pg and pgadmin config as secrets.
This commit is contained in:
parent
cc4eff77e8
commit
d9f831a340
134
tasks/main.yml
134
tasks/main.yml
|
@ -1,56 +1,136 @@
|
||||||
---
|
---
|
||||||
- name: Manage the installation of the OpenASFA configuration of the swarm service
|
- name: Create the compose directory
|
||||||
|
run_once: true
|
||||||
|
when: docker_swarm_manager_main_node is defined and docker_swarm_manager_main_node | bool
|
||||||
|
tags: ['open_asfa', 'open_asfa_swarm']
|
||||||
block:
|
block:
|
||||||
- name: Create the directory where the DB init script is going to be installed
|
- name: Create the compose directory
|
||||||
file: dest={{ open_asfa_compose_dir }} state=directory
|
ansible.builtin.file:
|
||||||
|
dest: "{{ open_asfa_compose_dir }}"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0700
|
||||||
|
|
||||||
- name: Install the DB initialization script
|
- name: Manage the configuration of the OpenASFA DB as a container
|
||||||
template: src=pg-create-user-db.sh.j2 dest={{ open_asfa_compose_dir }}/pg-create-user-db.sh owner=root group=root mode='0555'
|
run_once: true
|
||||||
|
|
||||||
- name: Install the pgadmin configuration files
|
|
||||||
template: src={{ item }}.j2 dest={{ open_asfa_compose_dir }}/{{ item }} owner=root group=root mode='0444'
|
|
||||||
loop:
|
|
||||||
- pgadmin_config_local.py
|
|
||||||
- pgadmin_servers.json
|
|
||||||
|
|
||||||
run_once: True
|
|
||||||
when:
|
when:
|
||||||
- open_asfa_db_docker_host == ansible_fqdn
|
- open_asfa_db_docker_host == ansible_fqdn
|
||||||
- open_asfa_db_as_container
|
- open_asfa_db_as_container
|
||||||
tags: [ 'open_asfa', 'open_asfa_swarm', 'open_asfa_db' ]
|
- open_asfa_pg_volume_type == "local"
|
||||||
|
tags: ['open_asfa', 'open_asfa_swarm', 'open_asfa_db']
|
||||||
- name: Manage the installation of the OpenASFA configuration of the swarm service
|
|
||||||
block:
|
block:
|
||||||
|
- name: Create the compose directory
|
||||||
|
ansible.builtin.file:
|
||||||
|
dest: "{{ open_asfa_compose_dir }}"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0700
|
||||||
|
|
||||||
|
- name: Install the DB initialization script
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: pg-create-user-db.sh.j2
|
||||||
|
dest: "{{ open_asfa_compose_dir }}/pg-create-user-db.sh"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0555
|
||||||
|
|
||||||
- name: Add the label that will be used as a constraint for the PostgreSQL DB
|
- name: Add the label that will be used as a constraint for the PostgreSQL DB
|
||||||
docker_node:
|
community.docker.docker_node:
|
||||||
hostname: '{{ open_asfa_db_docker_host }}'
|
hostname: '{{ open_asfa_db_docker_host }}'
|
||||||
#node.labels.pg_data==asfa_server_test
|
|
||||||
labels:
|
labels:
|
||||||
pg_data_asfa_test: 'asfa_server_test'
|
pg_data_asfa_test: 'asfa_server_test'
|
||||||
pgadmin_data_asfa_test: 'asfa_server_test'
|
pgadmin_data_asfa_test: 'asfa_server_test'
|
||||||
labels_state: 'merge'
|
labels_state: 'merge'
|
||||||
when: open_asfa_db_as_container
|
|
||||||
|
- name: Manage the installation of the OpenASFA configuration of the swarm service
|
||||||
|
run_once: true
|
||||||
|
when: docker_swarm_manager_main_node is defined and docker_swarm_manager_main_node | bool
|
||||||
|
tags: ['open_asfa', 'open_asfa_swarm']
|
||||||
|
block:
|
||||||
|
- name: Add the label that will be used as a constraint for the PostgreSQL Pgadmin
|
||||||
|
community.docker.docker_node:
|
||||||
|
hostname: '{{ open_asfa_db_docker_host }}'
|
||||||
|
labels:
|
||||||
|
pg_data_asfa_test: 'asfa_server_test'
|
||||||
|
pgadmin_data_asfa_test: 'asfa_server_test'
|
||||||
|
labels_state: 'merge'
|
||||||
|
when: open_asfa_pgadmin_volume_type == "local"
|
||||||
|
|
||||||
- name: Install the docker compose file for postgresql and pgadmin
|
- name: Install the docker compose file for postgresql and pgadmin
|
||||||
template: src=open-asfa-db-docker-compose.yml.j2 dest={{ open_asfa_compose_dir }}/docker-open-asfa-stack-db-test.yml owner=root group=root mode='0400'
|
ansible.builtin.template:
|
||||||
|
src: open-asfa-db-docker-compose.yml.j2
|
||||||
|
dest: "{{ open_asfa_compose_dir }}/docker-open-asfa-stack-db-test.yml"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0400
|
||||||
when: open_asfa_db_as_container
|
when: open_asfa_db_as_container
|
||||||
|
|
||||||
- name: Install the docker compose file of Couchbase
|
- name: Install the docker compose file of Couchbase
|
||||||
template: src=open-asfa-couchbase-docker-compose.yml.j2 dest={{ open_asfa_compose_dir }}/docker-open-asfa-stack-couchbase-test.yml owner=root group=root mode='0400'
|
ansible.builtin.template:
|
||||||
|
src: open-asfa-couchbase-docker-compose.yml.j2
|
||||||
|
dest: "{{ open_asfa_compose_dir }}/docker-open-asfa-stack-couchbase-test.yml"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0400
|
||||||
when: open_asfa_db_as_container
|
when: open_asfa_db_as_container
|
||||||
|
|
||||||
- name: Install the docker compose file of the open-asfa service
|
- name: Install the docker compose file of the open-asfa service
|
||||||
template: src=open-asfa-docker-compose.yml.j2 dest={{ open_asfa_compose_dir }}/docker-open-asfa-stack-test.yml owner=root group=root mode='0400'
|
ansible.builtin.template:
|
||||||
|
src: open-asfa-docker-compose.yml.j2
|
||||||
|
dest: "{{ open_asfa_compose_dir }}/docker-open-asfa-stack-test.yml"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0400
|
||||||
|
|
||||||
|
- name: Install the DB initialization script
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: pg-create-user-db.sh.j2
|
||||||
|
dest: "{{ open_asfa_compose_dir }}/pg-create-user-db.sh"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0555
|
||||||
|
when:
|
||||||
|
- open_asfa_db_as_container
|
||||||
|
- open_asfa_pg_volume_type != "local"
|
||||||
|
|
||||||
|
- name: Create the secret for the Postgres initizalization script
|
||||||
|
community.docker.docker_secret:
|
||||||
|
name: open_asfa_test_pg_config
|
||||||
|
data_src: '{{ open_asfa_compose_dir }}/pgadmin_servers.json'
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Install the pgadmin configuration files
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: '{{ open_asfa_pgadmin_config_item }}.j2'
|
||||||
|
dest: '{{ open_asfa_compose_dir }}/{{ open_asfa_pgadmin_config_item }}'
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0444
|
||||||
|
loop:
|
||||||
|
- pgadmin_config_local.py
|
||||||
|
- pgadmin_servers.json
|
||||||
|
loop_control:
|
||||||
|
loop_var: open_asfa_pgadmin_config_item
|
||||||
|
|
||||||
|
- name: Create the secret for the pgadmin config local
|
||||||
|
community.docker.docker_secret:
|
||||||
|
name: open_asfa_test_pgadmin_config
|
||||||
|
data_src: '{{ open_asfa_compose_dir }}/pgadmin_config_local.py'
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Create the secret for the pgadmin config servers
|
||||||
|
community.docker.docker_secret:
|
||||||
|
name: open_asfa_test_pgadmin_servers
|
||||||
|
data_src: '{{ open_asfa_compose_dir }}/pgadmin_servers.json'
|
||||||
|
state: present
|
||||||
|
|
||||||
- name: Start the OpenAsfa stack
|
- name: Start the OpenAsfa stack
|
||||||
docker_stack:
|
community.docker.docker_stack:
|
||||||
name: open-asfa-test
|
name: open-asfa-test
|
||||||
state: present
|
state: present
|
||||||
