ilia/ansible
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
ansible/roles/pote/templates/env.j2
ilia 69a39e5e5b Add POTE app project support and improve IP conflict detection (#3) 
## Summary

This PR adds comprehensive support for deploying the **POTE** application project via Ansible, along with improvements to IP conflict detection and a new app stack provisioning system for Proxmox-managed LXC containers.

## Key Features

### 🆕 New Roles
- **`roles/pote`**: Python/venv deployment role for POTE (PostgreSQL, cron jobs, Alembic migrations)
- **`roles/app_setup`**: Generic app deployment role (Node.js/systemd)
- **`roles/base_os`**: Base OS hardening role

### 🛡️ Safety Improvements
- IP uniqueness validation within projects
- Proxmox-side IP conflict detection
- Enhanced error messages for IP conflicts

### 📦 New Playbooks
- `playbooks/app/site.yml`: End-to-end app stack deployment
- `playbooks/app/provision_vms.yml`: Proxmox guest provisioning
- `playbooks/app/configure_app.yml`: OS + application configuration

## Security
-  All secrets stored in encrypted vault.yml
-  Deploy keys excluded via .gitignore
-  No plaintext secrets committed

## Testing
-  POTE successfully deployed to dev/qa/prod environments
-  All components validated (Git, PostgreSQL, cron, migrations)

Co-authored-by: ilia <ilia@levkin.ca>
Reviewed-on: #3
2026-01-01 11:19:54 -05:00

28 lines
729 B
Django/Jinja
Raw Blame History

### Ansible-managed POTE environment
POTE_ENV="{{ pote_env }}"
# Database
DATABASE_URL="{{ pote_database_url }}"
# Email
SMTP_HOST="{{ pote_smtp_host }}"
SMTP_PORT="{{ pote_smtp_port }}"
SMTP_USER="{{ pote_smtp_user }}"
SMTP_PASSWORD="{{ pote_smtp_password }}"
FROM_EMAIL="{{ pote_from_email }}"
REPORT_RECIPIENTS="{{ pote_report_recipients }}"
# Monitoring / alerting (optional)
MARKET_MONITOR_TICKERS="{{ pote_market_tickers | default('') }}"
ALERT_MIN_SEVERITY="{{ pote_alert_min_severity | default('') }}"
# Logging
LOG_LEVEL="{{ pote_log_level }}"
LOG_FILE="{{ pote_log_file }}"
# Optional API keys
QUIVERQUANT_API_KEY="{{ pote_quiverquant_api_key | default('') }}"
FMP_API_KEY="{{ pote_fmp_api_key | default('') }}"
Reference in New Issue View Git Blame Copy Permalink