Go to file
2023-03-07 22:05:01 +01:00
group_vars/all User Fedder's TrueNAS for Restic backups (#153) 2023-03-05 22:01:53 +00:00
roles Don't add SSH keys to root 2023-03-07 22:05:01 +01:00
.ansible-lint Collect versions and service information in docker/defaults/main.yml (#125) 2022-11-26 08:15:18 +00:00
.gitignore Use sudo instead of root 2023-03-07 22:04:34 +01:00
.pre-commit-config.yaml Collect versions and service information in docker/defaults/main.yml (#125) 2022-11-26 08:15:18 +00:00
ansible.cfg.sample Use sudo instead of root 2023-03-07 22:04:34 +01:00
datacoop_hosts Use domain name instead of IP in inventory file 2023-03-06 22:27:53 +01:00
deploy.sh Use sudo instead of root 2023-03-07 22:04:34 +01:00
Makefile Use sudo instead of root 2023-03-07 22:04:34 +01:00
playbook.yml QoL changes for *Vim users (#144) 2022-12-29 21:13:31 +00:00
README.md Apply valberg's suggestions 2022-11-28 19:31:31 +01:00
vagrant_host Collect versions and service information in docker/defaults/main.yml (#125) 2022-11-26 08:15:18 +00:00
Vagrantfile Don't set base_domain in Vagrantfile 2022-12-06 19:41:07 +01:00

data.coop infrastructure

This repository contains the code used to deploy data.coop's services and websites. We use Ansible to encode our infrastructure setup. Only the association's administrators have access to deploy the services.

Deploying

To deploy the services, the included deploy.sh script can be used. The Ansible playbook uses two custom-made roles (in the roles/ directory):

  • ubuntu_base - used to configure the host itself and install the necessary packages
  • docker - used to deploy our services and websites with Docker containers

The script has options to deploy only one of the roles. Select services only can also be specified. By default, the script deploys everything.

Here is a summary of the options that can be used with the script:

# deploy everything
./deploy.sh

# deploy the ubuntu_base role only
./deploy.sh base

# deploy the docker role only
./deploy.sh services

# deploy SINGLE_SERVICE Docker service only
./deploy.sh services SINGLE_SERVICE

SINGLE_SERVICE should match one of the service names in the services dictionary in roles/docker/defaults/main.yml (e.g. gitea or data_coop_website).

Testing

In order for us to be able to test our setup locally, we use Vagrant to deploy the services in a virtual machine. To do this, Vagrant and VirtualBox must both be installed on the development machine. Then, the services can be deployed locally by using the vagrant command-line tool. The working directory needs to be the root of the repository for this to work properly.

Note: As our secrets are contained in an Ansible Vault file, only the administrators have the ability to run the deployment in Vagrant. However, one could replace the vault file for testing purposes.

Here is a summary of the commands that are available with the vagrant command-line tool:

# Create and provision the VM
vagrant up

# Re-provision the VM
vagrant provision

# SSH into the VM
vagrant ssh

# Power down the VM
vagrant halt

# Power down and delete the VM
vagrant destroy

The vagrant command-line tool does not support supplying extra variables to Ansible on runtime, so to be able to deploy only parts of the Ansible playbook to Vagrant, the deploy.sh script can be used with the --vagrant flag. Here are some examples:

# deploy the ubuntu_base role only in the Vagrant VM
./deploy.sh --vagrant base

# deploy SINGLE_SERVICE Docker service only in the Vagrant VM
./deploy.sh --vagrant services SINGLE_SERVICE

Note that the --vagrant flag should be the first argument when using the script.

Contributing

If you want to contribute, you can fork the repository and submit a pull request. We use a pre-commit hook for linting the YAML files before every commit, so please use that. To initialize pre-commit, you need to have Python and GNU make installed. Then, just run the following shell command:

make init

Nice tools

  • J2Live: A live Jinja2 parser, nice to test out filters