feat: add Dockerfile to Dockerise the playbook
- Add Dockerfile to install Ansible and the playbook. - Add Makefile target to build the image. - Add Makefile target to run the playbook. - Add the playbook that ansible will run. - Add .dockerignore to limit the files added to the context. - Added a pipeline job to test the image build. - Added a pipeline job to lint the Dockerfile. This closes dananglin/pleroma-ansible-playbook#13
This commit is contained in:
parent
0a418028ab
commit
0cedf15ad9
5 changed files with 168 additions and 4 deletions
5
.dockerignore
Normal file
5
.dockerignore
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
*
|
||||||
|
!roles
|
||||||
|
!library
|
||||||
|
!Makefile
|
||||||
|
!playbook.yml
|
|
@ -1,13 +1,63 @@
|
||||||
---
|
---
|
||||||
image: python:3.7.6-slim-buster
|
|
||||||
|
|
||||||
stages:
|
stages:
|
||||||
- test
|
- test
|
||||||
|
|
||||||
test:
|
.use-python:
|
||||||
|
image: python:3.7.6-slim-buster
|
||||||
|
|
||||||
|
.docker-dind-service:
|
||||||
|
services:
|
||||||
|
- docker:19.03.8-dind
|
||||||
|
|
||||||
|
.use-docker:
|
||||||
|
image: docker:19.03.8
|
||||||
|
|
||||||
|
.install-deps: &install-deps
|
||||||
|
- apk add --no-cache make
|
||||||
|
|
||||||
|
test:dockerfile-lint:
|
||||||
|
image: hadolint/hadolint:v1.17.5-alpine
|
||||||
|
script:
|
||||||
|
- hadolint ./Dockerfile
|
||||||
|
only:
|
||||||
|
refs:
|
||||||
|
- merge_requests
|
||||||
|
changes:
|
||||||
|
- Dockerfile
|
||||||
|
except:
|
||||||
|
refs:
|
||||||
|
- master
|
||||||
|
|
||||||
|
test:docker-image-build:
|
||||||
|
extends:
|
||||||
|
- .docker-dind-service
|
||||||
|
- .use-docker
|
||||||
|
script:
|
||||||
|
- *install-deps
|
||||||
|
- make image
|
||||||
|
stage: test
|
||||||
|
only:
|
||||||
|
refs:
|
||||||
|
- merge_requests
|
||||||
|
changes:
|
||||||
|
- Dockerfile
|
||||||
|
except:
|
||||||
|
refs:
|
||||||
|
- master
|
||||||
|
|
||||||
|
test:custom-modules:
|
||||||
|
extends: .use-python
|
||||||
stage: test
|
stage: test
|
||||||
before_script:
|
before_script:
|
||||||
- apt-get update && apt-get install make
|
- apt-get update && apt-get install make
|
||||||
- pip install ansible==2.9.6
|
- pip install ansible==2.9.6
|
||||||
script:
|
script:
|
||||||
- make test_modules_unit
|
- make test_modules_unit
|
||||||
|
only:
|
||||||
|
refs:
|
||||||
|
- merge_requests
|
||||||
|
changes:
|
||||||
|
- library/*
|
||||||
|
except:
|
||||||
|
refs:
|
||||||
|
- master
|
||||||
|
|
63
Dockerfile
Normal file
63
Dockerfile
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
FROM alpine:3.11
|
||||||
|
|
||||||
|
ARG ANSIBLE_UID=1200
|
||||||
|
ARG ANSIBLE_USER=ansible
|
||||||
|
ARG ANSIBLE_VERSION=2.9.7
|
||||||
|
ARG PLEROMA_PLAYBOOK_DIRECTORY=/ansible/pleroma-playbook
|
||||||
|
ARG BUILD_TIME
|
||||||
|
ARG BUILD_TAG
|
||||||
|
|
||||||
|
# Annotation (label) schema based on the OCI image specification.
|
||||||
|
# https://github.com/opencontainers/image-spec/blob/master/annotations.md
|
||||||
|
LABEL org.opencontainers.image.authors="Dan Anglin <d.n.i.anglin@gmail.com>" \
|
||||||
|
org.opencontainers.image.created=${BUILD_TIME} \
|
||||||
|
org.opencontainers.image.documentation="https://gitlab.com/dananglin/pleroma-ansible-playbook/-/blob/master/README.md" \
|
||||||
|
org.opencontainers.image.source="https://gitlab.com/dananglin/pleroma-ansible-playbook.git" \
|
||||||
|
org.opencontainers.image.version=${BUILD_TAG} \
|
||||||
|
org.opencontainers.image.vendor="Dan Anglin" \
|
||||||
|
org.opencontainers.image.licenses="MIT" \
|
||||||
|
org.opencontainers.image.title="Pleroma Ansible Playbook" \
|
||||||
|
org.opencontainers.image.description="Ansible playbook that installs, configures and customizes Pleroma on a Alpine host."
