diff --git a/README.md b/README.md index ca86049..6bba23e 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,7 @@ We provide two examples to run the playbook as-is without further modifications. - Create a json file containing the variables for the playbook or pass them via cli - Run provision command -**Example inventory to install the trento-server and provision postgres and rabbitmq, all on the same host** +**Example inventory to install the trento-server and provision postgres, rabbitmq and prometheus all on the same host** ```yaml all: @@ -65,6 +65,11 @@ all: vitellone: ansible_host: "your-host" ansible_user: "your-user" + prometheus-hosts: + hosts: + vitellone: + ansible_host: "your-host" + ansible_user: "your-user" ``` **Example json variables file to install trento-server with the all in one node configuration** @@ -82,7 +87,7 @@ all: --- -**Example inventory to install trento-server, provision postgres and rabbitmq, each component on dedicated node** +**Example inventory to install trento-server, provision postgres, rabbitmq and prometheus each component on dedicated node** ```yaml all: @@ -102,9 +107,14 @@ all: vitellone-mq: ansible_host: "your-host" ansible_user: "your-user" + prometheus-hosts: + hosts: + vitellone-metrics: + ansible_host: "your-host" + ansible_user: "your-user" ``` -**Example json variables files to install trento-server, provision postgres and rabbitmq, each component on dedicated node** +**Example json variables files to install trento-server, provision postgres, prometheus and rabbitmq, each component on dedicated node** ```json { @@ -319,7 +329,11 @@ $ ansible-playbook -i inventory.yml --extra-vars @extra-vars.json playbook.clean You can test the playbook using vagrant, the default configuration in this repository assumes that you have VirtualBox, change it to what matches your setup. -The `Vagrantfile` contains sane defaults for running the playbook, you can find the application running on `localhost:8080` or `trento.local:8080` if you have `trento.local` as `localhost` alias in your `/etc/hosts`. +The `Vagrantfile` contains sane defaults for running the playbook, it assumes that you have `trento.local` as `localhost` alias in your `/etc/hosts`. + +You can reach the trento application using `https://trento.local:8443`. + +The Vagrantfile contains a self signed certificate for `trento.local` domain, make sure you accept the exception when prompted by your browser. Start the vagrant box @@ -327,7 +341,7 @@ Start the vagrant box $ vagrant up ``` -This will spawn a vagrant box with `Opensuse Leap 15.3` as base box. The provisioning will be automatic after the box starts. +This will spawn a vagrant box with `Opensuse Leap 15.4` as base box. The provisioning will be automatic after the box starts. Force provision the vagrant box diff --git a/Vagrantfile b/Vagrantfile index 110f112..6ae8542 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,18 +1,85 @@ Vagrant.require_version ">= 1.8.0" Vagrant.configure(2) do |config| + config.vm.box = "opensuse/Leap-15.4.x86_64" + config.vm.define "machine1" - config.vm.box = "opensuse/Leap-15.3.x86_64" config.vm.provision "ansible" do |ansible| - # ansible.verbose = "v" ansible.playbook = "playbook.yml" + ansible.groups = { + "trento-server" => ["machine1"], + "postgres-hosts" => ["machine1"], + "prometheus-hosts" => ["machine1"], + "rabbitmq-hosts" => ["machine1"] + } ansible.extra_vars = { web_postgres_password: "pass", wanda_postgres_password: "wanda", rabbitmq_password: "trento", + nginx_vhost_filename: "trento.conf", prometheus_url: "http://localhost", web_admin_password: "adminpassword", - trento_server_name: "trento.local trento.local:8080" + trento_server_name: "trento.local", + nginx_ssl_cert_as_base64: "false", + nginx_ssl_key_as_base64: "false", + nginx_ssl_cert: " +-----BEGIN CERTIFICATE----- +MIIEZDCCA0ygAwIBAgIUAue46Y/9kwT+zvPPW2xfuNv1+Z4wDQYJKoZIhvcNAQEL +BQAwXjELMAkGA1UEBhMCSVQxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UE +CgwTRGVmYXVsdCBDb21wYW55IEx0ZDEaMBgGA1UEAwwRdHJlbnRvLmxvY2FsOjgw +ODAwHhcNMjQwMTIzMTUyODE1WhcNMzQwMTIwMTUyODE1WjBeMQswCQYDVQQGEwJJ +VDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBh +bnkgTHRkMRowGAYDVQQDDBF0cmVudG8ubG9jYWw6ODA4MDCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBALUvsN1zqhho08Ixdt55QuOpk21dAzBNkLf126FL +95285571KHPXLYmJB4fyrQOThFhNb8khtwJ9/R5Bo4xe/4RJKBMfVlklTw0/Vb76 +1EuTta2ei0SsvoVvxB/x0gUYDH3zhKjyTJXdmlBT8B4qTj6PAHpVkbvwOKQJxVz0 +zIIWYjOEVFERcVu0PGPPbLSBgedP+0izw/mq8C6OehrvYEIiHHWmCYtPctZFw5lh +F/Tt1erpFnX46TuwR5mujUvrAJLh3ytzJkLKaqD3mYzURtxrczYxGkztAvFmRDGu +lIFgXjWbTa5HUrRAa0SajJlQyxjA79Pgj6DgClgDFr7Ra9ECAwEAAaOCARgwggEU +MB0GA1UdDgQWBBQjO0boaaNuXxFgSn3ESPJKdJ/tyDCBmwYDVR0jBIGTMIGQgBQj +O0boaaNuXxFgSn3ESPJKdJ/tyKFipGAwXjELMAkGA1UEBhMCSVQxFTATBgNVBAcM +DERlZmF1bHQgQ2l0eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55IEx0ZDEaMBgG +A1UEAwwRdHJlbnRvLmxvY2FsOjgwODCCFALnuOmP/ZME/s7zz1tsX7jb9fmeMAwG +A1UdEwQFMAMBAf8wCwYDVR0PBAQDAgL8MBwGA1UdEQQVMBOCEXRyZW50by5sb2Nh +bDo4MDgwMBwGA1UdEgQVMBOCEXRyZW50by5sb2NhbDo4MDgwMA0GCSqGSIb3DQEB +CwUAA4IBAQAFCeRnF4lli/yn/aRHnwhs5H/G8s9O2X2qmohJG5AK3sZlK8gEXjhE +jiCailneKLBbu2WeT42Bg9AId94Nr4aDT7UlOYnhwk3WeMeFeEyH2QA1NzU23QFW +yMGFP0TUuENjMRYTgCsxvvsdhZ0/TqA8dYItKgpjVww7urRuKGJEFsf+wqQHKRTp +nOUlSPiGZ6xKJtRbpO6WSu2EkvQteA9HGS5qAqYbeJ7+ED+AE+fTQp3YwzhGl3G1 +/3inS6wEPch/h0eJDSClXNYOApf6xRjUGcJ2XmutUdJq+MZ789WayQ1xjYPUSyCD +vzczKRPmQOQbiu02WM2hivWtPBH//A5N +-----END CERTIFICATE----- + ", + nginx_ssl_key: " +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1L7Ddc6oYaNPC +MXbeeULjqZNtXQMwTZC39duhS/edvOee9Shz1y2JiQeH8q0Dk4RYTW/JIbcCff0e +QaOMXv+ESSgTH1ZZJU8NP1W++tRLk7WtnotErL6Fb8Qf8dIFGAx984So8kyV3ZpQ +U/AeKk4+jwB6VZG78DikCcVc9MyCFmIzhFRREXFbtDxjz2y0gYHnT/tIs8P5qvAu +jnoa72BCIhx1pgmLT3LWRcOZYRf07dXq6RZ1+Ok7sEeZro1L6wCS4d8rcyZCymqg +95mM1Ebca3M2MRpM7QLxZkQxrpSBYF41m02uR1K0QGtEmoyZUMsYwO/T4I+g4ApY +Axa+0WvRAgMBAAECggEAAs31Gamfy0UuUVVEUvz/3xS2jhtIY619rrIUHY1QTPbt +HTG/BK0C3M9CaGh5ZMKz3WbxP4tUreNfASjQfa/Rc9eEjE6gWE/ajYWELKK6DMOI +BnYVT1SyFcNrpVFwGALxAlv8IV48kOP9wdEzMfcjOZA4PtlQ4LHfFJK8pSigx9r6 +KU4m8aAEiZi8uq3AWWwL18Y6HO03jyYGCOkZs3xK/wBW6loJWt7vvI42MN8GQkLE +t6CG+PlgWmi7PrsuKS7hItJgu7KVzDKXtbmo0nOqbRCKeSv30pj6R5Ujcn07lK7I +Ed65tQjkgsESlY23g0+E1uKsT1QIS8sutfoMEpszaQKBgQD3HUJh5feyBFrW6kiy +RKUPTKpKxsqWcEpwH5P9m7gZjr0l5oHaCtAS0GBd3UklQx+9DOuvSFAxPWG+VARI +IFdA80LbhuvSqV+7weUbNwIcSnUu7+4oGejk/zonsTKxwYe5hL05jM+trdGkkRvo +hrQ47FQ2MJm2cylrSL1O0Hp46QKBgQC7s4zNqV+sUoEEQwCntLmS+GgNx1iq7Ibx +89QK7Q6WersLi4nVmNCIODrL/SkeraJeZLUIXdDcvZlt4bFWmTx3EECJKoVL1/Q0 +YlNx/FZYZBqcCr6hBhovbpMkbOFxX3Xuo2FMf7++tBrEwFom3r/9Wx1KMGkum73G +Sv9vlDqKqQKBgAg9IH51FVoJDSJHM19GLJ6i9raBhDWZztGIK/3zmCK6AJJn6gJk +A+XsrpnSi+LDJya9bIouhgXuPvkCghYJhf8zXRJGoEwou3leEI5kuhxJWzjSZQVP +P9WKsNyr6r3Ebwr/YvOtPytSNUAgWmbZPt76+h/IZQeRNVtPVIhxKPQpAoGABB/N +2DcAgyjM7OsL+KNf8HrEzoiyyg6oaGiTICpVR7kqovZN8QOKkXOq1xCY9rOZ/bj4 +wVZOYItJ88AhxWVYjsUspdbpVuFH3F7MtpR00Txh2UvjJGad7KzhTsuVqIgQb03n +tWaZL/eFHw2a7X+3eDmoSxkFNqD1aoX7VthK8QECgYEAs99HdXW9LlGQeoUrG5UX +14Zm7CH/6TtwdWFpbcppJpipEtbDHyjpyiDlrgI4uxVilPnrBQtgzHCf8U2xQDJF +l0GpzDqUXDQI3wdzi8gVUBgPpjfVa9msafc7m6faT8myjHr/p6TJKj9Z36j58WHv +mpNiKDOPALNTs+Ukdkt5KlE= +-----END PRIVATE KEY----- + " } end config.vm.provider "virtualbox" do |v| @@ -20,4 +87,5 @@ Vagrant.configure(2) do |config| v.cpus = 4 end config.vm.network "forwarded_port", guest: 80, host: 8080 + config.vm.network "forwarded_port", guest: 443, host: 8443 end \ No newline at end of file diff --git a/requirements.yml b/requirements.yml index c654bb5..f9379b6 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,3 +4,4 @@ collections: - community.general - community.rabbitmq - community.postgresql + - ansible.posix diff --git a/ssl/place-cert-key-here b/ssl/place-cert-key-here deleted file mode 100644 index e69de29..0000000