diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7f4061d..c62f815 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,17 +11,26 @@ env: DOMAIN_NAME: "pr-${{ github.run_id }}-caddy" DOMAIN_SUFFIX: "test.stackhead.io" +# You should not need to change anything below. + jobs: smoke: name: Smoketest test-tf-generation runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - name: Install Ansible v2.10 alpha (GH actions currently uses 2.9) - run: ANSIBLE_SKIP_CONFLICT_CHECK=1 pip install --user ansible==2.10.0a9 && ansible --version + - name: Remove Python 2 and old Ansible 2.9 version + run: sudo apt purge python ansible -y + - name: Set up Python 3 + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Install Ansible v2.10.3 (GH actions currently uses 2.9) + run: pip install ansible==2.10.3 + - name: Print Ansible and Python version + run: ansible --version && python --version - name: Get latest StackHead version run: ansible-galaxy collection install git+https://github.com/getstackhead/stackhead.git,next -f - - run: pip install -r ./requirements/pip.txt - run: ansible-playbook ./__tests__/test-tf-generation.yml checkLabel: @@ -36,82 +45,81 @@ jobs: needs: checkLabel runs-on: ubuntu-latest if: github.event.pull_request.draft == false - env: - INVENTORY_PATH: __tests__/inventory.yml steps: - - uses: actions/checkout@v2 - - name: Set up Python 3 - uses: actions/setup-python@v2 - with: - python-version: '3.x' - - name: Uninstall old Ansible - run: ansible --version && sudo apt purge ansible -y - - name: Install Ansible v2.10 alpha (GH actions currently uses 2.9) - run: sudo python -m pip install ansible==2.10.0a9 && ansible --version - - run: pip install -r ./requirements/pip.txt - - name: Print Ansible version - run: ansible --version - - uses: webfactory/ssh-agent@v0.2.0 - with: - ssh-private-key: "${{ secrets.SSH_PRIVATE_KEY }}" - - name: Setup Hetzner server - id: setup_server - uses: saitho/hetzner-cloud-action@v1.1.0 - with: - action: create - server_name: "${{ env.DOMAIN_NAME }}" - server_image: ubuntu-18.04 - server_location: fsn1 - server_ssh_key_name: gh-actions - wait_for_ssh: 1 - env: - API_TOKEN: ${{ secrets.HETZNER_TOKEN }} - - name: Add DNS record - uses: saitho/create-dns-record@patch-1 - with: - type: "A" - name: "${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" - content: "${{ steps.setup_server.outputs.hcloud_server_created_ipv4 }}" - ttl: 1 - proxied: 0 - token: "${{ secrets.CLOUDFLARE_TOKEN }}" - zone: "${{ secrets.CLOUDFLARE_ZONE }}" - - name: Add DNS record for subdomain - uses: saitho/create-dns-record@patch-1 - with: - type: "A" - name: "sub.${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" - content: "${{ steps.setup_server.outputs.hcloud_server_created_ipv4 }}" - ttl: 1 - proxied: 0 - token: "${{ secrets.CLOUDFLARE_TOKEN }}" - zone: "${{ secrets.CLOUDFLARE_ZONE }}" - - uses: getstackhead/stackhead/actions/integration-test@next - with: - ipaddress: ${{ steps.setup_server.outputs.hcloud_server_created_ipv4 }} - domain: '${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}' - domain2: 'sub.${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}' - webserver: '${{ env.WEBSERVER }}' - rolename: '${{ env.ROLE_NAME }}' - - name: Remove DNS record - uses: saitho/delete-dns-record@saitho-patch-1 - if: always() - with: - name: "${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" - token: "${{ secrets.CLOUDFLARE_TOKEN }}" - zone: "${{ secrets.CLOUDFLARE_ZONE }}" - - name: Remove DNS record for subdomain - uses: saitho/delete-dns-record@saitho-patch-1 - if: always() - with: - name: "sub.${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" - token: "${{ secrets.CLOUDFLARE_TOKEN }}" - zone: "${{ secrets.CLOUDFLARE_ZONE }}" - - name: Remove Hetzner server - uses: saitho/hetzner-cloud-action@v1.1.0 - if: always() - with: - action: remove - server_id: "${{ steps.setup_server.outputs.hcloud_server_id }}" - env: - API_TOKEN: ${{ secrets.HETZNER_TOKEN }} + - uses: actions/checkout@v2 + - name: Remove Python 2 and old Ansible 2.9 version + run: sudo apt purge python ansible -y + - name: Set up Python 3 + uses: actions/setup-python@v2 + with: + python-version: '3.x' + - name: Install Ansible v2.10.3 (GH actions currently