diff --git a/README.md b/README.md index 78852fa..9be9500 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ Install ansible role for managing hetzner cloud servers. pip3 install hcloud ansible-galaxy collection install hetzner.hcloud + ansible-galaxy collection install community.general # Setup Create/Start servers for stage-dev diff --git a/group_vars/all/plain.yml b/group_vars/all/plain.yml index 4a69355..5ff6857 100644 --- a/group_vars/all/plain.yml +++ b/group_vars/all/plain.yml @@ -10,7 +10,6 @@ http_s: "http{{ use_ssl | ternary('s', '', omit) }}" service_prefix: '' service_suffix: '' service_name: "{{ inventory_hostname }}" -service_url: "{{ service_name }}.{{ domain }}" stage_server_name: "{{ inventory_hostname }}" stage_server_hostname: "{{ inventory_hostname }}" diff --git a/roles/connect/defaults/main.yml b/roles/connect/defaults/main.yml index e7113e1..e4af2c7 100644 --- a/roles/connect/defaults/main.yml +++ b/roles/connect/defaults/main.yml @@ -1,8 +1,8 @@ --- -connect_image_name: 'docker.arxes-tolina.de/smardigo/connect-whitelabel-app' +connect_image_name: docker.arxes-tolina.de/smardigo/connect-whitelabel-app -connect_version: 'latest' +connect_version: '7.1.0-SNAPSHOT' connect_admin_username: "connect-admin" connect_admin_password: "connect-admin" @@ -11,8 +11,8 @@ connect_postgres_database: "connect-postgres" connect_postgres_admin_username: "connect-postgres-admin" connect_postgres_admin_password: "connect-postgres-admin" -connect_mail_properties_base_url: "{{ http_s }}://{{ service_url }}" -connect_mail_properties_base_url_extern: "{{ http_s }}://{{ service_url }}" +connect_mail_properties_base_url: "{{ http_s }}://{{ connect_id }}.{{ domain }}" +connect_mail_properties_base_url_extern: "{{ http_s }}://{{ connect_id }}.{{ domain }}" connect_id: "{{ service_name }}-connect" connect_postgres_id: "{{ service_name }}-postgres-connect" @@ -20,14 +20,14 @@ connect_postgres_id: "{{ service_name }}-postgres-connect" connect_labels: [ '"traefik.enable=true"', '"traefik.http.routers.{{ connect_id }}.service={{ connect_id }}"', - '"traefik.http.routers.{{ connect_id }}.rule=Host(`{{ service_url }}`)"', + '"traefik.http.routers.{{ connect_id }}.rule=Host(`{{ connect_id }}.{{ domain }}`)"', '"traefik.http.routers.{{ connect_id }}.entrypoints=websecure"', '"traefik.http.routers.{{ connect_id }}.tls=true"', '"traefik.http.routers.{{ connect_id }}.tls.certresolver=letsencrypt"', '"traefik.http.services.{{ connect_id }}.loadbalancer.server.port={{ service_port }}"', '"traefik.http.routers.{{ connect_id }}-admin.service={{ connect_id }}-admin"', - '"traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ service_url }}`)"', + '"traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ connect_id }}.{{ domain }}`)"', '"traefik.http.routers.{{ connect_id }}-admin.entrypoints=admin-service"', '"traefik.http.routers.{{ connect_id }}-admin.tls=true"', '"traefik.http.routers.{{ connect_id }}-admin.tls.certresolver=letsencrypt"', @@ -37,8 +37,8 @@ connect_labels: [ '"traefik.http.middlewares.{{ connect_id }}-admin-cors.headers.accesscontrolallowheaders=SMA_USER"', '"traefik.http.services.{{ connect_id }}-admin.loadbalancer.server.port={{ management_port }}"', - '"traefik.http.routers.{{ connect_id }}-monitor.service=node-exporter"', - '"traefik.http.routers.{{ connect_id }}-monitor.rule=Host(`{{ service_url }}`)"', + '"traefik.http.routers.{{ connect_id }}-monitor.service={{ service_name }}-node-exporter"', + '"traefik.http.routers.{{ connect_id }}-monitor.rule=Host(`{{ connect_id }}.{{ domain }}`)"', '"traefik.http.routers.{{ connect_id }}-monitor.entrypoints=admin-system"', '"traefik.http.routers.{{ connect_id }}-monitor.tls=true"', '"traefik.http.routers.{{ connect_id }}-monitor.tls.certresolver=letsencrypt"', diff --git a/roles/connect/tasks/main.yml b/roles/connect/tasks/main.yml index f1b54c1..44ff830 100644 --- a/roles/connect/tasks/main.yml +++ b/roles/connect/tasks/main.yml @@ -18,28 +18,34 @@ when: - send_status_messages -- name: "Setup DNS configuration for {{ service_name }}" - include_role: - name: _digitalocean - tasks_from: domain - vars: - record_data: "{{ stage_server_ip }}" - record_name: "{{ service_name }}" +- name: Gather current server infos + hcloud_server_info: + api_token: "{{ hetzner_authentication_token }}" + register: hetzner_server_infos + delegate_to: 127.0.0.1 + become: false -- name: "Setup public DNS configuration for {{ service_name }}" +- name: Save current server infos as variable (fact) + set_fact: + hetzner_server_infos_json: "{{ hetzner_server_infos.hcloud_server_info }}" + delegate_to: 127.0.0.1 + become: false + +- name: Read ip for {{ inventory_hostname }} + set_fact: + stage_server_ip: "{{ item.ipv4_address }}" + when: item.name == inventory_hostname + with_items: "{{ hetzner_server_infos_json }}" + delegate_to: 127.0.0.1 + become: false + +- name: "Setup DNS configuration for {{ service_name }} connect" include_role: name: _digitalocean tasks_from: domain vars: - record_data: "{{ item.ip }}" - record_name: "{{ item.name }}" - loop: "{{ connect_public_dns_entries }}" - when: connect_public_dns_entries is defined - -- name: "Check docker networks" - include_role: - name: _docker - tasks_from: networks + record_data: "{{ stage_server_ip }}" + record_name: "{{ service_name }}-connect" - name: "Check if {{ service_name }}/docker-compose.yml exists" stat: @@ -69,12 +75,12 @@ current_group: "{{ docker_group }}" current_docker: "{{ connect_docker }}" -- name: "Update {{ service_name }}" - shell: docker-compose pull - args: - chdir: '{{ service_base_path }}/{{ service_name }}' - tags: - - update_deployment +#- name: "Update {{ service_name }}" +# shell: docker-compose pull +# args: +# chdir: '{{ service_base_path }}/{{ service_name }}' +# tags: +# - update_deployment - name: "Start {{ service_name }}" shell: docker-compose up -d @@ -83,42 +89,6 @@ tags: - update_deployment -- name: "Update caddy configuration for {{ service_name }}" - include_role: - name: _deploy - tasks_from: caddy_config - vars: - current_service: "{{ service_name }}" - current_services: [ - { - external: "{{ service_url }}", - internal: "{{ service_name }}-connect:{{ service_port }}", - }, - { - external: "{{ service_url }}:{{ monitor_port_service }}", - internal: "{{ service_name }}-connect:{{ management_port }}", - }, - { - external: "{{ service_url }}:{{ monitor_port_system }}", - internal: "node-exporter:{{ service_port_node_exporter }}", - }, - ] - -- name: "Update public caddy configuration for {{ service_name }}" - include_role: - name: _deploy - tasks_from: caddy_config - vars: - current_service: "{{ service_name }}-{{ item.name }}" - current_services: [ - { - external: "{{ item.name }}.{{ domain }}", - internal: "{{ service_name }}-connect:{{ service_port }}", - } - ] - loop: "{{ connect_public_dns_entries }}" - when: connect_public_dns_entries is defined - - name: "Update landing page entries for {{ service_name }}" include_role: name: _deploy @@ -127,50 +97,12 @@ current_services: [ { current_name: "{{ service_name }}", - current_url: "{{ http_s }}://{{ service_url }}", - current_version: "{{ connect_version }}", - current_date: "{{ ansible_date_time.iso8601 }}", - management: "{{ http_s }}://{{ service_url }}:{{ monitor_port_service }}/management", - }, - ] - tags: - - update_deployment - -- name: "Update landing page with public entries {{ service_name }}" - include_role: - name: _deploy - tasks_from: caddy_landing_page - vars: - current_services: [ - { - current_name: "{{ item.name }}", - current_url: "{{ http_s }}://{{ item.name }}.{{ domain }}", - current_version: "{{ connect_version }}", - current_date: "{{ ansible_date_time.iso8601 }}", - management: "{{ http_s }}://{{ service_url }}:{{ monitor_port_service }}/management", - }, - ] - loop: "{{ connect_public_dns_entries }}" - when: connect_public_dns_entries is defined - tags: - - update_deployment - -- name: "Update landing page with extra entries for {{ service_name }}" - include_role: - name: _deploy - tasks_from: caddy_landing_page - vars: - current_services: [ - { - current_name: "{{ item.name }}", - current_url: "{{ item.domain }}", + current_url: "{{ http_s }}://{{ connect_id }}.{{ domain }}", current_version: "{{ connect_version }}", current_date: "{{ ansible_date_time.iso8601 }}", - management: "{{ http_s }}://{{ service_url }}:{{ monitor_port_service }}/management", + management: "{{ http_s }}://{{ connect_id }}.{{ domain }}:{{ monitor_port_service }}/management", }, ] - loop: "{{ connect_extra_domain_entries }}" - when: connect_extra_domain_entries is defined tags: - update_deployment diff --git a/roles/node-exporter/defaults/main.yml b/roles/node-exporter/defaults/main.yml index 96fcf04..56dd6f4 100644 --- a/roles/node-exporter/defaults/main.yml +++ b/roles/node-exporter/defaults/main.yml @@ -49,7 +49,7 @@ node_exporter_docker: { labels: [ '"traefik.enable=true"', '"traefik.http.routers.{{ node_exporter_id }}.service={{ node_exporter_id }}"', - '"traefik.http.routers.{{ node_exporter_id }}.rule=Host(`{{ service_url }}`)"', + '"traefik.http.routers.{{ node_exporter_id }}.rule=Host(`{{ node_exporter_id }}.{{ domain }}`)"', '"traefik.http.routers.{{ node_exporter_id }}.entrypoints=admin-system"', '"traefik.http.routers.{{ node_exporter_id }}.tls=true"', '"traefik.http.routers.{{ node_exporter_id }}.tls.certresolver=letsencrypt"', diff --git a/templates/prometheus/config/prometheus/prometheus.yml.j2 b/templates/prometheus/config/prometheus/prometheus.yml.j2 index 45af8e2..564db69 100644 --- a/templates/prometheus/config/prometheus/prometheus.yml.j2 +++ b/templates/prometheus/config/prometheus/prometheus.yml.j2 @@ -53,7 +53,7 @@ scrape_configs: {{ target }} {% endfor %} {% for host in groups['connect'] | default([]) %} - '{{ host }}.{{ domain }}:{{ monitor_port_service }}', + '{{ host }}-connect.{{ domain }}:{{ monitor_port_service }}', {% endfor %} ] labels: