Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add automated tests #3

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 46 additions & 0 deletions .github/workflows/molecule.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
---
on:
# Trigger the workflow on push or pull request,
# but only for the main branch
push:
branches:
- master
pull_request:
branches:
- master
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v2
with:
path: "${{ github.repository }}"
- name: molecule
uses: robertdebock/[email protected]
with:
command: lint
test:
needs:
- lint
runs-on: ubuntu-latest
strategy:
matrix:
image:
- geerlingguy/docker-ubuntu2004-ansible:latest
- geerlingguy/docker-ubuntu1804-ansible:latest
- geerlingguy/docker-ubuntu1604-ansible:latest
- geerlingguy/docker-centos7-ansible:latest
- geerlingguy/docker-centos6-ansible:latest
steps:
- name: checkout
uses: actions/checkout@v2
with:
path: "${{ github.repository }}"
- name: molecule
uses: robertdebock/[email protected]
with:
image: "${{ matrix.image }}"
options: parallel
env:
MOLECULE_DOCKER_IMAGE: "${{ matrix.image }}"
14 changes: 8 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
# Acro Media NFS Server/Client Ansible Roles

![.github/workflows/molecule.yml](https://github.com/AcroMedia/ansible-role-nfs/workflows/.github/workflows/molecule.yml/badge.svg)

This role contains 4 mini roles that all work together (see example playbook below):
* **acromedia.nfs/access**: Creates users / groups on clients + server
* **acromedia.nfs/client**: Installs software on your client node(s)
Expand Down Expand Up @@ -51,24 +53,24 @@ If you have configured web account users, you need to go look and and see if the
```yaml
---
# Variables required by the "nfs-access" role, used by both playbooks:
nfs_users:
nfs_groups:
# bigcorp is the user that owns the non-writeable files on our web server.
- name: bigcorp
gid: 1003
gid: 2889
system: false

# bigcorp-srv is what our PHP FPM process runs as.
- name: bigcorp-srv
gid: 999
gid: 889
system: true

nfs_groups:
nfs_users:
- name: bigcorp
uid: 1003
uid: 2889
system: false

- name: bigcorp-srv
uid: 999
uid: 889
system: true

nfs_share_dir: /var/www/bigcorp/wwwroot/sites/default/files
Expand Down
22 changes: 22 additions & 0 deletions molecule/default/INSTALL.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
*******
Docker driver installation guide
*******

Requirements
============

* Docker Engine

Install
=======

Please refer to the `Virtual environment`_ documentation for installation best
practices. If not using a virtual environment, please consider passing the
widely recommended `'--user' flag`_ when invoking ``pip``.

.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site

.. code-block:: bash

$ pip install 'molecule[docker]'
49 changes: 49 additions & 0 deletions molecule/default/converge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
---
- name: Converge I - Gather facts for all hosts (as its own play)
hosts: all
become: true
gather_facts: true

- name: Gather Facts II - Configure the NFS server
hosts: file_server
gather_facts: false
become: true
roles:
- name: Configure users + groups for NFS -- UIDs/GIDs must be identical to those on the client machines
role: ansible-role-nfs/access
# nfs_groups: See group_vars/all.yml

- name: Set up the NFS share(s)
role: ansible-role-nfs/shares
vars:
nfs_shares:
- path: "{{ nfs_share_dir }}"
owner: bigcorp
group: bigcorp-srv
mode: "2775"
allow_from:
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'

- name: Install the NFS service
role: ansible-role-nfs/server
vars:
# Optional: Force mount.d to listen on a single port, instead of letting it be dynamic.
# It makes firewall configuration simpler & safer.
nfs_mountd_port: 33333

- name: Converge III - Configure NFS client
hosts: app_node
gather_facts: false
become: true
roles:
- name: Configure users + groups for NFS
role: ansible-role-nfs/access
# nfs_groups: See group_vars/all.yml

- name: Install NFS client software & create the fstab entry.
role: ansible-role-nfs/client
vars:
nfs_client_share_mount_point: "{{ nfs_share_dir }}"
nfs_host: "{{ hostvars[file_server]['ansible_default_ipv4']['address'] }}"
28 changes: 28 additions & 0 deletions molecule/default/group_vars/all.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
---
# Variables required by the "nfs-access" role, used by both playbooks:
nfs_groups:
# bigcorp is the user that owns the non-writeable files on our web server.
- name: bigcorp
gid: 2889
system: false

# bigcorp-srv is what our PHP FPM process runs as.
- name: bigcorp-srv
gid: 889
system: true

nfs_users:
- name: bigcorp
uid: 2889
system: false

- name: bigcorp-srv
uid: 889
system: true

nfs_share_dir: /opt/nfs-share

# In our case, it's necessary for our main user to also be part of the group that writes the files to the share.
nfs_secondary_groups:
- user: bigcorp
secondary_group: bigcorp-srv
31 changes: 31 additions & 0 deletions molecule/default/molecule.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
---
dependency:
name: galaxy
driver:
name: docker
platforms:
- name: file_server
image: ${MOLECULE_DOCKER_IMAGE:-'geerlingguy/docker-ubuntu1604-ansible:latest'}
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- ./opt/:/opt:rw
privileged: true
pre_build_image: true
# instance_raw_config_args:
# - "vm.network 'forwarded_port', guest: 80, host: 8088"
- name: app_node
image: ${MOLECULE_DOCKER_IMAGE:-'geerlingguy/docker-ubuntu1604-ansible:latest'}
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
privileged: true
pre_build_image: true
# instance_raw_config_args:
# - "vm.network 'forwarded_port', guest: 80, host: 8088"
provisioner:
name: ansible
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
verifier:
name: ansible
Empty file.
5 changes: 5 additions & 0 deletions molecule/default/prepare.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
- name: Prepare
hosts: all
become: yes
gather_facts: yes
7 changes: 7 additions & 0 deletions molecule/default/verify.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
- name: Verify role
hosts: all
become: yes
gather_facts: yes

tasks: