Add playbook tags and update README

This commit is contained in:
Wojciech Kozlowski 2022-12-18 21:14:04 +01:00
parent 625d29fefb
commit 4c503561e4
2 changed files with 35 additions and 12 deletions

View File

@ -4,9 +4,10 @@ Ansible playbooks for provisioning The Nine Worlds.
## Secrets vault ## Secrets vault
- Encrypt with: ```ansible-vault encrypt secrets.yml``` - Encrypt with: ```ansible-vault encrypt vault.yml```
- Decrypt with: ```ansible-vault decrypt secrets.yml``` - Decrypt with: ```ansible-vault decrypt secrets.yml```
- Print secrets to STDOUT: ```ansible-vault decrypt --output - secrets.yml``` - Encrypt all `vault.yml` in a directory with: ```ansible-vault encrypt directory/**/vault.yml```
- Decrypt all `vault.yml` in a directory with: ```ansible-vault decrypt directory/**/vault.yml```
- Run a playbook with ```ansible-playbook --vault-id @prompt playbook.yml``` - Run a playbook with ```ansible-playbook --vault-id @prompt playbook.yml```
## The Nine Worlds ## The Nine Worlds
@ -29,33 +30,51 @@ ansible-playbook main.yml -i testing
### Playbooks ### Playbooks
The Nine Worlds playbook is composed of smaller [`playbooks`](playbooks). To run a single playbook, The Ansible Edda playbook is composed of smaller [`playbooks`](playbooks). To run a single playbook,
invoke the `main.yml` playbook directly from the desired playbook's directory. For example, to run invoke the relevant playbook directly from the playbook directory. For example, to run the
the [`system`](system) playbook, run: [`system`](system) playbook, run:
``` sh ``` sh
ansible-playbook playbooks/system/main.yml ansible-playbook playbooks/system.yml
```
Alternatively you can use its tag as well:
``` sh
ansible-playbook main.yml --tags "system"
``` ```
### Roles ### Roles
Playbooks are composed of roles defined in the playbook's `roles` directory, e.g. Playbooks are composed of roles defined in the `roles` directory,
[`playbooks/system/roles`](playbooks/system/roles) for `system`. [`playbooks/roles`](playbooks/roles).
To play only a specific role in a playbook, e.g. `base` in the playbook `system`, run: To play only a specific role, e.g. `system/base` in the playbook `system`, run:
``` sh ``` sh
ansible-playbook playbooks/system/main.yml --tags "system:base" ansible-playbook playbooks/system.yml --tags "system:base"
```
Or from the main playbook:
``` sh
ansible-playbook main.yml --tags "system:base"
``` ```
### Role sub-tasks ### Role sub-tasks
Some roles are split into smaller groups of tasks. This can be checked by looking at the Some roles are split into smaller groups of tasks. This can be checked by looking at the
`tasks/main.yml` file of a role, e.g. `tasks/main.yml` file of a role, e.g.
[`playbooks/system/roles/base/tasks/main.yml`](playbooks/system/roles/base/tasks/main.yml). [`playbooks/roles/system/base/tasks/main.yml`](playbooks/roles/system/base/tasks/main.yml).
To play only a particular group within a role, e.g. `sshd` in `base` of `system`, run: To play only a particular group within a role, e.g. `sshd` in `base` of `system`, run:
``` sh ``` sh
ansible-playbook playbooks/system/main.yml --tags "system:base:sshd" ansible-playbook playbooks/system.yml --tags "system:base:sshd"
```
Or from the main playbook:
``` sh
ansible-playbook main.yml --tags "system:base:sshd"
``` ```

View File

@ -1,5 +1,9 @@
--- ---
- ansible.builtin.import_playbook: "playbooks/system.yml" - ansible.builtin.import_playbook: "playbooks/system.yml"
tags: "system"
- ansible.builtin.import_playbook: "playbooks/vpn.yml" - ansible.builtin.import_playbook: "playbooks/vpn.yml"
tags: "vpn"
- ansible.builtin.import_playbook: "playbooks/backups.yml" - ansible.builtin.import_playbook: "playbooks/backups.yml"
tags: "backups"
- ansible.builtin.import_playbook: "playbooks/services.yml" - ansible.builtin.import_playbook: "playbooks/services.yml"
tags: "services"