systems/infrastructure
1
Fork 0
Code Issues 1 Pull requests 21 Activity Actions

Move scripts to justfile

Browse source
This commit is contained in:
Jake Howard 2023-06-18 17:13:31 +01:00
parent 983c3adca1
commit decfbf65c9
Signed by: jake
GPG key ID: 57AFB45680EDD477
11 changed files with 58 additions and 68 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.gitea/workflows/ci.yml
View file

@ -8,10 +8,11 @@ jobs:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
- name: Setup Terraform - name: Setup Terraform
uses: hashicorp/setup-terraform@v2 uses: hashicorp/setup-terraform@v2
- uses: extractions/setup-just@v1
- name: Init - name: Init
run: ./scripts/terraform/terraform.sh init -backend=false run: just terraform init -backend=false
- name: Lint - name: Lint
run: ./scripts/terraform/lint.sh run: just terraform-lint
ansible: ansible:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -21,12 +22,13 @@ jobs:
uses: actions/setup-python@v4 uses: actions/setup-python@v4
with: with:
python-version: 3.11 python-version: 3.11
- uses: extractions/setup-just@v1
# HACK: https://docs.ansible.com/ansible/devel/reference_appendices/config.html#cfg-in-world-writable-dir # HACK: https://docs.ansible.com/ansible/devel/reference_appendices/config.html#cfg-in-world-writable-dir
- name: Fix permissions - name: Fix permissions
run: chmod 0755 ansible/ run: chmod 0755 ansible/
- name: Set up - name: Set up
run: ./scripts/ansible/setup.sh run: just ansible-setup
- name: Lint - name: Lint
run: ./scripts/ansible/lint.sh run: just ansible-lint

1
yamllint.yml → .yamllint.yml
View file

@ -6,6 +6,7 @@ ignore: |
ansible/group_vars/all/vps-hosts.yml ansible/group_vars/all/vps-hosts.yml
ansible/roles/traefik/files/traefik.yml ansible/roles/traefik/files/traefik.yml
ansible/roles/nebula/files/nebula.yml ansible/roles/nebula/files/nebula.yml
env
rules: rules:
document-start: disable document-start: disable

9
README.md
View file

@ -5,11 +5,12 @@
- Python 3 - Python 3
- Locally configured SSH config (ideally deployed through [dotfiles](https://github.com/realorangeone/dotfiles)) - Locally configured SSH config (ideally deployed through [dotfiles](https://github.com/realorangeone/dotfiles))
- `ansible` installed on the system - `ansible` installed on the system
- [`just`](https://github.com/casey/just)
## Installation ## Installation
- `./scripts/ansible/setup.sh` - `just setup`
- `cd terraform/ && ./scripts/terraform/terraform.sh init` - `just terraform init`
### Private Settings ### Private Settings
@ -21,5 +22,5 @@ Terraform backend secrets need to be placed in `terraform/secrets.sh`.
## Deploying ## Deploying
- `./scripts/ansible/deploy.sh` - `just ansible-deploy`
- `./scripts/terraform/terraform.sh apply` - `juts terraform apply`

1
ansible/yamllint.yml
View file

@ -1 +0,0 @@
../yamllint.yml

46
justfile Normal file
View file

@ -0,0 +1,46 @@
export PATH := justfile_directory() + "/env/bin:" + env_var("PATH")
# Recipes
@default:
just --list
ansible-setup:
python -m venv env
pip install -r ansible/dev-requirements.txt
cd ansible/ && ansible-galaxy install -r galaxy-requirements.yml --force
# Run terraform with required environment
terraform +ARGS:
#!/usr/bin/env bash
cd terraform/
# Load secrets from env file (if it exists)
set -a
source ./.env || true
set +a
terraform {{ ARGS }}
# Download secrets
update-secrets:
cd terraform/ && bw get attachment .env --itemid c4f8b44e-ae62-442d-a9e0-02d0621c2454
ansible-deploy *ARGS:
cd ansible/ && ansible-playbook main.yml --vault-password-file=vault-pass.sh -K {{ ARGS }}
terraform-lint:
just terraform validate
just terraform fmt -check -recursive
yamllint:
yamllint -s .
ansible-lint: yamllint
#!/usr/bin/env bash
cd ansible/
ansible-lint -p
ansible-playbook main.yml --syntax-check
lint: terraform-lint ansible-lint

7
scripts/ansible/deploy.sh
View file

@ -1,7 +0,0 @@
#!/usr/bin/env bash
set -ex
cd ansible/
time ansible-playbook main.yml --vault-password-file=vault-pass.sh -K $@

13
scripts/ansible/lint.sh
View file

@ -1,13 +0,0 @@
#!/usr/bin/env bash
set -e
PATH=${PWD}/env/bin:${PATH}
yamllint -sc ansible/yamllint.yml ansible
cd ansible/
ansible-lint -p
ansible-playbook main.yml --syntax-check

13
scripts/ansible/setup.sh
View file

@ -1,13 +0,0 @@
#!/usr/bin/env bash
set -e
PATH=${PWD}/env/bin:${PATH}
set -x
python -m venv env
pip install -r ansible/dev-requirements.txt
cd ansible/ && ansible-galaxy install -r galaxy-requirements.yml --force

7
scripts/terraform/lint.sh
View file

@ -1,7 +0,0 @@
#!/usr/bin/env bash
set -ex
./scripts/terraform/terraform.sh validate
./scripts/terraform/terraform.sh fmt -check -recursive

12
scripts/terraform/terraform.sh
View file

@ -1,12 +0,0 @@
#!/usr/bin/env bash
set -e
cd terraform/
# Load secrets from env file (if it exists)
set -a
source ./.env || true
set +a -x
terraform $@

7
scripts/terraform/update-secrets.sh
View file

@ -1,7 +0,0 @@
#!/usr/bin/env bash
set -ex
cd terraform/
bw get attachment .env --itemid c4f8b44e-ae62-442d-a9e0-02d0621c2454