apatel762 / home-infra

A repository containing all of the setup for my home infra (e.g. my laptop & soon, my server)
GNU Affero General Public License v3.0
0 stars 0 forks source link

Re-arrange Ansible-related files such that we can use scripts to run one play at a time #99

Closed apatel762 closed 1 year ago

apatel762 commented 2 years ago

And then if we want to bootstrap everything all at once, we can just run the Makefile which will run every script.

Ideally, we should be able to do something like ./runplay.sh xxxxx.yml and it would run that play

apatel762 commented 2 years ago

To run an Ansible playbook, we can use something like:

time ansible-playbook \
    --vault-password-file password.txt \
    --become-password-file password.txt \
    --connection-password-file password.txt \
    --diff \
    --verbose \
    --inventory hosts.ini \
    name_of_playbook.yml

Using time means we can get an idea of how long a play takes, and using diff we can see what we are doing to the files that we're updating. The --verbose just helps because we get more information as to what the playbook is doing while it's running.

We should substitute the password file params with 'ask password' params if the files don't exist. Maybe display a message to the user informing them that they can create the files, and then going on to ask them for the passwords to continue for now. Like this, things will still work if we decide we don't want to use password files.

To make this work, the mono-playbook would have to be split out into sub-playbooks. In the new way of handling things, the playbook would look like this:

---

- name: The things that this playbook aims to do
  hosts: local # could also do hosts: all as we are now, no big deal
  any_errors_fatal: yes
  pre_tasks:
    - include: xxx.yml
    - name: my task
      thing:
        do: it
  roles:
    - my_role_1
    - my_role_2

and we'd call this playbook something.yml and call it via runplay.sh.

Then, to top it off, we'd chain the runplay.sh calls together using the Makefile. Here is where it might become an issue if we stop using password files, because you'd have to enter your password many times before you'd be done with the process.

apatel762 commented 1 year ago

closed by 2ebe9c7069674fab00340717e8805dde11a957af