diff --git a/deployment/inventory b/deployment/inventory index f8d136f..0ed1766 100644 --- a/deployment/inventory +++ b/deployment/inventory @@ -1,2 +1,2 @@ [all] -10.10.0.145 ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' \ No newline at end of file +127.0.0.1 ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' \ No newline at end of file diff --git a/deployment/main.yml b/deployment/main.yml index 5620fe1..8c2fb7b 100644 --- a/deployment/main.yml +++ b/deployment/main.yml @@ -4,9 +4,10 @@ become: true pre_tasks: - name: load variables - ansible.builtin.include_vars: "{{ item }}" + ansible.builtin.include_vars: '{{ item }}' with_first_found: - - "default.yml" + - "vars/default.yml" + tasks: - name: refresh packages update @@ -23,30 +24,22 @@ - name: install dependencies yum: - name: - [ - git, - gcc, - gcc-c++, - libuuid-devel, - openssl-devel, - zlib-devel, - jsoncpp-devel, - cmake, - ] + name: [git, gcc, gcc-c++, libuuid-devel, openssl-devel, zlib-devel, jsoncpp-devel, cmake] state: present when: ansible_os_family == "RedHat" - name: clone CCash repository git: repo: https://github.com/EntireTwix/CCash.git - dest: "{{BUILD_DIR}}/CCash" + dest: '{{BUILD_DIR}}/CCash' recursive: true - update: false + update: true + force: true + version: "{{ BRANCH }}" - name: Make lib base64 community.general.make: - chdir: "{{BUILD_DIR}}/CCash/third_party/base64" + chdir: '{{BUILD_DIR}}/CCash/third_party/base64' params: AVX2_CFLAGS: -mavx2 SSSE3_CFLAGS: -mssse3 @@ -54,51 +47,163 @@ SSE42_CFLAGS: -msse4.2 AVX_CFLAGS: -mavx - - name: create build dir + - name: create build dir file: - path: "{{BUILD_DIR}}/CCash/build" + path: '{{BUILD_DIR}}/CCash/build' state: directory - name: Cmake CCash ansible.builtin.command: - chdir: "{{BUILD_DIR}}/CCash/build" + chdir: '{{BUILD_DIR}}/CCash/build' cmd: | cmake -DDROGON_CONFIG_LOC="{{ BUILD_DIR }}/CCash/config/config.json" -DUSER_SAVE_LOC="{{ BUILD_DIR }}/CCash/config/users.dat" -DUSE_DEPRECATED_ENDPOINTS="{{ USE_DEPRECATED_ENDPOINTS }}" .. - + - name: make CCash community.general.make: - chdir: "{{BUILD_DIR}}/CCash/build" + chdir: '{{BUILD_DIR}}/CCash/build' params: - NUM_THREADS: "-j{{ ansible_processor_vcpus }}" + NUM_THREADS: '-j{{ ansible_processor_vcpus }}' + - name: create users file ansible.builtin.command: - chdir: "{{BUILD_DIR}}/CCash/build/" + chdir: '{{BUILD_DIR}}/CCash/build/' cmd: ./bank - creates: "{{ BUILD_DIR }}/CCash/config/users.dat" + creates: '{{ BUILD_DIR }}/CCash/config/users.dat' - name: chmod +x ssl.sh ansible.builtin.file: mode: u+x - path: "{{BUILD_DIR}}/CCash/config/ssl.sh" - - name: generate default ssl - ansible.builtin.command: - chdir: "{{BUILD_DIR}}/CCash/config/" - cmd: "./ssl.sh" - - - name: create service file + path: '{{BUILD_DIR}}/CCash/config/ssl.sh' + - name: create ssl gen file ansible.builtin.copy: content: | - [Unit] - Description=CCash API Server - After=network.target remote-fs.target nss-lookup.target + { + "listeners": [ + { + "address": "0.0.0.0", + "port": 80, + "https": false + }, + { + "address": "0.0.0.0", + "port": 443, + "https": true, + "cert": "{{ BUILD_DIR }}/CCash/config/cert.cert", + "key": "{{ BUILD_DIR }}/CCash/config/key.key" + } + ] + } + dest: "{{ BUILD_DIR }}/CCash/config/config.json" - [Service] - Type=simple - ExecStart={{BUILD_DIR}}/CCash/build/bank {{ADMIN_A}} {{SAVE_FREQ}} - ExecStop=/bin/kill -WINCH ${MAINPID} - KillSignal=SIGCONT - PrivateTmp=true - [Install] - WantedBy=multi-user.target - dest: /etc/systemd/system/ccash.service + - name: create ssl gen file + ansible.builtin.copy: + content: | + #!/bin/bash + + + openssl genrsa -out server.pass.key 2048 + openssl rsa -in server.pass.key -out {{ BUILD_DIR }}/CCash/config/key.key + rm server.pass.key + openssl req -new -key {{ BUILD_DIR }}/CCash/config/key.key -out server.csr \ + -subj "/C=US/ST=CCashland/L=NEW CCASH/O=CCash/OU=Devs/CN=localhost" + openssl x509 -req -days 365 -in server.csr -signkey {{ BUILD_DIR }}/CCash/config/key.key -out {{ BUILD_DIR }}/CCash/config/cert.cert + dest: "{{ BUILD_DIR }}/CCash/config/ssl.sh" + + - name: generate default ssl + ansible.builtin.command: + chdir: '{{BUILD_DIR}}/CCash/config/' + cmd: './ssl.sh' + + - name: Start CCash Api Server + ansible.builtin.command: + chdir: '{{ BUILD_DIR }}/CCash/build' + cmd: './bank {{ ADMIN_A }} {{ SAVE_FREQ }} true' + + - name: Clone Web + git: + repo: https://github.com/Expand-sys/ccashfrontend.git + dest: '{{BUILD_DIR}}/CCash/web' + recursive: true + update: true + force: true + + when: WEB_ENABLED == true + + - name: "Install Nodejs 18 module" + command: dnf module install -y nodejs:18/common + register: result + changed_when: + - '"Enabling module streams" in result.stdout' + when: ansible_os_family == "RedHat" and WEB_ENABLED == true + + + - name: install pm2 + community.general.npm: + path: '{{ BUILD_DIR }}/CCash/web' + name: pm2 + global: true + when: WEB_ENABLED == true + + - name: install web dependencies + community.general.npm: + path: '{{ BUILD_DIR }}/CCash/web' + when: WEB_ENABLED == true + + - name: create .env file + ansible.builtin.copy: + content: | + BANKAPIURL={{ ansible_facts["all_ipv4_addresses"][0] }} + SECURE=true + SETUP=true + PORT={{ WEB_PORT }} + dest: '{{ BUILD_DIR }}/CCash/web/.env' + when: WEB_ENABLED == true + + - name: create pm2 file + ansible.builtin.copy: + content: | + { + "name": "ccashfrontend", + "script": "{{ BUILD_DIR }}/ccash/web/index.js", + "watch": "{{ BUILD_DIR }}/ccash/web/tmp/restart.txt", + "instances": "1" + } + dest: "{{ BUILD_DIR }}/CCash/web/pm2.json" + when: WEB_ENABLED == true + + + - name: start webapp service + ansible.builtin.command: + chdir: "{{ BUILD_DIR }}/CCash/web" + cmd: | + pm2 start index.js --update-env --name 'CCashFrontend' -f + when: START_SERVICES == true and WEB_ENABLED == true + + - name: enable web app on boot + ansible.builtin.command: + chdir: "{{ BUILD_DIR }}/CCash/web" + cmd: | + pm2 startup + when: START_ON_BOOT == true and START_SERVICES == true and WEB_ENABLED == true + - name: enable ccash on boot + ansible.builtin.cron: + name: CCash enable on boot + special_time: reboot + state: present + job: '{{ BUILD_DIR }}/CCash/build/bank {{ ADMIN_A }} {{ SAVE_FREQ }} true' + when: START_ON_BOOT == true + + - name: allow firewalld ports + ansible.posix.firewalld: + permanent: true + port: 443/tcp + state: enabled + + - name: allow firewalld ports + ansible.posix.firewalld: + permanent: true + port: 3000/tcp + state: enabled + when: WEB_ENABLED == true + diff --git a/deployment/requirements.yml b/deployment/requirements.yml new file mode 100644 index 0000000..24f5007 --- /dev/null +++ b/deployment/requirements.yml @@ -0,0 +1,4 @@ +--- +collections: +- ansible.posix +- community.general diff --git a/deployment/vars/default.yml b/deployment/vars/default.yml index 308bc93..ecfa980 100644 --- a/deployment/vars/default.yml +++ b/deployment/vars/default.yml @@ -3,3 +3,8 @@ BUILD_DIR: "/root" ADMIN_A: "admin" SAVE_FREQ: "2" USE_DEPRECATED_ENDPOINTS: "true" +WEB_ENABLED: true +WEB_PORT: "3000" +START_SERVICES: true +START_ON_BOOT: true +BRANCH: "v2.5.1" \ No newline at end of file