104 lines
2.8 KiB
YAML
104 lines
2.8 KiB
YAML
---
|
|
# Automate a self-hosted copy of code-server
|
|
|
|
- hosts: oracle
|
|
remote_user: ubuntu
|
|
name: Install and deploy vscode server
|
|
become: true
|
|
vars:
|
|
|
|
certificate_name: "oracle-tf-demo"
|
|
|
|
pre_tasks:
|
|
|
|
- name: Set a strong password to login to VS Code's browser editor
|
|
ansible.builtin.pause:
|
|
prompt: "Set a strong password to login to VS Code's browser editor"
|
|
echo: false
|
|
register: vscode_password
|
|
no_log: true
|
|
run_once: true
|
|
|
|
tasks:
|
|
|
|
- name: Copy nginx configuration to host
|
|
ansible.builtin.copy:
|
|
src: nginx.conf
|
|
dest: ~/nginx.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0604'
|
|
|
|
- name: Download terraform binary
|
|
ansible.builtin.get_url:
|
|
url: https://releases.hashicorp.com/terraform/1.4.6/terraform_1.4.6_linux_amd64.zip
|
|
dest: ~/terraform.zip
|
|
mode: '0644'
|
|
|
|
- name: Unpack terraform binary
|
|
ansible.builtin.unarchive:
|
|
remote_src: true
|
|
src: "/root/terraform.zip"
|
|
dest: ~/
|
|
|
|
- name: Write self signed certificate
|
|
become: false
|
|
ansible.builtin.command: 'mkcert -ecdsa -client -cert-file="{{ certificate_name }}_cert.pem" -key-file="{{ certificate_name }}_privkey.pem" ubuntu@tf-demo'
|
|
args:
|
|
creates: "{{ certificate_name }}_privkey.pem"
|
|
|
|
- name: Create a custom docker network
|
|
tags: docker
|
|
community.docker.docker_network:
|
|
name: nginx-vscode-network
|
|
|
|
- name: Launch the nginx-proxy container
|
|
tags: docker
|
|
community.docker.docker_container:
|
|
name: nginx-proxy
|
|
state: started
|
|
image: nginx
|
|
restart: true
|
|
networks:
|
|
- name: nginx-vscode-network
|
|
aliases:
|
|
- nginx-proxy
|
|
volumes:
|
|
- "~/nginx.conf:/etc/nginx/nginx.conf"
|
|
- "/home/ubuntu/{{ certificate_name }}_cert.pem:/etc/nginx/ssl/{{ certificate_name }}_cert.pem"
|
|
- "/home/ubuntu/{{ certificate_name }}_privkey.pem:/etc/nginx/ssl/{{ certificate_name }}_privkey.pem"
|
|
pull: true
|
|
ports:
|
|
- "443:443"
|
|
- "80:80"
|
|
|
|
- name: Launch the code-server container
|
|
tags: docker
|
|
community.docker.docker_container:
|
|
name: code-server
|
|
state: started
|
|
image: "linuxserver/code-server"
|
|
volumes:
|
|
- "~/terraform:/usr/bin/terraform"
|
|
- "/lib/:/lib/"
|
|
- "/usr/:/usr/"
|
|
networks:
|
|
- name: nginx-vscode-network
|
|
aliases:
|
|
- code-server
|
|
env:
|
|
PASSWORD: "{{ vscode_password.user_input }}"
|
|
pull: true
|
|
ports:
|
|
- "8443:8443"
|
|
|
|
- name: Allow HTTP(S) through the firewall
|
|
ansible.builtin.iptables:
|
|
chain: INPUT
|
|
protocol: tcp
|
|
destination_ports:
|
|
- "443"
|
|
- "80"
|
|
- "8000"
|
|
jump: ACCEPT
|