diff --git a/files/certbot/nginx.sh b/files/certbot/nginx.sh index 4c28ff8..4db5ec2 100644 --- a/files/certbot/nginx.sh +++ b/files/certbot/nginx.sh @@ -2,4 +2,4 @@ echo -n "$CERTBOT_VALIDATION" > /root/nginx/html/.well-known/acme-challenge/$CERTBOT_TOKEN mkdir -p /root/nginx/html/.well-known/acme-challenge -/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-infra --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/id_rsa tasks.yml -t nginx &> /dev/null +/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t nginx &> /dev/null diff --git a/install.sh b/install.sh index c6aa135..72f3ea7 100644 --- a/install.sh +++ b/install.sh @@ -42,7 +42,7 @@ fi ssh-keyscan github.com 1> ~/.ssh/known_hosts 2> /dev/null -/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-ansible --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/id_rsa tasks.yml -t installer +/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-ansible --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t installer echo " diff --git a/inventories/mkj/host_vars/mkj b/inventories/mkj/host_vars/mkj index 7b4f9ee..103aa76 100644 --- a/inventories/mkj/host_vars/mkj +++ b/inventories/mkj/host_vars/mkj @@ -1,14 +1,14 @@ $ANSIBLE_VAULT;1.1;AES256 -34366533383537636563363238346530306364323437633062363834363738613462666632653730 -3231376531356466333161643535353433633834633765300a343462663562663065326131663765 -33356238666332326130643662386265666665303566643330326466353334366635626232386465 -3937366161663038340a386134616234653635313339663031366137343362663262616166376262 -36666461326634376262613362393139623230326238363736643133656537303332393234616566 -31646338313832663462656638313833336135663336316634616332636663386230306665623337 -30666131393732356337613530393238633733653162313631323766643563366134326265376163 -37666564656664323035343132336564343861643030396266616538353165376230393636663134 -62313063336538636464396134666134336662633534376435656363633632623964343338663866 -35623832633033363532303831366530363834393363333333623832616461323464393761333664 -34386262343338306164353539363230613562633231386436653134333235336638646334643332 -31663430333230663363316437336332303633633263336437313761396164656564666539393264 -3632 +62346338346236363065323035343431373133353962656134663430333965326162386434656466 +3966336362353738303039373137343037313234633863650a313631303836376333333364653138 +62343337323762643439636633346238353037333966646435343965633363636632653063333232 +6530383966626265380a353138363665653730353233323531353437643134363861346434343832 +61393632383639343462316237373163663762663930376266646338316339356465343932356230 +63623839396133316137636630336464343035363736653335343033316464636332383435643436 +63356334613836353330633431666464666664333738623637613965343432356530636632343537 +65373034376639393933323166613430393638306265636338323834386530393064326561303165 +39313663353037383533306463643432393038396361613838626361363934336432623030313939 +64343030303731326665393134306134653836656363346530613836333534303437336235313839 +61396332303132316534396230373738656163303132633939376564383764333561616134646633 +66643733653833623434343032623732393039363265653963303765326364653430336533313733 +61663936376666316366313537653134613661343532343435643834666330646536 diff --git a/tasks/deployer.yml b/tasks/deployer.yml index f75a2e5..54bb3d1 100644 --- a/tasks/deployer.yml +++ b/tasks/deployer.yml @@ -35,7 +35,7 @@ - "/root/mariadb:/var/lib/mysql" restart_policy: always env: - MYSQL_ROOT_PASSWORD: "{{ secrets.mariadb.root.password }}" + MYSQL_ROOT_PASSWORD: "{{ secrets.mariadb.users.root.password }}" register: deployerTask102 when: - (deployerTask101 is defined and deployerTask101.changed) or deployerTask101 is undefined @@ -55,7 +55,7 @@ - name: "Deployer - MariaDB - Upgrade" containers.podman.podman_container_exec: name: mariadb - command: "mariadb-upgrade --host=127.0.0.1 --user=root --password={{ secrets.mariadb.root.password }}" + command: "mariadb-upgrade --host=127.0.0.1 --user=root --password={{ secrets.mariadb.users.root.password }}" register: task ignore_errors: yes changed_when: @@ -70,10 +70,10 @@ mysql_user: login_host: "127.0.0.1" login_user: root - login_password: "{{ secrets.mariadb.root.password }}" + login_password: "{{ secrets.mariadb.users.root.password }}" name: "mkj" host: "%" - password: "{{ secrets.mariadb.mkj.password }}" + password: "{{ secrets.mariadb.users.mkj.password }}" priv: "mkj.*:ALL" vars: ansible_python_interpreter: "/opt/ansible/bin/python3" @@ -86,7 +86,7 @@ mysql_db: login_host: "127.0.0.1" login_user: "mkj" - login_password: "{{ secrets.mariadb.mkj.password }}" + login_password: "{{ secrets.mariadb.users.mkj.password }}" name: "mkj" vars: ansible_python_interpreter: "/opt/ansible/bin/python3" diff --git a/tasks/installer.yml b/tasks/installer.yml index a8b17ba..f4e0f0f 100644 --- a/tasks/installer.yml +++ b/tasks/installer.yml @@ -171,7 +171,7 @@ name: Maintenance hour: "*/3" minute: "0" - job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-infra --accept-host-key --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/id_rsa tasks.yml -t maintenance" + job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t maintenance" tags: - cron @@ -179,6 +179,6 @@ cron: name: Deployer minute: "*/5" - job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-infra --accept-host-key --vault-password-file ~/.ansible/vault.yml --private-key ~/.ssh/id_rsa tasks.yml -t deployer" + job: "/opt/ansible/bin/ansible-pull -U ssh://git@github.com/MatteZ02/mkj-infra --accept-host-key --private-key ~/.ssh/id_rsa --vault-password-file ~/.ansible/vault.yml tasks.yml -t deployer" tags: - cron