Add tasks to modify service-provider-template repo

This commit is contained in:
Adw8 2024-09-19 12:29:13 +05:30 committed by nabarun
parent 69fe5284bd
commit 9e404d7299
7 changed files with 78 additions and 21 deletions

View File

@ -6,6 +6,7 @@
vars_files: vars_files:
- k8s-vars.yml - k8s-vars.yml
- dns-vars.yml
tasks: tasks:
- name: Install Python and pip - name: Install Python and pip
@ -56,3 +57,59 @@
"Enter passphrase:": "{{ vault_passphrase }}" "Enter passphrase:": "{{ vault_passphrase }}"
args: args:
chdir: "service-provider-template" chdir: "service-provider-template"
- name: Ensure the target directory exists
file:
path: "{{ ansible_env.HOME }}/service-provider-template"
state: directory
mode: '0755'
- name: Change directory name in group_vars
command: mv lcn_cad {{ org_id }}_{{ location_id }}
args:
chdir: "{{ ansible_env.HOME }}/service-provider-template/group_vars"
- name: Change control directory name in host_vars
command: mv lcn-cad-cluster-control {{ org_id }}-{{ location_id }}-cluster-control
args:
chdir: "{{ ansible_env.HOME }}/service-provider-template/host_vars"
- name: Change daemon directory name in host_vars
command: mv lcn-daemon {{ org_id }}-daemon
args:
chdir: "{{ ansible_env.HOME }}/service-provider-template/host_vars"
- name: Copy control-firewalld.yml.j2 to the remote VM
template:
src: ./templates/control-firewalld.yml.j2
dest: "{{ ansible_env.HOME }}/service-provider-template/host_vars/{{ org_id }}-{{ location_id }}-cluster-control/firewalld.yml"
- name: Copy daemon-firewalld.yml.j2 to the remote VM
template:
src: ./templates/daemon-firewalld.yml.j2
dest: "{{ ansible_env.HOME }}/service-provider-template/host_vars/{{ org_id }}-daemon/firewalld.yml"
- name: Copy nginx.yml.j2 to the remote VM
template:
src: ./templates/nginx.yml.j2
dest: "{{ ansible_env.HOME }}/service-provider-template/host_vars/{{ org_id }}-daemon/nginx.yml"
- name: Copy hosts.j2 to the remote VM
template:
src: ./templates/hosts.j2
dest: "{{ ansible_env.HOME }}/service-provider-template/hosts"
- name: Copy k8s.yml.j2 to the remote VM
template:
src: ./templates/k8s.yml.j2
dest: "{{ ansible_env.HOME }}/service-provider-template/group_vars/{{ org_id }}_{{ location_id }}/k8s.yml"
- name: Copy wildcard-pwa-example.yml.j2 to the remote VM
template:
src: ./templates/wildcard-pwa-example.yml.j2
dest: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-{{dns_domain}}.yml"
- name: Delete old wildcard-pwa file
file:
path: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-laconic.yaml"
state: absent

View File

@ -13,4 +13,4 @@ firewalld_add:
sources: sources:
- 10.42.0.0/16 - 10.42.0.0/16
- 10.43.0.0/16 - 10.43.0.0/16
- "{{ cluster_control_ip }}" - {{ cluster_control_ip }}

View File

@ -13,4 +13,4 @@ firewalld_add:
- name: trusted - name: trusted
sources: sources:
- "{{ cluster_control_ip }}" - {{ cluster_control_ip }}

View File

@ -1,12 +1,12 @@
[all] [all]
{{ org_id }}-daemon ansible_host={{ cluster_control_ip }} {{ org_id }}-daemon ansible_host={{ cluster_control_ip }}
{{ org_id }}-{{ country_id }}-cluster-control ansible_host={{ cluster_control_ip }} {{ org_id }}-{{ location_id }}-cluster-control ansible_host={{ cluster_control_ip }}
[so] [so]
{{ org_id }}-daemon {{ org_id }}-daemon
[{{ org_id }}-{{ country_id }}] [{{ org_id }}-{{ location_id }}]
{{ org_id }}-{{ country_id }}-cluster-control k8s_node_type=bootstrap k8s_pod_limit=1024 k8s_external_ip={{ cluster_control_ip }} {{ org_id }}-{{ location_id }}-cluster-control k8s_node_type=bootstrap k8s_pod_limit=1024 k8s_external_ip={{ cluster_control_ip }}
[k8s:children] [k8s:children]
{{ org_id }}-{{ country_id }} {{ org_id }}-{{ location_id }}

View File

@ -1,8 +1,8 @@
--- ---
# default context is used for stack orchestrator deployments, for testing a custom context name can be usefull # default context is used for stack orchestrator deployments, for testing a custom context name can be usefull
#k8s_cluster_name: "{{ org_id }}-{{ country_id }}-cluster" #k8s_cluster_name: {{ org_id }}-{{ location_id }}-cluster
k8s_cluster_name: default k8s_cluster_name: default
k8s_cluster_url: "{{ org_id }}-{{ country_id }}-cluster-control.{{ dns_domain }}.com" k8s_cluster_url: {{ org_id }}-{{ location_id }}-cluster-control.{{ dns_domain }}.com
k8s_taint_servers: false k8s_taint_servers: false
k8s_acme_email: "{{ support_email }}" k8s_acme_email: "{{ support_email }}"
@ -50,6 +50,6 @@ k8s_manifests:
secret_key: access-token secret_key: access-token
# initiate wildcard cert # initiate wildcard cert
- name: "pwa.{{ dns_domain }}.com" - name: pwa.{{ dns_domain }}.com
type: file type: file
source: "wildcard-pwa-{{ dns_domain }}.yaml" source: wildcard-pwa-{{ dns_domain }}.yaml

View File

@ -6,16 +6,16 @@ nginx_proxy_send_timeout: 1200
nginx_proxy_connection_timeout: 75 nginx_proxy_connection_timeout: 75
nginx_sites: nginx_sites:
- name: "{{ org_id }}-console" - name: {{ org_id }}-console
url: "{{ org_id }}-console.{{ dns_domain }}.com" url: {{ org_id }}-console.{{ dns_domain }}.com
upstream: http://localhost:8080 upstream: http://localhost:8080
template: basic-proxy template: basic-proxy
ssl: true ssl: true
- name: "{{ org_id }}-daemon" - name: {{ org_id }}-daemon
url: "{{ org_id }}-daemon.{{ dns_domain }}.com" url: {{ org_id }}-daemon.{{ dns_domain }}.com
upstream: http://localhost:9473 upstream: http://localhost:9473
configs: configs:
- rewrite "^/deployer(/.*)? https://webapp-deployer.pwa.{{domain}}.com" permanent - rewrite ^/deployer(/.*)? https://webapp-deployer.pwa.{{dns_domain}}.com permanent
template: websocket-proxy template: websocket-proxy
ssl: true ssl: true

View File

@ -1,15 +1,15 @@
apiVersion: cert-manager.io/v1 apiVersion: cert-manager.io/v1
kind: Certificate kind: Certificate
metadata: metadata:
name: "pwa.{{ dns_domain }}.com" name: pwa.{{ dns_domain }}.com
namespace: default namespace: default
spec: spec:
secretName: "pwa.{{ dns_domain }}.com" secretName: pwa.{{ dns_domain }}.com
issuerRef: issuerRef:
name: letsencrypt-prod-wild name: letsencrypt-prod-wild
kind: ClusterIssuer kind: ClusterIssuer
group: cert-manager.io group: cert-manager.io
commonName: "*.pwa.{{ dns_domain }}.com" commonName: *.pwa.{{ dns_domain }}.com
dnsNames: dnsNames:
- "pwa.{{ dns_domain }}.com" - pwa.{{ dns_domain }}.com
- "*.pwa.{{ dns_domain }}.com" - *.pwa.{{ dns_domain }}.com