Accueil Explorer Aide
S'inscrire Connexion
iapt-platform
/
mint
miroir de https://github.com/iapt-platform/mint.git
2
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

:wrench: add zone & main deploy

Jeremy Zheng il y a 4 ans
Parent
9d9730dc5c
commit
f5ccb0abff
13 fichiers modifiés avec 127 ajouts et 13 suppressions
Vue séparée Afficher les stats Diff
  1. 10 0
      deploy/mint.yml
  2. 1 1
      deploy/roles/certbot-nginx/tasks/main.yml
  3. 2 2
      deploy/roles/mint-clone/templates/config-v1.js.j2
  4. 3 3
      deploy/roles/mint-clone/templates/config-v1.php.j2
  5. 3 2
      deploy/roles/mint-clone/templates/env-v2.j2
  6. 21 0
      deploy/roles/mint-main/tasks/main.yml
  7. 8 0
      deploy/roles/mint-main/templates/index.html.j2
  8. 14 0
      deploy/roles/mint-main/templates/nginx.conf.j2
  9. 15 0
      deploy/roles/mint-zone/tasks/main.yml
  10. 25 0
      deploy/roles/mint-zone/templates/nginx.conf.j2
  11. 0 1
      deploy/roles/os/tasks/main.yml
  12. 0 0
      deploy/roles/ubuntu/tasks/init.yml
  13. 25 4
      deploy/roles/ubuntu/tasks/main.yml

+ 10 - 0
deploy/mint.yml
Voir le fichier 

@@ -19,3 +19,13 @@
 
 - hosts: db
 
   roles:
 
     - mint-db
 
+
 
+- hosts: zone
 
+  roles:
 
+    - mint-zone
 
+    - certbot-nginx
 
+
 
+- hosts: main
 
+  roles:
 
+    - mint-main
 
+    - certbot-nginx

+ 1 - 1
deploy/roles/certbot-nginx/tasks/main.yml
Voir le fichier 

@@ -7,7 +7,7 @@
 
 - name: add Let's Encrypt support
 
   become: true
 
   ansible.builtin.shell:
 
-    cmd: certbot --nginx --non-interactive --agree-tos -m {{ app_master_email }} --domains {{ inventory_hostname }} --redirect
 
+    cmd: certbot --nginx --non-interactive --agree-tos -m {{ app_master_email }} --domains {{ inventory_hostname }} "{{ '--redirect' if app_nginx_force_https else '' }}"
 
 
 - name: restart nginx
 
   become: true

+ 2 - 2
deploy/roles/mint-clone/templates/config-v1.js.j2
Voir le fichier 

@@ -1,4 +1,4 @@
 
-var RPC_SERVER="https://rpc.wikipali.org";
 
+var RPC_SERVER="https://{{ app_rpc_host }}";
 
 
 /*
 
   |---------------
 
@@ -11,4 +11,4 @@ var RPC_SERVER="https://rpc.wikipali.org";
 
   |------------------------
 
 */
 
 
-var ASSETS_SERVER = "https://assets-{{ app_cluster_id }}.wikipali.org"
 
+var ASSETS_SERVER = "https://assets-{{ app_cluster_domain }}"

+ 3 - 3
deploy/roles/mint-clone/templates/config-v1.php.j2
Voir le fichier 

@@ -1,8 +1,8 @@
 
 <?php
 
 
 #域名设置
 
-define("RPC_SERVER","https://rpc.wikipali.org");
 
-define("ASSETS_SERVER","https://assets-{{ app_cluster_id }}.wikipali.org");
 
+define("RPC_SERVER","https://{{ app_rpc_host }}");
 
+define("ASSETS_SERVER","https://assets-{{ app_cluster_domain }}");
 
 /*
 
 电子邮件设置
 
 PHPMailer
 
@@ -38,7 +38,7 @@ define("Redis",[
 
 	"host" => "{{ app_redis_host }}",
 
 	"port" => 6379,
 
 	"password" => "",
 
-	"prefix"=>"mint://"
 
+	"namespace" => "{{ app_redis_namespace }}"
 
 ]);
 
 
 # 雪花id

+ 3 - 2
deploy/roles/mint-clone/templates/env-v2.j2
Voir le fichier 

@@ -31,6 +31,7 @@ MEMCACHED_HOST=127.0.0.1
 
 REDIS_HOST={{ app_redis_host }}
 
 REDIS_PASSWORD=null
 
 REDIS_PORT=6379
 
+REDIS_NAMESPACE="{{ app_redis_namespace }}"
 
 
 MAIL_MAILER=smtp
 
 MAIL_HOST=smtp.gmail.com
 
@@ -55,7 +56,7 @@ PUSHER_APP_CLUSTER=mt1
 
 MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
 
 MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
 
 
-ASSETS_SERVER="https://assets-{{ app_cluster_id }}.wikipali.org"
 
-RPC_SERVER="https://rpc.wikipali.org"
 
+ASSETS_SERVER="https://assets-{{ app_cluster_domain }}"
 
+RPC_SERVER="https://{{ app_rpc_host }}"
 
 SNOWFLAKE_DATA_CENTER_ID=1
 
 SNOWFLAKE_WORKER_ID=1

+ 21 - 0
deploy/roles/mint-main/tasks/main.yml
Voir le fichier 

@@ -0,0 +1,21 @@
 
+- name: Creates deploy directory
 
+  become: true
 
+  file:
 
+    path: "{{ app_deploy_target }}"
 
+    state: directory
 
+    owner: "{{ ansible_user }}"
 
+
 
+- name: upload index.html
 
+  ansible.builtin.template:
 
+    src: index.html.j2
 
+    dest: "{{ app_deploy_target }}/index.html"
 
+    mode: '0400'
 
+
 
+- name: upload nginx.conf
 
+  become: true
 
+  ansible.builtin.template:
 
+    src: nginx.conf.j2
 
+    dest: "/etc/nginx/sites-enabled/{{ inventory_hostname }}.conf"
 
+    owner: www-data
 
+    group: www-data
 
+    mode: '0400'

+ 8 - 0
deploy/roles/mint-main/templates/index.html.j2
Voir le fichier 

@@ -0,0 +1,8 @@
 
+<!DOCTYPE html>
 
+<html>
 
+  <head>
 
+    <meta http-equiv="refresh" content="0; url='https://www-{{ app_cluster_domain }}'" />
 
+  </head>
 
+  <body>
 
+  </body>
 
+</html>

+ 14 - 0
deploy/roles/mint-main/templates/nginx.conf.j2
Voir le fichier 

@@ -0,0 +1,14 @@
 
+server {
 
+    listen 80;
 
+    listen [::]:80;
 
+
 
+    gzip on;
 
+    server_name {{ inventory_hostname }};
 
+    root {{ app_deploy_target }};
 
+    client_max_body_size 16M;
 
+    index index.html;
 
+    charset utf-8;
 
+
 
+    access_log off;
 
+    error_log /var/log/nginx/{{ inventory_hostname }}.error.log warn;
 
+}

+ 15 - 0
deploy/roles/mint-zone/tasks/main.yml
Voir le fichier 

@@ -0,0 +1,15 @@
 
+- name: Creates deploy directory
 
+  become: true
 
+  file:
 
+    path: "{{ app_deploy_target }}"
 
+    state: directory
 
+    owner: "{{ ansible_user }}"
 
+
 
+- name: upload nginx.conf
 
+  become: true
 
+  ansible.builtin.template:
 
+    src: nginx.conf.j2
 
+    dest: "/etc/nginx/sites-enabled/{{ inventory_hostname }}.conf"
 
+    owner: www-data
 
+    group: www-data
 
+    mode: '0400'

+ 25 - 0
deploy/roles/mint-zone/templates/nginx.conf.j2
Voir le fichier 

@@ -0,0 +1,25 @@
 
+upstream {{ app_cluster_domain }} {
 
+{% for it in groups['www'] %}
 
+    server {{ it }};
 
+{% endfor %}
 
+    fair;
 
+}
 
+
 
+server {
 
+    listen 80;
 
+    listen [::]:80;
 
+
 
+    gzip on;
 
+    server_name {{ inventory_hostname }};
 
+    root {{ app_deploy_target }};
 
+    client_max_body_size 16M;
 
+    index index.html;
 
+    charset utf-8;
 
+
 
+    access_log off;
 
+    error_log /var/log/nginx/{{ inventory_hostname }}.error.log warn;
 
+
 
+    location / {
 
+        proxy_pass http://{{ app_cluster_domain }};
 
+    }
 
+}

+ 0 - 1
deploy/roles/os/tasks/main.yml
Voir le fichier 

@@ -1,4 +1,3 @@
 
-- import_tasks: init.yml
 
 - import_tasks: sshd.yml
 
 - import_tasks: ulimits.yml

+ 0 - 0
deploy/roles/os/tasks/init.yml → deploy/roles/ubuntu/tasks/init.yml
Voir le fichier


+ 25 - 4
deploy/roles/ubuntu/tasks/main.yml
Voir le fichier 

@@ -19,6 +19,20 @@
 
 #     state: absent
 
 #     path: /etc/apt/sources.list.d
 
 
+- import_tasks: init.yml
 
+
 
+# https://github.com/nodesource/distributions#deb
 
+# - name: Download nodejs-ppa installer
 
+#   get_url:
 
+#     url: https://deb.nodesource.com/setup_lts.x
 
+#     dest: "{{ app_downloads }}/setup_node_lts.sh"
 
+#     mode: '0755'
 
+
 
+# - name: Install nodejs ppa
 
+#   become: true
 
+#   ansible.builtin.shell: "{{ app_downloads }}/setup_node_lts.sh"
 
+
 
+
 
 - name: add PPA for Ubuntu Toolchain
 
   become: true
 
   ansible.builtin.apt_repository:
 
@@ -84,21 +98,28 @@
 
       - snmpd
 
       - mutt
 
       - systemd-cron
 
-      - systemd-timesyncd
 
       - screen
 
       - tmux
 
       - hugo
 
+      - nodejs
 
       - python3
 
       - python3-pip
 
       - python3-distutils
 
       - python3-dev
 
-      - nodejs
 
-      - npm
 
-      - yarnpkg
 
       - libssl-dev
 
       - libpq-dev
 
       - libmysqlclient-dev
 
 
+- name: Install dependicy packages(>bionic)
 
+  become: true
 
+  apt:
 
+    pkg:
 
+      - systemd-timesyncd
 
+      - yarnpkg
 
+  # ansible_facts['distribution'] == "Ubuntu"
 
+  when: ansible_facts['distribution_major_version'] | int >= 20
 
+
 
+
 
 
 - import_tasks: locales.yml