Spaces:
No application file
No application file
File size: 5,359 Bytes
8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 8b058a4 1ee9b02 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 |
---
- name: Set up Controller Server
hosts: all
become: yes
vars_files:
- ../vars/secrets.yml
tasks:
- name: Update apt cache
apt:
update_cache: yes
become: yes
- name: Install required packages
apt:
name:
- apt-transport-https
- ca-certificates
- curl
- gnupg
- git
- ansible
state: present
become: yes
- name: Check if Tailscale GPG key exists
stat:
path: /usr/share/keyrings/tailscale-archive-keyring.gpg
register: tailscale_key
- name: Download Tailscale GPG key
get_url:
url: https://pkgs.tailscale.com/stable/ubuntu/jammy.noarmor.gpg
dest: /usr/share/keyrings/tailscale-archive-keyring.gpg
mode: '0644'
become: yes
when: not tailscale_key.stat.exists
- name: Add Tailscale repository
ansible.builtin.apt_repository:
repo: deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/ubuntu jammy main
state: present
filename: tailscale
become: yes
- name: Update apt cache again
apt:
update_cache: yes
become: yes
- name: Install Tailscale
apt:
name: tailscale
state: present
become: yes
- name: Check Tailscale status
command: tailscale status
register: tailscale_status
changed_when: false
ignore_errors: yes
- name: Run tailscale up with pre-authentication
command: tailscale up --authkey={{ tailscale_authkey }}
register: tailscale_result
changed_when: "'Success' in tailscale_result.stdout"
become: yes
when: tailscale_status.rc != 0 or 'Tailscale is stopped' in tailscale_status.stdout
- name: Check if repository exists
stat:
path: /opt/CS_553
register: repo_check
- name: Remove existing repository if it exists
file:
path: /opt/CS_553
state: absent
become: yes
when: repo_check.stat.exists
- name: Clone the Git repository
git:
repo: 'https://github.com/jake-molnia/CS_553'
dest: /opt/CS_553
version: main
become: yes
- name: Set permissions for the cloned repository
file:
path: /opt/CS_553
owner: ubuntu
group: ubuntu
mode: '0755'
recurse: yes
become: yes
- name: Ensure .ssh directory exists
file:
path: /home/ubuntu/.ssh
state: directory
owner: ubuntu
group: ubuntu
mode: '0700'
become: yes
- name: Copy ED25519 private SSH key from vault
copy:
content: "{{ vault_ssh_private_key }}"
dest: /home/ubuntu/.ssh/id_ed25519
owner: ubuntu
group: ubuntu
mode: '0600'
become: yes
- name: Ensure correct permissions on ED25519 key
file:
path: /home/ubuntu/.ssh/id_ed25519
owner: ubuntu
group: ubuntu
mode: '0600'
become: yes
- name: Ensure SSH config file exists
file:
path: /home/ubuntu/.ssh/config
state: touch
owner: ubuntu
group: ubuntu
mode: '0600'
become: yes
- name: Add turing.wpi.edu to SSH config
blockinfile:
path: /home/ubuntu/.ssh/config
block: |
Host turing.wpi.edu
User jrmolnia
Hostname turing.wpi.edu
IdentityFile ~/.ssh/id_ed25519
marker: "# {mark} ANSIBLE MANAGED BLOCK FOR TURING"
become: yes
become_user: ubuntu
- name: Add app server to SSH config
blockinfile:
path: /home/ubuntu/.ssh/config
block: |
Host app
Port 22018
Hostname paffenroth-23.dyn.wpi.edu
IdentityFile ~/.ssh/id_ed25519
marker: "# {mark} ANSIBLE MANAGED BLOCK FOR APP SERVER"
become: yes
become_user: ubuntu
- name: Check if initial setup script has been run
stat:
path: /home/ubuntu/.initial_setup_complete
register: setup_check
- name: Run initial setup shell script with Tailscale key
command: >
/opt/CS_553/deployment/02_deploy_to_controller/scripts/initial_ssh_config.sh -k {{ tailscale_authkey }}
args:
chdir: /opt/CS_553/deployment/02_deploy_to_controller
become: yes
become_user: ubuntu
when: not setup_check.stat.exists
- name: Ensure .ansible directory exists
file:
path: /home/ubuntu/.ansible
state: directory
owner: ubuntu
group: ubuntu
mode: '0700'
become: yes
- name: Copy vault password file from local machine
copy:
src: /path/to/local/vault_password.txt
dest: /home/ubuntu/.ansible/vault_password.txt
owner: ubuntu
group: ubuntu
mode: '0600'
become: yes
- name: Run Ansible playbook for app server setup
command: >
ansible-playbook -i inventory/hosts.ini
playbooks/main.yml
--vault-password-file /home/ubuntu/.ansible/vault_password.txt
args:
chdir: /opt/CS_553/deployment/01_deploy_to_app
become: yes
become_user: ubuntu
environment:
ANSIBLE_CONFIG: /opt/CS_553/deployment/01_deploy_to_app/ansible.cfg
|