From 8c6947163952e349f869ac80d07737f75f4336c8 Mon Sep 17 00:00:00 2001 From: "Ketelsen, Sven" Date: Tue, 24 May 2022 08:31:37 +0000 Subject: [PATCH] DEV-477 bugfix: delete wordpress database when service is deleted by portal --- create-database-backup.yml | 21 ++++++++++++++++++- create-database.yml | 12 +++++------ remove-database.yml | 19 ++++++++++++----- restore-database-backup.yml | 2 +- roles/connect/defaults/main.yml | 4 ---- roles/connect/vars/main.yml | 4 ++-- roles/connect_postgres/tasks/main.yml | 13 ++++++------ roles/connect_wordpress_maria/tasks/main.yml | 14 +++++++++++-- roles/gitea_postgres/tasks/main.yml | 13 ++++++------ roles/keycloak_postgres/tasks/main.yml | 13 ++++++------ roles/maria/defaults/main.yml | 1 + roles/maria/tasks/_create_database_backup.yml | 3 +++ ...atabase.yml => _update_database_state.yml} | 8 +++---- roles/pdns_admin_postgres/tasks/main.yml | 15 ++++++++++--- roles/pdns_postgres/tasks/main.yml | 17 ++++++++++++--- .../tasks/_create_database_backup.yml | 5 +++-- ...es-acls.yml => _update_database_state.yml} | 0 roles/webdav_postgres/tasks/main.yml | 12 +++++------ roles/workflow_index_postgres/tasks/main.yml | 13 ++++++------ roles/workflow_proxy_postgres/tasks/main.yml | 13 ++++++------ 20 files changed, 128 insertions(+), 74 deletions(-) create mode 100644 roles/maria/tasks/_create_database_backup.yml rename roles/maria/tasks/{_create_database.yml => _update_database_state.yml} (73%) rename roles/postgres/tasks/{_postgres-acls.yml => _update_database_state.yml} (100%) diff --git a/create-database-backup.yml b/create-database-backup.yml index ca412a8..6efdb65 100644 --- a/create-database-backup.yml +++ b/create-database-backup.yml @@ -54,6 +54,16 @@ with_items: "{{ cluster_features }}" when: item in ['connect', 'management_connect', 'keycloak', 'webdav', 'gitea', 'workflow_index', 'workflow_proxy', 'pdns'] + - name: "Add maria servers to hosts if necessary" + add_host: + name: "{{ stage }}-maria-01" + groups: + - "stage_{{ stage }}" + - "{{ item }}" + changed_when: False + with_items: "{{ cluster_features }}" + when: item in ['connect_wordpress'] + ############################################################# # Creating database backups for created inventory ############################################################# @@ -62,7 +72,7 @@ serial: "{{ serial_number | default(1) }}" remote_user: root vars: - postgres_backup_state: dump + database_backup_state: dump ansible_ssh_host: "{{ stage_server_domain }}" roles: @@ -75,6 +85,12 @@ - role: keycloak_postgres when: "'keycloak' in group_names" +# - role: pdns_admin_postgres +# when: "'pdns' in group_names" + +# - role: pdns_postgres +# when: "'pdns' in group_names" + - role: webdav_postgres when: "'webdav' in group_names" @@ -84,6 +100,9 @@ - role: workflow_proxy_postgres when: "'workflow_proxy' in group_names" + - role: connect_wordpress_maria + when: "'connect_wordpress' in group_names" + ############################################################# # Sending smardigo management message to process ############################################################# diff --git a/create-database.yml b/create-database.yml index 907639d..e0f5b9a 100644 --- a/create-database.yml +++ b/create-database.yml @@ -91,6 +91,12 @@ - role: connect_postgres when: "'connect' in group_names" + - role: gitea_postgres + when: "'gitea' in group_names" + + - role: keycloak_postgres + when: "'keycloak' in group_names" + - role: pdns_postgres vars: initialize: True @@ -101,12 +107,6 @@ initialize: True when: "'pdns' in group_names" - - role: gitea_postgres - when: "'gitea' in group_names" - - - role: keycloak_postgres - when: "'keycloak' in group_names" - - role: webdav_postgres when: "'webdav' in group_names" diff --git a/remove-database.yml b/remove-database.yml index 41b327e..c3b06a9 100644 --- a/remove-database.yml +++ b/remove-database.yml @@ -84,18 +84,27 @@ - role: connect_postgres when: "'connect' in group_names" - - role: pdns_admin_postgres - when: "'pdns' in group_names" - - - role: pdns_postgres - when: "'pdns' in group_names" + - role: gitea_postgres + when: "'gitea' in group_names" - role: keycloak_postgres when: "'keycloak' in group_names" +# - role: pdns_admin_postgres +# when: "'pdns' in group_names" + +# - role: pdns_postgres +# when: "'pdns' in group_names" + - role: webdav_postgres when: "'webdav' in group_names" + - role: workflow_index_postgres + when: "'workflow_index' in group_names" + + - role: workflow_proxy_postgres + when: "'workflow_proxy' in group_names" + - role: connect_wordpress_maria when: "'connect_wordpress' in group_names" diff --git a/restore-database-backup.yml b/restore-database-backup.yml index 703033b..2939891 100644 --- a/restore-database-backup.yml +++ b/restore-database-backup.yml @@ -61,7 +61,7 @@ serial: "{{ serial_number | default(1) }}" remote_user: root vars: - postgres_backup_state: restore + database_backup_state: restore ansible_ssh_host: "{{ stage_server_domain }}" roles: diff --git a/roles/connect/defaults/main.yml b/roles/connect/defaults/main.yml index 04c915b..0bc0909 100644 --- a/roles/connect/defaults/main.yml +++ b/roles/connect/defaults/main.yml @@ -2,10 +2,6 @@ connect_image_name: "{{ shared_service_harbor_hostname }}/smardigo/connect-whitelabel-app" -# TODO inject by management portal -connect_admin_username: "connect-admin" -connect_admin_password: "connect-admin" - connect_mail_host: "{{ shared_service_mail_hostname }}" connect_mail_properties_base_url: "{{ http_s }}://{{ connect_base_url }}" connect_mail_properties_base_url_extern: "{{ http_s }}://{{ connect_base_url }}" diff --git a/roles/connect/vars/main.yml b/roles/connect/vars/main.yml index 1c98703..0237e8d 100644 --- a/roles/connect/vars/main.yml +++ b/roles/connect/vars/main.yml @@ -20,8 +20,8 @@ connect_labels: [ connect_environment: [ "TENANT_ID: \"{{ connect_client_id }}\"", - "ADMIN_LOGIN: \"{{ connect_admin_username }}\"", - "ADMIN_PASSWORD: \"{{ connect_admin_password }}\"", + "ADMIN_LOGIN: \"{{ connect_admin_username | default('connect-admin') }}\"", + "ADMIN_PASSWORD: \"{{ connect_admin_password | default('connect-admin') }}\"", "SMA_JWT_ENABLED: \"{{ connect_jwt_enabled | default('false') }}\"", "SMA_JWT_SECRET: \"{{ connect_jwt_secret | default('') }}\"", "SMA_CSRF_TOKEN_NAME: \"{{ connect_csrf_token_name | default('') }}\"", diff --git a/roles/connect_postgres/tasks/main.yml b/roles/connect_postgres/tasks/main.yml index e363abd..a16ce0e 100644 --- a/roles/connect_postgres/tasks/main.yml +++ b/roles/connect_postgres/tasks/main.yml @@ -1,19 +1,18 @@ --- ### tags: -### - remove-data -- name: "Setup postgres for {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state when: - - postgres_backup_state is not defined + - database_backup_state is not defined -- name: "Creating/restoring postgres backup" +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" include_role: name: postgres tasks_from: _create_database_backup.yml when: - - postgres_backup_state is defined - - postgres_backup_state in ['dump', 'restore'] + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] diff --git a/roles/connect_wordpress_maria/tasks/main.yml b/roles/connect_wordpress_maria/tasks/main.yml index 3591485..83f4b22 100644 --- a/roles/connect_wordpress_maria/tasks/main.yml +++ b/roles/connect_wordpress_maria/tasks/main.yml @@ -2,7 +2,17 @@ ### tags: -- name: "Setup maria for {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: maria - tasks_from: _create_database + tasks_from: _update_database_state + when: + - database_backup_state is not defined + +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" + include_role: + name: maria + tasks_from: _create_database_backup.yml + when: + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] diff --git a/roles/gitea_postgres/tasks/main.yml b/roles/gitea_postgres/tasks/main.yml index e363abd..0de8b40 100644 --- a/roles/gitea_postgres/tasks/main.yml +++ b/roles/gitea_postgres/tasks/main.yml @@ -1,19 +1,18 @@ --- ### tags: -### - remove-data -- name: "Setup postgres for {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state when: - - postgres_backup_state is not defined + - database_backup_state is not defined -- name: "Creating/restoring postgres backup" +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" include_role: name: postgres tasks_from: _create_database_backup.yml when: - - postgres_backup_state is defined - - postgres_backup_state in ['dump', 'restore'] + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] diff --git a/roles/keycloak_postgres/tasks/main.yml b/roles/keycloak_postgres/tasks/main.yml index acf72a7..4a08ece 100644 --- a/roles/keycloak_postgres/tasks/main.yml +++ b/roles/keycloak_postgres/tasks/main.yml @@ -1,19 +1,18 @@ --- ### tags: -### - remove-data -- name: "Setup postgres for {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state when: - - database_create + - database_backup_state is not defined -- name: "Creating/restoring postgres backup" +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" include_role: name: postgres tasks_from: _create_database_backup.yml when: - - postgres_backup_state is defined - - postgres_backup_state in ['dump', 'restore'] + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] diff --git a/roles/maria/defaults/main.yml b/roles/maria/defaults/main.yml index 2e92403..88ec5c1 100644 --- a/roles/maria/defaults/main.yml +++ b/roles/maria/defaults/main.yml @@ -7,6 +7,7 @@ mariadb_server_config_dir: '/etc/mysql/mariadb.conf.d' my_cnf_file: '/root/.my.cnf' database_engine: maria +database_state: present backup_dest_dir: "{{ backup_directory }}/{{ database_engine }}/{{ get_current_date }}" backup_status_file: '{{ backup_dest_dir }}/backup_finished' diff --git a/roles/maria/tasks/_create_database_backup.yml b/roles/maria/tasks/_create_database_backup.yml new file mode 100644 index 0000000..4c343c9 --- /dev/null +++ b/roles/maria/tasks/_create_database_backup.yml @@ -0,0 +1,3 @@ +--- + +# TODO DEV-478 \ No newline at end of file diff --git a/roles/maria/tasks/_create_database.yml b/roles/maria/tasks/_update_database_state.yml similarity index 73% rename from roles/maria/tasks/_create_database.yml rename to roles/maria/tasks/_update_database_state.yml index c67fc13..81922b0 100644 --- a/roles/maria/tasks/_create_database.yml +++ b/roles/maria/tasks/_update_database_state.yml @@ -1,21 +1,21 @@ --- -- name: Ensure MySQL databases are present. +- name: "Ensure MySQL databases are <{{ database_state | default('present') }}>" community.mysql.mysql_db: name: "{{ item.name }}" collation: "{{ item.collation | default('utf8_general_ci') }}" encoding: "{{ item.encoding | default('utf8') }}" - state: "{{ item.state | default('present') }}" + state: "{{ database_state | default('present') }}" login_unix_socket: /var/run/mysqld/mysqld.sock login_password: "{{ mysql_root_password }}" with_items: "{{ mysql_databases }}" -- name: Ensure MySQL users are present. +- name: "Ensure MySQL users are <{{ database_state | default('present') }}>" community.mysql.mysql_user: name: "{{ item.name }}" password: "{{ item.password }}" priv: "{{ item.priv | default('*.*:USAGE') }}" - state: "{{ item.state | default('present') }}" + state: "{{ database_state | default('present') }}" append_privs: "{{ item.append_privs | default('no') }}" encrypted: "{{ item.encrypted | default('no') }}" login_unix_socket: /var/run/mysqld/mysqld.sock diff --git a/roles/pdns_admin_postgres/tasks/main.yml b/roles/pdns_admin_postgres/tasks/main.yml index 4c21e56..42c1142 100644 --- a/roles/pdns_admin_postgres/tasks/main.yml +++ b/roles/pdns_admin_postgres/tasks/main.yml @@ -1,9 +1,18 @@ --- ### tags: -### - remove-data -- name: "Setup postgres for {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state + when: + - database_backup_state is not defined + +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" + include_role: + name: postgres + tasks_from: _create_database_backup.yml + when: + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] diff --git a/roles/pdns_postgres/tasks/main.yml b/roles/pdns_postgres/tasks/main.yml index e8925e7..adab1da 100644 --- a/roles/pdns_postgres/tasks/main.yml +++ b/roles/pdns_postgres/tasks/main.yml @@ -1,18 +1,29 @@ --- ### tags: -### - remove-data -- name: "Setup postgres for {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state + when: + - database_backup_state is not defined +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" + include_role: + name: postgres + tasks_from: _create_database_backup.yml + when: + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] + +# TODO shouldn't be here? - name: "Install python3-psycopg2 if not present" apt: name: python3-psycopg2 state: present +# TODO shouldn't be here? - name: Include Create Requirements include_tasks: create-requirements.yml when: initialize diff --git a/roles/postgres/tasks/_create_database_backup.yml b/roles/postgres/tasks/_create_database_backup.yml index ba977ac..355c78a 100644 --- a/roles/postgres/tasks/_create_database_backup.yml +++ b/roles/postgres/tasks/_create_database_backup.yml @@ -1,4 +1,5 @@ --- + - name: "Creating backup directory <{{ backup_directory }}>" ansible.builtin.file: path: "{{ backup_directory }}" @@ -7,10 +8,10 @@ group: "postgres" mode: '0755' -- name: "Handle backup state <{{ postgres_backup_state }}> with suffix <{{ custom_backup_name }}>" +- name: "Handle backup state <{{ database_backup_state }}> with suffix <{{ custom_backup_name }}>" community.postgresql.postgresql_db: name: "{{ item.name }}" - state: "{{ postgres_backup_state }}" + state: "{{ database_backup_state }}" target: "{{ backup_directory }}/{{ item.name }}__{{ custom_backup_name }}.sql.gz" loop: "{{ postgres_acls }}" become_user: postgres diff --git a/roles/postgres/tasks/_postgres-acls.yml b/roles/postgres/tasks/_update_database_state.yml similarity index 100% rename from roles/postgres/tasks/_postgres-acls.yml rename to roles/postgres/tasks/_update_database_state.yml diff --git a/roles/webdav_postgres/tasks/main.yml b/roles/webdav_postgres/tasks/main.yml index c4c4c67..b2f1a39 100644 --- a/roles/webdav_postgres/tasks/main.yml +++ b/roles/webdav_postgres/tasks/main.yml @@ -2,17 +2,17 @@ ### tags: -- name: "Setup postgres for {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state when: - - postgres_backup_state is not defined + - database_backup_state is not defined -- name: "Creating/restoring postgres backup" +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" include_role: name: postgres tasks_from: _create_database_backup.yml when: - - postgres_backup_state is defined - - postgres_backup_state in ['dump', 'restore'] + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] diff --git a/roles/workflow_index_postgres/tasks/main.yml b/roles/workflow_index_postgres/tasks/main.yml index f881a88..1f56aac 100644 --- a/roles/workflow_index_postgres/tasks/main.yml +++ b/roles/workflow_index_postgres/tasks/main.yml @@ -1,19 +1,18 @@ --- ### tags: -### - remove-data -- name: "Setup postgres database on {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state when: - - postgres_backup_state is not defined + - database_backup_state is not defined -- name: "Creating/restoring postgres backup" +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" include_role: name: postgres tasks_from: _create_database_backup.yml when: - - postgres_backup_state is defined - - postgres_backup_state in ['dump', 'restore'] + - database_backup_state is defined + - database_backup_state in ['dump', 'restore'] diff --git a/roles/workflow_proxy_postgres/tasks/main.yml b/roles/workflow_proxy_postgres/tasks/main.yml index f881a88..2b49eb9 100644 --- a/roles/workflow_proxy_postgres/tasks/main.yml +++ b/roles/workflow_proxy_postgres/tasks/main.yml @@ -1,19 +1,18 @@ --- ### tags: -### - remove-data -- name: "Setup postgres database on {{ inventory_hostname }}" +- name: "Updating database on {{ inventory_hostname }}" include_role: name: postgres - tasks_from: _postgres-acls + tasks_from: _update_database_state when: - - postgres_backup_state is not defined + - database_backup_state is not defined -- name: "Creating/restoring postgres backup" +- name: "Creating/Restoring database backup on {{ inventory_hostname }}" include_role: name: postgres tasks_from: _create_database_backup.yml when: - - postgres_backup_state is defined - - postgres_backup_state in ['dump', 'restore'] + - database_backup_state is defined + - database_backup_state in ['dump', 'restore']