-
Notifications
You must be signed in to change notification settings - Fork 0
/
playbook.yaml
145 lines (136 loc) · 4.17 KB
/
playbook.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
- name: Jupyter R Deployment
hosts: all
gather_facts: false
tasks:
# - name: Rescan host key
# local_action: command ssh-keygen -R {{ inventory_hostname }}
#- name: update host keys
# known_hosts:
# name: "{{ inventory_hostname }}"
# state: absent
- name: Install pip
become: yes
apt:
name: python3-pip
update_cache: yes
- name: Install Jupyter
pip:
name: jupyter
executable: pip3
# Install R and R jupyter kernel
- name: Import R public key
apt_key:
id: 51716619E084DAB9
keyserver: keyserver.ubuntu.com
#command: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 51716619E084DAB9
become: yes
- name: Add R Repo
become: yes
apt_repository:
repo: deb https://cloud.r-project.org/bin/linux/ubuntu bionic-cran35/
state: present
- name: Install R
become: yes
apt:
name: r-base
update_cache: yes
- name: Create R library
file:
path: ~/.local/lib/R
state: directory
- name: Add library path to environment
lineinfile:
path: ~/.profile
line: export R_LIBS_USER=~/.local/lib/R
- name: Add ~/.local/bin to PATH
lineinfile:
path: ~/.profile
line: 'export PATH=~/.local/bin:$PATH'
# - name: Add jupyter-start.sh script to remote path
# copy:
# src: jupyter-start.sh
# dest: ~/.local/bin/jupyter-start.sh
# mode: u=rwx,g=r
- debug:
msg: Installing the jupyter R kernel takes a while as it must build some code
- name: Install R jupyter kernel
shell: source ~/.profile && R -e "install.packages('IRkernel')"
args:
executable: /bin/bash
- name: Initialize R kernel
shell: source ~/.profile && R -e "IRkernel::installspec()"
args:
executable: /bin/bash
# Some additional jupyter setup
- name: Create jupyter notebook dir
file:
path: ~/notebook-dir
state: directory
- name: Create jupyter conf dir
file:
path: ~/.jupyter
state: directory
- name: Create jupyter token
# note: overwrites entire file contents, could switch to lineinfile
copy:
content: "c.NotebookApp.token = '{{ jupyter_token }}'"
dest: ~/.jupyter/jupyter_notebook_config.py
# Set up nginx
- name: Install nginx
become: yes
apt:
name: nginx
- name: Start and enable nginx
become: yes
shell: systemctl enable nginx && systemctl start nginx
- name: Create self-signed certificate
become: yes
command: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /root/nginx-key.pem -out /root/nginx-cert.pem -subj "/CN={{ inventory_hostname }}"
args:
creates: /root/nginx-cert.pem
- name: Create NGINX host for jupyter
become: yes
copy:
src: jupyter.conf
dest: /etc/nginx/conf.d/jupyter.conf
- name: Remove default NGINX sites
become: yes
lineinfile:
path: /etc/nginx/nginx.conf
regexp: '\s*include \/etc\/nginx\/sites-enabled'
state: absent
- name: Reload NGINX
become: yes
command: nginx -s reload
# Set up SystemD
# - name: Create user systemd directory
# file:
# path: ~/.config/systemd/user/
# state: directory
- name: Install jupyter systemd service
become: yes
template:
src: jupyter.service
dest: /etc/systemd/system/jupyter.service
#dest: ~/.config/systemd/user/jupyter.service
- name: Create jupyter conf file
template:
src: jupyter_notebook_config.py
dest: ~/.jupyter/
- name: Reload systemd
become: yes
command: systemctl daemon-reload
- name: Enable jupyter service
become: yes
shell: systemctl enable jupyter
- name: Start jupyter service
become: yes
shell: systemctl restart jupyter
- name: Open iptables port 443/tcp
become: yes
#shell: iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT
iptables:
chain: INPUT
protocol: tcp
destination_port: '443'
jump: ACCEPT