Ansible/roles.webcluster
1
0
Fork 0
Code Issues 2 Pull requests Releases Wiki Activity

Updated for Ubuntu 24.04

Browse source
This commit is contained in:
Sven Velt 2025-04-11 18:40:32 +02:00
parent ad984d6648
commit ffc35b306a
18 changed files with 83 additions and 88 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apache2-backend-mod_remoteip

@ -1 +1 @@
Subproject commit c7168ad4684819626bb1bb39aee5e54c2163a314
Subproject commit f7b2228d01038ca24a17a812e1209d224b9dab2a

2
keepalived-simple

@ -1 +1 @@
Subproject commit 5936b18b575f326b1bc22633ed1d58c1d8efb0b2
Subproject commit 02f5f09c2118643660c007768c589a4f2b065e4b

2
mariadb-galera

@ -1 +1 @@
Subproject commit 0c855bf1c753fbd80e65e761abbeade2ee7b15a0
Subproject commit 1482ec60657b62bef53591b0b0104794ca03d9f3

2
mariadb-replication

@ -1 +1 @@
Subproject commit 62d3b0b2f14d032b9d3df68d157eaeae5352bd16
Subproject commit 41aeeb2774f3eeaddc487fed1948265578eab9d8

1
mariadb-replication.yml Symbolic link
View file

@ -0,0 +1 @@
mariadb-replication/mariadb-replication.yml

4
webcluster-db.yml
View file

@ -3,8 +3,8 @@
tasks: []
- hosts: db
serial: 1
max_fail_percentage: 20
serial: "{{ custom_serial|default(1) }}"
max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}"
roles:
- mariadb-galera
- webcluster-db

2
webcluster-db/defaults/main.yml
View file

@ -1,7 +1,7 @@
---
db_packages:
- mariadb-server
- python3-mysqldb
- python3-pymysql
db_user: webappuser
db_password: webapppw

4
webcluster-db/meta/main.yml
View file

@ -7,12 +7,14 @@ galaxy_info:
license: GPL-2.0-or-later
min_ansible_version: 2.9
min_ansible_version: '2.9'
platforms:
- name: Ubuntu
versions:
- focal
- jammy
- noble
galaxy_tags:
- database

16
webcluster-db/tasks/main.yml
View file

@ -1,25 +1,25 @@
---
- name: Install software
package:
ansible.builtin.package:
name: "{{ item }}"
state: present
with_items: "{{ db_packages }}"
- name: MariaDB create DB
mysql_db:
community.mysql.mysql_db:
name: "{{ db_name }}"
state: present
run_once: True
login_unix_socket: /var/run/mysqld/mysqld.sock
run_once: true
- name: MariaDB create user
mysql_user:
community.mysql.mysql_user:
name: "{{ db_user }}"
password: "{{ db_password }}"
priv: '{{ db_name }}.*:ALL'
host: '%'
column_case_sensitive: false
state: present
run_once: True
login_unix_socket: /var/run/mysqld/mysqld.sock
run_once: true

6
webcluster-haproxy/handlers/main.yml
View file

@ -1,13 +1,11 @@
---
- name: Restart HAProxy
service:
ansible.builtin.service:
name: haproxy
state: restarted
- name: Restart RSyslog
service:
ansible.builtin.service:
name: rsyslog
state: restarted

5
webcluster-haproxy/meta/main.yml
View file

@ -7,13 +7,10 @@ galaxy_info:
license: GPL-2.0-or-later
min_ansible_version: 2.9
min_ansible_version: '2.9'
platforms:
- name: Alpine
versions:
- 3.11
- 3.12
galaxy_tags:
- haproxy

41
webcluster-haproxy/tasks/main.yml
View file

@ -1,66 +1,59 @@
---
- name: Install software
package:
ansible.builtin.package:
name: "{{ item }}"
state: latest
with_items: "{{ haproxy_packages }}"
notify: Restart RSyslog
- name: HAProxy create config
template:
ansible.builtin.template:
dest: "/etc/haproxy/haproxy.cfg"
src: "haproxy.cfg.j2"
mode: 0644
backup: yes
mode: "0644"
backup: true
notify:
- Restart HAProxy
- Restart RSyslog
- name: Create Rsyslog config dir
file:
ansible.builtin.file:
dest: /etc/rsyslog.d/
state: directory
owner: root
group: root
mode: 0644
mode: "0644"
- name: Rsyslog create config
template:
ansible.builtin.template:
dest: "/etc/rsyslog.d/haproxy.conf"
src: "rsyslog.conf.j2"
mode: 0644
backup: yes
mode: "0644"
backup: true
notify:
- Restart RSyslog
- name: Create jail /dev directory
file:
ansible.builtin.file:
path: /var/lib/haproxy/dev/
state: directory
owner: root
group: root
mode: 0755
mode: "0755"
- name: Copy SSL certificate
copy:
ansible.builtin.copy:
src: "{{ haproxy_sslcert_src }}"
dest: "{{ haproxy_sslcert_path }}"
owner: root
group: root
mode: 0600
backup: yes
when: haproxy_sslcert_src|default("") != ""
mode: "0600"
backup: true
when: haproxy_sslcert_src | default("") != ""
- name: HAProxy enable service
service:
ansible.builtin.service:
name: haproxy
enabled: yes
enabled: true
state: started

1
webcluster-lb.yml
View file

@ -3,6 +3,7 @@
tasks: []
- hosts: lb
serial: "{{ serial_custom|default(1) }}"
roles:
- keepalived-simple
- webcluster-haproxy

4
webcluster-worker.yml
View file

@ -1,7 +1,7 @@
---
- hosts: worker
serial: 2
max_fail_percentage: 20
serial: "{{ custom_serial|default([1, '50%']) }}"
max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}"
roles:
- webcluster-worker
- apache2-backend-mod_remoteip

2
webcluster-worker/defaults/main.yml
View file

@ -23,5 +23,5 @@ worker_a2docroots:
worker_phpfpmpools:
- worker.conf
worker_phpversion: 7.4
worker_phpversion: 8.3

6
webcluster-worker/handlers/main.yml
View file

@ -1,13 +1,11 @@
---
- name: Restart Apache2
service:
ansible.builtin.service:
name: apache2
state: restarted
- name: Restart PHP-FPM
service:
ansible.builtin.service:
name: "php{{ worker_phpversion }}-fpm"
state: restarted

4
webcluster-worker/meta/main.yml
View file

@ -7,12 +7,14 @@ galaxy_info:
license: GPL-2.0-or-later
min_ansible_version: 2.9
min_ansible_version: '2.9'
platforms:
- name: Ubuntu
versions:
- focal
- jammy
- noble
galaxy_tags:
- apache

67
webcluster-worker/tasks/main.yml
View file

@ -1,67 +1,66 @@
---
- name: Install software
package:
ansible.builtin.package:
name: "{{ worker_packages }}"
state: latest
update_cache: true
cache_valid_time: 7200
- name: Apache2 enable modules
apache2_module:
community.general.apache2_module:
name: "{{ item }}"
state: present
with_items: "{{ worker_a2mods }}"
notify: Restart Apache2
- name: Apache2 disable sites
file:
ansible.builtin.file:
path: "/etc/apache2/sites-enabled/{{ item }}"
state: absent
with_items: "{{ worker_a2dissites }}"
notify: Restart Apache2
- name: Apache2 create vhosts
template:
ansible.builtin.template:
dest: "/etc/apache2/sites-available/{{ item }}"
src: "etc/apache2/sites-available/{{ item }}.j2"
mode: 0644
backup: yes
mode: "0644"
backup: true
with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2
- name: Apache2 enable sites
file:
ansible.builtin.file:
path: "/etc/apache2/sites-enabled/{{ item }}"
src: "/etc/apache2/sites-available/{{ item }}"
state: link
force: yes
force: true
with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2
- name: Apache2 create DocRoots
file:
ansible.builtin.file:
path: "/{{ item }}"
state: directory
mode: 0755
owner: root
group: root
mode: "0755"
with_items: "{{ worker_a2docroots }}"
notify: Restart Apache2
- name: PHP Install pools
template:
ansible.builtin.template:
dest: "/etc/php/{{ worker_phpversion }}/fpm/pool.d/{{ item }}"
src: "etc/php-fpm-pool.d/{{ item }}.j2"
mode: 0644
backup: yes
mode: "0644"
owner: root
group: root
backup: true
with_items: "{{ worker_phpfpmpools }}"
notify: Restart PHP-FPM
- name: Disable worker in load balancers
haproxy:
community.general.haproxy:
socket: /var/lib/haproxy/admin.sock
backend: dynamic
host: "{{ inventory_hostname }}"
@ -69,30 +68,35 @@
delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}"
- name: Apache2 copy websites
copy:
ansible.builtin.copy:
dest: "/{{ item }}/"
src: "{{ item }}/"
backup: yes
owner: root
group: root
mode: "0644"
backup: true
with_items: "{{ worker_a2docroots }}"
- name: Apache2 template dummy index.html
template:
ansible.builtin.template:
dest: "/{{ item }}/index.html"
src: "{{ item }}/index.html.j2"
mode: 0644
backup: yes
owner: root
group: root
mode: "0644"
backup: true
with_items: "{{ worker_a2docroots }}"
- name: Flush handers
ansible.builtin.meta: flush_handlers
- name: Sleep 30 seconds...
pause: seconds=30
ansible.builtin.pause:
seconds: 30
- name: Enable worker in load balancers
haproxy:
community.general.haproxy:
socket: /var/lib/haproxy/admin.sock
backend: dynamic
host: "{{ inventory_hostname }}"
@ -100,4 +104,3 @@
delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}"