87 lines
2.6 KiB
YAML
87 lines
2.6 KiB
YAML
---
|
|
- name: Verify stacks directory exists (on first swarm node)
|
|
when: inventory_hostname == groups['swarm_managers'][0]
|
|
file:
|
|
path: "/home/{{ansible_user}}/stacks/swarm-bootstrap"
|
|
state: directory
|
|
|
|
- name: Verify bootstrap volume path (on first swarm node)
|
|
become: true
|
|
when: inventory_hostname == groups['swarm_managers'][0]
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
loop:
|
|
- "{{gluster_mount_path}}/swarm-bootstrap/traefik/letsencrypt"
|
|
- "{{gluster_mount_path}}/swarm-bootstrap/traefik/secrets"
|
|
- "{{gluster_mount_path}}/swarm-bootstrap/portainer"
|
|
- "{{gluster_mount_path}}/swarm-bootstrap/gitea"
|
|
|
|
- name: Create CF secret
|
|
become: true
|
|
copy:
|
|
content: "{{ cf_dns_api_token }}"
|
|
dest: "{{gluster_mount_path}}/swarm-bootstrap/traefik/secrets/cf-dns-api-token.secret"
|
|
mode: '0740'
|
|
|
|
- name: Set DNS servers
|
|
become: true
|
|
tags: [set_dns_servers]
|
|
copy:
|
|
content: |
|
|
[Resolve]
|
|
DNS=10.0.123.123
|
|
# FallbackDNS=1.1.1.1
|
|
dest: /etc/systemd/resolved.conf
|
|
register: dns_servers_configuration
|
|
|
|
- name: Restart systemd-resolved
|
|
tags: [set_dns_servers]
|
|
service:
|
|
name: systemd-resolved
|
|
state: restarted
|
|
when: dns_servers_configuration.changed
|
|
|
|
- name: Generate Traefik admin password hash
|
|
when: inventory_hostname == groups['swarm_managers'][0]
|
|
shell: echo $(htpasswd -nb {{traefik_admin_user}} {{traefik_admin_password}}) | sed -e s/\\$/\\$\\$/g
|
|
register: traefikpassword
|
|
changed_when: false
|
|
|
|
- name: Generate Portainer admin password hash
|
|
when: inventory_hostname == groups['swarm_managers'][0]
|
|
shell: echo $(htpasswd -nBb admin {{portainer_admin_password}}) | cut -d ":" -f 2 | sed -e s/\\$/\\$\\$/g
|
|
register: portainerpassword
|
|
changed_when: false
|
|
|
|
- name: Create git user
|
|
become: true
|
|
user:
|
|
name: git
|
|
create_home: true
|
|
register: git_user
|
|
|
|
- set_fact:
|
|
portainer_htpasswd: "{{portainerpassword.stdout}}"
|
|
traefik_htpasswd: "{{traefikpassword.stdout}}"
|
|
git_user_id: "{{git_user.uid}}"
|
|
git_group_id: "{{git_user.group}}"
|
|
when: inventory_hostname == groups['swarm_managers'][0]
|
|
|
|
- name: Create docker-compose stack file (on first swarm node)
|
|
when: inventory_hostname == groups['swarm_managers'][0]
|
|
template:
|
|
src: docker-stack.yml.j2
|
|
dest: /home/{{ansible_user}}/stacks/swarm-bootstrap/docker-stack.yml
|
|
mode: 0755
|
|
|
|
- name: Deploy stack from a compose file (on first swarm node)
|
|
when: inventory_hostname == groups['swarm_managers'][0]
|
|
become: true
|
|
docker_stack:
|
|
state: present
|
|
name: swarm-bootstrap
|
|
detach: false
|
|
compose:
|
|
- /home/{{ansible_user}}/stacks/swarm-bootstrap/docker-stack.yml
|