feat: setup connect servers

5 years ago · 4b8ea52d05
parent 57ff124d00
commit 4b8ea52d05
6 changed files with 42 additions and 110 deletions
--- a/README.md
+++ b/README.md
@ -11,6 +11,7 @@ Install ansible role for managing hetzner cloud servers.

    pip3 install hcloud
    ansible-galaxy collection install hetzner.hcloud
+    ansible-galaxy collection install community.general

 # Setup
 Create/Start servers for stage-dev
--- a/group_vars/all/plain.yml
+++ b/group_vars/all/plain.yml
@ -10,7 +10,6 @@ http_s: "http{{ use_ssl | ternary('s', '', omit) }}"
 service_prefix: ''
 service_suffix: ''
 service_name: "{{ inventory_hostname }}"
-service_url: "{{ service_name }}.{{ domain }}"

 stage_server_name: "{{ inventory_hostname }}"
 stage_server_hostname: "{{ inventory_hostname }}"
--- a/roles/connect/defaults/main.yml
+++ b/roles/connect/defaults/main.yml
@ -1,8 +1,8 @@
 ---

-connect_image_name: 'docker.arxes-tolina.de/smardigo/connect-whitelabel-app'
+connect_image_name: docker.arxes-tolina.de/smardigo/connect-whitelabel-app

-connect_version: 'latest'
+connect_version: '7.1.0-SNAPSHOT'
 connect_admin_username: "connect-admin"
 connect_admin_password: "connect-admin"

@ -11,8 +11,8 @@ connect_postgres_database: "connect-postgres"
 connect_postgres_admin_username: "connect-postgres-admin"
 connect_postgres_admin_password: "connect-postgres-admin"

-connect_mail_properties_base_url: "{{ http_s }}://{{ service_url }}"
-connect_mail_properties_base_url_extern: "{{ http_s }}://{{ service_url }}"
+connect_mail_properties_base_url: "{{ http_s }}://{{ connect_id }}.{{ domain }}"
+connect_mail_properties_base_url_extern: "{{ http_s }}://{{ connect_id }}.{{ domain }}"

 connect_id: "{{ service_name }}-connect"
 connect_postgres_id: "{{ service_name }}-postgres-connect"
@ -20,14 +20,14 @@ connect_postgres_id: "{{ service_name }}-postgres-connect"
 connect_labels: [
  '"traefik.enable=true"',
  '"traefik.http.routers.{{ connect_id }}.service={{ connect_id }}"',
-  '"traefik.http.routers.{{ connect_id }}.rule=Host(`{{ service_url }}`)"',
+  '"traefik.http.routers.{{ connect_id }}.rule=Host(`{{ connect_id }}.{{ domain }}`)"',
  '"traefik.http.routers.{{ connect_id }}.entrypoints=websecure"',
  '"traefik.http.routers.{{ connect_id }}.tls=true"',
  '"traefik.http.routers.{{ connect_id }}.tls.certresolver=letsencrypt"',
  '"traefik.http.services.{{ connect_id }}.loadbalancer.server.port={{ service_port }}"',

  '"traefik.http.routers.{{ connect_id }}-admin.service={{ connect_id }}-admin"',
-  '"traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ service_url }}`)"',
+  '"traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ connect_id }}.{{ domain }}`)"',
  '"traefik.http.routers.{{ connect_id }}-admin.entrypoints=admin-service"',
  '"traefik.http.routers.{{ connect_id }}-admin.tls=true"',
  '"traefik.http.routers.{{ connect_id }}-admin.tls.certresolver=letsencrypt"',
@ -37,8 +37,8 @@ connect_labels: [
  '"traefik.http.middlewares.{{ connect_id }}-admin-cors.headers.accesscontrolallowheaders=SMA_USER"',
  '"traefik.http.services.{{ connect_id }}-admin.loadbalancer.server.port={{ management_port }}"',

-  '"traefik.http.routers.{{ connect_id }}-monitor.service=node-exporter"',
-  '"traefik.http.routers.{{ connect_id }}-monitor.rule=Host(`{{ service_url }}`)"',
+  '"traefik.http.routers.{{ connect_id }}-monitor.service={{ service_name }}-node-exporter"',
+  '"traefik.http.routers.{{ connect_id }}-monitor.rule=Host(`{{ connect_id }}.{{ domain }}`)"',
  '"traefik.http.routers.{{ connect_id }}-monitor.entrypoints=admin-system"',
  '"traefik.http.routers.{{ connect_id }}-monitor.tls=true"',
  '"traefik.http.routers.{{ connect_id }}-monitor.tls.certresolver=letsencrypt"',
--- a/roles/connect/tasks/main.yml
+++ b/roles/connect/tasks/main.yml
@ -18,28 +18,34 @@
  when:
    - send_status_messages

- name: "Setup DNS configuration for {{ service_name }}"
-  include_role:
-    name: _digitalocean
-    tasks_from: domain
-  vars:
-    record_data: "{{ stage_server_ip }}"
-    record_name: "{{ service_name }}"
+- name: Gather current server infos
+  hcloud_server_info:
+    api_token: "{{ hetzner_authentication_token }}"
+  register: hetzner_server_infos
+  delegate_to: 127.0.0.1
+  become: false

- name: "Setup public DNS configuration for {{ service_name }}"
+- name: Save current server infos as variable (fact)
+  set_fact: 
+    hetzner_server_infos_json: "{{ hetzner_server_infos.hcloud_server_info }}"
+  delegate_to: 127.0.0.1
+  become: false
+
+- name: Read ip for {{ inventory_hostname }}
+  set_fact:
+    stage_server_ip: "{{ item.ipv4_address }}"
+  when: item.name == inventory_hostname
+  with_items: "{{ hetzner_server_infos_json }}"
+  delegate_to: 127.0.0.1
+  become: false
+
+- name: "Setup DNS configuration for {{ service_name }} connect"
  include_role:
    name: _digitalocean
    tasks_from: domain
  vars:
-    record_data: "{{ item.ip }}"
-    record_name: "{{ item.name }}"
-  loop: "{{ connect_public_dns_entries }}"
-  when: connect_public_dns_entries is defined
-
- name: "Check docker networks"
-  include_role:
-    name: _docker
-    tasks_from: networks
+    record_data: "{{ stage_server_ip }}"
+    record_name: "{{ service_name }}-connect"

 - name: "Check if {{ service_name }}/docker-compose.yml exists"
  stat:
@ -69,12 +75,12 @@
    current_group: "{{ docker_group }}"
    current_docker: "{{ connect_docker }}"

- name: "Update {{ service_name }}"
-  shell: docker-compose pull
-  args:
-    chdir: '{{ service_base_path }}/{{ service_name }}'
-  tags:
-    - update_deployment
+#- name: "Update {{ service_name }}"
+#  shell: docker-compose pull
+#  args:
+#    chdir: '{{ service_base_path }}/{{ service_name }}'
+#  tags:
+#    - update_deployment

 - name: "Start {{ service_name }}"
  shell: docker-compose up -d
@ -83,42 +89,6 @@
  tags:
    - update_deployment

- name: "Update caddy configuration for {{ service_name }}"
-  include_role:
-    name: _deploy
-    tasks_from: caddy_config
-  vars:
-    current_service: "{{ service_name }}"
-    current_services: [
-      {
-        external: "{{ service_url }}",
-        internal: "{{ service_name }}-connect:{{ service_port }}",
-      },
-      {
-        external: "{{ service_url }}:{{ monitor_port_service }}",
-        internal: "{{ service_name }}-connect:{{ management_port }}",
-      },
-      {
-        external: "{{ service_url }}:{{ monitor_port_system }}",
-        internal: "node-exporter:{{ service_port_node_exporter }}",
-      },
-    ]
-
- name: "Update public caddy configuration for {{ service_name }}"
-  include_role:
-    name: _deploy
-    tasks_from: caddy_config
-  vars:
-    current_service: "{{ service_name }}-{{ item.name }}"
-    current_services: [
-      {
-        external: "{{ item.name }}.{{ domain }}",
-        internal: "{{ service_name }}-connect:{{ service_port }}",
-      }
-    ]
-  loop: "{{ connect_public_dns_entries }}"
-  when: connect_public_dns_entries is defined
-
 - name: "Update landing page entries for {{ service_name }}"
  include_role:
    name: _deploy
@ -127,50 +97,12 @@
    current_services: [
      {
        current_name: "{{ service_name }}",
-        current_url: "{{ http_s }}://{{ service_url }}",
-        current_version: "{{ connect_version }}",
-        current_date: "{{ ansible_date_time.iso8601 }}",
-        management: "{{ http_s }}://{{ service_url }}:{{ monitor_port_service }}/management",
-      },
-    ]
-  tags:
-    - update_deployment
-
- name: "Update landing page with public entries {{ service_name }}"
-  include_role:
-    name: _deploy
-    tasks_from: caddy_landing_page
-  vars:
-    current_services: [
-      {
-        current_name: "{{ item.name }}",
-        current_url: "{{ http_s }}://{{ item.name }}.{{ domain }}",
-        current_version: "{{ connect_version }}",
-        current_date: "{{ ansible_date_time.iso8601 }}",
-        management: "{{ http_s }}://{{ service_url }}:{{ monitor_port_service }}/management",
-      },
-    ]
-  loop: "{{ connect_public_dns_entries }}"
-  when: connect_public_dns_entries is defined
-  tags:
-    - update_deployment
-
- name: "Update landing page with extra entries for {{ service_name }}"
-  include_role:
-    name: _deploy
-    tasks_from: caddy_landing_page
-  vars:
-    current_services: [
-      {
-        current_name: "{{ item.name }}",
-        current_url: "{{ item.domain }}",
+        current_url: "{{ http_s }}://{{ connect_id }}.{{ domain }}",
        current_version: "{{ connect_version }}",
        current_date: "{{ ansible_date_time.iso8601 }}",
-        management: "{{ http_s }}://{{ service_url }}:{{ monitor_port_service }}/management",
+        management: "{{ http_s }}://{{ connect_id }}.{{ domain }}:{{ monitor_port_service }}/management",
      },
    ]
-  loop: "{{ connect_extra_domain_entries }}"
-  when: connect_extra_domain_entries is defined
  tags:
    - update_deployment

--- a/roles/node-exporter/defaults/main.yml
+++ b/roles/node-exporter/defaults/main.yml
@ -49,7 +49,7 @@ node_exporter_docker: {
      labels: [
        '"traefik.enable=true"',
        '"traefik.http.routers.{{ node_exporter_id }}.service={{ node_exporter_id }}"',
-        '"traefik.http.routers.{{ node_exporter_id }}.rule=Host(`{{ service_url }}`)"',
+        '"traefik.http.routers.{{ node_exporter_id }}.rule=Host(`{{ node_exporter_id }}.{{ domain }}`)"',
        '"traefik.http.routers.{{ node_exporter_id }}.entrypoints=admin-system"',
        '"traefik.http.routers.{{ node_exporter_id }}.tls=true"',
        '"traefik.http.routers.{{ node_exporter_id }}.tls.certresolver=letsencrypt"',
--- a/templates/prometheus/config/prometheus/prometheus.yml.j2
+++ b/templates/prometheus/config/prometheus/prometheus.yml.j2
@ -53,7 +53,7 @@ scrape_configs:
          {{ target }}
 {% endfor %}
 {% for host in groups['connect'] | default([]) %}
-          '{{ host }}.{{ domain }}:{{ monitor_port_service }}',
+          '{{ host }}-connect.{{ domain }}:{{ monitor_port_service }}',
 {% endfor %}
        ]
        labels: