50 lines
1.8 KiB
YAML
50 lines
1.8 KiB
YAML
|
- name: Deploy app
|
||
|
hosts: music
|
||
|
gather_facts: false
|
||
|
vars:
|
||
|
app: music
|
||
|
tasks:
|
||
|
- name: Wait for connection
|
||
|
ansible.builtin.wait_for_connection:
|
||
|
timeout: 300
|
||
|
- name: Get user
|
||
|
ansible.builtin.user:
|
||
|
name: debian
|
||
|
register: user
|
||
|
- name: Docker compose down
|
||
|
ansible.builtin.command: docker compose down
|
||
|
args:
|
||
|
chdir: "{{ user.home }}/{{ app }}"
|
||
|
ignore_errors: true
|
||
|
- name: Copy project
|
||
|
ansible.builtin.copy:
|
||
|
src: "./{{ app }}"
|
||
|
dest: "{{ user.home }}"
|
||
|
mode: "0744"
|
||
|
|
||
|
- name: Replace LastFM API key secret
|
||
|
ansible.builtin.replace:
|
||
|
path: "{{ user.home }}/{{ app }}/.env"
|
||
|
regexp: "LASTFM_APIKEY_VALUE"
|
||
|
replace: "{{ lookup('infisical.vault.read_secrets', env_slug='prod', path='/music', secret_name='LASTFM_APIKEY')['value'] }}"
|
||
|
- name: Replace LastFM secret
|
||
|
ansible.builtin.replace:
|
||
|
path: "{{ user.home }}/{{ app }}/.env"
|
||
|
regexp: "LASTFM_SECRET_VALUE"
|
||
|
replace: "{{ lookup('infisical.vault.read_secrets', env_slug='prod', path='/music', secret_name='LASTFM_SECRET')['value'] }}"
|
||
|
- name: Replace Mongo Password secret
|
||
|
ansible.builtin.replace:
|
||
|
path: "{{ user.home }}/{{ app }}/.env"
|
||
|
regexp: "SPOTIFY_ID_VALUE"
|
||
|
replace: "{{ lookup('infisical.vault.read_secrets', env_slug='prod', path='/music', secret_name='SPOTIFY_ID')['value'] }}"
|
||
|
- name: Replace SMTP Password secret
|
||
|
ansible.builtin.replace:
|
||
|
path: "{{ user.home }}/{{ app }}/.env"
|
||
|
regexp: "SPOTIFY_SECRET_VALUE"
|
||
|
replace: "{{ lookup('infisical.vault.read_secrets', env_slug='prod', path='/music', secret_name='SPOTIFY_SECRET')['value'] }}"
|
||
|
|
||
|
- name: Docker compose up -d
|
||
|
ansible.builtin.command: docker compose up -d
|
||
|
args:
|
||
|
chdir: "{{ user.home }}/{{ app }}"
|