2021-02-12 22:13:37 +01:00
|
|
|
### Install Ansible
|
|
|
|
|
|
|
|
```
|
|
|
|
pip install -r requirements.txt
|
2021-07-23 14:04:42 +02:00
|
|
|
ansible-galaxy collection install community.general
|
2021-12-30 19:54:09 +01:00
|
|
|
ansible-galaxy collection install community.docker
|
2021-02-12 22:13:37 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
### Ansible Vault
|
|
|
|
|
|
|
|
To manage secrets, this repository use Ansible Vault.
|
|
|
|
|
|
|
|
Create a secret
|
|
|
|
|
|
|
|
```
|
2021-04-27 03:27:50 +02:00
|
|
|
ansible-vault create inv/host_vars/chosto.me/secrets.yml
|
2021-02-12 22:13:37 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
Edit a secret
|
|
|
|
|
|
|
|
```
|
2021-04-27 03:27:50 +02:00
|
|
|
ansible-vault edit inv/host_vars/chosto.me/secrets.yml
|
2021-02-12 22:13:37 +01:00
|
|
|
```
|
|
|
|
|
|
|
|
### Server
|
|
|
|
|
|
|
|
All servers managed should have this base configuration in order to work :
|
|
|
|
|
|
|
|
- a user `chosto`
|
|
|
|
- SSH access allowed for this user
|
|
|
|
- a root access (`sudo`) for user `chosto` with a password specified as `ansible_become_pass` in inventory
|
|
|
|
|
|
|
|
*e.g.*
|
|
|
|
|
|
|
|
```
|
|
|
|
# adduser chosto
|
|
|
|
# adduser chosto sudo
|
|
|
|
```
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
|
|
|
```
|
|
|
|
ansible-playbook [-t tag1 tag2...] all.yml
|
|
|
|
```
|