Add support for Scaleway

README.md

@@ -57,6 +57,7 @@ See also:
 * Google Compute Engine (GCE)
 * Linode
 * Rackspace
+* Scaleway
 
 
 #### Other providers

deploy/streisand-new-cloud-server.sh

@@ -9,7 +9,7 @@
 #
 # Usage:
 # streisand-new-cloud-server \
-# --provider [amazon|azure|digitalocean|google|linode|rackspace] \
+# --provider [amazon|azure|digitalocean|google|linode|rackspace|scaleway] \
 # --site-config path/to/digitalocean-site.yml
 #
 
@@ -19,7 +19,7 @@ set -o nounset
 DIR="$( cd "$( dirname "$0" )" && pwd)"
 PROJECT_DIR="${DIR}/.."
 
-VALID_PROVIDERS="amazon|azure|digitalocean|google|linode|rackspace"
+VALID_PROVIDERS="amazon|azure|digitalocean|google|linode|rackspace|scaleway"
 export DEFAULT_SITE_VARS="${PROJECT_DIR}/global_vars/default-site.yml"
 export GLOBAL_VARS="${PROJECT_DIR}/global_vars/globals.yml"
 

global_vars/noninteractive/scaleway-site.yml

@@ -0,0 +1,53 @@
+---
+# Example site specific configuration for a noninteractive Scaleway
+# deployment.
+#
+# Copy this and edit it as needed before running streisand-new-cloud-server.
+#
+
+streisand_noninteractive: true
+confirmation: true
+
+# The SSH private key that Ansible will use to connect to the Streisand node.
+#
+# The corresponding public key must be added to the Scaleway console
+# and the name given to it referenced below in the scaleway_ssh_name variable.
+# The corresponding public key must be uploaded to Scaleway and the name
+# given to it referenced below in the scaleway_ssh_name variable.
+streisand_ssh_private_key: "~/.ssh/id_rsa"
+
+vpn_clients: 5
+
+streisand_openconnect_enabled: yes
+streisand_openvpn_enabled: yes
+streisand_shadowsocks_enabled: yes
+streisand_ssh_forward_enabled: yes
+# By default sshuttle is disabled because it creates a `sshuttle` user that has
+# full shell privileges on the Streisand host
+streisand_sshuttle_enabled: no
+streisand_stunnel_enabled: yes
+streisand_tinyproxy_enabled: yes
+streisand_tor_enabled: no
+streisand_wireguard_enabled: yes
+
+# Scaleway region.
+#
+# - fr-par1 (Paris)
+# - nl-ams1 (Amsterdam)
+#
+scaleway_region: "nl-ams1"
+
+scaleway_server_name: streisand
+
+# Add the Scaleway token here.
+scaleway_token: ""
+
+# Definitions needed for Let's Encrypt HTTPS (or TLS) certificate setup.
+#
+# If these are both left as empty strings, Let's Encrypt will not be set up and
+# a self-signed certificate will be used instead.
+#
+# The domain to use for Let's Encrypt certificate.
+streisand_domain_var: ""
+# The admin email address for Let's Encrypt certificate registration.
+streisand_admin_email_var: ""

playbooks/roles/genesis-scaleway/defaults/main.yml

@@ -0,0 +1 @@
+scaleway_commercial_type: DEV1-S

playbooks/roles/genesis-scaleway/tasks/main.yml

@@ -0,0 +1,56 @@
+---
+- set_fact:
+ streisand_genesis_role: "genesis-scaleway"
+
+- name: "Get the {{ streisand_ssh_private_key }}.pub contents"
+ command: "cat {{ streisand_ssh_private_key }}.pub"
+ register: ssh_key
+ changed_when: False
+
+- name: Set the Scaleway Token fact to the value that was entered, or attempt to retrieve it from the environment if the entry is blank
+ set_fact:
+ scaleway_token: "{{ scaleway_token | default( lookup('env', 'SCW_TOKEN') ) }}"
+
+- block:
+ - name: Add the SSH key to Scaleway if it does not already exist
+ scaleway_sshkey:
+ ssh_pub_key: "{{ ssh_key.stdout }}"
+ api_token: "{{ scaleway_token }}"
+ register: scaleway_ssh_key
+ rescue:
+ - fail:
+ msg: "* The SSH key may already exist in the Scaleway console under a different name."
+
+- block:
+ - name: Create a Scaleway instance
+ scaleway_compute:
+ name: "{{ scaleway_server_name }}"
+ size_id: "{{ scaleway_commercial_type }}"
+ region_id: "{{ regions[scaleway_region] }}"
+ image: "{{ image[0].id }}"
+ wait: yes
+ api_token: "{{ scaleway_token }}"
+ register: streisand_server
+ rescue:
+ - fail:
+ msg: "Unable to create the Scaleway server."
+
+- name: Wait until the server has finished booting and OpenSSH is accepting connections
+ wait_for:
+ host: "{{ streisand_server.ip_address }}"
+ port: 22
+ search_regex: OpenSSH
+ timeout: 600
+
+- name: Create the in-memory inventory group
+ add_host:
+ name: "{{ streisand_server.ip_address }}"
+ groups: streisand-host
+
+- name: Set the streisand_ipv4_address variable
+ set_fact:
+ streisand_ipv4_address: "{{ streisand_server.ip_address }}"
+
+- name: Set the streisand_server_name variable
+ set_fact:
+ streisand_server_name: "{{ scaleway_server_name | regex_replace('\\s', '_') }}"

playbooks/scaleway.yml

@@ -0,0 +1,53 @@
+---
+- name: Provision the Scaleway Server
+# ===================================
+ hosts: localhost
+ connection: local
+ gather_facts: yes
+
+ vars:
+ regions:
+ "1": "par1"
+ "2": "ams1"
+
+ vars_prompt:
+ - name: "scaleway_region"
+ prompt: >
+ What region should the server be located in?
+ 1. Paris
+ 2. Amsterdam
+ Please choose the number of your region. Press enter for default (#1) region.
+ default: "1"
+ private: no
+
+ - name: "scaleway_server_name"
+ prompt: "\nWhat should the server be named? Press enter for default (streisand).\n"
+ default: "streisand"
+ private: no
+
+ - name: "scaleway_token"
+ prompt: |
+
+ Tokens allow Streisand to create a Scaleway instance for you.
+ New Personal Access Tokens can be generated in the Scaleway console.
+ To generate a new token please do the following:
+ * Go to https://console.scaleway.com/account/credentials
+ * Click 'Generate New Token'
+ * Give the token a purpose (it is arbitrary)
+ * Copy the long string that is generated and paste it below.
+ * Click 'Generate Token'
+ If this field is left blank, the environment variable SCW_TOKEN will be used.
+
+ What is your Scaleway Token?
+ private: no
+
+ - name: "confirmation"
+ prompt: "\nStreisand will now set up your server. This process usually takes around ten minutes. Press Enter to begin setup...\n"
+
+ roles:
+ - genesis-scaleway
+
+- import_playbook: ssh-setup.yml
+- import_playbook: cloud-status.yml
+- import_playbook: streisand.yml
+...