init commit

2024-02-09 05:23:29 -06:00 · 2024-02-09 05:23:29 -06:00 · a7154389fc
commit a7154389fc
parent 789805f7a3
33 changed files with 572 additions and 0 deletions
--- a/3
+++ b/3
@ -0,0 +1,3 @@
 update:
 	   ansible-playbook -i hosts main.yml --ask-become-pass
--- a/11
+++ b/11
@ -0,0 +1,11 @@
 # Server Names and their IP Addresses Go Here
 [bitb0x]
 192.168.2.103
 # Each Server should have a "vars" block like below to set individual settings for each
 #
 [bitb0x:vars]
 ansible_user=b0xxy
 ansible_password=b0xxy
--- a/main.yml
+++ b/main.yml
@ -0,0 +1,14 @@
 ---
 - hosts: bitb0x
  vars:
  roles:
    - install
    - bitcoin
    - config
  tasks:
    - name: Example from an Ansible Playbook
      ansible.builtin.ping:
--- a/podman/bitcoin/Containerfile
+++ b/podman/bitcoin/Containerfile
@ -0,0 +1,68 @@
 #Based on Dockerflie from Kyle Manna - https://github.com/kylemanna/docker-bitcoind
 FROM almalinux/9-minimal AS build
 RUN microdnf update -y \
    && microdnf install -y \
    ca-certificates \
    gnupg2 \
    libatomic \
    wget \
    tar \
    gzip \
    && microdnf clean all && rm -fr /tmp/* /var/tmp/*
 ARG VERSION=26.0
 ARG BITCOIN_CORE_SIGNATURE=71A3B16735405025D447E8F274810B012346C9A6
 ENV GOSU_VERSION 1.17
 RUN cd /tmp \
    && gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys ${BITCOIN_CORE_SIGNATURE} \
    && wget https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS.asc \
    https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS \
    https://bitcoincore.org/bin/bitcoin-core-${VERSION}/bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz \
    && gpg --verify --status-fd 1 --verify SHA256SUMS.asc SHA256SUMS 2>/dev/null | grep "^\[GNUPG:\] VALIDSIG.*${BITCOIN_CORE_SIGNATURE}\$" \
    && sha256sum --ignore-missing --check SHA256SUMS \
    && tar -xzvf bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz -C /opt \
    && ln -sv bitcoin-${VERSION} /opt/bitcoin \
    && /opt/bitcoin/bin/test_bitcoin --show_progress \
    && rm -v /opt/bitcoin/bin/test_bitcoin /opt/bitcoin/bin/bitcoin-qt
 RUN wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-amd64"; \
 	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-amd64.asc"; \
 	\
 # verify the signature
 	export GNUPGHOME="$(mktemp -d)"; \
 	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
 	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
 	gpgconf --kill all; \
 	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; 
 FROM almalinux/9-minimal
 LABEL maintainer="b0xxer@b0xxy.net"
 ENTRYPOINT ["entrypoint.sh"]
 ENV HOME /bitcoin
 EXPOSE 8332 8333
 VOLUME ["/bitcoin/.bitcoin"]
 WORKDIR /bitcoin
 COPY --from=build /opt/ /opt/
 COPY --from=build /usr/local/bin/gosu /usr/local/bin/
 RUN microdnf update -y \
    && microdnf install -y libatomic shadow-utils \
    && microdnf clean all && rm -rf /tmp/* /var/tmp/* \
    && ln -sv /opt/bitcoin/bin/* /usr/local/bin 
 ARG GROUP_ID=1000
 ARG USER_ID=1000
 RUN groupadd -g ${GROUP_ID} bitcoin \
    && useradd -u ${USER_ID} -g bitcoin -d /bitcoin bitcoin
 COPY ./bin ./entrypoint.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/entrypoint.sh && chmod +x /usr/local/bin/gosu \
  && chmod +x /usr/local/bin/btc_oneshot && chmod +x /usr/local/bin/btc_init 
 CMD ["btc_oneshot"]
--- a/podman/bitcoin/bin/btc_init
+++ b/podman/bitcoin/bin/btc_init
@ -0,0 +1,25 @@
 #!/bin/bash
 set -ex
 # This shouldn't be in the Dockerfile or containers built from the same image
 # will have the same credentials.
 if [ ! -e "$HOME/.bitcoin/bitcoin.conf" ]; then
    mkdir -p $HOME/.bitcoin
    echo "Creating bitcoin.conf"
    # Seed a random password for JSON RPC server
    cat <<EOF > $HOME/.bitcoin/bitcoin.conf
 regtest=${REGTEST:-0}
 disablewallet=${DISABLEWALLET:-1}
 printtoconsole=${PRINTTOCONSOLE:-1}
 rpcuser=${RPCUSER:-bitcoinrpc}
 rpcpassword=${RPCPASSWORD:-`dd if=/dev/urandom bs=33 count=1 2>/dev/null | base64`}
 EOF
 fi
 cat $HOME/.bitcoin/bitcoin.conf
 echo "Initialization completed successfully"
--- a/podman/bitcoin/bin/btc_oneshot
+++ b/podman/bitcoin/bin/btc_oneshot
@ -0,0 +1,16 @@
 #!/bin/sh
 set -ex
 # Generate bitcoin.conf
 btc_init
 # Default / no argument invocation listens for RPC commands and has to accept non-localhost because of
 # Docker port proxying or Docker private networking.
 if [ $# -eq 0 ]; then
    # If IPv6 is in the container do both:
    #set -- '-rpcbind=[::]:8332' '-rpcallowip=::/0' '-rpcallowip=0.0.0.0/0'
    set -- '-rpcbind=:8332' '-rpcallowip=0.0.0.0/0'
 fi
 exec bitcoind "$@"
--- a/podman/bitcoin/entrypoint.sh
+++ b/podman/bitcoin/entrypoint.sh
@ -0,0 +1,18 @@
 #!/bin/sh
 set -e
 # first arg is `-f` or `--some-option`
 # or first arg is `something.conf`
 if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then
 	set -- btc_oneshot "$@"
 fi
 # Allow the container to be started with `--user`, if running as root drop privileges
 if [ "$1" = 'btc_oneshot' -a "$(id -u)" = '0' ]; then
 	chown -R bitcoin .
 	exec gosu bitcoin "$0" "$@"
 fi
 # If not root (i.e. docker run --user $USER ...), then run as invoked
 exec "$@"
--- a/podman/bitcoin/run.sh
+++ b/podman/bitcoin/run.sh
@ -0,0 +1,9 @@
 #! /bin/sh
 #
 # Distributed under terms of the MIT license.
 #
 podman pod create --name bitcoin-pod -p 8333:8333 -p 127.0.0.1:8332:8332
 podman volume create --name=bitcoind-data
 podman run -v bitcoind-data:/bitcoin/.bitcoin --pod bitcoin-pod --name=bitcoind-node -d \
     git.b0xxy.net/b0xxer/bitcoin:26
--- a/roles/bitcoin/README.md
+++ b/roles/bitcoin/README.md
@ -0,0 +1,38 @@
 Role Name
 =========
 A brief description of the role goes here.
 Requirements
 ------------
 Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
 Role Variables
 --------------
 A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
 Dependencies
 ------------
 A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
 Example Playbook
 ----------------
 Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
    - hosts: servers
      roles:
         - { role: username.rolename, x: 42 }
 License
 -------
 BSD
 Author Information
 ------------------
 An optional section for the role authors to include contact information, or a website (HTML is not allowed).
--- a/roles/bitcoin/defaults/main.yml
+++ b/roles/bitcoin/defaults/main.yml
@ -0,0 +1,2 @@
 ---
 # defaults file for bitcoin
--- a/roles/bitcoin/handlers/main.yml
+++ b/roles/bitcoin/handlers/main.yml
@ -0,0 +1,2 @@
 ---
 # handlers file for bitcoin
--- a/roles/bitcoin/meta/main.yml
+++ b/roles/bitcoin/meta/main.yml
@ -0,0 +1,52 @@
 galaxy_info:
  author: your name
  description: your role description
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Choose a valid license ID from https://spdx.org - some suggested licenses:
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: license (GPL-2.0-or-later, MIT, etc)
  min_ansible_version: 2.1
  # If this a Container Enabled role, provide the minimum Ansible Container version.
  # min_ansible_container_version:
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/roles/bitcoin/tasks/main.yml
+++ b/roles/bitcoin/tasks/main.yml
@ -0,0 +1,2 @@
 ---
 # tasks file for bitcoin
--- a/roles/bitcoin/tests/inventory
+++ b/roles/bitcoin/tests/inventory
@ -0,0 +1,2 @@
 localhost
--- a/roles/bitcoin/tests/test.yml
+++ b/roles/bitcoin/tests/test.yml
@ -0,0 +1,5 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - bitcoin
--- a/roles/bitcoin/vars/main.yml
+++ b/roles/bitcoin/vars/main.yml
@ -0,0 +1,2 @@
 ---
 # vars file for bitcoin
--- a/roles/config/README.md
+++ b/roles/config/README.md
@ -0,0 +1,38 @@
 Role Name
 =========
 A brief description of the role goes here.
 Requirements
 ------------
 Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
 Role Variables
 --------------
 A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
 Dependencies
 ------------
 A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
 Example Playbook
 ----------------
 Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
    - hosts: servers
      roles:
         - { role: username.rolename, x: 42 }
 License
 -------
 BSD
 Author Information
 ------------------
 An optional section for the role authors to include contact information, or a website (HTML is not allowed).
--- a/roles/config/defaults/main.yml
+++ b/roles/config/defaults/main.yml
@ -0,0 +1,2 @@
 ---
 # defaults file for config
--- a/roles/config/handlers/main.yml
+++ b/roles/config/handlers/main.yml
@ -0,0 +1,2 @@
 ---
 # handlers file for config
--- a/roles/config/meta/main.yml
+++ b/roles/config/meta/main.yml
@ -0,0 +1,52 @@
 galaxy_info:
  author: your name
  description: your role description
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Choose a valid license ID from https://spdx.org - some suggested licenses:
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: license (GPL-2.0-or-later, MIT, etc)
  min_ansible_version: 2.1
  # If this a Container Enabled role, provide the minimum Ansible Container version.
  # min_ansible_container_version:
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/roles/config/tasks/main.yml
+++ b/roles/config/tasks/main.yml
@ -0,0 +1,62 @@
 ---
 # tasks file for config
 #
 #
 - import_tasks: parsec-bug.yml
 - name: Enable Cockpit Service
  become: yes
  become_method: sudo
  ansible.builtin.systemd_service:
    name: cockpit.socket                                                                                                                
    state: started
    enabled: yes
 - name: Enable cockpit in firewalld
  become: yes
  become_method: sudo
  ansible.posix.firewalld:
    service: cockpit
    permanent: yes
    state: enabled
 - name: Enable Avahi Service
  become: yes
  become_method: sudo
  ansible.builtin.systemd_service:
    name: avahi-daemon
    state: started 
    enabled: yes  
 - name: Enable mdns in Firewall
  become: yes
  become_method: sudo
  ansible.posix.firewalld:
    service: mdns 
    permanent: yes
    state: enabled
 - name: Modify nsswitch file for mdns lookups                                                                                           
  become: yes
  become_method: sudo
  ansible.builtin.lineinfile:  
    path: /etc/nsswitch.conf
    regexp: '^hosts:'                                                     
    line: 'hosts:   files mdns4_minimal [NOTFOUND=return] dns myhostname'
