removed warpinfra from webserver

host_vars/webserver

@@ -35,13 +35,13 @@ webserver_domains:
   - "autodiscover.warpzone.ms"
   - "autoconfig.warpzone.ms"
   - "gitlab.warpzone.ms"
-  - "infra.warpzone.ms"
   - "jabber.warpzone.ms"
   - "matrix.warpzone.ms"
   - "mailserver.warpzone.ms"
   - "muc.jabber.warpzone.ms"
   - "proxy.jabber.warpzone.ms"
   - "ldap.warpzone.ms"
+  - "keycloak.warpzone.ms"
   - "md.warpzone.ms"
   - "wiki.warpzone.ms"
   - "www.warpzone.ms"

webserver/docker_warpinfra/tasks/main.yml

----
-# Einige Secrets sind auf dem Server lokal gespeichert und werden von dort gelesen 
-# Auslesen der Dateien vom Server, zwischengespeicert wird in der Variable gitlab_secrets 
-# Anschließend müssen die entsprechenden Einträge aus gitlab_secrets extrahiert werden  
-# Die Daten, die von Slurp gelesen werden sind Base64 codiert 
-# Zur Sicherheit werden Whitespace-Zeichen entfert, damit z.B. Zeilenumbrüche nicht übernommen werden 
-
-- name: get secrets from server 1
-  slurp: src={{ item }}
-  with_items:
-    - /srv/shared/noreply_email_pass
-    - /srv/ldap/secret/ldap_admin_pass
-    - /srv/ldap/secret/ldap_readonly_pass
-    - /srv/warpinfra/secret/web_secret_key
-    - /srv/warpinfra/secret/mysql_root_pw
-    - /srv/warpinfra/secret/mysql_user_pw
-  register: warpinfra_secrets
-
-- name: get secrets from server 2
-  set_fact: 
-    noreply_email_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    ldap_admin_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    ldap_readonly_pass: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    web_secret_key: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    mysql_root_pw: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    mysql_user_pw: "{{ warpinfra_secrets.results | selectattr('item', 'equalto', '/srv/warpinfra/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-
-- name: create folder struct for warpinfra 
-  file: 
-    path: "/tmp/warpinfra_docker/" 
-    state: "directory"
-
-- name: create folder struct for warpinfra 
-  file: 
-    path: "/srv/warpinfra/etc" 
-    state: "directory"
-
-- name: create folder struct for warpinfra 
-  file: 
-    path: "/srv/warpinfra/data" 
-    state: "directory"
-
-- name: create folder struct for warpinfra 
-  file: 
-    path: "/srv/warpinfra/log" 
-    state: "directory"
-  
-- name: clone repo
-  git: 
-    repo: "https://gitlab.warpzone.ms/infrastruktur/warpinfra.git" 
-    version: "d34c33223cc82625575b91e741cc957b866ea4b3"
-    dest: "/tmp/warpinfra_docker" 
-    force: "yes"
-  register: gitclone 
-
-- name: clone repo status 
-  debug: 
-    msg: "{{gitclone}}"
-
-- name: Konfig-Datei erstellen
-  template: 
-    src: "config.ini" 
-    dest: "/srv/warpinfra/etc/config.ini"
-
-- name: Konfig-Datei erstellen
-  template: 
-    src: "docker-compose.yml" 
-    dest: "/srv/warpinfra/docker-compose.yml"
-        
-- name: start warpinfra docker
-  docker_service:
-    project_src: /srv/warpinfra/
-    state: present
-

