testing

Deploy a simple webserver docker-compose stack
The beginning of a revamp of FRITA infrastructure into containers
2022-11-18 04:11:08 -05:00 · 2022-11-18 02:51:49 -05:00
20 changed files with 201 additions and 480 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,8 +1,4 @@
-# Vagrant files
+environments
 .playbook
 .vagrant
-
+.vscode
 # Unneeded ansible file
 *.retry
 # Custom environments
 /environments/
--- a/README.md
+++ b/README.md
@@ -1,22 +1,26 @@
-# Free I.T. Athen’s Infrastructure
+# Free I.T. Athen's Infrastructure
-Ansible code used to deploy and maintain websites and services used by Free I.T. Athens.
+This project is used to develop Ansible for deploying and maintaining websites
 and services operated by Free I.T. Athens.
-## Getting Started
+- Requires Ansible and Vagrant on the host
 frita-infra is developed in Ansible 2.7.5 using Vagrant 2.2.2 + vagrant-libvirt as a test environment.
-Check it out by simply typing: `vagrant up`
+## Quick Start
-
+1. Clone this project
-## Versioning
+2. Run `vagrant up` to provision a Debian 11 base box
 We use [SemVer](http://semver.org/) for versioning. For the versions available, see the tags on this repository. 
 ## Authors
-* **Kris Lamoureux** - *Project Founder* - [krislamo](https://github.com/krislamo)
+* **Kris Lamoureux** - *Project Founder* - @[krislamo](https://github.com/krislamo)
 ## Copyrights and Licenses
-Copyright (C) 2019  Free I.T. Athens
+Copyright (C) 2019, 2020, 2022  Free I.T. Athens
-This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
+This program is free software: you can redistribute it and/or modify it under
 the terms of the GNU General Public License as published by the Free Software
 Foundation, version 3 of the License.
-This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+This program is distributed in the hope that it will be useful, but WITHOUT
 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
+You should have received a copy of the GNU General Public License along with
 this program. If not, see <https://www.gnu.org/licenses/>.
--- a/42
+++ b/42
@@ -1,28 +1,24 @@
 # Copyright (C) 2019  Free I.T. Athens
 # 
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, version 3 of the License.
 # 
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 # 
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 # vi: set ft=ruby :
 # Set PLAYBOOK shell var for ./dev/playbook.yml
 PLAYBOOK=ENV["PLAYBOOK"]
 if !PLAYBOOK
  if File.exist?('.playbook')
    PLAYBOOK = IO.read('.playbook').split("\n")[0]
  end
  if !PLAYBOOK || PLAYBOOK.empty?
    PLAYBOOK = "webserver"
  end
 else
  File.write(".playbook", PLAYBOOK)
 end
 # Debian 11
 Vagrant.configure("2") do |config|
-
+  config.vm.box = "debian/bullseye64"
  # Debian Stable box
  config.vm.box = "debian/stretch64"
  config.vm.synced_folder ".", "/vagrant", disabled: true
-
+  config.vm.network "private_network", type: "dhcp"
  # Set static IP
  config.vm.network "private_network", ip: "192.168.121.2"
  # Machine Name
  config.vm.define :frita do |frita| #
@@ -35,9 +31,9 @@ Vagrant.configure("2") do |config|
  # Provision with Ansible
  config.vm.provision "ansible" do |ansible|
    ENV['ANSIBLE_ROLES_PATH'] = File.dirname(__FILE__) + "/roles"
    ansible.compatibility_mode = "2.0"
-    ansible.playbook = "site.yml"
+    ansible.playbook = "dev/" + PLAYBOOK + ".yml"
  end
 end
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,7 +1,6 @@
 [defaults]
 inventory = ./environments/development
-interpreter_python = /usr/bin/python
+interpreter_python = /usr/bin/python3
 [ssh_connection]
 pipelining=True
--- a/dev/vars/webserver.yml
+++ b/dev/vars/webserver.yml
@@ -0,0 +1,5 @@
 docker_users:
  - vagrant
 webserver_env:
  TRAEFIK_DOMAIN: traefik.local.freeitathens.org
--- a/dev/webserver.yml
+++ b/dev/webserver.yml
@@ -0,0 +1,8 @@
 - name: Install FRITA Web Server
  hosts: all
  become: true
  vars_files:
    - vars/webserver.yml
  roles:
    - docker
    - webserver
--- a/group_vars/all
+++ b/group_vars/all
@@ -1,46 +0,0 @@
 ### WordPress Configuration ###
 # Domain
 wp_domain: www.freeitathens.org
 wp_admin_email: contact@freeitathens.org
 # Version of WordPress to deploy
 wp_version: 5.1.1
 wp_sha1_hash: f1bff89cc360bf5ef7086594e8a9b68b4cbf2192
 # WordPress Home Directory
 # Note: value is a directory without trailing '/'
 wp_dir: /var/www/wordpress
 # WordPress Database Settings
 wp_db_host: localhost
 wp_db_name: wordpress
 wp_db_user: wordpress_user
 wp_db_pass: Password1
 wp_db_table_prefix: wp_
 ### Nextcloud Configuration ###
 # Domain
 nc_domain: cloud.freeitathens.org
 nc_admin_email: contact@freeitathens.org
 # Version of Nextcloud to deploy
 nc_version: 15.0.2
 nc_sha256_hash: c1f4cc33e39994ddbe6777370b62c30b7ae52136a0530c0b9922770803ca0fea
 # Nextcloud Home Directory
 # Note: value is a directory without trailing '/'
 nc_dir: /var/www/nextcloud
 # Nextcloud Database Settings
 nc_db_host: localhost
 nc_db_name: nextcloud
 nc_db_user: nextcloud_user
 nc_db_pass: Password1
 # Nextcloud Admin
 nc_admin: admin
 nc_admin_pass: Password1
--- a/roles/ansible/tasks/main.yml
+++ b/roles/ansible/tasks/main.yml
@@ -1,22 +0,0 @@
 - name: 'Install Ansible dependency: python-apt'
  shell: 'apt-get update && apt-get install python-apt -y'
  args:
    creates: /usr/lib/python2.7/dist-packages/apt
    warn: false
 - name: 'Install Ansible dependency: aptitude'
  apt:
    name: 'aptitude'
    state: present
    force_apt_get: true
 - name: 'Install Ansible dependency: python-docker'
  apt:
    name: python-docker
    state: present
 - name: Create Ansible's temporary directory
  file:
    path: /root/.ansible/tmp
    state: directory
    mode: '0700'
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -0,0 +1,3 @@
 docker_compose_root: /var/lib/compose
 docker_compose: /usr/bin/docker-compose
 docker_compose_service: compose
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -0,0 +1,25 @@
 - name: Install Docker
  ansible.builtin.apt:
    name: ['docker.io', 'docker-compose']
    state: present
    update_cache: true
 - name: Create docker-compose root
  ansible.builtin.file:
    path: "{{ docker_compose_root }}"
    state: directory
    mode: 0600
 - name: Add users to docker group
  ansible.builtin.user:
    name: "{{ item }}"
    groups: docker
    append: true
  loop: "{{ docker_users }}"
  when: docker_users is defined
 - name: Start Docker and enable on boot
  ansible.builtin.service:
    name: docker
    state: started
    enabled: true
--- a/roles/mediawiki/tasks/main.yml
+++ b/roles/mediawiki/tasks/main.yml
@@ -1,82 +0,0 @@
 - name: Install MySQL Support for Python
  apt:
    name: python-pymysql
    state: present
 - name: Create Database
  mysql_db:
    name: "{{ mw_db_name }}"
    state: present
    login_unix_socket: /var/run/mysqld/mysqld.sock
 - name: Create Database User
  mysql_user:
    name: "{{ mw_db_user }}"
    password: "{{ mw_db_pass }}"
    priv: "{{ mw_db_name }}.*:ALL,GRANT"
    state: present
    login_unix_socket: /var/run/mysqld/mysqld.sock
 - name: Install PHP Modules
  apt:
    name: ['php-xml', 'php-mbstring']
    state: present
  notify: Reload Apache2
 - name: Create Public HTML Directory
  file:
    path: "{{ mw_dir }}/public_html"
    state: directory
 # https://www.mediawiki.org/wiki/Manual:Short_URL#Moving_a_wiki_from_/wiki_to_/w
 - name: Create Directory /w for Short URLs
  file:
    path: "{{ mw_dir }}/public_html/w"
    state: directory
 - name: Create Logs Directory
  file:
    path: "{{ mw_dir }}/logs"
    state: directory
 - name: Download MediaWiki
  get_url:
    url: "https://releases.wikimedia.org/mediawiki/\
          {{ mw_version | regex_replace('\\.\\d+$', '') }}/\
          mediawiki-{{ mw_version }}.tar.gz"
    dest: /tmp/mediawiki-{{ mw_version }}.tar.gz
 - name: Extract MediaWiki
  unarchive:
    src: /tmp/mediawiki-{{ mw_version }}.tar.gz
    dest: "{{ mw_dir }}/public_html/w"
    owner: www-data
    group: www-data
    extra_opts: [--strip-components=1]
    remote_src: yes
 - name: Install MediaWiki
  command: |
    php maintenance/install.php --dbname="{{ mw_db_name }}" \
    --dbuser="{{ mw_db_user }}" --dbpass="{{ mw_db_pass }}" \
    --pass="{{ mw_admin_pass }}" "{{ mw_namespace }}" admin
  args:
    chdir: "{{ mw_dir }}/public_html/w"
    creates: "{{ mw_dir }}/public_html/w/LocalSettings.php"
 - name: "Enable Apache Module: rewrite"
  apache2_module:
    name: rewrite
    state: present
 - name: Apply Apache Configuration
  template:
    src: mediawiki.conf.j2
    dest: /etc/apache2/sites-available/{{ mw_domain }}.conf
  notify: Reload Apache2
 - name: Enable Apache Website
  shell: a2ensite {{ mw_domain }}
  args:
    creates: /etc/apache2/sites-enabled/{{ mw_domain }}.conf
  notify: Reload Apache2
--- a/roles/mediawiki/templates/LocalSettings.php.j2
+++ b/roles/mediawiki/templates/LocalSettings.php.j2
@@ -1,186 +0,0 @@
 <?php
 # This file was automatically generated by the MediaWiki 1.33.0
 # installer. If you make manual changes, please keep track in case you
 # need to recreate them later.
 #
 # See includes/DefaultSettings.php for all configurable settings
 # and their default values, but don't forget to make changes in _this_
 # file, not there.
 #
 # Further documentation for configuration settings may be found at:
 # https://www.mediawiki.org/wiki/Manual:Configuration_settings
 # Protect against web entry
 if ( !defined( 'MEDIAWIKI' ) ) {
 	exit;
 }
 ## Uncomment this to disable output compression
 # $wgDisableOutputCompression = true;
 $wgSitename = "{{ mw_sitename }}";
 $wgMetaNamespace = "{{ mw_namespace }}";
 ## The URL base path to the directory containing the wiki;
 ## defaults for all runtime URL paths are based off of this.
 ## For more information on customizing the URLs
 ## (like /w/index.php/Page_title to /wiki/Page_title) please see:
 ## https://www.mediawiki.org/wiki/Manual:Short_URL
 $wgScriptPath = "/w";
 $wgScriptExtension = ".php";
 $wgArticlePath = "/wiki/$1";
 ## The protocol and server name to use in fully-qualified URLs
 $wgServer = "http://{{ mw_domain }}";
 ## The URL path to static resources (images, scripts, etc.)
 $wgResourceBasePath = $wgScriptPath;
 ## The URL path to the logo.  Make sure you change this from the default,
 ## or else you'll overwrite your logo when you upgrade!
 $wgLogo = "$wgResourceBasePath/resources/assets/wiki.png";
 #$wgLogo = "/logo.png";
 ## UPO means: this is also a user preference option
 $wgEnableEmail = false;
 $wgEnableUserEmail = true; # UPO
 $wgEmergencyContact = "apache@{{ mw_domain }}";
 $wgPasswordSender = "apache@{{ mw_domain }}";
 $wgEnotifUserTalk = false; # UPO
 $wgEnotifWatchlist = false; # UPO
 $wgEmailAuthentication = true;
 ## Database settings
 $wgDBtype = "mysql";
 $wgDBserver = "{{ mw_db_host }}";
 $wgDBname = "{{ mw_db_name }}";
 $wgDBuser = "{{ mw_db_user }}";
 $wgDBpassword = "{{ mw_db_pass }}";
 # MySQL specific settings
 $wgDBprefix = "";
 # MySQL table options to use during installation or update
 $wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
 ## Shared memory settings
 $wgMainCacheType = CACHE_ACCEL;
 $wgMemCachedServers = [];
 ## To enable image uploads, make sure the 'images' directory
 ## is writable, then set this to true:
 $wgEnableUploads = true;
 $wgGenerateThumbnailOnParse = false;
 $wgUseImageMagick = true;
 $wgImageMagickConvertCommand = "/usr/bin/convert";
 # InstantCommons allows wiki to use images from https://commons.wikimedia.org
 $wgUseInstantCommons = true;
 # Periodically send a pingback to https://www.mediawiki.org/ with basic data
 # about this MediaWiki instance. The Wikimedia Foundation shares this data
 # with MediaWiki developers to help guide future development efforts.
 $wgPingback = true;
 ## If you use ImageMagick (or any other shell command) on a
 ## Linux server, this will need to be set to the name of an
 ## available UTF-8 locale
 $wgShellLocale = "C.UTF-8";
 ## Set $wgCacheDirectory to a writable directory on the web server
 ## to make your wiki go slightly faster. The directory should not
 ## be publicly accessible from the web.
 #$wgCacheDirectory = "$IP/cache";
 # Site language code, should be one of the list in ./languages/data/Names.php
 $wgLanguageCode = "en";
 $wgSecretKey = "{{ lookup('password', '/dev/null length=64 chars=hexdigits') }}";
 # Changing this will log out all existing sessions.
 $wgAuthenticationTokenVersion = "{{ lookup('password', '/dev/null length=64 chars=hexdigits') }}";
 # Site upgrade key. Must be set to a string (default provided) to turn on the
 # web installer while LocalSettings.php is in place
 $wgUpgradeKey = "{{ lookup('password', '/dev/null length=16 chars=hexdigits') }}";
 ## For attaching licensing metadata to pages, and displaying an
 ## appropriate copyright notice / icon. GNU Free Documentation
 ## License and Creative Commons licenses are supported so far.
 $wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
 $wgRightsUrl = "https://creativecommons.org/licenses/by-sa/4.0/";
 $wgRightsText = "Creative Commons Attribution-ShareAlike";
 $wgRightsIcon = "$wgResourceBasePath/resources/assets/licenses/cc-by-sa.png";
 # Path to the GNU diff3 utility. Used for conflict resolution.
 $wgDiff3 = "/usr/bin/diff3";
 ## Default skin: you can change the default skin. Use the internal symbolic
 ## names, ie 'vector', 'monobook':
 $wgDefaultSkin = "vector";
 # Enabled skins.
 # The following skins were automatically enabled:
 wfLoadSkin( 'MonoBook' );
 wfLoadSkin( 'Timeless' );
 wfLoadSkin( 'Vector' );
 # Enabled extensions. Most of the extensions are enabled by adding
 # wfLoadExtensions('ExtensionName');
 # to LocalSettings.php. Check specific extension documentation for more details.
 # The following extensions were automatically enabled:
 wfLoadExtension( 'CodeEditor' );
 wfLoadExtension( 'ConfirmEdit' );
 wfLoadExtension( 'MultimediaViewer' );
 wfLoadExtension( 'PdfHandler' );
 wfLoadExtension( 'SpamBlacklist' );
 wfLoadExtension( 'TitleBlacklist' );
 wfLoadExtension( 'WikiEditor' );
 # End of automatically generated settings.
 # Add more configuration options below.
 # IP restictions
 if ($_SERVER['REMOTE_ADDR'] != '{{ mw_iplock }}') {
 	$wgGroupPermissions['*']['createaccount'] = false;
 	$wgGroupPermissions['*']['edit'] = false;
 }
 # MobileFrontend
 #wfLoadExtension( 'MobileFrontend' );
 #wfLoadSkin( 'Vector' );
 #$wgMFDefaultSkinClass = 'SkinVector';
 # VisualEditor
 #wfLoadExtension( 'VisualEditor' );
 # Syntax highlighting
 #wfLoadExtension( 'SyntaxHighlight_GeSHi' );
 // Enable by default for everybody
 $wgDefaultUserOptions['visualeditor-enable'] = 1;
 // Optional: Set VisualEditor as the default for anonymous users
 // otherwise they will have to switch to VE
 // $wgDefaultUserOptions['visualeditor-editor'] = "visualeditor";
 // Don't allow users to disable it
 $wgHiddenPrefs[] = 'visualeditor-enable';
 // OPTIONAL: Enable VisualEditor's experimental code features
 // #$wgDefaultUserOptions['visualeditor-enable-experimental'] = 1;
 $wgVirtualRestConfig['modules']['parsoid'] = [
 	'url' => 'http://localhost:8142',
 ];
 $wgShowExceptionDetails = true;
--- a/roles/mediawiki/templates/mediawiki.conf.j2
+++ b/roles/mediawiki/templates/mediawiki.conf.j2
@@ -1,23 +0,0 @@
 <VirtualHost *:80>
  ServerName {{ mw_domain }}
  ServerAdmin {{ mw_admin_email }}
  DocumentRoot {{ mw_dir }}/public_html
  RewriteEngine On
  RewriteRule ^/?wiki(/.*)?$ %{DOCUMENT_ROOT}/w/index.php [L]
  RewriteRule ^/?$ %{DOCUMENT_ROOT}/w/index.php [L]
  RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f
  RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d
  RewriteRule ^/?w/images/thumb/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ %{DOCUMENT_ROOT}/w/thumb.php?f=$1&width=$2 [L,QSA,B]
  RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f
  RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d
  RewriteRule ^/?w/images/thumb/archive/[0-9a-f]/[0-9a-f][0-9a-f]/([^/]+)/([0-9]+)px-.*$ %{DOCUMENT_ROOT}/w/thumb.php?f=$1&width=$2&archived=1 [L,QSA,B]
  ErrorLog {{ mw_dir }}/logs/error.log
  CustomLog {{ mw_dir }}/logs/access.log combined
 </VirtualHost>
 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- a/roles/webserver/defaults/main.yml
+++ b/roles/webserver/defaults/main.yml
@@ -0,0 +1 @@
 webserver_root: "{{ docker_compose_root }}/webserver"
--- a/roles/webserver/files/docker-compose.yml
+++ b/roles/webserver/files/docker-compose.yml
@@ -0,0 +1,56 @@
 version: '3.5'
 volumes:
  wordpress:
 networks:
  traefik:
    name: traefik
 services:
  traefik:
    image: traefik:${TRAEFIK_VERSION:-latest}
    restart: always
    command:
      - --api.dashboard=${TRAEFIK_DASHBOARD:-true}
      - --api.debug=${TRAEFIK_DEBUG:-true}
      - --providers.docker=true
      - --providers.docker.exposedbydefault=${TRAEFIK_EXPOSED_DEFAULT:-false}
      - --entrypoints.web.address=:80
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https
      - --entrypoints.web.http.redirections.entrypoint.permanent=true
      - --entrypoints.websecure.address=:443
      - --entrypoints.local.address=:8443
    ports:
      - 80:80
      - 443:443
      - "127.0.0.1:8443:8443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      traefik.http.routers.api.rule: Host(`${TRAEFIK_DOMAIN:-traefik.local.freeitathens.org}`)
      traefik.http.routers.api.entrypoints: local
      traefik.http.routers.api.service: api@internal
      traefik.http.routers.api.tls: true
      traefik.enable: true
    networks:
      - traefik
  wordpress:
    image: wordpress:${WORDPRESS_VERSION:-latest}
    restart: always
    environment:
      WORDPRESS_DB_HOST: asdf
      WORDPRESS_DB_USER: asdf
      WORDPRESS_DB_PASSWORD: ASDFASDF
      WORDPRESS_DB_NAME: ASDFA
    labels:
      traefik.http.routers.wordpress.rule: Host(`${WORDPRESS_DOMAIN:-www.local.freeitathens.org}`)
      traefik.http.routers.wordpress.entrypoints: websecure
      traefik.http.routers.wordpress.tls.certresolver: letsencrypt
      traefik.docker.network: traefik
      traefik.enable: true
    volumes:
      - wordpress:/var/www/html
--- a/roles/webserver/handlers/main.yml
+++ b/roles/webserver/handlers/main.yml
@@ -1,18 +1,5 @@
-# Copyright (C) 2019  Free I.T. Athens
+- name: Compose up on webserver stack
-#
+  ansible.builtin.command: "docker-compose up -d"
-# This program is free software: you can redistribute it and/or modify
+  args:
-# it under the terms of the GNU General Public License as published by
+    chdir: "{{ webserver_root }}"
-# the Free Software Foundation, version 3 of the License.
+  listen: composeup_webserver
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 - name: Reload Apache2
  service: name=apache2 state=reloaded
--- a/roles/webserver/tasks/main.yml
+++ b/roles/webserver/tasks/main.yml
@@ -1,40 +1,24 @@
 # Copyright (C) 2019  Free I.T. Athens
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, version 3 of the License.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 - name: Install Apache2 Web Server
  apt:
    name: apache2
    state: present
 - name: Start Apache2 Web Server
  service:
    name: apache2
    state: started
 - name: Install PHP
  apt:
    name: php
    state: present
 - name: Install PHP MySQL Extension
  apt:
    name: php-mysql
    state: present
  notify: Reload Apache2
 - name: Install MariaDB Server
-  apt:
+  ansible.builtin.apt:
    name: mariadb-server
    state: present
 - name: Create webserver docker-compose directory
  ansible.builtin.file:
    path: "{{ webserver_root }}"
    state: directory
    mode: 0600
 - name: Install webserver docker-compose.yml
  ansible.builtin.copy:
    src: docker-compose.yml
    dest: "{{ webserver_root }}/docker-compose.yml"
    mode: 0600
  notify: composeup_webserver
 - name: Install docker-compose .env
  ansible.builtin.template:
    src: compose-env.j2
    dest: "{{ webserver_root }}/.env"
    mode: 0600
  notify: composeup_webserver
--- a/roles/webserver/templates/compose-env.j2
+++ b/roles/webserver/templates/compose-env.j2
@@ -0,0 +1,4 @@
 # {{ ansible_managed }}
 {% for key, value in webserver_env.items() %}
 {{ key }}={{ value }}
 {% endfor %}
--- a/update-hosts.sh
+++ b/update-hosts.sh
@@ -0,0 +1,31 @@
 #!/bin/bash
 COMMENT="FRITA-infra"
 DOMAIN="local.freeitathens.org"
 HOST[0]="traefik.${DOMAIN}"
 HOST[1]="www.${DOMAIN}"
 # Get Vagrantbox guest IP
 VAGRANT_OUTPUT=$(vagrant ssh -c "hostname -I | cut -d' ' -f1" 2>/dev/null)
 # Remove ^M from the end
 [ ${#VAGRANT_OUTPUT} -gt 1 ] && IP=${VAGRANT_OUTPUT::-1}
 echo "Purging project addresses from /etc/hosts"
 sudo sed -i "s/# $COMMENT//g" /etc/hosts
 for address in "${HOST[@]}"; do
  sudo sed -i "/$address/d" /etc/hosts
 done
 # Remove trailing newline
 sudo sed -i '${/^$/d}' /etc/hosts
 if [ -n "$IP" ]; then
  echo -e "Adding new addresses...\n"
  echo -e "# $COMMENT" | sudo tee -a /etc/hosts
  for address in "${HOST[@]}"; do
    echo -e "$IP\t$address" | sudo tee -a /etc/hosts
  done
 else
  echo "Cannot find address. Is the Vagrant box running?"
 fi
--- a/webserver.yml
+++ b/webserver.yml
@@ -1,25 +1,6 @@
 # Copyright (C) 2019  Free I.T. Athens
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, version 3 of the License.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 - name: Install FRITA Web Server
  hosts: all
-  become: yes
+  become: true
  roles:
-    - ansible
+    - docker
    - webserver
    #- wordpress
    #- nextcloud
    #- timetrex
    - mediawiki
Author	SHA1	Message	Date
Kris Lamoureux	a2b26a978b	testing	2022-11-18 04:11:08 -05:00
Kris Lamoureux	75ee5be87d	Deploy a simple webserver docker-compose stack The beginning of a revamp of FRITA infrastructure into containers	2022-11-18 02:51:49 -05:00
		`@@ -0,0 +1 @@`
							`webserver_root: "{{ docker_compose_root }}/webserver"`