Files
hysteria2/Makefile
T
Sergey Antropoff 0d67822eb8 fix: run only uninstall tasks, not full role on make uninstall
Tagging the whole role with uninstall caused install/configure/update/export to run first. Use include_role tasks_from uninstall.yml; add safe defaults for uninstall variables.
2026-07-01 13:19:47 +03:00

116 lines
5.5 KiB
Makefile
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# ═══════════════════════════════════════════════════════════════════════════════
# Hysteria2 Ansible — Makefile
# ═══════════════════════════════════════════════════════════════════════════════
SHELL := /bin/bash
.DEFAULT_GOAL := help
export EDITOR="nano"
ANSIBLE ?= ansible-playbook
ANSIBLE_ADHOC ?= ansible
INVENTORY ?= inventory/hosts.yml
LIMIT ?=
EXTRA_VARS ?=
TAGS ?=
ASK_PASS ?=
# vault: .vault_pass или интерактивный ввод
VAULT_FILE := .vault_pass
VAULT_ARGS := $(if $(wildcard $(VAULT_FILE)),--vault-password-file $(VAULT_FILE),)
ANSIBLE_OPTS := $(VAULT_ARGS) \
$(if $(LIMIT),--limit $(LIMIT),) \
$(if $(EXTRA_VARS),--extra-vars "$(EXTRA_VARS)",) \
$(if $(ASK_BECOME_PASS),--ask-become-pass,) \
$(if $(ASK_PASS),--ask-pass,)
CYAN := \033[0;36m
GREEN := \033[0;32m
YELLOW := \033[1;33m
BOLD := \033[1m
NC := \033[0m
.PHONY: help init check ping status \
install update export uninstall \
vault-init vault-encrypt vault-edit vault-view
help: ## Показать справку
@echo ""
@echo "$(BOLD)Hysteria2 Ansible$(NC)"
@echo ""
@grep -E '^[a-zA-Z0-9_-]+:.*##' $(MAKEFILE_LIST) | \
awk 'BEGIN {FS = ":.*## "}; {printf " $(CYAN)%-16s$(NC) %s\n", $$1, $$2}'
@echo ""
@echo " $(YELLOW)Примеры:$(NC)"
@echo " make init"
@echo " make vault-init && make vault-encrypt"
@echo " make install"
@echo " make install LIMIT=vps-de"
@echo " make update LIMIT=vps-nl"
@echo " make uninstall LIMIT=vps-de"
@echo ""
init: ## Создать inventory, group_vars и .vault_pass из примеров
@test -f inventory/hosts.yml || cp inventory/hosts.yml.example inventory/hosts.yml
@test -f group_vars/all.yml || cp group_vars/all.yml.example group_vars/all.yml
@test -f group_vars/hysteria2_servers/vars.yml || cp group_vars/hysteria2_servers/vars.yml.example group_vars/hysteria2_servers/vars.yml
@test -f group_vars/hysteria2_servers/vault.yml || cp group_vars/hysteria2_servers/vault.yml.example group_vars/hysteria2_servers/vault.yml
@test -f .vault_pass || (openssl rand -base64 32 > .vault_pass && chmod 600 .vault_pass)
@grep -q 'vault_password_file' ansible.cfg || \
(echo "" >> ansible.cfg && echo "vault_password_file = .vault_pass" >> ansible.cfg)
@echo "$(GREEN)Готово. Отредактируйте:$(NC)"
@echo " inventory/hosts.yml"
@echo " group_vars/all.yml"
@echo " group_vars/hysteria2_servers/vault.yml → затем: make vault-encrypt"
check: ## Проверить синтаксис playbook
$(ANSIBLE) playbook.yml --syntax-check $(VAULT_ARGS)
$(ANSIBLE) playbook-uninstall.yml --syntax-check $(VAULT_ARGS)
ping: ## Проверить SSH-доступ ко всем VPS
$(ANSIBLE_ADHOC) hysteria2_servers -m ping $(ANSIBLE_OPTS)
status: ## Статус hysteria-server на VPS
$(ANSIBLE_ADHOC) hysteria2_servers -m shell \
-a "systemctl status hysteria-server --no-pager || systemctl status hysteria2 --no-pager" \
-b $(VAULT_ARGS) $(if $(LIMIT),--limit $(LIMIT),)
install: check ## Установить Hysteria2 на VPS (+ URL и QR локально)
$(ANSIBLE) playbook.yml --tags install $(ANSIBLE_OPTS)
update: check ## Обновить бинарник, перекатить конфиг, перевыпустить URL/QR
$(ANSIBLE) playbook.yml --tags update --extra-vars "hysteria2_wait_for_acme=false hysteria2_upgrade_system=false" $(ANSIBLE_OPTS)
export: check ## Только перевыпустить URL и QR (без изменений на сервере)
$(ANSIBLE) playbook.yml --tags export $(ANSIBLE_OPTS)
uninstall: ## Полностью удалить Hysteria2 с VPS (только uninstall, без install/update)
@echo "$(YELLOW)Будет выполнено удаление Hysteria2$(NC) $(if $(LIMIT),на $(LIMIT),на всех серверах)"
@read -p "Продолжить? [y/N] " c; [[ "$$c" =~ ^[Yy]$$ ]] || exit 1
$(ANSIBLE) playbook-uninstall.yml --tags uninstall $(ANSIBLE_OPTS)
vault-init: ## Создать .vault_pass и включить vault_password_file в ansible.cfg
@test -f .vault_pass || (openssl rand -base64 32 > .vault_pass && chmod 600 .vault_pass)
@if ! grep -q '^vault_password_file' ansible.cfg; then \
sed -i.bak 's/# vault_password_file/vault_password_file/' ansible.cfg; \
rm -f ansible.cfg.bak; \
fi
@echo "$(GREEN).vault_pass готов$(NC)"
vault-encrypt: vault-init ## Зашифровать group_vars/hysteria2_servers/vault.yml
@if [ ! -f group_vars/hysteria2_servers/vault.yml ]; then \
echo "$(YELLOW)Сначала: make init$(NC)"; exit 1; \
fi
@if grep -q 'ANSIBLE_VAULT' group_vars/hysteria2_servers/vault.yml 2>/dev/null; then \
echo "vault.yml уже зашифрован"; \
else \
ansible-vault encrypt group_vars/hysteria2_servers/vault.yml --vault-password-file $(VAULT_FILE); \
fi
vault-edit: vault-init ## Редактировать зашифрованный vault
ansible-vault edit group_vars/hysteria2_servers/vault.yml --vault-password-file $(VAULT_FILE)
vault-view: vault-init ## Показать содержимое vault (расшифровка)
ansible-vault view group_vars/hysteria2_servers/vault.yml --vault-password-file $(VAULT_FILE)