First commit

ansible/.gitignore

@@ -0,0 +1 @@
+kubeconfig.yaml

ansible/k3s/.gitignore

@@ -0,0 +1,2 @@
+.ansible
+inventory.ini

ansible/k3s/configure_disk.yml

@@ -0,0 +1,51 @@
+- name: Configurar disco adicional en las VMs
+  hosts: k3s_cluster
+  become: yes
+  collections:
+    - community.general
+
+  tasks:
+    - name: Verificar si el disco /dev/vdb existe
+      ansible.builtin.stat:
+        path: /dev/vdb
+      register: disk_check
+
+    - name: Crear particion de datos en disco /dev/vdb
+      community.general.parted:
+        device: /dev/vdb
+        fs_type: ext4
+        label: gpt
+        number: 1
+        state: present
+      when: disk_check.stat.exists
+
+    - name: Formatear la partición en ext4
+      community.general.filesystem:
+        fstype: ext4
+        dev: /dev/vdb1
+      when: disk_check.stat.exists
+
+    - name: Obtener UUID del disco
+      ansible.builtin.command: blkid -s UUID -o value /dev/vdb1
+      register: disk_uuid
+      when: disk_check.stat.exists
+
+    - name: Montar disco en /mnt/data
+      ansible.posix.mount:
+        path: /mnt/data
+        src: UUID={{ disk_uuid.stdout }}
+        fstype: ext4
+        state: "mounted"
+      when: disk_check.stat.exists
+
+    - name: Crear carpeta para longhorn
+      ansible.builtin.file:
+        path: /mnt/data/longhorn
+        state: directory
+        mode: '0755'
+
+    - name: Crear carpeta para postgres
+      ansible.builtin.file:
+        path: /mnt/data/postgres
+        state: directory
+        mode: '0755'

ansible/k3s/create_folders.yml

@@ -0,0 +1,18 @@
+- name: Configurar carpetas para longhorn y postrges
+  hosts: k3s_cluster
+  become: yes
+  collections:
+    - community.general
+
+  tasks:
+    - name: Crear carpeta para longhorn
+      ansible.builtin.file:
+        path: /mnt/data/longhorn
+        state: directory
+        mode: '0755'
+
+    - name: Crear carpeta para postgres
+      ansible.builtin.file:
+        path: /mnt/data/postgres
+        state: directory
+        mode: '0755'

ansible/k3s/install.yml

@@ -0,0 +1,59 @@
+- name: Instalar K3s en el Cluster
+  hosts: k3s_cluster
+  become: true
+
+  tasks:
+    - name: Actualizar paquetes
+      ansible.builtin.apt:
+        update_cache: true
+        upgrade: true
+
+    - name: Instalar dependencias
+      ansible.builtin.apt:
+        name:
+          - curl
+          - vim
+          - unzip
+          - nfs-common
+
+    - name: Descargar instalador de K3s si no existe
+      ansible.builtin.get_url:
+        url: https://get.k3s.io
+        dest: /tmp/k3s-install.sh
+        mode: '0755'
+      register: k3s_install_script
+
+    - name: Instalar K3s en master
+      ansible.builtin.command: /tmp/k3s-install.sh server --disable=servicelb
+      args:
+        creates: /usr/local/bin/k3s
+      when: inventory_hostname in groups['k3s_master']
+
+    - name: Obtener el token de K3s
+      ansible.builtin.command: cat /var/lib/rancher/k3s/server/node-token
+      register: k3s_token
+      changed_when: false
+      delegate_to: "{{ groups['k3s_master'][0] }}"
+
+    - name: Instalar K3s en nodos worker
+      ansible.builtin.command: /tmp/k3s-install.sh
+      args:
+        creates: /usr/local/bin/k3s
+      environment:
+        K3S_URL: "https://{{ hostvars[groups['k3s_master'][0]]['inventory_hostname'] }}:6443"
+        K3S_TOKEN: "{{ k3s_token.stdout }}"
+      when: inventory_hostname in groups['k3s_workers']
+
+    - name: Copiar kubeconfig al host local
+      ansible.builtin.fetch:
+        src: /etc/rancher/k3s/k3s.yaml
+        dest: ../kubeconfig.yaml
+        flat: true
+      delegate_to: "{{ groups['k3s_master'][0] }}"
+
+    - name: Ajustar kubeconfig para acceso externo
+      ansible.builtin.replace:
+        path: ../kubeconfig.yaml
+        regexp: '127.0.0.1'
+        replace: "{{ hostvars[groups['k3s_master'][0]]['inventory_hostname'] }}"
+      delegate_to: localhost

ansible/k3s/uninstall_k3s.yml

@@ -0,0 +1,16 @@
+- name: Desinstalar K3s en el Cluster
+  hosts: k3s_cluster
+  become: yes
+
+  tasks:
+    - name: Desinstalar K3s en los nodos master
+      shell: |
+        /usr/local/bin/k3s-uninstall.sh
+      when:
+        - inventory_hostname in groups['k3s_master']
+
+    - name: Desinstalar K3s en los nodos workers
+      shell: |
+        /usr/local/bin/k3s-agent-uninstall.sh
+      when:
+        - inventory_hostname in groups['k3s_workers']

ansible/pihole/.gitignore

@@ -0,0 +1,4 @@
+.ansible
+inventory.ini
+auth_body.json
+secrets.yml

ansible/pihole/config.json

@@ -0,0 +1,25 @@
+{
+  "config": {
+    "dns": {
+      "listeningMode": "local",
+      "upstreams": [
+        "8.8.8.8",
+        "8.8.4.4",
+        "9.9.9.10",
+        "149.112.112.10",
+        "1.1.1.1",
+        "1.0.0.1"
+      ],
+      "hosts": [
+
+      ]
+    },
+    "dhcp": {
+      "active": true,
+      "start": "192.168.1.100",
+      "end": "192.168.1.254",
+      "router": "192.168.1.1",
+      "netmask": "255.255.0.0"
+    }
+  }
+}

ansible/pihole/configure.yml

@@ -0,0 +1,28 @@
+- name: Configurar Pihole
+  hosts: pihole
+  become: false
+
+  tasks:
+    - name: Autenticar la API de pihole
+      ansible.builtin.uri:
+        url: http://localhost/api/auth
+        method: POST
+        body: |
+          {
+              "password": "{{ pihole_password }}"
+          }
+        body_format: json
+        return_content: true
+      register: auth_response
+      changed_when: false
+
+    - name: Extraer SID de la respuesta de autenticación
+      ansible.builtin.set_fact:
+        pihole_sid: "{{ auth_response.json.session.sid | urlencode }}"
+
+    - name: Configurar pihole
+      ansible.builtin.uri:
+        url: http://localhost/api/config?sid={{ pihole_sid }}
+        method: PATCH
+        src: config.json
+        body_format: json

ansible/pihole/install.yml

@@ -0,0 +1,43 @@
+- name: Instalar pihole
+  hosts: pihole
+  become: true
+  vars_files:
+    - secrets.yml
+
+  tasks:
+    - name: Actualizar e instalar paquetes
+      ansible.builtin.apt:
+        update_cache: true
+        upgrade: true
+        name:
+          - curl
+
+    - name: Crear carpeta para archivo necesario para unattended
+      ansible.builtin.file:
+        path: /etc/pihole
+        state: directory
+        mode: '0755'
+
+    - name: Creando archivo necesario para unattended
+      ansible.builtin.copy:
+        content: ""
+        dest: /etc/pihole/setupVars.conf
+        force: false
+        mode: '0755'
+
+    - name: Descargar script
+      ansible.builtin.get_url:
+        url: https://install.pi-hole.net
+        dest: /tmp/install_pihole.sh
+        mode: '0755'
+
+    - name: Instalar pihole
+      ansible.builtin.command: /tmp/install_pihole.sh --unattended
+      environment:
+        PIHOLE_SKIP_OS_CHECK: "true"
+      args:
+        creates: '/usr/local/bin/pihole'
+
+    - name: Habilitar contraseña si no está configurada
+      ansible.builtin.command: pihole setpassword {{ pihole_password }}
+      changed_when: false

ansible/pihole/secrets.yml.example

@@ -0,0 +1 @@
+pihole_password: "SECRET"