Skip to content

Commit 8b18b15

Browse files
author
Mafyuh
committedJan 12, 2025
init add ansible manual workflow
1 parent 5dc1be9 commit 8b18b15

File tree

2 files changed

+92
-1
lines changed

2 files changed

+92
-1
lines changed
 
+91
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
name: Run Ansible Playbook
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
playbook:
7+
description: "Choose the Ansible playbook to run"
8+
required: true
9+
type: choice
10+
options:
11+
- apt.yml
12+
- docker-count.yml
13+
- docker-login.yml
14+
- docker-prune.yml
15+
- git-pull-reset.yml
16+
- main-reboot-required.yml
17+
- ntp.yml
18+
- zsh.yml
19+
20+
jobs:
21+
run-playbook:
22+
runs-on: docker
23+
container:
24+
image: mafyuh/ansible-bws:v1.0.8
25+
26+
steps:
27+
- name: Checkout Repository
28+
uses: actions/checkout@v4
29+
30+
- name: Get Secrets from Bitwarden
31+
id: bitwarden-secrets
32+
uses: https://github.com/bitwarden/sm-action@v2
33+
with:
34+
access_token: ${{ secrets.BW_ACCESS_TOKEN }}
35+
base_url: https://vault.bitwarden.com
36+
secrets: |
37+
267abc49-f755-4c88-a2a8-b23d00503e31 > arrs_host
38+
e74d1f67-c909-4a2e-b6fc-b23e001dfa4a > ai_host
39+
6f9cef86-eb39-4e05-8c5b-b23e001e6170 > arm_host
40+
52512c15-b474-42c3-9835-b23e001edf35 > auth_host
41+
903364d9-1b29-4b7f-aa66-b23e001f7327 > jf_host
42+
e4c5d8be-b91f-41ab-8071-b23e00203340 > kasm_host
43+
566329f5-5af3-4bcd-b187-b23e00216134 > netboot_host
44+
fb62a8d1-6dd5-4fab-aff4-b23e0021e215 > npm_host
45+
fe0a2fa5-8e2b-4b4f-ac68-b26100315b20 > plex_host
46+
90a16954-45df-49ad-9f45-b23e002273c5 > runner_host
47+
a5b6fa4b-4643-4f85-988b-b23e00245e2f > ubu_host
48+
26b06759-9791-42d7-a076-b23e0063c4dd > ssh_private_key
49+
50+
51+
- name: Create hosts.ini file
52+
run: |
53+
cat <<EOF > ansible/hosts.ini
54+
[iac]
55+
arrs.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arrs_host }} ansible_user=mafyuh
56+
ai.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ai_host }} ansible_user=mafyuh ansible_port=2424
57+
arm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arm_host }} ansible_user=ubuntu ansible_port=2424
58+
auth.lan ansible_host=${{ steps.bitwarden-secrets.outputs.auth_host }} ansible_user=mafyuh
59+
jf.lan ansible_host=${{ steps.bitwarden-secrets.outputs.jf_host }} ansible_user=mafyuh
60+
kasm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.kasm_host }} ansible_user=mafyuh
61+
netboot.lan ansible_host=${{ steps.bitwarden-secrets.outputs.netboot_host }} ansible_user=mafyuh
62+
npm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.npm_host }} ansible_user=mafyuh
63+
plex.lan ansible_host=${{ steps.bitwarden-secrets.outputs.plex_host }} ansible_user=mafyuh ansible_port=2009
64+
runner.lan ansible_host=${{ steps.bitwarden-secrets.outputs.runner_host }} ansible_user=mafyuh
65+
ubu.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ubu_host }} ansible_user=mafyuh
66+
EOF
67+
68+
- name: Ensure SSH directory exists
69+
run: |
70+
mkdir -p /root/.ssh
71+
chmod 700 /root/.ssh
72+
73+
- name: Create Private key
74+
run: |
75+
cat <<EOF > /root/.ssh/id_rsa
76+
${{ steps.bitwarden-secrets.outputs.ssh_private_key }}
77+
EOF
78+
79+
- name: Set permissions for private key
80+
run: |
81+
chmod 700 /root/.ssh/id_rsa
82+
83+
- name: Set up SSH agent
84+
run: |
85+
eval $(ssh-agent -s)
86+
ssh-add /root/.ssh/id_rsa
87+
88+
- name: Run the selected playbook
89+
run: |
90+
ansible-playbook ./ansible/playbooks/${{ github.event.inputs.playbook }} \
91+
--extra-vars "bw_access_token=${{ secrets.BW_ACCESS_TOKEN }}"

‎ansible/playbooks/docker-login.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
- hosts: "*"
22
become: false
33
vars:
4-
docker_password: "{{ lookup('community.general.bitwarden', '3726555b-0ffc-442b-b66a-b257016f6ab9', access_token=lookup('env', 'BW_ACCESS_TOKEN')) }}"
4+
docker_password: "{{ lookup('bitwarden.secrets.lookup', '3726555b-0ffc-442b-b66a-b257016f6ab9', access_token=lookup('env', 'BW_ACCESS_TOKEN')) }}"
55
tasks:
66
- name: Log into DockerHub
77
docker_login:

0 commit comments

Comments
 (0)
Please sign in to comment.