ovh_instance_playbooks/deploy_ovh_instance.yml
2024-06-15 18:07:02 +02:00

189 lines
4.9 KiB
YAML

- name: deploy OVH instance
hosts: localhost
tags: create
vars_files:
- vars/main.yml
tasks:
- name: Retrieve secrets
ansible.builtin.include_tasks:
file: "tasks/retrieve_secret_vars.yml"
apply:
tags:
- always
tags:
- always
- name: Include OVH application credentials
ansible.builtin.include_vars: "{{ remote_workdir }}/OVH_APPLICATION.yml"
tags:
- always
- name: include role_deploy_openstack_instance
ansible.builtin.include_role:
name: role_deploy_openstack_instance
apply:
tags:
- always
tags:
- always
- name: add new instance to host group at runtime
ansible.builtin.add_host:
name: "{{ target_name }}"
ansible_host: "{{ openstack_output.openstack.accessIPv4 }}"
groups: target
changed_when: false
tags:
- always
- name: Remove old SSH host key
command: ssh-keygen -f "/home/{{ LINUX_USERNAME }}/.ssh/known_hosts" -R "{{ item }}"
changed_when: false
with_items:
- "{{ target_name }}"
- "{{ openstack_output.openstack.accessIPv4 }}"
- name: configure OVH instance
hosts: target
vars_files:
- vars/main.yml
gather_facts: false
tasks:
- name: Wait for system to become reachable
ansible.builtin.wait_for_connection:
timeout: 30
tags: configure
- name: Gather facts
ansible.builtin.setup:
tags:
- common
- always
- name: Include retrieve_secret_vars tasks
ansible.builtin.include_tasks:
file: "tasks/retrieve_secret_vars.yml"
apply:
tags:
- common
- always
tags:
- common
- always
- name: Include secrets from yml db
ansible.builtin.include_vars: "{{ local_workdir }}/secrets.yml"
tags:
- common
- always
- name: Register variable DUPLICITY_PASSPHRASE
command: "cat {{ remote_workdir }}/duplicity_passphrase"
register: cat_duplicity_passphrase
changed_when: false
tags:
- common
- always
- name: Set variable DUPLICITY_PASSPHRASE
set_fact:
"DUPLICITY_PASSPHRASE": "{{ cat_duplicity_passphrase.stdout }}"
changed_when: false
tags:
- common
- always
- name: Include role_configure_ovh_instance
ansible.builtin.include_role:
name: role_configure_ovh_instance
apply:
tags: common
tags: common
- name: switch to new user
set_fact:
ansible_user: "{{ LINUX_USERNAME }}"
tags:
- common
- always
- name: Include deploy_reverse-proxy tasks
ansible.builtin.include_tasks: "tasks/deploy_reverse-proxy.yml"
tags: deploy_reverse-proxy
- name: Include deploy_mysql-server tasks
ansible.builtin.include_tasks:
file: "tasks/deploy_mysql-server.yml"
apply:
tags: deploy_mysql-server
tags: deploy_mysql-server
- name: Include deploy_gogs tasks
ansible.builtin.include_tasks:
file: "tasks/deploy_gogs.yml"
apply:
tags: deploy_gogs
tags: deploy_gogs
- name: Include role_deploy_registry
ansible.builtin.include_role:
name: role_deploy_registry
apply:
tags: deploy_registry
tags: deploy_registry
- name: Include role_deploy_nextcloud
ansible.builtin.include_role:
name: role_deploy_nextcloud
apply:
tags: deploy_nextcloud
tags: deploy_nextcloud
- name: Include role_deploy_grafana
ansible.builtin.include_role:
name: role_deploy_grafana
apply:
tags: deploy_grafana
tags: deploy_grafana
- name: Include role_deploy_coturn
ansible.builtin.include_role:
name: role_deploy_coturn
apply:
tags: deploy_coturn
tags: deploy_coturn
- name: Include role_deploy_SemanticScuttle
ansible.builtin.include_role:
name: role_deploy_SemanticScuttle
apply:
tags: deploy_SemanticScuttle
tags: deploy_SemanticScuttle
- name: Include role_deploy_openvpn-server
ansible.builtin.include_role:
name: role_deploy_openvpn-server
apply:
tags: deploy_openvpn-server
tags: deploy_openvpn-server
- name: delete OVH instance
hosts: localhost
connection: local
tags: delete
vars_files:
- vars/main.yml
tasks:
- name: Retrieve secrets
ansible.builtin.include_tasks: "tasks/retrieve_secret_vars.yml"
when: delete | default(True) | bool
- name: Include OVH application credentials
ansible.builtin.include_vars: "{{ remote_workdir }}/OVH_APPLICATION.yml"
when: delete | default(True) | bool
- name: include role_delete_openstack_instance
ansible.builtin.include_role:
name: role_delete_openstack_instance
when: delete | default(True) | bool