Commit aa964d1b authored by Fabien  MAREUIL's avatar Fabien MAREUIL
Browse files

add ansible.posix ofr firewalld and selinux

parent 81f61ddf
Pipeline #50423 failed with stages
in 5 minutes and 36 seconds
......@@ -18,6 +18,7 @@ test-ansible:
- pip3.5 install ansible
- cd ansible
- whoami
- ansible-galaxy collection install ansible.posix
- ansible-playbook system.yaml --syntax-check
- ansible-playbook deploy.yaml --syntax-check
......@@ -98,6 +99,7 @@ deploy-webserver-targetcentric:
- pip3.5 install ansible
- cd ansible
- whoami
- ansible-galaxy collection install ansible.posix
- ansible-playbook -vvv -i ./hosts_master deploy.yaml
--extra-vars "deploy_user_name=ippidb repo_api_token=JZS-4cH7bWkFkHa2rAVf marvinjs_apikey=$MARVINJS_APIKEY_targetcentric galaxy_base_url=$GALAXY_BASE_URL_targetcentric galaxy_apikey=$GALAXY_APIKEY_targetcentric galaxy_compoundproperties_workflowid=$GALAXY_COMPOUNDPROPERTIES_WORKFLOWID_targetcentric secret_key=$SECRET_KEY_targetcentric dbname=$DBNAME_targetcentric dbuser=$DBUSER_targetcentric dbpassword=$DBPASSWORD_targetcentric dbhost=$DBHOST_targetcentric dbport=$DBPORT_targetcentric http_port=$HTTP_PORT_targetcentric branch=$CI_COMMIT_REF_NAME gacode=$GACODE_targetcentric ippidb_media=$IPPIDB_MEDIA_targetcentric"
only:
......@@ -121,6 +123,7 @@ deploy-webserver-test:
- pip3.5 install ansible
- cd ansible
- whoami
- ansible-galaxy collection install ansible.posix
- ansible-playbook -vvv -i ./hosts_master deploy.yaml
--extra-vars "deploy_user_name=ippidb repo_api_token=JZS-4cH7bWkFkHa2rAVf marvinjs_apikey=$MARVINJS_APIKEY_master galaxy_base_url=$GALAXY_BASE_URL_master galaxy_apikey=$GALAXY_APIKEY_master galaxy_compoundproperties_workflowid=$GALAXY_COMPOUNDPROPERTIES_WORKFLOWID_master secret_key=$SECRET_KEY_master dbname=$DBNAME_master dbuser=$DBUSER_master dbpassword=$DBPASSWORD_master dbhost=$DBHOST_master dbport=$DBPORT_master http_port=$HTTP_PORT_master branch=$CI_COMMIT_REF_NAME gacode=$GACODE_master ippidb_media=$IPPIDB_MEDIA_master"
only:
......@@ -144,6 +147,7 @@ deploy-webserver-production:
- pip3.5 install ansible
- cd ansible
- whoami
- ansible-galaxy collection install ansible.posix
- ansible-playbook -vvv -i ./hosts_release deploy.yaml
--extra-vars "deploy_user_name=ippidb repo_api_token=JZS-4cH7bWkFkHa2rAVf marvinjs_apikey=$MARVINJS_APIKEY_release galaxy_base_url=$GALAXY_BASE_URL_release galaxy_apikey=$GALAXY_APIKEY_release galaxy_compoundproperties_workflowid=$GALAXY_COMPOUNDPROPERTIES_WORKFLOWID_release secret_key=$SECRET_KEY_release dbname=$DBNAME_release dbuser=$DBUSER_release dbpassword=$DBPASSWORD_release dbhost=$DBHOST_release dbport=$DBPORT_release http_port=$HTTP_PORT_release branch=$CI_COMMIT_REF_NAME gacode=$GACODE_release ippidb_media=$IPPIDB_MEDIA_release"
only:
......
......@@ -42,16 +42,16 @@
# disable SELinux, and open firewall to incoming http
- name: disable SELinux
become: true
selinux:
ansible.posix.selinux:
state: disabled
- name: Open firewall to HTTP traffic
firewalld:
ansible.posix.firewalld:
service: http
permanent: true
state: enabled
become: true
- name: Open firwall to port 80 81 traffic
firewalld:
ansible.posix.firewalld:
port: "{{ http_port }}/tcp"
permanent: true
state: enabled
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment