feat: install docker; auto change port

2025-09-08 23:17:43 -04:00
parent fd30ee265f
commit 65893c30f3
6 changed files with 134 additions and 32 deletions
--- a/playbooks/deploy.yml
+++ b/playbooks/deploy.yml
@@ -0,0 +1,91 @@
+- name: Set up for fresh host.
+  gather_facts: false
+  hosts: localhost
+  vars_files:
+    - ../vault.yml
+    - ../dist/terraform_outputs.yml
+  tasks:
+    - name: Add remote host.
+      ansible.builtin.add_host:
+        name: server_fresh
+        ansible_ssh_host: "{{ server_ip.value }}"
+        ansible_user: root
+        ansible_port: 22
+        ansible_private_key_file: "{{ deploy.private_ssh_key_path }}"
+
+- name: Switch port to 2222.
+  hosts: server_fresh
+  ignore_unreachable: true
+  gather_facts: false
+  tasks:
+    - name: Update SSH port.
+      ansible.builtin.lineinfile:
+        dest: "/etc/ssh/sshd_config"
+        regexp: "^Port"
+        line: "Port 2222"
+
+    - name: Restart service.
+      ansible.builtin.service:
+        name: ssh
+        state: restarted
+
+- name: Set up real host.
+  gather_facts: false
+  hosts: localhost
+  vars_files:
+    - ../vault.yml
+    - ../dist/terraform_outputs.yml
+  tasks:
+    - name: Add remote host.
+      ansible.builtin.add_host:
+        name: server
+        ansible_ssh_host: "{{ server_ip.value }}"
+        ansible_user: root
+        ansible_port: 2222
+        ansible_private_key_file: "{{ deploy.private_ssh_key_path }}"
+
+- name: Install Docker.
+  gather_facts: true
+  hosts: server
+  vars_files:
+    - ../vault.yml
+    - ../dist/terraform_outputs.yml
+  tasks:
+    - name: Download Docker repository key.
+      ansible.builtin.apt_key:
+        url: https://download.docker.com/linux/debian/gpg
+        state: present
+
+    - name: Download Docker repository.
+      ansible.builtin.apt_repository:
+        repo: "deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
+        state: present
+
+    - name: Remove bad packages.
+      ansible.builtin.apt:
+        state: absent
+        package:
+          - docker.io
+          - docker-doc
+          - docker-compose
+          - podman-docker
+          - containerd
+          - runc
+
+    - name: Download Docker dependencies.
+      ansible.builtin.apt:
+        state: present
+        package:
+          - ca-certificates
+          - curl
+
+    - name: Download Docker packages.
+      ansible.builtin.apt:
+        state: present
+        update_cache: true
+        package:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-buildx-plugin
+          - docker-compose-plugin
--- a/playbooks/infrastructure.yml
+++ b/playbooks/infrastructure.yml
@@ -26,7 +26,7 @@

    - name: Create secret directory.
      ansible.builtin.file:
-        path: ../secret
+        path: ../dist
        recurse: true
        mode: "0755"
        state: directory
@@ -34,5 +34,5 @@
    - name: Send outputs to file.
      ansible.builtin.copy:
        content: "{{ terraform_apply.outputs }}"
-        dest: ../secret/terraform_outputs.yml
+        dest: ../dist/terraform_outputs.yml
        mode: '0755'