Ansible repo for digital ocean projects
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符

114 行
3.5 KiB

  1. ---
  2. - hosts: localhost
  3. connection: local
  4. gather_facts: true
  5. vars:
  6. mpdf:
  7. - 'nyc3-mpdf'
  8. count: 2
  9. mpdb:
  10. - 'nyc3-mpdb'
  11. tasks:
  12. - name: create frontend droplets
  13. digital_ocean_droplet:
  14. unique_name: yes
  15. region: nyc3
  16. image: debian-11-x64
  17. wait_timeout: 100
  18. name: "mpdf{{ item }}"
  19. size_id: s-1vcpu-1gb
  20. state: present
  21. oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
  22. ssh_keys: [ '94:5e:bc:d4:fe:5a:b0:74:7f:06:fc:4e:3d:f7:3e:ea' ] # <---- put your numeric ssh key in here
  23. tags:
  24. - 'ansible'
  25. - 'mpdf'
  26. register: created_droplets_frontend
  27. loop: "{{ range(1,count| int + 1) }}"
  28. - name: create backend droplets
  29. digital_ocean_droplet:
  30. unique_name: yes
  31. region: nyc3
  32. image: debian-11-x64
  33. wait_timeout: 100
  34. name: "mpdb{{ item }}"
  35. size_id: s-1vcpu-1gb
  36. state: present
  37. oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
  38. ssh_keys: [ '94:5e:bc:d4:fe:5a:b0:74:7f:06:fc:4e:3d:f7:3e:ea' ] # <---- put your numeric ssh key in here
  39. tags:
  40. - 'ansible'
  41. - 'mpdb'
  42. register: created_droplets_backend
  43. loop: "{{ range(1,count| int + 1) }}"
  44. - name: Create a Firewall named mpdf-firewall
  45. community.digitalocean.digital_ocean_firewall:
  46. name: mpdf-firewall
  47. state: present
  48. inbound_rules:
  49. - protocol: "tcp"
  50. ports: "22"
  51. sources:
  52. addresses: ["0.0.0.0/0", "::/0"]
  53. - protocol: "tcp"
  54. ports: "6600-6605"
  55. sources:
  56. addresses: ["0.0.0.0/0", "::/0"]
  57. - protocol: "tcp"
  58. ports: "6700-6705"
  59. sources:
  60. tags: ["ansible"]
  61. addresses: ["0.0.0.0/0", "::/0"]
  62. outbound_rules:
  63. - protocol: "tcp"
  64. ports: "1-65535"
  65. destinations:
  66. addresses: ["0.0.0.0/0", "::/0"]
  67. - protocol: "udp"
  68. ports: "1-65535"
  69. destinations:
  70. addresses: ["0.0.0.0/0", "::/0"]
  71. - protocol: "icmp"
  72. ports: "1-65535"
  73. destinations:
  74. addresses: ["0.0.0.0/0", "::/0"]
  75. tags: ["mpdf"]
  76. - name: Create a Firewall named mpdb-firewall
  77. community.digitalocean.digital_ocean_firewall:
  78. name: mpdb-firewall
  79. state: present
  80. inbound_rules:
  81. - protocol: "tcp"
  82. ports: "22"
  83. sources:
  84. addresses: ["0.0.0.0/0", "::/0"]
  85. - protocol: "tcp"
  86. ports: "6600"
  87. sources:
  88. addresses: ["0.0.0.0/0", "::/0"]
  89. outbound_rules:
  90. - protocol: "tcp"
  91. ports: "1-65535"
  92. destinations:
  93. addresses: ["0.0.0.0/0", "::/0"]
  94. - protocol: "udp"
  95. ports: "1-65535"
  96. destinations:
  97. addresses: ["0.0.0.0/0", "::/0"]
  98. - protocol: "icmp"
  99. ports: "1-65535"
  100. destinations:
  101. addresses: ["0.0.0.0/0", "::/0"]
  102. tags: ["mpdb"]
  103. - name: update inventory
  104. ansible.builtin.shell: "do-ansible-inventory --access-token {{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }} > /etc/ansible/hosts"
  105. args:
  106. executable: /bin/bash
  107. - name: mpdb
  108. ansible.builtin.import_playbook: mpdb.yaml
  109. - name: mpdf
  110. ansible.builtin.import_playbook: mpdf.yaml