gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f8b5e47b0e'
${ noResults }
hetzner-ansible/setup.yml

166 lines
5.5 KiB
YAML
Raw Blame History

---
- name: 'apply setup to {{ host | default("all") }}'
hosts: '{{ host | default("all") }}'
serial: "{{ serial_number | default(10) }}"
strategy: free
vars:
ansible_ssh_host: "{{ stage_server_domain }}"
hetzner_ansible_common_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-common\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
hetzner_ansible_node_exporter_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-node-exporter\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
hetzner_ansible_filebeat_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-filebeat\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
hetzner_ansible_metricbeat_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-metricbeat\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
hetzner_ansible_traefik_current_version: "{{ lookup('file', 'galaxy-requirements.yml') | regex_search('- name:\\s+hetzner-ansible-traefik\\s+src:\\s+.*?\\s+scm:\\s+git\\s+version:\\s+(.*)', '\\1') }}"
remote_user: root
become: yes
pre_tasks:
- name: "Check if ansible version is at least {{ ansible_minimal_version }}"
assert:
that:
- ansible_version.string is version(ansible_minimal_version, ">=")
msg: "The ansible version has to be at least {{ ansible_minimal_version }}"
tags:
- always
- name: "get hetzner-ansible-common version"
include_role:
name: hetzner-ansible-common
tasks_from: _get_version.yml
tags:
- always
- name: "Check if hetzner-ansible-common version matches"
assert:
that:
- "'{{ hetzner_ansible_common_version }}' in {{ hetzner_ansible_common_current_version }}"
msg: "The current hetzner-ansible-common version has to be {{ hetzner_ansible_common_current_version }}"
tags:
- always
- name: "get hetzner-ansible-node-exporter version"
include_role:
name: hetzner-ansible-node-exporter
tasks_from: _get_version.yml
tags:
- always
- name: "Check if hetzner-ansible-node-exporter version matches"
assert:
that:
- "'{{ hetzner_ansible_node_exporter_version }}' in {{ hetzner_ansible_node_exporter_current_version }}"
msg: "The current hetzner-ansible-node_exporter version has to be {{ hetzner_ansible_node_exporter_current_version }}"
tags:
- always
- name: "get hetzner-ansible-filebeat version"
include_role:
name: hetzner-ansible-filebeat
tasks_from: _get_version.yml
tags:
- always
- name: "Check if hetzner-ansible-filebeat version matches"
assert:
that:
- "'{{ hetzner_ansible_filebeat_version }}' in {{ hetzner_ansible_filebeat_current_version }}"
msg: "The current hetzner-ansible-filebeat version has to be {{ hetzner_ansible_filebeat_current_version }}"
tags:
- always
- name: "get hetzner-ansible-metricbeat version"
include_role:
name: hetzner-ansible-metricbeat
tasks_from: _get_version.yml
tags:
- always
- name: "Check if hetzner-ansible-metricbeat version matches"
assert:
that:
- "'{{ hetzner_ansible_metricbeat_version }}' in {{ hetzner_ansible_metricbeat_current_version }}"
msg: "The current hetzner-ansible-metricbeat version has to be {{ hetzner_ansible_metricbeat_current_version }}"
tags:
- always
- name: "get hetzner-ansible-traefik version"
include_role:
name: hetzner-ansible-traefik
tasks_from: _get_version.yml
tags:
- always
- name: "Check if hetzner-ansible-traefik version matches"
assert:
that:
- "'{{ hetzner_ansible_traefik_version }}' in {{ hetzner_ansible_traefik_current_version }}"
msg: "The current hetzner-ansible-traefik version has to be {{ hetzner_ansible_traefik_current_version }}"
tags:
- always
- name: Remove outdated dependencies
apt:
name: [
'docker',
'docker-client',
'docker-client-latest',
'docker-common',
'docker-latest',
'docker-latest-logrotate',
'docker-logrotate',
'docker-engine',
'smartmontools',
]
state: 'absent'
when: ansible_distribution == "Ubuntu"
tags:
- common
- install
- name: "Import autodiscover pre-tasks"
import_tasks: tasks/autodiscover_pre_tasks.yml
become: false
tags:
- always
roles:
- role: ansible-role-docker
when:
- docker_enabled
- role: hetzner-ansible-common
tags:
- common
- role: devsec.hardening.ssh_hardening
tags:
- ssh_hardening
- role: hetzner-ansible-node-exporter
when:
- node_exporter_enabled
tags:
- node-exporter
- role: hetzner-ansible-filebeat
when:
- docker_enabled
- filebeat_enabled
tags:
- filebeat
- role: hetzner-ansible-metricbeat
when:
- docker_enabled
- metricbeat_enabled
tags:
- metricbeat
- role: hetzner-ansible-traefik
when:
- docker_enabled
- traefik_enabled
tags:
- traefik
Reference in New Issue View Git Blame Copy Permalink