ansible
/
xoxys.network
1
0
Fork 0
Code Issues Pull Requests Releases Activity

ci: migrate to woodpecker
ci/woodpecker/push/lint Pipeline was successful Details
ci/woodpecker/push/notify Pipeline was successful Details
ci/woodpecker/push/docs Pipeline was successful Details

This commit is contained in:
Robert Kaussow 2024-02-18 13:02:37 +01:00
parent 9be65ae7ba
commit 893dff1d8c
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
17 changed files with 228 additions and 384 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
.drone.jsonnet
View File

@ -1,124 +0,0 @@
local PipelineLinting = {
kind: 'pipeline',
name: 'linting',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'ansible-later',
image: 'thegeeklab/ansible-later',
commands: [
'ansible-later',
],
},
{
name: 'python-format',
image: 'python:3.11',
environment: {
PY_COLORS: 1,
},
commands: [
'pip install -qq yapf',
'[ -z "$(find . -type f -name *.py)" ] || (yapf -rd ./)',
],
},
{
name: 'python-flake8',
image: 'python:3.11',
environment: {
PY_COLORS: 1,
},
commands: [
'pip install -qq flake8',
'flake8',
],
},
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
};
local PipelineDocumentation = {
kind: 'pipeline',
name: 'documentation',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'generate',
image: 'thegeeklab/ansible-doctor',
environment: {
ANSIBLE_DOCTOR_LOG_LEVEL: 'INFO',
ANSIBLE_DOCTOR_FORCE_OVERWRITE: true,
ANSIBLE_DOCTOR_EXCLUDE_FILES: 'molecule/',
ANSIBLE_DOCTOR_TEMPLATE: 'hugo-book',
ANSIBLE_DOCTOR_ROLE_NAME: '${DRONE_REPO_NAME#*.}',
ANSIBLE_DOCTOR_OUTPUT_DIR: '_docs/',
},
},
{
name: 'publish',
image: 'plugins/gh-pages',
settings: {
remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}',
netrc_machine: 'gitea.rknet.org',
username: { from_secret: 'gitea_username' },
password: { from_secret: 'gitea_token' },
pages_directory: '_docs/',
target_branch: 'docs',
},
when: {
ref: ['refs/heads/main'],
},
},
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
depends_on: [
'linting',
],
};
local PipelineNotification = {
kind: 'pipeline',
name: 'notification',
platform: {
os: 'linux',
arch: 'amd64',
},
clone: {
disable: true,
},
steps: [
{
name: 'matrix',
image: 'thegeeklab/drone-matrix',
settings: {
homeserver: { from_secret: 'matrix_homeserver' },
roomid: { from_secret: 'matrix_roomid' },
template: 'Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}',
username: { from_secret: 'matrix_username' },
password: { from_secret: 'matrix_password' },
},
},
],
depends_on: [
'documentation',
],
trigger: {
status: ['success', 'failure'],
ref: ['refs/heads/main', 'refs/tags/**'],
},
};
[
PipelineLinting,
PipelineDocumentation,
PipelineNotification,
]

