d-bis/Sankofa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0a7b4f320bcceb7ed77e4021f185cb04cdce4de6
Sankofa/scripts/ansible/site-playbook.yml
defiQUG 6f28146ac3 Initial Phoenix Sankofa Cloud setup 
- Complete project structure with Next.js frontend
- GraphQL API backend with Apollo Server
- Portal application with NextAuth
- Crossplane Proxmox provider
- GitOps configurations
- CI/CD pipelines
- Testing infrastructure (Vitest, Jest, Go tests)
- Error handling and monitoring
- Security hardening
- UI component library
- Documentation
2025-11-28 12:54:33 -08:00

127 lines
3.6 KiB
YAML
Raw Blame History

---
# Ansible Playbook for Multi-Site Deployment
# Deploys agents and configures Proxmox sites
- name: Deploy Hybrid Cloud Control Plane to Multiple Sites
hosts: all
become: yes
vars:
cloudflare_tunnel_token: "{{ vault_cloudflare_tunnel_token }}"
site_name: "{{ inventory_hostname | regex_replace('^pve[0-9]+', 'site') }}"
prometheus_enabled: true
tasks:
- name: Ensure system is up to date
package:
name:
- curl
- wget
- git
- jq
state: present
when: ansible_os_family == "Debian"
- name: Install cloudflared
block:
- name: Check if cloudflared is installed
command: which cloudflared
register: cloudflared_check
changed_when: false
failed_when: false
- name: Download cloudflared
get_url:
url: "https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-{{ ansible_architecture | replace('x86_64', 'amd64') | replace('aarch64', 'arm64') }}"
dest: /usr/local/bin/cloudflared
mode: '0755'
when: cloudflared_check.rc != 0
- name: Create cloudflared directories
file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
- /etc/cloudflared
- /etc/cloudflared/tunnel-configs
- /var/log/cloudflared
- name: Copy tunnel configuration
template:
src: tunnel-config.j2
dest: /etc/cloudflared/tunnel-configs/{{ site_name }}.yaml
mode: '0644'
vars:
node_name: "{{ inventory_hostname }}"
- name: Create tunnel credentials file
copy:
content: '{"AccountTag":"","TunnelSecret":"","TunnelID":"","TunnelName":"{{ site_name }}-tunnel"}'
dest: /etc/cloudflared/{{ site_name }}-tunnel.json
mode: '0600'
- name: Create cloudflared systemd service
template:
src: cloudflared.service.j2
dest: /etc/systemd/system/cloudflared-tunnel.service
mode: '0644'
vars:
site_name: "{{ site_name }}"
notify: restart cloudflared
- name: Install Prometheus exporter
block:
- name: Install Python pip
package:
name: python3-pip
state: present
when: ansible_os_family == "Debian"
- name: Install pve_exporter
pip:
name: pve_exporter
state: present
when: prometheus_enabled | bool
- name: Create pve_exporter systemd service
template:
src: pve-exporter.service.j2
dest: /etc/systemd/system/pve-exporter.service
mode: '0644'
when: prometheus_enabled | bool
notify: restart pve-exporter
- name: Enable and start services
systemd:
name: "{{ item }}"
enabled: yes
state: started
daemon_reload: yes
loop:
- cloudflared-tunnel
- pve-exporter
when: item != "pve-exporter" or prometheus_enabled | bool
- name: Verify cloudflared is running
systemd:
name: cloudflared-tunnel
register: cloudflared_status
- name: Display tunnel status
debug:
msg: "Cloudflare tunnel is {{ cloudflared_status.status.ActiveState }}"
handlers:
- name: restart cloudflared
systemd:
name: cloudflared-tunnel
state: restarted
daemon_reload: yes
- name: restart pve-exporter
systemd:
name: pve-exporter
state: restarted
daemon_reload: yes
Reference in New Issue View Git Blame Copy Permalink