# code: language=ansible - name: Setup ansible hosts: ansible tasks: - name: Paquets prérequis ansible.builtin.package: name: - python3-passlib # pour htpasswd - direnv - git - unzip - name: Installation de novops - executable ansible.builtin.unarchive: src: https://github.com/PierreBeucher/novops/releases/download/v0.15.0/novops_linux_x86_64.zip dest: /usr/local/bin creates: /usr/local/bin/novops remote_src: true tags: novops - name: Installation de novops - chmod ansible.builtin.file: path: /usr/local/bin/novops owner: root group: root mode: u=rwx,g=rx,o=rx tags: novops - name: Installation de bw cli - executable ansible.builtin.unarchive: src: https://github.com/bitwarden/cli/releases/download/v1.22.1/bw-linux-1.22.1.zip dest: /usr/local/bin creates: /usr/local/bin/bw remote_src: true tags: bwcli - name: Installation de bw cli - chmod ansible.builtin.file: path: /usr/local/bin/bw owner: root group: root mode: u=rwx,g=rx,o=rx tags: bwcli - name: Setup ressources hosts: ressources pre_tasks: # Installation serveur de ressources apache - name: Création du répertoire des ressources ansible.builtin.file: path: /data1/httpd/ansible state: directory owner: root group: www-data mode: u=rwx,g=rx,o= tags: apache - name: Définition du compte de service de lecture des ressources community.general.htpasswd: path: /data1/httpd/ansible.htpasswd name: "{{ lookup('env', 'AAP_RESSOURCES_USER') }}" password: "{{ lookup('env', 'AAP_RESSOURCES_PASSWORD') }}" owner: root group: www-data mode: u=rw,g=r,o= tags: apache notify: Restart-apache - name: Copie du certificat wildcard libretic ansible.builtin.copy: src: "/data1/httpd/ansible/libretic/cert/libretic.fr/fullchain.pem" dest: "/etc/ssl/certs/libretic.fr.crt" remote_src: true mode: u=rw,g=r,o= tags: apache notify: Restart-apache - name: Copie de la clé wildcard libretic ansible.builtin.copy: src: "/data1/httpd/ansible/libretic/cert/libretic.fr/privkey.pem" dest: "/etc/ssl/private/libretic.fr.key" mode: u=rw,g=r,o= remote_src: true tags: apache notify: Restart-apache roles: - role: ansible-role-apache tags: apache handlers: - name: Restart-apache ansible.builtin.service: name: apache2 state: restarted - name: Setup rp pour ressources hosts: rp_ressources roles: - role: rp_vhost tags: rp_vhost_ressources - name: Setup rp pour awx hosts: rp_awx roles: - role: rp_vhost tags: rp_vhost_awx - name: Setup k3s hosts: awx become: false roles: - role: ansible-role-k3s tags: k3s - name: Setup awx hosts: awx vars_files: - awx.yml roles: - role: awx tags: awx