install traefik with DO dns #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: install traefik with DO dns | |
on: | |
workflow_dispatch: | |
inputs: | |
TARGET_HOST: | |
type: string | |
required: true | |
SSH_PORT: | |
type: string | |
required: false | |
default: 22 | |
SSH_USER: | |
type: string | |
required: false | |
default: "root" | |
ANSIBLE_BECOME_PASS: | |
type: string | |
required: false | |
default: "no-password" | |
SSH_USER_HOME_DIR: | |
type: string | |
required: false | |
default: "/root" | |
EMAIL: | |
type: string | |
required: true | |
env: | |
ansible-play: traefik-install-with-do-dns | |
ansible-main-file: main.with-do-dns.yml | |
jobs: | |
ansible: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Add SSH Keys | |
run: | | |
cat << EOF > devops-key | |
${{ secrets.SSH_PRIVATE_KEY }} | |
EOF | |
- name: Update devops private key permissions | |
run: | | |
chmod 400 devops-key | |
- name: Install Ansible | |
run: | | |
pip install ansible | |
- name: Adding or Override Ansible inventory File | |
run: | | |
cat << EOF > ./inventory.ini | |
[webservers] | |
${{ inputs.TARGET_HOST }} | |
EOF | |
- name: Adding or Override Ansible Config File | |
run: | | |
cat << EOF > ./ansible.cfg | |
[defaults] | |
ansible_python_interpreter='/usr/bin/python3' | |
deprecation_warnings=False | |
inventory=./inventory.ini | |
remote_user="${{ inputs.SSH_USER }}" | |
remote_tmp="${{ inputs.SSH_USER_HOME_DIR }}/.ansible/tmp" | |
host_key_checking=False | |
private_key_file = ./devops-key | |
retries=2 | |
remote_port = ${{ inputs.SSH_PORT }} | |
EOF | |
- name: Adding Ansible Variables | |
run: | | |
mkdir -p ${{ env.ansible-play }}/vars/ | |
cat << EOF > ${{ env.ansible-play }}/vars/main.yaml | |
--- | |
DO_AUTH_TOKEN: "${{ secrets.DO_AUTH_TOKEN }}" | |
EMAIL: "${{ inputs.EMAIL }}" | |
EOF | |
- name: Run main playbook | |
run: | | |
if [ "${{ inputs.ANSIBLE_BECOME_PASS }}" != "no-password" ]; then | |
ANSIBLE_CONFIG=ansible.cfg ansible-playbook --ask-become-pass ${{ env.ansible-main-file }} | |
else | |
ANSIBLE_CONFIG=ansible.cfg ansible-playbook ${{ env.ansible-main-file }} | |
fi |