Compare commits
3 Commits
4b9e3a08e3
...
655d0cfbcf
| Author | SHA1 | Date | |
|---|---|---|---|
 julienfastre
|
655d0cfbcf
|
||
|
julienfastre
|
64d0a63e68
|
||
|
julienfastre
|
f545970f05
|
@@ -9,3 +9,39 @@ chill_image_redis: "redis"
|
||||
chill_image_rabbitmq: "rabbitmq:3-management-alpine"
|
||||
chill_image_relatorio: "registry.gitlab.com/champs-libres/public/relatorio-tornado/app:latest"
|
||||
traefik_image_traefik: "traefik:v3.2"
|
||||
|
||||
# to install or not traefik as front-end
|
||||
traefik_install: true
|
||||
|
||||
# default chill config for each environment
|
||||
default_chill:
|
||||
chill_environment: main_env
|
||||
add_postgres: false
|
||||
chill_image_tag: v0.0.1-beta
|
||||
host: 'devpms.samusocial.be'
|
||||
tls_config: self_signed
|
||||
expose_port: false # can be false, or the port number
|
||||
chill_config:
|
||||
trusted_hosts: 'devpms.samusocial.be '
|
||||
database_host: '172.17.17.71'
|
||||
database_port: '5432'
|
||||
database_name: 'chilldev'
|
||||
database_user: 'chilldev'
|
||||
database_version: '15'
|
||||
# database_password:
|
||||
mailer_user: ''
|
||||
mailer_host: 'smtp.example.com'
|
||||
mailer_port: '25'
|
||||
notification_host: 'https://devpms.samusocial.be '
|
||||
notification_from_email: 'devpms@samusocial.be'
|
||||
# app_secret:
|
||||
# admin_password:
|
||||
mailer_dsn: 'null://null'
|
||||
mailer_url: 'null://null'
|
||||
# jwt_passphrase:
|
||||
# jwt_secret_key: '1234'
|
||||
# jwt_public_key: '1234'
|
||||
rabbitmq_user: 'chilldev'
|
||||
# rabbitmq_password:
|
||||
editor_server: 'https://collabora.samusocial.be'
|
||||
ovhcloud_dsn: 'null://null'
|
||||
+12
-12
@@ -1,10 +1,10 @@
|
||||
- name: Debug task
|
||||
ansible.builtin.debug:
|
||||
var: item
|
||||
- name: Merge defaults with item
|
||||
ansible.builtin.set_fact:
|
||||
chill: "{{ default_chill | combine(item, recursive=True) }}"
|
||||
|
||||
- name: Create directories to store compose project
|
||||
ansible.builtin.file:
|
||||
path: "{{ install_dir }}/{{ item['chill_environment'] }}"
|
||||
path: "{{ install_dir }}/{{ chill['chill_environment'] }}"
|
||||
state: directory
|
||||
mode: '0755'
|
||||
owner: "{{ as_user }}"
|
||||
@@ -12,34 +12,34 @@
|
||||
- name: Add compose.yml file
|
||||
ansible.builtin.template:
|
||||
src: compose.yaml
|
||||
dest: "{{ install_dir }}/{{ item['chill_environment'] }}/compose.yaml"
|
||||
dest: "{{ install_dir }}/{{ chill['chill_environment'] }}/compose.yaml"
|
||||
owner: "{{ as_user }}"
|
||||
mode: '0444'
|
||||
|
||||
- name: Add application environment file
|
||||
ansible.builtin.template:
|
||||
src: env_file.env
|
||||
dest: "{{ install_dir }}/{{ item['chill_environment'] }}/env_file.env"
|
||||
dest: "{{ install_dir }}/{{ chill['chill_environment'] }}/env_file.env"
|
||||
owner: "{{ as_user }}"
|
||||
mode: '0400'
|
||||
|
||||
- name: Add postgresql environment file if need
|
||||
ansible.builtin.template:
|
||||
src: postgres.env
|
||||
dest: "{{ install_dir }}/{{ item['chill_environment'] }}/postgres.env"
|
||||
dest: "{{ install_dir }}/{{ chill['chill_environment'] }}/postgres.env"
|
||||
owner: "{{ as_user }}"
|
||||
mode: '0400'
|
||||
|
||||
- name: Add rabbitmq environment file
|
||||
ansible.builtin.template:
|
||||
src: rabbitmq.env
|
||||
dest: "{{ install_dir }}/{{ item['chill_environment'] }}/rabbitmq.env"
|
||||
dest: "{{ install_dir }}/{{ chill['chill_environment'] }}/rabbitmq.env"
|
||||
owner: "{{ as_user }}"
|
||||
mode: '0400'
|
||||
|
||||
- name: Create directory for storing configuration
|
||||
ansible.builtin.file:
|
||||
path: "{{ install_dir }}/{{ item['chill_environment'] }}/config/prod"
|
||||
path: "{{ install_dir }}/{{ chill['chill_environment'] }}/config/prod"
|
||||
state: directory
|
||||
owner: "{{ as_user }}"
|
||||
mode: '0400'
|
||||
@@ -47,7 +47,7 @@
|
||||
- name: Copy configuration files
|
||||
ansible.builtin.template:
|
||||
src: "config/prod/{{ file }}"
|
||||
dest: "{{ install_dir }}/{{ item['chill_environment'] }}/config/prod/{{ file }}"
|
||||
dest: "{{ install_dir }}/{{ chill['chill_environment'] }}/config/prod/{{ file }}"
|
||||
owner: "{{ as_user }}"
|
||||
mode: '0444'
|
||||
loop:
|
||||
@@ -61,7 +61,7 @@
|
||||
|
||||
- name: Create directory for storing data
|
||||
ansible.builtin.file:
|
||||
path: "{{ doc_storage_dir }}/{{ item['chill_environment'] }}"
|
||||
path: "{{ doc_storage_dir }}/{{ chill['chill_environment'] }}"
|
||||
owner: "82"
|
||||
group: "82"
|
||||
mode: '0766'
|
||||
@@ -71,6 +71,6 @@
|
||||
#
|
||||
# - name: Ensure systemd timer for cronjob is up
|
||||
# ansible.builtin.systemd_service:
|
||||
# name: "chill-cronjob@{{ item['chill_environment'] }}.timer"
|
||||
# name: "chill-cronjob@{{ chill['chill_environment'] }}.timer"
|
||||
# state: restarted
|
||||
# enabled: true
|
||||
|
||||
@@ -1,18 +1,18 @@
|
||||
|
||||
- name: Create directory for storing certificates
|
||||
ansible.builtin.file:
|
||||
path: "/var/traefik/certs/chill/{{ item['chill_environment'] }}"
|
||||
path: "/var/traefik/certs/chill/{{ chill['chill_environment'] }}"
|
||||
state: directory
|
||||
owner: "{{ as_user }}"
|
||||
mode: '0400'
|
||||
|
||||
- name: Create private key
|
||||
community.crypto.openssl_privatekey:
|
||||
path: "/var/traefik/certs/chill/{{ item['chill_environment'] }}/key.pem"
|
||||
path: "/var/traefik/certs/chill/{{ chill['chill_environment'] }}/key.pem"
|
||||
|
||||
- name: Create self signed certificate
|
||||
community.crypto.x509_certificate:
|
||||
privatekey_path: "/var/traefik/certs/chill/{{ item['chill_environment'] }}/key.pem"
|
||||
path: "/var/traefik/certs/chill/{{ item['chill_environment'] }}/cert.pem"
|
||||
privatekey_path: "/var/traefik/certs/chill/{{ chill['chill_environment'] }}/key.pem"
|
||||
path: "/var/traefik/certs/chill/{{ chill['chill_environment'] }}/cert.pem"
|
||||
provider: selfsigned
|
||||
|
||||
|
||||
+1
-4
@@ -13,10 +13,6 @@
|
||||
docker_install_compose_plugin: true
|
||||
docker_add_repo: true
|
||||
|
||||
- name: Print all available facts
|
||||
ansible.builtin.debug:
|
||||
var: ansible_facts
|
||||
|
||||
- name: Authenticate against private docker registry
|
||||
community.docker.docker_login:
|
||||
registry_url: "{{ registry_url }}"
|
||||
@@ -60,6 +56,7 @@
|
||||
|
||||
- name: Install traefik
|
||||
ansible.builtin.include_tasks: traefik.yml
|
||||
when: traefik_install
|
||||
|
||||
- name: Install systemd services
|
||||
ansible.builtin.template:
|
||||
|
||||
+27
-14
@@ -2,42 +2,51 @@
|
||||
|
||||
services:
|
||||
frontend:
|
||||
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_nginx_name }}:{{ item.chill_image_tag }}
|
||||
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_nginx_name }}:{{ chill.chill_image_tag }}
|
||||
links:
|
||||
- app:php
|
||||
|
||||
{% if traefik_install %}
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=traefik"
|
||||
- "traefik.http.routers.frontend-{{ item.chill_environment }}.rule=Host(`{{ item.host }}`)"
|
||||
- "traefik.http.routers.frontend-{{ item.chill_environment }}.entrypoints=websecure"
|
||||
{%+ if item.tls_config == 'self_signed' +%}
|
||||
- "traefik.http.routers.frontend-{{ item.chill_environment }}.tls=true"
|
||||
- "traefik.http.routers.frontend-{{ chill.chill_environment }}.rule=Host(`{{ chill.host }}`)"
|
||||
- "traefik.http.routers.frontend-{{ chill.chill_environment }}.entrypoints=websecure"
|
||||
{%+ if chill.tls_config == 'self_signed' +%}
|
||||
- "traefik.http.routers.frontend-{{ chill.chill_environment }}.tls=true"
|
||||
{%+ endif +%}
|
||||
{%+ if item.expose_port is not false +%}
|
||||
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.rule=PathPrefix(`/`)"
|
||||
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.entrypoints=chill{{ item.chill_environment }}"
|
||||
{%+ if item.tls_config == 'self_signed' +%}
|
||||
- "traefik.http.routers.frontend-exp-{{ item.chill_environment }}.tls=true"
|
||||
{%+ if chill.expose_port is not false +%}
|
||||
- "traefik.http.routers.frontend-exp-{{ chill.chill_environment }}.rule=PathPrefix(`/`)"
|
||||
- "traefik.http.routers.frontend-exp-{{ chill.chill_environment }}.entrypoints=chill{{ chill.chill_environment }}"
|
||||
{%+ if chill.tls_config == 'self_signed' +%}
|
||||
- "traefik.http.routers.frontend-exp-{{ chill.chill_environment }}.tls=true"
|
||||
{%+ endif +%}
|
||||
{%+ endif +%}
|
||||
{% endif %}
|
||||
|
||||
networks:
|
||||
|
||||
{% if traefik_install %}
|
||||
- traefik
|
||||
{% endif %}
|
||||
|
||||
- default
|
||||
restart: always
|
||||
|
||||
app: &defaultApp
|
||||
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_php_name }}:{{ item.chill_image_tag }}
|
||||
image: {{ registry_url }}/{{ registry_project }}/{{ chill_image_php_name }}:{{ chill.chill_image_tag }}
|
||||
env_file:
|
||||
- env_file.env
|
||||
volumes:
|
||||
- './config/prod:/var/www/app/config/packages/prod:ro'
|
||||
- '/var/log/chill:/var/www/app/var/log:rw'
|
||||
- '{{ doc_storage_dir }}/{{ item['chill_environment'] }}:/var/storage:rw'
|
||||
- '{{ doc_storage_dir }}/{{ chill['chill_environment'] }}:/var/storage:rw'
|
||||
links:
|
||||
- redis
|
||||
- relatorio
|
||||
- rabbitmq
|
||||
{% if item.add_postgres -%}
|
||||
|
||||
{% if chill.add_postgres -%}
|
||||
- database
|
||||
{%- endif %}
|
||||
|
||||
@@ -71,7 +80,7 @@ services:
|
||||
command: ["bin/console", "chill:cron-job:execute", "-v"]
|
||||
restart: "no"
|
||||
|
||||
{% if item.add_postgres %}
|
||||
{% if chill.add_postgres %}
|
||||
|
||||
database:
|
||||
image: "{{ database_image }}"
|
||||
@@ -137,6 +146,10 @@ services:
|
||||
restart: always
|
||||
|
||||
networks:
|
||||
|
||||
{% if traefik_install %}
|
||||
traefik:
|
||||
external: true
|
||||
{% endif %}
|
||||
|
||||
default:
|
||||
+28
-27
@@ -8,39 +8,40 @@ REDIS_PORT=6379
|
||||
REDIS_URL=redis://redis:6379
|
||||
RELATORIO_HOST=relatorio
|
||||
RELATORIO_PORT=8888
|
||||
TRUSTED_HOSTS={{ item.chill_config.trusted_hosts }}
|
||||
DATABASE_HOST={{ item.chill_config.database_host }}
|
||||
DATABASE_PORT={{ item.chill_config.database_port }}
|
||||
DATABASE_NAME={{ item.chill_config.database_name }}
|
||||
DATABASE_USER={{ item.chill_config.database_user }}
|
||||
DATABASE_VERSION={{ item.chill_config.database_version }}
|
||||
TRUSTED_HOSTS={{ chill.chill_config.trusted_hosts }}
|
||||
DATABASE_HOST={{ chill.chill_config.database_host }}
|
||||
DATABASE_PORT={{ chill.chill_config.database_port }}
|
||||
DATABASE_NAME={{ chill.chill_config.database_name }}
|
||||
DATABASE_USER={{ chill.chill_config.database_user }}
|
||||
DATABASE_VERSION={{ chill.chill_config.database_version }}
|
||||
LOCALE=fr
|
||||
MAILER_PROTOCOL=smtp
|
||||
MAILER_USER={{ item.chill_config.mailer_user }}
|
||||
MAILER_HOST={{ item.chill_config.mailer_host }}
|
||||
MAILER_PORT={{ item.chill_config.mailer_port }}
|
||||
NOTIFICATION_HOST={{ item.chill_config.notification_host }}
|
||||
NOTIFICATION_FROM_EMAIL={{ item.chill_config.notification_from_email }}
|
||||
MAILER_USER={{ chill.chill_config.mailer_user }}
|
||||
MAILER_HOST={{ chill.chill_config.mailer_host }}
|
||||
MAILER_PORT={{ chill.chill_config.mailer_port }}
|
||||
NOTIFICATION_HOST={{ chill.chill_config.notification_host }}
|
||||
NOTIFICATION_FROM_EMAIL={{ chill.chill_config.notification_from_email }}
|
||||
ASYNC_UPLOAD_TEMP_URL_BASE_PATH=
|
||||
ASYNC_UPLOAD_TEMP_URL_CONTAINER=
|
||||
ASYNC_UPLOAD_TEMP_URL_KEY=
|
||||
DEFAULT_CARRIER_CODE=FR
|
||||
APP_SECRET={{ item.chill_config.app_secret }}
|
||||
ADMIN_PASSWORD={{ item.chill_config.admin_password }}
|
||||
{% if item.chill_config.admin_password_1 is defined -%}
|
||||
ADMIN_PASSWORD_1={{ item.chill_config.admin_password_1 }}
|
||||
APP_SECRET={{ chill.chill_config.app_secret }}
|
||||
ADMIN_PASSWORD={{ chill.chill_config.admin_password }}
|
||||
{% if chill.chill_config.admin_password_1 is defined -%}
|
||||
ADMIN_PASSWORD_1={{ chill.chill_config.admin_password_1 }}
|
||||
{% endif -%}
|
||||
{% if item.chill_config.admin_password_2 is defined -%}
|
||||
ADMIN_PASSWORD_2={{ item.chill_config.admin_password_2 }}
|
||||
{% if chill.chill_config.admin_password_2 is defined -%}
|
||||
ADMIN_PASSWORD_2={{ chill.chill_config.admin_password_2 }}
|
||||
{% endif -%}
|
||||
{% if item.chill_config.admin_password_3 is defined -%}
|
||||
ADMIN_PASSWORD_3={{ item.chill_config.admin_password_3 }}
|
||||
{% if chill.chill_config.admin_password_3 is defined -%}
|
||||
ADMIN_PASSWORD_3={{ chill.chill_config.admin_password_3 }}
|
||||
{% endif -%}
|
||||
MAILER_DSN={{ item.chill_config.mailer_dsn }}
|
||||
MAILER_URL={{ item.chill_config.mailer_url }}
|
||||
JWT_PASSPHRASE={{ item.chill_config.jwt_passphrase }}
|
||||
JWT_SECRET_KEY={{ item.chill_config.jwt_secret_key }}
|
||||
JWT_PUBLIC_KEY={{ item.chill_config.jwt_public_key }}
|
||||
RABBITMQ_URL=amqp://{{ item.chill_config.rabbitmq_user }}:{{ item.chill_config.rabbitmq_password }}@rabbitmq/%2f
|
||||
DATABASE_URL=postgres://{{ item.chill_config.database_user }}:{{ item.chill_config.database_password }}@{% if item.add_postgres %}database:5432{% else %}{{ item.chill_config.database_host }}{% endif %}/{{ item.chill_config.database_name }}?sslmode=prefer&charset=utf8&serverVersion={{ item.chill_config.database_version }}
|
||||
EDITOR_SERVER={{ item.chill_config.editor_server }}
|
||||
MAILER_DSN={{ chill.chill_config.mailer_dsn }}
|
||||
MAILER_URL={{ chill.chill_config.mailer_url }}
|
||||
JWT_PASSPHRASE={{ chill.chill_config.jwt_passphrase }}
|
||||
JWT_SECRET_KEY={{ chill.chill_config.jwt_secret_key }}
|
||||
JWT_PUBLIC_KEY={{ chill.chill_config.jwt_public_key }}
|
||||
RABBITMQ_URL=amqp://{{ chill.chill_config.rabbitmq_user }}:{{ chill.chill_config.rabbitmq_password }}@rabbitmq/%2f
|
||||
DATABASE_URL=postgres://{{ chill.chill_config.database_user }}:{{ chill.chill_config.database_password }}@{% if chill.add_postgres %}database:5432{% else %}{{ chill.chill_config.database_host }}{% endif %}/{{ chill.chill_config.database_name }}?sslmode=prefer&charset=utf8&serverVersion={{ chill.chill_config.database_version }}
|
||||
EDITOR_SERVER={{ chill.chill_config.editor_server }}
|
||||
OVHCLOUD_DSN={{ chill.chill_config.ovhcloud_dsn }}
|
||||
|
||||
Reference in New Issue
Block a user