PHiAX/Raspberry-Pi-IaC
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Raspberry-Pi-IaC/roles/postgres/tasks/main.yml
Thomas Kleinendorst d9f3a2d3f9 Add missing postgres hostname to cloudflare
2024-12-29 14:23:41 +01:00

57 lines
2.1 KiB
YAML
Raw Blame History

---
- name: Include user role
ansible.builtin.include_role:
name: user
vars:
user_username: "{{ postgres_unix_username }}"
user_password: "{{ postgres_unix_password }}"
user_add_to_docker_group: true
- name: Install ensure_certificate_setup.sh
become: true
ansible.builtin.copy:
src: ensure_certificate_setup.sh
dest: "/root/.bin/"
mode: '0700'
owner: root
# Output of the hook can be found as part of the logs at: /var/log/letsencrypt/letsencrypt.log
- name: Create certificates for PostgreSQL (postgres.kleinendorst.info)
become: true
ansible.builtin.command:
cmd: >-
/snap/bin/certbot certonly
--dns-cloudflare
--dns-cloudflare-propagation-seconds 120
--dns-cloudflare-credentials '/root/.secrets/certbot/cloudflare.ini'
--deploy-hook '/root/.bin/ensure_certificate_setup.sh'
--agree-tos -m {{ administration_email }}
-d postgres.kleinendorst.info
creates: "/etc/letsencrypt/live/postgres.kleinendorst.info"
# TODO: Instead of creating a seperate postgres user specifically for storing
# the files we might also upload the compose to the default account and run from there.
- name: Create the compose project directory
become: true
become_user: "{{ postgres_unix_username }}"
ansible.builtin.file:
path: "/home/{{ postgres_unix_username }}/postgres"
state: directory
owner: "{{ postgres_unix_username }}"
mode: '0744'
- name: Create the compose project
become: true
become_user: "{{ postgres_unix_username }}"
ansible.builtin.template:
src: docker-compose.yaml.j2
dest: "/home/{{ postgres_unix_username }}/postgres/docker-compose.yaml"
owner: "{{ postgres_unix_username }}"
mode: '0644'
- name: Create and start services
become: true
community.docker.docker_compose_v2:
project_src: "/home/{{ postgres_unix_username }}/postgres/"
- name: Add DNS record in Cloudflare
community.general.cloudflare_dns:
domain: kleinendorst.info
record: postgres
type: A
value: "{{ ansible_facts['default_ipv4']['address'] }}"
api_token: "{{ dns_cloudflare_token }}"
Reference in a new issue View git blame Copy permalink