IR_14_ITSERR/run.sh

86 lines
2.1 KiB
Bash
Raw Normal View History

2024-10-29 16:18:05 +01:00
#!/bin/bash
#
# The "directory/directory.yml" is the old way that we used to simplify jobs execution.
# The "directory/site.yml" is the syntax used by roles (from ansible version 1.2)
#
# Otherwise we can directly execute a single play (file)
#
PAR=50
TIMEOUT=15
PLAY=site.yml
HOSTS_DIR=.
ANSIBLE_HOSTS=
export TMPDIR=/var/tmp/${USER}
if [ ! -d ${TMPDIR} ] ; then
mkdir -p ${TMPDIR}
fi
if [ -f ../ansible.cfg ] ; then
export ANSIBLE_CONFIG="../ansible.cfg"
fi
if [ -f ./ansible.cfg ] ; then
export ANSIBLE_CONFIG="./ansible.cfg"
fi
# No cows!
export ANSIBLE_NOCOWS=1
export ANSIBLE_ERROR_ON_UNDEFINED_VARS=True
export ANSIBLE_HOST_KEY_CHECKING=False
export ANSIBLE_LIBRARY="/usr/share/ansible:./modules:../modules:$ANSIBLE_LIBRARY"
# Update the galaxy requirements
if [ -f requirements.yml ] ; then
ansible-galaxy install --ignore-errors -f -r requirements.yml
fi
PLAY_OPTS="-T $TIMEOUT -f $PAR"
if [ -f "$1" ] ; then
PLAY=$1
elif [ ! -f $PLAY ] ; then
echo "No play file available."
exit 1
fi
if [ -f "${PLAY}" ] ; then
MAIN="${PLAY}"
shift
elif [ -f "${PLAY}.yml" ]; then
MAIN="${PLAY}.yml"
shift
fi
if [ -f ${HOSTS_DIR}/hosts ] ; then
ANSIBLE_HOSTS=${HOSTS_DIR}/hosts
fi
if [ -f ${HOSTS_DIR}/inventory/hosts ] ; then
ANSIBLE_HOSTS=${HOSTS_DIR}/inventory/hosts
fi
if [ ! -z "$ANSIBLE_HOSTS" ] ; then
PLAY_OPTS="-i $ANSIBLE_HOSTS"
fi
#echo "Find vault encrypted files if any"
if [ -d ./group_vars ] ; then
VAULT_GROUP_FILES=$( find ./group_vars -name \*vault\* )
fi
if [ -d ./host_vars ] ; then
VAULT_HOST_FILES=$( find ./host_vars -name \*vault\* )
fi
if [ ! -z "$VAULT_GROUP_FILES" -o ! -z "$VAULT_HOST_FILES" ] ; then
# Vault needs a password. You can run playbooks that don't have encrypted files just passing a blank one.
# To encrypt a password for a user: python -c "from passlib.hash import sha512_crypt; print sha512_crypt.encrypt('<password>')"
echo "There are password protected encrypted files, we will ask for password before proceeding"
PLAY_OPTS="$PLAY_OPTS --ask-vault-pass"
fi
# Main
ansible-playbook $PLAY_OPTS $MAIN $@
rm -f /tmp/passwordfile