put redis in its own playbook for the background server only, since w…

…e need to connect via the internal network
CottageLabs · Nov 27, 2024 · 1e27f33 · 1e27f33
1 parent 4016484
commit 1e27f33
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 11 deletions.
diff --git a/ansible/doaj-hosts.ini b/ansible/doaj-hosts.ini
@@ -1,19 +1,23 @@
 [index]
-doaj-index-1 ansible_host=161.35.175.250 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
-doaj-index-2 ansible_host=64.227.32.57 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
+doaj-index-1 ansible_host=161.35.175.250
+doaj-index-2 ansible_host=64.227.32.57
 
 [app]
-doaj-public-1 ansible_host=134.209.177.128 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
-doaj-editor-1 ansible_host=159.65.52.96 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
-doaj-background-1 ansible_host=144.126.195.25 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
+doaj-public-1 ansible_host=134.209.177.128
+doaj-editor-1 ansible_host=159.65.52.96
+doaj-background-1 ansible_host=144.126.195.25
+
+[bg]
+doaj-background-1 ansible_host=144.126.195.25
 
 [monitor]
-doaj-kibana ansible_host=138.68.157.255 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
+doaj-kibana ansible_host=138.68.157.255
 
 [test]
-doaj-new-test-1 ansible_host=209.97.137.38 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
-doaj-test-es7 ansible_host=188.166.152.98 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj
-
+doaj-new-test-1 ansible_host=209.97.137.38
+doaj-test-es7 ansible_host=188.166.152.98 
 
 [all:vars]
 ansible_python_interpreter=/usr/bin/python3
+ansible_user=cloo
+ansible_ssh_private_key_file=~/.ssh/cl-doaj
diff --git a/ansible/provision/redis_setup.yml b/ansible/provision/redis_setup.yml
@@ -0,0 +1,39 @@
+# Set up Redis in production for access from other machines (on the background server)
+# NOTE: Firewall isn't handled here. It should be set in DO or the provision script.
+
+## ansible-playbook -i ../doaj-hosts.ini redis_setup.yml --limit "doaj-background-1"
+---
+
+- name: Setup Redis for common access from app servers
+  hosts: bg
+  become: true
+  gather_facts: yes
+
+  tasks:
+    - name: Debug hostname
+      debug:
+        msg: "Configuring redis on host {{ inventory_hostname }} with internal IP {{ ansible_facts.eth1.ipv4.address }}"
+
+    - name: Ensure redis is installed
+      apt:
+        name:
+          - redis
+        state: present
+        update_cache: yes
+
+    - name: Edit the redis config to expose redis over eth1
+      lineinfile: 
+        dest: /etc/redis/redis.conf
+        regexp: '^bind\s+'
+        line: "bind {{ ansible_facts.eth1.ipv4.address }} 127.0.0.1 ::1"
+        state: present
+        backup: yes
+        backrefs: yes
+      register: config_updated
+
+    - name: Restart redis with the new configuration if necessary
+      ansible.builtin.service:
+        name: redis-server
+        state: restarted
+      when: config_updated
+
diff --git a/ansible/provision/server_initial_setup.yml b/ansible/provision/server_initial_setup.yml
@@ -4,7 +4,7 @@
 # ansible-playbook -i doaj-hosts.ini server_initial_setup.yml --limit "hostname_or_ip" -e "git_branch=feature/new-feature"
 ---
 - name: Setup VM for DOAJ application
-  hosts: all
+  hosts: all:!index
   become: true  # Escalate privileges if needed
   vars:
     git_branch: "main"

diff --git a/cloud-init_userdata/doaj-app_cloud-config.txt b/cloud-init_userdata/doaj-app_cloud-config.txt
@@ -43,4 +43,3 @@ packages:
   - libxml2-dev
   - libxslt-dev
   - lib32z1-dev
-  - redis