| commit | author | age | ||
| aa20d9 | 1 | --- |
| S | 2 | - name: Step 001 Deploy Infrastructure |
| 15b4ac | 3 | hosts: |
| aa20d9 | 4 | - localhost |
| S | 5 | - "{{ ('tag_' ~ env_type ~ '_' ~ guid ~ '_bastion') | replace('-', '_') }}" |
| 6 | connection: local | |
| 7 | gather_facts: false | |
| 8 | become: false | |
| 9 | vars_files: | |
| 10 | - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_vars.yml" | |
| 11 | - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_secret_vars.yml" | |
| 12 | tags: | |
| 13 | - step001 | |
| 14 | - create_ssh_config | |
| 15 | tasks: | |
| 15b4ac | 16 | - name: Store bastion hostname as a fact |
| GC | 17 | set_fact: |
| 18 | bastion_hostname: | |
| 19 | internal: "{{ ravello_groups | json_query('bastion.hosts') }}" | |
| 20 | external: "{{ ravello_groups | json_query('_meta.hostvars.\"bastion-REPL.rhpds.opentlc.com\".externalFqdn') }}" | |
| 21 | - add_host: | |
| 22 | name: '{{ bastion_hostname.external }}' | |
| 23 | groups: bastion_host | |
| 24 | - name: Create quick_ssh script | |
| 25 | copy: | |
| 26 | content: | | |
| 27 | #!/bin/bash | |
| 28 | ssh -i {{ ANSIBLE_REPO_PATH }}/workdir/{{ guid }}key cloud-user@{{ bastion_hostname.external }} | |
| 29 | dest: '{{ ANSIBLE_REPO_PATH }}/workdir/{{ guid }}-quickssh.sh' | |
| 30 | mode: 0755 | |
| 31 | # when: delete_app_post_deploy | |
| aa20d9 | 32 | |
| 15b4ac | 33 | # - name: set ansible_ssh_common_args |
| GC | 34 | # set_fact: |
| 35 | # ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q cloud-user@{{ bastion_hostname.external }}' | |
| 36 | # # ansible_ssh_common_args: '-F "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" -o ControlMaster=auto -o ControlPersist=30m' | |
| 37 | - name: Create empty local ssh config as defined by deploy_local_ssh_config_location | |
| 38 | file: | |
| 39 | dest: "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" | |
| 40 | state: touch | |
| aa20d9 | 41 | |
| 15b4ac | 42 | - name: Add bastion proxy config to workdir ssh config file |
| GC | 43 | blockinfile: |
| 44 | dest: "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" | |
| 45 | marker: "##### {mark} ADDED BASTION PROXY HOST {{ env_type }}-{{ guid }} ######" | |
| 46 | content: | | |
| 47 | Host {{ bastion_hostname.external }} | |
| 48 | Hostname {{ bastion_hostname.external }} | |
| 49 | IdentityFile {{ ANSIBLE_REPO_PATH }}/workdir/{{ env_authorized_key }} | |
| 50 | IdentitiesOnly yes | |
| 51 | User {{ remote_user }} | |
| 52 | ControlMaster auto | |
| 53 | ControlPath /tmp/%h-%r | |
| 54 | ControlPersist 5m | |
| 55 | StrictHostKeyChecking no | |
| 56 | tags: | |
| 57 | - bastion_proxy_config_main | |
| aa20d9 | 58 | |
| aa469b | 59 | - name: Add other hosts to workdir ssh file |
| DB | 60 | include: "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/add_hosts_ssh_config.yml" |
| 2e9b22 | 61 | |
| DB | 62 | #- name: copy ssh config to /root/.ssh/config |
| 63 | # hosts: localhost | |
| 64 | # tasks: | |
| 65 | # - name: back up current ssh config file | |
| 15b4ac | 66 | # copy: |
| 2e9b22 | 67 | # src: /root/.ssh/config |
| DB | 68 | # dest: /root/.ssh/config.bak |
| 69 | # owner: root | |
| 70 | # group: root | |
| 71 | # mode: 0400 | |
| 72 | # - name: copy workdir ssh file to .ssh/config | |
| 15b4ac | 73 | # copy: |
| 2e9b22 | 74 | # src: "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" |
| DB | 75 | # dest: /root/.ssh/config |
| 76 | # owner: root | |
| 77 | # group: root | |
| 78 | # mode: 0400 | |
