Last active
June 26, 2018 16:47
-
-
Save eedgar/ce057447dbac761cf0c295951145d640 to your computer and use it in GitHub Desktop.
ubuntu deploy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
write_files: | |
- path: '/tmp/x' | |
content: '!ansible-generic' | |
groups: | |
- docker | |
users: | |
- name: eedgar | |
ssh-authorized-keys: | |
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5vAM50VJ0JqMZO9cdffDBxhZWeA01I3eO/Wqb7/EWT4uRmG/L8sdePMmN6CGgPzqPKzLcIYMthgDlsmcP4v4jj8BufJmQ7l/wT1hk0OhOf7GacbQ4AOv4t8VjN8O1LREIduduB1G0DfuzdqOm8P5zZ3zt0/IZU+p7EuOaB9HTuK+lz++ZaOmKvcp/uwIONUaDXIpwQtieHX8ELl/RDIon7fVvnrIu6IjaGASldii6crBICm6KJGncgBu/umfq+t0JLtTkNU8+qKD4xOGalgAqWRkUlX83SDLQQDVWqJkvyUHFc8rgRI0sSY/tHUvQDWROW223/XHNFNvObGkz05tR eedgar@MN-EEDGAR-M.local | |
groups: docker | |
sudo: ['ALL=(ALL) NOPASSWD:ALL'] | |
shell: /bin/bash | |
write_files: | |
- path: /etc/ssh/streleng-ssh-ca.pem | |
permissions: '0644' | |
content: | | |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFhxYVlBj7GQ8QrgnqzaWLLnCtEtWDYYGBhAsOUtfEY SmartThingsSSH | |
- path: /var/lib/cloud/scripts/per-instance/docker.sh | |
permissions: '0755' | |
content: | | |
#!/bin/bash | |
source /etc/profile.d/spinnaker.sh | |
grep -q -F 'TrustedUserCAKeys /etc/ssh/streleng-ssh-ca.pem' /etc/ssh/sshd_config || echo 'TrustedUserCAKeys /etc/ssh/streleng-ssh-ca.pem' >> /etc/ssh/sshd_config | |
sudo /etc/init.d/ssh restart | |
sudo apt-get install -y curl vim | |
sudo apt install -y apt-transport-https ca-certificates software-properties-common | |
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - | |
sudo apt-get update | |
sudo apt-cache policy docker-ce | |
sudo apt-get install -y awscli | |
sudo apt install -y docker-ce | |
sudo systemctl stop docker | |
CONFIGURATION_FILE=$(systemctl show --property=FragmentPath docker | cut -f2 -d=) | |
sudo cp $CONFIGURATION_FILE /etc/systemd/system/docker.service | |
sudo perl -pi -e 's/^(ExecStart=.+)$/$1 -s overlay/' /etc/systemd/system/docker.service | |
sudo systemctl daemon-reload | |
sudo systemctl start docker | |
CIPHER_TEXT="AQICAHjHZ/lAUxeC9rCAKbbvnyAcg3BxmI4NWCbu+WAX4Ik1QwGsJjvofvFLVnC81xW/189WAAAEzDCCBMgGCSqGSIb3DQEHBqCCBLkwggS1AgEAMIIErgYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzGFtKRKNfmQmHiICoCARCAggR/kdkSkZO5+/Si6pwAg134maS64sloOBgPOu09ccybNCnBkg+uhB65+0pgiWCIGXtxTS24PN01VO7ycl/8QYaes2SwzfD3vr4lDcJE4YhD/mD2363nCCUYtspGVZbOE6zINvulNIILZ91faWaHP66y7h57qeZT2OS/KnrTVVypAHPJWg1PQWQRY4K+F1Z2Kgy8xZ3o3+RVHBnIyO+u4vkp4DqJNohrWgZQXxfIwpW7cYRYta8EmfqSIqZ5ATj0uGjs2JhcP6VKovT7XJ3xVsw8jcDmXEQSj3a5r1XacCJOCbOdAo2a0CctuKpeWP0wRjqkhUpONdP6CBl4TUelEK4Zjr5/qlY9yjxDcmar2YNrKyIx6NOdMrxgam8x/VTaWUDSjV1gVPnXJowezydniEWxzQoYExI/DtTb/v3JbbDw+leq33tseq8aNsdjD5LwFvoQyEst9UuV16x48TlvroFd+Nv6PTpFngqfBTSCVS5TlVj/mrqOKw2XkOlIJ6DiWJaR1mXPF/up7uahbGQGmhhyUCLgka+oPnY71gtGL3nzXIVVXZJJQ1n4jOPnKcDr68IO/zDkXgi5JK68Zgx7/EoePqGs1f9xZyvD8RmW8sUFkNd0auIg+EzDeGbcCZKAc+7n4ZQtxuRALwkjRf3iSg0OcJjH7TBJXhKNWQKm3CUIHKUkAaZa/WR3P6mqIgdaQQ2hmKTtoVXpnEtmVF7RcZHIOCdkX8trSKKGW4xedZdI49hjMAYPlLgeh97B65XfmD+Tdpun2KQjNUA0jM8dGL1C0zJjxKXzCkyWBgAF/FfNLgrC85XpuaaQieuvZYOTOB6UowU7y7N/OXU07VmvaoUCIflQPmvoa1L7VVbuxicKwc6myQduenFF17HeYpaOIfz8DNXp8sl+5Q60RRv+iPb2dkyB3kP+M3Q1oZaVGDUO9xX+Uww02y+kOsWRIH4y9CFDhiosYc6cIz6WGaxakpwwhI0uJZJ5ZKek2PXj+cTHi6OzLRj9yzNS7hb4E4sGXXiW5F54sF+DzaO9oLTPWgzBuc5disSjl+rVC7tOdOFwoEOxj8UCK4y5l4zDFPG4HAiut7xq5jSMfBb+ZL0TZ1n9PRpFeJjJDmtiNDbIIP/vaekxMoxH68bxD3UqXMDr3qp3JqBcKAYWgNOYwIMXgcjrNsk2YXdOFToI+DkaJ64Si+eibRvij/iq9p3thB8+AHyDdxDjM44O5qGMYpEQPKDYNL05geitDh2DHKJ+KJGtwAvBA1PFDNW5iBShpEPUuGgvlYDQAWmKlYk+vt9i/fLlyw9WyEkX6csgJhOYGGVUXflr8jubd0otOKfjhw9Jkt+ey/y4oVGvgXDFuNnwDD9IxKQP29XMZqo+eDRZ0JizdwKjJmkoe17shpvllMRrZYcFHiZLxxzkhiSDsM26OeNrb0ixtxpMC4H65r2cqmADP5+WmqMq8xYgm0ujXvjlbjn7yVWM86c5EIygWXQsTofPFcfulqNw/FSl2GPwVnHakgTY5redFWE1meFLjLtEtTQ=" | |
DD_API_KEY=$(aws kms decrypt --ciphertext --output text --query Plaintext fileb://<(base64 --decode <<< $CIPHER_TEXT) | base64 --decode|grep datadog_api_key|awk '{print $2}') | |
ARTIFACTORY_DOCKER_TOKEN=$(aws kms decrypt --ciphertext --output text --query Plaintext fileb://<(base64 --decode <<< $CIPHER_TEXT) | base64 --decode|grep artifactory_docker_token|awk '{print $2}') | |
SUMOLOGIC_ACCESS_ID=$(aws kms decrypt --ciphertext --output text --query Plaintext fileb://<(base64 --decode <<< $CIPHER_TEXT) | base64 --decode|grep sumologic_access_id|awk '{print $2}') | |
SUMOLOGIC_ACCESS_KEY=$(aws kms decrypt --ciphertext --output text --query Plaintext fileb://<(base64 --decode <<< $CIPHER_TEXT) | base64 --decode|grep sumologic_access_key|awk '{print $2}') | |
RABBITMQ_ERLANG_COOKIE=$(aws kms decrypt --ciphertext --output text --query Plaintext fileb://<(base64 --decode <<< $CIPHER_TEXT) | base64 --decode|grep rabbitmq_erlang_cookie|awk '{print $2}') | |
echo $ARTIFACTORY_DOCKER_TOKEN|docker login smartthings-docker-infra.jfrog.io -u docker-infra --password-stdin | |
docker run -d -v /var/run/docker.sock:/var/run/docker.sock:ro \ | |
-v /proc/:/host/proc/:ro \ | |
-v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \ | |
-e DD_API_KEY=$DD_API_KEY \ | |
--name="datadog-collector" \ | |
datadog/agent:latest | |
docker run -d -v /var/run/docker.sock:/var/run/docker.sock --name="sumo-logic-collector" sumologic/collector:latest ${SUMOLOGIC_ACCESS_ID} ${SUMOLOGIC_ACCESS_KEY} | |
docker run -d --hostname $(hostname) \ | |
--name smartthings-rabbitmq \ | |
-e RABBITMQ_ERLANG_COOKIE=${RABBITMQ_ERLANG_COOKIE} \ | |
-p 4369:4369 \ | |
-p 5671:5671 \ | |
-p 5672:5672 \ | |
-p 15671:15671 \ | |
-p 15672:15672 \ | |
smartthings-docker-infra.jfrog.io/smartthings-rabbitmq-3.7:latest | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment