imed

playbooks/server/buildSingleServerImed.yml

@@ -0,0 +1,124 @@
+---
+- name: server initial command
+  hosts: 'imed'
+  become: yes
+  become_method: sudo
+  become_user: root
+  vars_files:
+    - var/registry.yml
+  tasks:
+    - name: set shecan dns
+      copy:
+        src: ../dns/resolv.conf
+        dest: /etc/resolv.conf
+        owner: root
+        group: root
+        mode: u=rwx,g=rwx,o=rwx
+     
+    - name: disable ufw
+      shell: ufw disable
+    
+    - name: disable swap
+      shell: swapoff -a
+
+    - name: sid swap off in fstab
+      shell: sed -i '/swap/d' /etc/fstab 
+    
+    - name: set timezone
+      shell: timedatectl set-timezone Asia/Tehran
+    
+    - name: apt-get update
+      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
+
+    - name: add docker key  and add docker repo
+      shell: |
+        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+        sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
+    
+    
+    - name: installing docker dependencies
+      apt:
+        name: "{{item}}"
+        state: present
+        update_cache: yes
+      with_items:
+        - ca-certificates
+        - curl
+        - gnupg
+        - lsb-release
+  
+
+        
+    - name: installing docker-ce and docker-ce-cli and
+      apt:
+        name: "{{item}}"
+        state: present
+        update_cache: yes
+      with_items:
+        - docker-ce
+        - docker-ce-cli
+        - containerd.io
+    
+
+    - name: start and enable docker and containerd
+      service:
+        name: "{{item}}"
+        state: started
+        enabled: yes
+      with_items:
+        - docker
+        - containerd
+    
+    - name: create the docker user account
+      user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash
+    
+    - name: allow 'dockerman' to use sudo without needing a password
+      lineinfile:
+        dest: /etc/sudoers
+        line: 'dockerman ALL=(ALL) NOPASSWD: ALL'
+        validate: 'visudo -cf %s'
+    
+    - name: add user to docker group
+      user:
+        name: dockerman
+        groups: docker
+        state: present
+
+    - name: reset and enable docker 
+      shell: |
+        systemctl daemon-reload
+        systemctl restart docker
+        systemctl enable docker
+    
+    # add docker home to enviroment variable
+    - name: login docker
+      become: dockerman
+      shell: docker login -u {{ registry_user_imed }} -p {{ registry_password_imed }} {{ registry_url }}
+    
+    - name: reboot
+      shell: reboot
+      ignore_errors: yes
+
+
+
+
+      
+
+    
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 
+

playbooks/server/var/registry.yml

@@ -1,4 +1,6 @@
 ---
 registry_user: Runner
 registry_password: 22102210aA
-registry_url: registry.vnfco.ir
+registry_url: registry.vnfco.ir
+registry_password_imed: Imed_1400
+registry_user_imed: imed

stacks/Imed/pg/stack.imed.yml

@@ -0,0 +1,34 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+services:
+  pg-0:
+    image: bitnami/postgresql:13.6.0
+    environment:
+      - POSTGRESQL_USERNAME=imeduser
+      - POSTGRESQL_PASSWORD=kDn1kwHQlAPks9qhY/NC
+      - POSTGRESQL_DATABASE=imeddb
+      - POSTGRESQL_TIMEZONE=Asia/Tehran
+    volumes:
+      - /volume/pg:/bitnami/postgresql
+    ports:
+      - "5432:5432"
+    networks:
+      - mother
+    deploy:
+      resources:
+        limits:
+          cpus: "1"
+          memory: 500M
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 120s

stacks/Imed/webserver/stack.imed.yml

@@ -0,0 +1,42 @@
+version: "3.7"
+
+networks:
+  mother:
+    external: true
+
+services:
+  ls:
+    image: registry.vnfco.ir/imed/webserver:latest
+    environment:
+      - ASPNETCORE_ENVIRONMENT=Production
+      - TZ=Asia/Tehran
+    deploy:
+      update_config:
+        parallelism: 1
+        delay: 10s
+        order: start-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        window: 120s
+      replicas: 1
+      mode: replicated
+    volumes:
+      - type: bind
+        source: /volume/app/public
+        target: /app/wwwroot
+      - type: bind
+        source: /volume/config/webserver/appsettings.Production.json
+        target: /app/appsettings.Production.json
+      - type: bind
+        source: /etc/localtime
+        target: /etc/localtime
+        read_only: true
+      - type: bind
+        source: /etc/timezone
+        target: /etc/timezone
+        read_only: true
+    ports:
+      - 8010:8010
+    networks:
+      - mother

stacks/lvl4/stack.yml

@@ -126,6 +126,13 @@ services:
       placement:
         constraints:
           - node.role == worker
+      healthcheck:
+        test: wget --no-verbose --tries=1 --spider http://localhost:3000 || exit 1
+        interval: 60s
+        retries: 5
+        start_period: 20s
+        timeout: 10s
+
     ports:
       - 8014:3000
     volumes: