william/pilot-playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Playbook d'installation du serveur.

Browse Source
This commit is contained in:
William 2022-07-02 16:22:50 +02:00
parent fd8b5ebc41
commit 177c281fff
4 changed files with 166 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
README.md
View File

@ -2,6 +2,27 @@
This playbook installs app from repository and bind Traefik on defined host.
## Setup server
First create a file `vars.json` who contain :
```json
{
"working_dir": "/srv/apps",
"with_dashboard": "yes",
"with_https": "yes",
"acme_email": "admin@example.com",
"log_level": "INFO"
}
```
Then run setup playbook:
```bash
HOSTNAME=vps.example.com
$ ansible-playbook -i $HOSTNAME, -e ansible_python_interpreter=/usr/bin/python3 -e @vars.json playbooks/setup.yml
```
## Manage app
Available playbooks:

87
playbooks/setup.yml Normal file
View File

@ -0,0 +1,87 @@
---
- name: Setup server
hosts: all
become: yes
tasks:
- name: Install required system packages
apt:
name: [
'apt-transport-https',
'ca-certificates',
'software-properties-common',
'python3-pip',
]
state: present
update_cache: yes
- name: Add Docker GPG apt Key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add Docker Repository
apt_repository:
repo: "deb [arch=amd64] https://download.docker.com/{{ ansible_system | lower }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
state: present
- name: Update apt and install Docker
apt:
name: [
'docker-ce',
'docker-ce-cli',
'containerd.io',
]
state: latest
update_cache: yes
- name: Add the Python client for Docker
pip:
name: [
'docker',
'docker-compose'
]
- name: Install docker-compose
get_url:
url : https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64
dest: /usr/local/bin/docker-compose
mode: 'u+x,g+x'
group: docker
- name: Create Traefik directory
file:
path: "{{ working_dir }}/traefik"
state: directory
- name: Create Acme file
file:
path: "{{ working_dir }}/traefik/acme.json"
state: touch
mode: 0600
- name: Build Traefik config file
template:
src: ../templates/traefik.yml.j2
dest: "{{ working_dir }}/traefik/traefik.yml"
- name: Create global network
docker_network:
name: web
- name: Build Traefik docker-compose file
template:
src: ../templates/traefik-docker-compose.yml.j2
dest: '{{ working_dir }}/traefik/docker-compose.yml'
- name: Run Traefik container
community.docker.docker_compose:
project_src: "{{ working_dir }}/traefik"
build: yes
files:
- docker-compose.yml
restarted: yes
register: output
- debug:
var: output

27
templates/traefik-docker-compose.yml.j2 Normal file
View File

@ -0,0 +1,27 @@
version: '3'
networks:
web:
external: true
services:
traefik:
image: "traefik:v2.7"
container_name: "traefik"
restart: unless-stopped
networks:
- "web"
ports:
- "80:80"
{% if with_https == 'yes' %}
- "443:443"
{% endif %}
{% if with_dashboard == 'yes' %}
- "8080:8080"
{% endif %}
volumes:
- "{{ working_dir }}/traefik/traefik.yml:/etc/traefik/traefik.yml"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
{% if with_https == 'yes' %}
- "{{ working_dir }}/traefik/acme.json:/acme.json"
{% endif %}

31
templates/traefik.yml.j2 Normal file
View File

@ -0,0 +1,31 @@
entryPoints:
http:
address: ":80"
{% if with_https == 'yes' %}
https:
address: ":443"
{% endif %}
log:
level: {{ log_level }}
{% if with_dashboard == 'yes' %}
api:
dashboard: true
insecure: true
{% endif %}
providers:
docker:
network: "web"
endpoint: "unix:///var/run/docker.sock"
{% if with_https == 'yes' %}
certificatesResolvers:
letsencrypt:
acme:
email: "{{ acme_email }}"
storage = "acme.json"
httpChallenge:
entryPoint: "http"
{% endif %}