Updated ansible docker script

data/ansible/docker/docker-compose.yaml

@@ -4,7 +4,7 @@ nginx:
   # Ref. https://github.com/nginxinc/docker-nginx/issues/29
   image: "nginx:alpine"
   ports:
-    - 5043:443
+    - 80:80
   links:
     - registry:registry
   volumes:

data/ansible/docker/docker.yaml

@@ -1,17 +1,20 @@
 ---
 
 - name: Add Docker's public GPG key to the APT keyring
+  become: true
   apt_key:
     url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
     state: present
 
 - name: Configure Docker's upstream APT repository
+  become: true
   apt_repository:
     repo: deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable
     state: present
     update_cache: yes
 
 - name: Install Docker
+  become: true
   apt:
     name:
       - docker-ce 
@@ -20,15 +23,39 @@
     state: "present"
 
 - name: Add user(s) to "docker" group
+  become: true
   user:
-    name: "{{ item }}"
+    name: "{{ gouser }}"
     groups: "docker"
     append: true
-  loop: "{{ docker__users }}"
 
 - name: Enable service docker and ensure it is not masked
+  become: true
   systemd:
     name: docker
     state: started
     enabled: yes
     masked: no
+
+- name: Install Docker Module for Python
+  shell: "pip3 install docker"
+
+- name: Creates directory
+  become: yes
+  file:
+    path: /var/docker/registry
+    state: directory
+
+- name: Check if registry is running
+  become: yes
+  shell: docker container ls -q -f="name=registry"
+  register: continerList
+
+- name:  Start registry
+  become: yes
+  shell: sudo docker run -d --name registry --restart=always -v "$(pwd)":/var/lib/registry -p 5000:5000 registry:2
+  args:
+    chdir: /var/docker/registry
+  when: continerList.stdout_lines|length == 0
+
+   

data/ansible/docker/main.yaml

@@ -1,6 +1,6 @@
 ---
 - name: Check and set python version on APT server
-  hosts: apt
+  hosts: docker
   remote_user: '{{ gouser }}'
   gather_facts: false
   tasks:
@@ -11,19 +11,7 @@
         fi
       become: true
 
-- name: Check and set python version on PKG server
-  hosts: pkg
-  remote_user: '{{ gouser }}'
-  gather_facts: false
-  tasks:
-    - name: symlink /usr/bin/python -> /usr/bin/python3
-      raw: |
-        if [ -f /usr/bin/python3 ] && [ ! -f /usr/bin/python ]; then
-          ln --symbolic /usr/bin/python3 /usr/bin/python; 
-        fi
-      become: true
-
-- hosts: apt
+- hosts: docker
   vars:
     ###############################################################
     ##################### Golang Vars #############################
@@ -46,22 +34,6 @@
     # CGRateS vars
     cgrates_dir: "{{ golang_gopath }}/src/github.com/cgrates/cgrates"
     cgrates_branch: "master"
-    cgrates_distribution: "nightly"
-    ###############################################################
-    ######################## GPG Vars #############################
-    ###############################################################
-    gpg_home: "/root"
-    gpg_realname: "CGRateS"
-    gpg_useremail: "cgrates@itsyscom.com"
-    gpg_pubkeyfileexport: "apt.cgrates.org.gpg.key"
-
-    gpg_keylength: 2048
-    gpg_subkeylength: 2048
-    gpg_expire: 360
-
-    rootUser : root
-
-    customPath: "{{ lookup('env','PATH') }}:{{ golang_gopath }}/bin:/usr/local/go/bin:{{ ansible_env.PATH }}"
 
     dependencies:
       - build-essential
@@ -72,12 +44,14 @@
       - gnupg2
       - software-properties-common
       - nginx
-
+      - python3
+      - python3-pip
+      - virtualenv
+      - python3-setuptools
+    rootUser : root
+    
   remote_user: '{{ gouser }}'
   tasks:
-    - name: set cgrates cgrates_distribution
-      set_fact:
-        cgrates_distribution: "{{ cgrates_distribution }}"
 ###########################################################################################################################
 ###########################################################################################################################
 # install dependencies
@@ -89,7 +63,7 @@
 # Prepare for configuration
     - name: Check if NGINX needs to be configured
       become: true
-      shell: "ls /etc/nginx/sites-enabled | grep 'apt.cgrates.org.vhost'"
+      shell: "ls /etc/nginx/sites-enabled | grep 'docker.cgrates.org.vhost'"
       ignore_errors: true
       register: nginxConfig
 
@@ -97,6 +71,9 @@
       include: nginx.yaml
       when: nginxConfig.stdout_lines|length < 1
 
+    - name: Configure docker 
+      include: docker.yaml
+
 ###########################################################################################################################
 ###########################################################################################################################
 # Install Golang
@@ -135,22 +112,28 @@
       become: yes
       become_user: "{{ gouser }}"
 
-    - name:  build cgrates
-      shell: "sh {{ cgrates_dir }}/build.sh"
+    - name:  build cgrates for docker
+      shell: "sh {{ cgrates_dir }}/data/docker/scratch/build.sh"
       environment:
         PATH: "{{ lookup('env','PATH') }}:{{ golang_gopath }}/bin:/usr/local/go/bin:{{ ansible_env.PATH }}"
       args:
-        chdir: '{{ cgrates_dir }}'
+        chdir: '{{ cgrates_dir }}/data/docker/scratch'
 
-    - name: symbol link
+    - name: copy default config
+      copy:
+        src: "{{ cgrates_dir }}/data/conf/cgrates/cgrates.json"
+        dest: "{{ cgrates_dir }}/data/docker/scratch/cgrates.json"
+    
+    - name: build Docker image
       become: yes
-      file:
-        src: "{{ cgrates_dir }}/data"
-        dest: "/usr/share/cgrates"
-        state: link
-            
-    - name: get git tag
-      shell: "git tag -l --points-at HEAD"
+      shell: "docker build -t cgrates {{ cgrates_dir }}/data/docker/scratch/"
       args:
-        chdir: '{{ cgrates_dir }}'
-      register: gitTagVar
+        chdir: '{{ cgrates_dir }}/data/docker/scratch'
+    
+    - name: tag docker image
+      become: yes
+      shell: "sudo docker tag cgrates 127.0.0.1:5000/cgrates:{{ cgrates_branch }}"
+
+    - name: push docker image to repo
+      become: yes
+      shell: "sudo docker image push 127.0.0.1:5000/cgrates:{{ cgrates_branch }}"

data/ansible/docker/nginx.conf

@@ -1,66 +0,0 @@
-events {
-    worker_connections  1024;
-}
-
-http {
-  upstream docker-registry {
-    server registry:5000;
-  }
-
-  ## Set a variable to help us decide if we need to add the
-  ## 'Docker-Distribution-Api-Version' header.
-  ## The registry always sets this header.
-  ## In the case of nginx performing auth, the header is unset
-  ## since nginx is auth-ing before proxying.
-  map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
-    '' 'registry/2.0';
-  }
-
-
-  server {
-    listen 443 ;#ssl;
-    server_name 127.0.0.1;
-
-    # SSL
-    # ssl_certificate /etc/nginx/conf.d/domain.crt;
-    # ssl_certificate_key /etc/nginx/conf.d/domain.key;
-
-    # # Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
-    # ssl_protocols TLSv1.1 TLSv1.2;
-    # ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
-    # ssl_prefer_server_ciphers on;
-    # ssl_session_cache shared:SSL:10m;
-
-    # disable any limits to avoid HTTP 413 for large image uploads
-    client_max_body_size 0;
-
-    # required to avoid HTTP 411: see Issue #1486 (https://github.com/moby/moby/issues/1486)
-    chunked_transfer_encoding on;
-
-    location /v2/ {
-      # Do not allow connections from docker 1.5 and earlier
-      # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
-      if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
-        return 404;
-      }
-
-      # To add basic authentication to v2 use auth_basic setting.
-      limit_except GET HEAD OPTIONS {
-        deny all;
-        # auth_basic "Registry realm";
-        # auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd;
-      }
-
-      ## If $docker_distribution_api_version is empty, the header is not added.
-      ## See the map directive above where this variable is defined.
-      add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;
-
-      proxy_pass                          http://docker-registry;
-      proxy_set_header  Host              $http_host;   # required for docker client's sake
-      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
-      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
-      # proxy_set_header  X-Forwarded-Proto $scheme;
-      proxy_read_timeout                  900;
-    }
-  }
-}

data/ansible/docker/nginx.conf.j2

@@ -1,22 +1,41 @@
 {{ ansible_managed | comment }}
+map $upstream_http_docker_distribution_api_version $docker_distribution_api_version {
+  '' 'registry/2.0';
+}
+
 server {
   listen 80;
-  server_name apt.cgrates.org;
+  server_name 192.168.59.203;
 
-  access_log /var/log/nginx/packages-error.log;
-  error_log /var/log/nginx/packages-error.log;
+  access_log /var/log/nginx/docker-error.log;
+  error_log /var/log/nginx/docker-error.log;
 
-  location / {
-    root /var/packages;
-    index index.html;
-    autoindex on;
+  # required to avoid HTTP 411: see Issue #1486 (https://github.com/moby/moby/issues/1486)
+  chunked_transfer_encoding on;
+
+  location /v2/ {
+    # Do not allow connections from docker 1.5 and earlier
+    # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
+    if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
+      return 404;
+    }
+
+    # To add basic authentication to v2 use auth_basic setting.
+    limit_except GET HEAD OPTIONS {
+      deny all;
+      # auth_basic "Registry realm";
+      # auth_basic_user_file /etc/nginx/conf.d/nginx.htpasswd;
+    }
+
+    ## If $docker_distribution_api_version is empty, the header is not added.
+    ## See the map directive above where this variable is defined.
+    add_header 'Docker-Distribution-Api-Version' $docker_distribution_api_version always;
+
+    proxy_pass                          http://127.0.0.1:5000;
+    proxy_set_header  Host              $http_host;   # required for docker client's sake
+    proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
+    proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
+    # proxy_set_header  X-Forwarded-Proto $scheme;
+    proxy_read_timeout                  900;
   }
-
-  location ~ /(.*)/conf {
-    deny all;
-  }
-
-  location ~ /(.*)/db {
-    deny all;
-  }
-}
+}

data/ansible/docker/nginx.yaml

@@ -3,15 +3,15 @@
   become: true
   template:
     src: nginx.conf.j2
-    dest: "/etc/nginx/sites-available/apt.cgrates.org.vhost"
+    dest: "/etc/nginx/sites-available/docker.cgrates.org.vhost"
     mode: '0600'
     owner: "{{ rootUser }}"
 
-- name: Create a symlink for apt.cgrates.org
+- name: Create a symlink for docker.cgrates.org
   become: true
   file:
-    src: "/etc/nginx/sites-available/apt.cgrates.org.vhost"
-    dest: "/etc/nginx/sites-enabled/apt.cgrates.org.vhost"
+    src: "/etc/nginx/sites-available/docker.cgrates.org.vhost"
+    dest: "/etc/nginx/sites-enabled/docker.cgrates.org.vhost"
     state: link
 
 - name: Restart the nginx so the change take effects

data/docker/scratch/build.sh

@@ -0,0 +1,16 @@
+#! /usr/bin/env sh
+echo "Building CGRateS ..."
+
+GIT_LAST_LOG=$(git log -1 | tr -d "'")
+
+GIT_TAG_LOG=$(git tag -l --points-at HEAD)
+
+if [ ! -z "$GIT_TAG_LOG" ]
+then
+    GIT_LAST_LOG=""
+fi
+
+GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o cgr-engine -a -ldflags '-extldflags "-f no-PIC -static"' -tags 'osusergo netgo static_build' -ldflags "-X 'github.com/cgrates/cgrates/utils.GitLastLog=$GIT_LAST_LOG'" github.com/cgrates/cgrates/cmd/cgr-engine
+cr=$?
+
+exit $cr