rene/ansible-pull
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
7c359f207065e8cdb2816fc12665baa40bd16a6c
ansible-pull/local.yml
Rene Mewissen a13375e554 use of correct method
2025-11-27 17:04:10 +01:00

258 lines
6.5 KiB
YAML
Raw Blame History

---
- hosts: all
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
connection: local
vars_files:
- "{{ lookup('first_found', ['os_vars/' + (ansible_distribution | lower) + '.yml'], errors='ignore') }}"
become: true
vars:
ansible_reboot_cooldown_minutes: 15 # Cooldown in Minuten
ansible_pull_marker_file: /var/tmp/ansible_pull.last_run
pre_tasks:
- name: pre-run | get status of marker file
ansible.builtin.stat:
path: "{{ ansible_pull_marker_file }}"
register: marker_file_stat
tags: always
- name: pre-run | check if last run was within cooldown period
ansible.builtin.meta: end_play
when:
- marker_file_stat.stat.exists
- (ansible_date_time.epoch | int) - (marker_file_stat.stat.mtime | int) < (ansible_reboot_cooldown_minutes | int * 60)
tags: always
- name: pre-run | set marker file path as a cached fact
ansible.builtin.set_fact:
ansible_pull_marker_file: "{{ ansible_pull_marker_file }}"
cacheable: true
tags: always
- name: pre-run | update apt repository (debian, ubuntu, etc.) # noqa no-changed-when
ansible.builtin.apt: update_cache=yes
#changed_when: false
when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
ignore_errors: True
- name: pre-run | update pacman repository (arch)
community.general.pacman: update_cache=yes
#changed_when: false
when: ansible_distribution == 'Archlinux'
ignore_errors: True
- name: pre-run |update portage repository (gentoo)
portage:
sync: yes
when: ansible_distribution == 'Gentoo'
ignore_errors: True
- hosts: all:!database
pre_tasks:
- name: pre-run | upgrade system (debian, ubuntu, etc.)
ansible.builtin.apt: upgrade=dist
#changed_when: false
when: ansible_distribution in ["Debian", "Ubuntu", "Linux Mint"]
ignore_errors: True
- name: pre-run | upgrade system (arch)
community.general.pacman: upgrade=true
when: ansible_distribution == 'Archlinux'
ignore_errors: True
# run roles
- hosts: all
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
tags: base
become: true
roles:
- base
# - hosts: workstation
# handlers:
# - import_tasks: global_handlers/global_handlers.yml
# tags: workstation
# become: true
# roles:
# - workstation
- hosts: server
tags: server
become: true
roles:
- server
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
- hosts: bastionhost
tags: server,bastionhost
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
become: true
roles:
- bastionhost
post_tasks:
- name: Update AIDE database if changes were made
ansible.builtin.include_role:
name: bastionhost
tasks_from: system_setup/aide_update.yml
when: (aide_db_needs_update is defined and aide_db_needs_update) and (aide_db is defined and aide_db.stat.exists)
- hosts: nameserver
tags: server,nameserver
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
become: true
roles:
- nameserver
- hosts: webservers
tags: server,webservers
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- webservers
- hosts: mailserver
tags: server,mailserver
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- mailserver
- hosts: database
tags: server,database
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- database
# - hosts: dhcpserver
# tags: server,dhcpserver
# become: true
# roles:
# - dhcpserver
- hosts: docker
tags: server,docker
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
become: true
roles:
- docker
- hosts: podman_servers
tags: server,podman
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- podman
- hosts: drone
tags: server,docker,drone
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- drone
# - hosts: fileserver
# tags: server,fileserver
# become: true
# roles:
# - fileserver
- hosts: mastodon
tags: server,mastodon
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
become: true
roles:
- mastodon
# - hosts: printspooler
# tags: server,printspooler
# become: true
# roles:
# - printspooler
- hosts: jitsimeet
tags: server,jitsimeet,webservers
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
become: true
roles:
- jitsimeet
- hosts: omada_controller
tags: server,omada_controller
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- omada-controller
- hosts: backup
tags: server,backup
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- backup
- hosts: reverseproxy
tags: server,reverseproxy
become: true
handlers:
- ansible.builtin.import_tasks: global_handlers/global_handlers.yml
roles:
- reverseproxy
# - hosts: proxyserver
# tags: server,proxyserver
# become: true
# roles:
# - proxyserver
# end of roles; cleanup and reporting
- hosts: all
become: true
post_tasks:
- name: cleanup package cache (debian and ubuntu)
tags: always
ansible.builtin.apt:
autoclean: yes
changed_when: false
when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
- name: autoremove orphan packages (debian and ubuntu)
tags: always
ansible.builtin.apt:
autoremove: yes
purge: yes
when: ansible_distribution in ["Debian", "Pop!_OS", "Ubuntu", "Linux Mint"]
- name: post-run | update marker file timestamp on successful run
file:
path: "{{ ansible_pull_marker_file }}"
state: touch
tags: always
# - name: send completion alert
# include_tasks: playbooks/send_completion_alert.yml
# tags: always
# when:
# - task_failed is not defined
# - name: send failure alert
# include_tasks: playbooks/send_failure_alert.yml
# tags: always
# when:
# - task_failed is defined
# - task_failed == true
# vim: ts=2 sw=2 fdm=indent
Reference in New Issue View Git Blame Copy Permalink