From fe40debf8631c3dfc35c248c485c8ce995e40fd0 Mon Sep 17 00:00:00 2001
From: decfox <mehul@openobservatory.org>
Date: Wed, 18 Dec 2024 17:01:15 +0530
Subject: [PATCH] refactor: apply clickhouse proxy ansible configs

---
 ansible/deploy-clickhouse-proxy.yml           | 22 ++++++++++---------
 ansible/deploy-clickhouse.yml                 |  6 ++---
 ansible/inventory                             |  3 +++
 ansible/roles/bootstrap/tasks/main.yml        |  1 +
 ansible/roles/clickhouse_proxy/tasks/main.yml |  9 ++++++++
 .../clickhouse_proxy/templates/99-stream.conf |  2 +-
 6 files changed, 29 insertions(+), 14 deletions(-)

diff --git a/ansible/deploy-clickhouse-proxy.yml b/ansible/deploy-clickhouse-proxy.yml
index 803b1b1..233ace4 100644
--- a/ansible/deploy-clickhouse-proxy.yml
+++ b/ansible/deploy-clickhouse-proxy.yml
@@ -1,11 +1,13 @@
 ---
-## - name: Deploy clickhouse proxy
-  ## hosts:
-    ## - clickhouseproxy.dev.ooni.io
-  ## roles:
-    ## - role: bootstrap
-    ## - role: nginx
-      ## tags: nginx
-    ## - role: clickhouse_proxy
-      ## vars: 
-        ## clickhouse_url: "" # fetch from AWS secrets
+- name: Deploy clickhouse proxy
+  hosts:
+    - clickhouseproxy.dev.ooni.io
+  become: true
+  roles:
+    - role: bootstrap
+    - role: nginx
+      tags: nginx
+    - role: clickhouse_proxy
+      vars: 
+        clickhouse_url: "clickhouse3.prod.ooni.io"
+        clickhouse_port: 9000
diff --git a/ansible/deploy-clickhouse.yml b/ansible/deploy-clickhouse.yml
index 55cbc01..f082fa0 100644
--- a/ansible/deploy-clickhouse.yml
+++ b/ansible/deploy-clickhouse.yml
@@ -1,9 +1,9 @@
 ---
 - name: Deploy oonidata clickhouse hosts
   hosts:
-    # - notebook.ooni.org
-    # - data1.htz-fsn.prod.ooni.nu
-    # - data2.htz-fsn.prod.ooni.nu
+    - notebook.ooni.org
+    - data1.htz-fsn.prod.ooni.nu
+    - data2.htz-fsn.prod.ooni.nu
     - data3.htz-fsn.prod.ooni.nu
   become: true
   tags:
diff --git a/ansible/inventory b/ansible/inventory
index a44f8d4..6861739 100644
--- a/ansible/inventory
+++ b/ansible/inventory
@@ -22,3 +22,6 @@ data3.htz-fsn.prod.ooni.nu
 
 [ghs-ams]
 openvpn-server1.ooni.io
+
+[aws-proxy]
+clickhouseproxy.dev.ooni.io
diff --git a/ansible/roles/bootstrap/tasks/main.yml b/ansible/roles/bootstrap/tasks/main.yml
index 500d58f..2b65c61 100644
--- a/ansible/roles/bootstrap/tasks/main.yml
+++ b/ansible/roles/bootstrap/tasks/main.yml
@@ -68,6 +68,7 @@
 
 - name: install systemd-resolved
   tags: resolved
+  ignore_errors: yes # some ubuntu hosts do not have the systemd-resolved package
   ansible.builtin.apt:
     install_recommends: no
     cache_valid_time: 86400
diff --git a/ansible/roles/clickhouse_proxy/tasks/main.yml b/ansible/roles/clickhouse_proxy/tasks/main.yml
index 1697d13..5f18a27 100644
--- a/ansible/roles/clickhouse_proxy/tasks/main.yml
+++ b/ansible/roles/clickhouse_proxy/tasks/main.yml
@@ -1,4 +1,13 @@
 ---
+- name: Create the modules-enabled directory if not exists
+  tags: webserv
+  ansible.builtin.file:
+    path: /etc/nginx/modules-enabled
+    state: directory
+    mode: 0755
+    owner: root
+    group: root
+
 - name: Add stream nginx config
   tags: webserv
   template:
diff --git a/ansible/roles/clickhouse_proxy/templates/99-stream.conf b/ansible/roles/clickhouse_proxy/templates/99-stream.conf
index c5b8062..22f5a0f 100644
--- a/ansible/roles/clickhouse_proxy/templates/99-stream.conf
+++ b/ansible/roles/clickhouse_proxy/templates/99-stream.conf
@@ -1,6 +1,6 @@
 stream {
     upstream clickhouse_backend {
-        server {{ clickhouse_url }};
+        server {{ clickhouse_url }}:{{ clickhouse_port }};
     }
 
     server {