netz39-infra-ansible/main.yml

---
- hosts: all
  become: true

  vars:
    ansible_python_interpreter: /usr/bin/python3

  roles:
  - role: ansible.timezone

  tasks:
    - name: Update and clean package cache
      apt:
        update_cache: true
        cache_valid_time: 3600
        autoclean: true

    - name: Ensure unattended-upgrades is installed and up to date
      apt:
        name: unattended-upgrades
        state: latest

    - name: Setup unattended-upgrades
      include_role:
        name: ansible-role-unattended-upgrades
      vars:
        unattended_origins_patterns:
          - 'origin=Debian,archive=buster-security'
          - 'o=Debian,a=buster-updates'
        unattended_package_blacklist: [cowsay]
        unattended_mail: 'root'

    - name: Setup users
      include_role:
        name: users


- hosts: tau.netz39.de
  become: true

  vars:
    ansible_python_interpreter: /usr/bin/python3

    docker_compose_version: "1.25.4"
    docker_compose_path: /usr/local/bin/docker-compose

  roles:
  - role: docker
  - role: apache

  tasks:
    - name: Setup docker network
      docker_network:
        name: dockernet
        driver: bridge
        ipam_config:
          - subnet: 192.168.0.0/24
            gateway: 192.168.0.1
        state: present

    - name: Setup forward site reservierung.netz39.de
      include_role:
        name: setup-http-site-forward
      vars:
        site_name: reservierung.netz39.de
        forward_to: https://codimd.pingtech.de/aYsBj5wSTviFTozd8b0P_Q

    - name: Setup proxy site testredmine.netz39.de
      include_role:
        name: setup-http-site-proxy
      vars:
        site_name: testredmine.netz39.de
        proxy_port: 9004

    - name: Setup phpmyadmin
      docker_container:
        name: phpmyadmin
        state: started
        image: phpmyadmin:5.0
        networks_cli_compatible: true
        networks:
          - name: dockernet
        restart_policy: always
        env:
          PMA_HOST: 192.168.0.1
          MYSQL_ROOT_PASSWORD: "{{ mysql_root_pw }}"
          PMA_ABSOLUTE_URI: "https://mysql.adm.netz39.de"
        published_ports:
          - 9001:80

    - name: Setup proxy site mysql.adm.netz39.de
      include_role:
        name: setup-http-site-proxy
      vars:
        site_name: mysql.adm.netz39.de
        proxy_port: 9001
Add main playbook as entry point 2020-11-24 18:31:09 +01:00			`---`
Split main playbook into all and tau.netz39.de 2020-12-09 19:21:48 +01:00			`- hosts: all`
Add main playbook as entry point 2020-11-24 18:31:09 +01:00			`become: true`

			`vars:`
Set to python3 2020-11-24 22:46:30 +01:00			`ansible_python_interpreter: /usr/bin/python3`

Set timezone 2020-11-24 18:47:03 +01:00			`roles:`
			`- role: ansible.timezone`
Add main playbook as entry point 2020-11-24 18:31:09 +01:00
			`tasks:`
			`- name: Update and clean package cache`
			`apt:`
			`update_cache: true`
			`cache_valid_time: 3600`
			`autoclean: true`

Setup unattended-upgrades 2020-11-24 18:47:16 +01:00			`- name: Ensure unattended-upgrades is installed and up to date`
			`apt:`
			`name: unattended-upgrades`
			`state: latest`

			`- name: Setup unattended-upgrades`
			`include_role:`
			`name: ansible-role-unattended-upgrades`
			`vars:`
			`unattended_origins_patterns:`
			`- 'origin=Debian,archive=buster-security'`
			`- 'o=Debian,a=buster-updates'`
			`unattended_package_blacklist: [cowsay]`
			`unattended_mail: 'root'`

Include user tasks 2020-11-24 19:21:52 +01:00			`- name: Setup users`
Call the new users role from main.yml 2020-12-09 18:50:21 +01:00			`include_role:`
			`name: users`
Include user tasks 2020-11-24 19:21:52 +01:00
Call docker tasks 2020-11-24 19:31:27 +01:00
Split main playbook into all and tau.netz39.de 2020-12-09 19:21:48 +01:00
			`- hosts: tau.netz39.de`
			`become: true`

			`vars:`
			`ansible_python_interpreter: /usr/bin/python3`

			`docker_compose_version: "1.25.4"`
			`docker_compose_path: /usr/local/bin/docker-compose`

			`roles:`
Rename "install-docker" to "docker" 2020-12-09 19:31:39 +01:00			`- role: docker`
Make Apache install a role 2020-12-09 19:30:51 +01:00			`- role: apache`
Split main playbook into all and tau.netz39.de 2020-12-09 19:21:48 +01:00
			`tasks:`
Move tau-specific docker-env setup to main playbook 2020-12-09 19:27:14 +01:00			`- name: Setup docker network`
			`docker_network:`
			`name: dockernet`
			`driver: bridge`
			`ipam_config:`
			`- subnet: 192.168.0.0/24`
			`gateway: 192.168.0.1`
			`state: present`
Add setup for phpmyadmin to main.yml 2020-11-24 22:46:18 +01:00
Move tau-specific Apache setup to main playbook 2020-12-09 19:28:56 +01:00			`- name: Setup forward site reservierung.netz39.de`
			`include_role:`
			`name: setup-http-site-forward`
			`vars:`
			`site_name: reservierung.netz39.de`
			`forward_to: https://codimd.pingtech.de/aYsBj5wSTviFTozd8b0P_Q`

			`- name: Setup proxy site testredmine.netz39.de`
			`include_role:`
			`name: setup-http-site-proxy`
			`vars:`
			`site_name: testredmine.netz39.de`
			`proxy_port: 9004`

Move phpmyadmin setup to distinct task list 2020-11-25 16:46:20 +01:00			`- name: Setup phpmyadmin`
Move tau-specific phpmyadmin setup to main playbook 2020-12-09 19:26:05 +01:00			`docker_container:`
			`name: phpmyadmin`
			`state: started`
			`image: phpmyadmin:5.0`
			`networks_cli_compatible: true`
			`networks:`
			`- name: dockernet`
			`restart_policy: always`
			`env:`
			`PMA_HOST: 192.168.0.1`
			`MYSQL_ROOT_PASSWORD: "{{ mysql_root_pw }}"`
			`PMA_ABSOLUTE_URI: "https://mysql.adm.netz39.de"`
			`published_ports:`
			`- 9001:80`

			`- name: Setup proxy site mysql.adm.netz39.de`
			`include_role:`
			`name: setup-http-site-proxy`
			`vars:`
			`site_name: mysql.adm.netz39.de`
			`proxy_port: 9001`