No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
init
inventory
templates
vagrant
vars
.gitignore
LICENSE.txt
README.md
Vagrantfile
install.yml
known_hosts.yml
requirements.yml

README.md

bookedscheduler-deploy-example

This project shows how to install [Booked] (https://www.bookedscheduler.com) with Ansible (see also https://github.com/hajaalin/ansible-role-bookedscheduler). The way to set up a test VM with Vagrant is copied from http://hakunin.com/six-ansible-practices.

Prerequisites

Download roles

ansible-galaxy install -f -r requirements.yml -p ./roles

Configuration files

  • vars/main.yml
  • inventory/group_vars/all
  • inventory/group_vars/dev/vars.yml
  • inventory/group_vars/test/vars.yml At least you need to check that the source code is found.
# use the default zip archive
booked_source: "local_archive"
booked_source_local_archive: "~/Downloads/booked-2.6.4.zip"

Managing secrets

Ansible Vault is used to store database passwords.

Best practice is to have vars.yml and vault.yml files in each subdirectory of group_vars. Edit vault.yml to define the actual secret variables. Use prefix vault_.

$ cat inventory/group_vars/dev/vault.yml
---
  vault_mysql_root_password: "big_secret_here"
  vault_booked_db_password: "another_secret_here"
  vault_booked_install_password: "and_another_one_here"

In vars.yml, the secrets are assigned to role variables.

$ head inventory/group_vars/dev/vars.yml
---
  # secrets from vault.yml
  mysql_root_password: "{{ vault_mysql_root_password }}"
  booked_db_password: "{{ vault_booked_db_password }}"
  booked_install_password: "{{ vault_booked_install_password }}"

Create new vault password file. If you don't have openssl installed, see alternatives.

mkdir ~/.ansible_vault_passes
openssl rand -base64 32 > ~/.ansible_vault_passes/bookedscheduler-deploy-example
chmod 0400 ~/.ansible_vault_passes/bookedscheduler-deploy-example

Then encrypt the vault.yml files.

ansible-vault encrypt --vault-password-file=~/.ansible_vault_passes/bookedscheduler-deploy-example inventory/group_vars/dev/vault.yml
ansible-vault encrypt --vault-password-file=~/.ansible_vault_passes/bookedscheduler-deploy-example inventory/group_vars/test/vault.yml

If you don't like to store the vault password in plain text, you can create and store it e.g. in KeePassX, and use option --ask-vault-pass instead.

Start test VM and install

# start dev VM
vagrant up

# install on dev VM
ansible-playbook --vault-password-file=~/.ansible_vault_passes/bookedscheduler-deploy-example -i inventory/dev install.yml

# browse to the address specified in Vagrantfile, e.g. https://192.168.39.11

Install on test server

ansible-playbook --vault-password-file=~/.ansible_vault_passes/bookedscheduler-deploy-example -i inventory/test install.yml --become --ask-become-pass