Merge pull request #3 from Diesel-Net/development

Promotion

Author: tomdaley92

.ansible/ansible.cfg

@@ -0,0 +1,9 @@
+[defaults]
+
+stdout_callback = debug
+host_key_checking = True
+retry_files_enabled = False
+
+# Fixes ansible variable precedence issue: Makes inventory group_vars override playbook group_vars
+# https://github.com/ansible/ansible/issues/18154
+precedence = all_plugins_play, all_inventory, all_plugins_inventory, groups_plugins_play, groups_inventory, groups_plugins_inventory

.ansible/deploy.yaml

@@ -0,0 +1,17 @@
+# ansible-playbook .ansible/deploy.yaml -i .ansible/inventory/production/hosts --vault-id ~/.tokens/vault.txt
+
+- hosts: tools
+  strategy: free
+  roles:
+    - common
+    - setup
+    - configure_capabilities
+    - configure_certificates
+    - configure_ldap_connections
+    - configure_cleanup_policies
+    - configure_repositories
+    - configure_anonymous_access
+    - configure_active_realms
+    - configure_privileges
+    - configure_roles
+    - configure_users

.ansible/group_vars/all/default.yaml

@@ -0,0 +1,40 @@
+# NOTE: Do not name a repo the same name as one of the default repos
+
+default:
+  
+  repositories:
+
+    - format: maven
+      type: proxy
+      payload:
+        name: maven-central
+
+    - format: maven
+      type: group
+      payload:
+        name: maven-public
+
+    - format: maven
+      type: hosted
+      payload:
+        name: maven-releases
+
+    - format: maven
+      type: hosted
+      payload:
+        name: maven-snapshots
+
+    - format: nuget
+      type: group
+      payload:
+        name: nuget-group
+
+    - format: nuget
+      type: hosted
+      payload:
+        name: nuget-hosted
+
+    - format: nuget
+      type: proxy
+      payload:
+        name: nuget.org-proxy

.ansible/group_vars/all/setup.yaml

@@ -0,0 +1,2 @@
+clean_install: no # NEVER set this to 'yes' in production
+validate_certs: yes

.ansible/inventory/development/group_vars/tools/active_realms.yaml

@@ -0,0 +1,9 @@
+active_realms:
+  
+  - 'NexusAuthenticatingRealm'
+  - 'NexusAuthorizingRealm'
+  - 'DefaultRole'
+  #- 'LdapRealm'
+  - 'DockerToken'
+  - 'NpmToken'
+  - 'NuGetApiKey'

.ansible/inventory/development/group_vars/tools/anonymous_access.yaml

@@ -0,0 +1,6 @@
+anonymous_access:
+
+  - realmName: 'NexusAuthorizingRealm'
+    enabled: true
+    userId: anonymous
+    

.ansible/inventory/development/group_vars/tools/capabilities.yaml

@@ -0,0 +1,13 @@
+capabilities:
+  
+  - action: capability_Capability
+    method: create
+    data:
+      - id: NX.coreui.model.Capability-3
+        typeId: defaultrole
+        notes: 'Grant anonymous access to anyone that can authenticate'
+        enabled: true
+        properties:
+          role: nx-anonymous
+    type: rpc
+    tid: 91

.ansible/inventory/development/group_vars/tools/certificates.yaml

@@ -0,0 +1,3 @@
+certificates: []
+  # - host: '{{ ldap_connections[0]["host"] }}'
+  #   port: '{{ ldap_connections[0]["port"] }}'

.ansible/inventory/development/group_vars/tools/cleanup_policies.yaml

@@ -0,0 +1,35 @@
+cleanup_policies:
+  
+    # pypi example
+  - name: pypi-cleanup
+    format: pypi
+    notes: example cleanup policy
+    criteriaAssetRegex: "*"
+    criteriaLastBlobUpdated: "90"
+    criteriaLastDownloaded: "90"
+
+    # docker example
+  - name: docker-cleanup
+    format: docker
+    notes: example cleanup policy
+    criteriaAssetRegex: "*"
+    criteriaLastBlobUpdated: "90"
+    criteriaLastDownloaded: "90"
+
+    # npm example
+  - name: npm-cleanup
+    format: npm
+    notes: example cleanup policy
+    criteriaAssetRegex: "*"
+    criteriaLastBlobUpdated: "90"
+    criteriaLastDownloaded: "90"
+    criteriaReleaseType: "PRERELEASES" # enum RELEASES, PRERELEASES
+    
+    # nuget example
+  - name: nuget-cleanup
+    format: nuget
+    notes: example cleanup policy
+    criteriaAssetRegex: "*"
+    criteriaLastBlobUpdated: "90"
+    criteriaLastDownloaded: "90"
+

.ansible/inventory/development/group_vars/tools/ldap_connections.yaml

@@ -0,0 +1 @@
+ldap_connections: []