diff --git a/inventories/chaosknoten/host_vars/netbox.yaml b/inventories/chaosknoten/host_vars/netbox.yaml index d8da335..4726885 100644 --- a/inventories/chaosknoten/host_vars/netbox.yaml +++ b/inventories/chaosknoten/host_vars/netbox.yaml @@ -1,10 +1,3 @@ -ansible_pull__repo_url: https://git.hamburg.ccc.de/CCCHH/ansible-infra.git -ansible_pull__inventory: inventories/chaosknoten -ansible_pull__playbook: playbooks/maintenance.yaml -ansible_pull__timer_on_calendar: "*-*-* 04:00:00 Europe/Berlin" -ansible_pull__timer_randomized_delay_sec: 30min -ansible_pull__checkout: ansible_pull - netbox__version: "v4.1.7" netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}" netbox__custom_pipeline_oidc_group_and_role_mapping: true diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index 0891fff..93ea984 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -180,6 +180,3 @@ alloy_hosts: hosts: grafana: ntfy: -ansible_pull_hosts: - hosts: - netbox: diff --git a/playbooks/deploy.yaml b/playbooks/deploy.yaml index c11a0e7..952aeec 100644 --- a/playbooks/deploy.yaml +++ b/playbooks/deploy.yaml @@ -78,10 +78,5 @@ ansible.builtin.include_role: name: grafana.grafana.alloy -- name: Ensure ansible_pull deployment on ansible_pull_hosts - hosts: ansible_pull_hosts - roles: - - ansible_pull - - name: Run ensure_eh22_styleguide_dir Playbook ansible.builtin.import_playbook: ensure_eh22_styleguide_dir.yaml diff --git a/roles/ansible_pull/README.md b/roles/ansible_pull/README.md index a7e3dc7..8e3cb45 100644 --- a/roles/ansible_pull/README.md +++ b/roles/ansible_pull/README.md @@ -9,15 +9,9 @@ Should work on Debian-based distributions. ## Required Arguments - `ansible_pull__age_private_key`: The age private key to use to decrypt SOPS secrets with. -- `ansible_pull__repo_url`: The URL of the repo to run the playbook from. -- `ansible_pull__inventory`: The inventory to use. -- `ansible_pull__playbook`: The playbook to run. -- `ansible_pull__timer_on_calendar`: When to run the playbook. This is the argument to a systemd timers OnCalendar. See the systemd.time man page for reference. ## Optional Arguments - `ansible_pull__user`: The user to run `ansible_pull` as. Defaults to `ansible_user`. -- `ansible_pull__checkout`: The branch/tag/commit to check out to run the playbook from. Defaults to `main`. -- `ansible_pull__timer_randomized_delay_sec`: The timer will be randomly delayed by a value between 0 and this. Useful to not have all timers fire at the same time, even if `ansible_pull__timer_on_calendar` is the same. Time value in seconds. Defaults to 0. ## Links & Resources diff --git a/roles/ansible_pull/defaults/main.yaml b/roles/ansible_pull/defaults/main.yaml index 3b9acb2..37d84ab 100644 --- a/roles/ansible_pull/defaults/main.yaml +++ b/roles/ansible_pull/defaults/main.yaml @@ -1,3 +1 @@ ansible_pull__user: "{{ ansible_user }}" -ansible_pull__checkout: "main" -ansible_pull__timer_randomized_delay_sec: "0" diff --git a/roles/ansible_pull/handlers/main.yaml b/roles/ansible_pull/handlers/main.yaml deleted file mode 100644 index ada2426..0000000 --- a/roles/ansible_pull/handlers/main.yaml +++ /dev/null @@ -1,4 +0,0 @@ -- name: systemd daemon reload - ansible.builtin.systemd_service: - daemon_reload: true - become: true diff --git a/roles/ansible_pull/meta/argument_specs.yaml b/roles/ansible_pull/meta/argument_specs.yaml index e5c88af..a57d10e 100644 --- a/roles/ansible_pull/meta/argument_specs.yaml +++ b/roles/ansible_pull/meta/argument_specs.yaml @@ -4,24 +4,6 @@ argument_specs: ansible_pull__age_private_key: type: str required: true - ansible_pull__repo_url: - type: str - required: true - ansible_pull__inventory: - type: str - required: true - ansible_pull__playbook: - type: str - required: true - ansible_pull__timer_on_calendar: - type: str - required: true ansible_pull__user: type: str required: false - ansible_pull__checkout: - type: str - required: false - ansible_pull__timer_randomized_delay_sec: - type: str - required: false diff --git a/roles/ansible_pull/tasks/main.yaml b/roles/ansible_pull/tasks/main.yaml index 53fc219..f0d26d7 100644 --- a/roles/ansible_pull/tasks/main.yaml +++ b/roles/ansible_pull/tasks/main.yaml @@ -32,32 +32,3 @@ owner: root group: "{{ ansible_pull__user }}" become: true - -- name: ensure systemd service exists - ansible.builtin.template: - src: ansible-pull.service.j2 - dest: /etc/systemd/system/ansible-pull.service - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer exists - ansible.builtin.template: - src: ansible-pull.timer.j2 - dest: /etc/systemd/system/ansible-pull.timer - owner: root - group: root - mode: "0644" - become: true - notify: - - systemd daemon reload - -- name: ensure systemd timer is started and enabled - ansible.builtin.systemd_service: - name: ansible-pull.timer - state: started - enabled: true - become: true diff --git a/roles/ansible_pull/templates/ansible-pull.service.j2 b/roles/ansible_pull/templates/ansible-pull.service.j2 deleted file mode 100644 index 8a17190..0000000 --- a/roles/ansible_pull/templates/ansible-pull.service.j2 +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=ansible-pull for configuration and maintenance -After=network-online.target -Wants=network-online.target - -[Service] -Type=oneshot -Environment="SOPS_AGE_KEY_FILE=/etc/ansible_pull_secrets/age_private_key" -ExecStart=/usr/local/lib/ansible_pull_venv/bin/ansible-pull \ - --directory /home/chaos/ansible_pull_checkout \ - --clean \ - --url "{{ ansible_pull__repo_url }}" \ - --checkout "{{ ansible_pull__checkout }}" \ - --inventory "{{ ansible_pull__inventory }}" \ - "{{ ansible_pull__playbook }}" -User={{ ansible_pull__user }} diff --git a/roles/ansible_pull/templates/ansible-pull.timer.j2 b/roles/ansible_pull/templates/ansible-pull.timer.j2 deleted file mode 100644 index 24bc8ba..0000000 --- a/roles/ansible_pull/templates/ansible-pull.timer.j2 +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=ansible-pull for configuration and maintenance on a timer - -[Timer] -OnCalendar={{ ansible_pull__timer_on_calendar }} -RandomizedDelaySec={{ ansible_pull__timer_randomized_delay_sec }} - -[Install] -WantedBy=timers.target