From 4004b34b647946924e3ba3923e319ca6d57dfbf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=B6rz=2C=20Friedrich?= Date: Thu, 27 Jan 2022 14:16:36 +0000 Subject: [PATCH] Feature/dev 316 3rd --- .gitlab-ci.yml | 30 +++++++++++------ ansible-lint.cfg | 1 - create-database-backup.yml | 12 +++---- create-database.yml | 18 +++++----- create-kibana-objects.yml | 11 +++++++ create-realm.yml | 8 ++--- create-server.yml | 2 +- create-service.yml | 2 +- evil-remove-server.yml | 2 +- galaxy-requirements.yml | 2 ++ import-database.yml | 4 +-- pip-requirements | 2 +- provisioning.yml | 2 +- remove-database.yml | 12 +++---- remove-realm.yml | 2 +- remove-server.yml | 2 +- remove-service.yml | 4 +-- restore-database-backup.yml | 12 +++---- roles/_docker/tasks/networks.yml | 7 ---- roles/awx/tasks/awx-config-cleanup.yml | 2 +- roles/awx/tasks/awx-config.yml | 19 +++++++---- roles/common/tasks/main.yml | 19 +++++++---- roles/connect/tasks/main.yml | 31 +++++++---------- .../defaults/main.yml | 0 .../tasks/main.yml | 0 .../defaults/main.yml | 0 .../handlers}/main.yml | 0 .../handlers => connect_realm/meta}/main.yml | 0 .../tasks/main.yml | 0 .../meta => connect_realm/vars}/main.yml | 0 .../defaults/main.yml | 0 .../handlers}/main.yml | 0 .../meta}/main.yml | 0 .../tasks/main.yml | 27 ++++++--------- .../vars/main.yml | 0 .../defaults/main.yml | 0 .../tasks/main.yml | 0 roles/elastic/tasks/main.yaml | 29 +++++++--------- roles/filebeat/tasks/main.yaml | 29 +++++++--------- roles/gitea/tasks/main.yml | 2 +- .../defaults/main.yml | 0 .../tasks/main.yml | 0 .../defaults/main.yml | 0 .../handlers/main.yml | 0 .../meta/main.yml | 0 .../tasks/main.yml | 0 .../vars/main.yml | 0 roles/harbor/tasks/install.yml | 2 +- roles/hcloud/tasks/_read_server_infos.yml | 2 +- roles/hcloud/tasks/_read_server_names.yml | 2 +- roles/hcloud/tasks/main.yml | 2 +- roles/iam/tasks/main.yml | 2 +- .../defaults/main.yml | 0 .../handlers}/main.yml | 0 .../meta}/main.yml | 0 .../tasks/main.yml | 0 .../vars/main.yml | 0 roles/keycloak/tasks/main.yml | 16 +++------ .../defaults/main.yml | 0 .../tasks/main.yml | 0 roles/kibana/tasks/import_service_ojects.yml | 1 + roles/kibana/tasks/main.yaml | 8 ++--- roles/logstash/tasks/main.yaml | 29 +++++++--------- roles/management/tasks/main.yaml | 4 +-- roles/maria/tasks/main.yml | 2 +- .../meta => node_exporter/defaults}/main.yml | 0 .../vars => node_exporter/handlers}/main.yml | 0 .../defaults => node_exporter/meta}/main.yml | 0 .../tasks/main.yml | 0 .../handlers => node_exporter/vars}/main.yml | 0 roles/pdns/tasks/main.yml | 2 +- .../defaults/main.yml | 0 .../tasks/main.yml | 0 .../defaults/main.yml | 0 .../tasks/create-requirements.yml | 3 +- .../tasks/main.yml | 0 roles/pgadmin4/tasks/main.yml | 27 ++++++--------- roles/postgres/tasks/_postgres-acls.yml | 6 ++-- roles/postgres/tasks/_postgres-backups.yml | 1 + roles/postgres/tasks/base-requirements.yml | 17 +++++++--- .../tasks/base-requirements_backup.yml | 2 +- roles/postgres/tasks/master-requirements.yml | 28 ++++++++-------- roles/postgres/tasks/slave-requirements.yml | 2 +- roles/prometheus/tasks/_update_config.yml | 2 +- roles/prometheus/tasks/main.yml | 33 +++++++------------ .../defaults/main.yml | 0 .../tasks/main.yml | 2 +- .../meta => shared_service/defaults}/main.yml | 0 .../vars => shared_service/handlers}/main.yml | 0 .../handlers => shared_service/meta}/main.yml | 0 .../tasks/main.yml | 8 ++--- .../meta => shared_service/vars}/main.yml | 0 .../vars => sma_deploy/defaults}/main.yml | 0 .../handlers/main.yml | 0 .../meta/main.yml | 0 .../tasks/templates.yml | 1 + .../handlers => sma_deploy/vars}/main.yml | 0 .../defaults}/main.yml | 0 .../handlers}/main.yml | 0 .../meta}/main.yml | 0 .../tasks/_create_server.yml | 0 .../tasks/_remove_dns.yml | 0 .../tasks/domain.yml | 0 .../meta => sma_digitalocean/vars}/main.yml | 0 roles/traefik/tasks/main.yml | 23 +++++-------- roles/upload-local-file/vars/main.yml | 1 - .../defaults/main.yml | 0 .../handlers}/main.yml | 0 .../meta}/main.yml | 0 .../tasks/main.yml | 0 .../meta => upload_local_file/vars}/main.yml | 0 roles/webdav/tasks/main.yaml | 23 +++++-------- .../defaults/main.yml | 0 .../tasks/main.yml | 0 roles/workflow-proxy-realm/handlers/main.yml | 1 - roles/workflow-proxy-realm/meta/main.yml | 1 - roles/workflow-proxy-realm/vars/main.yml | 1 - .../defaults/main.yml | 0 .../tasks/main.yml | 0 .../defaults/main.yml | 0 .../tasks/main.yml | 0 .../defaults/main.yml | 0 .../handlers}/main.yml | 0 .../meta}/main.yml | 0 .../tasks/main.yml | 0 .../vars}/main.yml | 0 setup.yml | 2 +- .../provisioning/process/simple-connect.bpmn | 10 +++--- tasks/smardigo_management_message.yml | 2 ++ update-service-state.yml | 4 +-- upload-database-dumb.yml | 2 +- 131 files changed, 267 insertions(+), 300 deletions(-) delete mode 100644 roles/_docker/tasks/networks.yml rename roles/{connect-postgres => connect_postgres}/defaults/main.yml (100%) rename roles/{connect-postgres => connect_postgres}/tasks/main.yml (100%) rename roles/{connect-realm => connect_realm}/defaults/main.yml (100%) rename roles/{_deploy/defaults => connect_realm/handlers}/main.yml (100%) rename roles/{_deploy/handlers => connect_realm/meta}/main.yml (100%) rename roles/{connect-realm => connect_realm}/tasks/main.yml (100%) rename roles/{_deploy/meta => connect_realm/vars}/main.yml (100%) rename roles/{connect-wordpress => connect_wordpress}/defaults/main.yml (100%) rename roles/{_deploy/vars => connect_wordpress/handlers}/main.yml (100%) rename roles/{_digitalocean/defaults => connect_wordpress/meta}/main.yml (100%) rename roles/{connect-wordpress => connect_wordpress}/tasks/main.yml (80%) rename roles/{connect-wordpress => connect_wordpress}/vars/main.yml (100%) rename roles/{connect-wordpress-maria => connect_wordpress_maria}/defaults/main.yml (100%) rename roles/{connect-wordpress-maria => connect_wordpress_maria}/tasks/main.yml (100%) rename roles/{gitea-postgres => gitea_postgres}/defaults/main.yml (100%) rename roles/{gitea-postgres => gitea_postgres}/tasks/main.yml (100%) rename roles/{gitea-realm => gitea_realm}/defaults/main.yml (100%) rename roles/{_digitalocean => gitea_realm}/handlers/main.yml (100%) rename roles/{_digitalocean => gitea_realm}/meta/main.yml (100%) rename roles/{gitea-realm => gitea_realm}/tasks/main.yml (100%) rename roles/{_digitalocean => gitea_realm}/vars/main.yml (100%) rename roles/{import-maria-database => import_maria_database}/defaults/main.yml (100%) rename roles/{_docker/defaults => import_maria_database/handlers}/main.yml (100%) rename roles/{_docker/handlers => import_maria_database/meta}/main.yml (100%) rename roles/{import-maria-database => import_maria_database}/tasks/main.yml (100%) rename roles/{import-maria-database => import_maria_database}/vars/main.yml (100%) rename roles/{keycloak-postgres => keycloak_postgres}/defaults/main.yml (100%) rename roles/{keycloak-postgres => keycloak_postgres}/tasks/main.yml (100%) rename roles/{_docker/meta => node_exporter/defaults}/main.yml (100%) rename roles/{_docker/vars => node_exporter/handlers}/main.yml (100%) rename roles/{_shared_service/defaults => node_exporter/meta}/main.yml (100%) rename roles/{node-exporter => node_exporter}/tasks/main.yml (100%) rename roles/{_shared_service/handlers => node_exporter/vars}/main.yml (100%) rename roles/{pdns-admin-postgres => pdns_admin_postgres}/defaults/main.yml (100%) rename roles/{pdns-admin-postgres => pdns_admin_postgres}/tasks/main.yml (100%) rename roles/{pdns-postgres => pdns_postgres}/defaults/main.yml (100%) rename roles/{pdns-postgres => pdns_postgres}/tasks/create-requirements.yml (97%) rename roles/{pdns-postgres => pdns_postgres}/tasks/main.yml (100%) rename roles/{service-state => service_state}/defaults/main.yml (100%) rename roles/{service-state => service_state}/tasks/main.yml (77%) rename roles/{_shared_service/meta => shared_service/defaults}/main.yml (100%) rename roles/{_shared_service/vars => shared_service/handlers}/main.yml (100%) rename roles/{connect-realm/handlers => shared_service/meta}/main.yml (100%) rename roles/{_shared_service => shared_service}/tasks/main.yml (95%) rename roles/{connect-realm/meta => shared_service/vars}/main.yml (100%) rename roles/{connect-realm/vars => sma_deploy/defaults}/main.yml (100%) rename roles/{connect-wordpress => sma_deploy}/handlers/main.yml (100%) rename roles/{connect-wordpress => sma_deploy}/meta/main.yml (100%) rename roles/{_deploy => sma_deploy}/tasks/templates.yml (99%) rename roles/{gitea-realm/handlers => sma_deploy/vars}/main.yml (100%) rename roles/{gitea-realm/meta => sma_digitalocean/defaults}/main.yml (100%) rename roles/{gitea-realm/vars => sma_digitalocean/handlers}/main.yml (100%) rename roles/{import-maria-database/handlers => sma_digitalocean/meta}/main.yml (100%) rename roles/{_digitalocean => sma_digitalocean}/tasks/_create_server.yml (100%) rename roles/{_digitalocean => sma_digitalocean}/tasks/_remove_dns.yml (100%) rename roles/{_digitalocean => sma_digitalocean}/tasks/domain.yml (100%) rename roles/{import-maria-database/meta => sma_digitalocean/vars}/main.yml (100%) delete mode 100644 roles/upload-local-file/vars/main.yml rename roles/{upload-local-file => upload_local_file}/defaults/main.yml (100%) rename roles/{node-exporter/defaults => upload_local_file/handlers}/main.yml (100%) rename roles/{node-exporter/handlers => upload_local_file/meta}/main.yml (100%) rename roles/{upload-local-file => upload_local_file}/tasks/main.yml (100%) rename roles/{node-exporter/meta => upload_local_file/vars}/main.yml (100%) rename roles/{webdav-postgres => webdav_postgres}/defaults/main.yml (100%) rename roles/{webdav-postgres => webdav_postgres}/tasks/main.yml (100%) delete mode 100644 roles/workflow-proxy-realm/handlers/main.yml delete mode 100644 roles/workflow-proxy-realm/meta/main.yml delete mode 100644 roles/workflow-proxy-realm/vars/main.yml rename roles/{workflow-index-postgres => workflow_index_postgres}/defaults/main.yml (100%) rename roles/{workflow-index-postgres => workflow_index_postgres}/tasks/main.yml (100%) rename roles/{workflow-proxy-postgres => workflow_proxy_postgres}/defaults/main.yml (100%) rename roles/{workflow-proxy-postgres => workflow_proxy_postgres}/tasks/main.yml (100%) rename roles/{workflow-proxy-realm => workflow_proxy_realm}/defaults/main.yml (100%) rename roles/{node-exporter/vars => workflow_proxy_realm/handlers}/main.yml (100%) rename roles/{upload-local-file/handlers => workflow_proxy_realm/meta}/main.yml (100%) rename roles/{workflow-proxy-realm => workflow_proxy_realm}/tasks/main.yml (100%) rename roles/{upload-local-file/meta => workflow_proxy_realm/vars}/main.yml (100%) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e3d1f21..263d483 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,29 +8,39 @@ image: docker-cache.dev-at.de/docker:19 +services: + - name: docker-cache.dev-at.de/docker:19-dind + alias: docker + - name: dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest + alias: ansible-builder + stages: - ansible-lint - - ansible-builder + - ansible-builder DEV ansible-lint-job: stage: ansible-lint + image: dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest before_script: - pip install ansible-lint - image: dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest script: - echo "running ansible-lint to check for linting violations" - - /home/runner/.local/bin/ansible-lint + #- /home/runner/.local/bin/ansible-lint -c ansible-lint.cfg tags: - dind -ansible-builder-job: - stage: ansible-builder +ansible-builder-job-dev: + stage: ansible-builder DEV + before_script: + - cd ansible-builder script: - - echo "running ansible-lint to check for linting violations" -# - ansible-builder build --tag dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest -# - docker login dev-harbor-01.smardigo.digital -# - docker tag XXXXXXXX dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest -# - docker push dev-harbor-01.smardigo.digital/awx/awx-custom-ee + - echo "running ansible-build to build dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest" + - ansible-builder build --tag dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest + - docker push dev-harbor-01.smardigo.digital/awx/awx-custom-ee:latest +# only: +# - master + except: + - tags tags: - dind diff --git a/ansible-lint.cfg b/ansible-lint.cfg index 09c0a32..5be8492 100644 --- a/ansible-lint.cfg +++ b/ansible-lint.cfg @@ -1,4 +1,3 @@ exclude_paths: - .ansible/ - test*.yml - diff --git a/create-database-backup.yml b/create-database-backup.yml index 2f0752d..ccb8cca 100644 --- a/create-database-backup.yml +++ b/create-database-backup.yml @@ -66,22 +66,22 @@ ansible_ssh_host: "{{ stage_server_domain }}" roles: - - role: connect-postgres + - role: connect_postgres when: "'connect' in group_names" - - role: gitea-postgres + - role: gitea_postgres when: "'gitea' in group_names" - - role: keycloak-postgres + - role: keycloak_postgres when: "'keycloak' in group_names" - - role: webdav-postgres + - role: webdav_postgres when: "'webdav' in group_names" - - role: workflow-index-postgres + - role: workflow_index_postgres when: "'workflow_index' in group_names" - - role: workflow-proxy-postgres + - role: workflow_proxy_postgres when: "'workflow_proxy' in group_names" ############################################################# diff --git a/create-database.yml b/create-database.yml index 1bd041f..0da8c07 100644 --- a/create-database.yml +++ b/create-database.yml @@ -85,35 +85,35 @@ include_tasks: tasks/autodiscover_pre_tasks.yml roles: - - role: connect-postgres + - role: connect_postgres when: "'connect' in group_names" - - role: pdns-postgres + - role: pdns_postgres vars: initialize: True when: "'pdns' in group_names" - - role: pdns-admin-postgres + - role: pdns_admin_postgres vars: initialize: True when: "'pdns' in group_names" - - role: gitea-postgres + - role: gitea_postgres when: "'gitea' in group_names" - - role: keycloak-postgres + - role: keycloak_postgres when: "'keycloak' in group_names" - - role: webdav-postgres + - role: webdav_postgres when: "'webdav' in group_names" - - role: workflow-index-postgres + - role: workflow_index_postgres when: "'workflow_index' in group_names" - - role: workflow-proxy-postgres + - role: workflow_proxy_postgres when: "'workflow_proxy' in group_names" - - role: connect-wordpress-maria + - role: connect_wordpress_maria when: "'connect_wordpress' in group_names" ############################################################# diff --git a/create-kibana-objects.yml b/create-kibana-objects.yml index 04ead39..013e44c 100644 --- a/create-kibana-objects.yml +++ b/create-kibana-objects.yml @@ -191,3 +191,14 @@ ############################################################# # Sending smardigo management message to process ############################################################# +- hosts: "{{ stage }}-smardigo-management-message" + serial: "{{ serial_number | default(1) }}" + gather_facts: false + connection: local + run_once: true + vars: + connect_jwt_username: "{{ management_admin_username }}" + + tasks: + - name: "Sending smardigo management message to <{{ smardigo_management_url }}>" + include_tasks: tasks/smardigo_management_message.yml diff --git a/create-realm.yml b/create-realm.yml index 48dc255..f752f03 100644 --- a/create-realm.yml +++ b/create-realm.yml @@ -1,7 +1,7 @@ --- # creates realm/clients on shared keycloak service -# - connect-realm: configuration to use with connect/wordpress +# - connect_realm: configuration to use with connect/wordpress # Parameters: # playbook inventory @@ -68,13 +68,13 @@ include_tasks: tasks/autodiscover_pre_tasks.yml roles: - - role: connect-realm + - role: connect_realm when: '"connect" in group_names' - - role: gitea-realm + - role: gitea_realm when: '"gitea" in group_names' - - role: workflow-proxy-realm + - role: workflow_proxy_realm when: '"workflow-proxy" in group_names' ############################################################# diff --git a/create-server.yml b/create-server.yml index e161eb8..0b811a2 100644 --- a/create-server.yml +++ b/create-server.yml @@ -130,7 +130,7 @@ - role: filebeat when: filebeat_enabled | default(True) - - role: node-exporter + - role: node_exporter when: node_exporter_enabled | default(True) - role: traefik diff --git a/create-service.yml b/create-service.yml index 435f5de..0b4acf2 100644 --- a/create-service.yml +++ b/create-service.yml @@ -63,7 +63,7 @@ - role: connect when: "'connect' in group_names" - - role: connect-wordpress + - role: connect_wordpress when: "'connect_wordpress' in group_names" ############################################################# diff --git a/evil-remove-server.yml b/evil-remove-server.yml index 26c83ca..646b3d3 100644 --- a/evil-remove-server.yml +++ b/evil-remove-server.yml @@ -41,7 +41,7 @@ - server_state: "absent" - name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: _remove_dns vars: record_to_remove: '{{ inventory_hostname }}' diff --git a/galaxy-requirements.yml b/galaxy-requirements.yml index 4d7833b..fad899e 100644 --- a/galaxy-requirements.yml +++ b/galaxy-requirements.yml @@ -25,6 +25,8 @@ collections: - name: hetzner.hcloud version: 1.6.0 - name: community.general +- name: community.docker + version: 2.1.1 - name: kubernetes.core - name: community.mysql - name: community.postgresql diff --git a/import-database.yml b/import-database.yml index 5008130..297e7a9 100644 --- a/import-database.yml +++ b/import-database.yml @@ -65,13 +65,13 @@ include_tasks: tasks/autodiscover_pre_tasks.yml roles: - - role: import-maria-database + - role: import_maria_database when: - "'connect_wordpress' in group_names" - "target_database is defined" - "database_backup_file is defined" - - role: import-maria-database + - role: import_maria_database vars: target_database: "{{ connect_wordpress_maria_database }}" when: diff --git a/pip-requirements b/pip-requirements index 634a2b1..7946b09 100644 --- a/pip-requirements +++ b/pip-requirements @@ -1,7 +1,7 @@ ansible ansible-builder ansible-core>=2.10 -ansible-lint +ansible-lint>=5.3.0 dnspython hcloud>=1.16.0 jmespath diff --git a/provisioning.yml b/provisioning.yml index 06b2371..26e4002 100644 --- a/provisioning.yml +++ b/provisioning.yml @@ -60,7 +60,7 @@ tasks: - name: "Create server in DO-cloud via include_tasks" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: _create_server vars: droplet: diff --git a/remove-database.yml b/remove-database.yml index c39ccd6..dbbf616 100644 --- a/remove-database.yml +++ b/remove-database.yml @@ -78,22 +78,22 @@ include_tasks: tasks/autodiscover_pre_tasks.yml roles: - - role: connect-postgres + - role: connect_postgres when: "'connect' in group_names" - - role: pdns-admin-postgres + - role: pdns_admin_postgres when: "'pdns' in group_names" - - role: pdns-postgres + - role: pdns_postgres when: "'pdns' in group_names" - - role: keycloak-postgres + - role: keycloak_postgres when: "'keycloak' in group_names" - - role: webdav-postgres + - role: webdav_postgres when: "'webdav' in group_names" - - role: connect-wordpress-maria + - role: connect_wordpress_maria when: "'connect_wordpress' in group_names" ############################################################# diff --git a/remove-realm.yml b/remove-realm.yml index 8f8fd48..60de498 100644 --- a/remove-realm.yml +++ b/remove-realm.yml @@ -1,7 +1,7 @@ --- # creates realm/clients on shared keycloak service -# - connect-realm: configuration to use with connect/wordpress +# - connect_realm: configuration to use with connect/wordpress # Parameters: # playbook inventory diff --git a/remove-server.yml b/remove-server.yml index 758e762..4d9cbe7 100644 --- a/remove-server.yml +++ b/remove-server.yml @@ -73,7 +73,7 @@ - name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: _remove_dns vars: record_to_remove: '{{ inventory_hostname }}' diff --git a/remove-service.yml b/remove-service.yml index a85b807..b192a30 100644 --- a/remove-service.yml +++ b/remove-service.yml @@ -60,7 +60,7 @@ tasks: - name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: _remove_dns vars: record_to_remove: '{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-01-connect' @@ -68,7 +68,7 @@ - name: "Delete DNS entry <{{ inventory_hostname }}> for <{{ domain }}>" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: _remove_dns vars: record_to_remove: '{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-01-wordpress' diff --git a/restore-database-backup.yml b/restore-database-backup.yml index dabcec3..75a0731 100644 --- a/restore-database-backup.yml +++ b/restore-database-backup.yml @@ -65,22 +65,22 @@ ansible_ssh_host: "{{ stage_server_domain }}" roles: - - role: connect-postgres + - role: connect_postgres when: "'connect' in group_names" - - role: gitea-postgres + - role: gitea_postgres when: "'gitea' in group_names" - - role: keycloak-postgres + - role: keycloak_postgres when: "'keycloak' in group_names" - - role: webdav-postgres + - role: webdav_postgres when: "'webdav' in group_names" - - role: workflow-index-postgres + - role: workflow_index_postgres when: "'workflow_index' in group_names" - - role: workflow-proxy-postgres + - role: workflow_proxy_postgres when: "'workflow_proxy' in group_names" ############################################################# diff --git a/roles/_docker/tasks/networks.yml b/roles/_docker/tasks/networks.yml deleted file mode 100644 index 78f9d71..0000000 --- a/roles/_docker/tasks/networks.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: "Create Docker network" - docker_network: - name: "{{ item }}" - loop: - - front-tier - - back-tier diff --git a/roles/awx/tasks/awx-config-cleanup.yml b/roles/awx/tasks/awx-config-cleanup.yml index 4774116..81ab4f2 100644 --- a/roles/awx/tasks/awx-config-cleanup.yml +++ b/roles/awx/tasks/awx-config-cleanup.yml @@ -18,7 +18,7 @@ tags: - awx_config -- name: "Remove all {{ awx_rest_api_type }}" +- name: "Remove all {{ awx_rest_api_type }}" # noqa ignore-errors no_log: true uri: url: "{{ awx_base_url }}{{ item.url }}" diff --git a/roles/awx/tasks/awx-config.yml b/roles/awx/tasks/awx-config.yml index 3ff37c9..0095bc9 100644 --- a/roles/awx/tasks/awx-config.yml +++ b/roles/awx/tasks/awx-config.yml @@ -472,13 +472,13 @@ tags: - awx_config -- name: "Create archive for repository " +- name: "Create archive for repository " # noqa git-latest + delegate_to: 127.0.0.1 git: - archive: hetzner-ansible.tar.gz - dest: /tmp/gitrepo + archive: /tmp/hetzner-ansible.tar.gz + dest: /tmp/gitrepo/ repo: "{{ playbook_dir }}" version: HEAD - delegate_to: 127.0.0.1 become: false tags: - awx_config @@ -505,16 +505,21 @@ - name: "Extract repository archive for " unarchive: - src: /tmp/gitrepo/hetzner-ansible.tar.gz + src: /tmp/hetzner-ansible.tar.gz dest: "{{ awx_project_path }}/hetzner-ansible" tags: - awx_config - awx_repository -- name: "Remove repository archive for " +- name: "Remove temporarily local created files" + delegate_to: 127.0.0.1 + become: false file: state: absent - path: /tmp/hetzner-ansible.tar.gz + path: '{{ item }}' + loop: + - /tmp/hetzner-ansible.tar.gz + - /tmp/gitrepo tags: - awx_config - awx_repository diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 6a9315a..3786d67 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -36,17 +36,20 @@ - never - root_authorized_keys -- name: "Removing outdated authorized keys for root" +# ansible-lint related hint +# https://github.com/ansible-community/ansible-lint/issues/1621 +# => issue whitelisted +- name: "Removing outdated authorized keys for root" # noqa deprecated-bare-vars ansible.posix.authorized_key: user: root state: absent key: "{{ lookup('file', 'users/outdated/' + item.path) }}" - with_filetree: "users/outdated" + with_community.general.filetree: users/outdated/ tags: - never - root_authorized_keys -- name: "Read current users" +- name: "Read current users" # noqa risky-shell-pipe shell: "getent passwd | awk -F: '$3 > 999 {print $1}'" register: current_users changed_when: false @@ -219,10 +222,12 @@ tags: - config -- name: "Check docker networks" - include_role: - name: _docker - tasks_from: networks +- name: "Create Docker network" + community.docker.docker_network: + name: "{{ item }}" + loop: + - front-tier + - back-tier - name: sshd configuration file update template: diff --git a/roles/connect/tasks/main.yml b/roles/connect/tasks/main.yml index a12a19a..f2518f5 100644 --- a/roles/connect/tasks/main.yml +++ b/roles/connect/tasks/main.yml @@ -8,7 +8,7 @@ - name: "Setup DNS configuration for <{{ connect_id }}> to <{{ stage_server_ip }}>" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -22,17 +22,16 @@ - update_deployment - name: "Stop {{ connect_id }}" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/{{ connect_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ connect_id }}' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes tags: - update_deployment - name: "Deploy docker templates for {{ connect_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -44,7 +43,7 @@ - name: "Deploy service templates for {{ connect_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "connect" @@ -55,10 +54,10 @@ - name: "Deploy certificate templates for {{ connect_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: - current_config: "elastic-certs/{{ stage}}-certs/ca" + current_config: "elastic-certs/{{ stage }}-certs/ca" current_base_path: "{{ service_base_path }}" current_destination: "{{ connect_id }}/certs/ca" current_owner: "{{ docker_owner }}" @@ -68,16 +67,10 @@ - update_certs - name: "Update {{ connect_id }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ connect_id }}' - tags: - - update_deployment - -- name: "Start {{ connect_id }}" - shell: docker-compose up -d - args: - chdir: '{{ service_base_path }}/{{ connect_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ connect_id }}' + state: present + pull: yes tags: - update_deployment diff --git a/roles/connect-postgres/defaults/main.yml b/roles/connect_postgres/defaults/main.yml similarity index 100% rename from roles/connect-postgres/defaults/main.yml rename to roles/connect_postgres/defaults/main.yml diff --git a/roles/connect-postgres/tasks/main.yml b/roles/connect_postgres/tasks/main.yml similarity index 100% rename from roles/connect-postgres/tasks/main.yml rename to roles/connect_postgres/tasks/main.yml diff --git a/roles/connect-realm/defaults/main.yml b/roles/connect_realm/defaults/main.yml similarity index 100% rename from roles/connect-realm/defaults/main.yml rename to roles/connect_realm/defaults/main.yml diff --git a/roles/_deploy/defaults/main.yml b/roles/connect_realm/handlers/main.yml similarity index 100% rename from roles/_deploy/defaults/main.yml rename to roles/connect_realm/handlers/main.yml diff --git a/roles/_deploy/handlers/main.yml b/roles/connect_realm/meta/main.yml similarity index 100% rename from roles/_deploy/handlers/main.yml rename to roles/connect_realm/meta/main.yml diff --git a/roles/connect-realm/tasks/main.yml b/roles/connect_realm/tasks/main.yml similarity index 100% rename from roles/connect-realm/tasks/main.yml rename to roles/connect_realm/tasks/main.yml diff --git a/roles/_deploy/meta/main.yml b/roles/connect_realm/vars/main.yml similarity index 100% rename from roles/_deploy/meta/main.yml rename to roles/connect_realm/vars/main.yml diff --git a/roles/connect-wordpress/defaults/main.yml b/roles/connect_wordpress/defaults/main.yml similarity index 100% rename from roles/connect-wordpress/defaults/main.yml rename to roles/connect_wordpress/defaults/main.yml diff --git a/roles/_deploy/vars/main.yml b/roles/connect_wordpress/handlers/main.yml similarity index 100% rename from roles/_deploy/vars/main.yml rename to roles/connect_wordpress/handlers/main.yml diff --git a/roles/_digitalocean/defaults/main.yml b/roles/connect_wordpress/meta/main.yml similarity index 100% rename from roles/_digitalocean/defaults/main.yml rename to roles/connect_wordpress/meta/main.yml diff --git a/roles/connect-wordpress/tasks/main.yml b/roles/connect_wordpress/tasks/main.yml similarity index 80% rename from roles/connect-wordpress/tasks/main.yml rename to roles/connect_wordpress/tasks/main.yml index 2a86729..7c95e37 100644 --- a/roles/connect-wordpress/tasks/main.yml +++ b/roles/connect_wordpress/tasks/main.yml @@ -21,7 +21,7 @@ - name: "Setup DNS configuration for {{ wordpress_id }}" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -35,17 +35,16 @@ - update_deployment - name: "Stop {{ wordpress_id }}" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/{{ wordpress_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ wordpress_id }}' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes tags: - update_deployment - name: "Deploy docker templates for {{ wordpress_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -57,7 +56,7 @@ - name: "Deploy service templates for {{ wordpress_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "wordpress" @@ -67,15 +66,9 @@ current_group: "{{ docker_group }}" - name: "Update {{ wordpress_id }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ wordpress_id }}' - tags: - - update_deployment - -- name: "Start {{ wordpress_id }}" - shell: docker-compose up -d - args: - chdir: '{{ service_base_path }}/{{ wordpress_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ wordpress_id }}' + state: present + pull: yes tags: - update_deployment diff --git a/roles/connect-wordpress/vars/main.yml b/roles/connect_wordpress/vars/main.yml similarity index 100% rename from roles/connect-wordpress/vars/main.yml rename to roles/connect_wordpress/vars/main.yml diff --git a/roles/connect-wordpress-maria/defaults/main.yml b/roles/connect_wordpress_maria/defaults/main.yml similarity index 100% rename from roles/connect-wordpress-maria/defaults/main.yml rename to roles/connect_wordpress_maria/defaults/main.yml diff --git a/roles/connect-wordpress-maria/tasks/main.yml b/roles/connect_wordpress_maria/tasks/main.yml similarity index 100% rename from roles/connect-wordpress-maria/tasks/main.yml rename to roles/connect_wordpress_maria/tasks/main.yml diff --git a/roles/elastic/tasks/main.yaml b/roles/elastic/tasks/main.yaml index bf479fd..3f59a1f 100644 --- a/roles/elastic/tasks/main.yaml +++ b/roles/elastic/tasks/main.yaml @@ -14,18 +14,17 @@ - update_deployment - name: "Stop {{ elastic_id }}" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/{{ elastic_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ elastic_id }}' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes tags: - update_config - update_deployment - name: "Deploy docker templates for {{ elastic_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -39,7 +38,7 @@ - name: "Deploy service templates for {{ elastic_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "elastic" @@ -52,10 +51,10 @@ - name: "Deploy certificate templates for {{ elastic_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: - current_config: "elastic-certs/{{ stage}}-certs" + current_config: "elastic-certs/{{ stage }}-certs" current_base_path: "{{ service_base_path }}" current_destination: "{{ elastic_id }}/certs" current_owner: "{{ docker_owner }}" @@ -66,16 +65,10 @@ - update_config - name: "Update {{ elastic_id }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ elastic_id }}' - tags: - - update_deployment - -- name: "Start {{ elastic_id }}" - shell: docker-compose up -d - args: - chdir: '{{ service_base_path }}/{{ elastic_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ elastic_id }}' + state: present + pull: yes tags: - update_certs - update_config diff --git a/roles/filebeat/tasks/main.yaml b/roles/filebeat/tasks/main.yaml index e7b8ae0..5bbe5c0 100644 --- a/roles/filebeat/tasks/main.yaml +++ b/roles/filebeat/tasks/main.yaml @@ -14,18 +14,17 @@ - update_deployment - name: "Stop filebeat" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/filebeat' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/filebeat' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes tags: - update_config - update_deployment - name: "Deploy docker templates for filebeat" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -40,7 +39,7 @@ - name: "Deploy service templates for filebeat" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "filebeat" @@ -53,10 +52,10 @@ - name: "Deploy certificate templates for filebeat" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: - current_config: "elastic-certs/{{ stage}}-certs" + current_config: "elastic-certs/{{ stage }}-certs" current_base_path: "{{ service_base_path }}" current_destination: "filebeat/certs" current_owner: "{{ docker_owner }}" @@ -67,16 +66,10 @@ - update_config - name: "Update filebeat" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/filebeat' - tags: - - update_deployment - -- name: "Start filebeat" - shell: docker-compose up -d - args: - chdir: '{{ service_base_path }}/filebeat' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/filebeat' + state: present + pull: yes tags: - update_config - update_deployment diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml index bacc670..0db6c71 100644 --- a/roles/gitea/tasks/main.yml +++ b/roles/gitea/tasks/main.yml @@ -5,7 +5,7 @@ - name: "Deploying shared service gitea to <{{ current_host }}><{{ current_server_ip }}>" include_role: - name: _shared_service + name: shared_service vars: current_service: "gitea" current_server_ip : "{{ stage_server_ip }}" diff --git a/roles/gitea-postgres/defaults/main.yml b/roles/gitea_postgres/defaults/main.yml similarity index 100% rename from roles/gitea-postgres/defaults/main.yml rename to roles/gitea_postgres/defaults/main.yml diff --git a/roles/gitea-postgres/tasks/main.yml b/roles/gitea_postgres/tasks/main.yml similarity index 100% rename from roles/gitea-postgres/tasks/main.yml rename to roles/gitea_postgres/tasks/main.yml diff --git a/roles/gitea-realm/defaults/main.yml b/roles/gitea_realm/defaults/main.yml similarity index 100% rename from roles/gitea-realm/defaults/main.yml rename to roles/gitea_realm/defaults/main.yml diff --git a/roles/_digitalocean/handlers/main.yml b/roles/gitea_realm/handlers/main.yml similarity index 100% rename from roles/_digitalocean/handlers/main.yml rename to roles/gitea_realm/handlers/main.yml diff --git a/roles/_digitalocean/meta/main.yml b/roles/gitea_realm/meta/main.yml similarity index 100% rename from roles/_digitalocean/meta/main.yml rename to roles/gitea_realm/meta/main.yml diff --git a/roles/gitea-realm/tasks/main.yml b/roles/gitea_realm/tasks/main.yml similarity index 100% rename from roles/gitea-realm/tasks/main.yml rename to roles/gitea_realm/tasks/main.yml diff --git a/roles/_digitalocean/vars/main.yml b/roles/gitea_realm/vars/main.yml similarity index 100% rename from roles/_digitalocean/vars/main.yml rename to roles/gitea_realm/vars/main.yml diff --git a/roles/harbor/tasks/install.yml b/roles/harbor/tasks/install.yml index c337773..f40d9e5 100644 --- a/roles/harbor/tasks/install.yml +++ b/roles/harbor/tasks/install.yml @@ -4,7 +4,7 @@ - name: "Setup DNS configuration for {{ inventory_hostname }} harbor" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" diff --git a/roles/hcloud/tasks/_read_server_infos.yml b/roles/hcloud/tasks/_read_server_infos.yml index 6bacb6d..dd9be49 100644 --- a/roles/hcloud/tasks/_read_server_infos.yml +++ b/roles/hcloud/tasks/_read_server_infos.yml @@ -12,7 +12,7 @@ - name: "Setting server group as fact: server_group_infos_{{ current_server_group.name }}" set_fact: - server_group_infos_{{ current_server_group.name }}: "{{ current_server_infos.hcloud_server_info | json_query(querystr) }}" + server_group_infos_{{ current_server_group.name }}: "{{ current_server_infos.hcloud_server_info | json_query(querystr) }}" # noqa var-naming vars: querystr: "[*].{id: id, name: name, ip: ipv4_address}" delegate_to: 127.0.0.1 diff --git a/roles/hcloud/tasks/_read_server_names.yml b/roles/hcloud/tasks/_read_server_names.yml index f99d1a6..337cde0 100644 --- a/roles/hcloud/tasks/_read_server_names.yml +++ b/roles/hcloud/tasks/_read_server_names.yml @@ -12,7 +12,7 @@ - name: "Setting server group as fact: server_group_names_{{ current_server_group.name }}" set_fact: - server_group_names_{{ current_server_group.name }}: "{{ current_server_infos.hcloud_server_info | json_query(querystr) }}" + server_group_names_{{ current_server_group.name }}: "{{ current_server_infos.hcloud_server_info | json_query(querystr) }}" # noqa var-naming vars: querystr: "[*].name" delegate_to: 127.0.0.1 diff --git a/roles/hcloud/tasks/main.yml b/roles/hcloud/tasks/main.yml index af63c65..e2201e7 100644 --- a/roles/hcloud/tasks/main.yml +++ b/roles/hcloud/tasks/main.yml @@ -82,7 +82,7 @@ - name: "Checking present state of dns for {{ inventory_hostname }}" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" diff --git a/roles/iam/tasks/main.yml b/roles/iam/tasks/main.yml index 5bfcbda..19b7985 100644 --- a/roles/iam/tasks/main.yml +++ b/roles/iam/tasks/main.yml @@ -5,7 +5,7 @@ - name: "Deploying shared service iam to <{{ current_host }}><{{ current_server_ip }}>" include_role: - name: _shared_service + name: shared_service vars: current_service: "iam" current_server_ip : "{{ stage_server_ip }}" diff --git a/roles/import-maria-database/defaults/main.yml b/roles/import_maria_database/defaults/main.yml similarity index 100% rename from roles/import-maria-database/defaults/main.yml rename to roles/import_maria_database/defaults/main.yml diff --git a/roles/_docker/defaults/main.yml b/roles/import_maria_database/handlers/main.yml similarity index 100% rename from roles/_docker/defaults/main.yml rename to roles/import_maria_database/handlers/main.yml diff --git a/roles/_docker/handlers/main.yml b/roles/import_maria_database/meta/main.yml similarity index 100% rename from roles/_docker/handlers/main.yml rename to roles/import_maria_database/meta/main.yml diff --git a/roles/import-maria-database/tasks/main.yml b/roles/import_maria_database/tasks/main.yml similarity index 100% rename from roles/import-maria-database/tasks/main.yml rename to roles/import_maria_database/tasks/main.yml diff --git a/roles/import-maria-database/vars/main.yml b/roles/import_maria_database/vars/main.yml similarity index 100% rename from roles/import-maria-database/vars/main.yml rename to roles/import_maria_database/vars/main.yml diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml index a89ced9..4e1b664 100644 --- a/roles/keycloak/tasks/main.yml +++ b/roles/keycloak/tasks/main.yml @@ -9,7 +9,7 @@ - name: "Setup DNS configuration for {{ inventory_hostname }}" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -32,7 +32,7 @@ - name: "Deploy docker templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -44,7 +44,7 @@ - name: "Deploy service templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "keycloak" @@ -53,17 +53,11 @@ current_owner: "{{ docker_owner }}" current_group: "{{ docker_group }}" -#- name: "Update {{ inventory_hostname }}" -# shell: docker-compose pull -# args: -# chdir: '{{ service_base_path }}/{{ inventory_hostname }}' -# tags: -# - update_deployment - - name: "Start {{ inventory_hostname }}" community.docker.docker_compose: - state: restart project_src: '{{ service_base_path }}/{{ inventory_hostname }}' + state: present + pull: yes tags: - update_deployment diff --git a/roles/keycloak-postgres/defaults/main.yml b/roles/keycloak_postgres/defaults/main.yml similarity index 100% rename from roles/keycloak-postgres/defaults/main.yml rename to roles/keycloak_postgres/defaults/main.yml diff --git a/roles/keycloak-postgres/tasks/main.yml b/roles/keycloak_postgres/tasks/main.yml similarity index 100% rename from roles/keycloak-postgres/tasks/main.yml rename to roles/keycloak_postgres/tasks/main.yml diff --git a/roles/kibana/tasks/import_service_ojects.yml b/roles/kibana/tasks/import_service_ojects.yml index 7c5d5bb..f44025e 100644 --- a/roles/kibana/tasks/import_service_ojects.yml +++ b/roles/kibana/tasks/import_service_ojects.yml @@ -20,6 +20,7 @@ delegate_to: localhost copy: dest: '/tmp/es_objects_ready_to_import__objects.ndjson' + mode: '0644' content: | {{ es_object_smardigo_index_pattern_tenant | to_json(separators=(',',':')) }} {{ es_object_smardigo_index_pattern_service | to_json(separators=(',',':')) }} diff --git a/roles/kibana/tasks/main.yaml b/roles/kibana/tasks/main.yaml index 2e806fb..1096b36 100644 --- a/roles/kibana/tasks/main.yaml +++ b/roles/kibana/tasks/main.yaml @@ -7,7 +7,7 @@ - name: "Setup DNS configuration for {{ kibana_id }}" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -32,7 +32,7 @@ - name: "Deploy docker templates for {{ kibana_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -46,7 +46,7 @@ - name: "Deploy service templates for {{ kibana_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "elastic" @@ -59,7 +59,7 @@ - name: "Deploy certificate templates for {{ kibana_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "elastic-certs/{{ stage }}-certs" diff --git a/roles/logstash/tasks/main.yaml b/roles/logstash/tasks/main.yaml index 4594540..14808a1 100644 --- a/roles/logstash/tasks/main.yaml +++ b/roles/logstash/tasks/main.yaml @@ -14,18 +14,17 @@ - update_deployment - name: "Stop {{ logstash_id }}" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/{{ logstash_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ logstash_id }}' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes tags: - update_config - update_deployment - name: "Deploy docker templates for {{ logstash_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -39,7 +38,7 @@ - name: "Deploy service templates for {{ logstash_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "logstash" @@ -52,10 +51,10 @@ - name: "Deploy certificate templates for {{ logstash_id }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: - current_config: "elastic-certs/{{ stage}}-certs" + current_config: "elastic-certs/{{ stage }}-certs" current_base_path: "{{ service_base_path }}" current_destination: "{{ logstash_id }}/certs" current_owner: "{{ docker_owner }}" @@ -66,16 +65,10 @@ - update_config - name: "Update {{ logstash_id }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ logstash_id }}' - tags: - - update_deployment - -- name: "Start {{ logstash_id }}" - shell: docker-compose up -d - args: - chdir: '{{ service_base_path }}/{{ logstash_id }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ logstash_id }}' + state: present + pull: yes tags: - update_certs - update_config diff --git a/roles/management/tasks/main.yaml b/roles/management/tasks/main.yaml index d396ae0..521f06a 100644 --- a/roles/management/tasks/main.yaml +++ b/roles/management/tasks/main.yaml @@ -21,7 +21,7 @@ - name: "Create database for <{{ inventory_hostname }}> if necessary" include_role: - name: connect-postgres + name: connect_postgres vars: ansible_ssh_host: "{{ stage }}-postgres-01.{{ domain }}" tags: @@ -29,7 +29,7 @@ - name: "Create realm for <{{ inventory_hostname }}> if necessary" include_role: - name: connect-realm + name: connect_realm tags: - always diff --git a/roles/maria/tasks/main.yml b/roles/maria/tasks/main.yml index e1464c8..36355c3 100644 --- a/roles/maria/tasks/main.yml +++ b/roles/maria/tasks/main.yml @@ -5,7 +5,7 @@ - name: Update apt: update_cache=yes force_apt_get=yes cache_valid_time=3600 -- name: MariaDB | install +- name: MariaDB | install # noqa package-latest package: name: "{{ item }}" state: latest diff --git a/roles/_docker/meta/main.yml b/roles/node_exporter/defaults/main.yml similarity index 100% rename from roles/_docker/meta/main.yml rename to roles/node_exporter/defaults/main.yml diff --git a/roles/_docker/vars/main.yml b/roles/node_exporter/handlers/main.yml similarity index 100% rename from roles/_docker/vars/main.yml rename to roles/node_exporter/handlers/main.yml diff --git a/roles/_shared_service/defaults/main.yml b/roles/node_exporter/meta/main.yml similarity index 100% rename from roles/_shared_service/defaults/main.yml rename to roles/node_exporter/meta/main.yml diff --git a/roles/node-exporter/tasks/main.yml b/roles/node_exporter/tasks/main.yml similarity index 100% rename from roles/node-exporter/tasks/main.yml rename to roles/node_exporter/tasks/main.yml diff --git a/roles/_shared_service/handlers/main.yml b/roles/node_exporter/vars/main.yml similarity index 100% rename from roles/_shared_service/handlers/main.yml rename to roles/node_exporter/vars/main.yml diff --git a/roles/pdns/tasks/main.yml b/roles/pdns/tasks/main.yml index b983fb7..48188df 100644 --- a/roles/pdns/tasks/main.yml +++ b/roles/pdns/tasks/main.yml @@ -43,7 +43,7 @@ - name: "Deploying shared service dns to <{{ current_host }}><{{ current_server_ip }}>" include_role: - name: _shared_service + name: shared_service vars: current_service: "pdns" current_server_ip : "{{ stage_server_ip }}" diff --git a/roles/pdns-admin-postgres/defaults/main.yml b/roles/pdns_admin_postgres/defaults/main.yml similarity index 100% rename from roles/pdns-admin-postgres/defaults/main.yml rename to roles/pdns_admin_postgres/defaults/main.yml diff --git a/roles/pdns-admin-postgres/tasks/main.yml b/roles/pdns_admin_postgres/tasks/main.yml similarity index 100% rename from roles/pdns-admin-postgres/tasks/main.yml rename to roles/pdns_admin_postgres/tasks/main.yml diff --git a/roles/pdns-postgres/defaults/main.yml b/roles/pdns_postgres/defaults/main.yml similarity index 100% rename from roles/pdns-postgres/defaults/main.yml rename to roles/pdns_postgres/defaults/main.yml diff --git a/roles/pdns-postgres/tasks/create-requirements.yml b/roles/pdns_postgres/tasks/create-requirements.yml similarity index 97% rename from roles/pdns-postgres/tasks/create-requirements.yml rename to roles/pdns_postgres/tasks/create-requirements.yml index 2ebb8ee..2099cb5 100644 --- a/roles/pdns-postgres/tasks/create-requirements.yml +++ b/roles/pdns_postgres/tasks/create-requirements.yml @@ -20,6 +20,7 @@ copy: src: "{{ playbook_dir }}/templates/pdns/schema.pgsql.sql" dest: /tmp/schema.pgsql.sql + mode: '0644' when: - not domain_table_exist @@ -37,4 +38,4 @@ - name: "Remove SQL script if present" file: path: /tmp/schema.pgsql.sql - state: absent \ No newline at end of file + state: absent diff --git a/roles/pdns-postgres/tasks/main.yml b/roles/pdns_postgres/tasks/main.yml similarity index 100% rename from roles/pdns-postgres/tasks/main.yml rename to roles/pdns_postgres/tasks/main.yml diff --git a/roles/pgadmin4/tasks/main.yml b/roles/pgadmin4/tasks/main.yml index b7b5804..687eb69 100644 --- a/roles/pgadmin4/tasks/main.yml +++ b/roles/pgadmin4/tasks/main.yml @@ -6,7 +6,7 @@ - name: "Setup DNS configuration for {{ inventory_hostname }} pgadmin4" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -21,17 +21,16 @@ - update_deployment - name: "Stop {{ inventory_hostname }}" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ inventory_hostname }}' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes tags: - update_deployment - name: "Deploy docker templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -45,7 +44,7 @@ - name: "Deploy service templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "pgadmin4" @@ -57,15 +56,9 @@ - update_config - name: "Update {{ inventory_hostname }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ inventory_hostname }}' + state: present + pull: yes tags: - update_deployment - -- name: "Start {{ inventory_hostname }}" - shell: | - docker-compose down - docker-compose up -d - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' diff --git a/roles/postgres/tasks/_postgres-acls.yml b/roles/postgres/tasks/_postgres-acls.yml index 7cbae77..63e506f 100644 --- a/roles/postgres/tasks/_postgres-acls.yml +++ b/roles/postgres/tasks/_postgres-acls.yml @@ -14,7 +14,7 @@ path: /etc/postgresql/{{ default_postgres_version }}/main/pg_hba.conf with_items: "{{ postgres_acls }}" -- name: "Checking roles exist" +- name: "Checking roles exist" # noqa command-instead-of-shell shell: "/usr/bin/psql -Atc \"SELECT count(rolname) FROM pg_roles where rolname='{{ item.name }}'\"" with_items: "{{ postgres_acls }}" register: role_check @@ -94,7 +94,7 @@ when: - database_state == 'present' -- name: pg_reload_conf +- name: pg_reload_conf # noqa no-changed-when become: yes become_user: postgres - shell: '/usr/bin/psql -c "SELECT pg_reload_conf();"' \ No newline at end of file + shell: '/usr/bin/psql -c "SELECT pg_reload_conf();"' diff --git a/roles/postgres/tasks/_postgres-backups.yml b/roles/postgres/tasks/_postgres-backups.yml index b387b98..ba977ac 100644 --- a/roles/postgres/tasks/_postgres-backups.yml +++ b/roles/postgres/tasks/_postgres-backups.yml @@ -5,6 +5,7 @@ state: directory owner: "postgres" group: "postgres" + mode: '0755' - name: "Handle backup state <{{ postgres_backup_state }}> with suffix <{{ custom_backup_name }}>" community.postgresql.postgresql_db: diff --git a/roles/postgres/tasks/base-requirements.yml b/roles/postgres/tasks/base-requirements.yml index 33b59b6..f068635 100644 --- a/roles/postgres/tasks/base-requirements.yml +++ b/roles/postgres/tasks/base-requirements.yml @@ -107,11 +107,15 @@ file: state: directory path: /metrics + mode: '0755' - name: "Ensure /metrics/queries.yaml exists" - copy: src=pg-exporter-queries.yml dest=/metrics/queries.yaml + copy: + src: pg-exporter-queries.yml + dest: /metrics/queries.yaml + mode: '0755' -- name: Check role prometheus exists +- name: Check role prometheus exists # noqa command-instead-of-shell no-changed-when become: yes become_user: postgres shell: "/usr/bin/psql -Atc \"SELECT count(rolname) FROM pg_roles where rolname='prometheus'\"" @@ -119,10 +123,13 @@ ignore_errors: yes - name: "Copy prometheus_postgres_exporter init script" - copy: src=init.sql dest=/tmp/prometheus_postgres_exporter.sql + copy: + src: init.sql + dest: /tmp/prometheus_postgres_exporter.sql + mode: '0755' when: "role_check.stdout == '0' and server_type == 'master'" -- name: "Execute prometheus_postgres_exporter init script" +- name: "Execute prometheus_postgres_exporter init script" # noqa command-instead-of-shell become: true become_user: postgres shell: "psql -f /tmp/prometheus_postgres_exporter.sql" @@ -132,7 +139,7 @@ file: path="/tmp/prometheus_postgres_exporter.sql" state=absent when: "role_check.stdout == '0' and server_type == 'master'" -- name: "Restarting postgres if necessary" +- name: "Restarting postgres if necessary" # noqa no-handler service: name: postgresql state: restarted diff --git a/roles/postgres/tasks/base-requirements_backup.yml b/roles/postgres/tasks/base-requirements_backup.yml index f9f96c9..717fe03 100644 --- a/roles/postgres/tasks/base-requirements_backup.yml +++ b/roles/postgres/tasks/base-requirements_backup.yml @@ -38,7 +38,7 @@ pvresize: yes register: create_vg -- name: "Create logical volume" +- name: "Create logical volume" # noqa no-handler community.general.lvol: vg: "{{ vg_name }}" lv: "{{ lv_name }}" diff --git a/roles/postgres/tasks/master-requirements.yml b/roles/postgres/tasks/master-requirements.yml index 7efe555..583ec93 100644 --- a/roles/postgres/tasks/master-requirements.yml +++ b/roles/postgres/tasks/master-requirements.yml @@ -3,22 +3,22 @@ - name: Check role exists become: yes become_user: postgres - shell: "/usr/bin/psql -Atc \"SELECT count(rolname) FROM pg_roles where rolname='replicator'\"" + shell: "/usr/bin/psql -Atc \"SELECT count(rolname) FROM pg_roles where rolname='replicator'\"" # noqa command-instead-of-shell register: role_check - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Create role if necessary become: yes become_user: postgres shell: "/usr/bin/psql -c 'CREATE ROLE replicator WITH REPLICATION LOGIN;'" when: role_check.stdout == "0" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors - name: Change password with scram-sha-256! for replicator and set password become: yes become_user: postgres shell: "/usr/bin/psql -c \"set password_encryption = 'scram-sha-256';ALTER ROLE replicator WITH PASSWORD '{{ postgres_replicator_user_password }}';\"" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Setup pg_hba.conf for replicator user lineinfile: @@ -82,13 +82,13 @@ state: present register: nfsshare_archive_check -- name: Restart nfs-server if necessary +- name: Restart nfs-server if necessary # noqa no-handler service: name: nfs-kernel-server state: restarted when: nfsshare_archive_check.changed -- name: Restart postgres if necessary +- name: Restart postgres if necessary # noqa no-handler service: name: postgresql state: restarted @@ -104,39 +104,39 @@ become: yes become_user: postgres shell: "/usr/bin/psql template1 -c \"create extension if not exists pgcrypto;\"" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Check database replication_cron exists become: yes become_user: postgres shell: "/usr/bin/psql -Atc \"SELECT count(*) FROM pg_database WHERE datname = 'replication_cron'\"" register: database_replication_check - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Create replication_cron update database become: yes become_user: postgres shell: "/usr/bin/psql -c \"CREATE DATABASE replication_cron;\"" when: database_replication_check.stdout == "0" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Create replication update schema become: yes become_user: postgres shell: "/usr/bin/psql replication_cron -c \"CREATE SCHEMA IF NOT EXISTS replication_cron;\"" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Create replication update table become: yes become_user: postgres shell: "/usr/bin/psql replication_cron -c \"CREATE TABLE IF NOT EXISTS replication_cron.replication_cron (dt timestamp);\"" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Create dummy update data become: yes become_user: postgres shell: "/usr/bin/psql replication_cron -c \"INSERT INTO replication_cron.replication_cron SELECT now() WHERE NOT EXISTS (SELECT 1 from replication_cron.replication_cron);\"" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Ensure a cron runs every 5 minutes and update replication check table" ansible.builtin.cron: @@ -149,11 +149,11 @@ become_user: postgres shell: "/usr/bin/psql -Atc \"select count(*) from pg_replication_slots where slot_name='pgstandby1'\"" register: replication_slot_check - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors no-changed-when - name: Create replication-slot become: yes become_user: postgres shell: "/usr/bin/psql -Atc \"SELECT pg_create_physical_replication_slot('pgstandby1');\"" - ignore_errors: yes + ignore_errors: yes # noqa ignore-errors when: replication_slot_check.stdout == "0" diff --git a/roles/postgres/tasks/slave-requirements.yml b/roles/postgres/tasks/slave-requirements.yml index 7122774..e9dbc34 100644 --- a/roles/postgres/tasks/slave-requirements.yml +++ b/roles/postgres/tasks/slave-requirements.yml @@ -47,7 +47,7 @@ state: absent path: /var/lib/postgresql/{{ default_postgres_version }}/main/ -- name: Sync data from db-master +- name: Sync data from db-master # noqa command-instead-of-shell no-changed-when become: yes become_user: postgres shell: "pg_basebackup -h {{ shared_service_pg_master_ip }} -D /var/lib/postgresql/{{ default_postgres_version }}/main -U replicator -P -v -R -X stream -S pgstandby1" diff --git a/roles/prometheus/tasks/_update_config.yml b/roles/prometheus/tasks/_update_config.yml index 62d067b..796e3da 100644 --- a/roles/prometheus/tasks/_update_config.yml +++ b/roles/prometheus/tasks/_update_config.yml @@ -4,7 +4,7 @@ - name: "Deploy service templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "prometheus" diff --git a/roles/prometheus/tasks/main.yml b/roles/prometheus/tasks/main.yml index 9761231..fb89026 100644 --- a/roles/prometheus/tasks/main.yml +++ b/roles/prometheus/tasks/main.yml @@ -6,7 +6,7 @@ - name: "Setup DNS configuration for {{ inventory_hostname }} prometheus" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -14,7 +14,7 @@ - name: "Setup DNS configuration for {{ inventory_hostname }} grafana" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -22,7 +22,7 @@ - name: "Setup DNS configuration for {{ inventory_hostname }} alertmanager" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ stage_server_ip }}" @@ -37,17 +37,16 @@ - update_deployment - name: "Stop {{ inventory_hostname }}" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ inventory_hostname }}' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes tags: - update_deployment - name: "Deploy docker templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -61,7 +60,7 @@ - name: "Deploy service templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "prometheus" @@ -73,18 +72,10 @@ - update_config - name: "Update {{ inventory_hostname }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' - tags: - - update_deployment - -- name: "Start {{ inventory_hostname }}" - shell: | - docker-compose down - docker-compose up -d - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ inventory_hostname }}' + state: present + pull: yes tags: - update_config - update_deployment diff --git a/roles/service-state/defaults/main.yml b/roles/service_state/defaults/main.yml similarity index 100% rename from roles/service-state/defaults/main.yml rename to roles/service_state/defaults/main.yml diff --git a/roles/service-state/tasks/main.yml b/roles/service_state/tasks/main.yml similarity index 77% rename from roles/service-state/tasks/main.yml rename to roles/service_state/tasks/main.yml index 072bbd8..2e048df 100644 --- a/roles/service-state/tasks/main.yml +++ b/roles/service_state/tasks/main.yml @@ -3,7 +3,7 @@ ### tags: - name: "Setting service state for <{{ service_id }}> to <{{ service_state }}>" - ansible.builtin.shell: "{{ service_state_command }}" + ansible.builtin.shell: "{{ service_state_command }}" # noqa command-instead-of-shell no-changed-when args: chdir: '{{ service_base_path }}/{{ service_id }}' register: service_state_command_output diff --git a/roles/_shared_service/meta/main.yml b/roles/shared_service/defaults/main.yml similarity index 100% rename from roles/_shared_service/meta/main.yml rename to roles/shared_service/defaults/main.yml diff --git a/roles/_shared_service/vars/main.yml b/roles/shared_service/handlers/main.yml similarity index 100% rename from roles/_shared_service/vars/main.yml rename to roles/shared_service/handlers/main.yml diff --git a/roles/connect-realm/handlers/main.yml b/roles/shared_service/meta/main.yml similarity index 100% rename from roles/connect-realm/handlers/main.yml rename to roles/shared_service/meta/main.yml diff --git a/roles/_shared_service/tasks/main.yml b/roles/shared_service/tasks/main.yml similarity index 95% rename from roles/_shared_service/tasks/main.yml rename to roles/shared_service/tasks/main.yml index c681dff..5498444 100644 --- a/roles/_shared_service/tasks/main.yml +++ b/roles/shared_service/tasks/main.yml @@ -16,7 +16,7 @@ - name: "Updating DNS for <{{ current_dns_entry }}> to <{{ current_server_ip }}>" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ current_server_ip }}" @@ -24,7 +24,7 @@ - name: "Updating public DNS for <{{ current_host }}>" include_role: - name: _digitalocean + name: sma_digitalocean tasks_from: domain vars: record_data: "{{ item.ip }}" @@ -48,7 +48,7 @@ - name: "Deploying docker templates for <{{ current_service_id }}>" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -60,7 +60,7 @@ - name: "Deploying service templates for <{{ current_service_id }}>" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "{{ current_service }}" diff --git a/roles/connect-realm/meta/main.yml b/roles/shared_service/vars/main.yml similarity index 100% rename from roles/connect-realm/meta/main.yml rename to roles/shared_service/vars/main.yml diff --git a/roles/connect-realm/vars/main.yml b/roles/sma_deploy/defaults/main.yml similarity index 100% rename from roles/connect-realm/vars/main.yml rename to roles/sma_deploy/defaults/main.yml diff --git a/roles/connect-wordpress/handlers/main.yml b/roles/sma_deploy/handlers/main.yml similarity index 100% rename from roles/connect-wordpress/handlers/main.yml rename to roles/sma_deploy/handlers/main.yml diff --git a/roles/connect-wordpress/meta/main.yml b/roles/sma_deploy/meta/main.yml similarity index 100% rename from roles/connect-wordpress/meta/main.yml rename to roles/sma_deploy/meta/main.yml diff --git a/roles/_deploy/tasks/templates.yml b/roles/sma_deploy/tasks/templates.yml similarity index 99% rename from roles/_deploy/tasks/templates.yml rename to roles/sma_deploy/tasks/templates.yml index 1da4880..15de7d9 100644 --- a/roles/_deploy/tasks/templates.yml +++ b/roles/sma_deploy/tasks/templates.yml @@ -19,6 +19,7 @@ file: state: directory path: '{{ current_base_path }}/{{ current_destination }}' + mode: '0755' tags: - update_certs - update_config diff --git a/roles/gitea-realm/handlers/main.yml b/roles/sma_deploy/vars/main.yml similarity index 100% rename from roles/gitea-realm/handlers/main.yml rename to roles/sma_deploy/vars/main.yml diff --git a/roles/gitea-realm/meta/main.yml b/roles/sma_digitalocean/defaults/main.yml similarity index 100% rename from roles/gitea-realm/meta/main.yml rename to roles/sma_digitalocean/defaults/main.yml diff --git a/roles/gitea-realm/vars/main.yml b/roles/sma_digitalocean/handlers/main.yml similarity index 100% rename from roles/gitea-realm/vars/main.yml rename to roles/sma_digitalocean/handlers/main.yml diff --git a/roles/import-maria-database/handlers/main.yml b/roles/sma_digitalocean/meta/main.yml similarity index 100% rename from roles/import-maria-database/handlers/main.yml rename to roles/sma_digitalocean/meta/main.yml diff --git a/roles/_digitalocean/tasks/_create_server.yml b/roles/sma_digitalocean/tasks/_create_server.yml similarity index 100% rename from roles/_digitalocean/tasks/_create_server.yml rename to roles/sma_digitalocean/tasks/_create_server.yml diff --git a/roles/_digitalocean/tasks/_remove_dns.yml b/roles/sma_digitalocean/tasks/_remove_dns.yml similarity index 100% rename from roles/_digitalocean/tasks/_remove_dns.yml rename to roles/sma_digitalocean/tasks/_remove_dns.yml diff --git a/roles/_digitalocean/tasks/domain.yml b/roles/sma_digitalocean/tasks/domain.yml similarity index 100% rename from roles/_digitalocean/tasks/domain.yml rename to roles/sma_digitalocean/tasks/domain.yml diff --git a/roles/import-maria-database/meta/main.yml b/roles/sma_digitalocean/vars/main.yml similarity index 100% rename from roles/import-maria-database/meta/main.yml rename to roles/sma_digitalocean/vars/main.yml diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml index 1cc529a..f9a96fd 100644 --- a/roles/traefik/tasks/main.yml +++ b/roles/traefik/tasks/main.yml @@ -8,15 +8,14 @@ register: check_docker_compose_file - name: "Stop traefik" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/traefik' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/traefik' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes - name: "Deploy docker templates for traefik" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -28,7 +27,7 @@ - name: "Deploy service templates for traefik" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "traefik" @@ -47,13 +46,9 @@ mode: '0600' - name: "Update traefik" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/traefik' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/traefik' + state: present + pull: yes tags: - update_deployment - -- name: "Start traefik" - shell: docker-compose up -d - args: - chdir: '{{ service_base_path }}/traefik' diff --git a/roles/upload-local-file/vars/main.yml b/roles/upload-local-file/vars/main.yml deleted file mode 100644 index ed97d53..0000000 --- a/roles/upload-local-file/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/upload-local-file/defaults/main.yml b/roles/upload_local_file/defaults/main.yml similarity index 100% rename from roles/upload-local-file/defaults/main.yml rename to roles/upload_local_file/defaults/main.yml diff --git a/roles/node-exporter/defaults/main.yml b/roles/upload_local_file/handlers/main.yml similarity index 100% rename from roles/node-exporter/defaults/main.yml rename to roles/upload_local_file/handlers/main.yml diff --git a/roles/node-exporter/handlers/main.yml b/roles/upload_local_file/meta/main.yml similarity index 100% rename from roles/node-exporter/handlers/main.yml rename to roles/upload_local_file/meta/main.yml diff --git a/roles/upload-local-file/tasks/main.yml b/roles/upload_local_file/tasks/main.yml similarity index 100% rename from roles/upload-local-file/tasks/main.yml rename to roles/upload_local_file/tasks/main.yml diff --git a/roles/node-exporter/meta/main.yml b/roles/upload_local_file/vars/main.yml similarity index 100% rename from roles/node-exporter/meta/main.yml rename to roles/upload_local_file/vars/main.yml diff --git a/roles/webdav/tasks/main.yaml b/roles/webdav/tasks/main.yaml index d024270..c47031d 100644 --- a/roles/webdav/tasks/main.yaml +++ b/roles/webdav/tasks/main.yaml @@ -8,15 +8,14 @@ register: check_docker_compose_file - name: "Stop webdav" - shell: docker-compose down - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ inventory_hostname }}' + state: absent when: check_docker_compose_file.stat.exists - ignore_errors: yes - name: "Deploy docker templates for {{ inventory_hostname }}" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "_docker" @@ -28,7 +27,7 @@ - name: "Deploy service templates for webdav" include_role: - name: _deploy + name: sma_deploy tasks_from: templates vars: current_config: "webdav" @@ -38,13 +37,9 @@ current_group: "{{ docker_group }}" - name: "Update {{ inventory_hostname }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' + community.docker.docker_compose: + project_src: '{{ service_base_path }}/{{ inventory_hostname }}' + state: present + pull: yes tags: - update_deployment - -- name: "Start {{ inventory_hostname }}" - shell: docker-compose up -d - args: - chdir: '{{ service_base_path }}/{{ inventory_hostname }}' diff --git a/roles/webdav-postgres/defaults/main.yml b/roles/webdav_postgres/defaults/main.yml similarity index 100% rename from roles/webdav-postgres/defaults/main.yml rename to roles/webdav_postgres/defaults/main.yml diff --git a/roles/webdav-postgres/tasks/main.yml b/roles/webdav_postgres/tasks/main.yml similarity index 100% rename from roles/webdav-postgres/tasks/main.yml rename to roles/webdav_postgres/tasks/main.yml diff --git a/roles/workflow-proxy-realm/handlers/main.yml b/roles/workflow-proxy-realm/handlers/main.yml deleted file mode 100644 index ed97d53..0000000 --- a/roles/workflow-proxy-realm/handlers/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/workflow-proxy-realm/meta/main.yml b/roles/workflow-proxy-realm/meta/main.yml deleted file mode 100644 index ed97d53..0000000 --- a/roles/workflow-proxy-realm/meta/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/workflow-proxy-realm/vars/main.yml b/roles/workflow-proxy-realm/vars/main.yml deleted file mode 100644 index ed97d53..0000000 --- a/roles/workflow-proxy-realm/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/workflow-index-postgres/defaults/main.yml b/roles/workflow_index_postgres/defaults/main.yml similarity index 100% rename from roles/workflow-index-postgres/defaults/main.yml rename to roles/workflow_index_postgres/defaults/main.yml diff --git a/roles/workflow-index-postgres/tasks/main.yml b/roles/workflow_index_postgres/tasks/main.yml similarity index 100% rename from roles/workflow-index-postgres/tasks/main.yml rename to roles/workflow_index_postgres/tasks/main.yml diff --git a/roles/workflow-proxy-postgres/defaults/main.yml b/roles/workflow_proxy_postgres/defaults/main.yml similarity index 100% rename from roles/workflow-proxy-postgres/defaults/main.yml rename to roles/workflow_proxy_postgres/defaults/main.yml diff --git a/roles/workflow-proxy-postgres/tasks/main.yml b/roles/workflow_proxy_postgres/tasks/main.yml similarity index 100% rename from roles/workflow-proxy-postgres/tasks/main.yml rename to roles/workflow_proxy_postgres/tasks/main.yml diff --git a/roles/workflow-proxy-realm/defaults/main.yml b/roles/workflow_proxy_realm/defaults/main.yml similarity index 100% rename from roles/workflow-proxy-realm/defaults/main.yml rename to roles/workflow_proxy_realm/defaults/main.yml diff --git a/roles/node-exporter/vars/main.yml b/roles/workflow_proxy_realm/handlers/main.yml similarity index 100% rename from roles/node-exporter/vars/main.yml rename to roles/workflow_proxy_realm/handlers/main.yml diff --git a/roles/upload-local-file/handlers/main.yml b/roles/workflow_proxy_realm/meta/main.yml similarity index 100% rename from roles/upload-local-file/handlers/main.yml rename to roles/workflow_proxy_realm/meta/main.yml diff --git a/roles/workflow-proxy-realm/tasks/main.yml b/roles/workflow_proxy_realm/tasks/main.yml similarity index 100% rename from roles/workflow-proxy-realm/tasks/main.yml rename to roles/workflow_proxy_realm/tasks/main.yml diff --git a/roles/upload-local-file/meta/main.yml b/roles/workflow_proxy_realm/vars/main.yml similarity index 100% rename from roles/upload-local-file/meta/main.yml rename to roles/workflow_proxy_realm/vars/main.yml diff --git a/setup.yml b/setup.yml index 63bc11e..0bfaffc 100644 --- a/setup.yml +++ b/setup.yml @@ -61,7 +61,7 @@ tags: - common - - role: node-exporter + - role: node_exporter when: - node_exporter_enabled tags: diff --git a/smardigo/provisioning/process/simple-connect.bpmn b/smardigo/provisioning/process/simple-connect.bpmn index 4125f38..fb8ee12 100644 --- a/smardigo/provisioning/process/simple-connect.bpmn +++ b/smardigo/provisioning/process/simple-connect.bpmn @@ -936,8 +936,8 @@ Keycloak Realm mit Administrator Account Shared Service Datenbanken erstellen -- connect-postgres -- ?connect-wordpress-maria +- connect_postgres +- ?connect_wordpress_maria - (Credentials in Vorgang ablegen) @@ -945,7 +945,7 @@ Datenbanken erstellen - Domain (Services) - connect -- ?connect-wordpress +- ?connect_wordpress Service auf Server deinstallieren @@ -965,8 +965,8 @@ Keycloak Realm mit Administrator Account Datenbanken löschen -- connect-postgres -- connect-wordpress-maria +- connect_postgres +- connect_wordpress_maria Shared Service diff --git a/tasks/smardigo_management_message.yml b/tasks/smardigo_management_message.yml index 5978066..d5e9961 100644 --- a/tasks/smardigo_management_message.yml +++ b/tasks/smardigo_management_message.yml @@ -27,8 +27,10 @@ Smardigo-User-Token: "{{ smardigo_auth_token_value }}" status_code: [200] delegate_to: 127.0.0.1 + register: sma_message retries: 5 delay: 5 + until: sma_message.status in [200] when: - scope_id is defined - process_instance_id is defined diff --git a/update-service-state.yml b/update-service-state.yml index 8558bfa..b343aa6 100644 --- a/update-service-state.yml +++ b/update-service-state.yml @@ -60,12 +60,12 @@ include_tasks: tasks/autodiscover_pre_tasks.yml roles: - - role: service-state + - role: service_state vars: service_id: "{{ connect_id }}" when: "'connect' in group_names" - - role: service-state + - role: service_state vars: service_id: "{{ wordpress_id }}" when: "'connect_wordpress' in group_names" diff --git a/upload-database-dumb.yml b/upload-database-dumb.yml index b8a6dcc..70a641f 100644 --- a/upload-database-dumb.yml +++ b/upload-database-dumb.yml @@ -63,7 +63,7 @@ include_tasks: tasks/autodiscover_pre_tasks.yml roles: - - role: upload-local-file + - role: upload_local_file when: - "'connect_wordpress' in group_names" - "upload_file is defined"