deploy.yml 2.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
  1. - name: Configure the server
  2. hosts: localhost
  3. tags: algo
  4. vars_files:
  5. - config.cfg
  6. pre_tasks:
  7. - block:
  8. - name: Local pre-tasks
  9. include: playbooks/local.yml
  10. tags: [ 'always' ]
  11. - name: Local pre-tasks
  12. include: playbooks/local_ssh.yml
  13. become: false
  14. when: Deployed_By_Algo is defined and Deployed_By_Algo == "Y"
  15. tags: [ 'local' ]
  16. rescue:
  17. - debug: var=fail_hint
  18. tags: always
  19. - fail:
  20. tags: always
  21. roles:
  22. - { role: cloud-digitalocean, tags: ['digitalocean'] }
  23. - { role: cloud-ec2, tags: ['ec2'] }
  24. - { role: cloud-gce, tags: ['gce'] }
  25. - { role: cloud-azure, tags: ['azure'] }
  26. - { role: local, tags: ['local'] }
  27. post_tasks:
  28. - block:
  29. - name: Local post-tasks
  30. include: playbooks/post.yml
  31. become: false
  32. tags: [ 'cloud' ]
  33. rescue:
  34. - debug: var=fail_hint
  35. tags: always
  36. - fail:
  37. tags: always
  38. - name: Configure the server and install required software
  39. hosts: vpn-host
  40. gather_facts: false
  41. tags: algo
  42. become: true
  43. vars_files:
  44. - config.cfg
  45. pre_tasks:
  46. - block:
  47. - name: Common pre-tasks
  48. include: playbooks/common.yml
  49. tags: [ 'digitalocean', 'ec2', 'gce', 'azure', 'local', 'pre' ]
  50. rescue:
  51. - debug: var=fail_hint
  52. tags: always
  53. - fail:
  54. tags: always
  55. roles:
  56. - { role: security, tags: [ 'security' ] }
  57. - { role: dns_adblocking, tags: ['dns', 'adblock' ] }
  58. - { role: ssh_tunneling, tags: [ 'ssh_tunneling' ] }
  59. - { role: vpn, tags: [ 'vpn' ] }
  60. post_tasks:
  61. - block:
  62. - debug:
  63. msg:
  64. - "{{ congrats.common.split('\n') }}"
  65. - " {{ congrats.p12_pass }}"
  66. - " {% if Store_CAKEY is defined and Store_CAKEY == 'N' %}{% else %}{{ congrats.ca_key_pass }}{% endif %}"
  67. - " {% if cloud_deployment is defined %}{{ congrats.ssh_access }}{% endif %}"
  68. tags: always
  69. - name: Save the CA key password
  70. local_action: >
  71. shell echo "{{ easyrsa_CA_password }}" > /tmp/ca_password
  72. become: no
  73. tags: tests
  74. - name: Delete the CA key
  75. local_action:
  76. module: file
  77. path: "configs/{{ IP_subject_alt_name }}/pki/private/cakey.pem"
  78. state: absent
  79. become: no
  80. tags: always
  81. when: Store_CAKEY is defined and Store_CAKEY == "N"
  82. rescue:
  83. - debug: var=fail_hint
  84. tags: always
  85. - fail:
  86. tags: always