LiamPietralla/code-snippets
1
0
Fork 0
Code Pull Requests Actions Packages Activity

initial commit
Some checks failed
Build, Test & Publish / Build and Publish Container Image (push) Has been cancelled
Details
Build, Test & Publish / Deploy to Infrastructure (push) Has been cancelled
Details
Build, Test & Publish / Build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Liam Pietralla
2024-09-05 13:54:08 +10:00
commit 8ad5845efc
57 changed files with 6046 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
docs/ansible/certbot-ssl.md Normal file
View File

@ -0,0 +1,59 @@
# Configuring Certbot SSL with Ansible (and Nginx)
## Overview
This is a simple playbook to setup and configure certbot SSL certificates on a server. This is really useful for getting SSL certificates installed on servers before running a workload.
## Pre-requisites
You will need ansible already installed on your machine and a ansible inventory file, check out the sample below:
```yml
playbook-hosts:
hosts:
host1:
ansible_host: <ip-address>
```
This playbook also assumes that you have a user with sudo privileges on the remote machine, and you can use ssh keys to authenticate.
## The playbook
The playbook to install and then run certbot is below:
```yml
---
- name: Install and Run Certbot
hosts: playbook-hosts
remote_user: root # or whatever user you have
become: yes # sudo
tasks:
vars:
ssl_email: <email-address>
domain_list: <domain-name> # comma separated list of domains (e.g. example.com,www.example.com)
tasks:
- name: Install certbot
apt:
pkg:
- certbot
- python3-certbot-nginx
state: latest
update_cache: true
- name: Run certbot to get SSL certificate
shell: certbot --nginx --non-interactive --agree-tos --email {{ ssl_email }} --domains {{ domain_list }}
- name: Restart nginx
service:
name: nginx
state: restarted
enabled: yes
```
## Running the playbook
To run the playbook, you can use the following command:
```bash
ansible-playbook -i <inventory-file> <playbook-name> --private-key <ssh-key>
```

5
docs/ansible/index.md Normal file
View File

@ -0,0 +1,5 @@
# Ansible Snippets and Musings
#### [Installing Docker](./installing-docker.md)
#### [Install and Configure Certbot for SSL](./certbot-ssl.md)
#### [Waiting for Servers to be Provisioned and Ready](./server-wait.md)

83
docs/ansible/installing-docker.md Normal file
View File

@ -0,0 +1,83 @@
# Installing Docker on Servers With Ansible
## Overview
This is a simple playbook to install Docker on a server. This is really useful for getting docker installed on servers before running a dockerised workload.
## Pre-requisites
You will need ansible already installed on your machine and a ansible inventory file, check out the sample below:
```yml
playbook-hosts:
hosts:
host1:
ansible_host: <ip-address>
```
This playbook also assumes that you have a user with sudo privileges on the remote machine, and you can use ssh keys to authenticate.
## The playbook
The playbook to install docker is below:
```yml
---
- name: Install Docker
hosts: playbook-hosts
remote_user: root # or whatever user you have
become: yes # sudo
tasks:
- name: Install aptitude
apt:
name: aptitude
state: latest
update_cache: true
- name: Install required system packages
apt:
pkg:
- apt-transport-https
- ca-certificates
- curl
- software-properties-common
- python3-pip
- virtualenv
- python3-setuptools
state: latest
update_cache: true
- name: Add Docker GPG apt Key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add Docker Repository
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu jammy stable
state: present
- name: Update apt and install docker-ce
apt:
name: docker-ce
state: latest
update_cache: true
- name: Install Docker Module for Python
pip:
name: docker
```
::: tip
Apitude is used to install the packages as it is more reliable than apt-get, and also preferred by Ansible.
:::
## Running the playbook
To run the playbook, you can use the following command:
```bash
ansible-playbook -i <inventory-file> <playbook-name> --private-key <ssh-key>
```

42
docs/ansible/server-wait.md Normal file
View File

@ -0,0 +1,42 @@
# Waiting for Servers to be Provisioned and Ready
## Overview
Often when working with automated deployments you will want to wait for your servers to be provisioned and ready before running your Ansible playbook. This is a simple bash script you can run before your Ansible playbook to wait for your servers to be ready.
## The Script
The script below assumes a few things, namely:
* You have a private key file called `private.key` in the root directory of your project
* You have a terraform directory in the root of your project
* You have two IP address outputs in your terraform called `server-1-ip-address` and `server-2-ip-address`
```bash [wait-for-servers.sh]
# Simple script to wait till all the servers are up and running (e.g. not setting up)
echo 'Trying SSH to new instances, checking cloud-init status... (It will say "Connection refused" until it is ready.)'
# 6 retries x 5 seconds each = maximum approx 30 seconds to wait for SSH, then bail.
check_instances() {
echo now checking...
ssh root@"$server_1_ip" -o StrictHostKeyChecking=no -i private.key cloud-init status -w
ssh root@"$server_2_ip" -o StrictHostKeyChecking=no -i private.key cloud-init status -w
}
echo getting hostnames...
# Navigate to terraform directory
cd terraform
server_1_ip="$(terraform output -raw server-1-ip-address)"
server_2_ip="$(terraform output -raw server-2-ip-address)"
# Navigate back to root directory
cd ..
timeout=6
stopwatch=0
until check_instances; do
stopwatch=$((stopwatch+1))
if [[ $stopwatch -ge $timeout ]]; then echo Error: Timed out waiting for instance; exit -1; fi
sleep 5
done
```