webserver/docker_warpinfra/templates/config.ini

-
-[common]
-# Possible Apps: warpmain, warpauth, warpfood, warpapi, warppay
-APPS = warpmain, warpauth
-
-INSTANCE_NAME = 'EXTERN-PRODUKTIV'
-GIT_COMMIT = '{{ gitclone.after }}'
-DEPLOY_DATE = '{{ ansible_date_time.date }}--{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}'
-
-[debug]
-DEBUG = False
-
-[security]
-SECRET_KEY = '{{ web_secret_key }}'
-PW_RESET_TOKEN_LIFETIME = 5
-ALLOWED_HOSTS = infra.warpzone.ms
-
-[mattermost]
-API_KEY = none
-
-[mysql]
-MYSQL_HOST = db
-MYSQL_PORT = 3306
-MYSQL_USER = warpinfra
-MYSQL_PASS = {{ mysql_user_pw }}
-MYSQL_NAME = warpinfra
-
-[ldap]
-LDAP_HOST = {{ ldap_ip_ext }}
-LDAP_BIND_DN = {{ ldap_admin_bind_dn }}
-LDAP_PASSWORD = {{ ldap_admin_pass }}
-
-LDAP_USER_SEARCH_PATH = ou=users,{{ ldap_base_dn }}
-LDAP_GROUP_SEARCH_PATH = {{ ldap_base_dn }}
-LDAP_USER_SEARCH_FILTER = (uid=%(user)s)
-
-LDAP_GROUP_IS_ACTIVE = cn=active,ou=groups,{{ ldap_base_dn }}
-LDAP_GROUP_IS_STAFF = cn=warpauth-admin,ou=infrastructure,{{ ldap_base_dn }}
-LDAP_GROUP_SUPERUSER = cn=warpauth-admin,ou=infrastructure,{{ ldap_base_dn }}
-
-[email]
-SMTP_HOST = {{ smtp_host }}
-SMTP_PORT = {{ smtp_port }}
-SMTP_USERNAME = {{ noreply_email_user }}
-SMTP_PASSWORD = {{ noreply_email_pass }}
-SMTP_EMAIL_FROM = {{ noreply_email_user }}
-SMTP_USE_TLS = True
-SUBJECT_PREFIX = ''
-
-[misc]
-LOG_PATH = /opt/log/

webserver/docker_warpinfra/templates/docker-compose.yml

-
-version: "3"
-
-services:
-
-  db:
-
-    image: mariadb:10.1
-    restart: always
-    ports:
-      - 127.0.0.1:13306:3306
-    volumes:
-      - /srv/warpinfra/db/:/var/lib/mysql
-    environment:
-      MYSQL_DATABASE: warpinfra
-      MYSQL_USER: warpinfra
-      MYSQL_PASSWORD: {{ mysql_user_pw }}
-      MYSQL_ROOT_PASSWORD: {{ mysql_root_pw }}
-    networks:
-      - default      
-
-  app:
-
-    build: /tmp/warpinfra_docker/www/
-    image: warpinfra:{{ gitclone.after }}
-    restart: always
-    depends_on:
-      - db
-    volumes:
-      - /tmp/warpinfra:/opt/socket
-      - /srv/warpinfra/etc:/etc/warpinfra
-      - /srv/warpinfra/data:/opt/database
-      - /srv/warpinfra/log:/opt/log
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
-      - traefik.http.routers.{{ servicename }}.entrypoints=websecure
-      - traefik.http.services.{{ servicename }}.loadbalancer.server.port=8080
-    networks:
-      - default      
-      - web  
-
-networks:
-  web:
-    external: true    

webserver/docker_warpinfratest/tasks/main.yml

----
-# Einige Secrets sind auf dem Server lokal gespeichert und werden von dort gelesen 
-# Auslesen der Dateien vom Server, zwischengespeicert wird in der Variable gitlab_secrets 
-# Anschließend müssen die entsprechenden Einträge aus gitlab_secrets extrahiert werden  
-# Die Daten, die von Slurp gelesen werden sind Base64 codiert 
-# Zur Sicherheit werden Whitespace-Zeichen entfert, damit z.B. Zeilenumbrüche nicht übernommen werden 
-
-- name: get secrets from server 1 
-  slurp: src={{ item }}
-  with_items:
-    - /srv/shared/noreply_email_pass
-    - /srv/ldap/secret/ldap_admin_pass
-    - /srv/ldap/secret/ldap_readonly_pass
-    - /srv/warpinfratest/secret/web_secret_key
-    - /srv/warpinfratest/secret/mysql_root_pw
-    - /srv/warpinfratest/secret/mysql_user_pw
-  register: warpinfratest_secrets
-
-- name: get secrets from server 2
-  set_fact: 
-    noreply_email_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    ldap_admin_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    ldap_readonly_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    web_secret_key: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    mysql_root_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-    mysql_user_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}" 
-
-- name: create folder struct for warpinfratest
-  file: 
-    path: "/tmp/warpinfratest_docker/" 
-    state: "directory"
-
-- name: create folder struct for warpinfratest
-  file: 
-    path: "/srv/warpinfratest/etc" 
-    state: "directory"
-
-- name: create folder struct for warpinfratest 
-  file: 
-    path: "/srv/warpinfratest/data" 
-    state: "directory"
-
-- name: create folder struct for warpinfratest 
-  file: 
-    path: "/srv/warpinfratest/log" 
-    state: "directory"
-  
-- name: clone repo
-  git: 
-    repo: "https://gitlab.warpzone.ms/infrastruktur/warpinfra.git" 
-    dest: "/tmp/warpinfratest_docker" 
-    force: "yes"
-  register: gitclone 
-
-- name: clone repo status 
-  debug: 
-    msg: "{{gitclone}}"
-
-- name: Konfig-Datei erstellen
-  template: 
-    src: "config.ini" 
-    dest: "/srv/warpinfratest/etc/config.ini"
-
-- name: Konfig-Datei erstellen
-  template: 
-    src: "docker-compose.yml" 
-    dest: "/srv/warpinfratest/docker-compose.yml"
-        
-- name: start warpinfratest docker
-  docker_service:
-    project_src: /srv/warpinfratest/
-    state: present

webserver/docker_warpinfratest/templates/config.ini

-
-[common]
-# Possible Apps: warpmain, warpauth, warpfood, warpapi, warppay
-APPS = warpmain, warpauth, warpfood, warpapi
-
-INSTANCE_NAME = 'EXTERN-TEST'
-GIT_COMMIT = '{{ gitclone.after }}'
-DEPLOY_DATE = '{{ ansible_date_time.date }}--{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}'
-
-[debug]
-DEBUG = True
-
-[security]
-SECRET_KEY = '{{ web_secret_key }}'
-PW_RESET_TOKEN_LIFETIME = 5
-ALLOWED_HOSTS = infra.warpzone.ms
-
-[mattermost]
-API_KEY = none
-
-[mysql]
-MYSQL_HOST = db
-MYSQL_PORT = 3306
-MYSQL_USER = warpinfra
-MYSQL_PASS = {{ mysql_user_pw }}
-MYSQL_NAME = warpinfra
-
-[ldap]
-LDAP_HOST = {{ ldap_ip_ext }}
-LDAP_BIND_DN = cn=admin,dc=warpzone,dc=ms
-LDAP_PASSWORD = {{ ldap_admin_pass }}
-
-LDAP_USER_SEARCH_PATH = ou=users,dc=warpzone,dc=ms
-LDAP_GROUP_SEARCH_PATH = dc=warpzone,dc=ms
-LDAP_USER_SEARCH_FILTER = (uid=%(user)s)
-
-LDAP_GROUP_IS_ACTIVE = cn=active,ou=groups,dc=warpzone,dc=ms
-LDAP_GROUP_IS_STAFF = cn=warpauth-admin,ou=infrastructure,dc=warpzone,dc=ms
-LDAP_GROUP_SUPERUSER = cn=warpauth-admin,ou=infrastructure,dc=warpzone,dc=ms
-
-[email]
-SMTP_HOST = {{ smtp_host }}
-SMTP_PORT = {{ smtp_port }}
-SMTP_USERNAME = {{ noreply_email_user }}
-SMTP_PASSWORD = {{ noreply_email_pass }}
-SMTP_EMAIL_FROM = {{ noreply_email_user }}
-SMTP_USE_TLS = True
-SUBJECT_PREFIX = '[TEST] '
-
-[misc]
-LOG_PATH = /opt/log/

webserver/docker_warpinfratest/templates/docker-compose.yml

-
-version: "3"
-
-services:
-
-  db:
-
-    image: mariadb:10.1
-    restart: always
-    ports:
-      - 127.0.0.1:23306:3306
-    volumes:
-      - /srv/warpinfratest/db/:/var/lib/mysql
-    environment:
-      MYSQL_DATABASE: warpinfra
-      MYSQL_USER: warpinfra
-      MYSQL_PASSWORD: {{ mysql_user_pw }}
-      MYSQL_ROOT_PASSWORD: {{ mysql_root_pw }}
-
-  app:
-
-    build: /tmp/warpinfratest_docker/www/
-    image: warpinfratest:{{ gitclone.after }}
-    restart: always
-    depends_on:
-      - db
-    volumes:
-      - /tmp/warpinfratest:/opt/socket
-      - /srv/warpinfratest/etc:/etc/warpinfra
-      - /srv/warpinfratest/data:/opt/database
-      - /srv/warpinfratest/log:/opt/log