From 56508371d23f33d0c090b9cc326f59a7f5769c32 Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sun, 13 Oct 2024 11:05:29 -0400
Subject: [PATCH 1/7] testing
---
.forgejo/workflows/tofu.yml | 44 ++++++++++++++++++++-----------------
terraform/kasm.tf | 2 +-
2 files changed, 25 insertions(+), 21 deletions(-)
diff --git a/.forgejo/workflows/tofu.yml b/.forgejo/workflows/tofu.yml
index 83e0da98..6ec269c2 100644
--- a/.forgejo/workflows/tofu.yml
+++ b/.forgejo/workflows/tofu.yml
@@ -41,7 +41,29 @@ jobs:
af0ed579-05f8-405f-b0f3-b208000620ca > vlan_gateway
-
+ - name: Create tfvars file
+ working-directory: ./terraform
+ run: |
+ cat <<EOF > terraform.tfvars
+ arrbuntu_ip_address = "${{ steps.bitwarden-secrets.outputs.arrbuntu_ip_address }}"
+ aws_access_key_id = "${{ steps.bitwarden-secrets.outputs.aws_access_key_id }}"
+ aws_secret_access_key = "${{ steps.bitwarden-secrets.outputs.aws_secret_access_key }}"
+ downloaders_ip_address = "${{ steps.bitwarden-secrets.outputs.downloaders_ip_address }}"
+ init_password = "${{ steps.bitwarden-secrets.outputs.init_password }}"
+ init_username = "${{ steps.bitwarden-secrets.outputs.init_username }}"
+ kasm_ip = "${{ steps.bitwarden-secrets.outputs.kasm_ip }}"
+ kasm_ssh_ip = "${{ steps.bitwarden-secrets.outputs.kasm_ssh_ip }}"
+ npm_ip_address = "${{ steps.bitwarden-secrets.outputs.npm_ip_address }}"
+ prox_ip_address = "${{ steps.bitwarden-secrets.outputs.prox_ip_address }}"
+ pve2_ip_address = "${{ steps.bitwarden-secrets.outputs.pve2_ip_address }}"
+ s3_endpoint = "${{ steps.bitwarden-secrets.outputs.s3_endpoint }}"
+ ssh_password = "${{ steps.bitwarden-secrets.outputs.ssh_password }}"
+ ssh_username = "${{ steps.bitwarden-secrets.outputs.ssh_username }}"
+ ubu_ip_address = "${{ steps.bitwarden-secrets.outputs.ubu_ip_address }}"
+ virtual_environment_api = "${{ steps.bitwarden-secrets.outputs.virtual_environment_api }}"
+ virtual_environment_endpoint = "${{ steps.bitwarden-secrets.outputs.virtual_environment_endpoint }}"
+ vlan_gateway = "${{ steps.bitwarden-secrets.outputs.vlan_gateway }}"
+ EOF
- name: Setup OpenTofu
uses: https://github.com/opentofu/setup-opentofu@v1.0.4
@@ -49,25 +71,7 @@ jobs:
- name: Run OpenTofu Init
working-directory: ./terraform
run: |
- tofu init \
- -var "arrbuntu_ip_address=${{ steps.bitwarden-secrets.outputs.arrbuntu_ip_address }}" \
- -var "aws_access_key_id=${{ steps.bitwarden-secrets.outputs.aws_access_key_id }}" \
- -var "aws_secret_access_key=${{ steps.bitwarden-secrets.outputs.aws_secret_access_key }}" \
- -var "downloaders_ip_address=${{ steps.bitwarden-secrets.outputs.downloaders_ip_address }}" \
- -var "init_password=${{ steps.bitwarden-secrets.outputs.init_password }}" \
- -var "init_username=${{ steps.bitwarden-secrets.outputs.init_username }}" \
- -var "kasm_ip=${{ steps.bitwarden-secrets.outputs.kasm_ip }}" \
- -var "kasm_ssh_ip=${{ steps.bitwarden-secrets.outputs.kasm_ssh_ip }}" \
- -var "npm_ip_address=${{ steps.bitwarden-secrets.outputs.npm_ip_address }}" \
- -var "prox_ip_address=${{ steps.bitwarden-secrets.outputs.prox_ip_address }}" \
- -var "pve2_ip_address=${{ steps.bitwarden-secrets.outputs.pve2_ip_address }}" \
- -var "s3_endpoint=${{ steps.bitwarden-secrets.outputs.s3_endpoint }}" \
- -var "ssh_password=${{ steps.bitwarden-secrets.outputs.ssh_password }}" \
- -var "ssh_username=${{ steps.bitwarden-secrets.outputs.ssh_username }}" \
- -var "ubu_ip_address=${{ steps.bitwarden-secrets.outputs.ubu_ip_address }}" \
- -var "virtual_environment_api=${{ steps.bitwarden-secrets.outputs.virtual_environment_api }}" \
- -var "virtual_environment_endpoint=${{ steps.bitwarden-secrets.outputs.virtual_environment_endpoint }}" \
- -var "vlan_gateway=${{ steps.bitwarden-secrets.outputs.vlan_gateway }}"
+ tofu init -var-file=terraform.tfvars
- name: Run OpenTofu Plan
diff --git a/terraform/kasm.tf b/terraform/kasm.tf
index f48bc29f..22ae455c 100644
--- a/terraform/kasm.tf
+++ b/terraform/kasm.tf
@@ -36,7 +36,7 @@ resource "proxmox_virtual_environment_vm" "Kasm" {
# VM Disk Settings
disk {
datastore_id = "local-lvm"
- size = 151
+ size = 152
interface = "scsi0"
}
From e55e394d537f2d9b4947226670e370502a1112db Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sun, 13 Oct 2024 11:18:37 -0400
Subject: [PATCH 2/7] test
---
terraform/cloud-init.tf | 17 +++++++----------
terraform/kasm.tf | 2 +-
2 files changed, 8 insertions(+), 11 deletions(-)
diff --git a/terraform/cloud-init.tf b/terraform/cloud-init.tf
index f3221330..074e1d5d 100644
--- a/terraform/cloud-init.tf
+++ b/terraform/cloud-init.tf
@@ -1,9 +1,6 @@
-data "local_file" "ssh_public_key" {
- filename = "/home/mafyuh/.ssh/main_key.pub"
-}
-
-data "local_file" "ssh_public_key_2" {
- filename = "/home/mafyuh/.ssh/id_rsa.pub"
+locals {
+ ssh_public_key_1 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDndt2pi7jZx0qY1qn/UEn2AcZThxCQBvIGNytlPDz1cFNHjB1lGgHdI4uCw7fu2ET6/vpqHxjdQqB/Ehj2fajw1L2zncKB93NMv3pcq7ZJGwIgdw26vfBQZWFazaPk7O5rOGO1hWohE4YlejpOHYGCFs1pUxaC8DQPR0M6GvnccWxzJhpiO+NUeU8F/NC1uKLyypK8CpTmjVQaiTSgn/RorTf7A6sdzfWFndM7k6hw5NqqKVk0OhDfy/XCGQrIRh6/yxFbbthAUJgd8/djELlc7XQaG0nMSBtu6m8+VmMN8XO7FZmus8PwlcXPIhwos+vJlh2+xU+E7Ciwyw4WytCjuw67rL4REbdOh+zqZm//OMswvTxtDiRbTXTsOXqgyh5cOUcNub3UdAl6e7c2ZQT5lz5ZVCNNLVrFigvRE813YlKsoYu1p4XrtyHodeYEXgoLjU0jgRj0EmBEDriafo84lamHK7zItZllNH9hHKWs+iXiQQ4nVD65Ng0mYmM9OF76corqfIuQWkQd8kN2r5a0UHrl+tkhZOY3x3PB9r88yCPRdSkW8ICFObQ069yE4HU9kA41rVPXOU8zxK8UT2svTM0YRcDcfr2VUktU0wEP1ASv8nOAdvq7+pcqpoKrw3sZyyeLncxSAfJCRMjJvUDww92YSTjG4TCwY2gcPXRsww== Generated By Termius"
+ ssh_public_key_2 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCt9kj7JcJVf8zfzLlsDv12d9dV7J4SM+Wrq7fWMUseCzl7BK3SX+cNFYWbkZsDsp81VtXrqXDpImIGc9KtRy1tvNmrd/+xlj6aVFH9tHYq//5pOC2C4wcf3wVlSazdhZ64qVwY4glr1Bs4M02GZ92VDjb51JvByl5kfgiKLqRiFyJHv9f5FYEfZqdLY+SKjd7H6fjhMTFTcyfXeGaifUTqogDXPLzk0iP0rx7C3oHOfsKKhZvUe/la9uYJGdbSeQX1H59KOVJQ7UQxr7wn+uu5e7IPPXiBoR4dBU8pAmtWgLo9F0ZdXgu2bOunUBIeL2/dj6xFCI3ZrQ3mLe+upoyhqLKh4+qi5SeQNcqXi7pHhcA1hGzmOMDrPXV/2DA0NcJ6v43qJFRn+Qp8Oy/zApvQ6F/opLhX0yghEc5ltmj+MPMom4ykKxpuGPUHxNplMgmVG+V/YlRXG9BATsQX35kt2lqivX9L4XppgJHhby0bJnZQKozExCn67w1rSW7MvYyo/W7aXK7ZGLIeH7sxqwwisQlbMjhVzYcods1p+JDi1VhNQUsc4nDA0ghk9PiSY11pwAvvzds46wZLMrxlNeIs2cEdghIi+5QO68qvZHODHrtiAn3yJ7qjarx5qOx5oe2DX2duY6/7cUEnwQFNX5z4hfeCCThz9jIn316Jk/oeXQ== admin@mafyuh.io"
}
resource "proxmox_virtual_environment_file" "cloud_config" {
@@ -22,8 +19,8 @@ resource "proxmox_virtual_environment_file" "cloud_config" {
- docker
shell: /bin/bash
ssh_authorized_keys:
- - ${trimspace(data.local_file.ssh_public_key.content)}
- - ${trimspace(data.local_file.ssh_public_key_2.content)}
+ - ${trimspace(local.ssh_public_key)}
+ - ${trimspace(local.ssh_public_key_2)}
sudo: ALL=(ALL) NOPASSWD:ALL
runcmd:
- apt update
@@ -58,8 +55,8 @@ resource "proxmox_virtual_environment_file" "cloud_config2" {
- docker
shell: /bin/bash
ssh_authorized_keys:
- - ${trimspace(data.local_file.ssh_public_key.content)}
- - ${trimspace(data.local_file.ssh_public_key_2.content)}
+ - ${trimspace(local.ssh_public_key)}
+ - ${trimspace(local.ssh_public_key_2)}
sudo: ALL=(ALL) NOPASSWD:ALL
runcmd:
- apt update
diff --git a/terraform/kasm.tf b/terraform/kasm.tf
index 22ae455c..f48bc29f 100644
--- a/terraform/kasm.tf
+++ b/terraform/kasm.tf
@@ -36,7 +36,7 @@ resource "proxmox_virtual_environment_vm" "Kasm" {
# VM Disk Settings
disk {
datastore_id = "local-lvm"
- size = 152
+ size = 151
interface = "scsi0"
}
From cf67c7cd23e056c7d21c02319d324e6fdae589e3 Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sun, 13 Oct 2024 11:20:22 -0400
Subject: [PATCH 3/7] test
---
terraform/cloud-init.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/terraform/cloud-init.tf b/terraform/cloud-init.tf
index 074e1d5d..2202ec2d 100644
--- a/terraform/cloud-init.tf
+++ b/terraform/cloud-init.tf
@@ -19,7 +19,7 @@ resource "proxmox_virtual_environment_file" "cloud_config" {
- docker
shell: /bin/bash
ssh_authorized_keys:
- - ${trimspace(local.ssh_public_key)}
+ - ${trimspace(local.ssh_public_key_1)}
- ${trimspace(local.ssh_public_key_2)}
sudo: ALL=(ALL) NOPASSWD:ALL
runcmd:
From ce7c0c1a46f8609dd357ad9bb03c8320f9de6f30 Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sun, 13 Oct 2024 11:20:51 -0400
Subject: [PATCH 4/7] test
---
terraform/cloud-init.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/terraform/cloud-init.tf b/terraform/cloud-init.tf
index 2202ec2d..e5f2125f 100644
--- a/terraform/cloud-init.tf
+++ b/terraform/cloud-init.tf
@@ -55,7 +55,7 @@ resource "proxmox_virtual_environment_file" "cloud_config2" {
- docker
shell: /bin/bash
ssh_authorized_keys:
- - ${trimspace(local.ssh_public_key)}
+ - ${trimspace(local.ssh_public_key_1)}
- ${trimspace(local.ssh_public_key_2)}
sudo: ALL=(ALL) NOPASSWD:ALL
runcmd:
From 3ee1613978e9a46897757e6a6785974505de94dd Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sun, 13 Oct 2024 16:20:24 -0400
Subject: [PATCH 5/7] add ntp playbook
---
ansible/playbooks/ntp.yml | 33 +++++++++++++++++++++++++++++++++
1 file changed, 33 insertions(+)
create mode 100644 ansible/playbooks/ntp.yml
diff --git a/ansible/playbooks/ntp.yml b/ansible/playbooks/ntp.yml
new file mode 100644
index 00000000..dccd146d
--- /dev/null
+++ b/ansible/playbooks/ntp.yml
@@ -0,0 +1,33 @@
+---
+- name: Configure systemd-timesyncd to use router NTP server
+ hosts: all
+ become: true
+
+ tasks:
+ - name: Ensure systemd-timesyncd is installed
+ apt:
+ name: systemd-timesyncd
+ state: present
+ update_cache: yes
+
+ - name: Configure timesyncd to use the router's NTP server
+ lineinfile:
+ path: /etc/systemd/timesyncd.conf
+ regexp: '^NTP='
+ line: 'NTP=10.0.0.1'
+ insertafter: '^\[Time\]'
+ state: present
+
+ - name: Restart systemd-timesyncd to apply changes
+ systemd:
+ name: systemd-timesyncd
+ state: restarted
+ enabled: yes
+
+ - name: Verify the NTP configuration
+ command: timedatectl status
+ register: timesync_status
+
+ - name: Show the status of time synchronization
+ debug:
+ msg: "{{ timesync_status.stdout }}"
From 5e34685a075948baa834e60b637766ef8a9d6da1 Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sun, 13 Oct 2024 16:37:39 -0400
Subject: [PATCH 6/7] fix ntp
---
ansible/playbooks/ntp.yml | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/ansible/playbooks/ntp.yml b/ansible/playbooks/ntp.yml
index dccd146d..70978145 100644
--- a/ansible/playbooks/ntp.yml
+++ b/ansible/playbooks/ntp.yml
@@ -10,13 +10,12 @@
state: present
update_cache: yes
- - name: Configure timesyncd to use the router's NTP server
- lineinfile:
+ - name: Configure timesyncd to use the router's NTP server using ini_file
+ ini_file:
path: /etc/systemd/timesyncd.conf
- regexp: '^NTP='
- line: 'NTP=10.0.0.1'
- insertafter: '^\[Time\]'
- state: present
+ section: Time
+ option: NTP
+ value: '10.0.0.1'
- name: Restart systemd-timesyncd to apply changes
systemd:
From 169caf0b6b592eeffc2fabe6dd86feb67038bd09 Mon Sep 17 00:00:00 2001
From: Matt Reeves <admin@mafyuh.io>
Date: Sun, 13 Oct 2024 16:39:05 -0400
Subject: [PATCH 7/7] test ntp
---
ansible/playbooks/ntp.yml | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/ansible/playbooks/ntp.yml b/ansible/playbooks/ntp.yml
index 70978145..abfc0ed6 100644
--- a/ansible/playbooks/ntp.yml
+++ b/ansible/playbooks/ntp.yml
@@ -10,12 +10,9 @@
state: present
update_cache: yes
- - name: Configure timesyncd to use the router's NTP server using ini_file
- ini_file:
- path: /etc/systemd/timesyncd.conf
- section: Time
- option: NTP
- value: '10.0.0.1'
+ - name: Configure timesyncd to use the router's NTP server
+ shell: sed -i '/^NTP=/c\NTP=10.0.0.1' /etc/systemd/timesyncd.conf
+
- name: Restart systemd-timesyncd to apply changes
systemd: