Added update step to update pg_hba.conf postgresql/tasks

README.md

@@ -0,0 +1,17 @@
+# infra-as-code
+## Setup
+In order to create customers a one-time setup has to be done. Execute the following command to get started: 
+```sh
+./install_deps.sh 
+```
+You can now start creating customers!
+
+## Create customer
+```sh
+./self_service.sh
+```
+
+## Remove a customer
+```sh
+./rm_customer.sh $CUSTOMER_NAME
+```

activate.sh

@@ -1 +0,0 @@
-export PATH="$PATH:$PWD/scripts/bin"

build_binaries.sh

@@ -1,2 +0,0 @@
-cd ./scripts
-go build  -o ./bin/inv-alias ./inv-alias.go

install_deps.sh

@@ -1 +1,3 @@
-sudo apt-get -y install virtualbox vagrant ansible
+#!/usr/bin/env bash
+sudo apt-get -y install virtualbox vagrant ansible
+ansible-galaxy install -r ./requirements.yml

requirements.yml

@@ -0,0 +1,4 @@
+---
+# ansible-galaxy requirements for this repository
+collections:
+  - 'community.postgresql'

roles/nginx-webserver/handlers/main.yml

@@ -1,6 +1,6 @@
 ---
 # handlers file for nginx-webserver
-- name: restart nginx
+- name: reload nginx
   ansible.builtin.service:
     name: nginx
     state: restarted

roles/nginx-webserver/tasks/main.yml

@@ -1,14 +1,35 @@
 ---
 # tasks file for nginx-webserver
-- name: Install nginx
+- name: Install nginx and php
   package:
-    name: nginx
+    name:
+      - nginx
+      - php7.4
+      - php7.4-fpm
+      - php7.4-cli
     state: present
     update_cache: yes
   become: true
-  notify: restart nginx
+- name: Copy over nginx.conf
-- name: Copy over index.html
   ansible.builtin.template:
-    src: ./templates/index.html.j2
+    src: ./templates/nginx.cfg.j2
-    dest: /var/www/html/index.html
+    dest: /etc/nginx/sites-available/nginx.cfg
+  become: true
+  notify: reload nginx
+- name: Enable nginx.conf
+  file:
+    src: /etc/nginx/sites-available/nginx.cfg
+    dest: /etc/nginx/sites-enabled/default
+    state: link
+  become: true
+  notify: reload nginx
+- name: Remove nginx default crap
+  file:
+    state: absent
+    path: /var/www/html/*
+  become: true
+- name: Copy over index.php
+  ansible.builtin.template:
+    src: ./templates/index.php.j2
+    dest: /var/www/html/index.php
   become: true

roles/nginx-webserver/templates/index.php.j2

@@ -8,6 +8,7 @@
   </head>
 
   <body>
+    <h1><?php echo 'Hello, World!'; ?></h1>
     <p>Hostname: {{ ansible_facts.nodename }}</p>
     <p>OS: {{ ansible_facts.distribution }} {{ ansible_facts.distribution_version }}</p>
     <p>Kernel: {{ ansible_facts.kernel }}</p>

roles/nginx-webserver/templates/nginx.cfg.j2

@@ -0,0 +1,15 @@
+server {
+    listen 80;
+
+    root /var/www/html;
+    index index.php;
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+
+    location ~ \.php$ {
+        include snippets/fastcgi-php.conf;
+        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+    }
+}

roles/postgresql/files/sample.csv

@@ -0,0 +1,2 @@
+hello
+world

roles/postgresql/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for postgresql

roles/postgresql/meta/main.yml

@@ -0,0 +1,10 @@
+galaxy_info:
+  author: strNophix
+  description: Postgresql Role
+
+  license: MIT
+  min_ansible_version: 2.1
+
+  galaxy_tags: []
+
+dependencies: []

roles/postgresql/tasks/main.yml

@@ -0,0 +1,68 @@
+---
+# tasks file for postgresql
+- name: Install package dependencies
+  package:
+    name:
+      - postgresql
+      - postgresql-contrib
+      - python3-pip
+      - acl
+    state: present
+    update_cache: yes
+  become: true
+- name: Install `psycopg2` driver for postgresql
+  pip:
+    name: psycopg2-binary
+    state: present
+  become: true
+- name: Update `listen_address` in `/etc/postgresql/12/main/postgresql.conf`
+  lineinfile:
+    path: /etc/postgresql/12/main/postgresql.conf
+    regexp: ^#listen_addresses = 'localhost'
+    line: listen_addresses='*'
+  become: true
+- name: Update `pg_hba.conf`
+  community.postgresql.postgresql_pg_hba:
+    dest: /etc/postgresql/12/main/pg_hba.conf
+    contype: host
+    users: postgres
+    source: 192.168.56.0/24
+    method: md5
+    create: true
+  become: true
+- name: Create new test-database
+  become_user: postgres
+  become: yes
+  community.postgresql.postgresql_db:
+    name: test
+- name: Create table `test`.`message` 
+  become_user: postgres
+  become: yes
+  community.postgresql.postgresql_table:
+    db: test
+    name: message
+    columns:
+      - id bigserial primary key
+      - content text
+# TODO: Figure out what would be the correct `copy_from`
+- name: Insert sample data into `test`.`message` 
+  become_user: postgres
+  become: yes
+  community.postgresql.postgresql_copy:
+    copy_from: sample.csv
+    db: test
+    dst: message
+    columns: content
+    options:
+      format: csv
+- name: Update password of postgres user
+  become_user: postgres
+  become: yes
+  community.postgresql.postgresql_user:
+    name: postgres
+    password: coolshit
+- name: Restart postgresql service
+  service:
+    name: postgresql
+    state: restarted
+    enabled: yes

scripts/bin/hosto

@@ -1,54 +0,0 @@
-#!/usr/bin/env bash
-
-VERSION="0.1.0"
-
-function help() {
-  echo -e \
-    "Usage: $(basename $0) [OPTIONS] [COMMAND]\n\n" \
-    "Options:\n" \
-    "   -i, --inv-file <path>       Specify the Ansible inventory to add.\n" \
-    "   -h, --help                  Show help.\n" \
-    "   -v, --version               Show version."
-}
-
-if [[ $# -eq 0 ]]; then
-  help
-  exit 1
-fi
-
-INVENTORY_FILE="$(pwd)/inventory"
-
-while [[ $# -gt 0 ]]; do
-  case $1 in
-    -i|--inv-file)
-      INVENTORY_FILE="$2"
-      shift
-      shift
-      ;;
-    -h|--help)
-      help
-      exit 1
-      ;;
-    -v|--version)
-      echo $VERSION
-      exit 1
-      ;;
-    -*|--*)
-      echo "hosto: unrecognized option '$1'"
-      help
-      exit 1
-      ;;
-    *)
-      break
-      ;;
-  esac
-done
-
-if [ -f $INVENTORY_FILE ]; then
-  sudo inv-alias add $INVENTORY_FILE
-  eval $@
-  sudo inv-alias rm $INVENTORY_FILE
-else
-  echo "hosto: Could not find inventory file at $INVENTORY_FILE"
-  eval $@
-fi

scripts/inv-alias.go

@@ -1,150 +0,0 @@
-package main
-
-import (
-	"bufio"
-	"fmt"
-	"io"
-	"io/fs"
-	"io/ioutil"
-	"log"
-	"os"
-	"path/filepath"
-	"regexp"
-	"strings"
-)
-
-type AliasMap map[string]string
-
-const (
-	HostsFile string = "/etc/hosts"
-)
-
-func FixedSplit(s, sep string, parts int) []string {
-	n := make([]string, parts)
-	p := strings.SplitN(s, sep, parts)
-	copy(n, p)
-	return n
-}
-
-func IsLegalLine(line string) bool {
-	c := line[0]
-	return c != '[' && c != '#'
-}
-
-func BuildRegionString(regionName string, aliases AliasMap) string {
-	b := strings.Builder{}
-	b.WriteString("#region ")
-	b.WriteString(regionName)
-	b.WriteString("\n")
-
-	for ip, alias := range aliases {
-		b.WriteString(ip)
-		b.WriteString("\t")
-		b.WriteString(alias)
-		b.WriteString("\n")
-	}
-
-	b.WriteString("#endregion")
-	return b.String()
-}
-
-func BuildRegionRegexp(regionName string) *regexp.Regexp {
-	b := strings.Builder{}
-	b.WriteString("(?s)\n#region ")
-	b.WriteString(regexp.QuoteMeta(regionName))
-	b.WriteString(".*#endregion")
-	r := regexp.MustCompile(b.String())
-	return r
-}
-
-func ScanAliases(fileReader io.Reader) (AliasMap, error) {
-	aliasMap := AliasMap{}
-	scanner := bufio.NewScanner(fileReader)
-	for scanner.Scan() {
-		line := scanner.Text()
-		if IsLegalLine(line) {
-			s := FixedSplit(line, "#", 2)
-			ip, alias := strings.TrimSpace(s[0]), strings.TrimSpace(s[1])
-			if _, ok := aliasMap[ip]; !ok && alias != "" {
-				aliasMap[ip] = alias
-			}
-		}
-	}
-
-	if err := scanner.Err(); err != nil {
-		return nil, err
-	}
-
-	return aliasMap, nil
-}
-
-func AddAliases(fileName string) {
-	file, err := os.Open(fileName)
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	h, err := ScanAliases(file)
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	file.Close()
-
-	r := BuildRegionRegexp(fileName)
-	s := BuildRegionString(fileName, h)
-
-	content, err := ioutil.ReadFile(HostsFile)
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	c := r.ReplaceAllString(string(content), s)
-	if !r.MatchString(c) {
-		c += ("\n" + s)
-	}
-
-	err = os.WriteFile(HostsFile, []byte(c[:]), fs.FileMode(os.O_WRONLY|os.O_TRUNC))
-	if err != nil {
-		log.Fatal(err)
-	}
-}
-
-func RemoveAliases(fileName string) {
-	regionReg := BuildRegionRegexp(fileName)
-	content, err := ioutil.ReadFile(HostsFile)
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	c := regionReg.ReplaceAll(content, []byte(""))
-	err = os.WriteFile(HostsFile, c, fs.FileMode(os.O_WRONLY|os.O_TRUNC))
-	if err != nil {
-		log.Fatal(err)
-	}
-}
-
-func main() {
-	u := fmt.Sprintf("Please use: %s <add|rm> <file:path>\n", os.Args[0])
-
-	if len(os.Args) < 3 {
-		fmt.Println(u)
-		os.Exit(1)
-	}
-
-	p, err := filepath.Abs(os.Args[2])
-	if err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
-
-	switch os.Args[1] {
-	case "add":
-		AddAliases(p)
-	case "rm":
-		RemoveAliases(p)
-	default:
-		fmt.Println(u)
-		os.Exit(1)
-	}
-}

