Playbook
aliyun-repo.yml
---
- name: change repo
hosts: all
tasks:
- name: wget repo
get_url:
url: https://mirrors.aliyun.com/repo/Centos-7.repo
dest: /etc/yum.repos.d/CentOS-Base.repo
- name: makecache
shell: yum clean all && yum makecache
docker_install.yml
---
- name: install docker-ce
hosts: all
remote_user: root
gather_facts: false
tasks:
- name: add repo
shell: wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
- name: install docker-ce
shell: yum -y install docker-ce
- name: enable docker
shell: systemctl enable docker
- name: add harbor name & dockerhub speedup
shell: |
cat <<EOF >/etc/docker/daemon.json
{
"registry-mirrors": [
"https://hub-mirror.c.163.com/"
],
"insecure-registries": [
#信任仓库
]
}
EOF
- name: start docker
shell: systemctl start docker
ECSSHOP
# main_playbook.yml
- name: deploy nginx web
hosts: web
remote_user: root
gather_facts: true
vars:
code_zip_file: ecshop-installed
tasks:
- name: create nginx yum repository
yum_repository:
file: nginx
name: nginx-stable
description: "this is nginx repository"
baseurl: 'http://nginx.org/packages/centos/$releasever/$basearch/'
enabled: yes
gpgcheck: no
state: present
tags:
- config-nginx-yum
- nginx_web
- name: install unzip
yum:
name: unzip
state: present
tags:
- install_unzip
- nginx_web
- name: install nginx server
yum:
update_cache: yes
name: nginx
state: present
tags:
- install_nginx
- nginx_web
- name: create web root dir
file:
path: /web/
recurse: true
state: directory
tags:
- create-web-root
- nginx_web
- name: copy and unzip ecshop code
unarchive:
src: /tmp/{{ code_zip_file }}.zip
dest: /web/
remote_src: yes
tags:
- unzip_ecshop_code
- nginx_web
- name: config nginx main file
template:
src: /usr/shell/template/nginx.conf.j2
dest: /etc/nginx/nginx.conf
backup: yes
tags:
- set-nginx-main-config
- nginx_web
- name: config nginx child file
copy:
src: /root/gameProject/default.conf
dest: /etc/nginx/conf.d/default.conf
backup: yes
tags:
- set-nginx-child-config
- nginx_web
- name: start nginx server
service:
name: nginx
state: restarted
enabled: yes
tags:
- restart-nginx
- nginx_web
- name: set code perms
file:
path: /web/ecshop
owner: nginx
group: nginx
state: directory
recurse: yes
tags:
- set-permissions
- nginx_web
- name: deploy nginx proxy
hosts: proxy
remote_user: root
gather_facts: true
tasks:
- name: create nginx yum repository
yum_repository:
file: nginx
name: nginx-stable
description: "this is nginx repository"
baseurl: 'http://nginx.org/packages/centos/$releasever/$basearch/'
enabled: yes
gpgcheck: no
state: present
tags:
- config-nginx-yum
- nginx_proxy
- name: install unzip
yum:
name: unzip
state: present
tags:
- install_unzip
- nginx_proxy
- name: install nginx server
yum:
update_cache: yes
name: nginx
state: present
tags:
- install_nginx
- nginx_proxy
- name: config nginx main file
template:
src: /usr/shell/template/nginx-proxy.conf.j2
dest: /etc/nginx/nginx.conf
backup: yes
tags:
- set-nginx-main-config
- nginx_proxy
- name: config nginx child file
copy:
src: /root/gameProject/proxy.conf
dest: /etc/nginx/conf.d/default.conf
backup: yes
tags:
- set-nginx-child-config
- nginx_proxy
- name: start nginx server
service:
name: nginx
state: restarted
enabled: yes
tags:
- restart-nginx
- nginx_proxy
- name: deploy php
hosts: php
remote_user: root
gather_facts: true
vars:
php_file: php-centosBase
code_zip_file: ecshop-installed
mysql_ip: 192.168.10.131
mysql_user: ecs
mysql_password: Uplooking_123
mysql_database: ecsdb
php_file_name: php5.6
tasks:
- name: install unzip
yum:
name: unzip
state: present
tags:
- install_unzip
- php
- name: copy php zip
copy:
src: /tmp/{{ php_file }}.tar.gz
dest: /tmp/
tags:
- copy_php_zip
- php
- name: unzip php zip
unarchive:
src: /tmp/{{ php_file }}.tar.gz
dest: /tmp/
tags:
- unzip_php
- php
- name: chmod php
file:
path: /tmp/{{ php_file_name }}
state: directory
recurse: yes
owner: root
group: root
mode: 'a+x'
tags:
- chmod_php
- php
- name: cd php dir
shell: cd /tmp/{{ php_file_name }}
tags:
- cd_php_dir
- php
- name: install php
shell: ./install.sh
args:
chdir: /tmp/{{php_file_name}}
tags:
- install_php
- php
- name: copy ecshop zip
copy:
src: /tmp/{{ code_zip_file }}.zip
dest: /tmp/
tags:
- copy_ecshop_zip
- php
- name: create root dir
file:
path: /web/
recurse: true
state: directory
tags:
- create_root_dir
- php
- name: unzip ecshop code
unarchive:
src: /tmp/{{ code_zip_file }}.zip
dest: /web/
remote_src: yes
tags:
- unzip_ecshop_code
- php
- name: chmod code
file:
path: /web/ecshop/
mode: '0777'
recurse: yes
tags:
- chmod_code
- php
- name: Update PHP configuration with MySQL settings
lineinfile:
path: /web/ecshop/data/config.php
regexp: '{{ item.regexp }}'
line: '{{ item.line }}'
loop:
- { regexp: '^DB_HOST', line: "DB_HOST='{{ mysql_ip }}'" }
- { regexp: '^DB_USER', line: "DB_USER='{{ mysql_user }}'" }
- { regexp: '^DB_PASSWORD', line: "DB_PASSWORD='{{ mysql_password }}'" }
- { regexp: '^DB_NAME', line: "DB_NAME='{{ mysql_database }}'" }
tags:
- update_php_config
- php
Gitlab
---
- name: deploy git and gitlab
hosts: git-server
remote_user: root
gather_facts: true
tasks:
- name: install git
yum:
name: git
state: present
tags: install git
- name: install git-core
yum:
name: git-core
state: present
tags: install git-core
- name: create git user
user:
name: git
comment: "git server user"
home: /var/lib/git
create_home: no
shell: /sbin/nologin
system: yes
tags: create git user
- name: Set git user password
ansible.builtin.shell: echo "123456" | passwd --stdin git
become_user: root
ignore_errors: yes
tags: Set git user password
- name: Create user jack
user:
name: jack
password: "123456"
state: present
- name: Set Git config for user jack (method 1)
copy:
content: |
[user]
name=jack
email=jack@163.com
dest: /home/jack/.gitconfig
owner: jack
group: jack
mode: '0600'
- name: copy gitlab package to git-server
copy:
src: /tmp/gitlab-ce-16.0.0-ce.0.el7.x86_64.rpm
dest: /tmp
- name: copy gitlab to git-ctl
copy:
src: /root/ruoyi/playbook/templates/gitlab.sh
dest: /tmp
backup: yes
- name: set gitlab.sh perms
file:
path: /tmp/gitlab.sh
mode: '0755'
- name: run gitlab.sh
shell: /tmp/gitlab.sh
Jenkins
---
- name: deploy jenkins derver
hosts: an
remote_user: root
gather_facts: true
tasks:
- name: copy jdk.sh to profile
copy:
src: ./templates/jdk.sh
dest: /etc/profile.d/
tags: copy jdk.sh to profile
- name: copy maven.sh to profile
copy:
src: ./templates/maven.sh
dest: /etc/profile.d/
tags: copy maven.sh to profile
- name: set jenkins perms
file:
path: /root/ruoyi/playbook/templates/jenkins.sh
mode: '0577'
- name: install jenkins rpm
shell: /root/ruoyi/playbook/templates/jenkins.sh
- name: start jenkins
systemd:
name: jenkins # 这是你的Jenkins服务的systemd服务名,可能因安装方式和版本而异
state: started
enabled: yes # 如果你也希望在系统启动时自动启动Jenkins,可以启用此项
harbor_install.yml
---
- name: Install harbor
hosts: harbor
gather_facts: false
tasks:
- name: Download harbor-v2.9.5.tgz
shell: wget -O /tmp/harbor-offline-installer-v2.9.5.tgz https://github.com/goharbor/harbor/releases/download/v2.9.5/harbor-offline-installer-v2.9.5.tgz
- name: Install unzip and lrzsz
yum:
name: lrzsz
state: present
- name: Extract harbor.tgz
ansible.builtin.unarchive:
src: /tmp/harbor-offline-installer-v2.9.5.tgz
dest: /usr/local/
remote_src: yes
- name: Create backup directory
ansible.builtin.file:
path: /usr/local/harbor/backup
state: directory
- name: Backup harbor.yml
ansible.builtin.shell: cp harbor.yml.tmpl /usr/local/harbor/backup/harbor.yml
- name: cp to harbor.yml
ansible.builtin.copy:
src: /conf/harbor.yml
dest: /usr/local/harbor/harbor.yml
- name: run install.sh
ansible.builtin.shell: /usr/local/harbor/install.sh
SHELL
mysql
#! /bin/bash
#
# 该脚本用于通过rpm方式安装部署mysql5.7.30
#
# 写可能存在的冲突包mariadb-libs
yum remove -y mariadb-libs
# 安装mysql的依赖包perl 及解压命令unzip
yum install -y perl unzip
# 解压mysql 安装包zip <安装压缩包由ansible 分发到 /tmp目录下>
cd /tmp
unzip -B mysql5.7.30.zip
# 进入解压目录
cd mysql5.7.30/
# 安装rpm包
rpm -ivh --force mysql-community-common-5.7.30-1.el7.x86_64.rpm
rpm -ivh --force mysql-community-libs-5.7.30-1.el7.x86_64.rpm
rpm -ivh --force mysql-community-libs-compat-5.7.30-1.el7.x86_64.rpm
rpm -ivh --force mysql-community-client-5.7.30-1.el7.x86_64.rpm
rpm -ivh --force mysql-community-server-5.7.30-1.el7.x86_64.rpm
# 配置文件增加跳过域名解析 提高连接响应速度
sed -i '/skip-name-resolve/d' /etc/my.cnf
sed -i '$a\skip-name-resolve' /etc/my.cnf
# 启动mysqld 服务
systemctl start mysqld
if [ $? -ne 0 ]
then
echo "install and start mysqld failed."
exit 1
fi
# 获取第一次的随机密码
ps=$(grep -E "password is generated for root@localhost:" /var/log/mysqld.log | awk '{print $11}')
# 重置密码
mysqladmin -uroot -p"${ps}" password 'looking_123'
if [ $? -ne 0 ]
then
exit 2
fi
cd /tmp
mysql -uroot -pUplooking_123 < ecsdb.sql
# 创建 database 名为 mydb
#mysql -uroot -pUplooking_123 -e "CREATE DATABASE IF NOT EXISTS mydb DEFAULT CHARACTER SET utf8;"
# 授权 账号 web 密码为 Uplooking_123 在 mydb 库中 * 所有表 有all权限
mysql -uroot -pUplooking_123 -e "grant all on ecsdb.* to 'ecs'@'%' identified by 'looking_123';"
# 刷新数据库权限
mysql -uroot -pUplooking_123 -e "flush privileges;"
systemctl enable mysql
# 清理安装包
rm -rf /tmp/mysql*
exit 0
JDK
#JDK
#! /bin/bash
JAVA_HOME=/usr/local/jdk-17.0.11
JRE_HOME=$JAVA_HOME/jre
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
CLASSPATH=$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
export JAVA_HOME JRE_HOME CLASSPATH
PHP
#!/bin/bash
# 配置系统的epel 源
wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
yum repolist # 检查EPEL源是否成功添加
cd /tmp
# 检查php-centosBase.tar.gz是否存在
if [ ! -f php-centosBase.tar.gz ]; then
echo "php-centosBase.tar.gz 文件不存在于 /tmp 目录中!"
exit 1
fi
# 解压
tar -xvf php-centosBase.tar.gz
# 检查解压后的目录名称,这里假设为php5.6(您可能需要更改)
if [ -d php5.6/ ]; then
cd php5.6/
else
echo "解压后的目录中未找到 php5.6/"
exit 1
fi
# 给于脚本执行权限
chmod a+x install.sh
./install.sh
echo 0
