From 1087c7ad77a0d69dd637267b724d73ae2eb875ec Mon Sep 17 00:00:00 2001 From: Expand-sys <79956551+Expand-sys@users.noreply.github.com> Date: Mon, 23 Jan 2023 01:33:06 +1100 Subject: [PATCH 1/6] Update README.md --- README.md | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/README.md b/README.md index 3dd5a16..def93fd 100644 --- a/README.md +++ b/README.md @@ -1 +1,36 @@ # DEPLOYCCASH +#Ansible + +CCash can be deployed to any infrastructure able to run Rocky/Alma Linux 8/9 x86_64 virtual or not, we will be eventually updating it to allow it to run on other OS's but for now RHEL is what works. + +As CCash is intended to be run as root, the playbook is run also as root. The playbook also builds CCash from the latest github push, so there may be bugs. + +In order to use the ansible playbook, clone the playbook to any pc with the ability to access the server through SSH and with Ansible installed, edit the inventory file to contain the IP address of the target server and run the following commands: + +```ansible-playbook -i deployment/inventory deployment/main.yml -k``` +When this is complete the server will have ccash installed to the user dir, this is customizable in the vars/default.yml file along with the admin username and save frequency. +To start CCash run: +```systemctl start ccash``` +To run ccash at start up run: +```systemctl enable ccash``` + +## Build +Previously this used GitHub Workflows, I(Expand) dont know how to do those but its not that hard to deploy stuff manually. To run the pre configured docker image run the above command and you are off to the races it will deploy a self signed certificate and use that for deployment. As this is not a user facing deployment the certificate is self signed and thus will throw an error on chrome, though this will still work if you ignore it. For production you should deploy with a reverse proxy and a correct certificate for your domain. + +To build this manually you may download the dockerfile only, it will pull the latest repository the commands for building are + +docker build --build-arg ADMIN_A= --build-arg SAVE_FREQ= -t ccash . --no-cache docker run -itp 443:443 -v ccashconfig:/ccash/config -e ADMIN_A= -e SAVE_FREQ= ccash + +if you have the know how you may edit the docker file and add CMAKE commands as listed in the build section of the CCash documentation. + +## Deploy + +You can deploy this docker image to be run on a remote machine in a few steps or you can deploy manually in this case we are using [Debian OS](https://www.debian.org/) running on the [Linode](https://www.linode.com/) cloud provider, but most OS and cloud providers will work, assuming the machine can run an SSH server. + +Additionally, there is a dockerfile where you can build it yourself or a repository available on [dockerhub](https://hub.docker.com/r/expandsys/ccash) for you to just pull and run on any machine quickly and easily. + +### Configure the machine +For docker deployment there is one supported config and that is the command listed above, + ADMIN_A = Admin account name, must be all lowercase, and the account must be created before use. To do this either use the [CCashDeploy](https://hub.docker.com/r/expandsys/ccashdeploy) docker image and use the CCashFrontend to register the account or use curl to send the raw command to the endpoint. + SAVE_FREQ = Saving frequency in minutes, pretty simple + From bbe9872f6d268fd2cb11dda4412c5044fbc10386 Mon Sep 17 00:00:00 2001 From: Expand-sys <79956551+Expand-sys@users.noreply.github.com> Date: Mon, 23 Jan 2023 01:33:19 +1100 Subject: [PATCH 2/6] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index def93fd..68a7fab 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # DEPLOYCCASH -#Ansible +# Ansible CCash can be deployed to any infrastructure able to run Rocky/Alma Linux 8/9 x86_64 virtual or not, we will be eventually updating it to allow it to run on other OS's but for now RHEL is what works. From 3834076bbdaba044e4ce488bf3b6b62494195ae5 Mon Sep 17 00:00:00 2001 From: Expand-sys <79956551+Expand-sys@users.noreply.github.com> Date: Mon, 23 Jan 2023 01:37:59 +1100 Subject: [PATCH 3/6] Update README.md --- README.md | 29 ++++------------------------- 1 file changed, 4 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 68a7fab..cecc5d5 100644 --- a/README.md +++ b/README.md @@ -7,30 +7,9 @@ As CCash is intended to be run as root, the playbook is run also as root. The pl In order to use the ansible playbook, clone the playbook to any pc with the ability to access the server through SSH and with Ansible installed, edit the inventory file to contain the IP address of the target server and run the following commands: -```ansible-playbook -i deployment/inventory deployment/main.yml -k``` +```ansible-playbook -i inventory main.ansible.yml -k``` When this is complete the server will have ccash installed to the user dir, this is customizable in the vars/default.yml file along with the admin username and save frequency. -To start CCash run: -```systemctl start ccash``` -To run ccash at start up run: -```systemctl enable ccash``` - -## Build -Previously this used GitHub Workflows, I(Expand) dont know how to do those but its not that hard to deploy stuff manually. To run the pre configured docker image run the above command and you are off to the races it will deploy a self signed certificate and use that for deployment. As this is not a user facing deployment the certificate is self signed and thus will throw an error on chrome, though this will still work if you ignore it. For production you should deploy with a reverse proxy and a correct certificate for your domain. - -To build this manually you may download the dockerfile only, it will pull the latest repository the commands for building are - -docker build --build-arg ADMIN_A= --build-arg SAVE_FREQ= -t ccash . --no-cache docker run -itp 443:443 -v ccashconfig:/ccash/config -e ADMIN_A= -e SAVE_FREQ= ccash - -if you have the know how you may edit the docker file and add CMAKE commands as listed in the build section of the CCash documentation. - -## Deploy - -You can deploy this docker image to be run on a remote machine in a few steps or you can deploy manually in this case we are using [Debian OS](https://www.debian.org/) running on the [Linode](https://www.linode.com/) cloud provider, but most OS and cloud providers will work, assuming the machine can run an SSH server. - -Additionally, there is a dockerfile where you can build it yourself or a repository available on [dockerhub](https://hub.docker.com/r/expandsys/ccash) for you to just pull and run on any machine quickly and easily. - -### Configure the machine -For docker deployment there is one supported config and that is the command listed above, - ADMIN_A = Admin account name, must be all lowercase, and the account must be created before use. To do this either use the [CCashDeploy](https://hub.docker.com/r/expandsys/ccashdeploy) docker image and use the CCashFrontend to register the account or use curl to send the raw command to the endpoint. - SAVE_FREQ = Saving frequency in minutes, pretty simple +To start CCash you can CD into the directory CCash is installed then run ./build/bank {ADMIN ACCOUNT} {SAVE FREQUENCY} true +replacing {ADMIN ACCOUNT} with your admin account username and {SAVE FREQUENCY} with the amount of minutes you want to wait for the bank to autosave. +true just means that the server will be run in daemon mode and will run as a background process From 1826f22a1cc07c45ce649545d75bd5c410c1af39 Mon Sep 17 00:00:00 2001 From: Expand-sys <79956551+Expand-sys@users.noreply.github.com> Date: Mon, 23 Jan 2023 01:40:54 +1100 Subject: [PATCH 4/6] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index cecc5d5..cda5338 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,8 @@ CCash can be deployed to any infrastructure able to run Rocky/Alma Linux 8/9 x86 As CCash is intended to be run as root, the playbook is run also as root. The playbook also builds CCash from the latest github push, so there may be bugs. In order to use the ansible playbook, clone the playbook to any pc with the ability to access the server through SSH and with Ansible installed, edit the inventory file to contain the IP address of the target server and run the following commands: - +```git clone https://github.com/Expand-sys/DEPLOYCCASH``` +```cd DEPLOYCCASH``` ```ansible-playbook -i inventory main.ansible.yml -k``` When this is complete the server will have ccash installed to the user dir, this is customizable in the vars/default.yml file along with the admin username and save frequency. To start CCash you can CD into the directory CCash is installed then run ./build/bank {ADMIN ACCOUNT} {SAVE FREQUENCY} true From 3e78ccbf4e5cfe6d3cdb602989ee44d19765fc4e Mon Sep 17 00:00:00 2001 From: Expand-sys <79956551+Expand-sys@users.noreply.github.com> Date: Mon, 23 Jan 2023 01:41:13 +1100 Subject: [PATCH 5/6] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index cda5338..3850317 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,13 @@ CCash can be deployed to any infrastructure able to run Rocky/Alma Linux 8/9 x86 As CCash is intended to be run as root, the playbook is run also as root. The playbook also builds CCash from the latest github push, so there may be bugs. In order to use the ansible playbook, clone the playbook to any pc with the ability to access the server through SSH and with Ansible