You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
634 lines
17 KiB
YAML
634 lines
17 KiB
YAML
---
|
|
|
|
- name: "Remove all <job_templates>"
|
|
include_tasks: awx-config-cleanup.yml
|
|
vars:
|
|
awx_rest_api_type: job_templates
|
|
when: (awx_hetzner_ansible_project_id is not defined)
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Printing..."
|
|
debug:
|
|
msg: "{{ ansible_ssh_key_private }}"
|
|
delegate_to: 127.0.0.1
|
|
when:
|
|
- debug
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Authenticating with awx server"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/me/"
|
|
method: GET
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
return_content: true
|
|
validate_certs: false
|
|
force_basic_auth: yes
|
|
status_code: 200
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search user <{{ awx_ansible_username }}>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: users
|
|
awx_search_key: username
|
|
awx_search_name: "{{ awx_ansible_username }}"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update ansible_awx_user_id"
|
|
set_fact:
|
|
ansible_awx_user_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Add user <{{ awx_ansible_username }}>"
|
|
vars:
|
|
username: "{{ awx_ansible_username }}"
|
|
password: "{{ awx_ansible_password }}"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/users/"
|
|
method: POST
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
headers:
|
|
Content-Type: "application/json"
|
|
Accept: "application/json"
|
|
body_format: "json"
|
|
body: "{{ lookup('template','awx-create-user.json.j2') }}"
|
|
force_basic_auth: true
|
|
validate_certs: false
|
|
status_code: 201
|
|
register: response
|
|
changed_when: response.status == 201
|
|
when: ansible_awx_user_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search user <{{ awx_ansible_username }}>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: users
|
|
awx_search_key: username
|
|
awx_search_name: "{{ awx_ansible_username }}"
|
|
when: ansible_awx_user_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update ansible_awx_user_id"
|
|
set_fact:
|
|
ansible_awx_user_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Remove all <credentials>"
|
|
include_tasks: awx-config-cleanup.yml
|
|
vars:
|
|
awx_rest_api_type: credentials
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search credential type id for <Machine>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credential_types
|
|
awx_search_key: name
|
|
awx_search_name: "Machine"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_type_machine_id"
|
|
set_fact:
|
|
awx_credential_type_machine_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search <Machine> credentials <hetzner-ansible-ssh>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credentials
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible-ssh"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_hetzner_ansible_id"
|
|
set_fact:
|
|
awx_credential_hetzner_ansible_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Add <Machine> credentials <hetzner-ansible-ssh>"
|
|
vars:
|
|
name: "hetzner-ansible-ssh"
|
|
user_id: "{{ ansible_awx_user_id }}"
|
|
credential_type_id: "{{ awx_credential_type_machine_id }}"
|
|
credential_type_name: "Machine"
|
|
username: "Ansible"
|
|
ssh_public_key_data: "{{ lookup('file', '{{ playbook_dir }}/users/ansible/id_rsa.pub') }}"
|
|
ssh_key_data: "{{ ansible_ssh_key_private | replace('\n','\\n') }}"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/credentials/"
|
|
method: POST
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
headers:
|
|
Content-Type: "application/json"
|
|
Accept: "application/json"
|
|
body_format: "json"
|
|
body: "{{ lookup('template','awx-create-credential.json.j2') }}"
|
|
force_basic_auth: true
|
|
validate_certs: false
|
|
status_code: 201
|
|
register: response
|
|
changed_when: response.status == 201
|
|
when: awx_credential_hetzner_ansible_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search <Machine> credentials <hetzner-ansible-ssh>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credentials
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible-ssh"
|
|
when: awx_credential_hetzner_ansible_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_hetzner_ansible_id"
|
|
set_fact:
|
|
awx_credential_hetzner_ansible_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search credential type id for <Vault>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credential_types
|
|
awx_search_key: name
|
|
awx_search_name: "Vault"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_type_vault_id"
|
|
set_fact:
|
|
awx_credential_type_vault_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search <Vault> credentials <hetzner-ansible-vault>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credentials
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible-vault"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_hetzner_ansible_vault_id"
|
|
set_fact:
|
|
awx_credential_hetzner_ansible_vault_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Add <Vault> credentials <hetzner-ansible-vault>"
|
|
vars:
|
|
name: "hetzner-ansible-vault"
|
|
user_id: "{{ ansible_awx_user_id }}"
|
|
credential_type_id: "{{ awx_credential_type_vault_id }}"
|
|
credential_type_name: "Vault"
|
|
vault_password: "{{ ansible_vault_password }}"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/credentials/"
|
|
method: POST
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
headers:
|
|
Content-Type: "application/json"
|
|
Accept: "application/json"
|
|
body_format: "json"
|
|
body: "{{ lookup('template','awx-create-credential.json.j2') }}"
|
|
force_basic_auth: true
|
|
validate_certs: false
|
|
status_code: 201
|
|
register: response
|
|
changed_when: response.status == 201
|
|
when: awx_credential_hetzner_ansible_vault_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search <Vault> credentials <hetzner-ansible-vault>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credentials
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible-vault"
|
|
when: awx_credential_hetzner_ansible_vault_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_hetzner_ansible_vault_id"
|
|
set_fact:
|
|
awx_credential_hetzner_ansible_vault_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search credential type id for <Container Registry>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credential_types
|
|
awx_search_key: name
|
|
awx_search_name: "Container Registry"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_type_container_registry_id"
|
|
set_fact:
|
|
awx_credential_type_container_registry_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search <Container Registry> credentials <dev-docker-registry-01.smardigo.digital>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credentials
|
|
awx_search_key: name
|
|
awx_search_name: "dev-docker-registry-01.smardigo.digital"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_docker_registry_id"
|
|
set_fact:
|
|
awx_credential_docker_registry_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Add <Container Registry> credentials <dev-docker-registry-01.smardigo.digital>"
|
|
vars:
|
|
name: "{{ shared_service_docker_registry_hostname }}"
|
|
description: "{{ shared_service_docker_registry_hostname }}"
|
|
user_id: "{{ ansible_awx_user_id }}"
|
|
credential_type_id: "{{ awx_credential_type_container_registry_id }}"
|
|
credential_type_name: "Container Registry"
|
|
host: "{{ shared_service_docker_registry_hostname }}"
|
|
username: "{{ docker_registry_username }}"
|
|
password: "{{ docker_registry_token }}"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/credentials/"
|
|
method: POST
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
headers:
|
|
Content-Type: "application/json"
|
|
Accept: "application/json"
|
|
body_format: "json"
|
|
body: "{{ lookup('template','awx-create-credential.json.j2') }}"
|
|
force_basic_auth: true
|
|
validate_certs: false
|
|
status_code: 201
|
|
register: response
|
|
changed_when: response.status == 201
|
|
when: awx_credential_docker_registry_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search <Container Registry> credentials <dev-docker-registry-01.smardigo.digital>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: credentials
|
|
awx_search_key: name
|
|
awx_search_name: "dev-docker-registry-01.smardigo.digital"
|
|
when: awx_credential_docker_registry_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_credential_docker_registry_id"
|
|
set_fact:
|
|
awx_credential_docker_registry_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Remove all <execution_environments>"
|
|
include_tasks: awx-config-cleanup.yml
|
|
vars:
|
|
awx_rest_api_type: execution_environments
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search execution environment for <hetzner-ansible>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: execution_environments
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_ee_hetzner_ansible_id"
|
|
set_fact:
|
|
awx_ee_hetzner_ansible_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Add execution environment <hetzner-ansible>"
|
|
vars:
|
|
name: "hetzner-ansible"
|
|
description: "hetzner-ansible"
|
|
image: "dev-docker-registry-01.smardigo.digital/awx/awx-custom-ee"
|
|
credential: "{{ awx_credential_docker_registry_id }}"
|
|
pull: "always"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/execution_environments/"
|
|
method: POST
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
headers:
|
|
Content-Type: "application/json"
|
|
Accept: "application/json"
|
|
body_format: "json"
|
|
body: "{{ lookup('template','awx-create-execution-environment.json.j2') }}"
|
|
force_basic_auth: true
|
|
validate_certs: false
|
|
status_code: 201
|
|
register: response
|
|
changed_when: response.status == 201
|
|
when: awx_ee_hetzner_ansible_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search execution environment for <hetzner-ansible>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: execution_environments
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible"
|
|
when: awx_ee_hetzner_ansible_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_ee_hetzner_ansible_id"
|
|
set_fact:
|
|
awx_ee_hetzner_ansible_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Remove all <inventories>"
|
|
include_tasks: awx-config-cleanup.yml
|
|
vars:
|
|
awx_rest_api_type: inventories
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search inventory <localhost>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: inventories
|
|
awx_search_key: name
|
|
awx_search_name: "localhost"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_localhost_inventory_id"
