Add cloudflare support'
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
This commit is contained in:
parent
3146f49780
commit
d37eff4372
4
Makefile
4
Makefile
|
@ -19,6 +19,7 @@ bootstrap:
|
||||||
export SP_STATE=present && \
|
export SP_STATE=present && \
|
||||||
python3 -m ansible playbook ./playbooks/other/ssh-key-gen/playbook.yml && \
|
python3 -m ansible playbook ./playbooks/other/ssh-key-gen/playbook.yml && \
|
||||||
python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml && \
|
python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml && \
|
||||||
|
python3 -m ansible playbook ./playbooks/other/cloudflare/playbook.yml && \
|
||||||
export ANSIBLE_INVENTORY=/tmp/outputs/inventory.yaml && \
|
export ANSIBLE_INVENTORY=/tmp/outputs/inventory.yaml && \
|
||||||
export ANSIBE_PRIVATE_KEY_FILE=/tmp/outputs/ssh_key && \
|
export ANSIBE_PRIVATE_KEY_FILE=/tmp/outputs/ssh_key && \
|
||||||
sleep 8 && \
|
sleep 8 && \
|
||||||
|
@ -34,4 +35,5 @@ cleanup:
|
||||||
export SP_CUSTOMER=softplayer && \
|
export SP_CUSTOMER=softplayer && \
|
||||||
export SP_ENV=dev && \
|
export SP_ENV=dev && \
|
||||||
export SP_STATE=absent && \
|
export SP_STATE=absent && \
|
||||||
python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml
|
python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml || true && \
|
||||||
|
python3 -m ansible playbook ./playbooks/other/cloudflare/playbook.yml
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
api_token: ENC[AES256_GCM,data:F4XoszX3kvpETLD5NDEzBPEUFqvHkHB06lbfJJkWy7SYvXW9zz9bXA==,iv:Y8u0triR363wZ5k7k07nJ3fJlQ2VZiGfH6RibBlClGo=,tag:mD0uzE9EKFYRsvfMyiTqJg==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1lzythn62c4yug8w2wskckpgyjyja6rreyvgmwl9hj4mjvm0tvq6sl68d4z
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHckx3S1JqNStxZTBoU1Za
|
||||||
|
ODh6S2Z3aENoZVBXTDc2dDJBQ2ZvL2h0TUNBCmxLWUJybHN3NFRYVlBRTU8rdlN0
|
||||||
|
WnpyOU9HdllST0lvamNOV1M5aisvZ0UKLS0tIHY4TVFNUm9GQnRtK1B5c01kdEky
|
||||||
|
YTNMWnNvZDdBTmtQNWNaSWd0ZzNvYjAKwV7BI7/8YRg+Nbm5KfoUZPzYX2S4m1At
|
||||||
|
/fSZvXt/sgJydJo1th3asUr/sXgykVjHuDQUh+WPsa5ys9jH5xS2ew==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-05-03T16:29:13Z"
|
||||||
|
mac: ENC[AES256_GCM,data:sVjpsKCK+4CHB1mZb+BnBA0AHWAsHoizGaC4s0ErzAEbXaMIYLFBUYkkeN3OQUcLmLe6SqILpeBVjfhNaaHaQkfr6ZwxOng8d5TNr7qmBYBIGEEUqnIP+Z6vtVKWvpALpKUhTntbUfPaVbdO+rharaBYlXK3lZy8APLcKvmYz7I=,iv:SB00E70mSTpyRYF6p2nz+vLG1EjULj74CEqzuSCazNA=,tag:nys5spETdimYiFNukcwTdA==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.8.1
|
|
@ -0,0 +1,38 @@
|
||||||
|
- name: Cloudflare playbook
|
||||||
|
hosts: localhost
|
||||||
|
connection: local
|
||||||
|
vars:
|
||||||
|
output_dir: /tmp/outputs
|
||||||
|
customer: "{{ lookup('ansible.builtin.env', 'SP_CUSTOMER') }}"
|
||||||
|
env: "{{ lookup('ansible.builtin.env', 'SP_ENV') }}"
|
||||||
|
state: "{{ lookup('ansible.builtin.env', 'SP_STATE') }}"
|
||||||
|
tags:
|
||||||
|
- cloud
|
||||||
|
- cloudflare
|
||||||
|
- dns
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
# --------------------------------------------------------
|
||||||
|
# -- Prepare the SOPS plugin to get secrets
|
||||||
|
# --------------------------------------------------------
|
||||||
|
- name: Load encrypted credentials
|
||||||
|
community.sops.load_vars:
|
||||||
|
file: ../../../group_vars/cloudflare.sops.yaml
|
||||||
|
|
||||||
|
- name: Configre A record
|
||||||
|
community.general.cloudflare_dns:
|
||||||
|
api_token: "{{ api_token }}"
|
||||||
|
record: "{{ env }}"
|
||||||
|
zone: "badhouseplants.net"
|
||||||
|
type: A
|
||||||
|
value: "{{( lookup('file', '/tmp/outputs/provider_outputs.yaml')| from_yaml).user_entrypoint }}"
|
||||||
|
state: "{{ state }}"
|
||||||
|
|
||||||
|
- name: Configre CNAME
|
||||||
|
community.general.cloudflare_dns:
|
||||||
|
api_token: "{{ api_token }}"
|
||||||
|
record: "*.{{ env }}"
|
||||||
|
zone: "badhouseplants.net"
|
||||||
|
type: CNAME
|
||||||
|
value: "{{ env }}.badhouseplants.net"
|
||||||
|
state: "{{ state }}"
|
|
@ -93,6 +93,7 @@
|
||||||
msg:
|
msg:
|
||||||
- "{{ server_data }}"
|
- "{{ server_data }}"
|
||||||
when: 'server_data'
|
when: 'server_data'
|
||||||
|
|
||||||
- name: Generate new inventory
|
- name: Generate new inventory
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: templates/inventory.yaml.j2
|
src: templates/inventory.yaml.j2
|
||||||
|
@ -102,3 +103,10 @@
|
||||||
ipv4_entrypoint: "{{ floating_ips_data.hcloud_floating_ip.ip }}"
|
ipv4_entrypoint: "{{ floating_ips_data.hcloud_floating_ip.ip }}"
|
||||||
cluster_name: "{{ customer }}-{{ env }}"
|
cluster_name: "{{ customer }}-{{ env }}"
|
||||||
volume_device_name: "{{ volumes_data.hcloud_volume.linux_device }}"
|
volume_device_name: "{{ volumes_data.hcloud_volume.linux_device }}"
|
||||||
|
|
||||||
|
- name: Generate provider output
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: templates/provider_outputs.yaml.j2
|
||||||
|
dest: "{{ output_dir }}/provider_outputs.yaml"
|
||||||
|
vars:
|
||||||
|
ipv4_entrypoint: "{{ floating_ips_data.hcloud_floating_ip.ip }}"
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
disk_device_name: {{ disk_device_name }}
|
user_entrypoint: {{ ipv4_entrypoint }}
|
Loading…
Reference in New Issue