av/pet-project-server
1
0
Fork 0
Code Pull Requests Activity

Переисан makefile

Browse Source
This commit is contained in:
Anton Vakhrushev 2019-06-14 17:52:33 +03:00
parent 8f48d1fdb8
commit c14c4f7a3c
4 changed files with 88 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Makefile
View File

@ -6,48 +6,53 @@ install-roles:
rebuild-test-machine:
vagrant destroy -f && vagrant up
configure:
ansible-playbook \
--inventory "ansible/hosts_prod" \
--extra-vars='ansible_python_interpreter=/usr/bin/python3' \
--user=av \
--ask-become-pass \
ansible/configuration.yml
PLAYBOOK := ansible/configuration.yml
STAGE := vagrant
configure-web-server:
ifeq ($(STAGE), prod)
ANSIBLE_HOST_KEY_CHECKING := True
INVENTORY := ansible/hosts_prod
USER_ARGS := --user="av" --ask-become-pass
else
ANSIBLE_HOST_KEY_CHECKING := False
INVENTORY := ansible/hosts_vagrant
USER_ARGS := --user="root"
endif
ifneq ($(TAGS),)
TAGS_ARGS := --tags="$(TAGS)"
else
TAGS_ARGS :=
endif
configure:
ANSIBLE_HOST_KEY_CHECKING=$(ANSIBLE_HOST_KEY_CHECKING) \
ansible-playbook \
--inventory "ansible/hosts_prod" \
$(USER_ARGS) \
$(TAGS_ARGS) \
--inventory="$(INVENTORY)" \
--extra-vars='ansible_python_interpreter=/usr/bin/python3' \
--user=av \
--ask-become-pass \
--tags webserver \
ansible/configuration.yml
$(PLAYBOOK)
configure-env:
$(MAKE) configure TAGS="env"
dry-run:
ANSIBLE_HOST_KEY_CHECKING=$(ANSIBLE_HOST_KEY_CHECKING) \
ansible-playbook \
--inventory "ansible/hosts_prod" \
$(USER_ARGS) \
$(TAGS_ARGS) \
--inventory="$(INVENTORY)" \
--extra-vars='ansible_python_interpreter=/usr/bin/python3' \
--user=av \
--ask-become-pass \
--check \
--diff \
ansible/configuration.yml
$(PLAYBOOK)
configure-test:
ANSIBLE_HOST_KEY_CHECKING=False \
list-tags:
ansible-playbook \
--inventory="ansible/hosts_vagrant" \
--extra-vars="ansible_python_interpreter=/usr/bin/python3" \
--user="root" \
--tags="webserver,apps" \
ansible/amber.yml
configure-test-list-tags:
ANSIBLE_HOST_KEY_CHECKING=False \
ansible-playbook \
--inventory="ansible/hosts_vagrant" \
--inventory="$(INVENTORY)" \
--list-tags \
ansible/amber.yml
$(PLAYBOOK)
lint:
ansible-lint "./ansible/configuration.yml" --exclude="./ansible/galaxy.roles/" -v || true

64
ansible/amber.yml
View File

@ -1,64 +0,0 @@
---
- hosts: all
tasks:
- name: 'Install additional packages.'
apt:
name: '{{ packages }}'
update_cache: yes
vars:
packages:
- python3-pip
- import_role:
name: yatesr.timezone
vars:
timezone: UTC
- import_role:
name: geerlingguy.security
vars:
security_ssh_permit_root_login: "yes"
security_autoupdate_enabled: false
security_fail2ban_enabled: false
- name: 'Install python docker lib.'
pip:
name: docker
- import_role:
name: geerlingguy.docker
vars:
docker_users:
- homepage
- import_role:
name: antoiner77.caddy
vars:
caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
caddy_setcap: True
caddy_systemd_capabilities_enabled: True
caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE"
tags:
- webserver
- import_role:
name: netdata
tags:
- monitoring
# Applications
- import_role:
name: docker-app
vars:
username: homepage
extra_groups:
- www-data
ssh_keys:
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
env:
DOCKER_PREFIX: homepage
tags:
- apps

98
ansible/configuration.yml
View File

@ -1,60 +1,64 @@
---
- hosts: all
become: true
tasks:
- name: 'Install additional packages.'
apt:
name: '{{ packages }}'
update_cache: yes
vars:
deploy_user: deployer
packages:
- python3-pip
- import_role:
name: yatesr.timezone
vars:
timezone: UTC
# nginx settings
- import_role:
name: geerlingguy.security
vars:
security_ssh_permit_root_login: "yes"
security_autoupdate_enabled: false
security_fail2ban_enabled: false
nginx_remove_default_vhost: true
- name: 'Install python docker lib.'
pip:
name: docker
# php settings
- import_role:
name: geerlingguy.docker
vars:
docker_users:
- homepage
php_version: '7.1'
php_packages_extra:
- 'php{{ php_version }}'
- 'php{{ php_version }}-curl'
- 'php{{ php_version }}-gd'
- 'php{{ php_version }}-fpm'
- 'php{{ php_version }}-mbstring'
- 'php{{ php_version }}-xml'
- 'php{{ php_version }}-intl'
- 'php{{ php_version }}-zip'
- 'php{{ php_version }}-mysql'
php_webserver_daemon: nginx
php_enable_php_fpm: true
php_date_timezone: '{{ timezone }}'
pre_tasks:
- name: Install system packages
apt: pkg={{ item }} state=latest
with_items:
- curl
- git
- make
- python-software-properties
- wget
- zip
- name: Ensure that PHP PPA is added.
apt_repository: repo=ppa:ondrej/php state=present
- name: Update apt cache
apt: update_cache=yes cache_valid_time=86400
- name: Add deploy user
user:
name: '{{ deploy_user }}'
groups: www-data
roles:
- name: yatesr.timezone
- name: geerlingguy.nginx
- import_role:
name: antoiner77.caddy
vars:
caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
caddy_setcap: True
caddy_systemd_capabilities_enabled: True
caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE"
tags:
- webserver
- name: geerlingguy.php-versions
- name: geerlingguy.php
- homepage
# - s2photo
# - notes
- import_role:
name: netdata
tags:
- monitoring
# Applications
- import_role:
name: docker-app
vars:
username: homepage
extra_groups:
- www-data
ssh_keys:
- '{{ lookup("file", "files/av_id_rsa.pub") }}'
env:
DOCKER_PREFIX: homepage
tags:
- apps

2
ansible/roles/netdata/tasks/main.yml
View File

@ -19,4 +19,4 @@
security_opts:
- 'apparmor:unconfined'
env:
PGID: '{{ docker_group.stdout }}'
PGID: '{{ docker_group.stdout|default(999) }}'