tanshu
/
playbooks
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Broke apart the playbook into roles.

This commit is contained in:
Amritanshu Agrawal 2023-07-14 12:57:35 +05:30
parent 7744dd0520
commit 3bbacab487
13 changed files with 285 additions and 241 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

241
iot/playbook.yml
View File

@ -1,238 +1,13 @@
#################################################
# DO Community Playbooks: Docker
#################################################
---
- hosts: all
- name: Tanshu IOT Playbook
hosts: all
become: true
vars_files:
- vars/default.yml
tasks:
- getent:
database: passwd
key: "{{ mqtt_user }}"
split: ":"
# - name: "{{ getent_passwd[user][1] }} : {{ getent_passwd[user][2] }}"
# docker_image:
# name: "{{ mqtt_imag }}"
# source: pull
# force_source: yes
- name: Pull Mosquitto image
docker_image:
name: "{{ mqtt_image }}"
source: pull
force_source: yes
- name: Ensure Mosquitto Directory exists
file:
path: "{{ mqtt_directory }}"
state: directory
group: 0 # "{{ mqtt_user }}"
owner: 0 # "{{ mqtt_user }}"
mode: 0755
- name: Ensure Mosquitto Config Directory exists
file:
path: "{{ mqtt_directory }}/config"
state: directory
group: 0 # "{{ mqtt_user }}"
owner: 0 # "{{ mqtt_user }}"
mode: 0755
- name: Copy the Mosquitto conf file
template:
src: "files/mosquitto.conf"
dest: "{{ mqtt_directory }}/config/mosquitto.conf"
group: 1883 # "{{ mqtt_user }}"
owner: 1883 # "{{ mqtt_user }}"
mode: 0646
# - name: Check if Mosquitto passwd file exists
# stat: path="{{ mqtt_directory }}/config/passwd"
# register: status
- name: Ensure Mosquitto passwd file exists
template:
src: "files/passwd"
dest: "{{ mqtt_directory }}/config/passwd"
group: 1883 # "{{ mqtt_user }}"
owner: 1883 # "{{ mqtt_user }}"
mode: 0646
- name: Encrypt the docker file
command: docker exec -i mosquitto mosquitto_passwd -U /mosquitto/config/passwd
- name: Ensure Mosquitto Log Directory exists
file:
path: "{{ mqtt_directory }}/log"
state: directory
group: 0 # "{{ mqtt_user }}"
owner: 0 # "{{ mqtt_user }}"
mode: 0755
- name: Ensure Mosquitto log file exists
file:
path: "{{ mqtt_directory }}/log/mosquitto.log"
state: touch
group: 0 # "{{ mqtt_user }}"
owner: 0 # "{{ mqtt_user }}"
mode: 0646
- name: Create Mosquitto container
docker_container:
name: "{{ mqtt_container }}"
image: "{{ mqtt_image }}"
state: started
restart_policy: "unless-stopped"
# user: 0:0 # "{{ getent_passwd[mqtt_user][1] }}:{{ getent_passwd[mqtt_user][2] }}"
published_ports:
- 127.0.0.1:9001:9001
- 1883:1883
volumes:
- "{{ mqtt_directory }}/config:/mosquitto/config"
- "{{ mqtt_directory }}/data:/mosquitto/data"
- "{{ mqtt_directory }}/log:/mosquitto/log"
- getent:
database: passwd
key: "{{ user }}"
split: ":"
- name: Pull InfluxDB image
docker_image:
name: "{{ influx_image }}"
source: pull
force_source: yes
- name: Ensure Influx Directory exists
file:
path: "{{ influx_directory }}"
state: directory
group: "{{ user }}"
owner: "{{ user }}"
mode: 0755
- name: Ensure Influx Data Directory exists
file:
path: "{{ influx_directory }}/data"
state: directory
group: "{{ user }}"
owner: "{{ user }}"
mode: 0755
- name: Ensure Influx Config Directory exists
file:
path: "{{ influx_directory }}/config"
state: directory
group: "{{ user }}"
owner: "{{ user }}"
mode: 0755
- name: Create InfluxDB container
docker_container:
name: "{{ influx_container }}"
image: "{{ influx_image }}"
state: started
restart_policy: "unless-stopped"
user: "{{ getent_passwd[user][1] }}:{{ getent_passwd[user][2] }}"
published_ports:
- 127.0.0.1:8086:8086
volumes:
- "{{ influx_directory }}/data:/var/lib/influxdb2"
- "{{ influx_directory }}/config:/etc/influxdb2"
- name: Pull Node Red image
docker_image:
name: "{{ nodered_image }}"
source: pull
force_source: yes
- name: Ensure Node Red Directory exists
file:
path: "{{ nodered_directory }}"
state: directory
group: "{{ user }}"
owner: "{{ user }}"
mode: 0755
- name: Create Node Red container
docker_container:
name: "{{ nodered_container }}"
image: "{{ nodered_image }}"
state: started
restart_policy: "unless-stopped"
user: "{{ getent_passwd[user][1] }}:{{ getent_passwd[user][2] }}"
env:
TZ: "Asia/Kolkata"
links:
- "{{ mqtt_container }}:mqtt"
- "{{ influx_container }}:influx"
published_ports:
- 127.0.0.1:1880:1880
volumes:
- "{{ nodered_directory }}:/data"
- name: Pull Grafana image
docker_image:
name: "{{ grafana_image }}"
source: pull
force_source: yes
- name: Ensure Grafana Directory exists
file:
path: "{{ grafana_directory }}"
state: directory
group: "{{ user }}"
owner: "{{ user }}"
mode: 0755
- name: Create Grafana container
docker_container:
name: "{{ grafana_container }}"
image: "{{ grafana_image }}"
state: started
restart_policy: "unless-stopped"
user: "{{ getent_passwd[user][1] }}:{{ getent_passwd[user][2] }}"
env:
GF_SERVER_ROOT_URL: "https://{{ http_host }}"
GF_INSTALL_PLUGINS: "grafana-clock-panel, grafana-simple-json-datasource, natel-discrete-panel, briangann-gauge-panel, vonage-status-panel, neocat-cal-heatmap-panel, natel-plotly-panel"
GF_AUTH_ANONYMOUS_ENABLED: "true"
GF_AUTH_ANONYMOUS_ORG_NAME: "Public"
GF_AUTH_ANONYMOUS_ORG_ROLE: "Viewer"
GF_AUTH_ANONYMOUS_HIDE_VERSION: "true"
links:
- "{{ influx_container }}:influx"
published_ports:
- 127.0.0.1:3005:3000
volumes:
- "{{ grafana_directory }}:/var/lib/grafana"
- name: Check if Nginx conf file exists
stat: path="/etc/nginx/sites-available/{{ http_conf }}"
register: status
- name: No need to reload Nginx
debug: msg= {{ "No need to reload Nginx as sites-available entries have already been created" }}
- name: Set Nginx conf file
when: status.stat.exists == false
template:
src: "files/nginx.conf.j2"
dest: "/etc/nginx/sites-available/{{ http_conf }}"
- name: Enable new site
when: status.stat.exists == false
file:
src: "/etc/nginx/sites-available/{{ http_conf }}"
dest: "/etc/nginx/sites-enabled/{{ http_conf }}"
state: link
notify: Reload Nginx
handlers:
- name: Reload Nginx
service:
name: nginx
state: reloaded
roles:
# - mosquitto
# - influxdb
# - nodered
# - grafana
- nginx

6
iot/roles/grafana/defaults/main.yaml Normal file
View File

@ -0,0 +1,6 @@
---
# Default variables for Grafana role
grafana_user: "{{ ansible_user }}"
grafana_image: "grafana/grafana:latest"
grafana_directory: "/opt/grafana"
grafana_container: "grafana"

41
iot/roles/grafana/tasks/main.yaml Normal file
View File

@ -0,0 +1,41 @@
---
# Tasks for Grafana role
- getent:
database: passwd
key: "{{ grafana_user }}"
split: ":"
- name: Pull Grafana image
docker_image:
name: "{{ grafana_image }}"
source: pull
force_source: yes
- name: Ensure Grafana Directory exists
file:
path: "{{ grafana_directory }}"
state: directory
group: "{{ grafana_user }}"
owner: "{{ grafana_user }}"
mode: 0755
- name: Create Grafana container
docker_container:
name: "{{ grafana_container }}"
image: "{{ grafana_image }}"
state: started
restart_policy: "unless-stopped"
user: "{{ getent_passwd[grafana_user][1] }}:{{ getent_passwd[grafana_user][2] }}"
env:
GF_SERVER_ROOT_URL: "https://{{ http_host }}"
GF_INSTALL_PLUGINS: "grafana-clock-panel, grafana-simple-json-datasource, natel-discrete-panel, briangann-gauge-panel, vonage-status-panel, neocat-cal-heatmap-panel, natel-plotly-panel"
GF_AUTH_ANONYMOUS_ENABLED: "true"
GF_AUTH_ANONYMOUS_ORG_NAME: "Public"
GF_AUTH_ANONYMOUS_ORG_ROLE: "Viewer"
GF_AUTH_ANONYMOUS_HIDE_VERSION: "true"
links:
- "{{ influx_container }}:influx"
published_ports:
- 127.0.0.1:3005:3000
volumes:
- "{{ grafana_directory }}:/var/lib/grafana"

6
iot/roles/influxdb/defaults/main.yaml Normal file
View File

@ -0,0 +1,6 @@
---
# Default variables for InfluxDB role
influx_user: "{{ ansible_user }}"
influx_image: "influxdb:latest"
influx_directory: "/var/lib/influxtestroledir"
influx_container: "influxtestrole"

50
iot/roles/influxdb/tasks/main.yaml Normal file
View File

@ -0,0 +1,50 @@
---
# Tasks for InfluxDB role
- getent:
database: passwd
key: "{{ influx_user }}"
split: ":"
- name: Pull InfluxDB image
docker_image:
name: "{{ influx_image }}"
source: pull
force_source: yes
- name: Ensure Influx Directory exists
file:
path: "{{ influx_directory }}"
state: directory
group: "{{ influx_user }}"
owner: "{{ influx_user }}"
mode: 0755
- name: Ensure Influx Data Directory exists
file:
path: "{{ influx_directory }}/data"
state: directory
group: "{{ influx_user }}"
owner: "{{ influx_user }}"
mode: 0755
- name: Ensure Influx Config Directory exists
file:
path: "{{ influx_directory }}/config"
state: directory
group: "{{ influx_user }}"
owner: "{{ influx_user }}"
mode: 0755
- name: Create InfluxDB container
docker_container:
name: "{{ influx_container }}"
image: "{{ influx_image }}"
state: started
restart_policy: "unless-stopped"
user: "{{ getent_passwd[influx_user][1] }}:{{ getent_passwd[influx_user][2] }}"
published_ports:
- 127.0.0.1:8088:8086
volumes:
- "{{ influx_directory }}/data:/var/lib/influxdb2"
- "{{ influx_directory }}/config:/etc/influxdb2"

6
iot/roles/mosquitto/defaults/main.yaml Normal file
View File

@ -0,0 +1,6 @@
---
# Default variables for Mosquitto role
mosquitto_user: "{{ ansible_user }}"
mosquitto_image: "mosquitto:latest"
mosquitto_directory: "/opt/mosquitto"
mosquitto_container: "mosquitto"

82
iot/roles/mosquitto/tasks/main.yaml Normal file
View File

@ -0,0 +1,82 @@
---
# Tasks for Mosquitto role
- getent:
database: passwd
key: "{{ mosquitto_user }}"
split: ":"
- name: Pull Mosquitto image
docker_image:
name: "{{ mosquitto_image }}"
source: pull
force_source: yes
- name: Ensure Mosquitto Directory exists
file:
path: "{{ mosquitto_directory }}"
state: directory
group: 0 # "{{ mosquitto_user }}"
owner: 0 # "{{ mosquitto_user }}"
mode: 0755
- name: Ensure Mosquitto Config Directory exists
file:
path: "{{ mosquitto_directory }}/config"
state: directory
group: 0 # "{{ mosquitto_user }}"
owner: 0 # "{{ mosquitto_user }}"
mode: 0755
- name: Copy the Mosquitto conf file
template:
src: "files/mosquitto.conf"
dest: "{{ mosquitto_directory }}/config/mosquitto.conf"
group: 1883 # "{{ mosquitto_user }}"
owner: 1883 # "{{ mosquitto_user }}"
mode: 0646
# - name: Check if Mosquitto passwd file exists
# stat: path="{{ mosquitto_directory }}/config/passwd"
# register: status
- name: Ensure Mosquitto passwd file exists
template:
src: "files/passwd"
dest: "{{ mosquitto_directory }}/config/passwd"
group: 1883 # "{{ mosquitto_user }}"
owner: 1883 # "{{ mosquitto_user }}"
mode: 0646
- name: Encrypt the docker file
command: docker exec -i mosquitto mosquitto_passwd -U /mosquitto/config/passwd
- name: Ensure Mosquitto Log Directory exists
file:
path: "{{ mosquitto_directory }}/log"
state: directory
group: 0 # "{{ mosquitto_user }}"
owner: 0 # "{{ mosquitto_user }}"
mode: 0755
- name: Ensure Mosquitto log file exists
file:
path: "{{ mosquitto_directory }}/log/mosquitto.log"
state: touch
group: 0 # "{{ mosquitto_user }}"
owner: 0 # "{{ mosquitto_user }}"
mode: 0646
- name: Create Mosquitto container
docker_container:
name: "{{ mosquitto_container }}"
image: "{{ mosquitto_image }}"
state: started
restart_policy: "unless-stopped"
# user: 0:0 # "{{ getent_passwd[mosquitto_user][1] }}:{{ getent_passwd[mosquitto_user][2] }}"
published_ports:
- 127.0.0.1:9001:9001
- 1883:1883
volumes:
- "{{ mosquitto_directory }}/config:/mosquitto/config"
- "{{ mosquitto_directory }}/data:/mosquitto/data"
- "{{ mosquitto_directory }}/log:/mosquitto/log"

2
iot/roles/nginx/defaults/main.yaml Normal file
View File

@ -0,0 +1,2 @@
---
# Default variables for Nginx role

6
iot/roles/nginx/handlers/main.yaml Normal file
View File

@ -0,0 +1,6 @@
---
# Handlers for Nginx role
- name: Reload Nginx
service:
name: nginx
state: reloaded

24
iot/roles/nginx/tasks/main.yaml Normal file
View File

@ -0,0 +1,24 @@
---
# Tasks for Nginx role
- name: Check if Nginx conf file exists
stat:
path: "/etc/nginx/sites-available/{{ http_conf }}"
register: status
- name: No need to reload Nginx
debug:
msg: "No need to reload Nginx as sites-available entries have already been created"
- name: Set Nginx conf file
when: status.stat.exists == false
template:
src: "files/nginx.conf.j2"
dest: "/etc/nginx/sites-available/{{ http_conf }}"
- name: Enable new site
when: status.stat.exists == false
file:
src: "/etc/nginx/sites-available/{{ http_conf }}"
dest: "/etc/nginx/sites-enabled/{{ http_conf }}"
state: link
notify: Reload Nginx

6
iot/roles/nodered/defaults/main.yaml Normal file
View File

@ -0,0 +1,6 @@
---
# Default variables for Node-RED role
nodered_user: "{{ ansible_user }}"
nodered_image: "nodered/node-red:latest"
nodered_directory: "/opt/nodered"
nodered_container: "nodered"

37
iot/roles/nodered/tasks/main.yaml Normal file
View File

@ -0,0 +1,37 @@
---
- getent:
database: passwd
key: "{{ nodered_user }}"
split: ":"
# Tasks for Node-RED role
- name: Pull Node Red image
docker_image:
name: "{{ nodered_image }}"
source: pull
force_source: yes
- name: Ensure Node Red Directory exists
file:
path: "{{ nodered_directory }}"
state: directory
group: "{{ nodered_user }}"
owner: "{{ nodered_user }}"
mode: 0755
- name: Create Node Red container
docker_container:
name: "{{ nodered_container }}"
image: "{{ nodered_image }}"
state: started
restart_policy: "unless-stopped"
user: "{{ getent_passwd[nodered_user][1] }}:{{ getent_passwd[nodered_user][2] }}"
env:
TZ: "Asia/Kolkata"
links:
- "{{ mosquitto_container }}:mqtt"
- "{{ influx_container }}:influx"
published_ports:
- 127.0.0.1:1880:1880
volumes:
- "{{ nodered_directory }}:/data"

19
iot/vars/default.yml
View File

@ -1,24 +1,27 @@
---
host_directory: /var/lib/iot
host_directory: /var/lib
user: 'www-data'
mqtt_container: mosquitto
mqtt_image: eclipse-mosquitto:latest
mqtt_directory: "{{ host_directory }}/mosquitto"
mosquitto_container: mosquitto
mosquitto_image: eclipse-mosquitto:latest
mosquitto_directory: "{{ host_directory }}/mosquitto"
mosquitto_user: 'root'
nodered_container: nodered
nodered_image: nodered/node-red:latest
nodered_directory: "{{ host_directory }}/nodered"
nodered_user: "{{ user }}"
influx_container: influxdb
influx_container: influxtestplay
influx_image: influxdb:latest
influx_directory: "{{ host_directory }}/influx"
influx_directory: "{{ host_directory }}/influxtestplaydir"
influx_user: "{{ user }}"
grafana_container: grafana
grafana_image: grafana/grafana-enterprise:latest
grafana_directory: "{{ host_directory }}/grafana"
grafana_user: "{{ user }}"
http_host: "iot.tanshu.com"
http_conf: "iot.tanshu.com.conf"
user: 'www-data'
mqtt_user: 'root'