Added RequestTracker (DEV) container

Signed-off-by: Jim Martens <github@2martens.de>
This commit is contained in:
Jim Martens 2020-01-31 19:05:34 +01:00
parent b242cfdd26
commit a3247a6aff
11 changed files with 146 additions and 0 deletions

5
roles/rt/meta/main.yml Normal file
View File

@ -0,0 +1,5 @@
---
dependencies:
- role: docker
- role: apache
- role: letsencrypt

38
roles/rt/tasks/apache.yml Normal file
View File

@ -0,0 +1,38 @@
---
- name: add rt http site
template:
src: etc/apache2/sites-available/ansible_domain.conf.j2
dest: /etc/apache2/sites-available/{{ rt_domain }}.conf
owner: root
group: root
mode: 0644
force: no
register: rt_http
- name: disable default site and enable rt site
block:
- name: disable default site
command:
cmd: a2dissite 000-default.conf
removes: /etc/apache2/sites-enabled/000-default.conf
- name: enable rt site
command:
cmd: a2ensite {{ rt_domain }}.conf
creates: /etc/apache2/sites-enabled/{{ rt_domain }}.conf
- name: run certbot
command:
cmd: certbot --apache --non-interactive --keep-until-expiring --no-eff-email --email {{ admin_mail }} --redirect --renew-with-new-domains --agree-tos -d {{ collabora_domain }}
when: ansible_domain != 'dev' and rt_http.changed
- include: ssl-dev.yml
when: ansible_domain == 'dev'
- name: add rt https site
template:
src: etc/apache2/sites-available/ansible_domain-le-ssl.conf.j2
dest: /etc/apache2/sites-available/{{ rt_domain }}-le-ssl.conf
owner: root
group: root
mode: 0644
- name: enable rt https site
command:
cmd: a2ensite {{ rt_domain }}-le-ssl.conf
creates: /etc/apache2/sites-enabled/{{ rt_domain }}-le-ssl.conf
notify: restart apache

3
roles/rt/tasks/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
- include: rt.yml
- include: apache.yml

15
roles/rt/tasks/rt.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: create rt directory
file:
state: directory
path: /etc/rt
- name: copy docker compose file for rt
template:
src: etc/rt/docker-compose.yml.j2
dest: /etc/rt/docker-compose.yml
owner: root
group: root
mode: 0644
- name: start rt docker container
docker_compose:
project_src: /etc/rt

View File

@ -0,0 +1,27 @@
---
- name: Ensure python OpenSSL dependencies are installed.
pip:
name: pyOpenSSL
state: present
- name: Ensure directory exists for local self-signed TLS certs.
file:
path: /etc/letsencrypt/live/{{ rt_domain }}
state: directory
- name: Generate an OpenSSL private key.
openssl_privatekey:
path: /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
- name: Generate an OpenSSL CSR.
openssl_csr:
path: /etc/ssl/private/{{ rt_domain }}.csr
privatekey_path: /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
common_name: "{{ rt_domain }}"
- name: Generate a Self Signed OpenSSL certificate.
openssl_certificate:
path: /etc/letsencrypt/live/{{ rt_domain }}/fullchain.pem
privatekey_path: /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
csr_path: /etc/ssl/private/{{ rt_domain }}.csr
provider: selfsigned

View File

@ -0,0 +1,23 @@
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName {{ rt_domain }}
ServerAdmin {{ admin_mail }}
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/{{ rt_domain }}/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/{{ rt_domain }}/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
# Encoded slashes need to be allowed
AllowEncodedSlashes NoDecode
# keep the host
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Host "{{ rt_domain }}"
ProxyPass / http://127.0.0.1:8082/
ProxyPassReverse / http://127.0.0.1:8082/
</VirtualHost>
</IfModule>

View File

@ -0,0 +1,6 @@
<VirtualHost *:80>
ServerName {{ rt_domain }}
ServerAdmin {{ admin_mail }}
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

View File

@ -0,0 +1,15 @@
version: '2'
services:
rt:
image: netsandbox/request-tracker:latest
ports:
- "8082:80"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
restart: always
environment:
- RT_WEB_PORT=8082
- LC_ALL=C.UTF-8
- LANG=C.UTF-8

11
rt.yml Normal file
View File

@ -0,0 +1,11 @@
---
- name: Set up RT
hosts: vps
vars_files:
- general_vars.yml
- rt_vars.yml
remote_user: "{{ ssh_user }}"
become: yes
become_user: root
roles:
- rt

2
rt_vars.yml.example Normal file
View File

@ -0,0 +1,2 @@
---
rt_domain: best-practical.com

View File

@ -1,3 +1,4 @@
---
- import_playbook: collabora.yml
- import_playbook: drone.yml
- import_playbook: rt.yml