adrien/automation
adrien/automation
1
1
Fork 0
Code Issues Pull requests Releases Wiki Activity

upgraded synapse to 1.18.0 and improved tags overall (dynamic tasks include does not allow fot tags inheritance, had to surround inner tasks with a block defining the tag)

Browse source
This commit is contained in:
LUXEY Adrien 2020-08-17 12:56:15 +02:00
parent 8acbc4f2b2
commit 801575ea38
10 changed files with 262 additions and 230 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
deployer/group_vars/all/vars.yml
View file

@ -17,7 +17,7 @@ wordpress:
gitea:
version: 1.12.1
synapse:
version: v1.15.1-py3
version: v1.18.0
postgres:
pg_hba_path: "/etc/postgresql/9.6/main/pg_hba.conf"

103
deployer/roles/build/tasks/drupal.yml
View file

@ -1,65 +1,70 @@
---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
- block: # Used for tagging all tasks with "drupal"
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
####################
# Render templates #
####################
####################
# Render templates #
####################
- name: "Create folder {{ sites_path }}/{{ site.slug }}"
file:
path: "{{ sites_path }}/{{ site.slug }}"
state: directory
mode: '750'
tags: [docker, nginx, mysql]
- name: "Create folder {{ sites_path }}/{{ site.slug }}"
file:
path: "{{ sites_path }}/{{ site.slug }}"
state: directory
mode: '750'
tags: [docker, nginx, mysql]
- name: Render sexy Dockerfile
template:
src: drupal/Dockerfile.j2
dest: "{{ sites_path }}/{{ site.slug }}/Dockerfile"
tags: docker
- name: Render sexy Dockerfile
template:
src: drupal/Dockerfile.j2
dest: "{{ sites_path }}/{{ site.slug }}/Dockerfile"
tags: docker
- name: Render marvelous docker-compose.yml
template:
src: drupal/docker-compose.yml.j2
dest: "{{ sites_path }}/{{ site.slug }}/docker-compose.yml"
tags: docker
- name: Render marvelous docker-compose.yml
template:
src: drupal/docker-compose.yml.j2
dest: "{{ sites_path }}/{{ site.slug }}/docker-compose.yml"
tags: docker
- name: Render swell nginx site config
template:
src: drupal/nginx.j2
dest: "/etc/nginx/sites-available/{{ site.url }}"
become: yes
tags: nginx
- name: Render swell nginx site config
template:
src: drupal/nginx.j2
dest: "/etc/nginx/sites-available/{{ site.url }}"
become: yes
tags: nginx
#######################
# MySQL configuration #
#######################
#######################
# MySQL configuration #
#######################
- name: "Setup MySQL"
import_tasks: mysql.yml
tags: mysql
- name: "Setup MySQL"
import_tasks: mysql.yml
tags: mysql
#################
# Setup backups #
#################
#################
# Setup backups #
#################
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
###################
# SSL certificate #
###################
###################
# SSL certificate #
###################
# - name: Create Let's Encrypt certificate
# This seems hard, see:
# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module
# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
# Maybe using shell directly? e.g.
# certbot certonly --webroot -w /var/www/letsencrypt -d <url>
# - name: Create Let's Encrypt certificate
# This seems hard, see:
# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module
# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
# Maybe using shell directly? e.g.
# certbot certonly --webroot -w /var/www/letsencrypt -d <url>
tags: drupal # /block

48
deployer/roles/build/tasks/gitea.yml
View file

@ -1,29 +1,33 @@
---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
####################
# Render templates #
####################
- block: # Used for tagging all tasks with "gitea"
- name: "Render templates"
import_tasks: render.yml
tags: render
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
#######################
# MySQL configuration #
#######################
####################
# Render templates #
####################
- name: "Setup MySQL"
import_tasks: mysql.yml
tags: mysql
- name: "Render templates"
import_tasks: render.yml
tags: render
#################
# Setup backups #
#################
#######################
# MySQL configuration #
#######################
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
- name: "Setup MySQL"
import_tasks: mysql.yml
tags: mysql
#################
# Setup backups #
#################
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
tags: gitea # / block

8
deployer/roles/build/tasks/main.yml
View file

@ -6,7 +6,7 @@
loop_control:
loop_var: site
when: site.type == "wordpress"
tags: wordpress,sites
tags: wordpress
- name: Build Drupal sites
include_tasks: drupal.yml
@ -14,7 +14,7 @@
loop_control:
loop_var: site
when: site.type == "drupal"
tags: drupal,sites
tags: drupal
- name: Build Gitea sites
include_tasks: gitea.yml
@ -22,7 +22,7 @@
loop_control:
loop_var: site
when: site.type == "gitea"
tags: gitea,sites
tags: gitea
- name: Build Synapse sites
include_tasks: synapse.yml
@ -30,4 +30,4 @@
loop_control:
loop_var: site
when: site.type == "synapse"
tags: synapse,sites
tags: synapse

102
deployer/roles/build/tasks/synapse.yml
View file

@ -1,62 +1,64 @@
---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
- block: # Used for tagging all tasks with "synapse"
####################
# Render templates #
####################
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
- name: "Render templates"
import_tasks: render.yml
tags: render
####################
# Render templates #
####################
##########################
# Generate configuration #
##########################
- name: "Render templates"
import_tasks: render.yml
tags: render
- name: "Create folder {{ site_data_path }}"
file:
path: "{{ site_data_path }}"
state: directory
mode: "770"
group: "www-data"
tags: config
##########################
# Generate configuration #
##########################
- name: "Copy homeserver.yaml to {{ site_data_path }}"
copy:
src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml"
dest: "{{ site_data_path }}/homeserver.yaml"
remote_src: yes
tags: config
- block: # Used for tagging all tasks with "config"
- name: "Create folder {{ site_data_path }}"
file:
path: "{{ site_data_path }}"
state: directory
mode: "770"
group: "www-data"
- name: "Let synapse generate missing configuration files"
docker_container:
name: synapse_config_generator
image: "matrixdotorg/synapse:{{ synapse.version }}"
command: "generate"
volumes:
- "{{ site_data_path }}:/data"
env:
SYNAPSE_SERVER_NAME: "{{ site.url }}"
SYNAPSE_REPORT_STATS: "no"
UID: "{{ site.user_uid }}"
GID: "{{ site.user_gid }}"
tags: config
- name: "Copy homeserver.yaml to {{ site_data_path }}"
copy:
src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml"
dest: "{{ site_data_path }}/homeserver.yaml"
remote_src: yes
- name: "Let synapse generate missing configuration files"
docker_container:
name: synapse_config_generator
image: "matrixdotorg/synapse:{{ synapse.version }}"
command: "generate"
volumes:
- "{{ site_data_path }}:/data"
env:
SYNAPSE_SERVER_NAME: "{{ site.url }}"
SYNAPSE_REPORT_STATS: "no"
UID: "{{ site.user_uid }}"
GID: "{{ site.user_gid }}"
tags: config
############################
# PostgreSQL configuration #
############################
############################
# PostgreSQL configuration #
############################
- name: "Setup PostgreSQL"
import_tasks: postgres.yml
tags: postgres
- name: "Setup PostgreSQL"
import_tasks: postgres.yml
tags: postgres
#################
# Setup backups #
#################
#################
# Setup backups #
#################
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
tags: synapse # / block

165
deployer/roles/build/tasks/wordpress.yml
View file

@ -1,99 +1,104 @@
---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}_wp-content"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}_wp-content"
tags: always
- block: # Used for tagging all tasks with "wordpress"
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}_wp-content"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}_wp-content"
tags: always
###############################
# Create wp-content if needed #
###############################
###############################
# Create wp-content if needed #
###############################
- name: Is it a new install?
stat:
path: "{{ site_data_path }}/index.php"
register: wpcontent
tags: bootstrap
- name: Is it a new install?
stat:
path: "{{ site_data_path }}/index.php"
register: wpcontent
tags: bootstrap
- name: Populate wp-content folder
block:
- name: "Clear folder {{ site_data_path }}"
file:
path: "{{ site_data_path }}"
state: absent
- name: "Download Wordpress v{{ wordpress.version }} archive"
get_url:
url: "https://wordpress.org/wordpress-{{ wordpress.version }}.tar.gz"
dest: "/tmp/wordpress.tgz"
checksum: "{{ wordpress.checksum }}"
- name: "Extract Wordpress v{{ wordpress.version }} archive"
unarchive:
src: "/tmp/wordpress.tgz"
dest: /tmp
remote_src: yes
- name: "Copy wp-content folder to destination"
copy:
src: /tmp/wordpress/wp-content/
dest: "{{ site_data_path }}"
remote_src: yes
# group: www-data
# mode: '0660'
# directory_mode: '0770'
- name: Set proper access rights to wp-content tree
file:
path: "{{ site_data_path }}"
state: directory
recurse: yes
group: www-data
mode: "u=rwX,g=rwX,o="
- name: Populate wp-content folder
block:
- name: "Clear folder {{ site_data_path }}"
file:
path: "{{ site_data_path }}"
state: absent
- name: "Download Wordpress v{{ wordpress.version }} archive"
get_url:
url: "https://wordpress.org/wordpress-{{ wordpress.version }}.tar.gz"
dest: "/tmp/wordpress.tgz"
checksum: "{{ wordpress.checksum }}"
- name: "Extract Wordpress v{{ wordpress.version }} archive"
unarchive:
src: "/tmp/wordpress.tgz"
dest: /tmp
remote_src: yes
- name: "Copy wp-content folder to destination"
copy:
src: /tmp/wordpress/wp-content/
dest: "{{ site_data_path }}"
remote_src: yes
# group: www-data
# mode: '0660'
# directory_mode: '0770'
- name: Set proper access rights to wp-content tree
file:
path: "{{ site_data_path }}"
state: directory
recurse: yes
group: www-data
mode: "u=rwX,g=rwX,o="
- name: "Remove downloaded content"
file:
path: "{{ toremove }}"
state: absent
loop:
- /tmp/wordpress.tgz
- /tmp/wordpress
loop_control:
loop_var: toremove
- name: "Remove downloaded content"
file:
path: "{{ toremove }}"
state: absent
loop:
- /tmp/wordpress.tgz
- /tmp/wordpress
loop_control:
loop_var: toremove
when: wpcontent.stat.exists is not defined or wpcontent.stat.exists == False
tags: bootstrap
when: wpcontent.stat.exists is not defined or wpcontent.stat.exists == False
tags: bootstrap
####################
# Render templates #
####################
####################
# Render templates #
####################
- name: "Render templates"
import_tasks: render.yml
tags: render
- name: "Render templates"
import_tasks: render.yml
tags: render
#######################
# MySQL configuration #
#######################
#######################
# MySQL configuration #
#######################
- name: "Setup MySQL"
import_tasks: mysql.yml
tags: mysql
- name: "Setup MySQL"
import_tasks: mysql.yml
tags: mysql
#################
# Setup backups #
#################
#################
# Setup backups #
#################
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
###################
# SSL certificate #
###################
###################
# SSL certificate #
###################
# - name: Create Let's Encrypt certificate
# This seems hard, see:
# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module
# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
# Maybe using shell directly? e.g.
# certbot certonly --webroot -w /var/www/letsencrypt -d <url>
# - name: Create Let's Encrypt certificate
# This seems hard, see:
# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module
# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
# Maybe using shell directly? e.g.
# certbot certonly --webroot -w /var/www/letsencrypt -d <url>
tags: wordpress # / block

16
deployer/roles/deploy/tasks/drupal.yml
View file

@ -2,10 +2,14 @@
# Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include nginx tasks
include_tasks: nginx.yml
tags: nginx
- block: # Used for tagging all tasks with "drupal"
- name: Include docker tasks
include_tasks: docker.yml
tags: docker
- name: Include nginx tasks
import_tasks: nginx.yml
tags: nginx
- name: Include docker tasks
import_tasks: docker.yml
tags: docker
tags: drupal

16
deployer/roles/deploy/tasks/gitea.yml
View file

@ -2,10 +2,14 @@
# Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include docker tasks
include_tasks: docker.yml
tags: docker
- block: # Used for tagging all tasks with "gitea"
- name: Include nginx tasks
include_tasks: nginx.yml
tags: nginx
- name: Include docker tasks
import_tasks: docker.yml
tags: docker
- name: Include nginx tasks
import_tasks: nginx.yml
tags: nginx
tags: gitea

16
deployer/roles/deploy/tasks/synapse.yml
View file

@ -2,10 +2,14 @@
# Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include docker tasks
include_tasks: docker.yml
tags: docker
- block: # Used for tagging all tasks with "synapse"
- name: Include nginx tasks
include_tasks: nginx.yml
tags: nginx
- name: Include docker tasks
import_tasks: docker.yml
tags: docker
- name: Include nginx tasks
import_tasks: nginx.yml
tags: nginx
tags: synapse

16
deployer/roles/deploy/tasks/wordpress.yml
View file

@ -2,10 +2,14 @@
# Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include nginx tasks
include_tasks: nginx.yml
tags: nginx
- block: # Used for tagging all tasks with "wordpress"
- name: Include docker tasks
include_tasks: docker.yml
tags: docker
- name: Include nginx tasks
import_tasks: nginx.yml
tags: nginx
- name: Include docker tasks
import_tasks: docker.yml
tags: docker
tags: wordpress