From 4a7f8e839123f1f26c6910deff02dc6d107336c3 Mon Sep 17 00:00:00 2001 From: Thomas Daley Date: Fri, 12 Aug 2022 15:08:11 -0700 Subject: [PATCH] Update IaC --- .ansible/ansible.cfg | 9 -- .ansible/deploy.yaml | 4 +- .../hosts => inventories/dev.yaml} | 8 +- .ansible/inventories/prod.yaml | 14 +++ .../stable/hosts => inventories/test.yaml} | 8 +- .../development/group_vars/all/main.yaml | 1 - .../development/group_vars/manager/main.yaml | 3 - .../production/group_vars/all/main.yaml | 1 - .../production/group_vars/manager/main.yaml | 3 - .ansible/inventory/production/hosts | 10 -- .../inventory/stable/group_vars/all/main.yaml | 1 - .../stable/group_vars/manager/main.yaml | 3 - .ansible/roles/requirements.yaml | 12 +- ...er-compose.yaml.j2 => docker-compose.yaml} | 8 +- .drone.yaml | 106 +++++++++++++----- .gitignore | 2 + README.md | 11 -- 17 files changed, 119 insertions(+), 85 deletions(-) delete mode 100644 .ansible/ansible.cfg rename .ansible/{inventory/development/hosts => inventories/dev.yaml} (57%) create mode 100644 .ansible/inventories/prod.yaml rename .ansible/{inventory/stable/hosts => inventories/test.yaml} (56%) delete mode 100644 .ansible/inventory/development/group_vars/all/main.yaml delete mode 100644 .ansible/inventory/development/group_vars/manager/main.yaml delete mode 100644 .ansible/inventory/production/group_vars/all/main.yaml delete mode 100644 .ansible/inventory/production/group_vars/manager/main.yaml delete mode 100644 .ansible/inventory/production/hosts delete mode 100644 .ansible/inventory/stable/group_vars/all/main.yaml delete mode 100644 .ansible/inventory/stable/group_vars/manager/main.yaml rename .ansible/templates/{docker-compose.yaml.j2 => docker-compose.yaml} (83%) diff --git a/.ansible/ansible.cfg b/.ansible/ansible.cfg deleted file mode 100644 index e869074..0000000 --- a/.ansible/ansible.cfg +++ /dev/null @@ -1,9 +0,0 @@ -[defaults] - -stdout_callback = debug -host_key_checking = True -retry_files_enabled = False - -# Fixes ansible variable precedence issue: Makes inventory group_vars override playbook group_vars -# https://github.com/ansible/ansible/issues/18154 -precedence = all_plugins_play, all_inventory, all_plugins_inventory, groups_plugins_play, groups_inventory, groups_plugins_inventory diff --git a/.ansible/deploy.yaml b/.ansible/deploy.yaml index 335af54..98bdbc1 100644 --- a/.ansible/deploy.yaml +++ b/.ansible/deploy.yaml @@ -1,9 +1,7 @@ -# ansible-playbook deploy.yaml -i inventories/dev/hosts --vault-id ~/.tokens/master_id - - hosts: all strategy: free roles: - - common + - traefik tasks: diff --git a/.ansible/inventory/development/hosts b/.ansible/inventories/dev.yaml similarity index 57% rename from .ansible/inventory/development/hosts rename to .ansible/inventories/dev.yaml index 5fd1d04..d6cadf4 100644 --- a/.ansible/inventory/development/hosts +++ b/.ansible/inventories/dev.yaml @@ -1,10 +1,14 @@ all: children: - manager: + swarm_manager: hosts: dev.diesel.net: - vars: + vars: + proxy_domains: + - dev.diesel.net + - dev.kiwi-labs.net + ansible_user: automation ansible_python_interpreter: /usr/bin/python3 diff --git a/.ansible/inventories/prod.yaml b/.ansible/inventories/prod.yaml new file mode 100644 index 0000000..31f5edc --- /dev/null +++ b/.ansible/inventories/prod.yaml @@ -0,0 +1,14 @@ +all: + children: + + swarm_manager: + hosts: + prod.diesel.net: + + vars: + proxy_domains: + - prod.diesel.net + - kiwi-labs.net + + ansible_user: automation + ansible_python_interpreter: /usr/bin/python3 diff --git a/.ansible/inventory/stable/hosts b/.ansible/inventories/test.yaml similarity index 56% rename from .ansible/inventory/stable/hosts rename to .ansible/inventories/test.yaml index 3271a0f..88cceb6 100644 --- a/.ansible/inventory/stable/hosts +++ b/.ansible/inventories/test.yaml @@ -1,10 +1,14 @@ all: children: - manager: + swarm_manager: hosts: test.diesel.net: - vars: + vars: + proxy_domains: + - test.diesel.net + - test.kiwi-labs.net + ansible_user: automation ansible_python_interpreter: /usr/bin/python3 diff --git a/.ansible/inventory/development/group_vars/all/main.yaml b/.ansible/inventory/development/group_vars/all/main.yaml deleted file mode 100644 index b8500d2..0000000 --- a/.ansible/inventory/development/group_vars/all/main.yaml +++ /dev/null @@ -1 +0,0 @@ -env: dev diff --git a/.ansible/inventory/development/group_vars/manager/main.yaml b/.ansible/inventory/development/group_vars/manager/main.yaml deleted file mode 100644 index 1b35571..0000000 --- a/.ansible/inventory/development/group_vars/manager/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ -proxy_domains: - - dev.diesel.net - - dev.kiwi-labs.net diff --git a/.ansible/inventory/production/group_vars/all/main.yaml b/.ansible/inventory/production/group_vars/all/main.yaml deleted file mode 100644 index 2fdef9a..0000000 --- a/.ansible/inventory/production/group_vars/all/main.yaml +++ /dev/null @@ -1 +0,0 @@ -env: prod diff --git a/.ansible/inventory/production/group_vars/manager/main.yaml b/.ansible/inventory/production/group_vars/manager/main.yaml deleted file mode 100644 index 09afa66..0000000 --- a/.ansible/inventory/production/group_vars/manager/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ -proxy_domains: - - prod.diesel.net - - kiwi-labs.net diff --git a/.ansible/inventory/production/hosts b/.ansible/inventory/production/hosts deleted file mode 100644 index be0c49a..0000000 --- a/.ansible/inventory/production/hosts +++ /dev/null @@ -1,10 +0,0 @@ -all: - children: - - manager: - hosts: - prod.diesel.net - - vars: - ansible_user: automation - ansible_python_interpreter: /usr/bin/python3 diff --git a/.ansible/inventory/stable/group_vars/all/main.yaml b/.ansible/inventory/stable/group_vars/all/main.yaml deleted file mode 100644 index 6e1be1f..0000000 --- a/.ansible/inventory/stable/group_vars/all/main.yaml +++ /dev/null @@ -1 +0,0 @@ -env: test diff --git a/.ansible/inventory/stable/group_vars/manager/main.yaml b/.ansible/inventory/stable/group_vars/manager/main.yaml deleted file mode 100644 index 0a0b6c6..0000000 --- a/.ansible/inventory/stable/group_vars/manager/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ -proxy_domains: - - test.diesel.net - - test.kiwi-labs.net diff --git a/.ansible/roles/requirements.yaml b/.ansible/roles/requirements.yaml index 50505b1..5aa29c1 100644 --- a/.ansible/roles/requirements.yaml +++ b/.ansible/roles/requirements.yaml @@ -1,9 +1,9 @@ -- name: common - scm: git - src: "git@github.com:Diesel-Net/ansible-role-common.git" - version: 1.1.3 - - name: docker scm: git src: "git@github.com:Diesel-Net/ansible-role-docker.git" - version: 1.3.0 + version: 2.0.0 + +- name: traefik + scm: git + src: "git@github.com:Diesel-Net/ansible-role-traefik.git" + version: 2.0.0 diff --git a/.ansible/templates/docker-compose.yaml.j2 b/.ansible/templates/docker-compose.yaml similarity index 83% rename from .ansible/templates/docker-compose.yaml.j2 rename to .ansible/templates/docker-compose.yaml index 50d4407..d0d9938 100644 --- a/.ansible/templates/docker-compose.yaml.j2 +++ b/.ansible/templates/docker-compose.yaml @@ -4,7 +4,7 @@ version: '3.8' services: main: - image: {{ docker_registry }}/{{ repository }}:{{ version }}-latest + image: {{ docker_image }} environment: - TITLE=Kiwi Labs @@ -21,9 +21,9 @@ services: - traefik.http.routers.coming-soon.tls.domains[0].sans={{ proxy_domains[0] }} - traefik.http.routers.coming-soon.priority=1 networks: - - {{ docker_network }} + - {{ traefik_network }} networks: - {{ docker_network }}: + {{ traefik_network }}: external: - name: {{ docker_network }} + name: {{ traefik_network }} diff --git a/.drone.yaml b/.drone.yaml index ab88761..4929d65 100644 --- a/.drone.yaml +++ b/.drone.yaml @@ -1,13 +1,16 @@ --- kind: pipeline type: docker -name: Deploy coming-soon page +name: Deploy coming-soon page (dev) clone: depth: 1 +concurrency: + limit: 1 + steps: - - name: docker build & push (dev/test) + - name: docker build & push image: plugins/docker settings: mirror: dockerhub.nexus.diesel.net @@ -19,14 +22,37 @@ steps: repo: docker.nexus.diesel.net/${DRONE_REPO_NAME} tags: - ${DRONE_BRANCH}-latest - when: - branch: - - development - - stable - event: - - push - - - name: docker build & push (prod) + + - name: deploy + image: docker.nexus.diesel.net/drone-ansible:2.13 + settings: + galaxy: .ansible/roles/requirements.yaml + inventory: .ansible/inventories/dev.yaml + playbook: .ansible/deploy.yaml + private_key: + from_secret: automation_id_rsa + vault_password: + from_secret: ansible_vault_password + +trigger: + branch: + - development + event: + - push + +--- +kind: pipeline +type: docker +name: Deploy coming-soon page (test) + +clone: + depth: 1 + +concurrency: + limit: 1 + +steps: + - name: docker build & push image: plugins/docker settings: mirror: dockerhub.nexus.diesel.net @@ -37,35 +63,63 @@ steps: from_secret: nexus_pass repo: docker.nexus.diesel.net/${DRONE_REPO_NAME} tags: - - production-latest - - ${DRONE_TAG} - when: - event: - - tag + - ${DRONE_BRANCH}-latest - name: deploy - image: plugins/ansible:3 - environment: - ANSIBLE_CONFIG: .ansible/ansible.cfg + image: docker.nexus.diesel.net/drone-ansible:2.13 settings: - playbook: .ansible/deploy.yaml galaxy: .ansible/roles/requirements.yaml + inventory: .ansible/inventories/test.yaml + playbook: .ansible/deploy.yaml private_key: from_secret: automation_id_rsa vault_password: from_secret: ansible_vault_password - commands: - # dynamically select inventory based on Git branch/tag - - version=$DRONE_BRANCH - - if [ ! -z $DRONE_TAG ]; then version=production; fi - - /bin/drone-ansible --inventory .ansible/inventory/$$version/hosts - trigger: branch: - - development - stable event: - push + +--- +kind: pipeline +type: docker +name: Deploy coming-soon page (prod) + +clone: + depth: 1 + +concurrency: + limit: 1 + +steps: + - name: docker build & push + image: plugins/docker + settings: + mirror: dockerhub.nexus.diesel.net + registry: docker.nexus.diesel.net + username: + from_secret: nexus_user + password: + from_secret: nexus_pass + repo: docker.nexus.diesel.net/${DRONE_REPO_NAME} + tags: + - production-latest + - ${DRONE_TAG} + + - name: deploy + image: docker.nexus.diesel.net/drone-ansible:2.13 + settings: + galaxy: .ansible/roles/requirements.yaml + inventory: .ansible/inventories/prod.yaml + playbook: .ansible/deploy.yaml + private_key: + from_secret: automation_id_rsa + vault_password: + from_secret: ansible_vault_password + +trigger: + event: - tag ... diff --git a/.gitignore b/.gitignore index 8fd013d..257c0b0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ .ansible/roles/docker .ansible/roles/common +.ansible/roles/application +.ansible/roles/traefik .DS_Store diff --git a/README.md b/README.md index 3a226cf..6180bef 100644 --- a/README.md +++ b/README.md @@ -3,17 +3,6 @@ # coming-soon Thanks to [Creative Tim](http://www.creative-tim.com) for supplying a great [template](https://www.creative-tim.com/product/coming-sssoon-page) to work from. -## Installing External Dependencies -Ansible `2.10.3` was used at the time of this writing. -```bash -ansible-galaxy install -r .ansible/roles/requirements.yaml -p .ansible/roles --force -``` - -## Deploy -```bash -ansible-playbook .ansible/deploy.yaml -i .ansible/inventories/development/hosts --vault-id ~/.tokens/vault.txt -``` - ## Environment Variables You have the following environment variables which allow you to configure the