Ansible
abseits von Serverkonfigurationen

Stefan Lindecke

@lindesbs

  • https://lmgtfy.com/?q=lindesbs
  • CSS ist 💩
  • Warum gibts etwas anderes als Linux?
  • MockupMan

ansible

  • Allgemein
    https://www.ansible.com/
    v2.8.5
  • Playbooks und Inventory:
    https://docs.ansible.com/
    https://docs.ansible.com/ansible/latest/network/
  • Galaxy:
    https://galaxy.ansible.com/
ansible

ansible.cfg

 
[defaults]
force_color = false
force_handlers = True
nocows = 1
inventory = hosts

[persistent_connection]
command_timeout = 10

[ssh_connection]
pipelining = True
control_path = /tmp/ansible-ssh-%%h-%%p-%%r
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
					

mooooooo

cow_selection=random

hosts/server


horst.teipoleit.de ansible_ssh_user=teipolei
alternativ durch
ansible-playbook install_base.yml -i hosts/server
Standardanwendung

Liste von Paketen installieren


- name: "Install Apache, MySQL and PHP"
  apt:
	name: "{{ packages }}"
	state: present	
  vars:
    packages:
		- apache2
		- mysql-server
		- python-mysqldb
		- php
		- php-pear
		- php-mysql
					

Wofuer noch alles?

automatisiertes installieren und konfigurieren von Contao 4.x
  • mysql
  • composer
  • Templates
  • files
  • ...

Projektaufbau

Datenhaltung pro Installation

Installation

- name: composer.json vorhanden
	stat: 
		path: "{{ websitePath }}/composer.json"
	register: composerJsonExists
			  
			  
- name: Install composer
	composer:
		command: create-project
		arguments: contao/managed-edition "{{ websitePath }}" 4.4
		working_dir: "{{ websitePath }}"
		prefer_dist: yes
	when: composerJsonExists.stat.exists == false
				
Installation

- name: create config dir
	file:
	  path: "{{ websitePath }}/app/config"
	  state: directory
						
- name: generate parameters.yml
	template:
	  src: parameters.sh.j2
	  dest: "{{ websitePath }}/app/config/parameters.yml"
	
					
parameters.yml

# {{ ansible_managed }}
parameters:
	database_host: {{ dbHost | default("localhost") }}
	database_port: {{ dbPort | default("3306") }}
	database_user: {{ dbUser }}
	database_password: '{{ dbPassword }}'
	database_name: {{ dbDatabase | default(dbUser) }}

						
Installation

- name: Generate InstallPassword
  shell:  htpasswd -bnB "" {{ installpassword }} | tr -d ':\n'
  register: psk
  delegate_to: 127.0.0.1
						  
- set_fact: 
	psk={{ psk.stdout }}
						  
- name: generate localconfig.php
  template:
    src: localconfig.php.j2
    dest: "{{ websitePath }}/system/config/localconfig.php"

localconfig.php


<?php
// {{ ansible_managed }}

### INSTALL SCRIPT START ###
$GLOBALS['TL_CONFIG']['licenseAccepted'] = true;
$GLOBALS['TL_CONFIG']['installPassword'] = '{{ psk }}';
### INSTALL SCRIPT STOP ###
									
		
Wartung
composer require lindesbs/climan 

    - name: install package
	composer:
	  command: require
	  arguments: "{{ item }}"
	  working_dir: "{{ websitePath }}"
	with_items: 
	  - lindesbs/climan
	  - terminal42/notification_center 

- name: Execute the command in remote shell
  shell: "php {{ websitePath }}/vendor/bin/contao-console climan:maintenance --enable"
  args:
    chdir: "{{ websitePath }}"
Backup

- name: backup database, gzip & generation info (gi)
  shell: "php {{ websitePath }}/vendor/bin/contao-console
                           climan:db --gzip --gi generate"
  args:
    chdir: "{{ websitePath }}"
							
SQL Dump wird erzeugt: export_2019-10-08_08-34-33.sql.gz

-- Created at 8.10.2019 8:34 using David Grudl MySQL Dump Utility
-- MySQL Server: 5.5.5-10.4.8-MariaDB-1:10.4.8+maria~bionic
-- Database: contao_eugen
		
SET NAMES utf8;
SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO';
SET FOREIGN_KEY_CHECKS=0;
SET UNIQUE_CHECKS=0;
SET AUTOCOMMIT=0;
-- --------------------------------------------------------


DROP TABLE IF EXISTS `tl_log`;

CREATE TABLE `tl_log` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `tstamp` int(10) unsigned NOT NULL DEFAULT 0,
  `source` varchar(32) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
  `action` varchar(32) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
  `username` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
  `text` longtext COLLATE utf8mb4_unicode_ci DEFAULT NULL,
  `func` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
  `browser` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=24 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci ROW_FORMAT=DYNAMIC;

composer@home


- set_fact:    
  local_composer_json: "/tmp/external/{{ ansible_user }}_{{ inventory_hostname }}"

- set_fact:    
  composer_bin: "/opt/bin/composer.phar"
				
- fetch:
    src: "{{ composer_json_path }}/composer.json"
  	dest: "{{ local_composer_json }}/composer.json"
	flat: true 
  register: composer_json_downloaded
				  
				  
- name: Removing existing composer.lock
  file:
    path: "{{ local_composer_json }}/composer.lock"
    state: absent
  when: composer_json_downloaded.changed
				
- name: run composer.phar update
  shell: /usr/bin/php7.3 {{ composer_bin }} update -d {{ local_composer_json }}
  delegate_to: localhost
  when: composer_json_downloaded.changed
					
			 
- name: copy composer.lock to remote host
  copy:
	src: "{{ local_composer_json }}/composer.lock"
	dest: "{{ composer_json_path }}/composer.lock"
  when: composer_json_downloaded.changed
  

Fragen?