yaaaah yeet

TareqK · TareqK · commit 32816ee7f00d · 2025-06-17T19:25:16.000+03:00
diff --git a/.woodpecker/build.yaml b/.woodpecker/build.yaml
@@ -4,12 +4,6 @@ when:
 
 steps:
 
-  - name : Deploy With Ansible
-    image: woodpeckerci/plugin-ansible
-    commands:
-      - apk add make
-      - cd infrastructure && make deploy-app
-
   - name: Build dashboard
     image: woodpeckerci/plugin-docker-buildx:6.0.0
     settings:
@@ -46,6 +40,42 @@ steps:
       password:
         from_secret: docker_password
   
+  - name : Deploy With Ansible
+    image: woodpeckerci/plugin-ansible
+    settings:
+      playbook: infrastructure/deploy/deploy-databuddy.yaml
+      diff: false
+      inventory: infrastructure/inventory.ini
+      syntax_check: true
+      user: root
+      private_key:
+        from_secret: ansible_private_key
+      galaxy: infrastructure/requirements.yaml
+      extra_vars:
+        ipinfo_token:
+          from_secret: ipinfo_token
+        ai_api_key:
+          from_secret: ai_api_key
+        better_auth_url:
+          from_secret: better_auth_url
+        better_auth_secret:
+          from_secret: better_auth_secret
+        github_client_id:
+          from_secret: github_client_id
+        github_client_secret:
+          from_secret: github_client_secret
+        google_client_id:
+          from_secret: google_client_id
+        google_client_secret:
+          from_secret: google_client_secret
+        opr_api_key:
+          from_secret: opr_api_key
+        docker_username:
+          from_secret: docker_username
+        docker_password:
+          from_secret: docker_password
+        version: ${CI_COMMIT_TAG}
+  
   
 
   
diff --git a/infrastructure/add-ssh-keys.yaml b/infrastructure/add-ssh-keys.yaml
@@ -0,0 +1,36 @@
+---
+- hosts: "{{ hosts_group }}"
+  name: Add SSH keys on Nodes
+  remote_user: ubuntu
+  gather_facts: true
+  become: true
+  vars:
+    hosts_group: dev-nodes
+    public_keys: "./dev-access"
+    keys_glob : "{{public_keys}}/*.pub"
+    all_keys_glob: "./public-keys/*.pub"
+    
+    
+  tasks:
+    - name: Read Files
+      set_fact: 
+        read_keys: "{{read_keys | default([]) | union([lookup('file', item)])}}"
+      delegate_to: localhost
+      become: false
+      with_fileglob: "{{keys_glob}}"
+  
+    - name: Read All Files
+      set_fact: 
+        all_keys: "{{all_keys | default([]) | union([lookup('file', item)])}}"
+      delegate_to: localhost
+      become: false
+      with_fileglob: "{{all_keys_glob}}"
+
+    - name: Set up multiple authorized keys
+      ansible.posix.authorized_key:
+        user: ubuntu
+        state: present
+        key: "{{ item }}"
+      with_items: "{{read_keys}}"
+
+      
diff --git a/infrastructure/ansible-key.pub b/infrastructure/ansible-key.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBke7DXMRx2oFNT8DSKOSnKijJ27B19OCJnk3+K0LiYgzEqqSfD52nn3QlL3f1VPF5MWXWYvZEfXvZCkh0zxkTged1W74Ws68S8wZMA7WJNWoEcZ09Qw5QDkR1dIAUic8Lv+d3R2RL6SRlfd92EvGnLMdMrs5aMnu+R8JmgtG92EEHCXrZoxPtqvnNSLal7MYze7MabjsT9FzjSSKFra3c/LzDcvTPeddERegIXQGAyoVR84IOJh6MxeVGg/i9HyLBz35AkScnsbCF7bwX6bYL7/tzt9VZVbMLiP/Uv07Xncn8jxZI0BLloUYjgLcRLQOzbCnuGeVLAurecPnOKmp/a0AhQnqdS4AsmMturQ096Jr2bHZpiRVKW1st3YWM4Frs8CQrksuiRmge1ip+R4uaX65mBD5tV4UsV0s6yXa/9vT9uznT5pstjp3yQMl3bLD/CnN8x6CysK75TQ4zcASTyXUFfrbzVLQlpBn6RhY/CEb0WloHfLdrAisZ/wm4+c2caE6/6qfgITUH+KxVnibDmBbkDnNySBzPhYEdcMziplwCYoIv9k2jP1FWwgpn0KA1zd++LrdGdgvXCX7izuF42WmLqQ0zZ76FlWudmXnDZy/tKyd5lB6Etl4oROlzyGTEF6ZmEHV4lmddGA7YT52Eh5Xo/htURhkcrmVfFTirXw== root@tool001
diff --git a/infrastructure/makefile b/infrastructure/makefile
@@ -36,7 +36,7 @@ deploy-registry: install-dependencies
 	cd registry && ansible-playbook --timeout 60 --ssh-common-args="-i $(SSH_PRIVATE_KEY) -o ServerAliveInterval=15" -i ../inventory.ini deploy-registry.yaml
 
 deploy-app: install-dependencies
-	cd deploy && ansible-playbook --timeout 60 --ssh-common-args="-i $(SSH_PRIVATE_KEY) -o ServerAliveInterval=15" -i ../inventory.ini deploy-databuddy.yaml \
+	ansible-playbook --timeout 60 --ssh-common-args="-i $(SSH_PRIVATE_KEY) -o ServerAliveInterval=15" -i ./inventory.ini deploy/deploy-databuddy.yaml \
 		--extra-vars "ipinfo_token=$$IPINFO_TOKEN" \
 		--extra-vars "ai_api_key=$$AI_API_KEY" \
 		--extra-vars "better_auth_url=$$BETTER_AUTH_URL" \
diff --git a/infrastructure/requirements.yaml b/infrastructure/requirements.yaml
@@ -0,0 +1,10 @@
+---
+collections:
+  - name: ansible.posix
+    source: https://galaxy.ansible.com
+  
+  - name: community.docker
+    source: https://galaxy.ansible.com
+  
+  - name: community.general
+    source: https://galaxy.ansible.com
diff --git a/infrastructure/setup-nodes.yaml b/infrastructure/setup-nodes.yaml
@@ -190,4 +190,10 @@
         test_command: systemctl is-active docker
       when: (resultHard.changed or resultSoft.changed)
       throttle: 1
+    
+    - name: Add Ansible Public Key
+      ansible.posix.authorized_key:
+        user: root
+        state: present
+        key: "{{lookup('file', 'ansible-key.pub') }}" 
    

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBke7DXMRx2oFNT8DSKOSnKijJ27B19OCJnk3+K0LiYgzEqqSfD52nn3QlL3f1VPF5MWXWYvZEfXvZCkh0zxkTged1W74Ws68S8wZMA7WJNWoEcZ09Qw5QDkR1dIAUic8Lv+d3R2RL6SRlfd92EvGnLMdMrs5aMnu+R8JmgtG92EEHCXrZoxPtqvnNSLal7MYze7MabjsT9FzjSSKFra3c/LzDcvTPeddERegIXQGAyoVR84IOJh6MxeVGg/i9HyLBz35AkScnsbCF7bwX6bYL7/tzt9VZVbMLiP/Uv07Xncn8jxZI0BLloUYjgLcRLQOzbCnuGeVLAurecPnOKmp/a0AhQnqdS4AsmMturQ096Jr2bHZpiRVKW1st3YWM4Frs8CQrksuiRmge1ip+R4uaX65mBD5tV4UsV0s6yXa/9vT9uznT5pstjp3yQMl3bLD/CnN8x6CysK75TQ4zcASTyXUFfrbzVLQlpBn6RhY/CEb0WloHfLdrAisZ/wm4+c2caE6/6qfgITUH+KxVnibDmBbkDnNySBzPhYEdcMziplwCYoIv9k2jP1FWwgpn0KA1zd++LrdGdgvXCX7izuF42WmLqQ0zZ76FlWudmXnDZy/tKyd5lB6Etl4oROlzyGTEF6ZmEHV4lmddGA7YT52Eh5Xo/htURhkcrmVfFTirXw== root@tool001