diff --git a/ansible/doaj-hosts.ini b/ansible/doaj-hosts.ini index 77ca258..a327c18 100644 --- a/ansible/doaj-hosts.ini +++ b/ansible/doaj-hosts.ini @@ -1,19 +1,23 @@ [index] -doaj-index-1 ansible_host=161.35.175.250 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj -doaj-index-2 ansible_host=64.227.32.57 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj +doaj-index-1 ansible_host=161.35.175.250 +doaj-index-2 ansible_host=64.227.32.57 [app] -doaj-public-1 ansible_host=134.209.177.128 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj -doaj-editor-1 ansible_host=159.65.52.96 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj -doaj-background-1 ansible_host=144.126.195.25 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj +doaj-public-1 ansible_host=134.209.177.128 +doaj-editor-1 ansible_host=159.65.52.96 +doaj-background-1 ansible_host=144.126.195.25 + +[bg] +doaj-background-1 ansible_host=144.126.195.25 [monitor] -doaj-kibana ansible_host=138.68.157.255 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj +doaj-kibana ansible_host=138.68.157.255 [test] -doaj-new-test-1 ansible_host=209.97.137.38 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj -doaj-test-es7 ansible_host=188.166.152.98 ansible_user=cloo ansible_ssh_private_key_file=~/.ssh/cl-doaj - +doaj-new-test-1 ansible_host=209.97.137.38 +doaj-test-es7 ansible_host=188.166.152.98 [all:vars] ansible_python_interpreter=/usr/bin/python3 +ansible_user=cloo +ansible_ssh_private_key_file=~/.ssh/cl-doaj diff --git a/ansible/provision/redis_setup.yml b/ansible/provision/redis_setup.yml new file mode 100644 index 0000000..42147f5 --- /dev/null +++ b/ansible/provision/redis_setup.yml @@ -0,0 +1,39 @@ +# Set up Redis in production for access from other machines (on the background server) +# NOTE: Firewall isn't handled here. It should be set in DO or the provision script. + +## ansible-playbook -i ../doaj-hosts.ini redis_setup.yml --limit "doaj-background-1" +--- + +- name: Setup Redis for common access from app servers + hosts: bg + become: true + gather_facts: yes + + tasks: + - name: Debug hostname + debug: + msg: "Configuring redis on host {{ inventory_hostname }} with internal IP {{ ansible_facts.eth1.ipv4.address }}" + + - name: Ensure redis is installed + apt: + name: + - redis + state: present + update_cache: yes + + - name: Edit the redis config to expose redis over eth1 + lineinfile: + dest: /etc/redis/redis.conf + regexp: '^bind\s+' + line: "bind {{ ansible_facts.eth1.ipv4.address }} 127.0.0.1 ::1" + state: present + backup: yes + backrefs: yes + register: config_updated + + - name: Restart redis with the new configuration if necessary + ansible.builtin.service: + name: redis-server + state: restarted + when: config_updated + diff --git a/ansible/provision/server_initial_setup.yml b/ansible/provision/server_initial_setup.yml index 5ba4842..a9b977c 100644 --- a/ansible/provision/server_initial_setup.yml +++ b/ansible/provision/server_initial_setup.yml @@ -4,7 +4,7 @@ # ansible-playbook -i doaj-hosts.ini server_initial_setup.yml --limit "hostname_or_ip" -e "git_branch=feature/new-feature" --- - name: Setup VM for DOAJ application - hosts: all + hosts: all:!index become: true # Escalate privileges if needed vars: git_branch: "main" diff --git a/cloud-init_userdata/doaj-app_cloud-config.txt b/cloud-init_userdata/doaj-app_cloud-config.txt index 3e094b4..858c7be 100644 --- a/cloud-init_userdata/doaj-app_cloud-config.txt +++ b/cloud-init_userdata/doaj-app_cloud-config.txt @@ -43,4 +43,3 @@ packages: - libxml2-dev - libxslt-dev - lib32z1-dev - - redis