tjas-infra/tasks/installer.yml

---
- name: "Installer : Tools : Install"
  ansible.builtin.apt:
    name: "{{ package }}"
    state: latest
  vars:
    packages:
      - git
      - rsync
      - unzip
      - nano
      - tar
      - gnupg
      - screen
      - jq
      - sudo
      - pkg-config
      - etckeeper
  loop: "{{ packages }}"
  loop_control:
    label: "{{ package }}"
    loop_var: "package"

- name: "Installer : FirewallD : Dependencies - Packages"
  ansible.builtin.apt:
    name:
      - python3-firewall
      - iptables
    state: latest

- name: "Installer : FirewallD : Install"
  ansible.builtin.apt:
    name: "firewalld"
    state: latest

- name: "Installer : FirewallD : Start"
  ansible.builtin.systemd_service:
    name: firewalld
    state: started
    enabled: true

- name: "Installer - Ansible - Python Library"
  ansible.builtin.pip:
    name: ansible
    state: latest
    extra_args: --upgrade
    virtualenv: ~/.venv/ansible
    virtualenv_command: "python3 -m venv"
  tags:
    - ansible

- name: "Installer : Ansible : Create Folder"
  ansible.builtin.file:
    path: ~/bin
    state: directory
  tags:
    - ansible

- name: "Installer : Ansible : Create Symbolic Links"
  ansible.builtin.file:
    src: ~/.venv/ansible/bin/{{ binary }}
    dest: ~/bin/{{ binary }}
    state: link
  vars:
    binaries:
      - ansible
      - ansible-community
      - ansible-config
      - ansible-console
      - ansible-doc
      - ansible-galaxy
      - ansible-inventory
      - ansible-playbook
      - ansible-pull
      - ansible-test
      - ansible-vault
  loop: "{{ binaries }}"
  loop_control:
    label: "{{ binary }}"
    loop_var: "binary"
  tags:
    - ansible

- name: "Installer - Ansible - Dependencies / Python Libraries"
  ansible.builtin.pip:
    name: "{{ library }}"
    state: latest
    extra_args: --upgrade
    virtualenv: ~/.venv/ansible
    virtualenv_command: "python3 -m venv"
  vars:
    libraries:
      - cryptography
      - dnspython
      - hvac
      - jmespath
      - netaddr
      - pexpect
  loop: "{{ libraries }}"
  loop_control:
    label: "{{ library }}"
    loop_var: "library"

- name: "Installer : MariaDB : Dependencies / Python Library : pymysql"
  ansible.builtin.pip:
    name: pymysql
    state: latest
    extra_args: --upgrade
    virtualenv: ~/.venv/ansible
    virtualenv_command: "python3 -m venv"
  tags:
    - mariadb

- name: "Installer : Schedule : Maintenance"
  ansible.builtin.cron:
    name: "PVJJK 1.VOS TJAS - Infra - Maintenance"
    hour: "*/3"
    minute: "0"
    job: "~/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d ~/.ansible/pull/pvjjk-1vos-tjas/infra --accept-host-key --private-key ~/.ssh/keys/pvjjk-1vos-tjas/infra --vault-password-file ~/.ansible/vault/pvjjk-1vos-tjas.yml tasks.yml -t maintenance"
  tags:
    - cron

- name: "Installer : Schedule : Deployer"
  ansible.builtin.cron:
    name: "PVJJK 1.VOS TJAS - Infra - Deployer"
    minute: "*/5"
    job: "~/.venv/ansible/bin/ansible-pull -U ssh://git@github.com/cwchristerw/tjas-infra -d ~/.ansible/pull/pvjjk-1vos-tjas/infra --accept-host-key --private-key ~/.ssh/keys/pvjjk-1vos-tjas/infra --vault-password-file ~/.ansible/vault/pvjjk-1vos-tjas.yml tasks.yml -t deployer"
  tags:
    - cron