Skip to content
Snippets Groups Projects
Commit 71cb5466 authored by Christian Elberfeld's avatar Christian Elberfeld
Browse files

removed old server develop

parent af6ecac9
No related branches found
No related tags found
No related merge requests found
---
# Einige Secrets sind auf dem Server lokal gespeichert und werden von dort gelesen
# Auslesen der Dateien vom Server, zwischengespeicert wird in der Variable gitlab_secrets
# Anschließend müssen die entsprechenden Einträge aus gitlab_secrets extrahiert werden
# Die Daten, die von Slurp gelesen werden sind Base64 codiert
# Zur Sicherheit werden Whitespace-Zeichen entfert, damit z.B. Zeilenumbrüche nicht übernommen werden
- name: get secrets from server 1
slurp: src={{ item }}
with_items:
- /srv/shared/noreply_email_pass
- /srv/ldap/secret/ldap_admin_pass
- /srv/ldap/secret/ldap_readonly_pass
- /srv/warpinfratest/secret/web_secret_key
- /srv/warpinfratest/secret/mysql_root_pw
- /srv/warpinfratest/secret/mysql_user_pw
register: warpinfratest_secrets
- name: get secrets from server 2
set_fact:
noreply_email_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/shared/noreply_email_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
ldap_admin_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_admin_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
ldap_readonly_pass: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/ldap/secret/ldap_readonly_pass') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
web_secret_key: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/web_secret_key') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mysql_root_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_root_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
mysql_user_pw: "{{ warpinfratest_secrets.results | selectattr('item', 'equalto', '/srv/warpinfratest/secret/mysql_user_pw') | map(attribute='content') | list | first | b64decode | regex_replace('\\s', '') }}"
- name: create folder struct for warpinfratest
file:
path: "/tmp/warpinfratest_docker/"
state: "directory"
- name: create folder struct for warpinfratest
file:
path: "/srv/warpinfratest/etc"
state: "directory"
- name: create folder struct for warpinfratest
file:
path: "/srv/warpinfratest/data"
state: "directory"
- name: create folder struct for warpinfratest
file:
path: "/srv/warpinfratest/log"
state: "directory"
- name: clone repo
git:
repo: "https://gitlab.warpzone.ms/infrastruktur/warpinfra.git"
dest: "/tmp/warpinfratest_docker"
force: "yes"
register: gitclone
- name: clone repo status
debug:
msg: "{{gitclone}}"
- name: Konfig-Datei erstellen
template:
src: "config.ini"
dest: "/srv/warpinfratest/etc/config.ini"
- name: Konfig-Datei erstellen
template:
src: "docker-compose.yml"
dest: "/srv/warpinfratest/docker-compose.yml"
- name: start warpinfratest docker
docker_service:
project_src: /srv/warpinfratest/
state: present
[common]
# Possible Apps: warpmain, warpauth, warpfood, warpapi, warppay
APPS = warpmain, warpauth, warppay
INSTANCE_NAME = 'INTERN-TEST'
GIT_COMMIT = '{{ gitclone.after }}'
DEPLOY_DATE = '{{ ansible_date_time.date }}--{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}'
[debug]
DEBUG = True
[security]
SECRET_KEY = '{{ web_secret_key }}'
PW_RESET_TOKEN_LIFETIME = 5
ALLOWED_HOSTS = infra-test.warpzone
[mattermost]
API_KEY = ''
[mysql]
MYSQL_HOST = db
MYSQL_PORT = 3306
MYSQL_USER = warpinfra
MYSQL_PASS = {{ mysql_user_pw }}
MYSQL_NAME = warpinfra
[ldap]
LDAP_HOST = {{ ldap_ip_ext }}
LDAP_BIND_DN = cn=admin,dc=warpzone,dc=ms
LDAP_PASSWORD = {{ ldap_admin_pass }}
LDAP_USER_SEARCH_PATH = ou=users,dc=warpzone,dc=ms
LDAP_GROUP_SEARCH_PATH = dc=warpzone,dc=ms
LDAP_USER_SEARCH_FILTER = (uid=%(user)s)
LDAP_GROUP_IS_ACTIVE = cn=active,ou=groups,dc=warpzone,dc=ms
LDAP_GROUP_IS_STAFF = cn=warpauth-admin,ou=infrastructure,dc=warpzone,dc=ms
LDAP_GROUP_SUPERUSER = cn=warpauth-admin,ou=infrastructure,dc=warpzone,dc=ms
[email]
SMTP_HOST = {{ smtp_host }}
SMTP_PORT = {{ smtp_port }}
SMTP_USERNAME = {{ noreply_email_user }}
SMTP_PASSWORD = {{ noreply_email_pass }}
SMTP_EMAIL_FROM = {{ noreply_email_user }}
SMTP_USE_TLS = True
SUBJECT_PREFIX = '[TEST] '
[misc]
LOG_PATH = /opt/log/
version: "3"
services:
db:
image: mariadb:10.1
restart: always
ports:
- 127.0.0.1:23306:3306
volumes:
- /srv/warpinfratest/db/:/var/lib/mysql
environment:
MYSQL_DATABASE: warpinfra
MYSQL_USER: warpinfra
MYSQL_PASSWORD: {{ mysql_user_pw }}
MYSQL_ROOT_PASSWORD: {{ mysql_root_pw }}
app:
build: /tmp/warpinfratest_docker/www/
image: warpinfratest:{{ gitclone.after }}
restart: always
depends_on:
- db
ports:
- 0.0.0.0:8000:8000
volumes:
- /tmp/warpinfratest:/opt/socket
- /srv/warpinfratest/etc:/etc/warpinfra
- /srv/warpinfratest/data:/opt/database
- /srv/warpinfratest/log:/opt/log
ports:
- 0.0.0.0:8000:8000
# Host spezifische Variablen
motd_lines:
- "Develop"
- "Öffentliche IPs: {{ansible_eno1.ipv4.address}} / {{ansible_eno1.ipv6[0].address}}"
debian_sources:
- "deb http://ftp.halifax.rwth-aachen.de/debian/ stretch main contrib non-free"
- "deb http://security.debian.org/ stretch/updates main contrib non-free"
- "deb http://ftp.de.debian.org/debian/ stretch-updates main"
- "deb http://ftp.halifax.rwth-aachen.de/debian/ stretch-updates main contrib non-free"
- "deb https://download.docker.com/linux/debian stretch stable"
- "deb https://repos.influxdata.com/debian stretch stable"
debian_keys_id:
debian_keys_url:
- "https://download.docker.com/linux/debian/gpg"
- "https://repos.influxdata.com/influxdb.key"
# Primäre IP Adressen des Hosts
int_ip4: 192.168.0.202
# Art des Hosts: physical, vm, docker
host_type: "physical"
# SSL deaktivieren
webserver_ssl: false
# Liste der gehosteten Domänen
webserver_domains:
- "boxoffice-test.warpzone"
- "infra-test.warpzone"
- "ldap-test.warpzone"
administratorenteam:
- "void"
- "reverend"
...@@ -19,9 +19,6 @@ webserver ansible_ssh_host=159.69.57.51 ...@@ -19,9 +19,6 @@ webserver ansible_ssh_host=159.69.57.51
# Auch erreichbar unter werwaltung.warpzone.ms # Auch erreichbar unter werwaltung.warpzone.ms
verwaltung ansible_ssh_host=195.201.179.60 verwaltung ansible_ssh_host=195.201.179.60
# Test VM für externe Dienste
develop ansible_ssh_host=192.168.0.202
[test] [test]
......
...@@ -47,8 +47,6 @@ ...@@ -47,8 +47,6 @@
- { role: warpsrvint/docker_unifi, tags: unifi } - { role: warpsrvint/docker_unifi, tags: unifi }
- { role: warpsrvint/docker_warpinfra, tags: warpinfra } - { role: warpsrvint/docker_warpinfra, tags: warpinfra }
# Entfällt durch develop
# - { role: warpsrvint/docker_warpinfratest, tags: warpinfratest }
- hosts: webserver - hosts: webserver
...@@ -203,12 +201,6 @@ ...@@ -203,12 +201,6 @@
# Test / Development Server # Test / Development Server
################################################## ##################################################
# - hosts: develop
# remote_user: root
# roles:
# - { role: common/docker, tags: docker }
# - { role: common/nginx, tags: nginx }
# - hosts: webserver-test # - hosts: webserver-test
# remote_user: root # remote_user: root
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment