kaiangel/courseworkrep
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

govno

Browse Source
This commit is contained in:
dima 2024-11-04 19:58:01 +03:00
parent 4244debf72
commit 015d96995e
4 changed files with 222 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Jenkinsfile vendored Normal file
View File

@ -0,0 +1,65 @@
pipeline {
agent any
tools {
ansible 'Ansible'
}
environment {
PSQL_PASSWORD = credentials('PSQL_pass')
VAULT_PASSWORD = credentials('ansible_vault_password')
}
parameters {
string(name: 'DB_USER', defaultValue: 'postgres', description: 'Имя пользователя базы данных')
string(name: 'DB_NAME', defaultValue: 'mydb', description: 'Имя базы данных')
string(name: 'BACKUP_DIR', defaultValue: '/var/backups/postgresql', description: 'Директория для бэкапа')
}
stages {
stage('Clone repository') {
steps {
git branch: 'dev', url: 'http://192.168.0.70:3000/coursework/courseworkrep.git'
}
}
stage('Decrypt SSH Key') {
steps {
script {
def tempDir = '/tmp/' + UUID.randomUUID().toString()
env.TEMP_DIR = tempDir
sh "mkdir -p ${tempDir}"
def decryptedKeyFile = "${tempDir}/id_ed25519"
def vaultPassFile = "${tempDir}/vault_pass"
writeFile file: vaultPassFile, text: VAULT_PASSWORD
sh """
ansible-vault decrypt ./id_ed25519_vault --vault-password-file=${vaultPassFile} --output=${decryptedKeyFile}
"""
env.DECRYPTED_KEY_FILE = decryptedKeyFile
}
}
}
stage('Install PostgreSQL') {
steps {
ansiblePlaybook(
playbook: 'install_postgresql.yml',
inventory: "inventory.yml",
extraVars: [
postgres_user: params.DB_USER,
postgres_password: PSQL_PASSWORD,
postgres_db: params.DB_NAME,
backup_dir: params.BACKUP_DIR,
ansible_ssh_private_key_file: env.DECRYPTED_KEY_FILE
]
)
}
}
}
post {
always {
script {
if (env.TEMP_DIR) {
sh "rm -rf ${env.TEMP_DIR}"
}
}
}
}
}

26
id_ed25519_vault Normal file
View File

@ -0,0 +1,26 @@
$ANSIBLE_VAULT;1.1;AES256
65316433646437363338333233313530386265396432326633303334363130396438623632373733
6234643334313336376439343564616333366632393666320a623066663130336665663763626337
36353135383933386431643036336561653438356537363262333530663363333138663966336231
3631333939653033370a643061336136313031336163346431393034653237646265653665316466
63333966383038666635636462393361313731666239356139653466663761383531653063343733
64396533303131666139323333653838323961396437326438353733653262393164343263643738
37626464353762656532373739376363363935383065336637333161356331303230356163626533
66363331616263383366303534376235663564313031343031323466333564646233393238336665
62383138623137323761656163336631393861386436626338666662313739353338373563626335
31663831366135396437643562373463613566333433666162313833653230396439353461633437
31663937343437643363323137313331373839313032333830316135303734376264396539396339
37613031376235316439303363326134613136616137623133353738313236383436386631636432
64373861346631386234316234663134316231336666356230373862396237346565393434383039
64323462653532636161333339623138663564396261363832626630393533323139616165363065
66376166306131333531323966633036623762323037616261643930343733383165333939326537
34636534343436313132383532633631363631356563336365393437616337333062323862336164
66656463643761366335663331633733383065316530653935613134653837666332653262326266
39396237616235383163386662363637346633366231373236323734383934383035623739333263
65316364306462376134373165393661316561383837383438306365666437373365366461663439
61336463636462333363313766363465313163373063323864613136303564396137333536373235
33656135393732653230373031613663633866386537643164623138623663626663303331656631
37666562663135643832386335373132643738393233656361663931306563386666613135303033
32663633373439646564663036626561336338313239316634623838633534306530633739363831
39306631356662363430633866653538623837303537343331363066326466646430346638623162
6438

