Used dos2unix to convert all files in repo to unix and set up Traefik service

2026-03-24 14:24:43 +00:00 · 2018-10-11 12:47:57 -04:00
parent 2b0cfd3f99
commit 74ebb46140
10 changed files with 280 additions and 258 deletions
--- a/playbooks/site.yml
+++ b/playbooks/site.yml
@@ -21,9 +21,9 @@

 - import_playbook: swarm.yml

-# - name: Deploy startup-infrastructure swarm stack
-#   hosts: bootstrap
-#   user: root
-#   serial: 100%
-#   tasks:
-#     - include: ../roles/startup-infrastructure/tasks/main.yml
+- name: Deploy startup-infrastructure swarm stack
+  hosts: bootstrap
+  user: root
+  serial: 100%
+  tasks:
+    - include: ../roles/startup-infrastructure/tasks/main.yml
--- a/roles/dokuwiki/tasks/main.yml
+++ b/roles/dokuwiki/tasks/main.yml
@@ -1,6 +1,6 @@
---
- name: Replace sudoers file
-  template: src=../roles/dokuwiki/templates/docker-compose.yml.j2 dest=/data/dokuwiki.yml
-
- name: Run docker-compose
+---
+- name: Replace sudoers file
+  template: src=../roles/dokuwiki/templates/docker-compose.yml.j2 dest=/data/dokuwiki.yml
+
+- name: Run docker-compose
  shell: cd /data && docker-compose -f dokuwiki.yml up -d
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@@ -1,6 +1,6 @@
---
- name: Replace sudoers file
-  template: src=../roles/gitea/templates/docker-compose.yml.j2 dest=/data/gitea.yml
-
- name: Run docker-compose
+---
+- name: Replace sudoers file
+  template: src=../roles/gitea/templates/docker-compose.yml.j2 dest=/data/gitea.yml
+
+- name: Run docker-compose
  shell: cd /data && docker-compose -f gitea.yml up -d
--- a/roles/startup-infrastructure/tasks/main.yml
+++ b/roles/startup-infrastructure/tasks/main.yml
@@ -1,6 +1,20 @@
---
- name: Place the compose file
-  template: src=../roles/startup-infrastructure/templates/docker-compose.yml.j2 dest=/data/startup-infrastructure.yml
-
- name: Run stack deploy
-  shell: cd /data && docker stack deploy -c startup-infrastructure.yml startup-infrastructure
+---
+- name: Create appnet
+  shell: >
+    docker network ls | grep "appnet" ||
+    {
+      docker network create --driver overlay appnet
+    }
+  become: true
+
+
+- name: Place the compose file
+  template: 
+    src: ../roles/startup-infrastructure/templates/docker-compose.yml.j2 
+    dest: /data/startup-infrastructure.yml
+    mode: 0600
+  become: true
+
+- name: Run stack deploy
+  shell: cd /data && docker stack deploy -c startup-infrastructure.yml startup-infrastructure
+  become: true
--- a/roles/startup-infrastructure/templates/docker-compose.yml.j2
+++ b/roles/startup-infrastructure/templates/docker-compose.yml.j2
@@ -1,179 +1,26 @@
-version: '3.1'
-networks:
-  appnet:
-  wekan:
-    driver: bridge
-
-services:
-  traefik:
-    image: traefik:1.6.4
-    ports:
-      - "80:80"
-      - "443:443"
-      - "8081:8080"
-    networks:
-      - appnet
-    volumes:
-      - ./traefik.toml:/etc/traefik/traefik.toml
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    deploy:
-      mode: replicated
-      replicas: 1
-      placement:
-        constraints:
-          - node.role == manager
-
-  portainer:
-    image: portainer/portainer
-    networks:
-      - appnet
-    volumes:
-      - portainer_data:/data
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    deploy:
-      labels:
-        - "traefik.frontend.entryPoints=http"
-        - "traefik.protocol=http"
-        - "traefik.backend=portainer"
-        - "traefik.port=9000"
-        - "traefik.docker.network=appnet"
-        - "traefik.frontend.rule=Host:portainer.{{ root_domain }}"
-      mode: replicated
-      replicas: 1
-      {% if {{ groups['workers'] | length }} > 0 %}
-      placement:
-        constraints:
-          - node.role == worker
-      {% endif %}
-
-  bitwarden:
-    image: mprasil/bitwarden
-    networks:
-      - appnet
-    volumes:
-      - bitwarden_data:/data
-    deploy:
-      labels:
-        - "traefik.frontend.entryPoints=http"
-        - "traefik.protocol=http"
-        - "traefik.backend=bitwarden"
-        - "traefik.port=80"
-        - "traefik.docker.network=appnet"
-        - "traefik.frontend.rule=Host:bitwarden.{{ root_domain }}"
-      mode: replicated
-      replicas: 1
-      {% if {{ groups['workers'] | length }} > 0 %}
-      placement:
-        constraints:
-          - node.role == worker
-      {% endif %}
-
-  gitea:
-    image: gitea/gitea:latest
-    environment:
-      - USER_UID=1000
-      - USER_GID=1000
-    networks:
-      - appnet
-    volumes:
-      - gitea_data:/data
-    ports:
-      - "2222:22"
-    deploy:
-      labels:
-        - "traefik.frontend.entryPoints=http"
-        - "traefik.protocol=http"
-        - "traefik.backend=git"
-        - "traefik.port=3000"
-        - "traefik.docker.network=appnet"
-        - "traefik.frontend.rule=Host:git.{{ root_domain }}"
-      mode: replicated
-      replicas: 1
-      {% if {{ groups['workers'] | length }} > 0 %}
-      placement:
-        constraints:
-          - node.role == worker
-      {% endif %}
-
-  dokuwiki:
-    image: mprasil/dokuwiki
-    networks:
-      - appnet
-    volumes:
-      - dokuwiki_data:/dokuwiki
-    deploy:
-      labels:
-        - "traefik.frontend.entryPoints=http"
-        - "traefik.protocol=http"
-        - "traefik.backend=dokuwiki"
-        - "traefik.port=80"
-        - "traefik.docker.network=appnet"
-        - "traefik.frontend.rule=Host:dokuwiki.{{ root_domain }}"
-      mode: replicated
-      replicas: 1
-      {% if {{ groups['workers'] | length }} > 0 %}
-      placement:
-        constraints:
-          - node.role == worker
-      {% endif %}
-
-  wekandb:
-    # All Wekan data is stored in MongoDB. For backup and restore, see:
-    #   https://github.com/wekan/wekan/wiki/Export-Docker-Mongo-Data
-    image: mongo:3.2.21
-    command: mongod --smallfiles --oplogSize 128
-    networks:
-      - wekan
-    volumes:
-      - wekan-db:/data/db
-      - wekan-db-dump:/dump
-    deploy:
-      mode: replicated
-      replicas: 1
-      {% if {{ groups['workers'] | length }} > 0 %}
-      placement:
-        constraints:
-          - node.role == worker
-      {% endif %}
-
-  wekan:
-    image: quay.io/wekan/wekan
-    networks:
-      - wekan
-      - appnet
-    environment:
-      - ROOT_URL=http://{{ root_domain }}
-      - MONGO_URL=mongodb://wekandb:27017/wekan
-      #- MAIL_URL=smtp://user:pass@mailserver.example.com:25/
-      #- MAIL_FROM='Example Wekan Support <support@example.com>'
-      - WITH_API=true
-    deploy:
-      labels:
-        - "traefik.frontend.entryPoints=http"
-        - "traefik.protocol=http"
-        - "traefik.backend=wekan"
-        - "traefik.port=8080"
-        - "traefik.docker.network=appnet"
-        - "traefik.frontend.rule=Host:wekan.{{ root_domain }}"
-      mode: replicated
-      replicas: 1
-      {% if {{ groups['workers'] | length }} > 0 %}
-      placement:
-        constraints:
-          - node.role == worker
-      {% endif %}
-
-{% set docker_volumes = ['portainer_data','bitwarden_data','gitea_data','dokuwiki_data','wekan-db','wekan-db-dump'] %}
-volumes:
-{% for volume in docker_volumes %}
-  {{ volume }}:
-    {% if storage_type == 'nfs' %}
-    driver: local
-    driver_opts:
-      type: nfs
-      o: "addr={{ nfs_address }},soft,nolock,rw"
-      device: ":{{ nfs_root_path }}/{{ volume }}"
-  {% elif storage_type == 'local' %}
-    driver: local
-  {% endif %}
-{% endfor %}
+version: '3.1'
+networks:
+  appnet:
+    external: true
+  wekan:
+    driver: bridge
+
+services:
+  traefik:
+    image: traefik:1.6.4
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8081:8080"
+    networks:
+      - appnet
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    command: --docker --docker.swarmMode --docker.domain=traefik --docker.watch --api --ping
+    # --acme --acme.email='test@test.com' --acme.storage='acme.json' --acme.entrypoint='https'
+    deploy:
+      mode: replicated
+      replicas: 1
+      placement:
+        constraints:
+          - node.role == manager
--- a/roles/startup-infrastructure/templates/old-code.yml
+++ b/roles/startup-infrastructure/templates/old-code.yml
@@ -0,0 +1,154 @@
+  portainer:
+    image: portainer/portainer
+    networks:
+      - appnet
+    volumes:
+      - portainer_data:/data
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    deploy:
+      labels:
+        - "traefik.frontend.entryPoints=http"
+        - "traefik.protocol=http"
+        - "traefik.backend=portainer"
+        - "traefik.port=9000"
+        - "traefik.docker.network=appnet"
+        - "traefik.frontend.rule=Host:portainer.{{ root_domain }}"
+      mode: replicated
+      replicas: 1
+      {% if {{ groups['workers'] | length }} > 0 %}
+      placement:
+        constraints:
+          - node.role == worker
+      {% endif %}
+
+  bitwarden:
+    image: mprasil/bitwarden
+    networks:
+      - appnet
+    volumes:
+      - bitwarden_data:/data
+    deploy:
+      labels:
+        - "traefik.frontend.entryPoints=http"
+        - "traefik.protocol=http"
+        - "traefik.backend=bitwarden"
+        - "traefik.port=80"
+        - "traefik.docker.network=appnet"
+        - "traefik.frontend.rule=Host:bitwarden.{{ root_domain }}"
+      mode: replicated
+      replicas: 1
+      {% if {{ groups['workers'] | length }} > 0 %}
+      placement:
+        constraints:
+          - node.role == worker
+      {% endif %}
+
+  gitea:
+    image: gitea/gitea:latest
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    networks:
+      - appnet
+    volumes:
+      - gitea_data:/data
+    ports:
+      - "2222:22"
+    deploy:
+      labels:
+        - "traefik.frontend.entryPoints=http"
+        - "traefik.protocol=http"
+        - "traefik.backend=git"
+        - "traefik.port=3000"
+        - "traefik.docker.network=appnet"
+        - "traefik.frontend.rule=Host:git.{{ root_domain }}"
+      mode: replicated
+      replicas: 1
+      {% if {{ groups['workers'] | length }} > 0 %}
+      placement:
+        constraints:
+          - node.role == worker
+      {% endif %}
+
+  dokuwiki:
+    image: mprasil/dokuwiki
+    networks:
+      - appnet
+    volumes:
+      - dokuwiki_data:/dokuwiki
+    deploy:
+      labels:
+        - "traefik.frontend.entryPoints=http"
+        - "traefik.protocol=http"
+        - "traefik.backend=dokuwiki"
+        - "traefik.port=80"
+        - "traefik.docker.network=appnet"
+        - "traefik.frontend.rule=Host:dokuwiki.{{ root_domain }}"
+      mode: replicated
+      replicas: 1
+      {% if {{ groups['workers'] | length }} > 0 %}
+      placement:
+        constraints:
+          - node.role == worker
+      {% endif %}
+
+  wekandb:
+    # All Wekan data is stored in MongoDB. For backup and restore, see:
+    #   https://github.com/wekan/wekan/wiki/Export-Docker-Mongo-Data
+    image: mongo:3.2.21
+    command: mongod --smallfiles --oplogSize 128
+    networks:
+      - wekan
+    volumes:
+      - wekan-db:/data/db
+      - wekan-db-dump:/dump
+    deploy:
+      mode: replicated
+      replicas: 1
+      {% if {{ groups['workers'] | length }} > 0 %}
+      placement:
+        constraints:
+          - node.role == worker
+      {% endif %}
+
+  wekan:
+    image: quay.io/wekan/wekan
+    networks:
+      - wekan
+      - appnet
+    environment:
+      - ROOT_URL=http://{{ root_domain }}
+      - MONGO_URL=mongodb://wekandb:27017/wekan
+      #- MAIL_URL=smtp://user:pass@mailserver.example.com:25/
+      #- MAIL_FROM='Example Wekan Support <support@example.com>'
+      - WITH_API=true
+    deploy:
+      labels:
+        - "traefik.frontend.entryPoints=http"
+        - "traefik.protocol=http"
+        - "traefik.backend=wekan"
+        - "traefik.port=8080"
+        - "traefik.docker.network=appnet"
+        - "traefik.frontend.rule=Host:wekan.{{ root_domain }}"
+      mode: replicated
+      replicas: 1
+      {% if {{ groups['workers'] | length }} > 0 %}
+      placement:
+        constraints:
+          - node.role == worker
+      {% endif %}
+
+{% set docker_volumes = ['portainer_data','bitwarden_data','gitea_data','dokuwiki_data','wekan-db','wekan-db-dump'] %}
+volumes:
+{% for volume in docker_volumes %}
+  {{ volume }}:
+  {% if storage_type == 'nfs' %}
+    driver: local
+    driver_opts:
+      type: nfs
+      o: "addr={{ nfs_address }},soft,nolock,rw"
+      device: ":{{ nfs_root_path }}/{{ volume }}"
+  {% elif storage_type == 'local' %}
+    driver: local
+  {% endif %}
+{% endfor %}
--- a/tasks/ansible-dependencies.yml
+++ b/tasks/ansible-dependencies.yml
@@ -1,11 +1,11 @@
---
- name: Install package dependencies
-  raw: apt-get update -qq && apt-get install -y python-dev python-simplejson python-urllib3 python-openssl python-pyasn1 python-pip ca-certificates
-
- name: Install pip dependencies
-  raw: pip install ndg-httpsclient
-  ignore_errors: true
-
- name: Install pip dependencies again because it fails sometimes
-  raw: pip install ndg-httpsclient
+---
+- name: Install package dependencies
+  raw: apt-get update -qq && apt-get install -y python-dev python-simplejson python-urllib3 python-openssl python-pyasn1 python-pip ca-certificates
+
+- name: Install pip dependencies
+  raw: pip install ndg-httpsclient
+  ignore_errors: true
+
+- name: Install pip dependencies again because it fails sometimes
+  raw: pip install ndg-httpsclient
  ignore_errors: true
--- a/tasks/ubuntu-common.yml
+++ b/tasks/ubuntu-common.yml
@@ -1,48 +1,48 @@
---
- name: Add docker key
-  apt_key:
-    url: https://download.docker.com/linux/ubuntu/gpg
-    state: present
-
- name: Add docker repo
-  apt_repository:
-    repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
-    state: present
-
- name: Update apt
-  apt: update_cache=yes
-
- name: Install standard programs
-  apt: name={{ item }}  state=present force=yes
-  with_items:
-    - htop
-    - curl
-    - openssh-server
-    - git
-    - rsync
-    - zip
-    - unzip
-    - fail2ban
-    - ntp
-    - mysql-client
-    - wget
-    - nfs-common
-    - docker-ce={{docker_ce_version_to_install}}
-    - sshpass
-    - ack-grep
-    - dnsutils
-    - nmon
-    - build-essential
-    - tmux
-
- name: Docker compose version
-  get_url:
-    url: "https://github.com/docker/compose/releases/download/{{docker_compose_version_to_install}}/docker-compose-{{ ansible_system }}-{{ ansible_userspace_architecture }}"
-    dest: /usr/local/bin/docker-compose
-    validate_certs: false
-    mode: 0755
-
- name: Set timezone to NewYork
-  timezone:
-      name: America/New_York
+---
+- name: Add docker key
+  apt_key:
+    url: https://download.docker.com/linux/ubuntu/gpg
+    state: present
+
+- name: Add docker repo
+  apt_repository:
+    repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable
+    state: present
+
+- name: Update apt
+  apt: update_cache=yes
+
+- name: Install standard programs
+  apt: name={{ item }}  state=present force=yes
+  with_items:
+    - htop
+    - curl
+    - openssh-server
+    - git
+    - rsync
+    - zip
+    - unzip
+    - fail2ban
+    - ntp
+    - mysql-client
+    - wget
+    - nfs-common
+    - docker-ce={{docker_ce_version_to_install}}
+    - sshpass
+    - ack-grep
+    - dnsutils
+    - nmon
+    - build-essential
+    - tmux
+
+- name: Docker compose version
+  get_url:
+    url: "https://github.com/docker/compose/releases/download/{{docker_compose_version_to_install}}/docker-compose-{{ ansible_system }}-{{ ansible_userspace_architecture }}"
+    dest: /usr/local/bin/docker-compose
+    validate_certs: false
+    mode: 0755
+
+- name: Set timezone to NewYork
+  timezone:
+      name: America/New_York
  ignore_errors: true
--- a/tests/files/provision-script.sh
+++ b/tests/files/provision-script.sh
@@ -1,8 +1,12 @@
 #!/bin/bash

+# Putting test_rsa.pub into root and vagrant authorized keys
 echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYa9zstumlg7XkKoNrJMlIN/zteqMA9J4GjuZA7r0xfMPrz4CglxzYKd/BhBpwp/HhU+vSR6vBa15kRODHdPZ+T1oXzMXAmMT3R2ZJRqF280Hsx9sK0X+FZWM84e4a1zQUrxuWyWJ4kKIiaX6DBAmhy8zHNvQ0c4Nk1exfwRicojaze71qrexSas4FHWaI4usC/g3mMKfiML/QX0UWW/G+D8qrg3cK3zClG916XlY/p1h9SWantqz75ea33TtmDNW6iCraKSjVeDGfzhshJsmQ7+/Rr/L4/s7hdpwTqdjSlJTIi61eBxcpDfMWBmsHOMZgnsTZ3wrdYXo70k44moA7 vagrant@test" >> /home/vagrant/.ssh/authorized_keys
 echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYa9zstumlg7XkKoNrJMlIN/zteqMA9J4GjuZA7r0xfMPrz4CglxzYKd/BhBpwp/HhU+vSR6vBa15kRODHdPZ+T1oXzMXAmMT3R2ZJRqF280Hsx9sK0X+FZWM84e4a1zQUrxuWyWJ4kKIiaX6DBAmhy8zHNvQ0c4Nk1exfwRicojaze71qrexSas4FHWaI4usC/g3mMKfiML/QX0UWW/G+D8qrg3cK3zClG916XlY/p1h9SWantqz75ea33TtmDNW6iCraKSjVeDGfzhshJsmQ7+/Rr/L4/s7hdpwTqdjSlJTIi61eBxcpDfMWBmsHOMZgnsTZ3wrdYXo70k44moA7 vagrant@test" >> /root/.ssh/authorized_keys

+# Setting A record
+echo "192.168.254.2 swarm.test.com" >> /etc/hosts
+
 cp /vagrant/tests/files/test_rsa /home/vagrant/test_rsa
 chmod 600 /home/vagrant/test_rsa
 chown vagrant:vagrant /home/vagrant/test_rsa
--- a/tests/vagrant-tests.sh
+++ b/tests/vagrant-tests.sh
@@ -44,6 +44,9 @@ function run-tests {
  testbash "The swarm has a leader" \
    "test ${number_of_docker_leaders} -eq 1"

+  testbash "Traefik got deployed" \
+    "vagrant ssh client -c 'curl --silent http://swarm.test.com:8081/ping | grep OK > /dev/null'"
+
 }

 function destroy-infrastructure {