- name: deploy OVH instance hosts: localhost vars_files: - vars/main.yml gather_facts: false tasks: - name: Gather facts ansible.builtin.setup: tags: - always - name: Set ansible_user set_fact: ansible_user: "{{ ansible_user_id }}" tags: - always - name: Retrieve secrets ansible.builtin.include_tasks: file: "tasks/retrieve_secret_vars.yml" apply: tags: - always tags: - always - name: Include secrets from yml db ansible.builtin.include_vars: "{{ remote_workdir }}/secrets.yml" tags: - always - name: include role_deploy_openstack_instance ansible.builtin.include_role: name: role_deploy_openstack_instance apply: tags: - always tags: - always - name: add new instance to host group at runtime ansible.builtin.add_host: name: "{{ target_name }}" ansible_host: "{{ openstack_output.openstack.accessIPv4 }}" groups: target changed_when: false tags: - always - name: Remove old SSH host key command: ssh-keygen -f "{{ ansible_user_dir }}/.ssh/known_hosts" -R "{{ item }}" changed_when: false with_items: - "{{ target_name }}" - "{{ openstack_output.openstack.accessIPv4 }}" - name: configure OVH instance hosts: target vars_files: - vars/main.yml gather_facts: false tasks: - name: Wait for system to become reachable ansible.builtin.wait_for_connection: timeout: 30 tags: configure - name: Gather facts ansible.builtin.setup: tags: - common - always - name: Set ansible_user set_fact: ansible_user: "{{ ansible_user_id }}" tags: - common - always - name: Include retrieve_secret_vars tasks ansible.builtin.include_tasks: file: "tasks/retrieve_secret_vars.yml" apply: tags: - common - always tags: - common - always - name: Include secrets from yml db ansible.builtin.include_vars: "{{ local_workdir }}/secrets.yml" tags: - common - always - name: Include role_configure_ovh_instance ansible.builtin.include_role: name: role_configure_ovh_instance apply: tags: common tags: common - name: switch to new user set_fact: ansible_user: "{{ LINUX_USERNAME }}" tags: - common - always - name: Gather facts ansible.builtin.setup: tags: - common - always - name: set remote workdir path ansible.builtin.set_fact: remote_workdir: "{{ ansible_user_dir }}/{{ ANSIBLE_WORKDIR }}" tags: - common - always - name: create remote workdir ansible.builtin.file: path: "{{ remote_workdir }}" state: directory tags: - common - always - name: Include retrieve_secret_vars tasks ansible.builtin.include_tasks: file: "tasks/retrieve_secret_vars.yml" apply: tags: - common - always tags: - common - always - name: Include role_deploy_temp_openvpn-server ansible.builtin.include_role: name: role_deploy_temp_openvpn-server apply: tags: deploy_temp_openvpn-server tags: deploy_temp_openvpn-server - name: Include deploy_reverse-proxy tasks ansible.builtin.include_tasks: "tasks/deploy_reverse-proxy.yml" tags: deploy_reverse-proxy - name: Include deploy_mysql-server tasks ansible.builtin.include_tasks: file: "tasks/deploy_mysql-server.yml" apply: tags: deploy_mysql-server tags: deploy_mysql-server - name: Include deploy_gogs tasks ansible.builtin.include_tasks: file: "tasks/deploy_gogs.yml" apply: tags: deploy_gogs tags: deploy_gogs - name: Include role_deploy_registry ansible.builtin.include_role: name: role_deploy_registry apply: tags: deploy_registry tags: deploy_registry - name: Include role_deploy_internal_named ansible.builtin.include_role: name: role_deploy_internal_named apply: tags: deploy_internal_named tags: deploy_internal_named - name: Include role_deploy_nextcloud ansible.builtin.include_role: name: role_deploy_nextcloud apply: tags: deploy_nextcloud tags: deploy_nextcloud - name: Include role_deploy_grafana ansible.builtin.include_role: name: role_deploy_grafana apply: tags: deploy_grafana tags: deploy_grafana - name: Include role_deploy_coturn ansible.builtin.include_role: name: role_deploy_coturn apply: tags: deploy_coturn tags: deploy_coturn - name: Include role_deploy_SemanticScuttle ansible.builtin.include_role: name: role_deploy_SemanticScuttle apply: tags: deploy_SemanticScuttle tags: deploy_SemanticScuttle - name: Include role_deploy_onlyoffice ansible.builtin.include_role: name: role_deploy_onlyoffice apply: tags: deploy_onlyoffice tags: deploy_onlyoffice - name: Include role_deploy_dovecot ansible.builtin.include_role: name: role_deploy_dovecot apply: tags: deploy_dovecot tags: deploy_dovecot - name: Include role_deploy_store-metrics-in-db ansible.builtin.include_role: name: role_deploy_store-metrics-in-db apply: tags: deploy_store-metrics-in-db tags: deploy_store-metrics-in-db - name: Include role_deploy_feed2imap ansible.builtin.include_role: name: role_deploy_feed2imap apply: tags: deploy_feed2imap tags: deploy_feed2imap - name: Include role_deploy_cron ansible.builtin.include_role: name: role_deploy_cron apply: tags: deploy_cron tags: deploy_cron - name: Retrieve config repo ansible.builtin.git: repo: "ssh://git@git.scimetis.net:2222/yohan/config.git" dest: "{{ local_workdir }}/config" version: master accept_hostkey: true force: true changed_when: false tags: deploy_fetchmail delegate_to: localhost - name: Include fetchmail instances list from yml db ansible.builtin.include_vars: "{{ local_workdir }}/config/docker-mail-stack/fetchmail_instances.yml" tags: deploy_fetchmail - name: Include role_deploy_fetchmail ansible.builtin.include_role: name: role_deploy_fetchmail apply: tags: deploy_fetchmail tags: deploy_fetchmail loop: "{{ fetchmail_instances }}" loop_control: loop_var: fetchmail_instance #- name: Include role_deploy_openvpn-server # ansible.builtin.include_role: # name: role_deploy_openvpn-server # apply: # tags: deploy_openvpn-server # tags: deploy_openvpn-server