125
install_postgresql.yml Normal file
View File

@ -0,0 +1,125 @@
- name: Install PostgreSQL and Backup
hosts: all
become: true
vars:
postgres_user: '{{ postgres_user }}'
postgres_password: '{{ postgres_password }}'
postgres_db: '{{ postgres_db }}'
backup_dir: '{{ backup_dir }}'
tasks:
- name: Update zypper
command: zypper refresh
register: zypper_refresh
changed_when: "'Refreshing' in zypper_refresh.stdout"
- name: Update System
zypper:
name: '*'
state: latest
when: zypper_refresh.changed
- name: Update PostgreSQL package
zypper:
name:
- postgresql-server
- postgresql-contrib
state: present
- name: PostgreSQL initdb
command: sudo -u postgres initdb -D /var/lib/pgsql/data
args:
creates: /var/lib/pgsql/data/PG_VERSION
- name: Systemctl start and enable PostgreSQL
service:
name: postgresql
state: started
enabled: true
- name: python3-psycopg2 install
zypper:
name: python3-psycopg2
state: present
- name: Change listen_addresses in postgresql.conf
lineinfile:
path: /var/lib/pgsql/data/postgresql.conf
regexp: '^#?listen_addresses\\s*='
line: "listen_addresses = '*'"
notify: Restart PostgreSQL
- name: Change pg_hba.conf
lineinfile:
path: /var/lib/pgsql/data/pg_hba.conf
regexp: '^host\\s+all\\s+all\\s+0\\.0\\.0\\.0/0\\s+md5'
line: 'host all all 0.0.0.0/0 md5'
notify: Restart PostgreSQL
- name: Create User PostgreSQL
community.postgresql.postgresql_user:
name: '{{ postgres_user }}'
password: '{{ postgres_password }}'
state: present
- name: Create Base PostgreSQL
community.postgresql.postgresql_db:
name: '{{ postgres_db }}'
owner: '{{ postgres_user }}'
encoding: UTF8
state: present
- name: Create a table
community.postgresql.postgresql_query:
db: '{{ postgres_db }}'
query: 'CREATE TABLE IF NOT EXISTS contacts (id SERIAL PRIMARY KEY, name VARCHAR(100), phone_number VARCHAR(15));'
login_user: '{{ postgres_user }}'
login_password: '{{ postgres_password }}'
- name: Open firewall 5432 port
command: firewall-cmd --add-port=5432/tcp --permanent
become: true
- name: Restart Firewall
command: firewall-cmd --reload
become: true
- name: Create backup directory
file:
path: '{{ backup_dir }}'
state: directory
owner: postgres
group: postgres
mode: '0755'
- name: PostgreSQL database backup
become_user: postgres
command: 'pg_dump -U {{ postgres_user }} -F c -f "{{ backup_dir }}/db_backup_{{ postgres_db }}_{{ ansible_date_time.iso8601 }}.sql" {{ postgres_db }}'
environment:
PGPASSWORD: '{{ postgres_password }}'
- name: Create cron for daily full backup
cron:
name: 'PostgreSQL daily full backup'
user: postgres
minute: '0'
hour: '1'
job: 'pg_dump -U {{ postgres_user }} -F c {{ postgres_db }} > {{ backup_dir }}/full_db_backup_{{ postgres_db }}_$(date +\\\\%F-\\\\%H-%M).sql'
environment:
PGPASSWORD: '{{ postgres_password }}'
- name: Create cron backup script
cron:
name: 'PostgreSQL hourly backup'
user: postgres
minute: '0'
hour: '*'
job: 'pg_dump -U {{ postgres_user }} -F c {{ postgres_db }} > {{ backup_dir }}/db_backup_{{ postgres_db }}_$(date +\\\\%F-\\\\%H-%M).sql'
environment:
PGPASSWORD: '{{ postgres_password }}'
handlers:
- name: Restart PostgreSQL
service:
name: postgresql
state: restarted

6
inventory.yml Normal file
View File

@ -0,0 +1,6 @@
all:
children:
postgres_servers:
hosts:
192.168.0.71:
ansible_user: ansible