1.8 KiB
1.8 KiB
Ansible Pull — Iron Legion Fleet
Auto-applied Ansible playbooks for the Iron Legion AI agent fleet.
How It Works
Each node runs ansible-pull every 5 minutes via cron. It clones this repo and applies local.yml to itself.
Repo Structure
.
├── local.yml # Main playbook — always runs
├── group_vars/
│ └── all.yml # Fleet-wide variables
├── host_vars/
│ ├── artemis.yml # Artemis (AI Foreman)
│ ├── cinnamint--elitebook.yml # Cinnamint-EliteBook (WSL2 workstation)
│ ├── hulkbuster.yml # Mark44 (GPU heavy)
│ ├── mark5.yml # Mark5 (GPU light / Suitcase)
│ ├── mark-vii.yml # Mark VII (Swarm manager + services)
│ ├── mission-control.yml # Mission-Control (WSL2 workstation)
│ ├── mk-33.yml # MK-33 Silver Centurion (Swarm worker)
│ ├── mk-34.yml # MK-34 (Swarm worker)
│ ├── mk-39.yml # MK-39 (Swarm worker)
│ ├── mk-42.yml # MK-42 Extremis (Swarm worker)
│ └── nebuchadnezzar.yml # Neo (Nextcloud + Vaultwarden)
├── new-build/
│ └── portainer/
│ └── docker-compose.yml # Portainer CE stack for Swarm manager
├── ubuntu-autoinstall/
│ └── autoinstall.yaml # Fleet-standard headless autoinstall
└── archive/
└── maas/
Adding Node-Specific Tasks
Edit the corresponding host_vars/ file with node-specific vars (packages, configs). Edit local.yml for shared tasks that apply to all nodes.
Security
- HTTPS auth via deploy token stored in
/etc/ansible/ansible.env - Token is root-readable only (chmod 600)
- Gitea provides TLS via NetBird mesh