jeet/kube_build
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Using Vault

Browse Source
This commit is contained in:
madereddy
2023-12-12 10:57:09 -05:00
parent af072a0877
commit 5f08b3ac28
3 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+11 -1
View File
@@ -77,7 +77,7 @@ Next up is the `fresh_install.yml` playbook. This playbook is designed to instal
This will prompt you to input the BECOME password, which is the sudo password for your target machine
## Section 5: Monitoring Docker Containers
## Section 5a: Fresh Install Docker Containers
After setting up your machines, let's focus on Docker with the `docker_status.yml` playbook. This playbook checks the status of your Docker containers, ensuring they are running as expected.
@@ -95,6 +95,16 @@ To clean up the build you can run `clean.yml` against the docker hosts.
`ansible-playbook playbooks/clean.yml --ask-become`
## Section 5b: Restore Docker Containers
If restoring your new machine. You can run playbook `redeploy` to restore from your OCI Backup which uses Restic to backup and restore.
`ansible-playbook playbooks/redeploy.yml`
To clean up the build you can run `clean.yml` against the docker hosts.
`ansible-playbook playbooks/clean.yml --ask-become`
## Section 6: Keeping Docker Containers Up-to-Date
Lastly, we have the `docker_update_containers.yml` playbook. This playbook is crucial for updating your Docker containers with the latest images. It also re-imports the docker_status.yml playbook to check the status of containers after the update.
ansible.cfg
+1 -1
View File
@@ -1,4 +1,4 @@
[defaults]
inventory = ./inventory.yml
host_key_checking = False
vault_password_file = ./.password_file
#vault_password_file = ./.password_file
playbooks/redeploy.yml
+8 -1
View File
@@ -11,7 +11,14 @@
shell: |
unset HISTFILE
export RESTIC_REPOSITORY="s3:idnfqwbge7v2.compat.objectstorage.us-ashburn-1.oraclecloud.com/madereddy-docker-backup"
export AWS_ACCESS_KEY_ID="5195c76754bda8137f89f7141e2915f203eeeae8"
export AWS_ACCESS_KEY_ID=AWS_ACCESS_KEY_ID: !vault |
$ANSIBLE_VAULT;1.1;AES256
34653331666465383435653635316263653439313062643361633234383866386439386561666331
3830653163303134623166653630386431636233633730310a653030653830333339663837383438
62656432373463313765646636323839386266613063653637323439316130613137653465633932
6232643332356132380a316633386365393433313633343064383466386337333337646534376439
30653235383837383761326261633438323865383133313132393965313236326662396236373464
6234333236613664653933343061353032653861393834646662
export AWS_SECRET_ACCESS_KEY="PYWvfbsdu6ZFrtTZBBhnWVXmWCp40/cRI/C3yphVOHI="
export RESTIC_PASSWORD=ei\&SNrq\!7t^Zqkc2#^H6DYvR5^X32HGnUUnd#n
cd ~/OCI_Build/docker