-
Notifications
You must be signed in to change notification settings - Fork 29
/
main.yml
109 lines (89 loc) · 5.3 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
---
# Concourse version
concourseci_version : "v5.4.0"
## Dir structure
concourseci_base_dir : "/opt/concourseci"
concourseci_bin_dir : "{{ concourseci_base_dir }}/bin"
concourseci_worker_dir : "{{ concourseci_base_dir }}/worker"
concourseci_ssh_dir : "{{ concourseci_base_dir }}/.ssh"
concourseci_archive_dir : "{{ concourseci_base_dir }}/archive"
## Concourse log
concourseci_log_dir : "/var/log/concourse"
concourseci_log_worker : "{{ concourseci_log_dir }}/concourseci_worker.log"
concourseci_log_web : "{{ concourseci_log_dir }}/concourseci_web.log"
## Concourse User
concourseci_user : "concourseci"
concourseci_group : "concourseci"
## Amount of tries to retire running worker when process management stops daemon
concourseci_worker_retire_tries : 10
## Timeout in seconds defining how long do we wait for worker process exit after retire attempt
concourseci_worker_process_exit_timeout : 150
## New config dictionary based.
## This dictionary is merged with 'concourse_web_options' dictionary, make your overrides there!
## e.g.
## concourse_web_options:
## CONCOURSE_BIND_IP : "10.0.0.1"
##
concourse_web_options : { }
concourse_web_options_default :
CONCOURSE_BIND_IP : "0.0.0.0"
CONCOURSE_TSA_HOST : "{{ groups.get(concourseci_web_group, [''])[0] }}" # By default we pick the first host in web group
CONCOURSE_TSA_BIND_IP : "0.0.0.0"
CONCOURSE_TSA_BIND_PORT : "2222"
CONCOURSE_TSA_AUTHORIZED_KEYS : "{{ concourseci_ssh_dir }}/tsa_authorization"
CONCOURSE_TSA_HOST_KEY : "{{ concourseci_ssh_dir }}/tsa"
CONCOURSE_SESSION_SIGNING_KEY : "{{ concourseci_ssh_dir }}/session_signing"
##
## local users that will be added on ATC startup, i.e.
## concourse_local_users:
## - user: "user1", pass: "pass1"
## - user: "user2", pass: "pass2"
##
concourse_local_users : []
## This dictionary is merged with 'concourse_worker_options' dictionary, make your overrides there!
## e.g.
## concourse_worker_options:
## CONCOURSE_NAME : "my-worker"
##
concourse_worker_options : { }
concourse_worker_options_default :
CONCOURSE_WORK_DIR : "{{ concourseci_worker_dir }}"
CONCOURSE_TSA_WORKER_PRIVATE_KEY : "{{ concourseci_ssh_dir }}/worker"
CONCOURSE_SESSION_SIGNING_KEY : "{{ concourseci_ssh_dir }}/session_signing"
CONCOURSE_TSA_HOST_KEY : "{{ concourseci_ssh_dir }}/tsa"
CONCOURSE_TSA_HOST : "{{ concourse_web_options['CONCOURSE_TSA_HOST'] | default(concourse_web_options_default['CONCOURSE_TSA_HOST']) }}"
CONCOURSE_TSA_PORT : "{{ concourse_web_options['CONCOURSE_TSA_BIND_PORT'] | default(concourse_web_options_default['CONCOURSE_TSA_BIND_PORT']) }}"
CONCOURSE_TSA_PUBLIC_KEY : "{{ concourse_web_options['CONCOURSE_TSA_HOST_KEY'] | default(concourse_web_options_default['CONCOURSE_TSA_HOST_KEY']) }}.pub"
## Ansible Groups to form clusters
concourseci_web_group : "concourse-web"
concourseci_worker_group : "concourse-worker"
## See docs https://concourse-ci.org/concourse-web.html#resource-defaults
## The value will land into the YAML file as is - after the usual string
## interpolation is done.
## The location of the file can be overridden by setting the appropriate
## environment variable for the Concourse web node(s), e.g.:
##
## concourse_web_options:
## CONCOURSE_BASE_RESOURCE_TYPE_DEFAULTS: '/some/path/to/defaults.yml'
##
concourseci_web_resource_type_defaults : { }
## Management
concourseci_manage_url : "{{ concourse_web_options_combined['CONCOURSE_EXTERNAL_URL'] | default('http://127.0.0.1:8080') }}"
# ## Manage creds
concourseci_manage_credential_user : "{{ concourse_local_users[0].user }}"
concourseci_manage_credential_password : "{{ concourse_local_users[0].pass }}"
### Management Teams
concourseci_manage_teams : False
concourseci_teams : []
### Management Pipelines ( still not working )
concourseci_manage_pipelines : False
## Reboot when updating kernel (we disable this for test :( on docker)
concourseci_reboot : True
## SSH
concourseci_worker_position : "{{ groups[concourseci_worker_group].index(inventory_hostname)| default(0) }}"
concourseci_key_worker_public : "{{ concourseci_worker_keys[concourseci_worker_position | int ].public}}"
concourseci_key_worker_private : "{{ concourseci_worker_keys[concourseci_worker_position | int ].private}}"
# temp solution to systemV issue and ansible :(
concourse_ignore_errors : "{{ ansible_lsb['codename'] == 'xenial' | default(False)}}"
concourse_web_rbac_config:
CONCOURSE_CONFIG_RBAC: "{{concourseci_base_dir}}/bin/rbac_config.yml"