refactor: Use new release process

.vscode/settings.json

@@ -1,3 +0,0 @@
-{
-    "ansible.python.interpreterPath": "/home/ptoal/.virtualenvs/ansible/bin/python"
-}

appwrite.json

@@ -0,0 +1,24 @@
+{
+    "projectId": "bab",
+    "projectName": "BAB",
+    "functions": [
+        {
+            "$id": "userinfo",
+            "name": "userinfo",
+            "runtime": "node-16.0",
+            "execute": ["any"],
+            "events": [],
+            "schedule": "",
+            "timeout": 15,
+            "enabled": true,
+            "logging": true,
+            "entrypoint": "src/main.js",
+            "commands": "npm install",
+            "ignore": [
+                "node_modules",
+                ".npm"
+            ],
+            "path": "functions/userinfo"
+        }
+    ]
+}

playbooks/clean_logs.yml

@@ -0,0 +1,29 @@
+---
+- name: Clean log directory
+  hosts: all
+  become: true
+  tasks:
+    - name: Find files in directory ending in .log or .log.tgz larger than 1GB
+      ansible.builtin.find:
+        paths: /var/log
+        patterns: 'testlog.*'
+        size: 1g
+      register: logfiles
+
+   #  - name: Copy files to archive server
+   #    ansible.builtin.copy:
+   #      src: "{{ item.path }}"
+   #      dest: "{{ archive_server_path }}/{{ item.path | basename }}"
+   #    delegate_to: "{{ archive_server }}"
+   #    loop: "{{ logfiles.files |flatten(levels=1) }}"
+
+    - name: Delete files
+      ansible.builtin.file:
+        path: "{{ item.path }}"
+        state: absent
+      loop: "{{ logfiles.files | flatten(levels=1) }}"
+      register: deleted_files
+
+    - name: Dump details on deletion
+      ansible.builtin.debug:
+        var: deleted_files

playbooks/deploy_application.yml

@@ -9,24 +9,15 @@
         suffix: .deploy
       register: tempdir
 
-    - name: Download zip file from url
+    - name: Download tar.gz file from url
       ansible.builtin.get_url:
         url: "{{ artifact_url }}"
-        dest: /{{ tempdir.path }}/BABFrontend.zip
+        dest: "/{{ tempdir.path }}/bab-release.tar.gz"
         mode: '0644'
 
-    # Temporary until this drops: https://github.com/ansible/ansible/issues/81092
-    - name: Unzip downloaded file
-      ansible.builtin.unarchive:
-        src: "{{ tempdir.path }}/BABFrontend.zip"
-        dest: "{{ tempdir.path }}"
-        list_files: true
-        remote_src: true
-      register: unzip_result
-
     - name: Extract tar into /usr/share/nginx/html/
       ansible.builtin.unarchive:
-        src: "{{ unzip_result.dest }}/{{ unzip_result.files[0] }}" # We expect exactly one tar file to be in the artifact.
+        src: "/{{ tempdir.path }}/bab-release.tar.gz"
         dest: /usr/share/nginx/html/
         remote_src: true
 

playbooks/files/database/boat.json

@@ -0,0 +1 @@
+{"total": 4, "documents": [{"name": "ProjectX", "displayName": "PX", "class": "J/27", "year": null, "imgSrc": "https://appwrite.toal.ca/v1/storage/buckets/663594f7001155eee5aa/files/663595c800394eaed548/view?project=65ede55a213134f2b688&mode=admin", "iconSrc": "https://appwrite.toal.ca/v1/storage/buckets/663594f7001155eee5aa/files/663595bd002db349c47b/view?project=65ede55a213134f2b688&mode=admin", "requiredCerts": [], "maxPassengers": 8, "defects": [], "bookingAvailable": null, "$id": "663594a70039a8408753", "$createdAt": "2024-05-04T01:51:35.800+00:00", "$updatedAt": "2024-05-04T01:59:25.214+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66341910003e287cd71c"}, {"name": "Take5", "displayName": "T5", "class": "J/27", "year": null, "imgSrc": "https://appwrite.toal.ca/v1/storage/buckets/663594f7001155eee5aa/files/663595c800394eaed548/view?project=65ede55a213134f2b688&mode=admin", "iconSrc": "https://appwrite.toal.ca/v1/storage/buckets/663594f7001155eee5aa/files/663595ad002e45213604/view?project=65ede55a213134f2b688&mode=admin", "requiredCerts": [], "maxPassengers": 8, "defects": [], "bookingAvailable": null, "$id": "663596b9000235ffea55", "$createdAt": "2024-05-04T02:00:24.871+00:00", "$updatedAt": "2024-05-04T02:00:24.871+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66341910003e287cd71c"}, {"name": "Wee Beestie", "displayName": "WB", "class": "Capri 25", "year": null, "imgSrc": "https://apidev.bab.toal.ca/v1/storage/buckets/663594f7001155eee5aa/files/663595d1002085458d4a/view?project=65ede55a213134f2b688", "iconSrc": null, "requiredCerts": [], "maxPassengers": 8, "defects": [], "bookingAvailable": null, "$id": "663597030029b71c7a9b", "$createdAt": "2024-05-04T02:01:39.517+00:00", "$updatedAt": "2024-05-04T02:29:32.827+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66341910003e287cd71c"}, {"name": "Just My Imagination", "displayName": "JMI", "class": "Siruis 28", "year": null, "imgSrc": "https://appwrite.toal.ca/v1/storage/buckets/663594f7001155eee5aa/files/663595980004adc65134/view?project=65ede55a213134f2b688&mode=admin", "iconSrc": null, "requiredCerts": [], "maxPassengers": 8, "defects": [], "bookingAvailable": true, "$id": "66359729003825946ae1", "$createdAt": "2024-05-04T02:02:17.749+00:00", "$updatedAt": "2024-05-04T11:08:42.882+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66341910003e287cd71c"}]}

playbooks/files/database/intervalTemplate.json

@@ -0,0 +1 @@
+{"total": 2, "documents": [{"name": "Weekend - Summer", "timeTuple": ["07:00", "11:00", "11:00", "15:00"], "$id": "663c17d70010075c2506", "$createdAt": "2024-05-09T00:24:54.989+00:00", "$updatedAt": "2024-05-09T02:27:55.456+00:00", "$permissions": ["read(\"user:65ede5a2ca44888379bd\")", "update(\"user:65ede5a2ca44888379bd\")", "delete(\"user:65ede5a2ca44888379bd\")"], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66361f480007fdd639af"}, {"name": "Weekday - Summer", "timeTuple": ["09:00", "12:00", "12:00", "15:00", "15:00", "18:00"], "$id": "663d0890001d054f9cd2", "$createdAt": "2024-05-09T17:32:00.192+00:00", "$updatedAt": "2024-05-10T12:32:42.320+00:00", "$permissions": ["read(\"user:65ede5a2ca44888379bd\")", "update(\"user:65ede5a2ca44888379bd\")", "delete(\"user:65ede5a2ca44888379bd\")"], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66361f480007fdd639af"}]}

playbooks/files/database/reservation.json

@@ -0,0 +1 @@
+{"total": 3, "documents": [{"user": "65ede5a2ca44888379bd", "start": "2024-05-13T16:00:00.000+00:00", "end": "2024-05-13T19:00:00.000+00:00", "resource": "66359729003825946ae1", "status": "tentative", "$id": "663f8a0b000d219e05c6", "$createdAt": "2024-05-11T15:08:58.860+00:00", "$updatedAt": "2024-05-14T01:50:04.662+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "663f8847000b8f5e29bb"}, {"user": "rich.ohare", "start": "2024-05-17T13:00:00.000+00:00", "end": "2024-05-17T16:00:00.000+00:00", "resource": "66359729003825946ae1", "status": "tentative", "$id": "663f8d880005f9c86b11", "$createdAt": "2024-05-11T15:23:51.749+00:00", "$updatedAt": "2024-05-14T01:49:19.743+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "663f8847000b8f5e29bb"}, {"user": "663e66b200284eb00659", "start": "2024-05-18T13:00:00.000+00:00", "end": "2024-05-18T16:00:00.000+00:00", "resource": "663597030029b71c7a9b", "status": "tentative", "$id": "6642bf91001a583ae6dc", "$createdAt": "2024-05-14T01:34:09.029+00:00", "$updatedAt": "2024-05-17T22:29:26.569+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "663f8847000b8f5e29bb"}]}

