From c84ac5694f71a021a46a944437f938960c1c009c Mon Sep 17 00:00:00 2001 From: Micha Date: Mon, 19 Jan 2026 18:49:19 +0100 Subject: [PATCH] added ansible playbook --- ansible/ansible.cfg | 4 + ansible/deploy-to-prod.yaml | 15 ++++ ansible/hosts.ini | 8 ++ ansible/roles/weekly/tasks/main.yaml | 91 +++++++++++++++++++++++ ansible/vars/vars.yaml | 5 ++ ansible/vars/vault.yaml | 9 +++ app/Http/Controllers/PortalController.php | 3 +- 7 files changed, 134 insertions(+), 1 deletion(-) create mode 100644 ansible/ansible.cfg create mode 100644 ansible/deploy-to-prod.yaml create mode 100644 ansible/hosts.ini create mode 100644 ansible/roles/weekly/tasks/main.yaml create mode 100644 ansible/vars/vars.yaml create mode 100644 ansible/vars/vault.yaml diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg new file mode 100644 index 0000000..b49375f --- /dev/null +++ b/ansible/ansible.cfg @@ -0,0 +1,4 @@ +[defaults] +inventory = ./hosts.ini +set_remote_user = yes +allow_world_readable_tmpfiles=true \ No newline at end of file diff --git a/ansible/deploy-to-prod.yaml b/ansible/deploy-to-prod.yaml new file mode 100644 index 0000000..5370c8c --- /dev/null +++ b/ansible/deploy-to-prod.yaml @@ -0,0 +1,15 @@ +--- +- name: Ping the hosts defined in hosts.ini + hosts: prod + vars_files: + - ./vars/vault.yaml + - ./vars/vars.yaml + + gather_facts: yes + + tasks: + - name: Ping the hosts + ping: + + roles: + - weekly diff --git a/ansible/hosts.ini b/ansible/hosts.ini new file mode 100644 index 0000000..9b7a2a3 --- /dev/null +++ b/ansible/hosts.ini @@ -0,0 +1,8 @@ +[dev] +fd20:2184:8045:4973:5054:ff:fe6c:13d1 ansible_connection=local + +[prod] +weekly.24unix.net ansible_user=tracer ansible_become_password= + + + diff --git a/ansible/roles/weekly/tasks/main.yaml b/ansible/roles/weekly/tasks/main.yaml new file mode 100644 index 0000000..82daa3c --- /dev/null +++ b/ansible/roles/weekly/tasks/main.yaml @@ -0,0 +1,91 @@ +--- +- name: Check if base_dir exists + stat: + path: "{{ prod_base_dir }}" + register: base_dir_status + +- name: Fetch latest code + git: + repo: "{{ git_repo }}" + dest: "{{ prod_base_dir }}" + version: "master" + update: yes + force: true + register: git_result + +- debug: + var: git_result + +- name: Download and installs all libs and dependencies + community.general.composer: + command: install + arguments: --no-dev --optimize-autoloader + working_dir: "{{ prod_base_dir }}" + php_path: /usr/bin/keyhelp-php84 + +- name: Install node_modules + npm: + path: "{{ prod_base_dir }}" + state: present + when: git_result.changed + +- name: Build frontend + command: "npm run build" + args: + chdir: "{{ prod_base_dir }}" + +- name: Clear config cache + command: "keyhelp-php84 artisan config:clear" + args: + chdir: "{{ prod_base_dir }}" + +- name: Clear application cache + command: "keyhelp-php84 artisan cache:clear" + args: + chdir: "{{ prod_base_dir }}" + +- name: Create database backup directory + file: + path: "{{ prod_base_dir }}/backups" + state: directory + mode: '0755' + +- name: Backup database before migrations + shell: | + cd {{ prod_base_dir }} + DB_USERNAME=$(grep DB_USERNAME .env | cut -d '=' -f2) + DB_PASSWORD=$(grep DB_PASSWORD .env | cut -d '=' -f2) + DB_DATABASE=$(grep DB_DATABASE .env | cut -d '=' -f2) + BACKUP_FILE="{{ prod_base_dir }}/backups/db_backup_$(date +%Y%m%d_%H%M%S).sql" + mysqldump -u "$DB_USERNAME" -p"$DB_PASSWORD" "$DB_DATABASE" > "$BACKUP_FILE" + echo "$BACKUP_FILE" + register: backup_result + +- name: Display backup location + debug: + msg: "Database backed up to: {{ backup_result.stdout }}" + +- name: Run database migrations safely + command: "keyhelp-php84 artisan migrate:safe --force" + args: + chdir: "{{ prod_base_dir }}" + register: migrate_result + failed_when: migrate_result.rc != 0 + +- name: Display migration result + debug: + var: migrate_result + +- name: Remove old database backups (keep last 10) + shell: | + cd {{ prod_base_dir }}/backups + ls -t db_backup_*.sql | tail -n +11 | xargs -r rm + ignore_errors: yes + +- name: Run version fetch command + command: "keyhelp-php84 artisan version:fetch" + args: + chdir: "{{ prod_base_dir }}" + +- name: Reload PHP-FPM to clear OPcache + command: sudo /usr/bin/systemctl reload keyhelp-php84-fpm.service diff --git a/ansible/vars/vars.yaml b/ansible/vars/vars.yaml new file mode 100644 index 0000000..15e6967 --- /dev/null +++ b/ansible/vars/vars.yaml @@ -0,0 +1,5 @@ +--- +git_repo: "gitea@git.24unix.net:tracer/weekly.git" +prod_base_dir: "/home/users/tracer/www/weekly.24unix.net/weekly" + +prod_become_user: "{{ vault_prod_become_user }}" diff --git a/ansible/vars/vault.yaml b/ansible/vars/vault.yaml new file mode 100644 index 0000000..cebf5f3 --- /dev/null +++ b/ansible/vars/vault.yaml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +31623264303535663263613235356231623137333734626164376138656532623937316534333835 +3661666237386534373466356136393566333162326562330a383833363737323637363738616666 +62393164326465376634356666303861613362313430656161653531373733353530636265353738 +3863633131313834390a356663373338346137373662356161643336636534626130313466343566 +36653636333838633938323363646335663935646135613632356434396436326131323361366561 +32633939346163356131663266346539323330613536333838616332646139313731326133646165 +31343763636337306263646631353562646462323631383439353738333035623664623163303839 +34343261383738396534 diff --git a/app/Http/Controllers/PortalController.php b/app/Http/Controllers/PortalController.php index bb2c876..cf3980d 100644 --- a/app/Http/Controllers/PortalController.php +++ b/app/Http/Controllers/PortalController.php @@ -44,7 +44,8 @@ class PortalController extends Controller $stats = [ 'threads' => Thread::query()->withoutTrashed()->count(), - 'posts' => Post::query()->withoutTrashed()->count(), + 'posts' => Post::query()->withoutTrashed()->count() + + Thread::query()->withoutTrashed()->count(), 'users' => User::query()->count(), ];