Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
P
playbooks
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Locked Files
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Security & Compliance
Security & Compliance
Dependency List
License Compliance
Packages
Packages
List
Container Registry
Analytics
Analytics
CI / CD
Code Review
Insights
Issues
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nanahira
playbooks
Commits
d9560bb5
Commit
d9560bb5
authored
Jul 08, 2020
by
nanahira
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
template runner
parent
b1d1091e
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
110 additions
and
1 deletion
+110
-1
hypervisor.yml
hypervisor.yml
+2
-1
template-runner.yml
template-runner.yml
+108
-0
No files found.
hypervisor.yml
View file @
d9560bb5
...
@@ -15,10 +15,11 @@
...
@@ -15,10 +15,11 @@
-
name
:
cpufreq
-
name
:
cpufreq
become
:
true
become
:
true
copy
:
copy
:
content
:
'
{{cpufreq}}'
content
:
'
{{cpufreq
_policy
}}'
dest
:
'
{{item.path}}/scaling_governor'
dest
:
'
{{item.path}}/scaling_governor'
unsafe_writes
:
true
unsafe_writes
:
true
with_items
:
'
{{freq_list.files}}'
with_items
:
'
{{freq_list.files}}'
when
:
cpufreq_policy != 'none'
-
name
:
apt
-
name
:
apt
become
:
true
become
:
true
when
:
ansible_os_family == 'Debian'
when
:
ansible_os_family == 'Debian'
...
...
template-runner.yml
0 → 100644
View file @
d9560bb5
---
-
hosts
:
runner-template
remote_user
:
root
vars
:
install_authorized_keys
:
false
allow_password
:
false
upgrade
:
true
reboot
:
true
china_mirror
:
false
china_mirror_pip
:
true
china_mirror_docker
:
true
vm_agents_status
:
present
pip_executable
:
pip
pip_executable_install
:
pip
mirror_debian
:
http://deb.debian.org
mirror_debian_security
:
http://security.debian.org
mirror_ubuntu
:
http://archive.ubuntu.com
mirror_ubuntu_security
:
http://security.ubuntu.com
docker_template_path
:
./roles/init/templates/daemon.json.j2
registry
:
https://registry.mycard.moe
tasks
:
-
name
:
authorized_key
authorized_key
:
user
:
"
{{
ansible_user_id
}}"
key
:
"
{{
lookup('file',
'./roles/init/files/authorized_keys')
}}"
-
name
:
tasks from init
include_tasks
:
'
./roles/init/tasks/{{item}}.yml'
with_items
:
-
utility
-
sshd_config
-
upgrade
-
sshd_config
-
sysctl
-
apt
-
pip
-
docker
-
name
:
gitlab-runner apt key
become
:
true
apt_key
:
url
:
https://packages.gitlab.com/gpg.key
-
name
:
gitlab-runner repo
become
:
true
apt_repository
:
repo
:
'
deb
https://packages.gitlab.com/runner/gitlab-runner/{{
ansible_distribution|lower
}}/
{{
ansible_distribution_release
}}
main'
filename
:
gitlab-runner
-
name
:
apt for some services
become
:
true
apt
:
update_cache
:
true
name
:
gitlab-runner,git,git-lfs
-
name
:
git lfs install
become
:
true
shell
:
git lfs install --skip-repo
-
name
:
install node
include_role
:
name
:
nodejs
vars
:
nodejs_version
:
12
-
name
:
install mono
include_role
:
name
:
mono
-
name
:
ssh-keygen service
become
:
true
copy
:
content
:
|
[Unit]
Description=Regenerate SSH host keys
Before=sshd.service
[Service]
Type=oneshot
ExecStartPre=/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*"
ExecStart=/usr/bin/ssh-keygen -A -v
ExecStartPost=/bin/systemctl disable regenerate_ssh_host_keys
[Install]
WantedBy=multi-user.target
dest
:
/lib/systemd/system/regenerate_ssh_host_keys.service
-
name
:
systemd
become
:
true
systemd
:
name
:
regenerate_ssh_host_keys
enabled
:
true
daemon_reload
:
true
-
name
:
motd
become
:
true
copy
:
content
:
GitLab runner
dest
:
/etc/motd
-
name
:
clean logs and hostkeys
become
:
true
shell
:
'
rm
-rf
/etc/ssh/ssh_host_*
/var/log/*'
-
name
:
clean bash history
file
:
name
:
'
~/.bash_history'
state
:
absent
-
name
:
poweroff
become
:
true
shell
:
poweroff
async
:
0
poll
:
0
handlers
:
-
name
:
restart_sshd
ping
:
-
name
:
reload_docker
ping
:
-
name
:
restart_docker
ping
:
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment