ansible/omni
ansible/omni
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
omni/tasks/omni.yaml

82 lines
2.2 KiB
YAML
Raw Blame History

---
# create directories
- name: "create omni directories"
ansible.builtin.file:
path: "{{ item }}"
state: "directory"
mode: "0755"
loop:
- "/mnt/omni"
- "/mnt/omni/data"
- "/mnt/omni/etcd-vol"
# omni etcd key
- name: "etcd key"
ansible.builtin.copy:
dest: "/mnt/omni/omni.asc"
owner: "root"
group: "root"
mode: "0644"
content: "{{ omni_etcd_priv_key }}"
notify: "restart omni"
# omni domain key
- name: "link - omni domain key"
ansible.builtin.file:
src: "/root/.acme.sh/simoncor.net_ecc/simoncor.net.key"
dest: "/mnt/omni/omni.key"
state: "link"
# omni domain cert
- name: "link - omni domain cert"
ansible.builtin.file:
src: "/root/.acme.sh/simoncor.net_ecc/fullchain.cer"
dest: "/mnt/omni/omni.pem"
state: "link"
# run omni
- name: "run omni"
community.docker.docker_container:
container_default_behavior: "no_defaults"
detach: "yes"
pull: "always"
state: "started"
name: "omni"
image: "ghcr.io/siderolabs/omni:v1.6.2"
restart_policy: "unless-stopped"
network_mode: "host"
capabilities:
- "NET_ADMIN"
devices:
- "/dev/net/tun"
volumes:
- "/mnt/omni/etcd-vol:/_out/etcd"
- "/mnt/omni/data/:/data"
- "/mnt/omni/omni.asc:/omni.asc"
- "/mnt/omni/omni.pem:/tls.crt"
- "/mnt/omni/omni.key:/tls.key"
command: >-
--account-id={{ omni_account_uuid }}
--advertised-api-url="https://api.{{ omni_domain }}"
--advertised-kubernetes-proxy-url="https://kube.{{ omni_domain }}:8100"
--auth-auth0-client-id={{ auth0_client_id }}
--auth-auth0-domain={{ auth0_domain }}
--auth-auth0-enabled=true
--bind-addr=0.0.0.0:443
--cert=/tls.crt
--event-sink-port=8091
--initial-users={{ omni_sso_user }}
--k8s-proxy-bind-addr=0.0.0.0:8100
--key=/tls.key
--machine-api-bind-addr=0.0.0.0:8090
--machine-api-cert=/tls.crt
--machine-api-key=/tls.key
--name=omni
--private-key-source='file:///omni.asc'
--siderolink-api-advertised-url="https://{{ omni_domain }}:8090"
--siderolink-wireguard-advertised-addr="{{ omni_ip }}:50180"
--sqlite-storage-path=/data/omni-sqlite.db
Reference in a new issue View git blame Copy permalink