server.garden privileged automation agent (mirror of https://git.sequentialread.com/forest/rootsystem)
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 lines
1.5 KiB
42 lines
1.5 KiB
variable "ssh_private_key_filepath" { |
|
type = string |
|
} |
|
|
|
variable "domain_name" { |
|
type = string |
|
} |
|
|
|
variable "ingress_host_list" { |
|
type = list(object({ |
|
ipv4 = string |
|
ipv6 = string |
|
arch = string |
|
username = string |
|
known_hosts_file_name = string |
|
})) |
|
} |
|
|
|
resource "null_resource" "ansible_playbook" { |
|
count = length(var.ingress_host_list) |
|
|
|
// things that trigger this playbook to run: |
|
// - when the ingress host changes |
|
// ( known_hosts_file_name is the name of the known-hosts file in object storage, |
|
// which is unique to the cloud instance ) |
|
// - when the domain name changes |
|
triggers = { |
|
id = var.ingress_host_list[count.index].known_hosts_file_name |
|
domain = var.domain_name |
|
} |
|
|
|
// now that the servers in the ingress_host_list have had thier host keys added to known_hosts, |
|
// we can proceed with runnning ansible (ssh to the server and install things). |
|
// the ansible-playbook-wrapper as well as the ansible config & roles folder will be linked into this directory |
|
// from ${path.root}/ansible-wrapper/ |
|
// by TerraformPlanAndApply in terraformActions.go before terraform apply is run. |
|
|
|
provisioner "local-exec" { |
|
command = "./ansible-playbook-wrapper --private-key '${var.ssh_private_key_filepath}' -i '${var.ingress_host_list[count.index].ipv4},' -u ${var.ingress_host_list[count.index].username} -e 'domain=${var.domain_name} arch=${var.ingress_host_list[count.index].arch}' playbook.yml" |
|
working_dir = path.module |
|
} |
|
} |