|
|
set_fact:
|
|
awx_localhost_inventory_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Add inventory <localhost>"
|
|
vars:
|
|
name: "localhost"
|
|
description: "localhost"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/inventories/"
|
|
method: POST
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
headers:
|
|
Content-Type: "application/json"
|
|
Accept: "application/json"
|
|
body_format: "json"
|
|
body: "{{ lookup('template','awx-create-inventory.json.j2') }}"
|
|
force_basic_auth: true
|
|
validate_certs: false
|
|
status_code: 201
|
|
register: response
|
|
changed_when: response.status == 201
|
|
when: awx_localhost_inventory_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search inventory <localhost>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: inventories
|
|
awx_search_key: name
|
|
awx_search_name: "localhost"
|
|
when: awx_localhost_inventory_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_localhost_inventory_id"
|
|
set_fact:
|
|
awx_localhost_inventory_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Create archive for repository <hetzner-ansible>"
|
|
shell: cd {{ playbook_dir }} && git archive --format tar.gz -o /tmp/hetzner-ansible.tar.gz HEAD
|
|
delegate_to: 127.0.0.1
|
|
become: false
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Remove old rpository folder for <hetzner-ansible>"
|
|
file:
|
|
state: absent
|
|
path: "{{ awx_project_path }}/hetzner-ansible"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Create project folder for <hetzner-ansible>"
|
|
file:
|
|
path: "{{ awx_project_path }}/hetzner-ansible"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0555'
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Extract repository archive for <hetzner-ansible>"
|
|
unarchive:
|
|
src: /tmp/hetzner-ansible.tar.gz
|
|
dest: "{{ awx_project_path }}/hetzner-ansible"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Remove repository archive for <hetzner-ansible>"
|
|
file:
|
|
state: absent
|
|
path: /tmp/hetzner-ansible.tar.gz
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Remove all <projects>"
|
|
include_tasks: awx-config-cleanup.yml
|
|
vars:
|
|
awx_rest_api_type: projects
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search project <hetzner-ansible>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: projects
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_hetzner_ansible_project_id"
|
|
set_fact:
|
|
awx_hetzner_ansible_project_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Add project <hetzner-ansible>"
|
|
vars:
|
|
name: "hetzner-ansible"
|
|
description: "hetzner-ansible"
|
|
local_path: "hetzner-ansible"
|
|
default_environment_id: "{{ awx_ee_hetzner_ansible_id }}"
|
|
uri:
|
|
url: "{{ awx_base_url }}/api/v2/projects/"
|
|
method: POST
|
|
user: "{{ awx_rest_api_access_user }}"
|
|
password: "{{ awx_rest_api_access_pw }}"
|
|
headers:
|
|
Content-Type: "application/json"
|
|
Accept: "application/json"
|
|
body_format: "json"
|
|
body: "{{ lookup('template','awx-create-project.json.j2') }}"
|
|
force_basic_auth: true
|
|
validate_certs: false
|
|
status_code: 201
|
|
register: response
|
|
changed_when: response.status == 201
|
|
when: awx_hetzner_ansible_project_id is not defined
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Search project <hetzner-ansible>"
|
|
include_tasks: awx-config-get-typ-id.yml
|
|
vars:
|
|
awx_rest_api_type: projects
|
|
awx_search_key: name
|
|
awx_search_name: "hetzner-ansible"
|
|
when: (awx_hetzner_ansible_project_id is not defined)
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Update awx_hetzner_ansible_project_id"
|
|
set_fact:
|
|
awx_hetzner_ansible_project_id: "{{ awx_type_id }}"
|
|
when:
|
|
- awx_type_id != "None"
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Remove all <job_templates>"
|
|
include_tasks: awx-config-cleanup.yml
|
|
vars:
|
|
awx_rest_api_type: job_templates
|
|
tags:
|
|
- awx_config
|
|
|
|
- name: "Create job templates"
|
|
include_tasks: awx-config-job-template.yml
|
|
loop:
|
|
- {
|
|
name: "create-database",
|
|
#description: "create-database",
|
|
#playbook_file: "create-database.yml",
|
|
credentials: [
|
|
"{{ awx_credential_hetzner_ansible_vault_id }}",
|
|
"{{ awx_credential_hetzner_ansible_id }}",
|
|
]
|
|
}
|
|
- {
|
|
name: "create-realm",
|
|
#description: "create-realm",
|
|
#playbook_file: "create-realm.yml",
|
|
credentials: [
|
|
"{{ awx_credential_hetzner_ansible_vault_id }}",
|
|
"{{ awx_credential_hetzner_ansible_id }}",
|
|
]
|
|
}
|
|
- {
|
|
name: "create-server",
|
|
#description: "create-server",
|
|
#playbook_file: "create-server.yml",
|
|
credentials: [
|
|
"{{ awx_credential_hetzner_ansible_vault_id }}",
|
|
"{{ awx_credential_hetzner_ansible_id }}",
|
|
]
|
|
}
|
|
- {
|
|
name: "create-service",
|
|
#description: "create-service",
|
|
#playbook_file: "create-service.yml",
|
|
credentials: [
|
|
"{{ awx_credential_hetzner_ansible_vault_id }}",
|
|
"{{ awx_credential_hetzner_ansible_id }}",
|
|
]
|
|
}
|
|
- {
|
|
name: "import-database",
|
|
#description: "import-database",
|
|
#playbook_file: "import-database.yml",
|
|
credentials: [
|
|
"{{ awx_credential_hetzner_ansible_vault_id }}",
|
|
"{{ awx_credential_hetzner_ansible_id }}",
|
|
]
|
|
}
|
|
loop_control:
|
|
loop_var: job
|
|
tags:
|
|
- awx_config
|