av/pet-project-server
1
0
Fork 0
Code Pull Requests Activity

Переисан makefile

Browse Source
This commit is contained in:
Anton Vakhrushev 2019-06-14 17:52:33 +03:00
parent 8f48d1fdb8
commit c14c4f7a3c
4 changed files with 88 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Makefile
View File

@ -6,48 +6,53 @@ install-roles:
rebuild-test-machine: rebuild-test-machine:
vagrant destroy -f && vagrant up vagrant destroy -f && vagrant up
configure: PLAYBOOK := ansible/configuration.yml
ansible-playbook \ STAGE := vagrant
--inventory "ansible/hosts_prod" \
--extra-vars='ansible_python_interpreter=/usr/bin/python3' \
--user=av \
--ask-become-pass \
ansible/configuration.yml
configure-web-server: ifeq ($(STAGE), prod)
ANSIBLE_HOST_KEY_CHECKING := True
INVENTORY := ansible/hosts_prod
USER_ARGS := --user="av" --ask-become-pass
else
ANSIBLE_HOST_KEY_CHECKING := False
INVENTORY := ansible/hosts_vagrant
USER_ARGS := --user="root"
endif
ifneq ($(TAGS),)
TAGS_ARGS := --tags="$(TAGS)"
else
TAGS_ARGS :=
endif
configure:
ANSIBLE_HOST_KEY_CHECKING=$(ANSIBLE_HOST_KEY_CHECKING) \
ansible-playbook \ ansible-playbook \
--inventory "ansible/hosts_prod" \ $(USER_ARGS) \
$(TAGS_ARGS) \
--inventory="$(INVENTORY)" \
--extra-vars='ansible_python_interpreter=/usr/bin/python3' \ --extra-vars='ansible_python_interpreter=/usr/bin/python3' \
--user=av \ $(PLAYBOOK)
--ask-become-pass \
--tags webserver \ configure-env:
ansible/configuration.yml $(MAKE) configure TAGS="env"
dry-run: dry-run:
ANSIBLE_HOST_KEY_CHECKING=$(ANSIBLE_HOST_KEY_CHECKING) \
ansible-playbook \ ansible-playbook \
--inventory "ansible/hosts_prod" \ $(USER_ARGS) \
$(TAGS_ARGS) \
--inventory="$(INVENTORY)" \
--extra-vars='ansible_python_interpreter=/usr/bin/python3' \ --extra-vars='ansible_python_interpreter=/usr/bin/python3' \
--user=av \
--ask-become-pass \
--check \ --check \
--diff \ --diff \
ansible/configuration.yml $(PLAYBOOK)
configure-test: list-tags:
ANSIBLE_HOST_KEY_CHECKING=False \
ansible-playbook \ ansible-playbook \
--inventory="ansible/hosts_vagrant" \ --inventory="$(INVENTORY)" \
--extra-vars="ansible_python_interpreter=/usr/bin/python3" \
--user="root" \
--tags="webserver,apps" \
ansible/amber.yml
configure-test-list-tags:
ANSIBLE_HOST_KEY_CHECKING=False \
ansible-playbook \
--inventory="ansible/hosts_vagrant" \
--list-tags \ --list-tags \
ansible/amber.yml $(PLAYBOOK)
lint: lint:
ansible-lint "./ansible/configuration.yml" --exclude="./ansible/galaxy.roles/" -v || true ansible-lint "./ansible/configuration.yml" --exclude="./ansible/galaxy.roles/" -v || true

64
ansible/amber.yml
View File

@ -1,64 +0,0 @@
---
- hosts: all
tasks:
- name: 'Install additional packages.'
apt:
name: '{{ packages }}'
update_cache: yes
vars:
packages:
- python3-pip
- import_role:
name: yatesr.timezone
vars:
timezone: UTC
- import_role:
name: geerlingguy.security
vars:
security_ssh_permit_root_login: "yes"
security_autoupdate_enabled: false
security_fail2ban_enabled: false
- name: 'Install python docker lib.'
pip:
name: docker
- import_role:
name: geerlingguy.docker
vars:
docker_users:
- homepage
- import_role:
name: antoiner77.caddy
vars:
caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
caddy_setcap: True
caddy_systemd_capabilities_enabled: True
caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE"
tags:
- webserver
- import_role:
name: netdata
tags:
- monitoring
# Applications
- import_role:
name: docker-app
vars:
username: homepage
extra_groups:
- www-data
ssh_keys:
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
env:
DOCKER_PREFIX: homepage
tags:
- apps

100
ansible/configuration.yml
View File

@ -1,60 +1,64 @@
--- ---
- hosts: all - hosts: all
become: true
vars: tasks:
deploy_user: deployer
timezone: UTC - name: 'Install additional packages.'
apt:
name: '{{ packages }}'
update_cache: yes
vars:
packages:
- python3-pip
# nginx settings - import_role:
name: yatesr.timezone
vars:
timezone: UTC
nginx_remove_default_vhost: true - import_role:
name: geerlingguy.security
vars:
security_ssh_permit_root_login: "yes"
security_autoupdate_enabled: false
security_fail2ban_enabled: false
# php settings - name: 'Install python docker lib.'
pip:
name: docker
php_version: '7.1' - import_role:
php_packages_extra: name: geerlingguy.docker
- 'php{{ php_version }}' vars:
- 'php{{ php_version }}-curl' docker_users:
- 'php{{ php_version }}-gd' - homepage
- 'php{{ php_version }}-fpm'
- 'php{{ php_version }}-mbstring'
- 'php{{ php_version }}-xml'
- 'php{{ php_version }}-intl'
- 'php{{ php_version }}-zip'
- 'php{{ php_version }}-mysql'
php_webserver_daemon: nginx
php_enable_php_fpm: true
php_date_timezone: '{{ timezone }}'
pre_tasks: - import_role:
- name: Install system packages name: antoiner77.caddy
apt: pkg={{ item }} state=latest vars:
with_items: caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
- curl caddy_setcap: True
- git caddy_systemd_capabilities_enabled: True
- make caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE"
- python-software-properties
- wget
- zip
- name: Ensure that PHP PPA is added.
apt_repository: repo=ppa:ondrej/php state=present
- name: Update apt cache
apt: update_cache=yes cache_valid_time=86400
- name: Add deploy user
user:
name: '{{ deploy_user }}'
groups: www-data
roles:
- name: yatesr.timezone
- name: geerlingguy.nginx
tags: tags:
- webserver - webserver
- name: geerlingguy.php-versions
- name: geerlingguy.php
- homepage - import_role:
# - s2photo name: netdata
# - notes tags:
- monitoring
# Applications
- import_role:
name: docker-app
vars:
username: homepage
extra_groups:
- www-data
ssh_keys:
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
env:
DOCKER_PREFIX: homepage
tags:
- apps

2
ansible/roles/netdata/tasks/main.yml
View File

@ -19,4 +19,4 @@
security_opts: security_opts:
- 'apparmor:unconfined' - 'apparmor:unconfined'
env: env:
PGID: '{{ docker_group.stdout }}' PGID: '{{ docker_group.stdout|default(999) }}'