diff --git a/.forgejo/workflows/CD.yml b/.forgejo/workflows/CD.yml
index 0e64fd62..e0ebc15e 100644
--- a/.forgejo/workflows/CD.yml
+++ b/.forgejo/workflows/CD.yml
@@ -104,6 +104,7 @@ jobs:
base_url: https://vault.bitwarden.com
secrets: |
267abc49-f755-4c88-a2a8-b23d00503e31 > arrs_host
+ d9924181-b061-44e0-b7b9-b264004791eb > ag_main_host
e74d1f67-c909-4a2e-b6fc-b23e001dfa4a > ai_host
6f9cef86-eb39-4e05-8c5b-b23e001e6170 > arm_host
52512c15-b474-42c3-9835-b23e001edf35 > auth_host
@@ -121,6 +122,7 @@ jobs:
run: |
cat <<EOF > ansible/hosts.ini
[iac]
+ dns.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ag_main_host }} ansible_user=mafyuh
arrs.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arrs_host }} ansible_user=mafyuh
ai.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ai_host }} ansible_user=mafyuh ansible_port=2424
arm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arm_host }} ansible_user=ubuntu ansible_port=2424
diff --git a/.forgejo/workflows/ansible-playbooks.yml b/.forgejo/workflows/ansible-playbooks.yml
index f2840742..bb8b5888 100644
--- a/.forgejo/workflows/ansible-playbooks.yml
+++ b/.forgejo/workflows/ansible-playbooks.yml
@@ -38,6 +38,7 @@ jobs:
base_url: https://vault.bitwarden.com
secrets: |
267abc49-f755-4c88-a2a8-b23d00503e31 > arrs_host
+ d9924181-b061-44e0-b7b9-b264004791eb > ag_main_host
e74d1f67-c909-4a2e-b6fc-b23e001dfa4a > ai_host
6f9cef86-eb39-4e05-8c5b-b23e001e6170 > arm_host
52512c15-b474-42c3-9835-b23e001edf35 > auth_host
@@ -59,6 +60,7 @@ jobs:
ai.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ai_host }} ansible_user=mafyuh ansible_port=2424
arm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.arm_host }} ansible_user=ubuntu ansible_port=2424
auth.lan ansible_host=${{ steps.bitwarden-secrets.outputs.auth_host }} ansible_user=mafyuh
+ dns.lan ansible_host=${{ steps.bitwarden-secrets.outputs.ag_main_host }} ansible_user=mafyuh
jf.lan ansible_host=${{ steps.bitwarden-secrets.outputs.jf_host }} ansible_user=mafyuh
kasm.lan ansible_host=${{ steps.bitwarden-secrets.outputs.kasm_host }} ansible_user=mafyuh
netboot.lan ansible_host=${{ steps.bitwarden-secrets.outputs.netboot_host }} ansible_user=mafyuh
diff --git a/README.md b/README.md
index 515aa5d6..cf53a179 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,6 @@
[](https://git.mafyuh.dev/mafyuh/iac/actions)
-[](https://git.mafyuh.dev/mafyuh/iac/actions)
+[](https://git.mafyuh.dev/mafyuh/iac/actions)
+[](https://git.mafyuh.dev/mafyuh/iac/actions)
[](https://git.mafyuh.dev/mafyuh/iac/actions)
[](https://git.mafyuh.dev/renovatebot/renovate/actions)
[](https://git.mafyuh.dev/mafyuh/iac/pulls)
diff --git a/ansible/playbooks/deploy-docker.yml b/ansible/playbooks/deploy-docker.yml
index 970d6353..19d667ed 100644
--- a/ansible/playbooks/deploy-docker.yml
+++ b/ansible/playbooks/deploy-docker.yml
@@ -2,8 +2,18 @@
hosts: "{{ target_host }}"
vars:
repo_path: "/home/{{ ansible_user }}/iac/docker/{{ folder }}"
- secrets_mapping_file: "/home/{{ ansible_user }}/iac/secret-mappings.yml"
+ secrets_mapping_file: "/home/{{ ansible_user }}/iac/docker/secret-mappings.yml"
tasks:
+ - name: Ensure the repository is up-to-date
+ ansible.builtin.shell: git pull
+ args:
+ chdir: "{{ repo_path }}"
+ register: git_pull_output
+
+ - name: Display git pull output
+ ansible.builtin.debug:
+ var: git_pull_output.stdout_lines
+
- name: Read secret mapping
ansible.builtin.slurp:
src: "{{ secrets_mapping_file }}"
@@ -25,16 +35,6 @@
{{ key }}={{ lookup('bitwarden.secrets.lookup', secret_id, access_token=bw_access_token) }}
{% endfor %}
- - name: Ensure the repository is up-to-date
- ansible.builtin.shell: git pull
- args:
- chdir: "{{ repo_path }}"
- register: git_pull_output
-
- - name: Display git pull output
- ansible.builtin.debug:
- var: git_pull_output.stdout_lines
-
- name: Restart services using Docker Compose
community.docker.docker_compose_v2:
project_src: "{{ repo_path }}"
diff --git a/secret-mappings.yml b/docker/secret-mappings.yml
similarity index 100%
rename from secret-mappings.yml
rename to docker/secret-mappings.yml