Add cloudflare support'
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
This commit is contained in:
parent
3146f49780
commit
d37eff4372
4
Makefile
4
Makefile
|
@ -19,6 +19,7 @@ bootstrap:
|
|||
export SP_STATE=present && \
|
||||
python3 -m ansible playbook ./playbooks/other/ssh-key-gen/playbook.yml && \
|
||||
python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml && \
|
||||
python3 -m ansible playbook ./playbooks/other/cloudflare/playbook.yml && \
|
||||
export ANSIBLE_INVENTORY=/tmp/outputs/inventory.yaml && \
|
||||
export ANSIBE_PRIVATE_KEY_FILE=/tmp/outputs/ssh_key && \
|
||||
sleep 8 && \
|
||||
|
@ -34,4 +35,5 @@ cleanup:
|
|||
export SP_CUSTOMER=softplayer && \
|
||||
export SP_ENV=dev && \
|
||||
export SP_STATE=absent && \
|
||||
python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml
|
||||
python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml || true && \
|
||||
python3 -m ansible playbook ./playbooks/other/cloudflare/playbook.yml
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
api_token: ENC[AES256_GCM,data:F4XoszX3kvpETLD5NDEzBPEUFqvHkHB06lbfJJkWy7SYvXW9zz9bXA==,iv:Y8u0triR363wZ5k7k07nJ3fJlQ2VZiGfH6RibBlClGo=,tag:mD0uzE9EKFYRsvfMyiTqJg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1lzythn62c4yug8w2wskckpgyjyja6rreyvgmwl9hj4mjvm0tvq6sl68d4z
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHckx3S1JqNStxZTBoU1Za
|
||||
ODh6S2Z3aENoZVBXTDc2dDJBQ2ZvL2h0TUNBCmxLWUJybHN3NFRYVlBRTU8rdlN0
|
||||
WnpyOU9HdllST0lvamNOV1M5aisvZ0UKLS0tIHY4TVFNUm9GQnRtK1B5c01kdEky
|
||||
YTNMWnNvZDdBTmtQNWNaSWd0ZzNvYjAKwV7BI7/8YRg+Nbm5KfoUZPzYX2S4m1At
|
||||
/fSZvXt/sgJydJo1th3asUr/sXgykVjHuDQUh+WPsa5ys9jH5xS2ew==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-05-03T16:29:13Z"
|
||||
mac: ENC[AES256_GCM,data:sVjpsKCK+4CHB1mZb+BnBA0AHWAsHoizGaC4s0ErzAEbXaMIYLFBUYkkeN3OQUcLmLe6SqILpeBVjfhNaaHaQkfr6ZwxOng8d5TNr7qmBYBIGEEUqnIP+Z6vtVKWvpALpKUhTntbUfPaVbdO+rharaBYlXK3lZy8APLcKvmYz7I=,iv:SB00E70mSTpyRYF6p2nz+vLG1EjULj74CEqzuSCazNA=,tag:nys5spETdimYiFNukcwTdA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
|
@ -0,0 +1,38 @@
|
|||
- name: Cloudflare playbook
|
||||
hosts: localhost
|
||||
connection: local
|
||||
vars:
|
||||
output_dir: /tmp/outputs
|
||||
customer: "{{ lookup('ansible.builtin.env', 'SP_CUSTOMER') }}"
|
||||
env: "{{ lookup('ansible.builtin.env', 'SP_ENV') }}"
|
||||
state: "{{ lookup('ansible.builtin.env', 'SP_STATE') }}"
|
||||
tags:
|
||||
- cloud
|
||||
- cloudflare
|
||||
- dns
|
||||
|
||||
tasks:
|
||||
# --------------------------------------------------------
|
||||
# -- Prepare the SOPS plugin to get secrets
|
||||
# --------------------------------------------------------
|
||||
- name: Load encrypted credentials
|
||||
community.sops.load_vars:
|
||||
file: ../../../group_vars/cloudflare.sops.yaml
|
||||
|
||||
- name: Configre A record
|
||||
community.general.cloudflare_dns:
|
||||
api_token: "{{ api_token }}"
|
||||
record: "{{ env }}"
|
||||
zone: "badhouseplants.net"
|
||||
type: A
|
||||
value: "{{( lookup('file', '/tmp/outputs/provider_outputs.yaml')| from_yaml).user_entrypoint }}"
|
||||
state: "{{ state }}"
|
||||
|
||||
- name: Configre CNAME
|
||||
community.general.cloudflare_dns:
|
||||
api_token: "{{ api_token }}"
|
||||
record: "*.{{ env }}"
|
||||
zone: "badhouseplants.net"
|
||||
type: CNAME
|
||||
value: "{{ env }}.badhouseplants.net"
|
||||
state: "{{ state }}"
|
|
@ -93,6 +93,7 @@
|
|||
msg:
|
||||
- "{{ server_data }}"
|
||||
when: 'server_data'
|
||||
|
||||
- name: Generate new inventory
|
||||
ansible.builtin.template:
|
||||
src: templates/inventory.yaml.j2
|
||||
|
@ -102,3 +103,10 @@
|
|||
ipv4_entrypoint: "{{ floating_ips_data.hcloud_floating_ip.ip }}"
|
||||
cluster_name: "{{ customer }}-{{ env }}"
|
||||
volume_device_name: "{{ volumes_data.hcloud_volume.linux_device }}"
|
||||
|
||||
- name: Generate provider output
|
||||
ansible.builtin.template:
|
||||
src: templates/provider_outputs.yaml.j2
|
||||
dest: "{{ output_dir }}/provider_outputs.yaml"
|
||||
vars:
|
||||
ipv4_entrypoint: "{{ floating_ips_data.hcloud_floating_ip.ip }}"
|
||||
|
|
|
@ -1 +1 @@
|
|||
disk_device_name: {{ disk_device_name }}
|
||||
user_entrypoint: {{ ipv4_entrypoint }}
|
Loading…
Reference in New Issue