Refactor everything

2023-12-14 02:20:13 +01:00 · 2023-12-14 02:20:13 +01:00 · 3f2e60becf
commit 3f2e60becf
parent 2e100d290f
69 changed files with 366 additions and 281 deletions
--- a/_ansible/roles/harbor/files/msrg.cc.log.config
+++ b/_ansible/roles/harbor/files/msrg.cc.log.config
@ -1,22 +0,0 @@
-version: 1
-
-formatters:
-  precise:
-   format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
-
-handlers:
-  console:
-    class: logging.StreamHandler
-    formatter: precise
-
-loggers:
-    synapse.storage.SQL:
-        # beware: increasing this to DEBUG will make synapse log sensitive
-        # information such as access tokens.
-        level: INFO
-
-root:
-    level: INFO
-    handlers: [console]
-
-disable_existing_loggers: false
--- a/_ansible/roles/harbor/tasks/main.yml
+++ b/_ansible/roles/harbor/tasks/main.yml
@ -1,8 +1,12 @@
 ---
+- name: Set common facts
+  ansible.builtin.import_tasks: tasks/set-default-facts.yml
+
 - name: Deploy {{ svc.name }}
-  tags:
-    - harbor
-    - registry
+  vars:
+    svc: "{{ harbor_svc }}"
+    env: "{{ harbor_env }}"
+    yml: "{{ harbor_yml }}"
  block:
    - name: Import prepare tasks for common service
      ansible.builtin.import_tasks: tasks/prepare-common-service.yml
--- a/_ansible/roles/harbor/vars/main.yml
+++ b/_ansible/roles/harbor/vars/main.yml
@ -1,16 +1,21 @@
 ---
-svc_ports:
-  http: 20080
-  https: 20443
-  metrics: 29000
+harbor_port_http: 20080
+harbor_port_https: 20443
+harbor_port_metrics: 29000

-svc:
+harbor_db_host: "{{ postgres.host }}"
+harbor_db_port: "{{ postgres.port }}"
+harbor_db_database: harbor
+harbor_db_user: "{{ vault_harbor.db.user }}"
+harbor_db_pass: "{{ vault_harbor.db.pass }}"
+harbor_version: 2.9.0
+
+harbor_svc:
  name: harbor
-  no_compose: true # TODO remove when fixing "var-naming[no-role-prefix]"
  domain: registry.serguzim.me
  caddy_extra: |
-    reverse_proxy /metrics host.docker.internal:{{ svc_ports.metrics }}
-    reverse_proxy host.docker.internal:{{ svc_ports.https }} {
+    reverse_proxy /metrics host.docker.internal:{{ harbor_port_metrics }}
+    reverse_proxy host.docker.internal:{{ harbor_port_https }} {
        transport http {
            tls
            tls_server_name registry.serguzim.me
@ -25,12 +30,12 @@ svc:
    pass: "{{ vault_harbor.db.pass }}"
  harbor_version: 2.9.0

-svc_yml:
-  hostname: "{{ svc.domain }}"
+harbor_yml:
+  hostname: "{{ harbor_svc.domain }}"
  http:
-    port: "{{ svc_ports.http }}"
+    port: "{{ harbor_port_http }}"
  https:
-    port: "{{ svc_ports.https }}"
+    port: "{{ harbor_port_https }}"
    certificate: /opt/services/.lego/certificates/registry.serguzim.me.crt
    private_key: /opt/services/.lego/certificates/registry.serguzim.me.key
  external_url: https://registry.serguzim.me
@ -65,14 +70,14 @@ svc_yml:
      rotate_count: 50
      rotate_size: 200M
      location: /var/log/harbor
-  _version: "{{ svc.harbor_version }}"
+  _version: "{{ harbor_version }}"
  external_database:
    harbor:
-      host: "{{ svc.db.host }}"
-      port: "{{ svc.db.port }}"
-      db_name: "{{ svc.db.database }}"
-      username: "{{ svc.db.user }}"
-      password: "{{ svc.db.pass }}"
+      host: "{{ harbor_db_host }}"
+      port: "{{ harbor_db_port }}"
+      db_name: "{{ harbor_db_database }}"
+      username: "{{ harbor_db_user }}"
+      password: "{{ harbor_db_pass }}"
      ssl_mode: verify-full
      max_idle_conns: 2
      max_open_conns: 0
@ -86,7 +91,7 @@ svc_yml:
      - trivy
  metric:
    enabled: enabled
-    port: "{{ svc_ports.metrics }}"
+    port: "{{ harbor_port_metrics }}"
    path: /metrics
  upload_purging:
    enabled: true