Add kub cluster

group_vars/controller.yml

@@ -14,17 +14,6 @@ management_user_list:
       as: ALL
       commands: ALL
       nopasswd: ALL
-  - name: test
-    shell: '/bin/bash'
-    state: absent
-    authorized_keys:
-      - key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDESF0dAkjZmai3X4bP8/kVv1NXfoOhlssKdcTs/AU1nopRQ3EYJj/lBsGAEMwQJVYuyCaSmQB4nOGGZfeqDX1OqxyQq+FyOPPh37Dx120H+NXdhGzWNI4KXt18auzZeujr9WOeGVZGKbdHCTwS17sC93wBqdmI7zO4+XGYDkdx16l6K8H7Ke1oo7BJ4qAj57eZVg+lHZs1C5TCZhbMxSer6rQ+YOHKnaqY6cz0uafB3JSqGhOoPDU2xCxAVNRfTcIaA3y12Oab7pgTxEdBpUohmuZ31HBbmXxdM9HoLxuqkDe00TJt/a5akkguRst7kmc5VXqViaA0sHTgbwtyrWe1nlTvWX26LOcRuNMemxWiNmrpv4LdLJ2mONu0NhSi36lOZWpXOvYh5zna9tnptisIFF79YPzWMuHCZzXj0kjrU//sHQrq5Uy3XVxoiTq8IokC00RPEx7W4CpJtL+kbJIQ8Sxtl4feA+Y/vpytzKVFTOrRw3H6Tjy7WrI+X96iB373Gkfgd4zHbp8wm5hMZUtfcN6H7k2HfvMv7m4niNkPRh/ru2jXeaXTsZmho847OFNSHxFrTma+QQzk2favBi7KLo0A8ECraiGZh6fk+YK6Ynk0oJG/rRxO99pp4IhaM22yvZ+QYJWpyPendQqvS0qIHwMjFPqQV/VD1S21jmBYLw=="
-        exclusive: yes
-    sudo:
-      hosts: ALL
-      as: ALL
-      commands: ALL
-      nopasswd: ALL
 
   ################
   # SSH - CLIENT #
@@ -97,7 +86,7 @@ apt_ppas: []
   #   # not needed on ubuntu distribution
   #   #codename: trusty
 # apt_packages:
-#   - name: openssh-server
+#   - name: python3-pip
 
 
   #########
@@ -137,4 +126,4 @@ test_vault: !vault |
           6166363235383964626463353061343635626431396664660a333231303661343362353162353938
           32373332373362656635393365363635313137306532366536323765346464336634653366383961
           3965626433316138320a366336393034383065363134623239646230396432356431383935346463
-          6330
+          6330

group_vars/kubernetes.yml

@@ -1,8 +1,63 @@
 ---
+apt_packages:
+  - name: openssh-server
+  - name: proxychains
+
+sshd_skip_defaults: true
+sshd_config_file: /etc/ssh/sshd_config
+sshd_AuthorizedKeysFile: .ssh/authorized_keys
+sshd_AcceptEnv: "LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL"
+sshd_Protocol: 2
+sshd_LoginGraceTime: 30
+sshd_SyslogFacility: AUTH
+sshd_LogLevel: VERBOSE
+sshd_PermitRootLogin: 'no'
+sshd_StrictModes: 'yes'
+sshd_IgnoreRhosts: 'yes'
+sshd_HostbasedAuthentication: 'no'
+sshd_PasswordAuthentication: 'no'
+sshd_PermitEmptyPasswords: 'no'
+sshd_ChallengeResponseAuthentication: 'no'
+sshd_GSSAPIAuthentication: 'no'
+sshd_X11DisplayOffset: 10
+sshd_PrintMotd: 'yes'
+sshd_PrintLastLog: 'yes'
+sshd_TCPKeepAlive: 'yes'
+sshd_Subsystem: "sftp  /usr/lib/openssh/sftp-server"
+sshd_UsePAM: 'yes'
+sshd_UseDNS: 'no'
+sshd_KexAlgorithms: "curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256"
+sshd_Ciphers: "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr"
+sshd_MACs: "hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com"
+sshd_HostKey:
+  - /etc/ssh/ssh_host_rsa_key
+
+  #######
+  # APT #
+  #######
+
+apt_repositories_sources:
+  - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal main restricted
+  - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates main restricted
+  - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal universe
+  - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates universe
+  - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal multiverse
+  - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-updates multiverse
+  - deb http://nova.clouds.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse
+  - deb http://security.ubuntu.com/ubuntu focal-security main restricted
+  - deb http://security.ubuntu.com/ubuntu focal-security universe
+  - deb http://security.ubuntu.com/ubuntu focal-security multiverse
+
+
+  ########
+  # KUBE #
+  ########
 
 disable_firewall: true
 # Need public_network for argocd
-kubernetes_subnet: 192.168.0.0/24 
+# I use any because both worker and master are not on the same network (
+# They have only one public IP
+kubernetes_subnet: 0.0.0.0/0
 
 # vip control plan 192.168.25.255
 setup_vip: false
@@ -10,4 +65,32 @@ install_nginx_ingress: false
 install_longhorn: false
 
 # This variable is used when the cluster is bootstrapped for the first time
-kubernetes_init_host: k8s-ubuntu-0
+kubernetes_init_host: ovh-master
+
+kubernetes_init_app: true
+
+kubernetes_app:
+  - url: https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
+    namespace: argocd
+
+kubernetes_alias_bashrc:
+  - path: "/root/.bashrc"
+    regexp: "^source /usr/share/bash-completion/bash_completion"
+    state: present
+    line: "source /usr/share/bash-completion/bash_completion"
+  - path: "/root/.bashrc"
+    regexp: "^source /etc/bash_completion"
+    state: present
+    line: "source /etc/bash_completion"
+  - path: "/root/.bashrc"
+    regexp: "^source <(kubectl completion bash)"
+    state: present
+    line: "source <(kubectl completion bash)"
+  - path: "/root/.bashrc"
+    regexp: "^alias k=kubectl"
+    state: present
+    line: "alias k=kubectl"
+  - path: "/root/.bashrc"
+    regexp: "^complete -F __start_kubectl k"
+    state: present
+    line: "complete -F __start_kubectl k"