Add new roles and provision playbooks
diff --git a/README.md b/README.md
index 82a2d52..3eac5aa 100644
--- a/README.md
+++ b/README.md
@@ -20,3 +20,20 @@
api_key = <REDACTED>
Then simply run the script which will dump the current inventory to stdout. Redirect the output to whatever filename you so desire.
+
+Provisioning a Node
+---
+
+First, create a new VM of the desired type using whatever means necessary to have root SSH access along with a public IP address (or at least, some method that can be configured into Ansible though you're on your own at this point).
+
+Then run:
+
+ ansible-playbook -i W.X.Y.Z, provision.yml
+
+*Note:* Make sure to include the trailing comma (,) in the -i argument or you'll get an error about not being able to parse the inventory.
+
+Once this has run and you have updated the `production` inventory file (See the section above on generating inventory files) in this directory you can then run:
+
+ ansible-playbook -i production ci_agents.yml
+
+And the node will be configured as a new CI agent.
\ No newline at end of file
diff --git a/ci_agents.yml b/ci_agents.yml
new file mode 100644
index 0000000..8278f40
--- /dev/null
+++ b/ci_agents.yml
@@ -0,0 +1,5 @@
+---
+- hosts: ci_agents
+ roles:
+ - common
+ - ci_agent
\ No newline at end of file
diff --git a/group_vars/all.yaml b/group_vars/all.yaml
new file mode 100644
index 0000000..3e9e888
--- /dev/null
+++ b/group_vars/all.yaml
@@ -0,0 +1 @@
+ansible_ssh_user: couchdb
diff --git a/provision.yml b/provision.yml
new file mode 100644
index 0000000..24e54af
--- /dev/null
+++ b/provision.yml
@@ -0,0 +1,30 @@
+---
+- hosts: all
+ vars:
+ ansible_ssh_user: root
+ tasks:
+ - name: Add user couchdb
+ user:
+ name: couchdb
+ state: present
+ shell: /bin/bash
+
+ - name: Make sure sudo is installed
+ apt:
+ name: sudo
+ state: latest
+
+ - name: Grant sudo access to couchdb user
+ copy:
+ content: 'couchdb ALL=(ALL) NOPASSWD:ALL'
+ dest: /etc/sudoers.d/couchdb
+ mode: 0440
+
+ - name: Allow CouchDB Infra access to couchdb user
+ authorized_key:
+ user: couchdb
+ state: present
+ key: "{{ item }}"
+ with_items:
+ - https://github.com/davisp.keys
+ - https://github.com/wohali.keys
\ No newline at end of file
diff --git a/roles/ci_agent/tasks/main.yml b/roles/ci_agent/tasks/main.yml
new file mode 100644
index 0000000..edf6791
--- /dev/null
+++ b/roles/ci_agent/tasks/main.yml
@@ -0,0 +1,55 @@
+- name: Install Docker gpg key for Apt
+ become: yes
+ apt_key:
+ url: https://download.docker.com/linux/debian/gpg
+ state: present
+
+- name: Setup Docker Apt repository
+ become: yes
+ apt_repository:
+ repo: deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
+ filename: docker
+ state: present
+
+- name: Install Docker Packages
+ become: yes
+ apt:
+ name: "{{ packages }}"
+ vars:
+ packages:
+ - containerd.io
+ - docker-ce
+ - docker-ce-cli
+
+- name: Install multi-architecture support for Docker
+ become: yes
+ apt:
+ name: "{{ packages }}"
+ state: latest
+ vars:
+ packages:
+ - binfmt-support
+ - qemu
+ - qemu-user-static
+
+- name: Install Java 8
+ become: yes
+ apt:
+ name: "{{ packages }}"
+ state: latest
+ vars:
+ packages:
+ - openjdk-8-jre-headless
+
+# Copy infra script to delete old docker images
+# Add cron to run docker deleter script
+
+# Add jenkins user with specific uid
+# Write script to download a jar and run it
+# Install script as runit service
+
+# Figure out how to configure the password things required
+# for running the jar bits
+
+# Figure out if our Java agent requires all the jars
+# and tooling I saw in the docs (ant, maven, multiple jvms, etc)
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
new file mode 100644
index 0000000..edd83cc
--- /dev/null
+++ b/roles/common/tasks/main.yml
@@ -0,0 +1,29 @@
+- name: Install basic ubiquitous packages
+ become: yes
+ apt:
+ name: "{{ packages }}"
+ state: latest
+ update_cache: yes
+ cache_valid_time: 3600
+ vars:
+ packages:
+ - apt-transport-https
+ - atop
+ - ca-certificates
+ - curl
+ - git
+ - gnupg2
+ - iftop
+ - iperf3
+ - mtr-tiny
+ - nload
+ - python3
+ - runit
+ - runit-systemd
+ - screen
+ - software-properties-common
+ - strace
+ - tcpdump
+ - tmux
+ - vim
+ - wget