Created
December 12, 2018 19:13
-
-
Save dch/50120cf8ddd442e09cc31b8249a41e2a to your computer and use it in GitHub Desktop.
ansible zerotier role
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: zerotier | install pkg | |
pkgng: | |
state: latest | |
name: | |
- net/zerotier | |
notify: zerotier | restart | |
tags: | |
- pkg | |
- zerotier | |
- name: zerotier | add ansible status collector | |
copy: | |
content: | | |
#!/bin/sh | |
/usr/local/bin/zerotier-cli -j info \ | |
| jq . | |
dest: /usr/local/etc/ansible/facts.d/zt_info.fact | |
mode: 0750 | |
owner: root | |
group: wheel | |
tags: | |
- zerotier | |
- name: zerotier | add ansible peer status collector | |
copy: | |
content: | | |
#!/bin/sh | |
/usr/local/bin/zerotier-cli -j listpeers \ | |
| jq . | |
dest: /usr/local/etc/ansible/facts.d/zt_peers.fact | |
mode: 0750 | |
owner: root | |
group: wheel | |
tags: | |
- zerotier | |
- name: zerotier | add ansible networks status collector | |
copy: | |
content: | | |
#!/bin/sh | |
/usr/local/bin/zerotier-cli -j listpeers \ | |
| jq . | |
dest: /usr/local/etc/ansible/facts.d/zt_networks.fact | |
mode: 0750 | |
owner: root | |
group: wheel | |
tags: | |
- zerotier | |
- name: zerotier | add ansible ipv6 fact collector | |
copy: | |
content: | | |
#!/bin/sh | |
/usr/local/bin/zerotier-cli -j listnetworks | jq '.[] | |
| .assignedAddresses[] | |
| sub("(:0+)+";"::") | |
| capture("(?<host>[a-f0-9:]+::)1/(?<prefix>[0-9]+)") | |
| {"ip6": (.host + "1"), prefix, "host": .host}' | |
dest: /usr/local/etc/ansible/facts.d/zt_6plane.fact | |
mode: 0750 | |
owner: root | |
group: wheel | |
tags: | |
- zerotier | |
- name: zerotier | enable daemon | |
copy: | |
content: | | |
zerotier_enable=YES | |
dest: /etc/rc.conf.d/zerotier | |
mode: 0440 | |
notify: zerotier | restart | |
tags: | |
- zerotier | |
- name: zerotier | start daemon | |
service: | |
name: zerotier | |
state: started | |
tags: | |
- zerotier | |
- name: zerotier | get local node address | |
# check_mode: no means "always run this task" | |
command: /usr/local/bin/zerotier-cli -j info | |
register: zerotier_info | |
check_mode: no | |
changed_when: false | |
tags: | |
- zerotier | |
- name: zerotier | dump info response | |
debug: | |
var: zerotier_info.stdout | |
verbosity: 2 | |
when: not ansible_check_mode | |
tags: | |
- debug | |
- zerotier | |
- name: zerotier | join network | |
command: /usr/local/bin/zerotier-cli -j join {{ net.zerotier.network }} | |
register: zerotier_network | |
when: not ansible_check_mode | |
changed_when: false | |
tags: | |
- zerotier | |
- name: zerotier | dump network response | |
debug: | |
var: zerotier_network.stdout | |
verbosity: 2 | |
when: not ansible_check_mode | |
tags: | |
- debug | |
- zerotier | |
- name: zerotier | register responses | |
set_fact: | |
zerotier_address: "{{ (zerotier_info.stdout |from_json).address }}" | |
zerotier_device: "{{ (zerotier_network.stdout |from_json).portDeviceName }}" | |
zerotier_name: "{{ (zerotier_network.stdout |from_json).name }}" | |
zerotier_ip: "{{ (zerotier_network.stdout |from_json).assignedAddresses }}" | |
zerotier_status: "{{ (zerotier_network.stdout |from_json).status }}" | |
when: not ansible_check_mode | |
tags: | |
- zerotier | |
- name: zerotier | authorise this connection | |
uri: | |
url: https://my.zerotier.com/api/network/{{ net.zerotier.network }}/member/{{ zerotier_address }} | |
method: POST | |
HEADER_Authorization: "Bearer {{ net.zerotier.token }}" | |
body_format: json | |
body: | |
name: "{{ inventory_hostname }}" | |
config: | |
authorized: true | |
return_content: yes | |
register: zerotier_authorisation | |
when: not ansible_check_mode and (zerotier_status != "OK" or zerotier_name != inventory_hostname) | |
tags: | |
- zerotier | |
- name: zerotier | dump authorisation response | |
debug: | |
var: zerotier_authorisation | |
verbosity: 2 | |
when: not ansible_check_mode | |
tags: | |
- debug | |
- zerotier | |
- name: zerotier | dump inventory configuration | |
debug: | |
var: ansible_local.zerotier | |
verbosity: 2 | |
tags: | |
- debug | |
- zerotier |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
snagged from trobotham on irc: