This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

Added THE MATRIX!

  • Loading branch information...
BR0kEN- committed Mar 4, 2016
1 parent f0264c3 commit f16f349bbbbdeb1a74f73194cedd545dc96099e7
Showing with 531 additions and 2 deletions.
  1. +1 −0 .gitignore
  2. +1 −0 README.md
  3. +5 −2 inventory
  4. +48 −0 matrix/README.md
  5. BIN matrix/docs/screenshots/vbox1.png
  6. BIN matrix/docs/screenshots/vbox2.png
  7. BIN matrix/docs/screenshots/vbox3.png
  8. +43 −0 matrix/matrix.yml
  9. +5 −0 matrix/roles/apt/defaults/main.yml
  10. +22 −0 matrix/roles/apt/tasks/main.yml
  11. +9 −0 matrix/roles/nginx/defaults/main.yml
  12. +34 −0 matrix/roles/nginx/tasks/main.yml
  13. +23 −0 matrix/roles/nginx/tasks/vhost/disable.yml
  14. +17 −0 matrix/roles/nginx/tasks/vhost/enable.yml
  15. +10 −0 matrix/roles/nginx/templates/configs/auth.j2
  16. +8 −0 matrix/roles/nginx/templates/configs/ssl.j2
  17. +3 −0 matrix/roles/php-fpm/defaults/main.yml
  18. +12 −0 matrix/roles/php-fpm/tasks/main.yml
  19. +7 −0 matrix/roles/phpvirtualbox/defaults/main.yml
  20. +30 −0 matrix/roles/phpvirtualbox/tasks/configure.yml
  21. +11 −0 matrix/roles/phpvirtualbox/tasks/install.yml
  22. +19 −0 matrix/roles/phpvirtualbox/tasks/main.yml
  23. +5 −0 matrix/roles/phpvirtualbox/templates/phpvirtualbox.j2
  24. +3 −0 matrix/roles/ssl/defaults/main.yml
  25. +9 −0 matrix/roles/ssl/tasks/main.yml
  26. +3 −0 matrix/roles/virtualbox/defaults/main.yml
  27. +20 −0 matrix/roles/virtualbox/tasks/extensions.yml
  28. +17 −0 matrix/roles/virtualbox/tasks/main.yml
  29. +3 −0 matrix/roles/virtualbox/tasks/network.yml
  30. +4 −0 matrix/roles/virtualmachine/defaults/main.yml
  31. +8 −0 matrix/roles/virtualmachine/tasks/check.yml
  32. +16 −0 matrix/roles/virtualmachine/tasks/download.yml
  33. +17 −0 matrix/roles/virtualmachine/tasks/main.yml
  34. +18 −0 matrix/templates/nginx/location-slash.j2
  35. +22 −0 matrix/templates/nginx/vhosts/phpvirtualbox.j2
  36. +23 −0 matrix/templates/nginx/vhosts/virtualbox.j2
  37. +23 −0 matrix/vars/apt.yml
  38. +11 −0 matrix/vars/nginx.yml
  39. +3 −0 matrix/vars/php-fpm.yml
  40. +7 −0 matrix/vars/phpvirtualbox.yml
  41. +3 −0 matrix/vars/ssl.yml
  42. +4 −0 matrix/vars/virtualbox.yml
  43. +4 −0 matrix/vars/virtualmachine.yml
@@ -4,6 +4,7 @@
!.gitmodules

!cmf/
!matrix/
!roles/
!scripts/
!vagrant/
@@ -17,6 +17,7 @@ The power of the system - simplicity. All provisioning is the same for local and

## Main possibilities

- Create matrix of virtual servers (droplets)
- Automated builds for every commit in a pull request on GitHub (private repositories supported).
- Multi CMS/CMF support. To add support of a new one, you just need to put pre-configurations to `cmf/<NAME>/<MAJOR_VERSION>` and ensure that core files can be downloaded via Git.
- Opportunity to keep multiple projects on the same CI server.
@@ -1,5 +1,8 @@
# This is Ansible inventory file. It includes hosts where playbooks will run.
# Visit for more information: http://docs.ansible.com/ansible/intro_inventory.html

[br0ken]
185.86.76.75 ansible_user=root
[matrix]
m2.propeople.com.ua ansible_user=root

[matrix-cibox01]
cibox01.m2.propeople.com.ua ansible_user=root ansible_port=2201
@@ -0,0 +1,48 @@
# Matrix

With this tool you able to create own matrix with virtual servers.

Let's describe a structure and technologies. First of all, we need to get acquainted with two basic terms: `host` and `droplet`.

- `host` - is a physical computer (server);
- `droplet` - is a virtual machine, located on the `host`.

As much as needed droplets can be created on a host machine (depending on hardware configuration, of course).

Host machine operates only by minimal set of software:

- VirtualBox
- NGINX
- PHP
- phpVirtualBox

Every virtual server has it own private network, which forwarding to a host. For example, you have 10 virtual server. Each of them forwards three ports to a host: `80<NN>`, `88<NN>` and `22<NN>` (`<NN>` - is a serial number of a virtual server). NGINX is listening every `8x<NN>` port on a host and forwards connection inside of VS. `80<NN>` forwards to 80, `88<NN>` - to 443. `22<NN>` forwards to 22, for SSH connections.

That's all! And that's cool! Every virtual server can be additionally provisioned by main `cibox` tool to convert it to CI server.

```ascii
████████╗ ██╗ ██╗ ███████╗ ███╗ ███╗ █████╗ ████████╗ ██████╗ ██╗ ██╗ ██╗
╚══██╔══╝ ██║ ██║ ██╔════╝ ████╗ ████║ ██╔══██╗ ╚══██╔══╝ ██╔══██╗ ██║ ╚██╗██╔╝
██║ ███████║ █████╗ ██╔████╔██║ ███████║ ██║ ██████╔╝ ██║ ╚███╔╝
██║ ██╔══██║ ██╔══╝ ██║╚██╔╝██║ ██╔══██║ ██║ ██╔══██╗ ██║ ██╔██╗
██║ ██║ ██║ ███████╗ ██║ ╚═╝ ██║ ██║ ██║ ██║ ██║ ██║ ██║ ██╔╝ ██╗
╚═╝ ╚═╝ ╚═╝ ╚══════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝
```

## Usage

Add your own host inside of `inventory` file and run the following command:

```shell
./cibox matrix/matrix.yml --limit=<HOSTNAME>
```

## Port forwarding

![Click on the Network](docs/screenshots/vbox1.png)
![Click on the Port forwarding](docs/screenshots/vbox2.png)
![Configure ports](docs/screenshots/vbox3.png)

phpVirtualBox will be available on the domain which you have to [configure](matrix.yml#L5). Imagine that it is: `m2.propeople.com.ua`. As you can see on the screenshots, every port ends by `01`. This means that domain for VM will be `cibox01.propeople.com.ua`.

Why `cibox<NN>`? [Look there](matrix.yml#L6) for the answer.
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -0,0 +1,43 @@
---
- hosts: all

vars:
domain: m2.propeople.com.ua
application: cibox

vars_files:
- vars/apt.yml
- vars/virtualbox.yml
- vars/ssl.yml
- vars/php-fpm.yml
- vars/nginx.yml
- vars/phpvirtualbox.yml
- vars/virtualmachine.yml

pre_tasks:
- name: Check Ansible compatibility
fail:
msg: "You need Ansible {{ ansible_version.major }} or better on your host machine!"
when: "{{ ansible_version.major }} < 2"

roles:
- role: apt
tags: ["apt"]

- role: virtualbox
tags: ["vb"]

- role: ssl
tags: ["ssl"]

- role: php-fpm
tags: ["php-fpm"]

- role: nginx
tags: ["nginx"]

- role: phpvirtualbox
tags: ["phpvb"]

