git/playbooks/deploy.yml

- name: Set up for fresh host.
  gather_facts: false
  hosts: localhost
  vars_files:
    - ../vault.yml
    - ../dist/terraform_outputs.yml
  tasks:
    - name: Add remote host.
      ansible.builtin.add_host:
        name: server_fresh
        ansible_ssh_host: "{{ server_ip.value }}"
        ansible_user: root
        ansible_port: 22
        ansible_private_key_file: "{{ deploy.private_ssh_key_path }}"

- name: Switch port to 2222.
  hosts: server_fresh
  ignore_unreachable: true
  gather_facts: false
  tasks:
    - name: Update SSH port.
      ansible.builtin.lineinfile:
        dest: "/etc/ssh/sshd_config"
        regexp: "^Port"
        line: "Port 2222"

    - name: Restart service.
      ansible.builtin.service:
        name: ssh
        state: restarted

- name: Set up real host.
  gather_facts: false
  hosts: localhost
  vars_files:
    - ../vault.yml
    - ../dist/terraform_outputs.yml
  tasks:
    - name: Add remote host.
      ansible.builtin.add_host:
        name: server
        ansible_ssh_host: "{{ server_ip.value }}"
        ansible_user: root
        ansible_port: 2222
        ansible_private_key_file: "{{ deploy.private_ssh_key_path }}"

- name: Install Docker.
  gather_facts: true
  hosts: server
  vars_files:
    - ../vault.yml
    - ../dist/terraform_outputs.yml
  tasks:
    - name: Download Docker repository key.
      ansible.builtin.apt_key:
        url: https://download.docker.com/linux/debian/gpg
        state: present

    - name: Download Docker repository.
      ansible.builtin.apt_repository:
        repo: "deb https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable"
        state: present

    - name: Remove bad packages.
      ansible.builtin.apt:
        state: absent
        package:
          - docker.io
          - docker-doc
          - docker-compose
          - podman-docker
          - containerd
          - runc

    - name: Download Docker dependencies.
      ansible.builtin.apt:
        state: present
        package:
          - ca-certificates
          - curl

    - name: Download Docker packages.
      ansible.builtin.apt:
        state: present
        update_cache: true
        package:
          - docker-ce
          - docker-ce-cli
          - containerd.io
          - docker-buildx-plugin
          - docker-compose-plugin