compose:
|
compose:
|
||||||
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-db-test.yml'
|
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-db-test.yml'
|
||||||
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-test.yml'
|
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-test.yml'
|
||||||
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-couchbase-test.yml'
|
- '{{ open_asfa_compose_dir }}/docker-open-asfa-stack-couchbase-test.yml'
|
||||||
|
|
||||||
run_once: True
|
|
||||||
when: docker_swarm_manager_main_node is defined and docker_swarm_manager_main_node | bool
|
|
||||||
tags: [ 'open_asfa', 'open_asfa_swarm' ]
|
|
||||||
|
|
|
@ -28,6 +28,14 @@ volumes:
|
||||||
device: "{{ open_asfa_pg_volume_device }}"
|
device: "{{ open_asfa_pg_volume_device }}"
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
open_asfa_test_pgadmin_config:
|
||||||
|
external: true
|
||||||
|
open_asfa_test_pgadmin_servers:
|
||||||
|
external: true
|
||||||
|
open_asfa_test_pg_config:
|
||||||
|
external: true
|
||||||
|
|
||||||
services:
|
services:
|
||||||
pg:
|
pg:
|
||||||
image: {{ open_asfa_db_image }}
|
image: {{ open_asfa_db_image }}
|
||||||
|
@ -35,13 +43,16 @@ services:
|
||||||
- {{ open_asfa_docker_network }}
|
- {{ open_asfa_docker_network }}
|
||||||
volumes:
|
volumes:
|
||||||
- {{ open_asfa_db_volume }}:/var/lib/postgresql/data/pg_data
|
- {{ open_asfa_db_volume }}:/var/lib/postgresql/data/pg_data
|
||||||
- {{ open_asfa_compose_dir }}/pg-create-user-db.sh:/docker-entrypoint-initdb.d/pg-create-user-db.sh:ro
|
|
||||||
environment:
|
environment:
|
||||||
POSTGRES_PASSWORD: {{ open_asfa_db_pwd }}
|
POSTGRES_PASSWORD: {{ open_asfa_db_pwd }}
|
||||||
POSTGRES_DB: postgres
|
POSTGRES_DB: postgres
|
||||||
POSTGRES_USER: postgres
|
POSTGRES_USER: postgres
|
||||||
POSTGRES_PORT: {{ open_asfa_db_port }}
|
POSTGRES_PORT: {{ open_asfa_db_port }}
|
||||||
PGDATA: /var/lib/postgresql/data/pg_data
|
PGDATA: /var/lib/postgresql/data/pg_data
|
||||||
|
secrets:
|
||||||
|
- source: open_asfa_test_pg_config
|
||||||
|
target: /docker-entrypoint-initdb.d/pg-create-user-db.sh
|
||||||
|
mode: 0555
|
||||||
deploy:
|
deploy:
|
||||||
placement:
|
placement:
|
||||||
{% if open_asfa_pg_volume_type == "nfs4" %}
|
{% if open_asfa_pg_volume_type == "nfs4" %}
|
||||||
|
@ -65,8 +76,6 @@ services:
|
||||||
{% endif %}
|
{% endif %}
|
||||||
volumes:
|
volumes:
|
||||||
- {{ open_asfa_pgadmin_data_vol }}:/var/lib/pgadmin
|
- {{ open_asfa_pgadmin_data_vol }}:/var/lib/pgadmin
|
||||||
- {{ open_asfa_compose_dir }}/pgadmin_config_local.py:/pgadmin4/config_local.py:ro
|
|
||||||
- {{ open_asfa_compose_dir }}/pgadmin_servers.json:/pgadmin4/servers.json:ro
|
|
||||||
environment:
|
environment:
|
||||||
PGADMIN_DEFAULT_EMAIL: {{ open_asfa_pgadmin_email }}
|
PGADMIN_DEFAULT_EMAIL: {{ open_asfa_pgadmin_email }}
|
||||||
PGADMIN_DEFAULT_PASSWORD: {{ open_asfa_pgadmin_default_pwd }}
|
PGADMIN_DEFAULT_PASSWORD: {{ open_asfa_pgadmin_default_pwd }}
|
||||||
|
@ -75,6 +84,13 @@ services:
|
||||||
PGADMIN_LISTEN_ADDRESS: 0.0.0.0
|
PGADMIN_LISTEN_ADDRESS: 0.0.0.0
|
||||||
PGADMIN_LISTEN_PORT: 5050
|
PGADMIN_LISTEN_PORT: 5050
|
||||||
GUNICORN_THREADS: 20
|
GUNICORN_THREADS: 20
|
||||||
|
secrets:
|
||||||
|
- source: open_asfa_pgadmin_config
|
||||||
|
target: /pgadmin4/config_local.py
|
||||||
|
mode: 0444
|
||||||
|
- source: open_asfa_pgadmin_servers
|
||||||
|
target: /pgadmin4/servers.json
|
||||||
|
mode: 0444
|
||||||
deploy:
|
deploy:
|
||||||
placement:
|
placement:
|
||||||
{% if open_asfa_pgadmin_volume_type == "nfs4" %}
|
{% if open_asfa_pgadmin_volume_type == "nfs4" %}
|
||||||
|
|
Loading…
Reference in New Issue