rewrite init

2025-01-24 10:17:15 +08:00 · 2022-07-11 14:40:24 +08:00 · 2022-07-11 14:40:24 +08:00 · 8b4b79bd37
commit 8b4b79bd37
parent 42efce6479
5 changed files with 26 additions and 336 deletions
--- a/apps/roles/role_init/defaults/main.yml
+++ b/apps/roles/role_init/defaults/main.yml
@ -1,38 +1,3 @@
-# dictionary variable for interface
-init_db:
-init_application:
-init_docker:
-
-# init_db sample for you
-init_db_example: 
-  mysql:
-    admin: root
-    users: ["discuz"]
-    password: "123456"
-    service_before:
-    service_after:
-    config_paths:
-      - /data/wwwroot/discuz/upload/config/config_global_default.php
-    command:
-      - echo "hello world"
-
-# these meta data ony for inner coding, not for interface
-init_service_unit: 
-  mysql:
-    before: 
-    after: mysqld.service
-  mariadb:
-    before: 
-    after: mysqld.service
-  mongodb:
-    before: 
-    after: mongod.service
-  postgresql:
-    before:
-    after: postgresql.service
-  neo4j:
-    before:
-    after: neo4j.service
-    
+


--- a/apps/roles/role_init/tasks/main.yml
+++ b/apps/roles/role_init/tasks/main.yml
@ -1,21 +1,22 @@
 - block:
-  - name: Create credentials Folder
-    file:
-      path: /credentials
-      state: directory
+    - name: Create credentials Folder
+      file:
+        path: /credentials
+        state: directory

-  - name: Upload Databases Password
-    template:
-      src: password.txt.jinja2
-      dest: /credentials/password.txt
-      mode: 0640
+    - name: Create a PHP  symbolic link
+      file:
+        src: "{{installpath}}/{{app}}/.env"
+        dest: "/credentials/{{item}}_password.txt"
+        state: link
+      loop: "{{applist.stdout_lines}}"

 - name: Copy Init Script
  template:
    src: init.sh.jinja2
    dest: /credentials/init.sh
    mode: 0750
-    
+
 - name: Upload init-apps.service
  template:
    src: init-apps.service.jinja2
@ -26,13 +27,13 @@
    name: init-apps
    enabled: yes

- block: 
-  - name: Check init, if /credentials/* file not exist or no content, stop and exit Ansible
-    shell: |
-      [  -s /credentials/password.txt ] && [  -s /credentials/init.sh ] && init_initpasswd=true || init_initpasswd=false
-      echo $init_initpasswd
-    register: init_check
+- block:
+    - name: Check init, if /credentials/* file not exist or no content, stop and exit Ansible
+      shell: |
+        [  -s /credentials/password.txt ] && [  -s /credentials/init.sh ] && init_initpasswd=true || init_initpasswd=false
+        echo $init_initpasswd
+      register: init_check

