From 80d4b75dbc027a5ca4af9c5ce1bfe5d5467e1a38 Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 11 Dec 2024 16:34:01 +0100 Subject: [PATCH 1/7] demo --- ansible.cfg | 4 ++-- controller.sh | 9 +++------ inventory/vagrant/group_vars/all.yml | 6 ++++++ inventory/vagrant/group_vars/database.yml | 17 +++++++++++++++++ inventory/vagrant/group_vars/semaphore.yml | 10 ++++++++++ inventory/vagrant/hosts | 17 +++++++++++++++++ 6 files changed, 55 insertions(+), 8 deletions(-) create mode 100644 inventory/vagrant/group_vars/all.yml create mode 100644 inventory/vagrant/group_vars/database.yml create mode 100644 inventory/vagrant/group_vars/semaphore.yml create mode 100644 inventory/vagrant/hosts diff --git a/ansible.cfg b/ansible.cfg index 2f45534..774540d 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -6,9 +6,9 @@ roles_path = galaxy_roles:roles executable = /bin/bash ; set inventory here, or on the command-line when running Ansible. -; dev is for Vagrant VirtualBox on Mac +; vagrant is for Vagrant on Windows with Hyper-V, VMWare Desktop or VirtualBox ; local is for localhost, assuming AlmaLinux or Rocky -inventory = inventory/local/hosts +inventory = inventory/vagrant/hosts ; Vagrant hosts are ephemeral set to true when promoting beyond test. host_key_checking = False diff --git a/controller.sh b/controller.sh index eeeaaf6..42b28c0 100644 --- a/controller.sh +++ b/controller.sh @@ -1,8 +1,6 @@ #!/bin/bash -eux -export DB_PASS=your_database_password -export SSH_PASSPHRASE=KeyWillBeGeneratedWithAPassphrase - -# When this is a RHEL8 variant +# vagrant inventory, do not use for production +# Runs on a RHEL8 VM if [ -e /etc/redhat-release ]; then major=$(tr -dc '0-9.' < /etc/redhat-release | cut -d \. -f1) if ((major == 8)) @@ -24,5 +22,4 @@ sudo pip3.12 install jmespath ansible --version (git clone https://github.com/playingfield/controller.git) cd controller && source ansible.sh && ./prepare.sh -echo $DB_PASS $SSH_PASSPHRASE -./provision.yml -i inventory/local/hosts -v +./provision.yml -v diff --git a/inventory/vagrant/group_vars/all.yml b/inventory/vagrant/group_vars/all.yml new file mode 100644 index 0000000..bffcf69 --- /dev/null +++ b/inventory/vagrant/group_vars/all.yml @@ -0,0 +1,6 @@ +--- +docker_install_compose: true +docker_install_compose_plugin: true +postgres_listen_addresses: '127.0.0.1' +server_name: "{{ lookup('env', 'HOSTNAME') }}" +ssh_passphrase: KeyWillBeGeneratedWithAPassphrase diff --git a/inventory/vagrant/group_vars/database.yml b/inventory/vagrant/group_vars/database.yml new file mode 100644 index 0000000..3ac33c6 --- /dev/null +++ b/inventory/vagrant/group_vars/database.yml @@ -0,0 +1,17 @@ +--- +postgres_enabled: true +postgres_version: 15 +# Postgresql users and databases/schemas +database: + postgres: + name: postgres + owner: postgres + username: postgres + password: your_database_password + enabled: true + semaphore: + name: semaphore + owner: semaphore + username: semaphore + password: your_database_password + enabled: true diff --git a/inventory/vagrant/group_vars/semaphore.yml b/inventory/vagrant/group_vars/semaphore.yml new file mode 100644 index 0000000..364949c --- /dev/null +++ b/inventory/vagrant/group_vars/semaphore.yml @@ -0,0 +1,10 @@ +--- +semaphore_web_root: 'https://20.224.75.82' +nginx_add_repo: false + + +use_docker: true +use_opentofu: false +use_powershell: true +use_terraform: true +terraform_ver: 1.8.2 diff --git a/inventory/vagrant/hosts b/inventory/vagrant/hosts new file mode 100644 index 0000000..78a1c92 --- /dev/null +++ b/inventory/vagrant/hosts @@ -0,0 +1,17 @@ +[local:children] +control + +[control:children] +database +semaphore +web + +[database] +controller ansible_host=localhost +[semaphore] +controller ansible_host=localhost +[web] +controller ansible_host=localhost + +[local:vars] +ansible_connection=local From 23fcb95975d9a59401c38e613ef10dcc9464e174 Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 11 Dec 2024 16:35:49 +0100 Subject: [PATCH 2/7] controller.sh --- controller.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 controller.sh diff --git a/controller.sh b/controller.sh old mode 100644 new mode 100755 From 73dc190cbe14e2cddfc7543f7010b96a49964d04 Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 11 Dec 2024 16:47:33 +0100 Subject: [PATCH 3/7] debug --- controller.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/controller.sh b/controller.sh index 42b28c0..379e37d 100755 --- a/controller.sh +++ b/controller.sh @@ -20,6 +20,6 @@ fi # /etc/alternatives/pip3 will point to 3.6, ansible uses 3.12 sudo pip3.12 install jmespath ansible --version -(git clone https://github.com/playingfield/controller.git) +(git clone https://github.com/playingfield/controller.git || /bin/true) cd controller && source ansible.sh && ./prepare.sh -./provision.yml -v +./provision.yml -v -e debug=true From dfc1aa01fe667ce0f1b7a4d33f58bc3e0c945886 Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 11 Dec 2024 16:58:41 +0100 Subject: [PATCH 4/7] ENV --- Vagrantfile | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/Vagrantfile b/Vagrantfile index 2d695a3..3ddaaff 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -5,9 +5,14 @@ Vagrant.require_version ">= 2.0.0" +# Define environment variables DB_PASS and SSH_PASSPHRASE for your security +$DbPass = ENV['DB_PASS'] || "your_database_password" +$SshPassphrase = ENV['SSH_PASSPHRASE'] || "KeyWillBeGeneratedWithAPassphrase" + # Select the config file from the STAGE environment variable (dev or test) # VM Configs are loaded from json files. -$Stage = ENV['STAGE'] || "dev" +$Stage = ENV['STAGE'] || "vagrant" + # Require JSON module require 'json' # Read JSON file with config details @@ -77,6 +82,6 @@ Vagrant.configure(2) do |config| end end end - # install - config.vm.provision "shell", privileged: false, path: "controller.sh" + # install ansible+controller in the VM + config.vm.provision "shell", privileged: false, path: "controller.sh", env: {"DB_PASS"=>$DbPass, "SSH_PASS"=>$SshPassphrase} end From 8fc52140084b4fa50005832805880a8433dd949a Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 11 Dec 2024 17:00:50 +0100 Subject: [PATCH 5/7] json --- inventory/vagrant/vagrant.json | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 inventory/vagrant/vagrant.json diff --git a/inventory/vagrant/vagrant.json b/inventory/vagrant/vagrant.json new file mode 100644 index 0000000..20f7576 --- /dev/null +++ b/inventory/vagrant/vagrant.json @@ -0,0 +1,17 @@ +[ + { + "name": "controller", + "autostart": true, + "cpus": 4, + "distro": "almalinux", + "family": "RedHat", + "gui": false, + "box": "almalinux/8", + "ip_addr": "10.0.0.206", + "memory": "8192", + "no_share": true, + "primary": true, + "app_port": "3128", + "forwarded_port": "3128" + } +] From 8754690fd3d4b65e79b0a35cc525be30d685350b Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 11 Dec 2024 17:09:27 +0100 Subject: [PATCH 6/7] assert DB_PASS --- provision.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/provision.yml b/provision.yml index 038622f..c9b42f5 100755 --- a/provision.yml +++ b/provision.yml @@ -10,13 +10,13 @@ pre_tasks: - name: Lookup DB_PASS in environment variables - when: desired_state is not defined or desired_state == 'absent' + when: desired_state == 'present' ansible.builtin.set_fact: check_db_pass: "{{ lookup('env', 'DB_PASS') }}" no_log: true - name: Assert that DB_PASS is defined - when: desired_state is not defined or desired_state == 'absent' + when: desired_state == 'present' ansible.builtin.assert: that: - check_db_pass | length > 8 From ac1792da8c448dd1b7de0baed569f25f082dbbc3 Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Wed, 11 Dec 2024 17:12:49 +0100 Subject: [PATCH 7/7] cleanup --- Vagrantfile | 4 ++-- ansible.cfg | 4 ++-- inventory/vagrant/group_vars/all.yml | 6 ------ inventory/vagrant/group_vars/database.yml | 17 ----------------- inventory/vagrant/group_vars/semaphore.yml | 10 ---------- inventory/vagrant/hosts | 17 ----------------- inventory/vagrant/vagrant.json | 17 ----------------- 7 files changed, 4 insertions(+), 71 deletions(-) delete mode 100644 inventory/vagrant/group_vars/all.yml delete mode 100644 inventory/vagrant/group_vars/database.yml delete mode 100644 inventory/vagrant/group_vars/semaphore.yml delete mode 100644 inventory/vagrant/hosts delete mode 100644 inventory/vagrant/vagrant.json diff --git a/Vagrantfile b/Vagrantfile index 3ddaaff..61aebcf 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -9,9 +9,9 @@ Vagrant.require_version ">= 2.0.0" $DbPass = ENV['DB_PASS'] || "your_database_password" $SshPassphrase = ENV['SSH_PASSPHRASE'] || "KeyWillBeGeneratedWithAPassphrase" -# Select the config file from the STAGE environment variable (dev or test) +# Select the config file from the STAGE environment variable (dev or local) # VM Configs are loaded from json files. -$Stage = ENV['STAGE'] || "vagrant" +$Stage = ENV['STAGE'] || "dev" # Require JSON module require 'json' diff --git a/ansible.cfg b/ansible.cfg index 774540d..1c5a243 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -6,9 +6,9 @@ roles_path = galaxy_roles:roles executable = /bin/bash ; set inventory here, or on the command-line when running Ansible. -; vagrant is for Vagrant on Windows with Hyper-V, VMWare Desktop or VirtualBox +; dev is for Vagrant with Hyper-V, VMWare Desktop or VirtualBox ; local is for localhost, assuming AlmaLinux or Rocky -inventory = inventory/vagrant/hosts +inventory = inventory/local/hosts ; Vagrant hosts are ephemeral set to true when promoting beyond test. host_key_checking = False diff --git a/inventory/vagrant/group_vars/all.yml b/inventory/vagrant/group_vars/all.yml deleted file mode 100644 index bffcf69..0000000 --- a/inventory/vagrant/group_vars/all.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -docker_install_compose: true -docker_install_compose_plugin: true -postgres_listen_addresses: '127.0.0.1' -server_name: "{{ lookup('env', 'HOSTNAME') }}" -ssh_passphrase: KeyWillBeGeneratedWithAPassphrase diff --git a/inventory/vagrant/group_vars/database.yml b/inventory/vagrant/group_vars/database.yml deleted file mode 100644 index 3ac33c6..0000000 --- a/inventory/vagrant/group_vars/database.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -postgres_enabled: true -postgres_version: 15 -# Postgresql users and databases/schemas -database: - postgres: - name: postgres - owner: postgres - username: postgres - password: your_database_password - enabled: true - semaphore: - name: semaphore - owner: semaphore - username: semaphore - password: your_database_password - enabled: true diff --git a/inventory/vagrant/group_vars/semaphore.yml b/inventory/vagrant/group_vars/semaphore.yml deleted file mode 100644 index 364949c..0000000 --- a/inventory/vagrant/group_vars/semaphore.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -semaphore_web_root: 'https://20.224.75.82' -nginx_add_repo: false - - -use_docker: true -use_opentofu: false -use_powershell: true -use_terraform: true -terraform_ver: 1.8.2 diff --git a/inventory/vagrant/hosts b/inventory/vagrant/hosts deleted file mode 100644 index 78a1c92..0000000 --- a/inventory/vagrant/hosts +++ /dev/null @@ -1,17 +0,0 @@ -[local:children] -control - -[control:children] -database -semaphore -web - -[database] -controller ansible_host=localhost -[semaphore] -controller ansible_host=localhost -[web] -controller ansible_host=localhost - -[local:vars] -ansible_connection=local diff --git a/inventory/vagrant/vagrant.json b/inventory/vagrant/vagrant.json deleted file mode 100644 index 20f7576..0000000 --- a/inventory/vagrant/vagrant.json +++ /dev/null @@ -1,17 +0,0 @@ -[ - { - "name": "controller", - "autostart": true, - "cpus": 4, - "distro": "almalinux", - "family": "RedHat", - "gui": false, - "box": "almalinux/8", - "ip_addr": "10.0.0.206", - "memory": "8192", - "no_share": true, - "primary": true, - "app_port": "3128", - "forwarded_port": "3128" - } -]