refactor molecule
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2019-10-27 23:23:44 +01:00
parent 7aa3655b79
commit 15bbb52f46
7 changed files with 41 additions and 29 deletions

2
.gitignore vendored
View File

@ -1,6 +1,6 @@
# ---> Ansible
*.retry
filter/plugins/
plugins
library
# ---> Python

View File

@ -5,7 +5,7 @@ freshrss_service_directory: /var/lib/docker/services/freshrss
freshrss_container_name: freshrss
freshrss_image: "xoxys/freshrss:{{ freshrss_version }}"
freshrss_restart_policy: on-failure
freshrss_exposed_port: 61000
freshrss_exposed_port: 80
freshrss_exposed_ip: 127.0.0.1
freshrss_extra_hosts: []
@ -85,10 +85,3 @@ freshrss_db_password: secure
freshrss_db_ssl_mode: disable
# @var freshrss_db_ssl_mode:description: This variable is only supported for `pgsql` DB type.
freshrss_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
freshrss_iptables_enabled: False
freshrss_open_ports:
- name: allow_freshrss_web
rules: |
-A INPUT -m state --state NEW -p tcp --dport {{ freshrss_exposed_port }} -j ACCEPT
state: present

View File

@ -20,3 +20,5 @@ verifier:
name: testinfra
lint:
name: flake8
options:
max-line-length: 120

View File

@ -1,8 +1,20 @@
---
- name: Converge
- name: Converge (Stage 1)
hosts: all
vars:
dockerengine_packages_extra:
- epel-release
- python2-pip
roles:
- role: xoxys.docker-engine
- name: Converge (Stage 2)
hosts: all
vars:
postgres_repository_enabled: True
postgres_connection_addresses:
- "{{ ansible_docker0.ipv4.address }}"
postgres_users:
- name: "pgfreshrss"
password: "secure"
@ -10,11 +22,16 @@
db: "freshrss"
postgres_dbs:
- name: "freshrss"
dockerengine_packages_extra:
- epel-release
- python2-pip
postgres_hba_entries_extra:
- contype: host
databases:
- all
users:
- all
address: "172.18.0.0/16"
auth_method: md5
freshrss_db_server: "{{ ansible_docker0.ipv4.address }}"
roles:
- role: xoxys.postgres
- role: xoxys.docker-engine
- role: xoxys.freshrss_docker

View File

@ -17,4 +17,12 @@ def test_freshrss_running(host):
def test_freshrss_socket(host):
# Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:61000").is_listening
assert host.socket("tcp://127.0.0.1:80").is_listening
def test_freshrss_conn_error(host):
code = int(host.run("curl -s -w '%{http_code}' http://localhost/ -o /dev/null").stdout)
body = host.run("curl -sX GET http://localhost/").stdout
assert code == 200
assert "FreshRSS" in body

View File

@ -16,17 +16,5 @@
dest: "/etc/systemd/system/freshrss.service"
mode: 0644
notify: __freshrss_restart
- name: Open ports in iptables
iptables_raw:
name: "{{ item.name }}"
rules: "{{ item.rules }}"
state: "{{ item.state }}"
weight: "{{ item.weight | default(omit) }}"
table: "{{ item.table | default(omit) }}"
loop: "{{ freshrss_open_ports }}"
loop_control:
label: "{{ item.name }}"
when: freshrss_iptables_enabled | bool
become: True
become_user: root

View File

@ -69,8 +69,12 @@ services:
- FRESHRSS_CURLOPT_PROXYUSERPWD={{ freshrss_curlopt_proxyuserpwd }}
{% endif %}
- FRESHRSS_DB_TYPE=pgsql
- FRESHRSS_DB_HOST={{ freshrss_db_server }}{% if ttrss_db_type == "pgsql" %};sslmode={{ freshrss_db_ssl_mode }}{% endif %}
- FRESHRSS_db_SSL_ROOTCERT={{ freshrss_db_ssl_rootcert }}
{% if ttrss_db_type == "pgsql" %}
- FRESHRSS_DB_HOST={{ freshrss_db_server }};sslmode={{ freshrss_db_ssl_mode }}
{% else %}
- FRESHRSS_DB_HOST={{ freshrss_db_server }}
{% endif %}
- FRESHRSS_DB_SSL_ROOTCERT={{ freshrss_db_ssl_rootcert }}
- FRESHRSS_DB_PORT={{ freshrss_db_port }}
- FRESHRSS_DB_USER={{ freshrss_db_user }}
- FRESHRSS_DB_PASSWORD={{ freshrss_db_password }}