Ansible/roles.webcluster
1
0
Fork 0
Code Issues 2 Pull requests Releases Wiki Activity

Compare commits

base: Ansible:main
Branches Tags
Ansible:main
Ansible:ubuntu-20.04
Ansible:haproxy-2024
..
compare: Ansible:ubuntu-20.04
Branches Tags
Ansible:main
Ansible:ubuntu-20.04
Ansible:haproxy-2024

No commits in common. "main" and "ubuntu-20.04" have entirely different histories.
main ... ubuntu-20.

18 changed files with 88 additions and 83 deletions
Show stats Expand all files Collapse all files

2
apache2-backend-mod_remoteip

@ -1 +1 @@
Subproject commit f7b2228d01038ca24a17a812e1209d224b9dab2a
Subproject commit c7168ad4684819626bb1bb39aee5e54c2163a314

2
keepalived-simple

@ -1 +1 @@
Subproject commit 02f5f09c2118643660c007768c589a4f2b065e4b
Subproject commit 5936b18b575f326b1bc22633ed1d58c1d8efb0b2

2
mariadb-galera

@ -1 +1 @@
Subproject commit 1482ec60657b62bef53591b0b0104794ca03d9f3
Subproject commit 0c855bf1c753fbd80e65e761abbeade2ee7b15a0

2
mariadb-replication

@ -1 +1 @@
Subproject commit 29a8f84afaa08070cbfcce12eee148518fcf8bb2
Subproject commit 62d3b0b2f14d032b9d3df68d157eaeae5352bd16

1
mariadb-replication.yml
View file

@ -1 +0,0 @@
mariadb-replication/mariadb-replication.yml

4
webcluster-db.yml
View file

@ -3,8 +3,8 @@
tasks: []
- hosts: db
serial: "{{ custom_serial|default(1) }}"
max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}"
serial: 1
max_fail_percentage: 20
roles:
- mariadb-galera
- webcluster-db

2
webcluster-db/defaults/main.yml
View file

@ -1,7 +1,7 @@
---
db_packages:
- mariadb-server
- python3-pymysql
- python3-mysqldb
db_user: webappuser
db_password: webapppw

4
webcluster-db/meta/main.yml
View file

@ -7,14 +7,12 @@ galaxy_info:
license: GPL-2.0-or-later
min_ansible_version: '2.9'
min_ansible_version: 2.9
platforms:
- name: Ubuntu
versions:
- focal
- jammy
- noble
galaxy_tags:
- database

16
webcluster-db/tasks/main.yml
View file

@ -1,25 +1,25 @@
---
- name: Install software
ansible.builtin.package:
package:
name: "{{ item }}"
state: present
with_items: "{{ db_packages }}"
- name: MariaDB create DB
community.mysql.mysql_db:
mysql_db:
name: "{{ db_name }}"
state: present
login_unix_socket: /var/run/mysqld/mysqld.sock
run_once: true
run_once: True
- name: MariaDB create user
community.mysql.mysql_user:
mysql_user:
name: "{{ db_user }}"
password: "{{ db_password }}"
priv: '{{ db_name }}.*:ALL'
host: '%'
column_case_sensitive: false
state: present
login_unix_socket: /var/run/mysqld/mysqld.sock
run_once: true
run_once: True

6
webcluster-haproxy/handlers/main.yml
View file

@ -1,11 +1,13 @@
---
- name: Restart HAProxy
ansible.builtin.service:
service:
name: haproxy
state: restarted
- name: Restart RSyslog
ansible.builtin.service:
service:
name: rsyslog
state: restarted

5
webcluster-haproxy/meta/main.yml
View file

@ -7,10 +7,13 @@ galaxy_info:
license: GPL-2.0-or-later
min_ansible_version: '2.9'
min_ansible_version: 2.9
platforms:
- name: Alpine
versions:
- 3.11
- 3.12
galaxy_tags:
- haproxy

41
webcluster-haproxy/tasks/main.yml
View file

@ -1,59 +1,66 @@
---
- name: Install software
ansible.builtin.package:
package:
name: "{{ item }}"
state: latest
with_items: "{{ haproxy_packages }}"
notify: Restart RSyslog
- name: HAProxy create config
ansible.builtin.template:
template:
dest: "/etc/haproxy/haproxy.cfg"
src: "haproxy.cfg.j2"
mode: "0644"
backup: true
mode: 0644
backup: yes
notify:
- Restart HAProxy
- Restart RSyslog
- name: Create Rsyslog config dir
ansible.builtin.file:
file:
dest: /etc/rsyslog.d/
state: directory
owner: root
group: root
mode: "0644"
mode: 0644
- name: Rsyslog create config
ansible.builtin.template:
template:
dest: "/etc/rsyslog.d/haproxy.conf"
src: "rsyslog.conf.j2"
mode: "0644"
backup: true
mode: 0644
backup: yes
notify:
- Restart RSyslog
- name: Create jail /dev directory
ansible.builtin.file:
file:
path: /var/lib/haproxy/dev/
state: directory
owner: root
group: root
mode: "0755"
mode: 0755
- name: Copy SSL certificate
ansible.builtin.copy:
copy:
src: "{{ haproxy_sslcert_src }}"
dest: "{{ haproxy_sslcert_path }}"
owner: root
group: root
mode: "0600"
backup: true
when: haproxy_sslcert_src | default("") != ""
mode: 0600
backup: yes
when: haproxy_sslcert_src|default("") != ""
- name: HAProxy enable service
ansible.builtin.service:
service:
name: haproxy
enabled: true
enabled: yes
state: started

1
webcluster-lb.yml
View file

@ -3,7 +3,6 @@
tasks: []
- hosts: lb
serial: "{{ serial_custom|default(1) }}"
roles:
- keepalived-simple
- webcluster-haproxy

4
webcluster-worker.yml
View file

@ -1,7 +1,7 @@
---
- hosts: worker
serial: "{{ custom_serial|default([1, '50%']) }}"
max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}"
serial: 2
max_fail_percentage: 20
roles:
- webcluster-worker
- apache2-backend-mod_remoteip

2
webcluster-worker/defaults/main.yml
View file

@ -23,5 +23,5 @@ worker_a2docroots:
worker_phpfpmpools:
- worker.conf
worker_phpversion: 8.3
worker_phpversion: 7.4

6
webcluster-worker/handlers/main.yml
View file

@ -1,11 +1,13 @@
---
- name: Restart Apache2
ansible.builtin.service:
service:
name: apache2
state: restarted
- name: Restart PHP-FPM
ansible.builtin.service:
service:
name: "php{{ worker_phpversion }}-fpm"
state: restarted

4
webcluster-worker/meta/main.yml
View file

@ -7,14 +7,12 @@ galaxy_info:
license: GPL-2.0-or-later
min_ansible_version: '2.9'
min_ansible_version: 2.9
platforms:
- name: Ubuntu
versions:
- focal
- jammy
- noble
galaxy_tags:
- apache

67
webcluster-worker/tasks/main.yml
View file

@ -1,66 +1,67 @@
---
- name: Install software
ansible.builtin.package:
package:
name: "{{ worker_packages }}"
state: latest
update_cache: true
cache_valid_time: 7200
- name: Apache2 enable modules
community.general.apache2_module:
apache2_module:
name: "{{ item }}"
state: present
with_items: "{{ worker_a2mods }}"
notify: Restart Apache2
- name: Apache2 disable sites
ansible.builtin.file:
file:
path: "/etc/apache2/sites-enabled/{{ item }}"
state: absent
with_items: "{{ worker_a2dissites }}"
notify: Restart Apache2
- name: Apache2 create vhosts
ansible.builtin.template:
template:
dest: "/etc/apache2/sites-available/{{ item }}"
src: "etc/apache2/sites-available/{{ item }}.j2"
mode: "0644"
backup: true
mode: 0644
backup: yes
with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2
- name: Apache2 enable sites
ansible.builtin.file:
file:
path: "/etc/apache2/sites-enabled/{{ item }}"
src: "/etc/apache2/sites-available/{{ item }}"
state: link
force: true
force: yes
with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2
- name: Apache2 create DocRoots
ansible.builtin.file:
file:
path: "/{{ item }}"
state: directory
owner: root
group: root
mode: "0755"
mode: 0755
with_items: "{{ worker_a2docroots }}"
notify: Restart Apache2
- name: PHP Install pools
ansible.builtin.template:
template:
dest: "/etc/php/{{ worker_phpversion }}/fpm/pool.d/{{ item }}"
src: "etc/php-fpm-pool.d/{{ item }}.j2"
mode: "0644"
owner: root
group: root
backup: true
mode: 0644
backup: yes
with_items: "{{ worker_phpfpmpools }}"
notify: Restart PHP-FPM
- name: Disable worker in load balancers
community.general.haproxy:
haproxy:
socket: /var/lib/haproxy/admin.sock
backend: dynamic
host: "{{ inventory_hostname }}"
@ -68,35 +69,30 @@
delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}"
- name: Apache2 copy websites
ansible.builtin.copy:
copy:
dest: "/{{ item }}/"
src: "{{ item }}/"
owner: root
group: root
mode: "0644"
backup: true
backup: yes
with_items: "{{ worker_a2docroots }}"
- name: Apache2 template dummy index.html
ansible.builtin.template:
template:
dest: "/{{ item }}/index.html"
src: "{{ item }}/index.html.j2"
owner: root
group: root
mode: "0644"
backup: true
mode: 0644
backup: yes
with_items: "{{ worker_a2docroots }}"
- name: Flush handers
ansible.builtin.meta: flush_handlers
- name: Sleep 30 seconds...
ansible.builtin.pause:
seconds: 30
pause: seconds=30
- name: Enable worker in load balancers
community.general.haproxy:
haproxy:
socket: /var/lib/haproxy/admin.sock
backend: dynamic
host: "{{ inventory_hostname }}"
@ -104,3 +100,4 @@
delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}"