Merge branch 'master' of https://git.dev-at.de/smardigo/ansible/hetzner-ansible

group_vars/maria/plain.yml

@@ -6,3 +6,6 @@ hetzner_server_labels: "stage={{ stage }} service=maria"
 mysql_databases: []
 
 mysql_users: []
+
+traefik_enabled: false
+node_exporter_enabled: false

import-database.yml

@@ -0,0 +1,119 @@
+---
+
+# Parameters:
+#   playbook inventory
+#     stage := the type of the stage (e.g. dev, int, qa, prod)
+#     tenant_id := (unique key for the tenant, e.g. customer)
+#     cluster_name := (business name for the cluster, e.g. product, department )
+#     cluster_size := (WIP node count for the cluster) (Currently max is 2 master/slave)
+#     cluster_services := (services to setup, e.g. ['connect', 'wordpress', ...])
+#     uploaded_file := the dump file to import, has to be on the database server under /tmp (e.g. wordpress_portal.sql)
+#     target_database := (optional) the database to import into ( see {{ connect_wordpress_maria_database }})
+#   smardigo message callback
+#     scope_id := (scope id of the management process)
+#     process_instance_id := (process instance id of the management process)
+#     smardigo_management_action := (smardigo management action anme of the management process)
+
+#############################################################
+#   Creating inventory dynamically for given parameters
+#############################################################
+
+- hosts: localhost
+  connection: local
+  gather_facts: false
+
+  pre_tasks:
+    - name: "Check if ansible version is at least 2.10.x"
+      assert:
+        that:
+          - ansible_version.major >= 2
+          - ansible_version.minor >= 10
+        msg: "The ansible version has to be at least ({{ ansible_version.full }})"
+
+  tasks:
+    - name: Add hosts
+      add_host:
+        name: "{{ stage }}-maria-01"
+        groups:
+        - "stage_{{ stage }}"
+        - "{{ item }}"
+        cluster_service: "{{ item }}"
+      changed_when: False
+      with_items: "{{ cluster_services }}"
+      when: item in ['connect_wordpress']
+
+#############################################################
+# Setup services for created inventory
+#############################################################
+
+- hosts: "stage_{{ stage }}"
+  serial: "{{ serial_number | default(1) }}"
+  remote_user: root
+
+  pre_tasks:
+    - name: "Gathering current server infos from hetzner"
+      hcloud_server_info:
+        api_token: "{{ hetzner_authentication_token }}"
+      register: hetzner_server_infos
+      delegate_to: 127.0.0.1
+
+    - name: "Setting current server infos as fact: hetzner_server_infos_json"
+      set_fact:
+        hetzner_server_infos_json: "{{ hetzner_server_infos.hcloud_server_info }}"
+      delegate_to: 127.0.0.1
+
+    - name: "Reading ip address for {{ inventory_hostname }}"
+      set_fact:
+        stage_server_ip: "{{ hetzner_server_infos_json | json_query(querystr) | first }}"
+      vars:
+        querystr: "[?name=='{{ inventory_hostname }}'].ipv4_address"
+      delegate_to: 127.0.0.1
+
+    - name: "Printing ip address for {{ inventory_hostname }}"
+      debug:
+        msg: "{{ stage_server_ip }}"
+      delegate_to: 127.0.0.1
+      when:
+       - debug
+
+  roles:
+    - role: import-maria-database
+      when:
+        - "'connect_wordpress' in group_names"
+        - "target_database is defined"
+        - "uploaded_file is defined"
+    - role: import-maria-database
+      vars:
+        target_database: "{{ connect_wordpress_maria_database }}"
+      when:
+        - "'connect_wordpress' in group_names"
+        - "uploaded_file is defined"
+
+#############################################################
+# Sending smardigo management message to process
+#############################################################
+
+- hosts: "stage_{{ stage }}"
+  serial: "{{ serial_number | default(1) }}"
+  connection: local
+  gather_facts: false
+
+  post_tasks:
+    - name: "Sending smardigo management message <{{ smardigo_management_action }}> to <{{ scope_id }}/{{ process_instance_id }}>"
+      uri:
+        url: "{{ smardigo_management_url }}"
+        method: POST
+        body_format: json
+        body: "{{ lookup('template','smardigo-management-message.json.j2') }}"
+        headers:
+          accept: "*/*"
+          Content-Type: "application/json"
+          Smardigo-User-Token: "{{ smardigo_management_token }}"
+        status_code: [200]
+      delegate_to: 127.0.0.1
+      retries: 5
+      delay: 5
+      when:
+        - scope_id is defined
+        - process_instance_id is defined
+        - smardigo_management_action is defined

roles/awx/tasks/awx-config.yml

@@ -536,22 +536,58 @@
   tags:
     - awx_config
 
+- name: "Fetch all job_template ids"
+  uri:
+    url: "{{ awx_base_url }}/api/v2/job_templates/"
+    method: GET
+    user: "{{ awx_rest_api_access_user }}"
+    password: "{{ awx_rest_api_access_pw }}"
+    headers:
+      Content-Type: "application/json"
+      Accept: "application/json"
+    body_format: "json"
+    force_basic_auth: true
+    validate_certs: false
+    status_code: 200
+  register: response
+  tags:
+    - awx_config
+
+- name: "Remove all job templates"
+  uri:
+    url: "{{ awx_base_url }}{{ item.url }}"
+    method: DELETE
+    user: "{{ awx_rest_api_access_user }}"
+    password: "{{ awx_rest_api_access_pw }}"
+    headers:
+      Content-Type: "application/json"
+      Accept: "application/json"
+    body_format: "json"
+    force_basic_auth: true
+    validate_certs: false
+    status_code: 204
+  tags:
+    - awx_config
+  loop: "{{ response.json.results }}"
+  loop_control:
+    label: "{{ item.url }}"
+
 - name: "Create job templates"
   include_tasks: awx-config-job-template.yml
   loop:
     - {
-        name: "create-database-cluster",
+        name: "create-database",
-        #description: "create-database-cluster",
+        #description: "create-database",
-        #playbook_file: "create-database-cluster.yml",
+        #playbook_file: "create-database.yml",
         credentials: [
           "{{ awx_credential_hetzner_ansible_vault_id }}",
           "{{ awx_credential_hetzner_ansible_id }}",
         ]
       }
     - {
-        name: "create-db-import",
+        name: "create-realm",
-        #description: "create-db-import",
+        #description: "create-realm",
-        #playbook_file: "create-db-import.yml",
+        #playbook_file: "create-realm.yml",
         credentials: [
           "{{ awx_credential_hetzner_ansible_vault_id }}",
           "{{ awx_credential_hetzner_ansible_id }}",
@@ -567,18 +603,18 @@
         ]
       }
     - {
-        name: "create-realm",
+        name: "create-service",
-        #description: "create-realm",
+        #description: "create-service",
-        #playbook_file: "create-realm.yml",
+        #playbook_file: "create-service.yml",
         credentials: [
           "{{ awx_credential_hetzner_ansible_vault_id }}",
           "{{ awx_credential_hetzner_ansible_id }}",
         ]
       }
     - {
-        name: "create-service",
+        name: "import-database",
-        #description: "create-service",
+        #description: "import-database",
-        #playbook_file: "create-service.yml",
+        #playbook_file: "import-database.yml",
         credentials: [
           "{{ awx_credential_hetzner_ansible_vault_id }}",
           "{{ awx_credential_hetzner_ansible_id }}",

roles/prometheus/tasks/main.yml

@@ -101,10 +101,30 @@
       name: "iam",
       label_selector: "stage={{ stage }},service=iam",
     },
+    {
+      name: "keycloak",
+      label_selector: "stage={{ stage }},service=keycloak",
+    },
+    {
+      name: "kibana",
+      label_selector: "stage={{ stage }},service=kibana",
+    },
+    {
+      name: "logstash",
+      label_selector: "stage={{ stage }},service=logstash",
+    },
+    {
+      name: "maria",
+      label_selector: "stage={{ stage }},service=maria",
+    },
     {
       name: "mail",
       label_selector: "stage={{ stage }},service=mail",
     },
+    {
+      name: "postfix",
+      label_selector: "stage={{ stage }},service=postfix",
+    },
     {
       name: "postgres",
       label_selector: "stage={{ stage }},service=postgres",

roles/upload-local-file/defaults/main.yml

@@ -1,3 +1,3 @@
 ---
-upload_directory: /tmp
 
+upload_directory: /tmp

roles/upload-local-file/vars/main.yml

@@ -1,2 +1 @@
 ---
-

smardigo/provisioning/process/simple-connect.bpmn

@@ -548,12 +548,12 @@ Variables.userId(authenticatedUserId)</camunda:script>
       <bpmn2:incoming>Flow_1u7vy0j</bpmn2:incoming>
       <bpmn2:outgoing>Flow_15fkmn4</bpmn2:outgoing>
     </bpmn2:intermediateThrowEvent>
-    <bpmn2:callActivity id="Activity_05mqkaj" name="Wordpress Database Backup einspielen" calledElement="smardigo-management-action">
+    <bpmn2:callActivity id="Activity_05mqkaj" name="Database Backup importieren" calledElement="smardigo-management-action">
       <bpmn2:extensionElements>
         <camunda:in businessKey="#{execution.processBusinessKey}" />
         <camunda:in variables="all" />
-        <camunda:in sourceExpression="create-db-import" target="smardigoManagementAction" />
+        <camunda:in sourceExpression="import-database" target="smardigoManagementAction" />
-        <camunda:in sourceExpression="Service erstellen" target="comment" />
+        <camunda:in sourceExpression="Database Backup importieren" target="comment" />
         <camunda:inputOutput>
           <camunda:outputParameter name="progress_current">${progress_current + 1}</camunda:outputParameter>
         </camunda:inputOutput>

templates/prometheus/config/prometheus/prometheus.yml.j2

@@ -49,8 +49,14 @@ scrape_configs:
     metrics_path: '/metrics'
     static_configs:
       - targets: [
-{% for host in server_group_names_all | difference(['dev-awx-01','dev-prometheus-01','dev-maria-01']) | default([]) %}
+{% for host in server_group_names_all | default([]) %}
+{% if
+  (hostvars[host].traefik_enabled is defined
+  and hostvars[host].traefik_enabled)
+  or (hostvars[host].traefik_enabled is not defined)
+%}
           '{{ host }}.{{ domain }}:{{ monitor_port_service }}',
+{% endif %}
 {% endfor %}
         ]
         labels:
@@ -222,7 +228,13 @@ scrape_configs:
     static_configs:
       - targets: [
 {% for host in server_group_names_all | default([]) %}
+{% if
+  (hostvars[host].node_exporter_enabled is defined
+  and hostvars[host].node_exporter_enabled)
+  or (hostvars[host].node_exporter_enabled is not defined)
+%}
           '{{ host }}.{{ domain }}:{{ monitor_port_system }}',
+{% endif %}
 {% endfor %}
         ]
         labels:

upload-database-dumb.yml

@@ -1,6 +1,6 @@
 ---
 # Example call:
-# poetry run ansible-playbook create-db-import.yml --ask-vault-pass -e "cluster_name='maria' cluster_size='1' stage='dev' upload_file='dumps/import.sql' uploaded_file='import.sql' target_database=test01"
+# poetry run ansible-playbook upload-database-dumb.yml --ask-vault-pass -e "cluster_name='maria' cluster_size='1' stage='dev' upload_file='dumps/import.sql' uploaded_file='import.sql'
 
 # How this stuff works:
 # If `upload_file` is defined the upload role save the binary to `upload_directory` (default /tmp)
@@ -66,17 +66,6 @@
       when:
         - "'connect_wordpress' in group_names"
         - "upload_file is defined"
-    - role: import-maria-database
-      when:
-        - "'connect_wordpress' in group_names"
-        - "target_database is defined"
-        - "uploaded_file is defined"
-    - role: import-maria-database
-      vars:
-        target_database: "{{ connect_wordpress_maria_database }}"
-      when:
-        - "'connect_wordpress' in group_names"
-        - "uploaded_file is defined"
 
 #############################################################
 # Sending smardigo management message to process