self_service.sh

@@ -13,9 +13,14 @@ write_inventory_group() {
 
 # Take customer inputs
 read -p "Klantnaam: " customerName
-read -p "IpInt: " ipAddr
+# read -p "IpInt: " ipAddr
-read -p "Number of webservers: " numWebserver
+# read -p "Number of webservers: " numWebserver
-read -p "Number of loadbalancers: " numLoadbalancers
+# read -p "Number of loadbalancers: " numLoadbalancers
+# read -p "Number of postgresql instances: " numPostgresql
+ipAddr=15
+numWebserver=0
+numLoadbalancers=0
+numPostgresql=1
 
 # Create customer directory and cd
 mkdir -p ./customers/$customerName && cd $_
@@ -26,6 +31,7 @@ sed -i "s/#{customerName}/$customerName/" ./Vagrantfile
 sed -i "s/#{ipAddr}/$ipAddr/" ./Vagrantfile
 sed -i "s/#{numWebserver}/$numWebserver/" ./Vagrantfile
 sed -i "s/#{numLoadbalancers}/$numLoadbalancers/" ./Vagrantfile
+sed -i "s/#{numPostgresql}/$numPostgresql/" ./Vagrantfile
 
 copy_template ./ansible.cfg.template ./ansible.cfg
 
@@ -38,6 +44,9 @@ write_inventory_group "webserver" $ipOffset $numWebserver
 write_inventory_group "loadbalancer" $ipOffset $numLoadbalancers
 ((ipOffset+=numLoadbalancers))
 
+write_inventory_group "postgresql" $ipOffset $numPostgresql
+((ipOffset+=numPostgresql))
+
 # Generate a new seperate ssh key for the customer
 mkdir -p ./.ssh/
 ssh-keygen -t rsa -b 2048 -f ./.ssh/id_rsa

site.yml

@@ -6,3 +6,7 @@
 - hosts: loadbalancer
   roles:
     - nginx-loadbalancer
+
+- hosts: postgresql
+  roles:
+    - postgresql

templates/Vagrantfile.template

@@ -12,6 +12,7 @@ Vagrant.configure("2") do |config|
 
   num_webserver = #{numWebserver}
   num_loadbalancer = #{numLoadbalancers}
+  num_postgresql = #{numPostgresql}
 
   (1..num_webserver).each do |nth|
     machine_id = "#{customerName}-bloated-debian-web%d" % [nth]   
@@ -36,6 +37,25 @@ Vagrant.configure("2") do |config|
     machine_id = "#{customerName}-bloated-debian-lb%d" % [nth]  
     machine_ip = increment_ip()
 
+    config.vm.define machine_id do |web|
+      web.vm.box = "ubuntu/focal64"
+      web.vm.hostname = machine_id
+
+      web.vm.network "private_network", ip: machine_ip
+      web.vm.provision "file", source: "./.ssh/id_rsa.pub", destination: "~/.ssh/authorized_keys"
+
+      web.vm.provider "virtualbox" do |vb|
+        vb.memory = "1024"
+        vb.gui = false
+        vb.name = machine_id
+      end
+    end
+  end
+
+    (1..num_postgresql).each do |nth|
+    machine_id = "#{customerName}-bloated-debian-db%d" % [nth]  
+    machine_ip = increment_ip()
+
     config.vm.define machine_id do |web|
       web.vm.box = "ubuntu/focal64"
       web.vm.hostname = machine_id