gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

SMARCH-89: feat: added setup for connect wordpress with database dump

Browse Source
master
Sven Ketelsen 4 years ago
parent b01ae836f5
commit 7f4b338477
24 changed files with 243 additions and 92 deletions
Show Stats Download Patch File Download Diff File

77
create-db-import.yml
Unescape Escape View File

@ -0,0 +1,77 @@
---
# Example call:
# poetry run ansible-playbook create-db-import.yml --ask-vault-pass -e "cluster_name='maria' cluster_size='1' stage='dev' upload_file='dumps/import.sql' uploaded_file='import.sql' target_database=test01"
# How this stuff works:
# If `upload_file` is defined the upload role save the binary to `upload_directory` (default /tmp)
# If `uploaded_file` and `target_database` are defined the import role imports from file basename `uploaded_file` to `target_database`
# If both role conditions match the upload role trigger first.
#############################################################
# Creating inventory dynamically for given parameters
#############################################################
- hosts: localhost
connection: local
gather_facts: false
pre_tasks:
- name: "Check if ansible version is at least 2.10.x"
assert:
that:
- ansible_version.major >= 2
- ansible_version.minor >= 10
msg: "The ansible version has to be at least ({{ ansible_version.full }})"
tasks:
- name: Add hosts
add_host:
name: "{{ stage }}-{{ cluster_name }}-{{ '%02d' | format(item|int) }}"
groups:
- "stage_{{ stage }}"
- "upload_local_file"
- "import_maria_database"
with_sequence: start=1 end={{ cluster_size | default(1) }}
changed_when: False
#############################################################
# Setup services for created inventory
#############################################################
- hosts: "stage_{{ stage }}"
serial: "{{ serial_number | default(1) }}"
remote_user: root
pre_tasks:
- name: "Gathering current server infos from hetzner"
hcloud_server_info:
api_token: "{{ hetzner_authentication_token }}"
register: hetzner_server_infos
delegate_to: 127.0.0.1
- name: "Setting current server infos as fact: hetzner_server_infos_json"
set_fact:
hetzner_server_infos_json: "{{ hetzner_server_infos.hcloud_server_info }}"
delegate_to: 127.0.0.1
- name: "Reading ip address for {{ inventory_hostname }}"
set_fact:
stage_server_ip: "{{ hetzner_server_infos_json | json_query(querystr) | first }}"
vars:
querystr: "[?name=='{{ inventory_hostname }}'].ipv4_address"
delegate_to: 127.0.0.1
- name: "Printing ip address for {{ inventory_hostname }}"
debug:
msg: "{{ stage_server_ip }}"
delegate_to: 127.0.0.1
when:
- debug
roles:
- role: upload-local-file
when: "'upload_local_file' in group_names and upload_file is defined"
- role: import-maria-database
when: "'import_maria_database' in group_names and target_database is defined and uploaded_file is defined"

6
create-service.yml
Unescape Escape View File

@ -42,7 +42,7 @@
delegate_to: 127.0.0.1
- name: "Setting current server infos as fact: hetzner_server_infos_json"
set_fact:
set_fact:
hetzner_server_infos_json: "{{ hetzner_server_infos.hcloud_server_info }}"
delegate_to: 127.0.0.1
@ -63,8 +63,8 @@
roles:
- role: connect
when: "'connect' in group_names"
- role: wordpress
when: "'wordpress' in group_names"
- role: connect-wordpress
when: "'connect_wordpress' in group_names"
#############################################################
# run provisioning against newly created inventory

3
group_vars/all/plain.yml
Unescape Escape View File

@ -144,3 +144,6 @@ hetzner_ssh_keys:
#vault_ansible_password: "< see vault >"
#vault_replicator_user_password: "< see vault >"
mysql_root_username: "root"
mysql_root_password: "maria-admin"

