teamcity.server: add role

teamcity.server/README.md

@@ -0,0 +1,13 @@
+## teamcity.server
+
+#### Role arguments:
+
+```yaml
+teamcity_server:
+  # a string designating the port to bind
+  port: "8111"
+  docker:
+    # a list of networks to attach to
+    networks:
+      - web
+```

teamcity.server/defaults/main.yml

@@ -0,0 +1,11 @@
+teamcity_server__image_name: "jetbrains/teamcity-server"
+teamcity_server__image_tag: "2019.1.1"
+teamcity_server__image: "{{ teamcity_server__image_name }}:{{ teamcity_server__image_tag }}"
+
+teamcity__default_labels:
+  "traefik.enable": "true"
+  "traefik.port": "8111"
+  "traefik.backend": "teamcity.server"
+  "traefik.docker.network": "{{ docker__traefik_network }}"
+  "traefik.frontend.rule": "Host:{{ teamcity_server.domain }}"
+  "traefik.frontend.entryPoints": "http"

teamcity.server/tasks/main.yml

@@ -0,0 +1,34 @@
+---
+- name: TEAMCITY.SERVER | Prepare deployment
+  include_role:
+    name: docker.deployment.prepare
+    public: "yes"
+  vars:
+    deployment_name: teamcity.server
+    volume_user: "{{ grafana__user_id }}"
+  tags:
+    - teamcity.server
+
+- name: TEAMCITY.SERVER | Copy templates
+  template:
+    src: templates/{{ item }}.j2
+    dest: "{{ docker_deployment__deploy_path }}/{{ item }}"
+  with_items:
+    - docker-compose.yml
+    - ldap-mapping.xml
+    - ldap-config.properties
+  become_user: "{{ docker_deployment__deploy_user_name }}"
+  become: yes
+  tags:
+    - files
+    - teamcity.server
+
+- name: TEAMCITY.SERVER | Run deployment
+  docker_service:
+    restarted: "yes"
+    project_src: "{{ docker_deployment__deploy_path }}"
+  become: yes
+  become_user: "{{ docker_deployment__deploy_user_name }}"
+  tags:
+    - run
+    - teamcity.server

teamcity.server/templates/docker-compose.yml.j2

@@ -0,0 +1,32 @@
+version: "3.7"
+
+services:
+  teamcity-server:
+    container_name: teamcity-server
+    image: "{{ teamcity_server__image }}"
+    restart: unless-stopped
+    networks: {{ teamcity_server.docker.networks | default([]) | to_json }}
+    labels: {{ teamcity_server.docker.labels | default(teamcity_server__default_labels) | to_json }}
+{% if teamcity_server.port is defined %}
+    ports:
+      - "{{ teamcity_server.port }}:8111"
+{% endif %}
+    logging:
+      driver: json-file
+      options:
+        max-file: "1"
+        max-size: "50m"
+    environment:
+      TEAMCITY_SERVER_MEM_OPTS: ""
+    volumes:
+      - "{{ docker_deployment__volume_path }}:/data/teamcity_server/datadir"
+      - "./ldap-mapping.xml:/data/teamcity_server/datadir/config/ldap-mapping.xml"
+      - "./ldap-config.properties:/data/teamcity_server/datadir/config/ldap-config.properties"
+
+{% if teamcity_server.docker.networks is defined %}
+networks:
+  {% for network in teamcity_server.docker.networks %}
+{{ network | indent(width=2) }}:
+    external: true
+  {% endfor %}
+{% endif %}

teamcity.server/templates/ldap-config.properties.j2

@@ -0,0 +1,20 @@
+java.naming.provider.url=ldap://{{ ldap__host }}/{{ ldap__base_dn }}
+java.naming.security.principal={{ ldap__binddn }}
+java.naming.security.credentials={{ ldap__bindpw }}
+
+teamcity.options.users.synchronize=true
+teamcity.options.groups.synchronize=true
+
+teamcity.users.login.filter=(&(uid=$capturedLogin$)(objectClass=inetOrgPerson)(|(memberOf={{ ldap_groups.services }})(memberOf={{ ldap_groups.services_external }})))
+
+teamcity.users.base=ou=users
+teamcity.users.filter=(&(objectClass=inetOrgPerson)(|(memberOf={{ ldap_groups.services }})(memberOf={{ ldap_groups.services_external }})))
+
+teamcity.users.username=uid
+teamcity.users.property.displayName=cn
+teamcity.users.property.email=mail
+
+teamcity.groups.base=ou=groups
+teamcity.groups.filter=(objectClass=groupOfNames)
+
+teamcity.groups.property.member=member

teamcity.server/templates/ldap-mapping.xml.j2

@@ -0,0 +1,5 @@
+<!DOCTYPE mapping SYSTEM "ldap-mapping.dtd">
+<mapping>
+  <group-mapping teamcityGroupKey="EMPLOYEES" ldapGroupDn="{{ ldap__groups.employees }}"/>
+  <group-mapping teamcityGroupKey="ADMINISTRATORS" ldapGroupDn="{{ ldap__groups.teamcity_admin }}"/>
+</mapping>