2020-10-05 09:38:11 +02:00
|
|
|
# ansible
|
|
|
|
|
2021-01-22 22:21:08 +01:00
|
|
|
The ansible files for the pains-perdus infra.
|
|
|
|
|
|
|
|
## Deploy a playbook
|
|
|
|
|
|
|
|
`ansible-playbook playbook.yml`
|
|
|
|
|
|
|
|
Add `--check` to do a dry run
|
2021-01-22 22:52:57 +01:00
|
|
|
|
|
|
|
## Edit the vault
|
|
|
|
|
|
|
|
`ansible-vault edit group_vars/all/vault`
|
|
|
|
|
|
|
|
with the edditor defined in the env varible `$EDITOR` and the password of the vault in the file `.vault_password` (Carefull not to commit it!!!)
|
2021-01-22 23:11:38 +01:00
|
|
|
|
|
|
|
## SSH key whith passphrase
|
|
|
|
|
|
|
|
To avoid entering the passphrase of the ssh key for each host, we have to use an ssh-agent.
|
|
|
|
The ssh-agent with xonsh does not really works, so in my case I have to use ansible and the agent inside a sh process:
|
|
|
|
|
|
|
|
```
|
|
|
|
sh
|
|
|
|
eval `ssh-agent -s`
|
|
|
|
ssh-add
|
|
|
|
ansible all -m ping # or whatever you want to do with ansible
|
|
|
|
exit
|
|
|
|
```
|