Initial commit

.gitignore

@@ -0,0 +1,52 @@
+.vscode/*
+
+# Local History for Visual Studio Code
+.history/
+
+# Built Visual Studio Code Extensions
+*.vsix
+
+*.retry
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore transient lock info files created by terraform apply
+.terraform.tfstate.lock.info
+.terraform.lock.hcl
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# UserSpecific
+inventory.ini
+.env

configure_alma_docker.yml

@@ -0,0 +1,37 @@
+---
+- name: Install Docker, Docker Compose plugin, and add user to docker group on AlmaLinux
+  hosts: yandex_cloud
+  become: true
+
+  tasks:
+    - name: Add Docker repository
+      ansible.builtin.yum_repository:
+        name: docker-ce
+        description: Docker CE Stable - $basearch
+        baseurl: https://download.docker.com/linux/centos/$releasever/$basearch/stable
+        gpgcheck: true
+        gpgkey: https://download.docker.com/linux/centos/gpg
+
+    - name: Install Docker and other soft
+      ansible.builtin.dnf:
+        name:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-compose-plugin
+          - unzip
+          - git
+          - vim
+        state: present
+
+    - name: Start Docker service
+      ansible.builtin.service:
+        name: docker
+        state: started
+        enabled: true
+
+    - name: Add user to docker group
+      ansible.builtin.user:
+        name: "{{ ansible_user }}"
+        groups: docker
+        append: true

main.tf

@@ -0,0 +1,66 @@
+terraform {
+  required_providers {
+    yandex = {
+      source = "yandex-cloud/yandex"
+    }
+  }
+  required_version = ">= 0.13"
+}
+
+provider "yandex" {
+  cloud_id  = "b1g8rpem9q71hdcg3pep"
+  folder_id = "b1gbkqbbl3vnqa30st2n"
+  zone      = "ru-central1-b"
+}
+
+resource "yandex_compute_instance" "vm-instance" {
+  count = var.num_instances
+
+  name        = "alma${count.index}"
+  platform_id = "standard-v2"
+
+  scheduling_policy {
+    preemptible = true
+  }
+
+  resources {
+    core_fraction = 5
+    cores         = 2
+    memory        = 2
+  }
+
+  boot_disk {
+    initialize_params {
+      image_id = "fd8hd4lps5o16vrl2uvj"
+      size     = 20
+    }
+  }
+
+  network_interface {
+    subnet_id = yandex_vpc_subnet.subnet-1.id
+    nat       = true
+  }
+
+  metadata = {
+    user-data = "${file("./meta.yml")}"
+  }
+}
+
+resource "yandex_vpc_network" "network-1" {
+  name = "network1"
+}
+
+resource "yandex_vpc_subnet" "subnet-1" {
+  name           = "subnet1"
+  zone           = "ru-central1-b"
+  network_id     = yandex_vpc_network.network-1.id
+  v4_cidr_blocks = ["192.168.10.0/24"]
+}
+
+output "internal_ip_addresses" {
+  value = yandex_compute_instance.vm-instance.*.network_interface.0.ip_address
+}
+
+output "external_ip_addresses" {
+  value = yandex_compute_instance.vm-instance.*.network_interface.0.nat_ip_address
+}

meta.yml

@@ -0,0 +1,9 @@
+#cloud-config
+
+users:
+  - name: prygoon
+    groups: sudo
+    shell: /bin/bash
+    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+    ssh-authorized-keys:
+      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDaUm5WPXz17yeA1QmSmFpLYb5ojOOOFN5KsRSoXWFPJiCoGDXsa516uq2oUUoyrhjdXoLXJEV/EMM1NFtMU4KlCyBTK8X039NHnZM61IOq+pGvoTFZlTW7y0howS5HygjHXiqrAKGGmEZW4CV92z73ddE9XhRA72hcw0f7nyxhiDirhoUtY+ZF3E+4Zhv6Mo5V1v7bfHup4Hnk5B39M34inBB9icLwOEO9Own8OPOATecAtlBOnh0BEXaXfkv8CU8+402UQvOHvZK8zBKdYCKwKtZn5M+n7/+1NFXRyzJqk2/QyPvbiG7pColpBuWZD4URTMKV8AkuLGIZCEK2VwdyJAptWgk5dZXZlbMXwIdXCn46PlBiZZUs9ZnUPR+w4NivYdvYSYxRiYACMTAjBqyAHTASgK36yz5uaNthDkZ+1LkqdLRtiqYf8S9zph5/UJ2Z5wCT5olUtNS4cSKSUQslCXGNSxv5yzAxjdwwLJ357VNmkC5tF32IocZJh2mYNxk= prygoon@pocketowl

start.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+
+YC_TOKEN=$(yc iam create-token)
+export YC_TOKEN
+
+# Файл инвентаря Ansible
+inventory_file="inventory.ini"
+
+# Группа в файле инвентаря
+group_name="yandex_cloud"
+
+# Читаем username из meta.yaml
+username=$(grep -oP '(?<=name: )\S+' meta.yml)
+
+# Проверяем существует ли inventory file и удаляем старый
+if [ -f "$inventory_file" ]; then
+    rm "$inventory_file"
+    echo "Old inventory file $inventory_file removed."
+fi
+
+# Запускаем terraform apply и проверяем exit code
+if ! terraform apply -auto-approve; then
+    echo "Terraform apply failed. Script execution stopped."
+    exit 1
+fi
+
+# Запускаем terraform output и сохраняем внешние IP в массив
+mapfile -t ip_addresses < <(terraform output -json | jq -r '.external_ip_addresses.value[]')
+
+# Добавляем группу в файл инвентаря, если она еще не существует
+if ! grep -qF "[$group_name]" "$inventory_file"; then
+    echo -e "\n[$group_name]" >> "$inventory_file"
+fi
+
+base_hostname="host"
+index=1
+
+# Добавляем IP-адреса в файл инвентаря Ansible в указанную группу
+for ip_address in "${ip_addresses[@]}"; do
+    hostname="${base_hostname}${index}"
+    # Проверяем, не содержится ли уже IP-адрес в файле
+    if ! grep -qF "$ip_address" "$inventory_file"; then
+        # Добавляем IP-адрес в файл и группу
+        echo "$hostname ansible_host=$ip_address ansible_connection=ssh ansible_user=$username" >> "$inventory_file"
+    fi
+    ((index++))
+done

stop.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+YC_TOKEN=$(yc iam create-token)
+export YC_TOKEN
+
+# Run Terraform destroy and check the exit code
+if ! terraform destroy -auto-approve; then
+    echo "Terraform destroy failed. Script execution stopped."
+    exit 1
+fi
+
+# Ansible inventory file
+inventory_file="inventory.ini"
+
+# Check if the inventory file exists and remove it
+if [ -f "$inventory_file" ]; then
+    rm "$inventory_file"
+    echo "Inventory file $inventory_file removed."
+else
+    echo "Inventory file $inventory_file does not exist."
+fi

variables.tf

@@ -0,0 +1,4 @@
+variable "num_instances" {
+  type    = number
+  default = 1
+}