From 4c05a03f93e338072a809f18da3ef5b01bd074e8 Mon Sep 17 00:00:00 2001 From: Hugo Peixoto Date: Sun, 2 Oct 2022 00:10:14 +0100 Subject: [PATCH] Refaz o saucy Em vez de usar o comminuty module cenas para docker, usa systemd para gerir os jobs e env files normais. Aproveita e renomeia um dos yaml para yml. --- 05_container_saucy.yaml | 80 --------------------- 05_container_saucy.yml | 6 ++ host_vars/saucy@lxd.ansol.org | 41 ++++++----- main.yaml | 1 + requirements.txt | 11 +++ roles/container-postgres/files/env | 3 + roles/container-postgres/files/unit.service | 12 ++++ roles/container-postgres/handlers/main.yml | 3 + roles/container-postgres/tasks/main.yml | 24 +++++++ roles/container-saucy/files/env | 16 +++++ roles/container-saucy/files/unit.service | 12 ++++ roles/container-saucy/handlers/main.yml | 3 + roles/container-saucy/tasks/main.yml | 36 ++++++++++ 13 files changed, 151 insertions(+), 97 deletions(-) delete mode 100644 05_container_saucy.yaml create mode 100644 05_container_saucy.yml create mode 100644 requirements.txt create mode 100644 roles/container-postgres/files/env create mode 100644 roles/container-postgres/files/unit.service create mode 100644 roles/container-postgres/handlers/main.yml create mode 100644 roles/container-postgres/tasks/main.yml create mode 100644 roles/container-saucy/files/env create mode 100644 roles/container-saucy/files/unit.service create mode 100644 roles/container-saucy/handlers/main.yml create mode 100644 roles/container-saucy/tasks/main.yml diff --git a/05_container_saucy.yaml b/05_container_saucy.yaml deleted file mode 100644 index aa51d89..0000000 --- a/05_container_saucy.yaml +++ /dev/null @@ -1,80 +0,0 @@ ---- -- name: SAUCY - hosts: saucy@lxd.ansol.org - become: true - tasks: - - name: SAUCY -- install needed packages - become: true - package: - state: present - name: '{{ item }}' - with_items: - - ca-certificates - - curl - - gnupg - - lsb-release - - name: SAUCY -- add Docker GPG key - become: true - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - state: present - - name: SAUCY -- add Docker repository to apt - become: true - apt_repository: - repo: deb https://download.docker.com/linux/ubuntu focal stable - state: present - - name: SAUCY -- install docker - become: true - apt: - name: '{{item}}' - state: latest - loop: - - docker-ce - - docker-ce-cli - - containerd.io - - python3-docker - - name: SAUCY -- start, and enable, docker service - become: true - service: - name: docker - state: started - enabled: yes - # postgres server and db, account - - name: SAUCY -- install postgresql - become: true - community.docker.docker_container: - name: postgresql - image: postgres:latest - state: started - container_default_behavior: no_defaults - volumes: - - /data:/var/lib/postgresql/data - ports: - - '5432:5432' - env: - POSTGRES_USER: '{{ db_user }}' - POSTGRES_PASSWORD: '{{ db_password }}' - POSTGRES_DB: '{{ db_name }}' - - name: SAUCY -- add Saucy container - community.docker.docker_container: - name: saucy - image: git.ansol.org/ansol/saucy:latest - state: started - container_default_behavior: no_defaults - ports: - - '80:3000' - env: - DATABASE_URL: 'postgres://{{ db_user }}:{{ db_password }}@{{ db_host }}/{{ db_name }}' - SMTP_ADDRESS: smtp.netureza.pt - SMTP_DOMAIN: ansol.org - SMTP_USERNAME: '{{ smtp_username }}' - SMTP_PASSWORD: '{{ smtp_password }}' - SMTP_FROM_ADDRESS: direccao@ansol.org - SMTP_FROM_NAME: ANSOL - - IFTHENPAY_KEY: '{{ ifthenpay_key }}' - IFTHENPAY_ACCOUNTS: '{{ ifthenpay_accounts }}' - - BASE_HOST: saucy.ansol.org - RAILS_LOG_TO_STDOUT: 'true' - RAILS_ENV: production diff --git a/05_container_saucy.yml b/05_container_saucy.yml new file mode 100644 index 0000000..93f663b --- /dev/null +++ b/05_container_saucy.yml @@ -0,0 +1,6 @@ +--- +- name: SAUCY + hosts: saucy@lxd.ansol.org + roles: + - container-postgres + - container-saucy diff --git a/host_vars/saucy@lxd.ansol.org b/host_vars/saucy@lxd.ansol.org index ce69d58..f62388f 100644 --- a/host_vars/saucy@lxd.ansol.org +++ b/host_vars/saucy@lxd.ansol.org @@ -1,18 +1,25 @@ $ANSIBLE_VAULT;1.1;AES256 -37323635663062383436383061366461326133386235313733653466313565346562373131333031 -3235306530653634333733326430616632393064356330350a363864653566653763383664663061 -30656266383834303464366266366435636438343663313436393764353537326163366434313131 -3565323935396330310a613631623530333365643530313531373039336434366166663338613261 -37316462393330663263636464343865313962343738323537623239316533643831303764623132 -39636337646538386336393366656336333066316337336634356564303533626263313435376435 -36376539383434376430666263316639376337376636616337356161653234393666636461356466 -36366665376632643964386535316538326235666266396631363064613235623639666235396434 -39316636623264366561393032346666343465333565316136636234323962333339313832303634 -37623230313538366666656338666332386431616230343533616234633065356337633766633330 -65626566386632303130393336343736303464326130383964333133656632653236626366376166 -63383363653830346364373966393036316363393863643833386630633535366332343932643639 -38366630326235363033346636316631343532386236613430616165643632636331313832633463 -65336664343336663064383866323635663561306637613439626364366435656131646664353138 -63356631623562633735303636343232333232646439623764303239643730653431626465616363 -35663633303234613064353433646632343436643130336337336361326664336239326135323161 -3738 +64616462303033383065373838613534653461376264633632343134636264613037623166376636 +3635363331383233326364376335353039323635343062360a313738626439343832646230373631 +61663463333163663031663464373737393932623561363833633563376132373235653065326330 +3230353834323866300a363733326332666639616164373965643532613238326463336661346332 +66656261666433356138376338313533623433326230333761663934373766356538366630613261 +39323036653465343332373031316433303662343232333665303565313230663730316238646262 +37656432323236653262353231316461313731393336383463643231326637313135343262663164 +39306139633234633137626461653364373830383034373235316663623230323730323261326139 +33663965376639393864653465646263653861353733613936393065326165666131316662666339 +39323238323061636536343463643437373735656362626366663266313235363531323632346630 +63306365396235663831656137376638313765333333386162353963666637386465396462626261 +38316439353562376630386466646531373661633737353133333363663633373564396230616561 +36613465636633656432306330356330626238663836306339306132383932626436616338386364 +39656135613339613138383464663863613063323334663861613338396464366331623664616232 +38393761326230316539373466636435646562306535323830633333656465306532343661396135 +62623361656336633532643864383163616163643336366665316535656332333537303062373630 +36643738653161653731346130643435613235333339623030396161613935316465343266306461 +36386634323962343731613034366538613663363133393039356661306132623964656430646562 +64356264643361326566616533323364353535653664353538613362313937376261396632616232 +36653164353365653162646161396361376434313533616664366461326538306261323139633862 +62343737623362393533326163353333313032313861366638356338313930346631373430326164 +64636639623430356433643537323363636537623030353635376632623731376439336461663738 +35363038303737616561376663373631386633376430643661393665333465373138346131323932 +34326133316464323138 diff --git a/main.yaml b/main.yaml index 52e76ec..1f79554 100644 --- a/main.yaml +++ b/main.yaml @@ -11,3 +11,4 @@ - import_playbook: 03_container_haproxy.yaml # Container Gitea - import_playbook: 04_container_gitea.yaml +- import_playbook: 05_container_saucy.yml diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..6a03cd3 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,11 @@ +ansible==6.2.0 +ansible-core==2.13.2 +cffi==1.15.1 +cryptography==37.0.4 +Jinja2==3.1.2 +MarkupSafe==2.1.1 +packaging==21.3 +pycparser==2.21 +pyparsing==3.0.9 +PyYAML==6.0 +resolvelib==0.8.1 diff --git a/roles/container-postgres/files/env b/roles/container-postgres/files/env new file mode 100644 index 0000000..1d9991a --- /dev/null +++ b/roles/container-postgres/files/env @@ -0,0 +1,3 @@ +POSTGRES_USER={{ db_user }} +POSTGRES_PASSWORD={{ db_password }} +POSTGRES_DB={{ db_name }} diff --git a/roles/container-postgres/files/unit.service b/roles/container-postgres/files/unit.service new file mode 100644 index 0000000..f206b07 --- /dev/null +++ b/roles/container-postgres/files/unit.service @@ -0,0 +1,12 @@ +[Unit] +Description=Container running postgres +Wants=network.target +After=network-online.target + +[Service] +Restart=on-failure +TimeoutStopSec=70 +ExecStart=/usr/bin/docker run --rm -it --name postgres --env-file /srv/postgres/env -v /srv/postgres/data:/var/lib/postgresql/data -p5432:5432 postgres:latest + +[Install] +WantedBy=multi-user.target default.target diff --git a/roles/container-postgres/handlers/main.yml b/roles/container-postgres/handlers/main.yml new file mode 100644 index 0000000..8a13bc3 --- /dev/null +++ b/roles/container-postgres/handlers/main.yml @@ -0,0 +1,3 @@ +- name: reload systemd + systemd: + daemon_reload: yes diff --git a/roles/container-postgres/tasks/main.yml b/roles/container-postgres/tasks/main.yml new file mode 100644 index 0000000..da3f5c7 --- /dev/null +++ b/roles/container-postgres/tasks/main.yml @@ -0,0 +1,24 @@ +- name: container pg -- srv directory + become: true + file: + path: '/srv/postgres' + mode: 0700 + state: directory +- name: container pg -- env file + become: true + template: + src: 'files/env' + dest: '/srv/postgres/env' + mode: 0600 +- name: container pg -- systemd unit file + become: true + template: + src: 'files/unit.service' + dest: '/etc/systemd/system/container-postgres.service' + mode: 0644 + notify: reload systemd +- name: container pg -- start + become: true + systemd: + name: container-postgres + state: started diff --git a/roles/container-saucy/files/env b/roles/container-saucy/files/env new file mode 100644 index 0000000..4a50e32 --- /dev/null +++ b/roles/container-saucy/files/env @@ -0,0 +1,16 @@ +DATABASE_URL=postgres://{{ db_user }}:{{ db_password }}@{{ db_host }}/{{ db_name }} +SMTP_ADDRESS=smtp.netureza.pt +SMTP_DOMAIN=ansol.org +SMTP_USERNAME={{ smtp_username }} +SMTP_PASSWORD={{ smtp_password }} +SMTP_FROM_ADDRESS=direccao@ansol.org +SMTP_FROM_NAME=ANSOL + +IFTHENPAY_KEY={{ ifthenpay_key }} +IFTHENPAY_ACCOUNTS={{ ifthenpay_accounts }} + +BASE_HOST=saucy.ansol.org +RAILS_ENV=production +RAILS_LOG_TO_STDOUT=true +RAILS_SERVE_STATIC_FILES=true +SECRET_KEY_BASE={{ secret_key_base }} diff --git a/roles/container-saucy/files/unit.service b/roles/container-saucy/files/unit.service new file mode 100644 index 0000000..bed24dc --- /dev/null +++ b/roles/container-saucy/files/unit.service @@ -0,0 +1,12 @@ +[Unit] +Description=Container running saucy +Wants=network.target +After=network-online.target container-postgres.service + +[Service] +Restart=on-failure +TimeoutStopSec=70 +ExecStart=/usr/bin/docker run --pull=always --rm -it --name saucy --env-file /srv/saucy/env -v /srv/saucy/data:/data -p80:3000 git.ansol.org/ansol/saucy:latest + +[Install] +WantedBy=multi-user.target default.target diff --git a/roles/container-saucy/handlers/main.yml b/roles/container-saucy/handlers/main.yml new file mode 100644 index 0000000..8a13bc3 --- /dev/null +++ b/roles/container-saucy/handlers/main.yml @@ -0,0 +1,3 @@ +- name: reload systemd + systemd: + daemon_reload: yes diff --git a/roles/container-saucy/tasks/main.yml b/roles/container-saucy/tasks/main.yml new file mode 100644 index 0000000..e2ed7a6 --- /dev/null +++ b/roles/container-saucy/tasks/main.yml @@ -0,0 +1,36 @@ +- name: container saucy -- srv directory + become: true + file: + path: '/srv/saucy' + mode: 0700 + state: directory +- name: container saucy -- env file + become: true + template: + src: 'files/env' + dest: '/srv/saucy/env' + mode: 0600 +- name: container saucy -- systemd unit file + become: true + template: + src: 'files/unit.service' + dest: '/etc/systemd/system/container-saucy.service' + mode: 0644 + notify: reload systemd +- name: container saucy -- start + become: true + systemd: + name: container-saucy + state: started +- name: container saucy -- sync cron + become: true + cron: + name: "saucy-sync" + minute: "*/5" + job: "/usr/bin/docker exec -it saucy bin/rails saucy:sync" + #- name: container saucy -- sync cron + # become: true + # cron: + # name: "saucy-sync" + # hour: "8" + # job: "/usr/bin/docker exec -it saucy bin/rails saucy:notify"