8c1a6e13e4
es una version jibarizada, que solo incluye los roles principales: - althost que orquesta todo - proxy reverso Nginx dockerizado - certbot maneja SSL de este - dns es un servidor DNS bind9 - rap es la VPN - users gestiona usuarixs linux
40 lines
1.1 KiB
YAML
40 lines
1.1 KiB
YAML
# ansible-playbook --vault-id @prompt deploy.yml -e "host=digitalocean alt=numerica"
|
|
# opcional: service define despliegue de servicio especifico
|
|
---
|
|
- hosts: "{{ host }}"
|
|
vars_files:
|
|
- "{{ keys_file }}"
|
|
tasks:
|
|
- name: import matrix
|
|
local_action: "include_vars dir=./ files_matching={{ alt }}.yml"
|
|
|
|
- include_role: name=althost
|
|
# tags: installation
|
|
|
|
- include_role: name=users
|
|
tags: users, installation
|
|
|
|
- include_role: name=proxy
|
|
tags: proxy
|
|
|
|
- name: publish docker composition
|
|
copy:
|
|
src: "{{ local_compose_path }}/docker-compose.yml"
|
|
dest: "{{ compose_path }}/docker-compose.yml"
|
|
notify:
|
|
- deploy docker
|
|
when: service is undefined
|
|
|
|
- name: publish a mini composition for single services
|
|
copy:
|
|
src: "{{ local_compose_path }}/docker-compose.yml"
|
|
dest: "{{ compose_path }}/docker-compose-mini.yml"
|
|
notify:
|
|
- deploy service update
|
|
when: service is defined
|
|
|
|
- name: self-destruct from crontab
|
|
cron:
|
|
name: nightly deploy
|
|
state: absent
|