🎉 Init

.drone.yml

@@ -0,0 +1,49 @@
+kind: pipeline
+name: default
+
+steps:
+  - name: Check ansible syntax
+    image: harbor.sebclem.fr/sebclem/drone-ansible-runner
+    settings:
+      playbook: sites.yml
+      galaxy_file: roles/requirements.yml
+      check_syntax: true
+      vault_token:
+        from_secret: ansible_vault_token
+      private_key:
+        from_secret: ansible_private_key
+    when:
+      event:
+        - promote
+        - rollback
+        - push
+        - custom
+
+  - name: Run ansible playbook
+    image: harbor.sebclem.fr/sebclem/drone-ansible-runner
+    settings:
+      verbosity: 1
+      playbook: sites.yml
+      galaxy_file: roles/requirements.yml
+      vault_token:
+        from_secret: ansible_vault_token
+      private_key:
+        from_secret: ansible_private_key
+    when:
+      event:
+        - promote
+        - rollback
+
+  - name: Notify
+    image: drillster/drone-email
+    settings:
+      host: 
+        from_secret: mail_host
+      username: 
+        from_secret: mail_username
+      password: 
+        from_secret: mail_password
+      from: 
+        from_secret: mail_from 
+    when:
+      status: [ changed, failure ]

.gitignore

@@ -0,0 +1,5 @@
+# ---> Ansible
+*.retry
+*vault_token
+roles/
+!roles/requirements.yml

README.md

@@ -0,0 +1 @@
+${REPO_NAME_TITLE}

ansible.cfg

@@ -0,0 +1,8 @@
+[defaults]
+inventory = hosts
+remote_user = root
+host_key_checking = True
+vault_password_file = credentials/vault_token
+roles_path = ./roles
+force_color = true
+ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}

group_vars/nodes.yml

@@ -0,0 +1 @@
+ansible_python_interpreter: /usr/bin/python3

hosts

@@ -0,0 +1,7 @@
+---
+
+all:
+  children:
+    nodes:
+      hosts:
+        victoria.home:

renovate.json

@@ -0,0 +1,15 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base"
+  ],
+  "commitMessagePrefix": ":arrow_up:",
+  "regexManagers": [
+    {
+      "fileMatch": ["host_vars\\/.*\\.yml"],
+      "matchStrings": ["victoriametrics_version:\\s?\"?(?<currentValue>.*?)\"?\\n"],
+      "datasourceTemplate": "github-releases",
+      "depNameTemplate": "VictoriaMetrics/VictoriaMetrics"
+    }
+  ]
+}

requirements.txt

@@ -0,0 +1,2 @@
+ansible
+hvac

secrets/hostname.yml

@@ -0,0 +1,19 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base"
+  ],
+  "ignorePresets": [":prHourlyLimit2"],
+  "commitMessagePrefix": ":arrow_up:",
+  "regexManagers": [
+    {
+      "fileMatch": [
+        "group_vars\\/.*\\.yml",
+        "host_vars\\/.*\\.yml"],
+      "matchStrings": [
+        "datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*?_version: \"(?<currentValue>.*)\"\\s"
+      ],
+      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}"
+    }
+  ]
+}

sites.yml

@@ -0,0 +1,15 @@
+---
+
+- name: ${REPO_NAME_TITLE}
+  hosts: nodes
+
+  pre_tasks:
+    - name: Load secrets
+      include_vars:
+        file: "secrets/{{ inventory_hostname }}.yml"
+      tags:
+        - always
+  
+
+  roles: [] 
+