Merge branch 'hotfix/samson-deployment-hotfix'

Author: mblaschke

bin/provision.sh

@@ -346,6 +346,7 @@ function header() {
 
     # Base
     deployConfiguration base/general        samson-deployment 'latest'
+    deployConfiguration base-app/general    samson-deployment 'latest'
 
     # Samson deployment
     deployConfiguration samson-deployment/general        samson-deployment 'latest'

docker/samson-deployment/latest/Dockerfile

@@ -14,6 +14,7 @@ ENV LC_ALL     en_US.UTF-8
 
 # Add common scripts (from _localscripts)
 ADD scripts.tar /
+COPY conf/ /opt/docker/
 
 # Init bootstrap (and install ansible)
 RUN export DEBIAN_FRONTEND=noninteractive \
@@ -36,28 +37,40 @@ RUN export DEBIAN_FRONTEND=noninteractive \
 # Base
 ###############################################################################
 
+ENV DOCKER_CONF_HOME  /opt/docker/
+
+# Install packages
+RUN /usr/local/bin/apt-install \
+    supervisor \
+    syslog-ng \
+    syslog-ng-core \
+    logrotate \
+    cron \
+    wget \
+    curl \
+    net-tools \
+    && bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base \
+    && bash /opt/docker/bin/control.sh provision.role.finish.build webdevops-cleanup \
+    && bash /opt/docker/bin/bootstrap.sh
+
+###############################################################################
+# Base-app
+###############################################################################
 ENV APPLICATION_USER  application
 ENV APPLICATION_GROUP application
+ENV APPLICATION_PATH  /app
 ENV APPLICATION_UID   1000
 ENV APPLICATION_GID   1000
-ENV DOCKER_CONF_HOME  /opt/docker/
 
-# Install services
 RUN sed -ri 's/(deb.*\/debian jessie main)/\1 contrib non-free /' -- /etc/apt/sources.list \
     && /usr/local/bin/apt-install \
-        supervisor \
-        syslog-ng \
-        syslog-ng-core \
-        logrotate \
+        # Install services
         openssh-server \
         mysql-client \
         sqlite \
-        cron \
         dnsmasq \
-        postfix
-
-# Install common tools
-RUN /usr/local/bin/apt-install \
+        postfix \
+        # Install common tools
         sudo \
         zip \
         unzip \
@@ -71,12 +84,9 @@ RUN /usr/local/bin/apt-install \
         rsync \
         git \
         nano \
-        vim
-
-# Deploy scripts/configurations
-COPY conf/ /opt/docker/
-RUN bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base \
-    && bash /opt/docker/bin/control.sh provision.role.finish.build webdevops-cleanup \
+        vim \
+    && /usr/local/bin/generate-locales \
+    && bash /opt/docker/bin/control.sh provision.role.bootstrap webdevops-base-app \
     && bash /opt/docker/bin/bootstrap.sh
 
 ###############################################################################

docker/samson-deployment/latest/conf/provision/roles/webdevops-base-app/defaults/main.yml

@@ -0,0 +1,7 @@
+---
+
+APPLICATION_USER:  "{{ lookup('env','APPLICATION_USER') }}"
+APPLICATION_GROUP: "{{ lookup('env','APPLICATION_GROUP') }}"
+APPLICATION_PATH:  "{{ lookup('env','APPLICATION_PATH') }}"
+APPLICATION_UID:   "{{ lookup('env','APPLICATION_UID') }}"
+APPLICATION_GID:   "{{ lookup('env','APPLICATION_GID') }}"

docker/samson-deployment/latest/conf/provision/roles/webdevops-base-app/tasks/bootstrap.yml

@@ -0,0 +1,6 @@
+---
+
+- include: bootstrap/user.yml
+- include: bootstrap/application.yml
+- include: bootstrap/dnsmasq.yml
+- include: bootstrap/postfix.yml

docker/samson-deployment/latest/conf/provision/roles/webdevops-base-app/tasks/bootstrap/application.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Init application directory
+  file:
+    path: "/{{ APPLICATION_PATH }}"
+    state: directory
+    mode:  0755
+    owner: "{{ APPLICATION_USER }}"
+    group: "{{ APPLICATION_GROUP }}"
+    recurse: yes

docker/samson-deployment/latest/conf/provision/roles/webdevops-base-app/tasks/bootstrap/dnsmasq.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Configure dnsmasq
+  lineinfile:
+    dest:   /etc/dnsmasq.conf
+    regexp: '^[\s]*{{ item.key }}[\s]*='
+    line:   '{{ item.key }}={{ item.value }}'
+  with_items:
+   - { key: 'user',     value: 'root' }
+   - { key: 'conf-dir', value: '/etc/dnsmasq.d' }

docker/samson-deployment/latest/conf/provision/roles/webdevops-base-app/tasks/bootstrap/postfix.yml

@@ -0,0 +1,13 @@
+---
+
+- name: Configure postfix
+  lineinfile:
+    dest:   /etc/postfix/main.cf
+    regexp: '^[\s]*{{ item.key }}[\s]*='
+    line:   '{{ item.key }}={{ item.value }}'
+  with_items:
+   - { key: 'mydestination',           value: '' }
+   - { key: 'message_size_limit',      value: '15240000' }
+   # Hardening
+   - { key: 'smtp_use_tls',            value: 'yes' }
+   - { key: 'smtp_tls_security_level', value: 'may' }

docker/samson-deployment/latest/conf/provision/roles/webdevops-base-app/tasks/bootstrap/user.yml

@@ -0,0 +1,41 @@
+---
+
+- name: Move dnsmasq group (Alpine family)
+  group:
+    name: dnsmasq
+    gid:  153
+  when: ansible_distribution == 'Alpine'
+
+- name: Create application group
+  group:
+    name:  "{{ APPLICATION_GROUP }}"
+    gid:   "{{ APPLICATION_GID }}"
+
+- name: Create application user
+  user:
+    name:  "{{ APPLICATION_USER }}"
+    uid:   "{{ APPLICATION_UID }}"
+    group: "{{ APPLICATION_GROUP }}"
+    shell: "/bin/bash"
+    home:  "/home/{{ APPLICATION_USER }}"
+
+- name: Init home directory
+  file:
+    path: "/home/{{ APPLICATION_USER }}"
+    state: directory
+    mode:  0755
+    owner: "{{ APPLICATION_USER }}"
+    group: "{{ APPLICATION_GROUP }}"
+    recurse: yes
+
+- name: Init bashrc
+  lineinfile:
+    dest: "/home/{{ APPLICATION_USER }}/.bashrc"
+    mode:  0770
+    owner: "{{ APPLICATION_USER }}"
+    group: "{{ APPLICATION_GROUP }}"
+    create: yes
+    regexp: "export TERM=xterm"
+    line: "export TERM=xterm"
+
+- action: setup

docker/samson-deployment/latest/conf/provision/roles/webdevops-base-app/tasks/main.yml

@@ -0,0 +1,5 @@
+---
+
+- include: bootstrap.yml
+  tags:
+    - bootstrap

provisioning/base-app/general/bin/service.d/dnsmasq.sh

@@ -1,3 +1,4 @@
+#!/usr/bin/env bash
 
 ## clear dns file
 echo > /etc/dnsmasq.d/development