-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathdeploy.yml
More file actions
100 lines (86 loc) · 3.49 KB
/
deploy.yml
File metadata and controls
100 lines (86 loc) · 3.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
- name: Setup PyLink testnet
hosts: testnet
#become: yes
tasks:
- name: Create temporary config dir
file:
path: "{{ item }}"
state: directory
mode: "0700"
loop:
- "{{ config_root }}"
- "{{ config_root }}/certs"
- name: "Check that required vars are set"
fail:
msg: "opers is empty or not defined"
when: not opers
### Self signed certificate
- name: Generate TLS certificate private key
community.crypto.openssl_privatekey:
path: "{{ config_root }}/certs/key.pem"
size: 4096
# XXX: not the greatest practice, but avoids having to copy the certs
# around and set their owner to match the container's expectations
mode: "0644"
- name: Generate TLS certificate signing request
community.crypto.openssl_csr:
path: "{{ config_root }}/certs/cert.csr"
privatekey_path: "{{ config_root }}/certs/key.pem"
country_name: "{{ cert_options.country_name }}"
organization_name: "{{ cert_options.organization_name }}"
email_address: "{{ cert_options.email_address }}"
common_name: "{{ cert_options.common_name }}"
- name: Generate self-signed TLS certificate
community.crypto.x509_certificate:
path: "{{ config_root }}/certs/cert.pem"
privatekey_path: "{{ config_root }}/certs/key.pem"
csr_path: "{{ config_root }}/certs/cert.csr"
provider: selfsigned
- name: Generate cloak keys
set_fact:
cloak_keys:
inspircd: "{{ lookup('password', 'credentials/' + inventory_hostname + '/inspircd_cloak chars=ascii_letters,digits length=100') }}"
# Actually used for both UnrealIRCd and Nefarious
unreal1: "{{ lookup('password', 'credentials/' + inventory_hostname + '/unreal_cloak1 chars=ascii_letters,digits length=100') }}"
unreal2: "{{ lookup('password', 'credentials/' + inventory_hostname + '/unreal_cloak2 chars=ascii_letters,digits length=100') }}"
unreal3: "{{ lookup('password', 'credentials/' + inventory_hostname + '/unreal_cloak3 chars=ascii_letters,digits length=100') }}"
- name: Fetch predefined DH params
get_url:
url: https://ssl-config.mozilla.org/ffdhe4096.txt
dest: "{{ config_root }}/certs/dhparams.pem"
- name: Create intermediate config directories
file:
path: "{{ config_root }}/{{ item.path }}"
mode: "{{ item.mode }}"
state: directory
with_filetree: configs/
when: item.state == "directory"
- name: Upload config files
copy:
src: "{{ item.src }}"
dest: "{{ config_root }}/{{ item.path }}"
mode: "{{ item.mode }}"
with_filetree: configs/
when: item.state == "file" and not item.path.endswith(".j2")
- name: Template config files
template:
src: "{{ item.src }}"
dest: "{{ config_root }}/{{ item.path | regex_replace('\\.j2$', '') }}"
mode: "{{ item.mode }}"
with_filetree: configs/
when: item.state == "file" and item.path.endswith(".j2")
- name: Create intermediate directories for Dockerfiles
file:
path: "{{ config_root }}/dockerfiles/{{ item.path | dirname }}"
state: directory
with_filetree: dockerfiles/
when: item.state == "file" and item.path.endswith("Dockerfile")
- name: Upload Dockerfiles
copy:
src: "{{ item.src }}"
dest: "{{ config_root }}/dockerfiles/{{ item.path }}"
with_filetree: dockerfiles/
when: item.state == "file" and item.path.endswith("Dockerfile")
- name: Print usage info
debug:
msg: "Created docker-compose.yml in {{ config_root }}"