ansible-edda/README.md

51 lines
1.3 KiB
Markdown
Raw Normal View History

2022-08-18 10:48:41 +02:00
# The Ansible Edda
2022-10-01 17:46:29 +02:00
Ansible playbooks for provisioning The Nine Worlds.
2022-08-18 10:48:41 +02:00
## Secrets vault
- Encrypt with: ```ansible-vault encrypt secrets.yml```
2022-09-21 23:57:15 +02:00
- Decrypt with: ```ansible-vault decrypt secrets.yml```
2022-08-18 10:48:41 +02:00
- Print secrets to STDOUT: ```ansible-vault decrypt --output - secrets.yml```
- Run a playbook with ```ansible-playbook --vault-id @prompt playbook.yml```
## Main
The main entrypoint for The Nine Worlds is [`main.yml`](main.yml).
### Production and testing
The inventory files are split into [`production`](production) and [`testing`](testing).
To run the `main.yml` play on production hosts:
``` sh
ansible-playbook main.yml -i production
```
To run the `main.yml` play on production hosts:
``` sh
ansible-playbook main.yml -i testing
```
### Roles
The plays are composed of roles defined in [`plays/roles`](plays/roles).
To play only a specific role, e.g. `system_base`, run:
``` sh
ansible-playbook --tags "role:system_base"
```
### Role sub-tasks
Some roles are split into smaller groups of tasks. This can be checked by looking at the
`tasks/main.yml` file of a role, e.g.
[`plays/roles/system_base/tasks/main.yml`](plays/roles/system_base/tasks/main.yml).
To play only a particular group within a role, e.g. `sshd` in `system_base`, run:
``` sh
ansible-playbook --tags "role:system_base:sshd"
```