--- - name: "Add basic configuration awx server" block: - name: "Authenticating with awx server" uri: url: "{{ awx_base_url }}/api/v2/me/" method: GET user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" return_content: true validate_certs: false force_basic_auth: yes status_code: 200 no_log: true tags: - awx_communication - name: "Search 'Ansible' user to awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: users awx_search_key: username awx_search_name: "Ansible" awx_type_id: "" tags: - awx_communication - name: "Update ansible_awx_user_id" set_fact: ansible_awx_user_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Add Ansible user to awx server" vars: username: "Ansible" password: "Ansible" uri: url: "{{ awx_base_url }}/api/v2/users/" method: POST user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" headers: Content-Type: "application/json" Accept: "application/json" body_format: "json" body: "{{ lookup('template','awx-create-user-config.json.j2') }}" force_basic_auth: true validate_certs: false status_code: 200, 201 no_log: true when: (ansible_awx_user_id is not defined) and (ansible_awx_user_id | length > 0) tags: - awx_communication - name: "Search 'Ansible' user on awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: users awx_search_key: username awx_search_name: "Ansible" awx_type_id: "" when: (ansible_awx_user_id is not defined) tags: - awx_communication - name: "Update ansible_awx_user_id" set_fact: ansible_awx_user_id: "{{ awx_type_id }}" awx_type_id: "" when: > (ansible_awx_user_id is not defined) and (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Get 'Machine' type id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credential_types awx_search_key: name awx_search_name: "Machine" awx_type_id: "" tags: - awx_communication - name: "Update awx_credential_type_machine_id" set_fact: awx_credential_type_machine_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Get 'Machine' type 'Hetzner-Ansible' type id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credentials awx_search_key: name awx_search_name: "Hetzner-Ansible" awx_type_id: "" tags: - awx_communication - name: "Update awx_credential_hetzner_ansible_id" set_fact: awx_credential_hetzner_ansible_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Add 'Machine' type 'Hetzner_Ansible' credential to awx server" vars: name: "Hetzner-Ansible" user_id: "{{ ansible_awx_user_id }}" credential_type_id: "{{ awx_credential_type_machine_id }}" credential_type_name: "Machine" username: "Ansible" ssh_public_key_data: "{{ lookup('file', '{{ playbook_dir }}/users/ansible/id_rsa.pub') | replace('\n', '') }}" ssh_key_data: "{{ lookup('file', '{{ playbook_dir }}/users/ansible_ssh_key') | replace('\n', '') }}" uri: url: "{{ awx_base_url }}/api/v2/credentials/" method: POST user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" headers: Content-Type: "application/json" Accept: "application/json" body_format: "json" body: "{{ lookup('template','awx-create-credential-config.json.j2') }}" force_basic_auth: true validate_certs: false status_code: 200, 201 no_log: true tags: - awx_communication when: > (awx_credential_hetzner_ansible_id is not defined) and (ansible_awx_user_id is defined) and (ansible_awx_user_id | length > 0) and (awx_credential_type_machine_id is defined) and (awx_credential_type_machine_id | length > 0) - name: "Get 'Machine' type 'Hetzner_Ansible' type id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credentials awx_search_key: name awx_search_name: "Hetzner-Ansible" awx_type_id: "" when: (awx_credential_hetzner_ansible_id is not defined) tags: - awx_communication - name: "Update awx_credential_hetzner_ansible_id" set_fact: awx_credential_hetzner_ansible_id: "{{ awx_type_id }}" awx_type_id: "" when: > (awx_credential_hetzner_ansible_id is not defined) and (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Get 'Vault' type id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credential_types awx_search_key: name awx_search_name: "Vault" awx_type_id: "" tags: - awx_communication - name: "Update awx_credential_type_vault_id" set_fact: awx_credential_type_vault_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Get 'Vault' type 'Hetzner_Ansible_Vault' type id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credentials awx_search_key: name awx_search_name: "Hetzner-Ansible-Vault" awx_type_id: "" tags: - awx_communication - name: "Update awx_credential_hetzner_ansible_vault_id" set_fact: awx_credential_hetzner_ansible_vault_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Add 'Vault' type 'Hetzner-Ansible-Vault' credential to awx server" vars: name: "Hetzner-Ansible-Vault" user_id: "{{ ansible_awx_user_id }}" credential_type_id: "{{ awx_credential_type_vault_id }}" credential_type_name: "Vault" #should be more secure vault_password: devops123 uri: url: "{{ awx_base_url }}/api/v2/credentials/" method: POST user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" headers: Content-Type: "application/json" Accept: "application/json" body_format: "json" body: "{{ lookup('template','awx-create-credential-config.json.j2') }}" force_basic_auth: true validate_certs: false status_code: 200, 201 no_log: true tags: - awx_communication when: > (awx_credential_hetzner_ansible_vault_id is not defined) and (ansible_awx_user_id is defined) and (ansible_awx_user_id | length > 0) and (awx_credential_type_vault_id is defined) and (awx_credential_type_vault_id | length > 0) - name: "Get 'Vault' type 'Hetzner-Ansible-Vault' type id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credentials awx_search_key: name awx_search_name: "Hetzner-Ansible-Vault" awx_type_id: "" when: (awx_credential_hetzner_ansible_vault_id is not defined) tags: - awx_communication - name: "Update awx_credential_hetzner_ansible_vault_id" set_fact: awx_credential_hetzner_ansible_vault_id: "{{ awx_type_id }}" awx_type_id: "" when: > (awx_credential_hetzner_ansible_vault_id is not defined) and (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Search 'Container Registry' type id to awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credential_types awx_search_key: name awx_search_name: "Container Registry" awx_type_id: "" tags: - awx_communication - name: "Update awx_credential_type_container_registry_id" set_fact: awx_credential_type_container_registry_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Get 'Docker Registry' id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credentials awx_search_key: name awx_search_name: "Docker Registry" awx_type_id: "" tags: - awx_communication - name: "Update awx_credential_docker_registry_id" set_fact: awx_credential_docker_registry_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Add 'Container Registry' credential to awx server" vars: name: "Docker Registry" description: "Docker Registry Smardigo Credentials" user_id: "{{ ansible_awx_user_id }}" credential_type_id: "{{ awx_credential_type_container_registry_id }}" credential_type_name: "Container Registry" host: "dev-docker-registry-01.smardigo.digital" username: "{{ docker_registry_username }}" password: "{{ docker_registry_token }}" uri: url: "{{ awx_base_url }}/api/v2/credentials/" method: POST user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" headers: Content-Type: "application/json" Accept: "application/json" body_format: "json" body: "{{ lookup('template','awx-create-credential-config.json.j2') }}" force_basic_auth: true validate_certs: false status_code: 200, 201 no_log: true tags: - awx_communication when: > (awx_credential_docker_registry_id is not defined) and (ansible_awx_user_id is defined) and (ansible_awx_user_id | length > 0) and (awx_credential_type_container_registry_id is defined) and (awx_credential_type_container_registry_id | length > 0) - name: "Get 'Docker Registry' id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: credentials awx_search_key: name awx_search_name: "Docker Registry" awx_type_id: "" when: (awx_credential_docker_registry_id is not defined) tags: - awx_communication - name: "Update awx_credential_docker_registry_id" set_fact: awx_credential_docker_registry_id: "{{ awx_type_id }}" awx_type_id: "" when: > (awx_credential_docker_registry_id is not defined) and (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Get 'Hetzner-Ansible' execution environment id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: execution_environments awx_search_key: name awx_search_name: "Hetzner-Ansible" awx_type_id: "" tags: - awx_communication - name: "Update awx_ee_hetzner_ansible_id" set_fact: awx_ee_hetzner_ansible_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Register execution environment container image to awx server" vars: name: "Hetzner-Ansible" description: "test" image: "dev-docker-registry-01.smardigo.digital/awx/awx-custom-ee" credential: "{{ awx_credential_docker_registry_id }}" pull: "always" uri: url: "{{ awx_base_url }}/api/v2/execution_environments/" method: POST user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" headers: Content-Type: "application/json" Accept: "application/json" body_format: "json" body: "{{ lookup('template','awx-add-ee-config.json.j2') }}" force_basic_auth: true validate_certs: false status_code: 200, 201 no_log: true tags: - awx_communication when: > (awx_ee_hetzner_ansible_id is not defined) and (awx_credential_docker_registry_id is defined) and (awx_credential_docker_registry_id | length > 0) - name: "Get 'Hetzner-Ansible' execution environment id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: execution_environments awx_search_key: name awx_search_name: "Hetzner-Ansible" awx_type_id: "" when: (awx_ee_hetzner_ansible_id is not defined) tags: - awx_communication - name: "Update awx_ee_hetzner_ansible_id" set_fact: awx_ee_hetzner_ansible_id: "{{ awx_type_id }}" awx_type_id: "" when: > (awx_ee_hetzner_ansible_id is not defined) and (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Get 'localhost' inventory id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: inventories awx_search_key: name awx_search_name: "localhost" awx_type_id: "" tags: - awx_communication - name: "Update awx_localhost_inventory_id" set_fact: awx_localhost_inventory_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Add a empty 'localhost' inventory to awx server" vars: name: "localhost" description: "localhost" uri: url: "{{ awx_base_url }}/api/v2/inventories/" method: POST user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" headers: Content-Type: "application/json" Accept: "application/json" body_format: "json" body: "{{ lookup('template','awx-add-inventory-config.json.j2') }}" force_basic_auth: true validate_certs: false status_code: 200, 201 no_log: true tags: - awx_communication when: (awx_localhost_inventory_id is not defined) - name: "Get 'localhost' inventory id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: inventories awx_search_key: name awx_search_name: "localhost" awx_type_id: "" when: (awx_localhost_inventory_id is not defined) tags: - awx_communication - name: "Update awx_localhost_inventory_id" set_fact: awx_localhost_inventory_id: "{{ awx_type_id }}" awx_type_id: "" when: > (awx_localhost_inventory_id is not defined) and (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Tar hetzner-ansible repository" shell: cd {{ playbook_dir }} && tar --exclude-vcs -zcvf /tmp/hetzner-ansible.tar.gz . delegate_to: localhost become: false tags: - awx_communication - name: "Remove old archive awx project folder" file: state: absent path: "{{ awx_project_path }}/hetzner-ansible" tags: - awx_communication - name: "Create Project Folder 'hetzner-ansible'" file: path: "{{ awx_project_path }}/hetzner-ansible" state: directory owner: root group: root mode: '0665' tags: - awx_communication - name: "Extract hetzner-ansible repository to the awx project folder" unarchive: src: /tmp/hetzner-ansible.tar.gz dest: "{{ awx_project_path }}/hetzner-ansible" tags: - awx_communication - name: "Cleanup created hetzner-ansible archive" file: state: absent path: /tmp/hetzner-ansible.tar.gz tags: - awx_communication - name: "Get 'Hetzner-Ansible' projects id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: projects awx_search_key: name awx_search_name: "Hetzner-Ansible" awx_type_id: "" tags: - awx_communication - name: "Update awx_hetzner_ansible_project_id" set_fact: awx_hetzner_ansible_project_id: "{{ awx_type_id }}" awx_type_id: "" when: (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Add 'Hetzner-Ansible' project to awx server" vars: name: "Hetzner-Ansible" description: "Hetzner-Ansible" local_path: "hetzner-ansible" default_environment_id: "{{ awx_ee_hetzner_ansible_id }}" uri: url: "{{ awx_base_url }}/api/v2/projects/" method: POST user: "{{ awx_rest_api_access_user }}" password: "{{ awx_rest_api_access_pw }}" headers: Content-Type: "application/json" Accept: "application/json" body_format: "json" body: "{{ lookup('template','awx-add-project-config.json.j2') }}" force_basic_auth: true validate_certs: false status_code: 200, 201 no_log: true tags: - awx_communication when: > (awx_hetzner_ansible_project_id is not defined) and (awx_ee_hetzner_ansible_id is defined) - name: "Get 'hetzner-ansible' projects id from awx server" include_tasks: awx-get-typ-id.yml vars: awx_rest_api_type: projects awx_search_key: name awx_search_name: "Hetzner-Ansible" awx_type_id: "" when: (awx_hetzner_ansible_project_id is not defined) tags: - awx_communication - name: "Update awx_hetzner_ansible_project_id" set_fact: awx_hetzner_ansible_project_id: "{{ awx_type_id }}" awx_type_id: "" when: > (awx_hetzner_ansible_project_id is not defined) and (awx_type_id is defined) and (awx_type_id | length > 0) no_log: true tags: - awx_communication - name: "Create job templates on awx server" include_tasks: awx-create-job-template.yml loop: - { name: "create-database", desc: "create-database", playbook_file: "create-database.yml", credentials: ["{{ awx_credential_hetzner_ansible_vault_id }}", "{{ awx_credential_hetzner_ansible_id }}"] } - { name: "create-realm", desc: "create-realm", playbook_file: "create-realm.yml", credentials: ["{{ awx_credential_hetzner_ansible_vault_id }}", "{{ awx_credential_hetzner_ansible_id }}"] } - { name: "create-server", desc: "create-server", playbook_file: "create-server.yml", credentials: ["{{ awx_credential_hetzner_ansible_vault_id }}", "{{ awx_credential_hetzner_ansible_id }}"] } - { name: "create-service", desc: "create-service", playbook_file: "create-service.yml", credentials: ["{{ awx_credential_hetzner_ansible_vault_id }}", "{{ awx_credential_hetzner_ansible_id }}"] } loop_control: loop_var: jobinfo tags: - awx_communication