forked from extern/innernet-playbook
avoid triggering error | improve declarativeness
This commit is contained in:
linus
parent
8b238e121c
commit
325949f0c0
@ -26,7 +26,9 @@
|
||||
dest: "/tmp/{{ item.name }}.toml"
|
||||
when:
|
||||
- item.cidr == "machines"
|
||||
- item.name in "{{ ansible_host }}"
|
||||
# NOTE innernet does not accept '.' in a name
|
||||
- item.name in ansible_host|replace('.', '-')
|
||||
- item.name in added_peers.stdout
|
||||
with_items: "{{ peers }}"
|
||||
|
||||
- name: Install non-admin invitation on servers
|
||||
@ -36,7 +38,9 @@
|
||||
--delete-invite
|
||||
when:
|
||||
- item.cidr == "machines"
|
||||
- item.name in "{{ ansible_host }}"
|
||||
# NOTE innernet does not accept '.' in a name
|
||||
- item.name in ansible_host|replace('.', '-')
|
||||
- item.name in added_peers.stdout
|
||||
with_items: "{{ peers }}"
|
||||
ignore_errors: true
|
||||
|
||||
|
||||
@ -20,6 +20,46 @@
|
||||
deb: "/tmp/innernet-server.deb"
|
||||
install_recommends: true
|
||||
|
||||
- name: Copy relevant network var to host
|
||||
copy:
|
||||
content: "{{ network_name }}"
|
||||
dest: /root/network.txt
|
||||
register: network_file
|
||||
|
||||
- name: Move old cidrs file
|
||||
shell: mv cidrs.txt cidrs.txt.old
|
||||
|
||||
- name: Copy relevant cidrs var to host
|
||||
template:
|
||||
src: cidrs.j2
|
||||
dest: /root/cidrs.txt
|
||||
register: cidrs_file
|
||||
|
||||
- name: Get changed cidrs
|
||||
shell: awk 'FNR==NR{old[$0];next};!($0 in old)' cidrs.txt.old cidrs.txt
|
||||
register: added_cidrs
|
||||
|
||||
- name: Move old peers file
|
||||
shell: mv peers.txt peers.txt.old
|
||||
|
||||
- name: Copy relevant peers var to host
|
||||
template:
|
||||
src: peers.j2
|
||||
dest: /root/peers.txt
|
||||
register: peers_file
|
||||
|
||||
- name: Get changed peers
|
||||
shell: awk 'FNR==NR{old[$0];next};!($0 in old)' peers.txt.old peers.txt
|
||||
register: added_peers
|
||||
|
||||
- name: "These CIDRs have been added"
|
||||
debug:
|
||||
msg: "{{ added_cidrs.stdout|from_yaml }}"
|
||||
|
||||
- name: "These peers have been added"
|
||||
debug:
|
||||
msg: "{{ added_peers.stdout|from_yaml }}"
|
||||
|
||||
- name: Create base network
|
||||
shell: |
|
||||
innernet-server new \
|
||||
@ -27,8 +67,7 @@
|
||||
--network-cidr "{{ network_cidr }}" \
|
||||
--external-endpoint "[{{ hostvars[inventory_hostname]['ansible_default_ipv6']['address'] }}]:{{ network_listen_port }}" \
|
||||
--listen-port {{ network_listen_port }}
|
||||
# FIXME innernet gives an error if network exists already
|
||||
ignore_errors: true
|
||||
when: network_file.changed
|
||||
|
||||
- name: Create CIDRs
|
||||
shell: |
|
||||
@ -38,50 +77,46 @@
|
||||
--cidr "{{ item.cidr }}" \
|
||||
--yes
|
||||
with_items: "{{ cidrs }}"
|
||||
# FIXME innernet gives an error if CIDR exists already
|
||||
ignore_errors: true
|
||||
|
||||
- name: Create admin peers
|
||||
shell: |
|
||||
innernet-server add-peer "{{ network_name }}" \
|
||||
--name "{{ item.name }}" \
|
||||
--cidr "{{ item.cidr }}" \
|
||||
--admin true \
|
||||
--save-config "{{ item.name }}.toml" \
|
||||
--invite-expires "14d" \
|
||||
--auto-ip \
|
||||
--yes
|
||||
with_items: "{{ admin_peers }}"
|
||||
# FIXME innernet gives an error if admin peer exists already
|
||||
ignore_errors: true
|
||||
when:
|
||||
- cidrs_file.changed
|
||||
- item.name in added_cidrs.stdout
|
||||
|
||||
- name: Create peers
|
||||
shell: |
|
||||
innernet-server add-peer "{{ network_name }}" \
|
||||
--name "{{ item.name }}" \
|
||||
--cidr "{{ item.cidr }}" \
|
||||
--admin false \
|
||||
--admin "{{ item.admin }}" \
|
||||
--save-config "{{ item.name }}.toml" \
|
||||
--invite-expires "14d" \
|
||||
--auto-ip \
|
||||
--yes
|
||||
with_items: "{{ peers }}"
|
||||
# FIXME innernet gives an error if peer exists already
|
||||
ignore_errors: true
|
||||
when:
|
||||
- peers_file.changed
|
||||
- item.name in added_peers.stdout
|
||||
|
||||
- name: Delete empty files
|
||||
shell: find . -maxdepth 1 -type f -empty -print -delete
|
||||
ignore_errors: true
|
||||
|
||||
- name: Copy invitation files of admin peers to controller
|
||||
# NOTE other machines should never be admins. Only humans.
|
||||
synchronize:
|
||||
src: "/root/{{ item.name }}.toml"
|
||||
dest: "{{ playbook_dir }}/roles/client/files/{{ item.name }}_admin.toml"
|
||||
mode: pull
|
||||
with_items: "{{ admin_peers }}"
|
||||
- name: Check for actual peer invitation files
|
||||
shell: ls | grep .toml
|
||||
register: toml_files
|
||||
ignore_errors: true
|
||||
|
||||
- name: Custom error message
|
||||
fail:
|
||||
msg: "Could not find any new invitation files. Have you added a new peer?"
|
||||
when: toml_files.rc == 1
|
||||
|
||||
- name: Copy invitation files of peers to controller
|
||||
synchronize:
|
||||
src: "/root/{{ item.name }}.toml"
|
||||
dest: "{{ playbook_dir }}/roles/client/files/{{ item.name }}.toml"
|
||||
mode: pull
|
||||
when: toml_files.stdout.find(item.name) != -1
|
||||
with_items: "{{ peers }}"
|
||||
|
||||
- name: Make sure invitation files are absent on innernet-server
|
||||
|
||||
Loading…
Reference in New Issue
Block a user