finalize structure

.gitignore

@@ -1,3 +0,0 @@
-*.iso
-disks/
-

hosts

@@ -1,3 +1,5 @@
+# I will move this to the hosts.yml soon
+
 [vm]
 192.168.123.2 host=mirror ansible_connection=ssh  ansible_port=22 ansible_user=ubuntu ansible_password=ubuntu ansible_become_user=root ansible_become_password=ubuntu
 # ansible_ssh_private_key_file

libvirt/main.yml

@@ -45,7 +45,6 @@
           {{ playbook_dir }}/templates/user-data 
         creates: "{{ playbook_dir }}/vm/seed.qcow2"
 
-    # get user to set net.ipv4.ip_forward = 1 ?
     - name: create mirbr0 bridge network
       command: "virsh {{ item }}"
       loop: 
@@ -95,6 +94,8 @@
         --graphics vnc,port=5911,listen=127.0.0.1
         --noautoconsole
       when: not vm_exists.rc == 0
+      # get user to set net.ipv4.ip_forward = 1 ?
+
       # in the vm to disable cloud-init run 
       # sudo touch /etc/cloud/cloud-init.disabled
 
@@ -102,22 +103,22 @@
       # copy over pub key into /root/.ssh/authorized_keys
       # add line to ssh config that allows ssh as root
 
-# possible that this will not be run in order?
+- name: setup mirror vm
+  hosts: 192.168.123.2
+  tasks:
+    - name: setup system
+      import_role:
+        name: "../roles/system"
 
-# roles are called relative to playbook
+    - name: setup mirror
-# - name: setup mirror services
+      import_role:
-#   hosts: 192.168.123.2
+        name: "../roles/mirror"
-#   include_role: "../roles/{{ item }}"
-#   loop:
-#     - zfs (make sure runs first)
-#     - index
-#     - nginx
-#     - rsync
-#     - ftp
 
-# to write
+    - name: setup other services
-#    - could be combined into one
+      import_role:
-        # - merlin
+        name: "../roles/{{ item }}"
-        # - scripts (in bin)
+      loop:
-        # - mirrormanager
+        - ftp
-#    - users 
+        - nginx
+        - rsync
+        # - mirrormanager

libvirt/templates/user-data

@@ -3,10 +3,12 @@ autoinstall:
     version: 1
     identity:
         hostname: mirror
-        username: ubuntu
+        username: local
         # mkpasswd --method=SHA-512 --rounds=4096
-        # password is just ubuntu
+        # password is krb5
-        password: "$6$exDY1mhS4KUYCE/2$zmn9ToZwTKLhCw.b4/b.ZRTIZM30JZ4QrOQ2aOXJ8yk96xpcCof0kxKwuX1kqLG/ygbJ1f8wxED22bTL4F46P0"
+        password: "$6$rounds=4096$FfXwns8mexFJUAjS$z/ERS/5gitnl8f3AZnnztS8iFpmS/AtzUfEVM2.tfRpWnl/y7PwhDZTeT68WxoogmSTgaZyVL6..jP4aiB1LD0"
+        # this password is ubuntu
+        # $6$exDY1mhS4KUYCE/2$zmn9ToZwTKLhCw.b4/b.ZRTIZM30JZ4QrOQ2aOXJ8yk96xpcCof0kxKwuX1kqLG/ygbJ1f8wxED22bTL4F46P0
     locale: en_US
     ssh:
         allow-pw: true

local/README.md

@@ -0,0 +1,7 @@
+# local playbook
+this playbook will be run inside a already set up vm to set up the services
+
+used if someone wants to set up vm themselves + wants more disks in the pool
+
+includes varable for which disks to turn into a zfs pool
+

roles/README.md

@@ -21,3 +21,22 @@ check wiki for more details
 
 ### Sync Scripts
 add sync scripts to `~mirror/bin`
+
+
+merge all mirror stuff into mirror role
+
+setup role that creates zpools and users
+
+# to write
+- ftp
+- mirror
+- setup
+- local
+
+# to update
+- hosts + ansible.cfg
+- group_vars
+- quote the file mode (0777 -> '0777')
+- add directory_mode to set directory permission
+- double check src and dest behaviour with trailing /
+    - could check that copy works like rsync

