From b167d75be5fb77eb26825362782e95c5076b6bc5 Mon Sep 17 00:00:00 2001 From: Elizabeth Hunt Date: Wed, 3 Apr 2024 16:02:52 -0400 Subject: [PATCH] restart docker-compose on failure and allow continuous deployment --- playbooks/roles/common/files/authorized_keys | 4 ++++ playbooks/roles/common/tasks/main.yml | 7 +++++++ playbooks/roles/docker/files/docker-compose@.service | 5 ++++- 3 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 playbooks/roles/common/files/authorized_keys diff --git a/playbooks/roles/common/files/authorized_keys b/playbooks/roles/common/files/authorized_keys new file mode 100644 index 0000000..6152b9b --- /dev/null +++ b/playbooks/roles/common/files/authorized_keys @@ -0,0 +1,4 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEBEAOOzWvuGoaj0HRVIod5KPtqkZgO0jEVsqOvKaJoE continuousdeploymentdrone@hatecomputers.club + +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDRHu3h9mDjQyFbojcxGKW0hPUDfgUmb2WCzd4Dv2qISM3GGt9LjD8o0IbWRNaTf5UyId5lu7wNHtygs5ZDfUVnlfxrI1CmoExuqkYFjy+R9Cu0x1J2w7+MrKPBd5akLCuKTTnXbyv79T0tLb07rCpGHojW8HH6wdDtg0siVqsPqZVTjg7WGbBYqiqlA5p8s+V9xN1q8lTOZrRI0PdgoU8W+1oIr9OHSG1ZeUBQx60izTEwMnWBxY2aA8SQolIVvsJCcMMc/EAnaz/rdJ5IkeqXGslIhUI7WCPHnPWN8CSdwMOLi5BNaOAK7Y2FkfKTUlO7I52BL87Cl3YpMxR0mTDrfSJTSp0B3ZAbUIXDA7biSh04YLwGQVI799vcyJf355A60btPaiuiBgI0am3h0WxnOACg7K6eV023EiUQ24UjlQ8pufHcJ1oDW8v6LHlp/atCWOl9KQIun9UUg8DD8/BLPprc0wzAV6Nco0ZIedouxZuUhduYYvUrLJ+ICpaZg6oPGitVJPIgyyI+WTfjRN4WTj/Z3Yhuj0RqF8b5ea4FNWuJtfF724t7SVnZsYlZGSCqL8gaEzbIATVe3THn5VwbK+S4ELD/9W6MOd6aZcTOK2yP3jlwjcjnW8sLuX+2qNwtSVVa4o5VsRZU40Da+3flzoBsyUwSE3H2PsFPH29lIQ== +lizzy@yubikey diff --git a/playbooks/roles/common/tasks/main.yml b/playbooks/roles/common/tasks/main.yml index 8b72cf9..f32893a 100644 --- a/playbooks/roles/common/tasks/main.yml +++ b/playbooks/roles/common/tasks/main.yml @@ -44,6 +44,13 @@ notify: - Restart sshd +- name: Copy authorized keys + ansible.builtin.copy: + src: files/authorized_keys + dest: /root/.ssh/authorized_keys + owner: root + group: root + ## FAIL2BAN - name: Install Fail2Ban ansible.builtin.apt: diff --git a/playbooks/roles/docker/files/docker-compose@.service b/playbooks/roles/docker/files/docker-compose@.service index f89745a..bd8dedb 100644 --- a/playbooks/roles/docker/files/docker-compose@.service +++ b/playbooks/roles/docker/files/docker-compose@.service @@ -4,12 +4,15 @@ Requires=docker.service After=docker.service [Service] -Type=oneshot RemainAfterExit=true WorkingDirectory=/etc/docker/compose/%i ExecStartPre=/usr/bin/docker compose pull ExecStart=/usr/bin/docker compose up --detach --remove-orphans ExecStop=/usr/bin/docker compose down +Restart=always +RestartSec=5 +StartLimitInterval=500 +StartLimitBurst=3 [Install] WantedBy=multi-user.target