ansible/roles/pwgen/tasks/main.yaml
2023-03-02 21:32:58 +03:00

64 lines
2.0 KiB
YAML

- name: Create passwords.yaml file
file:
name: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
state: touch
- name: Create files directory for ddclient tsig
file:
name: "{{ playbook_dir }}/files/{{ namespace }}"
state: directory
- include_tasks: passwords.yaml
loop: "{{ default_accounts }}"
- include_tasks: secrets.yaml
loop: "{{ secret_keys }}"
- include_tasks: htpasswd.yaml
loop: "{{ htpasswd_accounts }}"
- include_tasks: passwords.yaml
loop: "{{ openldap_custom_users }}"
when: openldap_custom_users is defined
- include_tasks: passwords.yaml
loop: "{{ openldap_simple_users }}"
when: openldap_simple_users is defined
- name: Test if Drone rpc secret exists in file for {{ item }}
shell: grep -c "drone_rpc_secret" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true
register: rpc_secret_test_grep
- name: Test if Drone database secret exists in file for {{ item }}
shell: grep -c "drone_database_secret" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true
register: database_secret_test_grep
- name: Create Drone rpc secret for {{ item }}
shell: "< /dev/urandom tr -dc a-f0-9 | head -c${1:-128};echo;"
register: rpc_secret
when: rpc_secret_test_grep.stdout == '0'
- name: Create Drone database secret for {{ item }}
shell: "< /dev/urandom tr -dc a-f0-9 | head -c${1:-32};echo;"
register: db_secret
when: database_secret_test_grep.stdout == '0'
- name: Write Drone rpc secret for {{ item }}
lineinfile:
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
line: "drone_rpc_secret: \"{{ rpc_secret.stdout }}\""
when: rpc_secret_test_grep.stdout == '0'
- name: Write Drone database secret for {{ item }}
lineinfile:
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
line: "drone_database_secret: \"{{ db_secret.stdout }}\""
when: database_secret_test_grep.stdout == '0'
- include_tasks: tsig.yaml
- include_tasks: dkim.yaml
- include_tasks: vapid.yaml
loop: "{{ vapid_keys }}"