working

2025-12-15 13:32:20 +11:00 · 2023-09-13 16:27:20 +10:00 · 2023-09-13 16:27:20 +10:00 · d74268005a
commit d74268005a
parent 5674eac0e6
5 changed files with 19 additions and 14 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@ -0,0 +1,2 @@
+skip_list:
+  - '403'
--- a/8
+++ b/8
@ -1,8 +1,8 @@
 hostnode:
    hosts:
-        10.10.0.209:
-            vars: ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' 
+        t2.dubois.localhost:
+            vars: ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' ANSIBLE_HOST_KEY_CHECKING=False
 clients:
    hosts:
-        10.10.0.209:
-            vars: ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' 
+        t2.dubois.localhost:
+            vars: ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' ANSIBLE_HOST_KEY_CHECKING=False
--- a/main.ansible.yml
+++ b/main.ansible.yml
@ -14,24 +14,26 @@
      register: teleport_bin
    
    - debug:
-        msg: "{{ teleport_bin }}"
+        msg: "{{ teleport_bin.stat }}"

    - name: install teleport
      ansible.builtin.shell:
        cmd: 'curl https://goteleport.com/static/install.sh | bash -s 13.3.8'

-
-    - name:
-
    - name: Ensure teleport has selected state and enabled on boot.
      service:
        name: 'teleport'
        state: 'started'
        enabled: yes

+    - name: sleep for 15 secs to wait for teleport to start
+      ansible.builtin.wait_for:
+        timeout: 15
+      delegate_to: localhost
+
    - name: Get teleport token
      ansible.builtin.shell:
-        cmd: '/usr/local/bin/tctl tokens add --type=node --format=text'
+        cmd: 'tctl tokens add --type=node --format=text'
        executable: /bin/bash
      register: token

@ -89,5 +91,6 @@
      with_first_found:
        - "vars/default.yml"
  tasks:
-    - include_tasks: reverseproxy.ansible.yml
-      when: {{ REVERSE_PROXY }}
+    - name: set up reverse proxy
+      include_tasks: reverseproxy.ansible.yml
+      when: REVERSE_PROXY
--- a/reverseproxy.ansible..yml
+++ b/reverseproxy.ansible..yml
@ -9,7 +9,7 @@
  ansible.builtin.blockinfile:
    block: |
      {{ SUBDOMAIN }} {
-        reverse_proxy https://{{ ansible_default_ipv4.address }}:3022 {
+        reverse_proxy https://{{ ansible_default_ipv4.address }}:3080 {
                transport http {
                        tls_insecure_skip_verify
                }
@ -42,7 +42,7 @@

      [Install]
      WantedBy=multi-user.target
-    dest: /etc/caddy/Caddyfile
+    dest: /etc/systemd/system/caddy.service

 - name: Start Caddy on startup
  ansible.builtin.systemd_service:
--- a/vars/default.yml
+++ b/vars/default.yml
@ -7,5 +7,5 @@
 #if you do enable reverse proxy make sure your selected domain name is routed to that ip address and port forwarding is set to the teleport host for ports 80 and 443
 REVERSE_PROXY: true
 #subdomain is the subdomain you want tied to teleport for the reverse proxy this should also be your hostname for your teleport hostnode(use {your teleport hostname}.localhost to use an internal certificate)
-SUBDOMAIN: t.localhost
+SUBDOMAIN: t2.dubois.localhost