From 6311cd46787705f1d777260ac280c955095a7572 Mon Sep 17 00:00:00 2001
From: Bryan Kendall <bryan@runnable.com>
Date: Tue, 19 Apr 2016 16:53:57 -0700
Subject: [PATCH 1/2] refactored proxied services to new role

---
 ansible/eru.yml                               | 10 +-
 ansible/roles/eru/tasks/main.yml              | 49 ----------
 .../nginx-proxied-service/tasks/main.yml      | 95 +++++++++++++++++++
 .../templates/00-nginx-status.conf            |  0
 .../templates/01-socket-server.conf           |  4 +-
 .../templates/11-eru-server.conf              |  4 +-
 ansible/roles/socket-proxy/files/nginx.conf   | 74 ---------------
 ansible/roles/socket-proxy/handlers/main.yml  |  7 --
 ansible/roles/socket-proxy/tasks/main.yml     | 50 ----------
 ansible/socket-server.yml                     | 11 +--
 10 files changed, 107 insertions(+), 197 deletions(-)
 delete mode 100644 ansible/roles/eru/tasks/main.yml
 create mode 100644 ansible/roles/nginx-proxied-service/tasks/main.yml
 rename ansible/roles/{socket-proxy => nginx-proxied-service}/templates/00-nginx-status.conf (100%)
 rename ansible/roles/{socket-proxy => nginx-proxied-service}/templates/01-socket-server.conf (93%)
 rename ansible/roles/{eru => nginx-proxied-service}/templates/11-eru-server.conf (88%)
 delete mode 100644 ansible/roles/socket-proxy/files/nginx.conf
 delete mode 100644 ansible/roles/socket-proxy/handlers/main.yml
 delete mode 100644 ansible/roles/socket-proxy/tasks/main.yml

diff --git a/ansible/eru.yml b/ansible/eru.yml
index 51652336..78184040 100644
--- a/ansible/eru.yml
+++ b/ansible/eru.yml
@@ -10,9 +10,7 @@
   - { role: notify, tags: [ notify ] }
   - { role: builder, tags: [ build ] }
   - role: container_start
-
-- hosts: socket-server-proxy
-  vars_files:
-  - group_vars/alpha-eru.yml
-  roles:
-  - role: eru
+  - role: nginx-proxied-service
+    nginx_host: "{{ groups['api-socket-proxy'][0] }}"
+    target_ip_address: "{{ groups['eru'][0].ansible_default_ipv4.address }}"
+    templates: [ 11-eru-server.conf ]
diff --git a/ansible/roles/eru/tasks/main.yml b/ansible/roles/eru/tasks/main.yml
deleted file mode 100644
index edf0aa24..00000000
--- a/ansible/roles/eru/tasks/main.yml
+++ /dev/null
@@ -1,49 +0,0 @@
----
-- name: get ports from eru
-  delegate_to: "{{ groups['eru'][0] }}"
-  tags: [ config, deploy ]
-  become: true
-  shell: |
-    for c in $(docker ps | awk '/eru/{ print $1 }'); do
-      docker port $c 5501 | cut -d ':' -f 2
-      docker port $c 5502 | cut -d ':' -f 2
-    done
-  args:
-    executable: /bin/bash
-  register: ports
-
-- name: register IP as variable
-  tags: [ config, deploy ]
-  set_fact:
-    eru_server_hostname: "{{ hostvars[groups['eru'][0]].ansible_default_ipv4.address }}"
-
-- name: make nginx config directory
-  tags: [ config, deploy ]
-  become: yes
-  file:
-    state: directory
-    dest: /etc/nginx
-
-- name: put configuration in place
-  tags: [ config, deploy ]
-  become: yes
-  template:
-    src: "{{ item }}"
-    dest: /etc/nginx/sites-available/{{ item }}
-  with_items:
-    - 11-eru-server.conf
-
-- name: link configuration
-  tags: [ config, deploy ]
-  become: yes
-  file:
-    state: link
-    dest: /etc/nginx/sites-enabled/{{ item }}
-    src: /etc/nginx/sites-available/{{ item }}
-  with_items:
-    - 11-eru-server.conf
-
-- name: reload nginx
-  tags: [ config, deploy ]
-  become: yes
-  shell: docker ps | awk '/nginx/{ print $1 }' | xargs -n 1 docker kill --signal SIGHUP
diff --git a/ansible/roles/nginx-proxied-service/tasks/main.yml b/ansible/roles/nginx-proxied-service/tasks/main.yml
new file mode 100644
index 00000000..de659e6b
--- /dev/null
+++ b/ansible/roles/nginx-proxied-service/tasks/main.yml
@@ -0,0 +1,95 @@
+---
+# these are pretty hacky, but it should work
+# Get port information from the hosted service
+- name: get eru ports
+  when: "{{ name }} == eru"
+  tags: [ configure_proxy, deploy ]
+  become: true
+  shell: |
+    for c in $(docker ps | awk '/eru/{ print $1 }'); do
+      docker port $c 5501 | cut -d ':' -f 2
+      docker port $c 5502 | cut -d ':' -f 2
+    done
+  args:
+    executable: /bin/bash
+  register: target_ports
+
+- name: get socket server ports
+  when: "{{ name }} == api-socket-server"
+  tags: [ configure_proxy, deploy ]
+  become: true
+  shell: |
+    for c in $(docker ps | awk '/api-socket-server/{ print $1 }'); do
+      docker port $c 80 | cut -d ':' -f 2
+    done
+  args:
+    executable: /bin/bash
+  register: target_ports
+
+# everything from this point on is deligated to the nginx host
+
+- name: print target ports
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  debug:
+    msg: ports -- {{ target_ports }}
+
+- name: print target IP address
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  debug:
+    msg: ip -- {{ target_ip_address }}
+
+- name: assert nginx config directory
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  become: yes
+  file:
+    state: directory
+    dest: /etc/nginx
+
+- name: assert nginx sites-available directory
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  become: yes
+  file:
+    state: directory
+    dest: /etc/nginx/sites-available
+
+- name: assert nginx sites-enable directory
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  become: yes
+  file:
+    state: directory
+    dest: /etc/nginx/sites-enable
+
+- name: put configuration in place
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  become: yes
+  template:
+    src: "{{ item }}"
+    dest: /etc/nginx/sites-available/{{ item }}
+  with_items: "{{ templates }}"
+
+- name: link configuration to enable
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  become: yes
+  file:
+    state: link
+    dest: /etc/nginx/sites-enabled/{{ item }}
+    src: /etc/nginx/sites-available/{{ item }}
+  with_items: "{{ templates }}"
+
+- name: reload nginx
+  delegate_to: "{{ nginx_host }}"
+  tags: [ configure_proxy, deploy ]
+  become: yes
+  shell: >
+    docker ps |
+    awk '/nginx/{ print $1 }' |
+    xargs -n 1 docker kill --signal SIGHUP
+  args:
+    executable: /bin/bash
diff --git a/ansible/roles/socket-proxy/templates/00-nginx-status.conf b/ansible/roles/nginx-proxied-service/templates/00-nginx-status.conf
similarity index 100%
rename from ansible/roles/socket-proxy/templates/00-nginx-status.conf
rename to ansible/roles/nginx-proxied-service/templates/00-nginx-status.conf
diff --git a/ansible/roles/socket-proxy/templates/01-socket-server.conf b/ansible/roles/nginx-proxied-service/templates/01-socket-server.conf
similarity index 93%
rename from ansible/roles/socket-proxy/templates/01-socket-server.conf
rename to ansible/roles/nginx-proxied-service/templates/01-socket-server.conf
index 9fe9437b..f6efe0df 100644
--- a/ansible/roles/socket-proxy/templates/01-socket-server.conf
+++ b/ansible/roles/nginx-proxied-service/templates/01-socket-server.conf
@@ -5,8 +5,8 @@ map $http_upgrade $connection_upgrade {
 
 upstream socketserver {
   sticky;
-  {% for port in ports.stdout_lines -%}
-  server {{ socket_server_hostname }}:{{ port }};
+  {% for port in target_ports.stdout_lines -%}
+  server {{ target_ip_address }}:{{ port }};
   {% endfor %}
 }
 
