--- - name: Deploy Airflow Workers hosts: airflow_workers gather_facts: yes vars_files: - group_vars/all.yml - group_vars/all/vault.yml pre_tasks: - name: Announce worker deployment debug: msg: "Starting deployment for Airflow Worker: {{ inventory_hostname }} ({{ ansible_host }})" - name: Configure system timezone # Ensures all services and logs on this node use a consistent timezone. community.general.timezone: name: "{{ host_timezone }}" become: yes - name: Install NTP for time synchronization ansible.builtin.apt: name: ntp state: present become: yes - name: Ensure NTP service is started and enabled ansible.builtin.service: name: ntp state: started enabled: yes become: yes - name: Set deploy_group to a valid single group name set_fact: deploy_group: "ytdl" - name: Ensure deploy group exists group: name: "{{ deploy_group }}" state: present become: yes - name: Ensure deploy user exists user: name: "{{ ansible_user }}" group: "{{ deploy_group }}" state: present become: yes - name: Validate deploy_group variable ansible.builtin.assert: that: - deploy_group is defined - deploy_group is string - "',' not in deploy_group" - "' ' not in deploy_group" fail_msg: "The 'deploy_group' variable ('{{ deploy_group }}') must be a single, valid group name. It should not contain commas or spaces." - name: Check for swapfile stat: path: /swapfile register: swap_file become: yes - name: Create 8GB swapfile command: fallocate -l 8G /swapfile when: not swap_file.stat.exists become: yes - name: Set swapfile permissions file: path: /swapfile mode: '0600' when: not swap_file.stat.exists become: yes - name: Make swap command: mkswap /swapfile when: not swap_file.stat.exists become: yes - name: Check current swap status command: swapon --show register: swap_status changed_when: false become: yes - name: Enable swap command: swapon /swapfile when: "'/swapfile' not in swap_status.stdout" become: yes - name: Add swapfile to fstab lineinfile: path: /etc/fstab regexp: '^/swapfile' line: '/swapfile none swap sw 0 0' state: present become: yes - name: Get GID of the deploy group getent: database: group key: "{{ deploy_group }}" register: deploy_group_info become: yes - name: Set deploy_group_gid fact set_fact: deploy_group_gid: "{{ deploy_group_info.ansible_facts.getent_group[deploy_group][1] }}" when: deploy_group_info.ansible_facts.getent_group is defined and deploy_group in deploy_group_info.ansible_facts.getent_group - name: Ensure deploy_group_gid is set to a valid value set_fact: deploy_group_gid: "0" when: deploy_group_gid is not defined or deploy_group_gid == "" - name: Configure system limits copy: src: "configs/etc/sysctl.d/99-system-limits.conf" dest: "/etc/sysctl.d/99-system-limits.conf" owner: root group: root mode: '0644' become: yes register: limits_sysctl_config_copy - name: Apply sysctl settings for system limits command: sysctl --system become: yes when: limits_sysctl_config_copy.changed tasks: - name: Install pipx ansible.builtin.apt: name: pipx state: present become: yes - name: Install Glances for system monitoring ansible.builtin.command: pipx install glances[all] args: creates: "{{ ansible_env.HOME }}/.local/bin/glances" become: yes become_user: "{{ ansible_user }}" # Include Docker health check - name: Include Docker health check tasks include_tasks: tasks/docker_health_check.yml roles: - ytdlp-worker - airflow-worker post_tasks: - name: Include camoufox verification tasks include_tasks: tasks/verify_camoufox.yml when: not fast_deploy | default(false)