From 674848f1ca769e4ab142b2c4c91571b4ef838e21 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Mon, 1 Nov 2021 15:32:33 -0400 Subject: [PATCH 01/48] Add ssh key password --- .drone-docker.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.drone-docker.yml b/.drone-docker.yml index 4785f9e..bf5adf1 100644 --- a/.drone-docker.yml +++ b/.drone-docker.yml @@ -56,6 +56,8 @@ steps: galaxy: ./.ansible-items/requirements.yml private_key: from_secret: deploy_ssh_key + password: + from_secret: deploy_ssh_key_password environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname From 5dfef566ab45c4025df0e350f1fad189b0db01a9 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Mon, 1 Nov 2021 15:35:09 -0400 Subject: [PATCH 02/48] Add SSH key passphrase in kube pipeline --- .drone-kubernetes.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 3d09772..016f8d5 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -48,6 +48,10 @@ steps: inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml syntax_check: true + when: + branch: + - development + - name: apply ansible playbook image: plugins/ansible:3 settings: @@ -56,6 +60,8 @@ steps: galaxy: ./.ansible-items/requirements.yml private_key: from_secret: deploy_ssh_key + password: + from_secret: deploy_ssh_key_password environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname From ae1c6dc8276946fc091e2b3771de4540c1fb42f5 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Mon, 1 Nov 2021 22:29:02 -0400 Subject: [PATCH 03/48] Switch to shirito/drone-ansible --- .drone-kubernetes.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 016f8d5..3b1c53e 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -42,7 +42,7 @@ steps: - rm ./items/api/public/index.html - name: check ansible syntax - image: plugins/ansible:3 + image: shirito/drone-ansible:latest settings: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory @@ -53,14 +53,14 @@ steps: - development - name: apply ansible playbook - image: plugins/ansible:3 + image: shirito/drone-ansible:latest settings: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml private_key: from_secret: deploy_ssh_key - password: + private-key-passphrase: from_secret: deploy_ssh_key_password environment: DEPLOY_HOSTNAME: From 8a0cec92ded9fc52973a7064148145975acfca59 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 09:51:42 -0400 Subject: [PATCH 04/48] chore: change drone-ansible version --- .drone-kubernetes.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 3b1c53e..30f802f 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -42,7 +42,7 @@ steps: - rm ./items/api/public/index.html - name: check ansible syntax - image: shirito/drone-ansible:latest + image: shirito/drone-ansible:1.0.0 settings: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory @@ -53,7 +53,7 @@ steps: - development - name: apply ansible playbook - image: shirito/drone-ansible:latest + image: shirito/drone-ansible:1.0.0 settings: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory From 268411136bde9a7eb42ebfa42ac9f19d5dc5b5ed Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 10:16:45 -0400 Subject: [PATCH 05/48] Add SSH key passphrase --- .ansible-items/inventory | 2 +- .drone-kubernetes.yml | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 32090d7..923f281 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,2 +1,2 @@ [host] -{{ DEPLOYMENT_USER }}@{{ DEPLOY_HOSTNAME }} ansible_connection=ssh ansible_user={{ DEPLOYMENT_USER }} \ No newline at end of file +{{ DEPLOYMENT_USER }}@{{ DEPLOY_HOSTNAME }} ansible_connection=ssh ansible_user={{ DEPLOYMENT_USER }} ansible_ssh_pass={{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 30f802f..ca163a7 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -23,10 +23,13 @@ steps: from_secret: spt_items_hostname DEPLOYMENT_USER: from_secret: deploy_username + DEPLOYMENT_SSH_KEY_PASSPHRASE: + from_secret: deploy_ssh_key_passphrase commands: - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOYMENT_SSH_KEY_PASSPHRASE }}/'"$DEPLOYMENT_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory - sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory - name: build frontend @@ -42,7 +45,7 @@ steps: - rm ./items/api/public/index.html - name: check ansible syntax - image: shirito/drone-ansible:1.0.0 + image: plugins/ansible:3 settings: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory @@ -53,15 +56,13 @@ steps: - development - name: apply ansible playbook - image: shirito/drone-ansible:1.0.0 + image: plugins/ansible:3 settings: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml private_key: from_secret: deploy_ssh_key - private-key-passphrase: - from_secret: deploy_ssh_key_password environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname From a1780ace4643b1ce57257607dda390c6398d5f1c Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 10:32:21 -0400 Subject: [PATCH 06/48] Convert ansible inventory to yaml --- .ansible-items/inventory | 10 ++++++++-- .drone-kubernetes.yml | 15 ++++++++------- 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 923f281..06eccd1 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,2 +1,8 @@ -[host] -{{ DEPLOYMENT_USER }}@{{ DEPLOY_HOSTNAME }} ansible_connection=ssh ansible_user={{ DEPLOYMENT_USER }} ansible_ssh_pass={{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file +all: + children: + host: + ansible_host: {{ DEPLOY_HOSTNAME }} + ansible_user: {{ DEPLOYMENT_USER }} + ansible_connection: ssh + ansible_ssh_private_key_file: private.key + ansible_ssh_pass: {{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index ca163a7..05aaca6 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -25,12 +25,15 @@ steps: from_secret: deploy_username DEPLOYMENT_SSH_KEY_PASSPHRASE: from_secret: deploy_ssh_key_passphrase + PRIVATE_KEY: + from_secret: deploy_ssh_key commands: - - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - - mv ./items/frontend/.env.example ./items/frontend/.env - - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory - - sed -i 's/{{ DEPLOYMENT_SSH_KEY_PASSPHRASE }}/'"$DEPLOYMENT_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory - - sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory + - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example + - mv ./items/frontend/.env.example ./items/frontend/.env + - echo "{{ PRIVATE_KEY }}" > private.key + - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOYMENT_SSH_KEY_PASSPHRASE }}/'"$DEPLOYMENT_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory - name: build frontend image: node:lts-alpine3.14 @@ -61,8 +64,6 @@ steps: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml - private_key: - from_secret: deploy_ssh_key environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname From f0d1db2d0f5faf0ae5e66f266b8f4526b71089ce Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 10:43:44 -0400 Subject: [PATCH 07/48] Fix typo --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 06eccd1..c449d21 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,6 +1,6 @@ all: children: - host: + hosts: ansible_host: {{ DEPLOY_HOSTNAME }} ansible_user: {{ DEPLOYMENT_USER }} ansible_connection: ssh From 38247d021b6e3f4eef153d4802e7fac45e999346 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 10:51:26 -0400 Subject: [PATCH 08/48] Fix yaml --- .ansible-items/inventory | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index c449d21..33acdcd 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,8 +1,9 @@ all: children: hosts: - ansible_host: {{ DEPLOY_HOSTNAME }} - ansible_user: {{ DEPLOYMENT_USER }} - ansible_connection: ssh - ansible_ssh_private_key_file: private.key - ansible_ssh_pass: {{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file + sp-tarkov: + ansible_host: {{ DEPLOY_HOSTNAME }} + ansible_user: {{ DEPLOYMENT_USER }} + ansible_connection: ssh + ansible_ssh_private_key_file: private.key + ansible_ssh_pass: {{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file From 4030631ac576124f546415389799168604cd154a Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 10:57:03 -0400 Subject: [PATCH 09/48] Fix yaml --- .ansible-items/inventory | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 33acdcd..9437fcf 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,9 +1,10 @@ all: children: - hosts: - sp-tarkov: - ansible_host: {{ DEPLOY_HOSTNAME }} - ansible_user: {{ DEPLOYMENT_USER }} - ansible_connection: ssh - ansible_ssh_private_key_file: private.key - ansible_ssh_pass: {{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file + host: + hosts: + sp-tarkov: + ansible_host: {{ DEPLOY_HOSTNAME }} + ansible_user: {{ DEPLOYMENT_USER }} + ansible_connection: ssh + ansible_ssh_private_key_file: private.key + ansible_ssh_pass: {{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file From 4d72e5dd676164352d4534cf3eaaea12ec7d93b8 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 11:05:17 -0400 Subject: [PATCH 10/48] Fix yaml --- .drone-kubernetes.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 05aaca6..1ad51b3 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -30,7 +30,7 @@ steps: commands: - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env - - echo "{{ PRIVATE_KEY }}" > private.key + - echo "{{ PRIVATE_KEY }}" > private.key && chmod 700 private.key - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory - sed -i 's/{{ DEPLOYMENT_SSH_KEY_PASSPHRASE }}/'"$DEPLOYMENT_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory - sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory From 35a4f531251f9f109afb5b97e9beb0bb55df2166 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 11:11:50 -0400 Subject: [PATCH 11/48] Fix yaml --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 9437fcf..159f182 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -6,5 +6,5 @@ all: ansible_host: {{ DEPLOY_HOSTNAME }} ansible_user: {{ DEPLOYMENT_USER }} ansible_connection: ssh - ansible_ssh_private_key_file: private.key + ansible_ssh_private_key_file: /drone/src/private.key ansible_ssh_pass: {{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file From fdf1d2e3ed069d805b6bc0bbf8874a8f02aff224 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 11:31:38 -0400 Subject: [PATCH 12/48] Fix private key replacement --- .ansible-items/inventory | 4 ++-- .drone-kubernetes.yml | 38 +++++++++++++++++++------------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 159f182..c36f2f1 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -4,7 +4,7 @@ all: hosts: sp-tarkov: ansible_host: {{ DEPLOY_HOSTNAME }} - ansible_user: {{ DEPLOYMENT_USER }} + ansible_user: {{ DEPLOY_USER }} ansible_connection: ssh ansible_ssh_private_key_file: /drone/src/private.key - ansible_ssh_pass: {{ DEPLOYMENT_SSH_KEY_PASSPHRASE }} \ No newline at end of file + ansible_ssh_pass: {{ DEPLOY_SSH_KEY_PASSPHRASE }} \ No newline at end of file diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 1ad51b3..f3cdf6b 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -21,31 +21,31 @@ steps: from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOYMENT_USER: + DEPLOY_USER: from_secret: deploy_username - DEPLOYMENT_SSH_KEY_PASSPHRASE: + DEPLOY_SSH_KEY_PASSPHRASE: from_secret: deploy_ssh_key_passphrase - PRIVATE_KEY: + DEPLOY_PRIVATE_KEY: from_secret: deploy_ssh_key commands: - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env - - echo "{{ PRIVATE_KEY }}" > private.key && chmod 700 private.key + - echo "$DEPLOY_PRIVATE_KEY" > private.key && chmod 600 private.key - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory - - sed -i 's/{{ DEPLOYMENT_SSH_KEY_PASSPHRASE }}/'"$DEPLOYMENT_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory - - sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOY_SSH_KEY_PASSPHRASE }}/'"$DEPLOY_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOY_USER }}/'"$DEPLOY_USER"'/g' ./.ansible-items/inventory -- name: build frontend - image: node:lts-alpine3.14 - commands: - - node -v - - npm -v - - yarn --version - - yarn --cwd ./items/frontend install - - yarn --cwd ./items/frontend build --pure-lockfile - - rm -rf ./items/api/public/static/* - - mv ./items/frontend/build/* ./items/api/public - - rm ./items/api/public/index.html +# - name: build frontend +# image: node:lts-alpine3.14 +# commands: +# - node -v +# - npm -v +# - yarn --version +# - yarn --cwd ./items/frontend install +# - yarn --cwd ./items/frontend build --pure-lockfile +# - rm -rf ./items/api/public/static/* +# - mv ./items/frontend/build/* ./items/api/public +# - rm ./items/api/public/index.html - name: check ansible syntax image: plugins/ansible:3 @@ -69,9 +69,9 @@ steps: from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOYMENT_USER: + DEPLOY_USER: from_secret: deploy_username - DEPLOYMENT_USER_GROUP: + DEPLOY_USER_GROUP: from_secret: deploy_user_group SPT_ITEMS_PATH: from_secret: deploy_path From ff4c8e1aaba6d38a4ce1cc1d7d3913ae1e9f0318 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 12:04:26 -0400 Subject: [PATCH 13/48] add verbosity --- .drone-kubernetes.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index f3cdf6b..e8da5a7 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -64,6 +64,7 @@ steps: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml + verbose: 4 environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname From 4b6d4998e9a44c3710d9d9270e6cbc8dabf0815b Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 12:39:04 -0400 Subject: [PATCH 14/48] test: change host --- .ansible-items/inventory | 2 +- .drone-kubernetes.yml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index c36f2f1..ff7af62 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -3,7 +3,7 @@ all: host: hosts: sp-tarkov: - ansible_host: {{ DEPLOY_HOSTNAME }} + ansible_host: {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} ansible_user: {{ DEPLOY_USER }} ansible_connection: ssh ansible_ssh_private_key_file: /drone/src/private.key diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index e8da5a7..d0e8c57 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -64,6 +64,7 @@ steps: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml + timeout: 60 verbose: 4 environment: DEPLOY_HOSTNAME: From e372146e56ff92ffe6e87dc8e79d1fdb442cd2c8 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 12:42:23 -0400 Subject: [PATCH 15/48] fix: Fix ansible pass --- .ansible-items/inventory | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index ff7af62..fc8ec21 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -5,6 +5,6 @@ all: sp-tarkov: ansible_host: {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} ansible_user: {{ DEPLOY_USER }} + ansible_pass: {{ DEPLOY_SSH_KEY_PASSPHRASE }} ansible_connection: ssh - ansible_ssh_private_key_file: /drone/src/private.key - ansible_ssh_pass: {{ DEPLOY_SSH_KEY_PASSPHRASE }} \ No newline at end of file + ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file From 819baee769d8801a1d0a092c4e34d3ff61065802 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 12:53:41 -0400 Subject: [PATCH 16/48] fix: ssh passphrase --- .ansible-items/inventory | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index fc8ec21..84dbd52 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -5,6 +5,7 @@ all: sp-tarkov: ansible_host: {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} ansible_user: {{ DEPLOY_USER }} - ansible_pass: {{ DEPLOY_SSH_KEY_PASSPHRASE }} + ansible_pass: test ansible_connection: ssh + ansible_ssh_pass: test ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file From 264dad91924c786f5d2f14fe8f1f7dd2277453b1 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 12:58:58 -0400 Subject: [PATCH 17/48] test: debug mode --- .drone-kubernetes.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index d0e8c57..07b6aff 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -77,6 +77,8 @@ steps: from_secret: deploy_user_group SPT_ITEMS_PATH: from_secret: deploy_path + ANSIBLE_DEBUG: true + PLUGIN_ANSIBLE_DEBUG: true when: branch: - master From 591921399d7d5b55f876a31656b2f4605e054bf5 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:16:18 -0400 Subject: [PATCH 18/48] test: hardcoded passphrase --- .ansible-items/inventory | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 84dbd52..515a762 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -5,7 +5,7 @@ all: sp-tarkov: ansible_host: {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} ansible_user: {{ DEPLOY_USER }} - ansible_pass: test ansible_connection: ssh - ansible_ssh_pass: test - ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file + ansible_ssh_user: test + ansible_ssh_private_key_file: /drone/src/private.key + ansible_ssh_common_args: '-p test' \ No newline at end of file From 2cb3f532b528a5d0bb3c896f61ba14ef544b9eab Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:19:59 -0400 Subject: [PATCH 19/48] test --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 515a762..93766c4 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -8,4 +8,4 @@ all: ansible_connection: ssh ansible_ssh_user: test ansible_ssh_private_key_file: /drone/src/private.key - ansible_ssh_common_args: '-p test' \ No newline at end of file + ansible_ssh_extra_args: '-p test' \ No newline at end of file From 6de945a9748e3884b5c1e9848f4ec06f9a896724 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:25:58 -0400 Subject: [PATCH 20/48] test --- .ansible-items/inventory | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 93766c4..a76e3a8 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -2,10 +2,11 @@ all: children: host: hosts: - sp-tarkov: - ansible_host: {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} - ansible_user: {{ DEPLOY_USER }} - ansible_connection: ssh - ansible_ssh_user: test - ansible_ssh_private_key_file: /drone/src/private.key - ansible_ssh_extra_args: '-p test' \ No newline at end of file + {{ DEPLOY_HOSTNAME }} + vars: + ansible_host: {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} + ansible_user: {{ DEPLOY_USER }} + ansible_connection: ssh + ansible_ssh_pass: test + ansible_ssh_user: test + ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file From 98b87c8129e9ed0a0d87008887102606ae534f52 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:29:32 -0400 Subject: [PATCH 21/48] test --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index a76e3a8..20b5a99 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -8,5 +8,5 @@ all: ansible_user: {{ DEPLOY_USER }} ansible_connection: ssh ansible_ssh_pass: test - ansible_ssh_user: test + ansible_ssh_user: drone ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file From a39f9588dcde9a37c7f95ed592af55d1682d1bf8 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:42:29 -0400 Subject: [PATCH 22/48] test --- .ansible-items/inventory | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 20b5a99..53abfa7 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -9,4 +9,5 @@ all: ansible_connection: ssh ansible_ssh_pass: test ansible_ssh_user: drone - ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file + ansible_ssh_private_key_file: /drone/src/private.key + ansible_ssh_args: '' \ No newline at end of file From 47712fb7fc353035ff15f7319fdd5db1a623cbb8 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:46:18 -0400 Subject: [PATCH 23/48] test --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 53abfa7..79624e7 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -10,4 +10,4 @@ all: ansible_ssh_pass: test ansible_ssh_user: drone ansible_ssh_private_key_file: /drone/src/private.key - ansible_ssh_args: '' \ No newline at end of file + ansible_ssh_common_args: '' \ No newline at end of file From 7ac9baa8b4c1697fa16d08fa27cc518b414cf251 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:49:00 -0400 Subject: [PATCH 24/48] test --- .ansible-items/ansible.cfg | 2 ++ .ansible-items/inventory | 3 +-- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 .ansible-items/ansible.cfg diff --git a/.ansible-items/ansible.cfg b/.ansible-items/ansible.cfg new file mode 100644 index 0000000..85b0558 --- /dev/null +++ b/.ansible-items/ansible.cfg @@ -0,0 +1,2 @@ +[ssh_connection] +control_path_dir=/dev/shm/ansible_control_path \ No newline at end of file diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 79624e7..20b5a99 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -9,5 +9,4 @@ all: ansible_connection: ssh ansible_ssh_pass: test ansible_ssh_user: drone - ansible_ssh_private_key_file: /drone/src/private.key - ansible_ssh_common_args: '' \ No newline at end of file + ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file From 8257c60a8bf10a80ef15ab4fa9b7f65f20eb683a Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 13:57:06 -0400 Subject: [PATCH 25/48] test --- .ansible-items/ansible.cfg => ansible.cfg | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .ansible-items/ansible.cfg => ansible.cfg (100%) diff --git a/.ansible-items/ansible.cfg b/ansible.cfg similarity index 100% rename from .ansible-items/ansible.cfg rename to ansible.cfg From e815521f07414e7279dad39a337ded9eaf641dcc Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:04:44 -0400 Subject: [PATCH 26/48] test --- .drone-kubernetes.yml | 1 + ansible.cfg | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) delete mode 100644 ansible.cfg diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 07b6aff..5eb8417 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -79,6 +79,7 @@ steps: from_secret: deploy_path ANSIBLE_DEBUG: true PLUGIN_ANSIBLE_DEBUG: true + ANSIBLE_CONFIG: "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" when: branch: - master diff --git a/ansible.cfg b/ansible.cfg deleted file mode 100644 index 85b0558..0000000 --- a/ansible.cfg +++ /dev/null @@ -1,2 +0,0 @@ -[ssh_connection] -control_path_dir=/dev/shm/ansible_control_path \ No newline at end of file From 7c939624142390980a32240eed7c8e41672c0524 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:08:00 -0400 Subject: [PATCH 27/48] test --- .drone-kubernetes.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 5eb8417..784495e 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -80,6 +80,7 @@ steps: ANSIBLE_DEBUG: true PLUGIN_ANSIBLE_DEBUG: true ANSIBLE_CONFIG: "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" + PLUGIN_ANSIBLE_CONFIG: "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" when: branch: - master From 2461e7d5e976c6a44159315a8a25389f6f1be540 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:15:57 -0400 Subject: [PATCH 28/48] test --- .drone-kubernetes.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 784495e..1cc727a 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -28,6 +28,7 @@ steps: DEPLOY_PRIVATE_KEY: from_secret: deploy_ssh_key commands: + - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" > ~/.ansible.cfg - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env - echo "$DEPLOY_PRIVATE_KEY" > private.key && chmod 600 private.key @@ -79,8 +80,6 @@ steps: from_secret: deploy_path ANSIBLE_DEBUG: true PLUGIN_ANSIBLE_DEBUG: true - ANSIBLE_CONFIG: "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" - PLUGIN_ANSIBLE_CONFIG: "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" when: branch: - master From 6384975ca0e3da89461b55d6aff0127ef9a8f0e0 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:26:18 -0400 Subject: [PATCH 29/48] test --- .ansible-items/inventory | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 20b5a99..deae763 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -9,4 +9,5 @@ all: ansible_connection: ssh ansible_ssh_pass: test ansible_ssh_user: drone - ansible_ssh_private_key_file: /drone/src/private.key \ No newline at end of file + ansible_ssh_private_key_file: /drone/src/private.key + ansible_control_path: /dev/shm/ansible_control_path \ No newline at end of file From 398dce23b35f4d1cfcd0b28a2a92d97513c3ac9b Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:31:51 -0400 Subject: [PATCH 30/48] test --- .drone-kubernetes.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 1cc727a..29e3826 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -28,7 +28,7 @@ steps: DEPLOY_PRIVATE_KEY: from_secret: deploy_ssh_key commands: - - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" > ~/.ansible.cfg + - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" > /etc/ansible/ansible.cfg - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env - echo "$DEPLOY_PRIVATE_KEY" > private.key && chmod 600 private.key From 60dfa646cda7ab5997c7188430501a2ecb6aad03 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:54:13 -0400 Subject: [PATCH 31/48] test --- .drone-kubernetes.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 29e3826..3d11910 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -28,7 +28,7 @@ steps: DEPLOY_PRIVATE_KEY: from_secret: deploy_ssh_key commands: - - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path" > /etc/ansible/ansible.cfg + - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path\nssh_args=''" > /etc/ansible/ansible.cfg - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env - echo "$DEPLOY_PRIVATE_KEY" > private.key && chmod 600 private.key From eddf9a71397a3df72ca584eca28c31b0e3ca0f12 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:56:16 -0400 Subject: [PATCH 32/48] test --- .drone-kubernetes.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 3d11910..d914a4e 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -28,7 +28,6 @@ steps: DEPLOY_PRIVATE_KEY: from_secret: deploy_ssh_key commands: - - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path\nssh_args=''" > /etc/ansible/ansible.cfg - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env - echo "$DEPLOY_PRIVATE_KEY" > private.key && chmod 600 private.key @@ -59,6 +58,11 @@ steps: branch: - development +- name: add ansible config + image: ubuntu:impish + commands: + - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path\nssh_args=''" > /etc/ansible/ansible.cfg + - name: apply ansible playbook image: plugins/ansible:3 settings: From 64bcbac9e752a26985f2810eac599ddafe363355 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 14:57:01 -0400 Subject: [PATCH 33/48] test --- .drone-kubernetes.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index d914a4e..e1a9650 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -61,7 +61,7 @@ steps: - name: add ansible config image: ubuntu:impish commands: - - printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path\nssh_args=''" > /etc/ansible/ansible.cfg + - mkdir -p /etc/ansible && printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path\nssh_args=''" > /etc/ansible/ansible.cfg - name: apply ansible playbook image: plugins/ansible:3 From ce529e5595b85553604a1c8213d986cc0527ca1a Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 15:17:27 -0400 Subject: [PATCH 34/48] test --- .drone-kubernetes.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index e1a9650..adcb577 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -58,11 +58,6 @@ steps: branch: - development -- name: add ansible config - image: ubuntu:impish - commands: - - mkdir -p /etc/ansible && printf "[ssh_connection]\ncontrol_path_dir=/dev/shm/ansible_control_path\nssh_args=''" > /etc/ansible/ansible.cfg - - name: apply ansible playbook image: plugins/ansible:3 settings: @@ -84,6 +79,10 @@ steps: from_secret: deploy_path ANSIBLE_DEBUG: true PLUGIN_ANSIBLE_DEBUG: true + ANSIBLE_CONTROL_PATH: /dev/shm/ + PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ + ANSIBLE_SSH_ARGS: '' + PLUGIN_ANSIBLE_SSH_ARGS: '' when: branch: - master From 9dcc706d78fccfcf2455a71a00e5d73663acf46f Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 15:57:59 -0400 Subject: [PATCH 35/48] test --- .drone-kubernetes.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index adcb577..73e1d42 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -81,8 +81,8 @@ steps: PLUGIN_ANSIBLE_DEBUG: true ANSIBLE_CONTROL_PATH: /dev/shm/ PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ - ANSIBLE_SSH_ARGS: '' - PLUGIN_ANSIBLE_SSH_ARGS: '' + ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m' + PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m' when: branch: - master From fcde79ef1a01202426358f5dd2a9abf0abaf8bc1 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 16:01:34 -0400 Subject: [PATCH 36/48] test --- .drone-kubernetes.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 73e1d42..d1e45e8 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -81,8 +81,8 @@ steps: PLUGIN_ANSIBLE_DEBUG: true ANSIBLE_CONTROL_PATH: /dev/shm/ PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ - ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m' - PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m' + ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPath=/dev/shm/' + PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPath=/dev/shm/' when: branch: - master From fc7378b9a30cc2110e4e17e09dfe53c8a894d809 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 16:11:54 -0400 Subject: [PATCH 37/48] test --- .drone-kubernetes.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index d1e45e8..1b1c668 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -81,8 +81,8 @@ steps: PLUGIN_ANSIBLE_DEBUG: true ANSIBLE_CONTROL_PATH: /dev/shm/ PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ - ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPath=/dev/shm/' - PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPath=/dev/shm/' + ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPathDir=/dev/shm/ansible_control_path' + PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPathDir=/dev/shm/ansible_control_path' when: branch: - master From aafdbd8269b1ed419b35b24c2c5b3cc9226ae9b4 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 16:16:57 -0400 Subject: [PATCH 38/48] test --- .drone-kubernetes.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 1b1c668..7dab271 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -81,8 +81,8 @@ steps: PLUGIN_ANSIBLE_DEBUG: true ANSIBLE_CONTROL_PATH: /dev/shm/ PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ - ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPathDir=/dev/shm/ansible_control_path' - PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m ControlPathDir=/dev/shm/ansible_control_path' + ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPathDir=/dev/shm/ansible_control_path' + PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPathDir=/dev/shm/ansible_control_path' when: branch: - master From 9cbed5c9c3cca3e8afa6de0a3d553fa3d0130f74 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Tue, 2 Nov 2021 16:23:06 -0400 Subject: [PATCH 39/48] test --- .drone-kubernetes.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 7dab271..cca7c8b 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -81,8 +81,8 @@ steps: PLUGIN_ANSIBLE_DEBUG: true ANSIBLE_CONTROL_PATH: /dev/shm/ PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ - ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPathDir=/dev/shm/ansible_control_path' - PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPathDir=/dev/shm/ansible_control_path' + ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' + PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' when: branch: - master From 01a51e6bcc298d8af7dceb75f0431e794ccba985 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 14:12:38 -0400 Subject: [PATCH 40/48] test --- .ansible-items/inventory | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index deae763..c40d5b1 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,13 +1,11 @@ -all: - children: - host: - hosts: - {{ DEPLOY_HOSTNAME }} - vars: - ansible_host: {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} - ansible_user: {{ DEPLOY_USER }} - ansible_connection: ssh - ansible_ssh_pass: test - ansible_ssh_user: drone - ansible_ssh_private_key_file: /drone/src/private.key - ansible_control_path: /dev/shm/ansible_control_path \ No newline at end of file +[sptarkov] +{{ DEPLOY_HOSTNAME }} + +[sptarkov:vars] +ansible_host={{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} +ansible_user={{ DEPLOY_USER }} +ansible_connection=ssh +ansible_ssh_pass=test +ansible_ssh_user=drone +ansible_ssh_private_key_file=/drone/src/private.key +# ansible_control_path=/dev/shm/ansible_control_path \ No newline at end of file From 7170330e97fefb6aa67b6dd126d365eaf9545a38 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 14:16:40 -0400 Subject: [PATCH 41/48] test --- .ansible-items/inventory | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index c40d5b1..abe9f1a 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,8 +1,7 @@ [sptarkov] -{{ DEPLOY_HOSTNAME }} +{{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} [sptarkov:vars] -ansible_host={{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} ansible_user={{ DEPLOY_USER }} ansible_connection=ssh ansible_ssh_pass=test From 1c6b0e05ea3b2ae7b273886301ca7c13ae3c5002 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 14:19:06 -0400 Subject: [PATCH 42/48] test --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index abe9f1a..5be12fc 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,4 +1,4 @@ -[sptarkov] +[sptarkov:hosts] {{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} [sptarkov:vars] From d2b9d96b1827f960092f60aac777b84065cca7a1 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 15:39:58 -0400 Subject: [PATCH 43/48] test --- .ansible-items/inventory | 2 +- .ansible-items/playbook.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 5be12fc..6af410f 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -3,7 +3,7 @@ [sptarkov:vars] ansible_user={{ DEPLOY_USER }} -ansible_connection=ssh +ansible_connection=paramiki_ssh ansible_ssh_pass=test ansible_ssh_user=drone ansible_ssh_private_key_file=/drone/src/private.key diff --git a/.ansible-items/playbook.yml b/.ansible-items/playbook.yml index dea7313..d850b32 100644 --- a/.ansible-items/playbook.yml +++ b/.ansible-items/playbook.yml @@ -1,6 +1,6 @@ --- - name: install and configure PHP8 and composer - hosts: host + hosts: sptarkov tasks: - name: Delete spt-items-api before adding everything again From dff8a6d7ee759b3348946b5963cc462f49b24832 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 15:41:56 -0400 Subject: [PATCH 44/48] test --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 6af410f..6108253 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -3,7 +3,7 @@ [sptarkov:vars] ansible_user={{ DEPLOY_USER }} -ansible_connection=paramiki_ssh +ansible_connection=paramiko_ssh ansible_ssh_pass=test ansible_ssh_user=drone ansible_ssh_private_key_file=/drone/src/private.key From a2e7d50224cd750ec5dc517648415e9449bac9d6 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 15:45:25 -0400 Subject: [PATCH 45/48] test --- .ansible-items/inventory | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index 6108253..e5ab2cb 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,5 +1,5 @@ [sptarkov:hosts] -{{ DEPLOY_USER }}@{{ DEPLOY_HOSTNAME }} +{{ DEPLOY_HOSTNAME }} [sptarkov:vars] ansible_user={{ DEPLOY_USER }} From 4418e0b668ef0ec640e4f9431e90f8afb8008418 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 16:02:13 -0400 Subject: [PATCH 46/48] test --- .drone-kubernetes.yml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index cca7c8b..4c72eb1 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -65,24 +65,23 @@ steps: inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml timeout: 60 - verbose: 4 + # verbose: 4 environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOY_USER: + DEPLOYMENT_USER: from_secret: deploy_username - DEPLOY_USER_GROUP: + DEPLOYMENT_USER_GROUP: from_secret: deploy_user_group SPT_ITEMS_PATH: from_secret: deploy_path - ANSIBLE_DEBUG: true - PLUGIN_ANSIBLE_DEBUG: true - ANSIBLE_CONTROL_PATH: /dev/shm/ - PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ - ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' - PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' + # PLUGIN_ANSIBLE_DEBUG: true + # ANSIBLE_CONTROL_PATH: /dev/shm/ + # PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ + # ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' + # PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' when: branch: - master From 511263913c35ee9883d8110d6593a0aec5328360 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 16:30:17 -0400 Subject: [PATCH 47/48] test --- .ansible-items/inventory | 21 +++++++++++---------- .ansible-items/playbook.yml | 4 ++-- .drone-kubernetes.yml | 33 ++++++++++++++------------------- 3 files changed, 27 insertions(+), 31 deletions(-) diff --git a/.ansible-items/inventory b/.ansible-items/inventory index e5ab2cb..5301913 100644 --- a/.ansible-items/inventory +++ b/.ansible-items/inventory @@ -1,10 +1,11 @@ -[sptarkov:hosts] -{{ DEPLOY_HOSTNAME }} - -[sptarkov:vars] -ansible_user={{ DEPLOY_USER }} -ansible_connection=paramiko_ssh -ansible_ssh_pass=test -ansible_ssh_user=drone -ansible_ssh_private_key_file=/drone/src/private.key -# ansible_control_path=/dev/shm/ansible_control_path \ No newline at end of file +all: + children: + sptarkov: + hosts: + sp-tarkov: + ansible_host: {{ DEPLOY_HOSTNAME }} + ansible_user: {{ DEPLOY_USER }} + ansible_connection: paramiko_ssh + ansible_ssh_pass: {{ DEPLOY_SSH_KEY_PASSPHRASE }} + ansible_ssh_user: {{ DEPLOY_USER }} + ansible_ssh_private_key_file: /drone/src/private.key # Hardcoded because created by the Drone plugin \ No newline at end of file diff --git a/.ansible-items/playbook.yml b/.ansible-items/playbook.yml index d850b32..a727a10 100644 --- a/.ansible-items/playbook.yml +++ b/.ansible-items/playbook.yml @@ -36,8 +36,8 @@ - name: Reset files permissions file: path: "{{ lookup('env', 'SPT_ITEMS_PATH') }}" - owner: "{{ lookup('env', 'DEPLOYMENT_USER') }}" - group: "{{ lookup('env', 'DEPLOYMENT_USER_GROUP') }}" + owner: "{{ lookup('env', 'DEPLOY_USER') }}" + group: "{{ lookup('env', 'DEPLOY_USER_GROUP') }}" mode: 0774 recurse: yes diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 4c72eb1..0725d9a 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -35,17 +35,17 @@ steps: - sed -i 's/{{ DEPLOY_SSH_KEY_PASSPHRASE }}/'"$DEPLOY_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory - sed -i 's/{{ DEPLOY_USER }}/'"$DEPLOY_USER"'/g' ./.ansible-items/inventory -# - name: build frontend -# image: node:lts-alpine3.14 -# commands: -# - node -v -# - npm -v -# - yarn --version -# - yarn --cwd ./items/frontend install -# - yarn --cwd ./items/frontend build --pure-lockfile -# - rm -rf ./items/api/public/static/* -# - mv ./items/frontend/build/* ./items/api/public -# - rm ./items/api/public/index.html +- name: build frontend + image: node:lts-alpine3.14 + commands: + - node -v + - npm -v + - yarn --version + - yarn --cwd ./items/frontend install + - yarn --cwd ./items/frontend build --pure-lockfile + - rm -rf ./items/api/public/static/* + - mv ./items/frontend/build/* ./items/api/public + - rm ./items/api/public/index.html - name: check ansible syntax image: plugins/ansible:3 @@ -65,23 +65,18 @@ steps: inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml timeout: 60 - # verbose: 4 + verbose: 2 environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOYMENT_USER: + DEPLOY_USER: from_secret: deploy_username - DEPLOYMENT_USER_GROUP: + DEPLOY_USER_GROUP: from_secret: deploy_user_group SPT_ITEMS_PATH: from_secret: deploy_path - # PLUGIN_ANSIBLE_DEBUG: true - # ANSIBLE_CONTROL_PATH: /dev/shm/ - # PLUGIN_ANSIBLE_CONTROL_PATH: /dev/shm/ - # ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' - # PLUGIN_ANSIBLE_SSH_ARGS: '-C -o ControlMaster=auto -o ControlPersist=30m -o ControlPath=/dev/shm/' when: branch: - master From 5dffe6d309ef5f8b5fd94a9788498b08871b2d93 Mon Sep 17 00:00:00 2001 From: Mangiang Date: Wed, 3 Nov 2021 16:48:46 -0400 Subject: [PATCH 48/48] fix: add passphrase secret capabilities for SSH key --- .drone-docker.yml | 30 ++++++++++------ .drone-kubernetes.yml | 12 +++---- items/README.md | 1 + items/docs/Walkthrough.md | 73 ++++++++++++++++++++------------------- 4 files changed, 64 insertions(+), 52 deletions(-) diff --git a/.drone-docker.yml b/.drone-docker.yml index bf5adf1..b8a1747 100644 --- a/.drone-docker.yml +++ b/.drone-docker.yml @@ -21,13 +21,19 @@ steps: from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOYMENT_USER: + DEPLOY_USER: from_secret: deploy_username + DEPLOY_SSH_KEY_PASSPHRASE: + from_secret: deploy_ssh_key_passphrase + DEPLOY_PRIVATE_KEY: + from_secret: deploy_ssh_key commands: - - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - - mv ./items/frontend/.env.example ./items/frontend/.env - - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory - - sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory + - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example + - mv ./items/frontend/.env.example ./items/frontend/.env + - echo "$DEPLOY_PRIVATE_KEY" > private.key && chmod 600 private.key + - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOY_SSH_KEY_PASSPHRASE }}/'"$DEPLOY_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOY_USER }}/'"$DEPLOY_USER"'/g' ./.ansible-items/inventory - name: build frontend image: node:lts-alpine3.14 @@ -48,24 +54,26 @@ steps: inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml syntax_check: true + when: + branch: + - development + - name: apply ansible playbook image: plugins/ansible:3 settings: playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml - private_key: - from_secret: deploy_ssh_key - password: - from_secret: deploy_ssh_key_password + timeout: 60 + verbose: 2 environment: DEPLOY_HOSTNAME: from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOYMENT_USER: + DEPLOY_USER: from_secret: deploy_username - DEPLOYMENT_USER_GROUP: + DEPLOY_USER_GROUP: from_secret: deploy_user_group SPT_ITEMS_PATH: from_secret: deploy_path diff --git a/.drone-kubernetes.yml b/.drone-kubernetes.yml index 0725d9a..d2f8b75 100644 --- a/.drone-kubernetes.yml +++ b/.drone-kubernetes.yml @@ -17,16 +17,16 @@ steps: - name: replace hosts and user variables image: ubuntu:impish environment: - DEPLOY_HOSTNAME: - from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname + DEPLOY_HOSTNAME: + from_secret: deploy_hostname DEPLOY_USER: from_secret: deploy_username - DEPLOY_SSH_KEY_PASSPHRASE: - from_secret: deploy_ssh_key_passphrase DEPLOY_PRIVATE_KEY: from_secret: deploy_ssh_key + DEPLOY_SSH_KEY_PASSPHRASE: + from_secret: deploy_ssh_key_passphrase commands: - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - mv ./items/frontend/.env.example ./items/frontend/.env @@ -67,10 +67,10 @@ steps: timeout: 60 verbose: 2 environment: - DEPLOY_HOSTNAME: - from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname + DEPLOY_HOSTNAME: + from_secret: deploy_hostname DEPLOY_USER: from_secret: deploy_username DEPLOY_USER_GROUP: diff --git a/items/README.md b/items/README.md index 9b22418..181e465 100644 --- a/items/README.md +++ b/items/README.md @@ -14,6 +14,7 @@ | deploy_username | The default username to use on the remote server
used by Ansible SSH | www-data | | deploy_user_group | The default user group to use on the remote server
used to set permission on the website folder | www-data | | deploy_ssh_key | The **content** of the ssh private key used to connect to the remote server
The key needs to be in RSA in "RSA PRIVATE KEY" format
The ssh publick key needs to already be in the user used in the remote server ~/.ssh/authorized_keys | -----BEGIN RSA PRIVATE KEY-----
The key
-----END RSA PRIVATE KEY----- | +| deploy_ssh_key_passphrase | The passphrase to decrypt the SSH private key | test | ## ⚠ Important notes for the deployment ⚠ * Add all required secrets in Drone diff --git a/items/docs/Walkthrough.md b/items/docs/Walkthrough.md index ce56bac..85ef636 100644 --- a/items/docs/Walkthrough.md +++ b/items/docs/Walkthrough.md @@ -4,7 +4,6 @@ * [Overview](#overview) * [Pipeline definition](#pipeline-definition) * [Pipeline concurrency](#pipeline-concurrency) -* [Environment variables](#environment-variables) * [Triggers](#triggers) * [Steps](#steps) * [Fetch and update submodules](#Fetch-and-update-submodules) @@ -46,13 +45,6 @@ concurrency: ``` The pipeline is set to only one build at a time (every subsequent build with be pending). -## Environment variables -```yml -environment: - SPT_ITEMS_PATH: /var/www/html/aki/spt-items-api -``` -Here are the environment variables. They are automatically injected in every step. - ## Triggers ```yml trigger: @@ -70,24 +62,31 @@ The pipeline is run on every push only on branches `master`, `main` and `develop - name: replace hosts and user variables image: ubuntu:impish environment: - DEPLOY_HOSTNAME: - from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOYMENT_USER: + DEPLOY_HOSTNAME: + from_secret: deploy_hostname + DEPLOY_USER: from_secret: deploy_username + DEPLOY_PRIVATE_KEY: + from_secret: deploy_ssh_key + DEPLOY_SSH_KEY_PASSPHRASE: + from_secret: deploy_ssh_key_passphrase commands: - - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example - - mv ./items/frontend/.env.example ./items/frontend/.env - - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory - - sed -i 's/{{ DEPLOYMENT_USER }}/'"$DEPLOYMENT_USER"'/g' ./.ansible-items/inventory + - sed -i 's/{{ SPT_ITEMS_HOSTNAME }}/'"$SPT_ITEMS_HOSTNAME"'/g' ./items/frontend/.env.example + - mv ./items/frontend/.env.example ./items/frontend/.env + - echo "$DEPLOY_PRIVATE_KEY" > private.key && chmod 600 private.key + - sed -i 's/{{ DEPLOY_HOSTNAME }}/'"$DEPLOY_HOSTNAME"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOY_SSH_KEY_PASSPHRASE }}/'"$DEPLOY_SSH_KEY_PASSPHRASE"'/g' ./.ansible-items/inventory + - sed -i 's/{{ DEPLOY_USER }}/'"$DEPLOY_USER"'/g' ./.ansible-items/inventory ``` Executed on every push. \ The following environment variables are injected using Drone secrets: * `SPT_ITEMS_HOSTNAME` is used by the frontend to call the backend. * `DEPLOY_HOSTNAME` is used by Ansible to connect to the remote server via SSH. - * `DEPLOYMENT_USER` is used by Ansible to connect to the remote server via SSH. - * all environment variables at the pipeline level (see [Environment variables](#environment-variables)) + * `DEPLOY_USER` is used by Ansible to connect to the remote server via SSH. + * `DEPLOY_PRIVATE_KEY` is the SSH key used to connect to the remote server via SSH + * `DEPLOY_SSH_KEY_PASSPHRASE` is the SSH key passphrase Using `sed` makes temporary changes in the container/pod instead of commiting secrets in the repo in plain text. \ The changes are never pushed and are discarded when the container/pod is terminated. @@ -133,15 +132,19 @@ Check the Ansible syntax in [playbook.yml](../.ansible/playbook.yml), [inventory playbook: ./.ansible-items/playbook.yml inventory: ./.ansible-items/inventory galaxy: ./.ansible-items/requirements.yml - private_key: - from_secret: deploy_ssh_key + timeout: 60 + verbose: 2 environment: - DEPLOY_HOSTNAME: - from_secret: deploy_hostname SPT_ITEMS_HOSTNAME: from_secret: spt_items_hostname - DEPLOYMENT_USER: + DEPLOY_HOSTNAME: + from_secret: deploy_hostname + DEPLOY_USER: from_secret: deploy_username + DEPLOY_USER_GROUP: + from_secret: deploy_user_group + SPT_ITEMS_PATH: + from_secret: deploy_path when: branch: - master @@ -153,14 +156,15 @@ This step is [idempotent](https://en.wikipedia.org/wiki/Idempotence). \ The following environment variables are injected using Drone secrets: * `SPT_ITEMS_HOSTNAME` is used by the PHP env file. * `DEPLOY_HOSTNAME` is used to connect to the remote server via SSH. - * `DEPLOYMENT_USER` is used to connect to the remote server via SSH. - * all environment variables at the pipeline level (see [Environment variables](#environment-variables)) + * `DEPLOY_USER` is used to connect to the remote server via SSH. + * `DEPLOY_USER_GROUP` is the user group, used to give read/write/execute permissions to the whole group. It must be the same as Nginx's user. + * `SPT_ITEMS_PATH` is the path on the remote server where the files will be copyed to. #### Playbook definition ```yml -hosts: host +hosts: sptarkov ``` -Uses the host defined in [inventory](../.ansible/inventory). Remember, the step [Replace hosts and user variables](#replace-hosts-and-user-variables) already replaced the variables at this point. The playbook will be executed as `root` user using `sudo`. +Uses the host defined in [inventory](../.ansible/inventory). Remember, the step [Replace hosts and user variables](#replace-hosts-and-user-variables) already replaced the variables at this point. #### Delete old spt-items-api ```yml @@ -170,7 +174,7 @@ Uses the host defined in [inventory](../.ansible/inventory). Remember, the step path: "{{ lookup('env', 'SPT_ITEMS_PATH') }}" ``` Since the copy does not override the folder, this step takes care of it. \ -`SPT_ITEMS_PATH` is injected thanks to the pipeline level environment variables (see [Environment variables](#environment-variables)) +`SPT_ITEMS_PATH` is injected in the environments properties (see [Apply ansible playbook](#apply-ansible-playbook)) #### Copy the project ```yml @@ -189,7 +193,7 @@ Copies the whole project (frontend and backend) from the [api](../api) folder in dest: "{{ lookup('env', 'SPT_ITEMS_PATH') }}/.env" ``` Uses [Jinja2](https://jinja2docs.readthedocs.io/en/stable/) to resolve the [template for the PHP .env file](../.ansible/templates/.php_env.j2). \ -`SPT_ITEMS_PATH` is injected thanks to the pipeline level environment variables (see [Environment variables](#environment-variables)). \ +`SPT_ITEMS_PATH` is injected in the environments properties (see [Apply ansible playbook](#apply-ansible-playbook)) \ `SPT_ITEMS_HOSTNAME` is injected in the environments properties (see [Apply ansible playbook](#apply-ansible-playbook)) #### Get JavaScript chunks name @@ -200,7 +204,7 @@ Uses [Jinja2](https://jinja2docs.readthedocs.io/en/stable/) to resolve the [temp register: find_output ``` Prepare a find of all JavaScript chunk files for the [app.blade.php.j2](../.ansible/templates/app.blade.php.j2) template. \ -`SPT_ITEMS_PATH` is injected thanks to the pipeline level environment variables (see [Environment variables](#environment-variables)). +`SPT_ITEMS_PATH` is injected in the environments properties (see [Apply ansible playbook](#apply-ansible-playbook)) #### Get file names from find output ```yml @@ -218,7 +222,7 @@ Splits the string containing the list of all JavaScript chunk files for the [app dest: "{{ lookup('env', 'SPT_ITEMS_PATH') }}/resources/views/app.blade.php" ``` Uses [Jinja2](https://jinja2docs.readthedocs.io/en/stable/) to resolve the [template for the PHP app.blade.php file](../.ansible/templates/app.blade.php.j2). \ -`SPT_ITEMS_PATH` is injected thanks to the pipeline level environment variables (see [Environment variables](#environment-variables)). +`SPT_ITEMS_PATH` is injected in the environments properties (see [Apply ansible playbook](#apply-ansible-playbook)). #### Download and install composer dependencies ```yml @@ -233,17 +237,16 @@ Uses [Jinja2](https://jinja2docs.readthedocs.io/en/stable/) to resolve the [temp - name: Reset files permissions file: path: "{{ lookup('env', 'SPT_ITEMS_PATH') }}" - owner: "{{ lookup('env', 'DEPLOYMENT_USER') }}" - group: www-data + owner: "{{ lookup('env', 'DEPLOY_USER') }}" + group: "{{ lookup('env', 'DEPLOY_USER_GROUP') }}" mode: 0774 recurse: yes ``` Permissions 0644: * user: read/write/execute - * group: read + * group: read/write/execute (for Nginx to execute the php as well as write in the Laravel logs) * other: read -`www-data` is hardcoded here but it should be the standard user for Apache and Nginx. \ -`SPT_ITEMS_PATH` is injected thanks to the pipeline level environment variables (see [Environment variables](#environment-variables)). +`SPT_ITEMS_PATH` is injected in the environments properties (see [Apply ansible playbook](#apply-ansible-playbook)). #### Initialize database ```yml