From 66f54f67450f06d4afefa2282486ad6b51b10328 Mon Sep 17 00:00:00 2001
From: bilalelhasnaoui <bilal.elhasnaoui@polytech-lille.net>
Date: Wed, 27 Mar 2024 09:56:48 +0100
Subject: [PATCH] inventory & playbooks configuration
---
group_vars/all.yml | 2 ++
inventory.ini | 8 ++---
playbooks/nginx_install.yml | 8 +++++
playbooks/postgreSQL.yml | 65 ++++++++++++++++++++++++++++++++++
playbooks/vars/vault_pass.txt | 1 +
roles/posgresql/tasks/main.yml | 48 +++++++++++++++++++++++++
test | 0
7 files changed, 128 insertions(+), 4 deletions(-)
create mode 100644 playbooks/nginx_install.yml
create mode 100644 playbooks/postgreSQL.yml
create mode 100644 playbooks/vars/vault_pass.txt
create mode 100644 roles/posgresql/tasks/main.yml
delete mode 100644 test
diff --git a/group_vars/all.yml b/group_vars/all.yml
index ac2fc20..ee5eebd 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -13,3 +13,5 @@ root_user:
default_root_keys:
- name: thomas-ed25519
key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPrw78OSJACq5MFXHrhAr2bPpnTNxwLE85mzij8gKmCs thomas@thonkpad
+ - name: g7_key-ed25519
+ key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFH+M4GLKYVf/hThCQ+DwJXYqEb7THVkfqqnVh32DAOI pifou@zabeth11
diff --git a/inventory.ini b/inventory.ini
index f1035a8..2415171 100644
--- a/inventory.ini
+++ b/inventory.ini
@@ -1,10 +1,10 @@
[all]
# Replace this with your hostname and IP address
-your-db-host.local ansible_ssh_host="1.2.3.4"
-your-synapse-host.local ansible_ssh_host="5.6.7.8"
+172.26.145.114
+172.26.145.115
[db]
-your-db-host.local ansible_ssh_host="1.2.3.4"
+172.26.145.114
[synapse]
-your-synapse-host.local ansible_ssh_host="5.6.7.8"
+172.26.145.115
diff --git a/playbooks/nginx_install.yml b/playbooks/nginx_install.yml
new file mode 100644
index 0000000..a8ddc3d
--- /dev/null
+++ b/playbooks/nginx_install.yml
@@ -0,0 +1,8 @@
+- hosts: all
+ tasks:
+ - name: ensure nginx is at the latest version
+ apt: name=nginx state=latest
+ - name: start nginx
+ service:
+ name: nginx
+ state: started
diff --git a/playbooks/postgreSQL.yml b/playbooks/postgreSQL.yml
new file mode 100644
index 0000000..9a2aee4
--- /dev/null
+++ b/playbooks/postgreSQL.yml
@@ -0,0 +1,65 @@
+---
+- name: Deploy PostgreSQL for Synapse and Mastodon
+ hosts: db
+ become: true
+ vars:
+ postgres_user: "g7_user"
+ postgres_password: !vault |
+ $ANSIBLE_VAULT;1.1;AES256
+ 37373966353338626633323534386166303737636437656538343565666466343235356335623433
+ 3265323931383161383731643166363239313330616537370a366636373630656130356162356436
+ 33303136373838636133313064326561613438353134396435393030373335663038366130663238
+ 3463323232333365360a373761363962383065626533373933316166323439643266656132326331
+ 3335
+ postgres_db: "g7_db"
+ postgres_netmask: "0.0.0.0/0"
+
+ tasks:
+ - name: Install PostgreSQL and Python3 psycopg2
+ apt:
+ name:
+ - postgresql
+ - python3-psycopg2
+ state: present
+
+ - name: Ensure PostgreSQL configuration allows connections from any IP address
+ community.postgresql.postgresql_pg_hba:
+ dest: /var/lib/postgres/data/pg_hba.conf
+ databases: all
+ users: all
+ address: "{{ postgres_netmask }}"
+ method: scram-sha-256
+ notify: Restart PostgreSQL
+ become: true
+
+ - name: Update PostgreSQL configuration to listen on all interfaces
+ lineinfile:
+ path: /etc/postgresql/15/main/postgresql.conf
+ regexp: '^#?listen_addresses\s*='
+ line: "listen_addresses '*'"
+ notify: Restart PostgreSQL
+ become: true
+
+ - name: Create PostgreSQL database user
+ community.postgresql.postgresql_user:
+ name: "{{ postgres_user }}"
+ password: "{{ postgres_password }}"
+ state: present
+ become: true
+
+ - name: Create PostgreSQL database
+ community.postgresql.postgresql_db:
+ name: "{{ postgres_db }}"
+ owner: "{{ postgres_user }}"
+ encoding: "UTF-8"
+ lc_collate: "C"
+ lc_ctype: "C"
+ state: present
+ #become: true
+ become_user: postgres
+ become: true
+ handlers:
+ - name: Restart PostgreSQL
+ systemd:
+ name: postgresql
+ state: restarted
diff --git a/playbooks/vars/vault_pass.txt b/playbooks/vars/vault_pass.txt
new file mode 100644
index 0000000..bb5aec1
--- /dev/null
+++ b/playbooks/vars/vault_pass.txt
@@ -0,0 +1 @@
+glopglop
diff --git a/roles/posgresql/tasks/main.yml b/roles/posgresql/tasks/main.yml
new file mode 100644
index 0000000..520e816
--- /dev/null
+++ b/roles/posgresql/tasks/main.yml
@@ -0,0 +1,48 @@
+---
+- name: Ensure required packages are installed
+ apt:
+ name: "{{ item }}"
+ state: present
+ loop:
+ - postgresql
+ - python3-psycopg2
+
+- name: Ensure PostgreSQL is running and enabled
+ service:
+ name: postgresql
+ state: started
+ enabled: yes
+
+- name: Allow connections to PostgreSQL from all IP addresses
+ become: yes
+ lineinfile:
+ path: /etc/postgresql/15/main/pg_hba.conf
+ line: "host all all 0.0.0.0/0 scram-sha-256"
+ insertafter: EOF
+
+- name: Update listen_addresses in postgresql.conf
+ become: yes
+ lineinfile:
+ path: /etc/postgresql/15/main/postgresql.conf
+ regexp: "^#?listen_addresses = 'localhost'"
+ line: "listen_addresses = '*'"
+
+- name: Restart PostgreSQL service to apply changes
+ become: yes
+ service:
+ name: postgresql
+ state: restarted
+
+- name: Create PostgreSQL user and database for Synapse
+ become: yes
+ postgresql_db:
+ name: synapse
+ encoding: UTF-8
+ lc_collate: C
+ lc_ctype: C
+ vars:
+ postgresql_user: synapse
+ postgresql_password: "{{ synapse_postgresql_password }}"
+ login_user: postgres
+ login_password: "{{ postgresql_postgres_password }}"
+ login_host: localhost
diff --git a/test b/test
deleted file mode 100644
index e69de29..0000000
--
GitLab