From 3b93b9e1a0bddd19c5b45d9d85c062fcc7222a5d Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 07:43:54 -1000 Subject: [PATCH 01/14] Setting up a configs folder. --- configs/README.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 configs/README.md diff --git a/configs/README.md b/configs/README.md new file mode 100644 index 0000000..c779004 --- /dev/null +++ b/configs/README.md @@ -0,0 +1,4 @@ +# Configurations Folder + +This folder contains different sets +of configuration files maintained by the IWG. From 8a2f2bd98bb5c3b9cdcb3aec020b0ecafca11f0d Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 07:45:14 -1000 Subject: [PATCH 02/14] Making sure we ignore venv folders. --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 496ee2c..ba5fac8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -.DS_Store \ No newline at end of file +.DS_Store +venv From fb40982a94ca094e0fcf4fb75be10fdbd9796e39 Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 07:57:46 -1000 Subject: [PATCH 03/14] Making sure we ignore our ansible vault_password file. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index ba5fac8..e13b5a4 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ .DS_Store venv +.vault_password From 9ee4081baab58cc0f7b41b876f0fb64852ff3261 Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 07:58:05 -1000 Subject: [PATCH 04/14] Initial setup of the libcxx ansible folder. --- configs/libcxx-ansible/.pylintrc | 6 ++++++ configs/libcxx-ansible/.yamllint | 14 ++++++++++++++ configs/libcxx-ansible/ansible.cfg | 13 +++++++++++++ configs/libcxx-ansible/requirements.txt | 4 ++++ 4 files changed, 37 insertions(+) create mode 100644 configs/libcxx-ansible/.pylintrc create mode 100644 configs/libcxx-ansible/.yamllint create mode 100644 configs/libcxx-ansible/ansible.cfg create mode 100644 configs/libcxx-ansible/requirements.txt diff --git a/configs/libcxx-ansible/.pylintrc b/configs/libcxx-ansible/.pylintrc new file mode 100644 index 0000000..f36a17e --- /dev/null +++ b/configs/libcxx-ansible/.pylintrc @@ -0,0 +1,6 @@ +[MASTER] +jobs=0 +load-plugins=pylint.extensions.redefined_variable_type, pylint.extensions.docparams +disable=bad-continuation,trailing-newlines +max-line-length=160 + diff --git a/configs/libcxx-ansible/.yamllint b/configs/libcxx-ansible/.yamllint new file mode 100644 index 0000000..89d8bf0 --- /dev/null +++ b/configs/libcxx-ansible/.yamllint @@ -0,0 +1,14 @@ +--- + +extends: default + +ignore: | + roles/test + +rules: + line-length: {max: 320, allow-non-breakable-words: true} + new-line-at-end-of-file: + level: warning + truthy: + allowed-values: ['true', 'false', 'yes', 'no'] + check-keys: true diff --git a/configs/libcxx-ansible/ansible.cfg b/configs/libcxx-ansible/ansible.cfg new file mode 100644 index 0000000..8347476 --- /dev/null +++ b/configs/libcxx-ansible/ansible.cfg @@ -0,0 +1,13 @@ +[ssh_connection] +ssh_args = -C -o ControlMaster=auto -o ControlPersist=30m +[defaults] +inventory=inventories/libcxx.yaml + +# Use the YAML callback plugin. +stdout_callback = yaml +# Use the stdout_callback when running ad-hoc commands. +bin_ansible_callbacks = True +vault_password_file=.vault_password + +[local] +localhost ansible_connection=local diff --git a/configs/libcxx-ansible/requirements.txt b/configs/libcxx-ansible/requirements.txt new file mode 100644 index 0000000..410b12c --- /dev/null +++ b/configs/libcxx-ansible/requirements.txt @@ -0,0 +1,4 @@ +pylint +yamllint +jmespath + From 16d584caa861725df42710c65e3d3a15680d84ef Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 12:16:46 -1000 Subject: [PATCH 05/14] Initial setup of macminivault hosts. --- .../macminivault/host_vars/f1-1.macminivault.com/vars.yaml | 3 +++ .../macminivault/host_vars/f1-1.macminivault.com/vault.yaml | 6 ++++++ .../macminivault/host_vars/w4-4.macminivault.com/vars.yaml | 3 +++ .../macminivault/host_vars/w4-4.macminivault.com/vault.yaml | 6 ++++++ .../macminivault/host_vars/y10-8.macminivault.com/vars.yaml | 3 +++ .../host_vars/y10-8.macminivault.com/vault.yaml | 6 ++++++ configs/libcxx-ansible/inventories/macminivault/hosts | 4 ++++ 7 files changed, 31 insertions(+) create mode 100644 configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml create mode 100644 configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml create mode 100644 configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml create mode 100644 configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml create mode 100644 configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml create mode 100644 configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml create mode 100644 configs/libcxx-ansible/inventories/macminivault/hosts diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml new file mode 100644 index 0000000..f07babd --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml @@ -0,0 +1,3 @@ +--- +ansible_user: administrator +sudo_password: "{{ ansible_password }}" \ No newline at end of file diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml new file mode 100644 index 0000000..0ab9584 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml @@ -0,0 +1,6 @@ +$ANSIBLE_VAULT;1.1;AES256 +62393866393737613264343737623437363936646263636238383131633961303230343636323763 +3630353531396232343266613637643866643665316138630a303963363832313136373365613434 +64353565383938323737643464623437336139393639303936653039393732363436386433663762 +6331623934643035380a666637643131383137336631643165633038646562306539383362346464 +66656334323735373130303965653431313434656237643835323561613132333539 diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml new file mode 100644 index 0000000..f07babd --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml @@ -0,0 +1,3 @@ +--- +ansible_user: administrator +sudo_password: "{{ ansible_password }}" \ No newline at end of file diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml new file mode 100644 index 0000000..d6ebe59 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml @@ -0,0 +1,6 @@ +$ANSIBLE_VAULT;1.1;AES256 +65323063333636663564343831396334346366653363386637323639623636336565623864363038 +3164303265323063306135656239643238316462643164370a373266326239363937336631666435 +32366334393134633065633964393237326437336435643233663462303131366264653336356363 +6664653231666533320a643465613961396431373039623365393362373932333163623963353663 +64353635313038393038303262623265623565386533613962303862623862636163 diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml new file mode 100644 index 0000000..f07babd --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml @@ -0,0 +1,3 @@ +--- +ansible_user: administrator +sudo_password: "{{ ansible_password }}" \ No newline at end of file diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml