refactor: simplify stack templates, move vars into group_vars/alpina

this vault setup for injective sensitive variables uses the approach described in https://docs.ansible.com/ansible/10/tips_tricks/ansible_tips_tricks.html#keep-vaulted-variables-safely-visible
2024-06-28 22:39:24 -07:00
parent f3c6c61130
commit e1f3a22a23
63 changed files with 231 additions and 254 deletions
--- a/roles/alpina/tasks/deploy_collection.yml
+++ b/roles/alpina/tasks/deploy_collection.yml
@@ -1,18 +1,15 @@
 - name: Ensure {{ collection }} collection directory exists
  file:
-    path: "{{ my_svc_path }}/{{ collection }}"
+    path: "{{ alpina_svc_path }}/{{ collection }}"
    state: directory
    mode: "700"

 - name: Deploy docker compose stacks for {{ collection }}
  vars:
    current_stack_name: "{{ stack }}"
-    current_stack_dest: "{{ my_svc_path }}/{{ collection }}/{{ stack }}"
-    current_stack_source: "{{ role_path }}/collections/{{ collection }}/{{ stack }}"
+    current_stack_dest: "{{ alpina_svc_path }}/{{ collection }}/{{ stack }}"
+    current_stack_source: "{{ role_path }}/templates/{{ collection }}/{{ stack }}"
  include_tasks: deploy_compose_stack.yml
  loop: "{{ stacks }}"
  loop_control:
    loop_var: stack
-
- debug:
-    var: acme_email
--- a/roles/alpina/tasks/deploy_compose_stack.yml
+++ b/roles/alpina/tasks/deploy_compose_stack.yml
@@ -11,21 +11,15 @@
    path: "{{ current_stack_dest }}/{{ item.path }}"
    state: directory
    mode: "700"
-  loop: "{{ lookup('community.general.filetree', current_stack_source + '/templates') }}"
+  loop: "{{ lookup('community.general.filetree', current_stack_source) }}"
  when: item.state == "directory"

-# TODO: This is not ideal as it leaks the variables between stacks
-# But that's also not really a problem, as they won't conflict if everything is done right
- name: Include variables for stack {{ stack }}
-  include_vars:
-    file: "{{ current_stack_source }}/app_config.yml"
-
 - name: Generate {{ current_stack_name }} deployment from templates
  template:
    src: "{{ item.src }}"
    dest: "{{ current_stack_dest }}/{{ item.path | regex_replace('\\.j2$', '') }}"
    mode: "600"
-  loop: "{{ lookup('community.general.filetree', current_stack_source + '/templates') }}"
+  loop: "{{ lookup('community.general.filetree', current_stack_source) }}"
  when: item.state == "file"

 - name: Deploy docker-compose for {{ current_stack_name }}
--- a/roles/alpina/tasks/main.yml
+++ b/roles/alpina/tasks/main.yml
@@ -10,7 +10,7 @@
 - name: Ensure alpina directory exists
  file:
    state: directory
-    path: "{{ my_svc_path }}"
+    path: "{{ alpina_svc_path }}"
    mode: "700"

 - name: Deploy collection services