From 93333c3598681afa08dac67e7ddb3b6f0fc06a28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A1=D0=B5=D1=80=D0=B3=D0=B5=D0=B9=20=D0=90=D0=BD=D1=82?= =?UTF-8?q?=D1=80=D0=BE=D0=BF=D0=BE=D0=B2?= Date: Wed, 5 Mar 2025 15:53:41 +0300 Subject: [PATCH] =?UTF-8?q?=D0=A8=D1=82init=20commit?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .idea/.gitignore | 8 ++ .idea/misc.xml | 6 + Dockerfile | 24 ++++ Makefile | 110 ++++++++++++++++++ ansible.cfg | 6 + .../molecule/default/docker-compose.yml | 0 ansible_role/molecule/default/molecule.yml | 26 +++++ ansible_role/plybook.yaml | 6 + ansible_role/tasks/main.yaml | 0 docker-compose.yaml | 16 +++ inventory/hosts | 6 + requirements.yaml | 5 + vault_password_file | 1 + 13 files changed, 214 insertions(+) create mode 100644 .idea/.gitignore create mode 100644 .idea/misc.xml create mode 100644 Dockerfile create mode 100644 Makefile create mode 100644 ansible.cfg create mode 100644 ansible_role/molecule/default/docker-compose.yml create mode 100644 ansible_role/molecule/default/molecule.yml create mode 100644 ansible_role/plybook.yaml create mode 100644 ansible_role/tasks/main.yaml create mode 100644 docker-compose.yaml create mode 100644 inventory/hosts create mode 100644 requirements.yaml create mode 100644 vault_password_file diff --git a/.idea/.gitignore b/.idea/.gitignore new file mode 100644 index 0000000..13566b8 --- /dev/null +++ b/.idea/.gitignore @@ -0,0 +1,8 @@ +# Default ignored files +/shelf/ +/workspace.xml +# Editor-based HTTP Client requests +/httpRequests/ +# Datasource local storage ignored files +/dataSources/ +/dataSources.local.xml diff --git a/.idea/misc.xml b/.idea/misc.xml new file mode 100644 index 0000000..8df3993 --- /dev/null +++ b/.idea/misc.xml @@ -0,0 +1,6 @@ + + + + + \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..8041c1d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,24 @@ +FROM python:3.9-slim + +# Устанавливаем зависимости +RUN apt-get update && apt-get install -y \ + git \ + curl \ + docker.io \ + docker-compose \ + && rm -rf /var/lib/apt/lists/* + +# Устанавливаем Ansible, Molecule и Ansible Vault +RUN pip install --no-cache-dir ansible ansible-vault molecule docker molecule-docker + +# Устанавливаем Docker CLI +RUN curl -fsSL https://get.docker.com | sh + +# Устанавливаем рабочую директорию +WORKDIR /workspace + +# Устанавливаем роль из Ansible Galaxy (пример: geerlingguy.nginx) +#RUN ansible-galaxy role install geerlingguy.nginx + +# Указываем команду по умолчанию +CMD ["molecule", "--version"] diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..2015f03 --- /dev/null +++ b/Makefile @@ -0,0 +1,110 @@ +# Переменные +ROLE_NAME ?= my_new_role +VAULT_PASSWORD_FILE ?= vault_password_file +INVENTORY ?= /workspace/inventory/hosts # Путь к инвентори внутри контейнера +PLAYBOOK ?= /workspace/role/playbook.yml # Путь к playbook внутри контейнера + +#################################################################################################### +# Управление контейнерами с помощью docker compose +#################################################################################################### +# Сборка docker-образов +build: + docker compose build $(c) + +# Пересборка docker-образов +rebuild: + docker compose build --no-cache $(c) + docker compose down + docker compose up -d + +# Создание и запуск docker-контейнеров +up: + docker compose up -d + +# Остановка и УДАЛЕНИЕ docker-контейнеров +down: + docker compose down + +# Остановка docker-контейнеров +stop: + docker compose stop $(c) + +# Запуск docker-контейнеров +start: + docker compose start $(c) + +# Перезапуск docker-контейнеров +restart: down up + +# Удаление docker-контейнеров с вольюмами +destroy: + docker compose down --volumes --remove-orphans && rm -rf data/*/ + +# Удаление docker-контейнеров с полной очисткой неактивных контейнеров +prune: + docker system prune -af + +# Показать список контейнеров +ps: + docker compose ps + +# Все логи конейнеров +logs: + docker compose logs --tail=100 -f $(c) + +shell: + docker compose exec ansible-molecule bash + + +# Запуск тестов Molecule +test: + docker compose run --rm ansible-molecule sh -c "molecule test" + #docker compose run --rm ansible-molecule sh -c "molecule --help" + +# Установка зависимостей из requirements.yml +dependencies: + docker compose run --rm ansible-molecule sh -c "ansible-galaxy role install -r /workspace/requirements.yml" + +# Создание новой роли с помощью Molecule +create: + docker compose run --rm ansible-molecule sh -c "molecule create" + +# Шифрование файла с помощью Ansible Vault +encrypt: + docker compose run --rm ansible-molecule sh -c "ansible-vault encrypt --vault-password-file /workspace/$(VAULT_PASSWORD_FILE) /workspace/role/$(FILE)" + +# Расшифровка файла с помощью Ansible Vault +decrypt: + docker compose run --rm ansible-molecule sh -c "ansible-vault decrypt --vault-password-file /workspace/$(VAULT_PASSWORD_FILE) /workspace/role/$(FILE)" + +# Просмотр зашифрованного файла +view: + docker compose run --rm ansible-molecule sh -c "ansible-vault view --vault-password-file /workspace/$(VAULT_PASSWORD_FILE) /workspace/role/$(FILE)" + +# Запуск роли на реальных серверах +deploy: + docker compose run --rm ansible-molecule sh -c "ansible-playbook -i $(INVENTORY) $(PLAYBOOK) --vault-password-file /workspace/$(VAULT_PASSWORD_FILE)" + +#################################################################################################### +# Работа с Git +#################################################################################################### +push: +# git config --global user.email "sergey@antropoff.ru" +# git config --global user.name "Sergey Antropoff" + git branch + @read -p "Выберите ветку для пуша: " BRANCH; \ + read -p "Введите описание коммита: " COMMIT; \ + commitname=$$COMMIT; \ + git add . ; \ + git commit -m "$$commitname"; \ + git push -u origin $$BRANCH; \ + echo "Изменения внесены в Git" + +pull: + git pull + +new-branch: + git checkout branch $(name) + +branch: + git checkout $(name) diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..263f728 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,6 @@ +[defaults] +inventory = /workspace/inventory +vault_password_file = /workspace/vault_password_file +remote_user = devops +host_key_checking = False +enable_plugins = yaml, ini \ No newline at end of file diff --git a/ansible_role/molecule/default/docker-compose.yml b/ansible_role/molecule/default/docker-compose.yml new file mode 100644 index 0000000..e69de29 diff --git a/ansible_role/molecule/default/molecule.yml b/ansible_role/molecule/default/molecule.yml new file mode 100644 index 0000000..cafb687 --- /dev/null +++ b/ansible_role/molecule/default/molecule.yml @@ -0,0 +1,26 @@ +--- +dependency: + name: galaxy +driver: + name: docker +platforms: + - name: web1 + image: geerlingguy/docker-ubuntu2004-ansible:latest + pre_build_image: true + groups: + - webservers + - name: db1 + image: geerlingguy/docker-ubuntu2004-ansible:latest + pre_build_image: true + groups: + - dbservers +provisioner: + name: ansible + inventory: + group_vars: + webservers: + ansible_user: root + dbservers: + ansible_user: root +verifier: + name: ansible \ No newline at end of file diff --git a/ansible_role/plybook.yaml b/ansible_role/plybook.yaml new file mode 100644 index 0000000..46f1731 --- /dev/null +++ b/ansible_role/plybook.yaml @@ -0,0 +1,6 @@ +--- +- name: Apply my_ansible_role to servers + hosts: all # Используем все хосты из инвентори + become: yes # Повышаем привилегии (sudo) + roles: + - role: my_ansible_role # Указываем имя вашей роли \ No newline at end of file diff --git a/ansible_role/tasks/main.yaml b/ansible_role/tasks/main.yaml new file mode 100644 index 0000000..e69de29 diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..d8fa860 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,16 @@ +services: + ansible-molecule: + build: + context: . + dockerfile: Dockerfile + container_name: ansible-molecule + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./ansible_role:/workspace/role # Монтируем роль + - ./inventory:/workspace/inventory # Монтируем инвентори + - ./ansible.cfg:/etc/ansible/ansible.cfg # Монтируем конфиг Ansible + - ./vault_password_file:/workspace/vault_password_file # Монтируем файл с паролем для Vault + - ./requirements.yaml:/workspace/requirements.yml # Монтируем файл с зависимостями + working_dir: /workspace/role + command: > + sh -c "ansible-galaxy role install -r /workspace/requirements.yml && molecule test" \ No newline at end of file diff --git a/inventory/hosts b/inventory/hosts new file mode 100644 index 0000000..1a36ab7 --- /dev/null +++ b/inventory/hosts @@ -0,0 +1,6 @@ +[webservers] +server1 ansible_host=192.168.1.10 ansible_user=ubuntu +server2 ansible_host=192.168.1.11 ansible_user=ubuntu + +[dbservers] +server3 ansible_host=192.168.1.12 ansible_user=ubuntu \ No newline at end of file diff --git a/requirements.yaml b/requirements.yaml new file mode 100644 index 0000000..df49557 --- /dev/null +++ b/requirements.yaml @@ -0,0 +1,5 @@ +--- +- src: geerlingguy.nginx + version: 3.1.0 +- src: geerlingguy.docker + version: 6.0.1 \ No newline at end of file diff --git a/vault_password_file b/vault_password_file new file mode 100644 index 0000000..2d27916 --- /dev/null +++ b/vault_password_file @@ -0,0 +1 @@ +password123 \ No newline at end of file