--- # ============================================================================= # NetBird Watcher Deployment # ============================================================================= # Deploys the peer renamer watcher service. # # Prerequisites: # 1. NetBird instance running # 2. NetBird API token (PAT) # # Usage: # ansible-playbook -i poc-inventory.yml playbook.yml -e vault_netbird_token= # ============================================================================= - name: Deploy NetBird Watcher hosts: netbird_watcher_servers become: true vars_files: - group_vars/netbird_watcher_servers.yml pre_tasks: - name: Validate token is provided ansible.builtin.assert: that: - netbird_token is defined - netbird_token | length > 0 fail_msg: | NetBird token not provided! Run with: -e vault_netbird_token= tasks: # ========================================================================= # Create Directories # ========================================================================= - name: Create watcher directories ansible.builtin.file: path: "{{ item }}" state: directory mode: "0755" loop: - /opt/netbird-watcher - /etc/netbird-watcher - /var/lib/netbird-watcher # ========================================================================= # Deploy Script # ========================================================================= - name: Copy watcher script ansible.builtin.copy: src: ../../watcher/netbird_watcher.py dest: /opt/netbird-watcher/netbird_watcher.py mode: "0755" # ========================================================================= # Configure # ========================================================================= - name: Create config file ansible.builtin.template: src: templates/config.json.j2 dest: /etc/netbird-watcher/config.json mode: "0600" notify: Restart netbird-watcher # ========================================================================= # Systemd Service # ========================================================================= - name: Copy systemd service ansible.builtin.copy: src: ../../watcher/netbird-watcher.service dest: /etc/systemd/system/netbird-watcher.service mode: "0644" notify: Restart netbird-watcher - name: Reload systemd ansible.builtin.systemd: daemon_reload: true - name: Start and enable watcher service ansible.builtin.systemd: name: netbird-watcher state: started enabled: true # ========================================================================= # Verify # ========================================================================= - name: Wait for service to stabilize ansible.builtin.pause: seconds: 3 - name: Check service status ansible.builtin.systemd: name: netbird-watcher register: watcher_status - name: Display deployment status ansible.builtin.debug: msg: | ============================================ NetBird Watcher Deployed! ============================================ Service status: {{ watcher_status.status.ActiveState }} View logs: journalctl -u netbird-watcher -f State file: /var/lib/netbird-watcher/state.json ============================================ handlers: - name: Restart netbird-watcher ansible.builtin.systemd: name: netbird-watcher state: restarted