ansible_pull(role): introduce ansible_pull role

Introduce ansible_pull role for setting up automatic ansible_pull runs. Also add accompanying host group and playbook play.
2025-10-13 16:32:30 +02:00 · 2025-10-13 16:32:30 +02:00 · 434ddfc955
commit 434ddfc955
parent 8cb6ab3d04
10 changed files with 152 additions and 0 deletions
--- a/roles/ansible_pull/README.md
+++ b/roles/ansible_pull/README.md
@ -0,0 +1,21 @@
+# `ansible_pull` role
+
+A role for setting up automatic `ansible_pull` runs.  
+
+## Supported Distributions
+
+Should work on Debian-based distributions.
+
+## Required Arguments
+
+- `ansible_pull__age_private_key`: The age private key to use to decrypt SOPS secrets with.
+- `ansible_pull__repo_url`: The URL of the repo to run the playbook from.
+- `ansible_pull__inventory`: The inventory to use.
+- `ansible_pull__playbook`: The playbook to run.
+- `ansible_pull__timer_on_calendar`: When to run the playbook. This is the argument to a systemd timers OnCalendar. See the systemd.time man page for reference.
+
+## Optional Arguments
+
+- `ansible_pull__user`: The user to run `ansible_pull` as. Defaults to `ansible_user`.
+- `ansible_pull__checkout`: The branch/tag/commit to check out to run the playbook from. Defaults to `main`.
+- `ansible_pull__timer_randomized_delay_sec`: The timer will be randomly delayed by a value between 0 and this. Useful to not have all timers fire at the same time, even if `ansible_pull__timer_on_calendar` is the same. Time value in seconds. Defaults to 0.