-
Notifications
You must be signed in to change notification settings - Fork 8
/
playbook.vivumlab.yml
58 lines (54 loc) · 1.59 KB
/
playbook.vivumlab.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
---
# Initial setup so Ansible can actually work.
- name: Install python (required by Ansible).
gather_facts: no
hosts: all
become: yes
become_method: sudo
any_errors_fatal: true
# Hacky fix for Ansible not following it's own configuration settings.
vars:
ansible_python_interpreter: /usr/bin/python3
# pre_tasks:
# - name: "Update Apt Cache"
# raw: sudo apt-get update
# - name: "Install Python"
# raw: sudo apt-get -y install python-simplejson python3 python3-simplejson python3-pip python3-virtualenv python3-passlib python3-openssl
# - name: Configure python and pip
# raw: sudo apt-get -y purge python-simplejson && if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && if [[ ! -e /usr/bin/python ]]; then ln -sf /usr/bin/python3 /usr/bin/python ; fi
# Configure a TOR hidden service for remote access without a public IP
- name: "Setup TOR"
tags: tor
hosts: all
become: yes
become_method: sudo
roles:
- role: tor
when: enable_tor
# Install and Setup Server with VivumLab
- name: "Install and Setup server with VivumLab"
hosts: all
become: yes
become_method: sudo
gather_facts: yes
tags: setup
roles:
- vivumlab_setup
- name: "Deploy Bastion Host with Wireguard"
hosts: all
become: yes
become_method: sudo
tags: bastion
tasks:
- include_role:
name: vivumlab_wireguard
when: bastion.enable == True
# Install and configure VivumLab services
- name: Install and configure VivumLab services
hosts: vivumlab
gather_facts: yes
tags:
- vivumlab
- deploy
roles:
- vivumlab_deploy