gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b1c65c8a84'
${ noResults }
hetzner-ansible/initialize-stage.yml

238 lines
6.5 KiB
YAML
Raw Blame History

---
### tags:
### update_database
### update_deployment (keycloak, iam, connect)
### update_realms
### update_harbor_realm
### update_argocd_realm
### update_gitea_realm
### update_awx_realm
### update_connect_realm
### update_harbor
### update_connections (connect)
### update_configurations (connect)
#############################################################
# Setup stage default databases (postgres)
#############################################################
- name: 'apply setup to {{ host | default("postgres") }}'
hosts: '{{ host | default("postgres") }}'
serial: "{{ serial_number | default(5) }}"
become: true
vars:
ansible_ssh_host: "{{ stage_server_domain }}"
pre_tasks:
- name: "Import constraints check"
import_tasks: tasks/constraints_check.yml
tags:
- always
tasks:
- name: "Updating databases on {{ inventory_hostname }}"
include_role:
name: postgres
tasks_from: _update_database_state
apply:
tags:
- update_database
tags:
- update_database
vars:
postgres_acls: "{{ stage_postgres_acls }}"
#############################################################
# Setup stage keycloak with stage default realms
#############################################################
- name: 'apply setup to {{ host | default("keycloak") }}'
hosts: '{{ host | default("keycloak") }}'
serial: "{{ serial_number | default(5) }}"
vars:
ansible_ssh_host: "{{ stage_server_domain }}"
pre_tasks:
- name: "Import autodiscover pre-tasks"
import_tasks: tasks/autodiscover_pre_tasks.yml
become: false
tags:
- always
tasks:
- name: "Install server based keycloak"
include_role:
name: keycloak
vars:
keycloak_postgres_database: "{{ stage_database_management_keycloak_name }}"
keycloak_postgres_username: "{{ stage_database_management_keycloak_name }}"
keycloak_postgres_password: "{{ stage_database_management_keycloak_password }}"
shared_service_hostname_harbor: "{{ shared_service_kube_hostname_harbor }}/prodnso"
tags:
- update_deployment
- name: "Setup stage harbor realm"
include_role:
name: harbor_realm
apply:
tags:
- update_realms
- update_harbor_realm
tags:
- update_realms
- update_harbor_realm
vars:
current_realm_password_policy: ""
- name: "Setup stage argocd realm"
include_role:
name: argocd_realm
apply:
tags:
- update_realms
- update_argocd_realm
tags:
- update_realms
- update_argocd_realm
vars:
current_realm_password_policy: ""
- name: "Setup stage gitea realm"
include_role:
name: gitea_realm
apply:
tags:
- update_realms
- update_gitea_realm
tags:
- update_realms
- update_gitea_realm
vars:
current_realm_password_policy: ""
- name: "Setup stage awx realm"
include_role:
name: awx_realm
apply:
tags:
- update_realms
- update_awx_realm
tags:
- update_realms
- update_awx_realm
vars:
current_realm_password_policy: ""
- name: "Setup stage connect realm"
include_role:
name: connect_realm
apply:
tags:
- update_realms
- update_connect_realm
tags:
- update_realms
- update_connect_realm
vars:
current_realm_password_policy: ""
current_realm_name: "{{ management_oidc_realm }}" # TODO migrate from realm infrastructure
current_realm_users_base:
- username: "{{ management_admin_username }}"
password: "{{ management_admin_password }}"
email: "{{ connect_admin_email }}"
firstName: "Netgo"
lastName: "Administrator"
requiredActions: []
connect_client_id: "{{ management_oidc_client_id }}"
client_web_origin_connect: "{{ shared_service_url_management }}"
connect_oidc_client_secret: "{{ management_oidc_client_secret }}"
#############################################################
# Setup stage harbor configuration
#############################################################
- name: 'apply setup to {{ host | default("virtual") }}'
hosts: '{{ host | default("virtual") }}'
serial: "{{ serial_number | default(5) }}"
connection: local
gather_facts: no
become: no
pre_tasks:
- name: "Import autodiscover pre-tasks"
import_tasks: tasks/autodiscover_pre_tasks.yml
become: false
tags:
- always
tasks:
- name: "Setup stage harbor configuration"
include_role:
name: harbor_config
apply:
tags:
- update_harbor
tags:
- update_harbor
#############################################################
# Setup stage iam
#############################################################
- name: 'apply setup to {{ host | default("iam") }}'
hosts: '{{ host | default("iam") }}'
serial: "{{ serial_number | default(5) }}"
become: true
vars:
ansible_ssh_host: "{{ stage_server_domain }}"
pre_tasks:
- name: "Import autodiscover pre-tasks"
import_tasks: tasks/autodiscover_pre_tasks.yml
become: false
tags:
- always
tasks:
- name: "Install server based iam"
include_role:
name: iam
tags:
- update_deployment
#############################################################
#
#############################################################
- name: 'apply setup to {{ host | default("management") }}'
hosts: '{{ host | default("management") }}'
serial: "{{ serial_number | default(5) }}"
become: true
vars:
ansible_ssh_host: "{{ stage_server_domain }}"
current_realm_name: "{{ management_oidc_realm }}"
connect_postgres_database: "{{ stage_database_management_connect_name }}"
connect_oidc_client_secret: "{{ management_oidc_client_secret }}"
pre_tasks:
- name: "Import autodiscover pre-tasks"
import_tasks: tasks/autodiscover_pre_tasks.yml
become: false
tags:
- always
tasks:
- name: "Install server based connect"
include_role:
name: management
tags:
- update_deployment
- name: "Setup stage connect configuration"
include_role:
name: management
tags:
- update_connections
- update_configurations
Reference in New Issue View Git Blame Copy Permalink