- name: deploy OVH instance hosts: localhost vars_files: - vars/main.yml gather_facts: false tasks: - name: Gather facts ansible.builtin.setup: tags: - always - name: Retrieve secrets ansible.builtin.include_tasks: file: "tasks/retrieve_secret_vars.yml" apply: tags: - always tags: - always - name: Include OVH application credentials ansible.builtin.include_vars: "{{ remote_workdir }}/OVH_APPLICATION.yml" tags: - always - name: include role_deploy_openstack_instance ansible.builtin.include_role: name: role_deploy_openstack_instance apply: tags: - always tags: - always - name: add new instance to host group at runtime ansible.builtin.add_host: name: "{{ target_name }}" ansible_host: "{{ openstack_output.openstack.accessIPv4 }}" groups: target changed_when: false tags: - always - name: Remove old SSH host key command: ssh-keygen -f "/home/{{ LINUX_USERNAME }}/.ssh/known_hosts" -R "{{ item }}" changed_when: false with_items: - "{{ target_name }}" - "{{ openstack_output.openstack.accessIPv4 }}" - name: configure OVH instance hosts: target vars_files: - vars/main.yml gather_facts: false tasks: - name: Wait for system to become reachable ansible.builtin.wait_for_connection: timeout: 30 tags: configure - name: Gather facts ansible.builtin.setup: tags: - common - always - name: Include retrieve_secret_vars tasks ansible.builtin.include_tasks: file: "tasks/retrieve_secret_vars.yml" apply: tags: - common - always tags: - common - always - name: Include secrets from yml db ansible.builtin.include_vars: "{{ local_workdir }}/secrets.yml" tags: - common - always - name: Register variable DUPLICITY_PASSPHRASE command: "cat {{ remote_workdir }}/duplicity_passphrase" register: cat_duplicity_passphrase changed_when: false tags: - common - always - name: Set variable DUPLICITY_PASSPHRASE set_fact: "DUPLICITY_PASSPHRASE": "{{ cat_duplicity_passphrase.stdout }}" changed_when: false tags: - common - always - name: Include role_configure_ovh_instance ansible.builtin.include_role: name: role_configure_ovh_instance apply: tags: common tags: common - name: switch to new user set_fact: ansible_user: "{{ LINUX_USERNAME }}" tags: - common - always - name: set remote workdir path ansible.builtin.set_fact: remote_workdir: /home/{{ ansible_user }}/.tmp_deploy_ovh tags: - common - always - name: create remote workdir ansible.builtin.file: path: "{{ remote_workdir }}" state: directory tags: - common - always - name: Include deploy_reverse-proxy tasks ansible.builtin.include_tasks: "tasks/deploy_reverse-proxy.yml" tags: deploy_reverse-proxy - name: Include deploy_mysql-server tasks ansible.builtin.include_tasks: file: "tasks/deploy_mysql-server.yml" apply: tags: deploy_mysql-server tags: deploy_mysql-server - name: Include deploy_gogs tasks ansible.builtin.include_tasks: file: "tasks/deploy_gogs.yml" apply: tags: deploy_gogs tags: deploy_gogs - name: Include role_deploy_registry ansible.builtin.include_role: name: role_deploy_registry apply: tags: deploy_registry tags: deploy_registry - name: Include role_deploy_nextcloud ansible.builtin.include_role: name: role_deploy_nextcloud apply: tags: deploy_nextcloud tags: deploy_nextcloud - name: Include role_deploy_grafana ansible.builtin.include_role: name: role_deploy_grafana apply: tags: deploy_grafana tags: deploy_grafana - name: Include role_deploy_coturn ansible.builtin.include_role: name: role_deploy_coturn apply: tags: deploy_coturn tags: deploy_coturn - name: Include role_deploy_SemanticScuttle ansible.builtin.include_role: name: role_deploy_SemanticScuttle apply: tags: deploy_SemanticScuttle tags: deploy_SemanticScuttle - name: Include role_deploy_openvpn-server ansible.builtin.include_role: name: role_deploy_openvpn-server apply: tags: deploy_openvpn-server tags: deploy_openvpn-server - name: Include role_deploy_onlyoffice ansible.builtin.include_role: name: role_deploy_onlyoffice apply: tags: deploy_onlyoffice tags: deploy_onlyoffice - name: Include role_deploy_dovecot ansible.builtin.include_role: name: role_deploy_dovecot apply: tags: deploy_dovecot tags: deploy_dovecot