homelab/ansible/jumper.yml

---
- name: Install
  hosts: jumper
  remote_user: ubuntu
  serial: 1
  vars:
    pv_disks:
      - /dev/sda
    vg_name: vg1
    lv_name: pvs
    lv_size: +100%FREE
    fs_type: ext4
    mount_path: /mnt/docker
    extra_docker_daemon_options: |
      "data-root": "/mnt/docker/docker-root",
      "dns": ["10.0.123.123"],
  tasks:
    - import_role: name=dns-client

    - import_role: name=lvm

    - name: Ensure docker root exists
      become: true
      file:
        path: /mnt/docker/docker-root
        state: directory
        mode: "0755"

    - import_role: name=docker

    - name: Run portainer agent
      become: true
      docker_container:
        name: portainer_agent
        image: portainer/agent:2.16.2
        ports:
          - "9001:9001"
        env:
          AGENT_SECRET: "{{ portainer_agent_secret }}"
        restart_policy: unless-stopped
        mounts:
          - type: bind
            source: /var/run/docker.sock
            target: /var/run/docker.sock
          - type: bind
            source: /mnt/docker/docker-root/volumes
            target: /var/lib/docker/volumes

    # This is used _only_ to enable stacks for things like rolling updates
    - name: Init swarm
      become: true
      docker_swarm:
        state: present
        advertise_addr: "{{ansible_default_ipv4.address}}"
        default_addr_pool:
          - 172.17.0.0/16
          - 172.18.0.0/16
          - 172.19.0.0/16

    - name: Create ingress network
      # The ingress network conflicts with my subnet and ends up causing problems,
      # so we have to set a different subnet first
      become: true
      docker_network:
        name: ingress
        driver: overlay
        ingress: true
        scope: swarm
        ipam_config:
          - subnet: 172.31.0.0/16
            gateway: 172.31.0.1
        driver_options:
          # I'm honestly not completely sure what this, but in the default
          # ingress network that's created during swarm initialization, this exists
          # and things don't seem to work without it.
          com.docker.network.driver.overlay.vxlanid_list: 4096

- name: Mount extra shares
  tags: [extra-shares]
  hosts: jumper
  vars:
    shares:
      - src: truenas.local:/mnt/emc14t9/lfs/media
        path: /mnt/media
        opts: rw,_netdev,hard,intr,nolock
        fstype: nfs
        state: mounted
  tasks:
    - name: Ensure mount directory exists
      become: true
      file:
        path: "{{ item.path }}"
        state: directory
        mode: '0755'
      loop: "{{ shares }}"
    - name: Mount media share
      become: true
      mount:
        src: "{{ item.src }}"
        path: "{{ item.path }}"
        opts: "{{ item.opts }}"
        state: "{{ item.state | default('mounted') }}"
        fstype: "{{ item.fstype }}"
      loop: "{{ shares }}"