Working systemd tasks

2021-02-25 19:56:31 +01:00 · 2021-02-25 19:56:31 +01:00 · 2d7ab9bedc
commit 2d7ab9bedc
parent 02ced8d4ef
16 changed files with 226 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 /.vagrant/
--- a/31
+++ b/31
@ -0,0 +1,31 @@
 # This guide is optimized for Vagrant 1.7 and above.
 # Although versions 1.6.x should behave very similarly, it is recommended
 # to upgrade instead of disabling the requirement below.
 Vagrant.require_version ">= 1.7.0"
 Vagrant.configure(2) do |config|
  config.vm.box = "debian/buster64"
  config.vm.define "debiantest" do |m|
    m.vm.hostname = "debiantest"
    m.vm.network :private_network, ip: "192.168.123.2", libvirt__dhcp_enabled: false
    m.vm.synced_folder ".", "/vagrant", disabled: true
  end
  # Disable the new default behavior introduced in Vagrant 1.7, to
  # ensure that all Vagrant machines will use the same SSH key pair.
  # See https://github.com/mitchellh/vagrant/issues/5005
  config.ssh.insert_key = false
  config.vm.provider :libvirt do |lv|
    lv.cpus = 2
    lv.memory = 1024
  end
  config.vm.provision "ansible" do |ansible|
    ansible.become = true
    ansible.verbose = "v"
    ansible.playbook = "playbook.yml"
    ansible.inventory_path = "inventory"
  end
 end
--- a/ansible.cfg
+++ b/ansible.cfg
@ -0,0 +1,3 @@
 [defaults]
 roles_path = ../:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
 ansible_python_interpreter = /usr/bin/python3
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,7 @@
 ---
 ansible_bibliogram_port: "10407"
 ansible_bibliogram_with_docker: false
 ansible_bibliogram_with_systemd: false
 ansible_bibliogram_backup_frequency: "daily"
 ansible_bibliogram_root_directory: "/var/www/bibliogram"
 ansible_bibliogram_tor_enabled: false
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -0,0 +1,12 @@
 ---
 - name: Restart service
  systemd:
    name: bibliogram.service
    state: restarted
    daemon_reload: yes
 - name: Restart timer
  systemd:
    name: bibliogram-upgrade.timer
    state: restarted
    daemon_reload: yes
--- a/1
+++ b/1
@ -0,0 +1 @@
 debiantest
--- a/playbook.yml
+++ b/playbook.yml
@ -0,0 +1,8 @@
 ---
 - hosts: debiantest
  gather_facts: yes
  vars_files:
    - ./test/vars.yml
  roles:
    - ansible-bibliogram
--- a/tasks/docker.yml
+++ b/tasks/docker.yml
@ -0,0 +1,11 @@
 ---
 - name: Grab official docker image and start it
  docker_container:
    image: cloudrac3r/bibliogram
    registry: docker.io
    restart: always
    pull: yes
    volumes:
      - "db:/app/db"
    ports:
      - "10407:{{ ansible_bibliogram_port }}"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,11 @@
 ---
 - name: Fail if ansible_bibliogram_base_url is not set
  fail:
    msg: "Variable ansible_bibliogram_base_url is mandatory"
  when: ansible_bibliogram_base_url is not defined
 - include_tasks: docker.yml
  when: ansible_bibliogram_with_docker
 - include_tasks: systemd.yml
  when: ansible_bibliogram_with_systemd
--- a/tasks/systemd.yml
+++ b/tasks/systemd.yml
@ -0,0 +1,87 @@
 ---
 - name: Ensure bibliogram user exists
  ansible.builtin.user:
    name: bibliogram
    state: present
    system: yes
 - name: Ensure dependencies are present
  apt:
    name:
      - npm
      - git
      - sudo
    state: present
 - name: Ensure the repo is present
  git:
    repo: https://git.sr.ht/~cadence/bibliogram
    dest: "{{ ansible_bibliogram_root_directory }}"
  ignore_errors: yes
 - name: Fix the root directory permissions
  file:
    path: "{{ ansible_bibliogram_root_directory }}"
    state: directory
    owner: bibliogram
    group: www-data
    recurse: yes
 - name: Ensure the upgrade script is present
  template:
    src: upgrade.sh.j2
    dest: /usr/local/bin/upgrade_bibliogram.sh
    mode: 0755
    owner: bibliogram
    group: www-data
  register: upgrade_script
 - name: Run upgrade script
  shell: sudo -u bibliogram /usr/local/bin/upgrade_bibliogram.sh
  when: upgrade_script is defined and upgrade_script.changed
 - name: Ensure the configuration is present
  template:
    src: config.js.j2
    dest: "{{ ansible_bibliogram_root_directory }}/config.js"
    mode: 0644
    owner: bibliogram
    group: www-data
 - name: Ensure the service unit is present
  template:
    src: bibliogram.service.j2
    dest: /etc/systemd/system/bibliogram.service
    mode: 0600
    owner: root
    group: root
  notify: Restart service
 - name: Ensure the upgrade service unit is present
  template:
    src: bibliogram-upgrade.service.j2
    dest: /etc/systemd/system/bibliogram-upgrade.service
    mode: 0600
    owner: root
    group: root
 - name: Ensure the timer is present
  template:
    src: bibliogram-upgrade.timer.j2
    dest: /etc/systemd/system/bibliogram-upgrade.timer
    mode: 0600
    owner: root
    group: root
  notify: Restart timer
 - name: Ensure the service unit is enabled and started
  systemd:
    name: bibliogram.service
    state: started
    enabled: yes
 - name: Ensure the timer is enabled and started
  systemd:
    name: bibliogram-upgrade.timer
    state: started
    enabled: yes
--- a/templates/bibliogram-upgrade.service.j2
+++ b/templates/bibliogram-upgrade.service.j2
@ -0,0 +1,8 @@
 [Unit]
 Description=Upgrade bibliogram
 [Service]
 WorkingDirectory={{ ansible_bibliogram_root_directory }}
 ExecStart=/usr/local/bin/upgrade_bibliogram.sh
 User=bibliogram
 Group=www-data
--- a/templates/bibliogram-upgrade.timer.j2
+++ b/templates/bibliogram-upgrade.timer.j2
@ -0,0 +1,9 @@
 [Unit]
 Description=Start upgrade of bibliogram
 [Timer]
 OnCalendar={{ ansible_bibliogram_backup_frequency  }}
 Persistent=True
 [Install]
 WantedBy=timers.target
--- a/templates/bibliogram.service.j2
+++ b/templates/bibliogram.service.j2
@ -0,0 +1,11 @@
 [Unit]
 Description=Run bibliogram
 [Service]
 WorkingDirectory={{ ansible_bibliogram_root_directory }}
 ExecStart=/usr/bin/npm run start
 User=bibliogram
 Group=www-data
 [Install]
 WantedBy=multi-user.target
--- a/templates/config.js.j2
+++ b/templates/config.js.j2
@ -0,0 +1,6 @@
 module.exports = {
    website_origin: "{{ ansible_bibliogram_base_url }}",
    tor: {
        enabled: {{ ansible_bibliogram_tor_enabled | to_json }}
    }
 }
--- a/templates/upgrade.sh.j2
+++ b/templates/upgrade.sh.j2
@ -0,0 +1,16 @@
 #!/usr/bin/env bash
 cd {{ ansible_bibliogram_root_directory }}
 commit="Save $RANDOM"
 git add .
 git stash save "${commit}"
 git pull
 git stash apply "${commit}"
 cd {{ ansible_bibliogram_root_directory }}
 {% if ansible_bibliogram_tor_enabled %}
    npm install
 {% else %}
    npm install --no-optional
 {% endif %}
--- a/test/vars.yml
+++ b/test/vars.yml
@ -0,0 +1,4 @@
 ---
 ansible_bibliogram_base_url: "http://debiantest:10407"
 ansible_bibliogram_with_systemd: true
 ansible_bibliogram_tor_enabled: true