-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
71 lines (57 loc) · 2.5 KB
/
Makefile
File metadata and controls
71 lines (57 loc) · 2.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
.PHONY: init plan apply destroy outputs configure ssh
PLATFORM = murafiq
ENV ?= production
TF_DIR = terraform
ANSIBLE_DIR = ansible
# ── Terraform ─────────────────────────────────────────────────────────────────
init:
cd $(TF_DIR) && terraform init
plan:
cd $(TF_DIR) && terraform plan
apply:
cd $(TF_DIR) && terraform apply
destroy:
@echo "==> WARNING: This will destroy ALL Murafiq production VMs."
@read -p "Type 'yes' to confirm: " confirm; \
if [ "$$confirm" = "yes" ]; then \
cd $(TF_DIR) && terraform destroy; \
else \
echo "Aborted."; \
fi
outputs:
cd $(TF_DIR) && terraform output
# ── Ansible ───────────────────────────────────────────────────────────────────
# Install roles and collections from requirements.yml
ansible-deps:
cd $(ANSIBLE_DIR) && ansible-galaxy install -r requirements.yml --force
# Apply base role to all VMs in the given environment
configure:
cd $(ANSIBLE_DIR) && ansible-playbook \
--private-key $${ANSIBLE_PRIVATE_KEY_FILE:-$(HOME)/.ssh/id_ed25519} \
-i inventories/$(ENV).yml \
playbooks/base.yml \
--diff
# Run base role with a specific tag (e.g. make configure-tag TAG=firewall)
configure-tag:
cd $(ANSIBLE_DIR) && ansible-playbook \
--private-key $${ANSIBLE_PRIVATE_KEY_FILE:-$(HOME)/.ssh/id_ed25519} \
-i inventories/$(ENV).yml \
playbooks/base.yml \
--tags $(TAG) \
--diff
# Dry-run — show what would change without applying
configure-check:
cd $(ANSIBLE_DIR) && ansible-playbook \
--private-key $${ANSIBLE_PRIVATE_KEY_FILE:-$(HOME)/.ssh/id_ed25519} \
-i inventories/$(ENV).yml \
playbooks/base.yml \
--check \
--diff
# ── SSH ───────────────────────────────────────────────────────────────────────
ssh:
@if [ -z "$(VM)" ]; then echo "Usage: make ssh VM=murafiq-ingestion-01"; exit 1; fi
@IP=$$(cd $(TF_DIR) && terraform output -json all_vms | python3 -c \
"import sys,json; d=json.load(sys.stdin); print(d.get('$(VM)', 'NOT_FOUND'))"); \
if [ "$$IP" = "NOT_FOUND" ]; then echo "VM $(VM) not found in terraform outputs"; exit 1; fi; \
echo "==> SSH to $(VM) at $$IP"; \
ssh spx@$$IP -i ~/.ssh/id_ed25519_devops