From fa1fa05af67ec8ca440ee14a48b3d60a05dd7521 Mon Sep 17 00:00:00 2001 From: ionutboangiu Date: Tue, 27 Aug 2024 21:47:20 +0300 Subject: [PATCH] port ansible role changes new: freediameter, grafana, node_exporter, prometheus, opensips, sipp updated: cgrates, go, kafka, mongodb, nats, pjsua, postgresql, --- data/ansible/roles/cgrates/defaults/main.yaml | 11 +- data/ansible/roles/cgrates/tasks/main.yaml | 62 +++++---- .../roles/freediameter/defaults/main.yaml | 16 +++ .../roles/freediameter/tasks/main.yaml | 82 ++++++++++++ .../templates/freeDiameter.conf.j2 | 13 ++ data/ansible/roles/go/defaults/main.yaml | 4 +- data/ansible/roles/go/tasks/main.yaml | 12 +- data/ansible/roles/grafana/defaults/main.yaml | 22 ++++ data/ansible/roles/grafana/handlers/main.yaml | 8 ++ .../roles/grafana/tasks/handle_file.yaml | 22 ++++ data/ansible/roles/grafana/tasks/main.yaml | 119 ++++++++++++++++++ .../grafana/templates/grafana.service.j2 | 20 +++ data/ansible/roles/kafka/defaults/main.yaml | 2 +- data/ansible/roles/kafka/handlers/main.yaml | 2 +- data/ansible/roles/kafka/tasks/main.yaml | 72 +++++------ data/ansible/roles/mongodb/tasks/main.yaml | 12 +- data/ansible/roles/nats/defaults/main.yaml | 2 +- data/ansible/roles/nats/tasks/main.yaml | 40 +++--- .../roles/node_exporter/defaults/main.yaml | 7 ++ .../roles/node_exporter/handlers/main.yaml | 8 ++ .../roles/node_exporter/tasks/main.yaml | 58 +++++++++ .../templates/node_exporter.service.j2 | 15 +++ .../ansible/roles/opensips/defaults/main.yaml | 18 +++ data/ansible/roles/opensips/tasks/main.yaml | 89 +++++++++++++ data/ansible/roles/pjsua/defaults/main.yaml | 13 +- data/ansible/roles/pjsua/files/pjsua_call | 107 ++++++++++++++++ data/ansible/roles/pjsua/files/pjsua_listen | 107 ++++++++++++++++ data/ansible/roles/pjsua/tasks/main.yaml | 57 ++++++--- .../roles/postgresql/defaults/main.yaml | 8 +- data/ansible/roles/postgresql/tasks/main.yaml | 18 +-- .../roles/prometheus/defaults/main.yaml | 13 ++ .../roles/prometheus/handlers/main.yaml | 8 ++ .../roles/prometheus/tasks/handle_file.yaml | 22 ++++ data/ansible/roles/prometheus/tasks/main.yaml | 86 +++++++++++++ .../templates/prometheus.service.j2 | 17 +++ data/ansible/roles/sipp/defaults/main.yaml | 13 ++ data/ansible/roles/sipp/tasks/main.yaml | 58 +++++++++ 37 files changed, 1109 insertions(+), 134 deletions(-) create mode 100644 data/ansible/roles/freediameter/defaults/main.yaml create mode 100644 data/ansible/roles/freediameter/tasks/main.yaml create mode 100644 data/ansible/roles/freediameter/templates/freeDiameter.conf.j2 create mode 100644 data/ansible/roles/grafana/defaults/main.yaml create mode 100644 data/ansible/roles/grafana/handlers/main.yaml create mode 100644 data/ansible/roles/grafana/tasks/handle_file.yaml create mode 100644 data/ansible/roles/grafana/tasks/main.yaml create mode 100644 data/ansible/roles/grafana/templates/grafana.service.j2 create mode 100644 data/ansible/roles/node_exporter/defaults/main.yaml create mode 100644 data/ansible/roles/node_exporter/handlers/main.yaml create mode 100644 data/ansible/roles/node_exporter/tasks/main.yaml create mode 100644 data/ansible/roles/node_exporter/templates/node_exporter.service.j2 create mode 100644 data/ansible/roles/opensips/defaults/main.yaml create mode 100644 data/ansible/roles/opensips/tasks/main.yaml create mode 100755 data/ansible/roles/pjsua/files/pjsua_call create mode 100755 data/ansible/roles/pjsua/files/pjsua_listen create mode 100644 data/ansible/roles/prometheus/defaults/main.yaml create mode 100644 data/ansible/roles/prometheus/handlers/main.yaml create mode 100644 data/ansible/roles/prometheus/tasks/handle_file.yaml create mode 100644 data/ansible/roles/prometheus/tasks/main.yaml create mode 100644 data/ansible/roles/prometheus/templates/prometheus.service.j2 create mode 100644 data/ansible/roles/sipp/defaults/main.yaml create mode 100644 data/ansible/roles/sipp/tasks/main.yaml diff --git a/data/ansible/roles/cgrates/defaults/main.yaml b/data/ansible/roles/cgrates/defaults/main.yaml index 0b82a910f..2cc0816e9 100644 --- a/data/ansible/roles/cgrates/defaults/main.yaml +++ b/data/ansible/roles/cgrates/defaults/main.yaml @@ -1,9 +1,14 @@ --- -golang_gopath: "/home/{{ ansible_user }}/go" +golang_gopath: '/home/{{ ansible_user }}/go' clone_repository: true -cgrates_dir: "{{ golang_gopath }}/src/github.com/cgrates/cgrates" +cgrates_dir: '{{ golang_gopath }}/src/github.com/cgrates/cgrates' golang_install_dir: /usr/local/go -git_version: "1.0" +git_version: 1.0 +cgrates_migrator_cfg_path: /usr/share/cgrates/conf/samples/tutmysql # leave empty to do nothing +cgrates_dbs: + - mysql + - postgres + - mongo # CGRateS dependencies cgrates_dependencies: diff --git a/data/ansible/roles/cgrates/tasks/main.yaml b/data/ansible/roles/cgrates/tasks/main.yaml index 2bc0908fc..40ee627dc 100644 --- a/data/ansible/roles/cgrates/tasks/main.yaml +++ b/data/ansible/roles/cgrates/tasks/main.yaml @@ -1,61 +1,69 @@ --- - name: Install CGRateS dependencies - become: yes + become: true ansible.builtin.package: - name: "{{ cgrates_dependencies }}" + name: '{{ cgrates_dependencies }}' state: present update_cache: yes - name: Create cgrates directory ansible.builtin.file: state: directory - mode: "u=rwx,go=rx" - owner: "{{ ansible_user }}" - dest: "{{ cgrates_dir }}" + mode: u=rwx,go=rx + owner: '{{ ansible_user }}' + dest: '{{ cgrates_dir }}' when: clone_repository | bool - name: Git clone cgrates ansible.builtin.git: repo: https://github.com/cgrates/cgrates.git - dest: "{{ cgrates_dir }}" + dest: '{{ cgrates_dir }}' update: yes force: yes - version: "{{ git_version }}" + version: '{{ git_version }}' when: clone_repository | bool - name: Build cgrates ansible.builtin.shell: cmd: bash -lc "sh {{ cgrates_dir }}/build.sh" args: - chdir: "{{ cgrates_dir }}" - become_user: "{{ ansible_user }}" + chdir: '{{ cgrates_dir }}' + become_user: '{{ ansible_user }}' - name: Create symbolic links ansible.builtin.file: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: '{{ item.src }}' + dest: '{{ item.dest }}' state: link - become: yes + become: true loop: - - { src: "{{ cgrates_dir }}/data", dest: "/usr/share/cgrates" } - - { src: "{{ golang_gopath }}/bin/cgr-engine", dest: "/usr/bin/cgr-engine" } - - { src: "{{ golang_gopath }}/bin/cgr-loader", dest: "/usr/bin/cgr-loader" } - - { src: "{{ golang_gopath }}/bin/cgr-migrator", dest: "/usr/bin/cgr-migrator" } - - { src: "{{ golang_gopath }}/bin/cgr-console", dest: "/usr/bin/cgr-console" } - - { src: "{{ golang_gopath }}/bin/cgr-tester", dest: "/usr/bin/cgr-tester" } + - { src: '{{ cgrates_dir }}/data', dest: /usr/share/cgrates } + - { src: '{{ golang_gopath }}/bin/cgr-engine', dest: /usr/bin/cgr-engine } + - { src: '{{ golang_gopath }}/bin/cgr-loader', dest: /usr/bin/cgr-loader } + - { + src: '{{ golang_gopath }}/bin/cgr-migrator', + dest: /usr/bin/cgr-migrator, + } + - { + src: '{{ golang_gopath }}/bin/cgr-console', + dest: /usr/bin/cgr-console, + } + - { src: '{{ golang_gopath }}/bin/cgr-tester', dest: /usr/bin/cgr-tester } - name: Run post