diff --git a/ansible-builder/README.md b/ansible-builder/README.md
new file mode 100644
index 0000000..c5489bf
--- /dev/null
+++ b/ansible-builder/README.md
@@ -0,0 +1,4 @@
+# Execution Environment for AWX
+
+ ansible-builder build --tag dev-docker-registry-01.smardigo.digital/awx/awx-custom-ee:latest
+ docker push dev-docker-registry-01.smardigo.digital/awx/awx-custom-ee
diff --git a/ansible-builder/context/.gitignore b/ansible-builder/context/.gitignore
new file mode 100644
index 0000000..ba65b13
--- /dev/null
+++ b/ansible-builder/context/.gitignore
@@ -0,0 +1 @@
+/_build/
diff --git a/ansible-builder/context/_build/bindep.txt b/ansible-builder/context/_build/bindep.txt
deleted file mode 100644
index db1a0d7..0000000
--- a/ansible-builder/context/_build/bindep.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-python38-devel [platform:rpm compile]
-subversion [platform:rpm]
-subversion [platform:dpkg]
-git-lfs [platform:rpm]
diff --git a/ansible-builder/context/_build/requirements.txt b/ansible-builder/context/_build/requirements.txt
deleted file mode 100644
index 57ba1cb..0000000
--- a/ansible-builder/context/_build/requirements.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-hcloud
-urllib3
-jmespath
-git+https://github.com/ansible/ansible-builder.git@devel#egg=ansible-builder
\ No newline at end of file
diff --git a/ansible-builder/context/_build/requirements.yml b/ansible-builder/context/_build/requirements.yml
deleted file mode 100644
index 234a25e..0000000
--- a/ansible-builder/context/_build/requirements.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-collections:
- - ansible.posix
- - hetzner.hcloud
- - community.general
- - community.mysql
diff --git a/ansible-builder/execution-environment.yml b/ansible-builder/execution-environment.yml
index b72f09d..ed47ce0 100644
--- a/ansible-builder/execution-environment.yml
+++ b/ansible-builder/execution-environment.yml
@@ -1,11 +1,10 @@
---
version: 1
dependencies:
- galaxy: requirements.yml
- python: requirements.txt
+ galaxy: ../galaxy-requirements.yml
+ python: ../pip-requirements
system: bindep.txt
-
additional_build_steps:
append:
- RUN alternatives --set python /usr/bin/python3
@@ -15,4 +14,3 @@ additional_build_steps:
- CMD /run.sh
- USER 1000
- RUN git lfs install
-
diff --git a/ansible-builder/requirements.txt b/ansible-builder/requirements.txt
deleted file mode 100644
index 57ba1cb..0000000
--- a/ansible-builder/requirements.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-hcloud
-urllib3
-jmespath
-git+https://github.com/ansible/ansible-builder.git@devel#egg=ansible-builder
\ No newline at end of file
diff --git a/ansible-builder/requirements.yml b/ansible-builder/requirements.yml
deleted file mode 100644
index 234a25e..0000000
--- a/ansible-builder/requirements.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-collections:
- - ansible.posix
- - hetzner.hcloud
- - community.general
- - community.mysql
diff --git a/create-database-backup.yml b/create-database-backup.yml
index a3107e1..4aa022e 100644
--- a/create-database-backup.yml
+++ b/create-database-backup.yml
@@ -3,7 +3,7 @@
# creates database backup
# - postgres
# - executed on stage specific server: {{ stage }}-postgres-01
-# - creates database backup for specifix database
+# - creates database backup for specific database
# Parameters:
# playbook inventory
@@ -23,8 +23,8 @@
#############################################################
- hosts: localhost
- gather_facts: false
connection: local
+ gather_facts: false
pre_tasks:
- name: "Check if ansible version is at least 2.10.x"
@@ -34,8 +34,11 @@
- ansible_version.minor >= 10
msg: "The ansible version has to be at least ({{ ansible_version.full }})"
- - set_fact:
+ - name: "Parsing cluster_services_str into cluster_services"
+ set_fact:
cluster_services: "{{ cluster_services_str | split(',') }}"
+ tags:
+ - always
tasks:
- name: "Add postgres servers to hosts if necessary"
@@ -57,42 +60,25 @@
remote_user: root
vars:
ansible_ssh_host: "{{ stage_server_domain }}"
+ postgres_backup_state: dump
roles:
- role: connect-postgres
- vars:
- database_create: False
- database_backup: True
when: "'connect' in group_names"
- role: gitea-postgres
- vars:
- database_create: False
- database_backup: True
when: "'gitea' in group_names"
- role: keycloak-postgres
- vars:
- database_create: False
- database_backup: True
when: "'keycloak' in group_names"
- role: webdav-postgres
- vars:
- database_create: False
- database_backup: True
when: "'webdav' in group_names"
- role: workflow-index-postgres
- vars:
- database_create: False
- database_backup: True
when: "'workflow_index' in group_names"
- role: workflow-proxy-postgres
- vars:
- database_create: False
- database_backup: True
when: "'workflow_proxy' in group_names"
#############################################################
diff --git a/create-service.yml b/create-service.yml
index 0c13752..dd0cf16 100644
--- a/create-service.yml
+++ b/create-service.yml
@@ -44,20 +44,7 @@
changed_when: False
# with_sequence: start=1 end={{ cluster_count | default(1) }}
with_items: "{{ cluster_services }}"
- when: item in ['connect']
-
- - name: Add hosts
- add_host:
- name: "{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-01"
-# name: "{{ stage }}-{{ tenant_id }}-{{ cluster_name }}-{{ '%02d' | format(item|int) }}"
- groups:
- - "stage_{{ stage }}"
- - "{{ cluster_service }}"
- - "{{ item }}"
- changed_when: False
-# with_sequence: start=1 end={{ cluster_count | default(1) }}
- with_items: "{{ cluster_services }}"
- when: item in ['connect_wordpress']
+ when: item in ['connect', 'connect_wordpress']
#############################################################
# Setup services for created inventory
diff --git a/galaxy-requirements.yml b/galaxy-requirements.yml
index 828e6db..59954e7 100644
--- a/galaxy-requirements.yml
+++ b/galaxy-requirements.yml
@@ -10,3 +10,4 @@ collections:
- name: community.general
- name: kubernetes.core
- name: community.mysql
+- name: community.postgresql
diff --git a/restore-database-backup.yml b/restore-database-backup.yml
index 98ec9f3..ae8909c 100644
--- a/restore-database-backup.yml
+++ b/restore-database-backup.yml
@@ -23,8 +23,8 @@
#############################################################
- hosts: localhost
- gather_facts: false
connection: local
+ gather_facts: false
pre_tasks:
- name: "Check if ansible version is at least 2.10.x"
@@ -34,8 +34,11 @@
- ansible_version.minor >= 10
msg: "The ansible version has to be at least ({{ ansible_version.full }})"
- - set_fact:
+ - name: "Parsing cluster_services_str into cluster_services"
+ set_fact:
cluster_services: "{{ cluster_services_str | split(',') }}"
+ tags:
+ - always
tasks:
- name: "Add postgres servers to hosts if necessary"
@@ -57,48 +60,25 @@
remote_user: root
vars:
ansible_ssh_host: "{{ stage_server_domain }}"
+ postgres_backup_state: restore
roles:
- role: connect-postgres
- vars:
- database_create: False
- database_backup: False
- database_restore: True
when: "'connect' in group_names"
- role: gitea-postgres
- vars:
- database_create: False
- database_backup: False
- database_restore: True
when: "'gitea' in group_names"
- role: keycloak-postgres
- vars:
- database_create: False
- database_backup: False
- database_restore: True
when: "'keycloak' in group_names"
- role: webdav-postgres
- vars:
- database_create: False
- database_backup: False
- database_restore: True
when: "'webdav' in group_names"
- role: workflow-index-postgres
- vars:
- database_create: False
- database_backup: False
- database_restore: True
when: "'workflow_index' in group_names"
- role: workflow-proxy-postgres
- vars:
- database_create: False
- database_backup: False
- database_restore: True
when: "'workflow_proxy' in group_names"
#############################################################
diff --git a/roles/awx/defaults/main.yml b/roles/awx/defaults/main.yml
index 41d3b1a..eeb6392 100644
--- a/roles/awx/defaults/main.yml
+++ b/roles/awx/defaults/main.yml
@@ -23,3 +23,17 @@ kubernetes_awx_service_targetPort: "80"
awx_ansible_username: "ansible"
awx_ansible_password: "ansible"
+
+awx_job_templates:
+ - name: "create-database"
+ - name: "create-database-backup"
+ - name: "create-realm"
+ - name: "create-server"
+ - name: "create-service"
+ - name: "import-database"
+ - name: "remove-database"
+ - name: "remove-realm"
+ - name: "remove-server"
+ - name: "remove-service"
+ - name: "restore-database-backup"
+ - name: "update-monitoring"
diff --git a/roles/awx/tasks/awx-config-job-template.yml b/roles/awx/tasks/awx-config-job-template.yml
index 59ba1d5..a46f423 100644
--- a/roles/awx/tasks/awx-config-job-template.yml
+++ b/roles/awx/tasks/awx-config-job-template.yml
@@ -69,7 +69,7 @@
- awx_config
- include_tasks: awx-config-job-template-credential.yml
- loop: "{{ job.credentials }}"
+ loop: "{{ job_templates_credentials }}"
loop_control:
loop_var: awx_credential_id
when: awx_job_template_id is defined
diff --git a/roles/awx/tasks/awx-config.yml b/roles/awx/tasks/awx-config.yml
index ad79e0a..dbd7dd3 100644
--- a/roles/awx/tasks/awx-config.yml
+++ b/roles/awx/tasks/awx-config.yml
@@ -601,67 +601,7 @@
- name: "Create job templates"
include_tasks: awx-config-job-template.yml
- loop:
- - {
- name: "create-database",
- #description: "create-database",
- #playbook_file: "create-database.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "create-realm",
- #description: "create-realm",
- #playbook_file: "create-realm.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "create-server",
- #description: "create-server",
- #playbook_file: "create-server.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "create-service",
- #description: "create-service",
- #playbook_file: "create-service.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "import-database",
- #description: "import-database",
- #playbook_file: "import-database.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "remove-database",
- #description: "remove-database",
- #playbook_file: "remove-database.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "remove-realm",
- #description: "remove-realm",
- #playbook_file: "remove-realm.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "remove-server",
- #description: "remove-server",
- #playbook_file: "remove-server.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "remove-service",
- #description: "remove-service",
- #playbook_file: "remove-service.yml",
- credentials: "{{ job_templates_credentials }}"
- }
- - {
- name: "update-monitoring",
- #description: "update-monitoring",
- #playbook_file: "update-monitoring.yml",
- credentials: "{{ job_templates_credentials }}"
- }
+ loop: "{{ awx_job_templates | flatten(levels=1) }}"
loop_control:
loop_var: job
tags:
diff --git a/roles/connect-postgres/defaults/main.yml b/roles/connect-postgres/defaults/main.yml
index 2ad8c06..2f51301 100644
--- a/roles/connect-postgres/defaults/main.yml
+++ b/roles/connect-postgres/defaults/main.yml
@@ -4,7 +4,3 @@ postgres_acls:
- name: "{{ connect_postgres_database }}"
password: "{{ connect_postgres_password }}"
trusted_cidr_entry: "{{ shared_service_network }}"
-
-database_create: True
-database_backup: False
-database_restore: False
diff --git a/roles/connect-postgres/tasks/main.yml b/roles/connect-postgres/tasks/main.yml
index f766ee4..0ee5085 100644
--- a/roles/connect-postgres/tasks/main.yml
+++ b/roles/connect-postgres/tasks/main.yml
@@ -8,18 +8,12 @@
name: postgres
tasks_from: _postgres-acls
when:
- - database_create
+ - postgres_backup_state is not defined
-- name: "Create postgres backup"
+- name: "Creating/restoring postgres backup"
include_role:
name: postgres
- tasks_from: _create-backup
+ tasks_from: _postgres-backups.yml
when:
- - database_backup
-
-- name: "Restore postgres backup"
- include_role:
- name: postgres
- tasks_from: _restore-backup
- when:
- - database_restore
+ - postgres_backup_state is defined
+ - postgres_backup_state in ['dump', 'restore']
diff --git a/roles/gitea-postgres/tasks/main.yml b/roles/gitea-postgres/tasks/main.yml
index f766ee4..0ee5085 100644
--- a/roles/gitea-postgres/tasks/main.yml
+++ b/roles/gitea-postgres/tasks/main.yml
@@ -8,18 +8,12 @@
name: postgres
tasks_from: _postgres-acls
when:
- - database_create
+ - postgres_backup_state is not defined
-- name: "Create postgres backup"
+- name: "Creating/restoring postgres backup"
include_role:
name: postgres
- tasks_from: _create-backup
+ tasks_from: _postgres-backups.yml
when:
- - database_backup
-
-- name: "Restore postgres backup"
- include_role:
- name: postgres
- tasks_from: _restore-backup
- when:
- - database_restore
+ - postgres_backup_state is defined
+ - postgres_backup_state in ['dump', 'restore']
diff --git a/roles/keycloak-postgres/tasks/main.yml b/roles/keycloak-postgres/tasks/main.yml
index f766ee4..6499c5f 100644
--- a/roles/keycloak-postgres/tasks/main.yml
+++ b/roles/keycloak-postgres/tasks/main.yml
@@ -10,16 +10,10 @@
when:
- database_create
-- name: "Create postgres backup"
+- name: "Creating/restoring postgres backup"
include_role:
name: postgres
- tasks_from: _create-backup
+ tasks_from: _postgres-backups.yml
when:
- - database_backup
-
-- name: "Restore postgres backup"
- include_role:
- name: postgres
- tasks_from: _restore-backup
- when:
- - database_restore
+ - postgres_backup_state is defined
+ - postgres_backup_state in ['dump', 'restore']
diff --git a/roles/postgres/defaults/main.yml b/roles/postgres/defaults/main.yml
index a307aa4..b2b50be 100644
--- a/roles/postgres/defaults/main.yml
+++ b/roles/postgres/defaults/main.yml
@@ -1,15 +1,19 @@
---
default_postgres_version: 13
-default_postgres_target_distribution: focal-pgdg # (bionic-pgdg, bullseye-pgdg, buster-pgdg,
- # focal-pgdg, groovy-pgdg, hirsute-pgdg,
- # sid-pgdg, stretch-pgdg, xenial-pgdg)
+# distributions:
+# bionic-pgdg
+# bullseye-pgdg
+# buster-pgdg
+# focal-pgdg
+# groovy-pgdg
+# hirsute-pgdg
+# sid-pgdg
+# stretch-pgdg
+# xenial-pgdg
+default_postgres_target_distribution: focal-pgdg
default_max_connections: 1000
default_shared_buffers: 256MB
-postgres_listen_addresses: "listen_addresses = 'localhost,{{ stage_private_server_ip }}'"
-
database_state: present
-database_create: True
-database_backup: False
-database_restore: False
+postgres_listen_addresses: "listen_addresses = 'localhost,{{ stage_private_server_ip }}'"
\ No newline at end of file
diff --git a/roles/postgres/tasks/_create-backup.yml b/roles/postgres/tasks/_create-backup.yml
deleted file mode 100644
index 2de157f..0000000
--- a/roles/postgres/tasks/_create-backup.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- set_fact:
- backup_path: "/backups"
-
-- name: "Create backup directory"
- file:
- path: "{{ backup_path }}"
- state: directory
- owner: "postgres"
- group: "postgres"
-
-- name: "Creating backup ${dbname}__{{ custom_backup_name }}.sql ..."
- become: true
- become_user: postgres
- postgresql_db:
- name: "{{ item.name }}"
- state: dump
- target: "{{ backup_path }}/{{ item.name }}__{{ custom_backup_name }}.sql"
- loop: "{{ postgres_acls }}"
diff --git a/roles/postgres/tasks/_postgres-backups.yml b/roles/postgres/tasks/_postgres-backups.yml
new file mode 100644
index 0000000..b387b98
--- /dev/null
+++ b/roles/postgres/tasks/_postgres-backups.yml
@@ -0,0 +1,16 @@
+---
+- name: "Creating backup directory <{{ backup_directory }}>"
+ ansible.builtin.file:
+ path: "{{ backup_directory }}"
+ state: directory
+ owner: "postgres"
+ group: "postgres"
+
+- name: "Handle backup state <{{ postgres_backup_state }}> with suffix <{{ custom_backup_name }}>"
+ community.postgresql.postgresql_db:
+ name: "{{ item.name }}"
+ state: "{{ postgres_backup_state }}"
+ target: "{{ backup_directory }}/{{ item.name }}__{{ custom_backup_name }}.sql.gz"
+ loop: "{{ postgres_acls }}"
+ become_user: postgres
+ become: true
diff --git a/roles/postgres/tasks/_restore-backup.yml b/roles/postgres/tasks/_restore-backup.yml
deleted file mode 100644
index 421c08c..0000000
--- a/roles/postgres/tasks/_restore-backup.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: "Restoring backup ${dbname}__{{ custom_backup_name }}.sql ..."
- become: true
- become_user: postgres
- postgresql_db:
- name: "{{ item.name }}"
- state: restore
- target: "{{ backup_directory }}/{{ item.name }}__{{ custom_backup_name }}.sql"
- loop: "{{ postgres_acls }}"
diff --git a/roles/postgres/tasks/base-requirements.yml b/roles/postgres/tasks/base-requirements.yml
index 0d1c89c..33b59b6 100644
--- a/roles/postgres/tasks/base-requirements.yml
+++ b/roles/postgres/tasks/base-requirements.yml
@@ -69,15 +69,7 @@
group: postgres
mode: "g+s"
-- name: "Creating backups directory if necessary"
- file:
- state: directory
- path: /backups
- owner: postgres
- group: postgres
- mode: "g+s"
-
-- name: "Install prometheus postgres exporter .."
+- name: "Install prometheus postgres exporter..."
apt:
name: "prometheus-postgres-exporter"
update_cache: yes
diff --git a/roles/postgres/tasks/base-requirements_backup.yml b/roles/postgres/tasks/base-requirements_backup.yml
index 90f8be6..fab2ae6 100644
--- a/roles/postgres/tasks/base-requirements_backup.yml
+++ b/roles/postgres/tasks/base-requirements_backup.yml
@@ -1,7 +1,5 @@
---
-- name: creating some hcloud volumes for backup purpose
- delegate_to: localhost
- become: false
+- name: "Creating some hcloud volumes for backup purpose"
hcloud_volume:
api_token: "{{ hetzner_authentication_token }}"
name: "postgres-backup--{{ inventory_hostname }}--vol{{ item }}"
@@ -14,14 +12,16 @@
delete_protection: yes
loop: "{{ range(1,2) | list }}"
register: created_volume
-
-- name: getting all hcloud volumes for
delegate_to: localhost
become: false
+
+- name: "Getting all hcloud volumes for"
hcloud_volume_info:
api_token: "{{ hetzner_authentication_token }}"
label_selector: "stage={{ stage }},used_for={{ inventory_hostname }}"
register: hcloud_volumes_found
+ delegate_to: localhost
+ become: false
- set_fact:
pvs: "{{ hcloud_volumes_found.hcloud_volume_info | json_query(jmesquery) }}"
@@ -30,14 +30,14 @@
vars:
jmesquery: "[*].linux_device"
-- name: Create a volume group on top of all found hcloud volumes
+- name: "Creating a volume group on top of all found hcloud volumes"
community.general.lvg:
vg: "{{ vg_name }}"
pvs: "{{ pvs }}"
pvresize: yes
register: create_vg
-- name: Create logical volume
+- name: "Create logical volume"
community.general.lvol:
vg: "{{ vg_name }}"
lv: "{{ lv_name }}"
@@ -45,12 +45,12 @@
when:
- create_vg.changed
-- name: format volume
+- name: "Format volume"
filesystem:
fstype: ext4
dev: "/dev/{{ vg_name }}/{{ lv_name }}"
-- name: mount created LVM volume
+- name: "Mount created LVM volume"
mount:
path: "{{ backup_directory }}"
src: "/dev/{{ vg_name }}/{{ lv_name }}"
diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml
index 4c1253f..1b0d3a7 100644
--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -20,19 +20,3 @@
- name: Include Slave Requirements
include_tasks: slave-requirements.yml
when: server_type == "slave"
- when:
- - database_create
-
-- name: "Create postgres backup"
- include_role:
- name: postgres
- tasks_from: _create-backup
- when:
- - database_backup
-
-- name: "Restore postgres backup"
- include_role:
- name: postgres
- tasks_from: _restore-backup
- when:
- - database_restore
diff --git a/roles/postgres/tasks/slave-requirements.yml b/roles/postgres/tasks/slave-requirements.yml
index 2bda592..7122774 100644
--- a/roles/postgres/tasks/slave-requirements.yml
+++ b/roles/postgres/tasks/slave-requirements.yml
@@ -37,14 +37,6 @@
state: mounted
fstype: nfs
-# - name: Mount backup NFS volume
-# ansible.posix.mount:
-# src: db-backups:/backups
-# path: /backups
-# opts: "rw,bg,hard,nfsvers=4.2,x-systemd.automount,x-systemd.requires=network-online.target,x-systemd.device-timeout=60 0 0"
-# state: mounted
-# fstype: nfs
-
- name: Stop postgres on slave
service:
name: postgresql
diff --git a/roles/webdav-postgres/tasks/main.yml b/roles/webdav-postgres/tasks/main.yml
index 329b98b..f962a8f 100644
--- a/roles/webdav-postgres/tasks/main.yml
+++ b/roles/webdav-postgres/tasks/main.yml
@@ -7,18 +7,12 @@
name: postgres
tasks_from: _postgres-acls
when:
- - database_create
+ - postgres_backup_state is not defined
-- name: "Create postgres backup"
+- name: "Creating/restoring postgres backup"
include_role:
name: postgres
- tasks_from: _create-backup
+ tasks_from: _postgres-backups.yml
when:
- - database_backup
-
-- name: "Restore postgres backup"
- include_role:
- name: postgres
- tasks_from: _restore-backup
- when:
- - database_restore
+ - postgres_backup_state is defined
+ - postgres_backup_state in ['dump', 'restore']
diff --git a/roles/workflow-index-postgres/tasks/main.yml b/roles/workflow-index-postgres/tasks/main.yml
index 453d894..12e441b 100644
--- a/roles/workflow-index-postgres/tasks/main.yml
+++ b/roles/workflow-index-postgres/tasks/main.yml
@@ -8,18 +8,12 @@
name: postgres
tasks_from: _postgres-acls
when:
- - database_create
+ - postgres_backup_state is not defined
-- name: "Create postgres backup"
+- name: "Creating/restoring postgres backup"
include_role:
name: postgres
- tasks_from: _create-backup
+ tasks_from: _postgres-backups.yml
when:
- - database_backup
-
-- name: "Restore postgres backup"
- include_role:
- name: postgres
- tasks_from: _restore-backup
- when:
- - database_restore
+ - postgres_backup_state is defined
+ - postgres_backup_state in ['dump', 'restore']
diff --git a/roles/workflow-proxy-postgres/tasks/main.yml b/roles/workflow-proxy-postgres/tasks/main.yml
index 453d894..12e441b 100644
--- a/roles/workflow-proxy-postgres/tasks/main.yml
+++ b/roles/workflow-proxy-postgres/tasks/main.yml
@@ -8,18 +8,12 @@
name: postgres
tasks_from: _postgres-acls
when:
- - database_create
+ - postgres_backup_state is not defined
-- name: "Create postgres backup"
+- name: "Creating/restoring postgres backup"
include_role:
name: postgres
- tasks_from: _create-backup
+ tasks_from: _postgres-backups.yml
when:
- - database_backup
-
-- name: "Restore postgres backup"
- include_role:
- name: postgres
- tasks_from: _restore-backup
- when:
- - database_restore
+ - postgres_backup_state is defined
+ - postgres_backup_state in ['dump', 'restore']
diff --git a/smardigo/provisioning/process-search/simple-connect.json b/smardigo/provisioning/process-search/simple-connect.json
index 27d7c4e..d36680f 100644
--- a/smardigo/provisioning/process-search/simple-connect.json
+++ b/smardigo/provisioning/process-search/simple-connect.json
@@ -50,9 +50,15 @@
}, {
"value" : "Service wird gestartet",
"style" : "traffic-light-yellow"
+ }, {
+ "value" : "Service wird aktualisiert",
+ "style" : "traffic-light-yellow"
}, {
"value" : "Service gestartet",
"style" : "traffic-light-green"
+ }, {
+ "value" : "Antrag abgebrochen",
+ "style" : "traffic-light-red"
}, {
"value" : "Service gelöscht",
"style" : "traffic-light-red"
diff --git a/smardigo/provisioning/process/simple-connect.bpmn b/smardigo/provisioning/process/simple-connect.bpmn
index bd45501..622e8d5 100644
--- a/smardigo/provisioning/process/simple-connect.bpmn
+++ b/smardigo/provisioning/process/simple-connect.bpmn
@@ -7,19 +7,6 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -83,9 +70,13 @@
+
+
+ wordpress_portal.sql.gz
+
+
${progress_current + 1}
-
Flow_11k5c1y
Flow_1u7vy0j
@@ -124,9 +115,6 @@
Flow_0xsem7d
-
-
-
Flow_1rtcnw8
@@ -190,24 +178,6 @@
Flow_1rtcnw8
Flow_0btq5mg
-
-
-
- ${$action == 'senden'}
-
-
-
-
-
-
-
-
-
- ${$action == 'abbrechen'}
-
-
-
-
Flow_0ex5zxa
Flow_0zcb7z2
@@ -235,78 +205,6 @@
Flow_1qghkm9
Flow_0l2gvw9
-
- Flow_0zcb7z2
- Flow_052tizj
-
- Flow_1xk6340
-
-
-
-
- ${tenant.id}
-
-
- Flow_1xk6340
- Flow_18sqo48
-
-
-
-
-
- import de.tolina.connect.common.variable.Variables
-def authenticatedUserId = users.currentUserId()
-Variables.userId(authenticatedUserId)
-
-
-
- Flow_18sqo48
- Flow_0cqe2bp
- Flow_0xvqt4u
-
-
- Flow_0xvqt4u
- Flow_1j32s69
-
-
- Flow_1j32s69
- Flow_0cqe2bp
- Flow_1az29g1
-
-
- Flow_1az29g1
- Flow_0135fm5
- Flow_0tivdau
-
-
-
- ${$action == 'abbrechen'}
-
-
-
-
- ${$action == 'speichern'}
-
-
-
- Flow_0135fm5
-
-
- ${antrag_decission== 'antragGenehmigen'}
-
-
-
-
- ${92}
- Antrag abgebrochen
-
-
- Flow_0tivdau
-
-
- ${antrag_decission== 'antragAblehnen'}
-
-
Flow_1n08t19
@@ -314,64 +212,10 @@ Variables.userId(authenticatedUserId)
Flow_09j614s
-
- Flow_0l2gvw9
- Flow_14pzxys
-
- Flow_0oy4ldu
-
-
- Flow_0oy4ldu
- Flow_0wzmz4j
-
-
-
- Flow_0wzmz4j
-
-
-
-
Flow_19oh3q2
Flow_0qhadmy
-
- Flow_0qhadmy
-
- ${vorgang_status == 92}
-
-
-
- Flow_19oh3q2
-
- ${vorgang_status == 30}
-
-
-
- Flow_09j614s
-
- ${vorgang_status == 92}
-
-
-
- Flow_1n08t19
-
- ${vorgang_status == 30}
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -392,24 +236,6 @@ Variables.userId(authenticatedUserId)
Flow_0bzl5jh
Flow_11ki58f
-
- Flow_090j3ro
- Flow_0fyo5ev
- Flow_0oafsaw
-
-
- Flow_0mfrm68
-
-
-
-
- ${60}
- Service wird gelöscht
-
-
- Flow_0fyo5ev
- Flow_14gp1tg
-
@@ -417,7 +243,7 @@ Variables.userId(authenticatedUserId)
${6}
- Flow_14gp1tg
+ Flow_1hoe8au
Flow_04gf2u4
@@ -472,93 +298,162 @@ Variables.userId(authenticatedUserId)
Flow_14qi17c
Flow_0utt18n
-
-
-
-
-
-
-
-
+
-
-
-
+
+
+
+ ${progress_current + 1}
+
- Flow_0oafsaw
- Flow_0mfrm68
+ Flow_1u7vy0j
+ Flow_0n5twpx
-
+
-
- import de.tolina.connect.common.variable.Variables
-def authenticatedUserId = users.currentUserId()
-Variables.userId(authenticatedUserId)
-
+ ${50}
+ Service gestartet
- Flow_0yh3rtc
- Flow_090j3ro
-
-
- Flow_1c2a31w
-
- Flow_0j5ui0o
+ Flow_0n5twpx
+ Flow_15fkmn4
+
+
+ Flow_13do7kt
+
+
+
+
+
+ ${70}
+ Service gelöscht
+
+
+ Flow_17g4mcr
+ Flow_13do7kt
+
+
+
+
+
+
+
+
+ ${progress_current + 1}
+
+
+ Flow_0kli6wa
+ Flow_17g4mcr
+
+
+ Flow_0zcb7z2
+ Flow_052tizj
+
+ Flow_1xk6340
-
+
-
-
-
-
- ${5}
+ ${tenant.id}
- Flow_1d2gl8q
- Flow_1c6reic
-
-
+ Flow_1xk6340
+ Flow_18sqo48
+
+
-
-
-
-
- ${2}
+
+ import de.tolina.connect.common.variable.Variables
+def authenticatedUserId = users.currentUserId()
+Variables.userId(authenticatedUserId)
+
- Flow_07sf9z8
- Flow_0dc3zbr
-
-
+ Flow_18sqo48
+ Flow_0cqe2bp
+ Flow_0xvqt4u
+
+
+ Flow_0xvqt4u
+ Flow_1j32s69
+
+
+ Flow_1j32s69
+ Flow_0cqe2bp
+ Flow_1az29g1
+
+
+ Flow_1az29g1
+ Flow_0135fm5
+ Flow_0tivdau
+
+
+
+ ${$action == 'abbrechen'}
+
+
+
+
+ ${$action == 'speichern'}
+
+
+
+ Flow_0135fm5
+
+
+ ${antrag_decission== 'antragGenehmigen'}
+
+
-
-
-
-
- ${3}
+ ${92}
+ Antrag abgebrochen
- Flow_0dc3zbr
- Flow_1leflml
-
-
+ Flow_0tivdau
+
+
+ ${antrag_decission== 'antragAblehnen'}
+
+
+
+ Flow_0l2gvw9
+ Flow_14pzxys
+
+ Flow_0oy4ldu
+
+
+ Flow_0oy4ldu
+ Flow_0wzmz4j
+
+
+
+ Flow_0wzmz4j
+
+
+
+
+
+ Flow_1c2a31w
+
+ Flow_0j5ui0o
+
+
-
-
+
+
- ${4}
+ ${5}
- Flow_1leflml
- Flow_1d2gl8q
+ Flow_07sf9z8
+ Flow_1c6reic
@@ -568,7 +463,7 @@ Variables.userId(authenticatedUserId)
Flow_1mklq12
- Flow_17gszoo
+ Flow_1qzrr09
@@ -577,7 +472,7 @@ Variables.userId(authenticatedUserId)
${6}
- Flow_18y954i
+ Flow_0r057gs
Flow_07sf9z8
@@ -587,22 +482,18 @@ Variables.userId(authenticatedUserId)
Service wird aktualisiert
- Flow_1lt30rz
+ Flow_1lbjdee
Flow_18y954i
- Flow_17gszoo
Flow_0j5ui0o
+ Flow_1yyd3eu
Flow_1lt30rz
-
-
-
-
-
-
-
+
+
+
@@ -618,108 +509,322 @@ Variables.userId(authenticatedUserId)
Flow_1mklq12
-
-
-
-
-
- Shared Service
-Server bei Hetzner erstellen
-
-- Provisioning
-- Domain (Administration)
-- Networks
-- (Monitoring)
-- (Logging)
-
-
- Shared Service
-Datenbanken erstellen
-
-- connect-postgres
-- ?connect-wordpress-maria
-- (Credentials in Vorgang ablegen)
-
-
- Shared Service
-Keycloak Realm mit Administrator Account
-
-- Neuer Nutzer (connect-admin)
-- Neuer Nutzer (connect-realm-admin)
-- (Emailadresse des Erstellers)
-- (Automatisch generiertes PW)
-- (PW per EMail an Administrator)
-
-
- Service auf Server installieren
-
-- Domain (Services)
-- connect
-- ?connect-wordpress
-
+
+
+
+ ${42}
+ Datenbanken werden gesichert
+
+
+ Flow_0obgxao
+ Flow_0k8emzg
+
+
+
+
+ ${1}
+ ${2}
+
+
+ Flow_0nhy074
+ Flow_1pt1vey
+
+
+
+
+ ${50}
+ Service gestartet
+
+
+ Flow_0pukv52
+ Flow_1tj0uqy
+
+
+
+
+
+
+
+ ${$action=='sichern'}
+
+
+
+
+
+
+
+
+
+
+
+
+ backup
+
+
+ ${progress_current + 1}
+
+
+ Flow_1pt1vey
+ Flow_0pukv52
+
+
+
+ Flow_1lt30rz
+ Flow_1lbjdee
+ Flow_0obgxao
+ Flow_15yi07j
+
+
+
+
+
+
+
+ ${$action=='aktualisieren'}
+
+
+
+
+
+
+
+
+
+ Flow_18y954i
+ Flow_0r057gs
+
+
+
+
+
+
+
+
+
+
+ Flow_0k8emzg
+ Flow_0nhy074
+
+
+
+ Flow_1bdsym1
+
+
+
+
+ Flow_1qzrr09
+ Flow_1tj0uqy
+ Flow_1rv440f
+ Flow_1bdsym1
+
+
+
+
+
+
+ ${43}
+ Datenbanken werden wiederhergestellt
+
+
+ Flow_15yi07j
+ Flow_0yusy35
+
+
+
+
+ ${1}
+ ${2}
+
+
+ Flow_1c39717
+ Flow_09id3fl
+
+
+
+
+ ${50}
+ Service gestartet
+
+
+ Flow_1xmeor7
+ Flow_1rv440f
+
+
+
+
+
+
+
+
+
+ Flow_0yusy35
+ Flow_1c39717
+
+
+
+
+
+
+
+
+
+
+ ${$action=='wiederherstellen'}
+
+
+
+ Flow_1yyd3eu
+
+
+
+
+
+
+
+
+
+
+
+
+ backup
+
+
+ ${progress_current + 1}
+
+
+ Flow_09id3fl
+ Flow_1xmeor7
+
+
+
+ Flow_1n08t19
+
+ ${vorgang_status == 30}
+
+
+
+ Flow_09j614s
+
+ ${vorgang_status == 92}
+
+
+
+ Flow_19oh3q2
+
+ ${vorgang_status == 30}
+
+
+
+ Flow_0qhadmy
+
+ ${vorgang_status == 92}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ${$action == 'abbrechen'}
+
+
+ ${$action == 'senden'}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ import de.tolina.connect.common.variable.Variables
+def authenticatedUserId = users.currentUserId()
+Variables.userId(authenticatedUserId)
+
+
+
+ Flow_0yh3rtc
+ Flow_090j3ro
+
+
+
+
Flow_15fkmn4
Flow_0yh3rtc
Flow_1c2a31w
-
+
-
-
-
-
-
- ${progress_current + 1}
-
-
- Flow_1u7vy0j
- Flow_0n5twpx
-
-
-
-
-
- ${50}
- Service gestartet
-
+
+
+
- Flow_0n5twpx
- Flow_15fkmn4
-
-
- Flow_13do7kt
-
-
-
+
+
- ${70}
- Service gelöscht
+ ${60}
+ Service wird gelöscht
- Flow_17g4mcr
- Flow_13do7kt
+ Flow_090j3ro
+ Flow_14gp1tg
-
-
+
-
-
-
- ${progress_current + 1}
-
+
+
+
- Flow_0kli6wa
- Flow_17g4mcr
+ Flow_14gp1tg
+ Flow_1hoe8au
-
+
Flow_019b5ec
-
Flow_019b5ec
@@ -761,10 +866,6 @@ Datenbanken erstellen
- connect
- ?connect-wordpress
-
-
-
-
Service auf Server deinstallieren
@@ -793,10 +894,14 @@ Server bei Hetzner löschen
- Provisioning
-
+
+
+
+
+
@@ -807,14 +912,6 @@ Server bei Hetzner löschen
-
-
-
-
-
-
-
-
Flow_1ow8whd
@@ -881,11 +978,17 @@ Server bei Hetzner löschen
Flow_1ju13h8
+
+
+
+
+
+
+
+
-
-
-
+
Flow_1nu8qqa
@@ -904,765 +1007,843 @@ Server bei Hetzner löschen
Flow_127qqnb
+
+
-
+
-
-
-
-
-
-
-
-
-
-
-
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
-
+
+
+
-
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
+
-
-
-
+
+
+
-
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
+
-
-
-
-
-
-
+
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
-
-
+
+
-
+
-
-
+
+
-
+
-
-
+
+
-
-
+
+
-
+
-
-
+
+
-
-
+
+
-
+
-
-
-
-
+
+
+
+
-
+
-
-
+
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
-
-
-
-
-
-
-
-
-
+
-
+
-
+
-
-
+
+
-
-
+
+
-
+
-
+
-
+
-
+
-
-
+
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
-
-
+
+
-
-
-
-
-
-
+
+
-
+
+
+
+
+
+
+
+
+
+
-
-
+
+
-
-
+
+
+
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
+
-
-
+
+
-
-
+
+
-
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
-
-
+
+
+
+
+
-
-
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
-
-
+
+
-
-
+
+
-
+
-
-
+
+
-
-
+
+
-
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
-
+
+
-
+
-
-
+
+
-
+
-
-
+
+
-
+
-
-
+
+
-
+
-
-
+
+
-
+
-
-
-
-
-
-
-
-
-
-
+
+
-
-
+
+
-
-
-
+
+
+
+
+
+
+
-
-
+
+
-
-
+
+
-
-
+
+
+
+
+
+
-
+
-
-
-
-
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
+
+
+
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
-
-
-
-
-
+
+
+
+
+
+
-
+
-
+
-
+
diff --git a/smardigo/provisioning/script/ansible-start.groovy b/smardigo/provisioning/script/ansible-start.groovy
index 766d193..8d467a8 100644
--- a/smardigo/provisioning/script/ansible-start.groovy
+++ b/smardigo/provisioning/script/ansible-start.groovy
@@ -9,9 +9,11 @@ def env = [
stage: cluster.stage,
current_realm_name: tenant.key,
current_realm_display_name: tenant.name,
- database_backup_file: execution.getVariable('databaseBackupFilename'),
tenant_id: tenant.key
]
+if (binding.hasVariable('extraVariables')) {
+ env << extraVariables
+}
def ansibleCommand= 'ansible-playbook ' + smardigoManagementAction + '.yml --vault-password-file ~/vault-pass'
def ansibleEnvironment= ' -e \"'
diff --git a/smardigo/provisioning/script/create-awx-paramaters.groovy b/smardigo/provisioning/script/create-awx-paramaters.groovy
index c825952..ae97f5a 100644
--- a/smardigo/provisioning/script/create-awx-paramaters.groovy
+++ b/smardigo/provisioning/script/create-awx-paramaters.groovy
@@ -1,4 +1,4 @@
-[
+def env = [
scope_id: contextScopeId,
process_instance_id: execution.getProcessInstanceId(),
smardigo_management_action: smardigoManagementAction,
@@ -9,6 +9,10 @@
stage: cluster.stage,
current_realm_name: tenant.key,
current_realm_display_name: tenant.name,
- database_backup_file: execution.getVariable('databaseBackupFilename'),
tenant_id: tenant.key
-]
\ No newline at end of file
+]
+if (binding.hasVariable('extraVariables')) {
+ env << extraVariables
+}
+
+env
\ No newline at end of file