CCCHH/ansible-infra
CCCHH/ansible-infra
2
2
Fork 1
Code Issues 6 Pull requests 10 Wiki Activity Actions

Add role name as tag to all basic roles #85

Open
lilly wants to merge 6 commits from add-basic-tags into main
pull from: add-basic-tags
merge into: CCCHH:main
Conversation 0 Commits 6 Files changed 13 +11
1 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 9ec04e162f - Show all commits

add role tag to ansible_pull role

Prev Next
lilly 2026-04-30 23:03:36 +02:00
commit 9ec04e162f
Signed by: lilly
SSH key fingerprint: SHA256:y9T5GFw2A20WVklhetIxG1+kcg/Ce0shnQmbu1LQ37g

11
roles/ansible_pull/tasks/main.yaml
View file

@ -1,6 +1,9 @@
---
- name: ensure dependencies are installed - name: ensure dependencies are installed
tags: [ "ansible_pull" ]
block: block:
- name: ensure apt dependencies are installed - name: ensure apt dependencies are installed
tags: [ "ansible_pull" ]
ansible.builtin.apt: ansible.builtin.apt:
name: name:
- python3-pip - python3-pip
@ -10,12 +13,14 @@
become: true become: true
- name: ensure SOPS is installed - name: ensure SOPS is installed
tags: [ "ansible_pull" ]
ansible.builtin.include_role: ansible.builtin.include_role:
name: community.sops.install name: community.sops.install
# https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-and-upgrading-ansible-with-pip # https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-and-upgrading-ansible-with-pip
# https://www.redhat.com/en/blog/python-venv-ansible # https://www.redhat.com/en/blog/python-venv-ansible
- name: ensure Ansible installation exists - name: ensure Ansible installation exists
tags: [ "ansible_pull" ]
ansible.builtin.pip: ansible.builtin.pip:
name: name:
- ansible - ansible
@ -25,6 +30,7 @@
become: true become: true
- name: ensure ansible-pull-failure-notify script installation exists - name: ensure ansible-pull-failure-notify script installation exists
tags: [ "ansible_pull" ]
ansible.builtin.template: ansible.builtin.template:
src: ansible-pull-failure-notify.sh.j2 src: ansible-pull-failure-notify.sh.j2
dest: /usr/local/sbin/ansible-pull-failure-notify.sh dest: /usr/local/sbin/ansible-pull-failure-notify.sh
@ -34,6 +40,7 @@
become: true become: true
- name: ensure secrets directory exists - name: ensure secrets directory exists
tags: [ "ansible_pull" ]
ansible.builtin.file: ansible.builtin.file:
path: /etc/ansible_pull_secrets path: /etc/ansible_pull_secrets
state: directory state: directory
@ -43,6 +50,7 @@
become: true become: true
- name: ensure age private key is deployed - name: ensure age private key is deployed
tags: [ "ansible_pull" ]
ansible.builtin.copy: ansible.builtin.copy:
content: "{{ ansible_pull__age_private_key }}" content: "{{ ansible_pull__age_private_key }}"
dest: /etc/ansible_pull_secrets/age_private_key dest: /etc/ansible_pull_secrets/age_private_key
@ -52,6 +60,7 @@
become: true become: true
- name: ensure systemd services exists - name: ensure systemd services exists
tags: [ "ansible_pull" ]
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}.j2" src: "{{ item }}.j2"
dest: "/etc/systemd/system/{{ item }}" dest: "/etc/systemd/system/{{ item }}"
@ -66,6 +75,7 @@
- systemd daemon reload - systemd daemon reload
- name: ensure systemd timer exists - name: ensure systemd timer exists
tags: [ "ansible_pull" ]
ansible.builtin.template: ansible.builtin.template:
src: ansible-pull.timer.j2 src: ansible-pull.timer.j2
dest: /etc/systemd/system/ansible-pull.timer dest: /etc/systemd/system/ansible-pull.timer
@ -77,6 +87,7 @@
- systemd daemon reload - systemd daemon reload
- name: ensure systemd timer is started and enabled - name: ensure systemd timer is started and enabled
tags: [ "ansible_pull" ]
ansible.builtin.systemd_service: ansible.builtin.systemd_service:
name: ansible-pull.timer name: ansible-pull.timer
state: started state: started