Ansible/roles.webcluster
1
0
Fork 0
Code Issues 2 Pull requests Releases Wiki Activity

Compare commits

base: Ansible:main
Branches Tags
Ansible:main
Ansible:ubuntu-20.04
Ansible:haproxy-2024
..
compare: Ansible:ubuntu-20.04
Branches Tags
Ansible:main
Ansible:ubuntu-20.04
Ansible:haproxy-2024

No commits in common. "main" and "ubuntu-20.04" have entirely different histories.
main ... ubuntu-20.

18 changed files with 88 additions and 83 deletions
Show stats Expand all files Collapse all files

2
apache2-backend-mod_remoteip

@ -1 +1 @@
Subproject commit f7b2228d01038ca24a17a812e1209d224b9dab2a Subproject commit c7168ad4684819626bb1bb39aee5e54c2163a314

2
keepalived-simple

@ -1 +1 @@
Subproject commit 02f5f09c2118643660c007768c589a4f2b065e4b Subproject commit 5936b18b575f326b1bc22633ed1d58c1d8efb0b2

2
mariadb-galera

@ -1 +1 @@
Subproject commit 1482ec60657b62bef53591b0b0104794ca03d9f3 Subproject commit 0c855bf1c753fbd80e65e761abbeade2ee7b15a0

2
mariadb-replication

@ -1 +1 @@
Subproject commit 29a8f84afaa08070cbfcce12eee148518fcf8bb2 Subproject commit 62d3b0b2f14d032b9d3df68d157eaeae5352bd16

1
mariadb-replication.yml
View file

@ -1 +0,0 @@
mariadb-replication/mariadb-replication.yml

4
webcluster-db.yml
View file

@ -3,8 +3,8 @@
tasks: [] tasks: []
- hosts: db - hosts: db
serial: "{{ custom_serial|default(1) }}" serial: 1
max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}" max_fail_percentage: 20
roles: roles:
- mariadb-galera - mariadb-galera
- webcluster-db - webcluster-db

2
webcluster-db/defaults/main.yml
View file

@ -1,7 +1,7 @@
--- ---
db_packages: db_packages:
- mariadb-server - mariadb-server
- python3-pymysql - python3-mysqldb
db_user: webappuser db_user: webappuser
db_password: webapppw db_password: webapppw

4
webcluster-db/meta/main.yml
View file

@ -7,14 +7,12 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: '2.9' min_ansible_version: 2.9
platforms: platforms:
- name: Ubuntu - name: Ubuntu
versions: versions:
- focal - focal
- jammy
- noble
galaxy_tags: galaxy_tags:
- database - database

16
webcluster-db/tasks/main.yml
View file

@ -1,25 +1,25 @@
--- ---
- name: Install software - name: Install software
ansible.builtin.package: package:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: "{{ db_packages }}" with_items: "{{ db_packages }}"
- name: MariaDB create DB - name: MariaDB create DB
community.mysql.mysql_db: mysql_db:
name: "{{ db_name }}" name: "{{ db_name }}"
state: present state: present
login_unix_socket: /var/run/mysqld/mysqld.sock run_once: True
run_once: true
- name: MariaDB create user - name: MariaDB create user
community.mysql.mysql_user: mysql_user:
name: "{{ db_user }}" name: "{{ db_user }}"
password: "{{ db_password }}" password: "{{ db_password }}"
priv: '{{ db_name }}.*:ALL' priv: '{{ db_name }}.*:ALL'
host: '%' host: '%'
column_case_sensitive: false
state: present state: present
login_unix_socket: /var/run/mysqld/mysqld.sock run_once: True
run_once: true

6
webcluster-haproxy/handlers/main.yml
View file

@ -1,11 +1,13 @@
--- ---
- name: Restart HAProxy - name: Restart HAProxy
ansible.builtin.service: service:
name: haproxy name: haproxy
state: restarted state: restarted
- name: Restart RSyslog - name: Restart RSyslog
ansible.builtin.service: service:
name: rsyslog name: rsyslog
state: restarted state: restarted

5
webcluster-haproxy/meta/main.yml
View file

@ -7,10 +7,13 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: '2.9' min_ansible_version: 2.9
platforms: platforms:
- name: Alpine - name: Alpine
versions:
- 3.11
- 3.12
galaxy_tags: galaxy_tags:
- haproxy - haproxy

41
webcluster-haproxy/tasks/main.yml
View file

@ -1,59 +1,66 @@
--- ---
- name: Install software - name: Install software
ansible.builtin.package: package:
name: "{{ item }}" name: "{{ item }}"
state: latest state: latest
with_items: "{{ haproxy_packages }}" with_items: "{{ haproxy_packages }}"
notify: Restart RSyslog notify: Restart RSyslog
- name: HAProxy create config - name: HAProxy create config
ansible.builtin.template: template:
dest: "/etc/haproxy/haproxy.cfg" dest: "/etc/haproxy/haproxy.cfg"
src: "haproxy.cfg.j2" src: "haproxy.cfg.j2"
mode: "0644" mode: 0644
backup: true backup: yes
notify: notify:
- Restart HAProxy - Restart HAProxy
- Restart RSyslog - Restart RSyslog
- name: Create Rsyslog config dir - name: Create Rsyslog config dir
ansible.builtin.file: file:
dest: /etc/rsyslog.d/ dest: /etc/rsyslog.d/
state: directory state: directory
owner: root owner: root
group: root group: root
mode: "0644" mode: 0644
- name: Rsyslog create config - name: Rsyslog create config
ansible.builtin.template: template:
dest: "/etc/rsyslog.d/haproxy.conf" dest: "/etc/rsyslog.d/haproxy.conf"
src: "rsyslog.conf.j2" src: "rsyslog.conf.j2"
mode: "0644" mode: 0644
backup: true backup: yes
notify: notify:
- Restart RSyslog - Restart RSyslog
- name: Create jail /dev directory - name: Create jail /dev directory
ansible.builtin.file: file:
path: /var/lib/haproxy/dev/ path: /var/lib/haproxy/dev/
state: directory state: directory
owner: root owner: root
group: root group: root
mode: "0755" mode: 0755
- name: Copy SSL certificate - name: Copy SSL certificate
ansible.builtin.copy: copy:
src: "{{ haproxy_sslcert_src }}" src: "{{ haproxy_sslcert_src }}"
dest: "{{ haproxy_sslcert_path }}" dest: "{{ haproxy_sslcert_path }}"
owner: root owner: root
group: root group: root
mode: "0600" mode: 0600
backup: true backup: yes
when: haproxy_sslcert_src | default("") != "" when: haproxy_sslcert_src|default("") != ""
- name: HAProxy enable service - name: HAProxy enable service
ansible.builtin.service: service:
name: haproxy name: haproxy
enabled: true enabled: yes
state: started state: started

1
webcluster-lb.yml
View file

@ -3,7 +3,6 @@
tasks: [] tasks: []
- hosts: lb - hosts: lb
serial: "{{ serial_custom|default(1) }}"
roles: roles:
- keepalived-simple - keepalived-simple
- webcluster-haproxy - webcluster-haproxy

4
webcluster-worker.yml
View file

@ -1,7 +1,7 @@
--- ---
- hosts: worker - hosts: worker
serial: "{{ custom_serial|default([1, '50%']) }}" serial: 2
max_fail_percentage: "{{ custom_max_fail_percentage|default(20) }}" max_fail_percentage: 20
roles: roles:
- webcluster-worker - webcluster-worker
- apache2-backend-mod_remoteip - apache2-backend-mod_remoteip

2
webcluster-worker/defaults/main.yml
View file

@ -23,5 +23,5 @@ worker_a2docroots:
worker_phpfpmpools: worker_phpfpmpools:
- worker.conf - worker.conf
worker_phpversion: 8.3 worker_phpversion: 7.4

6
webcluster-worker/handlers/main.yml
View file

@ -1,11 +1,13 @@
--- ---
- name: Restart Apache2 - name: Restart Apache2
ansible.builtin.service: service:
name: apache2 name: apache2
state: restarted state: restarted
- name: Restart PHP-FPM - name: Restart PHP-FPM
ansible.builtin.service: service:
name: "php{{ worker_phpversion }}-fpm" name: "php{{ worker_phpversion }}-fpm"
state: restarted state: restarted

4
webcluster-worker/meta/main.yml
View file

@ -7,14 +7,12 @@ galaxy_info:
license: GPL-2.0-or-later license: GPL-2.0-or-later
min_ansible_version: '2.9' min_ansible_version: 2.9
platforms: platforms:
- name: Ubuntu - name: Ubuntu
versions: versions:
- focal - focal
- jammy
- noble
galaxy_tags: galaxy_tags:
- apache - apache

67
webcluster-worker/tasks/main.yml
View file

@ -1,66 +1,67 @@
--- ---
- name: Install software - name: Install software
ansible.builtin.package: package:
name: "{{ worker_packages }}" name: "{{ worker_packages }}"
state: latest state: latest
update_cache: true
cache_valid_time: 7200
- name: Apache2 enable modules - name: Apache2 enable modules
community.general.apache2_module: apache2_module:
name: "{{ item }}" name: "{{ item }}"
state: present state: present
with_items: "{{ worker_a2mods }}" with_items: "{{ worker_a2mods }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 disable sites - name: Apache2 disable sites
ansible.builtin.file: file:
path: "/etc/apache2/sites-enabled/{{ item }}" path: "/etc/apache2/sites-enabled/{{ item }}"
state: absent state: absent
with_items: "{{ worker_a2dissites }}" with_items: "{{ worker_a2dissites }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 create vhosts - name: Apache2 create vhosts
ansible.builtin.template: template:
dest: "/etc/apache2/sites-available/{{ item }}" dest: "/etc/apache2/sites-available/{{ item }}"
src: "etc/apache2/sites-available/{{ item }}.j2" src: "etc/apache2/sites-available/{{ item }}.j2"
mode: "0644" mode: 0644
backup: true backup: yes
with_items: "{{ worker_a2ensites }}" with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 enable sites - name: Apache2 enable sites
ansible.builtin.file: file:
path: "/etc/apache2/sites-enabled/{{ item }}" path: "/etc/apache2/sites-enabled/{{ item }}"
src: "/etc/apache2/sites-available/{{ item }}" src: "/etc/apache2/sites-available/{{ item }}"
state: link state: link
force: true force: yes
with_items: "{{ worker_a2ensites }}" with_items: "{{ worker_a2ensites }}"
notify: Restart Apache2 notify: Restart Apache2
- name: Apache2 create DocRoots - name: Apache2 create DocRoots
ansible.builtin.file: file:
path: "/{{ item }}" path: "/{{ item }}"
state: directory state: directory
owner: root mode: 0755
group: root
mode: "0755"
with_items: "{{ worker_a2docroots }}" with_items: "{{ worker_a2docroots }}"
notify: Restart Apache2 notify: Restart Apache2
- name: PHP Install pools - name: PHP Install pools
ansible.builtin.template: template:
dest: "/etc/php/{{ worker_phpversion }}/fpm/pool.d/{{ item }}" dest: "/etc/php/{{ worker_phpversion }}/fpm/pool.d/{{ item }}"
src: "etc/php-fpm-pool.d/{{ item }}.j2" src: "etc/php-fpm-pool.d/{{ item }}.j2"
mode: "0644" mode: 0644
owner: root backup: yes
group: root
backup: true
with_items: "{{ worker_phpfpmpools }}" with_items: "{{ worker_phpfpmpools }}"
notify: Restart PHP-FPM notify: Restart PHP-FPM
- name: Disable worker in load balancers - name: Disable worker in load balancers
community.general.haproxy: haproxy:
socket: /var/lib/haproxy/admin.sock socket: /var/lib/haproxy/admin.sock
backend: dynamic backend: dynamic
host: "{{ inventory_hostname }}" host: "{{ inventory_hostname }}"
@ -68,35 +69,30 @@
delegate_to: "{{ item }}" delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}" with_items: "{{ groups.lb }}"
- name: Apache2 copy websites - name: Apache2 copy websites
ansible.builtin.copy: copy:
dest: "/{{ item }}/" dest: "/{{ item }}/"
src: "{{ item }}/" src: "{{ item }}/"
owner: root backup: yes
group: root
mode: "0644"
backup: true
with_items: "{{ worker_a2docroots }}" with_items: "{{ worker_a2docroots }}"
- name: Apache2 template dummy index.html - name: Apache2 template dummy index.html
ansible.builtin.template: template:
dest: "/{{ item }}/index.html" dest: "/{{ item }}/index.html"
src: "{{ item }}/index.html.j2" src: "{{ item }}/index.html.j2"
owner: root mode: 0644
group: root backup: yes
mode: "0644"
backup: true
with_items: "{{ worker_a2docroots }}" with_items: "{{ worker_a2docroots }}"
- name: Flush handers
ansible.builtin.meta: flush_handlers
- name: Sleep 30 seconds... - name: Sleep 30 seconds...
ansible.builtin.pause: pause: seconds=30
seconds: 30
- name: Enable worker in load balancers - name: Enable worker in load balancers
community.general.haproxy: haproxy:
socket: /var/lib/haproxy/admin.sock socket: /var/lib/haproxy/admin.sock
backend: dynamic backend: dynamic
host: "{{ inventory_hostname }}" host: "{{ inventory_hostname }}"
@ -104,3 +100,4 @@
delegate_to: "{{ item }}" delegate_to: "{{ item }}"
with_items: "{{ groups.lb }}" with_items: "{{ groups.lb }}"