|
| 1 | +name: Run Ansible Playbook |
| 2 | + |
| 3 | +on: |
| 4 | + workflow_dispatch: |
| 5 | + inputs: |
| 6 | + playbook: |
| 7 | + description: "Choose the Ansible playbook to run" |
| 8 | + required: true |
| 9 | + type: choice |
| 10 | + options: |
| 11 | + - apt.yml |
| 12 | + - docker-count.yml |
| 13 | + - docker-login.yml |
| 14 | + - docker-prune.yml |
| 15 | + - git-pull-reset.yml |
| 16 | + - main-reboot-required.yml |
| 17 | + - ntp.yml |
| 18 | + - zsh.yml |
| 19 | + |
| 20 | +jobs: |
| 21 | + run-playbook: |
| 22 | + runs-on: docker |
| 23 | + container: |
| 24 | + image: mafyuh/ansible-bws:v1.0.8 |
| 25 | + |
| 26 | + steps: |
| 27 | + - name: Checkout Repository |
| 28 | + uses: actions/checkout@v4 |
| 29 | + |
| 30 | + - name: Get Secrets from Bitwarden |
| 31 | + id: bitwarden-secrets |
| 32 | + uses: https://github.com/bitwarden/sm-action@v2 |
| 33 | + with: |
| 34 | + access_token: ${{ secrets.BW_ACCESS_TOKEN }} |
| 35 | + base_url: https://vault.bitwarden.com |
| 36 | + secrets: | |
| 37 | + 267abc49-f755-4c88-a2a8-b23d00503e31 > arrs_host |
| 38 | + e74d1f67-c909-4a2e-b6fc-b23e001dfa4a > ai_host |
| 39 | + 6f9cef86-eb39-4e05-8c5b-b23e001e6170 > arm_host |
| 40 | + 52512c15-b474-42c3-9835-b23e001edf35 > auth_host |
| 41 | + 903364d9-1b29-4b7f-aa66-b23e001f7327 > jf_host |
| 42 | + e4c5d8be-b91f-41ab-8071-b23e00203340 > kasm_host |
| 43 | + 566329f5-5af3-4bcd-b187-b23e00216134 > netboot_host |
| 44 | + fb62a8d1-6dd5-4fab-aff4-b23e0021e215 > npm_host |
| 45 | + fe0a2fa5-8e2b-4b4f-ac68-b26100315b20 > plex_host |
| 46 | + 90a16954-45df-49ad-9f45-b23e002273c5 > runner_host |
| 47 | + a5b6fa4b-4643-4f85-988b-b23e00245e2f > ubu_host |
| 48 | + 26b06759-9791-42d7-a076-b23e0063c4dd > ssh_private_key |
| 49 | +
|
| 50 | + |
| 51 | + - name: Create hosts.ini file |
| 52 | + run: | |
| 53 | + cat <<EOF > ansible/hosts.ini |
| 54 | + [iac] |
| 55 | + arrs.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arrs_host }} ansible_user=mafyuh |
| 56 | + ai.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ai_host }} ansible_user=mafyuh ansible_port=2424 |
| 57 | + arm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arm_host }} ansible_user=ubuntu ansible_port=2424 |
| 58 | + auth.lan ansible_host=${{ steps.bitwarden-secrets.outputs.auth_host }} ansible_user=mafyuh |
| 59 | + jf.lan ansible_host=${{ steps.bitwarden-secrets.outputs.jf_host }} ansible_user=mafyuh |
| 60 | + kasm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.kasm_host }} ansible_user=mafyuh |
| 61 | + netboot.lan ansible_host=${{ steps.bitwarden-secrets.outputs.netboot_host }} ansible_user=mafyuh |
| 62 | + npm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.npm_host }} ansible_user=mafyuh |
| 63 | + plex.lan ansible_host=${{ steps.bitwarden-secrets.outputs.plex_host }} ansible_user=mafyuh ansible_port=2009 |
| 64 | + runner.lan ansible_host=${{ steps.bitwarden-secrets.outputs.runner_host }} ansible_user=mafyuh |
| 65 | + ubu.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ubu_host }} ansible_user=mafyuh |
| 66 | + EOF |
| 67 | +
|
| 68 | + - name: Ensure SSH directory exists |
| 69 | + run: | |
| 70 | + mkdir -p /root/.ssh |
| 71 | + chmod 700 /root/.ssh |
| 72 | +
|
| 73 | + - name: Create Private key |
| 74 | + run: | |
| 75 | + cat <<EOF > /root/.ssh/id_rsa |
| 76 | + ${{ steps.bitwarden-secrets.outputs.ssh_private_key }} |
| 77 | + EOF |
| 78 | + |
| 79 | + - name: Set permissions for private key |
| 80 | + run: | |
| 81 | + chmod 700 /root/.ssh/id_rsa |
| 82 | +
|
| 83 | + - name: Set up SSH agent |
| 84 | + run: | |
| 85 | + eval $(ssh-agent -s) |
| 86 | + ssh-add /root/.ssh/id_rsa |
| 87 | +
|
| 88 | + - name: Run the selected playbook |
| 89 | + run: | |
| 90 | + ansible-playbook ./ansible/playbooks/${{ github.event.inputs.playbook }} \ |
| 91 | + --extra-vars "bw_access_token=${{ secrets.BW_ACCESS_TOKEN }}" |
0 commit comments