From 649f66fbf178c12d4d6c441a609b3302bf5d0f5e Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Fri, 30 May 2025 18:37:57 +0200 Subject: [PATCH] feat: initial commit --- .gitignore | 1 + .gitlab-ci.yml | 16 ++++++ .gitlab/deployment.yaml | 37 ++++++++++++++ .gitlab/image-build.yaml | 32 ++++++++++++ .gitlab/linting.yaml | 12 +++++ .yamllint | 30 ++++++++++++ Dockerfile | 9 ++++ docs/development/linters.md | 86 +++++++++++++++++++++++++++++++++ docs/gitlab/ci.md | 82 +++++++++++++++++++++++++++++++ docs/index.md | 3 ++ docs/linux/disk-management.md | 35 ++++++++++++++ docs/linux/journalctl.md | 13 +++++ docs/linux/packages.md | 23 +++++++++ docs/proxmox/lxc.md | 33 +++++++++++++ docs/proxmox/tips-and-tricks.md | 17 +++++++ docs/tailscale/client.md | 30 ++++++++++++ mkdocs.yml | 33 +++++++++++++ readme.md | 13 +++++ renovate.json | 7 +++ 19 files changed, 512 insertions(+) create mode 100644 .gitignore create mode 100644 .gitlab-ci.yml create mode 100644 .gitlab/deployment.yaml create mode 100644 .gitlab/image-build.yaml create mode 100644 .gitlab/linting.yaml create mode 100644 .yamllint create mode 100644 Dockerfile create mode 100644 docs/development/linters.md create mode 100644 docs/gitlab/ci.md create mode 100644 docs/index.md create mode 100644 docs/linux/disk-management.md create mode 100644 docs/linux/journalctl.md create mode 100644 docs/linux/packages.md create mode 100644 docs/proxmox/lxc.md create mode 100644 docs/proxmox/tips-and-tricks.md create mode 100644 docs/tailscale/client.md create mode 100644 mkdocs.yml create mode 100644 readme.md create mode 100644 renovate.json diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..904cae8 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.ansible diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..771f03d --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,16 @@ +--- + +# gitLab ci stages +stages: + + # stages + - "linting" + - "image-build" + + +# include jobs +include: + + # deployment + - local: ".gitlab/linting.yaml" + - local: ".gitlab/image-build.yaml" diff --git a/.gitlab/deployment.yaml b/.gitlab/deployment.yaml new file mode 100644 index 0000000..35f2859 --- /dev/null +++ b/.gitlab/deployment.yaml @@ -0,0 +1,37 @@ +--- + +# deploy container on kubernetes +deployment: + stage: "deployment" + image: + name: "cr.simoncor.net/siempie/ansible-deployment:latest" + entrypoint: ["/bin/sh", "-c"] + rules: + + # run only on push to default branch + - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: "never" + + # prepare ssh + before_script: + + # prepare ssh + - | + # prepare ssh + mkdir -p ~/.ssh + chmod 700 ~/.ssh + echo "$SSH_CONFIG" > ~/.ssh/config + echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + # deployment commands + script: + + - | + # initial kubernetes deployment + ssh "$SSH_DEPLOYMENT_USER@mgmt01.infra.vpn.mirahsimon.us" "sudo -u simon \ + kubectl apply -f /home/simon/Documents/docs-simoncor-net/manifests" + + # rollout deployment + ssh "$SSH_DEPLOYMENT_USER@mgmt01.infra.vpn.mirahsimon.us" "sudo -u simon \ + kubectl rollout restart --namespace=docs-simoncor-net deployment docs-simoncor-net" diff --git a/.gitlab/image-build.yaml b/.gitlab/image-build.yaml new file mode 100644 index 0000000..4145121 --- /dev/null +++ b/.gitlab/image-build.yaml @@ -0,0 +1,32 @@ +--- + +variables: + DOCKER_DRIVER: "overlay2" + DOCKER_HOST: "tcp://localhost:2375/" + DOCKER_TLS_CERTDIR: "" + +stages: + - "build" + +image-build: + stage: "image-build" + image: "docker:28.1.1" + services: + - name: "docker:28.1.1-dind" + command: ["--tls=false"] + script: + + # login to container registry + - "echo $CR_PASSWORD | docker login $CR_HOSTNAME -u $CR_USERNAME --password-stdin" + + # build docs-simoncor-net image + - "docker build -t docs-simoncor-net ." + + # add tags to image + - "docker image tag docs-simoncor-net cr.simoncor.net/siempie/docs-simoncor-net:latest" + + # push image to dockerhub. + - "docker push --all-tags cr.simoncor.net/siempie/docs-simoncor-net" + + # logout from container registry + - "docker logout $CR_HOSTNAME" diff --git a/.gitlab/linting.yaml b/.gitlab/linting.yaml new file mode 100644 index 0000000..122ced1 --- /dev/null +++ b/.gitlab/linting.yaml @@ -0,0 +1,12 @@ +--- + +# linting +linting: + stage: "linting" + image: + name: "cr.simoncor.net/siempie/ansible-deployment:latest" + entrypoint: ["/bin/sh", "-c"] + + # start linting + script: + - "yamllint ." diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..e4db48c --- /dev/null +++ b/.yamllint @@ -0,0 +1,30 @@ +--- +extends: 'default' + +rules: + braces: + max-spaces-inside: 1 + forbid: true + comments: + min-spaces-from-content: 1 + comments-indentation: false + empty-lines: + max: 2 + indentation: + spaces: 2 + check-multi-line-strings: true + line-length: + max: 130 + allow-non-breakable-words: true + allow-non-breakable-inline-mappings: true + new-line-at-end-of-file: 'enable' + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true + truthy: + allowed-values: + - 'true' + - 'false' + quoted-strings: + quote-type: 'any' + required: true diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..120f1b7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,9 @@ +# renovate: datasource=github-releases depName=squidfunk/mkdocs-material versioning=semver +ARG MKDOCS_MATERIAL_VERSION=9.6.14 +FROM squidfunk/mkdocs-material:${MKDOCS_MATERIAL_VERSION} + +WORKDIR /docs +COPY mkdocs.yml . +COPY docs/ ./docs/ + +EXPOSE 8000 diff --git a/docs/development/linters.md b/docs/development/linters.md new file mode 100644 index 0000000..661fb53 --- /dev/null +++ b/docs/development/linters.md @@ -0,0 +1,86 @@ +# Linter configs + +## ansible-lint + +```shell +--- + +exclude_paths: + - ".gitlab/*" + - ".gitlab-ci.yml" + - "defaults/main.yaml" + - "meta/main.yaml" + - "vars/*" + +kinds: + - playbook: "**/*.{yml,yaml}" + +skip_list: + - "command-shell" + - "experimental" + - "git-latest" + - "no-changed-when" + - "no-handler" + - "name[casing]" + - "name[template]" + - "risky-file-permissions" + - "schema[playbook]" + - "var-naming[no-role-prefix]" +``` + +## markdownlint + +```shell +--- + +default: true + +# MD013/line-length - line length +MD013: + line_length: 120 + tables: false + +# MD025/single-title/single-h1 - multiple top-level headings +# (allow multiple top-level headings) +MD025: false + +# MD033/no-inline-html - inline html +MD033: + allowed_elements: ["br"] +``` + +## yamllint + +```shell +--- + +extends: "default" + +rules: + braces: + max-spaces-inside: 1 + forbid: true + comments: + min-spaces-from-content: 1 + comments-indentation: false + empty-lines: + max: 2 + indentation: + spaces: 2 + check-multi-line-strings: true + line-length: + max: 120 + allow-non-breakable-words: true + allow-non-breakable-inline-mappings: true + new-line-at-end-of-file: "enable" + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true + truthy: + allowed-values: + - "false" + - "true" + quoted-strings: + quote-type: "any" + required: true +``` diff --git a/docs/gitlab/ci.md b/docs/gitlab/ci.md new file mode 100644 index 0000000..afb2383 --- /dev/null +++ b/docs/gitlab/ci.md @@ -0,0 +1,82 @@ +# Gitlab CI + +## Import jobs + +```yaml +--- + +# gitLab ci stages +stages: + + # deployment + - "gitleaks" + - "linting" + - "deployment" + +# include jobs +include: + + # deployment + - local: ".gitlab/gitleaks.yaml" + - local: ".gitlab/linting.yaml" + - local: ".gitlab/deployment.yaml" +``` + +## Run a docker container + +```yaml +--- + +# linting +linting: + stage: "linting" + image: + name: "cr.simoncor.net/siempie/ansible-deployment:latest" + entrypoint: ["/bin/sh", "-c"] + rules: + + # run only on push to default branch + - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: "never" + + # start linting + script: + - "ansible-lint -c .ansible-lint ." +``` + +## Run a SSH command + +```yaml +--- + +# deploy ansible code +deployment: + stage: "deployment" + image: "cr.simoncor.net/siempie/ssh-client:latest" + rules: + + # run only on push to default branch + - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == + $CI_DEFAULT_BRANCH' + - when: "never" + + # prepare ssh + before_script: + + - | + # prepare ssh + mkdir -p ~/.ssh + chmod 700 ~/.ssh + echo "$SSH_CONFIG" > ~/.ssh/config + echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + # deployment commands + script: + + - | + # git cleanup + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible reset --hard HEAD --quiet" + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fx --exclude=secret.key" + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fd" +``` diff --git a/docs/index.md b/docs/index.md new file mode 100644 index 0000000..7dea608 --- /dev/null +++ b/docs/index.md @@ -0,0 +1,3 @@ +# Home + +Notes for stuff that is easily forgotten. diff --git a/docs/linux/disk-management.md b/docs/linux/disk-management.md new file mode 100644 index 0000000..6ac22b8 --- /dev/null +++ b/docs/linux/disk-management.md @@ -0,0 +1,35 @@ +# Disk management + +### Show filesystems + +```shell +sudo df -h +``` + +Example output: + +```shell +Filesystem Size Used Avail Use% Mounted on +udev 456M 0 456M 0% /dev +tmpfs 97M 9.4M 87M 10% /run +/dev/vda1 19G 2.6G 16G 15% / +tmpfs 481M 0 481M 0% /dev/shm +tmpfs 5.0M 0 5.0M 0% /run/lock +tmpfs 97M 0 97M 0% /run/user/1003 +``` + +### List folders + +```shell +du -h -d 1 | sort -h +``` + +Example output: + +```shell +8.0K ./.ansible +8.0K ./.config +8.0K ./.vim +12K ./.ssh +172K . +``` diff --git a/docs/linux/journalctl.md b/docs/linux/journalctl.md new file mode 100644 index 0000000..003cc8e --- /dev/null +++ b/docs/linux/journalctl.md @@ -0,0 +1,13 @@ +# Journalctl + +Follow logs live + +```shell +sudo journalctl -u sshd --follow +``` + +Cleanup logs + +```shell +sudo journalctl --vacuum-size=1K +``` diff --git a/docs/linux/packages.md b/docs/linux/packages.md new file mode 100644 index 0000000..6896c53 --- /dev/null +++ b/docs/linux/packages.md @@ -0,0 +1,23 @@ +# Packages and updates + +## Debian / Ubuntu + +Update and upgrade. + +```shell +apt update +apt upgrade -y +``` + +Default packages. + +```shell +apt install -y sudo net-tools wget curl unzip htop vim +``` + +Autoremove and cleanup. + +```shell +apt autoremove -y +apt clean +``` diff --git a/docs/proxmox/lxc.md b/docs/proxmox/lxc.md new file mode 100644 index 0000000..ef94e8c --- /dev/null +++ b/docs/proxmox/lxc.md @@ -0,0 +1,33 @@ +# LXC + +## Show running LXC + +```shell +sudo pct list +``` + +## GPU access + +Add the following to the config: + +```yaml +lxc.cgroup2.devices.allow: c 226:0 rwm +lxc.cgroup2.devices.allow: c 226:128 rwm +lxc.cgroup2.devices.allow: c 29:0 rwm +lxc.mount.entry: /dev/dri dev/dri none bind,optional,create=dir +lxc.mount.entry: /dev/fb0 dev/fb0 none bind,optional,create=file +``` + + +## Add mount point + +Add the following to the config: + +```shell +mp10: /tank/media/downloads,mp=/mnt/media/downloads +``` + +```shell +/tank/media/downloads = on the host +/mnt/media/downloads = in the container +``` diff --git a/docs/proxmox/tips-and-tricks.md b/docs/proxmox/tips-and-tricks.md new file mode 100644 index 0000000..9730f54 --- /dev/null +++ b/docs/proxmox/tips-and-tricks.md @@ -0,0 +1,17 @@ +# Tips and Trics + +## Maintenance mode + +```shell +sudo ha-manager crm-command node-maintenance enable pve0 +``` + +```shell +sudo ha-manager crm-command node-maintenance disable pve0 +``` + +## Show running VMs + +```shell +sudo qm list +``` diff --git a/docs/tailscale/client.md b/docs/tailscale/client.md new file mode 100644 index 0000000..e8adc96 --- /dev/null +++ b/docs/tailscale/client.md @@ -0,0 +1,30 @@ +# Client + +## Linux Install + +```shell +curl -fsSL https://tailscale.com/install.sh | sudo sh +``` + +## Connect with Headscale + +Manual authentication: + +```shell +sudo tailscale up \ + --login-server=https://vpn.mirahsimon.us \ + --accept-routes \ + --operator=simon \ + --accept-dns +``` + +Key-based authentication: + +```shell +sudo tailscale up \ + --login-server=https://vpn.mirahsimon.us \ + --accept-routes \ + --operator=simon \ + --accept-dns \ + --auth-key=XXXXXXXXXXXXXXXXXXXXXX +``` diff --git a/mkdocs.yml b/mkdocs.yml new file mode 100644 index 0000000..21239ec --- /dev/null +++ b/mkdocs.yml @@ -0,0 +1,33 @@ +--- +# general +site_name: "Siempie's Docs" +site_url: "https://docs.simoncor.net" +repo_url: "https://gitlab.simoncor.net/oci/docs-simoncor-net" + +# extensions +markdown_extensions: + - "admonition" + - "codehilite" + - "footnotes" + - toc: + permalink: true + separator: "_" + +# theme +theme: + name: "material" + features: + - "content.code.copy" + - "navigation.top" + - "navigation.tracking" + palette: + - media: "(prefers-color-scheme: light)" + scheme: "default" + toggle: + icon: "material/brightness-7" + name: "Switch to dark mode" + - media: "(prefers-color-scheme: dark)" + scheme: "slate" + toggle: + icon: "material/brightness-4" + name: "Switch to light mode" diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..16a6197 --- /dev/null +++ b/readme.md @@ -0,0 +1,13 @@ +# Getting started + +This repository houses the code for [Siempie's Docs](https://docs.simoncor.net). + +## Local development + +Run the following command in the root of this project to run this site locally. + +```shell +docker run --rm -it -p 8000:8000 -v ${PWD}:/docs squidfunk/mkdocs-material +``` + +The site will be available here: . diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..9930592 --- /dev/null +++ b/renovate.json @@ -0,0 +1,7 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "dependencyDashboard": true, + "extends": [ + "local>cicd/renovate" + ] +}