Fix storage_box SSH key installation and deploy ordering
- Always run install-ssh-key (drop unreliable sftp idempotency check that was bypassed by SSH agent forwarding) - Use sshpass -e (env var) instead of -p to avoid shell quoting issues with special characters in passwords - Add -o IdentitiesOnly=yes to prevent agent keys interfering - Add reachable_externally: true to access_settings (was being reset to false on every run) - Remove storage_box.yml from deploy.yml chain — Ansible loads group_vars at startup so storagebox.yml must exist before deploy.yml - Document storage_box.yml as a prerequisite step in README, CLAUDE.md, and setup.sh next steps Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
db70b4ba06
commit
16da843131
5 changed files with 20 additions and 22 deletions
|
|
@ -2,7 +2,10 @@
|
|||
# Full first-time deployment — provisions and deploys everything in one shot.
|
||||
# Usage: ansible-playbook playbooks/deploy.yml
|
||||
#
|
||||
# Prerequisites: run setup.sh first, then review config.yml, vault.yml, dns.yml
|
||||
# Prerequisites:
|
||||
# 1. run setup.sh and review config.yml, vault.yml, dns.yml
|
||||
# 2. if enable_restic: run storage_box.yml first so storagebox.yml exists
|
||||
# before this playbook starts (Ansible loads group_vars at startup)
|
||||
#
|
||||
# This playbook is intended for initial deployments only. After the first run,
|
||||
# bootstrap will fail (root SSH is disabled) — use site.yml for subsequent deploys.
|
||||
|
|
@ -13,7 +16,6 @@
|
|||
|
||||
- import_playbook: provision.yml
|
||||
- import_playbook: dns.yml
|
||||
- import_playbook: storage_box.yml
|
||||
|
||||
# Refresh inventory so the newly provisioned server IP is visible to subsequent plays
|
||||
- name: Refresh inventory
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue