Rearrange playbooks. Add EDA

2023-12-20 17:50:56 -05:00
parent 39f379ae1e
commit d3e99ef12b
6 changed files with 14 additions and 0 deletions
--- a/playbooks/configure_act_runner.yml
+++ b/playbooks/configure_act_runner.yml
@@ -0,0 +1,43 @@
+---
+- name: Configure act_runner for gitea
+  hosts: bab1.mgmt.toal.ca
+  vars:
+    runner_user: ptoal
+  tasks:
+
+    - name: Act Runner is downloaded
+      ansible.builtin.get_url:
+        url:
+          https://dl.gitea.com/act_runner/0.2.6/act_runner-0.2.6-linux-amd64
+        dest: /home/{{ runner_user }}/act_runner
+        mode: '0755'
+        force: true
+
+    - name: Ensure act_runner.service file in config directory
+      ansible.builtin.template:
+        dest: /home/{{ runner_user }}/.config/systemd/user/act_runner.service
+        src: act_runner.service
+        mode: '0644'
+      notify: daemon-reload
+
+    - name: Enable lingering for user
+      ansible.builtin.command:
+        argv:
+          - /usr/bin/loginctl
+          - enable-linger
+          - "{{ runner_user }}"
+        creates: /var/lib/systemd/linger/{{ runner_user }}
+
+    - name: Enable act_runner.service user unit to start on boot
+      ansible.builtin.systemd:
+        name: act_runner.service
+        scope: user
+        enabled: true
+        state: started
+
+  handlers:
+    - name: Execute daemon-reload when service file changed
+      ansible.builtin.systemd:
+        daemon_reload: true
+        scope: user
+      listen: "daemon-reload"
--- a/playbooks/deploy_application.yml
+++ b/playbooks/deploy_application.yml
@@ -0,0 +1,23 @@
+---
+- name: Deploy BAB Frontend Application
+  hosts: bab1.mgmt.toal.ca
+  become: false
+  vars:
+    artifact_version: 0.0.2
+    artifact_job: 11
+    artifact_url: https://gitea.toal.ca/oys/bab-app/actions/runs/{{ artifact_job }}/artifacts/build-artifact-{{ artifact_version }}.{{ artifact_job }}
+  tasks:
+    - name: Download zip file from url
+      ansible.builtin.get_url:
+        url: "{{ artifact_url }}"
+        dest: /tmp/BABFrontend.zip
+        mode: '0644'
+
+    # Temporary until this drops: https://github.com/ansible/ansible/issues/81092
+    - name: Unzip file to web dir
+      ansible.builtin.command: unzip -o /tmp/BABFrontend.zip -d /usr/share/nginx/html/
+
+    - name: Clean up artifact download
+      ansible.builtin.file:
+        path: /tmp/BABFrontend.zip
+        state: absent
--- a/playbooks/install_appwrite.yml
+++ b/playbooks/install_appwrite.yml
@@ -0,0 +1,56 @@
+---
+- name: Prepare Backend Host for BAB
+  hosts: bab1.mgmt.toal.ca
+  become: true
+
+  tasks:
+    - name: Update all packages to latest
+      ansible.builtin.dnf:
+        name: "*"
+        state: latest
+        update_only: true
+
+    - name: CodeReady Builder Repo Enabled
+      community.general.rhsm_repository:
+        name: "codeready-builder-for-rhel-9-{{ ansible_architecture }}-rpms"
+        state: enabled
+
+    - name: EPEL GPG Key installed
+      ansible.builtin.rpm_key:
+        key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-9
+        state: present
+        fingerprint: 'FF8A D134 4597 106E CE81  3B91 8A38 72BF 3228 467C'
+
+    - name: Dependencies are installed
+      ansible.builtin.dnf:
+        name:
+          - podman
+          - https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
+        state: present
+
+    - name: Ensure podman-compose installed
+      ansible.builtin.dnf:
+        name:
+          - podman-compose
+
+- name: Userspace setup
+  hosts: bab1.mgmt.toal.ca
+  tasks:
+
+    - name: Ensure podman socket enabled
+      ansible.builtin.systemd:
+        name: podman.socket
+        scope: user
+        enabled: true
+        state: started
+
+    - name: Ensure appwrite image pulled from docker hub
+      containers.podman.podman_image:
+        name: docker.io/appwrite/appwrite
+        tag: 1.4.13
+
+    - name: Ensure podman-compose.yml deployed
+      ansible.builtin.copy:
+        src: podman-compose.yml
+        dest: /home/ptoal/appwrite
+        mode: '0644'
--- a/playbooks/install_nginx.yml
+++ b/playbooks/install_nginx.yml
@@ -0,0 +1,33 @@
+---
+- name: Ensure Nginx is installed and configured
+  hosts: all
+  become: true
+  tasks:
+
+    - name: Nginx Installed
+      ansible.builtin.include_role:
+        name: nginxinc.nginx_core.nginx
+
+    - name: Nginx Configured to serve Front-end Application
+      ansible.builtin.include_role:
+        name: nginxinc.nginx_core.nginx_config
+
+    - name: Ensure python firewall library is installed
+      ansible.builtin.package:
+        name: python3-firewall
+        state: present
+
+    - name: Ensure firewalld is enabled
+      ansible.builtin.service:
+        name: firewalld
+        enabled: true
+
+    - name: Ensure firewall ports are open
+      ansible.posix.firewalld:
+        port: "{{ item }}"
+        permanent: true
+        immediate: true
+        state: enabled
+      loop:
+        - 80/tcp
+        - 22/tcp
--- a/playbooks/provision_users.yml
+++ b/playbooks/provision_users.yml
@@ -0,0 +1,30 @@
+---
+- name: Provision Beta Test User Accounts
+  hosts: apidev.bab.toal.ca
+  gather_facts: false
+  tasks:
+    - name: Use Appwrite REST API to create new user
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/users/argon2"
+        method: POST
+        body_format: json
+        headers:
+          Content-Type: application/json
+          X-Appwrite-Response-Format: '{{ appwrite_response_format }}'
+          X-Appwrite-Project: '{{ appwrite_project }}'
+          X-Appwrite-Key: '{{ appwrite_api_key }}'
+
+        body:
+          userId: "{{ item.userid }}"
+          password: "{{ item.password }}"
+          email: "{{ item.email | default(omit) }}"
+          name: "{{ item.name }}"
+        status_code: [201, 409]
+        return_content: true
+      register: appwrite_api_result
+      loop: '{{ bab_users }}'
+      delegate_to: localhost
+
+    - name: Display response
+      ansible.builtin.debug:
+        var: appwrite_api_result