Add main automation script.

diff --git a/README b/README
index 2f1a2923640cf5c538987059635e1e15fa790444..8405adf1817637d8728146c0b63177540580bc4d 100644 (file)
--- a/README
+++ b/README
@@ -2,3 +2,11 @@ turnup
 ======
 
 Automation scripts for turning up system configuration.
+
+Instructions
+------------
+
+```
+ansible-playbook turnup.yaml --extra-vars @<credentials_file>.yaml \
+  --extra-vars key_file=<path_to_fernet_key> --ask-vault-password
+```

diff --git a/turnup.yaml b/turnup.yaml
new file mode 100644 (file)
index 0000000..2942283
--- /dev/null
+++ b/turnup.yaml
@@ -0,0 +1,26 @@
+# Copyright (c) 2023 Jakub Czajka <jakub@ekhem.eu.org>
+# License: GPL-3.0 or later.
+
+- hosts: servers
+  vars_files:
+    - sources.yaml
+  tasks:
+    - stat:
+        path: "{{ item.dest }}/{{ item.name }}"
+      with_items: "{{ files }}"
+      register: files_stats
+    - name: Finish if nothing is missing
+      meta: end_play
+      when: "files_stats.results | selectattr('stat.exists', 'equalto', False) \
+             | length == 0"
+    - name: Obtain an access token for Google Drive
+      include_tasks: gdrive_auth.yaml
+      vars:
+        redirect_uri: "urn:ietf:wg:oauth:2.0:oob"
+        scope: "https://www.googleapis.com/auth/drive.readonly"
+    - name: Download from Google Drive if missing
+      include_tasks: download.yaml
+      vars:
+        key: "{{ lookup('file', '{{ key_file }}') }}"
+      with_items: "{{ files }}"
+      when: "(item.dest + '/' + item.name) is not exists"