From f6481f9b6eaf972268b1456d52414f7ba217b809 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 30 Aug 2025 21:31:49 -0400 Subject: [PATCH] Minor tweaks... too lazy to be detailed. --- .../gitea_tar-valon_ansible_deploy.yml | 52 ++++++++++--------- collections/requirements.yml | 2 +- tar-valon_config_deploy.yml | 8 ++- 3 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index c3b7ec6..89f913b 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -6,9 +6,13 @@ on: branches-ignore: - 'main' paths: - - '**.j2' - - '**/pr-ansible-config-deployment.yaml' - - 'ansible/**.yml' + - 'app-configs/**' + - 'inventory/hosts.yml' + - 'host_vars/**.yml' + +env: + VAULT_ADDR: ${{ secrets.VAULT_ADDR }} + VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} jobs: check-and-create-pr: @@ -31,8 +35,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: PR Check' notification_message: 'Checking for existing PR... 🔍' @@ -40,7 +44,7 @@ jobs: id: check-opened-pr-step continue-on-error: true run: | - tea login add --name gitea-rinoa --url "${{ secrets.RINOA_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + tea login add --name gitea-rinoa --url "${{ secrets.TV_GITEA_URL }}" --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} pr_exists=$(tea pr list --repo ${{ github.repository }} --state open --fields index,title,head | egrep '\[ANSIBLE\].*${{ github.ref_name }}' | tail -1 | wc -l) echo "exists=$pr_exists" >> $GITHUB_OUTPUT @@ -55,8 +59,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: PR Check' notification_message: 'PR Created 🎟️' @@ -68,7 +72,7 @@ jobs: matrix: host: [rinoa, rikku, benedikta] env: - VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} steps: - name: Checkout @@ -98,8 +102,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: Ansible Dry Run' notification_message: 'Starting dry run for ${{ matrix.host }}...' @@ -108,8 +112,7 @@ jobs: with: directory: ansible/ playbook: homelab_config_deploy.yml - key: ${{ secrets.RINOA_ANSIBLE_PRIVATE_KEY }} - vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }} + key: ${{ secrets.ANSIBLE_PRIVATE_KEY }} requirements: collections/requirements.yml options: | --inventory inventory/hosts.yml @@ -119,8 +122,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: Ansible Dry Run' notification_message: 'Dry run for ${{ matrix.host }} completed.' @@ -142,7 +145,7 @@ jobs: - name: PR Merge id: pr_merge run: | - tea login add --name gitea-rinoa --url ${{ secrets.RINOA_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} + tea login add --name gitea-rinoa --url ${{ secrets.TV_GITEA_URL }} --user gitea-sonarqube-bot --password "${{ secrets.BOT_GITEA_PASSWORD }}" --token ${{ secrets.BOT_GITEA_TOKEN }} tea login default gitea-rinoa pr_index=$(tea pr ls --repo ${{ github.repository }} --state open --fields index,title,head,state --output csv | egrep ${{ github.ref_name }} | awk -F"," '{print $1}' | sed -e 's|"||g') tea pr m --repo ${{ github.repository }} --title "Auto Merge of PR ${pr_index} - ${{ github.ref_name }}" --message "Merged by ${{ github.actor }}" ${pr_index} @@ -151,8 +154,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: PR Merge Successful' notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.' @@ -164,7 +167,7 @@ jobs: matrix: host: [rinoa, rikku, benedikta] env: - VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }} + VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} steps: - name: Checkout @@ -188,8 +191,8 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: Ansible Config Deployment' notification_message: 'Deploying configs to ${{ matrix.host }}...' @@ -198,8 +201,7 @@ jobs: with: directory: ansible/ playbook: homelab_config_deploy.yml - key: ${{ secrets.RINOA_ANSIBLE_PRIVATE_KEY }} - vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }} + key: ${{ secrets.ANSIBLE_PRIVATE_KEY }} requirements: collections/requirements.yml options: | --inventory inventory/hosts.yml @@ -208,7 +210,7 @@ jobs: - name: Gotify Notification uses: eikendev/gotify-action@master with: - gotify_api_base: '${{ secrets.RINOA_GOTIFY_URL }}' - gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}' + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' notification_title: 'GITEA: Deployment Completed' notification_message: 'Deployment to ${{ matrix.host }} completed successfully.' diff --git a/collections/requirements.yml b/collections/requirements.yml index 1c6e76a..65acec4 100644 --- a/collections/requirements.yml +++ b/collections/requirements.yml @@ -3,4 +3,4 @@ collections: - name: community.hashi_vault version: 6.2.0 - name: community.general - version: "6.*" # or whatever stable version you prefer + version: "6.*" diff --git a/tar-valon_config_deploy.yml b/tar-valon_config_deploy.yml index 794553e..e0da1e8 100644 --- a/tar-valon_config_deploy.yml +++ b/tar-valon_config_deploy.yml @@ -1,5 +1,5 @@ --- -- name: Deploy Docker Service Configurations (Mirrored & Vault-ready) +- name: Deploy Docker Service Configurations (Optimized & Vault-ready) hosts: - rinoa - rikku @@ -11,10 +11,6 @@ # appdata_base_path, secrets_path, vault_token_cleaned from host_vars/.yml tasks: - - name: Set vault token from environment - ansible.builtin.set_fact: - vault_token_cleaned: "{{ lookup('env', vault_token_env_var) }}" - - name: Find all files for this host ansible.builtin.find: paths: "{{ template_base_path }}/{{ inventory_hostname }}" @@ -28,6 +24,7 @@ src: "{{ item.path }}" dest: "{{ appdata_base_path }}/{{ item.path | community.general.relpath(template_base_path + '/' + inventory_hostname) | regex_replace('\\.j2$', '') }}" mode: '0644' + create_dirs: yes loop: "{{ host_files.files }}" loop_control: label: "{{ item.path }}" @@ -39,6 +36,7 @@ dest: "{{ appdata_base_path }}/{{ item.path | community.general.relpath(template_base_path + '/' + inventory_hostname) }}" mode: '0644' remote_src: no + create_dirs: yes loop: "{{ host_files.files }}" loop_control: label: "{{ item.path }}"