145 lines
4.3 KiB
YAML
145 lines
4.3 KiB
YAML
---
|
|
|
|
- name: 'Install AWS CLI'
|
|
tags: 'aws-cli'
|
|
become: 'yes'
|
|
pip: >
|
|
executable=pip
|
|
name=awscli
|
|
state=present
|
|
extra_args=--no-cache-dir
|
|
|
|
- name: 'Install docker python'
|
|
tags: 'aws-cli'
|
|
become: 'yes'
|
|
pip: >
|
|
name=docker
|
|
state=present
|
|
extra_args=--no-cache-dir
|
|
|
|
- name: 'Install boto python'
|
|
tags: 'aws-cli'
|
|
become: 'yes'
|
|
pip: >
|
|
name=boto3
|
|
state=present
|
|
extra_args=--no-cache-dir
|
|
|
|
- name: Set home directory of the user
|
|
set_fact:
|
|
home_dir: /home/{{ aws_cli_user }}
|
|
when: "not aws_cli_user == 'root'"
|
|
|
|
- name: Set home directory for root
|
|
set_fact:
|
|
home_dir: /root
|
|
when: "aws_cli_user == 'root'"
|
|
|
|
- name: 'Create the AWS config directory'
|
|
tags: 'aws-cli'
|
|
become: 'yes'
|
|
file: >
|
|
path={{ home_dir }}/.aws
|
|
state=directory
|
|
owner={{ aws_cli_user }}
|
|
group={{ aws_cli_group }}
|
|
mode=0755
|
|
|
|
- name: 'Copy AWS CLI config'
|
|
tags: 'aws-cli'
|
|
become: 'yes'
|
|
template: >
|
|
src=aws_cli_config.j2
|
|
dest={{ home_dir }}/.aws/config
|
|
owner={{ aws_cli_user }}
|
|
group={{ aws_cli_group }}
|
|
mode=0600
|
|
force=yes
|
|
|
|
- name: 'Copy AWS CLI credentials'
|
|
tags: 'aws-cli'
|
|
become: 'yes'
|
|
template: >
|
|
src=aws_cli_credentials.j2
|
|
dest={{ home_dir }}/.aws/credentials
|
|
owner={{ aws_cli_user }}
|
|
group={{ aws_cli_group }}
|
|
mode=0600
|
|
force=yes
|
|
|
|
- name: aws - check AWS meta-data URI
|
|
uri:
|
|
url: http://169.254.169.254/latest/meta-data
|
|
timeout: 1
|
|
register: aws_uri_check
|
|
tags: 'aws'
|
|
failed_when: False
|
|
|
|
- name: aws - get instance metadata
|
|
tags: 'aws'
|
|
ec2_metadata_facts:
|
|
when: aws_uri_check.status == 200
|
|
|
|
- name: aws - get instance tags
|
|
tags: 'aws'
|
|
ec2_tag:
|
|
aws_access_key: "{{ aws_access_key_id }}"
|
|
aws_secret_key: "{{ aws_secret_access_key }}"
|
|
region: "{{ ansible_ec2_placement_region }}"
|
|
resource: "{{ ansible_ec2_instance_id }}"
|
|
state: list
|
|
register: ec2_tags
|
|
when: ansible_ec2_instance_id is defined
|
|
|
|
- name: aws - set hostname
|
|
hostname: name="{{ ec2_tags.tags.hostname }}{% if ec2_tags.tags.domainname is defined %}.{{ ec2_tags.tags.domainname }}{% endif %}"
|
|
tags: 'aws'
|
|
when: ec2_tags.tags is defined and ec2_tags.tags.hostname is defined
|
|
|
|
- name: aws - ecr login
|
|
shell: "$(aws ecr get-login --no-include-email --region {{ aws_region }})"
|
|
tags: 'aws'
|
|
when: ec2_tags.tags is defined
|
|
|
|
- name: aws - prune docker objects (including non-dangling images)
|
|
docker_prune:
|
|
containers: yes
|
|
images: yes
|
|
images_filters:
|
|
dangling: false
|
|
networks: yes
|
|
volumes: yes
|
|
builder_cache: yes
|
|
tags: 'aws'
|
|
|
|
- name: aws - launch docker containers
|
|
docker_container:
|
|
image: "{{docker_registry|default(ec2_tags.tags.user)}}/{{ec2_tags.tags.user}}/{{ec2_tags.tags.env}}/{% if ':' in item %}{{item}}{% else %}{{item}}:{{docker_image_tag|default('latest')}}{% endif %}"
|
|
name: "{{ec2_tags.tags.user}}_{{ec2_tags.tags.env}}_{{item|replace('/','_')|regex_replace(':.*','')}}"
|
|
network_mode: host
|
|
pull: yes
|
|
restart_policy: always
|
|
volumes:
|
|
- "{{ lookup('env','ANSIBLE_DISKS_NFS_PATH') }}:/shared"
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /var/run/docker.sock:/tmp/docker.sock:ro
|
|
tags: 'aws'
|
|
with_items: '{{ec2_tags.tags.services.split(" ")}}'
|
|
when: ec2_tags.tags is defined and ec2_tags.tags.env is defined and ec2_tags.tags.services is defined and ec2_tags.tags.user is defined
|
|
|
|
- name: aws - add docker containers to inventory
|
|
add_host:
|
|
name: "{{ec2_tags.tags.user}}_{{ec2_tags.tags.env}}_{{item|replace('/','_')|regex_replace(':.*','')}}"
|
|
ansible_connection: docker
|
|
changed_when: false
|
|
tags: 'aws'
|
|
with_items: '{{ec2_tags.tags.services.split(" ")}}'
|
|
when: ec2_tags.tags is defined and ec2_tags.tags.env is defined and ec2_tags.tags.services is defined and ec2_tags.tags.user is defined
|
|
|
|
- name: aws - run make deploy in docker containers
|
|
delegate_to: "{{ec2_tags.tags.user}}_{{ec2_tags.tags.env}}_{{item|replace('/','_')|regex_replace(':.*','')}}"
|
|
raw: "command -v make || exit 0 && make deploy CONTAINER={{ec2_tags.tags.user}}_{{ec2_tags.tags.env}}_{{item|replace('/','_')|regex_replace(':.*','')}} HOST={{ansible_ec2_local_ipv4}}"
|
|
tags: 'aws'
|
|
with_items: '{{ec2_tags.tags.services.split(" ")}}'
|
|
when: ec2_tags.tags is defined and ec2_tags.tags.env is defined and ec2_tags.tags.services is defined and ec2_tags.tags.user is defined
|