Attention des changements sont bientôt à prévoir sur l'instance gitea d'Aurore :

The ansible files for the pains-perdus infra.

Find a file

Jean-Marie Mineau ea649b6e02 one more		2021-01-27 02:04:44 +01:00
group_vars/all	setup 'prod' variables	2021-01-27 01:27:04 +01:00
roles	"fix some bugs	2021-01-27 02:03:17 +01:00
.gitignore	add certbot, wip	2020-10-13 01:25:02 +02:00
ansible.cfg	add certbot, wip	2020-10-13 01:25:02 +02:00
base.yml	add basic tools	2020-10-12 09:59:51 +02:00
dns.yml	free the port 53 for nginx	2021-01-23 13:45:25 +01:00
gitea.yml	one more	2021-01-27 02:04:44 +01:00
hosts	"fix some bugs	2021-01-27 02:03:17 +01:00
keycloak.yml	generate self signed certificate	2021-01-26 19:36:59 +01:00
LICENSE	Initial commit	2020-10-05 09:38:11 +02:00
README.md	add some note about the ssh-agent	2021-01-22 23:11:38 +01:00
web_services.yml	split the reverse_proxy role to implement a separate reverse proxy for stream	2021-01-23 01:19:21 +01:00

README.md

ansible

The ansible files for the pains-perdus infra.

Deploy a playbook

ansible-playbook playbook.yml

Add --check to do a dry run

Edit the vault

ansible-vault edit group_vars/all/vault

with the edditor defined in the env varible $EDITOR and the password of the vault in the file .vault_password (Carefull not to commit it!!!)

SSH key whith passphrase

To avoid entering the passphrase of the ssh key for each host, we have to use an ssh-agent. The ssh-agent with xonsh does not really works, so in my case I have to use ansible and the agent inside a sh process:

sh
eval `ssh-agent -s`
ssh-add
ansible all -m ping # or whatever you want to do with ansible
exit