roles/ftp/tasks/main.yml

@@ -0,0 +1,31 @@
+- name: install proftpd
+  apt:
+    name: proftpd
+    state: present
+    update_cache: yes
+
+
+# make `/mirror/root` dir
+
+# will this overwrite the /mirror/root/include ?
+
+# double check perms
+
+# proftpd requires modules (how to install ?)
+- name: Copy assets
+  copy:
+    src: "{{ role_path }}/templates/proftpd.conf"
+    dest: /etc/proftpd/proftpd.conf
+    # owner: root
+    # group: root
+    # mode: 0755
+
+
+# also need to get
+# /etc/proftpd/blacklist.dat (binary)
+# /etc/proftpd/dhparams.pem (maybe not)
+# /etc/proftpd/ldap.conf (unable to read)
+# /etc/proftpd/modules.conf (and maybe everything in /usr/lib/proftpd/)
+# /etc/proftpd/sql.conf (unable to read)
+# /etc/proftpd/tls.conf 
+# /etc/proftpd/virtuals.conf 

roles/index/tasks/main.yml

@@ -1,38 +0,0 @@
----
-- name: copy over crond job
-  copy:
-    src: "{{ role_path }}/templates/csc-mirror"
-    dest: /etc/cron.d/csc-mirror
-    owner: root
-    group: root
-    mode: 0644
-# restart cron
-
-# create mirror home dir in user role
-# - name: mirror home
-#   file:
-#     path: /home/mirror
-#     state: directory
-#     owner: mirror
-#     group: mirror
-#     mode: 0755
-#     recurse: yes
-
-# user template module instead
-# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html
-- name: Copy index files
-  copy:
-    src: "{{ role_path }}/templates/mirror-index"
-    dest: /home/mirror/mirror-index
-    owner: mirror
-    group: mirror
-    mode: 0775
-
-- name: Copy assets
-  copy:
-    src: "{{ role_path }}/templates/include"
-    dest: /mirror/root/include
-    owner: root
-    group: csc-mirror
-    mode: 0755
-

roles/mirror.txt

@@ -0,0 +1,25 @@
+troubleshooting: try to load the kvm module with `modprobe kvm_intel`
+
+interface should automatically come up but can also use
+$ virt-viewer --domain-name mirror
+if vm is on a remote machine
+$ virt-viewer --connect qemu+ssh://user@host.example.com/system vmnamehere
+
+for now just have a folder of screenshots
+- change name of lvm volume from "lv0-root" to just "root"
+troubleshooting: ignore "failed to unmount /cdrom" and just ctrl+c in viewer
+
+login into your created user (from install), change to root, and create password for root
+$ sudo su
+type in your password
+$ passwd
+create root password
+
+may already be mounted but just to be sure
+$ zfs mount -a
+
+- mirror hosts
+	- http://mirror.csclub.uwaterloo.ca (the mirror)
+	- http://ca.releases.ubuntu.com (ubuntu releases)
+	- http://ca.ceph.com (ceph releases)
+	- http://debian.csclub.uwaterloo.ca (csclub's debian packages)

roles/mirror/tasks/main.yml

@@ -0,0 +1,73 @@
+# setup will folders and users for us to use here
+
+# merlin will create 
+# /mirror/merlin/run + run/merlin.sock
+
+# do we need to create ln -s from /mirror/merlin/run/merlin.sock to /mirror/merlin/merlin.sock
+
+# - name: set up /home/mirror
+
+
+
+
+- name: copy over crond job
+  copy:
+    src: "{{ role_path }}/templates/csc-mirror"
+    dest: /etc/cron.d/csc-mirror
+    owner: root
+    group: root
+    mode: 0644
+# restart cron
+
+# create mirror home dir in user role
+# - name: mirror home
+#   file:
+#     path: /home/mirror
+#     state: directory
+#     owner: mirror
+#     group: mirror
+#     mode: 0755
+#     recurse: yes
+
+# also create /mirror/root
+
+- name: Copy index files
+  copy:
+    src: "{{ role_path }}/templates/mirror-index"
+    dest: /home/mirror/mirror-index
+    owner: mirror
+    group: mirror
+    mode: 0775
+
+- name: Copy assets
+  copy:
+    src: "{{ role_path }}/templates/include"
+    dest: /mirror/root/include
+    owner: root
+    group: csc-mirror
+    mode: 0755
+
+
+# merlin goes goes under /home
+
+# csc-mirror goes under /etc/cron.d
+
+# include and merlin go under /mirror
+
+
+# delete symlinks and recreate when installing
+
+# the git repo @mirror only update with /home/mirror
+
+# could just rsync whatever is in that repo to /home/mirror
+
+# unable to read files with +s
+# - /mirror/merlin/run/merlin.sock
+# what the: looks like python will create this
+# may need to ln -s from run/merlin.sock to /mirror/merlin/merlin.sock and /home/mirror/merlin/merlin.sock
+
+# for busybox
+# ln -s /bin/busybox ls
+# then ./ls will execute ls from busybox
+
+# in /mirror/merlin/dev need to create null random urandom with mknod