Tellsanguis/Homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Ajout snippets cloud-init
Some checks failed
CD - Deploy Infrastructure / Terraform Validation (push) Successful in 16s
Details
CD - Deploy Infrastructure / Deploy on pve1 (push) Failing after 7s
Details
CD - Deploy Infrastructure / Deploy on pve2 (push) Failing after 7s
Details
CD - Deploy Infrastructure / Deploy on pve3 (push) Failing after 8s
Details
CD - Deploy Infrastructure / Validate K3s Cluster (push) Has been skipped
Details
CD - Deploy Infrastructure / Deployment Notification (push) Failing after 1s
Details

Browse source
This commit is contained in:
Tellsanguis 2025-12-09 13:44:57 +01:00
parent 104df8d174
commit 2d680cec4e
4 changed files with 184 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

34
snippets/README.md Normal file
View file

@ -0,0 +1,34 @@
# Cloud-Init Snippets pour Proxmox
## Avant l'upload
Remplace les placeholders dans chaque fichier YAML :
- `YOUR_SSH_PUBLIC_KEY` : Ta clé SSH publique
- `YOUR_FORGEJO_REPO_URL` : URL du dépôt Forgejo (ex: https://forgejo.tellserv.fr/Tellsanguis/Homelab.git)
- `YOUR_FORGEJO_TOKEN` : Token Forgejo
- `YOUR_K3S_TOKEN` : Token K3S cluster
## Upload via interface Proxmox
### acemagician (k3s-server-1)
1. Proxmox → acemagician → Datacenter → Storage → local
2. Content → Snippets → Upload
3. Upload `cloud-init-k3s-server-1.yaml`
### elitedesk (k3s-server-2)
1. Proxmox → elitedesk → Datacenter → Storage → local
2. Content → Snippets → Upload
3. Upload `cloud-init-k3s-server-2.yaml`
### thinkpad (etcd-witness)
1. Proxmox → thinkpad → Datacenter → Storage → local
2. Content → Snippets → Upload
3. Upload `cloud-init-etcd-witness.yaml`
## Vérification
Après upload, les fichiers doivent être présents dans :
- `/var/lib/vz/snippets/cloud-init-k3s-server-1.yaml` (acemagician)
- `/var/lib/vz/snippets/cloud-init-k3s-server-2.yaml` (elitedesk)
- `/var/lib/vz/snippets/cloud-init-etcd-witness.yaml` (thinkpad)

50
snippets/cloud-init-etcd-witness.yaml Normal file
View file

@ -0,0 +1,50 @@
package_upgrade: true
packages:
- ansible
- git
- curl
- wget
- ca-certificates
- gnupg
- lsb-release
users:
- name: ansible
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
ssh_authorized_keys:
- YOUR_SSH_PUBLIC_KEY
groups: sudo
timezone: Europe/Paris
write_files:
- path: /etc/node-role
content: witness
permissions: "0644"
- path: /etc/ansible-pull.conf
content: |
REPO_URL=YOUR_FORGEJO_REPO_URL
FORGEJO_TOKEN=YOUR_FORGEJO_TOKEN
K3S_VERSION=v1.28.5+k3s1
K3S_TOKEN=YOUR_K3S_TOKEN
permissions: "0600"
- path: /usr/local/bin/ansible-pull-wrapper.sh
content: |
#!/bin/bash
set -e
source /etc/ansible-pull.conf
export K3S_TOKEN
export FORGEJO_TOKEN
export REPO_URL
WORK_DIR="/var/lib/ansible-local"
mkdir -p $WORK_DIR
cd $WORK_DIR
REPO_WITH_AUTH=$(echo $REPO_URL | sed "s|https://|https://git:$FORGEJO_TOKEN@|")
if [ -d ".git" ]; then
git pull origin main 2>&1 | logger -t ansible-pull
else
git clone $REPO_WITH_AUTH . 2>&1 | logger -t ansible-pull
fi
ansible-playbook ansible/site.yml -i localhost, --connection=local -e "k3s_version=$K3S_VERSION" 2>&1 | logger -t ansible-pull
permissions: "0755"
runcmd:
- echo '*/15 * * * * root /usr/local/bin/ansible-pull-wrapper.sh' > /etc/cron.d/ansible-pull
- sleep 60 && /usr/local/bin/ansible-pull-wrapper.sh &