install scripts + become: true ansible.builtin.command: - cmd: "{{ item.cmd }}" - chdir: "{{ cgrates_dir }}/data/storage/{{ item.db }}" - become: yes + cmd: '{{ item.cmd }}' + chdir: '{{ cgrates_dir }}/data/storage/{{ item.db }}' + when: item.db in cgrates_dbs loop: - - { db: "mysql", cmd: "sh setup_ers_db.sh root CGRateS.org localhost" } - - { db: "mysql", cmd: "sh setup_cgr_db.sh root CGRateS.org localhost" } - - { db: "postgres", cmd: "sh create_db_with_users.sh" } - - { db: "postgres", cmd: "sh create_ers_db.sh" } - - { db: "mongo", cmd: "sh setup_cgr_db.sh" } + - { db: mysql, cmd: sh setup_ers_db.sh root CGRateS.org localhost } + - { db: mysql, cmd: sh setup_cgr_db.sh root CGRateS.org localhost } + - { db: postgres, cmd: sh create_db_with_users.sh } + - { db: postgres, cmd: sh create_ers_db.sh } + - { db: mongo, cmd: sh setup_cgr_db.sh } - name: Set versions ansible.builtin.command: - cmd: "cgr-migrator -exec=*set_versions -config_path=/usr/share/cgrates/conf/samples/tutmysql" + cmd: 'cgr-migrator -exec=*set_versions -config_path={{ cgrates_migrator_cfg_path }}' + when: cgrates_migrator_cfg_path != "" diff --git a/data/ansible/roles/freediameter/defaults/main.yaml b/data/ansible/roles/freediameter/defaults/main.yaml new file mode 100644 index 000000000..5c30129c1 --- /dev/null +++ b/data/ansible/roles/freediameter/defaults/main.yaml @@ -0,0 +1,16 @@ +--- +freediameter_version: '1.2.1' # only used to make role idempotent +fd_cfg_path: '/etc/freeDiameter' +fd_cfg_filename: 'freeDiameter.conf' +fd_tls_cert_path: '{{ fd_cfg_path }}/tls' # leave empty to not generate certs +fd_realm: 'diameter.test' +fd_client_identity: 'client.{{ fd_realm }}' +fd_server_identity: 'server.{{ fd_realm }}' +fd_dns_entries: [] # add entries to /etc/hosts + # - ip: 192.168.122.1 + # hostname: client.diameter.test + # - ip: 192.168.122.1 + # hostname: server.diameter.test +freediameter_dependencies: + - git + - make diff --git a/data/ansible/roles/freediameter/tasks/main.yaml b/data/ansible/roles/freediameter/tasks/main.yaml new file mode 100644 index 000000000..995f269a2 --- /dev/null +++ b/data/ansible/roles/freediameter/tasks/main.yaml @@ -0,0 +1,82 @@ +--- +- name: Add DNS entries to /etc/hosts + become: true + ansible.builtin.lineinfile: + path: /etc/hosts + line: '{{ item.ip }} {{ item.hostname }}' + regexp: '^.*{{ item.hostname }}.*$' + state: present + loop: '{{ fd_dns_entries }}' + +- name: Check if freeDiameter is installed and get version + ansible.builtin.shell: + cmd: freeDiameterd --v | grep 'freeDiameter, version' | awk '{print $3}' + register: installed_fd_version + ignore_errors: true + changed_when: false + +- name: Install dependencies + become: true + apt: + name: '{{ freediameter_dependencies }}' + state: present + update_cache: yes + when: installed_fd_version.stdout != freediameter_version + +- name: Install freeDiameter + become: true + apt: + name: freediameter + state: present + update_cache: yes + when: installed_fd_version.stdout != freediameter_version + +- name: Ensure the TLS certificates directory exists + become: true + ansible.builtin.file: + path: '{{ fd_tls_cert_path }}' + state: directory + owner: root + group: root + mode: '0755' + when: installed_fd_version.stdout != freediameter_version and fd_tls_cert_path != "" + +- name: Clone freeDiameter specific directory for TLS setup + ansible.builtin.git: + repo: 'https://github.com/freeDiameter/freeDiameter.git' + dest: '/tmp/freeDiameter' + depth: 1 + when: installed_fd_version.stdout != freediameter_version and fd_tls_cert_path != "" + +- name: Generate TLS certificates + ansible.builtin.shell: + chdir: '/tmp/freeDiameter/contrib/PKI/ca_script2' + cmd: | + make init topca=my_diameter_ca + make newcert name="*.diameter.test" ca=my_diameter_ca + when: installed_fd_version.stdout != freediameter_version and fd_tls_cert_path != "" + +- name: Move TLS certificates to the specified directory + become: true + ansible.builtin.copy: + src: '/tmp/freeDiameter/contrib/PKI/ca_script2/ca_data/my_diameter_ca/clients/*.diameter.test/' + dest: '{{ fd_tls_cert_path }}/' + owner: root + group: root + remote_src: yes + mode: '0755' + when: installed_fd_version.stdout != freediameter_version and fd_tls_cert_path != "" + +- name: Template freeDiameter configuration file + become: true + ansible.builtin.template: + src: 'freeDiameter.conf.j2' + dest: '{{ fd_cfg_path }}/{{ fd_cfg_filename }}' + when: fd_tls_cert_path != "" + +- name: Clean up freeDiameter clone + become: true + ansible.builtin.file: + path: '/tmp/freeDiameter' + state: absent + when: fd_tls_cert_path != "" \ No newline at end of file diff --git a/data/ansible/roles/freediameter/templates/freeDiameter.conf.j2 b/data/ansible/roles/freediameter/templates/freeDiameter.conf.j2 new file mode 100644 index 000000000..e8661cfea --- /dev/null +++ b/data/ansible/roles/freediameter/templates/freeDiameter.conf.j2 @@ -0,0 +1,13 @@ +Identity = "{{ fd_client_identity }}"; +Realm = "{{ fd_realm }}"; +Port = 3866; +SecPort = 3867; +No_SCTP; + +TLS_Cred = "{{ fd_tls_cert_path }}/cert.pem", +"{{ fd_tls_cert_path }}/privkey.pem"; +TLS_CA = "{{ fd_tls_cert_path }}/certchain.pem"; + +ConnectPeer = "{{ fd_server_identity }}" { + No_TLS; +}; diff --git a/data/ansible/roles/go/defaults/main.yaml b/data/ansible/roles/go/defaults/main.yaml index 8911d1ef1..e24b7cb8a 100644 --- a/data/ansible/roles/go/defaults/main.yaml +++ b/data/ansible/roles/go/defaults/main.yaml @@ -1,8 +1,8 @@ --- -go_version: "1.23.0" +go_version: 1.23.0 go_platform: linux go_arch: amd64 go_tarball: go{{ go_version }}.{{ go_platform }}-{{ go_arch }}.tar.gz go_download_url: https://dl.google.com/go/{{ go_tarball }} -go_checksum: "905a297f19ead44780548933e0ff1a1b86e8327bb459e92f9c0012569f76f5e3" +go_checksum: 905a297f19ead44780548933e0ff1a1b86e8327bb459e92f9c0012569f76f5e3 install_go: true diff --git a/data/ansible/roles/go/tasks/main.yaml b/data/ansible/roles/go/tasks/main.yaml index b35d99105..0e50e1835 100644 --- a/data/ansible/roles/go/tasks/main.yaml +++ b/data/ansible/roles/go/tasks/main.yaml @@ -6,7 +6,7 @@ changed_when: false - name: Remove current installation. - become: yes + become: true file: state: absent path: /usr/local/go @@ -16,17 +16,17 @@ - go_version not in go_version_result.stdout - name: Download Go. - become: yes + become: true get_url: - url: "{{ go_download_url }}" + url: '{{ go_download_url }}' dest: /usr/local/src/{{ go_tarball }} - checksum: "sha256:{{ go_checksum }}" + checksum: 'sha256:{{ go_checksum }}' when: - install_go | bool - (go_version_result is failed or go_version not in go_version_result.stdout) - name: Extract Go. - become: yes + become: true unarchive: src: /usr/local/src/{{ go_tarball }} dest: /usr/local @@ -36,7 +36,7 @@ - (go_version_result is failed or go_version not in go_version_result.stdout) - name: Add Go to to system-wide $PATH. - become: yes + become: true copy: dest: /etc/profile.d/go-path.sh content: |- diff --git a/data/ansible/roles/grafana/defaults/main.yaml b/data/ansible/roles/grafana/defaults/main.yaml new file mode 100644 index 000000000..c200d2f7f --- /dev/null +++ b/data/ansible/roles/grafana/defaults/main.yaml @@ -0,0 +1,22 @@ +--- +grafana_version: 11.1.3 +grafana_user: grafana +grafana_install_dir: /opt/grafana +grafana_data_dir: /var/lib/grafana +grafana_logs_dir: /var/log/grafana +grafana_config_dir: /etc/grafana +grafana_provisioning_dir: '{{ grafana_config_dir }}/provisioning' +grafana_dashboards_dir: '{{ grafana_data_dir }}/dashboards' + +grafana_service_enabled: false +grafana_service_state: stopped + +grafana_config_file: '{{ grafana_install_dir }}/conf/defaults.ini' # Supports either the path to a file or a template name +# grafana_dashboard_config_file: grafana_dashboard.yaml +# grafana_datasource_config_file: grafana_datasource.yaml +# grafana_dashboard_sources: +# - type: file +# path: dashboard1.json +# - type: url +# path: www.example.com/dl/dashboard +# alias: dl_dashboard.json diff --git a/data/ansible/roles/grafana/handlers/main.yaml b/data/ansible/roles/grafana/handlers/main.yaml new file mode 100644 index 000000000..1fcb575c2 --- /dev/null +++ b/data/ansible/roles/grafana/handlers/main.yaml @@ -0,0 +1,8 @@ +--- +- name: Restart grafana + become: true + ansible.builtin.systemd_service: + name: grafana + state: restarted + daemon_reload: true + when: grafana_service_state == 'started' diff --git a/data/ansible/roles/grafana/tasks/handle_file.yaml b/data/ansible/roles/grafana/tasks/handle_file.yaml new file mode 100644 index 000000000..883078186 --- /dev/null +++ b/data/ansible/roles/grafana/tasks/handle_file.yaml @@ -0,0 +1,22 @@ +--- +- name: Copy file (if not .j2) + become: true + ansible.builtin.copy: + src: '{{ file_src }}' + dest: '{{ file_dest }}' + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + mode: '0644' + when: not file_src.endswith('.j2') + notify: Restart grafana + +- name: Template file (if .j2) + become: true + ansible.builtin.template: + src: '{{ file_src }}' + dest: '{{ file_dest }}' + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + mode: '0644' + when: file_src.endswith('.j2') + notify: Restart grafana diff --git a/data/ansible/roles/grafana/tasks/main.yaml b/data/ansible/roles/grafana/tasks/main.yaml new file mode 100644 index 000000000..f2bafcdad --- /dev/null +++ b/data/ansible/roles/grafana/tasks/main.yaml @@ -0,0 +1,119 @@ +--- +- name: Create grafana user + become: true + ansible.builtin.user: + name: '{{ grafana_user }}' + state: present + system: true + createhome: false + +- name: Check current Grafana version + ansible.builtin.command: "{{ grafana_install_dir }}/bin/grafana --version" + register: grafana_current_version + ignore_errors: true + changed_when: false + +- name: Remove existing Grafana installation if version differs + become: true + ansible.builtin.file: + path: "{{ grafana_install_dir }}" + state: absent + when: grafana_current_version.rc == 0 and grafana_version not in grafana_current_version.stdout + +- name: Create grafana directories + become: true + ansible.builtin.file: + path: '{{ item }}' + state: directory + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + mode: '0755' + loop: + - '{{ grafana_install_dir }}' + - '{{ grafana_data_dir }}' + - '{{ grafana_dashboards_dir }}' + - '{{ grafana_logs_dir }}' + - '{{ grafana_config_dir }}' + - '{{ grafana_provisioning_dir }}/dashboards' + - '{{ grafana_provisioning_dir }}/datasources' + +- name: Download and extract grafana + become: true + ansible.builtin.unarchive: + src: 'https://dl.grafana.com/oss/release/grafana-{{ grafana_version }}.linux-amd64.tar.gz' + dest: '{{ grafana_install_dir }}' + remote_src: true + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + extra_opts: [--strip-components=1] + notify: Restart grafana + when: grafana_current_version.rc != 0 or grafana_version not in grafana_current_version.stdout + +- name: Handle grafana configuration file + ansible.builtin.include_tasks: handle_file.yaml + vars: + file_src: '{{ grafana_config_file }}' + file_dest: '{{ grafana_config_dir }}/grafana.ini' + when: grafana_config_file is defined + +- name: Handle grafana dashboard config file + ansible.builtin.include_tasks: handle_file.yaml + vars: + file_src: '{{ grafana_dashboard_config_file }}' + file_dest: '{{ grafana_provisioning_dir }}/dashboards/{{ grafana_dashboard_config_file | basename | regex_replace("\.j2$", "") }}' + when: grafana_dashboard_config_file is defined + +- name: Handle grafana datasource config file + ansible.builtin.include_tasks: handle_file.yaml + vars: + file_src: '{{ grafana_datasource_config_file }}' + file_dest: '{{ grafana_provisioning_dir }}/datasources' + when: grafana_datasource_config_file is defined + +- name: Import grafana dashboards + become: true + block: + - name: Import grafana dashboards from files + ansible.builtin.copy: + src: '{{ item.path }}' + dest: '{{ grafana_dashboards_dir }}' + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + mode: '0644' + loop: "{{ grafana_dashboard_sources | selectattr('type', '==', 'file') | list }}" + + - name: Download grafana dashboards from URLs + ansible.builtin.get_url: + url: '{{ item.path }}' + dest: '{{ grafana_dashboards_dir }}/{{ item.alias }}' + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + mode: '0644' + loop: "{{ grafana_dashboard_sources | selectattr('type', '==', 'url') | list }}" + + - name: Modify datasource in grafana dashboards # see https://github.com/grafana/grafana/issues/10786 + ansible.builtin.replace: + path: "{{ grafana_dashboards_dir }}/{{ item.alias if item.type == 'url' else item.path | basename }}" + regexp: '"datasource":\s*(".*"|\{[\s\S]*?\})' + replace: '"datasource": null' + loop: "{{ grafana_dashboard_sources }}" + when: item.modify_datasources | default(false) + when: grafana_dashboard_sources is defined and grafana_dashboard_sources | length > 0 + notify: Restart grafana + +- name: Create grafana systemd service file + become: true + ansible.builtin.template: + src: grafana.service.j2 + dest: /etc/systemd/system/grafana.service + mode: '0644' + notify: Restart grafana + +- name: Ensure grafana service is in desired state + become: true + ansible.builtin.systemd_service: + name: grafana + state: '{{ grafana_service_state }}' + enabled: '{{ grafana_service_enabled }}' + daemon_reload: true + when: grafana_service_state == 'stopped' or not grafana_service_enabled diff --git a/data/ansible/roles/grafana/templates/grafana.service.j2 b/data/ansible/roles/grafana/templates/grafana.service.j2 new file mode 100644 index 000000000..7ba685153 --- /dev/null +++ b/data/ansible/roles/grafana/templates/grafana.service.j2 @@ -0,0 +1,20 @@ +[Unit] +Description=Grafana instance +Documentation=http://docs.grafana.org +Wants=network-online.target +After=network-online.target + +[Service] +User={{ grafana_user }} +Group={{ grafana_user }} +Type=simple +ExecStart={{ grafana_install_dir }}/bin/grafana server \ + --config={{ grafana_config_dir }}/grafana.ini \ + --homepath={{ grafana_install_dir }} \ + cfg:default.paths.data={{ grafana_data_dir }} \ + cfg:default.paths.logs={{ grafana_logs_dir }} + +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/data/ansible/roles/kafka/defaults/main.yaml b/data/ansible/roles/kafka/defaults/main.yaml index 1f6cee898..00d8d619b 100644 --- a/data/ansible/roles/kafka/defaults/main.yaml +++ b/data/ansible/roles/kafka/defaults/main.yaml @@ -10,7 +10,7 @@ kafka_user: kafka kafka_group: kafka kafka_root_dir: /opt -kafka_dir: "{{ kafka_root_dir }}/kafka" +kafka_dir: '{{ kafka_root_dir }}/kafka' kafka_unit_path: /lib/systemd/system/kafka.service # Start kafka after installation diff --git a/data/ansible/roles/kafka/handlers/main.yaml b/data/ansible/roles/kafka/handlers/main.yaml index 77c5662b4..f7f80e1ff 100644 --- a/data/ansible/roles/kafka/handlers/main.yaml +++ b/data/ansible/roles/kafka/handlers/main.yaml @@ -1,6 +1,6 @@ --- - name: Restart Kafka - become: yes + become: true systemd: name: kafka state: restarted diff --git a/data/ansible/roles/kafka/tasks/main.yaml b/data/ansible/roles/kafka/tasks/main.yaml index 2080cf04d..e894328ac 100644 --- a/data/ansible/roles/kafka/tasks/main.yaml +++ b/data/ansible/roles/kafka/tasks/main.yaml @@ -1,24 +1,24 @@ --- - name: Install Java - become: yes + become: true apt: name: default-jdk state: present update_cache: yes - name: Create kafka group - become: yes + become: true group: - name: "{{ kafka_group }}" + name: '{{ kafka_group }}' state: present system: yes when: kafka_create_user_group | bool - name: Create kafka user - become: yes + become: true user: - name: "{{ kafka_user }}" - group: "{{ kafka_group }}" + name: '{{ kafka_user }}' + group: '{{ kafka_group }}' state: present createhome: no system: yes @@ -26,85 +26,85 @@ - name: Check if Kafka has already been downloaded and unpacked stat: - path: "{{ kafka_dir }}_{{ kafka_scala_version }}-{{ kafka_version }}" + path: '{{ kafka_dir }}_{{ kafka_scala_version }}-{{ kafka_version }}' register: dir - name: Download Apache Kafka get_url: - url: "{{ kafka_download_base_url }}/{{ kafka_version }}/kafka_{{ kafka_scala_version }}-{{ kafka_version }}.tgz" + url: '{{ kafka_download_base_url }}/{{ kafka_version }}/kafka_{{ kafka_scala_version }}-{{ kafka_version }}.tgz' dest: /tmp - validate_certs: "{{ kafka_download_validate_certs }}" + validate_certs: '{{ kafka_download_validate_certs }}' when: not dir.stat.exists - name: Unpack Apache Kafka - become: yes + become: true unarchive: src: /tmp/kafka_{{ kafka_scala_version }}-{{ kafka_version }}.tgz - dest: "{{ kafka_root_dir }}" + dest: '{{ kafka_root_dir }}' remote_src: yes - group: "{{ kafka_group }}" - owner: "{{ kafka_user }}" + group: '{{ kafka_group }}' + owner: '{{ kafka_user }}' when: not dir.stat.exists - name: Create symlink to kafka installation directory - become: yes + become: true file: - src: "{{ kafka_root_dir }}/kafka_{{ kafka_scala_version }}-{{ kafka_version }}" - dest: "{{ kafka_dir }}" + src: '{{ kafka_root_dir }}/kafka_{{ kafka_scala_version }}-{{ kafka_version }}' + dest: '{{ kafka_dir }}' state: link - group: "{{ kafka_group }}" - owner: "{{ kafka_user }}" + group: '{{ kafka_group }}' + owner: '{{ kafka_user }}' - name: Create directory for kafka data log files - become: yes + become: true file: - path: "{{ item }}" + path: '{{ item }}' state: directory - group: "{{ kafka_group }}" - owner: "{{ kafka_user }}" + group: '{{ kafka_group }}' + owner: '{{ kafka_user }}' mode: 0755 with_items: "{{ kafka_data_log_dirs.split(',') }}" - name: Template configuration file to kraft server.properties - become: yes + become: true template: src: server.properties.j2 - dest: "{{ kafka_dir }}/config/kraft/server.properties" - group: "{{ kafka_group }}" - owner: "{{ kafka_user }}" + dest: '{{ kafka_dir }}/config/kraft/server.properties' + group: '{{ kafka_group }}' + owner: '{{ kafka_user }}' mode: 0644 notify: - Restart Kafka - name: Check if kraft logs dir has been initialized - shell: "{{ kafka_dir }}/bin/kafka-storage.sh info -c {{ kafka_dir }}/config/kraft/server.properties" + shell: '{{ kafka_dir }}/bin/kafka-storage.sh info -c {{ kafka_dir }}/config/kraft/server.properties' register: storage_info - ignore_errors: yes + ignore_errors: true - name: Generate a random UUID for KAFKA_CLUSTER_ID if necessary - command: "{{ kafka_dir }}/bin/kafka-storage.sh random-uuid" + command: '{{ kafka_dir }}/bin/kafka-storage.sh random-uuid' register: kafka_cluster_id changed_when: false when: '"is not formatted" in storage_info.stdout' - name: Init kraft logs dir - become: yes - shell: "{{ kafka_dir }}/bin/kafka-storage.sh format -t {{ kafka_cluster_id.stdout }} -c {{ kafka_dir }}/config/kraft/server.properties" + become: true + shell: '{{ kafka_dir }}/bin/kafka-storage.sh format -t {{ kafka_cluster_id.stdout }} -c {{ kafka_dir }}/config/kraft/server.properties' when: '"is not formatted" in storage_info.stdout' - name: Template kafka systemd service - become: yes + become: true template: src: kafka.service.j2 - dest: "{{ kafka_unit_path }}" - group: "{{ kafka_group }}" - owner: "{{ kafka_user }}" + dest: '{{ kafka_unit_path }}' + group: '{{ kafka_group }}' + owner: '{{ kafka_user }}' mode: 0644 notify: - Restart Kafka - name: Install and start the kafka service - become: yes + become: true service: name: kafka state: started diff --git a/data/ansible/roles/mongodb/tasks/main.yaml b/data/ansible/roles/mongodb/tasks/main.yaml index ae9c20f8a..c040197c4 100644 --- a/data/ansible/roles/mongodb/tasks/main.yaml +++ b/data/ansible/roles/mongodb/tasks/main.yaml @@ -28,11 +28,19 @@ url: "https://pgp.mongodb.com/server-{{ mongodb_version }}.asc" keyring: "/usr/share/keyrings/mongodb-server-{{ mongodb_version }}.gpg" - - name: Add MongoDB repository + - name: Add MongoDB repository for Debian become: yes apt_repository: - repo: "deb [ signed-by=/usr/share/keyrings/mongodb-server-{{ mongodb_version }}.gpg] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/{{ mongodb_version }} main" + repo: "deb [ signed-by=/usr/share/keyrings/mongodb-server-{{ mongodb_version }}.gpg ] http://repo.mongodb.org/apt/debian {{ ansible_distribution_release }}/mongodb-org/{{ mongodb_version }} main" filename: "{{ mongodb_package_name }}-{{ mongodb_version }}" + when: ansible_distribution == 'Debian' + + - name: Add MongoDB repository for Ubuntu + become: yes + apt_repository: + repo: "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-{{ mongodb_version }}.gpg ] https://repo.mongodb.org/apt/ubuntu {{ ansible_distribution_release }}/mongodb-org/{{ mongodb_version }} multiverse" + filename: "{{ mongodb_package_name }}-{{ mongodb_version }}" + when: ansible_distribution == 'Ubuntu' - name: Install MongoDB packages become: yes diff --git a/data/ansible/roles/nats/defaults/main.yaml b/data/ansible/roles/nats/defaults/main.yaml index 96b146f2a..44995b7a8 100644 --- a/data/ansible/roles/nats/defaults/main.yaml +++ b/data/ansible/roles/nats/defaults/main.yaml @@ -1,5 +1,5 @@ --- -nats_version: 2.10.1 +nats_version: 2.10.16 nats_install_dir: /opt/nats nats_user: nats nats_group: nats diff --git a/data/ansible/roles/nats/tasks/main.yaml b/data/ansible/roles/nats/tasks/main.yaml