Skip to content

Commit

Permalink
fix: ⚗️ edit code to run with new ansible directories
Browse files Browse the repository at this point in the history
  • Loading branch information
Arnaud TARDIF authored and this-is-tobi committed Dec 1, 2022
1 parent 8db2562 commit 8822d95
Show file tree
Hide file tree
Showing 5 changed files with 135 additions and 4 deletions.
4 changes: 2 additions & 2 deletions apps/client/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@ RUN chown -R nginx:nginx /var/cache/nginx && \
chown -R nginx:nginx /etc/nginx/conf.d
RUN touch /var/run/nginx.pid && \
chown -R nginx:nginx /var/run/nginx.pid
RUN chgrp -R root /var/cache/nginx /var/run /var/log/nginx /var/run/nginx.pid && \
chmod -R 775 /var/cache/nginx /var/run /var/log/nginx /var/run/nginx.pid
RUN chgrp -R root /var/cache/nginx /var/run /var/log/nginx /usr/share/nginx/html/assets/ /var/run/nginx.pid && \
chmod -R 775 /var/cache/nginx /var/run /var/log/nginx /usr/share/nginx/html/assets/ /var/run/nginx.pid
RUN apt install curl

USER nginx
Expand Down
3 changes: 2 additions & 1 deletion apps/server/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ WORKDIR /app
RUN chown node:node /app

RUN apt-get update && \
apt-get install python3 python3-pip libsasl2-dev python-dev libldap2-dev libssl-dev git -y && \
apt-get install python3 python3-pip libsasl2-dev python-dev libldap2-dev libssl-dev git nano -y && \
apt clean && \
ln -s /usr/bin/python3 /bin/python3
RUN python3 -m pip install ansible-core==2.13.3 python-ldap python-gitlab requests hvac kubernetes
Expand All @@ -48,6 +48,7 @@ ENV HOME=/home/node
RUN mkdir /dso
COPY --chown=node:node ./ansible/playbooks/* /dso
COPY --chown=node:node --from=build /app/build .
RUN find /dso -xdev -exec chmod g=u {} \; -exec chown :0 {} \;
USER node
RUN ansible-galaxy collection install kubernetes.core community.hashi\_vault community.general

Expand Down
2 changes: 1 addition & 1 deletion apps/server/src/ansible.js
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ export const checkPlaybooksAccess = (playbooksDictionary) => {
export const runPlaybook = (playbooks, vars, env) => {
const args = [
'-i',
`${playbookDir}inventory/${env}`,
`${playbookDir}${env}`,
'--vault-password-file',
`${configDir}.vault-secret`,
'--connection=local',
Expand Down
129 changes: 129 additions & 0 deletions docker/docker-compose.demo.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
# TODO : Ajouter server, db et keycloak

version: '3.9'

services:
keycloak:
restart: always
image: quay.io/keycloak/keycloak:19.0.2
container_name: dso-console_keycloak
ports:
- 8090:8080
volumes:
- ../keycloak/realms:/opt/keycloak/data/import
environment:
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN:-admin}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
command: start-dev --import-realm
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:8080" ]
interval: 10s
timeout: 5s
retries: 10
networks:
- dso-network

postgres:
restart: always
image: postgres:14.5
container_name: dso-console_postgres
environment:
POSTGRES_DB: ${POSTGRES_DATABASE}
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
networks:
- dso-network

server:
restart: always
build:
context: ..
dockerfile: apps/server/Dockerfile
target: prod
image: dso/console/server:demo
container_name: dso-console_server
depends_on:
keycloak:
condition: service_healthy
postgres:
condition: service_started
ports:
- 4000:80
environment:
SERVER_PORT: 80
DB_HOST: postgres
DB_PORT: ${POSTGRES_PORT}
DB_USER: ${POSTGRES_USER}
DB_PASS: ${POSTGRES_PASSWORD}
DB_NAME: ${POSTGRES_DATABASE}
SESSION_SECRET: ${SESSION_SECRET}
KEYCLOAK_DOMAIN: keycloak:8080
KEYCLOAK_REALM: ${KEYCLOAK_REALM}
KEYCLOAK_CLIENT_ID: ${KEYCLOAK_CLIENT_ID_BACKEND}
KEYCLOAK_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET_BACKEND}
KEYCLOAK_REDIRECT_URI: ${KEYCLOAK_REDIRECT_URI}
ANSIBLE_HOST: ansible-api
ANSIBLE_PORT: ${ANSIBLE_PORT}
NODE_ENV: production
networks:
- dso-network

ansible-api:
restart: always
build:
context: ..
dockerfile: apps/ansible-api/Dockerfile
target: prod
image: dso/console/ansible-api:demo
container_name: dso-console_ansible-api
depends_on:
keycloak:
condition: service_healthy
ports:
- 8100:8100
volumes:
- ../ansible/.vault-secret:${CONFIG_DIR:-/config}/.vault-secret
- ../ansible/.kubeconfig:${CONFIG_DIR:-/config}/.kubeconfig
- ../ansible/playbooks:${PLAYBOOK_DIR:-/dso}
environment:
PLAYBOOK_DIR: ${PLAYBOOK_DIR:-/dso}
CONFIG_DIR: ${CONFIG_DIR:-/config}
ANSIBLE_PORT: ${ANSIBLE_PORT}
SESSION_SECRET: ${SESSION_SECRET:-a-very-strong-secret-with-more-than-32-char}
KEYCLOAK_PROTOCOL: ${KEYCLOAK_PROTOCOL:-http}
KEYCLOAK_DOMAIN: keycloak:8080
KEYCLOAK_REALM: ${KEYCLOAK_REALM:-cloud-pi-native}
KEYCLOAK_CLIENT_ID: ${KEYCLOAK_CLIENT_ID_BACKEND:-dso-console-ansible-api}
KEYCLOAK_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET_BACKEND:-client-secret-ansible-api}
NODE_ENV: production
networks:
- dso-network

client:
build:
context: ..
dockerfile: apps/client/Dockerfile
target: prod
image: dso/console/client:demo
container_name: dso-console_client
depends_on:
server:
condition: service_started
ports:
- 8080:8080
environment:
KEYCLOAK_PROTOCOL: ${KEYCLOAK_PROTOCOL}
KEYCLOAK_DOMAIN: localhost:8090
KEYCLOAK_REALM: ${KEYCLOAK_REALM}
KEYCLOAK_CLIENT_ID: ${KEYCLOAK_CLIENT_ID_FRONTEND}
KEYCLOAK_REDIRECT_URI: ${KEYCLOAK_REDIRECT_URI}
SERVER_HOST: server
SERVER_PORT: 80
networks:
- dso-network

networks:
dso-network:
name: dso-network
# driver_opts:
# com.docker.network.driver.mtu: 1450
1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
"type": "module",
"scripts": {
"prepare": "husky install",
"demo:build": "docker compose -f ./docker/docker-compose.demo.yml --env-file ./env/.env build --pull",
"prod": "npm run prod:up; npm run prod:down -v",
"prod:build": "docker compose -f ./docker/docker-compose.prod.yml --env-file ./env/.env build --pull",
"prod:up": "docker compose -f ./docker/docker-compose.prod.yml --env-file ./env/.env up",
Expand Down

0 comments on commit 8822d95

Please sign in to comment.