWlvolhUSnSZMqamYjbEKjMHZgP6CJ73iDFvHESFfupkQEgRK+b5DJ6h0ungaycJl/wM62xjIHy0Kb7CBTGLcRCFiXMEuyvm1V5K5ZnNwRIXXClhpbA7FGA1sw+w7d5xws9S4MZrjHTB3EVTj2vNhSL1IFkjU9cBzgIZ7aEtx2BG2nD6x3Se8fWJIXQqyyt2v1OLV5UWOqleCKzq2YjkmzWgZXuGQ1dmNjCmYY0K5/dU0t/vey0QSk7qvrXP+ddSF17C1//7cDV3W+m6aF6x5u9vx4u6RgivewQ9uGbe1Mcm7lbmAV0UJoChZk1oGiJpMKxa7FoFmRZB7SsI7p1XvTk3fks1R5Yv0= mishal_shah@mishal \ No newline at end of file diff --git a/configs/ghactions-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml b/configs/ghactions-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml new file mode 100644 index 0000000..daf0b02 --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +38313630636464623262613832303137316333636137656432653130343266666138626538666463 +6230666663633065643262373466663237356538356565620a353436656533666465336164613064 +62663163343335353535663938343431643039613765336164656131323833313437363961633630 +6636626436323138350a313530303536613037633636303435633831333535336331656262303332 +36386566336335373965346361316666396263396362313564323537336430636636343166313433 +35613865663162373365646337316238613961366230396135633238616366373665363963346465 +383734363066313134393264373631613663 diff --git a/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vars.yaml b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vars.yaml new file mode 100644 index 0000000..b7eaca5 --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_user: administrator diff --git a/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vault.yaml b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vault.yaml new file mode 100644 index 0000000..84de40a --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vault.yaml @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +64613366393566316639646266653337363739656565646132396133326564393734623562646138 +3537323263623832656662383365626363383863393863300a613836626139653136373766636264 +64303530316234383931343139383664393439386531376464626261316265363666343031613866 +3461656539386332650a643766373063646638663338303233343532643830366337356334623234 +31306262373963353063323864366633656462396237303636303632613961313030376430633562 +6661343261323136653734326438616138366532616337616261 diff --git a/configs/ghactions-ansible/inventories/macminivault/hosts b/configs/ghactions-ansible/inventories/macminivault/hosts new file mode 100644 index 0000000..c986e4f --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/hosts @@ -0,0 +1,2 @@ +[macminivault] +w7-2.macminivault.com diff --git a/configs/ghactions-ansible/playbooks/playbook_deploy.yaml b/configs/ghactions-ansible/playbooks/playbook_deploy.yaml new file mode 100644 index 0000000..ec5dcb7 --- /dev/null +++ b/configs/ghactions-ansible/playbooks/playbook_deploy.yaml @@ -0,0 +1,12 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts + tasks: + - include_tasks: "../tasks/add_users.yaml" + with_items: + - { username: medwards, uid: 501 } + - { username: mishal_shah, uid: 502 } + loop_control: + loop_var: user_dict diff --git a/configs/ghactions-ansible/playbooks/playbook_inventory.yaml b/configs/ghactions-ansible/playbooks/playbook_inventory.yaml new file mode 100644 index 0000000..d669ef9 --- /dev/null +++ b/configs/ghactions-ansible/playbooks/playbook_inventory.yaml @@ -0,0 +1,5 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts diff --git a/configs/ghactions-ansible/requirements.txt b/configs/ghactions-ansible/requirements.txt new file mode 100644 index 0000000..1d45c93 --- /dev/null +++ b/configs/ghactions-ansible/requirements.txt @@ -0,0 +1,5 @@ +ansible +pylint +yamllint +jmespath + diff --git a/configs/ghactions-ansible/roles/hardware_facts/README.md b/configs/ghactions-ansible/roles/hardware_facts/README.md new file mode 100644 index 0000000..48fa938 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/README.md @@ -0,0 +1,49 @@ +Hardware_Facts +========= + +This role is used to install a custom fact script which helps generate +hardware information about a node. The information comes from the +system_profiler binary which is part of macOS. This role focuses on +the SPHardwareDataType within system_profiler. + +Dependencies +------------ + +This role depends on the included file/hardware.fact which will be installed on the target machine. + +Example Playbook +---------------- + + --- + - hosts: all + roles: + - role: roles/hardware_facts + +Example Output +-------------- + + TASK [roles/hardware_facts : Print Node Hardware Facts] *********** + ok: [smoosh-229] => + ansible_local.hardware.SPHardwareDataType[0]: + Lightshow_version: 1.4a6 + SMC_version_system: 2.20e0 + _name: hardware_overview + boot_rom_version: 426.0.0.0.0 + cpu_type: 6-Core Intel Xeon E5 + current_processor_speed: 3.5 GHz + l2_cache_core: 256 KB + l3_cache: 12 MB + machine_model: MacPro6,1 + machine_name: Mac Pro + number_processors: 6 + packages: 1 + physical_memory: 32 GB + platform_UUID: 3C12ED30-F131-5579-A485-C32B0A027221 + platform_cpu_htt: htt_enabled + provisioning_UDID: 3C12ED30-F131-5579-A485-C32B0A027221 + serial_number: F5KLQ04CF694 + +Responsible Individual +------------------ + +Mike Edwards - medwards@llvm.org diff --git a/configs/ghactions-ansible/roles/hardware_facts/defaults/main.yml b/configs/ghactions-ansible/roles/hardware_facts/defaults/main.yml new file mode 100644 index 0000000..6bb2914 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for hardware_facts diff --git a/configs/ghactions-ansible/roles/hardware_facts/files/hardware.fact b/configs/ghactions-ansible/roles/hardware_facts/files/hardware.fact new file mode 100755 index 0000000..03758d6 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/files/hardware.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPHardwareDataType diff --git a/configs/ghactions-ansible/roles/hardware_facts/files/storage.fact b/configs/ghactions-ansible/roles/hardware_facts/files/storage.fact new file mode 100755 index 0000000..de4273e --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/files/storage.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPStorageDataType diff --git a/configs/ghactions-ansible/roles/hardware_facts/handlers/main.yml b/configs/ghactions-ansible/roles/hardware_facts/handlers/main.yml new file mode 100644 index 0000000..8b96c96 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for hardware_facts diff --git a/configs/ghactions-ansible/roles/hardware_facts/tasks/main.yml b/configs/ghactions-ansible/roles/hardware_facts/tasks/main.yml new file mode 100644 index 0000000..2a310e9 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/tasks/main.yml @@ -0,0 +1,42 @@ +--- +# tasks file for hardware_facts +- name: "Create custom fact directory" + file: + path: "/etc/ansible/facts.d" + state: "directory" + become: yes + +- name: "Insert hardware fact file" + become: yes + copy: + src: files/hardware.fact + dest: /etc/ansible/facts.d/hardware.fact + mode: 0755 + +- name: "Insert storage fact file" + become: yes + copy: + src: files/storage.fact + dest: /etc/ansible/facts.d/storage.fact + mode: 0755 + register: copy_status + +- name: "Re-run setup to use custom facts" + setup: ~ + when: copy_status.changed + +- name: Print Node Hardware Facts + ansible.builtin.debug: + var: ansible_local.hardware.SPHardwareDataType[0] + +- name: Print Node Storage Facts + ansible.builtin.debug: + var: ansible_local.storage.SPStorageDataType[0] + +- name: Print Node Serial Number + ansible.builtin.debug: + msg: "The machine serial number is {{ ansible_local.hardware.SPHardwareDataType[0].serial_number }}" + +- name: Print Node Disk Type + ansible.builtin.debug: + msg: "The machine drive type is {{ ansible_local.storage.SPStorageDataType[0].physical_drive.device_name }}" diff --git a/configs/ghactions-ansible/roles/hardware_facts/tests/inventory b/configs/ghactions-ansible/roles/hardware_facts/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/configs/ghactions-ansible/roles/hardware_facts/tests/test.yml b/configs/ghactions-ansible/roles/hardware_facts/tests/test.yml new file mode 100644 index 0000000..2688b07 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - ./roles/hardware_facts diff --git a/configs/ghactions-ansible/roles/hardware_facts/vars/main.yml b/configs/ghactions-ansible/roles/hardware_facts/vars/main.yml new file mode 100644 index 0000000..d44f747 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for hardware_facts diff --git a/configs/ghactions-ansible/tasks/add_users.yaml b/configs/ghactions-ansible/tasks/add_users.yaml new file mode 100644 index 0000000..93b5220 --- /dev/null +++ b/configs/ghactions-ansible/tasks/add_users.yaml @@ -0,0 +1,28 @@ +--- +- name: "Add the user '{{ user_dict.username }}' with a specific uid and a primary group of 'admin'" + become: yes + user: + name: "{{ user_dict.username }}" + comment: "{{ user_dict.username }} (LLVM Foundation)" + group: admin + shell: /bin/zsh + state: present + remove: no + password: "{{ vault_default_user_password }}" + update_password: on_create +- name: "Create /Users/{{ user_dict.username }}/.ssh dir" + become: yes + ansible.builtin.file: + path: "/Users/{{ user_dict.username }}/.ssh" + state: directory + owner: "{{ user_dict.username }}" + group: staff + mode: '0700' +- name: "Setup {{ user_dict.username }} public key" + become: yes + ansible.builtin.copy: + src: "../files/{{ user_dict.username }}_llvm.key.pub" + dest: "/Users/{{ user_dict.username }}/.ssh/authorized_keys" + owner: "{{ user_dict.username }}" + group: staff + mode: '0644' diff --git a/configs/libcxx-ansible/.pylintrc b/configs/libcxx-ansible/.pylintrc new file mode 100644 index 0000000..f36a17e --- /dev/null +++ b/configs/libcxx-ansible/.pylintrc @@ -0,0 +1,6 @@ +[MASTER] +jobs=0 +load-plugins=pylint.extensions.redefined_variable_type, pylint.extensions.docparams +disable=bad-continuation,trailing-newlines +max-line-length=160 + diff --git a/configs/libcxx-ansible/.yamllint b/configs/libcxx-ansible/.yamllint new file mode 100644 index 0000000..89d8bf0 --- /dev/null +++ b/configs/libcxx-ansible/.yamllint @@ -0,0 +1,14 @@ +--- + +extends: default + +ignore: | + roles/test + +rules: + line-length: {max: 320, allow-non-breakable-words: true} + new-line-at-end-of-file: + level: warning + truthy: + allowed-values: ['true', 'false', 'yes', 'no'] + check-keys: true diff --git a/configs/libcxx-ansible/ansible.cfg b/configs/libcxx-ansible/ansible.cfg new file mode 100644 index 0000000..8347476 --- /dev/null +++ b/configs/libcxx-ansible/ansible.cfg @@ -0,0 +1,13 @@ +[ssh_connection] +ssh_args = -C -o ControlMaster=auto -o ControlPersist=30m +[defaults] +inventory=inventories/libcxx.yaml + +# Use the YAML callback plugin. +stdout_callback = yaml +# Use the stdout_callback when running ad-hoc commands. +bin_ansible_callbacks = True +vault_password_file=.vault_password + +[local] +localhost ansible_connection=local diff --git a/configs/libcxx-ansible/files/ldionne_llvm.key.pub b/configs/libcxx-ansible/files/ldionne_llvm.key.pub new file mode 100644 index 0000000..c274f3e --- /dev/null +++ b/configs/libcxx-ansible/files/ldionne_llvm.key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICeYRGFqAu7pxQUcHDxLDSKPGFYK0R3P6TmcUUn5YuRe ldionne.2@gmail.com \ No newline at end of file diff --git a/configs/libcxx-ansible/files/medwards_llvm.key.pub b/configs/libcxx-ansible/files/medwards_llvm.key.pub new file mode 100644 index 0000000..ad46af5 --- /dev/null +++ b/configs/libcxx-ansible/files/medwards_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDk1Cbx+lyBzTPxtOCvOckswHLJ+rNbaWXRzpyqSL2m/d5g8zR0PqF5kk8b9+jFq32Ge7A8vcw8cFmtzVP4hPkB6OrhboFRrBDPfIzbrFWaMNRUC9fJAELczuJMFKxUI6srIC7bWhpkxG/vbzLC8EUotWcXbjfFg5VP2LagRDM31SGw98g28TzizBvYgI8PYEcKmxF+4iY7lG+SWZFTV3p/a2PNyIwHi20OhXZfmlnvPsPtx7thvviQumu4S3CDWR3OhPiSQudNAEwSQ+11tuwkx6M1n4F3RfHtXowIAN0guDRprzopL5i+ue2RK3KclWGWlTliUKSo9kQHhLzRztjebFL/jkBBTraYMJZ5RYqUvE2UX4OJbzI6GL4DudCIpW02A3y3vFHaes8VyxqQMJbmmdbX4wNcVi4F+CDl+8vCVHOGOIUrzl8+zW/Pcp04eYSeca4RHe3/4HJtnA0olaHKeyIaB/xZiQ2oqc1UhV1K5KUDMCIzFXaTLYAF1BpbgpyxYfHUGKDy2zUL6fwvV/NkT6m+UM2QMR6DW6wOpwvawKdFy1bebmYSBHZrWgciKHHudaj3rifuN1seJz04n7xMOALgdpH5PoLm4XugK7ce1fwpwmidm1du1YAQNkxUp7uzGCQmk2zyoLBJX+0NIZYw67uJ50/R/XLpp9SySteMRQ== diff --git a/configs/libcxx-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml new file mode 100644 index 0000000..daf0b02 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +38313630636464623262613832303137316333636137656432653130343266666138626538666463 +6230666663633065643262373466663237356538356565620a353436656533666465336164613064 +62663163343335353535663938343431643039613765336164656131323833313437363961633630 +6636626436323138350a313530303536613037633636303435633831333535336331656262303332 +36386566336335373965346361316666396263396362313564323537336430636636343166313433 +35613865663162373365646337316238613961366230396135633238616366373665363963346465 +383734363066313134393264373631613663 diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml new file mode 100644 index 0000000..b7eaca5 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_user: administrator diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml new file mode 100644 index 0000000..a714944 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +36346133663364313965303737353334643936343666643462306565373730636362343132383963 +6538343465623661373132316664666230373562653861630a613631623465346230356261643363 +30393661383766396161613538353965626263383730306663333561366364646531303665376566 +6331366631343038330a626136643137663763646262346136393230363366343035616632326438 +37646239306365366464646134613064653538373665336263636531303836373763626436363737 +3832656235366162633039616465393439326536326362366364 diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml new file mode 100644 index 0000000..b7eaca5 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_user: administrator diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml new file mode 100644 index 0000000..335cc9f --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +34353535383031623938633031303836343461373862633430663934663161343938356632323061 +3965626131663133613064636161396466623236303633350a373266316261303561363565643765 +31383132303534383965396537366530633364326262626261393465363634663536323637353564 +6432303535336436330a663562633365393039303337636566333934356137393464343536386566 +31303233653765323435383831663732306466323537373464616339636661373566343139383430 +3464366236396537333330616438363236353934633065623431 diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml new file mode 100644 index 0000000..b7eaca5 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_user: administrator diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml new file mode 100644 index 0000000..05a958f --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +39323133333464663966616239623833353335316338306139663735323264653630633533323637 +6333336565666438303033643363633339633232363963310a643338323035303461646464343239 +61366636643733333138306233373231613132383266653133386434383433366663353761613934 +3930333335646333350a333261323762356532316339623339306335646336613936636635656430 +62643238653830353564623963616264396230626362633464333864616663326236313832313561 +3864636636333933653439623132383430343131633666663131 diff --git a/configs/libcxx-ansible/inventories/macminivault/hosts b/configs/libcxx-ansible/inventories/macminivault/hosts new file mode 100644 index 0000000..3383783 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/hosts @@ -0,0 +1,4 @@ +[macminivault] +f1-1.macminivault.com +w4-4.macminivault.com +y10-8.macminivault.com \ No newline at end of file diff --git a/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml b/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml new file mode 100644 index 0000000..f5e7c99 --- /dev/null +++ b/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml @@ -0,0 +1,12 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts + tasks: + - include_tasks: "../tasks/add_users.yaml" + with_items: + - { username: medwards, uid: 501 } + - { username: ldionne, uid: 502 } + loop_control: + loop_var: user_dict diff --git a/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml b/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml new file mode 100644 index 0000000..d669ef9 --- /dev/null +++ b/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml @@ -0,0 +1,5 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts diff --git a/configs/libcxx-ansible/requirements.txt b/configs/libcxx-ansible/requirements.txt new file mode 100644 index 0000000..1d45c93 --- /dev/null +++ b/configs/libcxx-ansible/requirements.txt @@ -0,0 +1,5 @@ +ansible +pylint +yamllint +jmespath + diff --git a/configs/libcxx-ansible/roles/hardware_facts/README.md b/configs/libcxx-ansible/roles/hardware_facts/README.md new file mode 100644 index 0000000..48fa938 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/README.md @@ -0,0 +1,49 @@ +Hardware_Facts +========= + +This role is used to install a custom fact script which helps generate +hardware information about a node. The information comes from the +system_profiler binary which is part of macOS. This role focuses on +the SPHardwareDataType within system_profiler. + +Dependencies +------------ + +This role depends on the included file/hardware.fact which will be installed on the target machine. + +Example Playbook +---------------- + + --- + - hosts: all + roles: + - role: roles/hardware_facts + +Example Output +-------------- + + TASK [roles/hardware_facts : Print Node Hardware Facts] *********** + ok: [smoosh-229] => + ansible_local.hardware.SPHardwareDataType[0]: + Lightshow_version: 1.4a6 + SMC_version_system: 2.20e0 + _name: hardware_overview + boot_rom_version: 426.0.0.0.0 + cpu_type: 6-Core Intel Xeon E5 + current_processor_speed: 3.5 GHz + l2_cache_core: 256 KB + l3_cache: 12 MB + machine_model: MacPro6,1 + machine_name: Mac Pro + number_processors: 6 + packages: 1 + physical_memory: 32 GB + platform_UUID: 3C12ED30-F131-5579-A485-C32B0A027221 + platform_cpu_htt: htt_enabled + provisioning_UDID: 3C12ED30-F131-5579-A485-C32B0A027221 + serial_number: F5KLQ04CF694 + +Responsible Individual +------------------ + +Mike Edwards - medwards@llvm.org diff --git a/configs/libcxx-ansible/roles/hardware_facts/defaults/main.yml b/configs/libcxx-ansible/roles/hardware_facts/defaults/main.yml new file mode 100644 index 0000000..6bb2914 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for hardware_facts diff --git a/configs/libcxx-ansible/roles/hardware_facts/files/hardware.fact b/configs/libcxx-ansible/roles/hardware_facts/files/hardware.fact new file mode 100755 index 0000000..03758d6 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/files/hardware.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPHardwareDataType diff --git a/configs/libcxx-ansible/roles/hardware_facts/files/storage.fact b/configs/libcxx-ansible/roles/hardware_facts/files/storage.fact new file mode 100755 index 0000000..de4273e --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/files/storage.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPStorageDataType diff --git a/configs/libcxx-ansible/roles/hardware_facts/handlers/main.yml b/configs/libcxx-ansible/roles/hardware_facts/handlers/main.yml new file mode 100644 index 0000000..8b96c96 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for hardware_facts diff --git a/configs/libcxx-ansible/roles/hardware_facts/tasks/main.yml b/configs/libcxx-ansible/roles/hardware_facts/tasks/main.yml new file mode 100644 index 0000000..2a310e9 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/tasks/main.yml @@ -0,0 +1,42 @@ +--- +# tasks file for hardware_facts +- name: "Create custom fact directory" + file: + path: "/etc/ansible/facts.d" + state: "directory" + become: yes + +- name: "Insert hardware fact file" + become: yes + copy: + src: files/hardware.fact + dest: /etc/ansible/facts.d/hardware.fact + mode: 0755 + +- name: "Insert storage fact file" + become: yes + copy: + src: files/storage.fact + dest: /etc/ansible/facts.d/storage.fact + mode: 0755 + register: copy_status + +- name: "Re-run setup to use custom facts" + setup: ~ + when: copy_status.changed + +- name: Print Node Hardware Facts + ansible.builtin.debug: + var: ansible_local.hardware.SPHardwareDataType[0] + +- name: Print Node Storage Facts + ansible.builtin.debug: + var: ansible_local.storage.SPStorageDataType[0] + +- name: Print Node Serial Number + ansible.builtin.debug: + msg: "The machine serial number is {{ ansible_local.hardware.SPHardwareDataType[0].serial_number }}" + +- name: Print Node Disk Type + ansible.builtin.debug: + msg: "The machine drive type is {{ ansible_local.storage.SPStorageDataType[0].physical_drive.device_name }}" diff --git a/configs/libcxx-ansible/roles/hardware_facts/tests/inventory b/configs/libcxx-ansible/roles/hardware_facts/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/configs/libcxx-ansible/roles/hardware_facts/tests/test.yml b/configs/libcxx-ansible/roles/hardware_facts/tests/test.yml new file mode 100644 index 0000000..2688b07 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - ./roles/hardware_facts diff --git a/configs/libcxx-ansible/roles/hardware_facts/vars/main.yml b/configs/libcxx-ansible/roles/hardware_facts/vars/main.yml new file mode 100644 index 0000000..d44f747 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for hardware_facts diff --git a/configs/libcxx-ansible/tasks/add_users.yaml b/configs/libcxx-ansible/tasks/add_users.yaml new file mode 100644 index 0000000..93b5220 --- /dev/null +++ b/configs/libcxx-ansible/tasks/add_users.yaml @@ -0,0 +1,28 @@ +--- +- name: "Add the user '{{ user_dict.username }}' with a specific uid and a primary group of 'admin'" + become: yes + user: + name: "{{ user_dict.username }}" + comment: "{{ user_dict.username }} (LLVM Foundation)" + group: admin + shell: /bin/zsh + state: present + remove: no + password: "{{ vault_default_user_password }}" + update_password: on_create +- name: "Create /Users/{{ user_dict.username }}/.ssh dir" + become: yes + ansible.builtin.file: + path: "/Users/{{ user_dict.username }}/.ssh" + state: directory + owner: "{{ user_dict.username }}" + group: staff + mode: '0700' +- name: "Setup {{ user_dict.username }} public key" + become: yes + ansible.builtin.copy: + src: "../files/{{ user_dict.username }}_llvm.key.pub" + dest: "/Users/{{ user_dict.username }}/.ssh/authorized_keys" + owner: "{{ user_dict.username }}" + group: staff + mode: '0644'