playbooks/files/database/skillTag.json

@@ -0,0 +1 @@
+{"total": 3, "documents": [{"name": "basic", "description": "Basic Skills", "tagColour": "", "$id": "660725e4666f2c2ed4b2", "$createdAt": "2024-03-29T20:34:44.420+00:00", "$updatedAt": "2024-04-07T16:19:07.205+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66072582a74d94a4bd01"}, {"name": "intermediate", "description": "Intermediate Skills", "tagColour": "", "$id": "660725f01f0c4fd286e9", "$createdAt": "2024-03-29T20:34:56.127+00:00", "$updatedAt": "2024-04-07T16:18:56.523+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66072582a74d94a4bd01"}, {"name": "advanced", "description": "Advanced Skills", "tagColour": "", "$id": "660725f9d40e34565514", "$createdAt": "2024-03-29T20:35:05.869+00:00", "$updatedAt": "2024-04-07T16:18:45.953+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "66072582a74d94a4bd01"}]}

playbooks/files/database/task.json

@@ -0,0 +1 @@
+{"total": 5, "documents": [{"title": "Wash Boat", "description": "Wash the deck, and hull<br>", "required_skills": ["660725e4666f2c2ed4b2"], "tags": ["65ee231947b1dceca3ef"], "duration": 2, "volunteers": [], "volunteers_required": 2, "status": "ready", "depends_on": [], "boat": "", "due_date": "2024-04-02T00:00:00.000+00:00", "$id": "660c73e3c42d9027ffde", "$createdAt": "2024-04-02T21:08:51.804+00:00", "$updatedAt": "2024-04-08T01:27:34.750+00:00", "$permissions": ["read(\"user:65ede5a2ca44888379bd\")", "update(\"user:65ede5a2ca44888379bd\")", "delete(\"user:65ede5a2ca44888379bd\")"], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "65ee1cd5b550023fae4f"}, {"title": "Float the plane", "description": "What does this have to do with boats?<br>", "required_skills": ["660725f9d40e34565514"], "tags": ["65ee231947b1dceca3ef"], "duration": 4, "volunteers": [], "volunteers_required": 2, "status": "ready", "depends_on": [null], "boat": "4", "due_date": "2024-04-05T00:00:00.000+00:00", "$id": "66109c930ed300707ad6", "$createdAt": "2024-04-06T00:51:31.061+00:00", "$updatedAt": "2024-05-03T18:27:55.819+00:00", "$permissions": ["read(\"user:65ede5a2ca44888379bd\")", "update(\"user:65ede5a2ca44888379bd\")", "delete(\"user:65ede5a2ca44888379bd\")"], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "65ee1cd5b550023fae4f"}, {"title": "Testing 123", "description": "This is a testing.<br>", "required_skills": ["660725e4666f2c2ed4b2", "660725f01f0c4fd286e9"], "tags": ["65ee231947b1dceca3ef", "65ee235be89c369cad44"], "duration": 2, "volunteers": [], "volunteers_required": 2, "status": "ready", "depends_on": [], "boat": "2", "due_date": "2024-04-06T00:00:00.000+00:00", "$id": "66118c702d4b5ed06979", "$createdAt": "2024-04-06T17:54:56.186+00:00", "$updatedAt": "2024-04-08T01:27:43.278+00:00", "$permissions": ["read(\"user:65ede5a2ca44888379bd\")", "update(\"user:65ede5a2ca44888379bd\")", "delete(\"user:65ede5a2ca44888379bd\")"], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "65ee1cd5b550023fae4f"}, {"title": "Repair Rudder ", "description": "Rudder is broken.&nbsp; Fix it", "required_skills": ["660725f01f0c4fd286e9"], "tags": ["65ee231947b1dceca3ef"], "duration": 5, "volunteers": [], "volunteers_required": 2, "status": "ready", "depends_on": [], "boat": "3", "due_date": "2024-04-12T00:00:00.000+00:00", "$id": "6614745a1f576420fbed", "$createdAt": "2024-04-08T22:48:58.128+00:00", "$updatedAt": "2024-04-08T22:48:58.128+00:00", "$permissions": ["read(\"user:65ede5a2ca44888379bd\")", "update(\"user:65ede5a2ca44888379bd\")", "delete(\"user:65ede5a2ca44888379bd\")"], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "65ee1cd5b550023fae4f"}, {"title": "Test 53", "description": "", "required_skills": [], "tags": [], "duration": 0, "volunteers": [], "volunteers_required": 0, "status": "ready", "depends_on": [], "boat": null, "due_date": "2024-05-03T00:00:00.000+00:00", "$id": "6634c914ec70293b93a1", "$createdAt": "2024-05-03T11:23:00.969+00:00", "$updatedAt": "2024-05-03T11:23:00.969+00:00", "$permissions": ["read(\"user:65ede5a2ca44888379bd\")", "update(\"user:65ede5a2ca44888379bd\")", "delete(\"user:65ede5a2ca44888379bd\")"], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "65ee1cd5b550023fae4f"}]}

