From 3bbacab487c5984ef9f6b1ea4efad0c6e0505337 Mon Sep 17 00:00:00 2001 From: Amritanshu Date: Fri, 14 Jul 2023 12:57:35 +0530 Subject: [PATCH] Broke apart the playbook into roles. --- iot/playbook.yml | 241 +------------------------ iot/roles/grafana/defaults/main.yaml | 6 + iot/roles/grafana/tasks/main.yaml | 41 +++++ iot/roles/influxdb/defaults/main.yaml | 6 + iot/roles/influxdb/tasks/main.yaml | 50 +++++ iot/roles/mosquitto/defaults/main.yaml | 6 + iot/roles/mosquitto/tasks/main.yaml | 82 +++++++++ iot/roles/nginx/defaults/main.yaml | 2 + iot/roles/nginx/handlers/main.yaml | 6 + iot/roles/nginx/tasks/main.yaml | 24 +++ iot/roles/nodered/defaults/main.yaml | 6 + iot/roles/nodered/tasks/main.yaml | 37 ++++ iot/vars/default.yml | 19 +- 13 files changed, 285 insertions(+), 241 deletions(-) create mode 100644 iot/roles/grafana/defaults/main.yaml create mode 100644 iot/roles/grafana/tasks/main.yaml create mode 100644 iot/roles/influxdb/defaults/main.yaml create mode 100644 iot/roles/influxdb/tasks/main.yaml create mode 100644 iot/roles/mosquitto/defaults/main.yaml create mode 100644 iot/roles/mosquitto/tasks/main.yaml create mode 100644 iot/roles/nginx/defaults/main.yaml create mode 100644 iot/roles/nginx/handlers/main.yaml create mode 100644 iot/roles/nginx/tasks/main.yaml create mode 100644 iot/roles/nodered/defaults/main.yaml create mode 100644 iot/roles/nodered/tasks/main.yaml diff --git a/iot/playbook.yml b/iot/playbook.yml index 19c1b66..532bfea 100755 --- a/iot/playbook.yml +++ b/iot/playbook.yml @@ -1,238 +1,13 @@ -################################################# -# DO Community Playbooks: Docker -################################################# --- -- hosts: all +- name: Tanshu IOT Playbook + hosts: all become: true vars_files: - vars/default.yml - tasks: - - getent: - database: passwd - key: "{{ mqtt_user }}" - split: ":" - - # - name: "{{ getent_passwd[user][1] }} : {{ getent_passwd[user][2] }}" - # docker_image: - # name: "{{ mqtt_imag }}" - # source: pull - # force_source: yes - - - name: Pull Mosquitto image - docker_image: - name: "{{ mqtt_image }}" - source: pull - force_source: yes - - - name: Ensure Mosquitto Directory exists - file: - path: "{{ mqtt_directory }}" - state: directory - group: 0 # "{{ mqtt_user }}" - owner: 0 # "{{ mqtt_user }}" - mode: 0755 - - - name: Ensure Mosquitto Config Directory exists - file: - path: "{{ mqtt_directory }}/config" - state: directory - group: 0 # "{{ mqtt_user }}" - owner: 0 # "{{ mqtt_user }}" - mode: 0755 - - - name: Copy the Mosquitto conf file - template: - src: "files/mosquitto.conf" - dest: "{{ mqtt_directory }}/config/mosquitto.conf" - group: 1883 # "{{ mqtt_user }}" - owner: 1883 # "{{ mqtt_user }}" - mode: 0646 - - # - name: Check if Mosquitto passwd file exists - # stat: path="{{ mqtt_directory }}/config/passwd" - # register: status - - - name: Ensure Mosquitto passwd file exists - template: - src: "files/passwd" - dest: "{{ mqtt_directory }}/config/passwd" - group: 1883 # "{{ mqtt_user }}" - owner: 1883 # "{{ mqtt_user }}" - mode: 0646 - - - name: Encrypt the docker file - command: docker exec -i mosquitto mosquitto_passwd -U /mosquitto/config/passwd - - - name: Ensure Mosquitto Log Directory exists - file: - path: "{{ mqtt_directory }}/log" - state: directory - group: 0 # "{{ mqtt_user }}" - owner: 0 # "{{ mqtt_user }}" - mode: 0755 - - - name: Ensure Mosquitto log file exists - file: - path: "{{ mqtt_directory }}/log/mosquitto.log" - state: touch - group: 0 # "{{ mqtt_user }}" - owner: 0 # "{{ mqtt_user }}" - mode: 0646 - - - name: Create Mosquitto container - docker_container: - name: "{{ mqtt_container }}" - image: "{{ mqtt_image }}" - state: started - restart_policy: "unless-stopped" - # user: 0:0 # "{{ getent_passwd[mqtt_user][1] }}:{{ getent_passwd[mqtt_user][2] }}" - published_ports: - - 127.0.0.1:9001:9001 - - 1883:1883 - volumes: - - "{{ mqtt_directory }}/config:/mosquitto/config" - - "{{ mqtt_directory }}/data:/mosquitto/data" - - "{{ mqtt_directory }}/log:/mosquitto/log" - - - getent: - database: passwd - key: "{{ user }}" - split: ":" - - - name: Pull InfluxDB image - docker_image: - name: "{{ influx_image }}" - source: pull - force_source: yes - - - name: Ensure Influx Directory exists - file: - path: "{{ influx_directory }}" - state: directory - group: "{{ user }}" - owner: "{{ user }}" - mode: 0755 - - - name: Ensure Influx Data Directory exists - file: - path: "{{ influx_directory }}/data" - state: directory - group: "{{ user }}" - owner: "{{ user }}" - mode: 0755 - - - name: Ensure Influx Config Directory exists - file: - path: "{{ influx_directory }}/config" - state: directory - group: "{{ user }}" - owner: "{{ user }}" - mode: 0755 - - - name: Create InfluxDB container - docker_container: - name: "{{ influx_container }}" - image: "{{ influx_image }}" - state: started - restart_policy: "unless-stopped" - user: "{{ getent_passwd[user][1] }}:{{ getent_passwd[user][2] }}" - published_ports: - - 127.0.0.1:8086:8086 - volumes: - - "{{ influx_directory }}/data:/var/lib/influxdb2" - - "{{ influx_directory }}/config:/etc/influxdb2" - - - name: Pull Node Red image - docker_image: - name: "{{ nodered_image }}" - source: pull - force_source: yes - - - name: Ensure Node Red Directory exists - file: - path: "{{ nodered_directory }}" - state: directory - group: "{{ user }}" - owner: "{{ user }}" - mode: 0755 - - - name: Create Node Red container - docker_container: - name: "{{ nodered_container }}" - image: "{{ nodered_image }}" - state: started - restart_policy: "unless-stopped" - user: "{{ getent_passwd[user][1] }}:{{ getent_passwd[user][2] }}" - env: - TZ: "Asia/Kolkata" - links: - - "{{ mqtt_container }}:mqtt" - - "{{ influx_container }}:influx" - published_ports: - - 127.0.0.1:1880:1880 - volumes: - - "{{ nodered_directory }}:/data" - - - name: Pull Grafana image - docker_image: - name: "{{ grafana_image }}" - source: pull - force_source: yes - - - name: Ensure Grafana Directory exists - file: - path: "{{ grafana_directory }}" - state: directory - group: "{{ user }}" - owner: "{{ user }}" - mode: 0755 - - - name: Create Grafana container - docker_container: - name: "{{ grafana_container }}" - image: "{{ grafana_image }}" - state: started - restart_policy: "unless-stopped" - user: "{{ getent_passwd[user][1] }}:{{ getent_passwd[user][2] }}" - env: - GF_SERVER_ROOT_URL: "https://{{ http_host }}" - GF_INSTALL_PLUGINS: "grafana-clock-panel, grafana-simple-json-datasource, natel-discrete-panel, briangann-gauge-panel, vonage-status-panel, neocat-cal-heatmap-panel, natel-plotly-panel" - GF_AUTH_ANONYMOUS_ENABLED: "true" - GF_AUTH_ANONYMOUS_ORG_NAME: "Public" - GF_AUTH_ANONYMOUS_ORG_ROLE: "Viewer" - GF_AUTH_ANONYMOUS_HIDE_VERSION: "true" - links: - - "{{ influx_container }}:influx" - published_ports: - - 127.0.0.1:3005:3000 - volumes: - - "{{ grafana_directory }}:/var/lib/grafana" - - - name: Check if Nginx conf file exists - stat: path="/etc/nginx/sites-available/{{ http_conf }}" - register: status - - - name: No need to reload Nginx - debug: msg= {{ "No need to reload Nginx as sites-available entries have already been created" }} - - - name: Set Nginx conf file - when: status.stat.exists == false - template: - src: "files/nginx.conf.j2" - dest: "/etc/nginx/sites-available/{{ http_conf }}" - - - name: Enable new site - when: status.stat.exists == false - file: - src: "/etc/nginx/sites-available/{{ http_conf }}" - dest: "/etc/nginx/sites-enabled/{{ http_conf }}" - state: link - notify: Reload Nginx - - handlers: - - name: Reload Nginx - service: - name: nginx - state: reloaded - + roles: + # - mosquitto + # - influxdb + # - nodered + # - grafana + - nginx diff --git a/iot/roles/grafana/defaults/main.yaml b/iot/roles/grafana/defaults/main.yaml new file mode 100644 index 0000000..f44e420 --- /dev/null +++ b/iot/roles/grafana/defaults/main.yaml @@ -0,0 +1,6 @@ +--- +# Default variables for Grafana role +grafana_user: "{{ ansible_user }}" +grafana_image: "grafana/grafana:latest" +grafana_directory: "/opt/grafana" +grafana_container: "grafana" diff --git a/iot/roles/grafana/tasks/main.yaml b/iot/roles/grafana/tasks/main.yaml new file mode 100644 index 0000000..abca84a --- /dev/null +++ b/iot/roles/grafana/tasks/main.yaml @@ -0,0 +1,41 @@ +--- +# Tasks for Grafana role +- getent: + database: passwd + key: "{{ grafana_user }}" + split: ":" + +- name: Pull Grafana image + docker_image: + name: "{{ grafana_image }}" + source: pull + force_source: yes + +- name: Ensure Grafana Directory exists + file: + path: "{{ grafana_directory }}" + state: directory + group: "{{ grafana_user }}" + owner: "{{ grafana_user }}" + mode: 0755 + +- name: Create Grafana container + docker_container: + name: "{{ grafana_container }}" + image: "{{ grafana_image }}" + state: started + restart_policy: "unless-stopped" + user: "{{ getent_passwd[grafana_user][1] }}:{{ getent_passwd[grafana_user][2] }}" + env: + GF_SERVER_ROOT_URL: "https://{{ http_host }}" + GF_INSTALL_PLUGINS: "grafana-clock-panel, grafana-simple-json-datasource, natel-discrete-panel, briangann-gauge-panel, vonage-status-panel, neocat-cal-heatmap-panel, natel-plotly-panel" + GF_AUTH_ANONYMOUS_ENABLED: "true" + GF_AUTH_ANONYMOUS_ORG_NAME: "Public" + GF_AUTH_ANONYMOUS_ORG_ROLE: "Viewer" + GF_AUTH_ANONYMOUS_HIDE_VERSION: "true" + links: + - "{{ influx_container }}:influx" + published_ports: + - 127.0.0.1:3005:3000 + volumes: + - "{{ grafana_directory }}:/var/lib/grafana" diff --git a/iot/roles/influxdb/defaults/main.yaml b/iot/roles/influxdb/defaults/main.yaml new file mode 100644 index 0000000..787f6a6 --- /dev/null +++ b/iot/roles/influxdb/defaults/main.yaml @@ -0,0 +1,6 @@ +--- +# Default variables for InfluxDB role +influx_user: "{{ ansible_user }}" +influx_image: "influxdb:latest" +influx_directory: "/var/lib/influxtestroledir" +influx_container: "influxtestrole" diff --git a/iot/roles/influxdb/tasks/main.yaml b/iot/roles/influxdb/tasks/main.yaml new file mode 100644 index 0000000..8225c20 --- /dev/null +++ b/iot/roles/influxdb/tasks/main.yaml @@ -0,0 +1,50 @@ +--- +# Tasks for InfluxDB role +- getent: + database: passwd + key: "{{ influx_user }}" + split: ":" + +- name: Pull InfluxDB image + docker_image: + name: "{{ influx_image }}" + source: pull + force_source: yes + +- name: Ensure Influx Directory exists + file: + path: "{{ influx_directory }}" + state: directory + group: "{{ influx_user }}" + owner: "{{ influx_user }}" + mode: 0755 + +- name: Ensure Influx Data Directory exists + file: + path: "{{ influx_directory }}/data" + state: directory + group: "{{ influx_user }}" + owner: "{{ influx_user }}" + mode: 0755 + +- name: Ensure Influx Config Directory exists + file: + path: "{{ influx_directory }}/config" + state: directory + group: "{{ influx_user }}" + owner: "{{ influx_user }}" + mode: 0755 + +- name: Create InfluxDB container + docker_container: + name: "{{ influx_container }}" + image: "{{ influx_image }}" + state: started + restart_policy: "unless-stopped" + user: "{{ getent_passwd[influx_user][1] }}:{{ getent_passwd[influx_user][2] }}" + published_ports: + - 127.0.0.1:8088:8086 + volumes: + - "{{ influx_directory }}/data:/var/lib/influxdb2" + - "{{ influx_directory }}/config:/etc/influxdb2" + diff --git a/iot/roles/mosquitto/defaults/main.yaml b/iot/roles/mosquitto/defaults/main.yaml new file mode 100644 index 0000000..e9ff8b6 --- /dev/null +++ b/iot/roles/mosquitto/defaults/main.yaml @@ -0,0 +1,6 @@ +--- +# Default variables for Mosquitto role +mosquitto_user: "{{ ansible_user }}" +mosquitto_image: "mosquitto:latest" +mosquitto_directory: "/opt/mosquitto" +mosquitto_container: "mosquitto" diff --git a/iot/roles/mosquitto/tasks/main.yaml b/iot/roles/mosquitto/tasks/main.yaml new file mode 100644 index 0000000..bf201c8 --- /dev/null +++ b/iot/roles/mosquitto/tasks/main.yaml @@ -0,0 +1,82 @@ +--- +# Tasks for Mosquitto role +- getent: + database: passwd + key: "{{ mosquitto_user }}" + split: ":" + +- name: Pull Mosquitto image + docker_image: + name: "{{ mosquitto_image }}" + source: pull + force_source: yes + +- name: Ensure Mosquitto Directory exists + file: + path: "{{ mosquitto_directory }}" + state: directory + group: 0 # "{{ mosquitto_user }}" + owner: 0 # "{{ mosquitto_user }}" + mode: 0755 + +- name: Ensure Mosquitto Config Directory exists + file: + path: "{{ mosquitto_directory }}/config" + state: directory + group: 0 # "{{ mosquitto_user }}" + owner: 0 # "{{ mosquitto_user }}" + mode: 0755 + +- name: Copy the Mosquitto conf file + template: + src: "files/mosquitto.conf" + dest: "{{ mosquitto_directory }}/config/mosquitto.conf" + group: 1883 # "{{ mosquitto_user }}" + owner: 1883 # "{{ mosquitto_user }}" + mode: 0646 + +# - name: Check if Mosquitto passwd file exists +# stat: path="{{ mosquitto_directory }}/config/passwd" +# register: status + +- name: Ensure Mosquitto passwd file exists + template: + src: "files/passwd" + dest: "{{ mosquitto_directory }}/config/passwd" + group: 1883 # "{{ mosquitto_user }}" + owner: 1883 # "{{ mosquitto_user }}" + mode: 0646 + +- name: Encrypt the docker file + command: docker exec -i mosquitto mosquitto_passwd -U /mosquitto/config/passwd + +- name: Ensure Mosquitto Log Directory exists + file: + path: "{{ mosquitto_directory }}/log" + state: directory + group: 0 # "{{ mosquitto_user }}" + owner: 0 # "{{ mosquitto_user }}" + mode: 0755 + +- name: Ensure Mosquitto log file exists + file: + path: "{{ mosquitto_directory }}/log/mosquitto.log" + state: touch + group: 0 # "{{ mosquitto_user }}" + owner: 0 # "{{ mosquitto_user }}" + mode: 0646 + +- name: Create Mosquitto container + docker_container: + name: "{{ mosquitto_container }}" + image: "{{ mosquitto_image }}" + state: started + restart_policy: "unless-stopped" + # user: 0:0 # "{{ getent_passwd[mosquitto_user][1] }}:{{ getent_passwd[mosquitto_user][2] }}" + published_ports: + - 127.0.0.1:9001:9001 + - 1883:1883 + volumes: + - "{{ mosquitto_directory }}/config:/mosquitto/config" + - "{{ mosquitto_directory }}/data:/mosquitto/data" + - "{{ mosquitto_directory }}/log:/mosquitto/log" diff --git a/iot/roles/nginx/defaults/main.yaml b/iot/roles/nginx/defaults/main.yaml new file mode 100644 index 0000000..85c5e6d --- /dev/null +++ b/iot/roles/nginx/defaults/main.yaml @@ -0,0 +1,2 @@ +--- +# Default variables for Nginx role diff --git a/iot/roles/nginx/handlers/main.yaml b/iot/roles/nginx/handlers/main.yaml new file mode 100644 index 0000000..622fd36 --- /dev/null +++ b/iot/roles/nginx/handlers/main.yaml @@ -0,0 +1,6 @@ +--- +# Handlers for Nginx role +- name: Reload Nginx + service: + name: nginx + state: reloaded diff --git a/iot/roles/nginx/tasks/main.yaml b/iot/roles/nginx/tasks/main.yaml new file mode 100644 index 0000000..4441fe7 --- /dev/null +++ b/iot/roles/nginx/tasks/main.yaml @@ -0,0 +1,24 @@ +--- +# Tasks for Nginx role +- name: Check if Nginx conf file exists + stat: + path: "/etc/nginx/sites-available/{{ http_conf }}" + register: status + +- name: No need to reload Nginx + debug: + msg: "No need to reload Nginx as sites-available entries have already been created" + +- name: Set Nginx conf file + when: status.stat.exists == false + template: + src: "files/nginx.conf.j2" + dest: "/etc/nginx/sites-available/{{ http_conf }}" + +- name: Enable new site + when: status.stat.exists == false + file: + src: "/etc/nginx/sites-available/{{ http_conf }}" + dest: "/etc/nginx/sites-enabled/{{ http_conf }}" + state: link + notify: Reload Nginx diff --git a/iot/roles/nodered/defaults/main.yaml b/iot/roles/nodered/defaults/main.yaml new file mode 100644 index 0000000..aa226cc --- /dev/null +++ b/iot/roles/nodered/defaults/main.yaml @@ -0,0 +1,6 @@ +--- +# Default variables for Node-RED role +nodered_user: "{{ ansible_user }}" +nodered_image: "nodered/node-red:latest" +nodered_directory: "/opt/nodered" +nodered_container: "nodered" diff --git a/iot/roles/nodered/tasks/main.yaml b/iot/roles/nodered/tasks/main.yaml new file mode 100644 index 0000000..a3a33b5 --- /dev/null +++ b/iot/roles/nodered/tasks/main.yaml @@ -0,0 +1,37 @@ +--- +- getent: + database: passwd + key: "{{ nodered_user }}" + split: ":" + +# Tasks for Node-RED role +- name: Pull Node Red image + docker_image: + name: "{{ nodered_image }}" + source: pull + force_source: yes + +- name: Ensure Node Red Directory exists + file: + path: "{{ nodered_directory }}" + state: directory + group: "{{ nodered_user }}" + owner: "{{ nodered_user }}" + mode: 0755 + +- name: Create Node Red container + docker_container: + name: "{{ nodered_container }}" + image: "{{ nodered_image }}" + state: started + restart_policy: "unless-stopped" + user: "{{ getent_passwd[nodered_user][1] }}:{{ getent_passwd[nodered_user][2] }}" + env: + TZ: "Asia/Kolkata" + links: + - "{{ mosquitto_container }}:mqtt" + - "{{ influx_container }}:influx" + published_ports: + - 127.0.0.1:1880:1880 + volumes: + - "{{ nodered_directory }}:/data" diff --git a/iot/vars/default.yml b/iot/vars/default.yml index 36e9d7f..407319d 100644 --- a/iot/vars/default.yml +++ b/iot/vars/default.yml @@ -1,24 +1,27 @@ --- -host_directory: /var/lib/iot +host_directory: /var/lib +user: 'www-data' -mqtt_container: mosquitto -mqtt_image: eclipse-mosquitto:latest -mqtt_directory: "{{ host_directory }}/mosquitto" +mosquitto_container: mosquitto +mosquitto_image: eclipse-mosquitto:latest +mosquitto_directory: "{{ host_directory }}/mosquitto" +mosquitto_user: 'root' nodered_container: nodered nodered_image: nodered/node-red:latest nodered_directory: "{{ host_directory }}/nodered" +nodered_user: "{{ user }}" -influx_container: influxdb +influx_container: influxtestplay influx_image: influxdb:latest -influx_directory: "{{ host_directory }}/influx" +influx_directory: "{{ host_directory }}/influxtestplaydir" +influx_user: "{{ user }}" grafana_container: grafana grafana_image: grafana/grafana-enterprise:latest grafana_directory: "{{ host_directory }}/grafana" +grafana_user: "{{ user }}" http_host: "iot.tanshu.com" http_conf: "iot.tanshu.com.conf" -user: 'www-data' -mqtt_user: 'root' \ No newline at end of file