Add ansible playbook

This commit is contained in:
Gabriel Augendre 2020-11-12 14:46:22 +01:00
parent 83e2095b12
commit 147da03492
No known key found for this signature in database
GPG key ID: 1E693F4CE4AEE7B4
3 changed files with 59 additions and 1 deletions

View file

@ -6,7 +6,7 @@ packages:
sources:
- https://git.sr.ht/~crocmagnon/blog
secrets:
- 78118477-73c2-4805-a613-c7aab23c92a8 # SSH config for blog
- ea931da1-9acd-47b0-b6c9-52b8b61c4647 # Ansible hosts file
- 5c948915-48c2-4542-8fc1-a5676f4d7126 # Deploy SSH key
environment:
TESTING: true
@ -23,6 +23,8 @@ tasks:
- test: |
cd blog
poetry run ./docker/runtests.sh
- deploy: |
ansible-playbook -i ~/ansiblehosts blog/ansible/playbook.yml
triggers:
- action: email
condition: failure

1
ansible/hosts Normal file
View file

@ -0,0 +1 @@
blognas ansible_host=192.168.0.54 ansible_port=22 ansible_python_interpreter=/usr/local/bin/python

55
ansible/playbook.yml Normal file
View file

@ -0,0 +1,55 @@
---
- name: deploy blog
hosts: blognas
remote_user: root
environment:
PATH: /root/.poetry/bin:{{ ansible_env.PATH }}
tasks:
- name: upgrade packages
pkgng:
name: '*'
state: latest
- name: install dependencies
pkgng:
name: git,python38,py38-sqlite3,jpeg-turbo,nginx,curl,vim
- name: make python3.8 default
file:
path: /usr/local/bin/python3
src: /usr/local/bin/python3.8
state: link
- name: clone/update code
git:
repo: https://git.sr.ht/~crocmagnon/blog
dest: /srv/blog
force: yes
- name: install poetry
shell:
cmd: POETRY_VERSION=1.1.4 curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python
creates: /root/.poetry/bin/poetry
- name: create venv
shell:
cmd: python -m venv /srv/blogvenv
creates: /srv/blogvenv/bin/python
- name: install deps
shell:
chdir: /srv/blog
cmd: . /srv/blogvenv/bin/activate && poetry install --remove-untracked
- name: install service
copy:
remote_src: yes
src: /srv/blog/ansible/blog.service
dest: /usr/local/etc/rc.d/blog
owner: root
group: wheel
mode: 0755
- name: enable and restart blog service
service:
name: blog
state: restarted
enabled: yes
# - name: enable nginx service
# service:
# name: nginx
# state: started
# enabled: yes