pg and pgadmin config as secrets.
This commit is contained in:
parent
cc4eff77e8
commit
d9f831a340
134
tasks/main.yml
134
tasks/main.yml
|
@ -1,56 +1,136 @@
|
|||
---
|
||||
- name: Manage the installation of the OpenASFA configuration of the swarm service
|
||||
- name: Create the compose directory
|
||||
run_once: true
|
||||
when: docker_swarm_manager_main_node is defined and docker_swarm_manager_main_node | bool
|
||||
tags: ['open_asfa', 'open_asfa_swarm']
|
||||
block:
|
||||
- name: Create the directory where the DB init script is going to be installed
|
||||
file: dest={{ open_asfa_compose_dir }} state=directory
|
||||
- name: Create the compose directory
|
||||
ansible.builtin.file:
|
||||
dest: "{{ open_asfa_compose_dir }}"
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0700
|
||||
|
||||
- name: Install the DB initialization script
|
||||
template: src=pg-create-user-db.sh.j2 dest={{ open_asfa_compose_dir }}/pg-create-user-db.sh owner=root group=root mode='0555'
|
||||
|
||||
- name: Install the pgadmin configuration files
|
||||
template: src={{ item }}.j2 dest={{ open_asfa_compose_dir }}/{{ item }} owner=root group=root mode='0444'
|
||||
loop:
|
||||
- pgadmin_config_local.py
|
||||
- pgadmin_servers.json
|
||||
|
||||
run_once: True
|
||||
- name: Manage the configuration of the OpenASFA DB as a container
|
||||
run_once: true
|
||||
when:
|
||||
- open_asfa_db_docker_host == ansible_fqdn
|
||||
- open_asfa_db_as_container
|
||||
tags: [ 'open_asfa', 'open_asfa_swarm', 'open_asfa_db' ]
|
||||
|
||||
- name: Manage the installation of the OpenASFA configuration of the swarm service
|
||||
- open_asfa_pg_volume_type == "local"
|
||||
tags: ['open_asfa', 'open_asfa_swarm', 'open_asfa_db']
|
||||
block:
|
||||
- name: Create the compose directory
|
||||
ansible.builtin.file:
|
||||
dest: "{{ open_asfa_compose_dir }}"
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0700
|
||||
|
||||
- name: Install the DB initialization script
|
||||
ansible.builtin.template:
|
||||
src: pg-create-user-db.sh.j2
|
||||
dest: "{{ open_asfa_compose_dir }}/pg-create-user-db.sh"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0555
|
||||
|
||||
- name: Add the label that will be used as a constraint for the PostgreSQL DB
|
||||
docker_node:
|
||||
community.docker.docker_node:
|
||||
hostname: '{{ open_asfa_db_docker_host }}'
|
||||
#node.labels.pg_data==asfa_server_test
|
||||
labels:
|
||||
pg_data_asfa_test: 'asfa_server_test'
|
||||
pgadmin_data_asfa_test: 'asfa_server_test'
|
||||
labels_state: 'merge'
|
||||
when: open_asfa_db_as_container
|
||||
|
||||
- name: Manage the installation of the OpenASFA configuration of the swarm service
|
||||
run_once: true
|
||||
when: docker_swarm_manager_main_node is defined and docker_swarm_manager_main_node | bool
|
||||
tags: ['open_asfa', 'open_asfa_swarm']
|
||||
block:
|
||||
- name: Add the label that will be used as a constraint for the PostgreSQL Pgadmin
|
||||
community.docker.docker_node:
|
||||
hostname: '{{ open_asfa_db_docker_host }}'
|
||||
labels:
|
||||
pg_data_asfa_test: 'asfa_server_test'
|
||||
pgadmin_data_asfa_test: 'asfa_server_test'
|
||||
labels_state: 'merge'
|
||||
when: open_asfa_pgadmin_volume_type == "local"
|
||||
|
||||
- name: Install the docker compose file for postgresql and pgadmin
|
||||
template: src=open-asfa-db-docker-compose.yml.j2 dest={{ open_asfa_compose_dir }}/docker-open-asfa-stack-db-test.yml owner=root group=root mode='0400'
|
||||
ansible.builtin.template:
|
||||
src: open-asfa-db-docker-compose.yml.j2
|
||||
dest: "{{ open_asfa_compose_dir }}/docker-open-asfa-stack-db-test.yml"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0400
|
||||
when: open_asfa_db_as_container
|
||||
|
||||
- name: Install the docker compose file of Couchbase
|
||||
template: src=open-asfa-couchbase-docker-compose.yml.j2 dest={{ open_asfa_compose_dir }}/docker-open-asfa-stack-couchbase-test.yml owner=root group=root mode='0400'
|
||||
ansible.builtin.template:
|
||||
src: open-asfa-couchbase-docker-compose.yml.j2
|
||||
dest: "{{ open_asfa_compose_dir }}/docker-open-asfa-stack-couchbase-test.yml"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0400
|
||||
when: open_asfa_db_as_container
|
||||
|
||||
- name: Install the docker compose file of the open-asfa service
|
||||
template: src=open-asfa-docker-compose.yml.j2 dest={{ open_asfa_compose_dir }}/docker-open-asfa-stack-test.yml owner=root group=root mode='0400'
|
||||
ansible.builtin.template:
|
||||
src: open-asfa-docker-compose.yml.j2
|
||||
dest: "{{ open_asfa_compose_dir }}/docker-open-asfa-stack-test.yml"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0400
|
||||
|
||||
- name: Install the DB initialization script
|
||||
ansible.builtin.template:
|
||||
src: pg-create-user-db.sh.j2
|
||||
dest: "{{ open_asfa_compose_dir }}/pg-create-user-db.sh"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0555
|
||||
when:
|
||||
- open_asfa_db_as_container
|
||||
- open_asfa_pg_volume_type != "local"
|
||||
|
||||
- name: Create the secret for the Postgres initizalization script
|
||||
community.docker.docker_secret:
|
||||
name: open_asfa_test_pg_config
|
||||
data_src: '{{ open_asfa_compose_dir }}/pgadmin_servers.json'
|
||||
state: present
|
||||
|
||||
- name: Install the pgadmin configuration files
|
||||
ansible.builtin.template:
|
||||
src: '{{ open_asfa_pgadmin_config_item }}.j2'
|
||||
dest: '{{ open_asfa_compose_dir }}/{{ open_asfa_pgadmin_config_item }}'
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0444
|
||||
loop:
|
||||
- pgadmin_config_local.py
|
||||
- pgadmin_servers.json
|
||||
loop_control:
|
||||
loop_var: open_asfa_pgadmin_config_item
|
||||
|
||||
- name: Create the secret for the pgadmin config local
|
||||
community.docker.docker_secret:
|
||||
name: open_asfa_test_pgadmin_config
|
||||
data_src: '{{ open_asfa_compose_dir }}/pgadmin_config_local.py'
|
||||
state: present
|
||||
|
||||
- name: Create the secret for the pgadmin config servers
|
||||
community.docker.docker_secret:
|
||||
name: open_asfa_test_pgadmin_servers
|
||||
data_src: '{{ open_asfa_compose_dir }}/pgadmin_servers.json'
|
||||
state: present
|
||||
|
||||
- name: Start the OpenAsfa stack
|
||||
docker_stack:
|
||||
community.docker.docker_stack:
|
||||
name: open-asfa-test
|
||||
state: present
|
||||
compose:
|
||||
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-db-test.yml'
|
||||
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-test.yml'
|
||||
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-couchbase-test.yml'
|
||||
|
||||
run_once: True
|
||||
when: docker_swarm_manager_main_node is defined and docker_swarm_manager_main_node | bool
|
||||
tags: [ 'open_asfa', 'open_asfa_swarm' ]
|
||||
|
|
|
@ -28,6 +28,14 @@ volumes:
|
|||
device: "{{ open_asfa_pg_volume_device }}"
|
||||
{% endif %}
|
||||
|
||||
secrets:
|
||||
open_asfa_test_pgadmin_config:
|
||||
external: true
|
||||
open_asfa_test_pgadmin_servers:
|
||||
external: true
|
||||
open_asfa_test_pg_config:
|
||||
external: true
|
||||
|
||||
services:
|
||||
pg:
|
||||
image: {{ open_asfa_db_image }}
|
||||
|
@ -35,13 +43,16 @@ services:
|
|||
- {{ open_asfa_docker_network }}
|
||||
volumes:
|
||||
- {{ open_asfa_db_volume }}:/var/lib/postgresql/data/pg_data
|
||||
- {{ open_asfa_compose_dir }}/pg-create-user-db.sh:/docker-entrypoint-initdb.d/pg-create-user-db.sh:ro
|
||||
environment:
|
||||
POSTGRES_PASSWORD: {{ open_asfa_db_pwd }}
|
||||
POSTGRES_DB: postgres
|
||||
POSTGRES_USER: postgres
|
||||
POSTGRES_PORT: {{ open_asfa_db_port }}
|
||||
PGDATA: /var/lib/postgresql/data/pg_data
|
||||
secrets:
|
||||
- source: open_asfa_test_pg_config
|
||||
target: /docker-entrypoint-initdb.d/pg-create-user-db.sh
|
||||
mode: 0555
|
||||
deploy:
|
||||
placement:
|
||||
{% if open_asfa_pg_volume_type == "nfs4" %}
|
||||
|
@ -65,8 +76,6 @@ services:
|
|||
{% endif %}
|
||||
volumes:
|
||||
- {{ open_asfa_pgadmin_data_vol }}:/var/lib/pgadmin
|
||||
- {{ open_asfa_compose_dir }}/pgadmin_config_local.py:/pgadmin4/config_local.py:ro
|
||||
- {{ open_asfa_compose_dir }}/pgadmin_servers.json:/pgadmin4/servers.json:ro
|
||||
environment:
|
||||
PGADMIN_DEFAULT_EMAIL: {{ open_asfa_pgadmin_email }}
|
||||
PGADMIN_DEFAULT_PASSWORD: {{ open_asfa_pgadmin_default_pwd }}
|
||||
|
@ -75,6 +84,13 @@ services:
|
|||
PGADMIN_LISTEN_ADDRESS: 0.0.0.0
|
||||
PGADMIN_LISTEN_PORT: 5050
|
||||
GUNICORN_THREADS: 20
|
||||
secrets:
|
||||
- source: open_asfa_pgadmin_config
|
||||
target: /pgadmin4/config_local.py
|
||||
mode: 0444
|
||||
- source: open_asfa_pgadmin_servers
|
||||
target: /pgadmin4/servers.json
|
||||
mode: 0444
|
||||
deploy:
|
||||
placement:
|
||||
{% if open_asfa_pgadmin_volume_type == "nfs4" %}
|
||||
|
|
Loading…
Reference in New Issue