Add OneLab Helm chart, Argo CD Application, and GitOps values for k3s

Made-with: Cursor
2026-03-20 10:15:15 +01:00
commit 52847814e0
102 changed files with 4476 additions and 0 deletions
--- a/app/playbooks/tasks/init-onelab.yml
+++ b/app/playbooks/tasks/init-onelab.yml
@@ -0,0 +1,119 @@
+---
+#
+# Start Installation
+#
+
+# Folders creation
+- name: Creating OneLab directory
+  file:
+    path: "{{ onelab_path }}"
+    state: directory
+    
+- name: Creating OneLab directory structure
+  file:
+    path: "{{ onelab_path }}/{{ item }}"
+    state: directory
+  with_items:
+    - 'backups'
+    - 'data'
+    - 'data/shared'
+    - 'data/shared/inputs'
+    - 'data/shared/archived'
+    - 'logs'
+    - 'installation'
+    - 'ssl'
+    - 'rabbit'
+
+- name: Creating directory for rabbit SSL certificates
+  file:
+    path: "{{ onelab_path }}/rabbit/ssl"
+    state: directory
+
+- name: Creating directory for Ansible logs
+  file:
+    path: "{{ onelab_path }}/logs/ansible"
+    state: directory
+
+# Copy version
+- name: Cleaning latest installation
+  ansible.builtin.file:
+    path: "{{ onelab_path }}/installation/latest"
+    state: absent
+
+- name: Copying current installation bundle
+  ansible.builtin.copy:
+    src: "{{ installer_path }}/"
+    dest: "{{ onelab_path }}/installation/{{ item }}"
+    directory_mode: no
+    remote_src: yes
+  with_items:
+    - 'latest'
+    - '1.27.0'
+
+# Copy files
+- name: Copying applicative files
+  copy:
+    src: "{{ onelab_path }}/installation/latest/app/{{ item }}"
+    dest: "{{ onelab_path }}/"
+    directory_mode: yes
+    remote_src: yes
+  with_items:
+    - 'nginx'
+    - 'proxy'
+    - 'rabbit'
+
+- name: Copying routine scripts
+  copy:
+    src: "{{ onelab_path }}/installation/latest/app/{{ item }}.sh"
+    dest: "{{ onelab_path }}/"
+    directory_mode: yes
+    remote_src: yes
+  with_items:
+    - 'start'
+    - 'stop'
+    - 'reconfigure'
+    - 'backup'
+    - 'update'
+
+
+- name: Initializing custom config proxy files
+  file:
+    path: "{{ onelab_path }}/proxy/{{ item }}"
+    state: touch
+  with_items:
+    - 'custom-http.conf'
+    - 'custom-server.conf'
+  when: not is_update
+
+# Initialize configurations.yml file
+- name: Initializing configurations.yml file
+  copy:
+    src: "{{ onelab_path }}/installation/latest/app/configurations.yml"
+    dest: "{{ onelab_path }}/configurations.yml"
+    remote_src: yes
+  when: not is_update
+
+- name: Initializing unique Password and Tokens
+  ansible.builtin.replace:
+    path: "{{ onelab_path }}/configurations.yml"
+    regexp: '{{ item.placeholder }}'
+    replace: '{{ item.value }}'
+  with_items:
+    - { placeholder: DBPasswordPlaceholder, value: '{{ lookup("password", "/dev/null length=16 chars=ascii_letters,digits") }}' }
+    - { placeholder: TokenAuthPlaceholder, value: '{{ lookup("password", "/dev/null length=32 chars=ascii_letters,digits") }}' }
+    - { placeholder: TokenRabbitPlaceholder, value: '{{ lookup("password", "/dev/null length=32 chars=ascii_letters,digits") }}' }
+    - { placeholder: TokenMonitoringPlaceholder, value: '{{ lookup("password", "/dev/null length=32 chars=ascii_letters,digits") }}' }
+  when: not is_update
+
+- name: Initializing Rabbit SSL certificate
+  shell: |
+    openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout {{ onelab_path }}/rabbit/ssl/rabbit.key -out {{ onelab_path }}/rabbit/ssl/rabbit.crt  -subj "/C=CH/ST=Geneva/L=Geneva/O=Andrew Alliance/OU=OneLab/CN=andrewalliance.com"
+    cat {{ onelab_path }}/rabbit/ssl/rabbit.crt > {{ onelab_path }}/rabbit/ssl/rabbit.fullchain.pem
+  become: true
+  when: not is_update
+
+- name: Initializing DH Param
+  shell: |
+    openssl dhparam -out {{ onelab_path }}/ssl/dhparam.pem 2048
+  become: true
+  when: not is_update