Merge pull request 'db-deploy' (#1) from db-deploy into master

Reviewed-on: #1
2022-10-08 17:13:19 +00:00 · 2022-10-08 17:13:19 +00:00 · 29a040751a
commit 29a040751a
parent 4c465044ef a844e10970
22 changed files with 242 additions and 7 deletions
--- a/server/.travis.yml
+++ b/server/.travis.yml
--- a/server/README.md
+++ b/server/README.md
--- a/server/defaults/main.yml
+++ b/server/defaults/main.yml
--- a/db/files/docker-compose-server.yml
+++ b/db/files/docker-compose-server.yml
@ -0,0 +1,30 @@
 version: "3.3"
 services:
  db:
    image: postgres
    volumes:
      - app-db-data:/var/lib/postgresql/data/pgdata
    env_file:
      - .env
    environment:
      - PGDATA=/var/lib/postgresql/data/pgdata
    ports:
      - "54321:5432"
  redis:
    image: redis/redis-stack-server:latest
    ports:
      - "63791:6379"
  liquibase:
    build:
      context: ./covas-liquibase
      dockerfile: Dockerfile
    depends_on:
      - db
    command:
      - "update"
 volumes:
  app-db-data:
--- a/server/handlers/main.yml
+++ b/server/handlers/main.yml
--- a/server/meta/main.yml
+++ b/server/meta/main.yml
--- a/db/tasks/deploy-db.yml
+++ b/db/tasks/deploy-db.yml
@ -0,0 +1,34 @@
 # deploy db postgresql, liquibase and redis
 - name: git archive local
  local_action:
    module: git
    repo: "https://{{ git_username | urlencode }}:{{ git_password | urlencode }}@git.valczeryba.ovh/v4l3n71n/covas-liquibase.git"
    dest: "/home/valentin/src/"
    archive: "/tmp/covas-liquibase.tar.gz"
    force: yes
    update: yes
  run_once: True
 - name: Create directory
  file: 
    path: "/home/valentin/{{ item }}"
    state: directory
  with_items:
    - db
    - db/covas-liquibase
 - name: Extract covas liquibase
  unarchive:
    src: "/tmp/covas-liquibase.tar.gz"
    dest: "/home/valentin/db/covas-liquibase"
 - name: Template env file
  template:
    src: env.j2
    dest: /home/valentin/db/.env
 - name: Copy docker compose server file
  copy:
    src: docker-compose-server.yml
    dest: /home/valentin/db/docker-compose.yml
--- a/db/tasks/main.yml
+++ b/db/tasks/main.yml
@ -0,0 +1,23 @@
 ---
 # tasks file for server
 # include task db
 - name: Deploy database postgresql and redis
  ansible.builtin.import_tasks: deploy-db.yml
  tags: ["start-with-deploy", "deploy"]
 - name: Start db postgresql and redis
  ansible.builtin.import_tasks: start-db.yml
  tags: ["start-with-deploy", "start"]
 - name: stop db postgresql and redis
  ansible.builtin.import_tasks: stop-db.yml
  tags: ["destroy", "stop"]
 - name: Remove db
  ansible.builtin.import_tasks: remove-db.yml
  tags: ["destroy"]
--- a/db/tasks/remove-db.yml
+++ b/db/tasks/remove-db.yml
@ -0,0 +1,18 @@
 # remove db 
 - name: Stopping existing service
  community.docker.docker_compose:
    project_src: /home/valentin/db
    state: absent
    remove_volumes: yes
    remove_images: local
  register: output
 - name: Debug output
  debug:
    var: output
 - name: Remove project covas db
  file:
    path: /home/valentin/db
    state: absent
--- a/db/tasks/start-db.yml
+++ b/db/tasks/start-db.yml
@ -0,0 +1,34 @@
 # start services db
 - name: Stopping existing service
  community.docker.docker_compose:
    project_src: /home/valentin/db
 - name: Starting service
  community.docker.docker_compose:
    project_src: /home/valentin/db
  register: output
 - name: debug output
  debug: 
    var: output
 - name: Allow port postgresql 
  ansible.builtin.iptables:
    chain: INPUT
    protocol: tcp
    destination_port: 54321
    jump: ACCEPT
    state: present
  become: yes
  become_method: sudo
 - name: Allow port redis 
  ansible.builtin.iptables:
    chain: INPUT
    protocol: tcp
    destination_port: 63791
    jump: ACCEPT
    state: present
  become: yes
  become_method: sudo
--- a/db/tasks/stop-db.yml
+++ b/db/tasks/stop-db.yml
@ -0,0 +1,34 @@
 # stop services db and redis 
 - name: Disallow port postgresql 
  ansible.builtin.iptables:
    chain: INPUT
    protocol: tcp
    destination_port: 54321
    jump: ACCEPT
    state: absent
  become: yes
  become_method: sudo
 - name: Disallow port redis 
  ansible.builtin.iptables:
    chain: INPUT
    protocol: tcp
    destination_port: 63791
    jump: ACCEPT
    state: absent
  become: yes
  become_method: sudo
 - name: Stopping existing service
  community.docker.docker_compose:
    project_src: /home/valentin/db
    state: present
    stopped: yes
  register: output
 - name: Debug output
  debug:
    var: output
--- a/db/templates/env.j2
+++ b/db/templates/env.j2
@ -0,0 +1,3 @@
 POSTGRES_PASSWORD={{ postgres_password }}
 POSTGRES_USER={{ postgres_user }}
 POSTGRES_DB={{ postgres_db }}
--- a/server/vars/main.yml
+++ b/server/vars/main.yml
--- a/0
+++ b/0
--- a/inventory/all
+++ b/inventory/all
--- a/inventory/group_vars/db
+++ b/inventory/group_vars/db
@ -0,0 +1 @@
 postgres_db: toto
--- a/inventory/group_vars/db_vault
+++ b/inventory/group_vars/db_vault
@ -0,0 +1,10 @@
 $ANSIBLE_VAULT;1.1;AES256
 35323139356565316333376432336436666566666631363635366235316435313536373765383234
 6664623264396635643636663865626130616135326230610a373064656264323233663563623930
 38373762363331663632343036336139663833616638653361363535643239643166363435613764
 3864363664303836380a363739653638623639663262356532656262393862323164656531393531
 35663166376632663734356666306433383363386236613330663536326432306561653665356533
 64396538376432336532343366393938363963656432353638346165313836373136343433623435
 65626138633637653631386663386462623633656434363761623366626565396362663864613166
 33346136386532636132613532626133376534326339646161356461346434626335376661656534
 32343936616335376563363131643938333833376231663862333961383566666137
--- a/inventory/hosts
+++ b/inventory/hosts
@ -0,0 +1,7 @@
 vps ansible_connection=ssh ansible_host=51.222.107.37 ansible_port=2424 ansible_user=valentin
 [db]
 vps
 [db_vault:children]
 db
--- a/main.tf
+++ b/main.tf
@ -0,0 +1,43 @@
 terraform {
  required_providers {
    scaleway = {
      source = "scaleway/scaleway"
    }
  }
  required_version = ">= 0.13"
 }
 resource "scaleway_k8s_cluster" "terraform-test" {
   name    = "terraform-test"
   version = "1.24.3"
   cni     = "cilium"
   project_id = "81af2696-6120-4f45-baf3-d17fb0525824"
   region = "fr-par"
 }
 resource "scaleway_k8s_pool" "john" {
   cluster_id = scaleway_k8s_cluster.terraform-test.id
   name       = "john"
   node_type  = "DEV1-M"
   size       = 1
 }
 resource "null_resource" "kubeconfig" {
  depends_on = [scaleway_k8s_pool.john] # at least one pool here
  triggers = {
    host                   = scaleway_k8s_cluster.terraform-test.kubeconfig[0].host
    token                  = scaleway_k8s_cluster.terraform-test.kubeconfig[0].token
    cluster_ca_certificate = scaleway_k8s_cluster.terraform-test.kubeconfig[0].cluster_ca_certificate
  }
 }
 provider "kubernetes" {
  load_config_file = "false"
  host  = null_resource.kubeconfig.triggers.host
  token = null_resource.kubeconfig.triggers.token
  cluster_ca_certificate = base64decode(
  null_resource.kubeconfig.triggers.cluster_ca_certificate
  )
 }
--- a/playbook.yml
+++ b/playbook.yml
@ -0,0 +1,5 @@
 ---
 - hosts: db
  remote_user: valentin
  roles:
    - db
--- a/server/tasks/main.yml
+++ b/server/tasks/main.yml
@ -1,2 +0,0 @@
 ---
 # tasks file for server
--- a/test.yml
+++ b/test.yml
@ -1,5 +0,0 @@
 ---
 - hosts: localhost
  remote_user: root
  roles:
    - server