index e06770ba5..31a23bdb2 100644 --- a/data/ansible/roles/nats/tasks/main.yaml +++ b/data/ansible/roles/nats/tasks/main.yaml @@ -1,57 +1,57 @@ --- - name: Create user and group for NATS - become: yes + become: true block: - group: - name: "{{ nats_group }}" + name: '{{ nats_group }}' state: present - user: - name: "{{ nats_user }}" - group: "{{ nats_group }}" + name: '{{ nats_user }}' + group: '{{ nats_group }}' system: yes state: present - name: Download NATS server get_url: - url: "https://github.com/nats-io/nats-server/releases/download/v{{ nats_version }}/nats-server-v{{ nats_version }}-linux-amd64.tar.gz" - dest: "/tmp/nats-server-v{{ nats_version }}-linux-amd64.tar.gz" - mode: "0755" + url: 'https://github.com/nats-io/nats-server/releases/download/v{{ nats_version }}/nats-server-v{{ nats_version }}-linux-amd64.tar.gz' + dest: '/tmp/nats-server-v{{ nats_version }}-linux-amd64.tar.gz' + mode: '0755' - name: Create NATS install directory - become: yes + become: true file: - path: "{{ nats_install_dir }}" + path: '{{ nats_install_dir }}' state: directory - name: Extract NATS server archive - become: yes + become: true unarchive: - src: "/tmp/nats-server-v{{ nats_version }}-linux-amd64.tar.gz" - dest: "{{ nats_install_dir }}" + src: '/tmp/nats-server-v{{ nats_version }}-linux-amd64.tar.gz' + dest: '{{ nats_install_dir }}' remote_src: yes - name: Create systemd service file for NATS - become: yes + become: true template: src: nats.service.j2 dest: /etc/systemd/system/nats.service - name: Reload systemd daemon - become: yes + become: true systemd: daemon_reload: yes - name: Set NATS service state - become: yes + become: true systemd: name: nats - enabled: "{{ service_enabled }}" - state: "{{ service_state }}" + enabled: '{{ service_enabled }}' + state: '{{ service_state }}' - name: Create a symlink in /usr/local/bin - become: yes + become: true file: - src: "{{ nats_install_dir }}/nats-server-v{{ nats_version }}-linux-amd64/nats-server" + src: '{{ nats_install_dir }}/nats-server-v{{ nats_version }}-linux-amd64/nats-server' dest: /usr/local/bin/nats-server state: link - when: "add_nats_to_path|bool" + when: 'add_nats_to_path|bool' diff --git a/data/ansible/roles/node_exporter/defaults/main.yaml b/data/ansible/roles/node_exporter/defaults/main.yaml new file mode 100644 index 000000000..1ff26c530 --- /dev/null +++ b/data/ansible/roles/node_exporter/defaults/main.yaml @@ -0,0 +1,7 @@ +--- +node_exporter_version: 1.8.2 +node_exporter_user: node_exporter +node_exporter_install_dir: /opt/node_exporter +node_exporter_web_listen_address: 0.0.0.0:9100 +node_exporter_service_enabled: false +node_exporter_service_state: stopped diff --git a/data/ansible/roles/node_exporter/handlers/main.yaml b/data/ansible/roles/node_exporter/handlers/main.yaml new file mode 100644 index 000000000..98d6f7da4 --- /dev/null +++ b/data/ansible/roles/node_exporter/handlers/main.yaml @@ -0,0 +1,8 @@ +--- +- name: Restart node_exporter + become: true + ansible.builtin.systemd_service: + name: node_exporter + state: restarted + daemon_reload: true + when: node_exporter_service_state == 'started' diff --git a/data/ansible/roles/node_exporter/tasks/main.yaml b/data/ansible/roles/node_exporter/tasks/main.yaml new file mode 100644 index 000000000..0cbcd7ec0 --- /dev/null +++ b/data/ansible/roles/node_exporter/tasks/main.yaml @@ -0,0 +1,58 @@ +--- +- name: Create node_exporter user + become: true + ansible.builtin.user: + name: '{{ node_exporter_user }}' + state: present + system: true + createhome: no + +- name: Check current node_exporter version + ansible.builtin.command: '{{ node_exporter_install_dir }}/node_exporter --version' + register: node_exporter_current_version + ignore_errors: true + changed_when: false + +- name: Remove existing node_exporter installation if version differs + become: true + ansible.builtin.file: + path: '{{ node_exporter_install_dir }}' + state: absent + when: node_exporter_current_version.rc == 0 and node_exporter_version not in node_exporter_current_version.stdout + +- name: Create node_exporter installation directory + become: true + ansible.builtin.file: + path: '{{ node_exporter_install_dir }}' + state: directory + owner: '{{ node_exporter_user }}' + group: '{{ node_exporter_user }}' + mode: '0755' + +- name: Download and extract node_exporter + become: true + ansible.builtin.unarchive: + src: 'https://github.com/prometheus/node_exporter/releases/download/v{{ node_exporter_version }}/node_exporter-{{ node_exporter_version }}.linux-amd64.tar.gz' + dest: '{{ node_exporter_install_dir }}' + remote_src: true + owner: '{{ node_exporter_user }}' + group: '{{ node_exporter_user }}' + extra_opts: [--strip-components=1] + notify: Restart node_exporter + when: node_exporter_current_version.rc != 0 or node_exporter_version not in node_exporter_current_version.stdout + +- name: Create node_exporter systemd service file + become: true + ansible.builtin.template: + src: node_exporter.service.j2 + dest: /etc/systemd/system/node_exporter.service + mode: '0644' + notify: Restart node_exporter + +- name: Ensure node_exporter service is in desired state + become: true + ansible.builtin.systemd_service: + name: node_exporter + state: '{{ node_exporter_service_state }}' + enabled: '{{ node_exporter_service_enabled }}' + when: node_exporter_service_state == 'stopped' or node_exporter_service_enabled == false diff --git a/data/ansible/roles/node_exporter/templates/node_exporter.service.j2 b/data/ansible/roles/node_exporter/templates/node_exporter.service.j2 new file mode 100644 index 000000000..a5caf0fe5 --- /dev/null +++ b/data/ansible/roles/node_exporter/templates/node_exporter.service.j2 @@ -0,0 +1,15 @@ +[Unit] +Description=Node Exporter +Wants=network-online.target +After=network-online.target + +[Service] +User={{ node_exporter_user }} +Group={{ node_exporter_user }} +Type=simple +ExecStart={{ node_exporter_install_dir }}/node_exporter \ + --web.listen-address={{ node_exporter_web_listen_address }} +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/data/ansible/roles/opensips/defaults/main.yaml b/data/ansible/roles/opensips/defaults/main.yaml new file mode 100644 index 000000000..7af35b952 --- /dev/null +++ b/data/ansible/roles/opensips/defaults/main.yaml @@ -0,0 +1,18 @@ +--- +opensips_version: 3.5 +opensips_release_type: nightly # releases or nightly +opensips_service_enabled: false +opensips_service_state: stopped +opensips_cfg_path: '' # path to a custom cfg file to replace the default one (do nothing if empty) +opensips_dict_path: '' # add dict file found at specified path to /etc/opensips +opensips_modules: + - opensips-cgrates-module + # - opensips-auth-modules + # - opensips-diameter-module + # - opensips-json-module + # - opensips-mysql-module +opensips_cfg_replacements: [] +# - { before: 'regex_pattern1', after: 'replacement1' } +# - { before: 'regex_pattern2', after: 'replacement2' } +opensips_dependencies: [] +# - mariadb-server diff --git a/data/ansible/roles/opensips/tasks/main.yaml b/data/ansible/roles/opensips/tasks/main.yaml new file mode 100644 index 000000000..328d1d790 --- /dev/null +++ b/data/ansible/roles/opensips/tasks/main.yaml @@ -0,0 +1,89 @@ +--- +- name: Install dependencies + become: true + apt: + name: '{{ opensips_dependencies }}' + state: present + update_cache: yes + +- name: Import OpenSIPS GPG key + become: true + ansible.builtin.get_url: + url: https://apt.opensips.org/opensips-org.gpg + dest: /usr/share/keyrings/opensips-org.gpg + mode: '0644' + +- name: Configure OpenSIPS APT repository + become: true + ansible.builtin.copy: + content: "deb [signed-by=/usr/share/keyrings/opensips-org.gpg] https://apt.opensips.org {{ ansible_distribution_release }} {{ opensips_version }}-{{ opensips_release_type }}\n" + dest: /etc/apt/sources.list.d/opensips.list + owner: root + group: root + mode: '0644' + +- name: Configure OpenSIPS CLI APT repository + become: true + ansible.builtin.copy: + content: "deb [signed-by=/usr/share/keyrings/opensips-org.gpg] https://apt.opensips.org {{ ansible_distribution_release }} cli-nightly\n" + dest: /etc/apt/sources.list.d/opensips-cli.list + owner: root + group: root + mode: '0644' + +- name: Update APT cache + become: true + ansible.builtin.apt: + update_cache: yes + +- name: Install OpenSIPS and OpenSIPS CLI + become: true + ansible.builtin.apt: + name: + - opensips + - opensips-cli + state: present + +- name: Install additional OpenSIPS modules + become: true + ansible.builtin.apt: + name: '{{ opensips_modules }}' + state: present + +- name: Replace default OpenSIPS configuration if custom path provided + become: true + ansible.builtin.copy: + src: '{{ opensips_cfg_path }}' + dest: /etc/opensips/opensips.cfg + owner: root + group: root + remote_src: yes + mode: '0644' + when: opensips_cfg_path != "" + +- name: Copy OpenSIPS dictionary file from specified path (if any) + become: true + ansible.builtin.copy: + src: '{{ opensips_dict_path }}' + dest: '/etc/opensips/dictionary.opensips' + owner: root + group: root + remote_src: yes + mode: '0644' + when: opensips_dict_path != "" + +- name: Replace lines in OpenSIPS config with specified rules + become: true + ansible.builtin.lineinfile: + path: /etc/opensips/opensips.cfg + regexp: '{{ item.before }}' + line: '{{ item.after }}' + backrefs: true + loop: '{{ opensips_cfg_replacements }}' + +- name: Ensure OpenSIPS service is in the desired state + become: true + ansible.builtin.systemd: + name: opensips + enabled: '{{ opensips_service_enabled }}' + state: '{{ opensips_service_state }}' diff --git a/data/ansible/roles/pjsua/defaults/main.yaml b/data/ansible/roles/pjsua/defaults/main.yaml index 273ed18fe..bc7c8e20c 100644 --- a/data/ansible/roles/pjsua/defaults/main.yaml +++ b/data/ansible/roles/pjsua/defaults/main.yaml @@ -1,10 +1,11 @@ --- -pjsua_version: "2.9" -pjsua_url: "https://github.com/pjsip/pjproject/archive/refs/tags/{{ pjsua_version }}.tar.gz" -tmp_dir: "/tmp" - -# PJSUA dependencies +pjsua_version: 2.14.1 +pjsua_url: 'https://github.com/pjsip/pjproject/archive/refs/tags/{{ pjsua_version }}.tar.gz' +pjsua_tmp_install_dir: /tmp +pjsua_post_install_cleanup: true +pjsua_bin_path: /usr/local/bin pjsua_dependencies: - libasound2-dev - libssl-dev - - build-essential \ No newline at end of file + - build-essential +pjsua_helper_scripts: false diff --git a/data/ansible/roles/pjsua/files/pjsua_call b/data/ansible/roles/pjsua/files/pjsua_call new file mode 100755 index 000000000..a44851c36 --- /dev/null +++ b/data/ansible/roles/pjsua/files/pjsua_call @@ -0,0 +1,107 @@ +#!/bin/bash + +# Default values +HOST=127.0.0.1 +LOCAL_PORT=$(comm -23 <(seq 32768 60999 | sort) <(ss -Htan | awk '{print $4}' | cut -d':' -f2 | sort -u) | shuf | head -n 1) +REGISTRAR_PORT=5060 +PASSWORD="CGRateS.org" +VERBOSE=false +DRYRUN=false + +# Parse command line options +OPTS=$(getopt -o f:t:d:p:r:P:vDh --long from:,to:,dur:,port:,registrar:,passwd:,verbose,dryrun,help -n "$(basename "$0")" -- "$@") +if [ $? -ne 0 ]; then + echo "Failed to parse options." >&2 + exit 1 +fi + +eval set -- "$OPTS" + +while true; do + case "$1" in + -f|--from) + from="$2" + shift 2 + ;; + -t|--to) + to="$2" + shift 2 + ;; + -d|--dur) + duration="$2" + shift 2 + ;; + -H|--host) + HOST=$2 + shift 2 + ;; + -p|--port) + LOCAL_PORT="$2" + shift 2 + ;; + -r|--registrar) + REGISTRAR_PORT="$2" + shift 2 + ;; + -P|--passwd) + PASSWORD="$2" + shift 2 + ;; + -v|--verbose) + VERBOSE=true + shift + ;; + -D|--dryrun) + DRYRUN=true + VERBOSE=true + shift + ;; + -h|--help) + echo "Usage: $(basename "$0") [OPTIONS]" + echo + echo "Options:" + echo "-f, --from ID of calling party" + echo "-t, --to ID of called party" + echo "-d, --dur Duration of the call" + echo "-H, --host Set the host of accounts" + echo " Defaults to 127.0.0.1" + echo "-p, --port Set the call port" + echo " Defaults to a random one" + echo "-r, --registrar Set the registrar port" + echo " Default: ${REGISTRAR_PORT}" + echo "-P, --passwd Input account password" + echo "-v, --verbose Print command before executing" + echo "-D, --dryrun Print command without executing" + echo "-h, --help Display this usage information" + + shift + exit 1 + ;; + --) + shift + break + ;; + *) + echo "Internal error!" + exit 1 + ;; + esac +done + +# Check for missing options +if [ -z "$from" ] || [ -z "$to" ] || [ -z "$duration" ]; then + echo "Mandatory options are missing: -f/--from, -t/--to, -d/--dur" + exit 1 +fi + +# Build the command +cmd="pjsua --null-audio --app-log-level=0 --local-port=${LOCAL_PORT} --duration=${duration} --outbound=sip:${HOST}:${REGISTRAR_PORT}" +cmd+=" --id=sip:${from}@${HOST} --username=${from} --password=${PASSWORD} --realm=* sip:${to}@${HOST}" + +# Execute the command +if [ "${VERBOSE}" = true ]; then + echo "Executing: ${cmd}" +fi +if [ "${DRYRUN}" = false ]; then + ${cmd} +fi \ No newline at end of file diff --git a/data/ansible/roles/pjsua/files/pjsua_listen b/data/ansible/roles/pjsua/files/pjsua_listen new file mode 100755 index 000000000..54440b79b --- /dev/null +++ b/data/ansible/roles/pjsua/files/pjsua_listen @@ -0,0 +1,107 @@ +#!/bin/bash + +# Default values +HOST=127.0.0.1 +LOCAL_PORT=$(comm -23 <(seq 32768 60999 | sort) <(ss -Htan | awk '{print $4}' | cut -d':' -f2 | sort -u) | shuf | head -n 1) +REGISTRAR_PORT=5060 +PASSWORD="CGRateS.org" +VERBOSE=false +DRYRUN=false + +# Parse command line options +OPTS=$(getopt -o a:H:p:r:P:vDh --long accounts:,host:,port:,registrar:,passwd:,verbose,dryrun,help -n "$(basename "$0")" -- "$@") +if [ $? -ne 0 ]; then + echo "Failed to parse options." >&2 + exit 1 +fi + +eval set -- "$OPTS" + +while true; do + case "$1" in + -a|--accounts) + IFS=',' read -r -a accounts <<< "$2" + shift 2 + ;; + -H|--host) + HOST=$2 + shift 2 + ;; + -p|--port) + LOCAL_PORT="$2" + shift 2 + ;; + -r|--registrar) + REGISTRAR_PORT="$2" + shift 2 + ;; + -P|--passwd) + PASSWORD="$2" + shift 2 + ;; + -v|--verbose) + VERBOSE=true + shift + ;; + -D|--dryrun) + DRYRUN=true + VERBOSE=true + shift + ;; + -h|--help) + echo "Usage: $(basename "$0") [OPTIONS]" + echo + echo "Options:" + echo "-a, --accounts List of accounts to register" + echo "-H, --host Set the host of account" + echo " Defaults to 127.0.0.1" + echo "-p, --port Set the PJSUA listener port" + echo " Defaults to a random one" + echo "-r, --registrar Set the registrar port" + echo " Default: ${REGISTRAR_PORT}" + echo "-P, --passwd Set account password" + echo "-v, --verbose Print command before executing" + echo "-D, --dryrun Print command without executing" + echo "-h, --help Display this usage information" + + shift + exit 1 + ;; + --) + shift + break + ;; + *) + echo "Internal error!" + exit 1 + ;; + esac +done + +# Check for missing accounts +if [ ${#accounts[@]} -eq 0 ]; then + echo "No accounts specified. Use -a or --accounts to specify comma-separated accounts." + exit 1 +fi + +# Start building the command +cmd="pjsua --local-port=${LOCAL_PORT} --null-audio --auto-answer=200 --max-calls=4 --app-log-level=0" + +# Add accounts +first=true +for acc in "${accounts[@]}"; do + if [ "${first}" != true ]; then + cmd+=" --next-account" + fi + first=false + cmd+=" --id=sip:${acc}@${HOST} --registrar=sip:${HOST}:${REGISTRAR_PORT} --username=${acc} --password=${PASSWORD} --realm=*" +done + +# Execute the command +if [ "${VERBOSE}" = true ]; then + echo "Executing: ${cmd}" +fi +if [ "${DRYRUN}" = false ]; then + ${cmd} +fi + diff --git a/data/ansible/roles/pjsua/tasks/main.yaml b/data/ansible/roles/pjsua/tasks/main.yaml index 41c9aea7d..7ae807069 100644 --- a/data/ansible/roles/pjsua/tasks/main.yaml +++ b/data/ansible/roles/pjsua/tasks/main.yaml @@ -1,38 +1,63 @@ --- +- name: Check if PJSUA is installed and get version + ansible.builtin.shell: + cmd: pjsua --version | grep 'PJ_VERSION' | awk '{print $NF}' + register: installed_pjsua_version + ignore_errors: true + changed_when: false + - name: Install PJSUA dependencies - become: yes + become: true ansible.builtin.package: name: '{{ pjsua_dependencies }}' state: present update_cache: yes - cache_valid_time: 86400 + when: installed_pjsua_version.stdout != pjsua_version - name: Download PJSUA ansible.builtin.get_url: - url: "{{ pjsua_url }}" - dest: "{{ tmp_dir }}/{{ pjsua_version }}.tar.gz" + url: '{{ pjsua_url }}' + dest: '{{ pjsua_tmp_install_dir }}/{{ pjsua_version }}.tar.gz' + when: installed_pjsua_version.stdout != pjsua_version - name: Unzip PJSUA - become: yes + become: true ansible.builtin.unarchive: - src: "{{ tmp_dir }}/{{ pjsua_version }}.tar.gz" - dest: "{{ tmp_dir }}" + src: '{{ pjsua_tmp_install_dir }}/{{ pjsua_version }}.tar.gz' + dest: '{{ pjsua_tmp_install_dir }}' remote_src: yes + when: installed_pjsua_version.stdout != pjsua_version - name: Install PJSUA - become: yes + become: true ansible.builtin.shell: cmd: './configure CFLAGS="$CFLAGS -fPIC" && make dep && make && make install' - chdir: '{{ tmp_dir }}/pjproject-{{ pjsua_version }}' + chdir: '{{ pjsua_tmp_install_dir }}/pjproject-{{ pjsua_version }}' + when: installed_pjsua_version.stdout != pjsua_version -- name: Copy PJSUA into /usr/bin - become: yes - ansible.builtin.command: - cmd: 'cp pjsua-x86_64-unknown-linux-gnu /usr/bin/pjsua' - chdir: '{{ tmp_dir }}/pjproject-{{ pjsua_version }}/pjsip-apps/bin' +- name: Copy PJSUA into configured bin path + become: true + ansible.builtin.copy: + src: '{{ pjsua_tmp_install_dir }}/pjproject-{{ pjsua_version }}/pjsip-apps/bin/pjsua-x86_64-unknown-linux-gnu' + dest: '{{ pjsua_bin_path }}/pjsua' + remote_src: yes + mode: '0755' + when: installed_pjsua_version.stdout != pjsua_version - name: Cleanup temporary PJSUA files - become: yes + become: true ansible.builtin.file: - path: '{{ tmp_dir }}/pjproject-{{ pjsua_version }}' + path: '{{ pjsua_tmp_install_dir }}/pjproject-{{ pjsua_version }}' state: absent + when: pjsua_post_install_cleanup | bool + +- name: Deploy pjsua helper scripts + become: true + ansible.builtin.copy: + src: '{{ item }}' + dest: '{{ pjsua_bin_path }}/{{ item }}' + mode: '0755' + loop: + - pjsua_call + - pjsua_listen + when: pjsua_helper_scripts | bool diff --git a/data/ansible/roles/postgresql/defaults/main.yaml b/data/ansible/roles/postgresql/defaults/main.yaml index 6215654df..392891f91 100644 --- a/data/ansible/roles/postgresql/defaults/main.yaml +++ b/data/ansible/roles/postgresql/defaults/main.yaml @@ -1,6 +1,6 @@ --- -postgresql_version: "postgresql" -postgresql_repo: "http://apt.postgresql.org/pub/repos/apt" -postgresql_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc" -postgresql_service_state: "started" +postgresql_version: postgresql +postgresql_repo: http://apt.postgresql.org/pub/repos/apt +postgresql_key_url: https://www.postgresql.org/media/keys/ACCC4CF8.asc +postgresql_service_state: started postgresql_service_enabled: false diff --git a/data/ansible/roles/postgresql/tasks/main.yaml b/data/ansible/roles/postgresql/tasks/main.yaml index 77f6a5dd9..93c73dad0 100644 --- a/data/ansible/roles/postgresql/tasks/main.yaml +++ b/data/ansible/roles/postgresql/tasks/main.yaml @@ -1,27 +1,27 @@ --- - name: Create the PostgreSQL repository configuration - become: yes + become: true ansible.builtin.copy: - content: "deb {{ postgresql_repo }} {{ ansible_distribution_release }}-pgdg main" + content: 'deb {{ postgresql_repo }} {{ ansible_distribution_release }}-pgdg main' dest: /etc/apt/sources.list.d/pgdg.list when: not (ansible.builtin.stat.exists is defined and ansible.builtin.stat.exists) - name: Import the PostgreSQL repository signing key - become: yes + become: true ansible.builtin.apt_key: - url: "{{ postgresql_key_url }}" + url: '{{ postgresql_key_url }}' state: present - name: Update the package lists and ensure PostgreSQL is the latest version - become: yes + become: true ansible.builtin.apt: - name: "{{ postgresql_version }}" + name: '{{ postgresql_version }}' state: latest update_cache: yes - name: Manage the PostgreSQL service - become: yes + become: true ansible.builtin.systemd: name: postgresql - state: "{{ postgresql_service_state }}" - enabled: "{{ postgresql_service_enabled }}" + state: '{{ postgresql_service_state }}' + enabled: '{{ postgresql_service_enabled }}' diff --git a/data/ansible/roles/prometheus/defaults/main.yaml b/data/ansible/roles/prometheus/defaults/main.yaml new file mode 100644 index 000000000..055e35932 --- /dev/null +++ b/data/ansible/roles/prometheus/defaults/main.yaml @@ -0,0 +1,13 @@ +--- +prometheus_version: 2.53.1 +prometheus_user: prometheus +prometheus_install_dir: /opt/prometheus +prometheus_config_dir: /etc/prometheus +prometheus_data_dir: /var/lib/prometheus + +prometheus_web_listen_address: 0.0.0.0:9090 + +prometheus_service_enabled: false +prometheus_service_state: stopped + +prometheus_config_file: '{{ prometheus_install_dir }}/prometheus.yml' # supports either the path to a file or a j2 template diff --git a/data/ansible/roles/prometheus/handlers/main.yaml b/data/ansible/roles/prometheus/handlers/main.yaml new file mode 100644 index 000000000..9e424b9f2 --- /dev/null +++ b/data/ansible/roles/prometheus/handlers/main.yaml @@ -0,0 +1,8 @@ +--- +- name: Restart prometheus + become: true + ansible.builtin.systemd_service: + name: prometheus + state: restarted + daemon_reload: true + when: prometheus_service_state == 'started' diff --git a/data/ansible/roles/prometheus/tasks/handle_file.yaml b/data/ansible/roles/prometheus/tasks/handle_file.yaml new file mode 100644 index 000000000..883078186 --- /dev/null +++ b/data/ansible/roles/prometheus/tasks/handle_file.yaml @@ -0,0 +1,22 @@ +--- +- name: Copy file (if not .j2) + become: true + ansible.builtin.copy: + src: '{{ file_src }}' + dest: '{{ file_dest }}' + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + mode: '0644' + when: not file_src.endswith('.j2') + notify: Restart grafana + +- name: Template file (if .j2) + become: true + ansible.builtin.template: + src: '{{ file_src }}' + dest: '{{ file_dest }}' + owner: '{{ grafana_user }}' + group: '{{ grafana_user }}' + mode: '0644' + when: file_src.endswith('.j2') + notify: Restart grafana diff --git a/data/ansible/roles/prometheus/tasks/main.yaml b/data/ansible/roles/prometheus/tasks/main.yaml new file mode 100644 index 000000000..dd74ef749 --- /dev/null +++ b/data/ansible/roles/prometheus/tasks/main.yaml @@ -0,0 +1,86 @@ +--- +- name: Create prometheus user + become: true + ansible.builtin.user: + name: '{{ prometheus_user }}' + state: present + system: true + createhome: no + +- name: Check current Prometheus version + ansible.builtin.command: "{{ prometheus_install_dir }}/prometheus --version" + register: prometheus_current_version + ignore_errors: true + changed_when: false + +- name: Remove existing Prometheus installation if version differs + become: true + ansible.builtin.file: + path: "{{ prometheus_install_dir }}" + state: absent + when: prometheus_current_version.rc == 0 and prometheus_version not in prometheus_current_version.stdout + +- name: Create prometheus data and config directories + become: true + ansible.builtin.file: + path: '{{ item }}' + state: directory + owner: '{{ prometheus_user }}' + group: '{{ prometheus_user }}' + mode: '0755' + loop: + - '{{ prometheus_config_dir }}' + - '{{ prometheus_data_dir }}' + - '{{ prometheus_install_dir }}' + +- name: Download and extract prometheus + become: true + ansible.builtin.unarchive: + src: 'https://github.com/prometheus/prometheus/releases/download/v{{ prometheus_version }}/prometheus-{{ prometheus_version }}.linux-amd64.tar.gz' + dest: '{{ prometheus_install_dir }}' + remote_src: true + owner: '{{ prometheus_user }}' + group: '{{ prometheus_user }}' + extra_opts: [--strip-components=1] + notify: Restart prometheus + when: prometheus_current_version.rc != 0 or prometheus_version not in prometheus_current_version.stdout + +- name: Handle prometheus config file + block: + - name: Copy file (if not .j2) + become: true + ansible.builtin.copy: + src: '{{ prometheus_config_file }}' + dest: '{{ prometheus_config_dir }}/{{ prometheus_config_file | basename }}' + owner: '{{ prometheus_user }}' + group: '{{ prometheus_user }}' + mode: '0644' + when: not prometheus_config_file.endswith('.j2') + + - name: Template file (if .j2) + become: true + ansible.builtin.template: + src: '{{ prometheus_config_file }}' + dest: '{{ prometheus_config_dir }}/{{ prometheus_config_file | basename | splitext | first }}' # cut .j2 extension + owner: '{{ prometheus_user }}' + group: '{{ prometheus_user }}' + mode: '0644' + when: prometheus_config_file.endswith('.j2') + when: prometheus_config_file is defined + notify: Restart prometheus + +- name: Create prometheus systemd service file + become: true + ansible.builtin.template: + src: prometheus.service.j2 + dest: /etc/systemd/system/prometheus.service + mode: '0644' + notify: Restart prometheus + +- name: Ensure prometheus service is in desired state + become: true + ansible.builtin.systemd_service: + name: prometheus + state: '{{ prometheus_service_state }}' + enabled: '{{ prometheus_service_enabled }}' + when: prometheus_service_state == 'stopped' or prometheus_service_enabled == false diff --git a/data/ansible/roles/prometheus/templates/prometheus.service.j2 b/data/ansible/roles/prometheus/templates/prometheus.service.j2 new file mode 100644 index 000000000..8f1d0e379 --- /dev/null +++ b/data/ansible/roles/prometheus/templates/prometheus.service.j2 @@ -0,0 +1,17 @@ +[Unit] +Description=Prometheus +Wants=network-online.target +After=network-online.target + +[Service] +User={{ prometheus_user }} +Group={{ prometheus_user }} +Type=simple +ExecStart={{ prometheus_install_dir }}/prometheus \ + --config.file={{ prometheus_config_dir }}/prometheus.yml \ + --storage.tsdb.path={{ prometheus_data_dir }} \ + --web.listen-address={{ prometheus_web_listen_address }} +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/data/ansible/roles/sipp/defaults/main.yaml b/data/ansible/roles/sipp/defaults/main.yaml new file mode 100644 index 000000000..79cc887bb --- /dev/null +++ b/data/ansible/roles/sipp/defaults/main.yaml @@ -0,0 +1,13 @@ +--- +sipp_clone_path: '{{ ansible_env.HOME }}' +sipp_bin_path: /usr/local/bin +sipp_cmake_flags: '' # '-DUSE_SSL=1 -DUSE_SCTP=1 -DUSE_PCAP=1 -DUSE_GSL=1' +sipp_remove_source: true +sipp_version: v3.7.2 +sipp_dependencies: + - git + - cmake + - make + - gcc + - g++ + - libncurses-dev diff --git a/data/ansible/roles/sipp/tasks/main.yaml b/data/ansible/roles/sipp/tasks/main.yaml new file mode 100644 index 000000000..76ef5ff91 --- /dev/null +++ b/data/ansible/roles/sipp/tasks/main.yaml @@ -0,0 +1,58 @@ +--- +- name: Check if SIPp is installed and get version + ansible.builtin.shell: + cmd: sipp -v | grep 'SIPp v' | awk '{print $2}' | sed 's/.$//' + register: sipp_installed_version + ignore_errors: true + changed_when: false + +# - name: Debug SIPp version +# debug: +# msg: "Installed SIPp version is '{{ sipp_installed_version.stdout }}'" + +- name: Install dependencies for building SIPp + become: true + ansible.builtin.apt: + name: '{{ sipp_dependencies }}' + state: present + when: sipp_installed_version.stdout != sipp_version and ansible_os_family == "Debian" + +- name: Clone SIPp repository + ansible.builtin.git: + repo: https://github.com/SIPp/sipp.git + dest: '{{ sipp_clone_path }}/sipp' + version: '{{ sipp_version }}' + when: sipp_installed_version.stdout != sipp_version + +- name: Build SIPp + block: + - name: Create build directory + ansible.builtin.file: + path: '{{ sipp_clone_path }}/sipp/build' + state: directory + + - name: Run CMake + ansible.builtin.command: + cmd: cmake .. {{ sipp_cmake_flags }} + chdir: '{{ sipp_clone_path }}/sipp/build' + + - name: Run Make + ansible.builtin.command: + cmd: make + chdir: '{{ sipp_clone_path }}/sipp/build' + when: sipp_installed_version.stdout != sipp_version + +- name: Move SIPp binary to the installation path + become: true + ansible.builtin.copy: + src: '{{ sipp_clone_path }}/sipp/build/sipp' + dest: '{{ sipp_bin_path }}' + remote_src: yes + mode: '0755' + when: sipp_installed_version.stdout != sipp_version + +- name: Remove SIPp source directory + ansible.builtin.file: + path: '{{ sipp_clone_path }}/sipp' + state: absent + when: sipp_installed_version.stdout != sipp_version and sipp_remove_source