diff --git a/plays/lib/certs.yml b/plays/lib/certs.yml new file mode 100644 index 0000000..529d312 --- /dev/null +++ b/plays/lib/certs.yml @@ -0,0 +1,10 @@ +--- +- name: Setup lets encrypt certificates + shell: "dokku letsencrypt {{ app }}" + args: + creates: "/home/dokku/{{ app }}/letsencrypt/certs" + +- name: Setup lets encrypt certificates renew cron job + shell: dokku letsencrypt:cron-job --add + args: + creates: "/home/dokku/{{ app }}/letsencrypt/cron-job" diff --git a/plays/lib/database.yml b/plays/lib/database.yml index 96c99bf..bd7948d 100644 --- a/plays/lib/database.yml +++ b/plays/lib/database.yml @@ -1,25 +1,31 @@ --- -- name: "Create {{ db['type'] }} database" + +- name: Setup preparatory facts + set_fact: + db_type: "{{ db['type'] }}" + mount_map: + mariadb: /var/lib/mysql + +- name: "Create {{ db_type }} database" no_log: true shell: " dokku - {{ db['type'] }}:create + {{ db_type }}:create {{ app }} --password {{ db_passwd }} --root-password {{ root_db_passwd }} " args: - creates: "/var/lib/dokku/services/{{ db['type'] }}/{{ app }}" + creates: "/var/lib/dokku/services/{{ db_type }}/{{ app }}" - name: Link mariadb database to application dokku_service_link: - app: keycloak - name: keycloak - service: mariadb + app: "{{ app }}" + name: "{{ app }}" + service: "{{ db_type }}" -- name: Specify mariadb docker volume mounts +- name: "Specify {{ db_type }} volume mounts" dokku_storage: - app: keycloak + app: "{{ app }}" mounts: - - /var/lib/dokku/services/mariadb/keycloak:/var/lib/mysql - + - "/var/lib/dokku/services/{{ db_type }}/{{ app }}:{{ mount_map[db_type] }}" diff --git a/plays/lib/debug.yml b/plays/lib/debug.yml new file mode 100644 index 0000000..e926834 --- /dev/null +++ b/plays/lib/debug.yml @@ -0,0 +1,24 @@ +--- +- name: Debug all Ansible variables + debug: + msg: | + Module Variables ("vars"): + -------------------------------- + {{ vars | to_nice_json }} + + Environment Variables ("environment"): + -------------------------------- + {{ environment | to_nice_json }} + + GROUP NAMES Variables ("group_names"): + -------------------------------- + {{ group_names | to_nice_json }} + + GROUPS Variables ("groups"): + -------------------------------- + {{ groups | to_nice_json }} + + HOST Variables ("hostvars"): + -------------------------------- + {{ hostvars | to_nice_json }} + when: debug diff --git a/plays/lib/domain.yml b/plays/lib/domain.yml index d1dffbc..6709eba 100644 --- a/plays/lib/domain.yml +++ b/plays/lib/domain.yml @@ -5,3 +5,4 @@ domains: - "{{ domain }}" state: present + when: domain is defined diff --git a/plays/lib/env.yml b/plays/lib/env.yml new file mode 100644 index 0000000..57f046b --- /dev/null +++ b/plays/lib/env.yml @@ -0,0 +1,7 @@ +--- +- name: Configure the app environment + dokku_config: + app: "{{ app }}" + restart: false + config: "{{ env }}" + when: env is defined diff --git a/plays/lib/http.yml b/plays/lib/http.yml new file mode 100644 index 0000000..5447b9b --- /dev/null +++ b/plays/lib/http.yml @@ -0,0 +1,7 @@ +--- +- name: Set HTTP 80 port proxy + dokku_ports: + app: "{{ app }}" + mappings: + - "http:80:{{ port }}" + state: present diff --git a/plays/lib/https.yml b/plays/lib/https.yml new file mode 100644 index 0000000..ff97e8a --- /dev/null +++ b/plays/lib/https.yml @@ -0,0 +1,7 @@ +--- +- name: Set HTTP 443 port + dokku_ports: + app: "{{ app }}" + mappings: + - "https:443:{{ port }}" + state: present diff --git a/plays/lib/proxy.yml b/plays/lib/proxy.yml new file mode 100644 index 0000000..de6c2e0 --- /dev/null +++ b/plays/lib/proxy.yml @@ -0,0 +1,7 @@ +--- +- name: Remove automatically configured ports + dokku_ports: + app: keycloak + mappings: + - "http:{{ port }}:{{ port }}" + state: absent diff --git a/plays/lib/vars.yml b/plays/lib/vars.yml new file mode 100644 index 0000000..baa0a05 --- /dev/null +++ b/plays/lib/vars.yml @@ -0,0 +1,9 @@ +--- +- name: Check if internal variables are available for loading + stat: + path: "{{ app_config_root }}/vars.yml" + register: internal_vars + +- name: Load internal variables + include_vars: "{{ app_config_root }}/vars.yml" + when: internal_vars.stat.exists diff --git a/plays/post_deploy.yml b/plays/post_deploy.yml index ed97d53..098dd47 100644 --- a/plays/post_deploy.yml +++ b/plays/post_deploy.yml @@ -1 +1,27 @@ --- +- hosts: all + gather_facts: false + tasks: + - name: Include debug tasks + include: ./lib/debug.yml + + - name: Include config tasks + include: ./lib/config.yml + + - name: Include vars tasks + include: ./lib/vars.yml + + - name: Include vault tasks + include: ./lib/vault.yml + + - name: Include http tasks + include: ./lib/http.yml + + - name: Include certs tasks + include: ./lib/certs.yml + + - name: Include proxy tasks + include: ./lib/proxy.yml + + - name: Include https tasks + include: ./lib/https.yml diff --git a/plays/pre_deploy.yml b/plays/pre_deploy.yml index 7ebf024..5f1acb7 100644 --- a/plays/pre_deploy.yml +++ b/plays/pre_deploy.yml @@ -2,26 +2,20 @@ - hosts: all gather_facts: false tasks: + - name: Include debug tasks + include: ./lib/debug.yml + - name: Include config tasks include: ./lib/config.yml + - name: Include vars tasks + include: ./lib/vars.yml + - name: Include vault tasks include: ./lib/vault.yml - name: Include domain tasks include: ./lib/domain.yml - - name: Configure the dokku app environment - dokku_config: - app: keycloak - restart: false - config: - DB_ADDR: "dokku-mariadb-keycloak:3306" - DB_DATABASE: "keycloak" - DB_PASSWORD: "{{ db_passwd }}" - DB_USER: "mariadb" # https://github.com/dokku/dokku-mariadb/issues/89 - DB_VENDOR: "mariadb" - DOKKU_LETSENCRYPT_EMAIL: "{{ autonomic_admin_mail }}" - KEYCLOAK_PASSWORD: "{{ autonomic_admin_pass }}" - KEYCLOAK_USER: "{{ autonomic_admin_user }}" - PROXY_ADDRESS_FORWARDING: "{{ proxy_address_forwarding }}" + - name: Include env tasks + include: ./lib/env.yml