From 7a9e5112eaaea58d55f181d3e5296e4ff839921c Mon Sep 17 00:00:00 2001 From: jloup Date: Wed, 14 Feb 2018 14:19:09 +0100 Subject: initial commit --- cmd/ansible/.gitignore | 3 ++ cmd/ansible/ansible.cfg | 3 ++ cmd/ansible/conf.toml.j2 | 17 ++++++ cmd/ansible/cryptoportfolio-app.j2 | 13 +++++ cmd/ansible/deploy.yml | 105 +++++++++++++++++++++++++++++++++++++ cmd/ansible/hosts | 15 ++++++ cmd/ansible/release.yml | 59 +++++++++++++++++++++ cmd/ansible/requirements.yml | 7 +++ cmd/ansible/vars.yml | 22 ++++++++ 9 files changed, 244 insertions(+) create mode 100644 cmd/ansible/.gitignore create mode 100644 cmd/ansible/ansible.cfg create mode 100644 cmd/ansible/conf.toml.j2 create mode 100644 cmd/ansible/cryptoportfolio-app.j2 create mode 100644 cmd/ansible/deploy.yml create mode 100644 cmd/ansible/hosts create mode 100644 cmd/ansible/release.yml create mode 100644 cmd/ansible/requirements.yml create mode 100644 cmd/ansible/vars.yml (limited to 'cmd/ansible') diff --git a/cmd/ansible/.gitignore b/cmd/ansible/.gitignore new file mode 100644 index 0000000..eeb2d6a --- /dev/null +++ b/cmd/ansible/.gitignore @@ -0,0 +1,3 @@ +*.retry* +roles/nginx +roles/certbot diff --git a/cmd/ansible/ansible.cfg b/cmd/ansible/ansible.cfg new file mode 100644 index 0000000..d48a88f --- /dev/null +++ b/cmd/ansible/ansible.cfg @@ -0,0 +1,3 @@ +[defaults] +inventory = hosts +roles_path = roles/ diff --git a/cmd/ansible/conf.toml.j2 b/cmd/ansible/conf.toml.j2 new file mode 100644 index 0000000..5f08a26 --- /dev/null +++ b/cmd/ansible/conf.toml.j2 @@ -0,0 +1,17 @@ +log_level="info" +mode="production" +log_out="/var/cryptoportfolio-app/app.log" +port="8080" + +[db] +user="{{ postgres_user }}" +password="{{ postgres_password }}" +database="{{ postgres_database }}" +address="localhost:5432" + +[api] +domain="{{ app_domain }}" +jwt_secret="{{ jwt_secret }}" + +[app] +public_dir="/var/cryptoportfolio-app/static" diff --git a/cmd/ansible/cryptoportfolio-app.j2 b/cmd/ansible/cryptoportfolio-app.j2 new file mode 100644 index 0000000..40979d6 --- /dev/null +++ b/cmd/ansible/cryptoportfolio-app.j2 @@ -0,0 +1,13 @@ +[Unit] +Description=Cryptoportfolio app + +[Service] +Type=simple + +User={{ app_user }} +Group={{ app_user }} +UMask=007 + +ExecStart=/usr/bin/cryptoportfolio-app -conf /var/cryptoportfolio-app/conf.toml + +Restart=on-failure diff --git a/cmd/ansible/deploy.yml b/cmd/ansible/deploy.yml new file mode 100644 index 0000000..b56c581 --- /dev/null +++ b/cmd/ansible/deploy.yml @@ -0,0 +1,105 @@ +--- +- hosts: jloup-home + + tasks: + - include_vars: vars.yml + + - name: install myservice systemd unit file + template: src=cryptoportfolio-app.j2 dest=/etc/systemd/system/cryptoportfolio-app.service + become: yes + + - name: stop cryptoportfolio-app + systemd: state=stopped name=cryptoportfolio-app + become: yes + + - name: Creates cryptoportfolio-app directory + file: path=/var/cryptoportfolio-app state=directory owner={{ app_user }} + become: yes + + - name: Set log file. + file: path=/var/cryptoportfolio-app/app.log owner={{ app_user }} state=touch + become: yes + + - name: Copy server app binary from github 'https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/cryptoportfolio-linux-{{ linux_arch }}'. + get_url: + url: "https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/cryptoportfolio-linux-{{ linux_arch }}" + dest: /usr/bin/cryptoportfolio-app + owner: "{{ app_user }}" + mode: "u=rwx,g=r,o=r" + become: yes + + - name: Copy server app configuration file. + template: + src: conf.toml.j2 + dest: /var/cryptoportfolio-app/conf.toml + owner: "{{ app_user }}" + become: yes + + - name: Create webapp directory. + file: path=/var/cryptoportfolio-app/static state=directory owner={{ app_user }} + become: yes + + - name: Copy webapp files from github 'https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/webapp.tar.gz'. + unarchive: + src: "https://github.com/jloup/dist/releases/download/crypto-v{{ version }}/webapp.tar.gz" + dest: /var/cryptoportfolio-app/static + remote_src: yes + owner: "{{ app_user }}" + mode: "u=rwx,g=r,o=r" + become: yes + + - import_role: + name: nginx + become: yes + vars: + nginx_vhosts: + - listen: "443 ssl" + server_name: "{{ app_domain }}" + filename: "{{ app_domain }}.443.conf" + extra_parameters: | + ssl_certificate /etc/letsencrypt/live/{{ app_domain }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ app_domain }}/privkey.pem; + location / { + proxy_pass "http://127.0.0.1:8080"; + } + + - listen: "80" + server_name: "{{ app_domain }}" + filename: "{{ app_domain}}.80.conf" + return: "301 https://{{ app_domain }}$request_uri" + + - import_role: + name: certbot + become: yes + vars: + certbot_admin_email: jeanloup.jamet@gmail.com + certbot_create_if_missing: yes + certbot_create_standalone_stop_services: [] + certbot_create_method: standalone + certbot_certs: + - domains: + - "{{ app_domain }}" + + - name: Create postgres user. + user: name=postgres + + - name: Add cryptoportfolio database. + postgresql_db: name={{ postgres_database }} + become: yes + become_user: postgres + vars: + ansible_ssh_pipelining: true + + - name: Add cryptoportfolio user. + postgresql_user: user={{ postgres_user }} db={{ postgres_database }} password={{ postgres_password }} + become: yes + become_user: postgres + vars: + ansible_ssh_pipelining: true + + - file: path=/www/{{ app_user }} state=directory owner={{ app_user }} + become: yes + + - name: start cryptoportfolio-app + systemd: state=started name=cryptoportfolio-app daemon_reload=yes + become: yes diff --git a/cmd/ansible/hosts b/cmd/ansible/hosts new file mode 100644 index 0000000..64969e8 --- /dev/null +++ b/cmd/ansible/hosts @@ -0,0 +1,15 @@ +[jloup-home] +jlj.am + +[jloup-home:vars] + ansible_port=21 + ansible_user=ansible-deploy + + app_user=jloup + app_domain=jlj.am + + postgres_database=cryptoportfolio + postgres_user=cryptoportfolio + postgres_password=cryptoportfolio-dev + + linux_arch=386 \ No newline at end of file diff --git a/cmd/ansible/release.yml b/cmd/ansible/release.yml new file mode 100644 index 0000000..4cd005c --- /dev/null +++ b/cmd/ansible/release.yml @@ -0,0 +1,59 @@ +--- +- name: Release to github repo + hosts: 127.0.0.1 + connection: local + tasks: + - include_vars: vars.yml + + # Create release. + - github_release: + token: "{{ github_release_token }}" + user: jloup + repo: dist + action: create_release + tag: "crypto-v{{ version }}" + target: master + name: Crypto Release + body: "NOTE: this repo does not include any source code." + + # Build server app. + - make: + chdir: ../app + target: release + - shell: + github-release upload \ + -s "{{ github_release_token }}" \ + -u jloup \ + -r dist \ + -t crypto-v{{ version }} \ + -n "cryptoportfolio-linux-amd64" \ + -l "cryptoportfolio binary (linux amd64)" \ + -R \ + -f ../app/dist/linux_amd64/cryptoportfolio-app + - shell: + github-release upload \ + -s "{{ github_release_token }}" \ + -u jloup \ + -r dist \ + -t crypto-v{{ version }} \ + -n "cryptoportfolio-linux-386" \ + -l "cryptoportfolio binary (linux 386)" \ + -R \ + -f ../app/dist/linux_386/cryptoportfolio-app + + # Build webapp. + - make: + chdir: ../web + target: release + params: + ENV: prod + - shell: + github-release upload \ + -s "{{ github_release_token }}" \ + -u jloup \ + -r dist \ + -t crypto-v{{ version }} \ + -n "webapp.tar.gz" \ + -R \ + -f ../web/build/webapp.tar.gz + diff --git a/cmd/ansible/requirements.yml b/cmd/ansible/requirements.yml new file mode 100644 index 0000000..bacd7a8 --- /dev/null +++ b/cmd/ansible/requirements.yml @@ -0,0 +1,7 @@ +- src: geerlingguy.nginx + name: nginx + version: 2.5.0 + +- src: geerlingguy.certbot + name: certbot + version: 3.0.0 diff --git a/cmd/ansible/vars.yml b/cmd/ansible/vars.yml new file mode 100644 index 0000000..1de7413 --- /dev/null +++ b/cmd/ansible/vars.yml @@ -0,0 +1,22 @@ +$ANSIBLE_VAULT;1.1;AES256 +63613535333830393037646665363566636635366534636261623839326130663431653839346266 +3832643338623561313362663837323234663537663439350a313034326663383235663964626132 +38343964396265323539396439383731336464393337383833653666643736303539626136383431 +6536316338376538360a343862626636363031353037626462333364623433613861393137353336 +37396664663030363530333364633266653862393538313835326138663465626638326363656561 +30393836386664633834663838666432383836623432363936343635313835303166393531643966 +33313361383565363232373066306534613465386534386266306564383365373762613361366365 +61366530623863623336643531346463323233323539333139336335383439373132373233663031 +39666535633362383135376534376532333663636136366130653762643164333436313261646137 +37353139633361636163326366616234613466393731373631616138386263383131663537633533 +31393763316561623134623063623735356334363833623939313437386330323837626131356332 +30383863373535366137366138633832623566613061313138396539306536633763633934313562 +35383763653532336539346632623935303634353866636264373262363839326439313837313765 +36303539613734646238636432393166616438666665363363323331373437633362613838653564 +64393639346661646333383466363162633638643838386666383564366665656266333836363435 +35643231323362323566303535303561626139333830393538383635326631656666323166343863 +31393566346531653535393738326166303261376238316532373833616432306638326139353234 +32653132323764316231393634663262313765393230656232343833373438636430643663353965 +36333931303731646333316430646534383531313264353936396565336338663530303434643036 +34356663373533663137636235386164646334356262336464363862643332636661313339303531 +35663833656564393331636139663738323834373862623436633666306661373166 -- cgit v1.2.3