commit 56a4994488b89623eb952b2f55c16567622b03c3 Author: Semaphore Admin Date: Thu Sep 18 03:25:21 2025 +0000 Add Ansible scripts for system management diff --git a/README.md b/README.md new file mode 100644 index 0000000..f492a69 --- /dev/null +++ b/README.md @@ -0,0 +1,24 @@ +# Management Scripts + +这个仓库包含系统管理相关的脚本和配置文件。 + +## 目录结构 + +- `ansible/` - Ansible 自动化脚本 + - `system-update.yml` - 系统更新 playbook (apt update && apt upgrade) + - `inventory.ini` - 服务器清单文件 + - `ansible.cfg` - Ansible 配置文件 +- `config.json` - Semaphore 配置文件 + +## Ansible 使用方法 + +```bash +cd ansible +LANG=C ansible-playbook -i inventory.ini system-update.yml +``` + +## Semaphore 配置 + +- Web 界面: http://localhost:3000 +- 用户名: admin +- 密码: admin123 \ No newline at end of file diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg new file mode 100644 index 0000000..479c711 --- /dev/null +++ b/ansible/ansible.cfg @@ -0,0 +1,10 @@ +[defaults] +inventory = inventory.ini +host_key_checking = False +timeout = 30 +gathering = smart +fact_caching = memory + +[ssh_connection] +ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no +pipelining = True \ No newline at end of file diff --git a/ansible/inventory.ini b/ansible/inventory.ini new file mode 100644 index 0000000..7af37a2 --- /dev/null +++ b/ansible/inventory.ini @@ -0,0 +1,8 @@ +[servers] +# 添加您的服务器信息,例如: +# server1 ansible_host=192.168.1.10 ansible_user=root +# server2 ansible_host=192.168.1.11 ansible_user=ubuntu ansible_become=yes +localhost ansible_connection=local + +[all:vars] +ansible_ssh_common_args='-o StrictHostKeyChecking=no' \ No newline at end of file diff --git a/ansible/system-update.yml b/ansible/system-update.yml new file mode 100644 index 0000000..edba221 --- /dev/null +++ b/ansible/system-update.yml @@ -0,0 +1,35 @@ +--- +- name: System Update Playbook + hosts: all + become: yes + gather_facts: yes + + tasks: + - name: Update apt cache + apt: + update_cache: yes + cache_valid_time: 3600 + when: ansible_os_family == "Debian" + + - name: Upgrade all packages + apt: + upgrade: yes + autoremove: yes + autoclean: yes + when: ansible_os_family == "Debian" + register: upgrade_result + + - name: Display upgrade results + debug: + msg: "System upgrade completed. {{ upgrade_result.changed }} packages were updated." + + - name: Check if reboot is required + stat: + path: /var/run/reboot-required + register: reboot_required + when: ansible_os_family == "Debian" + + - name: Notify if reboot is required + debug: + msg: "System reboot is required to complete the update." + when: reboot_required.stat.exists is defined and reboot_required.stat.exists \ No newline at end of file diff --git a/config.json b/config.json new file mode 100644 index 0000000..a964117 --- /dev/null +++ b/config.json @@ -0,0 +1,16 @@ +{ + "postgres": { + "host": "postgresql:5432", + "user": "postgres", + "pass": "Ccie#15544", + "name": "semaphore", + "options": { + "sslmode": "disable" + } + }, + "dialect": "postgres", + "tmp_path": "/tmp/semaphore", + "cookie_hash": "DlY3h3sXjiJV04u4F1eF6ZuLEQOw+jlXe6Qj4Fxn2m8=", + "cookie_encryption": "4BZst4BOkCobGLDQn00WuSVFH8oA4dcgTgbZf7rtkyo=", + "access_key_encryption": "SqHu6FvyjMkFfjJ/8apw5HN26XZaXNg32Yqp0p1tFs8=" + } \ No newline at end of file diff --git a/semaphore-setup-guide.md b/semaphore-setup-guide.md new file mode 100644 index 0000000..deb601d --- /dev/null +++ b/semaphore-setup-guide.md @@ -0,0 +1,85 @@ +# Semaphore 项目配置指南 + +## 1. 访问 Semaphore Web 界面 + +- URL: http://your-server-ip:3000 +- 用户名: `admin` +- 密码: `admin123` + +## 2. 创建项目步骤 + +### 第一步:添加 Key Store (SSH 密钥或访问令牌) +1. 点击左侧菜单 "Key Store" +2. 点击 "New Key" 按钮 +3. 填写信息: + - **Name**: `gitea-access-token` + - **Type**: 选择 "Login with password" + - **Username**: `ben` + - **Password**: `8d7d70f324796be650b79415303c31f567bf459b` + +### 第二步:添加 Repository +1. 点击左侧菜单 "Repositories" +2. 点击 "New Repository" 按钮 +3. 填写信息: + - **Name**: `ansible-scripts` + - **URL**: `https://gitea.tailnet-68f9.ts.net/ben/ansible-scripts.git` + - **Branch**: `main` + - **Access Key**: 选择刚创建的 `gitea-access-token` + +### 第三步:创建 Inventory +1. 点击左侧菜单 "Inventory" +2. 点击 "New Inventory" 按钮 +3. 填写信息: + - **Name**: `servers` + - **User Credentials**: 选择或创建服务器访问凭据 + - **Sudo Credentials**: 如果需要 sudo 权限,选择相应凭据 + - **Type**: 选择 "Static" + - **Inventory**: 输入服务器信息,例如: + ``` + [servers] + localhost ansible_connection=local + # 或添加远程服务器 + # server1 ansible_host=192.168.1.10 ansible_user=root + ``` + +### 第四步:创建 Environment +1. 点击左侧菜单 "Environment" +2. 点击 "New Environment" 按钮 +3. 填写信息: + - **Name**: `production` + - **JSON**: 可以留空或添加环境变量 + +### 第五步:创建 Task Template +1. 点击左侧菜单 "Task Templates" +2. 点击 "New Template" 按钮 +3. 填写信息: + - **Name**: `System Update` + - **Playbook**: `system-update.yml` + - **Inventory**: 选择刚创建的 `servers` + - **Repository**: 选择 `ansible-scripts` + - **Environment**: 选择 `production` + +## 3. 运行任务 + +1. 在 "Task Templates" 页面找到 "System Update" 模板 +2. 点击 "Run" 按钮 +3. 确认设置后点击 "Run" 执行任务 + +## 4. 监控任务执行 + +- 在 "Tasks" 页面可以查看任务执行历史 +- 点击具体任务可以查看详细日志 +- 可以设置定时任务自动执行系统更新 + +## 项目文件说明 + +- `system-update.yml`: 主要的 Ansible playbook,执行 apt update && apt upgrade +- `inventory.ini`: 服务器清单文件模板 +- `ansible.cfg`: Ansible 配置文件 +- `README.md`: 项目说明文档 + +## Git 仓库信息 + +- **仓库地址**: https://gitea.tailnet-68f9.ts.net/ben/ansible-scripts +- **分支**: main +- **最新提交**: 包含系统更新脚本的初始版本 \ No newline at end of file diff --git a/try.md b/try.md new file mode 100644 index 0000000..dd35d70 --- /dev/null +++ b/try.md @@ -0,0 +1,5 @@ +8d7d70f324796be650b79415303c31f567bf459b +https://gitea.tailnet-68f9.ts.net/ +ben +git remote add origin git@gitea.tailnet-68f9.ts.net:ben/mgmt.git +git push -u origin main