update yggdrasil role with a dynamic configuration. add new global variable to be used in combination with specific role to skip installation phases #5

Merged
claudiomaradonna merged 1 commit from :master into master 2023-01-03 11:23:33 +01:00
5 changed files with 30 additions and 10 deletions

View file

@ -15,6 +15,10 @@ This repository aims to handle most of the Unitoo basic/ standard configuration
The examples for `Dockerfile.example` and `docker-compose.yml.example` are useful if you need a basic container to test your playbook with different systems (like Centos/ Ubuntu). Copy them and modify as needed :) The examples for `Dockerfile.example` and `docker-compose.yml.example` are useful if you need a basic container to test your playbook with different systems (like Centos/ Ubuntu). Copy them and modify as needed :)
## Global variables
- **update_only**: used in combination with some tags to skip installation phase o not needed and trigger the update phase only (for configurations as example)
## Authors & contributors ## Authors & contributors
- [Claudio Maradonna](https://social.unitoo.it/claudio) - [Claudio Maradonna](https://social.unitoo.it/claudio)

View file

@ -11,9 +11,13 @@ Requirements
Role Variables Role Variables
-------------- --------------
Respond to:
- **update_only** (boolean)
- **yggdrasil_enabled** (boolean): If true install yggdrasil - **yggdrasil_enabled** (boolean): If true install yggdrasil
- **yggdrasil_sshd_enabled** (boolean): If true enable sshd access through Yggdrasil - **yggdrasil_sshd_enabled** (boolean): If true enable sshd access through Yggdrasil
- **yggdrasil_uninstall** (boolean): if true yggdrasil will be removed from the system (requires *yggdrasil_enabled to false*) - **yggdrasil_uninstall** (boolean): if true yggdrasil will be removed from the system (requires *yggdrasil_enabled to false*)
- **yggdrasil_peers_list_url** (url): a remote file that contains the `Peers` section of yggdrasil configuration
Dependencies Dependencies
------------ ------------

View file

@ -4,3 +4,4 @@
yggdrasil_enabled: false yggdrasil_enabled: false
yggdrasil_sshd_enabled: false yggdrasil_sshd_enabled: false
yggdrasil_uninstall: false yggdrasil_uninstall: false
yggdrasil_peers_list_url: https://git.unitoo.it/unitoo/configurations/raw/branch/master/yggdrasil/peers.conf

View file

@ -1,5 +1,7 @@
- name: Install and configure yggdrasil - name: Install and configure yggdrasil
when: "yggdrasil_enabled is true" when:
- "yggdrasil_enabled is true"
- "update_only is false"
block: block:
- name: Gather package facts - name: Gather package facts
package_facts: package_facts:
@ -63,6 +65,7 @@
when: when:
- "yggdrasil_enabled is false" - "yggdrasil_enabled is false"
- "yggdrasil_uninstall is true" - "yggdrasil_uninstall is true"
- "update_only is false"
block: block:
- name: Gather package facts - name: Gather package facts
package_facts: package_facts:

View file

@ -1,13 +1,21 @@
- name: Download new peers file from remote url
ansible.builtin.get_url:
url: "{{yggdrasil_peers_list_url}}"
dest: /tmp/yggdrasil_peers.conf
mode: '0500'
force: true
- name: Get peers from remote file list
ansible.builtin.slurp:
src: "/tmp/yggdrasil_peers.conf"
register: yggdrasil_peers_encoded
- name: Decode remote peers content
set_fact:
yggdrasil_peers: "{{yggdrasil_peers_encoded.content | b64decode}}"
- name: Update yggdrasil.conf with peers - name: Update yggdrasil.conf with peers
replace: replace:
path: /etc/yggdrasil.conf path: /etc/yggdrasil.conf
regexp: '\bPeers:\s*((?:(?!\bPeers\b).|\n)+?)\](?!:)' regexp: '\bPeers:\s*((?:(?!\bPeers\b).|\n)+?)\](?!:)'
replace: ' replace: "{{yggdrasil_peers}}"
Peers: [\n
\t tls://[2001:470:1f13:e56::64]:39575 \n
\t tls://s2.i2pd.xyz:39575 \n
\t tls://51.255.223.60:54232 \n
\t tls://45.147.198.155:6010 \n
\t tls://gutsche.tech:8889 \n
\t tls://ygg.mkg20001.io:443 \n
]'