From a5726cad23df83c812c0508aa55a674734173979 Mon Sep 17 00:00:00 2001 From: Claudio Maradonna Date: Tue, 3 Jan 2023 11:22:26 +0100 Subject: [PATCH] update yggdrasil role with a dynamic configuration. add new global variable to be used in combination with specific role to skip installation phases --- README.md | 4 ++++ roles/yggdrasil/README.md | 4 ++++ roles/yggdrasil/defaults/main.yml | 1 + roles/yggdrasil/tasks/main.yml | 5 ++++- roles/yggdrasil/tasks/update_peers.yml | 26 +++++++++++++++++--------- 5 files changed, 30 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 79e087e..6e85d17 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,10 @@ This repository aims to handle most of the Unitoo basic/ standard configuration The examples for `Dockerfile.example` and `docker-compose.yml.example` are useful if you need a basic container to test your playbook with different systems (like Centos/ Ubuntu). Copy them and modify as needed :) +## Global variables + +- **update_only**: used in combination with some tags to skip installation phase o not needed and trigger the update phase only (for configurations as example) + ## Authors & contributors - [Claudio Maradonna](https://social.unitoo.it/claudio) diff --git a/roles/yggdrasil/README.md b/roles/yggdrasil/README.md index 32bbcd1..49d5b0e 100644 --- a/roles/yggdrasil/README.md +++ b/roles/yggdrasil/README.md @@ -11,9 +11,13 @@ Requirements Role Variables -------------- +Respond to: +- **update_only** (boolean) + - **yggdrasil_enabled** (boolean): If true install yggdrasil - **yggdrasil_sshd_enabled** (boolean): If true enable sshd access through Yggdrasil - **yggdrasil_uninstall** (boolean): if true yggdrasil will be removed from the system (requires *yggdrasil_enabled to false*) +- **yggdrasil_peers_list_url** (url): a remote file that contains the `Peers` section of yggdrasil configuration Dependencies ------------ diff --git a/roles/yggdrasil/defaults/main.yml b/roles/yggdrasil/defaults/main.yml index 3dd8fe9..433c8a8 100644 --- a/roles/yggdrasil/defaults/main.yml +++ b/roles/yggdrasil/defaults/main.yml @@ -4,3 +4,4 @@ yggdrasil_enabled: false yggdrasil_sshd_enabled: false yggdrasil_uninstall: false +yggdrasil_peers_list_url: https://git.unitoo.it/unitoo/configurations/raw/branch/master/yggdrasil/peers.conf diff --git a/roles/yggdrasil/tasks/main.yml b/roles/yggdrasil/tasks/main.yml index b803b58..e7dea70 100644 --- a/roles/yggdrasil/tasks/main.yml +++ b/roles/yggdrasil/tasks/main.yml @@ -1,5 +1,7 @@ - name: Install and configure yggdrasil - when: "yggdrasil_enabled is true" + when: + - "yggdrasil_enabled is true" + - "update_only is false" block: - name: Gather package facts package_facts: @@ -63,6 +65,7 @@ when: - "yggdrasil_enabled is false" - "yggdrasil_uninstall is true" + - "update_only is false" block: - name: Gather package facts package_facts: diff --git a/roles/yggdrasil/tasks/update_peers.yml b/roles/yggdrasil/tasks/update_peers.yml index 0421178..56e2375 100644 --- a/roles/yggdrasil/tasks/update_peers.yml +++ b/roles/yggdrasil/tasks/update_peers.yml @@ -1,13 +1,21 @@ +- name: Download new peers file from remote url + ansible.builtin.get_url: + url: "{{yggdrasil_peers_list_url}}" + dest: /tmp/yggdrasil_peers.conf + mode: '0500' + force: true + +- name: Get peers from remote file list + ansible.builtin.slurp: + src: "/tmp/yggdrasil_peers.conf" + register: yggdrasil_peers_encoded + +- name: Decode remote peers content + set_fact: + yggdrasil_peers: "{{yggdrasil_peers_encoded.content | b64decode}}" + - name: Update yggdrasil.conf with peers replace: path: /etc/yggdrasil.conf regexp: '\bPeers:\s*((?:(?!\bPeers\b).|\n)+?)\](?!:)' - replace: ' - Peers: [\n - \t tls://[2001:470:1f13:e56::64]:39575 \n - \t tls://s2.i2pd.xyz:39575 \n - \t tls://51.255.223.60:54232 \n - \t tls://45.147.198.155:6010 \n - \t tls://gutsche.tech:8889 \n - \t tls://ygg.mkg20001.io:443 \n - ]' + replace: "{{yggdrasil_peers}}"