av/pet-project-server
1
0
Fork 0
Code Pull Requests Activity

Новый сервер с приложениями внутри котейнеров

Browse Source
This commit is contained in:
Anton Vakhrushev
2018-10-07 17:47:46 +03:00
parent 1083d7d073
commit 244c9a96e4
9 changed files with 97 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
ansible/amber.yml Normal file
View File

@ -0,0 +1,44 @@
---
# v3, nginx, docker
- hosts: all
vars_files:
- vars/apps.yml
tasks:
# - include_role:
# name: yatesr.timezone
# vars:
# timezone: UTC
#
# - include_role:
# name: geerlingguy.security
# vars:
# security_ssh_permit_root_login: "yes"
# security_autoupdate_enabled: false
# security_fail2ban_enabled: false
#
# - include_role:
# name: geerlingguy.nginx
# vars:
# nginx_remove_default_vhost: true
#
# - include_role:
# name: geerlingguy.docker
# vars:
# docker_users: '{{ apps | map(attribute="username") | list }}'
- include_role:
name: docker-app
private: yes
vars:
username: '{{ app_item.username }}'
ssh_keys: '{{ app_item.ssh_keys | default([]) }}'
envs: '{{ app_item.envs | default({}) }}'
with_items: '{{ apps }}'
loop_control:
loop_var: app_item

1
ansible/hosts_vagrant Normal file
View File

@ -0,0 +1 @@
192.168.50.10

6
ansible/requirements.yml
View File

@ -2,6 +2,9 @@
- src: yatesr.timezone
version: 1.0.0
- src: geerlingguy.security
version: 1.7.0
- src: geerlingguy.nginx
version: 2.6.0
@ -14,6 +17,9 @@
- src: geerlingguy.mysql
version: 2.9.0
- src: geerlingguy.docker
version: 2.5.1
- name: thefinn93.ansible-letsencrypt
src: https://github.com/thefinn93/ansible-letsencrypt
version: origin/master

11
ansible/roles/blocks/owner/tasks/main.yml
View File

@ -1,5 +1,5 @@
---
- name: 'Check app requirements for {{ owner_name }}.'
- name: 'Check app requirements for user "{{ owner_name }}".'
fail:
msg: You must set owner name.
when: not owner_name
@ -15,26 +15,27 @@
group: '{{ owner_group }}'
shell: /bin/bash
- name: 'Set up user ssh keys for {{ owner_name }}.'
- name: 'Set up user ssh keys for user "{{ owner_name }}".'
authorized_key:
user: '{{ owner_name }}'
key: '{{ item }}'
state: present
with_items: '{{ owner_ssh_keys }}'
when: owner_ssh_keys
- name: 'Set up environment variables for {{ owner_name }}.'
- name: 'Set up environment variables for user "{{ owner_name }}".'
template:
src: envs.j2
dest: '/home/{{ owner_name }}/.envs'
- name: 'Remove environment variables for {{ owner_name }} from bashrc.'
- name: 'Remove absent environment variables for user "{{ owner_name }}" from bashrc.'
lineinfile:
path: '/home/{{ owner_name }}/.bashrc'
regexp: '^export {{ item.key }}='
state: absent
with_dict: '{{ owner_envs }}'
- name: 'Include environment variables for {{ owner_name }} in bashrc.'
- name: 'Include environment variables for user "{{ owner_name }}" in bashrc.'
lineinfile:
path: '/home/{{ owner_name }}/.bashrc'
regexp: '^\. ~\/\.envs'

7
ansible/roles/docker-app/meta/main.yml Normal file
View File

@ -0,0 +1,7 @@
---
dependencies:
- role: blocks/owner
owner_name: '{{ username }}'
owner_group: '{{ username }}'
owner_ssh_keys: '{{ ssh_keys | default([]) }}'
owner_envs: '{{ env | default({}) }}'

1
ansible/roles/docker-app/tasks/main.yml Normal file
View File

@ -0,0 +1 @@
---

8
ansible/vars/apps.yml Normal file
View File

@ -0,0 +1,8 @@
---
apps:
- name: homepage
username: homepage
ssh_keys:
- '{{ lookup("file", "av_id_rsa.pub") }}'
domains:
- vakhrushev.me