Create separate role for SSH and Vagrant
- Added a separate role that first configures SSH, and after that gathers the ansible_virtualization_role fact, due to gathering facts requiring an SSH connection - Renamed ssl_certs_enabled to letsencrypt_enabled and moved that and the vagrant variable to the be supplied directly to the last two roles in playbook.yml - Added tags base_only and setup_services to the new role ssh_and_vagrant so that it will always be run before anything else when using deploy.sh
This commit is contained in:
parent
253a21432e
commit
57ca1e9233
15
playbook.yml
15
playbook.yml
|
@ -1,15 +1,12 @@
|
||||||
---
|
---
|
||||||
- hosts: all
|
- hosts: all
|
||||||
gather_facts: true
|
gather_facts: false
|
||||||
become: true
|
become: true
|
||||||
vars:
|
vars:
|
||||||
base_domain: data.coop
|
base_domain: data.coop
|
||||||
letsencrypt_email: admin@data.coop
|
letsencrypt_email: admin@data.coop
|
||||||
ldap_dn: "dc=data,dc=coop"
|
ldap_dn: "dc=data,dc=coop"
|
||||||
|
|
||||||
vagrant: "{{ ansible_virtualization_role == 'guest' }}"
|
|
||||||
ssl_certs_enabled: "{{ vagrant == false }}"
|
|
||||||
|
|
||||||
services:
|
services:
|
||||||
- nginx-proxy
|
- nginx-proxy
|
||||||
- postfix
|
- postfix
|
||||||
|
@ -36,9 +33,19 @@
|
||||||
smtp_port: "587"
|
smtp_port: "587"
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
|
- import_role:
|
||||||
|
name: ssh_and_vagrant
|
||||||
|
tags:
|
||||||
|
- base_only
|
||||||
|
- setup_services
|
||||||
- import_role:
|
- import_role:
|
||||||
name: ubuntu_base
|
name: ubuntu_base
|
||||||
|
vars:
|
||||||
|
vagrant: "{{ ansible_virtualization_role == 'guest' }}"
|
||||||
tags:
|
tags:
|
||||||
- base_only
|
- base_only
|
||||||
- import_role:
|
- import_role:
|
||||||
name: docker
|
name: docker
|
||||||
|
vars:
|
||||||
|
vagrant: "{{ ansible_virtualization_role == 'guest' }}"
|
||||||
|
letsencrypt_enabled: "{{ not vagrant }}"
|
||||||
|
|
|
@ -28,7 +28,7 @@
|
||||||
dest: "{{ mailu.volume_folder }}/certs/cert.pem"
|
dest: "{{ mailu.volume_folder }}/certs/cert.pem"
|
||||||
state: hard
|
state: hard
|
||||||
force: yes
|
force: yes
|
||||||
when: ssl_certs_enabled
|
when: letsencrypt_enabled
|
||||||
|
|
||||||
- name: hard link to Let's Encrypt TLS key
|
- name: hard link to Let's Encrypt TLS key
|
||||||
file:
|
file:
|
||||||
|
@ -36,7 +36,7 @@
|
||||||
dest: "{{ mailu.volume_folder }}/certs/key.pem"
|
dest: "{{ mailu.volume_folder }}/certs/key.pem"
|
||||||
state: hard
|
state: hard
|
||||||
force: yes
|
force: yes
|
||||||
when: ssl_certs_enabled
|
when: letsencrypt_enabled
|
||||||
|
|
||||||
- name: run mail server containers
|
- name: run mail server containers
|
||||||
docker_compose:
|
docker_compose:
|
||||||
|
|
|
@ -44,5 +44,5 @@
|
||||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
env:
|
env:
|
||||||
NGINX_PROXY_CONTAINER: nginx-proxy
|
NGINX_PROXY_CONTAINER: nginx-proxy
|
||||||
when: ssl_certs_enabled
|
when: letsencrypt_enabled
|
||||||
|
|
||||||
|
|
5
roles/ssh_and_vagrant/tasks/main.yml
Normal file
5
roles/ssh_and_vagrant/tasks/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- import_tasks: ssh-port.yml
|
||||||
|
tags: [change-ssh-port]
|
||||||
|
- import_tasks: virtualization.yml
|
||||||
|
tags: [gather-virtualization-facts]
|
|
@ -11,7 +11,7 @@
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
register: ssh_configured
|
register: ssh_configured
|
||||||
|
|
||||||
# If we're running in Vagrant, ansible_port is 2222
|
# If running in Vagrant, ansible_port is always 2222
|
||||||
- name: Change Ansible port to 22 if needed
|
- name: Change Ansible port to 22 if needed
|
||||||
set_fact:
|
set_fact:
|
||||||
ansible_port: 22
|
ansible_port: 22
|
4
roles/ssh_and_vagrant/tasks/virtualization.yml
Normal file
4
roles/ssh_and_vagrant/tasks/virtualization.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- name: Determine if running in Vagrant
|
||||||
|
setup:
|
||||||
|
gather_subset: virtualization_role
|
|
@ -13,7 +13,7 @@
|
||||||
- name: Install Dell OpenManage
|
- name: Install Dell OpenManage
|
||||||
apt:
|
apt:
|
||||||
name: srvadmin-all
|
name: srvadmin-all
|
||||||
when: ansible_virtualization_role != "guest"
|
when: not vagrant
|
||||||
|
|
||||||
- name: Install necessary packages via pip
|
- name: Install necessary packages via pip
|
||||||
pip:
|
pip:
|
||||||
|
|
|
@ -1,9 +1,7 @@
|
||||||
---
|
---
|
||||||
- import_tasks: ssh-port.yml
|
|
||||||
tags: [change-ssh-port]
|
|
||||||
- import_tasks: dell-apt-repo.yml
|
- import_tasks: dell-apt-repo.yml
|
||||||
tags: [setup-dell-apt-repo]
|
tags: [setup-dell-apt-repo]
|
||||||
when: vagrant == false
|
when: not vagrant
|
||||||
- import_tasks: upgrade.yml
|
- import_tasks: upgrade.yml
|
||||||
tags: [do-full-system-upgrade]
|
tags: [do-full-system-upgrade]
|
||||||
- import_tasks: base.yml
|
- import_tasks: base.yml
|
||||||
|
|
Loading…
Reference in a new issue