Add dokku specific configurations

This commit is contained in:
Luke Murphy 2020-03-30 17:24:33 +02:00
parent fee2ffd1e1
commit 50959f27ac
No known key found for this signature in database
GPG Key ID: 5E2EF5A63E3718CC
10 changed files with 136 additions and 0 deletions

5
CHECKS Normal file
View File

@ -0,0 +1,5 @@
WAIT=3
TIMEOUT=3
ATTEMPTS=5
/ Autonomic

5
ansible/.vault.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
set -eu -o pipefail
echo $(pass show hosts/autonomic-dokku/vault/password)

40
ansible/post-deploy.yml Normal file
View File

@ -0,0 +1,40 @@
---
- hosts: all
gather_facts: false
tasks:
- name: Load variables
include_vars:
dir: "{{ dokku_lib_root }}/data/ansible/autonomic.zone/vars/"
extensions:
- yml
- name: Set HTTP 80 port proxy
dokku_ports:
app: autonomic.zone
mappings:
- "http:80:{{ http_port }}"
state: present
- name: Setup LE certificates
shell: dokku letsencrypt autonomic.zone
args:
creates: /home/dokku/autonomic.zone/letsencrypt/certs
- name: Setup LE certificates renew cron job
shell: dokku letsencrypt:cron-job --add
args:
creates: /home/dokku/autonomic.zone/letsencrypt/cron-job
- name: Remove automatically configured ports
dokku_ports:
app: autonomic.zone
mappings:
- "http:4000:4000"
state: absent
- name: Set HTTP 443 port
dokku_ports:
app: autonomic.zone
mappings:
- "https:443:{{ http_port }}"
state: present

46
ansible/pre-deploy.yml Normal file
View File

@ -0,0 +1,46 @@
---
- hosts: all
gather_facts: false
tasks:
- name: Load variables
include_vars:
dir: "{{ dokku_lib_root }}/data/ansible/autonomic.zone/vars/"
extensions:
- yml
- name: Prepare Python system dependencies
become: true
apt:
name: python3-pip
state: present
- name: Install dns-lexicon[gandi] system wide
become: true
pip:
name: "{{ item }}"
executable: /usr/bin/pip3
state: present
with_items:
- cryptography==2.8
- dns-lexicon==3.3.19
- name: "Create {{ domain }} DNS entry"
gandi_dns:
gandi_rest_token: "{{ gandi_rest_token }}"
domain: "{{ domain }}"
ipv4: "{{ dokku_domain_ipv4 }}"
state: present
- name: "Configure the {{ domain }} domain"
dokku_domains:
app: autonomic.zone
domains:
- "{{ domain }}"
state: present
- name: Configure the dokku app environment
dokku_config:
app: autonomic.zone
restart: false
config:
DOKKU_LETSENCRYPT_EMAIL: "{{ autonomic_admin_mail }}"

6
ansible/requirements.yml Normal file
View File

@ -0,0 +1,6 @@
---
- src: dokku_bot.ansible_dokku
version: v2020.3.15
- src: https://git.autonomic.zone/autonomic-cooperative/autonomic.gandi/archive/0.0.5.tar.gz
name: autonomic.gandi

5
ansible/vars/all.yml Normal file
View File

@ -0,0 +1,5 @@
---
autonomic_admin_mail: "helo@autonomic.zone"
dokku_domain_ipv4: "94.130.105.60"
domain: "autonomic.zone"
http_port: "4000"

View File

@ -0,0 +1,8 @@
---
ansible_become_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256
34396236353735666531323238656533643465303131663464613162396333313836363630666266
6539323631656635333864316166633064633366323936610a656137616334313534333635313232
35323561303763366563316631313638363333393763323935343563303963616334336639386462
3837383830616637360a373539613630356564363662393836366462666430353439353637303035
63396633303166343433313439303539313637306637663137313533316531616434

5
app.json Normal file
View File

@ -0,0 +1,5 @@
{
"name": "autonomic.zone",
"description": "Autonomics website on the world wide web",
"repository": "https://git.autonomic.zone/autonomic-cooperative/autonomic.zone"
}

1
requirements.txt Normal file
View File

@ -0,0 +1 @@
ansible==2.9.6

15
sbin/encrypt.sh Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
set -eu -o pipefail
# Usage
# ./encrypt.sh mysecretname mysecretvalue
declare name="$1"
declare secret="$2"
ansible-vault \
encrypt_string \
--vault-password-file ansible/.vault.sh \
--name "$name" \
"$secret"