Roles: add service-domain-director

2019-03-06 17:16:34 +01:00 · 2019-03-06 17:16:34 +01:00 · c6be99258b
commit c6be99258b
parent 9b4dec1cf6
10 changed files with 33674 additions and 0 deletions
--- a/roles/service-domain-director/README.md
+++ b/roles/service-domain-director/README.md
@ -0,0 +1,13 @@
+# Ansible role service-domain-director
+
+Diese Ansible role installiert den Domain Director und legt den nginx vHost an.
+
+- installiert das pip Paket `grafana`
+- schreibt config.yml
+- schreibt domain.geojson
+- schreibt domain-director.service
+- aktiviert die systemd unit `domain-director.service`
+
+## Benötigte Variablen
+- Variable `http_director_internal` (Rollen Variable)
+- Variable `http_director_prefix` # string: Subdomain
--- a/roles/service-domain-director/defaults/main.yml
+++ b/roles/service-domain-director/defaults/main.yml
@ -0,0 +1,2 @@
+---
+http_director_prefix: "director"
--- a/roles/service-domain-director/files/domains.geojson
+++ b/roles/service-domain-director/files/domains.geojson
--- a/roles/service-domain-director/handlers/main.yml
+++ b/roles/service-domain-director/handlers/main.yml
@ -0,0 +1,14 @@
+---
+- name: reload systemd
+  systemd:
+    daemon_reload: yes
+
+- name: restart domain-director
+  systemd:
+    name: domain-director
+    state: restarted
+
+- name: restart nginx
+  systemd:
+    name: nginx
+    state: restarted
--- a/roles/service-domain-director/meta/main.yml
+++ b/roles/service-domain-director/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - { role: service-nginx }
--- a/roles/service-domain-director/tasks/main.yml
+++ b/roles/service-domain-director/tasks/main.yml
@ -0,0 +1,72 @@
+---
+- name: install dep libgeos-dev
+  package:
+    name: libgeos-dev
+    state: present
+
+- name: create system user
+  user:
+    name: "{{ director_user }}"
+    home: "{{ director_data_dir }}"
+    shell: /bin/false
+
+- name: create conf dir
+  file:
+    path: "{{ director_conf_dir }}"
+    state: directory
+    owner: "root"
+    group: "{{ director_user }}"
+    mode: 0755
+
+- name: create data dir
+  file:
+    path: "{{ director_data_dir }}"
+    state: directory
+    owner: "{{ director_user }}"
+    group: "{{ director_user }}"
+    mode: 0755
+
+- name: copy config.yml
+  template:
+    src: config.yml.j2
+    dest: "{{ director_conf_dir }}/config.yml"
+    owner: "root"
+    group: "{{ director_user }}"
+    mode: 0640
+  notify: restart domain-director
+
+- name: copy domains.geojson
+  copy:
+    src: domains.geojson
+    dest: "{{ director_conf_dir }}/domains.geojson"
+    owner: "root"
+    group: "{{ director_user }}"
+    mode: 0644
+  notify: restart domain-director
+
+- name: create systemd unit
+  template:
+    src: "domain-director.service.j2"
+    dest: "/etc/systemd/system/domain-director.service"
+  notify: reload systemd
+
+- name: install
+  pip:
+    name: git+https://github.com/freifunk-darmstadt/ffda-domain-director.git
+    executable: pip3
+  notify: restart domain-director
+
+- name: write vhost
+  template:
+    src: domain_director_vhost.conf.j2
+    dest: /etc/nginx/conf.d/domain_director.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart nginx
+
+- name: enable systemd unit
+  systemd:
+    name: domain-director
+    enabled: yes
+    state: started
--- a/roles/service-domain-director/templates/config.yml.j2
+++ b/roles/service-domain-director/templates/config.yml.j2
@ -0,0 +1,23 @@
+# listening socket
+host: "::1"
+port: 28530
+
+# data paths
+sqlite_path: "{{ director_data_dir }}/director.db"
+
+# mozilla location services
+mls_api_key: "test"
+
+# domain config
+geojson: "{{ director_conf_dir }}/domains.geojson"
+default_domain: ffmz
+
+# how often to update from meshviewer
+update_interval: 900
+meshviewer_json_url: "https://map.freifunk-mwu.de/data/meshviewer.json"
+
+# when to switch the domain
+domain_switch_time: -1
+
+# migrate meshes with only one node
+only_migrate_vpn: false
--- a/roles/service-domain-director/templates/domain-director.service.j2
+++ b/roles/service-domain-director/templates/domain-director.service.j2
@ -0,0 +1,16 @@
+[Unit]
+Description=Domain-Director - Directing ALL THE NODS
+Wants=network.target
+After=network.target
+
+[Service]
+Type=simple
+User={{ director_user }}
+Group={{ director_user }}
+WorkingDirectory={{ director_data_dir }}
+ExecStart=/usr/local/bin/domain-director --config {{ director_conf_dir }}/config.yml
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target
--- a/roles/service-domain-director/templates/domain_director_vhost.conf.j2
+++ b/roles/service-domain-director/templates/domain_director_vhost.conf.j2
@ -0,0 +1,18 @@
+upstream director {
+  server [::1]:28530 fail_timeout=5;
+}
+
+server {
+  listen [::]:80;
+
+  server_name {{ http_director_internal }};
+
+  location / {
+    proxy_pass http://director;
+    proxy_set_header  X-Real-IP  $remote_addr;
+    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header  X-Forwarded-Proto $scheme;
+    proxy_set_header  Host $http_host;
+
+  }
+}
--- a/roles/service-domain-director/vars/main.yml
+++ b/roles/service-domain-director/vars/main.yml
@ -0,0 +1,6 @@
+---
+director_user: "director"
+director_conf_dir: "/etc/domain-director"
+director_data_dir: "/var/lib/domain-director"
+
+http_director_internal: "{{ http_director_prefix }}.{{ http_domain_internal }}"