Add tasks to modify service-provider-template repo

2024-09-19 12:29:13 +05:30 · 2024-09-19 12:29:13 +05:30 · ed65dea187
commit ed65dea187
parent 02e5a130ce
7 changed files with 78 additions and 21 deletions
--- a/service-provider-setup/setup-k8s.yml
+++ b/service-provider-setup/setup-k8s.yml
@ -6,6 +6,7 @@

  vars_files:
    - k8s-vars.yml
+    - dns-vars.yml

  tasks:
    - name: Install Python and pip
@ -56,3 +57,59 @@
          "Enter passphrase:": "{{ vault_passphrase }}"
      args:
        chdir: "service-provider-template"
+
+    - name: Ensure the target directory exists
+      file:
+        path: "{{ ansible_env.HOME }}/service-provider-template"
+        state: directory
+        mode: '0755'
+
+    - name: Change directory name in group_vars
+      command: mv lcn_cad {{ org_id }}_{{ location_id }}
+      args:
+        chdir: "{{ ansible_env.HOME }}/service-provider-template/group_vars"
+
+    - name: Change control directory name in host_vars
+      command: mv lcn-cad-cluster-control {{ org_id }}-{{ location_id }}-cluster-control
+      args:
+        chdir: "{{ ansible_env.HOME }}/service-provider-template/host_vars"
+
+    - name: Change daemon directory name in host_vars
+      command: mv lcn-daemon {{ org_id }}-daemon
+      args:
+        chdir: "{{ ansible_env.HOME }}/service-provider-template/host_vars"
+
+    - name: Copy control-firewalld.yml.j2 to the remote VM
+      template:
+        src: ./templates/control-firewalld.yml.j2
+        dest: "{{ ansible_env.HOME }}/service-provider-template/host_vars/{{ org_id }}-{{ location_id }}-cluster-control/firewalld.yml"
+
+    - name: Copy daemon-firewalld.yml.j2 to the remote VM
+      template:
+        src: ./templates/daemon-firewalld.yml.j2
+        dest: "{{ ansible_env.HOME }}/service-provider-template/host_vars/{{ org_id }}-daemon/firewalld.yml"
+
+    - name: Copy nginx.yml.j2 to the remote VM
+      template:
+        src: ./templates/nginx.yml.j2
+        dest: "{{ ansible_env.HOME }}/service-provider-template/host_vars/{{ org_id }}-daemon/nginx.yml"
+
+    - name: Copy hosts.j2 to the remote VM
+      template:
+        src: ./templates/hosts.j2
+        dest: "{{ ansible_env.HOME }}/service-provider-template/hosts"
+
+    - name: Copy k8s.yml.j2 to the remote VM
+      template:
+        src: ./templates/k8s.yml.j2
+        dest: "{{ ansible_env.HOME }}/service-provider-template/group_vars/{{ org_id }}_{{ location_id }}/k8s.yml"
+
+    - name: Copy wildcard-pwa-example.yml.j2 to the remote VM
+      template:
+        src: ./templates/wildcard-pwa-example.yml.j2
+        dest: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-{{dns_domain}}.yml"
+
+    - name: Delete old wildcard-pwa file
+      file:
+        path: "{{ ansible_env.HOME }}/service-provider-template/files/manifests/wildcard-pwa-laconic.yaml"
+        state: absent
--- a/service-provider-setup/templates/control-firewalld.yml.j2
+++ b/service-provider-setup/templates/control-firewalld.yml.j2
@ -13,4 +13,4 @@ firewalld_add:
    sources:
      - 10.42.0.0/16
      - 10.43.0.0/16
-      - "{{ cluster_control_ip }}"
+      - {{ cluster_control_ip }}
--- a/service-provider-setup/templates/daemon-firewalld.yml.j2
+++ b/service-provider-setup/templates/daemon-firewalld.yml.j2
@ -13,4 +13,4 @@ firewalld_add:

  - name: trusted
    sources:
-      - "{{ cluster_control_ip }}"
+      - {{ cluster_control_ip }}
--- a/service-provider-setup/templates/hosts.j2
+++ b/service-provider-setup/templates/hosts.j2
@ -1,12 +1,12 @@
 [all]
 {{ org_id }}-daemon ansible_host={{ cluster_control_ip }}
-{{ org_id }}-{{ country_id }}-cluster-control ansible_host={{ cluster_control_ip }}
+{{ org_id }}-{{ location_id }}-cluster-control ansible_host={{ cluster_control_ip }}

 [so]
 {{ org_id }}-daemon

-[{{ org_id }}-{{ country_id }}]
-{{ org_id }}-{{ country_id }}-cluster-control k8s_node_type=bootstrap k8s_pod_limit=1024 k8s_external_ip={{ cluster_control_ip }}
+[{{ org_id }}-{{ location_id }}]
+{{ org_id }}-{{ location_id }}-cluster-control k8s_node_type=bootstrap k8s_pod_limit=1024 k8s_external_ip={{ cluster_control_ip }}

 [k8s:children]
-{{ org_id }}-{{ country_id }}
+{{ org_id }}-{{ location_id }}
--- a/service-provider-setup/templates/k8s.yml.j2
+++ b/service-provider-setup/templates/k8s.yml.j2
@ -1,8 +1,8 @@
 ---
 # default context is used for stack orchestrator deployments, for testing a custom context name can be usefull
-#k8s_cluster_name: "{{ org_id }}-{{ country_id }}-cluster"
+#k8s_cluster_name: {{ org_id }}-{{ location_id }}-cluster
 k8s_cluster_name: default
-k8s_cluster_url: "{{ org_id }}-{{ country_id }}-cluster-control.{{ dns_domain }}.com"
+k8s_cluster_url: {{ org_id }}-{{ location_id }}-cluster-control.{{ dns_domain }}.com
 k8s_taint_servers: false

 k8s_acme_email: "{{ support_email }}"
@ -50,6 +50,6 @@ k8s_manifests:
        secret_key: access-token

  # initiate wildcard cert
-  - name: "pwa.{{ dns_domain }}.com"
+  - name: pwa.{{ dns_domain }}.com
    type: file
-    source: "wildcard-pwa-{{ dns_domain }}.yaml"
+    source: wildcard-pwa-{{ dns_domain }}.yaml
--- a/service-provider-setup/templates/nginx.yml.j2
+++ b/service-provider-setup/templates/nginx.yml.j2
@ -6,16 +6,16 @@ nginx_proxy_send_timeout: 1200
 nginx_proxy_connection_timeout: 75

 nginx_sites:
-  - name: "{{ org_id }}-console"
-    url: "{{ org_id }}-console.{{ dns_domain }}.com"
+  - name: {{ org_id }}-console
+    url: {{ org_id }}-console.{{ dns_domain }}.com
    upstream: http://localhost:8080
    template: basic-proxy
    ssl: true

-  - name: "{{ org_id }}-daemon"
-    url: "{{ org_id }}-daemon.{{ dns_domain }}.com"
+  - name: {{ org_id }}-daemon
+    url: {{ org_id }}-daemon.{{ dns_domain }}.com
    upstream: http://localhost:9473
    configs:
-      - rewrite "^/deployer(/.*)? https://webapp-deployer.pwa.{{domain}}.com" permanent
+      - rewrite ^/deployer(/.*)? https://webapp-deployer.pwa.{{dns_domain}}.com permanent
    template: websocket-proxy
-    ssl: true
+    ssl: true
--- a/service-provider-setup/templates/wildcard-pwa-example.yml.j2
+++ b/service-provider-setup/templates/wildcard-pwa-example.yml.j2
@ -1,15 +1,15 @@
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: "pwa.{{ dns_domain }}.com"
+  name: pwa.{{ dns_domain }}.com
  namespace: default
 spec:
-  secretName: "pwa.{{ dns_domain }}.com"
+  secretName: pwa.{{ dns_domain }}.com
  issuerRef:
    name: letsencrypt-prod-wild
    kind: ClusterIssuer
    group: cert-manager.io
-  commonName: "*.pwa.{{ dns_domain }}.com"
+  commonName: *.pwa.{{ dns_domain }}.com
  dnsNames:
-    - "pwa.{{ dns_domain }}.com"
-    - "*.pwa.{{ dns_domain }}.com"
+    - pwa.{{ dns_domain }}.com
+    - *.pwa.{{ dns_domain }}.com