Add Ansible scripts for system management

2025-09-18 03:25:21 +00:00 · 2025-09-18 03:25:21 +00:00 · 56a4994488
commit 56a4994488
7 changed files with 183 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,24 @@
+# Management Scripts
+
+这个仓库包含系统管理相关的脚本和配置文件。
+
+## 目录结构
+
+- `ansible/` - Ansible 自动化脚本
+  - `system-update.yml` - 系统更新 playbook (apt update && apt upgrade)
+  - `inventory.ini` - 服务器清单文件
+  - `ansible.cfg` - Ansible 配置文件
+- `config.json` - Semaphore 配置文件
+
+## Ansible 使用方法
+
+```bash
+cd ansible
+LANG=C ansible-playbook -i inventory.ini system-update.yml
+```
+
+## Semaphore 配置
+
+- Web 界面: http://localhost:3000
+- 用户名: admin
+- 密码: admin123
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@ -0,0 +1,10 @@
+[defaults]
+inventory = inventory.ini
+host_key_checking = False
+timeout = 30
+gathering = smart
+fact_caching = memory
+
+[ssh_connection]
+ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no
+pipelining = True
--- a/ansible/inventory.ini
+++ b/ansible/inventory.ini
@ -0,0 +1,8 @@
+[servers]
+# 添加您的服务器信息，例如:
+# server1 ansible_host=192.168.1.10 ansible_user=root
+# server2 ansible_host=192.168.1.11 ansible_user=ubuntu ansible_become=yes
+localhost ansible_connection=local
+
+[all:vars]
+ansible_ssh_common_args='-o StrictHostKeyChecking=no'
--- a/ansible/system-update.yml
+++ b/ansible/system-update.yml
@ -0,0 +1,35 @@
+---
+- name: System Update Playbook
+  hosts: all
+  become: yes
+  gather_facts: yes
+  
+  tasks:
+    - name: Update apt cache
+      apt:
+        update_cache: yes
+        cache_valid_time: 3600
+      when: ansible_os_family == "Debian"
+      
+    - name: Upgrade all packages
+      apt:
+        upgrade: yes
+        autoremove: yes
+        autoclean: yes
+      when: ansible_os_family == "Debian"
+      register: upgrade_result
+      
+    - name: Display upgrade results
+      debug:
+        msg: "System upgrade completed. {{ upgrade_result.changed }} packages were updated."
+        
+    - name: Check if reboot is required
+      stat:
+        path: /var/run/reboot-required
+      register: reboot_required
+      when: ansible_os_family == "Debian"
+      
+    - name: Notify if reboot is required
+      debug:
+        msg: "System reboot is required to complete the update."
+      when: reboot_required.stat.exists is defined and reboot_required.stat.exists
--- a/config.json
+++ b/config.json
@ -0,0 +1,16 @@
+{
+ 	"postgres": {
+ 		"host": "postgresql:5432",
+ 		"user": "postgres",
+ 		"pass": "Ccie#15544",
+ 		"name": "semaphore",
+ 		"options": {
+ 			"sslmode": "disable"
+ 		}
+ 	},
+ 	"dialect": "postgres",
+ 	"tmp_path": "/tmp/semaphore",
+ 	"cookie_hash": "DlY3h3sXjiJV04u4F1eF6ZuLEQOw+jlXe6Qj4Fxn2m8=",
+ 	"cookie_encryption": "4BZst4BOkCobGLDQn00WuSVFH8oA4dcgTgbZf7rtkyo=",
+ 	"access_key_encryption": "SqHu6FvyjMkFfjJ/8apw5HN26XZaXNg32Yqp0p1tFs8="
+ }
--- a/semaphore-setup-guide.md
+++ b/semaphore-setup-guide.md
@ -0,0 +1,85 @@
+# Semaphore 项目配置指南
+
+## 1. 访问 Semaphore Web 界面
+
+- URL: http://your-server-ip:3000
+- 用户名: `admin`
+- 密码: `admin123`
+
+## 2. 创建项目步骤
+
+### 第一步：添加 Key Store (SSH 密钥或访问令牌)
+1. 点击左侧菜单 "Key Store"
+2. 点击 "New Key" 按钮
+3. 填写信息：
+   - **Name**: `gitea-access-token`
+   - **Type**: 选择 "Login with password"
+   - **Username**: `ben`
+   - **Password**: `8d7d70f324796be650b79415303c31f567bf459b`
+
+### 第二步：添加 Repository
+1. 点击左侧菜单 "Repositories"
+2. 点击 "New Repository" 按钮
+3. 填写信息：
+   - **Name**: `ansible-scripts`
+   - **URL**: `https://gitea.tailnet-68f9.ts.net/ben/ansible-scripts.git`
+   - **Branch**: `main`
+   - **Access Key**: 选择刚创建的 `gitea-access-token`
+
+### 第三步：创建 Inventory
+1. 点击左侧菜单 "Inventory"
+2. 点击 "New Inventory" 按钮
+3. 填写信息：
+   - **Name**: `servers`
+   - **User Credentials**: 选择或创建服务器访问凭据
+   - **Sudo Credentials**: 如果需要 sudo 权限，选择相应凭据
+   - **Type**: 选择 "Static"
+   - **Inventory**: 输入服务器信息，例如：
+     ```
+     [servers]
+     localhost ansible_connection=local
+     # 或添加远程服务器
+     # server1 ansible_host=192.168.1.10 ansible_user=root
+     ```
+
+### 第四步：创建 Environment
+1. 点击左侧菜单 "Environment"
+2. 点击 "New Environment" 按钮
+3. 填写信息：
+   - **Name**: `production`
+   - **JSON**: 可以留空或添加环境变量
+
+### 第五步：创建 Task Template
+1. 点击左侧菜单 "Task Templates"
+2. 点击 "New Template" 按钮
+3. 填写信息：
+   - **Name**: `System Update`
+   - **Playbook**: `system-update.yml`
+   - **Inventory**: 选择刚创建的 `servers`
+   - **Repository**: 选择 `ansible-scripts`
+   - **Environment**: 选择 `production`
+
+## 3. 运行任务
+
+1. 在 "Task Templates" 页面找到 "System Update" 模板
+2. 点击 "Run" 按钮
+3. 确认设置后点击 "Run" 执行任务
+
+## 4. 监控任务执行
+
+- 在 "Tasks" 页面可以查看任务执行历史
+- 点击具体任务可以查看详细日志
+- 可以设置定时任务自动执行系统更新
+
+## 项目文件说明
+
+- `system-update.yml`: 主要的 Ansible playbook，执行 apt update && apt upgrade
+- `inventory.ini`: 服务器清单文件模板
+- `ansible.cfg`: Ansible 配置文件
+- `README.md`: 项目说明文档
+
+## Git 仓库信息
+
+- **仓库地址**: https://gitea.tailnet-68f9.ts.net/ben/ansible-scripts
+- **分支**: main
+- **最新提交**: 包含系统更新脚本的初始版本
--- a/try.md
+++ b/try.md
@ -0,0 +1,5 @@
+8d7d70f324796be650b79415303c31f567bf459b
+https://gitea.tailnet-68f9.ts.net/
+ben
+git remote add origin git@gitea.tailnet-68f9.ts.net:ben/mgmt.git
+git push -u origin main