Archives
/
algo
mirror of https://github.com/trailofbits/algo
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dependabot/pip/ansible-9.4.0
dependabot/github_actions/actions/setup-python-5.1.0
fix/14704
dependabot/pip/jinja2-approx-eq-3.1.3
v1.1
v1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bd348af9c2'
${ noResults }
algo/roles/cloud-ec2/tasks/main.yml

70 lines
2.1 KiB
YAML
Raw Blame History

- block:
- set_fact:
access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'), true) }}"
secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'), true) }}"
stack_name: "{{ aws_server_name | replace('.', '-') }}"
- name: Locate official AMI for region
ec2_ami_find:
aws_access_key: "{{ access_key }}"
aws_secret_key: "{{ secret_key }}"
name: "ubuntu/images/hvm-ssd/{{ cloud_providers.ec2.image.name }}-amd64-server-*"
owner: "{{ cloud_providers.ec2.image.owner }}"
sort: creationDate
sort_order: descending
sort_end: 1
region: "{{ region }}"
register: ami_search
- set_fact:
ami_image: "{{ ami_search.results[0].ami_id }}"
- include: encrypt_image.yml
tags: [encrypted]
- include: cloudformation.yml
- name: Add new instance to host group
add_host:
hostname: "{{ stack.stack_outputs.PublicIP }}"
groupname: vpn-host
ansible_ssh_user: ubuntu
ansible_python_interpreter: "/usr/bin/python2.7"
ansible_ssh_private_key_file: "{{ SSH_keys.private }}"
cloud_provider: ec2
ipv6_support: yes
- set_fact:
cloud_instance_ip: "{{ stack.stack_outputs.PublicIP }}"
- name: Get EC2 instances
ec2_remote_facts:
aws_access_key: "{{ access_key }}"
aws_secret_key: "{{ secret_key }}"
region: "{{ region }}"
filters:
instance-state-name: running
"tag:Environment": Algo
register: algo_instances
- name: Ensure the group ec2 exists in the dynamic inventory file
lineinfile:
state: present
dest: configs/inventory.dynamic
line: '[ec2]'
- name: Populate the dynamic inventory
lineinfile:
state: present
dest: configs/inventory.dynamic
insertafter: '\[ec2\]'
regexp: "^{{ item.public_ip_address }}.*"
line: "{{ item.public_ip_address }}"
with_items:
- "{{ algo_instances.instances }}"
rescue:
- debug: var=fail_hint
tags: always
- fail:
tags: always
Reference in New Issue View Git Blame Copy Permalink