-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathMakefile
100 lines (82 loc) · 2.74 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# Makefile for mail server setup
#
.PHONY: all bootstrap mailserver reset clean \
edit edit_secrets save help setup rebootstrap do \
noweb web
USER_VAR = deploy_user_name
VAR_FILE = group_vars/all/vars.yml
SECRETS_FILE = group_vars/all/secret.yml
DEPLOY_USER = $(shell grep ${USER_VAR} $(VAR_FILE) 2>/dev/null | \
awk -F: '{print $$2}')
DOMAIN = $(shell grep domain_name $(VAR_FILE) 2>/dev/null | \
awk -F: '{print $$2}' | sed 's/^ //')
ifeq "$(DEPLOY_USER)" ""
DEPLOY_USER = deploy
endif
EDITOR ?= vi
all: setup do
do: bootstrap mailserver
setup:
@./bin/setup
help:
@echo "all (default) - setup, bootstrap, mailserver."
@echo "setup - Run the setup script."
@echo "do - Run bootstrap and mailserver tasks (no setup)."
@echo "bootstrap - run the bootstrap playbook as user root."
@echo "rebootstrap - run the bootstrap playbook as deploy user."
@echo "mailserver - deploy mail server stack (as deploy user)."
@echo "reset - delete inventory and variables for a fresh start."
@echo "clean - remove any *.retry files."
@echo "edit - run EDITOR (default vi) on variables file."
@echo "edit_secrets - decrypt, run EDITOR on secrets file, then encrypt."
@echo "save - save variables and inventory in backup/domain-YYYYMMDD-hhmm.tgz"
@echo "noweb - run the mailserver setup, exclude web site setup."
@echo "web - deploy the web site files only."
@echo "help - print this message."
mailserver:
@echo "Running playbooks using $(DEPLOY_USER) user"
ansible-playbook $(ANSIBLE_OPTS) -u $(DEPLOY_USER) mailserver.yml
# noweb - mailserver setup, exclude web site setup
noweb:
@ANSIBLE_OPTS='--skip-tags=website' make -e mailserver
# web - deploy web site only
web:
@ANSIBLE_OPTS='--tags=website' make -e mailserver
# bootstrap sets up a secure server
bootstrap:
@if [ -r .bootstrap_done ]; then \
ansible-playbook -u $(DEPLOY_USER) bootstrap.yml; \
else \
ansible-playbook -u root -k bootstrap.yml; \
fi
# bootstrap explicitly as deploy user
rebootstrap:
ansible-playbook -u $(DEPLOY_USER) bootstrap.yml
# GENERATED FILES
GEN = inventory group_vars .vault_pass.txt .bootstrap_done
# clean up and start over
reset:
rm -rf $(GEN)
touch .vault_pass.txt; chmod 600 .vault_pass.txt
# save the current set of variables and vault password
save:
name=backup/$(DOMAIN)-`date +'%Y%m%d-%H%M'`.tar.gz; \
tar cvzf $$name $(GEN)
# simple cleanup of ansible cruft
clean:
rm -rf *.retry
edit:
@if [ -r $(VAR_FILE) ]; then \
$(EDITOR) $(VAR_FILE); \
else \
echo "YIKES! No $(VAR_FILE). Run: make"; \
fi
edit_secrets:
@if [ -r $(SECRETS_FILE) ]; then \
trap "ansible-vault encrypt $(SECRETS_FILE)" EXIT; \
ansible-vault decrypt $(SECRETS_FILE); \
$(EDITOR) $(SECRETS_FILE); \
./bin/redo_passwords; \
else \
echo "YIKES! No $(SECRETS_FILE). Run: make"; \
fi