Commit 220997a6 authored by Tharyrok's avatar Tharyrok
Browse files

Feature/init

parent 005bae16
warn_list: # or 'skip_list' to silence them completely
- '204' # Lines should be no longer than 160 chars
- '505' # referenced files must exist
# Created by https://www.toptal.com/developers/gitignore/api/visualstudiocode,intellij+all,virtualenv
# Edit at https://www.toptal.com/developers/gitignore?templates=visualstudiocode,intellij+all,virtualenv,ansible
### Intellij+all ###
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff
.idea/**/workspace.xml
.idea/**/tasks.xml
.idea/**/usage.statistics.xml
.idea/**/dictionaries
.idea/**/shelf
# Generated files
.idea/**/contentModel.xml
# Sensitive or high-churn files
.idea/**/dataSources/
.idea/**/dataSources.ids
.idea/**/dataSources.local.xml
.idea/**/sqlDataSources.xml
.idea/**/dynamic.xml
.idea/**/uiDesigner.xml
.idea/**/dbnavigator.xml
# Gradle
.idea/**/gradle.xml
.idea/**/libraries
# Gradle and Maven with auto-import
# When using Gradle or Maven with auto-import, you should exclude module files,
# since they will be recreated, and may cause churn. Uncomment if using
# auto-import.
# .idea/artifacts
# .idea/compiler.xml
# .idea/jarRepositories.xml
# .idea/modules.xml
# .idea/*.iml
# .idea/modules
# *.iml
# *.ipr
# CMake
cmake-build-*/
# Mongo Explorer plugin
.idea/**/mongoSettings.xml
# File-based project format
*.iws
# IntelliJ
out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
atlassian-ide-plugin.xml
# Cursive Clojure plugin
.idea/replstate.xml
# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties
# Editor-based Rest Client
.idea/httpRequests
# Android studio 3.1+ serialized cache file
.idea/caches/build_file_checksums.ser
### Intellij+all Patch ###
# Ignores the whole .idea folder and all .iml files
# See https://github.com/joeblau/gitignore.io/issues/186 and https://github.com/joeblau/gitignore.io/issues/360
.idea/
# Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-249601023
*.iml
modules.xml
.idea/misc.xml
*.ipr
# Sonarlint plugin
.idea/sonarlint
### VirtualEnv ###
# Virtualenv
# http://iamzed.com/2009/05/07/a-primer-on-virtualenv/
.Python
[Bb]in
[Ii]nclude
[Ll]ib
[Ll]ib64
[Ll]ocal
[Ss]cripts
pyvenv.cfg
.venv
pip-selfcheck.json
### VisualStudioCode ###
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
*.code-workspace
### VisualStudioCode Patch ###
# Ignore all local history of files
.history
### Ansible ###
*.retry
# End of https://www.toptal.com/developers/gitignore/api/visualstudiocode,intellij+all,virtualenv,ansible
.vagrant/
src/
ansible/playbook-debug.yml
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.2.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-merge-conflict
- id: check-added-large-files
- id: no-commit-to-branch
args: [--pattern, '^(?!((feature|feat)\/[a-zA-Z0-9\-]+)$).*']
- repo: https://github.com/ansible/ansible-lint.git
rev: v4.3.5
hooks:
- id: ansible-lint
files: \.(yaml|yml)$
- repo: https://github.com/macisamuele/language-formatters-pre-commit-hooks
rev: v1.5.0
hooks:
- id: pretty-format-yaml
args: [--autofix, --indent, '2']
# encoding: utf-8
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vbguest.auto_update = true
config.vm.synced_folder ".", "/vagrant", type: "nfs", mount_options: ['ro', 'vers=3', 'tcp', 'fsc' ,'actimeo=2']
config.vm.provider "virtualbox" do |v|
v.memory = 1024
v.cpus = 4
end
config.vm.define 'ketupa-backend', primary: true do |node|
node.vm.box = "generic/debian10"
node.vm.hostname = 'backend.ketupa.vagrant.neutri.net'
node.vm.network :private_network, ip: '192.168.33.10'
node.hostsupdater.aliases = [
"ipam.backend.ketupa.neutirnet.be",
"certificates.backend.ketupa.neutirnet.be",
"stats.backend.ketupa.neutirnet.be",
"ketupa.neutirnet.be",
"api.ketupa.neutirnet.be",
"docs.ketupa.neutirnet.be"
]
node.vm.synced_folder "src/", "/home/vagrant/src", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'fsc' ,'actimeo=2']
end
config.vm.define 'ketupa-client', primary: false, autostart: false do |node|
node.vm.box = "generic/debian10"
node.vm.hostname = 'client.ketupa.vagrant.neutri.net'
node.vm.network :private_network, ip: '192.168.33.11'
end
config.vm.provision "ansible_local" do |ansible|
ansible.config_file = "/vagrant/ansible/ansible.cfg"
ansible.playbook = "ansible/playbook-ketupa.yml"
ansible.compatibility_mode = "2.0"
end
end
