Ansible/roles.webcluster
1
0
Fork 0
Code Issues 2 Pull requests Releases Wiki Activity

Updated for Ubuntu 24.04

Browse source
This commit is contained in:
Sven Velt 2025-04-11 18:40:32 +02:00
parent ad984d6648
commit ffc35b306a
18 changed files with 83 additions and 88 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apache2-backend-mod_remoteip

@ -1 +1 @@
Subproject commit c7168ad4684819626bb1bb39aee5e54c2163a314 Subproject commit f7b2228d01038ca24a17a812e1209d224b9dab2a

2
keepalived-simple

@ -1 +1 @@
Subproject commit 5936b18b575f326b1bc22633ed1d58c1d8efb0b2 Subproject commit 02f5f09c2118643660c007768c589a4f2b065e4b

2
mariadb-galera

@ -1 +1 @@
Subproject commit 0c855bf1c753fbd80e65e761abbeade2ee7b15a0 Subproject commit 1482ec60657b62bef53591b0b0104794ca03d9f3

2
mariadb-replication

@ -1 +1 @@
Subproject commit 62d3b0b2f14d032b9d3df68d157eaeae5352bd16 Subproject commit 41aeeb2774f3eeaddc487fed1948265578eab9d8

1
mariadb-replication.yml Symbolic link
View file

@ -0,0 +1 @@
mariadb-replication/mariadb-replication.yml

4
webcluster-db.yml
View file

@ -3,8 +3,8 @@
tasks: [] tasks: []
- hosts: db - hosts: db
serial: 1 serial: "{{ custom_serial|default(1) }}"
max_fail_percentage: 20 max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}"
roles: roles:
- mariadb-galera - mariadb-galera
- webcluster-db - webcluster-db

2
webcluster-db/defaults/main.yml
View file

@ -1,7 +1,7 @@
--- ---
db_packages: db_packages:
- mariadb-server - mariadb-server
- python3-mysqldb - python3-pymysql
db_user: webappuser db_user: webappuser
db_password: webapppw db_password: webapppw

4
webcluster-db/meta/main.yml
View file

@ -7,12 +7,14 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: 2.9 min_ansible_version: '2.9'
platforms: platforms:
- name: Ubuntu - name: Ubuntu
versions: versions:
- focal - focal
- jammy
- noble
galaxy_tags: galaxy_tags:
- database - database

16
webcluster-db/tasks/main.yml
View file

@ -1,25 +1,25 @@
--- ---
- name: Install software - name: Install software
package: ansible.builtin.package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: "{{ db_packages }}" with_items: "{{ db_packages }}"
- name: MariaDB create DB - name: MariaDB create DB
mysql_db: community.mysql.mysql_db:
name: "{{ db_name }}" name: "{{ db_name }}"
state: present state: present
run_once: True login_unix_socket: /var/run/mysqld/mysqld.sock
run_once: true
- name: MariaDB create user - name: MariaDB create user
mysql_user: community.mysql.mysql_user:
name: "{{ db_user }}" name: "{{ db_user }}"
password: "{{ db_password }}" password: "{{ db_password }}"
priv: '{{ db_name }}.*:ALL' priv: '{{ db_name }}.*:ALL'
host: '%' host: '%'
column_case_sensitive: false
state: present state: present
run_once: True login_unix_socket: /var/run/mysqld/mysqld.sock
run_once: true

6
webcluster-haproxy/handlers/main.yml
View file

@ -1,13 +1,11 @@
--- ---
- name: Restart HAProxy - name: Restart HAProxy
service: ansible.builtin.service:
name: haproxy name: haproxy
state: restarted state: restarted
- name: Restart RSyslog - name: Restart RSyslog
service: ansible.builtin.service:
name: rsyslog name: rsyslog
state: restarted state: restarted

5
webcluster-haproxy/meta/main.yml
View file

@ -7,13 +7,10 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: 2.9 min_ansible_version: '2.9'
platforms: platforms:
- name: Alpine - name: Alpine
versions:
- 3.11
- 3.12
galaxy_tags: galaxy_tags:
- haproxy - haproxy

41
webcluster-haproxy/tasks/main.yml
View file

@ -1,66 +1,59 @@
--- ---
- name: Install software - name: Install software
package: ansible.builtin.package:
name: "{{ item }}" name: "{{ item }}"
state: latest state: latest
with_items: "{{ haproxy_packages }}" with_items: "{{ haproxy_packages }}"
notify: Restart RSyslog notify: Restart RSyslog
- name: HAProxy create config - name: HAProxy create config
template: ansible.builtin.template:
dest: "/etc/haproxy/haproxy.cfg" dest: "/etc/haproxy/haproxy.cfg"
src: "haproxy.cfg.j2" src: "haproxy.cfg.j2"
mode: 0644 mode: "0644"
backup: yes backup: true
notify: notify:
- Restart HAProxy - Restart HAProxy
- Restart RSyslog - Restart RSyslog
- name: Create Rsyslog config dir - name: Create Rsyslog config dir
file: ansible.builtin.file:
dest: /etc/rsyslog.d/ dest: /etc/rsyslog.d/
state: directory state: directory
owner: root owner: root
group: root group: root
mode: 0644 mode: "0644"
- name: Rsyslog create config - name: Rsyslog create config
template: ansible.builtin.template:
dest: "/etc/rsyslog.d/haproxy.conf" dest: "/etc/rsyslog.d/haproxy.conf"
src: "rsyslog.conf.j2" src: "rsyslog.conf.j2"
mode: 0644 mode: "0644"
backup: yes backup: true
notify: notify:
- Restart RSyslog - Restart RSyslog
- name: Create jail /dev directory - name: Create jail /dev directory
file: ansible.builtin.file:
path: /var/lib/haproxy/dev/ path: /var/lib/haproxy/dev/
state: directory state: directory
owner: root owner: root
group: root group: root
mode: 0755 mode: "0755"
- name: Copy SSL certificate - name: Copy SSL certificate
copy: ansible.builtin.copy:
src: "{{ haproxy_sslcert_src }}" src: "{{ haproxy_sslcert_src }}"
dest: "{{ haproxy_sslcert_path }}" dest: "{{ haproxy_sslcert_path }}"
owner: root owner: root
group: root group: root
mode: 0600 mode: "0600"
backup: yes backup: true
when: haproxy_sslcert_src|default("") != "" when: haproxy_sslcert_src | default("") != ""
- name: HAProxy enable service - name: HAProxy enable service
service: ansible.builtin.service:
name: haproxy name: haproxy
enabled: yes enabled: true
state: started state: started

1
webcluster-lb.yml
View file

@ -3,6 +3,7 @@
tasks: [] tasks: []
- hosts: lb - hosts: lb
serial: "{{ serial_custom|default(1) }}"
roles: roles:
- keepalived-simple - keepalived-simple
- webcluster-haproxy - webcluster-haproxy

4
webcluster-worker.yml
View file

@ -1,7 +1,7 @@
--- ---
- hosts: worker - hosts: worker
serial: 2 serial: "{{ custom_serial|default([1, '50%']) }}"
max_fail_percentage: 20 max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}"
roles: roles:
- webcluster-worker - webcluster-worker
- apache2-backend-mod_remoteip - apache2-backend-mod_remoteip

2
webcluster-worker/defaults/main.yml
View file

@ -23,5 +23,5 @@ worker_a2docroots:
worker_phpfpmpools: worker_phpfpmpools:
- worker.conf - worker.conf
worker_phpversion: 7.4 worker_phpversion: 8.3

6
webcluster-worker/handlers/main.yml
View file

@ -1,13 +1,11 @@
--- ---
- name: Restart Apache2 - name: Restart Apache2
service: ansible.builtin.service:
name: apache2 name: apache2
state: restarted state: restarted
- name: Restart PHP-FPM - name: Restart PHP-FPM
service: ansible.builtin.service:
name: "php{{ worker_phpversion }}-fpm" name: "php{{ worker_phpversion }}-fpm"
state: restarted state: restarted

4
webcluster-worker/meta/main.yml
View file

@ -7,12 +7,14 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: 2.9 min_ansible_version: '2.9'
platforms: platforms:
- name: Ubuntu - name: Ubuntu
versions: versions:
- focal - focal
- jammy
- noble
galaxy_tags: galaxy_tags:
- apache - apache