-  - name: Output error when init.sh fail
-    fail: msg="init role is not done,exit!"
-    when: init_check.stdout == "false"
+    - name: Output error when init.sh fail
+      fail: msg="init role is not done,exit!"
+      when: init_check.stdout == "false"
--- a/apps/roles/role_init/templates/init-apps.service.jinja2
+++ b/apps/roles/role_init/templates/init-apps.service.jinja2
@ -1,45 +1,6 @@
 [Unit]
 Description=Init image powered by Websoft9
-After=network.target systemd-networkd-wait-online.service
-{##############  init databases ##############}
-{% if init_db %}
-{% for dbs_name, dbs_attr in init_db.items() %}
-{% if init_service_unit[dbs_name].before is defined and init_service_unit[dbs_name].before is not none %}
-Before={{init_service_unit[dbs_name].before}}
-{% endif %}
-{% if dbs_attr.service_before is defined and dbs_attr.service_before is not none %}
-Before={{dbs_attr.service_before}}
-{% endif %}
-{% if init_service_unit[dbs_name].after is defined and init_service_unit[dbs_name].after is not none %}
-After={{init_service_unit[dbs_name].after}}
-{% endif %}
-{% if dbs_attr.service_after is defined and dbs_attr.service_after is not none %}
-After={{dbs_attr.service_after}}
-{% endif %}
-{% endfor %}
-{% endif %}
-{############## init applications ##############}
-{% if init_application %}
-{% for app_name,app_attr in init_application.items() %}
-{% if app_attr.service_before is defined and app_attr.service_before is not none %}
-Before={{app_attr.service_before}}
-{% endif %}
-{% if app_attr.service_after is defined and app_attr.service_after is not none %}
-After={{app_attr.service_after}}
-{% endif %}
-{% endfor %}
-{% endif %}
-{############## init docker applications ##############}
-{% if init_docker %}
-{% for docker_name,docker_attr in init_docker.items() %}
-{% if docker_attr.service_before is defined and docker_attr.service_before is not none %}
-Before={{docker_attr.service_before}}
-{% endif %}
-{% if docker_attr.service_after is defined and docker_attr.service_after is not none %}
-After={{docker_attr.service_after}}
-{% endif %}
-{% endfor %}
-{% endif %}
+After=network.target systemd-networkd-wait-online.service docker.service

 [Service]
 Type=simple
--- a/apps/roles/role_init/templates/init.sh.jinja2
+++ b/apps/roles/role_init/templates/init.sh.jinja2
@ -4,196 +4,9 @@ new_password=$(pwgen -ncCs 14 1)!
 sudo sleep 10s
 sudo sh -c 'echo "init-password started at" $(date -d now)  1>> /tmp/init_debug.txt'

-#1 database password init
-{% if init_db %}
-{% for db_names,dbs in init_db.items() %}
-
-{% if db_names == 'mysql' or db_names == 'mariadb' %}
-sudo sh -c 'echo "init mysql&mariadb started at" $(date -d now)  1>> /tmp/init_debug.txt'
-mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h ::1 password $new_password
-mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h 127.0.0.1 password $new_password
-mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h localhost password $new_password
-
-{% if dbs.users is defined and dbs.users is not none %}
-{% for dbs_app_user in dbs.users %}
-{% if mysql_version == '8.0' %}
-echo "
-SET PASSWORD FOR {{dbs_app_user}} = '$new_password';
-" |mysql -uroot -p$new_password -h 127.0.0.1
-
-echo "
-SET PASSWORD FOR {{dbs_app_user}}@localhost = '$new_password';
-" |mysql -uroot -p$new_password -h 127.0.0.1
-{% else %}
-echo "
-SET PASSWORD FOR {{dbs_app_user}} = PASSWORD('$new_password');
-" |mysql -uroot -p$new_password -h 127.0.0.1
-
-echo "
-SET PASSWORD FOR {{dbs_app_user}}@localhost = PASSWORD('$new_password');
-" |mysql -uroot -p$new_password -h 127.0.0.1
-{% endif %}
-
+#1 init for applist of .env
+{% for app_name in applist.stdout_lines %}
+sudo sed -i "s/_PASSWORD=.*/_PASSWORD=$new_password/g" /data/apps/{{app_name}}/.env
 {% endfor %}
-{% endif %}
-sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
-{% endif %}

-{% if db_names == 'mongodb' %}
-sudo sh -c 'echo "init mongodb started at" $(date -d now)  1>> /tmp/init_debug.txt'
-echo "
-use admin
-db.changeUserPassword('{{dbs.admin}}', '${new_password}')
-exit
-" | mongo admin -u {{dbs.admin}} -p {{dbs.password}}
-{% if dbs.users is defined and dbs.users is not none %}
-{% for dbs_app_user in dbs.users %}
-echo "
-use admin
-db.changeUserPassword('{{dbs_app_user}}', '${new_password}')
-exit
-" | mongo admin -u {{dbs_app_user}} -p {{dbs.password}}
-{% endfor %}
-{% endif %}
-sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
-{% endif %}
-
-{% if db_names == 'rethinkdb' %}
-sudo sh -c 'echo "init rethinkdb started at" $(date -d now)  1>> /tmp/init_debug.txt'
-sudo sh -c 'echo "{{dbs.password}}" > /tmp/pw'
-echo  "r.db('rethinkdb').table('users').get('{{dbs.admin}}').update({'password': '$new_password'}).run()" | rethinkdb-repl --password-file /tmp/pw
-{% if dbs.users is defined and dbs.users is not none %}
-{% for dbs_app_user in dbs.users %}
-echo  "r.db('rethinkdb').table('users').get('{{dbs_app_user}}').update({'password': '$new_password'}).run()" | rethinkdb-repl --password-file /tmp/pw
-{% endfor %}
-{% endif %}
-sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
-sudo rm -f /tmp/pw
-{% endif %}
-
-
-{% if db_names == 'postgresql' %}
-sudo sh -c 'echo "init postgresql started at" $(date -d now)  1>> /tmp/init_debug.txt'
-echo "               
-ALTER USER {{dbs.admin}} WITH PASSWORD '${new_password}';
-" | sudo -u {{dbs.admin}} psql
-{% if dbs.users is defined and dbs.users is not none %}
-{% for dbs_app_user in dbs.users %}
-echo "               
-ALTER USER {{dbs_app_user}} WITH PASSWORD '${new_password}';
-" | sudo -u {{dbs.admin}} psql
-{% endfor %}
-{% endif %}
-sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
-{% endif %}
-
-{% if db_names == 'neo4j' %}
-sudo sh -c 'echo "init neo4j started at" $(date -d now)  1>> /tmp/init_debug.txt'
-
-# wait neo4j service started
-sleep 60
-
-while [ $? -eq 0 ]
-do
-  {% if neo4j_version <= '3.5' %}
-  echo " 
-  CALL dbms.changePassword('${new_password}');
-  " | cypher-shell -u {{dbs.admin}}  -p {{dbs.password}}
-  {% else %}
-  echo "
-  ALTER CURRENT USER SET PASSWORD FROM '{{dbs.password}}' TO '${new_password}';
-  " | cypher-shell -u {{dbs.admin}}  -p {{dbs.password}}  -d system
-  {% endif %}
-  echo ":exit" |cypher-shell -u neo4j  -p neo4j  -d system
-done
-
-sudo sed -i "s/neo4j administrator password:{{dbs.password}}/neo4j administrator password:$new_password/g" /credentials/password.txt
-{% endif %}
-
-{% if db_names == 'redis' %}
-sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
-{% endif %}
-
-{% if dbs.config_paths is defined and dbs.config_paths is not none  %}
-{% for path in dbs.config_paths %}
-sudo sed -i "s/{{dbs.password}}/$new_password/g" {{path}}
-{% endfor %}
-{% endif %}
-
-{% if dbs.commands is defined and dbs.commands is not none %}
-{% for cmd in dbs.commands %}
-{{cmd}}
-{% endfor %}
-{% endif %}
-
-{% endfor %}
-{% endif %}
-
-
-#2 application password init
-{% if init_application %}
-sudo sh -c 'echo "init application started at" $(date -d now)  1>> /tmp/init_debug.txt'
-{% for app_name,app_attr in init_application.items() %}
-
-{% if app_attr.config_paths is defined and app_attr.config_paths is not none %}
-{% for path in app_attr.config_paths %}
-sudo sed -i "s/{{app_attr.password}}/$new_password/g" {{path}}
-{% endfor %}
-{% endif %}
-
-{% if app_attr.commands is defined and app_attr.commands is not none %}
-{% for cmd in app_attr.commands %}
-{{cmd}}
-{% endfor %}
-{% endif %}
-