installed, edit the inventory file to contain the IP address of the target server and run the following commands: + ```git clone https://github.com/Expand-sys/DEPLOYCCASH``` + ```cd DEPLOYCCASH``` + ```ansible-playbook -i inventory main.ansible.yml -k``` + When this is complete the server will have ccash installed to the user dir, this is customizable in the vars/default.yml file along with the admin username and save frequency. To start CCash you can CD into the directory CCash is installed then run ./build/bank {ADMIN ACCOUNT} {SAVE FREQUENCY} true replacing {ADMIN ACCOUNT} with your admin account username and {SAVE FREQUENCY} with the amount of minutes you want to wait for the bank to autosave. From c12aa3459de17257c42243401b91ecf721f7100e Mon Sep 17 00:00:00 2001 From: Expand-sys Date: Wed, 21 Jun 2023 17:18:55 +1000 Subject: [PATCH 6/6] fixed some edge cases --- inventory | 2 +- main.ansible.yml | 36 ++++++++++++++++++------------------ vars/default.yml | 4 ++-- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/inventory b/inventory index 949fe01..0ed1766 100644 --- a/inventory +++ b/inventory @@ -1,2 +1,2 @@ [all] -54.38.56.147 ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' \ No newline at end of file +127.0.0.1 ansible_ssh_user=root ansible_ssh_common_args='-o StrictHostKeyChecking=no' \ No newline at end of file diff --git a/main.ansible.yml b/main.ansible.yml index 4ed0e03..aab7cb4 100644 --- a/main.ansible.yml +++ b/main.ansible.yml @@ -11,11 +11,6 @@ tasks: - - name: Refresh packages update - ansible.builtin.yum: - name: "*" - update_cache: true - - name: Add repository ansible.builtin.yum: name: epel-release @@ -127,7 +122,7 @@ ansible.builtin.command: chdir: '{{ BUILD_DIR }}/CCash/build' cmd: './bank {{ ADMIN_A }} {{ SAVE_FREQ }} true' - when: START_SERVICES = true + when: START_SERVICES == true - name: Clone Web ansible.builtin.git: @@ -135,37 +130,37 @@ dest: '{{ BUILD_DIR }}/CCash/web' update: true force: true - when: WEB_ENABLED = true + when: WEB_ENABLED == true - name: "Install Nodejs 18 module" ansible.builtin.command: dnf module install -y nodejs:18/common register: result changed_when: - '"Enabling module streams" in result.stdout' - when: ansible_os_family = "RedHat" and WEB_ENABLED = true + when: ansible_os_family == "RedHat" and WEB_ENABLED == true - name: Install pm2 community.general.npm: path: '{{ BUILD_DIR }}/CCash/web' name: pm2 global: true - when: WEB_ENABLED = true + when: WEB_ENABLED == true - name: Install web dependencies community.general.npm: path: '{{ BUILD_DIR }}/CCash/web' - when: WEB_ENABLED = true + when: WEB_ENABLED == true - name: Create .env file ansible.builtin.copy: content: | - BANKAPIURL={{ ansible_facts["all_ipv4_addresses"][0] }} + BANKAPIURL=http://127.0.0.1:{{ CCASH_PORT }} SECURE=true SETUP=true PORT={{ WEB_PORT }} dest: '{{ BUILD_DIR }}/CCash/web/.env' mode: 0700 - when: WEB_ENABLED = true + when: WEB_ENABLED == true - name: Create pm2 file ansible.builtin.copy: @@ -178,7 +173,7 @@ } dest: "{{ BUILD_DIR }}/CCash/web/pm2.json" mode: 0700 - when: WEB_ENABLED = true + when: WEB_ENABLED == true - name: Start webapp service @@ -186,14 +181,14 @@ chdir: "{{ BUILD_DIR }}/CCash/web" cmd: | pm2 start index.js --update-env --name 'CCashFrontend' -f - when: START_SERVICES = true and WEB_ENABLED = true + when: START_SERVICES == true and WEB_ENABLED == true - name: Enable web app on boot ansible.builtin.command: chdir: "{{ BUILD_DIR }}/CCash/web" cmd: | pm2 startup - when: START_ON_BOOT = true and START_SERVICES = true and WEB_ENABLED = true + when: START_ON_BOOT == true and START_SERVICES == true and WEB_ENABLED == true - name: Enable ccash on boot ansible.builtin.cron: @@ -201,12 +196,17 @@ special_time: reboot state: present job: '{{ BUILD_DIR }}/CCash/build/bank {{ ADMIN_A }} {{ SAVE_FREQ }} true' - when: START_ON_BOOT = true + when: START_ON_BOOT == true - name: Allow firewalld ports ansible.posix.firewalld: permanent: true - port: 443/tcp + port: '{{ CCASH_PORT }}/tcp' + state: enabled + - name: Allow firewalld ports + ansible.posix.firewalld: + permanent: true + port: '{{ CCASH_PORT_S }}/tcp' state: enabled - name: Allow firewalld ports @@ -214,4 +214,4 @@ permanent: true port: 3000/tcp state: enabled - when: WEB_ENABLED = true + when: WEB_ENABLED == true diff --git a/vars/default.yml b/vars/default.yml index eb40273..0508952 100644 --- a/vars/default.yml +++ b/vars/default.yml @@ -3,10 +3,10 @@ BUILD_DIR: "/root" ADMIN_A: "admin" SAVE_FREQ: "2" USE_DEPRECATED_ENDPOINTS: "true" -WEB_ENABLED: false +WEB_ENABLED: true WEB_PORT: "3000" CCASH_PORT: 8080 CCASH_PORT_S: 8443 -START_SERVICES: false +START_SERVICES: true START_ON_BOOT: true BRANCH: "main" \ No newline at end of file