 - name: Set hostname to bitb0x
  become: yes
  become_method: sudo
  ansible.builtin.hostname:
    name: bitb0x
 - name: Refresh gpg keys
  shell: gpg --keyserver hkps://keys.openpgp.org --refresh-keys
 - name: Enable Avahi Service
  become: yes
  become_method: sudo
  ansible.builtin.systemd_service:
    name: avahi-daemon
    state: restarted 
--- a/roles/config/tasks/parsec-bug.yml
+++ b/roles/config/tasks/parsec-bug.yml
@ -0,0 +1,4 @@
 # get user id: ls -ln /var/lib | grep parsec | grep -v dbus | awk '{print $3}'
 # sudo mkdir /etc/sysusers.d
 # echo "u parsec 983 \"parsec user\" /var/lib/parsec /sbin/nologin" | sudo tee /etc/sysusers.d/parsec.conf
 # sudo chown -R parsec:parsec /var/lib/parsec
--- a/roles/config/tests/inventory
+++ b/roles/config/tests/inventory
@ -0,0 +1,2 @@
 localhost
--- a/roles/config/tests/test.yml
+++ b/roles/config/tests/test.yml
@ -0,0 +1,5 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - config
--- a/roles/config/vars/main.yml
+++ b/roles/config/vars/main.yml
@ -0,0 +1,2 @@
 ---
 # vars file for config
--- a/roles/install/README.md
+++ b/roles/install/README.md
@ -0,0 +1,38 @@
 Role Name
 =========
 A brief description of the role goes here.
 Requirements
 ------------
 Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
 Role Variables
 --------------
 A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
 Dependencies
 ------------
 A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
 Example Playbook
 ----------------
 Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
    - hosts: servers
      roles:
         - { role: username.rolename, x: 42 }
 License
 -------
 BSD
 Author Information
 ------------------
 An optional section for the role authors to include contact information, or a website (HTML is not allowed).
--- a/roles/install/defaults/main.yml
+++ b/roles/install/defaults/main.yml
@ -0,0 +1,2 @@
 ---
 # defaults file for install
--- a/roles/install/handlers/main.yml
+++ b/roles/install/handlers/main.yml
@ -0,0 +1,2 @@
 ---
 # handlers file for install
--- a/roles/install/meta/main.yml
+++ b/roles/install/meta/main.yml
@ -0,0 +1,52 @@
 galaxy_info:
  author: your name
  description: your role description
  company: your company (optional)
  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
  # Choose a valid license ID from https://spdx.org - some suggested licenses:
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: license (GPL-2.0-or-later, MIT, etc)
  min_ansible_version: 2.1
  # If this a Container Enabled role, provide the minimum Ansible Container version.
  # min_ansible_container_version:
  #
  # Provide a list of supported platforms, and for each platform a list of versions.
  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
  # To view available platforms and versions (or releases), visit:
  # https://galaxy.ansible.com/api/v1/platforms/
  #
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/roles/install/tasks/main.yml
+++ b/roles/install/tasks/main.yml
@ -0,0 +1,31 @@
 ---
 # tasks file for install
 #
 - name: Install packages
  become: yes
  become_method: sudo
  register: reboot_status
  community.general.rpm_ostree_pkg:
    name: 
      - podman
      - podman-compose
      - gpg
      - git
      - avahi
      - nss-mdns
      - cockpit
      - cockpit-networkmanager
      - cockpit-ostree
      - cockpit-podman
 - name: Reboot System                                                                                                                   
  become: yes
  become_method: sudo
  ansible.builtin.reboot:
  ignore_errors: true
  when: reboot_status['changed']==True
--- a/roles/install/tests/inventory
+++ b/roles/install/tests/inventory
@ -0,0 +1,2 @@
 localhost
--- a/roles/install/tests/test.yml
+++ b/roles/install/tests/test.yml
@ -0,0 +1,5 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - install
--- a/roles/install/vars/main.yml
+++ b/roles/install/vars/main.yml
@ -0,0 +1,2 @@
 ---
 # vars file for install
		`@ -0,0 +1,3 @@`
							`update:`

							`ansible-playbook -i hosts main.yml --ask-become-pass`