120
.drone.yml
View File

@ -1,120 +0,0 @@
---
kind: pipeline
name: linting
platform:
os: linux
arch: amd64
steps:
- name: ansible-later
image: thegeeklab/ansible-later
commands:
- ansible-later
- name: python-format
image: python:3.11
commands:
- pip install -qq yapf
- "[ -z \"$(find . -type f -name *.py)\" ] || (yapf -rd ./)"
environment:
PY_COLORS: 1
- name: python-flake8
image: python:3.11
commands:
- pip install -qq flake8
- flake8
environment:
PY_COLORS: 1
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
kind: pipeline
name: documentation
platform:
os: linux
arch: amd64
steps:
- name: generate
image: thegeeklab/ansible-doctor
environment:
ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
ANSIBLE_DOCTOR_FORCE_OVERWRITE: true
ANSIBLE_DOCTOR_LOG_LEVEL: INFO
ANSIBLE_DOCTOR_OUTPUT_DIR: _docs/
ANSIBLE_DOCTOR_ROLE_NAME: ${DRONE_REPO_NAME#*.}
ANSIBLE_DOCTOR_TEMPLATE: hugo-book
- name: publish
image: plugins/gh-pages
settings:
netrc_machine: gitea.rknet.org
pages_directory: _docs/
password:
from_secret: gitea_token
remote_url: https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}
target_branch: docs
username:
from_secret: gitea_username
when:
ref:
- refs/heads/main
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- linting
---
kind: pipeline
name: notification
platform:
os: linux
arch: amd64
clone:
disable: true
steps:
- name: matrix
image: thegeeklab/drone-matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
template: "Status: **{{ .Build.Status }}**<br/> Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}<br/> Message: {{ .Commit.Message.Title }}"
username:
from_secret: matrix_username
trigger:
ref:
- refs/heads/main
- refs/tags/**
status:
- success
- failure
depends_on:
- documentation
---
kind: signature
hmac: 02864e6f812d9ee9f61b7c33786b2269f605b59aafc61133c6f40bd61ef57606
...

4
.gitignore vendored
View File

@ -1,6 +1,6 @@
# ---> Ansible
*.retry
filter/plugins/
plugins
library
# ---> Python
@ -9,5 +9,3 @@ __pycache__/
*.py[cod]
*$py.class
# ---> Docs
/_docs

4
.later.yml
View File

@ -10,10 +10,6 @@ ansible:
rules:
exclude_files:
- molecule/
- "LICENSE*"
- "**/*.md"
- "**/*.ini"
exclude_filter:
- LINT0009

7
.markdownlint.yml Normal file
View File

@ -0,0 +1,7 @@
---
default: True
MD013: False
MD041: False
MD024: False
MD004:
style: dash

1
.prettierignore Normal file
View File

@ -0,0 +1 @@
LICENSE

47
.woodpecker/docs.yaml Normal file
View File

@ -0,0 +1,47 @@
---
when:
- event: [pull_request]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
- name: generate
image: quay.io/thegeeklab/ansible-doctor
environment:
ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/
ANSIBLE_DOCTOR_FORCE_OVERWRITE: "true"
ANSIBLE_DOCTOR_LOG_LEVEL: INFO
ANSIBLE_DOCTOR_ROLE_NAME: ${CI_REPO_NAME}
ANSIBLE_DOCTOR_TEMPLATE: readme
- name: format
image: quay.io/thegeeklab/alpine-tools
commands:
- prettier -w README.md
- name: diff
image: quay.io/thegeeklab/alpine-tools
commands:
- git diff --color=always README.md
- name: publish
image: quay.io/thegeeklab/wp-git-action
settings:
action:
- commit
- push
author_email: ci-bot@rknet.org
author_name: ci-bot
branch: main
message: "[skip ci] automated docs update"
netrc_machine: gitea.rknet.org
netrc_password:
from_secret: gitea_token
when:
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
depends_on:
- lint

30
.woodpecker/lint.yaml Normal file
View File

@ -0,0 +1,30 @@
---
when:
- event: [pull_request, tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
- name: ansible-later
image: quay.io/thegeeklab/ansible-later:4
commands:
- ansible-later
environment:
FORCE_COLOR: "1"
- name: python-format
image: docker.io/python:3.12
commands:
- pip install -qq ruff
- ruff format --check --diff .
environment:
PY_COLORS: "1"
- name: python-lint
image: docker.io/python:3.12
commands:
- pip install -qq ruff
- ruff .
environment:
PY_COLORS: "1"

26
.woodpecker/notify.yml Normal file
View File

@ -0,0 +1,26 @@
---
when:
- event: [tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
runs_on: [success, failure]
steps:
- name: matrix
image: quay.io/thegeeklab/wp-matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
username:
from_secret: matrix_username
when:
- status: [success, failure]
depends_on:
- docs

11
README.md
View File

@ -1,12 +1 @@
# xoxys.network
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.network?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.network)
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
Manage linux network configuration.
You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/networking/network/).
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

