Merge pull request #4 from aleyipsoftwire/exercise-4

Exercise 4

Author: aleyipsoftwire

README.md

@@ -71,3 +71,29 @@ The project uses pytest to run tests. To run the tests, run the following from y
 ```bash
 $ poetry run pytest
 ```
+
+## Provisioning a VM from an Ansible Control Node
+
+1. SSH into the control node
+2. Copy the `ansible` directory to the control node
+3. Replace the IP address in the `inventory` file with the IP address(es) of the managed VM(s)
+4. Create a file `ansible-pw.txt` containing the vault password
+5. Run the following command in the `ansible` directory, to provision the VM:
+    ```bash
+    $ ansible-playbook playbook.yml -i inventory --vault-password-file ansible-pw.txt
+    ```
+
+### Note on env variables
+
+The ansible configs contained in this repo contain the encrypted env values required to run the app.
+These values can be seen in the `ansible/vars/env.yml` file.
+
+The values are individually encrypted using ansible-vault and added to the file.
+
+To generate a new encrypted value or to replace one of the provided values, for example, the `trello_api_key` value:
+
+```bash
+$ ansible-vault encrypt_string --vault-password-file your_password_file --name 'trello_api_key'
+```
+
+then enter the value you want to encrypt when prompted.

ansible/.env.j2

@@ -0,0 +1,12 @@
+# Sets the location of the flask application object: https://flask.palletsprojects.com/en/2.3.x/cli/#application-discovery
+# Needed because of the presence of the "todo_app" folder
+FLASK_APP=todo_app/app
+
+FLASK_ENV=production
+
+TRELLO_API_KEY={{ trello_api_key }}
+TRELLO_API_TOKEN={{ trello_api_token }}
+TRELLO_BOARD_ID={{ trello_board_id }}
+
+TRELLO_TODO_LIST_ID={{ trello_todo_list_id }}
+TRELLO_DONE_LIST_ID={{ trello_done_list_id }}

ansible/inventory

@@ -0,0 +1,2 @@
+[nodes]
+3.11.97.48

ansible/playbook.yml

@@ -0,0 +1,62 @@
+---
+- name: Install tools
+  hosts: nodes
+  become: true
+  tasks:
+    - name: Install Git and Python 3
+      yum:
+        name:
+        - git
+        - python3
+        state: present
+        update_cache: yes
+
+- name: Install Poetry
+  hosts: nodes
+  tasks:
+    - name: Install Poetry
+      shell:
+        cmd: 'curl -sSL https://install.python-poetry.org | python3 -'
+        creates: ~/.local/bin/poetry
+
+- name: Create To-Do App Directory and clone from GitHub
+  hosts: nodes
+  become: true
+  tasks:
+    - name: Create directory
+      file:
+        path: /opt/todoapp
+        state: directory
+        owner: ec2-user
+    - name: Clone Remote Git Repository
+      git:
+        repo: https://github.com/aleyipsoftwire/DevOps-Course-Starter.git
+        dest: /opt/todoapp
+
+- name: Install dependencies and set env variables
+  hosts: nodes
+  vars_files:
+    - ./vars/env.yml
+  tasks:
+    - name: Install dependencies
+      command: poetry install
+      args:
+        chdir: /opt/todoapp
+    - name: Set env variables  
+      template:
+        src: .env.j2
+        dest: /opt/todoapp/.env
+
+- name: Copy service file and start service
+  hosts: nodes
+  become: true
+  tasks:
+    - name: Copy service file
+      copy:
+        src: todoapp.service
+        dest: /etc/systemd/system/todoapp.service
+    - name: Start service
+      systemd:
+        name: todoapp
+        daemon_reload: true
+        state: restarted

ansible/todoapp.service

@@ -0,0 +1,7 @@
+[Unit]
+Description=My To-Do App
+
+[Service]
+User=ec2-user
+WorkingDirectory=/opt/todoapp
+ExecStart=/home/ec2-user/.local/bin/poetry run flask run --host 0.0.0.0

ansible/vars/env.yml

@@ -0,0 +1,44 @@
+---
+trello_api_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          36353765346338383137376534373861386262346432666266343866653264373232393336663633
+          3632313164363335616239363530663530393638643161660a323061653334393330366530383264
+          62393833316439633037666162623762633736656136303039383665363433366465356333663933
+          6433323730393332660a323837396535343461306333666364366334633836363732313633306136
+          30303335306663663938643630346535366631316435333065663838636562376130376130666334
+          6331373565646432623661373336656230356165343361623361
+
+trello_api_token: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          34323763343432663332353262393363623830356363643062386365386233336530333566383130
+          3662643036303664333961363132623661383962653865380a626261376665313938383364346636
+          38643066613665643332363666616362626130343465366666616532613635666535353662376631
+          3865336265396565620a353136323065383166383162663233346338326530653831316365326330
+          37666333363735386665313134393332356433613561316561643964373639386234313535663663
+          39616163326231386331666232656435616564316361653066316435346133653635613639333034
+          35343138353531373066656434323634396164346336656264653731303932393339353033613739
+          35376165616138303564
+
+trello_board_id: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          32646363346165626630656632346131376630636430326465396333373966393337623036303233
+          3131346331613532323531353331346461653339383436620a303263303633376463383663383236
+          33383161633735383438313034303130333161666565376361353838613135393935366261343637
+          6464306335353630620a306333323265393137376166643135623636333061623734346362376531
+          37396264366533616434303630656363343265356532343735316337363230643630
+
+trello_todo_list_id: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          35303037373565326666336233666366303463323362373962643431373463613938353239353733
+          3264396264643732393333373063363734616430633030380a646464663338333564653162643762
+          65626533333936666530663034653632376539643135303236323634303739343431643266306362
+          6437326334303965640a343366613334346562643263623265656461383731633634393330366336
+          30353864383838333736366438383730373832623834613938383338396433363336
+
+trello_done_list_id: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          63333465633437303633396631356365323939633161323936393763343163343233363266656532
+          3037343664313430313063373963346534646464396162380a646634393261323763313136333963
+          34646434313664653136346264653633666162666566306665633731343830633062663637623666
+          6234373361393338320a356462366139393330333661353130316566623739313565646431343336
+          62376565643863613039353536626335343739633239346633313339363734336436