Erich Blume
b76f2314c2
nixos-rebuild can dirty the tree (e.g. flake.lock updates), which blocks the Ansible git module. Force ensures we always reset to the upstream state. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
26 lines
782 B
YAML
26 lines
782 B
YAML
---
|
|
- name: Configure ringtail (NixOS)
|
|
hosts: ringtail
|
|
become: true
|
|
|
|
tasks:
|
|
- name: Ensure blumeops repo is present
|
|
ansible.builtin.git:
|
|
repo: "https://forge.ops.eblu.me/eblume/blumeops.git"
|
|
dest: /etc/blumeops
|
|
version: main
|
|
force: true
|
|
register: _repo
|
|
|
|
- name: Rebuild NixOS
|
|
ansible.builtin.command:
|
|
cmd: nixos-rebuild switch --flake /etc/blumeops/nixos/ringtail#ringtail
|
|
register: _rebuild
|
|
changed_when: "'activating the configuration' in _rebuild.stdout"
|
|
when: _repo.changed
|
|
|
|
- name: Verify tailscale is connected
|
|
ansible.builtin.command: tailscale status --self --json
|
|
register: _ts_status
|
|
changed_when: false
|
|
failed_when: "'Running' not in _ts_status.stdout"
|