new file mode 100644 index 0000000..5d779d5 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml @@ -0,0 +1,6 @@ +$ANSIBLE_VAULT;1.1;AES256 +62383038643665666164633837373732666334386633646364616662636137353464363965373565 +3732323630343036313764646238646562393131666432370a653461343332333632643739626464 +63316265393464316635313666396139643136633262663834633839383234373732376564626135 +3561323433666130320a653938653337373832373762623831386532323232343834313036303465 +31666564323037303565653765393535643632373763313039383466383663613738 diff --git a/configs/libcxx-ansible/inventories/macminivault/hosts b/configs/libcxx-ansible/inventories/macminivault/hosts new file mode 100644 index 0000000..3383783 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/hosts @@ -0,0 +1,4 @@ +[macminivault] +f1-1.macminivault.com +w4-4.macminivault.com +y10-8.macminivault.com \ No newline at end of file From f2c33c99bb40fe85be46ad12c88dd9e3ce66a2bf Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 12:17:05 -1000 Subject: [PATCH 06/14] Adding ansible to our dependencies. --- configs/libcxx-ansible/requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/configs/libcxx-ansible/requirements.txt b/configs/libcxx-ansible/requirements.txt index 410b12c..1d45c93 100644 --- a/configs/libcxx-ansible/requirements.txt +++ b/configs/libcxx-ansible/requirements.txt @@ -1,3 +1,4 @@ +ansible pylint yamllint jmespath From e878a5af571965c372d8c5fcca24aa6723a490a6 Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 12:27:22 -1000 Subject: [PATCH 07/14] Adding the initial playbooks. --- .../playbooks/playbook_libcxx_deploy.yaml | 0 .../playbooks/playbook_libcxx_inventory.yaml | 14 ++++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml create mode 100644 configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml diff --git a/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml b/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml new file mode 100644 index 0000000..e69de29 diff --git a/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml b/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml new file mode 100644 index 0000000..eba73a8 --- /dev/null +++ b/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml @@ -0,0 +1,14 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts + tasks: + - name: Facts + setup: + - name: "Simple Remote Inventory" + debug: + msg: "{{ansible_facts['nodename']}}: {{ ansible_local.macos.machine_model }} ({{ ansible_local.macos.hw_codename }}) {{ ansible_local.macos.sw_vers }}" + - name: Generate Ansible-cmdb Info + ansible.builtin.template: src=files/inventory dest="out/{{inventory_hostname}}" + delegate_to: localhost \ No newline at end of file From ecbeeaa609bf59eb593b659305c22e9b79065c36 Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 14:58:47 -1000 Subject: [PATCH 08/14] Getting the inventory playbook up and running. --- .../host_vars/f1-1.macminivault.com/vars.yaml | 1 - .../f1-1.macminivault.com/vault.yaml | 11 ++-- .../host_vars/w4-4.macminivault.com/vars.yaml | 1 - .../w4-4.macminivault.com/vault.yaml | 11 ++-- .../y10-8.macminivault.com/vars.yaml | 1 - .../y10-8.macminivault.com/vault.yaml | 11 ++-- .../playbooks/playbook_libcxx_inventory.yaml | 9 ---- .../roles/hardware_facts/README.md | 51 +++++++++++++++++++ .../roles/hardware_facts/defaults/main.yml | 2 + .../roles/hardware_facts/files/hardware.fact | 2 + .../roles/hardware_facts/files/storage.fact | 2 + .../roles/hardware_facts/handlers/main.yml | 2 + .../roles/hardware_facts/tasks/main.yml | 42 +++++++++++++++ .../roles/hardware_facts/tests/inventory | 2 + .../roles/hardware_facts/tests/test.yml | 5 ++ .../roles/hardware_facts/vars/main.yml | 2 + 16 files changed, 128 insertions(+), 27 deletions(-) create mode 100644 configs/libcxx-ansible/roles/hardware_facts/README.md create mode 100644 configs/libcxx-ansible/roles/hardware_facts/defaults/main.yml create mode 100755 configs/libcxx-ansible/roles/hardware_facts/files/hardware.fact create mode 100755 configs/libcxx-ansible/roles/hardware_facts/files/storage.fact create mode 100644 configs/libcxx-ansible/roles/hardware_facts/handlers/main.yml create mode 100644 configs/libcxx-ansible/roles/hardware_facts/tasks/main.yml create mode 100644 configs/libcxx-ansible/roles/hardware_facts/tests/inventory create mode 100644 configs/libcxx-ansible/roles/hardware_facts/tests/test.yml create mode 100644 configs/libcxx-ansible/roles/hardware_facts/vars/main.yml diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml index f07babd..b7eaca5 100644 --- a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vars.yaml @@ -1,3 +1,2 @@ --- ansible_user: administrator -sudo_password: "{{ ansible_password }}" \ No newline at end of file diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml index 0ab9584..a714944 100644 --- a/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/f1-1.macminivault.com/vault.yaml @@ -1,6 +1,7 @@ $ANSIBLE_VAULT;1.1;AES256 -62393866393737613264343737623437363936646263636238383131633961303230343636323763 -3630353531396232343266613637643866643665316138630a303963363832313136373365613434 -64353565383938323737643464623437336139393639303936653039393732363436386433663762 -6331623934643035380a666637643131383137336631643165633038646562306539383362346464 -66656334323735373130303965653431313434656237643835323561613132333539 +36346133663364313965303737353334643936343666643462306565373730636362343132383963 +6538343465623661373132316664666230373562653861630a613631623465346230356261643363 +30393661383766396161613538353965626263383730306663333561366364646531303665376566 +6331366631343038330a626136643137663763646262346136393230363366343035616632326438 +37646239306365366464646134613064653538373665336263636531303836373763626436363737 +3832656235366162633039616465393439326536326362366364 diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml index f07babd..b7eaca5 100644 --- a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vars.yaml @@ -1,3 +1,2 @@ --- ansible_user: administrator -sudo_password: "{{ ansible_password }}" \ No newline at end of file diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml index d6ebe59..335cc9f 100644 --- a/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/w4-4.macminivault.com/vault.yaml @@ -1,6 +1,7 @@ $ANSIBLE_VAULT;1.1;AES256 -65323063333636663564343831396334346366653363386637323639623636336565623864363038 -3164303265323063306135656239643238316462643164370a373266326239363937336631666435 -32366334393134633065633964393237326437336435643233663462303131366264653336356363 -6664653231666533320a643465613961396431373039623365393362373932333163623963353663 -64353635313038393038303262623265623565386533613962303862623862636163 +34353535383031623938633031303836343461373862633430663934663161343938356632323061 +3965626131663133613064636161396466623236303633350a373266316261303561363565643765 +31383132303534383965396537366530633364326262626261393465363634663536323637353564 +6432303535336436330a663562633365393039303337636566333934356137393464343536386566 +31303233653765323435383831663732306466323537373464616339636661373566343139383430 +3464366236396537333330616438363236353934633065623431 diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml index f07babd..b7eaca5 100644 --- a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vars.yaml @@ -1,3 +1,2 @@ --- ansible_user: administrator -sudo_password: "{{ ansible_password }}" \ No newline at end of file diff --git a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml index 5d779d5..05a958f 100644 --- a/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml +++ b/configs/libcxx-ansible/inventories/macminivault/host_vars/y10-8.macminivault.com/vault.yaml @@ -1,6 +1,7 @@ $ANSIBLE_VAULT;1.1;AES256 -62383038643665666164633837373732666334386633646364616662636137353464363965373565 -3732323630343036313764646238646562393131666432370a653461343332333632643739626464 -63316265393464316635313666396139643136633262663834633839383234373732376564626135 -3561323433666130320a653938653337373832373762623831386532323232343834313036303465 -31666564323037303565653765393535643632373763313039383466383663613738 +39323133333464663966616239623833353335316338306139663735323264653630633533323637 +6333336565666438303033643363633339633232363963310a643338323035303461646464343239 +61366636643733333138306233373231613132383266653133386434383433366663353761613934 +3930333335646333350a333261323762356532316339623339306335646336613936636635656430 +62643238653830353564623963616264396230626362633464333864616663326236313832313561 +3864636636333933653439623132383430343131633666663131 diff --git a/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml b/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml index eba73a8..d669ef9 100644 --- a/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml +++ b/configs/libcxx-ansible/playbooks/playbook_libcxx_inventory.yaml @@ -3,12 +3,3 @@ gather_facts: yes roles: - role: roles/hardware_facts - tasks: - - name: Facts - setup: - - name: "Simple Remote Inventory" - debug: - msg: "{{ansible_facts['nodename']}}: {{ ansible_local.macos.machine_model }} ({{ ansible_local.macos.hw_codename }}) {{ ansible_local.macos.sw_vers }}" - - name: Generate Ansible-cmdb Info - ansible.builtin.template: src=files/inventory dest="out/{{inventory_hostname}}" - delegate_to: localhost \ No newline at end of file diff --git a/configs/libcxx-ansible/roles/hardware_facts/README.md b/configs/libcxx-ansible/roles/hardware_facts/README.md new file mode 100644 index 0000000..8fb8750 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/README.md @@ -0,0 +1,51 @@ +Hardware_Facts +========= + +This role is used to install a custom fact script which helps generate +hardware information about a node. The information comes from the +system_profiler binary which is part of macOS. This role focuses on +the SPHardwareDataType within system_profiler. + +Dependencies +------------ + +This role depends on the included file/hardware.fact which will be installed on the target machine. + +Example Playbook +---------------- + + --- + - hosts: all + roles: + - role: roles/hardware_facts + + +Example Output +-------------- + + TASK [roles/hardware_facts : Print Node Hardware Facts] *********** + ok: [smoosh-229] => + ansible_local.hardware.SPHardwareDataType[0]: + Lightshow_version: 1.4a6 + SMC_version_system: 2.20e0 + _name: hardware_overview + boot_rom_version: 426.0.0.0.0 + cpu_type: 6-Core Intel Xeon E5 + current_processor_speed: 3.5 GHz + l2_cache_core: 256 KB + l3_cache: 12 MB + machine_model: MacPro6,1 + machine_name: Mac Pro + number_processors: 6 + packages: 1 + physical_memory: 32 GB + platform_UUID: 3C12ED30-F131-5579-A485-C32B0A027221 + platform_cpu_htt: htt_enabled + provisioning_UDID: 3C12ED30-F131-5579-A485-C32B0A027221 + serial_number: F5KLQ04CF694 + + +DRI +------------------ + +[Mike Edwards]() - medwards@apple.com \ No newline at end of file diff --git a/configs/libcxx-ansible/roles/hardware_facts/defaults/main.yml b/configs/libcxx-ansible/roles/hardware_facts/defaults/main.yml new file mode 100644 index 0000000..6bb2914 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for hardware_facts diff --git a/configs/libcxx-ansible/roles/hardware_facts/files/hardware.fact b/configs/libcxx-ansible/roles/hardware_facts/files/hardware.fact new file mode 100755 index 0000000..03758d6 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/files/hardware.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPHardwareDataType diff --git a/configs/libcxx-ansible/roles/hardware_facts/files/storage.fact b/configs/libcxx-ansible/roles/hardware_facts/files/storage.fact new file mode 100755 index 0000000..de4273e --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/files/storage.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPStorageDataType diff --git a/configs/libcxx-ansible/roles/hardware_facts/handlers/main.yml b/configs/libcxx-ansible/roles/hardware_facts/handlers/main.yml new file mode 100644 index 0000000..8b96c96 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for hardware_facts diff --git a/configs/libcxx-ansible/roles/hardware_facts/tasks/main.yml b/configs/libcxx-ansible/roles/hardware_facts/tasks/main.yml new file mode 100644 index 0000000..2a310e9 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/tasks/main.yml @@ -0,0 +1,42 @@ +--- +# tasks file for hardware_facts +- name: "Create custom fact directory" + file: + path: "/etc/ansible/facts.d" + state: "directory" + become: yes + +- name: "Insert hardware fact file" + become: yes + copy: + src: files/hardware.fact + dest: /etc/ansible/facts.d/hardware.fact + mode: 0755 + +- name: "Insert storage fact file" + become: yes + copy: + src: files/storage.fact + dest: /etc/ansible/facts.d/storage.fact + mode: 0755 + register: copy_status + +- name: "Re-run setup to use custom facts" + setup: ~ + when: copy_status.changed + +- name: Print Node Hardware Facts + ansible.builtin.debug: + var: ansible_local.hardware.SPHardwareDataType[0] + +- name: Print Node Storage Facts + ansible.builtin.debug: + var: ansible_local.storage.SPStorageDataType[0] + +- name: Print Node Serial Number + ansible.builtin.debug: + msg: "The machine serial number is {{ ansible_local.hardware.SPHardwareDataType[0].serial_number }}" + +- name: Print Node Disk Type + ansible.builtin.debug: + msg: "The machine drive type is {{ ansible_local.storage.SPStorageDataType[0].physical_drive.device_name }}" diff --git a/configs/libcxx-ansible/roles/hardware_facts/tests/inventory b/configs/libcxx-ansible/roles/hardware_facts/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/configs/libcxx-ansible/roles/hardware_facts/tests/test.yml b/configs/libcxx-ansible/roles/hardware_facts/tests/test.yml new file mode 100644 index 0000000..2688b07 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - ./roles/hardware_facts diff --git a/configs/libcxx-ansible/roles/hardware_facts/vars/main.yml b/configs/libcxx-ansible/roles/hardware_facts/vars/main.yml new file mode 100644 index 0000000..d44f747 --- /dev/null +++ b/configs/libcxx-ansible/roles/hardware_facts/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for hardware_facts From 32853d68f1f0a69824859452310cc57e6e868ccc Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Fri, 9 Jul 2021 20:28:53 -1000 Subject: [PATCH 09/14] Setting up new users and deploy playbook. Added medwards and ldionne. --- .../libcxx-ansible/files/ldionne_llvm.key.pub | 1 + .../files/medwards_llvm.key.pub | 1 + .../group_vars/macminivault/vault.yaml | 8 ++++++ .../playbooks/playbook_libcxx_deploy.yaml | 12 ++++++++ .../roles/hardware_facts/README.md | 4 +-- configs/libcxx-ansible/tasks/add_users.yaml | 28 +++++++++++++++++++ 6 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 configs/libcxx-ansible/files/ldionne_llvm.key.pub create mode 100644 configs/libcxx-ansible/files/medwards_llvm.key.pub create mode 100644 configs/libcxx-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml create mode 100644 configs/libcxx-ansible/tasks/add_users.yaml diff --git a/configs/libcxx-ansible/files/ldionne_llvm.key.pub b/configs/libcxx-ansible/files/ldionne_llvm.key.pub new file mode 100644 index 0000000..c274f3e --- /dev/null +++ b/configs/libcxx-ansible/files/ldionne_llvm.key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICeYRGFqAu7pxQUcHDxLDSKPGFYK0R3P6TmcUUn5YuRe ldionne.2@gmail.com \ No newline at end of file diff --git a/configs/libcxx-ansible/files/medwards_llvm.key.pub b/configs/libcxx-ansible/files/medwards_llvm.key.pub new file mode 100644 index 0000000..ad46af5 --- /dev/null +++ b/configs/libcxx-ansible/files/medwards_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDk1Cbx+lyBzTPxtOCvOckswHLJ+rNbaWXRzpyqSL2m/d5g8zR0PqF5kk8b9+jFq32Ge7A8vcw8cFmtzVP4hPkB6OrhboFRrBDPfIzbrFWaMNRUC9fJAELczuJMFKxUI6srIC7bWhpkxG/vbzLC8EUotWcXbjfFg5VP2LagRDM31SGw98g28TzizBvYgI8PYEcKmxF+4iY7lG+SWZFTV3p/a2PNyIwHi20OhXZfmlnvPsPtx7thvviQumu4S3CDWR3OhPiSQudNAEwSQ+11tuwkx6M1n4F3RfHtXowIAN0guDRprzopL5i+ue2RK3KclWGWlTliUKSo9kQHhLzRztjebFL/jkBBTraYMJZ5RYqUvE2UX4OJbzI6GL4DudCIpW02A3y3vFHaes8VyxqQMJbmmdbX4wNcVi4F+CDl+8vCVHOGOIUrzl8+zW/Pcp04eYSeca4RHe3/4HJtnA0olaHKeyIaB/xZiQ2oqc1UhV1K5KUDMCIzFXaTLYAF1BpbgpyxYfHUGKDy2zUL6fwvV/NkT6m+UM2QMR6DW6wOpwvawKdFy1bebmYSBHZrWgciKHHudaj3rifuN1seJz04n7xMOALgdpH5PoLm4XugK7ce1fwpwmidm1du1YAQNkxUp7uzGCQmk2zyoLBJX+0NIZYw67uJ50/R/XLpp9SySteMRQ== diff --git a/configs/libcxx-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml b/configs/libcxx-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml new file mode 100644 index 0000000..daf0b02 --- /dev/null +++ b/configs/libcxx-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +38313630636464623262613832303137316333636137656432653130343266666138626538666463 +6230666663633065643262373466663237356538356565620a353436656533666465336164613064 +62663163343335353535663938343431643039613765336164656131323833313437363961633630 +6636626436323138350a313530303536613037633636303435633831333535336331656262303332 +36386566336335373965346361316666396263396362313564323537336430636636343166313433 +35613865663162373365646337316238613961366230396135633238616366373665363963346465 +383734363066313134393264373631613663 diff --git a/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml b/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml index e69de29..f5e7c99 100644 --- a/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml +++ b/configs/libcxx-ansible/playbooks/playbook_libcxx_deploy.yaml @@ -0,0 +1,12 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts + tasks: + - include_tasks: "../tasks/add_users.yaml" + with_items: + - { username: medwards, uid: 501 } + - { username: ldionne, uid: 502 } + loop_control: + loop_var: user_dict diff --git a/configs/libcxx-ansible/roles/hardware_facts/README.md b/configs/libcxx-ansible/roles/hardware_facts/README.md index 8fb8750..df5e1cd 100644 --- a/configs/libcxx-ansible/roles/hardware_facts/README.md +++ b/configs/libcxx-ansible/roles/hardware_facts/README.md @@ -45,7 +45,7 @@ Example Output serial_number: F5KLQ04CF694 -DRI +Responsible Individual ------------------ -[Mike Edwards]() - medwards@apple.com \ No newline at end of file +Mike Edwards - medwards@llvm.org \ No newline at end of file diff --git a/configs/libcxx-ansible/tasks/add_users.yaml b/configs/libcxx-ansible/tasks/add_users.yaml new file mode 100644 index 0000000..93b5220 --- /dev/null +++ b/configs/libcxx-ansible/tasks/add_users.yaml @@ -0,0 +1,28 @@ +--- +- name: "Add the user '{{ user_dict.username }}' with a specific uid and a primary group of 'admin'" + become: yes + user: + name: "{{ user_dict.username }}" + comment: "{{ user_dict.username }} (LLVM Foundation)" + group: admin + shell: /bin/zsh + state: present + remove: no + password: "{{ vault_default_user_password }}" + update_password: on_create +- name: "Create /Users/{{ user_dict.username }}/.ssh dir" + become: yes + ansible.builtin.file: + path: "/Users/{{ user_dict.username }}/.ssh" + state: directory + owner: "{{ user_dict.username }}" + group: staff + mode: '0700' +- name: "Setup {{ user_dict.username }} public key" + become: yes + ansible.builtin.copy: + src: "../files/{{ user_dict.username }}_llvm.key.pub" + dest: "/Users/{{ user_dict.username }}/.ssh/authorized_keys" + owner: "{{ user_dict.username }}" + group: staff + mode: '0644' From cb14f2b5bab5dfbcfdeddd4e47d832a6ef7641fc Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Mon, 26 Jul 2021 15:52:57 -0700 Subject: [PATCH 10/14] Adding ansible config for aws llvm-gitlab instance. --- configs/aws-ansible/.pylintrc | 6 ++++ configs/aws-ansible/.yamllint | 14 ++++++++ configs/aws-ansible/ansible.cfg | 13 +++++++ configs/aws-ansible/files/akor_llvm.key.pub | 1 + .../aws-ansible/files/medwards_llvm.key.pub | 1 + .../aws-ansible/files/tstellar_llvm.key.pub | 1 + .../aws/group_vars/aws_ec2/vars.yaml | 2 ++ .../aws/group_vars/aws_ec2/vault.yaml | 8 +++++ .../vars.yaml | 2 ++ configs/aws-ansible/inventories/aws/hosts | 2 ++ .../playbooks/playbook_aws_deploy.yaml | 12 +++++++ .../playbooks/playbook_aws_inventory.yaml | 5 +++ configs/aws-ansible/requirements.txt | 5 +++ configs/aws-ansible/tasks/add_users.yaml | 34 +++++++++++++++++++ 14 files changed, 106 insertions(+) create mode 100644 configs/aws-ansible/.pylintrc create mode 100644 configs/aws-ansible/.yamllint create mode 100644 configs/aws-ansible/ansible.cfg create mode 100644 configs/aws-ansible/files/akor_llvm.key.pub create mode 100644 configs/aws-ansible/files/medwards_llvm.key.pub create mode 100644 configs/aws-ansible/files/tstellar_llvm.key.pub create mode 100644 configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vars.yaml create mode 100644 configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vault.yaml create mode 100644 configs/aws-ansible/inventories/aws/host_vars/ec2-18-144-11-123.us-west-1.compute.amazonaws.com/vars.yaml create mode 100644 configs/aws-ansible/inventories/aws/hosts create mode 100644 configs/aws-ansible/playbooks/playbook_aws_deploy.yaml create mode 100644 configs/aws-ansible/playbooks/playbook_aws_inventory.yaml create mode 100644 configs/aws-ansible/requirements.txt create mode 100644 configs/aws-ansible/tasks/add_users.yaml diff --git a/configs/aws-ansible/.pylintrc b/configs/aws-ansible/.pylintrc new file mode 100644 index 0000000..f36a17e --- /dev/null +++ b/configs/aws-ansible/.pylintrc @@ -0,0 +1,6 @@ +[MASTER] +jobs=0 +load-plugins=pylint.extensions.redefined_variable_type, pylint.extensions.docparams +disable=bad-continuation,trailing-newlines +max-line-length=160 + diff --git a/configs/aws-ansible/.yamllint b/configs/aws-ansible/.yamllint new file mode 100644 index 0000000..89d8bf0 --- /dev/null +++ b/configs/aws-ansible/.yamllint @@ -0,0 +1,14 @@ +--- + +extends: default + +ignore: | + roles/test + +rules: + line-length: {max: 320, allow-non-breakable-words: true} + new-line-at-end-of-file: + level: warning + truthy: + allowed-values: ['true', 'false', 'yes', 'no'] + check-keys: true diff --git a/configs/aws-ansible/ansible.cfg b/configs/aws-ansible/ansible.cfg new file mode 100644 index 0000000..2e52d3d --- /dev/null +++ b/configs/aws-ansible/ansible.cfg @@ -0,0 +1,13 @@ +[ssh_connection] +ssh_args = -C -o ControlMaster=auto -o ControlPersist=30m +[defaults] +inventory=inventories/aws + +# Use the YAML callback plugin. +stdout_callback = yaml +# Use the stdout_callback when running ad-hoc commands. +bin_ansible_callbacks = True +vault_password_file=.vault_password + +[local] +localhost ansible_connection=local diff --git a/configs/aws-ansible/files/akor_llvm.key.pub b/configs/aws-ansible/files/akor_llvm.key.pub new file mode 100644 index 0000000..80f7c49 --- /dev/null +++ b/configs/aws-ansible/files/akor_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4n0w8Q2FWRqCCTDnHj+G6l7/0OA/pyhCkP3qVLnhB4Mi5xJngjbiEB8pYz3uYXkT2hxUtKA1veHieET97relZ7LuXZM0VjdTWiaKQgvUw1mjEG+STlXt1jd9qnXf32pon833ioKdwZoeRQoPcDrhtgjHuJadvI11kqEn2GJ/ce10hvy/mtIghSPzPKIdQLryc3k0ghChazcJFl5YUNa6IT6xLOBBA8KGk9vsqQ5+De7viUw1a1++zgpsRZ6ULpL0X8yCNL0FxDZPl1ujdjD4tXUr636RWq9CSE6E8fHAKuI5XM5NfYmsfqaV6nz/cVQWsRMENTM453j6gbdL7hSXRQ== asl@aslstation \ No newline at end of file diff --git a/configs/aws-ansible/files/medwards_llvm.key.pub b/configs/aws-ansible/files/medwards_llvm.key.pub new file mode 100644 index 0000000..ad46af5 --- /dev/null +++ b/configs/aws-ansible/files/medwards_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDk1Cbx+lyBzTPxtOCvOckswHLJ+rNbaWXRzpyqSL2m/d5g8zR0PqF5kk8b9+jFq32Ge7A8vcw8cFmtzVP4hPkB6OrhboFRrBDPfIzbrFWaMNRUC9fJAELczuJMFKxUI6srIC7bWhpkxG/vbzLC8EUotWcXbjfFg5VP2LagRDM31SGw98g28TzizBvYgI8PYEcKmxF+4iY7lG+SWZFTV3p/a2PNyIwHi20OhXZfmlnvPsPtx7thvviQumu4S3CDWR3OhPiSQudNAEwSQ+11tuwkx6M1n4F3RfHtXowIAN0guDRprzopL5i+ue2RK3KclWGWlTliUKSo9kQHhLzRztjebFL/jkBBTraYMJZ5RYqUvE2UX4OJbzI6GL4DudCIpW02A3y3vFHaes8VyxqQMJbmmdbX4wNcVi4F+CDl+8vCVHOGOIUrzl8+zW/Pcp04eYSeca4RHe3/4HJtnA0olaHKeyIaB/xZiQ2oqc1UhV1K5KUDMCIzFXaTLYAF1BpbgpyxYfHUGKDy2zUL6fwvV/NkT6m+UM2QMR6DW6wOpwvawKdFy1bebmYSBHZrWgciKHHudaj3rifuN1seJz04n7xMOALgdpH5PoLm4XugK7ce1fwpwmidm1du1YAQNkxUp7uzGCQmk2zyoLBJX+0NIZYw67uJ50/R/XLpp9SySteMRQ== diff --git a/configs/aws-ansible/files/tstellar_llvm.key.pub b/configs/aws-ansible/files/tstellar_llvm.key.pub new file mode 100644 index 0000000..a9bffd0 --- /dev/null +++ b/configs/aws-ansible/files/tstellar_llvm.key.pub @@ -0,0 +1 @@ +f00 \ No newline at end of file diff --git a/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vars.yaml b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vars.yaml new file mode 100644 index 0000000..c4efc1d --- /dev/null +++ b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_python_interpreter: /usr/bin/python3 \ No newline at end of file diff --git a/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vault.yaml b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vault.yaml new file mode 100644 index 0000000..7bbc824 --- /dev/null +++ b/configs/aws-ansible/inventories/aws/group_vars/aws_ec2/vault.yaml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +37343734393663663661656433383565316231326335366535333161666630656235636133323262 +3665646135376135616230613530636663666532326335300a656366343466386130623137383634 +64623764336363396136613634343363313132326637386136323736336564636236373531396666 +6233316637396263380a396631333930633564386262613236366335303965636638613233653634 +38613366643131376164633665623733303634613839636162353261373436366135376338323764 +36356136613732666134353739336330373163323231653638353336353833316237653363393862 +346236633566336337636237336562386262 diff --git a/configs/aws-ansible/inventories/aws/host_vars/ec2-18-144-11-123.us-west-1.compute.amazonaws.com/vars.yaml b/configs/aws-ansible/inventories/aws/host_vars/ec2-18-144-11-123.us-west-1.compute.amazonaws.com/vars.yaml new file mode 100644 index 0000000..8802b2c --- /dev/null +++ b/configs/aws-ansible/inventories/aws/host_vars/ec2-18-144-11-123.us-west-1.compute.amazonaws.com/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_user: ec2-user diff --git a/configs/aws-ansible/inventories/aws/hosts b/configs/aws-ansible/inventories/aws/hosts new file mode 100644 index 0000000..4391d57 --- /dev/null +++ b/configs/aws-ansible/inventories/aws/hosts @@ -0,0 +1,2 @@ +[aws_ec2] +ec2-18-144-11-123.us-west-1.compute.amazonaws.com \ No newline at end of file diff --git a/configs/aws-ansible/playbooks/playbook_aws_deploy.yaml b/configs/aws-ansible/playbooks/playbook_aws_deploy.yaml new file mode 100644 index 0000000..d7caa96 --- /dev/null +++ b/configs/aws-ansible/playbooks/playbook_aws_deploy.yaml @@ -0,0 +1,12 @@ +--- +- hosts: all + gather_facts: yes + + tasks: + - include_tasks: "../tasks/add_users.yaml" + with_items: + - { username: medwards, uid: 510} + - { username: akor, uid: 511 } + - { username: tstellar, uid: 512 } + loop_control: + loop_var: user_dict diff --git a/configs/aws-ansible/playbooks/playbook_aws_inventory.yaml b/configs/aws-ansible/playbooks/playbook_aws_inventory.yaml new file mode 100644 index 0000000..d669ef9 --- /dev/null +++ b/configs/aws-ansible/playbooks/playbook_aws_inventory.yaml @@ -0,0 +1,5 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts diff --git a/configs/aws-ansible/requirements.txt b/configs/aws-ansible/requirements.txt new file mode 100644 index 0000000..1d45c93 --- /dev/null +++ b/configs/aws-ansible/requirements.txt @@ -0,0 +1,5 @@ +ansible +pylint +yamllint +jmespath + diff --git a/configs/aws-ansible/tasks/add_users.yaml b/configs/aws-ansible/tasks/add_users.yaml new file mode 100644 index 0000000..a29ac5f --- /dev/null +++ b/configs/aws-ansible/tasks/add_users.yaml @@ -0,0 +1,34 @@ +--- +- name: Install latest passlib with pip + pip: name=passlib + +- name: "Add the user '{{ user_dict.username }}' with a specific uid and a primary group of 'wheel'" + become: yes + user: + name: "{{ user_dict.username }}" + comment: "{{ user_dict.username }} (LLVM Foundation)" + group: wheel + groups: "adm,wheel,systemd-journal" + shell: /bin/bash + state: present + remove: no + password: "{{ vault_default_user_password | password_hash('sha512') }}" + update_password: on_create + +- name: "Create /Users/{{ user_dict.username }}/.ssh dir" + become: yes + ansible.builtin.file: + path: "/Users/{{ user_dict.username }}/.ssh" + state: directory + owner: "{{ user_dict.username }}" + group: wheel + mode: '0700' + +- name: "Setup {{ user_dict.username }} public key" + become: yes + ansible.builtin.copy: + src: "../files/{{ user_dict.username }}_llvm.key.pub" + dest: "/Users/{{ user_dict.username }}/.ssh/authorized_keys" + owner: "{{ user_dict.username }}" + group: wheel + mode: '0644' From 228ddfb3c713d39e09e9a9d4ebf80f6045390855 Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Mon, 26 Jul 2021 15:59:52 -0700 Subject: [PATCH 11/14] Correcting the path for user home dirs (it's linux). --- configs/aws-ansible/tasks/add_users.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configs/aws-ansible/tasks/add_users.yaml b/configs/aws-ansible/tasks/add_users.yaml index a29ac5f..c32ceac 100644 --- a/configs/aws-ansible/tasks/add_users.yaml +++ b/configs/aws-ansible/tasks/add_users.yaml @@ -15,10 +15,10 @@ password: "{{ vault_default_user_password | password_hash('sha512') }}" update_password: on_create -- name: "Create /Users/{{ user_dict.username }}/.ssh dir" +- name: "Create /home/{{ user_dict.username }}/.ssh dir" become: yes ansible.builtin.file: - path: "/Users/{{ user_dict.username }}/.ssh" + path: "/home/{{ user_dict.username }}/.ssh" state: directory owner: "{{ user_dict.username }}" group: wheel @@ -28,7 +28,7 @@ become: yes ansible.builtin.copy: src: "../files/{{ user_dict.username }}_llvm.key.pub" - dest: "/Users/{{ user_dict.username }}/.ssh/authorized_keys" + dest: "/home/{{ user_dict.username }}/.ssh/authorized_keys" owner: "{{ user_dict.username }}" group: wheel mode: '0644' From 2f209d0e06dc38b8942fa65a35d6037c86c86d51 Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Mon, 26 Jul 2021 17:05:16 -0700 Subject: [PATCH 12/14] Add public key for Tom. --- configs/aws-ansible/files/tstellar_llvm.key.pub | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/aws-ansible/files/tstellar_llvm.key.pub b/configs/aws-ansible/files/tstellar_llvm.key.pub index a9bffd0..6f3dff5 100644 --- a/configs/aws-ansible/files/tstellar_llvm.key.pub +++ b/configs/aws-ansible/files/tstellar_llvm.key.pub @@ -1 +1 @@ -f00 \ No newline at end of file +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDS7hdlT00UDR9rm4SQAMI7yOoS0aDeXQCauaHTnBsE42bkrWJq/TLmjZX6RtTl5aw1+/VVwcazdcHyasUYXUgARy34/aARz1vGUC5h9DW8fyELrnBUGUjbTXO6AXYQ7rEfndtCVC5muNIZPPFTPO9foMKwKode6VjhFIvbRSyde1WsjwuXkdQjp2tHRzGNaTQCh/A8NVcdLR0HJjteHX0PR3sDX+XcPVMRXwL+IMSyxLrooFsDeY7DYPz2Drp6AlMiZ4bcUATN0BZ7aFHUS3eAOTb1iJTTxc7+25EnKEkHsiCnPy4+ZZnpNUNDZaueH9j/taqTvPShByVOzPZefZ5gwls96YCHvidL3Xkf4pYqOLUEryuVb9LWUeuofF6ej8Lrb5T8DJhMpr/QRrDuwyqeGkxzWPd6kdr6rhVyhHz1muKSrFUdGjqBh5OpAt5AnL5nIzVJX8kKpjbmgnbYBaD617/+MRXMOcb+xyoqe3ZOQXbjtdkNTW9At7o+wdnxDk0= tstellar@tstellar.remote.csb \ No newline at end of file From be89d0661d34697b9daa573b07bb65a986ac47c3 Mon Sep 17 00:00:00 2001 From: ChristianKuehnel Date: Tue, 3 Aug 2021 11:36:38 +0200 Subject: [PATCH 13/14] fixed linter warnings --- configs/libcxx-ansible/roles/hardware_facts/README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/configs/libcxx-ansible/roles/hardware_facts/README.md b/configs/libcxx-ansible/roles/hardware_facts/README.md index df5e1cd..48fa938 100644 --- a/configs/libcxx-ansible/roles/hardware_facts/README.md +++ b/configs/libcxx-ansible/roles/hardware_facts/README.md @@ -19,7 +19,6 @@ Example Playbook roles: - role: roles/hardware_facts - Example Output -------------- @@ -44,8 +43,7 @@ Example Output provisioning_UDID: 3C12ED30-F131-5579-A485-C32B0A027221 serial_number: F5KLQ04CF694 - Responsible Individual ------------------ -Mike Edwards - medwards@llvm.org \ No newline at end of file +Mike Edwards - medwards@llvm.org From 44c7c3bc88db719656467fcfb4d3a4791b6a31fe Mon Sep 17 00:00:00 2001 From: Mike Edwards Date: Thu, 16 Sep 2021 15:19:22 -0700 Subject: [PATCH 14/14] Adding ansible config for the GitHub Actions mac mini. --- configs/ghactions-ansible/.pylintrc | 6 +++ configs/ghactions-ansible/.yamllint | 14 ++++++ configs/ghactions-ansible/ansible.cfg | 13 +++++ .../files/medwards_llvm.key.pub | 1 + .../files/mishal_shah_llvm.key.pub | 1 + .../group_vars/macminivault/vault.yaml | 8 +++ .../host_vars/w7-2.macminivault.com/vars.yaml | 2 + .../w7-2.macminivault.com/vault.yaml | 7 +++ .../inventories/macminivault/hosts | 2 + .../playbooks/playbook_deploy.yaml | 12 +++++ .../playbooks/playbook_inventory.yaml | 5 ++ configs/ghactions-ansible/requirements.txt | 5 ++ .../roles/hardware_facts/README.md | 49 +++++++++++++++++++ .../roles/hardware_facts/defaults/main.yml | 2 + .../roles/hardware_facts/files/hardware.fact | 2 + .../roles/hardware_facts/files/storage.fact | 2 + .../roles/hardware_facts/handlers/main.yml | 2 + .../roles/hardware_facts/tasks/main.yml | 42 ++++++++++++++++ .../roles/hardware_facts/tests/inventory | 2 + .../roles/hardware_facts/tests/test.yml | 5 ++ .../roles/hardware_facts/vars/main.yml | 2 + .../ghactions-ansible/tasks/add_users.yaml | 28 +++++++++++ 22 files changed, 212 insertions(+) create mode 100644 configs/ghactions-ansible/.pylintrc create mode 100644 configs/ghactions-ansible/.yamllint create mode 100644 configs/ghactions-ansible/ansible.cfg create mode 100644 configs/ghactions-ansible/files/medwards_llvm.key.pub create mode 100644 configs/ghactions-ansible/files/mishal_shah_llvm.key.pub create mode 100644 configs/ghactions-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml create mode 100644 configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vars.yaml create mode 100644 configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vault.yaml create mode 100644 configs/ghactions-ansible/inventories/macminivault/hosts create mode 100644 configs/ghactions-ansible/playbooks/playbook_deploy.yaml create mode 100644 configs/ghactions-ansible/playbooks/playbook_inventory.yaml create mode 100644 configs/ghactions-ansible/requirements.txt create mode 100644 configs/ghactions-ansible/roles/hardware_facts/README.md create mode 100644 configs/ghactions-ansible/roles/hardware_facts/defaults/main.yml create mode 100755 configs/ghactions-ansible/roles/hardware_facts/files/hardware.fact create mode 100755 configs/ghactions-ansible/roles/hardware_facts/files/storage.fact create mode 100644 configs/ghactions-ansible/roles/hardware_facts/handlers/main.yml create mode 100644 configs/ghactions-ansible/roles/hardware_facts/tasks/main.yml create mode 100644 configs/ghactions-ansible/roles/hardware_facts/tests/inventory create mode 100644 configs/ghactions-ansible/roles/hardware_facts/tests/test.yml create mode 100644 configs/ghactions-ansible/roles/hardware_facts/vars/main.yml create mode 100644 configs/ghactions-ansible/tasks/add_users.yaml diff --git a/configs/ghactions-ansible/.pylintrc b/configs/ghactions-ansible/.pylintrc new file mode 100644 index 0000000..f36a17e --- /dev/null +++ b/configs/ghactions-ansible/.pylintrc @@ -0,0 +1,6 @@ +[MASTER] +jobs=0 +load-plugins=pylint.extensions.redefined_variable_type, pylint.extensions.docparams +disable=bad-continuation,trailing-newlines +max-line-length=160 + diff --git a/configs/ghactions-ansible/.yamllint b/configs/ghactions-ansible/.yamllint new file mode 100644 index 0000000..89d8bf0 --- /dev/null +++ b/configs/ghactions-ansible/.yamllint @@ -0,0 +1,14 @@ +--- + +extends: default + +ignore: | + roles/test + +rules: + line-length: {max: 320, allow-non-breakable-words: true} + new-line-at-end-of-file: + level: warning + truthy: + allowed-values: ['true', 'false', 'yes', 'no'] + check-keys: true diff --git a/configs/ghactions-ansible/ansible.cfg b/configs/ghactions-ansible/ansible.cfg new file mode 100644 index 0000000..8347476 --- /dev/null +++ b/configs/ghactions-ansible/ansible.cfg @@ -0,0 +1,13 @@ +[ssh_connection] +ssh_args = -C -o ControlMaster=auto -o ControlPersist=30m +[defaults] +inventory=inventories/libcxx.yaml + +# Use the YAML callback plugin. +stdout_callback = yaml +# Use the stdout_callback when running ad-hoc commands. +bin_ansible_callbacks = True +vault_password_file=.vault_password + +[local] +localhost ansible_connection=local diff --git a/configs/ghactions-ansible/files/medwards_llvm.key.pub b/configs/ghactions-ansible/files/medwards_llvm.key.pub new file mode 100644 index 0000000..ad46af5 --- /dev/null +++ b/configs/ghactions-ansible/files/medwards_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDk1Cbx+lyBzTPxtOCvOckswHLJ+rNbaWXRzpyqSL2m/d5g8zR0PqF5kk8b9+jFq32Ge7A8vcw8cFmtzVP4hPkB6OrhboFRrBDPfIzbrFWaMNRUC9fJAELczuJMFKxUI6srIC7bWhpkxG/vbzLC8EUotWcXbjfFg5VP2LagRDM31SGw98g28TzizBvYgI8PYEcKmxF+4iY7lG+SWZFTV3p/a2PNyIwHi20OhXZfmlnvPsPtx7thvviQumu4S3CDWR3OhPiSQudNAEwSQ+11tuwkx6M1n4F3RfHtXowIAN0guDRprzopL5i+ue2RK3KclWGWlTliUKSo9kQHhLzRztjebFL/jkBBTraYMJZ5RYqUvE2UX4OJbzI6GL4DudCIpW02A3y3vFHaes8VyxqQMJbmmdbX4wNcVi4F+CDl+8vCVHOGOIUrzl8+zW/Pcp04eYSeca4RHe3/4HJtnA0olaHKeyIaB/xZiQ2oqc1UhV1K5KUDMCIzFXaTLYAF1BpbgpyxYfHUGKDy2zUL6fwvV/NkT6m+UM2QMR6DW6wOpwvawKdFy1bebmYSBHZrWgciKHHudaj3rifuN1seJz04n7xMOALgdpH5PoLm4XugK7ce1fwpwmidm1du1YAQNkxUp7uzGCQmk2zyoLBJX+0NIZYw67uJ50/R/XLpp9SySteMRQ== diff --git a/configs/ghactions-ansible/files/mishal_shah_llvm.key.pub b/configs/ghactions-ansible/files/mishal_shah_llvm.key.pub new file mode 100644 index 0000000..2d133bf --- /dev/null +++ b/configs/ghactions-ansible/files/mishal_shah_llvm.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC59swvCE+N33rlEpIHQ6NJJM41/gK71nTKYeS3CEG/pSK91Kln5HSr4/Z3D+qumwHEXfn5jJkkUXYxDqSrpdyudFL8zqtivwbpNCKJn6vygPsE7s0lhdGIck5eYQ5/oG74qcQWtcmP/vX+Y8YwOpcXOnfoRtXmySVWlvolhUSnSZMqamYjbEKjMHZgP6CJ73iDFvHESFfupkQEgRK+b5DJ6h0ungaycJl/wM62xjIHy0Kb7CBTGLcRCFiXMEuyvm1V5K5ZnNwRIXXClhpbA7FGA1sw+w7d5xws9S4MZrjHTB3EVTj2vNhSL1IFkjU9cBzgIZ7aEtx2BG2nD6x3Se8fWJIXQqyyt2v1OLV5UWOqleCKzq2YjkmzWgZXuGQ1dmNjCmYY0K5/dU0t/vey0QSk7qvrXP+ddSF17C1//7cDV3W+m6aF6x5u9vx4u6RgivewQ9uGbe1Mcm7lbmAV0UJoChZk1oGiJpMKxa7FoFmRZB7SsI7p1XvTk3fks1R5Yv0= mishal_shah@mishal \ No newline at end of file diff --git a/configs/ghactions-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml b/configs/ghactions-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml new file mode 100644 index 0000000..daf0b02 --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/group_vars/macminivault/vault.yaml @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +38313630636464623262613832303137316333636137656432653130343266666138626538666463 +6230666663633065643262373466663237356538356565620a353436656533666465336164613064 +62663163343335353535663938343431643039613765336164656131323833313437363961633630 +6636626436323138350a313530303536613037633636303435633831333535336331656262303332 +36386566336335373965346361316666396263396362313564323537336430636636343166313433 +35613865663162373365646337316238613961366230396135633238616366373665363963346465 +383734363066313134393264373631613663 diff --git a/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vars.yaml b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vars.yaml new file mode 100644 index 0000000..b7eaca5 --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vars.yaml @@ -0,0 +1,2 @@ +--- +ansible_user: administrator diff --git a/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vault.yaml b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vault.yaml new file mode 100644 index 0000000..84de40a --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/host_vars/w7-2.macminivault.com/vault.yaml @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +64613366393566316639646266653337363739656565646132396133326564393734623562646138 +3537323263623832656662383365626363383863393863300a613836626139653136373766636264 +64303530316234383931343139383664393439386531376464626261316265363666343031613866 +3461656539386332650a643766373063646638663338303233343532643830366337356334623234 +31306262373963353063323864366633656462396237303636303632613961313030376430633562 +6661343261323136653734326438616138366532616337616261 diff --git a/configs/ghactions-ansible/inventories/macminivault/hosts b/configs/ghactions-ansible/inventories/macminivault/hosts new file mode 100644 index 0000000..c986e4f --- /dev/null +++ b/configs/ghactions-ansible/inventories/macminivault/hosts @@ -0,0 +1,2 @@ +[macminivault] +w7-2.macminivault.com diff --git a/configs/ghactions-ansible/playbooks/playbook_deploy.yaml b/configs/ghactions-ansible/playbooks/playbook_deploy.yaml new file mode 100644 index 0000000..ec5dcb7 --- /dev/null +++ b/configs/ghactions-ansible/playbooks/playbook_deploy.yaml @@ -0,0 +1,12 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts + tasks: + - include_tasks: "../tasks/add_users.yaml" + with_items: + - { username: medwards, uid: 501 } + - { username: mishal_shah, uid: 502 } + loop_control: + loop_var: user_dict diff --git a/configs/ghactions-ansible/playbooks/playbook_inventory.yaml b/configs/ghactions-ansible/playbooks/playbook_inventory.yaml new file mode 100644 index 0000000..d669ef9 --- /dev/null +++ b/configs/ghactions-ansible/playbooks/playbook_inventory.yaml @@ -0,0 +1,5 @@ +--- +- hosts: all + gather_facts: yes + roles: + - role: roles/hardware_facts diff --git a/configs/ghactions-ansible/requirements.txt b/configs/ghactions-ansible/requirements.txt new file mode 100644 index 0000000..1d45c93 --- /dev/null +++ b/configs/ghactions-ansible/requirements.txt @@ -0,0 +1,5 @@ +ansible +pylint +yamllint +jmespath + diff --git a/configs/ghactions-ansible/roles/hardware_facts/README.md b/configs/ghactions-ansible/roles/hardware_facts/README.md new file mode 100644 index 0000000..48fa938 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/README.md @@ -0,0 +1,49 @@ +Hardware_Facts +========= + +This role is used to install a custom fact script which helps generate +hardware information about a node. The information comes from the +system_profiler binary which is part of macOS. This role focuses on +the SPHardwareDataType within system_profiler. + +Dependencies +------------ + +This role depends on the included file/hardware.fact which will be installed on the target machine. + +Example Playbook +---------------- + + --- + - hosts: all + roles: + - role: roles/hardware_facts + +Example Output +-------------- + + TASK [roles/hardware_facts : Print Node Hardware Facts] *********** + ok: [smoosh-229] => + ansible_local.hardware.SPHardwareDataType[0]: + Lightshow_version: 1.4a6 + SMC_version_system: 2.20e0 + _name: hardware_overview + boot_rom_version: 426.0.0.0.0 + cpu_type: 6-Core Intel Xeon E5 + current_processor_speed: 3.5 GHz + l2_cache_core: 256 KB + l3_cache: 12 MB + machine_model: MacPro6,1 + machine_name: Mac Pro + number_processors: 6 + packages: 1 + physical_memory: 32 GB + platform_UUID: 3C12ED30-F131-5579-A485-C32B0A027221 + platform_cpu_htt: htt_enabled + provisioning_UDID: 3C12ED30-F131-5579-A485-C32B0A027221 + serial_number: F5KLQ04CF694 + +Responsible Individual +------------------ + +Mike Edwards - medwards@llvm.org diff --git a/configs/ghactions-ansible/roles/hardware_facts/defaults/main.yml b/configs/ghactions-ansible/roles/hardware_facts/defaults/main.yml new file mode 100644 index 0000000..6bb2914 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for hardware_facts diff --git a/configs/ghactions-ansible/roles/hardware_facts/files/hardware.fact b/configs/ghactions-ansible/roles/hardware_facts/files/hardware.fact new file mode 100755 index 0000000..03758d6 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/files/hardware.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPHardwareDataType diff --git a/configs/ghactions-ansible/roles/hardware_facts/files/storage.fact b/configs/ghactions-ansible/roles/hardware_facts/files/storage.fact new file mode 100755 index 0000000..de4273e --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/files/storage.fact @@ -0,0 +1,2 @@ +#!/bin/bash +/usr/sbin/system_profiler -json SPStorageDataType diff --git a/configs/ghactions-ansible/roles/hardware_facts/handlers/main.yml b/configs/ghactions-ansible/roles/hardware_facts/handlers/main.yml new file mode 100644 index 0000000..8b96c96 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for hardware_facts diff --git a/configs/ghactions-ansible/roles/hardware_facts/tasks/main.yml b/configs/ghactions-ansible/roles/hardware_facts/tasks/main.yml new file mode 100644 index 0000000..2a310e9 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/tasks/main.yml @@ -0,0 +1,42 @@ +--- +# tasks file for hardware_facts +- name: "Create custom fact directory" + file: + path: "/etc/ansible/facts.d" + state: "directory" + become: yes + +- name: "Insert hardware fact file" + become: yes + copy: + src: files/hardware.fact + dest: /etc/ansible/facts.d/hardware.fact + mode: 0755 + +- name: "Insert storage fact file" + become: yes + copy: + src: files/storage.fact + dest: /etc/ansible/facts.d/storage.fact + mode: 0755 + register: copy_status + +- name: "Re-run setup to use custom facts" + setup: ~ + when: copy_status.changed + +- name: Print Node Hardware Facts + ansible.builtin.debug: + var: ansible_local.hardware.SPHardwareDataType[0] + +- name: Print Node Storage Facts + ansible.builtin.debug: + var: ansible_local.storage.SPStorageDataType[0] + +- name: Print Node Serial Number + ansible.builtin.debug: + msg: "The machine serial number is {{ ansible_local.hardware.SPHardwareDataType[0].serial_number }}" + +- name: Print Node Disk Type + ansible.builtin.debug: + msg: "The machine drive type is {{ ansible_local.storage.SPStorageDataType[0].physical_drive.device_name }}" diff --git a/configs/ghactions-ansible/roles/hardware_facts/tests/inventory b/configs/ghactions-ansible/roles/hardware_facts/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/configs/ghactions-ansible/roles/hardware_facts/tests/test.yml b/configs/ghactions-ansible/roles/hardware_facts/tests/test.yml new file mode 100644 index 0000000..2688b07 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - ./roles/hardware_facts diff --git a/configs/ghactions-ansible/roles/hardware_facts/vars/main.yml b/configs/ghactions-ansible/roles/hardware_facts/vars/main.yml new file mode 100644 index 0000000..d44f747 --- /dev/null +++ b/configs/ghactions-ansible/roles/hardware_facts/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for hardware_facts diff --git a/configs/ghactions-ansible/tasks/add_users.yaml b/configs/ghactions-ansible/tasks/add_users.yaml new file mode 100644 index 0000000..93b5220 --- /dev/null +++ b/configs/ghactions-ansible/tasks/add_users.yaml @@ -0,0 +1,28 @@ +--- +- name: "Add the user '{{ user_dict.username }}' with a specific uid and a primary group of 'admin'" + become: yes + user: + name: "{{ user_dict.username }}" + comment: "{{ user_dict.username }} (LLVM Foundation)" + group: admin + shell: /bin/zsh + state: present + remove: no + password: "{{ vault_default_user_password }}" + update_password: on_create +- name: "Create /Users/{{ user_dict.username }}/.ssh dir" + become: yes + ansible.builtin.file: + path: "/Users/{{ user_dict.username }}/.ssh" + state: directory + owner: "{{ user_dict.username }}" + group: staff + mode: '0700' +- name: "Setup {{ user_dict.username }} public key" + become: yes + ansible.builtin.copy: + src: "../files/{{ user_dict.username }}_llvm.key.pub" + dest: "/Users/{{ user_dict.username }}/.ssh/authorized_keys" + owner: "{{ user_dict.username }}" + group: staff + mode: '0644'