- role: virtualmachine
tags: ["vm"]
@@ -0,0 +1,5 @@
---
apt:
keys: []
packages: []
repositories: []
@@ -0,0 +1,22 @@
---
- name: Add repository
apt_repository:
repo: "{{ item }}"
state: present
with_items: "{{ apt.repositories }}"

- name: Add key
apt_key:
url: "{{ item }}"
state: present
# That's funny, but "apt.keys" returns a method of the object.
# Just add execution brackets and get the object keys.
with_items: "{{ apt['keys'] }}"

- name: Install package
apt:
pkg: "{{ item }}"
state: latest
update_cache: yes
cache_valid_time: 600
with_items: "{{ apt.packages }}"
@@ -0,0 +1,9 @@
---
nginx:
httpauth: yes
htpasswd:
path: /etc/nginx/.htpasswd
user: admin
pass: admin

allowed_ip: []
@@ -0,0 +1,34 @@
---
- name: Create config
template:
src: "{{ item }}"
dest: "/etc/nginx/{{ item | basename | replace('.j2', '') }}"
with_fileglob: "templates/configs/*.j2"

- name: Create .htpasswd
htpasswd:
path: "{{ nginx.htpasswd.path }}"
name: "{{ nginx.htpasswd.user }}"
password: "{{ nginx.htpasswd.pass }}"
crypt_scheme: apr_md5_crypt

# rm -rf /etc/nginx/sites-[enabled|available]/
- include: vhost/disable.yml
args:
arg: "{{ item }}"
with_items:
- state: absent
recurse: no
- state: directory
recurse: yes

- include: vhost/enable.yml
args:
host: "{{ item }}"
with_fileglob: "{{ playbook_dir }}/templates/nginx/vhosts/*.j2"

- name: Restart NGINX
service:
name: nginx
state: restarted
enabled: yes
@@ -0,0 +1,23 @@
---
- name: Disable NGINX hosts
file:
path: /etc/nginx/sites-enabled
state: "{{ arg.state }}"
force: yes
recurse: "{{ arg.recurse }}"

- name: Disable NGINX hosts
file:
path: /etc/nginx/sites-available
state: "{{ arg.state }}"
force: yes
recurse: "{{ arg.recurse }}"

# @todo Remove code above and uncomment below when an issue will be fixed: https://github.com/ansible/ansible/issues/14146
#- name: Disable NGINX hosts
# file:
# path: "/etc/nginx/sites-{{ item }}"
# state: "{{ arg.state }}"
# force: yes
# recurse: "{{ arg.recurse }}"
# with_items: ["enabled", "available"]
@@ -0,0 +1,17 @@
---
- name: Enable NGINX host
template:
src: "{{ host }}"
dest: "/etc/nginx/sites-enabled/{{ host | basename | replace('.j2', '') }}"

- name: Enable NGINX host
template:
src: "{{ host }}"
dest: "/etc/nginx/sites-available/{{ host | basename | replace('.j2', '') }}"

# @todo Remove code above and uncomment below when an issue will be fixed: https://github.com/ansible/ansible/issues/14146
#- name: Enable NGINX host
# template:
# src: "{{ host }}"
# dest: "/etc/nginx/sites-{{ item }}/{{ host | basename | replace('.j2', '') }}"
# with_items: ["enabled", "available"]
@@ -0,0 +1,10 @@
# {{ ansible_managed }}

satisfy any;
{% for ip in nginx.allowed_ip %}
allow {{ ip }};
{% endfor %}
deny all;

auth_basic "Restricted";
auth_basic_user_file {{ nginx.htpasswd.path }};
@@ -0,0 +1,8 @@
ssl on;
ssl_ciphers HIGH:!aNULL:!MD5:!kEDH;
ssl_session_cache shared:SSL:10m;
ssl_prefer_server_ciphers on;

ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security 'max-age=31536000';
@@ -0,0 +1,3 @@
---
php_fpm:
port: 9000
@@ -0,0 +1,12 @@
---
- name: Configure php-fpm to work via TCP
replace:
dest: /etc/php5/fpm/pool.d/www.conf
regexp: "^listen.*sock$"
replace: "listen=127.0.0.1:{{ php_fpm.port }}"

- name: Start service and enable it on a boot
service:
name: php5-fpm
state: restarted
enabled: yes
@@ -0,0 +1,7 @@
---
phpvirtualbox:
path: /var/www/phpvirtualbox
package: http://netassist.dl.sourceforge.net/project/phpvirtualbox/phpvirtualbox-5.0-5.zip
user:
user: vbox
pass: vbox
@@ -0,0 +1,30 @@
---
- name: Create config
copy:
src: "{{ phpvirtualbox.path }}/config.php-example"
dest: "{{ phpvirtualbox.path }}/config.php"

- name: Configure
replace:
dest: "{{ phpvirtualbox.path }}/config.php"
regexp: '^var \${{ item.search }}.*;$'
replace: "var ${{ item.search }} = '{{ item.replace }}';"
with_dict:
- search: "username"
replace: "{{ phpvirtualbox.user.user }}"

- search: "password"
replace: "{{ phpvirtualbox.user.pass }}"

- search: "vrdeports"
replace: "9001-9100"

- name: Create user
user:
name: "{{ phpvirtualbox.user.user }}"
password: "{{ phpvirtualbox.user.pass }}"

- name: Configure VBoxWeb user
template:
src: phpvirtualbox.j2
dest: /etc/default/virtualbox
@@ -0,0 +1,11 @@
---
- name: Install phpVirtualBox
unarchive:
src: "{{ phpvirtualbox.package }}"
dest: "{{ phpvirtualbox.path }}"
copy: no

- name: Rename directory
shell: "mv {{ phpvirtualbox.path }}/{{ phpvirtualbox.package | basename | splitext | first }} {{ phpvirtualbox.path }}"

- include: configure.yml
@@ -0,0 +1,19 @@
---
- name: Ensure directory for phpVirtualBox exists
file:
path: "{{ phpvirtualbox.path }}"
state: directory

- name: Check if phpVirtualBox already installed
stat:
path: "{{ phpvirtualbox.path }}/vboxinit"
register: _phpvirtualbox

- include: install.yml
when: not _phpvirtualbox.stat.exists

- name: Restart VBoxWeb service
service:
name: vboxweb-service
state: restarted
enabled: yes
@@ -0,0 +1,5 @@
# {{ ansible_managed }}

VBOXWEB_USER={{ phpvirtualbox.user.user }}
VBOXWEB_HOST=127.0.0.1
VBOXWEB_PORT=18083
@@ -0,0 +1,3 @@
---
ssl:
path: /etc/ssl/private
@@ -0,0 +1,9 @@
---
- name: Ensure directory for SSL certificates exists
file:
path: "{{ ssl.path }}"
state: directory
recurse: yes

- name: Create self-signed SSL certificate
command: "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -subj '/C=US' -keyout {{ ssl.path }}/ssl.key -out {{ ssl.path }}/ssl.crt"
@@ -0,0 +1,3 @@
---
virtualbox:
extensions: []
@@ -0,0 +1,20 @@
---
- name: Set directory for extensions
set_fact:
vbox_extensions_dir: /root/vbox/extensions

- name: Ensure that directory for extensions exists
file:
path: "{{ vbox_extensions_dir }}"
state: directory
recurse: yes

- name: Download extension
get_url:
url: "{{ item }}"
dest: "{{ vbox_extensions_dir }}/{{ item | basename }}"
with_items: "{{ virtualbox.extensions }}"

- name: Install extension
shell: "VBoxManage extpack install {{ vbox_extensions_dir }}/{{ item | basename }}"
with_items: "{{ virtualbox.extensions }}"
Oops, something went wrong.

0 comments on commit f16f349

Please sign in to comment.