50
snippets/cloud-init-k3s-server-1.yaml Normal file
View file

@ -0,0 +1,50 @@
package_upgrade: true
packages:
- ansible
- git
- curl
- wget
- ca-certificates
- gnupg
- lsb-release
users:
- name: ansible
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
ssh_authorized_keys:
- YOUR_SSH_PUBLIC_KEY
groups: sudo
timezone: Europe/Paris
write_files:
- path: /etc/node-role
content: server
permissions: "0644"
- path: /etc/ansible-pull.conf
content: |
REPO_URL=YOUR_FORGEJO_REPO_URL
FORGEJO_TOKEN=YOUR_FORGEJO_TOKEN
K3S_VERSION=v1.28.5+k3s1
K3S_TOKEN=YOUR_K3S_TOKEN
permissions: "0600"
- path: /usr/local/bin/ansible-pull-wrapper.sh
content: |
#!/bin/bash
set -e
source /etc/ansible-pull.conf
export K3S_TOKEN
export FORGEJO_TOKEN
export REPO_URL
WORK_DIR="/var/lib/ansible-local"
mkdir -p $WORK_DIR
cd $WORK_DIR
REPO_WITH_AUTH=$(echo $REPO_URL | sed "s|https://|https://git:$FORGEJO_TOKEN@|")
if [ -d ".git" ]; then
git pull origin main 2>&1 | logger -t ansible-pull
else
git clone $REPO_WITH_AUTH . 2>&1 | logger -t ansible-pull
fi
ansible-playbook ansible/site.yml -i localhost, --connection=local -e "k3s_version=$K3S_VERSION" 2>&1 | logger -t ansible-pull
permissions: "0755"
runcmd:
- echo '*/15 * * * * root /usr/local/bin/ansible-pull-wrapper.sh' > /etc/cron.d/ansible-pull
- sleep 60 && /usr/local/bin/ansible-pull-wrapper.sh &

50
snippets/cloud-init-k3s-server-2.yaml Normal file
View file

@ -0,0 +1,50 @@
package_upgrade: true
packages:
- ansible
- git
- curl
- wget
- ca-certificates
- gnupg
- lsb-release
users:
- name: ansible
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
ssh_authorized_keys:
- YOUR_SSH_PUBLIC_KEY
groups: sudo
timezone: Europe/Paris
write_files:
- path: /etc/node-role
content: server
permissions: "0644"
- path: /etc/ansible-pull.conf
content: |
REPO_URL=YOUR_FORGEJO_REPO_URL
FORGEJO_TOKEN=YOUR_FORGEJO_TOKEN
K3S_VERSION=v1.28.5+k3s1
K3S_TOKEN=YOUR_K3S_TOKEN
permissions: "0600"
- path: /usr/local/bin/ansible-pull-wrapper.sh
content: |
#!/bin/bash
set -e
source /etc/ansible-pull.conf
export K3S_TOKEN
export FORGEJO_TOKEN
export REPO_URL
WORK_DIR="/var/lib/ansible-local"
mkdir -p $WORK_DIR
cd $WORK_DIR
REPO_WITH_AUTH=$(echo $REPO_URL | sed "s|https://|https://git:$FORGEJO_TOKEN@|")
if [ -d ".git" ]; then
git pull origin main 2>&1 | logger -t ansible-pull
else
git clone $REPO_WITH_AUTH . 2>&1 | logger -t ansible-pull
fi
ansible-playbook ansible/site.yml -i localhost, --connection=local -e "k3s_version=$K3S_VERSION" 2>&1 | logger -t ansible-pull
permissions: "0755"
runcmd:
- echo '*/15 * * * * root /usr/local/bin/ansible-pull-wrapper.sh' > /etc/cron.d/ansible-pull
- sleep 60 && /usr/local/bin/ansible-pull-wrapper.sh &