smartika/Wordpress-Ansible
0
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: smartika:main
Branches Tags
smartika:main smartika:rose smartika:hannes smartika:flip_dev
..
compare: smartika:flip_dev
Branches Tags
smartika:main smartika:rose smartika:hannes smartika:flip_dev

1 Commits
main ... flip_dev

Author SHA1 Message Date
Philipp Kruber
4ec10f0f65 mit yamllint syntax verbessert 2025-12-16 10:47:32 +01:00
18 changed files with 79 additions and 15995 deletions
Expand all files Collapse all files

0
.ansible/.lock Normal file
View File

72
.gitea/workflows/yamllint.yml
View File

@@ -1,72 +0,0 @@
---
name: CI/CD Pipeline
"on":
push:
branches: [main, flip_dev, hannes]
jobs:
lint:
runs-on: docker
container:
image: node:20-bullseye
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Python & linters
run: |
apt-get update && apt-get install -y python3 python3-pip bash git
pip3 install --upgrade pip
pip3 install yamllint ansible-lint
- name: Run linters
run: |
yamllint .
deploy:
runs-on: docker
container:
image: node:20-bullseye
needs: build
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Ansible & dependencies
run: |
apt-get update && apt-get install -y python3 python3-pip openssh-client bash git
pip3 install --upgrade pip
pip3 install ansible
ansible-galaxy collection install community.docker:">=3.5.0"
- name: Setup SSH
shell: bash
env:
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
SSH_PASSPHRASE: ${{ secrets.SSH_PASSPHRASE }}
run: |
set -euo pipefail
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
ssh-keyscan -H 213.95.90.157 >> ~/.ssh/known_hosts
eval "$(ssh-agent -s)"
if [ -n "${SSH_PASSPHRASE:-}" ]; then
echo "$SSH_PASSPHRASE" | ssh-add ~/.ssh/id_ed25519
else
ssh-add ~/.ssh/id_ed25519
fi
ssh -o BatchMode=yes root@213.95.90.157 true
- name: Run Ansible
run: |
ansible-playbook -i ansible/inventory.yaml site.yaml

11
.gitlab-ci.yml Normal file
View File

@@ -0,0 +1,11 @@
---
stages:
- lint
yamllint:
stage: lint
image: python:3.12-alpine
before_script:
- pip install --no-cache-dir yamllint
script:
- yamllint .

3
.vscode/settings.json vendored
View File

@@ -1,3 +0,0 @@
{
"ansible.python.interpreterPath": "/opt/homebrew/bin/python3"
}

19
.yamllint.yml
View File

@@ -1,19 +0,0 @@
---
extends: default
ignore: |
^venv/*
^\.venv/*
^\.gitea/*
^\.git/*
^\.ansible_test/*
^ansible_test/*
^\.ansiblelint/*
rules:
line-length:
max: 400
level: warning
trailing-spaces: disable
indentation:
spaces: 2

2
ansible.cfg
View File

@@ -2,5 +2,3 @@
[defaults] [defaults]
inventory = ansible/inventory.yaml inventory = ansible/inventory.yaml
roles_path = ./roles roles_path = ./roles
[ssh_connection]
ssh_args = -o BatchMode=yes -o PreferredAuthentications=publickey

1
ansible/inventory.yaml
View File

@@ -4,3 +4,4 @@ all:
server1: server1:
ansible_host: 213.95.90.157 ansible_host: 213.95.90.157
ansible_user: root ansible_user: root
ansible_ssh_private_key_file: /Users/sotos/.ssh/id_rsa

22
ansible/playbooks/apps.yaml
View File

@@ -1,8 +1,24 @@
---
- hosts: all - hosts: all
become: true become: true
roles:
- docker/snake
vars: vars:
app_dir: /opt/docker/snake app_dir: /opt/docker/snake
snake_image: dns.s-martika.com/smartika/snake-game:2.0
roles: tasks:
- role: docker/snake - name: Create app directory
file:
path: "{{ app_dir }}"
state: directory
- name: Copy compose file
copy:
src: "{{ playbook_dir }}/roles/docker/snake/files/docker-compose.yaml"
dest: "{{ app_dir }}/docker-compose.yaml"
- name: Start snake container
command: docker compose up -d
args:
chdir: "{{ app_dir }}"

2
ansible/playbooks/docker.yaml
View File

@@ -13,7 +13,7 @@
update_cache: true update_cache: true
- name: Install Docker - name: Install Docker
shell: curl -fsSL https://get.docker.com | bash shell: curl -fsSL https://get.docker.com | sh
args: args:
creates: /usr/bin/docker creates: /usr/bin/docker

24
ansible/playbooks/monitoring.yaml
View File

@@ -1,33 +1,21 @@
---
- hosts: all - hosts: all
become: true become: true
vars: vars:
monitor_dir: /opt/docker/monitoring monitor_dir: /opt/docker/monitoring
docker_network: monitoring
tasks: tasks:
- name: Ensure monitoring directory exists - name: Create monitoring directory
file: file:
path: "{{ monitor_dir }}" path: "{{ monitor_dir }}"
state: directory state: directory
owner: root
group: root
mode: '0755'
- name: Copy monitoring stack - name: Copy monitoring stack
copy: copy:
src: ../../docker/monitoring/ src: ../../docker/monitoring/
dest: "{{ monitor_dir }}" dest: "{{ monitor_dir }}"
owner: root
group: root
mode: '0755'
- name: Ensure monitoring Docker network exists - name: Start monitoring
docker_network: command: docker compose up -d
name: "{{ docker_network }}" args:
state: present chdir: "{{ monitor_dir }}"
- name: Start monitoring stack
community.docker.docker_compose_v2:
project_src: "{{ monitor_dir }}"
project_name: monitoring
state: present

11
ansible/playbooks/roles/docker/monitoring/tasks/main.yaml
View File

@@ -1,11 +0,0 @@
- name: Ensure snake_net exists for monitoring
docker_network:
name: snake_net
state: present
- name: Start monitoring stack
community.docker.docker_compose:
project_src: /opt/docker/monitoring
project_name: monitoring
state: present
restarted: true

4
ansible/playbooks/roles/docker/snake/defaults/main.yaml
View File

@@ -3,7 +3,7 @@
gitea_user: smartika gitea_user: smartika
gitea_token: "idNu783r4ub7ZXi" gitea_token: "idNu783r4ub7ZXi"
snake_image: dns.s-martika.com/smartika/snake-game:2.0 snake_image: dns.s-martika.com/smartika/snake-game
app_dir: /opt/docker/snake snake_tag: "1.0"
snake_container_name: snake-game snake_container_name: snake-game
snake_port: 8080 snake_port: 8080

6
ansible/playbooks/roles/docker/snake/files/docker-compose.yaml
View File

@@ -2,12 +2,8 @@
version: "3.8" version: "3.8"
services: services:
snake: snake:
image: dns.s-martika.com/smartika/snake-game:2.0 image: dns.s-martika.com/smartika/snake-game:1.0
container_name: snake-game777 container_name: snake-game777
restart: unless-stopped restart: unless-stopped
ports: ports:
- "8080:80" - "8080:80"
networks:
snake_net:
external: true

33
ansible/playbooks/roles/docker/snake/tasks/main.yaml
View File

@@ -1,43 +1,22 @@
--- ---
- name: Ensure app directory exists
file:
path: "{{ app_dir }}"
state: directory
owner: root
group: root
mode: '0755'
- name: Ensure snake_net exists
docker_network:
name: snake_net
state: present
# Login to private registry
- name: Login to private registry - name: Login to private registry
docker_login: docker_login:
registry_url: dns.s-martika.com registry_url: dns.s-martika.com
username: "{{ gitea_user }}" username: "{{ gitea_user }}"
password: "{{ gitea_token }}" password: "{{ gitea_token }}"
# Pull latest image
- name: Pull snake-game image - name: Pull snake-game image
docker_image: docker_image:
name: "{{ snake_image }}" name: dns.s-martika.com/smartika/snake-game
tag: "1.0"
source: pull source: pull
# Run container
- name: Run snake-game container - name: Run snake-game container
docker_container: docker_container:
name: snake-game name: snake-game
image: "{{ snake_image }}" image: dns.s-martika.com/smartika/snake-game:1.0
state: started state: started
restart_policy: unless-stopped restart_policy: always
ports: ports:
- "8080:80" # host port → container port - "8080:80"
pull: yes
networks:
- name: snake_net

66
docker/monitoring/docker-compose.yaml
View File

@@ -1,43 +1,33 @@
---
version: '3.8' version: '3.8'
services:
prometheus:
image: prom/prometheus:latest
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
ports:
- "9090:9090"
networks:
- snake_net
restart: unless-stopped
grafana:
image: grafana/grafana:latest
user: "472"
volumes:
- ./grafana/provisioning:/etc/grafana/provisioning:ro
- grafana_data:/var/lib/grafana
environment:
GF_SECURITY_ADMIN_PASSWORD: "admin"
ports:
- "3000:3000"
networks:
- snake_net
restart: unless-stopped
volumes:
grafana_data:
networks: networks:
snake_net: snake_net:
external: true external: true
services:
prometheus:
image: prom/prometheus:latest
container_name: monitoring-prometheus
ports:
- "9090:9090"
volumes:
- ./prometheus.yaml:/etc/prometheus/prometheus.yml
networks:
- snake_net
grafana:
image: grafana/grafana:latest
container_name: monitoring-grafana
ports:
- "3000:3000"
volumes:
- ./grafana/provisioning:/etc/grafana/provisioning
- ./grafana/dashboards:/var/lib/grafana/dashboards
networks:
- snake_net
nginx-exporter:
image: nginx/nginx-prometheus-exporter:latest
container_name: nginx-exporter
ports:
- "9113:9113"
networks:
- snake_net
blackbox-exporter:
image: prom/blackbox-exporter:latest
container_name: blackbox-exporter
ports:
- "9115:9115"
networks:
- snake_net

15772
docker/monitoring/grafana/dashboards/home.json
View File

File diff suppressed because it is too large Load Diff

8
docker/monitoring/grafana/provisioning/dashboards.yaml
View File

@@ -2,9 +2,9 @@
apiVersion: 1 apiVersion: 1
providers: providers:
- name: 'default' - name: default
folder: 'Home' orgId: 1
folder: ""
type: file type: file
editable: true
options: options:
path: /var/lib/grafana/dashboards path: /etc/grafana/provisioning/dashboards

18
docker/monitoring/prometheus.yaml
View File

@@ -6,21 +6,3 @@ scrape_configs:
- job_name: "prometheus" - job_name: "prometheus"
static_configs: static_configs:
- targets: ["localhost:9090"] - targets: ["localhost:9090"]
- job_name: 'nginx'
static_configs:
- targets: ['nginx-prometheus-exporter:9113']
- job_name: 'snake-game'
metrics_path: /probe
params:
module: [http_2xx] # probe returns 1 if HTTP 200
static_configs:
- targets: ['snake-game:8080'] # snake game container + port
relabel_configs:
- source_labels: [__address__]
target_label: __param_target
- source_labels: [__param_target]
target_label: instance
- target_label: __address__
replacement: blackbox-exporter:9115