43
handlers/main.yml
View File

@ -1,34 +1,31 @@
---
- name: Set flag require_reboot
set_fact:
ansible.builtin.set_fact:
__network_require_reboot: True
listen: __network_host_reboot
- block:
- name: Restart network
shell: "{{ __network_restart_command }}"
async: 1
poll: 0
when:
- (not __network_require_reboot | default(False) | bool) or (not network_reboot_enabled | bool)
- network_restart_enabled | bool
listen: __network_restart
tags:
- skip_ansible_later
- name: Restart network
ansible.builtin.shell: "{{ __network_restart_command }}"
async: 1
poll: 0
when:
- (not __network_require_reboot | default(False) | bool) or (not network_reboot_enabled | bool)
- network_restart_enabled | bool
listen: __network_restart
tags:
- skip_ansible_later
- name: Reboot server
reboot:
msg: "Reboot triggered by Ansible"
async: 1
poll: 0
ignore_errors: yes
when: network_reboot_enabled | bool
listen: __network_host_reboot
become: True
become_user: root
- name: Reboot server
ansible.builtin.reboot:
msg: "Reboot triggered by Ansible"
async: 1
poll: 0
ignore_errors: True
when: network_reboot_enabled | bool
listen: __network_host_reboot
- name: Waiting for host startup
wait_for_connection:
ansible.builtin.wait_for_connection:
delay: 5
timeout: 300
when: (network_reboot_enabled | bool) or (network_restart_enabled | bool)

9
meta/main.yml
View File

@ -6,19 +6,18 @@ galaxy_info:
namespace: xoxys
role_name: network
# @meta description: >
# [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.network)
# [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.network?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.network)
# [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.network/src/branch/main/LICENSE)
# [![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.network/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.network)
# [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.network/src/branch/main/LICENSE)
#
# Manage linux network configuration.
# @end
description: Manage linux network configuration
license: MIT
min_ansible_version: 2.10
min_ansible_version: "2.10"
platforms:
- name: EL
versions:
- 7
- "9"
galaxy_tags:
- network
dependencies: []

17
pyproject.toml Normal file
View File

@ -0,0 +1,17 @@
[tool.ruff]
exclude = [".git", "__pycache__"]
line-length = 99
indent-width = 4
[tool.ruff.lint]
ignore = ["W191", "E111", "E114", "E117", "S101", "S105"]
select = ["F", "E", "I", "W", "S"]
[tool.ruff.format]
quote-style = "double"
indent-style = "space"
line-ending = "lf"
[tool.pytest.ini_options]
filterwarnings = ["ignore::FutureWarning", "ignore::DeprecationWarning"]

12
setup.cfg
View File

@ -1,12 +0,0 @@
[flake8]
ignore = D100, D101, D102, D103, D105, D107, E402, W503
max-line-length = 99
inline-quotes = double
exclude = .git,.tox,__pycache__,build,dist,tests,*.pyc,*.egg-info,.cache,.eggs,env*
[yapf]
based_on_style = google
column_limit = 99
dedent_closing_brackets = true
coalesce_brackets = true
split_before_logical_operator = true

7
tasks/main.yml
View File

@ -1,5 +1,5 @@
---
- include_vars: "{{ var_files }}"
- ansible.builtin.include_vars: "{{ var_files }}"
vars:
var_files: "{{ lookup('first_found', params, errors='ignore') }}"
params:
@ -11,7 +11,6 @@
paths:
- "vars"
when: var_files
- include_tasks: nm.yml
- ansible.builtin.include_tasks: nm.yml
when: __network_nmcli | bool
- include_tasks: setup.yml
- ansible.builtin.include_tasks: setup.yml

