Docker deployment for tohtori and some refactoring

roles/base/tasks/deps_for_ansible.yml

@@ -0,0 +1,3 @@
+- name: Install python dependencies for managing apt repositories
+  apt: pkg=python-pycurl
+  tags: [nginx, repo]

roles/base/tasks/github_key.yml

@@ -0,0 +1,4 @@
+---
+- name: add github ssh keys
+  shell: ssh-keyscan github.com >> /etc/ssh/ssh_known_hosts
+  sudo: yes

roles/base/tasks/main.yml

@@ -1,4 +1,5 @@
 ---
+- include: deps_for_ansible.yml tags=base,dependencies
 - include: locale.yml tags=base,locale
 - include: users.yml tags=base,users
 - include: packages.yml tags=base,packages
@@ -7,3 +8,4 @@
 - include: ufw.yml tags=base,ufw
 - include: ntp.yml tags=base,ntp
 - include: timezone.yml tags=base,timezone
+- include: github_key.yml tags=base

roles/base/tasks/packages.yml

@@ -9,3 +9,4 @@
     - git
     - htop
     - wget
+    - ruby2.0

roles/base/tasks/swapfile.yml

@@ -0,0 +1,37 @@
+---
+- name: Write swapfile
+  command: |
+    {% if swapfile_use_dd %}
+    dd if=/dev/zero of=/swapfile bs=1M count={{ swapfile_size }} creates=/swapfile
+    {% else %}
+    fallocate -l {{ swapfile_size }} /swapfile creates=/swapfile
+    {% endif %}
+  register: write_swapfile
+  when: swapfile_size != false
+
+- name: Set swapfile permissions
+  file: path=/swapfile mode=600
+  when: swapfile_size != false
+
+- name: Create swapfile
+  command: mkswap /swapfile
+  register: create_swapfile
+  when: swapfile_size != false and write_swapfile.changed
+
+- name: Enable swapfile
+  command: swapon /swapfile
+  when: swapfile_size != false and create_swapfile.changed
+
+- name: Add swapfile to /etc/fstab
+  lineinfile: dest=/etc/fstab line="/swapfile   none    swap    sw    0   0" state=present
+  when: swapfile_size != false
+
+- name: Configure vm.swappiness
+  lineinfile: dest=/etc/sysctl.conf line="vm.swappiness = {{ swapfile_swappiness }}" regexp="^vm.swappiness[\s]?=" state=present
+  notify: Reload sysctl
+  when: swapfile_swappiness != false
+
+- name: Configure vm.vfs_cache_pressure
+  lineinfile: dest=/etc/sysctl.conf line="vm.vfs_cache_pressure = {{ swapfile_vfs_cache_pressure }}" regexp="^vm.vfs_cache_pressure[\s]?=" state=present
+  notify: Reload sysctl
+  when: swapfile_vfs_cache_pressure != false

roles/base/tasks/users.yml

@@ -5,7 +5,7 @@
 - name: create users
   user: >
     name={{ item.name }}
-    groups=admin
+    groups=admin,docker
     shell=/bin/bash
     password={{ item.password }}
   with_items: users

roles/docker/defaults/main.yml

@@ -0,0 +1,10 @@
+---
+
+# The following help expose a docker port or to add additional options when
+# running docker daemon.  The default is to not use any special options.
+#docker_opts: >
+#  -H unix://
+#  -H tcp://0.0.0.0:2375
+#  --log-level=debug
+docker_opts: ""
+

roles/docker/handlers/main.yml

@@ -0,0 +1,10 @@
+---
+# handlers file for docker.ubuntu
+- name: Start Docker
+  service: name=docker state=started
+
+- name: Reload docker
+  service: name=docker state=reloaded
+
+- name: Restart dockerio
+  service: name=docker state=restarted