playbooks/files/database/taskTag.json

@@ -0,0 +1 @@
+{"total": 2, "documents": [{"description": "Tasks required for Launch", "name": "launch", "colour": null, "$id": "65ee231947b1dceca3ef", "$createdAt": "2024-03-10T21:16:09.294+00:00", "$updatedAt": "2024-03-30T14:16:46.407+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "65ee21d72d5c8007c34c"}, {"description": "Tasks related to Haulout", "name": "haulout", "colour": null, "$id": "65ee235be89c369cad44", "$createdAt": "2024-03-10T21:17:15.952+00:00", "$updatedAt": "2024-03-30T14:16:32.125+00:00", "$permissions": [], "$databaseId": "65ee1cbf9c2493faf15f", "$collectionId": "65ee21d72d5c8007c34c"}]}

playbooks/install_appwrite.yml

@@ -47,10 +47,10 @@
     - name: Ensure appwrite image pulled from docker hub
       containers.podman.podman_image:
         name: docker.io/appwrite/appwrite
-        tag: 1.4.13
+        tag: 1.5.1
 
     - name: Ensure podman-compose.yml deployed
       ansible.builtin.copy:
-        src: podman-compose.yml
+        src: files/container-compose.yml
         dest: /home/ptoal/appwrite
         mode: '0644'

playbooks/install_nginx.yml

@@ -3,7 +3,10 @@
   hosts: all
   become: true
   tasks:
-
+    # This is incomplete
+    # - name: Certificates Installed
+    #   ansible.builtin.include_tasks:
+    #     file: upate_certificates.yml
     - name: Nginx Installed
       ansible.builtin.include_role:
         name: nginxinc.nginx_core.nginx

playbooks/investigate_high_cpu.yml

@@ -0,0 +1,62 @@
+---
+- name: Investigate High CPU
+  hosts: all
+  become: true
+  tasks:
+    - name: Gather information on top CPU consuming processes
+      ansible.builtin.command:
+        cmd: 'ps -eo pid,ppid,%mem,%cpu,cmd --sort=-%cpu'
+      register: processes_cpu
+      changed_when: false
+
+    - name: Gather information on top Memory consuming processes
+      ansible.builtin.command:
+        cmd: 'ps -eo pid,ppid,%mem,%cpu,cmd --sort=-%mem'
+      register: processes_mem
+      changed_when: false
+
+- name: Open Incident
+  hosts: all
+  tasks:
+    - name: Create Problem Template # noqa: no-relative-paths
+      ansible.builtin.template:
+        mode: '0644'
+        src: 'cpuhog_ticket.j2'
+        dest: /tmp/cpuhog_details.txt
+      delegate_to: localhost
+
+    - name: Create SNow Incident
+      servicenow.itsm.incident:
+        instance: '{{ snow_instance }}'
+        state: new
+        caller: "admin"
+        short_description: "CPUHog event detected on: {{ ansible_eda.event.alert.labels.instance }}"
+        description: "A CPUHog was detected on: {{ ansible_eda.event.alert.labels.instance }} that needs to be investigated."
+        impact: high
+        urgency: high
+      delegate_to: localhost
+      register: incident_result
+
+    - name: Create SNow Problem
+      servicenow.itsm.problem:
+        instance: '{{ snow_instance }}'
+        state: new
+        short_description: "{{ alertmanager_annotations.summary }}"
+        description: "Generator URL: {{ alertmanager_generator_url }}"
+        impact: high
+        urgency: high
+        attachments:
+          - path: /tmp/cpuhog_details.txt
+            name: cpuhog_details.txt
+            type: 'text/plain'
+      register: problem_result
+      delegate_to: localhost
+
+    - name: Update Incident
+      servicenow.itsm.incident:
+        instance: '{{ snow_instance }}'
+        state: in_progress
+        number: "{{ incident_result.record.number }}"
+        other:
+          problem_id: "{{ problem_result.record.number }}"
+      delegate_to: localhost

playbooks/load_data.yml

@@ -0,0 +1,46 @@
+---
+- name: Provision Beta Test User Accounts
+  hosts: appwrite
+  gather_facts: false
+  tasks:
+
+    - name: Load json for boats
+      ansible.builtin.set_fact:
+        boat_docs: "{{ lookup( 'ansible.builtin.file', 'files/database/boat.json' ) | ansible.builtin.from_json  }}"
+        interval_template_docs: "{{ lookup( 'ansible.builtin.file', 'files/database/intervalTemplate.json' ) | ansible.builtin.from_json  }}"
+
+    - name: Use Appwrite REST API to Load data
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases/{{ bab_database.id }}/collections/boat/documents"
+        method: POST
+        body_format: json
+        headers:
+          X-Appwrite-Response-Format: '{{ appwrite_response_format }}'
+          X-Appwrite-Project: '{{ appwrite_project }}'
+          X-Appwrite-Key: '{{ appwrite_api_key }}'
+        body:
+          documentId: "{{ item['$id'] }}"
+          data: "{{ item| ansible.utils.remove_keys(target=['$id','$databaseId','$collectionId']) }}"
+        status_code: [201, 409]
+        return_content: true
+      register: appwrite_api_result
+      loop: '{{ boat_docs.documents }}'
+      delegate_to: localhost
+
+    - name: Use Appwrite REST API to Load IntervalTemplate data
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases/{{ bab_database.id }}/collections/intervalTemplate/documents"
+        method: POST
+        body_format: json
+        headers:
+          X-Appwrite-Response-Format: '{{ appwrite_response_format }}'
+          X-Appwrite-Project: '{{ appwrite_project }}'
+          X-Appwrite-Key: '{{ appwrite_api_key }}'
+        body:
+          documentId: "{{ item['$id'] }}"
+          data: "{{ item| ansible.utils.remove_keys(target=['$id','$databaseId','$collectionId']) }}"
+        status_code: [201, 409]
+        return_content: true
+      register: appwrite_api_result
+      loop: '{{ interval_template_docs.documents }}'
+      delegate_to: localhost

playbooks/provision_database.yml

@@ -0,0 +1,59 @@
+---
+# TODO: This doesn't have any real idempotency.  Can't compare current and desired states.
+- name: Provision Database
+  hosts: appwrite
+  gather_facts: false
+  module_defaults:
+    ansible.builtin.uri:
+      body_format: json
+      headers:
+        X-Appwrite-Response-Format: '{{ appwrite_response_format }}'
+        X-Appwrite-Project: '{{ appwrite_project }}'
+        X-Appwrite-Key: '{{ appwrite_api_key }}'
+      return_content: true
+  tasks:
+    - name: Use Appwrite REST API to create new database
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases"
+        method: POST
+        body:
+          databaseId: "{{ bab_database.id }}"
+          name: "{{ bab_database.name }}"
+          enabled: "{{ bab_database.enabled }}"
+        status_code: [201, 409]
+      register: appwrite_api_result
+      delegate_to: localhost
+
+    - name: Create Collections
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases/{{ bab_database.id }}/collections/"
+        method: POST
+        body:
+          collectionId: "{{ item.id }}"
+          name: "{{ item.name }}"
+          permissions: "{{ item.permissions }}"
+        status_code: [201, 409]
+      register: appwrite_api_result
+      loop: '{{ db_schema.collections }}'
+      delegate_to: localhost
+
+    # - name: Create Attributes
+    #   ansible.builtin.debug:
+    #     msg: "{{ lookup('ansible.builtin.template', 'appwrite_attribute_template.json.j2') }}"
+    #   register: appwrite_api_result
+    #   loop: "{{ bab_database.collections | subelements('attributes', skip_missing=True) }}"
+    # #   delegate_to: localhost
+
+    - name: Create Attributes
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases/{{ bab_database.id }}/collections/{{ item[0].id }}/attributes/{{ ( item[1].format is defined and item[1].format != '' ) |ternary(item[1].format, item[1].type) }}"
+        method: POST
+        body: "{{ lookup('ansible.builtin.template', 'appwrite_attribute_template.json.j2') }}"
+        status_code: [202, 409]
+      register: appwrite_api_result
+      loop: "{{ db_schema.collections | subelements('attributes', skip_missing=True) }}"
+      delegate_to: localhost
+
+    # - name: Display response
+    #   ansible.builtin.debug:
+    #     var: appwrite_api_result

playbooks/provision_users.yml

@@ -1,6 +1,6 @@
 ---
 - name: Provision Beta Test User Accounts
-  hosts: apidev.bab.toal.ca
+  hosts: appwrite:&prod
   gather_facts: false
   tasks:
     - name: Use Appwrite REST API to create new user
@@ -24,6 +24,7 @@
       register: appwrite_api_result
       loop: '{{ bab_users }}'
       delegate_to: localhost
+      no_log: true
 
     - name: Display response
       ansible.builtin.debug:

playbooks/read_database.yml

@@ -0,0 +1,52 @@
+---
+- name: Gather Information about Database
+  hosts: appwrite:&dev
+  gather_facts: false
+  module_defaults:
+    ansible.builtin.uri:
+      body_format: json
+      headers:
+        X-Appwrite-Response-Format: '{{ appwrite_response_format }}'
+        X-Appwrite-Project: '{{ appwrite_project }}'
+        X-Appwrite-Key: '{{ appwrite_api_key }}'
+      return_content: true
+  tasks:
+    - name: Get Users
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/users"
+        method: GET
+      register: appwrite_api_result
+      delegate_to: localhost
+
+    - name: Display response
+      ansible.builtin.debug:
+        var: appwrite_api_result
+
+    - name: Get database info
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases/{{ bab_database.id }}"
+        method: GET
+      register: appwrite_api_result
+      delegate_to: localhost
+
+    - name: Get collection info
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases/{{ bab_database.id }}/collections"
+        method: GET
+      register: appwrite_collections
+      delegate_to: localhost
+
+    - name: Get documents from each table
+      ansible.builtin.uri:
+        url: "{{ appwrite_api_uri }}/databases/{{ bab_database.id }}/collections/{{ item['$id'] }}/documents"
+        method: GET
+      loop: "{{ appwrite_collections.json.collections }}"
+      delegate_to: localhost
+      register: document_results
+
+    - name: Save Data
+      ansible.builtin.copy:
+        dest: 'files/database/{{ item.item.name }}.json'
+        content: '{{ item.json }}'
+      loop: "{{ document_results.results }}"
+      delegate_to: localhost

playbooks/templates/appwrite_attribute_template.json.j2

@@ -0,0 +1,11 @@
+{
+  "key": "{{ item[1].key }}",
+  "required": {{ item[1].required }},
+  {% if item[1].default is defined and item[1].default and item[1].default != "null" %}"default": "{{ item[1].default }}",{% endif %}
+  {% if item[1].array is defined %}"array": {{ item[1].array }}, {% endif %}
+  {% if item[1].elements is defined %}"elements": [{% for e in item[1].elements %}"{{ e }}"{%- if not loop.last %},{% endif %}{% endfor %}],{% endif %}
+  {% if item[1].min is defined %}"min": {{ item[1].min | int }},{% endif %}
+  {% if item[1].max is defined %}"max": {{ item[1].max | int }},{% endif %}
+  {% if item[1].size is defined %}"size": {{ item[1].size | int }},{% endif %}
+  {% if item[1].encrypt is defined %}"encrypt": {{ item[1].encrypt }}{% endif%}
+}

playbooks/templates/cpuhog_ticket.j2

@@ -0,0 +1,19 @@
+= CPUHog Report =
+A high CPU event was triggered from AlertManager.
+
+{% if ansible_eda is defined %}
+Annotations: "{{ ansible_eda.event.alert.annotations }}"
+Generator URL: "{{ ansible_eda.event.alert.generatorURL }}"
+Severity: "{{ ansible_eda.event.alert.labels.severity }}"
+Instance: "{{ ansible_eda.event.alert.labels.instance }}"
+{% endif %}
+
+** Top CPU Consumers **
+{% for line in processes_cpu.stdout_lines[0:10] %}
+{{ line }}
+{% endfor %}
+
+** Top Memory Consumers **
+{% for line in processes_mem.stdout_lines[0:10] %}
+{{ line }}
+{% endfor %}

rulebooks/alertmanager_listener.yml

@@ -4,17 +4,45 @@
   sources:
     - name: Ansible Alertmanager listener
       ansible.eda.alertmanager:
-        port: 9100
+        port: 9101
         host: 0.0.0.0
   rules:
-    - name: Run Template
+    - name: Resolve Disk Usage
       condition:
         all:
-          - event.payload.data.artifact_url is defined
-      action:
-        run_job_template:
-          name: bab-deploy-application
-          organization: OYS
-          job_args:
-            extra_vars:
-              artifact_url: "{{ event.payload.data.artifact_url }}"
+          - event.alert.labels.org == "OYS" and event.alert.status == "firing"
+            and event.alert.labels.alertname == "root filesystem over 80% full"
+      actions:
+        - run_job_template:
+            name: Demo - Clean Log Directory
+            organization: OYS
+            job_args:
+              extra_vars:
+                alertmanager_annotations: "{{ event.alert.annotations }}"
+                alertmanager_generator_url: "{{ event.alert.generatorURL }}"
+                event_mountpoint: "{{ event.alert.labels.mountpoint }}"
+                alertmanager_instance: "{{ event.alert.labels.instance }}"
+
+    - name: Investigate High CPU
+      condition:
+        all:
+          - event.alert.labels.org == "OYS" and event.alert.status == "firing"
+            and event.alert.labels.alertname == "ProcessCPUHog"
+      actions:
+        - print_event:
+            pretty: true
+        - run_job_template:
+            name: Demo - Investigate High CPU
+            organization: OYS
+            job_args:
+              extra_vars:
+                alertmanager_annotations: "{{ event.alert.annotations }}"
+                alertmanager_generator_url: "{{ event.alert.generatorURL }}"
+                event_severity: "{{ event.alert.labels.severity }}"
+                alertmanager_instance: "{{ event.alert.labels.instance }}"
+
+    - name: Test Contact Point
+      condition: event.alert.labels.alertname == "TestAlert" and event.alert.labels.org == "OYS"
+      actions:
+        - print_event:
+            pretty: true

update_certificates.yml

@@ -0,0 +1,51 @@
+---
+- name: Request and INstall Certs from Red Hat IdM
+  hosts: webservers
+  become: true
+
+  tasks:
+    - name: Ensure the IPA client and OpenSSL are installed
+      ansible.builtin.package:
+        name:
+          - ipa-client
+          - openssl
+        state: present
+
+    - name: Generate private key
+      community.crypto.openssl_privatekey:
+        path: "{{ key_path }}"
+        size: 2048
+
+    - name: Generate CSR
+      community.crypto.openssl_csr:
+        path: "{{ csr_path }}"
+        privatekey_path: "{{ key_path }}"
+        common_name: "{{ ansible_fqdn }}"
+        subject: "{{ cert_subject }}"
+        key_usage:
+          - digitalSignature
+          - keyEncipherment
+        extended_key_usage:
+          - serverAuth
+
+    - name: Request a certificate from IdM
+      redhat.rhel_idm.ipacert:
+        ipaadmin_password: "{{ ipa_admin_password }}"
+        csr_path: "{{ csr_path }}"
+        principal: "HTTP/{{ ansible_fqdn }}@{{ ipa_domain }}"
+        cert_profile: "HTTP_Server"
+        cert_out_path: "{{ cert_path }}"
+      register: cert_result
+
+    - name: Install the certificate
+      ansible.builtin.copy:
+        content: "{{ cert_result.certificate }}"
+        dest: "{{ cert_path }}"
+      notify:
+        - restart web server
+
+  handlers:
+    - name: restart web server
+      ansible.builtin.service:
+        name: httpd
+        state: restarted