Compare commits

..

No commits in common. "ac5485bc6291fb6ed147bb0f68b6b16141271833" and "96585b08f3a6f0ed9d5597d6675d6125d4b36af9" have entirely different histories.

19 changed files with 103 additions and 67 deletions

View file

@ -4,9 +4,6 @@ on:
branches: branches:
- master - master
concurrency:
group: deploy
jobs: jobs:
ansible: ansible:
name: run ansible name: run ansible

View file

@ -6,7 +6,8 @@
- import_playbook: code.yaml # noqa: name[play] - import_playbook: code.yaml # noqa: name[play]
- import_playbook: collabora.yaml # noqa: name[play] - import_playbook: collabora.yaml # noqa: name[play]
- import_playbook: display.yaml # noqa: name[play] - import_playbook: display.yaml # noqa: name[play]
- import_playbook: ghost.yaml # noqa: name[play] - import_playbook: ghost-config.yaml # noqa: name[play]
- import_playbook: ghost-update.yaml # noqa: name[play]
- import_playbook: git.yaml # noqa: name[play] - import_playbook: git.yaml # noqa: name[play]
- import_playbook: goatcounter.yaml # noqa: name[play] - import_playbook: goatcounter.yaml # noqa: name[play]
- import_playbook: lyon-transports.yaml # noqa: name[play] - import_playbook: lyon-transports.yaml # noqa: name[play]

View file

@ -18,7 +18,7 @@
with_fileglob: with_fileglob:
- templates/bin/*.j2 - templates/bin/*.j2
vars: vars:
ghost_db_password: !vault | ghost_setup_db_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
35343430343439653064613033383830396264306538376535346637613166376663393062353132 35343430343439653064613033383830396264306538376535346637613166376663393062353132
6537386534656239333731313938653539643165323532380a336162663839303339623266383662 6537386534656239333731313938653539643165323532380a336162663839303339623266383662

View file

@ -5,18 +5,18 @@
tasks: tasks:
- name: Setup ghost gabnotes.org - name: Setup ghost gabnotes.org
ansible.builtin.include_role: ansible.builtin.include_role:
name: ghost name: ghost_setup
vars: vars:
ghost_filename: gabnotes-org-config.json.j2 ghost_setup_filename: gabnotes-org-config.json.j2
ghost_site: gabnotes.org ghost_setup_site: gabnotes.org
ghost_db_password: !vault | ghost_setup_db_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
66306233626430393737653333313461666665363936376465623137656561356431373666363032 66306233626430393737653333313461666665363936376465623137656561356431373666363032
6537313234336331626464336434343462623264633463330a353165396163653666636333633537 6537313234336331626464336434343462623264633463330a353165396163653666636333633537
33353464393836623861633238663336336465326435613638613734613433386537663635666332 33353464393836623861633238663336336465326435613638613734613433386537663635666332
6338343039393737310a356335666632303062353336613364323165633239323032346239376262 6338343039393737310a356335666632303062353336613364323165633239323032346239376262
32323862393264326162383761653163353731363331326337633461643364373936 32323862393264326162383761653163353731363331326337633461643364373936
ghost_mail_password: !vault | ghost_setup_mail_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
61313164316335333431656136326636353535643363623665326565303961356234353362646261 61313164316335333431656136326636353535643363623665326565303961356234353362646261
3339616561643434376163613962366631303863313263310a323330316230333864636232386632 3339616561643434376163613962366631303863313263310a323330316230333864636232386632
@ -27,18 +27,18 @@
373032363533393263323835363666623966 373032363533393263323835363666623966
- name: Setup ghost voyages.coccomagnard.fr - name: Setup ghost voyages.coccomagnard.fr
ansible.builtin.include_role: ansible.builtin.include_role:
name: ghost name: ghost_setup
vars: vars:
ghost_filename: voyages-coccomagnard-fr-config.json.j2 ghost_setup_filename: voyages-coccomagnard-fr-config.json.j2
ghost_site: voyages.coccomagnard.fr ghost_setup_site: voyages.coccomagnard.fr
ghost_db_password: !vault | ghost_setup_db_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
33623632396330303536366136313438623138366231333063613539303538303761386264623239 33623632396330303536366136313438623138366231333063613539303538303761386264623239
3266366633343936356564636131303939636330336335390a313430346536666239656562393238 3266366633343936356564636131303939636330336335390a313430346536666239656562393238
32373533373663656435306239643638313937623631366262393462306138323061333961363938 32373533373663656435306239643638313937623631366262393462306138323061333961363938
3239373062613138660a393933393436633166303837303263356232336666386336346366373934 3239373062613138660a393933393436633166303837303263356232336666386336346366373934
38346330616639646666616161613865643461643965333237353936663933336533 38346330616639646666616161613865643461643965333237353936663933336533
ghost_mail_password: !vault | ghost_setup_mail_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
33386530613164633962393133316231613664623761336237353335336430313637356430306430 33386530613164633962393133316231613664623761336237353335336430313637356430306430
3837373934336361636461343338643737653839396336340a633130613038666534653865303338 3837373934336361636461343338643737653839396336340a633130613038666534653865303338
@ -49,18 +49,18 @@
656136646536333065616631336235623430 656136646536333065616631336235623430
- name: Setup ghost voyages-lois.augendre.info - name: Setup ghost voyages-lois.augendre.info
ansible.builtin.include_role: ansible.builtin.include_role:
name: ghost name: ghost_setup
vars: vars:
ghost_filename: voyages-lois-augendre-info-config.json.j2 ghost_setup_filename: voyages-lois-augendre-info-config.json.j2
ghost_site: voyages-lois.augendre.info ghost_setup_site: voyages-lois.augendre.info
ghost_db_password: !vault | ghost_setup_db_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
30623130336131633738353931653239623133326265363862353530303232633333383462663330 30623130336131633738353931653239623133326265363862353530303232633333383462663330
3935333936383663326162653864623630396363666131390a393532336531663262616431396165 3935333936383663326162653864623630396363666131390a393532336531663262616431396165
33303236363739636665616636326262336532623234666263363563633962343734613565373031 33303236363739636665616636326262336532623234666263363563633962343734613565373031
3139313038663432370a623363366436643862343734393334306162376634366637616536303035 3139313038663432370a623363366436643862343734393334306162376634366637616536303035
32653739373732613930376336636332343333643436633261616561633034623566 32653739373732613930376336636332343333643436633261616561633034623566
ghost_mail_password: !vault | ghost_setup_mail_password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
35353737376566653462393530613034353763643166626432613836663638636562303762343133 35353737376566653462393530613034353763643166626432613836663638636562303762343133
6132313762353565646531613336663336313765623430310a616438613433333632343933373330 6132313762353565646531613336663336313765623430310a616438613433333632343933373330

View file

@ -0,0 +1,44 @@
---
- name: Ghost update
hosts: servers
gather_facts: false
tasks:
# Run the first task synchronously to download dependencies.
- name: Update gabnotes.org
ansible.builtin.command:
chdir: /mnt/data/gabnotes.org
cmd: ghost update
register: gabnotes
changed_when: '"Restarting Ghost" in gabnotes.stdout'
- name: Start update on voyages-lois.augendre.info
ansible.builtin.command:
chdir: /mnt/data/voyages-lois.augendre.info
cmd: ghost update
register: voyages_lois_async
changed_when: false
async: 300
poll: 0
- name: Start update on voyages.coccomagnard.fr
ansible.builtin.command:
chdir: /mnt/data/voyages.coccomagnard.fr
cmd: ghost update
register: voyages_coccomagnard_async
changed_when: false
async: 300
poll: 0
- name: Check voyages-lois.augendre.info
ansible.builtin.async_status:
jid: "{{ voyages_lois_async.ansible_job_id }}"
register: voyages_lois
until: voyages_lois.finished
changed_when: '"Restarting Ghost" in voyages_lois.stdout'
retries: 100
delay: 10
- name: Check voyages.coccomagnard.fr
ansible.builtin.async_status:
jid: "{{ voyages_coccomagnard_async.ansible_job_id }}"
register: voyages_coccomagnard
until: voyages_coccomagnard.finished
changed_when: '"Restarting Ghost" in voyages_coccomagnard.stdout'
retries: 100
delay: 10

View file

@ -1,3 +1,3 @@
#!/bin/bash #!/bin/bash
set -euo pipefail set -euo pipefail
/usr/bin/mysqldump --no-tablespaces -u root --password={{ ghost_db_password }} gabnotes_org_prod > /mnt/data/gabnotes.org/db_export/backup.sql /usr/bin/mysqldump --no-tablespaces -u root --password={{ ghost_setup_db_password }} gabnotes_org_prod > /mnt/data/gabnotes.org/db_export/backup.sql

View file

@ -1,3 +1,3 @@
#!/bin/bash #!/bin/bash
set -euo pipefail set -euo pipefail
/usr/bin/mysqldump --no-tablespaces -u root --password={{ ghost_db_password }} voyages_lois_augendre_info_prod > /mnt/data/voyages-lois.augendre.info/db_export/backup.sql /usr/bin/mysqldump --no-tablespaces -u root --password={{ ghost_setup_db_password }} voyages_lois_augendre_info_prod > /mnt/data/voyages-lois.augendre.info/db_export/backup.sql

View file

@ -1,3 +1,3 @@
#!/bin/bash #!/bin/bash
set -euo pipefail set -euo pipefail
/usr/bin/mysqldump --no-tablespaces -u root --password={{ ghost_db_password }} voyages_coccomagnard_fr_prod > /mnt/data/voyages.coccomagnard.fr/db_export/backup.sql /usr/bin/mysqldump --no-tablespaces -u root --password={{ ghost_setup_db_password }} voyages_coccomagnard_fr_prod > /mnt/data/voyages.coccomagnard.fr/db_export/backup.sql

View file

@ -12,7 +12,7 @@
"connection": { "connection": {
"host": "127.0.0.1", "host": "127.0.0.1",
"user": "ghost-900", "user": "ghost-900",
"password": "{{ ghost_db_password }}", "password": "{{ ghost_setup_db_password }}",
"database": "gabnotes_org_prod" "database": "gabnotes_org_prod"
} }
}, },
@ -26,7 +26,7 @@
"secure": true, "secure": true,
"auth": { "auth": {
"user": "blog@mg.gabnotes.org", "user": "blog@mg.gabnotes.org",
"pass": "{{ ghost_mail_password }}" "pass": "{{ ghost_setup_mail_password }}"
} }
} }
}, },

View file

@ -9,7 +9,7 @@
"connection": { "connection": {
"host": "127.0.0.1", "host": "127.0.0.1",
"user": "ghost-310", "user": "ghost-310",
"password": "{{ ghost_db_password }}", "password": "{{ ghost_setup_db_password }}",
"database": "voyages_coccomagnard_fr_prod" "database": "voyages_coccomagnard_fr_prod"
} }
}, },
@ -23,7 +23,7 @@
"secure": true, "secure": true,
"auth": { "auth": {
"user": "voyages@mg.coccomagnard.fr", "user": "voyages@mg.coccomagnard.fr",
"pass": "{{ ghost_mail_password }}" "pass": "{{ ghost_setup_mail_password }}"
} }
} }
}, },

View file

@ -9,7 +9,7 @@
"connection": { "connection": {
"host": "127.0.0.1", "host": "127.0.0.1",
"user": "ghost-483", "user": "ghost-483",
"password": "{{ ghost_db_password }}", "password": "{{ ghost_setup_db_password }}",
"database": "voyages_lois_augendre_info_prod" "database": "voyages_lois_augendre_info_prod"
} }
}, },
@ -23,7 +23,7 @@
"secure": true, "secure": true,
"auth": { "auth": {
"user": "voyages-lois@mg.augendre.info", "user": "voyages-lois@mg.augendre.info",
"pass": "{{ ghost_mail_password }}" "pass": "{{ ghost_setup_mail_password }}"
} }
} }
}, },

View file

@ -1,10 +1,10 @@
--- ---
- name: Stop service {{ docker_app_name }} - name: Stop service
listen: Restart service listen: Restart service
community.docker.docker_compose_v2: community.docker.docker_compose_v2:
project_src: "{{ docker_dir }}" project_src: "{{ docker_dir }}"
state: stopped state: stopped
- name: Start service {{ docker_app_name }} - name: Start service
listen: Restart service listen: Restart service
community.docker.docker_compose_v2: community.docker.docker_compose_v2:
project_src: "{{ docker_dir }}" project_src: "{{ docker_dir }}"

View file

@ -1,10 +1,10 @@
--- ---
- name: Create dir for {{ docker_app_name }} - name: Create dir
ansible.builtin.file: ansible.builtin.file:
path: "{{ docker_dir }}" path: "{{ docker_dir }}"
state: directory state: directory
mode: "0775" mode: "0775"
- name: Write files for {{ docker_app_name }} - name: Write files
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ docker_dir }}/" dest: "{{ docker_dir }}/"
@ -14,7 +14,7 @@
- files/{{ docker_app_name }}/.* - files/{{ docker_app_name }}/.*
notify: notify:
- Restart service - Restart service
- name: Write templates for {{ docker_app_name }} - name: Write templates
ansible.builtin.template: ansible.builtin.template:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ docker_dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" dest: "{{ docker_dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
@ -24,9 +24,9 @@
- templates/{{ docker_app_name }}/.*.j2 - templates/{{ docker_app_name }}/.*.j2
notify: notify:
- Restart service - Restart service
- name: Flush handlers for {{ docker_app_name }} - name: Flush handlers
ansible.builtin.meta: flush_handlers ansible.builtin.meta: flush_handlers
- name: Ensure service is started {{ docker_app_name }} - name: Ensure service is started
community.docker.docker_compose_v2: community.docker.docker_compose_v2:
project_src: "{{ docker_dir }}" project_src: "{{ docker_dir }}"
state: present state: present

View file

@ -1,5 +0,0 @@
---
ghost_filename: site-com-config.json.j2
ghost_site: site.com
ghost_db_password: 123
ghost_mail_password: 123

View file

@ -1,6 +0,0 @@
---
- name: Restart service {{ ghost_site }}
ansible.builtin.command:
cmd: ghost restart
chdir: /mnt/data/{{ ghost_site }}
changed_when: true

View file

@ -1,20 +0,0 @@
---
- name: Write config files for {{ ghost_site }}
ansible.builtin.template:
src: templates/ghost/{{ ghost_filename }}
dest: /mnt/data/{{ ghost_site }}/config.production.json
mode: "0664"
notify:
- Restart service
- name: Ensure service is started {{ ghost_site }}
ansible.builtin.command:
cmd: ghost start
chdir: /mnt/data/{{ ghost_site }}
register: start
changed_when: '"Starting Ghost" in start.stdout'
- name: Update {{ ghost_site }}
ansible.builtin.command:
cmd: ghost update
chdir: /mnt/data/{{ ghost_site }}
register: update
changed_when: '"Restarting Ghost" in update.stdout'

View file

@ -0,0 +1,5 @@
---
ghost_setup_filename: site-com-config.json.j2
ghost_setup_site: site.com
ghost_setup_db_password: 123
ghost_setup_mail_password: 123

View file

@ -0,0 +1,6 @@
---
- name: Restart service
ansible.builtin.command:
cmd: ghost restart
chdir: /mnt/data/{{ ghost_setup_site }}
changed_when: true

View file

@ -0,0 +1,14 @@
---
- name: Write config files
ansible.builtin.template:
src: templates/ghost-config/{{ ghost_setup_filename }}
dest: /mnt/data/{{ ghost_setup_site }}/config.production.json
mode: "0664"
notify:
- Restart service
- name: Ensure service is started
ansible.builtin.command:
cmd: ghost start
chdir: /mnt/data/{{ ghost_setup_site }}
register: start
changed_when: '"Starting Ghost" in start.stdout'