cleanup bastion deployment a bit

2024-12-28 16:41:41 -05:00 · 2024-12-28 16:41:41 -05:00 · 61a891ae24
parent bc5f1ec01c
commit 61a891ae24
4 changed files with 8 additions and 8 deletions
--- a/reboot-rpi.yml
+++ b/reboot-rpi.yml
@ -0,0 +1,3 @@
+- hosts: k3s-agent0,k3s-agent1,k3s-agent2,k3s-agent3
+  tasks:
+    - reboot:
--- a/roles/haproxy/tasks/main.yml
+++ b/roles/haproxy/tasks/main.yml
@ -42,9 +42,3 @@
    dest: /opt/certbot/certbot-deploy.sh
    mode: '0700'
  notify: Run certbot
-
- name: Install weekly haproxy reload
-  cron:
-    name: "haproxy reload"
-    special_time: weekly
-    job: "/bin/systemctl reload haproxy"
--- a/roles/haproxy/templates/certbot-deploy.sh
+++ b/roles/haproxy/templates/certbot-deploy.sh
@ -1,2 +1,3 @@
 #!/bin/sh
 cat /etc/letsencrypt/live/{{ letsencrypt.domains[0] }}/fullchain.pem /etc/letsencrypt/live/{{ letsencrypt.domains[0] }}/privkey.pem >/etc/letsencrypt/live/{{ letsencrypt.domains[0] }}/{{ letsencrypt.domains[0] }}.pem
+systemctl restart haproxy
--- a/roles/wireguard/tasks/main.yml
+++ b/roles/wireguard/tasks/main.yml
@ -22,17 +22,19 @@
    creates: /etc/wireguard/private.key
  register: private_key_gen

- name: Fetch private key
+- name: Read private key
  command: cat /etc/wireguard/private.key
  register: private_key
+  changed_when: false

 - name: Generate public key
  shell: cat /etc/wireguard/private.key | wg pubkey >/etc/wireguard/public.key
  when: not public_key_stats.stat.exists or private_key_gen.changed

- name: Fetch public key
+- name: Read public key
  command: cat /etc/wireguard/public.key
  register: public_key
+  changed_when: false

 - name: Print public key
  debug: