diff --git a/apache2-backend-mod_remoteip b/apache2-backend-mod_remoteip index c7168ad..f7b2228 160000 --- a/apache2-backend-mod_remoteip +++ b/apache2-backend-mod_remoteip @@ -1 +1 @@ -Subproject commit c7168ad4684819626bb1bb39aee5e54c2163a314 +Subproject commit f7b2228d01038ca24a17a812e1209d224b9dab2a diff --git a/keepalived-simple b/keepalived-simple index 5936b18..02f5f09 160000 --- a/keepalived-simple +++ b/keepalived-simple @@ -1 +1 @@ -Subproject commit 5936b18b575f326b1bc22633ed1d58c1d8efb0b2 +Subproject commit 02f5f09c2118643660c007768c589a4f2b065e4b diff --git a/mariadb-galera b/mariadb-galera index 0c855bf..1482ec6 160000 --- a/mariadb-galera +++ b/mariadb-galera @@ -1 +1 @@ -Subproject commit 0c855bf1c753fbd80e65e761abbeade2ee7b15a0 +Subproject commit 1482ec60657b62bef53591b0b0104794ca03d9f3 diff --git a/mariadb-replication b/mariadb-replication index 62d3b0b..41aeeb2 160000 --- a/mariadb-replication +++ b/mariadb-replication @@ -1 +1 @@ -Subproject commit 62d3b0b2f14d032b9d3df68d157eaeae5352bd16 +Subproject commit 41aeeb2774f3eeaddc487fed1948265578eab9d8 diff --git a/mariadb-replication.yml b/mariadb-replication.yml new file mode 120000 index 0000000..5c6b88b --- /dev/null +++ b/mariadb-replication.yml @@ -0,0 +1 @@ +mariadb-replication/mariadb-replication.yml \ No newline at end of file diff --git a/webcluster-db.yml b/webcluster-db.yml index 60c9b72..6f45dc0 100644 --- a/webcluster-db.yml +++ b/webcluster-db.yml @@ -3,8 +3,8 @@ tasks: [] - hosts: db - serial: 1 - max_fail_percentage: 20 + serial: "{{ custom_serial|default(1) }}" + max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}" roles: - mariadb-galera - webcluster-db diff --git a/webcluster-db/defaults/main.yml b/webcluster-db/defaults/main.yml index 26d5e2f..d688ca5 100644 --- a/webcluster-db/defaults/main.yml +++ b/webcluster-db/defaults/main.yml @@ -1,7 +1,7 @@ --- db_packages: - mariadb-server - - python3-mysqldb + - python3-pymysql db_user: webappuser db_password: webapppw diff --git a/webcluster-db/meta/main.yml b/webcluster-db/meta/main.yml index d98ee75..3dc1a4c 100644 --- a/webcluster-db/meta/main.yml +++ b/webcluster-db/meta/main.yml @@ -7,12 +7,14 @@ galaxy_info: license: GPL-2.0-or-later - min_ansible_version: 2.9 + min_ansible_version: '2.9' platforms: - name: Ubuntu versions: - focal + - jammy + - noble galaxy_tags: - database diff --git a/webcluster-db/tasks/main.yml b/webcluster-db/tasks/main.yml index 8f8e72e..c726c4f 100644 --- a/webcluster-db/tasks/main.yml +++ b/webcluster-db/tasks/main.yml @@ -1,25 +1,25 @@ --- - name: Install software - package: + ansible.builtin.package: name: "{{ item }}" state: present with_items: "{{ db_packages }}" - - name: MariaDB create DB - mysql_db: + community.mysql.mysql_db: name: "{{ db_name }}" state: present - run_once: True - + login_unix_socket: /var/run/mysqld/mysqld.sock + run_once: true - name: MariaDB create user - mysql_user: + community.mysql.mysql_user: name: "{{ db_user }}" password: "{{ db_password }}" priv: '{{ db_name }}.*:ALL' host: '%' + column_case_sensitive: false state: present - run_once: True - + login_unix_socket: /var/run/mysqld/mysqld.sock + run_once: true diff --git a/webcluster-haproxy/handlers/main.yml b/webcluster-haproxy/handlers/main.yml index b8068c9..5d85cb1 100644 --- a/webcluster-haproxy/handlers/main.yml +++ b/webcluster-haproxy/handlers/main.yml @@ -1,13 +1,11 @@ --- - name: Restart HAProxy - service: + ansible.builtin.service: name: haproxy state: restarted - name: Restart RSyslog - service: + ansible.builtin.service: name: rsyslog state: restarted - - diff --git a/webcluster-haproxy/meta/main.yml b/webcluster-haproxy/meta/main.yml index c1391c4..de39529 100644 --- a/webcluster-haproxy/meta/main.yml +++ b/webcluster-haproxy/meta/main.yml @@ -7,13 +7,10 @@ galaxy_info: license: GPL-2.0-or-later - min_ansible_version: 2.9 + min_ansible_version: '2.9' platforms: - name: Alpine - versions: - - 3.11 - - 3.12 galaxy_tags: - haproxy diff --git a/webcluster-haproxy/tasks/main.yml b/webcluster-haproxy/tasks/main.yml index 491e9a0..a91481d 100644 --- a/webcluster-haproxy/tasks/main.yml +++ b/webcluster-haproxy/tasks/main.yml @@ -1,66 +1,59 @@ --- - name: Install software - package: + ansible.builtin.package: name: "{{ item }}" state: latest with_items: "{{ haproxy_packages }}" notify: Restart RSyslog - - name: HAProxy create config - template: + ansible.builtin.template: dest: "/etc/haproxy/haproxy.cfg" src: "haproxy.cfg.j2" - mode: 0644 - backup: yes + mode: "0644" + backup: true notify: - Restart HAProxy - Restart RSyslog - - name: Create Rsyslog config dir - file: + ansible.builtin.file: dest: /etc/rsyslog.d/ state: directory owner: root group: root - mode: 0644 - + mode: "0644" - name: Rsyslog create config - template: + ansible.builtin.template: dest: "/etc/rsyslog.d/haproxy.conf" src: "rsyslog.conf.j2" - mode: 0644 - backup: yes + mode: "0644" + backup: true notify: - Restart RSyslog - - name: Create jail /dev directory - file: + ansible.builtin.file: path: /var/lib/haproxy/dev/ state: directory owner: root group: root - mode: 0755 - + mode: "0755" - name: Copy SSL certificate - copy: + ansible.builtin.copy: src: "{{ haproxy_sslcert_src }}" dest: "{{ haproxy_sslcert_path }}" owner: root group: root - mode: 0600 - backup: yes - when: haproxy_sslcert_src|default("") != "" - + mode: "0600" + backup: true + when: haproxy_sslcert_src | default("") != "" - name: HAProxy enable service - service: + ansible.builtin.service: name: haproxy - enabled: yes + enabled: true state: started - diff --git a/webcluster-lb.yml b/webcluster-lb.yml index ec1876f..3eff87b 100644 --- a/webcluster-lb.yml +++ b/webcluster-lb.yml @@ -3,6 +3,7 @@ tasks: [] - hosts: lb + serial: "{{ serial_custom|default(1) }}" roles: - keepalived-simple - webcluster-haproxy diff --git a/webcluster-worker.yml b/webcluster-worker.yml index 390c65c..eb3696f 100644 --- a/webcluster-worker.yml +++ b/webcluster-worker.yml @@ -1,7 +1,7 @@ --- - hosts: worker - serial: 2 - max_fail_percentage: 20 + serial: "{{ custom_serial|default([1, '50%']) }}" + max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}" roles: - webcluster-worker - apache2-backend-mod_remoteip diff --git a/webcluster-worker/defaults/main.yml b/webcluster-worker/defaults/main.yml index 5793ee4..8bfaac3 100644 --- a/webcluster-worker/defaults/main.yml +++ b/webcluster-worker/defaults/main.yml @@ -23,5 +23,5 @@ worker_a2docroots: worker_phpfpmpools: - worker.conf -worker_phpversion: 7.4 +worker_phpversion: 8.3 diff --git a/webcluster-worker/handlers/main.yml b/webcluster-worker/handlers/main.yml index 9303854..bc83ac6 100644 --- a/webcluster-worker/handlers/main.yml +++ b/webcluster-worker/handlers/main.yml @@ -1,13 +1,11 @@ --- - name: Restart Apache2 - service: + ansible.builtin.service: name: apache2 state: restarted - - name: Restart PHP-FPM - service: + ansible.builtin.service: name: "php{{ worker_phpversion }}-fpm" state: restarted - diff --git a/webcluster-worker/meta/main.yml b/webcluster-worker/meta/main.yml index 4b1801a..ca62992 100644 --- a/webcluster-worker/meta/main.yml +++ b/webcluster-worker/meta/main.yml @@ -7,12 +7,14 @@ galaxy_info: license: GPL-2.0-or-later - min_ansible_version: 2.9 + min_ansible_version: '2.9' platforms: - name: Ubuntu versions: - focal + - jammy + - noble galaxy_tags: - apache diff --git a/webcluster-worker/tasks/main.yml b/webcluster-worker/tasks/main.yml index ef2b8a6..678025d 100644 --- a/webcluster-worker/tasks/main.yml +++ b/webcluster-worker/tasks/main.yml @@ -1,67 +1,66 @@ --- - name: Install software - package: + ansible.builtin.package: name: "{{ worker_packages }}" state: latest - + update_cache: true + cache_valid_time: 7200 - name: Apache2 enable modules - apache2_module: + community.general.apache2_module: name: "{{ item }}" state: present with_items: "{{ worker_a2mods }}" notify: Restart Apache2 - - name: Apache2 disable sites - file: + ansible.builtin.file: path: "/etc/apache2/sites-enabled/{{ item }}" state: absent with_items: "{{ worker_a2dissites }}" notify: Restart Apache2 - - name: Apache2 create vhosts - template: + ansible.builtin.template: dest: "/etc/apache2/sites-available/{{ item }}" src: "etc/apache2/sites-available/{{ item }}.j2" - mode: 0644 - backup: yes + mode: "0644" + backup: true with_items: "{{ worker_a2ensites }}" notify: Restart Apache2 - - name: Apache2 enable sites - file: + ansible.builtin.file: path: "/etc/apache2/sites-enabled/{{ item }}" src: "/etc/apache2/sites-available/{{ item }}" state: link - force: yes + force: true with_items: "{{ worker_a2ensites }}" notify: Restart Apache2 - - name: Apache2 create DocRoots - file: + ansible.builtin.file: path: "/{{ item }}" state: directory - mode: 0755 + owner: root + group: root + mode: "0755" with_items: "{{ worker_a2docroots }}" notify: Restart Apache2 - - name: PHP Install pools - template: + ansible.builtin.template: dest: "/etc/php/{{ worker_phpversion }}/fpm/pool.d/{{ item }}" src: "etc/php-fpm-pool.d/{{ item }}.j2" - mode: 0644 - backup: yes + mode: "0644" + owner: root + group: root + backup: true with_items: "{{ worker_phpfpmpools }}" notify: Restart PHP-FPM - - name: Disable worker in load balancers - haproxy: + community.general.haproxy: socket: /var/lib/haproxy/admin.sock backend: dynamic host: "{{ inventory_hostname }}" @@ -69,30 +68,35 @@ delegate_to: "{{ item }}" with_items: "{{ groups.lb }}" - - name: Apache2 copy websites - copy: + ansible.builtin.copy: dest: "/{{ item }}/" src: "{{ item }}/" - backup: yes + owner: root + group: root + mode: "0644" + backup: true with_items: "{{ worker_a2docroots }}" - - name: Apache2 template dummy index.html - template: + ansible.builtin.template: dest: "/{{ item }}/index.html" src: "{{ item }}/index.html.j2" - mode: 0644 - backup: yes + owner: root + group: root + mode: "0644" + backup: true with_items: "{{ worker_a2docroots }}" +- name: Flush handers + ansible.builtin.meta: flush_handlers - name: Sleep 30 seconds... - pause: seconds=30 - + ansible.builtin.pause: + seconds: 30 - name: Enable worker in load balancers - haproxy: + community.general.haproxy: socket: /var/lib/haproxy/admin.sock backend: dynamic host: "{{ inventory_hostname }}" @@ -100,4 +104,3 @@ delegate_to: "{{ item }}" with_items: "{{ groups.lb }}" -