onjen/hetzner-ha-wordpress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add loadbalancer to playbook using new caddy role

Browse Source
This commit is contained in:
Johannes Rothe 2023-09-14 22:59:08 +02:00
parent 7e00e22c27
commit f62a53e476
Signed by: onjen
GPG Key ID: 73F092605AF3286C
6 changed files with 78 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/group_vars/lb Normal file
View File

@ -0,0 +1 @@
ansible_ssh_user: root

24
ansible/playbook.yaml
View File

@ -21,13 +21,32 @@
- "alt.pub"
register: tf_out
- debug: var=tf_out
- add_host:
name: "{{ item.key }}"
ansible_host: "{{ item.value }}"
group: web
loop: "{{ tf_out.outputs.server_ips.value | dict2items }}"
- name: Setup LEMP stack
- add_host:
name: "lb"
ansible_host: "{{ tf_out.outputs.lb_public_ip.value }}"
group: lb
- name: Setup loadbalancer
hosts: lb
vars:
caddy:
server_name: wordpress-jr.senecops.com
lb_targets:
- 10.0.0.3:80
- 10.0.0.4:80
- 10.0.0.5:80
roles:
- caddy
- name: Setup LEMP stack on application servers
hosts: web
vars_files:
- vault.yaml
@ -51,7 +70,8 @@
- 10.0.0.5
mysql:
replication_user: replica_user
replication_master: web1
replication_master_hostname: web1
replication_master_ip: 10.0.0.3
replication_slaves:
- web2
- web3

45
ansible/roles/caddy/tasks/main.yaml Normal file
View File

@ -0,0 +1,45 @@
---
- name: Install required packages
ansible.builtin.apt:
update_cache: true
cache_valid_time: 3600
name:
- debian-keyring
- debian-archive-keyring
- apt-transport-https
become: true
- name: Fetch gpg key
ansible.builtin.apt_key:
url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
id: 155B6D79CA56EA34
keyring: /usr/share/keyrings/caddy-stable-archive-keyring.gpg
become: true
- name: Add specified repository into sources list using specified filename
ansible.builtin.apt_repository:
repo: "deb [signed-by=/usr/share/keyrings/caddy-stable-archive-keyring.gpg] https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main"
state: present
filename: caddy-stable
- name: Install caddy
ansible.builtin.apt:
update_cache: true
cache_valid_time: 3600
name:
- caddy
become: true
- name: Write Caddyfile
ansible.builtin.template:
src: "Caddyfile.j2"
dest: "/etc/caddy/Caddyfile"
mode: "0644"
become: true
- name: Start service
ansible.builtin.service:
name: caddy
state: restarted
enabled: true
become: true

5
ansible/roles/caddy/templates/Caddyfile.j2 Normal file
View File

@ -0,0 +1,5 @@
{{ caddy.server_name }} {
reverse_proxy {{ caddy.lb_targets | join(" ") }} {
lb_policy cookie
}
}

8
ansible/roles/mysql-replication/tasks/main.yaml
View File

@ -26,7 +26,7 @@
"*.*": "REPLICATION SLAVE"
login_unix_socket: /var/run/mysqld/mysqld.sock
become: true
when: mysql.replication_master in ansible_all_ipv4_addresses
when: ansible_hostname == mysql.replication_master_hostname
- name: Get master replication status
community.mysql.mysql_replication:
@ -34,7 +34,7 @@
login_password: "{{ mysql_root_password }}"
mode: getmaster
register: repl_stat
when: ansible_hostname == mysql.replication_master
when: ansible_hostname == mysql.replication_master_hostname
- debug: var=repl_stat
@ -52,12 +52,12 @@
login_user: root
login_password: "{{ mysql_root_password }}"
mode: changemaster
master_host: "{{ mysql.replication_master }}"
master_host: "{{ mysql.replication_master_ip }}"
master_log_file: "{{ hostvars['web1'].repl_stat.File }}"
master_log_pos: "{{ hostvars['web1'].repl_stat.Position }}"
master_user: "{{ mysql.replication_user }}"
master_password: "{{ mysql_replication_pass }}"
when: ansible_hostname in mysql.replication_slaves and not slave.Is_Slave
when: ansible_hostname in mysql.replication_slaves
- name: Start slave replication
community.mysql.mysql_replication:

2
ansible/roles/mysql-replication/templates/mysql.cnf.j2
View File

@ -1,6 +1,6 @@
[mysqld]
bind-address = "0.0.0.0"
{% if ansible_hostname == mysql.replication_master %}
{% if ansible_hostname == mysql.replication_master_hostname %}
server-id = 1
expire_logs_days = 10
max_binlog_size = 100M