54 lines
1.4 KiB
YAML
54 lines
1.4 KiB
YAML
#!/usr/bin/ansible-playbook
|
|
# vim:ft=ansible:
|
|
---
|
|
- name: Set up system for Ansible
|
|
block:
|
|
- name: Install Ansible-required packages via apt
|
|
apt:
|
|
name: "{{ packages }}"
|
|
vars:
|
|
packages:
|
|
- python3-pip
|
|
- python3-boto
|
|
- python3-boto3
|
|
- python3-botocore
|
|
- python3-setuptools
|
|
- name: Install Ansible-required packages via pip
|
|
pip:
|
|
executable: /usr/bin/pip3
|
|
name: "{{ packages }}"
|
|
state: latest
|
|
vars:
|
|
packages:
|
|
- ansible
|
|
- name: Create .aws directory for root
|
|
file:
|
|
path: ~/.aws
|
|
state: directory
|
|
- name: Copy AWS credentials
|
|
copy:
|
|
src: awscredentials
|
|
dest: ~/.aws/credentials
|
|
mode: "0600"
|
|
- name: Copy Ansible private key
|
|
copy:
|
|
src: ansiblekey
|
|
dest: ~/.ssh/ansible
|
|
mode: "0600"
|
|
- name: Copy Ansible password file
|
|
copy:
|
|
src: ansiblevaultpass
|
|
dest: /root/ansiblevaultpass
|
|
mode: "0600"
|
|
- name: Create system copy of Ansible repo
|
|
git:
|
|
repo: https://gitlab.com/rehashedsalt/ansible
|
|
dest: /opt/ansible-repo
|
|
- name: Set up pull and run cronjob
|
|
cron:
|
|
minute: "0"
|
|
hour: "*/12"
|
|
name: ansible-pull
|
|
job: "cd /opt/ansible-repo && HOME=/root /usr/local/bin/ansible-playbook ec2.yml --vault-password-file /root/ansiblevaultpass > /var/log/ansible-pull.log 2>&1"
|
|
become: true
|