expand/ansibleteleportsetup
1
0
Fork 0
mirror of https://github.com/Expand-sys/ansibleteleportsetup synced 2025-12-17 22:42:20 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions
ansibleteleportsetup/main.ansible.yml
Expand d74268005a working
2023-09-13 16:27:20 +10:00

96 lines
No EOL
2.6 KiB
YAML
Raw Blame History

---
- hosts: "hostnode"
name: Teleport setup
vars:
become: true
pre_tasks:
- name: Load variables
ansible.builtin.include_vars: '{{ item }}'
with_first_found:
- "vars/default.yml"
tasks:
- name: Check if teleport is installed.
ansible.builtin.stat: "path=/usr/local/bin/teleport"
register: teleport_bin
- debug:
msg: "{{ teleport_bin.stat }}"
- name: install teleport
ansible.builtin.shell:
cmd: 'curl https://goteleport.com/static/install.sh | bash -s 13.3.8'
- name: Ensure teleport has selected state and enabled on boot.
service:
name: 'teleport'
state: 'started'
enabled: yes
- name: sleep for 15 secs to wait for teleport to start
ansible.builtin.wait_for:
timeout: 15
delegate_to: localhost
- name: Get teleport token
ansible.builtin.shell:
cmd: 'tctl tokens add --type=node --format=text'
executable: /bin/bash
register: token
- debug:
msg: token.stdout
- hosts: "clients"
name: Client setup
vars:
become: true
pre_tasks:
- name: Load variables
ansible.builtin.include_vars: '{{ item }}'
with_first_found:
- "vars/default.yml"
tasks:
- name: Check if teleport is installed.
ansible.builtin.stat: "path=/usr/local/bin/teleport"
register: teleport_bin_clients
- name: install teleport
ansible.builtin.shell:
cmd: 'curl https://goteleport.com/static/install.sh | bash -s 13.3.8'
when: teleport_bin_clients.stat.exists == false
- name: remove existing config if exists
ansible.builtin.file:
path: /etc/teleport.yaml
state: absent
- name: Create teleport config
ansible.builtin.shell:
cmd: '/usr/local/bin/teleport node configure --output=file:///etc/teleport.yaml --token={{ token.stdout }} --proxy={{ groups["hostnode"] | map("extract", hostvars, ["inventory_hostname"]) }}:443'
executable: /bin/bash
- name: Ensure teleport has selected state and enabled on boot.
service:
name: 'teleport'
state: 'started'
enabled: yes
- name: open ports for teleport
ansible.builtin.shell:
cmd: 'ufw allow 3022/tcp && ufw allow 443/tcp'
- hosts: "hostnode"
name: reverse proxy setup
vars:
become: true
pre_tasks:
- name: Load variables
ansible.builtin.include_vars: '{{ item }}'
with_first_found:
- "vars/default.yml"
tasks:
- name: set up reverse proxy
include_tasks: reverseproxy.ansible.yml
when: REVERSE_PROXY
Reference in a new issue View git blame Copy permalink