45
group_vars/connect_wordpress/plain.yml
Unescape Escape View File

@ -3,3 +3,48 @@
connect_wordpress_maria_database_name: "{{ stage }}_{{ tenant_id }}_{{ cluster_name }}_{{ cluster_service }}"
connect_wordpress_maria_username: "{{ connect_wordpress_maria_database_name }}"
connect_wordpress_maria_password: "connect-wordpress-maria-admin"
connect_wordpress_maria_host: "{{ shared_service_maria_hostname }}"
connect_wordpress_maria_database_name: "{{ stage }}_{{ tenant_id }}_{{ cluster_name }}_{{ cluster_service }}"
connect_wordpress_maria_username: "{{ connect_wordpress_maria_database_name }}"
connect_wordpress_maria_password: "connect-wordpress-maria-admin"
wordpress_domain_external: "https://{{ stage_server_url_host }}"
wordpress_client_id: "{{ cluster_name }}"
wordpress_buergerportal_username: "wordpress-admin"
wordpress_buergerportal_password: "wordpress-admin"
current_realm_users: [
{
"username": "{{ wordpress_buergerportal_username }}",
"password": "{{ wordpress_buergerportal_password }}",
}
]
current_realm_clients: [
{
clientId: "{{ wordpress_client_id }}",
name: '{{ wordpress_client_id }}',
admin_url: '',
root_url: '',
redirect_uris: '
[
"https://{{ service_name }}.{{ domain }}/*",
]',
secret: '{{ cluster_name }}',
web_origins: '
[
"https://{{ service_name }}.{{ domain }}/*",
]',
}
]
wordpress_oidc_client_id: "{{ wordpress_client_id }}"
wordpress_oidc_client_secret: "{{ cluster_name }}"
sk_nrw_issuer: "idc"
sk_nrw_provider_url: "idc"
sk_nrw_client_id: "idc"
sk_nrw_client_secret: "idc"
smardigo_auth_token_name: "idc"
smardigo_auth_token_value: "idc"

6
group_vars/maria/plain.yml
Unescape Escape View File

@ -2,9 +2,7 @@
hetzner_server_type: cpx11
hetzner_server_labels: "stage={{ stage }} service=maria"
mysql_databases: []
mysql_users: []
mysql_databases: []
mysql_users: []

40
group_vars/wordpress/plain.yml
Unescape Escape View File

@ -1,40 +0,0 @@
---
wordpress_mysql_root_password: "wordpress-mysql-root-password"
wordpress_mysql_database: "wordpress-mysql"
wordpress_mysql_username: "wordpress-mysql-admin"
wordpress_mysql_password: "wordpress-mysql-admin"
wordpress_domain_external: "{{ http_s }}://{{ stage_server_url_host }}"
wordpress_client_id: "{{ cluster_name }}"
wordpress_buergerportal_username: "wordpress-admin"
wordpress_buergerportal_password: "wordpress-admin"
current_realm_users: [
{
"username": "{{ wordpress_buergerportal_username }}",
"password": "{{ wordpress_buergerportal_password }}",
}
]
current_realm_clients: [
{
clientId: "{{ wordpress_client_id }}",
name: '{{ wordpress_client_id }}',
admin_url: '',
root_url: '',
redirect_uris: '
[
"https://{{ service_name }}.{{ domain }}/*",
]',
secret: '{{ cluster_name }}',
web_origins: '
[
"https://{{ service_name }}.{{ domain }}/*",
]',
}
]
wordpress_oidc_client_id: "{{ wordpress_client_id }}"
wordpress_oidc_client_secret: "{{ cluster_name }}"

3
roles/connect-wordpress-maria/defaults/main.yml
Unescape Escape View File

@ -15,4 +15,5 @@ mysql_users: [
password: "{{ connect_wordpress_maria_password }}",
priv: "{{ connect_wordpress_maria_database_name }}.*:ALL",
}
]
]

2
roles/connect-wordpress-maria/tasks/main.yml
Unescape Escape View File

@ -29,4 +29,4 @@
delegate_to: 127.0.0.1
become: false
when:
- send_status_messages
- send_status_messages

3
roles/connect-wordpress/defaults/main.yml
Unescape Escape View File

@ -0,0 +1,3 @@
---
wordpress_image_name: "{{ shared_service_docker_registry_hostname }}/smardigo/wordpress"
wordpress_image_version: '1.3.0'

0
roles/wordpress/handlers/main.yml → roles/connect-wordpress/handlers/main.yml
Unescape Escape View File

0
roles/wordpress/meta/main.yml → roles/connect-wordpress/meta/main.yml
Unescape Escape View File

2
roles/wordpress/tasks/main.yml → roles/connect-wordpress/tasks/main.yml
Unescape Escape View File

@ -22,7 +22,7 @@
tasks_from: domain
vars:
record_data: "{{ stage_server_ip }}"
record_name: "{{ service_name }}"
record_name: "{{ service_name }}-wordpress"
- name: "Check if {{ wordpress_id }}/docker-compose.yml exists"
stat:

49
roles/wordpress/vars/main.yml → roles/connect-wordpress/vars/main.yml
Unescape Escape View File

@ -1,12 +1,12 @@
---
wordpress_id: "{{ service_name }}-wordpress"
wordpress_mysql_id: "{{ service_name }}-mysql_wordpress"
wordpress_base_url: "{{ stage_server_hostname }}-wordpress.{{ domain }}"
wordpress_labels: [
'"traefik.enable=true"',
'"traefik.http.routers.{{ wordpress_id }}.service={{ wordpress_id }}"',
'"traefik.http.routers.{{ wordpress_id }}.rule=Host(`{{ stage_server_url_host }}`)"',
'"traefik.http.routers.{{ wordpress_id }}.rule=Host(`{{ wordpress_base_url }}`)"',
'"traefik.http.routers.{{ wordpress_id }}.entrypoints=websecure"',
'"traefik.http.routers.{{ wordpress_id }}.tls=true"',
'"traefik.http.routers.{{ wordpress_id }}.tls.certresolver=letsencrypt"',
@ -28,9 +28,6 @@ wordpress_docker: {
{
name: "{{ wordpress_id }}-content"
},
{
name: "{{ wordpress_mysql_id }}-data"
}
],
services: [
{
@ -39,23 +36,29 @@ wordpress_docker: {
image_version: "{{ wordpress_image_version }}",
labels: "{{ wordpress_labels + ( wordpress_labels_additional | default([])) }}",
environment: [
"WORDPRESS_DB_HOST: \"{{ wordpress_mysql_id }}:{{ service_port_mysql }}\"",
"WORDPRESS_DB_USER: \"{{ wordpress_mysql_username }}\"",
"WORDPRESS_DB_PASSWORD: \"{{ wordpress_mysql_password }}\"",
"WORDPRESS_DB_NAME: \"{{ wordpress_mysql_database }}\"",
"WORDPRESS_DB_HOST: \"{{ connect_wordpress_maria_host }}:{{ wordpress_mysql_port | default('3306') }}\"",
"WORDPRESS_DB_USER: \"{{ connect_wordpress_maria_username }}\"",
"WORDPRESS_DB_PASSWORD: \"{{ connect_wordpress_maria_password }}\"",
"WORDPRESS_DB_NAME: \"{{ connect_wordpress_maria_database_name }}\"",
"WORDPRESS_DEBUG: \"{{ wordpress_debug | default(1) }}\"",
"WORDPRESS_DOMAIN: \"{{ wordpress_domain_external }}\"",
"WORDPRESS_CONFIG_EXTRA: |",
" define( 'WP_HOME', 'https://dev-sken-test04-01.smardigo.digital' );",
" define( 'WP_SITEURL', 'https://dev-sken-test04-01.smardigo.digital' );",
"AUTH_API: \"{{ http_s }}://{{ shared_service_keycloak_hostname }}\"",
"RESOURCE_API: \"{{ http_s }}://{{ stage_server_url_host }}\"",
" define( 'WP_HOME', 'https://{{ wordpress_base_url }}' );",
" define( 'WP_SITEURL', 'https://{{ wordpress_base_url }}' );",
"AUTH_API: \"https://{{ shared_service_keycloak_hostname }}\"",
"RESOURCE_API: \"https://{{ stage_server_url_host }}\"",
"REALM_ID: \"{{ current_realm_name }}\"",
"REGISTRATION_ID: \"{{ wordpress_oidc_client_id }}\"",
"CLIENT_ID: \"{{ wordpress_oidc_client_id }}\"",
"CLIENT_SECRET: \"{{ wordpress_oidc_client_secret }}\"",
"CLIENT_USERNAME: \"{{ wordpress_buergerportal_username }}\"",
"CLIENT_PASSWORD: \"{{ wordpress_buergerportal_password }}\"",
"SK_NRW_ISSUER: \"{{ sk_nrw_issuer }}\"",
"SK_NRW_PROVIDER_URL: \"{{ sk_nrw_provider_url }}\"",
"SK_NRW_CLIENT_ID: \"{{ sk_nrw_client_id }}\"",
"SK_NRW_CLIENT_SECRET: \"{{ sk_nrw_client_secret }}\"",
"SMARDIGO_AUTH_TOKEN_NAME: \"{{ smardigo_auth_token_name }}\"",
"SMARDIGO_AUTH_TOKEN_VALUE: \"{{ smardigo_auth_token_value }}\"",
],
volumes: [
'"{{ wordpress_id }}-content:/var/www/html/wp-content"',
@ -66,23 +69,5 @@ wordpress_docker: {
],
extra_hosts: "{{ wordpress_extra_hosts | default([]) }}",
},
{
name: "{{ wordpress_mysql_id }}",
image_name: "{{ wordpress_mysql_image_name }}",
image_version: "{{ wordpress_mysql_image_version }}",
environment: [
"MYSQL_ROOT_PASSWORD: \"{{ wordpress_mysql_root_password }}\"",
"MYSQL_DATABASE: \"{{ wordpress_mysql_database }}\"",
"MYSQL_USER: \"{{ wordpress_mysql_username }}\"",
"MYSQL_PASSWORD: \"{{ wordpress_mysql_password }}\"",
],
volumes: [
'"{{ wordpress_mysql_id }}-data:/var/lib/mysql"',
],
networks: [
'"back-tier"',
],
ports: "{{ wordpress_mysql_ports | default([]) }}",
},
],
}
}

