-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup.yml
119 lines (94 loc) · 3.99 KB
/
setup.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
---
- name: "Set up a All servers"
hosts: "{{ target_all if target_all is defined else 'all' }}"
become: true
roles:
# Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `make roles` command (see `Makefile`).
- role: galaxy/com.devture.ansible.role.playbook_help
- role: galaxy/com.devture.ansible.role.systemd_docker_base
- role: matrix/matrix_playbook_migration
- when: matrix_playbook_docker_installation_enabled | bool
role: galaxy/geerlingguy.docker
vars:
docker_install_compose: false
tags:
- setup-docker
- setup-all
- when: matrix_playbook_docker_installation_enabled | bool
role: base/docker
tags:
- setup-docker
- setup-all
- when: devture_docker_sdk_for_python_installation_enabled | bool
role: galaxy/com.devture.ansible.role.docker_sdk_for_python
tags:
- setup-docker
- setup-all
- when: devture_timesync_installation_enabled | bool
role: galaxy/com.devture.ansible.role.timesync
tags:
- setup-timesync
- setup-all
- name: "Set up a Keycloak servers common"
hosts: "{{ target_keycloak if target_keycloak is defined else 'keycloak_servers' }}"
become: true
tasks:
- ansible.builtin.include_tasks: "roles/matrix/matrix-base/tasks/setup_matrix_user.yml"
tags:
- setup-all
- install-all
- name: "Set up a Keycloak servers"
hosts: "{{ target_keycloak if target_keycloak is defined else 'keycloak_servers' }}"
become: true
roles:
- keycloak/keycloak_base
- role: galaxy/com.devture.ansible.role.playbook_help
- role: galaxy/com.devture.ansible.role.systemd_docker_base
- matrix/matrix-backup-borg
tags:
- setup-all
- install-all
- name: "Set up a Matrix server"
hosts: "{{ target if target is defined else 'matrix_servers' }}"
become: true
roles:
# Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `make roles` command (see `Makefile`).
- role: galaxy/com.devture.ansible.role.playbook_help
- role: galaxy/com.devture.ansible.role.systemd_docker_base
- role: galaxy/com.devture.ansible.role.postgres
- role: galaxy/com.devture.ansible.role.postgres_backup
- when: devture_systemd_service_manager_enabled | bool
role: galaxy/com.devture.ansible.role.systemd_service_manager
vars:
devture_systemd_service_manager_services_list: |
{{
([{'name': 'matrix-nginx-proxy.service', 'priority': 1000, 'groups': ['matrix', 'nginx', 'reverse-proxies']}] if matrix_nginx_proxy_enabled else [])
}}
- role: keycloak/keycloak_custom
- when: devture_systemd_service_manager_enabled | bool
vars:
devture_systemd_service_manager_services_list: "{{ devture_systemd_service_manager_services_list_auto + devture_systemd_service_manager_services_list_additional }}"
role: galaxy/com.devture.ansible.role.systemd_service_manager
# This is pretty much last, because we want it to better serve as a "last known good configuration".
# See: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2217#issuecomment-1301487601
- when: devture_playbook_state_preserver_enabled | bool
role: galaxy/com.devture.ansible.role.playbook_state_preserver
tags:
- setup-all
- install-all
- role: galaxy/com.devture.ansible.role.playbook_runtime_messages
- name: "Set up a HA Gitlab Sheared Storage servers"
hosts:
- "{{ target_drbd_primary if target_drbd_primary is defined else 'drbd_primary' }}"
- "{{ target_gitlab if target_gitlab is defined else 'drbd_secondary' }}"
become: true
debugger: on_failed
roles:
- gitlab/gitlab_drbd_storage
- name: "Set up a HA Gitlab servers "
hosts:
- "{{ target_gitlab if target_gitlab is defined else 'gitlab_servers' }}"
become: true
debugger: on_failed
roles:
- gitlab/gitlab_main