Working systemd tasks

2021-02-25 19:56:31 +01:00 · 2021-02-25 19:56:31 +01:00 · 2d7ab9bedc
commit 2d7ab9bedc
parent 02ced8d4ef
16 changed files with 226 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+/.vagrant/
--- a/31
+++ b/31
@ -0,0 +1,31 @@
+# This guide is optimized for Vagrant 1.7 and above.
+# Although versions 1.6.x should behave very similarly, it is recommended
+# to upgrade instead of disabling the requirement below.
+Vagrant.require_version ">= 1.7.0"
+
+Vagrant.configure(2) do |config|
+
+  config.vm.box = "debian/buster64"
+
+  config.vm.define "debiantest" do |m|
+    m.vm.hostname = "debiantest"
+    m.vm.network :private_network, ip: "192.168.123.2", libvirt__dhcp_enabled: false
+    m.vm.synced_folder ".", "/vagrant", disabled: true
+  end
+  # Disable the new default behavior introduced in Vagrant 1.7, to
+  # ensure that all Vagrant machines will use the same SSH key pair.
+  # See https://github.com/mitchellh/vagrant/issues/5005
+  config.ssh.insert_key = false
+
+  config.vm.provider :libvirt do |lv|
+    lv.cpus = 2
+    lv.memory = 1024
+  end
+
+  config.vm.provision "ansible" do |ansible|
+    ansible.become = true
+    ansible.verbose = "v"
+    ansible.playbook = "playbook.yml"
+    ansible.inventory_path = "inventory"
+  end
+end
--- a/ansible.cfg
+++ b/ansible.cfg
@ -0,0 +1,3 @@
+[defaults]
+roles_path = ../:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
+ansible_python_interpreter = /usr/bin/python3
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -0,0 +1,7 @@
+---
+ansible_bibliogram_port: "10407"
+ansible_bibliogram_with_docker: false
+ansible_bibliogram_with_systemd: false
+ansible_bibliogram_backup_frequency: "daily"
+ansible_bibliogram_root_directory: "/var/www/bibliogram"
+ansible_bibliogram_tor_enabled: false
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -0,0 +1,12 @@
+---
+- name: Restart service
+  systemd:
+    name: bibliogram.service
+    state: restarted
+    daemon_reload: yes
+
+- name: Restart timer
+  systemd:
+    name: bibliogram-upgrade.timer
+    state: restarted
+    daemon_reload: yes
--- a/1
+++ b/1
@ -0,0 +1 @@
+debiantest
--- a/playbook.yml
+++ b/playbook.yml
@ -0,0 +1,8 @@
+---
+- hosts: debiantest
+  gather_facts: yes
+  vars_files:
+    - ./test/vars.yml
+
+  roles:
+    - ansible-bibliogram
--- a/tasks/docker.yml
+++ b/tasks/docker.yml
@ -0,0 +1,11 @@
+---
+- name: Grab official docker image and start it
+  docker_container:
+    image: cloudrac3r/bibliogram
+    registry: docker.io
+    restart: always
+    pull: yes
+    volumes:
+      - "db:/app/db"
+    ports:
+      - "10407:{{ ansible_bibliogram_port }}"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,11 @@
+---
+- name: Fail if ansible_bibliogram_base_url is not set
+  fail:
+    msg: "Variable ansible_bibliogram_base_url is mandatory"
+  when: ansible_bibliogram_base_url is not defined
+
+- include_tasks: docker.yml
+  when: ansible_bibliogram_with_docker
+
+- include_tasks: systemd.yml
+  when: ansible_bibliogram_with_systemd
--- a/tasks/systemd.yml
+++ b/tasks/systemd.yml
@ -0,0 +1,87 @@
+---
+- name: Ensure bibliogram user exists
+  ansible.builtin.user:
+    name: bibliogram
+    state: present
+    system: yes
+
+- name: Ensure dependencies are present
+  apt:
+    name:
+      - npm
+      - git
+      - sudo
+    state: present
+
+- name: Ensure the repo is present
+  git:
+    repo: https://git.sr.ht/~cadence/bibliogram
+    dest: "{{ ansible_bibliogram_root_directory }}"
+  ignore_errors: yes
+
+- name: Fix the root directory permissions
+  file:
+    path: "{{ ansible_bibliogram_root_directory }}"
+    state: directory
+    owner: bibliogram
+    group: www-data
+    recurse: yes
+
+- name: Ensure the upgrade script is present
+  template:
+    src: upgrade.sh.j2
+    dest: /usr/local/bin/upgrade_bibliogram.sh
+    mode: 0755
+    owner: bibliogram
+    group: www-data
+  register: upgrade_script
+
+- name: Run upgrade script
+  shell: sudo -u bibliogram /usr/local/bin/upgrade_bibliogram.sh
+  when: upgrade_script is defined and upgrade_script.changed
+
+- name: Ensure the configuration is present
+  template:
+    src: config.js.j2
+    dest: "{{ ansible_bibliogram_root_directory }}/config.js"
+    mode: 0644
+    owner: bibliogram
+    group: www-data
+
+- name: Ensure the service unit is present
+  template:
+    src: bibliogram.service.j2
+    dest: /etc/systemd/system/bibliogram.service
+    mode: 0600
+    owner: root
+    group: root
+  notify: Restart service
+
+- name: Ensure the upgrade service unit is present
+  template:
+    src: bibliogram-upgrade.service.j2
+    dest: /etc/systemd/system/bibliogram-upgrade.service
+    mode: 0600
+    owner: root
+    group: root
+
+- name: Ensure the timer is present
+  template:
+    src: bibliogram-upgrade.timer.j2
+    dest: /etc/systemd/system/bibliogram-upgrade.timer
+    mode: 0600
+    owner: root
+    group: root
+  notify: Restart timer
+
+- name: Ensure the service unit is enabled and started
+  systemd:
+    name: bibliogram.service
+    state: started
+    enabled: yes
+
+- name: Ensure the timer is enabled and started
+  systemd:
+    name: bibliogram-upgrade.timer
+    state: started
+    enabled: yes
--- a/templates/bibliogram-upgrade.service.j2
+++ b/templates/bibliogram-upgrade.service.j2
@ -0,0 +1,8 @@
+[Unit]
+Description=Upgrade bibliogram
+
+[Service]
+WorkingDirectory={{ ansible_bibliogram_root_directory }}
+ExecStart=/usr/local/bin/upgrade_bibliogram.sh
+User=bibliogram
+Group=www-data
--- a/templates/bibliogram-upgrade.timer.j2
+++ b/templates/bibliogram-upgrade.timer.j2
@ -0,0 +1,9 @@
+[Unit]
+Description=Start upgrade of bibliogram
+
+[Timer]
+OnCalendar={{ ansible_bibliogram_backup_frequency  }}
+Persistent=True
+
+[Install]
+WantedBy=timers.target
--- a/templates/bibliogram.service.j2
+++ b/templates/bibliogram.service.j2
@ -0,0 +1,11 @@
+[Unit]
+Description=Run bibliogram
+
+[Service]
+WorkingDirectory={{ ansible_bibliogram_root_directory }}
+ExecStart=/usr/bin/npm run start
+User=bibliogram
+Group=www-data
+
+[Install]
+WantedBy=multi-user.target
--- a/templates/config.js.j2
+++ b/templates/config.js.j2
@ -0,0 +1,6 @@
+module.exports = {
+    website_origin: "{{ ansible_bibliogram_base_url }}",
+    tor: {
+        enabled: {{ ansible_bibliogram_tor_enabled | to_json }}
+    }
+}
--- a/templates/upgrade.sh.j2
+++ b/templates/upgrade.sh.j2
@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+cd {{ ansible_bibliogram_root_directory }}
+commit="Save $RANDOM"
+git add .
+git stash save "${commit}"
+git pull
+git stash apply "${commit}"
+
+cd {{ ansible_bibliogram_root_directory }}
+
+{% if ansible_bibliogram_tor_enabled %}
+    npm install
+{% else %}
+    npm install --no-optional
+{% endif %}
--- a/test/vars.yml
+++ b/test/vars.yml
@ -0,0 +1,4 @@
+---
+ansible_bibliogram_base_url: "http://debiantest:10407"
+ansible_bibliogram_with_systemd: true
+ansible_bibliogram_tor_enabled: true