roles/docker/tasks/main.yml

@@ -0,0 +1,64 @@
+---
+- name: Install lxc-docker
+  apt:
+    pkg: "linux-image-{{ ansible_kernel }}"
+    state: installed
+
+- name: Add Ubuntu universe repo for pip
+  apt_repository:
+    repo: "deb http://mirrors.digitalocean.com/ubuntu trusty universe"
+    update_cache: yes
+    state: present
+
+- name: Install pip
+  apt:
+    pkg: "{{ item }}"
+    state: installed
+  with_items:
+    - python-dev
+
+- name: install pip
+  shell: easy_install -U pip
+  sudo: yes
+
+- name: Install Docker-py
+  pip:
+    name: docker-py
+
+- name: Make sure apt-transport-https is installed
+  apt:
+    pkg: "apt-transport-https"
+    state: installed
+
+- name: Add Docker repository key
+  apt_key:
+    id: "36A1D7869245C8950F966E92D8576A8BA88D21E9"
+    keyserver: "hkp://keyserver.ubuntu.com:80"
+    state: present
+
+- name: Add Docker repository and update apt cache
+  apt_repository:
+    repo: "deb http://get.docker.io/ubuntu docker main"
+    update_cache: yes
+    state: present
+
+- name: Install lxc-docker
+  apt:
+    pkg: "lxc-docker"
+    state: installed
+
+- name: Set docker daemon options
+  copy:
+    content: "DOCKER_OPTS=\"{{ docker_opts.rstrip('\n') }}\""
+    dest: /etc/default/docker
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - Reload docker
+  when: docker_opts != ""
+
+- name: Start docker-lxc
+  service:
+    name: docker
+    state: started

roles/koodiklinikka.fi-api/defaults/main.yml

@@ -3,3 +3,10 @@ koodiklinikka_api_project_name: koodiklinikka.fi-api
 koodiklinikka_api_repository_url: git@github.com:koodiklinikka/koodiklinikka.fi-api.git
 koodiklinikka_api_nodejs_version: v0.10.25
 koodiklinikka_api_port: 9000
+
+nvm_path: /opt/web/nvm
+nvm_user: web
+koodiklinikka_api_nvm_path: /opt/web/nvm
+koodiklinikka_api_nvm_script: /opt/web/nvm/nvm.sh
+koodiklinikka_api_app_path: /opt/web/koodiklinikka.fi-api
+koodiklinikka_api_user: web

roles/koodiklinikka.fi/defaults/main.yml

@@ -2,3 +2,7 @@
 koodiklinikka_project_name: koodiklinikka.fi
 koodiklinikka_client_repo: git@github.com:koodiklinikka/koodiklinikka.fi.git
 koodiklinikka_nodejs_version: v0.10.25
+
+koodiklinikka_app_path: /opt/web/koodiklinikka.fi
+koodiklinikka_nvm_script: /opt/web/nvm/nvm.sh
+koodiklinikka_user: web

roles/nginx/tasks/install_nginx.yml

@@ -1,7 +1,4 @@
 ---
-- name: Install python dependencies for managing apt repositories
-  apt: pkg=python-pycurl
-  tags: [nginx, repo]
 
 - name: Add nginx repository
   apt_repository: repo='deb http://nginx.org/packages/ubuntu/ precise nginx' state=present update_cache=yes

roles/tohtori/defaults/main.yml

@@ -0,0 +1,10 @@
+---
+koodiklinikka_tohtori_project_name: tohtori
+koodiklinikka_tohtori_client_repo: git@github.com:koodiklinikka/tohtori.git
+koodiklinikka_tohtori_user: tohtori
+koodiklinikka_tohtori_app_path: /opt/tohtori/tohtori
+
+koodiklinikka_tohtori_container_name: tohtori_bot
+
+ejson_public: 94f3af35ad208d7bc7e3ddf1f9d181d090e3a1c74f9d56851c4f0f1efb04b571
+

roles/tohtori/tasks/build.yml

@@ -0,0 +1,56 @@
+---
+
+- name: Deploy client from git
+  remote_user: "{{ koodiklinikka_tohtori_user }}"
+  action: >
+    git
+    repo="{{ koodiklinikka_tohtori_client_repo }}"
+    dest="{{ koodiklinikka_tohtori_app_path }}"
+    accept_hostkey=True
+  sudo: no
+  register: gitclone
+
+- name: get  previous container
+  shell: docker images|grep {{ koodiklinikka_tohtori_container_name }}|grep latest| awk '{print $3}'
+  register: current_image_sha
+
+- name: Build {{ koodiklinikka_tohtori_container_name }}
+  shell: ./build_docker /opt
+  args:
+    chdir: "{{ koodiklinikka_tohtori_app_path}}/script"
+  sudo: yes
+  #when: gitclone.changed
+  register: container
+
+- name: tag previous version
+  shell: docker tag -f {{ current_image_sha.stdout }} {{ koodiklinikka_tohtori_container_name }}:old
+  when: container is defined and container.changed and current_image_sha.stdout != ""
+
+- name: get running container
+  shell: docker ps -a|grep {{ koodiklinikka_tohtori_container_name }}|grep latest| awk '{print $1}'
+  register: current_container_id
+
+- name: kill old version
+  shell: docker stop {{ koodiklinikka_tohtori_container_name }}
+  when: container is defined and container.changed and current_container_id != ""
+
+- name: get old containers
+  shell: docker ps -a|grep Exited| awk '{print $1}'
+  register: old_containers
+
+- name: clean old containers
+  shell: docker rm $(docker ps -a|grep Exited| awk '{print $1}')
+  when: old_containers.stdout != ""
+
+- name: Start the container
+  shell: docker run -d --name {{ koodiklinikka_tohtori_container_name }} {{ koodiklinikka_tohtori_container_name }}:latest 
+  when: container is defined and container.changed
+
+- name: get old images
+  shell: docker images | grep "^<none>" | awk '{print $3}'
+  register: old_images
+
+- name: clean untagged (old) images
+  shell: docker rmi $(docker images -a | grep "^<none>" | awk '{print $3}')
+  when: old_images.stdout != ""
+  ignore_errors: yes

roles/tohtori/tasks/deploy_ejson.yml

@@ -0,0 +1,9 @@
+- name: Assures /opt/.ejson dir exists
+  file: path=/opt/.ejson state=directory mode=700
+  
+- name: Deploy ejson private key
+  copy:
+    content: "{{ ejson_private_key }}"
+    dest: /opt/.ejson/{{ ejson_public }}
+  tags: [ejson]
+  sudo: true

roles/tohtori/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+- include: tohtori_user.yml
+- include: deploy_ejson.yml
+- include: build.yml

roles/tohtori/tasks/rollback.yml

@@ -0,0 +1,21 @@
+---
+
+- name: get running container
+  shell: docker ps -a|grep {{ koodiklinikka_tohtori_container_name }}|grep latest| awk '{print $1}'
+  register: current_container_id
+
+- name: kill old version
+  shell: docker stop {{ koodiklinikka_tohtori_container_name }}
+  when: current_container_id != ""
+
+- name: get old containers
+  shell: docker ps -a|grep Exited| awk '{print $1}'
+  register: old_containers
+
+- name: clean old containers
+  shell: docker rm $(docker ps -a|grep Exited| awk '{print $1}')
+  when: old_containers.stdout != ""
+
+- name: Start the container
+  shell: docker run -d --name {{ koodiklinikka_tohtori_container_name }} {{ koodiklinikka_tohtori_container_name }}:old
+

roles/tohtori/tasks/tohtori_user.yml

@@ -0,0 +1,5 @@
+---
+- name: Create tohtori user
+  sudo: true
+  user: name=tohtori home=/opt/tohtori password=$1$U7pTMako$SY19s1PIxdD2NCFgM0LQr0
+