55
tasks/nm.yml
View File

@ -1,32 +1,29 @@
---
- block:
- name: Add NetworkManager configuration
copy:
content: "{{ item.value }}"
dest: "/etc/NetworkManager/conf.d/{{ item.key }}.conf"
owner: root
group: root
mode: 0640
loop: "{{ network_nm_config | dict2items }}"
loop_control:
label: "{{ item.key }}"
notify: __network_host_reboot
- name: Add NetworkManager configuration
ansible.builtin.copy:
content: "{{ item.value }}"
dest: "/etc/NetworkManager/conf.d/{{ item.key }}.conf"
owner: root
group: root
mode: "0640"
loop: "{{ network_nm_config | dict2items }}"
loop_control:
label: "{{ item.key }}"
notify: __network_host_reboot
- name: Register active NetworkManager configuration
find:
paths: /etc/NetworkManager/conf.d/
file_type: file
patterns: "*.conf"
register: __network_nm_config_active
changed_when: False
failed_when: False
- name: Register active NetworkManager configuration
ansible.builtin.find:
paths: /etc/NetworkManager/conf.d/
file_type: file
patterns: "*.conf"
register: __network_nm_config_active
changed_when: False
failed_when: False
- name: Remove unmanaged NetworkManager configuration
file:
path: "{{ item }}"
state: absent
loop: "{{ __network_nm_config_active.files | map(attribute='path') | list }}"
notify: __network_host_reboot
when: (item | basename | splitext | first) not in (network_nm_config | dict2items | map(attribute='key') | list)
become: True
become_user: root
- name: Remove unmanaged NetworkManager configuration
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop: "{{ __network_nm_config_active.files | map(attribute='path') | list }}"
notify: __network_host_reboot
when: (item | basename | splitext | first) not in (network_nm_config | dict2items | map(attribute='key') | list)

95
tasks/setup.yml
View File

@ -1,54 +1,51 @@
---
- block:
- name: Set hostname
hostname:
name: "{{ network_hostname }}"
when: network_hostname
notify: __network_host_reboot
- name: Set hostname
ansible.builtin.hostname:
name: "{{ network_hostname }}"
when: network_hostname
notify: __network_host_reboot
- name: Write hosts file
template:
src: etc/hosts.j2
dest: /etc/hosts
owner: root
group: root
mode: 0644
notify: __network_host_reboot
- name: Write hosts file
ansible.builtin.template:
src: etc/hosts.j2
dest: /etc/hosts
owner: root
group: root
mode: "0644"
notify: __network_host_reboot
- name: Add network interface configuration
template:
src: etc/sysconfig/network-scrips/ifcfg.j2
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.key }}"
owner: root
group: root
mode: 0644
loop: "{{ network_interfaces | dict2items }}"
loop_control:
label: "{{ item.key }}"
when: item.key in ansible_interfaces or item.key.split(":")[0] in ansible_interfaces
register: __network_ifcfg
notify: __network_restart
- name: Add network interface configuration
ansible.builtin.template:
src: etc/sysconfig/network-scrips/ifcfg.j2
dest: "/etc/sysconfig/network-scripts/ifcfg-{{ item.key }}"
owner: root
group: root
mode: "0644"
loop: "{{ network_interfaces | dict2items }}"
loop_control:
label: "{{ item.key }}"
when: item.key in ansible_interfaces or item.key.split(":")[0] in ansible_interfaces
register: __network_ifcfg
notify: __network_restart
- name: Add static routes
copy:
content: "{{ item.value }}"
dest: "/etc/sysconfig/network-scripts/route-{{ item.key }}"
owner: root
group: root
mode: 0644
loop: "{{ network_routes | dict2items }}"
loop_control:
label: "{{ item.key }}"
when: item.key in ansible_interfaces
notify: __network_restart
- name: Add static routes
ansible.builtin.copy:
content: "{{ item.value }}"
dest: "/etc/sysconfig/network-scripts/route-{{ item.key }}"
owner: root
group: root
mode: "0644"
loop: "{{ network_routes | dict2items }}"
loop_control:
label: "{{ item.key }}"
when: item.key in ansible_interfaces
notify: __network_restart
- name: Set DNS servers
template:
src: etc/resolv.conf.j2
dest: /etc/resolv.conf
owner: root
group: root
mode: 0644
when: network_resolve_enabled | bool
become: True
become_user: root
- name: Set DNS servers
ansible.builtin.template:
src: etc/resolv.conf.j2
dest: /etc/resolv.conf
owner: root
group: root
mode: "0644"
when: network_resolve_enabled | bool