Ansible/bbb role #37
Ansible/bbb role #37
Conversation
|
TODO
|
|
Thanks for opening this one. I've found two links on installation steps for bigbluebuton + turn server. They may be useful:
I originally found them listed on the Enough forum here |
|
Another role here: https://github.com/stadtulm/a13-ansible/tree/master/roles Includes:
And another one here: https://gitlab.digitalcourage.de/ulif/bbb-dc-ansible/-/tree/master/ |
- Update all dependent roles to their latest version - Add and update configuration variables to reflect changes in upstream roles
- Remove defaults vars and add the ones changed to host_vars - Create a separate NodeJS npm user - Change log level to ERROR
- Change deprecated version_compare to version - Simplify minimum required version comparison - Bump minimum required Ansible version to 2.10.1 (ebbba-org/ansible-role-bigbluebutton#40)
francisco-core
force-pushed
the
ansible/bbb-role
branch
from
21df178
to
b31c8ef
Compare
|
I've updated the ansible version in the Pipfile so travis wouldn't fail and broke one line into two to pass the linting |
- Add Travis CI scripts to a separate directory - Bump versions of CI package dependencies - Fix rake command split in Ansible role - Overwrite Ansible galaxy role if it exists - Disable Letsencrypt in Molecule testing for BBB role
TODO: Make the tasks idempotent
Installing roles from ansible-galaxy results to non idempotent results.
anadahz
force-pushed
the
ansible/bbb-role
branch
from
0cfa237
to
93fa142
Compare
|
|
||
| roles: | ||
| - role: bigbluebutton | ||
| tags: molecule-idempotence-notest |
There was a problem hiding this comment.
What does this tag do? I would assume it disables the idempotence molecule test as you referred to as having issues, but I don't see this tag being referenced anywhere. How does it work?
There was a problem hiding this comment.
It is actually instruct molecule to not check for idempotency on this specific role.
We could add an issue to look into it and make idempotency work for this role.
There was a problem hiding this comment.
I think it's fine. It's just that I didn't see any code referencing this tag. Can you point me to the line where molecule does this? Or is it in the other commit?
There was a problem hiding this comment.
https://molecule.readthedocs.io/en/latest/configuration.html#id7
Molecule will skip tasks which are tagged with either molecule-notest or notest. With the tag molecule-idempotence-notest tasks are only skipped during the idempotence action step.
|
I think firewall rules are also missing, right? Or are you leaving this to configuration on the cloud provider? |
- Set globally minimum ansible version - Bump upstream dependency version of docker role
|
@francisco-core Thank you for reviewing the PR.
This role is already deployed to a host. There have been some changes mainly for the CI and Molecule.
Yes, this is currently missing. I haven't found a good plan to configure the firewall with ansible without using an external program like ufw. Do you have any ideas on how to set iptables with ansible? |
|
Addressed your comments above.
I think ufw is the best way of going about it. See here an example. |
Do you know if ufw interfers with the required iptables rules set by Docker and if it removes the iptables rules set by default on the server? |
Sorry. I haven't explored much how ufw works |
|
I think it's better to create a separate firewall role that will check if ports are open/closed as required on this and other roles. Given that I think that this role is good to be merged. |
|
good to be merged |
Work in Progress BigBlueButton Ansible role.