forked from CCCHH/ansible-infra
82 lines
2 KiB
YAML
82 lines
2 KiB
YAML
---
|
|
- name: Ensure base config is deployment on base_config_hosts
|
|
hosts: base_config_hosts
|
|
roles:
|
|
- base_config
|
|
|
|
- name: Ensure deployment of infrastructure authorized keys
|
|
hosts: infrastructure_authorized_keys_hosts
|
|
roles:
|
|
- infrastructure_authorized_keys
|
|
|
|
- name: Ensure Nextcloud config
|
|
hosts: nextcloud_hosts
|
|
roles:
|
|
- nextcloud
|
|
|
|
- name: Ensure ola deployment on ola_hosts
|
|
hosts: ola_hosts
|
|
roles:
|
|
- ola
|
|
|
|
- name: Ensure foobazdmx deployment on foobazdmx_hosts
|
|
hosts: foobazdmx_hosts
|
|
roles:
|
|
- foobazdmx
|
|
|
|
- name: Ensure Dokuwiki config
|
|
hosts: wiki_hosts
|
|
roles:
|
|
- dokuwiki
|
|
|
|
- name: Ensure NetBox deployment on netbox_hosts
|
|
hosts: netbox_hosts
|
|
roles:
|
|
- netbox
|
|
|
|
- name: Ensure NGINX deployment on nginx_hosts, which are also public_reverse_proxy_hosts, before certbot role runs
|
|
hosts: nginx_hosts:&public_reverse_proxy_hosts
|
|
roles:
|
|
- nginx
|
|
|
|
- name: Ensure certbot and certificate deployment on certbot_hosts
|
|
hosts: certbot_hosts
|
|
roles:
|
|
- certbot
|
|
|
|
- name: Ensure Docker Compose deployment on docker_compose_hosts
|
|
hosts: docker_compose_hosts
|
|
roles:
|
|
- docker_compose
|
|
|
|
- name: Ensure NGINX deployment on nginx_hosts
|
|
hosts: nginx_hosts:!public_reverse_proxy_hosts
|
|
roles:
|
|
- nginx
|
|
|
|
- name: Ensure prometheus_node_exporter deployment on prometheus_node_exporter_hosts
|
|
hosts: prometheus_node_exporter_hosts
|
|
roles:
|
|
- prometheus_node_exporter
|
|
|
|
- name: Configure unattended upgrades for all non-hypervisors
|
|
hosts: all:!hypervisors
|
|
become: true
|
|
roles:
|
|
- role: debops.debops.unattended_upgrades
|
|
vars:
|
|
unattended_upgrades__origins:
|
|
- "o=${distro_id},n=${distro_codename}"
|
|
- "o=Docker,n=${distro_codename}"
|
|
- "o=nginx,n=${distro_codename}"
|
|
|
|
- name: Ensure Alloy is installed and Setup on alloy_hosts
|
|
hosts: alloy_hosts
|
|
become: true
|
|
tasks:
|
|
- name: Setup Alloy
|
|
ansible.builtin.include_role:
|
|
name: grafana.grafana.alloy
|
|
|
|
- name: Run ensure_eh22_styleguide_dir Playbook
|
|
ansible.builtin.import_playbook: ensure_eh22_styleguide_dir.yaml
|