From 8f93e4249aa4fb8089f3aefcb147deaa18dc0857 Mon Sep 17 00:00:00 2001 From: Lino Silva Date: Mon, 26 Jan 2026 15:43:43 +0000 Subject: [PATCH] feat: Add Reactive resume --- .../my-cluster/host_vars/reactive-resume | 6 ++ inventory/my-cluster/hosts.ini | 1 + playbook-53-reactive-resume.yml | 27 +++++++++ .../enable-ssh/tasks/main.yml | 12 ++++ .../install-app/tasks/main.yml | 28 +++++++++ .../install-app/templates/.env | 2 + .../install-app/templates/docker-compose.yml | 59 +++++++++++++++++++ .../install-docker/tasks/main.yml | 27 +++++++++ .../provision/create/tasks/main.yml | 30 ++++++++++ .../provision/delete/tasks/main.yml | 27 +++++++++ .../provision/start/tasks/main.yml | 8 +++ .../53-reactive-resume/update/tasks/main.yml | 6 ++ 12 files changed, 233 insertions(+) create mode 100644 inventory/my-cluster/host_vars/reactive-resume create mode 100644 playbook-53-reactive-resume.yml create mode 100644 roles/53-reactive-resume/enable-ssh/tasks/main.yml create mode 100644 roles/53-reactive-resume/install-app/tasks/main.yml create mode 100644 roles/53-reactive-resume/install-app/templates/.env create mode 100644 roles/53-reactive-resume/install-app/templates/docker-compose.yml create mode 100644 roles/53-reactive-resume/install-docker/tasks/main.yml create mode 100644 roles/53-reactive-resume/provision/create/tasks/main.yml create mode 100644 roles/53-reactive-resume/provision/delete/tasks/main.yml create mode 100644 roles/53-reactive-resume/provision/start/tasks/main.yml create mode 100644 roles/53-reactive-resume/update/tasks/main.yml diff --git a/inventory/my-cluster/host_vars/reactive-resume b/inventory/my-cluster/host_vars/reactive-resume new file mode 100644 index 0000000..67c382b --- /dev/null +++ b/inventory/my-cluster/host_vars/reactive-resume @@ -0,0 +1,6 @@ +--- + +ansible_user: root +ansible_host: 10.0.2.53 +ansible_ssh_pass: "{{ proxmox_api_password }}" +vmid: 653 diff --git a/inventory/my-cluster/hosts.ini b/inventory/my-cluster/hosts.ini index 90d10a3..fed5c69 100644 --- a/inventory/my-cluster/hosts.ini +++ b/inventory/my-cluster/hosts.ini @@ -33,6 +33,7 @@ technitium-dns technitium-dns-2 technitium-dns-3 hortusfox +reactive-resume [baremetal] mipha diff --git a/playbook-53-reactive-resume.yml b/playbook-53-reactive-resume.yml new file mode 100644 index 0000000..121c26b --- /dev/null +++ b/playbook-53-reactive-resume.yml @@ -0,0 +1,27 @@ +--- +- hosts: localhost + become: yes + roles: + - role: 53-reactive-resume/provision/delete + vars: + vmid: 653 + - role: 53-reactive-resume/provision/create + vars: + vmid: 653 + - role: 53-reactive-resume/provision/start + vars: + vmid: 653 + +- hosts: purah + become: yes + roles: + - role: 53-reactive-resume/enable-ssh + vars: + vmid: 653 + +- hosts: reactive-resume + become: yes + roles: + - role: 53-reactive-resume/update + - role: 53-reactive-resume/install-docker + - role: 53-reactive-resume/install-app diff --git a/roles/53-reactive-resume/enable-ssh/tasks/main.yml b/roles/53-reactive-resume/enable-ssh/tasks/main.yml new file mode 100644 index 0000000..5f43046 --- /dev/null +++ b/roles/53-reactive-resume/enable-ssh/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# Unable to use ansible.builtin.lineinfile, because we need to run this through the proxmox host (because SSH is not enabled duh) + +- name: Pause for 10 seconds to wait for SSH server + ansible.builtin.pause: + seconds: 10 + +- name: Allow SSH into LXC + ansible.builtin.command: lxc-attach -n 653 -- sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config + +- name: Restart SSH Service + ansible.builtin.command: lxc-attach -n 653 service ssh restart diff --git a/roles/53-reactive-resume/install-app/tasks/main.yml b/roles/53-reactive-resume/install-app/tasks/main.yml new file mode 100644 index 0000000..98d60c2 --- /dev/null +++ b/roles/53-reactive-resume/install-app/tasks/main.yml @@ -0,0 +1,28 @@ +--- +- name: Create directory for docker-compose + ansible.builtin.file: + path: /root/docker/ + state: directory + mode: "0755" + +- name: Copy .env file + template: + src: ".env" + dest: /root/docker/.env + owner: root + group: root + mode: 0755 + +- name: Copy docker-compose file + template: + src: "docker-compose.yml" + dest: /root/docker/docker-compose.yml + owner: root + group: root + mode: 0755 + +- name: Run docker-compose + ansible.builtin.shell: + args: + cmd: docker compose up -d + chdir: /root/docker/ diff --git a/roles/53-reactive-resume/install-app/templates/.env b/roles/53-reactive-resume/install-app/templates/.env new file mode 100644 index 0000000..035d4e9 --- /dev/null +++ b/roles/53-reactive-resume/install-app/templates/.env @@ -0,0 +1,2 @@ +POSTGRES_PASSWORD="F3yZ3MSXe2ybYQYh3bTH" +AUTH_SECRET="d61b8373b2045924d77d6d4523ccf1e060d9ecdd30107edb0162d75bd253e13c" diff --git a/roles/53-reactive-resume/install-app/templates/docker-compose.yml b/roles/53-reactive-resume/install-app/templates/docker-compose.yml new file mode 100644 index 0000000..327b720 --- /dev/null +++ b/roles/53-reactive-resume/install-app/templates/docker-compose.yml @@ -0,0 +1,59 @@ +services: + postgres: + image: postgres:16 + restart: unless-stopped + environment: + POSTGRES_DB: postgres + POSTGRES_USER: postgres + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + volumes: + - /data/postgres:/var/lib/postgresql/data + healthcheck: + test: ["CMD-SHELL", "pg_isready -U postgres -d postgres"] + interval: 10s + timeout: 5s + retries: 5 + env_file: + - .env + + printer: + image: ghcr.io/browserless/chromium:latest + restart: unless-stopped + environment: + - TIMEOUT=120000 + - CONCURRENT=10 + - HEALTH=true + - TOKEN=MFRwf6r4boksnR62QAsk + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:3000/pressure?token=MFRwf6r4boksnR62QAsk"] + interval: 30s + timeout: 10s + retries: 3 + env_file: + - .env + + app: + image: amruthpillai/reactive-resume:latest + restart: unless-stopped + environment: + - APP_URL=https://resume.lino.cooking + - PRINTER_APP_URL=http://app:3000 + - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres + - PRINTER_ENDPOINT=http://printer:3000 + - AUTH_SECRET=${AUTH_SECRET} + volumes: + - /data/app:/app/data + ports: + - "3000:3000" + depends_on: + postgres: + condition: service_healthy + printer: + condition: service_healthy + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:3000/api/health"] + interval: 30s + timeout: 10s + retries: 3 + env_file: + - .env diff --git a/roles/53-reactive-resume/install-docker/tasks/main.yml b/roles/53-reactive-resume/install-docker/tasks/main.yml new file mode 100644 index 0000000..d5baba9 --- /dev/null +++ b/roles/53-reactive-resume/install-docker/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Get convenience script + uri: + url: "https://get.docker.com" + method: GET + dest: /tmp/get-docker.sh + mode: a+x + creates: /tmp/get-docker.sh + +- name: Execute script + ansible.builtin.shell: /tmp/get-docker.sh + +- name: Ensure group "docker" exists + ansible.builtin.group: + name: docker + state: present + +- name: Add root user to docker group + ansible.builtin.user: + name: root + groups: docker + append: yes + +- name: Enable docker on startup + ansible.builtin.shell: | + systemctl enable docker.service + systemctl enable containerd.service diff --git a/roles/53-reactive-resume/provision/create/tasks/main.yml b/roles/53-reactive-resume/provision/create/tasks/main.yml new file mode 100644 index 0000000..d163439 --- /dev/null +++ b/roles/53-reactive-resume/provision/create/tasks/main.yml @@ -0,0 +1,30 @@ +--- +- name: Create container + community.general.proxmox: + vmid: 653 + node: purah + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + password: "{{ lxc_password }}" + hostname: reactive-resume + ostemplate: "local:vztmpl/debian-12-standard_12.12-1_amd64.tar.zst" + netif: "{'net0':'name=eth0,\ + gw=10.0.0.1,\ + ip=10.0.2.53/21,\ + hwaddr=cc:c6:cf:de:20:53,\ + bridge=vmbr0'}" + cores: 2 + memory: 2048 + unprivileged: no + swap: 0 + searchdomain: "home" + onboot: 1 + features: + - nesting=1 + - keyctl=1 + disk: purah-mirror-860gb:10 + mounts: '{ + "mp0":"purah-mirror-860gb:10,mp=/data,backup=1" + }' + force: yes diff --git a/roles/53-reactive-resume/provision/delete/tasks/main.yml b/roles/53-reactive-resume/provision/delete/tasks/main.yml new file mode 100644 index 0000000..cd7c256 --- /dev/null +++ b/roles/53-reactive-resume/provision/delete/tasks/main.yml @@ -0,0 +1,27 @@ +--- +- name: Stop container + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: stopped + ignore_errors: true + timeout: 90 + +- name: Remove containers + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: absent + ignore_errors: true + timeout: 90 + +- name: Remove .ssh/known_hosts lines + ansible.builtin.lineinfile: + path: /Users/lino.silva/.ssh/known_hosts + state: absent + regexp: "^10.0.2.53" + diff --git a/roles/53-reactive-resume/provision/start/tasks/main.yml b/roles/53-reactive-resume/provision/start/tasks/main.yml new file mode 100644 index 0000000..de86b9b --- /dev/null +++ b/roles/53-reactive-resume/provision/start/tasks/main.yml @@ -0,0 +1,8 @@ +--- +- name: Start deployments + community.general.proxmox: + vmid: "{{ vmid }}" + api_user: root@pam + api_password: "{{ proxmox_api_password }}" + api_host: 10.0.2.2 + state: started diff --git a/roles/53-reactive-resume/update/tasks/main.yml b/roles/53-reactive-resume/update/tasks/main.yml new file mode 100644 index 0000000..8227bf4 --- /dev/null +++ b/roles/53-reactive-resume/update/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: Update all packages to their latest version + become: true + ansible.builtin.apt: + update_cache: yes + upgrade: full