Go to file
2022-12-04 17:29:43 +01:00
playbooks Create system_ups role 2022-12-04 17:29:43 +01:00
plays Create system_ups role 2022-12-04 17:29:43 +01:00
.gitignore Convert common parts of 00-hosts to roles 2022-12-04 15:14:43 +01:00
ansible.cfg Replace 00-test-hosts play 2022-12-04 15:36:03 +01:00
main.yml Clearer play organisation 2022-12-04 17:18:15 +01:00
production Replace 00-test-hosts play 2022-12-04 15:36:03 +01:00
README.md Update readme to document inventory and tag usage 2022-12-04 15:43:10 +01:00
testing Replace 00-test-hosts play 2022-12-04 15:36:03 +01:00

The Ansible Edda

Ansible playbooks for provisioning The Nine Worlds.

Secrets vault

  • Encrypt with: ansible-vault encrypt secrets.yml
  • Decrypt with: ansible-vault decrypt secrets.yml
  • Print secrets to STDOUT: ansible-vault decrypt --output - secrets.yml
  • Run a playbook with ansible-playbook --vault-id @prompt playbook.yml

Main

The main entrypoint for The Nine Worlds is main.yml.

Production and testing

The inventory files are split into production and testing.

To run the main.yml play on production hosts:

ansible-playbook main.yml -i production

To run the main.yml play on production hosts:

ansible-playbook main.yml -i testing

Roles

The plays are composed of roles defined in plays/roles.

To play only a specific role, e.g. system_base, run:

ansible-playbook --tags "role:system_base"

Role sub-tasks

Some roles are split into smaller groups of tasks. This can be checked by looking at the tasks/main.yml file of a role, e.g. plays/roles/system_base/tasks/main.yml.

To play only a particular group within a role, e.g. sshd in system_base, run:

ansible-playbook --tags "role:system_base:sshd"