diff --git a/playbooks/server/buildSingleServerImed.yml b/playbooks/server/buildSingleServerImed.yml new file mode 100644 index 0000000..022951c --- /dev/null +++ b/playbooks/server/buildSingleServerImed.yml @@ -0,0 +1,124 @@ +--- +- name: server initial command + hosts: 'imed' + become: yes + become_method: sudo + become_user: root + vars_files: + - var/registry.yml + tasks: + - name: set shecan dns + copy: + src: ../dns/resolv.conf + dest: /etc/resolv.conf + owner: root + group: root + mode: u=rwx,g=rwx,o=rwx + + - name: disable ufw + shell: ufw disable + + - name: disable swap + shell: swapoff -a + + - name: sid swap off in fstab + shell: sed -i '/swap/d' /etc/fstab + + - name: set timezone + shell: timedatectl set-timezone Asia/Tehran + + - name: apt-get update + apt: update_cache=yes force_apt_get=yes cache_valid_time=3600 + + - name: add docker key and add docker repo + shell: | + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - + sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" + + + - name: installing docker dependencies + apt: + name: "{{item}}" + state: present + update_cache: yes + with_items: + - ca-certificates + - curl + - gnupg + - lsb-release + + + + - name: installing docker-ce and docker-ce-cli and + apt: + name: "{{item}}" + state: present + update_cache: yes + with_items: + - docker-ce + - docker-ce-cli + - containerd.io + + + - name: start and enable docker and containerd + service: + name: "{{item}}" + state: started + enabled: yes + with_items: + - docker + - containerd + + - name: create the docker user account + user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash + + - name: allow 'dockerman' to use sudo without needing a password + lineinfile: + dest: /etc/sudoers + line: 'dockerman ALL=(ALL) NOPASSWD: ALL' + validate: 'visudo -cf %s' + + - name: add user to docker group + user: + name: dockerman + groups: docker + state: present + + - name: reset and enable docker + shell: | + systemctl daemon-reload + systemctl restart docker + systemctl enable docker + + # add docker home to enviroment variable + - name: login docker + become: dockerman + shell: docker login -u {{ registry_user_imed }} -p {{ registry_password_imed }} {{ registry_url }} + + - name: reboot + shell: reboot + ignore_errors: yes + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/playbooks/server/var/registry.yml b/playbooks/server/var/registry.yml index 5fe488d..4b45128 100644 --- a/playbooks/server/var/registry.yml +++ b/playbooks/server/var/registry.yml @@ -1,4 +1,6 @@ --- registry_user: Runner registry_password: 22102210aA -registry_url: registry.vnfco.ir \ No newline at end of file +registry_url: registry.vnfco.ir +registry_password_imed: Imed_1400 +registry_user_imed: imed \ No newline at end of file diff --git a/stacks/Imed/pg/stack.imed.yml b/stacks/Imed/pg/stack.imed.yml new file mode 100644 index 0000000..aab5f0f --- /dev/null +++ b/stacks/Imed/pg/stack.imed.yml @@ -0,0 +1,34 @@ +version: "3.7" + +networks: + mother: + external: true + +services: + pg-0: + image: bitnami/postgresql:13.6.0 + environment: + - POSTGRESQL_USERNAME=imeduser + - POSTGRESQL_PASSWORD=kDn1kwHQlAPks9qhY/NC + - POSTGRESQL_DATABASE=imeddb + - POSTGRESQL_TIMEZONE=Asia/Tehran + volumes: + - /volume/pg:/bitnami/postgresql + ports: + - "5432:5432" + networks: + - mother + deploy: + resources: + limits: + cpus: "1" + memory: 500M + update_config: + parallelism: 1 + delay: 10s + order: stop-first + restart_policy: + condition: any + delay: 5s + max_attempts: 3 + window: 120s diff --git a/stacks/Imed/webserver/stack.imed.yml b/stacks/Imed/webserver/stack.imed.yml new file mode 100644 index 0000000..864f663 --- /dev/null +++ b/stacks/Imed/webserver/stack.imed.yml @@ -0,0 +1,42 @@ +version: "3.7" + +networks: + mother: + external: true + +services: + ls: + image: registry.vnfco.ir/imed/webserver:latest + environment: + - ASPNETCORE_ENVIRONMENT=Production + - TZ=Asia/Tehran + deploy: + update_config: + parallelism: 1 + delay: 10s + order: start-first + restart_policy: + condition: any + delay: 5s + window: 120s + replicas: 1 + mode: replicated + volumes: + - type: bind + source: /volume/app/public + target: /app/wwwroot + - type: bind + source: /volume/config/webserver/appsettings.Production.json + target: /app/appsettings.Production.json + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + - type: bind + source: /etc/timezone + target: /etc/timezone + read_only: true + ports: + - 8010:8010 + networks: + - mother \ No newline at end of file diff --git a/stacks/lvl4/stack.yml b/stacks/lvl4/stack.yml index ae78e07..e1fcc1c 100644 --- a/stacks/lvl4/stack.yml +++ b/stacks/lvl4/stack.yml @@ -126,6 +126,13 @@ services: placement: constraints: - node.role == worker + healthcheck: + test: wget --no-verbose --tries=1 --spider http://localhost:3000 || exit 1 + interval: 60s + retries: 5 + start_period: 20s + timeout: 10s + ports: - 8014:3000 volumes: