fix: add all variables and custom installer, add tests

.gitlab-ci.yml

@@ -0,0 +1,5 @@
+---
+
+test:
+  script:
+    - molecule --debug test

.travis.yml

@@ -0,0 +1,15 @@
+---
+
+language: python
+python: "2.7"
+sudo: required
+services:
+  - docker
+
+install: pip install molecule docker-py
+script:
+  - export MOLECULE_APTPROXY_PATH="$PWD/00aptproxy" && touch "$MOLECULE_APTPROXY_PATH"
+  - molecule --debug test
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

README.md

@@ -0,0 +1,9 @@
+# ansible-role-server-scripts
+Install [popstas/server-scripts](https://github.com/popstas/server-scripts).
+
+## Required variables:
+- server_scripts_mailto
+- server_scripts_backups_dbdump_remote_user
+- server_scripts_backups_dbdump_remote_host
+
+Also check cron tasks.

defaults/main.yml

@@ -1,7 +1,88 @@
 ---
-server_scripts_version: v0.2.21
+server_scripts_version: v0.2.24
+server_scripts_install_path: /usr/share/server-scripts
+server_scripts_logs_base_path: /var/log/server-scripts
+
+server_scripts_detect_viruses_path: /home
+
+#server_scripts_mailto: [email protected] # required
+server_scripts_dbdump_dir: /var/backups/sql
+server_scripts_dbdump_log: "{{ server_scripts_logs_base_path }}/mysql_backup.log"
+#server_scripts_dbdump_remote_user: backup # required
+#server_scripts_dbdump_remote_host: backup.remote.com # required
+server_scripts_dbdump_remote_dir: "{{ server_scripts_dbdump_dir }}/{{ ansible_fqdn }}"
+server_scripts_dbdump_excluded_dbs: "_test$"
+
+server_scripts_check_dirs: |
+  "{{ server_scripts_dbdump_dir }}" \
+  "/var/log" \
+
+server_scripts_db_size_names_file: "{{ server_scripts_logs_base_path }}/db_size_names.log"
+server_scripts_db_size_sizes_file: "{{ server_scripts_logs_base_path }}/db_size_sizes.log"
+server_scripts_db_size_cache_mins: 30
+
+server_scripts_domains_check_dns: "8.8.8.8"
+server_scripts_domains_assert_ip: "your_server_ip"
+
+server_scripts_detect_viruses_log: "{{ server_scripts_logs_base_path }}/detect-viruses.log"
+server_scripts_detect_viruses_php_signatures: 'eval(base64_decode\|eval(stripslashes\|FilesMan\|WSO_VERSION\|\$sF=\"PCT4BA6ODSE_\"\|\$qV=\"stop_\"\|=chr('
+server_scripts_detect_viruses_js_signatures: "document.write(unescape"
+
+server_scripts_drupal_build_archives_projects_root: /usr/local/drupal
+server_scripts_drupal_build_archives_build_root: "{{ server_scripts_drupal_build_archives_projects_root }}/build"
+
+server_scripts_drupal_enable_caches_cache_livetime: 43200
+server_scripts_drupal_enable_caches_page_cache_maximum_age: 300
+
+server_scripts_drupal_get_drupals_root_level: 4 # for /home/user/www/example.com
+server_scripts_drupal_get_drupals_site_excluded_file: ".excluded"
+server_scripts_drupal_get_drupals_site_info_file: ".info"
+
+server_scripts_drupal_get_password_length: 12
+
+server_scripts_influxdb_annotate_host: ""
+server_scripts_influxdb_annotate_port: ""
+server_scripts_influxdb_annotate_user: ""
+server_scripts_influxdb_annotate_password: ""
+server_scripts_influxdb_annotate_database: ""
+
+server_scripts_influxdb_clientstat_nginx_log: /var/log/nginx/clientstat.access.log
+
+server_scripts_influxdb_sites_load_time_enabled: 0
+server_scripts_influxdb_sites_load_log_file: /var/log/nginx/access.log
+
+server_scripts_influxdb_ssh_add_keys_path: /root/ssh-public-keys
+
+
+
+
 server_scripts_cron_tasks:
-  - name: "detect-viruses"
-    hour: 3
-    minute: 40
-    job: "ionice -c3 detect-viruses /home"
+  - name: "server-scripts: backups_check"
+    hour: 10
+    minute: 10
+    job: "backups-check"
+
+  - name: "server-scripts: db-size"
+    hour: 7
+    minute: 2
+    job: "db-size"
+
+  - name: "server-scripts: detect-viruses"
+    hour: 6
+    minute: 0
+    job: "ionice -c3 detect-viruses {{ server_scripts_detect_viruses_path }}"
+
+  - name: "server-scripts: drupal-build-archives"
+    hour: "8-18"
+    minute: 59
+    job: "drupal-build-archives"
+
+  - name: "server-scripts: mysql_backup backup"
+    hour: "8,11,16,22"
+    minute: 5
+    job: "ionice -c mysql_backup backup"
+
+  - name: "server-scripts: mysql_backup backup and send and clean"
+    hour: 5
+    minute: 5
+    job: "ionice -c mysql_backup backup && mysql_backup send && mysql_backup clean"

meta/main.yml

@@ -1,3 +1,17 @@
 ---
-dependencies:
-  - { role: cron, cron_tasks: "{{server_scripts_cron_tasks}}" }
+galaxy_info:
+  author: Stanislav Popov
+  company: Viasite
+  description: Install popstas/server-scripts
+  license: MIT
+  min_ansible_version: 1.8
+  platforms:
+    - name: Ubuntu
+      versions:
+        - trusty
+        - xenial
+  categories:
+    - system
+    - drupal
+    - web
+dependencies: []

molecule.yml

@@ -0,0 +1,23 @@
+---
+dependency:
+  name: galaxy
+
+driver:
+  name: docker
+docker:
+  containers:
+    - name: ansible-role-server-scripts
+      image: ubuntu
+      image_version: latest
+      volume_mounts:
+        - ${MOLECULE_APTPROXY_PATH}:/etc/apt/apt.conf.d/00aptproxy
+      ansible_groups:
+        - group1
+
+ansible:
+  playbook: tests/playbook.yml
+  group_vars:
+    all:
+      server_scripts_mailto: [email protected]
+      server_scripts_dbdump_remote_host: backup.remote.com
+      server_scripts_dbdump_remote_user: backup

tasks/main.yml

@@ -1,19 +1,64 @@
 ---
+
+- name: Ensure cron and git installed
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - cron
+    - git
+  tags: server-scripts
+
 - name: Sync server-scripts
   git:
-    repo=https://github.com/popstas/server-scripts.git
-    dest=/usr/local/src/server-scripts
-    version={{ server_scripts_version }}
-    force=yes
-  register: server_scripts_sync
+    repo: https://github.com/popstas/server-scripts.git
+    version: "{{ server_scripts_version }}"
+    dest: "{{ server_scripts_install_path }}"
+    force: yes
+  register: register_server_scripts_sync
+  tags: server-scripts
+
+- name: Check symlinks exists
+  stat:
+    path: /usr/local/bin/dbdump
+  register: server_scripts_register_check_symlinks
+  tags: server-scripts
+
+- name: Create executable links
+  command: find "{{ server_scripts_install_path }}/bin" -type f -exec ln -s {} /usr/local/bin \;
+  when: not server_scripts_register_check_symlinks.stat.exists
   tags: server-scripts
 
-- name: Install server-scripts
-  command:
-    /usr/local/src/server-scripts/install.sh -y
-  when: server_scripts_sync.changed
+- name: Create log directory
+  file:
+    path: "{{ server_scripts_logs_base_path }}"
+    state: directory
+    owner: root
+    group: root
+    mode: 0700
   tags: server-scripts
 
 - name: server-scripts config
-  template: src=server-scripts.conf.j2 dest=/etc/server-scripts.conf owner=root mode=0644
+  template:
+    src: server-scripts.conf.j2
+    dest: /etc/server-scripts.conf
+    owner: root
+    group: root
+    mode: 0644
   tags: server-scripts
+
+- name: Configuring cron tasks
+  cron:
+    cron_file: "{{ item.cron_file | default(omit) }}"
+    day: "{{ item.day | default(omit) }}"
+    hour: "{{ item.hour | default(omit) }}"
+    job: "{{ item.job | default(omit) }}"
+    minute: "{{ item.minute | default(omit) }}"
+    month: "{{ item.month | default(omit) }}"
+    name: "{{ item.name | default(item) }}"
+    special_time: "{{ item.special_time | default(omit) }}"
+    state: "{{ item.state | default(omit) }}"
+    user: "{{ item.user | default(omit) }}"
+    weekday: "{{ item.weekday | default(omit) }}"
+  with_items: "{{ server_scripts_cron_tasks }}"
+  tags: [ server-scripts, cron ]

templates/server-scripts.conf.j2

@@ -1,65 +1,64 @@
 # {{ ansible_managed }}
 # all
-MAILTO="{{ mailto }}"
+MAILTO="{{ server_scripts_mailto }}"
 
 # dbdump, dbundump
-DB_BACKUPS_ROOT="{{ backups_mysql_dir }}"
-DB_BACKUPS_LOG="/var/log/mysql/mysql_backup.log"
+DB_BACKUPS_ROOT="{{ server_scripts_dbdump_dir }}"
+DB_BACKUPS_LOG="{{ server_scripts_dbdump_log }}"
 
-DB_BACKUPS_REMOTE_USER="{{ backups_mysql_remote_user }}"
-DB_BACKUPS_REMOTE_HOST="{{ backups_mysql_remote_host }}"
-DB_BACKUPS_REMOTE_DIR="{{ backups_mysql_remote_dir }}"
+DB_BACKUPS_REMOTE_USER="{{ server_scripts_dbdump_remote_user }}"
+DB_BACKUPS_REMOTE_HOST="{{ server_scripts_dbdump_remote_host }}"
+DB_BACKUPS_REMOTE_DIR="{{ server_scripts_dbdump_remote_dir }}"
 
-DB_BACKUPS_EXCLUDED_DBS="_test$"
+DB_BACKUPS_EXCLUDED_DBS="{{ server_scripts_dbdump_excluded_dbs }}"
 
 # backups-check
 BACKUPS_CHECK_DIRS=( \
-"{{ backups_mysql_dir }}" \
-)
+{{ server_scripts_check_dirs }})
 
 # db-size
-DB_SIZE_NAMES_FILE="{{ private_log_dir }}/drupal_dbs.log"
-DB_SIZE_SIZES_FILE="{{ private_log_dir }}/drupal_dbs_sizes.log"
-DB_SIZE_CACHE_MINS=30
+DB_SIZE_NAMES_FILE="{{ server_scripts_db_size_names_file }}"
+DB_SIZE_SIZES_FILE="{{ server_scripts_db_size_sizes_file }}"
+DB_SIZE_CACHE_MINS="{{ server_scripts_db_size_cache_mins }}"
 
 # domains-check
-DOMAINS_CHECK_DNS="8.8.8.8"
-DOMAINS_CHECK_ASSERT_IP="your_server_ip"
+DOMAINS_CHECK_DNS="{{ server_scripts_domains_check_dns }}"
+DOMAINS_CHECK_ASSERT_IP="{{ server_scripts_domains_assert_ip }}"
 
 # detect-viruses
-VIRUSES_LOG="/var/log/viruses.log"
-VIRUSES_PHP_SIGNATURES="eval(base64_decode\|'base'.(32*2\|eval(stripslashes\|FilesMan\|WSO_VERSION\|\$sF=\"PCT4BA6ODSE_\"\|\$qV=\"stop_\"\|=chr("
-VIRUSES_JS_SIGNATURES="document.write(unescape"
+VIRUSES_LOG="{{ server_scripts_detect_viruses_log }}"
+VIRUSES_PHP_SIGNATURES="{{ server_scripts_detect_viruses_php_signatures }}"
+VIRUSES_JS_SIGNATURES="{{ server_scripts_detect_viruses_js_signatures }}"
 
 # drupal-build-archives
-DRUPAL_PROJECTS_ROOT="/usr/local/drupal"
-DRUPAL_PROJECTS_BUILD_ROOT="$DRUPAL_PROJECTS_ROOT/build"
+DRUPAL_PROJECTS_ROOT="{{ server_scripts_drupal_build_archives_projects_root }}"
+DRUPAL_PROJECTS_BUILD_ROOT="{{ server_scripts_drupal_build_archives_build_root }}"
 
 # drupal-enable-caches
-DRUPAL_CACHE_LIFETIME=43200
-DRUPAL_PAGE_CACHE_MAXIMUM_AGE=300
+DRUPAL_CACHE_LIFETIME="{{ server_scripts_drupal_enable_caches_cache_livetime }}"
+DRUPAL_PAGE_CACHE_MAXIMUM_AGE="{{ server_scripts_drupal_enable_caches_page_cache_maximum_age }}"
 
 # drupal-get-drupals
-DRUPAL_ROOT_LEVEL=4 # for /home/user/www/example.com
-SITE_EXCLUDED_FILE=".excluded"
-SITE_INFO_FILE=".info"
+DRUPAL_ROOT_LEVEL="{{ server_scripts_drupal_get_drupals_root_level }}" # for /home/user/www/example.com
+SITE_EXCLUDED_FILE="{{ server_scripts_drupal_get_drupals_site_excluded_file }}"
+SITE_INFO_FILE="{{ server_scripts_drupal_get_drupals_site_info_file }}"
 
 # get-password
-PASSWORD_LENGTH=12
+PASSWORD_LENGTH="{{ server_scripts_drupal_get_password_length }}"
 
 # influxdb-annotate
-INFLUXDB_HOST="{{ influxdb_host }}"
-INFLUXDB_PORT="{{ influxdb_port }}"
-INFLUXDB_USER="{{ telegraf_influxdb_username }}"
-INFLUXDB_PASSWORD="{{ telegraf_influxdb_password }}"
-INFLUXDB_DATABASE="{{ telegraf_influxdb_database }}"
+INFLUXDB_HOST="{{ server_scripts_influxdb_annotate_host }}"
+INFLUXDB_PORT="{{ server_scripts_influxdb_annotate_port }}"
+INFLUXDB_USER="{{ server_scripts_influxdb_annotate_user }}"
+INFLUXDB_PASSWORD="{{ server_scripts_influxdb_annotate_password }}"
+INFLUXDB_DATABASE="{{ server_scripts_influxdb_annotate_database }}"
 
 # influxdb-clientstat
-INFLUXDB_CLIENTSTAT_NGINX_LOG_FILE="{{ influxdb_clientstat_logfile }}"
+INFLUXDB_CLIENTSTAT_NGINX_LOG_FILE="{{ server_scripts_influxdb_clientstat_nginx_log }}"
 
 # sites-load
-SITES_LOAD_TIME_ENABLED="0"
-SITES_LOAD_LOG_FILE="{{ sites_load_log_file }}"
+SITES_LOAD_TIME_ENABLED="{{ server_scripts_influxdb_sites_load_time_enabled }}"
+SITES_LOAD_LOG_FILE="{{ server_scripts_influxdb_sites_load_log_file }}"
 
 # ssh-add-keys
-SSH_PUBLIC_KEYS_DIR="/root/{{ ssh_public_keys_dir }}"
+SSH_PUBLIC_KEYS_DIR="{{ server_scripts_influxdb_ssh_add_keys_path }}"

tests/playbook.yml

@@ -0,0 +1,4 @@
+---
+- hosts: all
+  roles:
+    - ""