Compare commits
3 commits
f3f382ae69
...
6203513220
| Author | SHA1 | Date | |
|---|---|---|---|
| 6203513220 | |||
| 607423d0e7 | |||
| a2bb99928c |
4 changed files with 13 additions and 5 deletions
6
Makefile
6
Makefile
|
|
@ -5,7 +5,7 @@ VENV := .venv
|
||||||
PYTHON := $(VENV)/bin/python
|
PYTHON := $(VENV)/bin/python
|
||||||
PIP := $(VENV)/bin/pip
|
PIP := $(VENV)/bin/pip
|
||||||
ANSIBLE := $(VENV)/bin/ansible
|
ANSIBLE := $(VENV)/bin/ansible
|
||||||
PLAYBOOK := $(VENV)/bin/ansible-playbook
|
PLAYBOOK_BIN := $(VENV)/bin/ansible-playbook
|
||||||
GALAXY := $(VENV)/bin/ansible-galaxy
|
GALAXY := $(VENV)/bin/ansible-galaxy
|
||||||
LINT := $(VENV)/bin/ansible-lint
|
LINT := $(VENV)/bin/ansible-lint
|
||||||
MOLECULE := $(VENV)/bin/molecule
|
MOLECULE := $(VENV)/bin/molecule
|
||||||
|
|
@ -89,13 +89,13 @@ check:
|
||||||
ifndef PLAYBOOK
|
ifndef PLAYBOOK
|
||||||
$(error PLAYBOOK is required: make check PLAYBOOK=<name>)
|
$(error PLAYBOOK is required: make check PLAYBOOK=<name>)
|
||||||
endif
|
endif
|
||||||
$(PLAYBOOK) $(INVENTORY) $(VAULT_ARGS) --check --diff playbooks/$(PLAYBOOK).yml
|
$(PLAYBOOK_BIN) $(INVENTORY) $(VAULT_ARGS) --check --diff playbooks/$(PLAYBOOK).yml
|
||||||
|
|
||||||
deploy:
|
deploy:
|
||||||
ifndef PLAYBOOK
|
ifndef PLAYBOOK
|
||||||
$(error PLAYBOOK is required: make deploy PLAYBOOK=<name>)
|
$(error PLAYBOOK is required: make deploy PLAYBOOK=<name>)
|
||||||
endif
|
endif
|
||||||
$(PLAYBOOK) $(INVENTORY) $(VAULT_ARGS) playbooks/$(PLAYBOOK).yml
|
$(PLAYBOOK_BIN) $(INVENTORY) $(VAULT_ARGS) playbooks/$(PLAYBOOK).yml
|
||||||
|
|
||||||
# ── Vault ─────────────────────────────────────────────────────────────────────
|
# ── Vault ─────────────────────────────────────────────────────────────────────
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,8 +4,9 @@ roles_path = roles
|
||||||
collections_path = .collections
|
collections_path = .collections
|
||||||
vault_password_file = scripts/vault-pass-client.sh
|
vault_password_file = scripts/vault-pass-client.sh
|
||||||
interpreter_python = auto_silent
|
interpreter_python = auto_silent
|
||||||
stdout_callback = yaml
|
stdout_callback = default
|
||||||
callbacks_enabled = timer, profile_tasks
|
callback_result_format = yaml
|
||||||
|
callbacks_enabled = ansible.posix.profile_tasks
|
||||||
|
|
||||||
# Avoid slow DNS lookups
|
# Avoid slow DNS lookups
|
||||||
[ssh_connection]
|
[ssh_connection]
|
||||||
|
|
|
||||||
|
|
@ -5,3 +5,9 @@
|
||||||
dev_env__users:
|
dev_env__users:
|
||||||
- sjat
|
- sjat
|
||||||
- claude
|
- claude
|
||||||
|
|
||||||
|
# Connection: ubongo is the manually-provisioned control node (ADR-009/ADR-015 exception),
|
||||||
|
# not a Terraform VM bootstrapped with the `ansible` service user that group_vars/all
|
||||||
|
# assumes. Manage it as the operator account. Overrides the all-group default for this
|
||||||
|
# group only.
|
||||||
|
ansible_user: sjat
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,7 @@ dev_env__packages:
|
||||||
- tmux
|
- tmux
|
||||||
- git
|
- git
|
||||||
- stow
|
- stow
|
||||||
|
- acl # lets Ansible become_user an unprivileged user (sjat -> claude) for file copies
|
||||||
- build-essential
|
- build-essential
|
||||||
- curl
|
- curl
|
||||||
- ca-certificates
|
- ca-certificates
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue