imed
parent
e71522c2bf
commit
224efb6708
|
|
@ -0,0 +1,124 @@
|
|||
---
|
||||
- name: server initial command
|
||||
hosts: 'imed'
|
||||
become: yes
|
||||
become_method: sudo
|
||||
become_user: root
|
||||
vars_files:
|
||||
- var/registry.yml
|
||||
tasks:
|
||||
- name: set shecan dns
|
||||
copy:
|
||||
src: ../dns/resolv.conf
|
||||
dest: /etc/resolv.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rwx,g=rwx,o=rwx
|
||||
|
||||
- name: disable ufw
|
||||
shell: ufw disable
|
||||
|
||||
- name: disable swap
|
||||
shell: swapoff -a
|
||||
|
||||
- name: sid swap off in fstab
|
||||
shell: sed -i '/swap/d' /etc/fstab
|
||||
|
||||
- name: set timezone
|
||||
shell: timedatectl set-timezone Asia/Tehran
|
||||
|
||||
- name: apt-get update
|
||||
apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
|
||||
|
||||
- name: add docker key and add docker repo
|
||||
shell: |
|
||||
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
|
||||
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
|
||||
|
||||
|
||||
- name: installing docker dependencies
|
||||
apt:
|
||||
name: "{{item}}"
|
||||
state: present
|
||||
update_cache: yes
|
||||
with_items:
|
||||
- ca-certificates
|
||||
- curl
|
||||
- gnupg
|
||||
- lsb-release
|
||||
|
||||
|
||||
|
||||
- name: installing docker-ce and docker-ce-cli and
|
||||
apt:
|
||||
name: "{{item}}"
|
||||
state: present
|
||||
update_cache: yes
|
||||
with_items:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
|
||||
|
||||
- name: start and enable docker and containerd
|
||||
service:
|
||||
name: "{{item}}"
|
||||
state: started
|
||||
enabled: yes
|
||||
with_items:
|
||||
- docker
|
||||
- containerd
|
||||
|
||||
- name: create the docker user account
|
||||
user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
|
||||
|
||||
- name: allow 'dockerman' to use sudo without needing a password
|
||||
lineinfile:
|
||||
dest: /etc/sudoers
|
||||
line: 'dockerman ALL=(ALL) NOPASSWD: ALL'
|
||||
validate: 'visudo -cf %s'
|
||||
|
||||
- name: add user to docker group
|
||||
user:
|
||||
name: dockerman
|
||||
groups: docker
|
||||
state: present
|
||||
|
||||
- name: reset and enable docker
|
||||
shell: |
|
||||
systemctl daemon-reload
|
||||
systemctl restart docker
|
||||
systemctl enable docker
|
||||
|
||||
# add docker home to enviroment variable
|
||||
- name: login docker
|
||||
become: dockerman
|
||||
shell: docker login -u {{ registry_user_imed }} -p {{ registry_password_imed }} {{ registry_url }}
|
||||
|
||||
- name: reboot
|
||||
shell: reboot
|
||||
ignore_errors: yes
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
@ -1,4 +1,6 @@
|
|||
---
|
||||
registry_user: Runner
|
||||
registry_password: 22102210aA
|
||||
registry_url: registry.vnfco.ir
|
||||
registry_url: registry.vnfco.ir
|
||||
registry_password_imed: Imed_1400
|
||||
registry_user_imed: imed
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
version: "3.7"
|
||||
|
||||
networks:
|
||||
mother:
|
||||
external: true
|
||||
|
||||
services:
|
||||
pg-0:
|
||||
image: bitnami/postgresql:13.6.0
|
||||
environment:
|
||||
- POSTGRESQL_USERNAME=imeduser
|
||||
- POSTGRESQL_PASSWORD=kDn1kwHQlAPks9qhY/NC
|
||||
- POSTGRESQL_DATABASE=imeddb
|
||||
- POSTGRESQL_TIMEZONE=Asia/Tehran
|
||||
volumes:
|
||||
- /volume/pg:/bitnami/postgresql
|
||||
ports:
|
||||
- "5432:5432"
|
||||
networks:
|
||||
- mother
|
||||
deploy:
|
||||
resources:
|
||||
limits:
|
||||
cpus: "1"
|
||||
memory: 500M
|
||||
update_config:
|
||||
parallelism: 1
|
||||
delay: 10s
|
||||
order: stop-first
|
||||
restart_policy:
|
||||
condition: any
|
||||
delay: 5s
|
||||
max_attempts: 3
|
||||
window: 120s
|
||||
|
|
@ -0,0 +1,42 @@
|
|||
version: "3.7"
|
||||
|
||||
networks:
|
||||
mother:
|
||||
external: true
|
||||
|
||||
services:
|
||||
ls:
|
||||
image: registry.vnfco.ir/imed/webserver:latest
|
||||
environment:
|
||||
- ASPNETCORE_ENVIRONMENT=Production
|
||||
- TZ=Asia/Tehran
|
||||
deploy:
|
||||
update_config:
|
||||
parallelism: 1
|
||||
delay: 10s
|
||||
order: start-first
|
||||
restart_policy:
|
||||
condition: any
|
||||
delay: 5s
|
||||
window: 120s
|
||||
replicas: 1
|
||||
mode: replicated
|
||||
volumes:
|
||||
- type: bind
|
||||
source: /volume/app/public
|
||||
target: /app/wwwroot
|
||||
- type: bind
|
||||
source: /volume/config/webserver/appsettings.Production.json
|
||||
target: /app/appsettings.Production.json
|
||||
- type: bind
|
||||
source: /etc/localtime
|
||||
target: /etc/localtime
|
||||
read_only: true
|
||||
- type: bind
|
||||
source: /etc/timezone
|
||||
target: /etc/timezone
|
||||
read_only: true
|
||||
ports:
|
||||
- 8010:8010
|
||||
networks:
|
||||
- mother
|
||||
|
|
@ -126,6 +126,13 @@ services:
|
|||
placement:
|
||||
constraints:
|
||||
- node.role == worker
|
||||
healthcheck:
|
||||
test: wget --no-verbose --tries=1 --spider http://localhost:3000 || exit 1
|
||||
interval: 60s
|
||||
retries: 5
|
||||
start_period: 20s
|
||||
timeout: 10s
|
||||
|
||||
ports:
|
||||
- 8014:3000
|
||||
volumes:
|
||||
|
|
|
|||
Loading…
Reference in New Issue