67
webcluster-worker/tasks/main.yml
View file

@ -1,67 +1,66 @@
--- ---
- name: Install software - name: Install software
package: ansible.builtin.package:
name: "{{ worker_packages }}" name: "{{ worker_packages }}"
state: latest state: latest
update_cache: true
cache_valid_time: 7200
- name: Apache2 enable modules - name: Apache2 enable modules
apache2_module: community.general.apache2_module:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: "{{ worker_a2mods }}" with_items: "{{ worker_a2mods }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 disable sites - name: Apache2 disable sites
file: ansible.builtin.file:
path: "/etc/apache2/sites-enabled/{{ item }}" path: "/etc/apache2/sites-enabled/{{ item }}"
state: absent state: absent
with_items: "{{ worker_a2dissites }}" with_items: "{{ worker_a2dissites }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 create vhosts - name: Apache2 create vhosts
template: ansible.builtin.template:
dest: "/etc/apache2/sites-available/{{ item }}" dest: "/etc/apache2/sites-available/{{ item }}"
src: "etc/apache2/sites-available/{{ item }}.j2" src: "etc/apache2/sites-available/{{ item }}.j2"
mode: 0644 mode: "0644"
backup: yes backup: true
with_items: "{{ worker_a2ensites }}" with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 enable sites - name: Apache2 enable sites
file: ansible.builtin.file:
path: "/etc/apache2/sites-enabled/{{ item }}" path: "/etc/apache2/sites-enabled/{{ item }}"
src: "/etc/apache2/sites-available/{{ item }}" src: "/etc/apache2/sites-available/{{ item }}"
state: link state: link
force: yes force: true
with_items: "{{ worker_a2ensites }}" with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 create DocRoots - name: Apache2 create DocRoots
file: ansible.builtin.file:
path: "/{{ item }}" path: "/{{ item }}"
state: directory state: directory
mode: 0755 owner: root
group: root
mode: "0755"
with_items: "{{ worker_a2docroots }}" with_items: "{{ worker_a2docroots }}"
notify: Restart Apache2 notify: Restart Apache2
- name: PHP Install pools - name: PHP Install pools
template: ansible.builtin.template:
dest: "/etc/php/{{ worker_phpversion }}/fpm/pool.d/{{ item }}" dest: "/etc/php/{{ worker_phpversion }}/fpm/pool.d/{{ item }}"
src: "etc/php-fpm-pool.d/{{ item }}.j2" src: "etc/php-fpm-pool.d/{{ item }}.j2"
mode: 0644 mode: "0644"
backup: yes owner: root
group: root
backup: true
with_items: "{{ worker_phpfpmpools }}" with_items: "{{ worker_phpfpmpools }}"
notify: Restart PHP-FPM notify: Restart PHP-FPM
- name: Disable worker in load balancers - name: Disable worker in load balancers
haproxy: community.general.haproxy:
socket: /var/lib/haproxy/admin.sock socket: /var/lib/haproxy/admin.sock
backend: dynamic backend: dynamic
host: "{{ inventory_hostname }}" host: "{{ inventory_hostname }}"
@ -69,30 +68,35 @@
delegate_to: "{{ item }}" delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}" with_items: "{{ groups.lb }}"
- name: Apache2 copy websites - name: Apache2 copy websites
copy: ansible.builtin.copy:
dest: "/{{ item }}/" dest: "/{{ item }}/"
src: "{{ item }}/" src: "{{ item }}/"
backup: yes owner: root
group: root
mode: "0644"
backup: true
with_items: "{{ worker_a2docroots }}" with_items: "{{ worker_a2docroots }}"
- name: Apache2 template dummy index.html - name: Apache2 template dummy index.html
template: ansible.builtin.template:
dest: "/{{ item }}/index.html" dest: "/{{ item }}/index.html"
src: "{{ item }}/index.html.j2" src: "{{ item }}/index.html.j2"
mode: 0644 owner: root
backup: yes group: root
mode: "0644"
backup: true
with_items: "{{ worker_a2docroots }}" with_items: "{{ worker_a2docroots }}"
- name: Flush handers
ansible.builtin.meta: flush_handlers
- name: Sleep 30 seconds... - name: Sleep 30 seconds...
pause: seconds=30 ansible.builtin.pause:
seconds: 30
- name: Enable worker in load balancers - name: Enable worker in load balancers
haproxy: community.general.haproxy:
socket: /var/lib/haproxy/admin.sock socket: /var/lib/haproxy/admin.sock
backend: dynamic backend: dynamic
host: "{{ inventory_hostname }}" host: "{{ inventory_hostname }}"
@ -100,4 +104,3 @@
delegate_to: "{{ item }}" delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}" with_items: "{{ groups.lb }}"