BenHays42/homelab-automation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add an Gitea Action for Deploying Ansible Playbooks #1

Merged
BenHays42 merged 12 commits from ansible-deploy-action into main 2024-10-13 01:42:00 +00:00
Conversation 0 Commits 12 Files Changed 6 +34 -12
6 changed files with 34 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
.gitea/workflows/ansible-deploy.yml
View File

@ -3,6 +3,9 @@ on: [push]
jobs: jobs:
deploy: deploy:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env:
RUNNER_TOOL_CACHE: /toolcache
ANSIBLE_VERSION: "8.7.0"
strategy: strategy:
matrix: matrix:
playbook: playbook:
@ -11,7 +14,29 @@ jobs:
- Ansible/heartbeat.yml - Ansible/heartbeat.yml
- Ansible/debian.yml - Ansible/debian.yml
steps: steps:
- uses: actions/checkout@v3 - name: Copy SSH Key
run: |
mkdir ~/.ssh/
echo "Host *" > ~/.ssh/config
echo " StrictHostKeyChecking no" >> ~/.ssh/config
echo '${{secrets.SSH_PRIVATE_KEY}}' > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
- uses: actions/checkout@v3
with:
submodules: recursive
- name: "Cache python packages"
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-${{ env.ANSIBLE_VERSION }}
- name: Install Ansible
run: |
apt update -y
apt install python3-pip -y
python3 -m pip install ansible==${{ env.ANSIBLE_VERSION }}
#- name: Install Ansible Galaxy requirements #- name: Install Ansible Galaxy requirements
# run: | # run: |
@ -20,17 +45,13 @@ jobs:
- name: Run playbook - name: Run playbook
uses: dawidd6/action-ansible-playbook@v2 uses: dawidd6/action-ansible-playbook@v2
with: with:
# Required, playbook filepath
playbook: ${{ matrix.playbook }} playbook: ${{ matrix.playbook }}
# Optional, directory where playbooks live
directory: ./ directory: ./
# Optional, SSH private key
key: ${{secrets.SSH_PRIVATE_KEY}} key: ${{secrets.SSH_PRIVATE_KEY}}
vault_password: ${{secrets.VAULT_PASSWORD}} vault_password: ${{secrets.VAULT_PASSWORD}}
# Optional, galaxy requirements filepath
# requirements: requirements.yaml # requirements: requirements.yaml
options: | options: |
--inventory Ansible/inventory.ini --inventory Ansible/inventory.ini
--extra-vars "@Ansible/homelab-vault/secrets.yml"

2
Ansible/ansible.cfg
View File

@ -4,4 +4,4 @@ host_key_checking = False
inventory = ./inventory.ini inventory = ./inventory.ini
[privilege_escalation] [privilege_escalation]
become_ask_pass = True #become_ask_pass = True

2
Ansible/homelab-vault

@ -1 +1 @@
Subproject commit 6b8679decc51b10d3a028993d11892be763e0eb7 Subproject commit e95c8ff2aef2e919e5bf0fc8133aaec69ea8dc08

2
Ansible/openssh.yml
View File

@ -31,7 +31,7 @@
ansible.builtin.copy: ansible.builtin.copy:
owner: bhays owner: bhays
mode: "0600" mode: "0600"
src: ~/.ssh/authorized_keys src: ../Configs/authorized_keys
dest: /home/bhays/.ssh/authorized_keys dest: /home/bhays/.ssh/authorized_keys
- name: Copy secure login banner - name: Copy secure login banner
ansible.builtin.copy: ansible.builtin.copy:

1
Configs/authorized_keys Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClhOkA+6Wj+HmJb32wqDXAksOr7mhRovSQAt/6PNem/q0R+JA4qyYpStPAkLTHmUJhUPYlyeVPJyaGxRyE96SSrLxy2tGvfch1D2XkrYTZoyEYc0QNg2PfgCkAZofDSPrErzcAzT9XBJ+/9rga8IBZ3F8Nm1gl401y0Ckchdne/i+npVurimpSMJbIwjIsg7ij1gWLL4idIftW7IDloWedI1O2XdBW9VDpA/zq46tBwt3Jeelv5oDCup6g9wLQwBpmegWXYS+p47vGzIYp2qBI2D/opOZCUaBNT81G80E9H0fsNDi8xCBfVj7zgBQHzviqGFqeKjU39FbLZlkeISMX rsa-key-20231020

2
ansible.cfg
View File

@ -4,4 +4,4 @@ host_key_checking = False
inventory = ./Ansible/inventory.ini inventory = ./Ansible/inventory.ini
[privilege_escalation] [privilege_escalation]
become_ask_pass = True #become_ask_pass = True