-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #11 from Diesel-Net/development
Promotion
- Loading branch information
Showing
12 changed files
with
51 additions
and
59 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,4 @@ | ||
[defaults] | ||
|
||
stdout_callback = debug | ||
host_key_checking = True | ||
retry_files_enabled = False | ||
|
||
# Fixes ansible variable precedence issue: Makes inventory group_vars override playbook group_vars | ||
# https://github.com/ansible/ansible/issues/18154 | ||
precedence = all_plugins_play, all_inventory, all_plugins_inventory, groups_plugins_play, groups_inventory, groups_plugins_inventory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
signups_allowed: yes | ||
admin_token: admin | ||
host: bitwarden.dev.diesel.net |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,10 @@ | ||
all: | ||
children: | ||
|
||
tools: | ||
hosts: | ||
dev.diesel.net | ||
|
||
vars: | ||
ansible_user: automation | ||
ansible_python_interpreter: /usr/bin/python3 |
14 changes: 3 additions & 11 deletions
14
.ansible/inventory/production/group_vars/tools/config.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,3 @@ | ||
signups_allowed: no | ||
admin_token: !vault | | ||
$ANSIBLE_VAULT;1.1;AES256 | ||
63353762613865376264346632316461666430653533353062363762393766383936303538663831 | ||
6535613862376263623966663039626631313931336331320a376464633533353262373739323330 | ||
62373336316365323964323665383137616132613364313239363736656236623630663061333838 | ||
3633383966323731330a306535626637363034366362323738336235623239373064386536636361 | ||
33613136346535323839396132636130373639613966346235396531636338646338316661343564 | ||
65386330303032623163306131616333623931633139363334376332383463646233396664613339 | ||
66623662643664366633396236313466663663353935353166383865356665393332653064643464 | ||
64313437303036626330 | ||
signups_allowed: yes | ||
admin_token: "{{ lookup('env', 'ADMIN_TOKEN') }}" | ||
host: bitwarden.diesel.net |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,10 @@ | ||
all: | ||
children: | ||
|
||
tools: | ||
hosts: | ||
tools.diesel.net | ||
|
||
vars: | ||
ansible_user: automation | ||
ansible_python_interpreter: /usr/bin/python3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,9 @@ | ||
- name: docker | ||
scm: git | ||
src: "[email protected]:Diesel-Net/ansible-role-docker.git" | ||
version: 1.3.0 | ||
version: 1.10.0 | ||
|
||
- name: common | ||
scm: git | ||
src: "[email protected]:Diesel-Net/ansible-role-common.git" | ||
version: 1.1.0 | ||
version: 1.2.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
.ansible/roles/docker_deploy | ||
.ansible/roles/docker | ||
.ansible/roles/common | ||
.DS_Store |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,28 @@ | ||
[![Build Status](https://drone.kiwi-labs.net/api/badges/Diesel-Net/bitwarden/status.svg)](https://drone.kiwi-labs.net/Diesel-Net/bitwarden) | ||
|
||
# bitwarden | ||
Sets up [vaultwarden](https://github.com/dani-garcia/vaultwarden) (formerly called bitwarden_rs) on the internal network. | ||
Sets up bitwarden on Docker Swarm. | ||
|
||
# Notes | ||
- [traefik v2 labels](https://github.com/dani-garcia/bitwarden_rs/wiki/Proxy-examples#traefik-v1-labels-migrated-to-traefik-v2) | ||
:warning: this configuration uses the unofficial backend [vaultwarden](https://github.com/dani-garcia/vaultwarden), formerly known as `bitwarden_rs` :warning: | ||
|
||
## Requirements | ||
- Ansible 2.10+ | ||
|
||
## Installing Dependencies | ||
```bash | ||
ansible-galaxy install -r .ansible/roles/requirements.yaml -p .ansible/roles --force | ||
``` | ||
## Deployments | ||
This application is configured and deployed automatically using [Drone CI](https://github.com/harness/drone), however there might be situations where you would prefer to do this manually. | ||
|
||
## Deploy to Docker Swarm | ||
You will need to have the [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html#encrypting-content-with-ansible-vault) password file configured on your machine, if there are any vaulted secrets. Please read the relevant ansible documentation on [setting a default password source](https://docs.ansible.com/ansible/latest/user_guide/vault.html#setting-a-default-password-source). If you are trying to reuse this Ansible configuration for your own purposes, then you will need to encrypt all of _your own_ secrets using _your own_ Ansible Vault password and replace those variables in the [Ansible configuration](.ansible). | ||
|
||
### Requirements | ||
I recommend [installing Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-ansible) with `pip` (globally) versus other package managers like Apt or Brew. It makes upgrading and using third party modules much easier. | ||
```bash | ||
ansible-playbook .ansible/deploy.yaml -i .ansible/inventory/development/hosts --vault-id ~/.tokens/master_id | ||
python3 -m pip install --user ansible | ||
``` | ||
|
||
### Steps | ||
1. Install roles (dependencies). | ||
```bash | ||
ansible-galaxy install -r .ansible/roles/requirements.yaml -p .ansible/roles --force | ||
``` | ||
2. Run playbook. | ||
```bash | ||
ansible-playbook .ansible/deploy.yaml -i .ansible/inventory/development | ||
``` |