refactor molecule
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2019-10-27 23:23:44 +01:00
parent 7aa3655b79
commit 15bbb52f46
7 changed files with 41 additions and 29 deletions

2
.gitignore vendored
View File

@ -1,6 +1,6 @@
# ---> Ansible # ---> Ansible
*.retry *.retry
filter/plugins/ plugins
library library
# ---> Python # ---> Python

View File

@ -5,7 +5,7 @@ freshrss_service_directory: /var/lib/docker/services/freshrss
freshrss_container_name: freshrss freshrss_container_name: freshrss
freshrss_image: "xoxys/freshrss:{{ freshrss_version }}" freshrss_image: "xoxys/freshrss:{{ freshrss_version }}"
freshrss_restart_policy: on-failure freshrss_restart_policy: on-failure
freshrss_exposed_port: 61000 freshrss_exposed_port: 80
freshrss_exposed_ip: 127.0.0.1 freshrss_exposed_ip: 127.0.0.1
freshrss_extra_hosts: [] freshrss_extra_hosts: []
@ -85,10 +85,3 @@ freshrss_db_password: secure
freshrss_db_ssl_mode: disable freshrss_db_ssl_mode: disable
# @var freshrss_db_ssl_mode:description: This variable is only supported for `pgsql` DB type. # @var freshrss_db_ssl_mode:description: This variable is only supported for `pgsql` DB type.
freshrss_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt freshrss_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
freshrss_iptables_enabled: False
freshrss_open_ports:
- name: allow_freshrss_web
rules: |
-A INPUT -m state --state NEW -p tcp --dport {{ freshrss_exposed_port }} -j ACCEPT
state: present

View File

@ -20,3 +20,5 @@ verifier:
name: testinfra name: testinfra
lint: lint:
name: flake8 name: flake8
options:
max-line-length: 120

View File

@ -1,8 +1,20 @@
--- ---
- name: Converge - name: Converge (Stage 1)
hosts: all
vars:
dockerengine_packages_extra:
- epel-release
- python2-pip
roles:
- role: xoxys.docker-engine
- name: Converge (Stage 2)
hosts: all hosts: all
vars: vars:
postgres_repository_enabled: True postgres_repository_enabled: True
postgres_connection_addresses:
- "{{ ansible_docker0.ipv4.address }}"
postgres_users: postgres_users:
- name: "pgfreshrss" - name: "pgfreshrss"
password: "secure" password: "secure"
@ -10,11 +22,16 @@
db: "freshrss" db: "freshrss"
postgres_dbs: postgres_dbs:
- name: "freshrss" - name: "freshrss"
dockerengine_packages_extra: postgres_hba_entries_extra:
- epel-release - contype: host
- python2-pip databases:
- all
users:
- all
address: "172.18.0.0/16"
auth_method: md5
freshrss_db_server: "{{ ansible_docker0.ipv4.address }}"
roles: roles:
- role: xoxys.postgres - role: xoxys.postgres
- role: xoxys.docker-engine
- role: xoxys.freshrss_docker - role: xoxys.freshrss_docker

View File

@ -17,4 +17,12 @@ def test_freshrss_running(host):
def test_freshrss_socket(host): def test_freshrss_socket(host):
# Verify the socket is listening for HTTP traffic # Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:61000").is_listening assert host.socket("tcp://127.0.0.1:80").is_listening
def test_freshrss_conn_error(host):
code = int(host.run("curl -s -w '%{http_code}' http://localhost/ -o /dev/null").stdout)
body = host.run("curl -sX GET http://localhost/").stdout
assert code == 200
assert "FreshRSS" in body

View File

@ -16,17 +16,5 @@
dest: "/etc/systemd/system/freshrss.service" dest: "/etc/systemd/system/freshrss.service"
mode: 0644 mode: 0644
notify: __freshrss_restart notify: __freshrss_restart
- name: Open ports in iptables
iptables_raw:
name: "{{ item.name }}"
rules: "{{ item.rules }}"
state: "{{ item.state }}"
weight: "{{ item.weight | default(omit) }}"
table: "{{ item.table | default(omit) }}"
loop: "{{ freshrss_open_ports }}"
loop_control:
label: "{{ item.name }}"
when: freshrss_iptables_enabled | bool
become: True become: True
become_user: root become_user: root

View File

@ -69,8 +69,12 @@ services:
- FRESHRSS_CURLOPT_PROXYUSERPWD={{ freshrss_curlopt_proxyuserpwd }} - FRESHRSS_CURLOPT_PROXYUSERPWD={{ freshrss_curlopt_proxyuserpwd }}
{% endif %} {% endif %}
- FRESHRSS_DB_TYPE=pgsql - FRESHRSS_DB_TYPE=pgsql
- FRESHRSS_DB_HOST={{ freshrss_db_server }}{% if ttrss_db_type == "pgsql" %};sslmode={{ freshrss_db_ssl_mode }}{% endif %} {% if ttrss_db_type == "pgsql" %}
- FRESHRSS_db_SSL_ROOTCERT={{ freshrss_db_ssl_rootcert }} - FRESHRSS_DB_HOST={{ freshrss_db_server }};sslmode={{ freshrss_db_ssl_mode }}
{% else %}
- FRESHRSS_DB_HOST={{ freshrss_db_server }}
{% endif %}
- FRESHRSS_DB_SSL_ROOTCERT={{ freshrss_db_ssl_rootcert }}
- FRESHRSS_DB_PORT={{ freshrss_db_port }} - FRESHRSS_DB_PORT={{ freshrss_db_port }}
- FRESHRSS_DB_USER={{ freshrss_db_user }} - FRESHRSS_DB_USER={{ freshrss_db_user }}
- FRESHRSS_DB_PASSWORD={{ freshrss_db_password }} - FRESHRSS_DB_PASSWORD={{ freshrss_db_password }}