uses 2.9) + run: pip install ansible==2.10.3 + - name: Print Ansible and Python version + run: ansible --version && python --version + - uses: webfactory/ssh-agent@v0.4.1 + with: + ssh-private-key: "${{ secrets.SSH_PRIVATE_KEY }}" + - name: Setup Hetzner server + id: setup_server + uses: saitho/hetzner-cloud-action@v1.1.0 + with: + action: create + server_name: "${{ env.DOMAIN_NAME }}" + server_image: ubuntu-18.04 + server_location: fsn1 + server_ssh_key_name: gh-actions + wait_for_ssh: 1 + env: + API_TOKEN: ${{ secrets.HETZNER_TOKEN }} + - name: Add DNS record + uses: saitho/create-dns-record@patch-1 + with: + type: "A" + name: "${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" + content: "${{ steps.setup_server.outputs.hcloud_server_created_ipv4 }}" + ttl: 1 + proxied: 0 + token: "${{ secrets.CLOUDFLARE_TOKEN }}" + zone: "${{ secrets.CLOUDFLARE_ZONE }}" + - name: Add DNS record for subdomain + uses: saitho/create-dns-record@patch-1 + with: + type: "A" + name: "sub.${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" + content: "${{ steps.setup_server.outputs.hcloud_server_created_ipv4 }}" + ttl: 1 + proxied: 0 + token: "${{ secrets.CLOUDFLARE_TOKEN }}" + zone: "${{ secrets.CLOUDFLARE_ZONE }}" + - name: Install samdoran.caddy dependency + run: ansible-galaxy install samdoran.caddy,2.1.0 + - uses: getstackhead/stackhead/actions/integration-test@next + with: + ipaddress: ${{ steps.setup_server.outputs.hcloud_server_created_ipv4 }} + domain: '${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}' + domain2: 'sub.${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}' + webserver: '${{ env.WEBSERVER }}' + rolename: '${{ env.ROLE_NAME }}' + - name: Remove DNS record + uses: saitho/delete-dns-record@saitho-patch-1 + if: always() && !contains( github.event.pull_request.labels.*.name, 'action/keep-integration-stage') + with: + name: "${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" + token: "${{ secrets.CLOUDFLARE_TOKEN }}" + zone: "${{ secrets.CLOUDFLARE_ZONE }}" + - name: Remove DNS record for subdomain + uses: saitho/delete-dns-record@saitho-patch-1 + if: always() && !contains( github.event.pull_request.labels.*.name, 'action/keep-integration-stage') + with: + name: "sub.${{ env.DOMAIN_NAME }}.${{ env.DOMAIN_SUFFIX }}" + token: "${{ secrets.CLOUDFLARE_TOKEN }}" + zone: "${{ secrets.CLOUDFLARE_ZONE }}" + - name: Remove Hetzner server + uses: saitho/hetzner-cloud-action@v1.1.0 + if: always() && !contains( github.event.pull_request.labels.*.name, 'action/keep-integration-stage') + with: + action: remove + server_id: "${{ steps.setup_server.outputs.hcloud_server_id }}" + env: + API_TOKEN: ${{ secrets.HETZNER_TOKEN }} diff --git a/__tests__/test-tf-generation.yml b/__tests__/test-tf-generation.yml index aaa5614..8797a5d 100644 --- a/__tests__/test-tf-generation.yml +++ b/__tests__/test-tf-generation.yml @@ -11,9 +11,9 @@ with_items: "{{ app_config.domains }}" - block: - name: Generate Caddy Terraform file - import_tasks: "../tasks/steps/generate-serverconfig-tf.yml" + import_tasks: "{{ module_role_path | default(role_path) }}/tasks/caddy_steps/generate-serverconfig-tf.yml" - name: Generate Caddyfile - import_tasks: "../tasks/steps/generate-caddyfile-tf.yml" + import_tasks: "{{ module_role_path | default(role_path) }}/tasks/caddy_steps/generate-caddyfile-tf.yml" vars: module_role_path: ".." caddy_root: "." diff --git a/meta/main.yml b/meta/main.yml index 8f73e36..f377a52 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -14,8 +14,5 @@ galaxy_info: - caddyserver dependencies: - #- name: samdoran.caddy - # version: v1.0.0 - - src: git+https://github.com/saitho/ansible-role-caddy.git - version: caddy-v2 - name: samdoran.caddy + - name: samdoran.caddy + version: 2.1.0 diff --git a/stackhead-module.yml b/stackhead-module.yml index 150459d..6d7ba86 100644 --- a/stackhead-module.yml +++ b/stackhead-module.yml @@ -5,5 +5,3 @@ terraform: vendor: getstackhead name: caddy version: 1.0.1 - # deprecated: remove url with Terraform 0.13 in main project - url: https://github.com/getstackhead/terraform-caddy/releases/download/v1.0.0/terraform-provider-caddy diff --git a/tasks/steps/generate-caddyfile-tf.yml b/tasks/caddy_steps/generate-caddyfile-tf.yml similarity index 100% rename from tasks/steps/generate-caddyfile-tf.yml rename to tasks/caddy_steps/generate-caddyfile-tf.yml diff --git a/tasks/steps/generate-serverconfig-tf.yml b/tasks/caddy_steps/generate-serverconfig-tf.yml similarity index 67% rename from tasks/steps/generate-serverconfig-tf.yml rename to tasks/caddy_steps/generate-serverconfig-tf.yml index c2b2422..9a4fefd 100644 --- a/tasks/steps/generate-serverconfig-tf.yml +++ b/tasks/caddy_steps/generate-serverconfig-tf.yml @@ -1,5 +1,11 @@ --- - block: + - debug: + msg: "{{ module_role_path }}" + - debug: + msg: "{{ role_path|d() }}" + - debug: + msg: "{{ module_role_path|default(role_path) }}/templates/terraform/caddy_server.tf.j2" - template: src: "{{ module_role_path|default(role_path) }}/templates/terraform/caddy_server.tf.j2" dest: "{{ dest_file }}" diff --git a/tasks/destroy.yml b/tasks/destroy.yml deleted file mode 100644 index 3dc52fb..0000000 --- a/tasks/destroy.yml +++ /dev/null @@ -1,2 +0,0 @@ -# This task is executed when a project is destroyed. Usually empty. ---- diff --git a/tasks/load-config.yml b/tasks/load-config.yml deleted file mode 100644 index 0645040..0000000 --- a/tasks/load-config.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- include_vars: - file: "{{ module_role_path|default(role_path) }}/stackhead-module.yml" - name: "{{ include_varname }}" diff --git a/tasks/main.yml b/tasks/main.yml deleted file mode 100644 index ee57368..0000000 --- a/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- include_tasks: "{{ module_role_path|default(role_path) }}/tasks/{{ stackhead_action }}.yml" diff --git a/tasks/deploy.yml b/tasks/steps/deploy.yml similarity index 74% rename from tasks/deploy.yml rename to tasks/steps/deploy.yml index b350202..6ececb0 100644 --- a/tasks/deploy.yml +++ b/tasks/steps/deploy.yml @@ -1,9 +1,5 @@ # This task list generates the Caddy configuration for a project --- -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" - ignore_errors: yes - - name: Check if authentications are defined set_fact: auths_basic: "{{ auths_basic|default([]) + item.security.authentication }}" @@ -11,5 +7,5 @@ with_items: "{{ app_config.domains }}" - name: Generate Caddy Terraform file - include_tasks: "{{ module_role_path|default(role_path) }}/tasks/steps/generate-serverconfig-tf.yml" + include_tasks: "{{ module_role_path|default(role_path) }}/tasks/caddy_steps/generate-serverconfig-tf.yml" diff --git a/tasks/setup.yml b/tasks/steps/setup.yml similarity index 63% rename from tasks/setup.yml rename to tasks/steps/setup.yml index f4df3c2..8e87652 100644 --- a/tasks/setup.yml +++ b/tasks/steps/setup.yml @@ -1,18 +1,10 @@ # This task list sets up Caddy during server setup --- -- debug: - msg: "{{ caddy_install_source }}" -- debug: - msg: "{{ caddy_install_source }}" - vars: - caddy_install_source: package - name: Setup Caddy include_role: name: samdoran.caddy - vars: - caddy_install_source: package - name: Overwrite Caddyfile - include_tasks: "{{ module_role_path|default(role_path) }}/tasks/steps/generate-caddyfile-tf.yml" + include_tasks: "{{ module_role_path|default(role_path) }}/tasks/caddy_steps/generate-caddyfile-tf.yml" - name: Restart Caddy command: /bin/true notify: @@ -22,6 +14,6 @@ url: "http://{{ ansible_default_ipv4.address|default(ansible_all_ipv4_addresses[0]) }}" return_content: yes register: uri_result - until: '"Caddy web server" in uri_result.content' + until: '"Caddy" in uri_result.content' retries: 5 - delay: 1 + delay: 5 diff --git a/templates/caddy/Caddyfile.j2 b/templates/caddy/Caddyfile.j2 index 195e7f3..c5c15e8 100644 --- a/templates/caddy/Caddyfile.j2 +++ b/templates/caddy/Caddyfile.j2 @@ -1,7 +1,7 @@ #jinja2: trim_blocks:False { {% if lookup('env','TEST') == '1' %} acme_ca https://acme-staging-v02.api.letsencrypt.org/directory{% endif %} - email certificate@saitho.me + email {{ certificates_email_address }} } *:80 { @@ -10,4 +10,4 @@ file_server } -import conf.d/*.conf \ No newline at end of file +import conf.d/*.conf diff --git a/vars/main.yml b/vars/main.yml index a310c0f..c60b361 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,5 +1,3 @@ --- caddy_user: "stackhead" caddy_group: "stackhead" -caddy_version: "2.1.1" -caddy_install_source: "package"