Compare commits
No commits in common. "620351322093180d2692fe8318fc9eddf9d468e9" and "f3f382ae69d27e7068e3fc30ce4ddc14cd0d07f7" have entirely different histories.
6203513220
...
f3f382ae69
4 changed files with 5 additions and 13 deletions
6
Makefile
6
Makefile
|
|
@ -5,7 +5,7 @@ VENV := .venv
|
||||||
PYTHON := $(VENV)/bin/python
|
PYTHON := $(VENV)/bin/python
|
||||||
PIP := $(VENV)/bin/pip
|
PIP := $(VENV)/bin/pip
|
||||||
ANSIBLE := $(VENV)/bin/ansible
|
ANSIBLE := $(VENV)/bin/ansible
|
||||||
PLAYBOOK_BIN := $(VENV)/bin/ansible-playbook
|
PLAYBOOK := $(VENV)/bin/ansible-playbook
|
||||||
GALAXY := $(VENV)/bin/ansible-galaxy
|
GALAXY := $(VENV)/bin/ansible-galaxy
|
||||||
LINT := $(VENV)/bin/ansible-lint
|
LINT := $(VENV)/bin/ansible-lint
|
||||||
MOLECULE := $(VENV)/bin/molecule
|
MOLECULE := $(VENV)/bin/molecule
|
||||||
|
|
@ -89,13 +89,13 @@ check:
|
||||||
ifndef PLAYBOOK
|
ifndef PLAYBOOK
|
||||||
$(error PLAYBOOK is required: make check PLAYBOOK=<name>)
|
$(error PLAYBOOK is required: make check PLAYBOOK=<name>)
|
||||||
endif
|
endif
|
||||||
$(PLAYBOOK_BIN) $(INVENTORY) $(VAULT_ARGS) --check --diff playbooks/$(PLAYBOOK).yml
|
$(PLAYBOOK) $(INVENTORY) $(VAULT_ARGS) --check --diff playbooks/$(PLAYBOOK).yml
|
||||||
|
|
||||||
deploy:
|
deploy:
|
||||||
ifndef PLAYBOOK
|
ifndef PLAYBOOK
|
||||||
$(error PLAYBOOK is required: make deploy PLAYBOOK=<name>)
|
$(error PLAYBOOK is required: make deploy PLAYBOOK=<name>)
|
||||||
endif
|
endif
|
||||||
$(PLAYBOOK_BIN) $(INVENTORY) $(VAULT_ARGS) playbooks/$(PLAYBOOK).yml
|
$(PLAYBOOK) $(INVENTORY) $(VAULT_ARGS) playbooks/$(PLAYBOOK).yml
|
||||||
|
|
||||||
# ── Vault ─────────────────────────────────────────────────────────────────────
|
# ── Vault ─────────────────────────────────────────────────────────────────────
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,9 +4,8 @@ roles_path = roles
|
||||||
collections_path = .collections
|
collections_path = .collections
|
||||||
vault_password_file = scripts/vault-pass-client.sh
|
vault_password_file = scripts/vault-pass-client.sh
|
||||||
interpreter_python = auto_silent
|
interpreter_python = auto_silent
|
||||||
stdout_callback = default
|
stdout_callback = yaml
|
||||||
callback_result_format = yaml
|
callbacks_enabled = timer, profile_tasks
|
||||||
callbacks_enabled = ansible.posix.profile_tasks
|
|
||||||
|
|
||||||
# Avoid slow DNS lookups
|
# Avoid slow DNS lookups
|
||||||
[ssh_connection]
|
[ssh_connection]
|
||||||
|
|
|
||||||
|
|
@ -5,9 +5,3 @@
|
||||||
dev_env__users:
|
dev_env__users:
|
||||||
- sjat
|
- sjat
|
||||||
- claude
|
- claude
|
||||||
|
|
||||||
# Connection: ubongo is the manually-provisioned control node (ADR-009/ADR-015 exception),
|
|
||||||
# not a Terraform VM bootstrapped with the `ansible` service user that group_vars/all
|
|
||||||
# assumes. Manage it as the operator account. Overrides the all-group default for this
|
|
||||||
# group only.
|
|
||||||
ansible_user: sjat
|
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,6 @@ dev_env__packages:
|
||||||
- tmux
|
- tmux
|
||||||
- git
|
- git
|
||||||
- stow
|
- stow
|
||||||
- acl # lets Ansible become_user an unprivileged user (sjat -> claude) for file copies
|
|
||||||
- build-essential
|
- build-essential
|
||||||
- curl
|
- curl
|
||||||
- ca-certificates
|
- ca-certificates
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue