#!/bin/bash # ensure we are running the latest version of the script from the correct branch if [ -f /ansible/branch ]; then branch=`cat /ansible/branch` else branch="prod" fi #determine if we need to download the latest version regrab=false if [ -f /ansible/current ]; then latest=`cat /ansible/current` echo $latest l_branch=`echo "$latest" | grep -Po ".+:" | grep -Po "[^:]+"` l_time=`echo "$latest" | grep -Po ":.+" | grep -Po "[^:]+"` if [ ! "$l_branch" = "$branch" ]; then regrab=true else c_time=`date +%s` if [[ `expr $c_time - $l_time` -gt 120 ]]; then regrab=true fi fi else regrab=true fi if $regrab;then # download latest version curl -k "https://git.actcur.com/actcur-ansible/playbook-builder/raw/branch/$branch/build_ansible.sh" -H "accept: application/raw" -o /tmp/build_ansible.sh # verify that download was sucessful count=`grep -P "(#!/bin/bash)|(end of build_ansible.sh)" /tmp/build_ansible.sh | wc -l` if [ "$count" != "3" ];then echo "failed to grab latest build_ansible.sh file, exiting" exit fi # update build_ansible file and update branch/timestamp info in current cp /tmp/build_ansible.sh /ansible/build_ansible.sh echo ${branch}:`date +%s` > /ansible/current # verify the parent script is not build_ansible.sh (to prevent the possibility of recurring until the system crashes in the case of an issue) me=$(basename "$0") parent=$(ps -o args= $PPID) if [[ "$parent" != *"$me"* ]];then /bin/bash /ansible/build_ansible.sh fi exit fi # install/update dependencies pacman -Sy git --noconfirm fqdn=`hostnamectl hostname` curl -k "https://git.actcur.com/actcur-ansible/playbook-builder/raw/branch/$branch/playbook_templates/$fqdn" -H "accept: application/raw" -o /tmp/$fqdn # verify file was downloaded successfully count=`grep -P "end of file" /tmp/$fqdn | wc -l` if [ "$count" != "1" ];then echo "failed to grab current playbook build file for $fqdn, exiting" exit fi # build playbook, retrieve roles and add variables to roles mkdir -p /ansible/roles/ mkdir -p /ansible/new/roles mkdir -p /ansible/prev/roles # delete roles from previous attempt to update them rm -r /ansible/new/roles/* # create base playbook echo "- hosts: $fqdn become: true roles:" > /ansible/new/$fqdn.yml while read line do elements=() for e in $(echo $line | tr ":" "\n"); do elements+=("$e");done case ${elements[0]} in "role") # format role:role name:branch/tag to use # clone role repo from specific tag/branch w/o history git clone -b ${elements[2]} --depth 1 https://git.actcur.com/actcur-ansible/role-${elements[1]}.git /ansible/new/roles/${elements[1]} # verify branch was cloned successfully count=`ls /ansible/new/roles/${elements[1]}/ | wc -l` if [[ $count -lt 5 ]];then echo "issue grabbing role $role - dir/file count less than 9, exiting" exit fi echo " - nginx-ssl" >> /ansible/new/$fqdn.yml # retrieve var file if it exists curl -k "https://git.actcur.com/actcur-ansible/playbook-builder/raw/branch/$branch/var_files/${elements[1]}/$fqdn" -H "accept: application/raw" -o /ansible/new/roles/${element[1]/vars/main.yml # verifty file was downloaded successfully count=`grep -P "(---)|(end of file)" /tmp/build_ansible.sh | wc -l` if [ "$count" != "2" ];then echo "issue grabbing vars file for ${elements[0]} role on $fqdn - either file is invalid or download filed, exiting" exit fi ;; "#*") # this is a comment, ignore it ;; *) echo "skipping invalid entry in playbook build file for $fqdn" echo "entry: $line" ;; esac done