- name: Create passwords.yaml file file: name: "{{ inventory_dir }}/group_vars/all/passwords.yaml" state: touch - name: Create files directory for ddclient tsig file: name: "{{ playbook_dir }}/files/{{ namespace }}" state: directory - include_tasks: passwords.yaml loop: "{{ default_accounts }}" - include_tasks: secrets.yaml loop: "{{ secret_keys }}" - include_tasks: htpasswd.yaml loop: "{{ htpasswd_accounts }}" - include_tasks: passwords.yaml loop: "{{ openldap_custom_users }}" when: openldap_custom_users is defined - include_tasks: passwords.yaml loop: "{{ openldap_simple_users }}" when: openldap_simple_users is defined - name: Test if Drone rpc secret exists in file for {{ item }} shell: grep -c "drone_rpc_secret" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true register: rpc_secret_test_grep - name: Test if Drone database secret exists in file for {{ item }} shell: grep -c "drone_database_secret" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true register: database_secret_test_grep - name: Create Drone rpc secret for {{ item }} shell: "< /dev/urandom tr -dc a-f0-9 | head -c${1:-128};echo;" register: rpc_secret when: rpc_secret_test_grep.stdout == '0' - name: Create Drone database secret for {{ item }} shell: "< /dev/urandom tr -dc a-f0-9 | head -c${1:-32};echo;" register: db_secret when: database_secret_test_grep.stdout == '0' - name: Write Drone rpc secret for {{ item }} lineinfile: path: "{{ inventory_dir }}/group_vars/all/passwords.yaml" line: "drone_rpc_secret: \"{{ rpc_secret.stdout }}\"" when: rpc_secret_test_grep.stdout == '0' - name: Write Drone database secret for {{ item }} lineinfile: path: "{{ inventory_dir }}/group_vars/all/passwords.yaml" line: "drone_database_secret: \"{{ db_secret.stdout }}\"" when: database_secret_test_grep.stdout == '0' - include_tasks: tsig.yaml - include_tasks: dkim.yaml - include_tasks: vapid.yaml loop: "{{ vapid_keys }}"