Skip to content

Use include_tasks instead, on all files #278

Use include_tasks instead, on all files

Use include_tasks instead, on all files #278

Workflow file for this run

name: Deploy
on:
push:
branches:
- '**' # running only on main branch is pointless until we have a development environment
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Fetch repository
id: fetch
uses: actions/checkout@v3
- name: Setup Tailscale
id: tailscale
uses: tailscale/github-action@v1
with:
authkey: ${{ secrets.TAILSCALE_AUTHKEY }}
- name: Add SSH key
id: ssh
env:
SSH_KEY: ${{ secrets.SSH_KEY }}
SSH_USER: ${{ secrets.SSH_USER }}
MACHINE_NAME: ${{ secrets.MACHINE_NAME }}
run: |
mkdir -p ~/.ssh
MACHINE_IP="$(tailscale ip -4 ${MACHINE_NAME})"
echo "::add-mask::${MACHINE_IP}"
echo "GITHUB_MACHINE_IP=${MACHINE_IP}" >> ${GITHUB_ENV}
ssh-keyscan ${MACHINE_IP} >> ~/.ssh/known_hosts
printf "%s" "${SSH_KEY}" > ~/.ssh/key
chmod 600 ~/.ssh/key
printf "Host homelab\n\tUser %s\n\tIdentityFile %s\n\tHostName %s" "${SSH_USER}" "~/.ssh/key" "${MACHINE_IP}" > ~/.ssh/config
- name: Set up Bitwarden
id: bitwarden
env:
BW_EMAIL: ${{ secrets.BW_EMAIL }}
BW_PW: ${{ secrets.BW_PW }}
BW_CLIENTID: ${{ secrets.BW_CLIENTID }}
BW_CLIENTSECRET: ${{ secrets.BW_CLIENTSECRET }}
run: |
npm install -g @bitwarden/cli
bw login --apikey >/dev/null
export BW_SESSION=$(bw unlock --raw "${BW_PW}") >/dev/null
echo "BW_SESSION=${BW_SESSION}" >> ${GITHUB_ENV}
echo "::add-mask::${BW_SESSION}"
bw sync
- name: Run Ansible playbook
uses: dawidd6/action-ansible-playbook@v2
with:
playbook: playbook.yml
requirements: requirements.yml
options: |
--inventory hosts
--verbose
--extra-vars "HOST_EXTERNAL_IPV4=${{ env.GITHUB_MACHINE_IP }} hdd_mount_path=${{ secrets.STORAGE_MOUNT_PATH }} install_arch=${{ secrets.INSTALL_ARCH }}"