|
|
|
vault:=group_vars/all/vault.yml
|
|
|
|
playbooks_dir:=playbooks
|
|
|
|
playbooks:=$(wildcard ${playbooks_dir}/*.yml)
|
|
|
|
credentials_dir:=credentials
|
|
|
|
|
|
|
|
# Default Target (must be first target)
|
|
|
|
|
|
|
|
.PHONY: main
|
|
|
|
main:
|
|
|
|
ansible-playbook site.yml
|
|
|
|
|
|
|
|
# Playbook Execution
|
|
|
|
|
|
|
|
.PHONY: list
|
|
|
|
list:
|
|
|
|
@echo ${playbooks}
|
|
|
|
|
|
|
|
.PHONY: ${playbooks}
|
|
|
|
${playbooks}:
|
|
|
|
ansible-playbook ${playbooks_dir}/$@.yml
|
|
|
|
|
|
|
|
# Vault Handling
|
|
|
|
|
|
|
|
.PHONY: vault
|
|
|
|
vault:
|
|
|
|
ansible-vault edit ${vault}
|
|
|
|
|
|
|
|
# Credential Handling
|
|
|
|
|
|
|
|
.PHONY: store-credentials
|
|
|
|
store-credentials: credentials.tar.gpg
|
|
|
|
|
|
|
|
credentials.tar.gpg: $(shell find "${credentials_dir}")
|
|
|
|
tar -cf - "${credentials_dir}" | gpg --encrypt --recipient 73D09948B2392D688A45DC8393E1BD26F6B02FB7 > "$@"
|
|
|
|
|
|
|
|
.PHONY: load-credentials
|
|
|
|
load-credentials:
|
|
|
|
< credentials.tar.gpg gpg --decrypt | tar -xf -
|