diff --git a/deployer/group_vars/all/vars.yml b/deployer/group_vars/all/vars.yml index b5fafc0..61c4b54 100644 --- a/deployer/group_vars/all/vars.yml +++ b/deployer/group_vars/all/vars.yml @@ -1,6 +1,9 @@ --- -encrypted_drive_password: "{{ vault_encrypted_drive_password }}" +encrypted_drive: + name: "vault" + location: "/vault" + password: "{{ vault_encrypted_drive_password }}" mysql_root_password: "{{ vault_mysql_root_password }}" adrien_serenity_password: "{{ vault_adrien_serenity_password }}" diff --git a/deployer/roles/host/handlers/main.yml b/deployer/roles/host/handlers/main.yml index 07d9584..da81568 100644 --- a/deployer/roles/host/handlers/main.yml +++ b/deployer/roles/host/handlers/main.yml @@ -1,8 +1,19 @@ --- +- name: Restart MySQL + service: + name: mysql + state: restarted + become: yes + +- name: Restart PostgreSQL + service: + name: postgresql + state: restarted + become: yes + - name: Restart Docker service: name: docker state: restarted - become: yes - tags: docker \ No newline at end of file + become: yes \ No newline at end of file diff --git a/deployer/roles/host/tasks/encrypted_drive.yml b/deployer/roles/host/tasks/encrypted_drive.yml new file mode 100644 index 0000000..e148dcd --- /dev/null +++ b/deployer/roles/host/tasks/encrypted_drive.yml @@ -0,0 +1,12 @@ + +- name: "Open encrypted drive" + commane: + cmd: "/sbin/mount_vault" + stdin: "{{ encrypted_drive.password }}" # The drive's password + creates: "{{ www_path }}" # Will not run if path already exists + stdin_add_newline: yes + become: true + notify: + - Restart MySQL + - Restart PostgreSQL + - Restart Docker diff --git a/deployer/roles/host/tasks/main.yml b/deployer/roles/host/tasks/main.yml index 3b88ac0..a807a65 100644 --- a/deployer/roles/host/tasks/main.yml +++ b/deployer/roles/host/tasks/main.yml @@ -2,6 +2,10 @@ # TODO: Ensure anacron is installed +- name: Open encrypted drive + include_tasks: encrypted_drive.yml + tags: always + - name: Configure logrotate include_tasks: logrotate.yml tags: logrotate