infrastructure/coreos-config/playbook.yaml

124 lines
3.5 KiB
YAML
Raw Normal View History

---
- name: Wait for hosts to be ready
hosts: all
gather_facts: false
tasks:
- name: Wait for system to become reachable
wait_for_connection:
timeout: 300
sleep: 10
- name: Backup
2022-10-29 05:04:47 +02:00
hosts: backup
2022-07-04 02:10:02 +02:00
become: true
2022-07-14 00:19:54 +02:00
become_user: root
tasks:
- name: Install backup script
ansible.builtin.template:
src: backup.sh.j2
dest: /root/backup.sh
2022-07-04 02:10:02 +02:00
mode: '0700'
owner: root
- ansible.builtin.file:
path: /root/.ssh
owner: root
state: directory
mode: '0700'
- name: Install SSH Keys
ansible.builtin.template:
src: storagebox.j2
dest: /root/.ssh/storagebox
mode: '0600'
owner: root
2022-07-14 00:19:54 +02:00
- name: Add Known Hosts entries
ansible.builtin.known_hosts:
path: "/root/.ssh/known_hosts"
name: "{{ backup.known_hosts.name }}"
key: "{{ backup.known_hosts.key }}"
- name: Restore from Backup
hosts: unprovisioned
become: true
become_user: root
gather_facts: true
tasks:
- block:
2022-10-29 05:04:47 +02:00
- name: Install restore script
2022-07-14 00:19:54 +02:00
ansible.builtin.template:
src: restore.sh.j2
dest: /root/restore.sh
mode: '0700'
owner: root
2022-10-29 05:04:47 +02:00
- ansible.builtin.file:
path: /root/.ssh
owner: root
state: directory
mode: '0700'
- name: Install SSH Keys
ansible.builtin.template:
src: storagebox.j2
dest: /root/.ssh/storagebox
mode: '0600'
owner: root
- name: Add Known Hosts entries
ansible.builtin.known_hosts:
path: "/root/.ssh/known_hosts"
name: "{{ backup.known_hosts.name }}"
key: "{{ backup.known_hosts.key }}"
2022-07-14 00:19:54 +02:00
- name: Restore from Borg
become: true
become_user: root
ansible.builtin.command:
chdir: /
cmd: bash /root/restore.sh
- name: Remove script from host
ansible.builtin.file:
path: /root/restore.sh
state: absent
- set_fact:
provisioned: true
cacheable: true
when: ansible_facts.provisioned is undefined
- name: Setup Registry credentials
hosts: all
tasks:
- ansible.builtin.file:
path: /home/core/.docker
owner: core
state: directory
mode: '0700'
- ansible.builtin.template:
src: docker-config.json.j2
dest: /home/core/.docker/config.json
mode: '0600'
owner: core
2022-10-29 05:04:47 +02:00
- name: Install Services
hosts: host.nc.chaoswg.org
vars:
state: present
2022-10-29 05:04:47 +02:00
roles:
- { role: compose_project, service: traefik }
- { role: compose_project, service: keycloak }
- { role: compose_project, service: minio }
- { role: compose_project, service: registry }
- { role: compose_project, service: gitea }
- { role: compose_project, service: wireguard }
- { role: compose_project, service: hedgedoc }
- { role: compose_project, service: miniflux }
- { role: compose_project, service: nextcloud }
- { role: compose_project, service: search }
- { role: compose_project, service: syncthing }
- { role: compose_project, service: blog }
- { role: compose_project, service: caddy }
- { role: compose_project, service: diun }
- { role: compose_project, service: thelounge }
- { role: compose_project, service: tubearchivist }
- { role: compose_project, service: watchtower }
2022-10-31 04:33:01 +01:00
# - { role: compose_project, service: youtrack }
...