Initialize Project

2025-08-11 21:41:44 +04:00
commit a871ef846e
30 changed files with 2955 additions and 0 deletions
--- a/inventory/mscc-demo/group_vars/all/custom.yml
+++ b/inventory/mscc-demo/group_vars/all/custom.yml
@@ -0,0 +1,147 @@
+---
+access:
+  admin:
+    root: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCqxAULC+ij8V/6cF/EfHXyl6Ts28OGSMwcKg2sqXJZaO/B/BM4KYzx6kJpiCLdwDiJEd/TrYtNB1l/Yq9EVb2QMZZzposEi3mzhQuSJjLmRkxPk4BO0cd+RUl2deZ8iNw4v/7Vb67Ol6ieBbVt9yKzazNRPUJwCCIaAKWDYUjd8q1SyEPdx2oeFyo7M44BZBQcbcIzuhZ3v9H8Hp/6cBOfuJxpqZxXMRmhniaWCduBnAiIPnwXMIBNSr/L/q3B1RiOTB+OY5KaUZCLirgzLHgauIx22LFCdWLrVYYHSh6cXtN/HTqDi8USF9lbQXevjdh7lZk8SdHKLy3Ca+CgvxDox8TXWGh5RXGmqwObLw8sxvW9x47JKjmre9QkVeO1AgQBm0FVSAd/KIBir4XIrumzvHqRsZBMQLWQ4kJU68ZPALZE2oOuCBuesjhF9YOpsEJcMonnoQp1lWq4rmEMGqlwdmLu1umh+iY0FTbsfJb4lDsnLopWeLTplhFZ3OjODSMFZ2Mhvx6AMqACPi4nhXQGRkMaHSiM9LdrcuE6DCWJHkJpaWagScNY2mzYZfqSlsNu5SJTcqeUB+HH81gI4kIdhdbAYDVOpoF66ljDl74VZgC+lhiH46eLCcT3piR8n08l5MVuZpqUeee8HBQKNaQyCu+YcZAjMJ3simICpVFwQ== kishan@kinesis.games # noqa yaml[line-length]
+    edgeking810: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCqxAULC+ij8V/6cF/EfHXyl6Ts28OGSMwcKg2sqXJZaO/B/BM4KYzx6kJpiCLdwDiJEd/TrYtNB1l/Yq9EVb2QMZZzposEi3mzhQuSJjLmRkxPk4BO0cd+RUl2deZ8iNw4v/7Vb67Ol6ieBbVt9yKzazNRPUJwCCIaAKWDYUjd8q1SyEPdx2oeFyo7M44BZBQcbcIzuhZ3v9H8Hp/6cBOfuJxpqZxXMRmhniaWCduBnAiIPnwXMIBNSr/L/q3B1RiOTB+OY5KaUZCLirgzLHgauIx22LFCdWLrVYYHSh6cXtN/HTqDi8USF9lbQXevjdh7lZk8SdHKLy3Ca+CgvxDox8TXWGh5RXGmqwObLw8sxvW9x47JKjmre9QkVeO1AgQBm0FVSAd/KIBir4XIrumzvHqRsZBMQLWQ4kJU68ZPALZE2oOuCBuesjhF9YOpsEJcMonnoQp1lWq4rmEMGqlwdmLu1umh+iY0FTbsfJb4lDsnLopWeLTplhFZ3OjODSMFZ2Mhvx6AMqACPi4nhXQGRkMaHSiM9LdrcuE6DCWJHkJpaWagScNY2mzYZfqSlsNu5SJTcqeUB+HH81gI4kIdhdbAYDVOpoF66ljDl74VZgC+lhiH46eLCcT3piR8n08l5MVuZpqUeee8HBQKNaQyCu+YcZAjMJ3simICpVFwQ== kishan@kinesis.games # noqa yaml[line-length]
+    worker: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDeT641t7758iHj+/tfSY8/NBd8pyirVtBvR9vsidAB7rBXvjIm6CAga+DuFjHi34NSn+L8VyaYhiwo9+Z1dxbMPV/eEaRMLuIdzrawPzUS7sap8H2nAAkaQH8vkizlWL+7F64TQ6PCBKMoFJ8aZarRfMPWYoLL/BNssssWCgqy7zlatorSkSs+dnn0cclLJWLwaaRUVoOcPl6VK+aVtLY4DIjq29XmvPJiIyN8bWSqnqbJTIbYJmfME2068jV8jdQ4+P/Imda4VrzjPDt8BFKzdvGEp5z1vlhrEfBrJBghkDawVt/j//CiiAXqnvbQzdQpRtr8u1EDDTfN5p6tN7/P3R9NGrh/M7dHJj7Q5opdOsTO74xpciuyCj9CUiQSp39pUWYyKDA+eDuVDxkSiYbfxnXD/nxQ3+PdJgXN2QJeQKK6+dYzdVOiCWW6ndcxqfxTUTSMthLNYoon/JN05iTu/TEKVyVh9tb9n2C6HXxPhbSGNu/DIMQKczLvq87MV7SgsWhUo+qONhIOZ5aJBPEREoEfrbP+D0d763cFTGI/95ryjW3omeRJDSNX2KPsT01Se+KSax4C45cVSLfdb+jk3DpRF28y0dH9PAr2C8Bud1WplNMZX4KNhQDq6eTID5Nc8AviclM2lJDBd356ElWnMkxJECy3V+f+8U7Hk0i8fw== # noqa yaml[line-length]
+
+tenant: kinesis-nomad
+issuer_name: kinesisgames
+internal_ip_start_bits: '10.104.0'
+nomad_cidr: '10.104.0.0/20'
+
+root_ssh_key_size: 4096
+timezone: Indian/Mauritius
+
+swap_file_state: present
+swap_file_path: /swapfile
+swap_file_size_mb: '2000'
+swap_file_existing_size_mb: '0'
+swap_swappiness: '40'
+swap_file_create_command: 'dd if=/dev/zero of={{ swap_file_path }} bs=1M count={{ swap_file_size_mb }}'
+
+letsencrypt_email_address: kishan@konnect.dev
+cloudflare_email_address: '{{ letsencrypt_email_address }}'
+traefik_web_ui_addr: traefik.mscc.kinesis.world
+
+traefik_auth_users:
+  - admin
+  - edgeking810
+
+traefik_services:
+  - name: traefik-service
+    host: traefik.mscc.kinesis.world
+    service: 'http://127.0.0.1:8081'
+    auth: true
+
+traefik_tcp_routers:
+  - name: gitea-ssh
+    host: ssh.gitea.mscc.kinesis.world
+    entrypoint: gitea_ssh
+    source_port: 4444
+    target_port: 2222
+    target_host: 127.0.0.1
+
+base_docker_volumes_dir: '/opt/docker/volumes'
+
+docker_containers:
+  - name: portainer
+    image: 'portainer/portainer-ce:2.30.0'
+    ports: ['8000:8000', '9000:9000', '9443:9443']
+    network:
+      domain_name: portainer.mscc.kinesis.world
+      custom_port: 9000
+    volumes:
+      - '/var/run/docker.sock:/var/run/docker.sock'
+      - '{{ base_docker_volumes_dir }}/portainer/data:/data'
+    recreate: false
+    network_mode: host
+  - name: gitea-db
+    image: mysql:8
+    ports: []
+    variables:
+      MYSQL_ROOT_PASSWORD: '{{ secrets["gitea-db"]["root_password"] }}'
+      MYSQL_DATABASE: '{{ secrets["gitea-db"]["database"] }}'
+      MYSQL_USER: '{{ secrets["gitea-db"]["username"] }}'
+      MYSQL_PASSWORD: '{{ secrets["gitea-db"]["password"] }}'
+    networks:
+      - name: gitea-net
+        aliases: ['gitea-db-svc']
+    volumes:
+      - '{{ base_docker_volumes_dir }}/gitea-db:/var/lib/mysql'
+  - name: gitea
+    image: gitea/gitea:1.23.8
+    ports: ['2222:22']
+    variables:
+      GITEA__database__NAME: '{{ secrets["gitea-db"]["database"] }}'
+      GITEA__database__USER: '{{ secrets["gitea-db"]["username"] }}'
+      GITEA__database__PASSWD: '{{ secrets["gitea-db"]["password"] }}'
+      GITEA__database__DB_TYPE: mysql
+      GITEA__database__HOST: 'gitea-db-svc:3306'
+    networks:
+      - name: gitea-net
+    network:
+      auth: false
+      domain_name: gitea.mscc.kinesis.world
+      custom_port: 3000
+    volumes:
+      - '{{ base_docker_volumes_dir }}/gitea-data:/data'
+  - name: gitea-runner
+    image: gitea/act_runner:0.2.11
+    variables:
+      CONFIG_FILE: /config.yaml
+      GITEA_INSTANCE_URL: https://gitea.mscc.kinesis.world/
+      GITEA_RUNNER_REGISTRATION_TOKEN: '{{ secrets["gitea-runner"]["registration_token"] }}'
+    data:
+      - dest: '{{ base_docker_volumes_dir }}/gitea-runner/config.yaml'
+        content: |
+          log:
+            level: info
+
+          runner:
+            file: .runner
+            capacity: 2
+            envs: {}
+            env_file: .env
+            timeout: 3h
+            insecure: false
+            fetch_timeout: 5s
+            fetch_interval: 2s
+            labels:
+              - "ubuntu-latest:docker://gitea/runner-images:ubuntu-latest"
+              - "ubuntu-22.04:docker://gitea/runner-images:ubuntu-22.04"
+              - "ubuntu-20.04:docker://gitea/runner-images:ubuntu-20.04"
+              - "node-latest:docker://node:latest"
+              - "rust-latest:docker://rust:latest"
+              - "docker-19-dind:docker://docker:19.03.12"
+
+          cache:
+            enabled: true
+            dir: /tmp/.cache
+            host: ""
+            port: 0
+            external_server: ""
+
+          container:
+            network: bridge
+            privileged: false
+            options:
+            workdir_parent:
+            valid_volumes: []
+            docker_host: ""
+            force_pull: true
+            force_rebuild: false
+
+          host:
+            workdir_parent:
+    networks:
+      - name: gitea-net
+    volumes:
+      - '{{ base_docker_volumes_dir }}/gitea-runner/config.yaml:/config.yaml'
+      - '/var/run/docker.sock:/var/run/docker.sock'
+
+cron_jobs:
+  - name: backup-gitea-db
+    job: 'docker exec gitea-db /bin/bash -c "mkdir -p /var/lib/mysql/backups/ && find /var/lib/mysql/backups/ -mtime +1 -type f -delete && mysqldump -uroot -p''{{ secrets["gitea-db"]["root_password"] }}'' {{ secrets["gitea-db"]["database"] }} > /var/lib/mysql/backups/dump.$(date +%F_%R).sql"'
+    minute: '0'
+    hour: '*/12'
--- a/inventory/mscc-demo/group_vars/all/vault.yml
+++ b/inventory/mscc-demo/group_vars/all/vault.yml
@@ -0,0 +1,25 @@
+$ANSIBLE_VAULT;1.1;AES256
+31303065633266656263636132653162306461306261356365363266356438653061333839323062
+6333363730613039366532643533316133363933303134340a633135363361386162356361376365
+32653031393338633661653266306462646130356532333036343731316238663032333063353332
+3536363432616361660a326231396139306431353633373463396430343738623962386363363562
+63663062376134636664656238643663666161373061656331613436656331323832366462393165
+66383538326663613364383436356231346237633231383365653362313736303439623061373030
+36643931326463343030353830626364643539383365333239633161366234343766333464633864
+32313134363661343539663363396236333430363264623038636633383431643931303832313831
+65363064623563363033616161313664643632343462636665303364326633383730343561643639
+34636338356334666462353036666131363263386366336162613338356438303733313964633539
+34396363633238366361313433333932316565613864333961646162376232336134353262646539
+61643561366266643662376533366664346637663831353461333462376338393431306139343539
+31613865363062623963393462613464363362396565623736313266323836613961366266323962
+63323638393163323261643933353032303765386162653834646236313336623431333936303137
+64366134613261336561653763356562363865396339663033626566613339343435323066636631
+35343366373730363466303032616564303063376639333332396665626336343832636230643637
+38353230373539343131326331623736326632653962386661353639303432323361633736303937
+31646166343861303534646336663232353265336330656537613039373962643966613432336137
+35633138373164346432343238353033376164306236323138613638393762363335653930613461
+34323964343038643435626132656161393733356261383937303366386462626665653039356138
+61646465386564393033613735343066336138326465383130326162323363373339336262313537
+32393136626564313132613166303536306361366335373264343435643461376636626461613635
+63636436646566613534666565656535376333386337393564313038346535633163396265633032
+33373566356632653861
--- a/inventory/mscc-demo/hosts
+++ b/inventory/mscc-demo/hosts
@@ -0,0 +1,6 @@
+[all:vars]
+ansible_ssh_private_key_file=~/.ssh/id_rsa
+ansible_ssh_extra_args="-o IdentitiesOnly=yes -o StrictHostKeyChecking=no"
+
+[server]
+mscc-demo-instance ansible_host=128.199.78.165 ansible_ssh_user=edgeking810