fix: current issues, STARTcloud/hcl_roles/issues/1, STARTcloud/hcl_ro…

…les/issues/2, STARTcloud/hcl_roles/issues/3, STARTcloud/hcl_roles/issues/4, STARTcloud/hcl_roles/issues/5, STARTcloud/hcl_roles/issues/6, /issues/3, /issues/4, /issues/5
STARTcloud · May 15, 2024 · 81d8032 · 81d8032
1 parent 8d9e14c
commit 81d8032
Show file tree

Hide file tree

Showing 5 changed files with 84 additions and 37 deletions.
diff --git a/hcl_domino_standalone_provisioner/Hosts.yml b/hcl_domino_standalone_provisioner/Hosts.yml
@@ -18,7 +18,7 @@ hosts:
       setup_wait: 300
       vagrant_user_private_key_path: ./core/ssh_keys/id_rsa
       vagrant_user: startcloud
-      vagrant_user_pass: 'STARTcloud22@!'
+      vagrant_user_pass: 'STARTcloud24@!'
       vagrant_insert_key: true
       ssh_forward_agent: true
       show_console: false
@@ -27,7 +27,7 @@ hosts:
       - type: external
         address: 192.168.2.227
         netmask: 255.255.255.0
-        gateway:
+        gateway: 192.168.2.1
         dhcp4: true
         dhcp6: false
         bridge:
@@ -52,13 +52,14 @@ hosts:
                 install_mode: pip
                 ssh_pipelining: true
                 verbose: false
+                remote_collections: true
               - script: ansible/playbook.yml
                 ansible_python_interpreter: /usr/bin/python3
                 compatibility_mode: 2.0
                 install_mode: pip
                 ssh_pipelining: true
                 verbose: true
-
+                remote_collections: true
     folders:
       - map: .
         to: /vagrant
@@ -86,31 +87,75 @@ hosts:
         type: rsync
 
     vars:
+      ## You can set global role variables here, look in the defaults folders for hints as to variables used by roles
       debug_all: true
+
+      ## --When using the default: demo.startcloud.com as the hostname and domain, we use the default-signed.crt certificates to provide a valid SSL--
+      ## The former line, is being phased out, now the startcloud_roles.ssl role will generate a CA, and sign a server certificate for the servers to use.
+      ## This CA root cert will need to be installed on the users machines, or they will need to bring their own SSL.
+      ## If the hostname and domain, ie demo.startcloud.com do not match the certificate we provide (ie demo.startcloud.com in default-signed.crt), some services may not start (ie nomadweb)
+      ## If a user does not mind using a self signed certificate for their development testing for their own domain  or are unable to replace the default-signed.crt files
+      ## they would set the below value to true so that the vm creates a SSL crt with the valid hostname, so that when the service compares the hostname it is to listen on and
+      ## the hostname the certificate is signed for it matches.
       selfsigned_enabled: true
       haproxy_ssl_redirect: true
 
-      domino_organization: STARTcloud
-      safe_notes_id: SAFE.IDS
+      # Domino Configuration Variables
+      domino_organization: STARTcloud # ::SERVER_ORGANIZATION::
+      safe_notes_id: SAFE.ids # ::USER_SAFE_ID:: 
       domino_admin_notes_id_password: "password"
-
-      domino_installer_fixpack_install: True
-
-      domino_server_clustermates: 0      
-      is_additional_server: false
-      use_existing_server_id: false
-      existing_server_id: "demo1.id"
-      existing_server: "demo0.startcloud.com"
-      existing_server_ip: "192.168.2.229"
+      domino_server_clustermates: 0 # ::DOMINO_SERVER_CLUSTERMATES::
+
+      # Additional server options
+      is_additional_server: false # ::DOMINO_IS_ADDITIONAL_INSTANCE::
+      #use_existing_server_id:  false # ::DOMINO_SERVER_CLUSTERMATE_ID_USE::
+      #existing_server_id: "demo1.id" # ::DOMINO_SERVER_CLUSTERMATES_ID:: 
+      #existing_server: "demo0.startcloud.com" # ::DOMINO_SERVER_CLUSTERMATE_SERVER:: 
+      #existing_server_ip: "192.168.2.227" # ::DOMINO_SERVER_CLUSTERMATE_IP:: 
 
       genesis_packages:
         - netmonitor
         - SuperHumanPortal
 
-    collections:
+      ## ORGNAME_CUSTOMCOLLECTION_variables:
+      ## Define Variables that the ORGNAME.CUSTOMCOLLECTION Roles will use if any.
+
+    collections: ## Note to SHI Devs, this is new and is required
       - startcloud.startcloud_roles
       - startcloud.hcl_roles
+      #- ORGNAME.CUSTOMCOLLECTION
+      ## How to Create a Custom Ansible Role Collection: 
+      ## https://www.cherryservers.com/blog/ansible-roles-tutorial
+      ## https://docs.ansible.com/ansible/latest/dev_guide/developing_collections_creating.html
+      ## My Instructions
+      ## 1. Install Ansible on your Local machine (or I guess do this inside the VM since it has Ansible already installed, though you will need to figure out how to auth with git)
+      ## 2. On your local machine, not the VM, navigate (cd) to Current instance of SHI provisioner files 
+      ##     IE: C:\Users\mgilbert\AppData\Roaming\SuperHumanInstallerDev\servers\demo-tasks\5225\provisioners\ansible\ansible_collections\
+      ## 3. Create a new directory that corresponds to your organization, ie startcloud, cd into that directory. (Note it is recommend to create a Repo for each org)
+      ## 4. Create the Collection Folder, and cd into that directory, then Create a(nother) Github Repo, git init (It is recommended to prepare this repo as a git submodule if you created a repo for your org)
+      ## 5. Create the roles folder, then navigate into that folder
+      ## 6. Initialize the Role ansible-galaxy init CUSTOMROLE
+      ## 7. Modify Tasks, Remove optional unneeded folders/files
+      ## 8. Save work and commit
+      ## 9. Update this section of the Hosts.yml to include your collection
+      ## 10. Update the Roles section to include the role(s) you create using their FQCN.
+      ##     Note: if you want to run JUST your role, after the server has already been provisioned once, then comment out ALL the other roles. (work to be done in the future, like tagging, to do this)
+      ## 11. Then you can run 'vagrant rsync && vagrant provision' This will synchronize your role onto the SHI VM.
+      ## Doing it this way, gives you:
+      ##    1. A local copy of you dev scripts
+      ##    2. Provides others a copy via github of your dev scripts
+      ##    2. The ability to run your custom role right now without waiting for a new release of SHI
+      ##
+      ## In the end however, for not Prominic/Moonshine Developers we should use the GitHubs Repo URL to install the Role
+      ## There are two approaches for this:
+      ## 1. We have SHI, run the ansible-galaxy command to install the role into ansible_collections/ORGNAME/CUSTOMCOLLECTION folder aka: https://docs.ansible.com/ansible/latest/collections_guide/collections_installing.html
+      ##     caveat, we haven't been requiring users to install Ansible for SHI to work
+      ##     We could use git, to clone their repo into this path
+      ## 2. We have SHI, pass the github URL to the custom collection, and seperate role called startcloud_roles.custom_collections,
+      ##      will then download that role and then execute it (caveat this only downloads the collection into the VM and NOT into the Local copy of the SHI provisoner -- Role to be created based on feedback)
+      ## 3. SHI updates the requirements.yml, which if Hosts.yml, the ansible provisioner has "remote_collections: true", then it will install the collection in the VM
 
+    ## Note to SHI Devs, each role has a meta/main.yml, If you want to know the roles Description, check this file.
     roles:
       - name: startcloud.startcloud_roles.setup
       - name: startcloud.startcloud_roles.networking
@@ -122,28 +167,30 @@ hosts:
       - name: startcloud.startcloud_roles.sdkman_maven
       - name: startcloud.startcloud_roles.sdkman_gradle
       - name: startcloud.startcloud_roles.ssl
-      - name: startcloud.hcl_roles.domino_reset
+      #- name: startcloud.hcl_roles.domino_reset
       - name: startcloud.hcl_roles.domino_install
-      - name: startcloud.hcl_roles.domino_vagrant_rest_api
+      - name: startcloud.hcl_roles.domino_vagrant_rest_api 
       - name: startcloud.hcl_roles.domino_service_nash
       - name: startcloud.hcl_roles.domino_java_config
       - name: startcloud.hcl_roles.domino_java_tools
       - name: startcloud.hcl_roles.domino_updatesite
-      - name: startcloud.hcl_roles.domino_config
+      - name: startcloud.hcl_roles.domino_config 
       - name: startcloud.hcl_roles.domino_genesis
       - name: startcloud.hcl_roles.domino_genesis_applications
       - name: startcloud.hcl_roles.domino_cross_certify
-      #- name: startcloud.hcl_roles.domino_leap
-      #- name: startcloud.hcl_roles.domino_nomadweb
-      #- name: startcloud.hcl_roles.domino_traveler
-      #- name: startcloud.hcl_roles.domino_traveler_htmo
-      #- name: startcloud.hcl_roles.domino_verse
-      #- name: startcloud.hcl_roles.domino_appdevpack
-      #- name: startcloud.hcl_roles.domino_rest_api
-      #- name: startcloud.hcl_roles.domino_vagrant_readme
-      #- name: startcloud.startcloud_roles.mariadb
-      #- name: startcloud.hcl_roles.voltmx
-      - name: startcloud.startcloud_roles.quick_start
-      - name: startcloud.startcloud_roles.vagrant_readme
-      - name: startcloud.startcloud_roles.haproxy
-      - name: startcloud.startcloud_roles.lockdown
+      #- name: startcloud.hcl_roles.domino_java_app_example ## Uncomment Me to build your own Domino Java Servlet
+      #- name: startcloud.hcl_roles.domino_leap ::ROLE_LEAP:: 
+      - name: startcloud.hcl_roles.domino_nomadweb # ::ROLE_NOMADWEB:: 
+      #- name: startcloud.hcl_roles.domino_traveler ::ROLE_TRAVELER:: 
+      #- name: startcloud.hcl_roles.domino_traveler_htmo ::ROLE_TRAVELER_HTMO:: 
+      #- name: startcloud.hcl_roles.domino_verse ::ROLE_VERSE:: 
+      #- name: startcloud.hcl_roles.domino_appdevpack ::ROLE_APPDEVPACK:: 
+      #- name: startcloud.hcl_roles.domino_rest_api ::ROLE_RESTAPI:: ## Note to SHI devs, This should be called ROLE_DOMINO_RESTAPI, as this is different than startcloud.hcl_roles.domino_vagrant_rest_api
+      - name: startcloud.hcl_roles.domino_vagrant_readme
+      #- name: startcloud.startcloud_roles.mariadb ::ROLE_MARIADB::  
+      #- name: startcloud.hcl_roles.voltmx ::ROLE_VOLTMX::  
+      - name: startcloud.startcloud_roles.quick_start # ::ROLE_STARTCLOUD_QUICK_START::
+      #- name: ORGNAME.CUSTOMCOLLECTION.example_role # ::ROLE_STARTCLOUD_EXAMPLE_ROLE:: ## This is a role that people can look to clone for their own use
+      - name: startcloud.startcloud_roles.haproxy # ::ROLE_STARTCLOUD_HAPROXY::
+      - name: startcloud.startcloud_roles.vagrant_readme # ::ROLE_STARTCLOUD_VAGRANT_README::
+      - name: startcloud.startcloud_roles.lockdown ## New Role, changes default users SSH key, and password. Note this will break Ansibles ability to connect if its not the last role
diff --git a/hcl_domino_standalone_provisioner/core b/hcl_domino_standalone_provisioner/core
diff --git a/hcl_domino_standalone_provisioner/provisioners/ansible/ansible.cfg b/hcl_domino_standalone_provisioner/provisioners/ansible/ansible.cfg
@@ -10,7 +10,7 @@
 [defaults]
 enable_task_debugger = False
 # some basic default values...
-#strategy = debug
+strategy = debug
 #inventory      = /etc/ansible/hosts
 #library        = /usr/share/my_modules/
 #module_utils   = /usr/share/my_module_utils/
@@ -68,7 +68,7 @@ stdout_callback =  yaml
 check_mode_markers = true
 #
 #[callback_log_plays]
-log_folder = /home/startcloud/output
+log_folder = ./output
 
 ## Ansible ships with some plugins that require whitelisting,
 ## this is done to avoid running all of a type by default.

diff --git a/...mino_standalone_provisioner/provisioners/ansible/ansible_collections/startcloud/hcl_roles b/...mino_standalone_provisioner/provisioners/ansible/ansible_collections/startcloud/hcl_roles
diff --git a/...andalone_provisioner/provisioners/ansible/ansible_collections/startcloud/startcloud_roles b/...andalone_provisioner/provisioners/ansible/ansible_collections/startcloud/startcloud_roles