3
roles/import-maria-database/defaults/main.yml
Unescape Escape View File

@ -0,0 +1,3 @@
---
upload_directory: /tmp

1
roles/import-maria-database/handlers/main.yml
Unescape Escape View File

@ -0,0 +1 @@
---

1
roles/import-maria-database/meta/main.yml
Unescape Escape View File

@ -0,0 +1 @@
---

42
roles/import-maria-database/tasks/main.yml
Unescape Escape View File

@ -0,0 +1,42 @@
---
- name: "Send mattermost message"
uri:
url: "{{ mattermost_hook_smardigo }}"
method: POST
body: "{{ lookup('template','mattermost-deploy-start.json.j2') }}"
body_format: json
headers:
Content-Type: "application/json"
delegate_to: 127.0.0.1
become: false
when:
- send_status_messages # TODO: Message Refactor :')
- name: "Destroy {{ target_database }}"
community.mysql.mysql_db:
name: "{{ target_database }}"
state: absent
config_file: "/etc/mysql/mariadb.conf.d/50-client.cnf"
login_password: "{{ mysql_root_password }}"
- name: "Import database from {{ upload_directory }}/{{ uploaded_file }} to {{ target_database }}"
community.mysql.mysql_db:
name: "{{ target_database }}"
state: import
target: "/tmp/{{ uploaded_file }}"
config_file: "/etc/mysql/mariadb.conf.d/50-client.cnf"
login_password: "{{ mysql_root_password }}"
- name: "Send mattermost message"
uri:
url: "{{ mattermost_hook_smardigo }}"
method: POST
body: "{{ lookup('template','mattermost-deploy-end.json.j2') }}"
body_format: json
headers:
Content-Type: "application/json"
delegate_to: 127.0.0.1
become: false
when:
- send_status_messages # TODO: Message Refactor :')

2
roles/import-maria-database/vars/main.yml
Unescape Escape View File

@ -0,0 +1,2 @@
---

3
roles/upload-local-file/defaults/main.yml
Unescape Escape View File

@ -0,0 +1,3 @@
---
upload_directory: /tmp

1
roles/upload-local-file/handlers/main.yml
Unescape Escape View File

@ -0,0 +1 @@
---

1
roles/upload-local-file/meta/main.yml
Unescape Escape View File

@ -0,0 +1 @@
---

33
roles/upload-local-file/tasks/main.yml
Unescape Escape View File

@ -0,0 +1,33 @@
---
- name: "Send mattermost message"
uri:
url: "{{ mattermost_hook_smardigo }}"
method: POST
body: "{{ lookup('template','mattermost-deploy-start.json.j2') }}"
body_format: json
headers:
Content-Type: "application/json"
delegate_to: 127.0.0.1
become: false
when:
- send_status_messages # TODO: Message Refactor :')
- name: "Copy file to remote locations {{ upload_directory }}/{{ upload_file | basename }}"
copy:
src: "{{ upload_file }}"
dest: "{{ upload_directory }}/{{ upload_file | basename }}"
mode: 0644
- name: "Send mattermost message"
uri:
url: "{{ mattermost_hook_smardigo }}"
method: POST
body: "{{ lookup('template','mattermost-deploy-end.json.j2') }}"
body_format: json
headers:
Content-Type: "application/json"
delegate_to: 127.0.0.1
become: false
when:
- send_status_messages # TODO: Message Refactor :')

2
roles/upload-local-file/vars/main.yml
Unescape Escape View File

@ -0,0 +1,2 @@
---

10
roles/wordpress/defaults/main.yml
Unescape Escape View File

@ -1,10 +0,0 @@
---
wordpress_image_name: "wordpress"
wordpress_image_version: '5.7.2'
wordpress_mysql_image_name: "mysql"
wordpress_mysql_image_version: "8.0.22"
wordpress_admin_username: "wordpress-admin"
wordpress_admin_password: "wordpress-admin"
Write Preview
Loading…
Cancel
Save