| group_vars | ||
| host_vars | ||
| playbooks | ||
| plays | ||
| .gitignore | ||
| ansible.cfg | ||
| main.yml | ||
| makefile | ||
| production | ||
| README.md | ||
| testing | ||
The Ansible Edda
Ansible playbooks for provisioning The Nine Worlds.
Secrets vault
- Encrypt with:
ansible-vault encrypt secrets.yml - Decrypt with:
ansible-vault decrypt secrets.yml - Print secrets to STDOUT:
ansible-vault decrypt --output - secrets.yml - Run a playbook with
ansible-playbook --vault-id @prompt playbook.yml
The Nine Worlds
The main entrypoint for The Nine Worlds is main.yml.
Production and testing
The inventory files are split into production and testing.
To run the main.yml playbook on production hosts:
ansible-playbook main.yml -i production
To run the main.yml playbook on production hosts:
ansible-playbook main.yml -i testing
Playbooks
The Nine Worlds playbook is composed of smaller playbooks. To run a single playbook,
invoke the main.yml playbook directly from the desired playbook's directory. For example, to run
the system playbook, run:
ansible-playbook plays/system/main.yml
Roles
Playbooks are composed of roles defined in the playbook's roles directory, e.g.
plays/system/roles for system.
To play only a specific role in a playbook, e.g. base in the playbook system, run:
ansible-playbook plays/system/main.yml --tags "system:base"
Role sub-tasks
Some roles are split into smaller groups of tasks. This can be checked by looking at the
tasks/main.yml file of a role, e.g.
plays/system/roles/base/tasks/main.yml.
To play only a particular group within a role, e.g. sshd in base of system, run:
ansible-playbook plays/system/main.yml --tags "system:base:sshd"