-sudo sed -i "s/{{ app_name }} administrator Password:.*/{{ app_name }} administrator Password: $new_password/g" /credentials/password.txt
-{% endfor %}
-sudo sh -c 'echo "init application ended at" $(date -d now)  1>> /tmp/init_debug.txt'
-{% endif %}
-
-#3 docker password init
-{% if init_docker %}
-sudo sh -c 'echo "init docker started at" $(date -d now)  1>> /tmp/init_debug.txt'
-sudo systemctl restart docker
-{% for app_name,app_attr in init_docker.items() %}
-
-{% if app_attr.admin_password is defined and app_attr.admin_password is not none %}
-sudo sed -i "s/{{ app_name }} administrator Password: .*/{{ app_name }} administrator Password: $new_password/g" /credentials/password.txt
-{% endif %}
-
-{% if app_attr.db_password is defined and app_attr.db_password is not none %}
-sudo sed -i "s/database password:.*/database password:$new_password/g" /credentials/password.txt
-{% endif %}
-
-{% if app_attr.compose_path is defined and app_attr.compose_path is not none %}
-{% if app_attr.compose_down is not defined or app_attr.compose_down == True %}
-sudo docker compose -f {{app_attr.compose_path}} down -v
-sudo sleep 20s
-{% endif %}
-
-{% if app_attr.volumes is defined and app_attr.volumes is not none %}
-{% for volume in app_attr.volumes %}
-sudo rm -rf {{volume}}
-{% endfor %}
-{% endif %}
-
-{% if app_attr.compose_commands is defined and app_attr.compose_commands is not none %}
-{% for cmd in app_attr.compose_commands %}
-{{cmd}}
-{% endfor %}
-{% endif %}
-
-sudo docker compose -f {{app_attr.compose_path}} up -d --no-recreate
-sudo sleep 20s
-{% endif %}
-
-{% if app_attr.commands is defined and app_attr.commands is not none %}
-{% for cmd in app_attr.commands %}
-{{cmd}}
-{% endfor %}
-{% endif %}
-
-{% endfor %}
-sudo sh -c 'echo "init docker ended at" $(date -d now)  1>> /tmp/init_debug.txt'
-{% endif %}
+2 init for applist of special  
--- a/apps/roles/role_init/templates/password.txt.jinja2
+++ b/apps/roles/role_init/templates/password.txt.jinja2
@ -1,50 +0,0 @@
-{% if init_db %}
-{% for db_names,dbs in init_db.items() %}
-{{db_names}} administrator username:{{dbs.admin}}
-{{db_names}} administrator password:{{dbs.password}}
-{% if dbs.users is defined and dbs.users is not none %}
-{% for dbs_app_user in dbs.users %}
-
--- {{db_names}} connections for your {{ dbs_app_user }} installation---
-database hostname: localhost or 127.0.0.1
-database name:{{dbs_app_user}}
-database username:{{dbs_app_user}}
-database password:{{dbs.password}}
-
-{% endfor %}
-{% endif %}
-
---
-
-{% endfor %}
-{% endif %}
-
-{% if init_application %}
-{% for app_name,app_attr in init_application.items() %}
-### Username and Password for your {{ app_name }} login ###
-{% if app_attr.username is defined and app_attr.username is not none %}
-{{app_name}} administrator Username: {{app_attr.username}}
-{{app_name}} administrator Password: {{app_attr.password}}
-{% endif %}
-{% endfor %}
-{% endif %}
-
-{% if init_docker %}
-{% for app_name,app_attr in init_docker.items() %}
-
-{% if app_attr.admin_password is defined and app_attr.admin_password is not none %}
-### Username and Password for your {{ app_name }} login ###
-
-{{app_name}} administrator Username: {{app_attr.admin_username}}
-{{app_name}} administrator Password: {{app_attr.admin_password}}
-{% endif %}
-
-{% if app_attr.db_password is defined and app_attr.db_password is not none %}
--- {{app_attr.db}} (Docker) connections for your {{app_name}} installation---
-database name:{{app_attr.db_name}}
-database username:{{app_attr.db_username}}
-database password:{{app_attr.db_password}}
-{% endif %}
-
-{% endfor %}
-{% endif %}