A set of playbooks to maintain our servers.
Usage:
./tools/run_playbook.sh <-p path/to/playbook> [-l <limit>] [--install-requirements] [-b]
-p, --playbook
Path to playbook directory, relative to repo root
-l, --limit
Limit playboot to specific hosts or groups
e.g.: "-l host0,host1,group0,group1"
-b, --bootstrap
Bootstrap Server. This is for Server where the base role was never executed on.
--install-requirements
Install ansible-galaxy requirements
#titel: nomnoml
#direction: right
#.play: visual=note
#.dir: fill=#878787 stroke=#f2f2f2 dashed
#.roleapp: fill=#eb4034
#.rolesystem: fill=#c2c2c2
[<dir> playbook]
[<package> playbook/inventory|
- host
]
[<play> playbook/bootstrap.yml]
[<play> playbook/upgrade.yml]
[<play> playbook/plabook.yml]
[<rolesystem> system.base]
[<rolesystem> system.base.x86_64_server]
[system.base.x86_64_server]-->[system.base]
[<roleapp> app.role]
[playbook/inventory]-[playbook]
[playbook]->[playbook/bootstrap.yml]
[playbook]->[playbook/upgrade.yml]
[playbook/bootstrap.yml]->[playbook/plabook.yml]
[playbook/upgrade.yml]->[playbook/plabook.yml]
[playbook/plabook.yml]->[system.base.x86_64_server]
[playbook/plabook.yml]->[app.role]
Role which will install/configure a/n program/app.
|
username.<app|system>.role_name
|
Role which will configure the system.
ansible-vault encrypt_string --vault-id @prompt 'string_to_encrypt' --name 'the_secret'
ansible-vault encrypt <file>
- name: debug
ansible.builtin.debug:
var: variable_to_debug
- name: End playbook here
ansible.builtin.meta: end_play
Install requirements from ansible galaxy:
ansible-galaxy install -r "./requirements.yml"
ansible-playbook --vault-id @prompt -i ./inventory ./[bootstrap|site].yml
ansible-playbook --vault-id @prompt -i ./inventory --limit <inventory_name_of_host_or_name_of_group> ./[bootstrap|site].yml
rsync -avzh ../playbooks user@host.tld:~/
objc[53614]: +[__NSCFConstantString initialize] may have been in progress in another thread when fork() was called.
objc[53614]: +[__NSCFConstantString initialize] may have been in progress in another thread when fork() was called. We cannot safely call it or ignore it in the fork() child process. Crashing instead. Set a breakpoint on objc_initializeAfterForkError to debug.
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES