From 0ee82ab2901aabfbb24914f7112c5017d7692d14 Mon Sep 17 00:00:00 2001 From: jefferyfry Date: Thu, 11 Jun 2020 19:56:13 -0700 Subject: [PATCH] Updated READMEs. Fixed Centos nginx install. Changed directory structure. --- Ansible/README.md | 50 +++++++-- Ansible/collection/README.md | 87 --------------- Ansible/collection/jfrog/ansible/README.md | 105 ++++++++++++++++++ .../roles/artifactory-nginx/tasks/Debian.yml | 3 + .../roles/artifactory-nginx/tasks/RedHat.yml | 7 ++ .../roles/artifactory-nginx/tasks/main.yml | 3 + .../host_vars}/rt-ha/hosts.yml | 1 + .../host_vars}/rt-xray-ha/hosts.yml | 2 + .../host_vars}/rt-xray/hosts.yml | 2 + .../host_vars}/rt/hosts.yml | 1 + .../host_vars}/ssl/hosts.yml | 1 + .../host_vars}/xray/hosts.yml | 1 + .../playbook-rt-ha.yml} | 5 +- .../playbook-rt-xray.yml} | 0 .../playbook.yml => examples/playbook-rt.yml} | 0 .../playbook-ssl.yml} | 0 .../playbook-xray.yml} | 0 Ansible/pipelines.yaml | 4 + Ansible/project/rt-ha/playbook.yml | 11 -- Ansible/project/rt-xray-auto-keys/hosts.yml | 40 ------- .../project/rt-xray-auto-keys/playbook.yml | 18 --- .../rt-xray-auto-keys/runAutoKeysPlaybook.sh | 3 - .../project/rt-xray-ha-ssh-proxy/hosts.yml | 60 ---------- Ansible/project/rt-xray-ha/playbook.yml | 12 -- Ansible/project/rt/runPlaybook.sh | 3 - Ansible/test/aws/playbook.yaml | 3 + Ansible/test/azure/playbook.yaml | 3 + 27 files changed, 178 insertions(+), 247 deletions(-) delete mode 100644 Ansible/collection/README.md create mode 100644 Ansible/collection/jfrog/ansible/README.md create mode 100644 Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/Debian.yml create mode 100644 Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/RedHat.yml rename Ansible/{project => examples/host_vars}/rt-ha/hosts.yml (97%) rename Ansible/{project => examples/host_vars}/rt-xray-ha/hosts.yml (96%) rename Ansible/{project => examples/host_vars}/rt-xray/hosts.yml (95%) rename Ansible/{project => examples/host_vars}/rt/hosts.yml (95%) rename Ansible/{project => examples/host_vars}/ssl/hosts.yml (97%) rename Ansible/{project => examples/host_vars}/xray/hosts.yml (94%) rename Ansible/{project/rt-xray-ha-ssh-proxy/playbook.yml => examples/playbook-rt-ha.yml} (74%) rename Ansible/{project/rt-xray/playbook.yml => examples/playbook-rt-xray.yml} (100%) rename Ansible/{project/rt/playbook.yml => examples/playbook-rt.yml} (100%) rename Ansible/{project/ssl/playbook.yml => examples/playbook-ssl.yml} (100%) rename Ansible/{project/xray/playbook.yml => examples/playbook-xray.yml} (100%) delete mode 100644 Ansible/project/rt-ha/playbook.yml delete mode 100644 Ansible/project/rt-xray-auto-keys/hosts.yml delete mode 100644 Ansible/project/rt-xray-auto-keys/playbook.yml delete mode 100755 Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh delete mode 100644 Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml delete mode 100644 Ansible/project/rt-xray-ha/playbook.yml delete mode 100755 Ansible/project/rt/runPlaybook.sh diff --git a/Ansible/README.md b/Ansible/README.md index ec8c616..7903b00 100644 --- a/Ansible/README.md +++ b/Ansible/README.md @@ -3,8 +3,8 @@ This Ansible directory consists of the following directories that support the JFrog Ansible collection. * [collection directory](collection) - This directory contains the Ansible collection package that has the Ansible roles for Artifactory and Xray. See the collection [README](collection/README.md) for details on the available roles and variables. + * [examples directory](examples) - This directory contains example playbooks for various architectures from single Artifactory (RT) deployments to high-availability setups. * [infra directory](infra) - This directory contains example infrastructure templates that can be used for testing and as example deployments. - * [project directory](project) - This directory contains example playbooks for various architectures from single Artifactory (RT) deployments to high-availability setups. * [test directory](test) - This directory contains Gradle tests that can be used to verify a deployment. It also has Ansible playbooks for creating infrastructure, provisioning software and testing with Gradle. ## Getting Started @@ -17,19 +17,51 @@ collections_paths = ~/.ansible/collections:/usr/share/ansible/collections:collec # Installs roles into [current dir]/roles/namespace.rolename roles_path = Ansible/collection/jfrog/ansible/roles ``` - 2. Ansible uses SSH to connect to hosts. Ensure that your SSH private key is on your client and the public keys are installed on your Ansible hosts. If you are using a bastion host, you can add the following Ansible variable to allow proxying through the bastion host. - ``` - ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A user@host -W %h:%p"' + 2. Ansible uses SSH to connect to hosts. Ensure that your SSH private key is on your client and the public keys are installed on your Ansible hosts. - eg. - ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' - ``` - 3. Create your inventory file. Use one of the examples from the [project directory](project) to construct an inventory file (hosts.yml) with the host addresses and variables. + 3. Create your inventory file. Use one of the examples from the [examples directory](examples) to construct an inventory file (hosts.yml) with the host addresses and variables. - 4. Create your playbook. Use one of the examples from the [project directory](project) to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software. + 4. Create your playbook. Use one of the examples from the [examples directory](examples) to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software. 5. Then execute with the following command to provision the JFrog software with Ansible. Variables can also be passed in at the command-line. ``` ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" +``` + +## Autogenerating Master and Join Keys +You may want to auto-generate your master amd join keys and apply it to all the nodes. + +``` +ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" +``` + +## Using [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) to Encrypt Vars +Some vars you may want to keep secret. You may put these vars into a separate file and encrypt them using [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html). + +``` +ansible-vault encrypt secret-vars.yml --vault-password-file ~/.vault_pass.txt +``` + +then in your playbook include the secret vars file. + +``` +- hosts: primary + + vars_files: + - ./vars/secret-vars.yml + - ./vars/vars.yml + + roles: + - artifactory +``` + +## Bastion Hosts +In many cases, you may want to run this Ansible collection through a Bastion host to provision JFrog servers. You can include the following Var for a host or group of hosts: + +``` +ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A user@host -W %h:%p"' + +eg. +ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' ``` \ No newline at end of file diff --git a/Ansible/collection/README.md b/Ansible/collection/README.md deleted file mode 100644 index 1913bd9..0000000 --- a/Ansible/collection/README.md +++ /dev/null @@ -1,87 +0,0 @@ -# Ansible -This repo contains the Ansible collection for JFrog roles. These roles allow you to provision Artifactory for High-Availability using a Primary node and multiple Secondary nodes. Additionally, a Postgresql role is provided for installing an Artifactory Postgresql database. - -## Roles Provided -### artifactory -The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory-nginx to install nginx. - -### artifactory-nginx-ssl -The artifactory-nginx-ssl role installs and configures nginx for SSL. - -### postgres -The postgres role will install Postgresql software and configure a database and user to support an Artifactory or Xray server. - -### xray -The xray role will install Xray software onto the host. An Artifactory server and Postgress database is required. - -## Vars Required -The following Vars must be configured. - -### databsase vars -* db_users: This is a list of database users to create. eg. db_users: - { db_user: "artifactory", db_password: "Art1fAct0ry" } -* dbs: This is the database to create. eg. dbs: - { db_name: "artifactory", db_owner: "artifactory" } - -### artifactory vars -* artifactory_version: The version of Artifactory to install. eg. "7.4.1" -* master_key: This is the Artifactory Master Key. -* join_key: This is the Artifactory Join Key. -* db_download_url: This is the download URL for the JDBC driver for your database. eg. "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" -* db_type: This is the database type. eg. "postgresql" -* db_driver: This is the JDBC driver class. eg. "org.postgresql.Driver" -* db_url: This is the JDBC database url. eg. "jdbc:postgresql://10.0.0.120:5432/artifactory" -* db_user: The database user to configure. eg. "artifactory" -* db_password: The database password to configure. "Art1fact0ry" -* server_name: This is the server name. eg. "artifactory.54.175.51.178.xip.io" -* system_file: Your own system YAML file can be specified and used. If specified, this file will be used rather than constructing a file from the parameters above. -* binary_store_file: Your own binary store file can be used. If specified, the default cluster-file-system will not be used. - -### primary vars -* artifactory_is_primary: For the primary node this must be set to **true**. -* artifactory_license1 - 5: These are the cluster licenses. -* artifactory_license_file: Your own license file can be used. If specified, a license file constructed from the licenses above will not be used. - -### secondary vars -* artifactory_is_primary: For the secondary node(s) this must be set to **false**. - -### ssl vars (Used with artifactory-nginx-ssl role) -* certificate: This is the SSL cert. -* certificate_key: This is the SSL private key. - -### xray vars -* xray_version: The version of Artifactory to install. eg. "3.3.0" -* jfrog_url: This is the URL to the Artifactory base URL. eg. "http://ec2-54-237-207-135.compute-1.amazonaws.com" -* master_key: This is the Artifactory Master Key. -* join_key: This is the Artifactory Join Key. -* db_type: This is the database type. eg. "postgresql" -* db_driver: This is the JDBC driver class. eg. "org.postgresql.Driver" -* db_url: This is the database url. eg. "postgres://10.0.0.59:5432/xraydb?sslmode=disable" -* db_user: The database user to configure. eg. "xray" -* db_password: The database password to configure. "xray" - -## Example Inventory and Playbooks -Example playbooks are located in the [project](../project) directory. This directory contains several example inventory and plaaybooks for different Artifactory, HA and Xray architectures. - -## Executing a Playbook -``` -ansible-playbook -i - -eg. - ansible-playbook -i example-playbooks/rt-xray-ha/hosts.yml example-playbooks/rt-xray-ha/playbook.yml -``` - -## Autogenerating Master and Join Keys -You may want to auto-generate your master amd join keys and apply it to all the nodes. - -``` -ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" -``` - -## Bastion Hosts -In many cases, you may want to run this Ansible collection through a Bastion host to provision JFrog servers. You can include the following Var for a host or group of hosts: - -``` -ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A user@host -W %h:%p"' - -eg. -ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' -``` \ No newline at end of file diff --git a/Ansible/collection/jfrog/ansible/README.md b/Ansible/collection/jfrog/ansible/README.md new file mode 100644 index 0000000..2dc13bd --- /dev/null +++ b/Ansible/collection/jfrog/ansible/README.md @@ -0,0 +1,105 @@ +# Ansible +This repo contains the Ansible collection for JFrog roles. These roles allow you to provision Artifactory for High-Availability using a Primary node and multiple Secondary nodes. Additionally, a Postgresql role is provided for installing an Artifactory Postgresql database. + +## Roles Provided +### artifactory +The artifactory role installs the Artifactory Pro software onto the host. Per the Vars below, it will configure a node as primary or secondary. This role uses secondary roles artifactory-nginx to install nginx. + +### artifactory-nginx-ssl +The artifactory-nginx-ssl role installs and configures nginx for SSL. + +### postgres +The postgres role will install Postgresql software and configure a database and user to support an Artifactory or Xray server. + +### xray +The xray role will install Xray software onto the host. An Artifactory server and Postgress database is required. + +## Vars Required +The following Vars must be configured. + +### databsase vars +* _db_users_: This is a list of database users to create. eg. db_users: - { db_user: "artifactory", db_password: "Art1fAct0ry" } +* _dbs_: This is the database to create. eg. dbs: - { db_name: "artifactory", db_owner: "artifactory" } + +### artifactory vars +* _artifactory_version_: The version of Artifactory to install. eg. "7.4.1" +* _master_key_: This is the Artifactory [Master Key](https://www.jfrog.com/confluence/display/JFROG/Managing+Keys). See below to [autogenerate this key](#autogenerating-master-and-join-keys). +* _join_key_: This is the Artifactory [Join Key](https://www.jfrog.com/confluence/display/JFROG/Managing+Keys). See below to [autogenerate this key](#autogenerating-master-and-join-keys). +* _db_download_url_: This is the download URL for the JDBC driver for your database. eg. "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" +* _db_type_: This is the database type. eg. "postgresql" +* _db_driver_: This is the JDBC driver class. eg. "org.postgresql.Driver" +* _db_url_: This is the JDBC database url. eg. "jdbc:postgresql://10.0.0.120:5432/artifactory" +* _db_user_: The database user to configure. eg. "artifactory" +* _db_password_: The database password to configure. "Art1fact0ry" +* _server_name_: This is the server name. eg. "artifactory.54.175.51.178.xip.io" +* _system_file_: Your own [system YAML](https://www.jfrog.com/confluence/display/JFROG/System+YAML+Configuration+File) file can be specified and used. **If specified, this file will be used rather than constructing a file from the parameters above.** +* _binary_store_file_: Your own [binary store file](https://www.jfrog.com/confluence/display/JFROG/Configuring+the+Filestore) can be used. If specified, the default cluster-file-system will not be used. + +### primary vars +* _artifactory_is_primary_: For the primary node this must be set to **true**. +* _artifactory_license1 - 5_: These are the cluster licenses. +* _artifactory_license_file_: Your own license file can be used. **If specified, a license file constructed from the licenses above will not be used.** + +### secondary vars +* _artifactory_is_primary_: For the secondary node(s) this must be set to **false**. + +### ssl vars (Used with artifactory-nginx-ssl role) +* _certificate_: This is the SSL cert. +* _certificate_key_: This is the SSL private key. + +### xray vars +* _xray_version_: The version of Artifactory to install. eg. "3.3.0" +* _jfrog_url_: This is the URL to the Artifactory base URL. eg. "http://ec2-54-237-207-135.compute-1.amazonaws.com" +* _master_key_: This is the Artifactory [Master Key](https://www.jfrog.com/confluence/display/JFROG/Managing+Keys). See below to [autogenerate this key](#autogenerating-master-and-join-keys). +* _join_key_: This is the Artifactory [Join Key](https://www.jfrog.com/confluence/display/JFROG/Managing+Keys). See below to [autogenerate this key](#autogenerating-master-and-join-keys). +* _db_type_: This is the database type. eg. "postgresql" +* _db_driver_: This is the JDBC driver class. eg. "org.postgresql.Driver" +* _db_url_: This is the database url. eg. "postgres://10.0.0.59:5432/xraydb?sslmode=disable" +* _db_user_: The database user to configure. eg. "xray" +* _db_password_: The database password to configure. "xray" +* _system_file_: Your own [system YAML](https://www.jfrog.com/confluence/display/JFROG/System+YAML+Configuration+File) file can be specified and used. If specified, this file will be used rather than constructing a file from the parameters above. + +## Example Inventory and Playbooks +Example playbooks are located in the [examples](../examples) directory. This directory contains several example inventory and playbooks for different Artifactory, HA and Xray architectures. + +## Executing a Playbook +``` +ansible-playbook -i +``` + +## Autogenerating Master and Join Keys +You may want to auto-generate your master amd join keys and apply it to all the nodes. + +``` +ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" +``` + +## Using [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html) to Encrypt Vars +Some vars you may want to keep secret. You may put these vars into a separate file and encrypt them using [Ansible Vault](https://docs.ansible.com/ansible/latest/user_guide/vault.html). + +``` +ansible-vault encrypt secret-vars.yml --vault-password-file ~/.vault_pass.txt +``` + +then in your playbook include the secret vars file. + +``` +- hosts: primary + + vars_files: + - ./vars/secret-vars.yml + - ./vars/vars.yml + + roles: + - artifactory +``` + +## Bastion Hosts +In many cases, you may want to run this Ansible collection through a Bastion host to provision JFrog servers. You can include the following Var for a host or group of hosts: + +``` +ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A user@host -W %h:%p"' + +eg. +ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' +``` \ No newline at end of file diff --git a/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/Debian.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/Debian.yml new file mode 100644 index 0000000..83a3149 --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/Debian.yml @@ -0,0 +1,3 @@ +--- +# No dependencies for Debian + diff --git a/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/RedHat.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/RedHat.yml new file mode 100644 index 0000000..707c10d --- /dev/null +++ b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/RedHat.yml @@ -0,0 +1,7 @@ +--- +- name: epel-release + yum: + name: epel-release + state: present + become: yes + diff --git a/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/main.yml b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/main.yml index 5146b14..d3c27c2 100644 --- a/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/main.yml +++ b/Ansible/collection/jfrog/ansible/roles/artifactory-nginx/tasks/main.yml @@ -1,4 +1,7 @@ --- +- name: perform dependency installation + include_tasks: "{{ ansible_os_family }}.yml" + - name: install nginx package: name: nginx diff --git a/Ansible/project/rt-ha/hosts.yml b/Ansible/examples/host_vars/rt-ha/hosts.yml similarity index 97% rename from Ansible/project/rt-ha/hosts.yml rename to Ansible/examples/host_vars/rt-ha/hosts.yml index 6246c53..66a6be5 100644 --- a/Ansible/project/rt-ha/hosts.yml +++ b/Ansible/examples/host_vars/rt-ha/hosts.yml @@ -14,6 +14,7 @@ all: - { db_name: "artifactory", db_owner: "artifactory" } artifactory: vars: + artifactory_version: 7.4.1 artifactory_ha_enabled: true master_key: "c97b862469de0d94fbb7d48130637a5a" join_key: "9bcca98f375c0728d907cc6ee39d4f02" diff --git a/Ansible/project/rt-xray-ha/hosts.yml b/Ansible/examples/host_vars/rt-xray-ha/hosts.yml similarity index 96% rename from Ansible/project/rt-xray-ha/hosts.yml rename to Ansible/examples/host_vars/rt-xray-ha/hosts.yml index 0a79555..796305c 100644 --- a/Ansible/project/rt-xray-ha/hosts.yml +++ b/Ansible/examples/host_vars/rt-xray-ha/hosts.yml @@ -20,6 +20,7 @@ all: - { db_user: "xray", db_password: "xray" } artifactory: vars: + artifactory_version: 7.4.1 artifactory_ha_enabled: true master_key: "c97b862469de0d94fbb7d48130637a5a" join_key: "9bcca98f375c0728d907cc6ee39d4f02" @@ -42,6 +43,7 @@ all: artifactory_license5: x xray: vars: + xray_version: 3.3.0 jfrog_url: http://ec2-18-210-33-94.compute-1.amazonaws.com master_key: "c97b862469de0d94fbb7d48130637a5a" join_key: "9bcca98f375c0728d907cc6ee39d4f02" diff --git a/Ansible/project/rt-xray/hosts.yml b/Ansible/examples/host_vars/rt-xray/hosts.yml similarity index 95% rename from Ansible/project/rt-xray/hosts.yml rename to Ansible/examples/host_vars/rt-xray/hosts.yml index c553954..3fac82c 100644 --- a/Ansible/project/rt-xray/hosts.yml +++ b/Ansible/examples/host_vars/rt-xray/hosts.yml @@ -16,6 +16,7 @@ all: artifactory: hosts: 54.237.207.135: + artifactory_version: 7.4.1 artifactory_license1: x artifactory_license2: x artifactory_license3: x @@ -33,6 +34,7 @@ all: xray: hosts: 100.25.104.174: + xray_version: 3.3.0 jfrog_url: "http://ec2-54-237-207-135.compute-1.amazonaws.com" master_key: "c97b862469de0d94fbb7d48130637a5a" join_key: "9bcca98f375c0728d907cc6ee39d4f02" diff --git a/Ansible/project/rt/hosts.yml b/Ansible/examples/host_vars/rt/hosts.yml similarity index 95% rename from Ansible/project/rt/hosts.yml rename to Ansible/examples/host_vars/rt/hosts.yml index 42dab9b..f030ff6 100644 --- a/Ansible/project/rt/hosts.yml +++ b/Ansible/examples/host_vars/rt/hosts.yml @@ -13,6 +13,7 @@ all: primary: hosts: 54.165.47.191: + artifactory_version: 7.4.1 artifactory_is_primary: true artifactory_license_file: "{{ lookup('env', 'artifactory_license_file') }}" db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" diff --git a/Ansible/project/ssl/hosts.yml b/Ansible/examples/host_vars/ssl/hosts.yml similarity index 97% rename from Ansible/project/ssl/hosts.yml rename to Ansible/examples/host_vars/ssl/hosts.yml index c6c8f9f..c51aa1b 100644 --- a/Ansible/project/ssl/hosts.yml +++ b/Ansible/examples/host_vars/ssl/hosts.yml @@ -14,6 +14,7 @@ all: primary: hosts: 100.25.104.198: + artifactory_version: 7.4.1 artifactory_is_primary: true artifactory_license1: x artifactory_license2: x diff --git a/Ansible/project/xray/hosts.yml b/Ansible/examples/host_vars/xray/hosts.yml similarity index 94% rename from Ansible/project/xray/hosts.yml rename to Ansible/examples/host_vars/xray/hosts.yml index 6f70d9a..a4acffc 100644 --- a/Ansible/project/xray/hosts.yml +++ b/Ansible/examples/host_vars/xray/hosts.yml @@ -5,6 +5,7 @@ all: children: xray: vars: + xray_version: 3.3.0 jfrog_url: http://ec2-18-210-33-94.compute-1.amazonaws.com master_key: "c97b862469de0d94fbb7d48130637a5a" join_key: "9bcca98f375c0728d907cc6ee39d4f02" diff --git a/Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml b/Ansible/examples/playbook-rt-ha.yml similarity index 74% rename from Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml rename to Ansible/examples/playbook-rt-ha.yml index 825fe0b..73c4791 100644 --- a/Ansible/project/rt-xray-ha-ssh-proxy/playbook.yml +++ b/Ansible/examples/playbook-rt-ha.yml @@ -6,7 +6,4 @@ - hosts: primary:secondary roles: - artifactory - -- hosts: xray - roles: - - xray \ No newline at end of file + - artifactory-nginx-ssl \ No newline at end of file diff --git a/Ansible/project/rt-xray/playbook.yml b/Ansible/examples/playbook-rt-xray.yml similarity index 100% rename from Ansible/project/rt-xray/playbook.yml rename to Ansible/examples/playbook-rt-xray.yml diff --git a/Ansible/project/rt/playbook.yml b/Ansible/examples/playbook-rt.yml similarity index 100% rename from Ansible/project/rt/playbook.yml rename to Ansible/examples/playbook-rt.yml diff --git a/Ansible/project/ssl/playbook.yml b/Ansible/examples/playbook-ssl.yml similarity index 100% rename from Ansible/project/ssl/playbook.yml rename to Ansible/examples/playbook-ssl.yml diff --git a/Ansible/project/xray/playbook.yml b/Ansible/examples/playbook-xray.yml similarity index 100% rename from Ansible/project/xray/playbook.yml rename to Ansible/examples/playbook-xray.yml diff --git a/Ansible/pipelines.yaml b/Ansible/pipelines.yaml index 3fd14a5..7c0f343 100644 --- a/Ansible/pipelines.yaml +++ b/Ansible/pipelines.yaml @@ -36,6 +36,8 @@ pipelines: - sudo pip install boto3 botocore - cd ../dependencyState/resources/ansibleRepo - echo 'Setting environment variables...' + - export artifactory_version="$int_ansibleEnvVars_artifactory_version" + - export xray_version="$int_ansibleEnvVars_xray_version" - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" @@ -82,6 +84,8 @@ pipelines: - sudo pip install ansible[azure] - cd ../dependencyState/resources/ansibleRepo - echo 'Setting environment variables...' + - export artifactory_version="$int_ansibleEnvVars_artifactory_version" + - export xray_version="$int_ansibleEnvVars_xray_version" - export artifactory_license1="$int_ansibleEnvVars_artifactory_license1" - export artifactory_license2="$int_ansibleEnvVars_artifactory_license2" - export artifactory_license3="$int_ansibleEnvVars_artifactory_license3" diff --git a/Ansible/project/rt-ha/playbook.yml b/Ansible/project/rt-ha/playbook.yml deleted file mode 100644 index ae9639e..0000000 --- a/Ansible/project/rt-ha/playbook.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- hosts: database - gather_facts: true - roles: - - jfrog/ansible/roles/postgres - -- hosts: primary:secondary - gather_facts: true - roles: - - jfrog/ansible/roles/artifactory - - jfrog/ansible/roles/artifactory-nginx-ssl \ No newline at end of file diff --git a/Ansible/project/rt-xray-auto-keys/hosts.yml b/Ansible/project/rt-xray-auto-keys/hosts.yml deleted file mode 100644 index 76babec..0000000 --- a/Ansible/project/rt-xray-auto-keys/hosts.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -all: - vars: - ansible_user: "ubuntu" - ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" - ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@13.82.225.20 -W %h:%p"' - children: - database: - hosts: - 34.239.107.0: - dbs: - - { db_name: "artifactory", db_owner: "artifactory" } - - { db_name: "xraydb", db_owner: "xray" } - db_users: - - { db_user: "artifactory", db_password: "Art1fAct0ry" } - - { db_user: "xray", db_password: "xray" } - artifactory: - hosts: - 54.237.207.135: - artifactory_license1: x - artifactory_license2: x - artifactory_license3: x - artifactory_license4: x - artifactory_license5: x - db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" - db_type: "postgresql" - db_driver: "org.postgresql.Driver" - db_url: "jdbc:postgresql://10.0.0.59:5432/artifactory" - db_user: "artifactory" - db_password: "Art1fAct0ry" - server_name: "ec2-54-237-207-135.compute-1.amazonaws.com" - xray: - hosts: - 100.25.104.174: - jfrog_url: "http://ec2-54-237-207-135.compute-1.amazonaws.com" - db_type: "postgresql" - db_driver: "org.postgresql.Driver" - db_url: "postgres://10.0.0.59:5432/xraydb?sslmode=disable" - db_user: "xray" - db_password: "xray" diff --git a/Ansible/project/rt-xray-auto-keys/playbook.yml b/Ansible/project/rt-xray-auto-keys/playbook.yml deleted file mode 100644 index 2e99018..0000000 --- a/Ansible/project/rt-xray-auto-keys/playbook.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- debug: - var: master_key - -- debug: - var: join_key - -- hosts: database - roles: - - postgres - -- hosts: artifactory - roles: - - artifactory - -- hosts: xray - roles: - - xray \ No newline at end of file diff --git a/Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh b/Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh deleted file mode 100755 index 0949cb0..0000000 --- a/Ansible/project/rt-xray-auto-keys/runAutoKeysPlaybook.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env bash - -ansible-playbook -i hosts.yml playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" \ No newline at end of file diff --git a/Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml b/Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml deleted file mode 100644 index 8651299..0000000 --- a/Ansible/project/rt-xray-ha-ssh-proxy/hosts.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- -all: - vars: - ansible_user: "ubuntu" - ansible_ssh_private_key_file: "/Users/jefff/.ssh/ansible-priv.pem" - ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@13.82.225.20 -W %h:%p"' - children: - database: - hosts: - #artifactory database - 10.0.0.6: - db_users: - - { db_user: "artifactory", db_password: "Art1fAct0ry" } - dbs: - - { db_name: "artifactory", db_owner: "artifactory" } - #xray database - 10.0.0.4: - dbs: - - { db_name: "xraydb", db_owner: "xray" } - db_users: - - { db_user: "xray", db_password: "xray" } - artifactory: - vars: - artifactory_ha_enabled: true - master_key: "c97b862469de0d94fbb7d48130637a5a" - join_key: "9bcca98f375c0728d907cc6ee39d4f02" - db_download_url: "https://jdbc.postgresql.org/download/postgresql-42.2.12.jar" - db_type: "postgresql" - db_driver: "org.postgresql.Driver" - db_url: "jdbc:postgresql://10.0.0.6:5432/artifactory" - db_user: "artifactory" - db_password: "Art1fAct0ry" - server_name: "rt.13.82.225.208.xip.io" - children: - primary: - hosts: - 10.0.0.8: - artifactory_is_primary: true - artifactory_license1: x - artifactory_license2: x - artifactory_license3: x - artifactory_license4: x - artifactory_license5: x - secondary: - hosts: - 10.0.0.9: - vars: - artifactory_is_primary: false - xray: - vars: - jfrog_url: http://rt.13.82.225.208.xip.io/ - master_key: "c97b862469de0d94fbb7d48130637a5a" - join_key: "9bcca98f375c0728d907cc6ee39d4f02" - db_type: "postgresql" - db_driver: "org.postgresql.Driver" - db_url: "postgres://10.0.0.4:5432/xraydb?sslmode=disable" - db_user: "xray" - db_password: "xray" - hosts: - 10.0.0.5: diff --git a/Ansible/project/rt-xray-ha/playbook.yml b/Ansible/project/rt-xray-ha/playbook.yml deleted file mode 100644 index b25f3af..0000000 --- a/Ansible/project/rt-xray-ha/playbook.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- hosts: database - roles: - - postgres - -- hosts: primary - roles: - - artifactory - -- hosts: xray - roles: - - xray \ No newline at end of file diff --git a/Ansible/project/rt/runPlaybook.sh b/Ansible/project/rt/runPlaybook.sh deleted file mode 100755 index 1c5d200..0000000 --- a/Ansible/project/rt/runPlaybook.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env bash - -ansible-playbook -i Ansible/project/rt/hosts.yml Ansible/project/rt/playbook.yml --extra-vars "master_key=$(openssl rand -hex 16) join_key=$(openssl rand -hex 16)" \ No newline at end of file diff --git a/Ansible/test/aws/playbook.yaml b/Ansible/test/aws/playbook.yaml index fafe557..a859072 100644 --- a/Ansible/test/aws/playbook.yaml +++ b/Ansible/test/aws/playbook.yaml @@ -33,6 +33,7 @@ hostname: "{{ AWSDeployment.stack_outputs.RTPriInstancePrivate }}" ansible_user: "ubuntu" ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ AWSDeployment.stack_outputs.BastionInstancePublic }} -W %h:%p"' + artifactory_version: "{{ lookup('env', 'artifactory_version') }}" db_url: "jdbc:postgresql://{{ AWSDeployment.stack_outputs.DBInstancePrivate }}:5432/artifactory" server_name: "{{ AWSDeployment.stack_outputs.ALBHostName }}" artifactory_is_primary: true @@ -47,6 +48,7 @@ hostname: "{{ AWSDeployment.stack_outputs.RTSecInstancePrivate }}" ansible_user: "ubuntu" ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ AWSDeployment.stack_outputs.BastionInstancePublic }} -W %h:%p"' + artifactory_version: "{{ lookup('env', 'artifactory_version') }}" db_url: "jdbc:postgresql://{{ AWSDeployment.stack_outputs.DBInstancePrivate }}:5432/artifactory" server_name: "{{ AWSDeployment.stack_outputs.ALBHostName }}" artifactory_is_primary: false @@ -58,6 +60,7 @@ hostname: "{{ AWSDeployment.stack_outputs.XrayInstancePrivate }}" ansible_user: "ubuntu" ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ AWSDeployment.stack_outputs.BastionInstancePublic }} -W %h:%p"' + xray_version: "{{ lookup('env', 'xray_version') }}" jfrog_url: "http://{{ AWSDeployment.stack_outputs.ALBHostName }}" master_key: "{{ lookup('env', 'master_key') }}" join_key: "{{ lookup('env', 'join_key') }}" diff --git a/Ansible/test/azure/playbook.yaml b/Ansible/test/azure/playbook.yaml index f4eb24a..6304319 100644 --- a/Ansible/test/azure/playbook.yaml +++ b/Ansible/test/azure/playbook.yaml @@ -44,6 +44,7 @@ hostname: "{{ azureDeployment.deployment.outputs.vmArtPriIp.value }}" ansible_user: "ubuntu" ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' + artifactory_version: "{{ lookup('env', 'artifactory_version') }}" db_url: "jdbc:postgresql://{{ azureDeployment.deployment.outputs.vmDbArrIp.value[0] }}:5432/artifactory" server_name: "rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" artifactory_is_primary: true @@ -58,6 +59,7 @@ hostname: "{{ item }}" ansible_user: "ubuntu" ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' + artifactory_version: "{{ lookup('env', 'artifactory_version') }}" db_url: "jdbc:postgresql://{{ azureDeployment.deployment.outputs.vmDbArrIp.value[0] }}:5432/artifactory" server_name: "rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" artifactory_is_primary: false @@ -70,6 +72,7 @@ hostname: "{{ item }}" ansible_user: "ubuntu" ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -A ubuntu@{{ azureDeployment.deployment.outputs.lbIp.value }} -W %h:%p"' + xray_version: "{{ lookup('env', 'xray_version') }}" jfrog_url: "http://rt.{{ azureDeployment.deployment.outputs.lbIp.value }}.xip.io" master_key: "{{ lookup('env', 'master_key') }}" join_key: "{{ lookup('env', 'join_key') }}"