shockrah/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Moving proxy things to its own playbook + role
Some checks failed
Ansible Linting / ansible-lint (push) Failing after 4s
Details
Secops Linting and Safety Checks / checkov-scan-s3 (push) Failing after 14s
Details

Browse Source
This commit is contained in:
shockrah 2025-05-23 01:42:40 -07:00
parent 24fcbc957a
commit 053db8793b
8 changed files with 39 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/nuc.yaml
View File

@ -6,7 +6,6 @@
tags: tags:
- setup - setup
- nomad - nomad
- proxy
- volumes - volumes
ansible.builtin.include_role: ansible.builtin.include_role:
name: local-server-head name: local-server-head

7
ansible/proxy.yaml Normal file
View File

@ -0,0 +1,7 @@
---
- hosts: nigel.local
remote_user: nigel
tasks:
- name: Apply reverse proxy role
ansible.builtin.include_role:
name: proxy

8
ansible/roles/local-server-head/tasks/main.yaml
View File

@ -23,14 +23,6 @@
become: true become: true
tags: tags:
- nomad - nomad
- name: Setup the reverse proxy outside of nomad
tags: proxy
ansible.builtin.include_tasks:
file: reverse_proxy.yaml
apply:
become: true
tags:
- proxy
- name: Setup data directory for the nomad host volumes - name: Setup data directory for the nomad host volumes
tags: volumes tags: volumes
ansible.builtin.include_tasks: ansible.builtin.include_tasks:

31
ansible/roles/local-server-head/tasks/reverse_proxy.yaml
View File

@ -1,31 +0,0 @@
- name: Keep /etc/hosts up to date
ansible.builtin.copy:
dest: /etc/hosts
src: host-file
mode: "0644"
- name: Ensure nginx is setup as latest
ansible.builtin.apt:
name: nginx
- name: Copy the nomad.conf to available configurations
ansible.builtin.copy:
src: "{{ item }}"
dest: "/etc/nginx/sites-available/{{ item }}"
mode: "0644"
loop:
- nomad.conf
- sanity.conf
- ncr.conf
- name: Link the nomad.conf to sites-enabled
ansible.builtin.file:
path: "/etc/nginx/sites-enabled/{{ item }}"
state: link
src: "/etc/nginx/sites-available/{{ item }}"
mode: "0644"
loop:
- nomad.conf
- sanity.conf
- ncr.conf
- name: Restart nginx
ansible.builtin.systemd_service:
name: nginx
state: restarted

0
ansible/roles/local-server-head/files/host-file → ansible/roles/proxy/files/host-file
View File

0
ansible/roles/local-server-head/files/ncr.conf → ansible/roles/proxy/files/ncr.conf
View File

0
ansible/roles/local-server-head/files/nomad.conf → ansible/roles/proxy/files/nomad.conf
View File

32
ansible/roles/proxy/tasks/main.yaml Normal file
View File

@ -0,0 +1,32 @@
- name: Reverse proxy role configuration
become: true
vars:
nginx_configs:
- nomad.conf
- ncr.conf
block:
- name: Ensure /etc/hosts are up to date
ansible.builtin.copy:
dest: /etc/hosts
src: host-file
mode: "0644"
- name: Ensure nginx is setup as latest
ansible.builtin.apt:
name: nginx
- name: Copy the nomad.conf to available configurations
ansible.builtin.copy:
src: "{{ item }}"
dest: "/etc/nginx/sites-available/{{ item }}"
mode: "0644"
loop: "{{ nginx_configs }}"
- name: Link the nomad.conf to sites-enabled
ansible.builtin.file:
path: "/etc/nginx/sites-enabled/{{ item }}"
state: link
src: "/etc/nginx/sites-available/{{ item }}"
mode: "0644"
loop: "{{ nginx_configs }}"
- name: Restart nginx
ansible.builtin.systemd_service:
name: nginx
state: restarted