From 648e43314f954bd163e1e7fff3d10ab6d5218dcd Mon Sep 17 00:00:00 2001 From: Eddie Jaoude Date: Sun, 24 Jul 2016 06:16:05 +0100 Subject: [PATCH] Vagrant & Ansible added with Python. Docs in README --- README.md | 48 +++++++++- Vagrantfile | 91 ++++++++++++------- ansible/inventories/dev | 2 + ansible/playbook.yml | 12 +++ ansible/roles/apache/handlers/main.yml | 3 + ansible/roles/apache/tasks/main.yml | 29 ++++++ .../roles/apache/templates/vhost22.conf.tpl | 14 +++ .../roles/apache/templates/vhost24.conf.tpl | 13 +++ ansible/roles/app/tasks/main.yml | 5 + ansible/roles/mysql/handlers/main.yml | 3 + ansible/roles/mysql/tasks/main.yml | 43 +++++++++ ansible/roles/python/tasks/main.yml | 6 ++ ansible/roles/server/tasks/main.yml | 31 +++++++ ansible/roles/server/templates/timezone.tpl | 1 + ansible/roles/vagrant_local/tasks/main.yml | 11 +++ ansible/vars/all.yml | 20 ++++ ansible/windows.sh | 31 +++++++ 17 files changed, 329 insertions(+), 34 deletions(-) mode change 100644 => 100755 README.md create mode 100755 ansible/inventories/dev create mode 100755 ansible/playbook.yml create mode 100755 ansible/roles/apache/handlers/main.yml create mode 100755 ansible/roles/apache/tasks/main.yml create mode 100755 ansible/roles/apache/templates/vhost22.conf.tpl create mode 100755 ansible/roles/apache/templates/vhost24.conf.tpl create mode 100755 ansible/roles/app/tasks/main.yml create mode 100755 ansible/roles/mysql/handlers/main.yml create mode 100755 ansible/roles/mysql/tasks/main.yml create mode 100644 ansible/roles/python/tasks/main.yml create mode 100755 ansible/roles/server/tasks/main.yml create mode 100755 ansible/roles/server/templates/timezone.tpl create mode 100755 ansible/roles/vagrant_local/tasks/main.yml create mode 100755 ansible/vars/all.yml create mode 100755 ansible/windows.sh diff --git a/README.md b/README.md old mode 100644 new mode 100755 index 1ea6a4c..b6f0501 --- a/README.md +++ b/README.md @@ -1 +1,47 @@ -# BrexLex \ No newline at end of file +# BrexLex + +--- + +## Contains + +* MySQL +* Apache +* Python + +## Dependencies + +* Vagrant + +--- + +## Usage + +1. Clone repo `git clone git@github.com:HackBrexit/BrexLex.git` +2. Vagrant up (use `--debug` for more verbose output from **vagrant**) +3. Access **web** on `http://192.168.50.99/` (dont forget to add a host entry) +4. Access **mysql** on `192.168.50.99:3306` + +Files **mounted** on `/vagrant` & **apache** serves `/vagrant` + +### Vagrant commands + +* create or turn on VM `vagrant up` +* ssh on to VM `vagrant ssh` +* turn off VM `vagrant halt` +* status of VM `vagrant status` +* destroy VM `vagrant destroy` + +--- + +## Customisation + + +### System wide **apt** packages + +Edit `ansible/vars/all.yml` and add to collect on line 4, looks like `packages: [vim, htop, iotop]` + +*Or variables, mysql passwords etc* + +### What **ansible** installs (eg. apache) + +Edit `ansible/playbook.yml` *comment/uncomment* **roles** collection. diff --git a/Vagrantfile b/Vagrantfile index 572eceb..5b29e85 100755 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,34 +1,59 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -Vagrant::Config.run do |config| - # Base box to build off, and download URL for when it doesn't exist on the user's system already - config.vm.box = "ubuntu/trusty32" - config.vm.box_url = "https://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-i386-vagrant-disk1.box" - - # As an alternative to precise32, VMs can be built from the 'django-base' box as defined at - # https://github.com/torchbox/vagrant-django-base , which has more of the necessary server config - # baked in and thus takes less time to initialise. To go down this route, you will need to build - # and host django-base.box yourself, and substitute your own URL below. - #config.vm.box = "django-base-v2.2" - #config.vm.box_url = "http://vmimages.torchbox.com/django-base-v2.2.box" # Torchbox-internal URL to django-base.box - - # Boot with a GUI so you can see the screen. (Default is headless) - # config.vm.boot_mode = :gui - - # Assign this VM to a host only network IP, allowing you to access it - # via the IP. - # config.vm.network "33.33.33.10" - - # Forward a port from the guest to the host, which allows for outside - # computers to access the VM, whereas host only networking does not. - config.vm.forward_port 8000, 8000 - - # Share an additional folder to the guest VM. The first argument is - # an identifier, the second is the path on the guest to mount the - # folder, and the third is the path on the host to the actual folder. - config.vm.share_folder "project", "/home/vagrant/brexlex", "." - - # Enable provisioning with a shell script. - config.vm.provision :shell, :path => "etc/install/install.sh", :args => "brexlex" +################################################## +# Generated by phansible.com +################################################## + +#If your Vagrant version is lower than 1.5, you can still use this provisioning +#by commenting or removing the line below and providing the config.vm.box_url parameter, +#if it's not already defined in this Vagrantfile. Keep in mind that you won't be able +#to use the Vagrant Cloud and other newer Vagrant features. +Vagrant.require_version ">= 1.5" + +# Check to determine whether we're on a windows or linux/os-x host, +# later on we use this to launch ansible in the supported way +# source: https://stackoverflow.com/questions/2108727/which-in-ruby-checking-if-program-exists-in-path-from-ruby +def which(cmd) + exts = ENV['PATHEXT'] ? ENV['PATHEXT'].split(';') : [''] + ENV['PATH'].split(File::PATH_SEPARATOR).each do |path| + exts.each { |ext| + exe = File.join(path, "#{cmd}#{ext}") + return exe if File.executable? exe + } + end + return nil end +Vagrant.configure("2") do |config| + + config.vm.provider :virtualbox do |v| + v.name = "brexlex" + v.customize [ + "modifyvm", :id, + "--name", "brexlex", + "--memory", 1024, + "--natdnshostresolver1", "on", + "--cpus", 2, + ] + end + + config.vm.box = "ubuntu/trusty64" + + config.vm.network :private_network, ip: "192.168.50.99" + config.ssh.forward_agent = true + + ############################################################# + # Ansible provisioning (you need to have ansible installed) + ############################################################# + + if which('ansible-playbook') + config.vm.provision "ansible" do |ansible| + ansible.playbook = "ansible/playbook.yml" + ansible.inventory_path = "ansible/inventories/dev" + ansible.limit = 'all' + end + else + config.vm.provision :shell, path: "ansible/windows.sh", args: ["default"] + end + + + config.vm.synced_folder "./", "/vagrant", type: "nfs" +end + diff --git a/ansible/inventories/dev b/ansible/inventories/dev new file mode 100755 index 0000000..7074d43 --- /dev/null +++ b/ansible/inventories/dev @@ -0,0 +1,2 @@ +[phansible-web] +192.168.50.99 diff --git a/ansible/playbook.yml b/ansible/playbook.yml new file mode 100755 index 0000000..44dcd91 --- /dev/null +++ b/ansible/playbook.yml @@ -0,0 +1,12 @@ +--- +- hosts: all + sudo: true + vars_files: + - vars/all.yml + roles: + - server + - vagrant_local + - apache + - mysql + - app + - python diff --git a/ansible/roles/apache/handlers/main.yml b/ansible/roles/apache/handlers/main.yml new file mode 100755 index 0000000..aa60480 --- /dev/null +++ b/ansible/roles/apache/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart apache + service: name=apache2 enabled=yes state=restarted diff --git a/ansible/roles/apache/tasks/main.yml b/ansible/roles/apache/tasks/main.yml new file mode 100755 index 0000000..91851a5 --- /dev/null +++ b/ansible/roles/apache/tasks/main.yml @@ -0,0 +1,29 @@ +--- +- name: Install Apache + sudo: yes + apt: pkg=apache2 state=latest + +- name: Install Apache Modules + apache2_module: state=present name={{ item }} + notify: restart apache + with_items: + - rewrite + - vhost_alias + - headers + - expires + - filter + +- shell: apache2 -v + register: apache_version + +- name: Change default apache2.4 site + sudo: yes + template: src=vhost24.conf.tpl dest=/etc/apache2/sites-available/000-default.conf + notify: restart apache + when: apache_version.stdout.find('Apache/2.4.') != -1 + +- name: Change default apache2.2 site + sudo: yes + template: src=vhost22.conf.tpl dest=/etc/apache2/sites-available/default + notify: restart apache + when: apache_version.stdout.find('Apache/2.2.') != -1 diff --git a/ansible/roles/apache/templates/vhost22.conf.tpl b/ansible/roles/apache/templates/vhost22.conf.tpl new file mode 100755 index 0000000..2d1f6fc --- /dev/null +++ b/ansible/roles/apache/templates/vhost22.conf.tpl @@ -0,0 +1,14 @@ +# Default Apache virtualhost template + + + ServerAdmin webmaster@localhost + DocumentRoot {{ apache.docroot }} + ServerName {{ apache.servername }} + + + AllowOverride All + Options -Indexes FollowSymLinks + Order allow,deny + Allow from all + + diff --git a/ansible/roles/apache/templates/vhost24.conf.tpl b/ansible/roles/apache/templates/vhost24.conf.tpl new file mode 100755 index 0000000..af3d936 --- /dev/null +++ b/ansible/roles/apache/templates/vhost24.conf.tpl @@ -0,0 +1,13 @@ +# Default Apache virtualhost template + + + ServerAdmin webmaster@localhost + DocumentRoot {{ apache.docroot }} + ServerName {{ apache.servername }} + + + AllowOverride All + Options -Indexes +FollowSymLinks + Require all granted + + diff --git a/ansible/roles/app/tasks/main.yml b/ansible/roles/app/tasks/main.yml new file mode 100755 index 0000000..c330e48 --- /dev/null +++ b/ansible/roles/app/tasks/main.yml @@ -0,0 +1,5 @@ +--- +# application tasks to be customized and to run after the main provision +- name: update file db + sudo: yes + shell: updatedb diff --git a/ansible/roles/mysql/handlers/main.yml b/ansible/roles/mysql/handlers/main.yml new file mode 100755 index 0000000..a2b21d4 --- /dev/null +++ b/ansible/roles/mysql/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart mysql + service: name=mysql enabled=yes state=restarted diff --git a/ansible/roles/mysql/tasks/main.yml b/ansible/roles/mysql/tasks/main.yml new file mode 100755 index 0000000..6fe46d7 --- /dev/null +++ b/ansible/roles/mysql/tasks/main.yml @@ -0,0 +1,43 @@ +--- +# Retrieve the current hostname, because {{ ansible_hostname }} still contains the old name +- shell: hostname + register: current_hostname + +- name: mysql | Install MySQL Packages + sudo: yes + apt: pkg={{ item }} state=latest + with_items: + - mysql-server + - mysql-client + - python-mysqldb + +- name: mysql | Update root password for all root accounts + mysql_user: name=root host={{ item }} check_implicit_admin=yes password={{ mysql.root_password }} login_user=root login_password={{ mysql.root_password }} + with_items: + - "{{ current_hostname.stdout | lower }}" + - 127.0.0.1 + - ::1 + - localhost + - 192.168.33.1 + +- name: mysql | Create databases + mysql_db: name={{ mysql.database }} state=present login_user=root login_password={{ mysql.root_password }} + +- name: mysql | Import dump + mysql_db: name={{ mysql.database }} state=import login_user=root login_password={{ mysql.root_password }} target=/vagrant/{{ mysql.dump }} + when: mysql.dump + +- name: mysql | Ensure anonymous users are not in the database + mysql_user: name='' host={{ item }} state=absent login_user=root login_password={{ mysql.root_password }} + with_items: + - localhost + - "{{ current_hostname.stdout | lower }}" + +- name: mysql | Create users + mysql_user: name={{ mysql.user }} password={{ mysql.password }} priv=*.*:ALL state=present login_user=root login_password={{ mysql.root_password }} + +- name: do not bind to localhost + lineinfile: dest=/etc/mysql/my.cnf + regexp='bind-address' + line='bind-address = 0.0.0.0' + notify: restart mysql diff --git a/ansible/roles/python/tasks/main.yml b/ansible/roles/python/tasks/main.yml new file mode 100644 index 0000000..6bf836c --- /dev/null +++ b/ansible/roles/python/tasks/main.yml @@ -0,0 +1,6 @@ +- name: python | Install Python Packages + sudo: yes + apt: pkg={{ item }} state=latest + with_items: + - python-dev + - python-pip diff --git a/ansible/roles/server/tasks/main.yml b/ansible/roles/server/tasks/main.yml new file mode 100755 index 0000000..f1ffc08 --- /dev/null +++ b/ansible/roles/server/tasks/main.yml @@ -0,0 +1,31 @@ +--- +- name: Update apt + sudo: yes + apt: update_cache=yes + +- name: Install System Packages + sudo: yes + apt: pkg={{ item }} state=latest + with_items: + - curl + - wget + - python-software-properties + +- name: Install Extra Packages + sudo: yes + apt: pkg={{ item }} state=latest + with_items: server.packages + when: server.packages is defined + +- name: Configure the timezone + sudo: yes + template: src=timezone.tpl dest=/etc/timezone + +- name: More Configure the timezone + sudo: yes + file: src=/usr/share/zoneinfo/{{server.timezone}} dest=/etc/localtime state=link force=yes backup=yes + +- name: Set default system language pack + shell: locale-gen {{server.locale}} + sudo: yes + diff --git a/ansible/roles/server/templates/timezone.tpl b/ansible/roles/server/templates/timezone.tpl new file mode 100755 index 0000000..cca2365 --- /dev/null +++ b/ansible/roles/server/templates/timezone.tpl @@ -0,0 +1 @@ +{{server.timezone}} diff --git a/ansible/roles/vagrant_local/tasks/main.yml b/ansible/roles/vagrant_local/tasks/main.yml new file mode 100755 index 0000000..cd53609 --- /dev/null +++ b/ansible/roles/vagrant_local/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: Set the hostname in /etc/hostname + shell: echo {{ vagrant_local.vm.hostname }} > /etc/hostname + when: vagrant_local.vm.hostname is defined + +- name: Set the hostname + shell: hostname {{ vagrant_local.vm.hostname }} + when: vagrant_local.vm.hostname is defined + +- name: Update /etc/hosts + lineinfile: dest=/etc/hosts regexp='^127\.0\.0\.1' line='127.0.0.1 localhost {{ vagrant_local.vm.hostname }}' owner=root group=root mode=0644 diff --git a/ansible/vars/all.yml b/ansible/vars/all.yml new file mode 100755 index 0000000..6c9163b --- /dev/null +++ b/ansible/vars/all.yml @@ -0,0 +1,20 @@ +--- +server: + install: '1' + packages: [vim, htop, iotop] + timezone: UTC + locale: en_US.UTF-8 +vagrant_local: + install: '1' + vm: { base_box: trusty64, hostname: brexlex, ip: 192.168.50.99, memory: '1024', sharedfolder: ./, enableWindows: '1', useVagrantCloud: '1', syncType: nfs } +apache: + install: '1' + docroot: /vagrant + servername: myApp.vb +mysql: + install: '1' + root_password: password + database: db + user: user + password: password + dump: '' diff --git a/ansible/windows.sh b/ansible/windows.sh new file mode 100755 index 0000000..eab5d9a --- /dev/null +++ b/ansible/windows.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash + +# Update Repositories +sudo apt-get update + +# Determine Ubuntu Version +. /etc/lsb-release + +# Decide on package to install for `add-apt-repository` command +# +# USE_COMMON=1 when using a distribution over 12.04 +# USE_COMMON=0 when using a distribution at 12.04 or older +USE_COMMON=$(echo "$DISTRIB_RELEASE > 12.04" | bc) + +if [ "$USE_COMMON" -eq "1" ]; +then + sudo apt-get install -y software-properties-common +else + sudo apt-get install -y python-software-properties +fi + +# Add Ansible Repository & Install Ansible +sudo add-apt-repository -y ppa:ansible/ansible +sudo apt-get update +sudo apt-get install -y ansible + +# Setup Ansible for Local Use and Run +cp /vagrant/ansible/inventories/dev /etc/ansible/hosts -f +chmod 666 /etc/ansible/hosts +cat /vagrant/ansible/files/authorized_keys >> /home/vagrant/.ssh/authorized_keys +sudo ansible-playbook /vagrant/ansible/playbook.yml -e hostname=$1 --connection=local \ No newline at end of file