diff --git a/config.yml b/config.yml index 1beb7a2..c8c772c 100644 --- a/config.yml +++ b/config.yml @@ -1,11 +1,11 @@ hostname: fr.tild3.org -roles: [ webserver, rust, ssg ] +roles: [ webserver ] peers: - name: tilde.netlib.re client_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEHsVZvvVX3VPj2sWxrb8LJrn3650aoLAZgbY7+CB+NU" server_key: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHUAIuwEhFXTDfOEG+hQ2d/xeUwsgPJQF7oeNYr1ZXnG" packages: - debian: [ subversion, mercurial, htop, tmux, vim, emacs, mutt, weechat, elinks, rsync, dnsutils, make, g++, libssl-dev, mosh, gopher ] + debian: [ subversion, mercurial, htop, tmux, vim, emacs, mutt, weechat, elinks, rsync, dnsutils, make, g++, libssl-dev, mosh, gopher, sl ] rust: [ lsd ] ssg: [ zola, ttbp ] users: diff --git a/recette.yml b/recette.yml index 7edf80f..a13a39a 100644 --- a/recette.yml +++ b/recette.yml @@ -1,4 +1,7 @@ +# Les rôles dont le nom est préfixé d'un . ne sont pas faits pour être activés dans la config + - name: Installer le serveur hosts: all roles: - - common + - .common + diff --git a/roles/common/files/letsencrypt_cli.ini b/roles/.common/files/letsencrypt_cli.ini similarity index 100% rename from roles/common/files/letsencrypt_cli.ini rename to roles/.common/files/letsencrypt_cli.ini diff --git a/roles/common/files/onion.conf.j2 b/roles/.common/files/onion.conf.j2 similarity index 100% rename from roles/common/files/onion.conf.j2 rename to roles/.common/files/onion.conf.j2 diff --git a/roles/common/files/ssh_config b/roles/.common/files/ssh_config similarity index 100% rename from roles/common/files/ssh_config rename to roles/.common/files/ssh_config diff --git a/roles/common/handlers/main.yml b/roles/.common/handlers/main.yml similarity index 100% rename from roles/common/handlers/main.yml rename to roles/.common/handlers/main.yml diff --git a/roles/common/tasks/main.yml b/roles/.common/tasks/main.yml similarity index 80% rename from roles/common/tasks/main.yml rename to roles/.common/tasks/main.yml index d8390a9..3e3b49b 100644 --- a/roles/common/tasks/main.yml +++ b/roles/.common/tasks/main.yml @@ -11,12 +11,6 @@ name: [ certbot, tor, sudo ] update_cache: yes -- name: Installer les paquets définis dans la config - apt: - state: present - name: "{{ packages.debian }}" - when: packages is defined and packages.debian is defined - - name: setup certbot with contact email copy: src: ../files/letsencrypt_cli.ini @@ -25,13 +19,17 @@ - include: tor.yml - name: Générer les comptes utilisateurices - include: users/main.yml + include_tasks: users/main.yml when: users is defined - name: Activer le peering include: peering/main.yml when: peers is defined +- name: Installer des paquets supplémentaires + include_tasks: packages.yml + when: packages is defined + - name: Exécuter les rôles définis dans la config include_role: name: "{{ current_role }}" diff --git a/roles/.common/tasks/packages.yml b/roles/.common/tasks/packages.yml new file mode 100644 index 0000000..a7c49fe --- /dev/null +++ b/roles/.common/tasks/packages.yml @@ -0,0 +1,10 @@ +# Quand packages est vide, on arrive pas ici + +# Les gestionnaires de paquets sont des rôles qui commencent par . +- name: Exécuter les gestionnaires de paquets + include_role: + # Chaque gestionnaire de paquets peut estimer que sa liste n'est pas vide + name: ".{{ current_role.key }}" + loop: "{{ packages | dict2items }}" + loop_control: + loop_var: current_role diff --git a/roles/common/tasks/peering/main.yml b/roles/.common/tasks/peering/main.yml similarity index 100% rename from roles/common/tasks/peering/main.yml rename to roles/.common/tasks/peering/main.yml diff --git a/roles/common/tasks/peering/setup_local.yml b/roles/.common/tasks/peering/setup_local.yml similarity index 100% rename from roles/common/tasks/peering/setup_local.yml rename to roles/.common/tasks/peering/setup_local.yml diff --git a/roles/common/tasks/peering/setup_peer.yml b/roles/.common/tasks/peering/setup_peer.yml similarity index 100% rename from roles/common/tasks/peering/setup_peer.yml rename to roles/.common/tasks/peering/setup_peer.yml diff --git a/roles/common/tasks/tor.yml b/roles/.common/tasks/tor.yml similarity index 100% rename from roles/common/tasks/tor.yml rename to roles/.common/tasks/tor.yml diff --git a/roles/common/tasks/users/main.yml b/roles/.common/tasks/users/main.yml similarity index 100% rename from roles/common/tasks/users/main.yml rename to roles/.common/tasks/users/main.yml diff --git a/roles/common/tasks/users/setup_user.yml b/roles/.common/tasks/users/setup_user.yml similarity index 100% rename from roles/common/tasks/users/setup_user.yml rename to roles/.common/tasks/users/setup_user.yml diff --git a/roles/.debian/tasks/main.yml b/roles/.debian/tasks/main.yml new file mode 100644 index 0000000..67d9e8c --- /dev/null +++ b/roles/.debian/tasks/main.yml @@ -0,0 +1,4 @@ +- name: Installer les paquets Debian définis dans la config + apt: + state: present + name: "{{ packages.debian }}" diff --git a/roles/rust/tasks/main.yml b/roles/.rust/tasks/main.yml similarity index 94% rename from roles/rust/tasks/main.yml rename to roles/.rust/tasks/main.yml index 3e2ce51..912e85f 100644 --- a/roles/rust/tasks/main.yml +++ b/roles/.rust/tasks/main.yml @@ -50,5 +50,3 @@ cmd: "cargo install {{ item }}" creates: "/usr/local/bin/{{ item }}" loop: "{{ packages.rust }}" - when: packages is defined and packages.rust is defined - diff --git a/roles/ssg/files/zola/zola b/roles/.ssg/files/zola/zola similarity index 100% rename from roles/ssg/files/zola/zola rename to roles/.ssg/files/zola/zola diff --git a/roles/ssg/tasks/main.yml b/roles/.ssg/tasks/main.yml similarity index 59% rename from roles/ssg/tasks/main.yml rename to roles/.ssg/tasks/main.yml index c8568c8..3cae4f8 100644 --- a/roles/ssg/tasks/main.yml +++ b/roles/.ssg/tasks/main.yml @@ -1,9 +1,12 @@ +# Pour l'instant, il n'est pas possible d'avoir un paquet qui ne porte pas le nom de son binaire +# parce qu'on vérifie que le binaire est installé +# A terme, ça sera à chaque paquet de vérifier lui-même s'il est installé + - name: Vérifier quels SSG sont installés stat: path: "/usr/local/bin/{{ item }}" loop: "{{ packages.ssg }}" register: ssg_exists - when: packages is defined and packages.ssg is defined - name: "Installer les générateurs de sites statiques activés dans la config" include: "{{ item.item }}/main.yml" diff --git a/roles/ssg/tasks/ttbp/main.yml b/roles/.ssg/tasks/ttbp/main.yml similarity index 100% rename from roles/ssg/tasks/ttbp/main.yml rename to roles/.ssg/tasks/ttbp/main.yml diff --git a/roles/ssg/tasks/zola/main.yml b/roles/.ssg/tasks/zola/main.yml similarity index 100% rename from roles/ssg/tasks/zola/main.yml rename to roles/.ssg/tasks/zola/main.yml