diff --git a/.DS_Store b/.DS_Store index bbd3bd1..543cf06 100644 Binary files a/.DS_Store and b/.DS_Store differ diff --git a/.gitignore b/.gitignore index a5e77ed..5d2935c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ .DS_* -password \ No newline at end of file +password +.DS* \ No newline at end of file diff --git a/playbooks/server/addDomainAndEncrypt.yml b/playbooks/server/addDomainAndEncrypt.yml index b96a7e5..5dc1891 100644 --- a/playbooks/server/addDomainAndEncrypt.yml +++ b/playbooks/server/addDomainAndEncrypt.yml @@ -8,10 +8,10 @@ src: template/nginx-server-block.j2 dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf with_items: - - server_name: dev.capitan.igarson.app + - server_name: tetris.game.igarson.app server_config: "" - service_port: 10003 - conf_file: ngrok.conf + service_port: 6005 + conf_file: games.conf - name: append /tmp/new-nginx-server-block.conf to specific conf @@ -19,20 +19,20 @@ cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }} rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf with_items: - - server_name: dev.capitan.igarson.app + - server_name: tetris.game.igarson.app server_config: "" - service_port: 10003 - conf_file: ngrok.conf + service_port: 6005 + conf_file: games.conf - name: encrypt all domains shell: | certbot --nginx -d {{item.server_name}} -n --redirect with_items: - - server_name: dev.capitan.igarson.app + - server_name: tetris.game.igarson.app server_config: "" - service_port: 10003 - conf_file: ngrok.conf + service_port: 6005 + conf_file: games.conf - name: Reload nginx to activate specified site service: name=nginx state=restarted diff --git a/playbooks/server/appendNewStackAndRunIt.yml b/playbooks/server/appendNewStackAndRunIt.yml new file mode 100644 index 0000000..e4789b2 --- /dev/null +++ b/playbooks/server/appendNewStackAndRunIt.yml @@ -0,0 +1,34 @@ +--- +- name: appen stacks + hosts: supermaster + become: yes + tasks: + - name: create stack template + template: + src: template/stack-block.j2 + dest: /tmp/new-stack-block.{{item.service_name}}.yml + with_items: + - service_name: tetris + registry: registry.vnfco.ir/ig/game/tetris:latest + target_port: 80 + source_port: 6005 + stack_lvl: 6 + + + - name: append /tmp/new-stack-block.conf to specific stack file + shell: | + cat /tmp/new-stack-block.{{item.service_name}}.yml >> /home/dockerman/stacks/lvl{{item.stack_lvl}}/stack.yml + rm -rf /tmp/new-stack-block.{{item.service_name}}.yml + with_items: + - service_name: tetris + registry: registry.vnfco.ir/ig/game/tetris:latest + target_port: 80 + source_port: 6005 + stack_lvl: 6 + + + + + + + \ No newline at end of file diff --git a/playbooks/server/buildSingleServerFtsco.yml b/playbooks/server/buildSingleServerFtsco.yml new file mode 100644 index 0000000..db6760c --- /dev/null +++ b/playbooks/server/buildSingleServerFtsco.yml @@ -0,0 +1,134 @@ +--- +- name: server initial command + hosts: 'fts' + become: yes + become_method: sudo + become_user: root + vars_files: + - var/registry.yml + tasks: + # - name: set shecan dns + # copy: + # src: ../dns/resolv.conf + # dest: /etc/resolv.conf + # owner: root + # group: root + # mode: u=rwx,g=rwx,o=rwx + + # - name: disable ufw + # shell: ufw disable + + # - name: disable swap + # shell: swapoff -a + + # - name: sid swap off in fstab + # shell: sed -i '/swap/d' /etc/fstab + + # - name: set timezone + # shell: timedatectl set-timezone Asia/Tehran + + # - name: apt-get update + # apt: update_cache=yes force_apt_get=yes cache_valid_time=3600 + + # - name: add docker key and add docker repo + # shell: | + # curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - + # sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" + + # - name: installing docker dependencies + # apt: + # name: "{{item}}" + # state: present + # update_cache: yes + # with_items: + # - ca-certificates + # - curl + # - gnupg + # - lsb-release + + + + # - name: installing docker-ce and docker-ce-cli and + # apt: + # name: "{{item}}" + # state: present + # update_cache: yes + # with_items: + # - docker-ce + # - docker-ce-cli + # - containerd.io + + + - name: start and enable docker and containerd + service: + name: "{{item}}" + state: started + enabled: yes + with_items: + - docker + - containerd + + + - name: installing nginx and certbot + apt: + name: "{{item}}" + state: present + update_cache: yes + with_items: + - nginx + - letsencrypt + - python3-certbot-nginx + + - name: create the docker user account + user: name=dockerman append=yes state=present createhome=yes shell=/bin/bash + + - name: allow 'dockerman' to use sudo without needing a password + lineinfile: + dest: /etc/sudoers + line: 'dockerman ALL=(ALL) NOPASSWD: ALL' + validate: 'visudo -cf %s' + + - name: add user to docker group + user: + name: dockerman + groups: docker + state: present + + - name: reset and enable docker + shell: | + systemctl daemon-reload + systemctl restart docker + systemctl enable docker + + # add docker home to enviroment variable + - name: login docker + become: dockerman + shell: docker login -u {{ registry_user }} -p {{ registry_password }} {{ registry_url }} + + - name: reboot + shell: reboot + ignore_errors: yes + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/playbooks/server/template/stack-block.j2 b/playbooks/server/template/stack-block.j2 new file mode 100644 index 0000000..c7c849f --- /dev/null +++ b/playbooks/server/template/stack-block.j2 @@ -0,0 +1,29 @@ + {{item.service_name}}: + image: {{item.registry}} + environment: + - TZ=Asia/Tehran + deploy: + update_config: + parallelism: 1 + delay: 10s + order: start-first + restart_policy: + condition: any + delay: 5s + window: 120s + resources: + limits: + cpus: '0.5' + memory: 50M + replicas: 1 + mode: replicated + placement: + constraints: + - node.role == worker + ports: + - {{item.source_port}}:{{item.target_port}} + volumes: + - "/etc/localtime:/etc/localtime:ro" + - "/etc/timezone:/etc/timezone:ro" + networks: + - mother \ No newline at end of file diff --git a/port-range b/port-range index 2b63ed8..11fc252 100644 --- a/port-range +++ b/port-range @@ -6,6 +6,8 @@ 6023 api mafia 6003 quiz ==> must change 6023 api quiz ==> must change +6005 tetris + } 8000-9000 = base diff --git a/stacks/Imed/webserver/stack.imed.yml b/stacks/Imed/webserver/stack.imed.yml index 864f663..62ecfbb 100644 --- a/stacks/Imed/webserver/stack.imed.yml +++ b/stacks/Imed/webserver/stack.imed.yml @@ -5,7 +5,7 @@ networks: external: true services: - ls: + webserver: image: registry.vnfco.ir/imed/webserver:latest environment: - ASPNETCORE_ENVIRONMENT=Production diff --git a/stacks/amirmoghi3/stack.yml b/stacks/amirmoghi3/stack.yml new file mode 100644 index 0000000..aad95cf --- /dev/null +++ b/stacks/amirmoghi3/stack.yml @@ -0,0 +1,35 @@ +version: "3.7" + +networks: + mother: + external: true + +services: + lord: + image: registry.vnfco.ir/amirmoghi3/me:latest + environment: + - TZ=Asia/Tehran + deploy: + update_config: + parallelism: 1 + delay: 10s + order: start-first + restart_policy: + condition: any + delay: 5s + window: 120s + replicas: 1 + mode: replicated + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + - type: bind + source: /etc/timezone + target: /etc/timezone + read_only: true + ports: + - 8585:3000 + networks: + - mother \ No newline at end of file diff --git a/stacks/ftsco/stack.yml b/stacks/ftsco/stack.yml new file mode 100644 index 0000000..8c8bf73 --- /dev/null +++ b/stacks/ftsco/stack.yml @@ -0,0 +1,35 @@ +version: "3.7" + +networks: + mother: + external: true + +services: + website: + image: registry.vnfco.ir/ftsco/website:latest + environment: + - TZ=Asia/Tehran + deploy: + update_config: + parallelism: 1 + delay: 10s + order: start-first + restart_policy: + condition: any + delay: 5s + window: 120s + replicas: 1 + mode: replicated + volumes: + - type: bind + source: /etc/localtime + target: /etc/localtime + read_only: true + - type: bind + source: /etc/timezone + target: /etc/timezone + read_only: true + ports: + - 3000:3000 + networks: + - mother \ No newline at end of file diff --git a/stacks/lvl2/.DS_Store b/stacks/lvl2/.DS_Store index 6aecb1a..1e269df 100644 Binary files a/stacks/lvl2/.DS_Store and b/stacks/lvl2/.DS_Store differ diff --git a/stacks/lvl3/stack.yml b/stacks/lvl3/stack.yml index 014aa74..87cd632 100644 --- a/stacks/lvl3/stack.yml +++ b/stacks/lvl3/stack.yml @@ -71,7 +71,7 @@ services: resources: limits: cpus: '1' - memory: 500m + memory: 600m replicas: 1 mode: replicated placement: @@ -112,11 +112,13 @@ services: image: registry.vnfco.ir/ig/sms:latest environment: - QUEUE_NAME=ig-sms - - RABBIT_URI=amqp://igarsonAgent:muyXHzymcTYLzk3wYnIwG+UJWECKy0ViUDO+UlCmPF3XS+2kliuV0TaA0mWf6lT@rabbitmq:5672 + - RABBIT_URI=amqp://test:test@192.168.0.108:5672 - SMS_SERVICE_URI=https://api.kavenegar.com/v1/ - - SMS_SERVICE_CONTEXT_PATH=/sms/send.json - - USERAPIKEY=7461633837643439575446434F7161634F676C58426E674B396A5356586A3173 + - USERAPIKEY=3735494B4143727A794346457461576A2B4B6668414973424E333561505A694B - SECRETKEY=!#u*(!@ofOAJDU31y+ + - LINENUMBER=2000500666 + - VERIFICATION_SERVICE_CONTEXT_PATH=/verify/lookup.json + - SMS_SERVICE_CONTEXT_PATH=/sms/lookup.json - TZ=Asia/Tehran deploy: update_config: