adrien/automation
adrien/automation
1
1
Fork 0
Code Issues Pull requests Releases Wiki Activity

upgraded synapse to 1.18.0 and improved tags overall (dynamic tasks include does not allow fot tags inheritance, had to surround inner tasks with a block defining the tag)

Browse source
This commit is contained in:
LUXEY Adrien 2020-08-17 12:56:15 +02:00
parent 8acbc4f2b2
commit 801575ea38
10 changed files with 262 additions and 230 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
deployer/group_vars/all/vars.yml
View file

@ -17,7 +17,7 @@ wordpress:
gitea: gitea:
version: 1.12.1 version: 1.12.1
synapse: synapse:
version: v1.15.1-py3 version: v1.18.0
postgres: postgres:
pg_hba_path: "/etc/postgresql/9.6/main/pg_hba.conf" pg_hba_path: "/etc/postgresql/9.6/main/pg_hba.conf"

103
deployer/roles/build/tasks/drupal.yml
View file

@ -1,65 +1,70 @@
--- ---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" - block: # Used for tagging all tasks with "drupal"
tags: always
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
#################### ####################
# Render templates # # Render templates #
#################### ####################
- name: "Create folder {{ sites_path }}/{{ site.slug }}" - name: "Create folder {{ sites_path }}/{{ site.slug }}"
file: file:
path: "{{ sites_path }}/{{ site.slug }}" path: "{{ sites_path }}/{{ site.slug }}"
state: directory state: directory
mode: '750' mode: '750'
tags: [docker, nginx, mysql] tags: [docker, nginx, mysql]
- name: Render sexy Dockerfile - name: Render sexy Dockerfile
template: template:
src: drupal/Dockerfile.j2 src: drupal/Dockerfile.j2
dest: "{{ sites_path }}/{{ site.slug }}/Dockerfile" dest: "{{ sites_path }}/{{ site.slug }}/Dockerfile"
tags: docker tags: docker
- name: Render marvelous docker-compose.yml - name: Render marvelous docker-compose.yml
template: template:
src: drupal/docker-compose.yml.j2 src: drupal/docker-compose.yml.j2
dest: "{{ sites_path }}/{{ site.slug }}/docker-compose.yml" dest: "{{ sites_path }}/{{ site.slug }}/docker-compose.yml"
tags: docker tags: docker
- name: Render swell nginx site config - name: Render swell nginx site config
template: template:
src: drupal/nginx.j2 src: drupal/nginx.j2
dest: "/etc/nginx/sites-available/{{ site.url }}" dest: "/etc/nginx/sites-available/{{ site.url }}"
become: yes become: yes
tags: nginx tags: nginx
####################### #######################
# MySQL configuration # # MySQL configuration #
####################### #######################
- name: "Setup MySQL" - name: "Setup MySQL"
import_tasks: mysql.yml import_tasks: mysql.yml
tags: mysql tags: mysql
################# #################
# Setup backups # # Setup backups #
################# #################
- name: "Setup backups" - name: "Setup backups"
import_tasks: backup.yml import_tasks: backup.yml
tags: backup tags: backup
################### ###################
# SSL certificate # # SSL certificate #
################### ###################
# - name: Create Let's Encrypt certificate # - name: Create Let's Encrypt certificate
# This seems hard, see: # This seems hard, see:
# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module # https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module
# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04 # https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
# Maybe using shell directly? e.g. # Maybe using shell directly? e.g.
# certbot certonly --webroot -w /var/www/letsencrypt -d <url> # certbot certonly --webroot -w /var/www/letsencrypt -d <url>
tags: drupal # /block

48
deployer/roles/build/tasks/gitea.yml
View file

@ -1,29 +1,33 @@
--- ---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
#################### - block: # Used for tagging all tasks with "gitea"
# Render templates #
####################
- name: "Render templates" - name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
import_tasks: render.yml set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: render tags: always
####################### ####################
# MySQL configuration # # Render templates #
####################### ####################
- name: "Setup MySQL" - name: "Render templates"
import_tasks: mysql.yml import_tasks: render.yml
tags: mysql tags: render
################# #######################
# Setup backups # # MySQL configuration #
################# #######################
- name: "Setup backups" - name: "Setup MySQL"
import_tasks: backup.yml import_tasks: mysql.yml
tags: backup tags: mysql
#################
# Setup backups #
#################
- name: "Setup backups"
import_tasks: backup.yml
tags: backup
tags: gitea # / block

8
deployer/roles/build/tasks/main.yml
View file

@ -6,7 +6,7 @@
loop_control: loop_control:
loop_var: site loop_var: site
when: site.type == "wordpress" when: site.type == "wordpress"
tags: wordpress,sites tags: wordpress
- name: Build Drupal sites - name: Build Drupal sites
include_tasks: drupal.yml include_tasks: drupal.yml
@ -14,7 +14,7 @@
loop_control: loop_control:
loop_var: site loop_var: site
when: site.type == "drupal" when: site.type == "drupal"
tags: drupal,sites tags: drupal
- name: Build Gitea sites - name: Build Gitea sites
include_tasks: gitea.yml include_tasks: gitea.yml
@ -22,7 +22,7 @@
loop_control: loop_control:
loop_var: site loop_var: site
when: site.type == "gitea" when: site.type == "gitea"
tags: gitea,sites tags: gitea
- name: Build Synapse sites - name: Build Synapse sites
include_tasks: synapse.yml include_tasks: synapse.yml
@ -30,4 +30,4 @@
loop_control: loop_control:
loop_var: site loop_var: site
when: site.type == "synapse" when: site.type == "synapse"
tags: synapse,sites tags: synapse

102
deployer/roles/build/tasks/synapse.yml
View file

@ -1,62 +1,64 @@
--- ---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" - block: # Used for tagging all tasks with "synapse"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
tags: always
#################### - name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
# Render templates # set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
####################
- name: "Render templates" ####################
import_tasks: render.yml # Render templates #
tags: render ####################
########################## - name: "Render templates"
# Generate configuration # import_tasks: render.yml
########################## tags: render
- name: "Create folder {{ site_data_path }}" ##########################
file: # Generate configuration #
path: "{{ site_data_path }}" ##########################
state: directory
mode: "770"
group: "www-data"
tags: config
- name: "Copy homeserver.yaml to {{ site_data_path }}" - block: # Used for tagging all tasks with "config"
copy: - name: "Create folder {{ site_data_path }}"
src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml" file:
dest: "{{ site_data_path }}/homeserver.yaml" path: "{{ site_data_path }}"
remote_src: yes state: directory
tags: config mode: "770"
group: "www-data"
- name: "Let synapse generate missing configuration files" - name: "Copy homeserver.yaml to {{ site_data_path }}"
docker_container: copy:
name: synapse_config_generator src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml"
image: "matrixdotorg/synapse:{{ synapse.version }}" dest: "{{ site_data_path }}/homeserver.yaml"
command: "generate" remote_src: yes
volumes:
- "{{ site_data_path }}:/data" - name: "Let synapse generate missing configuration files"
env: docker_container:
SYNAPSE_SERVER_NAME: "{{ site.url }}" name: synapse_config_generator
SYNAPSE_REPORT_STATS: "no" image: "matrixdotorg/synapse:{{ synapse.version }}"
UID: "{{ site.user_uid }}" command: "generate"
GID: "{{ site.user_gid }}" volumes:
tags: config - "{{ site_data_path }}:/data"
env:
SYNAPSE_SERVER_NAME: "{{ site.url }}"
SYNAPSE_REPORT_STATS: "no"
UID: "{{ site.user_uid }}"
GID: "{{ site.user_gid }}"
tags: config
############################ ############################
# PostgreSQL configuration # # PostgreSQL configuration #
############################ ############################
- name: "Setup PostgreSQL" - name: "Setup PostgreSQL"
import_tasks: postgres.yml import_tasks: postgres.yml
tags: postgres tags: postgres
################# #################
# Setup backups # # Setup backups #
################# #################
- name: "Setup backups" - name: "Setup backups"
import_tasks: backup.yml import_tasks: backup.yml
tags: backup tags: backup
tags: synapse # / block

165
deployer/roles/build/tasks/wordpress.yml
View file

@ -1,99 +1,104 @@
--- ---
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}_wp-content"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}_wp-content" - block: # Used for tagging all tasks with "wordpress"
tags: always
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}_wp-content"
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}_wp-content"
tags: always
############################### ###############################
# Create wp-content if needed # # Create wp-content if needed #
############################### ###############################
- name: Is it a new install? - name: Is it a new install?
stat: stat:
path: "{{ site_data_path }}/index.php" path: "{{ site_data_path }}/index.php"
register: wpcontent register: wpcontent
tags: bootstrap tags: bootstrap
- name: Populate wp-content folder - name: Populate wp-content folder
block: block:
- name: "Clear folder {{ site_data_path }}" - name: "Clear folder {{ site_data_path }}"
file: file:
path: "{{ site_data_path }}" path: "{{ site_data_path }}"
state: absent state: absent
- name: "Download Wordpress v{{ wordpress.version }} archive" - name: "Download Wordpress v{{ wordpress.version }} archive"
get_url: get_url:
url: "https://wordpress.org/wordpress-{{ wordpress.version }}.tar.gz" url: "https://wordpress.org/wordpress-{{ wordpress.version }}.tar.gz"
dest: "/tmp/wordpress.tgz" dest: "/tmp/wordpress.tgz"
checksum: "{{ wordpress.checksum }}" checksum: "{{ wordpress.checksum }}"
- name: "Extract Wordpress v{{ wordpress.version }} archive" - name: "Extract Wordpress v{{ wordpress.version }} archive"
unarchive: unarchive:
src: "/tmp/wordpress.tgz" src: "/tmp/wordpress.tgz"
dest: /tmp dest: /tmp
remote_src: yes remote_src: yes
- name: "Copy wp-content folder to destination" - name: "Copy wp-content folder to destination"
copy: copy:
src: /tmp/wordpress/wp-content/ src: /tmp/wordpress/wp-content/
dest: "{{ site_data_path }}" dest: "{{ site_data_path }}"
remote_src: yes remote_src: yes
# group: www-data # group: www-data
# mode: '0660' # mode: '0660'
# directory_mode: '0770' # directory_mode: '0770'
- name: Set proper access rights to wp-content tree - name: Set proper access rights to wp-content tree
file: file:
path: "{{ site_data_path }}" path: "{{ site_data_path }}"
state: directory state: directory
recurse: yes recurse: yes
group: www-data group: www-data
mode: "u=rwX,g=rwX,o=" mode: "u=rwX,g=rwX,o="
- name: "Remove downloaded content" - name: "Remove downloaded content"
file: file:
path: "{{ toremove }}" path: "{{ toremove }}"
state: absent state: absent
loop: loop:
- /tmp/wordpress.tgz - /tmp/wordpress.tgz
- /tmp/wordpress - /tmp/wordpress
loop_control: loop_control:
loop_var: toremove loop_var: toremove
when: wpcontent.stat.exists is not defined or wpcontent.stat.exists == False when: wpcontent.stat.exists is not defined or wpcontent.stat.exists == False
tags: bootstrap tags: bootstrap
#################### ####################
# Render templates # # Render templates #
#################### ####################
- name: "Render templates" - name: "Render templates"
import_tasks: render.yml import_tasks: render.yml
tags: render tags: render
####################### #######################
# MySQL configuration # # MySQL configuration #
####################### #######################
- name: "Setup MySQL" - name: "Setup MySQL"
import_tasks: mysql.yml import_tasks: mysql.yml
tags: mysql tags: mysql
################# #################
# Setup backups # # Setup backups #
################# #################
- name: "Setup backups" - name: "Setup backups"
import_tasks: backup.yml import_tasks: backup.yml
tags: backup tags: backup
################### ###################
# SSL certificate # # SSL certificate #
################### ###################
# - name: Create Let's Encrypt certificate # - name: Create Let's Encrypt certificate
# This seems hard, see: # This seems hard, see:
# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module # https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module
# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04 # https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
# Maybe using shell directly? e.g. # Maybe using shell directly? e.g.
# certbot certonly --webroot -w /var/www/letsencrypt -d <url> # certbot certonly --webroot -w /var/www/letsencrypt -d <url>
tags: wordpress # / block

16
deployer/roles/deploy/tasks/drupal.yml
View file

@ -2,10 +2,14 @@
# Needs variables: # Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml) # - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include nginx tasks - block: # Used for tagging all tasks with "drupal"
include_tasks: nginx.yml
tags: nginx
- name: Include docker tasks - name: Include nginx tasks
include_tasks: docker.yml import_tasks: nginx.yml
tags: docker tags: nginx
- name: Include docker tasks
import_tasks: docker.yml
tags: docker
tags: drupal

16
deployer/roles/deploy/tasks/gitea.yml
View file

@ -2,10 +2,14 @@
# Needs variables: # Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml) # - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include docker tasks - block: # Used for tagging all tasks with "gitea"
include_tasks: docker.yml
tags: docker
- name: Include nginx tasks - name: Include docker tasks
include_tasks: nginx.yml import_tasks: docker.yml
tags: nginx tags: docker
- name: Include nginx tasks
import_tasks: nginx.yml
tags: nginx
tags: gitea

16
deployer/roles/deploy/tasks/synapse.yml
View file

@ -2,10 +2,14 @@
# Needs variables: # Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml) # - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include docker tasks - block: # Used for tagging all tasks with "synapse"
include_tasks: docker.yml
tags: docker
- name: Include nginx tasks - name: Include docker tasks
include_tasks: nginx.yml import_tasks: docker.yml
tags: nginx tags: docker
- name: Include nginx tasks
import_tasks: nginx.yml
tags: nginx
tags: synapse

16
deployer/roles/deploy/tasks/wordpress.yml
View file

@ -2,10 +2,14 @@
# Needs variables: # Needs variables:
# - site: dict describing the site install (cf group_vars/all/vars.yml) # - site: dict describing the site install (cf group_vars/all/vars.yml)
- name: Include nginx tasks - block: # Used for tagging all tasks with "wordpress"
include_tasks: nginx.yml
tags: nginx
- name: Include docker tasks - name: Include nginx tasks
include_tasks: docker.yml import_tasks: nginx.yml
tags: docker tags: nginx
- name: Include docker tasks
import_tasks: docker.yml
tags: docker
tags: wordpress