From 44f208e4c6995256d66f5c0d4934cae8b845c44d Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:15:45 +0100 Subject: [PATCH 1/9] Move configuration variables from main.yml to inventory --- inventory | 15 +++++++++++++++ main.yml | 12 ------------ 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/inventory b/inventory index 74fca67..086b2de 100644 --- a/inventory +++ b/inventory @@ -1,5 +1,9 @@ all: vars: + server_admin: "admin@netz39.de" + + ag_timezone: Europe/Berlin + users: - logname: "alex" viewname: "Alexander Dahl" @@ -42,8 +46,19 @@ all: hosts: tau.netz39.de: + server_admin: "admin+tau@netz39.de" + mysql_root_pw: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 64313138383833643866383332623265383863623332343864306537633931326139303638303761 + 6464653933613663643632383935376164393033363233330a313063613832396166666464666136 + 36633532393231663634663034666666356332373438646130643161383134653739663066626538 + 3661663132343639310a613431653031626434323064313465373866666332353931313836623465 + 3461 children: tau: + vars: + hosts: tau.netz39.de: + diff --git a/main.yml b/main.yml index a4e6009..b7e69e3 100644 --- a/main.yml +++ b/main.yml @@ -5,21 +5,9 @@ vars: ansible_python_interpreter: /usr/bin/python3 - server_admin: "admin@netz39.de" - - ag_timezone: Europe/Berlin - docker_compose_version: "1.25.4" docker_compose_path: /usr/local/bin/docker-compose - mysql_root_pw: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 64313138383833643866383332623265383863623332343864306537633931326139303638303761 - 6464653933613663643632383935376164393033363233330a313063613832396166666464666136 - 36633532393231663634663034666666356332373438646130643161383134653739663066626538 - 3661663132343639310a613431653031626434323064313465373866666332353931313836623465 - 3461 - roles: - role: ansible.timezone From 0de49174e6a2d7e68f1cf6c3f095487a2806f643 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:21:48 +0100 Subject: [PATCH 2/9] Split main playbook into all and tau.netz39.de --- main.yml | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/main.yml b/main.yml index b7e69e3..90e5093 100644 --- a/main.yml +++ b/main.yml @@ -1,13 +1,10 @@ --- -- hosts: tau +- hosts: all become: true vars: ansible_python_interpreter: /usr/bin/python3 - docker_compose_version: "1.25.4" - docker_compose_path: /usr/local/bin/docker-compose - roles: - role: ansible.timezone @@ -37,10 +34,21 @@ include_role: name: users - - name: Install Docker - include_role: - name: install-docker + +- hosts: tau.netz39.de + become: true + + vars: + ansible_python_interpreter: /usr/bin/python3 + + docker_compose_version: "1.25.4" + docker_compose_path: /usr/local/bin/docker-compose + + roles: + - role: install-docker + + tasks: - name: Setup Docker Environment include_tasks: tasks/docker_env.yml From 12f915f86ccc5f87c0bc68d40fb6d2c2c2fe2607 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:22:10 +0100 Subject: [PATCH 3/9] Remove superfluous group tau from inventory --- inventory | 7 ------- 1 file changed, 7 deletions(-) diff --git a/inventory b/inventory index 086b2de..65c8492 100644 --- a/inventory +++ b/inventory @@ -55,10 +55,3 @@ all: 3661663132343639310a613431653031626434323064313465373866666332353931313836623465 3461 - children: - tau: - vars: - - hosts: - tau.netz39.de: - From 164d717ffe20da850f9118a93ec40e6de82cd34d Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:26:05 +0100 Subject: [PATCH 4/9] Move tau-specific phpmyadmin setup to main playbook --- main.yml | 22 +++++++++++++++++++++- tasks/phpmyadmin.yml | 23 ----------------------- 2 files changed, 21 insertions(+), 24 deletions(-) delete mode 100644 tasks/phpmyadmin.yml diff --git a/main.yml b/main.yml index 90e5093..85b6fad 100644 --- a/main.yml +++ b/main.yml @@ -56,4 +56,24 @@ include_tasks: tasks/httpd.yml - name: Setup phpmyadmin - include_tasks: tasks/phpmyadmin.yml + docker_container: + name: phpmyadmin + state: started + image: phpmyadmin:5.0 + networks_cli_compatible: true + networks: + - name: dockernet + restart_policy: always + env: + PMA_HOST: 192.168.0.1 + MYSQL_ROOT_PASSWORD: "{{ mysql_root_pw }}" + PMA_ABSOLUTE_URI: "https://mysql.adm.netz39.de" + published_ports: + - 9001:80 + + - name: Setup proxy site mysql.adm.netz39.de + include_role: + name: setup-http-site-proxy + vars: + site_name: mysql.adm.netz39.de + proxy_port: 9001 diff --git a/tasks/phpmyadmin.yml b/tasks/phpmyadmin.yml deleted file mode 100644 index c9e0a09..0000000 --- a/tasks/phpmyadmin.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Setup phpmyadmin - docker_container: - name: phpmyadmin - state: started - image: phpmyadmin:5.0 - networks_cli_compatible: true - networks: - - name: dockernet - restart_policy: always - env: - PMA_HOST: 192.168.0.1 - MYSQL_ROOT_PASSWORD: "{{ mysql_root_pw }}" - PMA_ABSOLUTE_URI: "https://mysql.adm.netz39.de" - published_ports: - - 9001:80 - -- name: Setup proxy site mysql.adm.netz39.de - include_role: - name: setup-http-site-proxy - vars: - site_name: mysql.adm.netz39.de - proxy_port: 9001 From 176881738a9a21cdef631692549ad4175e2f5544 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:27:14 +0100 Subject: [PATCH 5/9] Move tau-specific docker-env setup to main playbook --- main.yml | 10 ++++++++-- tasks/docker_env.yml | 10 ---------- 2 files changed, 8 insertions(+), 12 deletions(-) delete mode 100644 tasks/docker_env.yml diff --git a/main.yml b/main.yml index 85b6fad..50ed72e 100644 --- a/main.yml +++ b/main.yml @@ -49,8 +49,14 @@ - role: install-docker tasks: - - name: Setup Docker Environment - include_tasks: tasks/docker_env.yml + - name: Setup docker network + docker_network: + name: dockernet + driver: bridge + ipam_config: + - subnet: 192.168.0.0/24 + gateway: 192.168.0.1 + state: present - name: Setup httpd include_tasks: tasks/httpd.yml diff --git a/tasks/docker_env.yml b/tasks/docker_env.yml deleted file mode 100644 index 3e05570..0000000 --- a/tasks/docker_env.yml +++ /dev/null @@ -1,10 +0,0 @@ -- name: Setup docker network - docker_network: - name: dockernet - driver: bridge - ipam_config: - - subnet: 192.168.0.0/24 - gateway: 192.168.0.1 - state: present - - From 17e34063d12f8017994996817722975a1477f671 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:27:42 +0100 Subject: [PATCH 6/9] users task is no longer needed This is now a role --- tasks/users.yml | 48 ------------------------------------------------ 1 file changed, 48 deletions(-) delete mode 100644 tasks/users.yml diff --git a/tasks/users.yml b/tasks/users.yml deleted file mode 100644 index becf453..0000000 --- a/tasks/users.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -- name: Add users | create users, shell, home dirs - user: - name: "{{ item }}" - shell: /bin/bash - createhome: yes - comment: 'created with ansible' - password_lock: true - append: true - with_items: - - "{{ admin_users }}" - -- name: Create .ssh user directories - file: - path: "{{ '/home/' + item + '/.ssh' }}" - state: directory - mode: "0700" - owner: "{{ item }}" - group: "{{ item }}" - with_items: - - "{{ admin_users }}" - -- name: Set authorized keys for users - copy: - src: "{{'users/' + item + '_authorized_keys'}}" - remote_src: no - dest: "{{ '/home/' + item + '/.ssh/authorized_keys' }}" - mode: "0600" - owner: "{{ item }}" - group: "{{ item }}" - with_items: - - "{{ admin_users }}" - -- name: Place users in sudo group - user: - name: "{{ item }}" - groups: sudo - append: yes - with_items: - - "{{ admin_users }}" - -- name: Configure group sudo for sudoers without password - lineinfile: - path: /etc/sudoers - state: present - regexp: '^%sudo\s' - line: '%sudo ALL=(ALL) NOPASSWD: ALL' - validate: /usr/sbin/visudo -cf %s From b4e8fc18d7b7c48bff8a4e434a406b6767df7d4e Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:28:56 +0100 Subject: [PATCH 7/9] Move tau-specific Apache setup to main playbook --- main.yml | 14 ++++++++++++++ tasks/httpd.yml | 16 ---------------- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/main.yml b/main.yml index 50ed72e..ce5d2e8 100644 --- a/main.yml +++ b/main.yml @@ -61,6 +61,20 @@ - name: Setup httpd include_tasks: tasks/httpd.yml + - name: Setup forward site reservierung.netz39.de + include_role: + name: setup-http-site-forward + vars: + site_name: reservierung.netz39.de + forward_to: https://codimd.pingtech.de/aYsBj5wSTviFTozd8b0P_Q + + - name: Setup proxy site testredmine.netz39.de + include_role: + name: setup-http-site-proxy + vars: + site_name: testredmine.netz39.de + proxy_port: 9004 + - name: Setup phpmyadmin docker_container: name: phpmyadmin diff --git a/tasks/httpd.yml b/tasks/httpd.yml index 5dc8983..349e53d 100644 --- a/tasks/httpd.yml +++ b/tasks/httpd.yml @@ -9,19 +9,3 @@ apache2_module: name: rewrite state: present - - -- name: Setup forward site reservierung.netz39.de - include_role: - name: setup-http-site-forward - vars: - site_name: reservierung.netz39.de - forward_to: https://codimd.pingtech.de/aYsBj5wSTviFTozd8b0P_Q - - -- name: Setup proxy site testredmine.netz39.de - include_role: - name: setup-http-site-proxy - vars: - site_name: testredmine.netz39.de - proxy_port: 9004 From f9e216355c1d775f80ca0fbf435f96bc35dacb63 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:30:51 +0100 Subject: [PATCH 8/9] Make Apache install a role --- main.yml | 4 +--- tasks/httpd.yml => roles/apache/tasks/main.yml | 0 2 files changed, 1 insertion(+), 3 deletions(-) rename tasks/httpd.yml => roles/apache/tasks/main.yml (100%) diff --git a/main.yml b/main.yml index ce5d2e8..893dcf6 100644 --- a/main.yml +++ b/main.yml @@ -47,6 +47,7 @@ roles: - role: install-docker + - role: apache tasks: - name: Setup docker network @@ -58,9 +59,6 @@ gateway: 192.168.0.1 state: present - - name: Setup httpd - include_tasks: tasks/httpd.yml - - name: Setup forward site reservierung.netz39.de include_role: name: setup-http-site-forward diff --git a/tasks/httpd.yml b/roles/apache/tasks/main.yml similarity index 100% rename from tasks/httpd.yml rename to roles/apache/tasks/main.yml From 8e1bc3049839fabb2869504f911b8b4ec89b1e54 Mon Sep 17 00:00:00 2001 From: Stefan Haun Date: Wed, 9 Dec 2020 19:31:39 +0100 Subject: [PATCH 9/9] Rename "install-docker" to "docker" --- main.yml | 2 +- roles/{install-docker => docker}/handlers/main.yml | 0 roles/{install-docker => docker}/tasks/main.yml | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename roles/{install-docker => docker}/handlers/main.yml (100%) rename roles/{install-docker => docker}/tasks/main.yml (100%) diff --git a/main.yml b/main.yml index 893dcf6..69b36c6 100644 --- a/main.yml +++ b/main.yml @@ -46,7 +46,7 @@ docker_compose_path: /usr/local/bin/docker-compose roles: - - role: install-docker + - role: docker - role: apache tasks: diff --git a/roles/install-docker/handlers/main.yml b/roles/docker/handlers/main.yml similarity index 100% rename from roles/install-docker/handlers/main.yml rename to roles/docker/handlers/main.yml diff --git a/roles/install-docker/tasks/main.yml b/roles/docker/tasks/main.yml similarity index 100% rename from roles/install-docker/tasks/main.yml rename to roles/docker/tasks/main.yml