|
||||||
|
|
||||||
|
RUN \
|
||||||
|
apk add --no-cache \
|
||||||
|
ca-certificates=20191127-r1 \
|
||||||
|
make=4.2.1-r2 \
|
||||||
|
openssh-client=8.1_p1-r0 \
|
||||||
|
openssl=1.1.1g-r0 \
|
||||||
|
python3=3.8.2-r0 \
|
||||||
|
&& \
|
||||||
|
apk add --no-cache --virtual .build-deps \
|
||||||
|
python3-dev=3.8.2-r0 \
|
||||||
|
libffi-dev=3.2.1-r6 \
|
||||||
|
openssl-dev=1.1.1g-r0 \
|
||||||
|
build-base=0.5-r1 \
|
||||||
|
&& \
|
||||||
|
pip3 install --upgrade \
|
||||||
|
pip==20.0.2 \
|
||||||
|
cffi==1.14.0 \
|
||||||
|
&& \
|
||||||
|
pip install \
|
||||||
|
ansible==${ANSIBLE_VERSION} \
|
||||||
|
&& \
|
||||||
|
apk del \
|
||||||
|
.build-deps \
|
||||||
|
&& \
|
||||||
|
adduser -u ${ANSIBLE_UID} -s /bin/sh -D ${ANSIBLE_USER}
|
||||||
|
|
||||||
|
COPY --chown=${ANSIBLE_UID}:${ANSIBLE_UID} library ${PLEROMA_PLAYBOOK_DIRECTORY}/library/
|
||||||
|
COPY --chown=${ANSIBLE_UID}:${ANSIBLE_UID} roles ${PLEROMA_PLAYBOOK_DIRECTORY}/roles/
|
||||||
|
COPY --chown=${ANSIBLE_UID}:${ANSIBLE_UID} playbook.yml ${PLEROMA_PLAYBOOK_DIRECTORY}/playbook.yml
|
||||||
|
COPY --chown=${ANSIBLE_UID}:${ANSIBLE_UID} Makefile ${PLEROMA_PLAYBOOK_DIRECTORY}/Makefile
|
||||||
|
|
||||||
|
ENV ANSIBLE_HOST_KEY_CHECKING=False \
|
||||||
|
ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3 \
|
||||||
|
ANSIBLE_SSH_PIPELINING=False \
|
||||||
|
ANSIBLE_GATHERING=smart \
|
||||||
|
ANSIBLE_RETRY_FILES_ENABLED=False \
|
||||||
|
ANSIBLE_PERSISTENT_CONNECT_TIMEOUT=30 \
|
||||||
|
ANSIBLE_PERSISTENT_COMMAND_TIMEOUT=60
|
||||||
|
|
||||||
|
USER ${ANSIBLE_USER}
|
||||||
|
WORKDIR ${PLEROMA_PLAYBOOK_DIRECTORY}
|
||||||
|
CMD [ "make", "pleroma" ]
|
14
Makefile
14
Makefile
|
@ -1,6 +1,12 @@
|
||||||
VAPID_PRIVATE_KEY_FILE := vapid-private-key.pem
|
VAPID_PRIVATE_KEY_FILE := vapid-private-key.pem
|
||||||
|
INVENTORY ?= "hosts.yml"
|
||||||
|
PLAYBOOK_TAGS ?= "all"
|
||||||
|
PLAYBOOK_FILE ?= "playbook.yml"
|
||||||
|
DOCKERFILE = Dockerfile
|
||||||
|
IMAGE_NAME ?= pleroma-ansible-playbook
|
||||||
|
IMAGE_TAG ?= latest
|
||||||
|
|
||||||
PHONY: secret_key_base signing_salt vapid_private_key vapid_public_key
|
PHONY: secret_key_base signing_salt vapid_private_key vapid_public_key test_modules_unit image pleroma
|
||||||
|
|
||||||
all: secret_key_base signing_salt vapid_key_pair
|
all: secret_key_base signing_salt vapid_key_pair
|
||||||
|
|
||||||
|
@ -27,3 +33,9 @@ vapid_public_key: $(VAPID_PRIVATE_KEY_FILE)
|
||||||
|
|
||||||
test_modules_unit:
|
test_modules_unit:
|
||||||
@find ./library -mindepth 1 -maxdepth 1 -type f -name test_*.py | xargs python3
|
@find ./library -mindepth 1 -maxdepth 1 -type f -name test_*.py | xargs python3
|
||||||
|
|
||||||
|
image:
|
||||||
|
@docker build -f $(DOCKERFILE) -t $(IMAGE_NAME):$(IMAGE_TAG) .
|
||||||
|
|
||||||
|
pleroma:
|
||||||
|
ansible-playbook --inventory $(INVENTORY) --tags $(PLAYBOOK_TAGS) $(EXTRA_ARGS) $(PLAYBOOK_FILE)
|
||||||
|
|
34
playbook.yml
Normal file
34
playbook.yml
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
---
|
||||||
|
- name: Initialising the playbook.
|
||||||
|
hosts: all
|
||||||
|
roles:
|
||||||
|
- init
|
||||||
|
tags:
|
||||||
|
- always
|
||||||
|
|
||||||
|
- name: Setting up the Pleroma database.
|
||||||
|
hosts: pleroma_database
|
||||||
|
become: yes
|
||||||
|
become_method: sudo
|
||||||
|
roles:
|
||||||
|
- pleroma-database
|
||||||
|
tags:
|
||||||
|
- pleroma-database
|
||||||
|
|
||||||
|
- name: Setting up Pleroma.
|
||||||
|
hosts: pleroma_main
|
||||||
|
become: yes
|
||||||
|
become_method: sudo
|
||||||
|
roles:
|
||||||
|
- pleroma-main
|
||||||
|
tags:
|
||||||
|
- pleroma-main
|
||||||
|
|
||||||
|
- name: Setting up the Pleroma proxy layer.
|
||||||
|
hosts: pleroma_proxy
|
||||||
|
become: yes
|
||||||
|
become_method: sudo
|
||||||
|
roles:
|
||||||
|
- pleroma-proxy
|
||||||
|
tags:
|
||||||
|
- pleroma-proxy
|
Reference in a new issue