Ansible repo for digital ocean projects
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.

create_droplet.yml 3.4 KiB

il y a 2 ans
il y a 2 ans
il y a 2 ans
il y a 2 ans
il y a 2 ans
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. ---
  2. - hosts: localhost
  3. connection: local
  4. gather_facts: true
  5. vars:
  6. mpdf:
  7. - 'nyc3-mpdf'
  8. count: 2
  9. mpdb:
  10. - 'nyc3-mpdb'
  11. tasks:
  12. - name: create frontend droplets
  13. digital_ocean_droplet:
  14. unique_name: yes
  15. region: nyc3
  16. image: debian-11-x64
  17. wait_timeout: 100
  18. name: "mpdf{{ item }}"
  19. size_id: s-1vcpu-1gb
  20. state: present
  21. oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
  22. ssh_keys: [ '94:5e:bc:d4:fe:5a:b0:74:7f:06:fc:4e:3d:f7:3e:ea' ] # <---- put your numeric ssh key in here
  23. tags:
  24. - 'ansible'
  25. - 'mpdf'
  26. register: created_droplets_frontend
  27. loop: "{{ range(1,count| int + 1) }}"
  28. - name: create backend droplets
  29. digital_ocean_droplet:
  30. unique_name: yes
  31. region: nyc3
  32. image: debian-11-x64
  33. wait_timeout: 100
  34. name: "mpdb{{ item }}"
  35. size_id: s-1vcpu-1gb
  36. state: present
  37. oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
  38. ssh_keys: [ '94:5e:bc:d4:fe:5a:b0:74:7f:06:fc:4e:3d:f7:3e:ea' ] # <---- put your numeric ssh key in here
  39. tags:
  40. - 'ansible'
  41. - 'mpdb'
  42. register: created_droplets_backend
  43. loop: "{{ range(1,count| int + 1) }}"
  44. - name: Create a Firewall named mpdf-firewall
  45. community.digitalocean.digital_ocean_firewall:
  46. name: mpdf-firewall
  47. state: present
  48. inbound_rules:
  49. - protocol: "tcp"
  50. ports: "22"
  51. sources:
  52. addresses: ["0.0.0.0/0", "::/0"]
  53. - protocol: "tcp"
  54. ports: "6600-6605"
  55. sources:
  56. addresses: ["0.0.0.0/0", "::/0"]
  57. - protocol: "tcp"
  58. ports: "6700-6705"
  59. sources:
  60. tags: ["ansible"]
  61. addresses: ["0.0.0.0/0", "::/0"]
  62. outbound_rules:
  63. - protocol: "tcp"
  64. ports: "1-65535"
  65. destinations:
  66. addresses: ["0.0.0.0/0", "::/0"]
  67. - protocol: "udp"
  68. ports: "1-65535"
  69. destinations:
  70. addresses: ["0.0.0.0/0", "::/0"]
  71. - protocol: "icmp"
  72. ports: "1-65535"
  73. destinations:
  74. addresses: ["0.0.0.0/0", "::/0"]
  75. tags: ["mpdf"]
  76. - name: Create a Firewall named mpdb-firewall
  77. community.digitalocean.digital_ocean_firewall:
  78. name: mpdb-firewall
  79. state: present
  80. inbound_rules:
  81. - protocol: "tcp"
  82. ports: "22"
  83. sources:
  84. addresses: ["0.0.0.0/0", "::/0"]
  85. - protocol: "tcp"
  86. ports: "6600"
  87. sources:
  88. addresses: ["0.0.0.0/0", "::/0"]
  89. outbound_rules:
  90. - protocol: "tcp"
  91. ports: "1-65535"
  92. destinations:
  93. addresses: ["0.0.0.0/0", "::/0"]
  94. - protocol: "udp"
  95. ports: "1-65535"
  96. destinations:
  97. addresses: ["0.0.0.0/0", "::/0"]
  98. - protocol: "icmp"
  99. ports: "1-65535"
  100. destinations:
  101. addresses: ["0.0.0.0/0", "::/0"]
  102. tags: ["mpdb"]
  103. - name: update inventory
  104. ansible.builtin.shell: "do-ansible-inventory --access-token {{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }} > /etc/ansible/hosts"
  105. args:
  106. executable: /bin/bash
  107. - name: mpdb
  108. ansible.builtin.import_playbook: mpdb.yaml
  109. - name: mpdf
  110. ansible.builtin.import_playbook: mpdf.yaml