playbook: automate kdbox configuration

playbook/kdbox-playbook.yml

+---
+
+- name: a play that runs entirely on the ansible host
+  hosts: 127.0.0.1
+  connection: local
+  vars_files:
+  - settings/kdbox.yml
+  vars:
+    - interface_name: lo
+    - computer_name: noname
+
+  vars_prompt:
+    - name: "re6sttoken"
+      prompt: "\n\n  You are running the Grandenet Installer\n\n
+            Please insert your token from Grandenet to configure your computer.\n
+            If you don't have a token, please access http://www.grandenet.cn/en \n
+            and request one. \n\n
+            Move informations at http://www.grandenet.cn/en/documentation/user \n\n 
+            Your token "
+
+      private: no 
+      default: "notoken"
+
+    - name: "slapos_master_url"
+      prompt: "What is the url to the SlapOS Master API?  (ignore if you already have a configured re6st and slapos):"
+      private: no
+      default: "https://slap.vifib.com/"
+
+    - name: "slapos_web_master_url"
+      prompt: "What is the url to the SlapOS Master Website?  (ignore if you already have a configured re6st and slapos):"
+      private: no
+      default: "https://slapos.vifib.com/"
+
+    - name: "computer_name"
+      prompt: "What is this computer name?  (ignore if you already have a configured re6st and slapos):"
+      private: no
+      default: "noname"
+
+    - name: "slapostoken"
+      prompt: "If you have slapos token if you have (ignore if you already have a configured slapos):"
+      private: no
+      default: "notoken"
+
+    - name : "Token"
+      prompt: "Credential account token"
+      private: no 
+      default: "notoken"
+
+    - name: "domain_name"
+      prompt: "enter domain name for CDN"
+      private: no
+      default: ""
+
+    - name: "custom_domain"
+      prompt: "enter custom domain name for CDN slave instance"
+      private: no
+      default: ""
+
+  roles:
+    - re6stnet
+    - role: routeadv
+    # desactiver le RADVD
+      when: enable_router_advertisement == True
+    - { role: slapos, package_state: present }
+    - { role: package, package_name: ntp, package_state: present }
+    - slapos-client
+    - kdbox
+

playbook/roles/kdbox/files/port-forwarding

+#!/bin/bash
+ps aux | grep socat | grep TCP:$2:$3 > /dev/null
+if [ $? -eq 0 ]
+then 
+ echo "port forwarding process already running" 
+else 
+ echo "no process running ,executing port forwarding for selectet port"
+ socat TCP6-LISTEN:$1,fork TCP:$2:$3 & 
+fi
+
+#script for port forwarding 

playbook/roles/kdbox/tasks/frontend-slave-instance.yml

+- name : requesting CDN slave instance for ERP5
+  shell: echo "request('{{ frontend_software_release_url }}', '{{ frontend_instance_slave_name }}',filter_kw={'computer_guid':'{{ computer_id }}'},partition_parameter_kw={'custom_domain':'{{ custom_domain }}','enable_cache':'true','type':'zope','url':'{{ frontend_slave_backend_url }}',},shared='True', software_type='custom-personal',)" | slapos console 

playbook/roles/kdbox/tasks/frontend.yml

+- name: Caddy frontend supply 
+  shell: slapos supply {{ frontend_software_release_url }} {{ computer_id }}
+  when : slapos_cfg.stat.exists == True
+  args: 
+    creates: /opt/supply_check_file
+
+- name : requesting Caddy frontend istance
+  shell: echo "request('{{ frontend_software_release_url }}', '{{ frontend_instance_name }}',filter_kw={'computer_guid':'{{ computer_id}}'}, partition_parameter_kw={'-sla-1-computer_guid':'{{ computer_id }}','domain':'{{ domain_name }}','public-ipv4':'{{ ansible_default_ipv4.address }}',}, software_type='custom-personal',)" | slapos console
+  when: supply_is_done == True

