1.8 KiB
The Ansible Edda
Ansible playbooks for provisioning The Nine Worlds.
Secrets vault
- Encrypt with:
ansible-vault encrypt secrets.yml
- Decrypt with:
ansible-vault decrypt secrets.yml
- Print secrets to STDOUT:
ansible-vault decrypt --output - secrets.yml
- Run a playbook with
ansible-playbook --vault-id @prompt playbook.yml
The Nine Worlds
The main entrypoint for The Nine Worlds is main.yml
.
Production and testing
The inventory files are split into production
and testing
.
To run the main.yml
playbook on production hosts:
ansible-playbook main.yml -i production
To run the main.yml
playbook on production hosts:
ansible-playbook main.yml -i testing
Playbooks
The Nine Worlds playbook is composed of smaller playbooks
. To run a single playbook,
invoke the main.yml
playbook directly from the desired playbook's directory. For example, to run
the system
playbook, run:
ansible-playbook playbooks/system/main.yml
Roles
Playbooks are composed of roles defined in the playbook's roles
directory, e.g.
playbooks/system/roles
for system
.
To play only a specific role in a playbook, e.g. base
in the playbook system
, run:
ansible-playbook playbooks/system/main.yml --tags "system:base"
Role sub-tasks
Some roles are split into smaller groups of tasks. This can be checked by looking at the
tasks/main.yml
file of a role, e.g.
playbooks/system/roles/base/tasks/main.yml
.
To play only a particular group within a role, e.g. sshd
in base
of system
, run:
ansible-playbook playbooks/system/main.yml --tags "system:base:sshd"