Gleb Koval
9f51ce02d6
All checks were successful
Infrastructure / Check and run Ansbile playbooks (push) Successful in 3m14s
Reviewed-on: #52
45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
- name: Deploy app
|
|
hosts: secrets
|
|
gather_facts: false
|
|
vars:
|
|
app: infisical
|
|
tasks:
|
|
- name: Wait for connection
|
|
ansible.builtin.wait_for_connection:
|
|
timeout: 300
|
|
- name: Get user
|
|
ansible.builtin.user:
|
|
name: debian
|
|
register: user
|
|
- name: Docker compose down
|
|
ansible.builtin.command: docker compose down
|
|
args:
|
|
chdir: "{{ user.home }}/{{ app }}"
|
|
ignore_errors: true
|
|
|
|
- name: Copy project
|
|
ansible.builtin.copy:
|
|
src: "./{{ app }}"
|
|
dest: "{{ user.home }}"
|
|
mode: "0744"
|
|
- name: Replace Encryption Key secret
|
|
ansible.builtin.replace:
|
|
path: "{{ user.home }}/{{ app }}/.env"
|
|
regexp: "ENCRYPTION_KEY_VALUE"
|
|
replace: "{{ lookup('ansible.builtin.env', 'INFISICAL_ENCRYPTION_KEY') }}"
|
|
- name: Replace Auth secret
|
|
ansible.builtin.replace:
|
|
path: "{{ user.home }}/{{ app }}/.env"
|
|
regexp: "AUTH_SECRET_VALUE"
|
|
replace: "{{ lookup('ansible.builtin.env', 'INFISICAL_AUTH_SECRET') }}"
|
|
- name: Replace SMTP Password secret
|
|
ansible.builtin.replace:
|
|
path: "{{ user.home }}/{{ app }}/.env"
|
|
regexp: "SMTP_PASSWORD_VALUE"
|
|
replace: "{{ lookup('ansible.builtin.env', 'SMTP_PASSWORD') }}"
|
|
|
|
- name: Docker compose up -d
|
|
ansible.builtin.command: docker compose up -d
|
|
args:
|
|
chdir: "{{ user.home }}/{{ app }}"
|