playbook/roles/kdbox/tasks/main.yml

+---
+
+  - name: Check if client configuration exists already
+    stat: path=/etc/opt/slapos/slapos.cfg
+    register: slapos_cfg
+    failed_when: slapos_cfg.stat.exists == False
+    
+  - name: check if supply is done 
+    stat: path=/opt/supply_check_file
+    register: supply_check
+
+  - name: register computer ID
+    set_fact:
+      computer_id: "{{ lookup('ini','computer_id section=slapos file=/etc/opt/slapos/slapos.cfg') }}"
+   
+  # verify software supply 
+  - name: register supply status
+    set_fact:
+      supply_is_done: "{{ supply_check.stat.exists }}"
+
+  - include: webrunner.yml
+  - include: frontend.yml
+  - include: frontend-slave-instance.yml
+ 
+  # find Caddy ip to be used for port forwarding
+  - name: Get Caddy local IP
+    shell: grep bind /srv/slapgrid/slappart*/etc/Caddyfile | cut -d ' ' -f4 | head -n1 
+    register: caddy_ip
+    failed_when: caddy_ip.stdout == ""
+
+  # execute port-forwarding script in /files/port-forwarding
+  - name: "port 80 forwarding to {{ caddy_ip.stdout }}:8080"
+    shell: "{{ role_path }}/files/port-forwarding 80 {{ caddy_ip.stdout }} 8080"
+    register: forward_result
+    changed_when: forward_result.stdout != "port forwarding process already running"
+
+  - name: "port 443 forwarding to {{ caddy_ip.stdout }}:4443"
+    shell: "{{ role_path }}/files/port-forwarding 443 {{ caddy_ip.stdout }} 4443"
+    register: forward_result
+    changed_when: forward_result.stdout != "port forwarding process already running"
+
+  # file created when software supply is done
+  - name: "create software_supply_check_file"
+    file:   
+        path: "/opt/supply_check_file"
+        state: touch 

playbook/roles/kdbox/tasks/webrunner.yml

+- name: webrunner supply 
+  shell: slapos supply {{ webrunner_software_release_url }} {{ computer_id }}
+  when : slapos_cfg.stat.exists == True
+  args: 
+    creates: /opt/supply_check_file
+
+- name: requesting webrunner instance 
+  shell: echo "request('{{ webrunner_software_release_url }}', '{{ webrunner_instance_name }}', partition_parameter_kw={'-sla-runner0-computer_guid':'{{ computer_id }}','-sla-runner1-computer_guid':'{{ computer_id }}',}, software_type='resilient',)" | slapos console
+  when: supply_is_done == True

playbook/roles/slapos-client/tasks/main.yml

+---
+    - name: Check if client configuration exists already
+      stat: path=~/.slapos/slapos-client.cfg
+      register: client_cfg
+    - name: "install slapos client"
+      shell: slapos configure client  --token {{Token}}
+      when : client_cfg.stat.exists == False and "{{Token}}" != "notoken"

playbook/settings/kdbox.yml

+frontend_software_release_url: https://lab.node.vifib.com/nexedi/slapos/raw/1.0.82/software/caddy-frontend/software.cfg
+frontend_slave_backend_url: https://[2401:5180:0:38::7377]:2152
+#recupuration de frontend_slave_backend_url à automatiser
+re6st_annon: False
+#variable crée pour desactiver le RADVD 
+enable_router_advertisement: False
+re6st_fingerprint: sha256:499a44702d687e968c047d28e33f59e5c3bae71a38619dc730152a3557c20301
+re6st_registry_url: http://re6stnet.gnet.erp5.cn/
+webrunner_software_release_url: https://lab.node.vifib.com/nexedi/slapos/raw/1.0.75/software/slaprunner/software.cfg
+frontend_instance_name: FRONTEND-kdboxtest
+webrunner_instance_name: webrunner-1
+frontend_instance_slave_name : My-ERP5
+