diff --git a/ansible/roles/eru/templates/11-eru-server.conf b/ansible/roles/nginx-proxied-service/templates/11-eru-server.conf
similarity index 88%
rename from ansible/roles/eru/templates/11-eru-server.conf
rename to ansible/roles/nginx-proxied-service/templates/11-eru-server.conf
index 97ab710f..ba59f847 100644
--- a/ansible/roles/eru/templates/11-eru-server.conf
+++ b/ansible/roles/nginx-proxied-service/templates/11-eru-server.conf
@@ -35,7 +35,7 @@ server {
 
   location / {
     expires 300;
-    proxy_pass http://{{ eru_server_hostname }}:{{ ports.stdout_lines[0] | trim }};
+    proxy_pass http://{{ target_ip_address }}:{{ target_ports.stdout_lines[0] | trim }};
     proxy_set_header Host $host;
     proxy_set_header x-real-ip $remote_addr;
     proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
@@ -44,7 +44,7 @@ server {
   }
 
   location /graphql {
-    proxy_pass http://{{ eru_server_hostname }}:{{ ports.stdout_lines[1] | trim }};
+    proxy_pass http://{{ target_ip_address }}:{{ target_ports.stdout_lines[1] | trim }};
     proxy_set_header Host $host;
     proxy_set_header x-real-ip $remote_addr;
     proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
diff --git a/ansible/roles/socket-proxy/files/nginx.conf b/ansible/roles/socket-proxy/files/nginx.conf
deleted file mode 100644
index 85403025..00000000
--- a/ansible/roles/socket-proxy/files/nginx.conf
+++ /dev/null
@@ -1,74 +0,0 @@
-user www-data;
-worker_processes 4;
-pid /run/nginx.pid;
-daemon off;
-
-events {
-	worker_connections 768;
-	# multi_accept on;
-}
-
-http {
-
-	##
-	# Basic Settings
-	##
-
-	sendfile on;
-	tcp_nopush on;
-	tcp_nodelay on;
-	keepalive_timeout 65;
-	types_hash_max_size 2048;
-	server_tokens off;
-
-	# server_names_hash_bucket_size 64;
-	# server_name_in_redirect off;
-
-	include /etc/nginx/mime.types;
-	default_type application/octet-stream;
-
-	##
-	# Logging Settings
-	##
-
-	access_log /var/log/nginx/access.log;
-	error_log /var/log/nginx/error.log;
-
-	##
-	# Gzip Settings
-	##
-
-	gzip on;
-	gzip_disable "msie6";
-
-	# gzip_vary on;
-	# gzip_proxied any;
-	# gzip_comp_level 6;
-	# gzip_buffers 16 8k;
-	# gzip_http_version 1.1;
-	# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
-
-	##
-	# nginx-naxsi config
-	##
-	# Uncomment it if you installed nginx-naxsi
-	##
-
-	#include /etc/nginx/naxsi_core.rules;
-
-	##
-	# nginx-passenger config
-	##
-	# Uncomment it if you installed nginx-passenger
-	##
-
-	#passenger_root /usr;
-	#passenger_ruby /usr/bin/ruby;
-
-	##
-	# Virtual Host Configs
-	##
-
-	include /etc/nginx/conf.d/*.conf;
-	include /etc/nginx/sites-enabled/*;
-}
diff --git a/ansible/roles/socket-proxy/handlers/main.yml b/ansible/roles/socket-proxy/handlers/main.yml
deleted file mode 100644
index 567c37e0..00000000
--- a/ansible/roles/socket-proxy/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-- name: restart nginx
-  tags: [ config ]
-  become: yes
-  service:
-    name: nginx
-    state: restarted
diff --git a/ansible/roles/socket-proxy/tasks/main.yml b/ansible/roles/socket-proxy/tasks/main.yml
deleted file mode 100644
index bd516127..00000000
--- a/ansible/roles/socket-proxy/tasks/main.yml
+++ /dev/null
@@ -1,50 +0,0 @@
----
-- name: get ports from socket-server
-  delegate_to: "{{ groups['socket-server'][0] }}"
-  tags: [ config, deploy ]
-  become: true
-  shell: "for c in $(docker ps | awk '/api-socket-server/{ print $1 }'); do docker port $c 80 | cut -d ':' -f 2; done"
-  args:
-    executable: /bin/bash
-  register: ports
-
-- name: register socket server IP as variable
-  tags: [ config, deploy ]
-  set_fact:
-    socket_server_hostname: "{{ hostvars[groups['socket-server'][0]].ansible_default_ipv4.address }}"
-
-- name: make nginx config directory
-  tags: [ config, deploy ]
-  become: yes
-  file:
-    state: directory
-    dest: /etc/nginx
-
-- name: list files in config directory
-  tags: [ config, deploy ]
-  become: yes
-  command: ls /etc/nginx/sites-available
-  register: sites_available
-
-- name: remove all sites
-  tags: [ config, deploy ]
-  become: yes
-  command: rm -f {{ item }}
-  with_items: "{{ sites_available.stdout_lines }}"
-
-- name: put configuration in place
-  tags: [ config, deploy ]
-  become: yes
-  template:
-    src: "{{ item }}"
-    dest: /etc/nginx/sites-available/{{ item }}
-  with_items:
-    - 00-nginx-status.conf
-    - 01-socket-server.conf
-
-- name: put nginx configuration in place
-  tags: [ config, deploy ]
-  become: yes
-  copy:
-    src: nginx.conf
-    dest: /etc/nginx/nginx.conf
diff --git a/ansible/socket-server.yml b/ansible/socket-server.yml
index 9a5d43c5..c8db1746 100644
--- a/ansible/socket-server.yml
+++ b/ansible/socket-server.yml
@@ -22,10 +22,7 @@
   - { role: tls-client, tls_service: mongodb, tags: [ tls ] }
   - { role: datadog, tags: [ datadog ] }
   - { role: container_start, number_of_containers: 8 }
-
-- hosts: socket-server-proxy
-  vars_files:
-    - group_vars/alpha-proxy-socket-server.yml
-  roles:
-  - role: socket-proxy
-  - role: container_restart
+  - role: nginx-proxied-service
+    nginx_host: "{{ groups['api-socket-proxy'][0] }}"
+    target_ip_address: "{{ groups['socket-server'][0].ansible_default_ipv4.address }}"
+    templates: [ 01-socket-server.conf ]

From 4842e6d5b9058e49ac82d022b9b67b6e466d0d81 Mon Sep 17 00:00:00 2001
From: Bryan Kendall <bryan@runnable.com>
Date: Tue, 19 Apr 2016 17:09:54 -0700
Subject: [PATCH 2/2] fixes for vars and hosts

---
 ansible/eru.yml                                      |  5 +++--
 ansible/roles/nginx-proxied-service/tasks/main.yml   | 12 +++++++-----
 .../templates/01-socket-server.conf                  |  2 +-
 .../templates/11-eru-server.conf                     |  4 ++--
 ansible/socket-server.yml                            |  5 +++--
 5 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/ansible/eru.yml b/ansible/eru.yml
index 78184040..779e40b9 100644
--- a/ansible/eru.yml
+++ b/ansible/eru.yml
@@ -2,6 +2,7 @@
 - hosts: consul
 - hosts: mongodb
 - hosts: redis
+- hosts: socket-server-proxy
 
 - hosts: eru
   vars_files:
@@ -11,6 +12,6 @@
   - { role: builder, tags: [ build ] }
   - role: container_start
   - role: nginx-proxied-service
-    nginx_host: "{{ groups['api-socket-proxy'][0] }}"
-    target_ip_address: "{{ groups['eru'][0].ansible_default_ipv4.address }}"
+    nginx_host: "{{ groups['socket-server-proxy'][0] }}"
+    target_ip_address: "{{ hostvars[groups['eru'][0]]['ansible_default_ipv4']['address'] }}"
     templates: [ 11-eru-server.conf ]
diff --git a/ansible/roles/nginx-proxied-service/tasks/main.yml b/ansible/roles/nginx-proxied-service/tasks/main.yml
index de659e6b..53ba553a 100644
--- a/ansible/roles/nginx-proxied-service/tasks/main.yml
+++ b/ansible/roles/nginx-proxied-service/tasks/main.yml
@@ -2,7 +2,7 @@
 # these are pretty hacky, but it should work
 # Get port information from the hosted service
 - name: get eru ports
-  when: "{{ name }} == eru"
+  when: name == "eru"
   tags: [ configure_proxy, deploy ]
   become: true
   shell: |
@@ -12,10 +12,10 @@
     done
   args:
     executable: /bin/bash
-  register: target_ports
+  register: eru_target_ports
 
 - name: get socket server ports
-  when: "{{ name }} == api-socket-server"
+  when: name == "api-socket-server"
   tags: [ configure_proxy, deploy ]
   become: true
   shell: |
@@ -24,7 +24,7 @@
     done
   args:
     executable: /bin/bash
-  register: target_ports
+  register: socket_target_ports
 
 # everything from this point on is deligated to the nginx host
 
@@ -32,7 +32,9 @@
   delegate_to: "{{ nginx_host }}"
   tags: [ configure_proxy, deploy ]
   debug:
-    msg: ports -- {{ target_ports }}
+    msg: |
+      eru ports -- {{ eru_target_ports }}
+      socket ports -- {{ socket_target_ports }}
 
 - name: print target IP address
   delegate_to: "{{ nginx_host }}"
diff --git a/ansible/roles/nginx-proxied-service/templates/01-socket-server.conf b/ansible/roles/nginx-proxied-service/templates/01-socket-server.conf
index f6efe0df..ecbde2b1 100644
--- a/ansible/roles/nginx-proxied-service/templates/01-socket-server.conf
+++ b/ansible/roles/nginx-proxied-service/templates/01-socket-server.conf
@@ -5,7 +5,7 @@ map $http_upgrade $connection_upgrade {
 
 upstream socketserver {
   sticky;
-  {% for port in target_ports.stdout_lines -%}
+  {% for port in socket_target_ports.stdout_lines -%}
   server {{ target_ip_address }}:{{ port }};
   {% endfor %}
 }
diff --git a/ansible/roles/nginx-proxied-service/templates/11-eru-server.conf b/ansible/roles/nginx-proxied-service/templates/11-eru-server.conf
index ba59f847..06c8f692 100644
--- a/ansible/roles/nginx-proxied-service/templates/11-eru-server.conf
+++ b/ansible/roles/nginx-proxied-service/templates/11-eru-server.conf
@@ -35,7 +35,7 @@ server {
 
   location / {
     expires 300;
-    proxy_pass http://{{ target_ip_address }}:{{ target_ports.stdout_lines[0] | trim }};
+    proxy_pass http://{{ target_ip_address }}:{{ eru_target_ports.stdout_lines[0] | trim }};
     proxy_set_header Host $host;
     proxy_set_header x-real-ip $remote_addr;
     proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
@@ -44,7 +44,7 @@ server {
   }
 
   location /graphql {
-    proxy_pass http://{{ target_ip_address }}:{{ target_ports.stdout_lines[1] | trim }};
+    proxy_pass http://{{ target_ip_address }}:{{ eru_target_ports.stdout_lines[1] | trim }};
     proxy_set_header Host $host;
     proxy_set_header x-real-ip $remote_addr;
     proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
diff --git a/ansible/socket-server.yml b/ansible/socket-server.yml
index c8db1746..586ec589 100644
--- a/ansible/socket-server.yml
+++ b/ansible/socket-server.yml
@@ -7,6 +7,7 @@
 - hosts: redis
 - hosts: swarm-manager
 - hosts: consul
+- hosts: socket-server-proxy
 
 - hosts: socket-server
   vars_files:
@@ -23,6 +24,6 @@
   - { role: datadog, tags: [ datadog ] }
   - { role: container_start, number_of_containers: 8 }
   - role: nginx-proxied-service
-    nginx_host: "{{ groups['api-socket-proxy'][0] }}"
-    target_ip_address: "{{ groups['socket-server'][0].ansible_default_ipv4.address }}"
+    nginx_host: "{{ groups['socket-server-proxy'][0] }}"
+    target_ip_address: "{{ hostvars[groups['socket-server'][0]]['ansible_default_ipv4']['address'] }}"
     templates: [ 01-socket-server.conf ]