mirror of
https://github.com/FAUSheppy/no-secrets-athq-ansible
synced 2025-12-06 06:41:36 +01:00
101 lines
2.3 KiB
YAML
101 lines
2.3 KiB
YAML
- name: Install VPNs
|
|
apt:
|
|
state: present
|
|
pkg:
|
|
- openvpn
|
|
- docker-compose
|
|
|
|
- name: OpenVPN configs dirs
|
|
file:
|
|
name: "/etc/openvpn/{{ item }}"
|
|
state: directory
|
|
with_items:
|
|
- atlantishq
|
|
|
|
- name: Deploy OpenVPN configs
|
|
template:
|
|
src: "{{ item }}.conf"
|
|
dest: "/etc/openvpn/{{ item.name }}-{{ item.dev_type }}/{{ item.name }}-{{ item.dev_type }}.conf"
|
|
with_items:
|
|
- { "name" : "atlantishq", "dev_type" : "tap", "port" : 7012 }
|
|
- { "name" : "atlantishq", "dev_type" : "tun", "port" : 7013 }
|
|
|
|
- name: Openvpn Mgnt interface Pass file
|
|
copy:
|
|
content: "{{ openvpn_management_password }}"
|
|
dest: "/etc/openvpn/{{ openvpn_management_passfile }}"
|
|
|
|
- name: Create data-dir
|
|
file:
|
|
name: /data/
|
|
state: directory
|
|
|
|
- name: Create data-dir (client-config-dir)
|
|
file:
|
|
name: /data/certificate-manager/client-config-dir/
|
|
state: directory
|
|
|
|
- name: Create opt-dir
|
|
file:
|
|
name: /opt/
|
|
state: directory
|
|
|
|
- name: Certificate Manager Data Dir
|
|
file:
|
|
name: /data/certificate-manager/
|
|
state: directory
|
|
|
|
- name: Cert Manager Config
|
|
template:
|
|
src: cert-manager-conf.py
|
|
dest: /data/certificate-manager/config.py
|
|
|
|
- name: Create compose directories
|
|
file:
|
|
name: "/opt/certificate-manager/"
|
|
state: directory
|
|
|
|
- name: Copy compose templates
|
|
template:
|
|
src: "certificate-manager.yaml"
|
|
dest: "/opt/certificate-manager/"
|
|
|
|
- name: Log into private registry
|
|
docker_login:
|
|
registry: registry.atlantishq.de
|
|
username: docker
|
|
password: HISTORY_PURGED_SECRET
|
|
|
|
- name: Deploy compose templates
|
|
community.docker.docker_compose:
|
|
project_src: "/opt/certificate-manager/"
|
|
pull: true
|
|
files:
|
|
- "certificate-manager.yaml"
|
|
|
|
# setup oauth proxy #
|
|
- name: include services ports
|
|
include_vars: services.yaml
|
|
|
|
- name: OAuth2Proxy directories
|
|
file:
|
|
path: "/opt/oauth2proxy/{{ item }}/"
|
|
state: directory
|
|
recurse: yes
|
|
with_items:
|
|
- cert-manager
|
|
|
|
- name: Deploy OAuth2Proxy compose files
|
|
template:
|
|
src: oauth-standalone-docker-compose.yaml
|
|
dest: "/opt/oauth2proxy/{{ item }}/docker-compose.yaml"
|
|
with_items:
|
|
- cert-manager
|
|
|
|
- name: Deploy OAuth2Proxy
|
|
community.docker.docker_compose:
|
|
project_src: /opt/oauth2proxy/{{ item }}/
|
|
pull: true
|
|
with_items:
|
|
- cert-manager
|