Skip to content
Snippets Groups Projects
Select Git revision
  • renovate/templates-gitlab-gitlab-ce-18.x
  • renovate/templates-traefik-3.x
  • renovate/templates-jordan-icinga2-2.x
  • renovate/templates-node-22.x
  • renovate/templates-wordpress-6.x
  • renovate/dhcpinfo-certifi-2025.x
  • renovate/templates-gitlab-gitlab-ce-17.x
  • renovate/templates-redis-8.x
  • renovate/templates-redis-7.x
  • renovate/templates-php-8.x
  • renovate/templates-docker-28.x
  • renovate/templates-nginx-1.x
  • master default protected
  • renovate/dhcpinfo-marshmallow-4.x
  • renovate/templates-mariadb-11.x
  • renovate/templates-mariadb-10.x
  • renovate/migrate-config
  • renovate/templates-postgres-17.x
  • renovate/templates-debian-12.x
  • renovate/templates-maxking-mailman-web-0.x
20 results
Blame Permalink
main.yml 3.12 KiB 
---
# Einige Secrets sind auf dem Server lokal gespeichert und werden von dort gelesen 
# Auslesen der Dateien vom Server, zwischengespeicert wird in der Variable gitlab_secrets 
# Anschließend müssen die entsprechenden Einträge aus gitlab_secrets extrahiert werden  
# Die Daten, die von Slurp gelesen werden sind Base64 codiert 
# Zur Sicherheit werden Whitespace-Zeichen entfert, damit z.B. Zeilenumbrüche nicht übernommen werden 

- name: get secrets from server 1 
  slurp: src={{ item }}
  with_items:
    - /srv/shared/noreply_email_pass
    - /srv/ldap/secret/ldap_admin_pass
    - /srv/ldap/secret/ldap_readonly_pass
    - /srv/warpinfratest/secret/web_secret_key
    - /srv/warpinfratest/secret/mysql_root_pw
    - /srv/warpinfratest/secret/mysql_user_pw
  register: warpinfratest_secrets

- name: get secrets from server 2
  set_fact: 
    noreply_email_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
    ldap_admin_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
    ldap_readonly_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
    web_secret_key: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
    mysql_root_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
    mysql_user_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 

- name: create folder struct for warpinfratest
  file: 
    path: "/tmp/warpinfratest_docker/" 
    state: "directory"

- name: create folder struct for warpinfratest
  file: 
    path: "/srv/warpinfratest/etc" 
    state: "directory"

- name: create folder struct for warpinfratest 
  file: 
    path: "/srv/warpinfratest/data" 
    state: "directory"

- name: create folder struct for warpinfratest 
  file: 
    path: "/srv/warpinfratest/log" 
    state: "directory"
  
- name: clone repo
  git: 
    repo: "https://gitlab.warpzone.ms/infrastruktur/warpinfra.git" 
    dest: "/tmp/warpinfratest_docker" 
    force: "yes"
  register: gitclone 

- name: clone repo status 
  debug: 
    msg: "{{gitclone}}"

- name: Konfig-Datei erstellen
  template: 
    src: "config.ini" 
    dest: "/srv/warpinfratest/etc/config.ini"

- name: Konfig-Datei erstellen
  template: 
    src: "docker-compose.yml" 
    dest: "/srv/warpinfratest/docker-compose.yml"
        
- name: start warpinfratest docker
  docker_service: