diff options
Diffstat (limited to 'playbooks/roles/outbound/tasks')
| -rw-r--r-- | playbooks/roles/outbound/tasks/main.yml | 91 |
1 files changed, 85 insertions, 6 deletions
diff --git a/playbooks/roles/outbound/tasks/main.yml b/playbooks/roles/outbound/tasks/main.yml index 84070d6..863351f 100644 --- a/playbooks/roles/outbound/tasks/main.yml +++ b/playbooks/roles/outbound/tasks/main.yml @@ -1,17 +1,18 @@ --- -- name: Build headscale compose dirs +# Headscale setup +- name: Build headscale compose dirs and files ansible.builtin.file: state: directory dest: '/etc/docker/compose/headscale/{{ item.path }}' - with_filetree: '../templates' + with_filetree: '../templates/headscale' when: item.state == 'directory' -- name: Build headscale compose files +- name: Build headscale compose templates ansible.builtin.template: src: '{{ item.src }}' dest: '/etc/docker/compose/headscale/{{ item.path }}' - with_filetree: '../templates' + with_filetree: '../templates/headscale' when: item.state == 'file' - name: Daemon-reload and enable headscale @@ -21,8 +22,86 @@ daemon_reload: true name: docker-compose@headscale -- name: Perform rollout incase daemon already started +- name: Perform rollout for headscale ansible.builtin.shell: - cmd: /usr/local/bin/docker-rollout rollout -f docker-compose.yml headscale + cmd: "/usr/local/bin/docker-rollout rollout -f docker-compose.yml headscale" + chdir: "/etc/docker/compose/headscale" + +# User API Key +- name: Generate API key if homelab build + ansible.builtin.shell: + cmd: docker compose exec -it headscale headscale apikeys create --expiration "{{ api_key_expiration }}" chdir: /etc/docker/compose/headscale + register: api_key_result + when: generate_api_key + +- name: Store and display API key + when: generate_api_key + block: + - name: Define API Key Variable + set_fact: + headscale_api_key: "{{ api_key_result.stdout }}" + + - name: Echo new key + ansible.builtin.debug: + msg: "Please store this API Key! {{ headscale_api_key }}" + + - name: Pause until user confirms + ansible.builtin.pause: + prompt: "Press return when ready!" + +# System user auth key +- name: Create system key user and auth key if homelab build + when: generate_auth_key + block: + - name: Create system key user + ansible.builtin.shell: + cmd: docker compose exec -it headscale headscale users create "{{ auth_key_user }}" + chdir: /etc/docker/compose/headscale + + - name: Create auth key preauthkey + ansible.builtin.shell: + cmd: docker compose exec -it headscale headscale preauthkeys create --reusable --expiration "{{ auth_key_expiration }}" --user "{{ auth_key_user }}" + chdir: /etc/docker/compose/headscale + register: auth_key_result + + - name: Store and display Auth Key + block: + - name: Define Auth Key Variable + set_fact: + headscale_user_auth_key: "{{ auth_key_result.stdout }}" + + - name: Echo new auth key + ansible.builtin.debug: + msg: "Please store this Auth Key for user {{ auth_key_user }}! {{ headscale_user_auth_key }}" + + - name: Pause until user confirms + ansible.builtin.pause: + prompt: "Press return when ready!" + +# Proxy setup (AFTER API key generation) +- name: Build proxy compose dirs and files + ansible.builtin.file: + state: directory + dest: '/etc/docker/compose/proxy/{{ item.path }}' + with_filetree: '../templates/proxy' + when: item.state == 'directory' + +- name: Build proxy compose templates + ansible.builtin.template: + src: '{{ item.src }}' + dest: '/etc/docker/compose/proxy/{{ item.path }}' + with_filetree: '../templates/proxy' + when: item.state == 'file' +- name: Daemon-reload and enable proxy + ansible.builtin.systemd_service: + state: started + enabled: true + daemon_reload: true + name: docker-compose@proxy + +- name: Perform rollout for proxy + ansible.builtin.shell: + cmd: "/usr/local/bin/docker-rollout rollout -f docker-compose.yml proxy" + chdir: "/etc/docker/compose/proxy" |