[defaults]
roles_path = /vagrant/ansible/roles:/vagrant/ansible/projetcs
retry_files_enabled = False
host_key_checking = False
interpreter_python = auto_silent
- name: restart chronyd
service: name=chronyd state=restarted
- name: update cache apt
apt: update_cache=yes cache_valid_time=3600
- name: restart opensmtpd
service: name=opensmtpd state=restarted
- name: restart haproxy
debug: msg="checking config first"
changed_when: true
notify:
- check haproxy configuration
- restart haproxy - after config check
- name: check haproxy configuration
command: /usr/sbin/haproxy -c -V -f /etc/haproxy/haproxy.cfg
register: result
changed_when: result.rc != 0
check_mode: no
- name: restart haproxy - after config check
service: name=haproxy state=restarted
- name: restart mysql
service: name=mysql state=restarted
- name: restart nginx
debug: msg="checking config first"
changed_when: true
notify:
- check nginx configuration
- restart nginx - after config check
- name: check nginx configuration
command: /usr/sbin/nginx -t -c /etc/nginx/nginx.conf
register: result
changed_when: result.rc != 0
check_mode: no
- name: restart nginx - after config check
service: name=nginx state=restarted
- name: restart php5.6-fpm
service: name=php5.6-fpm state=restarted
- name: restart php7.3-fpm
service: name=php7.3-fpm state=restarted
- name: restart php7.4-fpm
service: name=php7.4-fpm state=restarted
- name: update ca-certificates
command: /usr/sbin/update-ca-certificates
- name: restart gatekeeper@gp-frontend
service: name=gatekeeper@gp-frontend state=started enabled=yes
hosts:
- {name: backend.ketupa.vagrant.neutri.net, ip: 192.168.33.10}
- {name: ipam.backend.ketupa.neutirnet.be, ip: 192.168.33.10}
- {name: certificates.backend.ketupa.neutirnet.be, ip: 192.168.33.10}
- {name: stats.backend.ketupa.neutirnet.be, ip: 192.168.33.10}
- {name: api.ketupa.neutirnet.be, ip: 192.168.33.10}
- {name: docs.ketupa.neutirnet.be, ip: 192.168.33.10}
- {name: ketupa.neutirnet.be, ip: 192.168.33.10}
tailon:
- /var/log/nginx/*
- /var/log/haproxy.log
- hosts: all
gather_facts: yes
become: true
handlers:
- name: Import handlers
import_tasks: global_handlers.yml
pre_tasks:
- name: refresh cache apt
apt: update_cache=yes
- name: Update all packages to the latest version
apt: upgrade=dist
roles:
- commun
tasks:
- include_role: name=nginx
when: inventory_hostname in ['ketupa-backend']
- include_role: name=php_7_4
when: inventory_hostname in ['ketupa-backend']
- include_role: name=composer
when: inventory_hostname in ['ketupa-backend']
- include_role: name=python
when: inventory_hostname in ['ketupa-backend']
- include_role: name=postgresql
when: ansible_fqdn in ['backend.ketupa.vagrant.neutri.net']
- include_role: name=backend-certificates
when: inventory_hostname in ['ketupa-backend']
- include_role: name=backend-ipam
when: inventory_hostname in ['ketupa-backend']
- include_role: name=backend-stats
when: inventory_hostname in ['ketupa-backend']
[certificates-backend-ketupa-neutirnet-be]
listen = /var/run/php-certificates-backend-ketupa-neutirnet-be.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
user = vagrant
group = vagrant
pm = ondemand
pm.max_children = 5
pm.process_idle_timeout = 10s
pm.max_requests = 500
env[HOSTNAME] = $HOSTNAME
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_admin_value[memory_limit] = 256M
php_flag[display_errors] = on
php_admin_value[date.timezone] = Etc/UTC
php_admin_value[max_execution_time] = 900
env[APP_ENV] = "dev"
server {
listen 80;
listen [::]:80;
server_name certificates.backend.ketupa.neutirnet.be;
root /home/vagrant/src/backend/certificates/public;
access_log /var/log/nginx/certificates-backend-ketupa-neutirnet-be-access.log main;
error_log /var/log/nginx/certificates-backend-ketupa-neutirnet-be-error.log;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-certificates-backend-ketupa-neutirnet-be.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 900;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
expires 7d;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
include '/etc/nginx/errors/generic-error.conf';
}
- name: Composer install
composer:
command: install
working_dir: /home/vagrant/src/backend/certificates
executable: /usr/bin/php7.4
no_dev: no
become_user: vagrant
- name: copy virtualhost php
copy: src=certificates-backend-ketupa-neutirnet-be.conf dest=/etc/php/7.4/fpm/pool.d/certificates-backend-ketupa-neutirnet-be.conf owner=root group=root mode="u+rw,g+r,o+r"
notify: restart php7.4-fpm
- name: copy virtualhost nginx
copy: src=certificates-backend-ketupa-neutirnet-be.nginx dest=/etc/nginx/sites-available/certificates-backend-ketupa-neutirnet-be owner=root group=root mode="u+rw,g+r,o+r"
notify: restart nginx
- name: enable virtualhost nginx
file: dest=/etc/nginx/sites-enabled/certificates-backend-ketupa-neutirnet-be src=/etc/nginx/sites-available/certificates-backend-ketupa-neutirnet-be state=link
notify: restart nginx
[ipam-backend-ketupa-neutirnet-be]
listen = /var/run/php-ipam-backend-ketupa-neutirnet-be.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
user = vagrant
group = vagrant
pm = ondemand
pm.max_children = 5
pm.process_idle_timeout = 10s
pm.max_requests = 500
env[HOSTNAME] = $HOSTNAME
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_admin_value[memory_limit] = 256M
php_flag[display_errors] = on
php_admin_value[date.timezone] = Etc/UTC
php_admin_value[max_execution_time] = 900
env[APP_ENV] = "dev"
server {
listen 80;
listen [::]:80;
server_name ipam.backend.ketupa.neutirnet.be;
root /home/vagrant/src/backend/ipam/public;
access_log /var/log/nginx/ipam-backend-ketupa-neutirnet-be-access.log main;
error_log /var/log/nginx/ipam-backend-ketupa-neutirnet-be-error.log;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-ipam-backend-ketupa-neutirnet-be.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 900;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
expires 7d;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
include '/etc/nginx/errors/generic-error.conf';
}
- name: Composer install
composer:
command: install
working_dir: /home/vagrant/src/backend/ipam
executable: /usr/bin/php7.4
no_dev: no
become_user: vagrant
- name: copy virtualhost php
copy: src=ipam-backend-ketupa-neutirnet-be.conf dest=/etc/php/7.4/fpm/pool.d/ipam-backend-ketupa-neutirnet-be.conf owner=root group=root mode="u+rw,g+r,o+r"
notify: restart php7.4-fpm
- name: copy virtualhost nginx
copy: src=ipam-backend-ketupa-neutirnet-be.nginx dest=/etc/nginx/sites-available/ipam-backend-ketupa-neutirnet-be owner=root group=root mode="u+rw,g+r,o+r"
notify: restart nginx
- name: enable virtualhost nginx
file: dest=/etc/nginx/sites-enabled/ipam-backend-ketupa-neutirnet-be src=/etc/nginx/sites-available/ipam-backend-ketupa-neutirnet-be state=link
notify: restart nginx
[stats-backend-ketupa-neutirnet-be]
listen = /var/run/php-stats-backend-ketupa-neutirnet-be.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0660
user = vagrant
group = vagrant
pm = ondemand
pm.max_children = 5
pm.process_idle_timeout = 10s
pm.max_requests = 500
env[HOSTNAME] = $HOSTNAME
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
php_admin_value[memory_limit] = 256M
php_flag[display_errors] = on
php_admin_value[date.timezone] = Etc/UTC
php_admin_value[max_execution_time] = 900
env[APP_ENV] = "dev"
server {
listen 80;
listen [::]:80;
server_name stats.backend.ketupa.neutirnet.be;
root /home/vagrant/src/backend/stats/public;
access_log /var/log/nginx/stats-backend-ketupa-neutirnet-be-access.log main;
error_log /var/log/nginx/stats-backend-ketupa-neutirnet-be-error.log;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-stats-backend-ketupa-neutirnet-be.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 900;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
expires 7d;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
include '/etc/nginx/errors/generic-error.conf';
}
- name: Composer install
composer:
command: install
working_dir: /home/vagrant/src/backend/stats
executable: /usr/bin/php7.4
no_dev: no
become_user: vagrant
- name: copy virtualhost php
copy: src=stats-backend-ketupa-neutirnet-be.conf dest=/etc/php/7.4/fpm/pool.d/stats-backend-ketupa-neutirnet-be.conf owner=root group=root mode="u+rw,g+r,o+r"
notify: restart php7.4-fpm
- name: copy virtualhost nginx
copy: src=stats-backend-ketupa-neutirnet-be.nginx dest=/etc/nginx/sites-available/stats-backend-ketupa-neutirnet-be owner=root group=root mode="u+rw,g+r,o+r"
notify: restart nginx
- name: enable virtualhost nginx
file: dest=/etc/nginx/sites-enabled/stats-backend-ketupa-neutirnet-be src=/etc/nginx/sites-available/stats-backend-ketupa-neutirnet-be state=link
notify: restart nginx