feat: install docker; auto change port
This commit is contained in:
11
Taskfile.yml
11
Taskfile.yml
@@ -1,5 +1,12 @@
|
||||
version: 3
|
||||
|
||||
tasks:
|
||||
vault: ansible-vault edit vault.yml
|
||||
infra: ansible-playbook playbooks/infrastructure.yml
|
||||
vault: ansible-vault edit vault.yml {{.CLI_ARGS}}
|
||||
infra: ansible-playbook playbooks/provision.yml {{.CLI_ARGS}}
|
||||
setup: ansible-playbook playbooks/deploy.yml {{.CLI_ARGS}}
|
||||
|
||||
enter:
|
||||
cmd: ssh -i {{.KEY}} -p 2222 root@{{.IP}}
|
||||
vars:
|
||||
KEY: { sh: ansible-vault view vault.yml | yq -r ".deploy.private_ssh_key_path" }
|
||||
IP: { sh: cat dist/terraform_outputs.yml | jq -r ".server_ip.value" }
|
||||
@@ -2,6 +2,7 @@
|
||||
callbacks_enabled = profile_tasks
|
||||
localhost_warning = False
|
||||
vault_password_file = vault.key
|
||||
interpreter_python = /usr/bin/python3.11
|
||||
|
||||
[inventory]
|
||||
inventory_unparsed_warning = False
|
||||
@@ -9,4 +10,4 @@ inventory_unparsed_warning = False
|
||||
[ssh_connection]
|
||||
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o ForwardAgent=yes -o IdentityAgent=none
|
||||
pipelining = True
|
||||
retries = 256
|
||||
retries = 2
|
||||
91
playbooks/deploy.yml
Normal file
91
playbooks/deploy.yml
Normal file
@@ -0,0 +1,91 @@
|
||||
- name: Set up for fresh host.
|
||||
gather_facts: false
|
||||
hosts: localhost
|
||||
vars_files:
|
||||
- ../vault.yml
|
||||
- ../dist/terraform_outputs.yml
|
||||
tasks:
|
||||
- name: Add remote host.
|
||||
ansible.builtin.add_host:
|
||||
name: server_fresh
|
||||
ansible_ssh_host: "{{ server_ip.value }}"
|
||||
ansible_user: root
|
||||
ansible_port: 22
|
||||
ansible_private_key_file: "{{ deploy.private_ssh_key_path }}"
|
||||
|
||||
- name: Switch port to 2222.
|
||||
hosts: server_fresh
|
||||
ignore_unreachable: true
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Update SSH port.
|
||||
ansible.builtin.lineinfile:
|
||||
dest: "/etc/ssh/sshd_config"
|
||||
regexp: "^Port"
|
||||
line: "Port 2222"
|
||||
|
||||
- name: Restart service.
|
||||
ansible.builtin.service:
|
||||
name: ssh
|
||||
state: restarted
|
||||
|
||||
- name: Set up real host.
|
||||
gather_facts: false
|
||||
hosts: localhost
|
||||
vars_files:
|
||||
- ../vault.yml
|
||||
- ../dist/terraform_outputs.yml
|
||||
tasks:
|
||||
- name: Add remote host.
|
||||
ansible.builtin.add_host:
|
||||
name: server
|
||||
ansible_ssh_host: "{{ server_ip.value }}"
|
||||
ansible_user: root
|
||||
ansible_port: 2222
|
||||
ansible_private_key_file: "{{ deploy.private_ssh_key_path }}"
|
||||
|
||||
- name: Install Docker.
|
||||
gather_facts: true
|
||||
hosts: server
|
||||
vars_files:
|
||||
- ../vault.yml
|
||||
- ../dist/terraform_outputs.yml
|
||||
tasks:
|
||||
- name: Download Docker repository key.
|
||||
ansible.builtin.apt_key:
|
||||
url: https://download.docker.com/linux/debian/gpg
|
||||
state: present
|
||||
|
||||
- name: Download Docker repository.
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
|
||||
state: present
|
||||
|
||||
- name: Remove bad packages.
|
||||
ansible.builtin.apt:
|
||||
state: absent
|
||||
package:
|
||||
- docker.io
|
||||
- docker-doc
|
||||
- docker-compose
|
||||
- podman-docker
|
||||
- containerd
|
||||
- runc
|
||||
|
||||
- name: Download Docker dependencies.
|
||||
ansible.builtin.apt:
|
||||
state: present
|
||||
package:
|
||||
- ca-certificates
|
||||
- curl
|
||||
|
||||
- name: Download Docker packages.
|
||||
ansible.builtin.apt:
|
||||
state: present
|
||||
update_cache: true
|
||||
package:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
- docker-buildx-plugin
|
||||
- docker-compose-plugin
|
||||
@@ -26,7 +26,7 @@
|
||||
|
||||
- name: Create secret directory.
|
||||
ansible.builtin.file:
|
||||
path: ../secret
|
||||
path: ../dist
|
||||
recurse: true
|
||||
mode: "0755"
|
||||
state: directory
|
||||
@@ -34,5 +34,5 @@
|
||||
- name: Send outputs to file.
|
||||
ansible.builtin.copy:
|
||||
content: "{{ terraform_apply.outputs }}"
|
||||
dest: ../secret/terraform_outputs.yml
|
||||
dest: ../dist/terraform_outputs.yml
|
||||
mode: '0755'
|
||||
@@ -45,7 +45,7 @@ resource "hcloud_firewall" "server_firewall" {
|
||||
|
||||
# Poke holes for applications, and SSH.
|
||||
dynamic "rule" {
|
||||
for_each = ["80", "443", "22"]
|
||||
for_each = ["80", "443", "22", "2222"]
|
||||
|
||||
content {
|
||||
direction = "in"
|
||||
|
||||
55
vault.yml
55
vault.yml
@@ -1,27 +1,30 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
38323339316264326632393865326536613866323232396239306431386339326431316637343431
|
||||
6537323139653664383461393937656332666136373333370a373964396538643439376633316437
|
||||
32613563306661323830376135623466626636316433323866396230313566653933386162366131
|
||||
3562343139653337660a366136623834613564633964306662326336306334646264643365623864
|
||||
33303965326234373235386230353464393061356639303438636535626330333064353863623030
|
||||
33383539323136333939303939313734636137376637636638643334663962653061633930386262
|
||||
39333766613031343861376639303636363763663431363538633566616366653632633262336362
|
||||
32666463336665653135316266393231323264303163646336343962633537643534353632363637
|
||||
30643831303866376634383939623439633530653330353839663037313731306163633938303961
|
||||
66313735353831376366323635653063343262343337666537633766633037313765386237383134
|
||||
62343234356635653733633461613232333935396363666631653638363961376362643932643135
|
||||
65626463323265623863663766613865326664653863643032303464333939363739656238383732
|
||||
37343936666238333130323263666131363833616261633936623833353565353332666638316232
|
||||
66343064386265313830306163366533313035343261383037646666366532313565643762363432
|
||||
33646161376236363932326532393935363736643732373838633035653565376466663538393132
|
||||
33646436666463356330386337633636373961323031343065303638323439623034333031323135
|
||||
30663362393539396366656634353166636533303562376232643733303434376565323936316638
|
||||
36353338373664386331303532633063383166646332326562303830353264386335663363326262
|
||||
32666161633134626162636463663364316139623234383531343363316566633336633238323434
|
||||
62613634663465356238666238356164636231343938643064333466343135333032623435396230
|
||||
64323265633537333538343363656438333764623532366431643263396263303966326264373139
|
||||
38346138643866666233313162346431656131653137373562333234626263313332363366626130
|
||||
65316338363465323435373638353266366331663535643733353565303565353730346462633265
|
||||
33396637353939303335383634623732633565643964316233373962316530623232313663666266
|
||||
33353463633661633831323830303864363863306330313261356464383231373163383231393631
|
||||
3037376236613365393332666331613263333936616362616639
|
||||
34643530383765643831323664663862643337623238343461366330376462326636383935333036
|
||||
6537343334303666336163363965303035613437333235650a346434356437323964376262663834
|
||||
61373330643932363061393039373064306262373738303934393437333934653434626434373362
|
||||
6265383464376133650a333162373362323261353163646566653733626533613863323237633833
|
||||
36616463396535366436356662306333383134653233323334303639336439653732326534313161
|
||||
38353463643563363631346537653133353165376438336131323662376263356662366233343337
|
||||
61333961653339316332653630666633323635353135303633316635326430373630653464343765
|
||||
66613938663762326462353563323138356466653966383336633962613639633638363561353836
|
||||
32376161343131323262643831653965333338346263643463613238626231383364626431386636
|
||||
34636330663261303664656534353934656135306164353864623236396530323366363666623832
|
||||
36386666383434336265623262626566626464363163663332623562393330653137333062353665
|
||||
39623233626130613263653434613066393831383931666138373066323336663066646230623738
|
||||
30613139663838623632376137343935353739626239303034633766363239383333633035653365
|
||||
39316665633536323238393930646461623363613964393132353636633663376163323164363362
|
||||
62653861326434646537323365663534653462303239396333653132373337333262633934633439
|
||||
31316330373565313462613239626331383462613762303737386436646633363361373835643839
|
||||
38373863306534383831646162323839323433633139336636333037376633313939306438303635
|
||||
61356366613265333832326363626135663731316366633639343162383132373364396462623438
|
||||
39373630363439643762363464303233623631613030616135366332393163393835353064666362
|
||||
32663331323030356265366434356466613161323065366331343432656638646334316139656263
|
||||
62343331376335336434663636636436616338343837646566353131353661366165393565313062
|
||||
32326436396539623236316563306264396134613030623533343761623464323135396235303535
|
||||
38343662306636653039373962363030353666343837343865333965646538396432346264346236
|
||||
32616562336561633366656366396133346463613037366139656233313961393565373833643130
|
||||
63613434663330336431363732323132333166373762373831653362326466663862356534323331
|
||||
65653663323336613535383735303130336262343936356331363839643537623037633766626635
|
||||
62383837656532623734396438383334363466373439396435326163373531343963376131306461
|
||||
35323535356432633432393065346662336233393334396534346630393436303331666363653131
|
||||
65353932383566346366656161366136366564633036386262643333316533663962
|
||||
|
||||
Reference in New Issue
Block a user