-
Notifications
You must be signed in to change notification settings - Fork 0
/
create-docker-host.yml
79 lines (66 loc) · 2.17 KB
/
create-docker-host.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
---
# This playbook configure hosts: initial configuration, installing docker on DO hosts
- hosts: dockerhosts
name: create a droplet
tags:
- create_droplet
- essential
roles:
- {role: droplet, tags: ["create_droplet"]}
- name: enabling ssh and check the server configuration
hosts: dockerhosts
tags:
- essential
vars:
local_known_hosts_file: "~/.ssh/known_hosts"
roles:
- { role: ssh_port_detect, tags: ["hostcheck", "ssh_port_detect"] }
- { role: known_hosts, tags: ["hostcheck", "known_hosts"] }
- { role: ssh_user_detect, tags: ["hostcheck", "ssh_user_detect"] }
- name: adding the droplet to a virtual hosts file fro host configuration
hosts: dockerhosts
tags:
- essential
tasks:
- add_host:
name: "{{ droplet_details.droplet.ip_address }}"
groups: new_droplet
do_host_user: "{{do_host_user}}"
do_host_ssh_port: "{{do_host_ssh_port}}"
public_key: "{{public_key}}"
custom_user: "{{custom_user}}"
custom_ssh_port: "{{custom_ssh_port}}"
- name: Wait for system to become reachable
tags:
- wait_host_reachable
hosts: new_droplet
gather_facts: no
pre_tasks:
- raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
- raw: test -e /usr/bin/pip || (apt -y update && apt install -y python-pip)
vars:
ansible_user: "{{do_host_user}}"
ansible_port: "{{do_host_ssh_port}}"
tasks:
- name: wait_timeout
wait_for_connection:
delay: 60
timeout: 300
- name : configure the server
tags:
- configure_server
hosts: new_droplet
become: true
vars:
ansible_user: "{{do_host_user}}"
ansible_port: "{{do_host_ssh_port}}"
do_host_ip: "{{inventory_hostname}}"
roles:
- { role: ufw, tags: ["hostconfig", "ufw"] }
- { role: deroot, tags: ["hostconfig", "deroot"] }
- { role: ssh_user_detect, tags: ["hostconfig", "ssh_user_detect"] }
- { role: swap, tags: ["hostconfig", "swap"] }
- { role: docker, tags: ["hostconfig", "docker"] }
- { role: fail2ban, tags: ["hostconfig", "fail2ban"] }
# - { role: python, tags: ["hostconfig","python"] }
# - { role: sshd, tags: ["hostconfig", "sshd"] }