-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.yml
134 lines (112 loc) · 4.3 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
- hosts: "all"
remote_user: "root"
become: true
become_user: "root"
become_method: "sudo"
force_handlers: true
pre_tasks:
- name: Update and upgrade apt packages
become: true
apt:
upgrade: yes
update_cache: yes
cache_valid_time: 86400 #One day
vars_files:
- "vault.yml"
roles:
- role: geerlingguy.docker
vars:
- docker_install_compose: true
tasks:
# This overrides the options passed to the Linux kernel by Grub to enable
# behaviour that Domjudge needs. See:
# https://www.domjudge.org/docs/manual/install-judgehost.html#linux-control-groups
# By writing this to a file named "99-..." we ensure that this file is
# loaded last and overrides the earlier override set by DigitalOcean.
- name: "Ensure required CGroup options are set"
copy:
content: 'GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 cgroup_enable=memory swapaccount=1"'
dest: "/etc/default/grub.d/99-sticky-domjudge-options.cfg"
register: "cmdline_file_result"
- name: "Rebuild grub if cmdline option changed"
command: "update-grub"
when: "cmdline_file_result.changed"
- name: "Reboot and wait for server to come back up if cmdline option changed"
reboot:
msg: "Rebooting from Ansible to apply cmdline change."
when: "cmdline_file_result.changed"
- name: "Copy caddy"
copy:
src: "files/caddy"
dest: "/usr/local/bin/caddy"
mode: "0755"
- name: "Copy Caddy systemd unit"
template:
src: "templates/etc/systemd/system/caddy.service.j2"
dest: "/etc/systemd/system/caddy.service"
- name: "Start Caddy"
systemd:
unit: "caddy.service"
state: "started"
enabled: true
daemon-reload: true
- name: "Render docker compose"
template:
src: "templates/docker-compose.yml.j2"
dest: "/root/docker-compose.yml"
- name: "Create judgehost folder"
file:
path: "/root/judgehost"
state: "directory"
mode: "0700"
- name: "Render judgehost dockerfile"
template:
src: "templates/judgehost/Dockerfile"
dest: "/root/judgehost/Dockerfile"
- name: "Copy install_languages script"
template:
src: "templates/judgehost/install_languages.sh"
dest: "/root/judgehost/install_languages.sh"
- name: "Start mariadb image"
command: "docker-compose up -d dj-mariadb"
args:
chdir: "/root"
- name: "Start domserver"
command: "docker-compose up -d dj-domserver"
args:
chdir: "/root"
- name: "install php7.4-cli"
apt:
name: "php7.4-cli"
state: "present"
- name: "hash password for admin user"
command: "php -r 'print password_hash(\"{{ vault.domjudge_admin_password }}\", PASSWORD_DEFAULT);'"
register: "admin_pw_hash_result"
- name: "hash password for judgehost user"
command: "php -r 'print password_hash(\"{{ vault.domjudge_judgehost_password }}\", PASSWORD_DEFAULT);'"
register: "judgehost_pw_hash_result"
- name: "ensure admin user has the password we define"
command: >
docker exec -it root_dj-mariadb_1
mysql -p{{ vault.mysql_root_password }} --batch -e
"INSERT INTO user (username, name, password)
VALUES ('admin', 'Administrator', '{{ admin_pw_hash_result.stdout }}')
ON DUPLICATE KEY UPDATE password='{{ admin_pw_hash_result.stdout }}';"
domjudge
- name: "ensure Judgehost user exists and has the password we define"
command: >
docker exec -it root_dj-mariadb_1
mysql -p{{ vault.mysql_root_password }} --batch -e
"INSERT INTO user (username, name, password)
VALUES ('judgehost', 'User for Judgehosts', '{{ judgehost_pw_hash_result.stdout }}')
ON DUPLICATE KEY UPDATE password='{{ judgehost_pw_hash_result.stdout }}';
INSERT IGNORE INTO userrole (userid, roleid) VALUES (
(SELECT userid FROM user WHERE username = 'judgehost'),
(SELECT roleid FROM role WHERE role = 'judgehost')
);"
domjudge
- name: "run the remainder of the services"
command: "docker-compose up --build -d"
- name: "run install_languages"
command: "docker exec -it root_dj-judgehost_1 /install_languages.sh"