[service] create a generic role for services and apply it to dhcp

2021-05-15 15:22:59 +02:00 · 2021-05-15 15:22:59 +02:00 · b8e57e9627
parent 821330bf99
commit b8e57e9627
8 changed files with 90 additions and 60 deletions
--- a/group_vars/dhcp.yml
+++ b/group_vars/dhcp.yml
@ -63,12 +63,23 @@ glob_dhcp:
          max: 100.65.255.254
      options: []

-glob_re2o_services:
-  server: re2o.adm.crans.org
-  service:
+glob_service_dhcp:
+  re2o:
+    hostname: "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
    user: services
    password: "{{ vault.re2o_service_password }}"
-  mail_server: "{{ glob_smtp }}"
-
-glob_re2o_dhcp:
-  uri: "https://gitlab.adm.crans.org/nounous/dhcp.git"
+  name: dhcp
+  install_dir: /var/local/services/dhcp
+  generated: yes
+  frequency: "*/2 * * * *"
+  options: -q
+  dependencies:
+    - python3-jinja2
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/dhcp.git
+    version: master
+  config:
+    extensions:
+      - adh.crans.org
+      - adh-nat.crans.org
+      - infra.crans.org
--- a/plays/dhcp.yml
+++ b/plays/dhcp.yml
@ -4,9 +4,7 @@
 - hosts: dhcp
  vars:
    dhcp: "{{ glob_dhcp | default({}) | combine(loc_dhcp | default({})) }}"
-    re2o_services: "{{ glob_re2o_services | default({}) | combine(loc_re2o_services | default({})) }}"
-    re2o_dhcp: "{{ glob_re2o_dhcp | default({}) | combine(loc_re2o_dhcp | default({})) }}"
+    service: "{{ glob_service_dhcp | default({}) | combine(loc_service_dhcp | default({})) }}"
  roles:
    - isc-dhcp-server
-    - re2o-services
-    - re2o-dhcp
+    - service
--- a/roles/re2o-dhcp/tasks/main.yml
+++ b/roles/re2o-dhcp/tasks/main.yml
@ -1,47 +0,0 @@
---
- name: Create re2o-dhcp directory
-  file:
-    path: /var/local/re2o-services/dhcp
-    state: directory
-    mode: '2775'
-    owner: root
-    group: _nounou
-
- name: Set ACL for re2o-dhcp directory
-  acl:
-    path: /var/local/re2o-services/dhcp
-    default: true
-    entity: _nounou
-    etype: group
-    permissions: rwx
-    state: query
-  when: not ansible_check_mode
-
- name: Clone re2o-dhcp repository
-  git:
-    repo: "{{ re2o_dhcp.uri }}"
-    dest: /var/local/re2o-services/dhcp
-    version: crans
-    umask: '002'
-
- name: Create symbolic link to configuration
-  file:
-    src: /var/local/re2o-services/config.ini
-    dest: /var/local/re2o-services/dhcp/config.ini
-    owner: root
-    group: root
-    state: link
-    force: yes
-
- name: Create generated directory
-  file:
-    path: /var/local/re2o-services/dhcp/generated
-    state: directory
-    mode: 0755
-    owner: root
-    group: root
-
- name: Deploy cron for re2o-dhcp
-  template:
-    src: cron.d/re2o-services-dhcp.j2
-    dest: /etc/cron.d/re2o-services-dhcp
--- a/roles/re2o-dhcp/templates/cron.d/re2o-services-dhcp.j2
+++ b/roles/re2o-dhcp/templates/cron.d/re2o-services-dhcp.j2
@ -1,2 +0,0 @@
-{{ ansible_header | comment }}
-* * * * * root /usr/bin/python3 /var/local/re2o-services/dhcp/main.py --force
--- a/roles/service/tasks/main.yml
+++ b/roles/service/tasks/main.yml
@ -0,0 +1,62 @@
+---
+- name: Install service dependencies
+  apt:
+    update_cache: true
+    install_recommends: false
+    name: "{{ service.dependencies }}"
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
+- name: Create service directory
+  file:
+    path: "{{ service.install_dir }}"
+    state: directory
+    mode: '2775'
+    owner: root
+    group: _nounou
+
+- name: Set ACL for service directory
+  acl:
+    path: "{{ service.install_dir }}"
+    default: true
+    entity: _nounou
+    etype: group
+    permissions: rwx
+    state: query
+
+- name: Clone service repository
+  git:
+    repo: "{{ service.git.remote }}"
+    version: "{{ service.git.version }}"
+    dest: "{{ service.install_dir }}"
+    umask: '002'
+
+- name: Create generated directory
+  file:
+    path: "{{ service.install_dir }}/generated"
+    state: directory
+    mode: '2770'
+    owner: root
+    group: _nounou
+  when: service.generated is defined and service.generated
+
+- name: Deploy re2o config
+  template:
+    src: service/re2o-config.ini.j2
+    dest: "{{ service.install_dir }}/re2o-config.ini"
+    mode: 0600
+    owner: root
+    group: root
+  when: service.re2o is defined
+
+- name: Deploy cron for service
+  template:
+    src: cron.d/service.j2
+    dest: "/etc/cron.d/services-{{ service.name }}"
+
+- name: Deploy service configuration
+  template:
+    src: service/config.json
+    dest: "{{ service.install_dir }}/{{ service.name }}.json"
+  when: service.config is defined
--- a/roles/service/templates/cron.d/service.j2
+++ b/roles/service/templates/cron.d/service.j2
@ -0,0 +1,2 @@
+{{ ansible_header | comment }}
+{{ service.frequency }} root /usr/bin/python3 {{ service.install_dir }}/{{ service.name }}.py {{ service.options }}
--- a/roles/service/templates/service/config.json
+++ b/roles/service/templates/service/config.json
@ -0,0 +1 @@
+{{ service.config | to_nice_json }}
--- a/roles/service/templates/service/re2o-config.ini.j2
+++ b/roles/service/templates/service/re2o-config.ini.j2
@ -0,0 +1,5 @@
+{{ ansible_header | comment(decoration='; ') }}
+[Re2o]
+hostname = {{ service.re2o.hostname }}
+username = {{ service.re2o.user }}
+password = {{ service.re2o.password }}