twirre/ansible-domo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ansible-domo/site.yml
Twirre Meulenbelt d8f4307969 fix: fixes for problems encountered during deployment
2026-04-22 18:29:36 +02:00

60 lines
2.2 KiB
YAML
Raw Permalink Blame History

---
- name: Provision Twirre server
hosts: twirre_servers
become: true
pre_tasks:
- name: Validate Bun application definitions
ansible.builtin.assert:
that:
- bun_apps is iterable
- bun_apps | length > 0
- bun_apps | map(attribute='name') | select('string') | list | length == bun_apps | length
- bun_apps | map(attribute='repo') | select('string') | list | length == bun_apps | length
- bun_apps | map(attribute='path') | select('string') | list | length == bun_apps | length
- bun_apps | map(attribute='service_name') | select('string') | list | length == bun_apps | length
- bun_apps | map(attribute='entrypoint') | select('string') | list | length == bun_apps | length
fail_msg: Define at least one Bun application in bun_apps.
when: bun_enabled | bool
- name: Validate WireGuard configuration when enabled
ansible.builtin.assert:
that:
- wireguard_interface.address | length > 0
- wireguard_interface.private_key | length > 0
fail_msg: WireGuard is enabled but the interface address or private key is missing.
when: wireguard_enabled | bool
- name: Validate Gitea secrets when enabled
ansible.builtin.assert:
that:
- (vault_gitea_secret_key | default('')) | length > 0
- (vault_gitea_internal_token | default('')) | length > 0
- (vault_gitea_lfs_jwt_secret | default('')) | length > 0
fail_msg: Gitea is enabled but one or more required Vault secrets are missing.
when: gitea_enabled | bool
roles:
- role: base
- role: ssh
- role: backupagent
when: backupagent_enabled | bool
- role: docker
when: docker_enabled | bool
- role: bun
when: bun_enabled | bool
- role: fail2ban
when: fail2ban_enabled | bool
- role: wireguard
when: wireguard_enabled | bool
- role: gitea
when: gitea_enabled | bool
- role: mailserver
when: mailserver_enabled | bool
- role: bun_app
when: bun_enabled | bool
- role: nginx
when: nginx_enabled | bool
- role: certbot
when: certbot_enabled | bool
Reference in New Issue View Git Blame Copy Permalink