fix(hosts): update ansible_host IP address to use internal IP for better security

The ansible_host IP address is changed from the public IP to the internal IP (10.0.9.9) to improve security by using internal networking for communication.

feat(renovate/tasks/main.yml): add renovate clean cron job to maintain a clean environment
A new cron job is added to run twice daily at 2 AM and 2 PM. This job will clean up the environment by running `docker-compose down -v --remove-orphans` and then starting the services again with `docker-compose up -d`. The output is logged to /var/log/renovate-clean.log for monitoring purposes. This ensures a clean environment and helps prevent potential issues caused by stale or orphaned containers.
This commit is contained in:
Kasper Juul Hermansen 2023-05-13 02:58:39 +02:00
parent 9f995612af
commit 7e73d346ce
Signed by: kjuulh
GPG Key ID: 57B6E1465221F912
2 changed files with 10 additions and 2 deletions

4
hosts
View File

@ -1,5 +1,5 @@
[bespoke]
renovate ansible_ssh_private_key_file=~/.ssh/id_clank ansible_host=5.75.254.153 wireguard_peer_ip=10.0.9.9
renovate ansible_ssh_private_key_file=~/.ssh/id_clank ansible_host=10.0.9.9 wireguard_peer_ip=10.0.9.9
[renovate]
renovate ansible_ssh_private_key_file=~/.ssh/id_clank ansible_host=5.75.254.153 wireguard_peer_ip=10.0.9.9
renovate ansible_ssh_private_key_file=~/.ssh/id_clank ansible_host=10.0.9.9 wireguard_peer_ip=10.0.9.9

View File

@ -24,3 +24,11 @@
docker_compose:
project_src: ~/git/git.front.kjuulh.io/kjuulh/renovate/
when: compose_file_stat.stat.exists and github_env_stat.stat.exists and env_stat.stat.exists
- name: renovate clean cron job
cron:
name: renovate clean cronjob
user: "root"
minute: "0"
hour: "2,14"
job: "docker-compose -f ~/git/git.front.kjuulh.io/kjuulh/renovate/docker-compose.yaml down -v --remove-orphans && docker-compose -f ~/git/git.front.kjuulh.io/kjuulh/renovate/docker-compose.yaml up -d >> /var/log/renovate-clean.log 2>&1"