Browse Source

api: do not bind api service to api-host

Fixes: main/infrastructure#228
keep-around/4a3c550f54520f85e638b393d0d979459764ed08
Loïc Dachary 11 months ago
committed by Loic Dachary
parent
commit
ff154fb1ab
Signed by: dachary GPG Key ID: 992D23B392F9E4F2
  1. 1
      enough-playbook.yml
  2. 2
      inventory/host_vars/api-host/api.yml
  3. 3
      inventory/services.yml
  4. 21
      playbooks/api/api-playbook.yml
  5. 2
      playbooks/api/conftest.py
  6. 4
      playbooks/api/inventory/services.yml
  7. 2
      playbooks/api/tests/test_api.py

1
enough-playbook.yml

@ -13,6 +13,7 @@
- import_playbook: "{{ '$SHARE_DIR/playbooks/pad/pad-playbook.yml' | expandvars }}"
when: (groups['pad-service-group'] | length) > 0
- import_playbook: "{{ '$SHARE_DIR/playbooks/api/api-playbook.yml' | expandvars }}"
when: (groups['api-service-group'] | length) > 0
- import_playbook: "{{ '$SHARE_DIR/playbooks/openvpn/openvpn-server-playbook.yml' | expandvars }}"
when: (groups['openvpn-service-group'] | length) > 0
- import_playbook: "{{ '$SHARE_DIR/playbooks/openvpn/openvpn-client-playbook.yml' | expandvars }}"

2
inventory/host_vars/api-host/api.yml

@ -1,2 +0,0 @@
---
api_vhost_fqdn: api.{{ domain }}

3
inventory/services.yml

@ -125,8 +125,7 @@ website-service-hosts:
essential-service-group:
api-service-group:
hosts:
api-host:
hosts: {}
api-service-hosts:
children:

21
playbooks/api/api-playbook.yml

@ -1,6 +1,21 @@
---
- name: setup api DNS
hosts: api-service-group
become: true
pre_tasks:
- name: set CNAME
nsupdate:
server: "{{ hostvars['bind-host']['ansible_host'] }}"
zone: "{{ domain }}"
record: "api.{{ domain }}."
ttl: 1800
type: CNAME
value: "{{ groups['api-service-group'][0] }}.{{ domain }}."
delegate_to: bind-host
- name: install API
hosts: api-host
hosts: api-service-group
become: true
roles:
@ -10,11 +25,11 @@
- role: enough-nginx
vars:
enough_nginx_reverse_proxy: 127.0.0.1:8000
enough_nginx_fqdn: "{{ api_vhost_fqdn }}"
enough_nginx_fqdn: "api.{{ domain }}"
- role: certificate
vars:
certificate_fqdn: "{{ api_vhost_fqdn }}"
certificate_fqdn: "api.{{ domain }}"
certificate_installer: nginx
- role: api

2
playbooks/api/conftest.py

@ -3,7 +3,7 @@ def pytest_addoption(parser):
"--enough-hosts",
action="store",
default="bind-host,packages-host,icinga-host,api-host,gitlab-host",
default="bind-host,packages-host,icinga-host,gitlab-host",
help="list of hosts"
)
parser.addoption(

4
playbooks/api/inventory/services.yml

@ -2,3 +2,7 @@
icinga-service-group:
hosts:
icinga-host:
api-service-group:
hosts:
gitlab-host:

2
playbooks/api/tests/test_api.py

@ -12,7 +12,7 @@ from bs4 import BeautifulSoup
# docker exec -ti enough_enough-enough_1 journalctl -n 200 -f --unit enough
#
testinfra_hosts = ['ansible://api-host']
testinfra_hosts = ['ansible://gitlab-host']
def get_domain(inventory):

Loading…
Cancel
Save