isamples-ansible/configure_isamples_server.yml at main · isamplesorg/isamples-ansible · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
---
- name: Configure an iSamples Development server
  hosts: localhost
  connection: local
  become: yes

  tasks:
  - name: Create a Docker group
    group:
      name: docker
      state: present

  - name: Create an iSamples user account
    user:
      name: isamples
      groups: docker
      shell: /bin/bash

  - name: Update and upgrade apt packages
    apt:
      upgrade: yes
      update_cache: yes

  - name: Install nginx
    apt:
      name: nginx
      state: present

  - name: Configure ufw with nginx
    shell: ufw allow "Nginx Full"

  - name: Install LetsEncrypt for certificate management
    apt:
      name:
        - python3-certbot-nginx

  - name: Lay down default nginx config before running certbot
    template:
      src: ./isamples-ina-box-nginx.j2
      dest: /etc/nginx/sites-enabled/default

  - name: Set up the certbot config in nginx
    shell: "certbot --nginx -d {{ hostname }} -m {{ certbot_email }} -n --agree-tos --redirect"

  - name: Start nginx
    service:
      name: nginx
      state: started

  - name: Create the models directory, since they aren't checked into git
    ansible.builtin.file:
      path: /var/local/data/models/
      state: directory

  - name: Install Docker dependencies
    apt:
      name:
        - ca-certificates
        - curl
        - gnupg
        - lsb-release

  # Ran into a problem with this when attempting to start the iSamples in a box service in the common role -- it just kept failing with no reasonable error message.  Commenting this out works around that error.
  # - name: Populate service facts
  #   service_facts:

    # Instructions gotten from https://docs.docker.com/engine/install/ubuntu/ and https://docs.docker.com/compose/cli-command/
  - name: Install Docker and Docker compose
    shell: cd ~ && curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh && mkdir -p /usr/local/lib/docker/cli-plugins &&  curl -SL https://github.com/docker/compose/releases/download/v2.2.3/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose && chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
    args:
      creates: /usr/local/lib/docker/cli-plugins/docker-compose
    notify: Reload systemd

    # This should only run if not already installed, but see error message above about the service_facts module failing
    # when: "ansible_facts.services['docker.service'] is not defined"

  - name: Start Docker
    service:
      name: docker
      state: started

  - name: Install iSamples in a Box service
    copy:
      src: ./isamples_inabox.service
      dest: /etc/systemd/system/isamples_inabox.service
    notify: Reload systemd


  - name: Install ACL packages for ansible to run its chmod as necessary
    apt:
      name:
        - acl

  - name: Install apt-transport-https
    apt: name=apt-transport-https state=present

  - name: Add git-lfs package
    apt: name=git-lfs state=latest update_cache=yes

  - name: Include the common role, which checks out and starts iSamples in a Box
    include_role:
      name: common


  handlers:
  - name: Reload systemd
    systemd:
      daemon-reload: yes
    become: yes