From ab7a3ac46df60673c4f0a91431b7ac08944cf5ec Mon Sep 17 00:00:00 2001
From: dannc <dannc.sao@gmail.com>
Date: Mon, 1 Aug 2022 10:22:00 +0700
Subject: [PATCH] initial: create ansible role

---
 .gitignore                         |  1 +
 README.md                          | 39 ++++++++++++++++++++
 defaults/main.yml                  |  6 ++++
 handlers/main.yml                  |  2 ++
 meta/main.yml                      | 12 +++++++
 tasks/main.yml                     | 58 ++++++++++++++++++++++++++++++
 templates/nginx.conf.j2            | 28 +++++++++++++++
 templates/nginx.lighthouse.conf.j2 | 10 ++++++
 tests/inventory                    |  2 ++
 tests/test.yml                     |  5 +++
 vars/main.yml                      |  2 ++
 11 files changed, 165 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 defaults/main.yml
 create mode 100644 handlers/main.yml
 create mode 100644 meta/main.yml
 create mode 100644 tasks/main.yml
 create mode 100644 templates/nginx.conf.j2
 create mode 100644 templates/nginx.lighthouse.conf.j2
 create mode 100644 tests/inventory
 create mode 100644 tests/test.yml
 create mode 100644 vars/main.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a09c56d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/.idea
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..1d70b29
--- /dev/null
+++ b/README.md
@@ -0,0 +1,39 @@
+ansible-lighthouse
+=========
+
+Данный playbook устанавливает `lighthouse` (доступ через webserver `nginx`).
+
+Requirements
+------------
+
+None
+
+Role Variables
+--------------
+
+- `nginx_username` - имя пользователя, из-под которого будет запущен процесс `nginx`
+- `lighthouse_vcs` - путь до репозитория `lighthouse`
+- `lighthouse_vcs_version` - версия внутри репозитория `lighthouse` (хэш коммита)
+- `lighthouse_location` - путь до директории с `lighthouse`
+- `lighthouse_access_log_name` - название лог-файла `nginx` для web-сервиса `lighthouse`
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+```yaml
+---
+- name: lighthouse
+  hosts: lighthouse
+  roles:
+    - lighthouse
+```
+
+License
+-------
+
+BSD
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..2c56356
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+nginx_username: user
+lighthouse_vcs: https://github.com/VKCOM/lighthouse.git
+lighthouse_vcs_version: d701335c25cd1bb9b5155711190bad8ab852c2ce
+lighthouse_location: /var/www/lighthouse
+lighthouse_access_log_name: lighthouse
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..33e1274
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for lighthouse
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..6ff22be
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,12 @@
+galaxy_info:
+  author: dannc
+  description: install web server and lighthouse
+  company: ""
+  license: BSD-3-Clause
+  min_ansible_version: "2.1"
+  platforms:
+    - name: EL
+      versions:
+        - all
+  galaxy_tags: []
+dependencies: []
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..acbc302
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,58 @@
+---
+- name: lighthouse | install dependencies
+  become: true
+  ansible.builtin.yum:
+    name:
+      - git
+      - epel-release
+- name: lighthouse | create nginx site dir
+  become: true
+  ansible.builtin.file:
+    mode: "755"
+    owner: "{{ ansible_effective_user_id  }}"
+    group: "{{ ansible_effective_group_id  }}"
+    path: "/var/www"
+    state: "directory"
+- name: lighthouse | clone repository
+  ansible.builtin.git:
+    repo: "{{ lighthouse_vcs }}"
+    dest: "{{ lighthouse_location }}"
+    version: "{{ lighthouse_vcs_version }}"
+- name: lighthouse | config selinux
+  become: true
+  ansible.builtin.command:
+    cmd: chcon -Rt httpd_sys_content_t /var/www
+  changed_when: false
+- name: lighthouse | install nginx
+  become: true
+  ansible.builtin.yum:
+    name: nginx
+    state: present
+- name: lighthouse | create nginx log dir
+  become: true
+  ansible.builtin.file:
+    mode: "755"
+    owner: "{{ ansible_effective_user_id }}"
+    group: "{{ ansible_effective_group_id }}"
+    path: "/var/log/nginx"
+    state: "directory"
+- name: lighthouse | nginx template config
+  become: true
+  ansible.builtin.template:
+    src: "templates/nginx.conf.j2"
+    dest: "/etc/nginx/nginx.conf"
+    mode: "755"
+- name: lighthouse | nginx lighthouse config
+  become: true
+  ansible.builtin.template:
+    src: "templates/nginx.lighthouse.conf.j2"
+    dest: "/etc/nginx/conf.d/lighthouse.conf"
+    mode: "755"
+- name: lighthouse | start nginx service
+  become: true
+  ansible.builtin.service:
+    name: nginx
+    state: started
+- name: lighthouse | check service is accessible
+  ansible.builtin.uri:
+    url: http://localhost
diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2
new file mode 100644
index 0000000..0ee6dce
--- /dev/null
+++ b/templates/nginx.conf.j2
@@ -0,0 +1,28 @@
+user  {{ nginx_username }};
+
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 4096;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/templates/nginx.lighthouse.conf.j2 b/templates/nginx.lighthouse.conf.j2
new file mode 100644
index 0000000..af77598
--- /dev/null
+++ b/templates/nginx.lighthouse.conf.j2
@@ -0,0 +1,10 @@
+server {
+    listen 80;
+
+    access_log /var/log/nginx/{{ lighthouse_access_log_name }}.log;
+
+    location / {
+        root {{ lighthouse_location }};
+        index index.html;
+    }
+}
diff --git a/tests/inventory b/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/tests/test.yml b/tests/test.yml
new file mode 100644
index 0000000..c77aeab
--- /dev/null
+++ b/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - lighthouse
diff --git a/vars/main.yml b/vars/main.yml
new file mode 100644
index 0000000..8cf38c9
--- /dev/null
+++ b/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for lighthouse