From d4c43f670888b153c0b276ea47602daaa30fe53f Mon Sep 17 00:00:00 2001 From: Vasili Karaev Date: Thu, 24 Sep 2020 22:02:25 +0300 Subject: [PATCH] teamcity.server: add role --- teamcity.server/README.md | 13 +++++++ teamcity.server/defaults/main.yml | 11 ++++++ teamcity.server/tasks/main.yml | 34 +++++++++++++++++++ .../templates/docker-compose.yml.j2 | 32 +++++++++++++++++ .../templates/ldap-config.properties.j2 | 20 +++++++++++ teamcity.server/templates/ldap-mapping.xml.j2 | 5 +++ 6 files changed, 115 insertions(+) create mode 100644 teamcity.server/README.md create mode 100644 teamcity.server/defaults/main.yml create mode 100644 teamcity.server/tasks/main.yml create mode 100644 teamcity.server/templates/docker-compose.yml.j2 create mode 100644 teamcity.server/templates/ldap-config.properties.j2 create mode 100644 teamcity.server/templates/ldap-mapping.xml.j2 diff --git a/teamcity.server/README.md b/teamcity.server/README.md new file mode 100644 index 0000000..4542558 --- /dev/null +++ b/teamcity.server/README.md @@ -0,0 +1,13 @@ +## teamcity.server + +#### Role arguments: + +```yaml +teamcity_server: + # a string designating the port to bind + port: "8111" + docker: + # a list of networks to attach to + networks: + - web +``` diff --git a/teamcity.server/defaults/main.yml b/teamcity.server/defaults/main.yml new file mode 100644 index 0000000..9d4e019 --- /dev/null +++ b/teamcity.server/defaults/main.yml @@ -0,0 +1,11 @@ +teamcity_server__image_name: "jetbrains/teamcity-server" +teamcity_server__image_tag: "2019.1.1" +teamcity_server__image: "{{ teamcity_server__image_name }}:{{ teamcity_server__image_tag }}" + +teamcity__default_labels: + "traefik.enable": "true" + "traefik.port": "8111" + "traefik.backend": "teamcity.server" + "traefik.docker.network": "{{ docker__traefik_network }}" + "traefik.frontend.rule": "Host:{{ teamcity_server.domain }}" + "traefik.frontend.entryPoints": "http" diff --git a/teamcity.server/tasks/main.yml b/teamcity.server/tasks/main.yml new file mode 100644 index 0000000..ddc7027 --- /dev/null +++ b/teamcity.server/tasks/main.yml @@ -0,0 +1,34 @@ +--- +- name: TEAMCITY.SERVER | Prepare deployment + include_role: + name: docker.deployment.prepare + public: "yes" + vars: + deployment_name: teamcity.server + volume_user: "{{ grafana__user_id }}" + tags: + - teamcity.server + +- name: TEAMCITY.SERVER | Copy templates + template: + src: templates/{{ item }}.j2 + dest: "{{ docker_deployment__deploy_path }}/{{ item }}" + with_items: + - docker-compose.yml + - ldap-mapping.xml + - ldap-config.properties + become_user: "{{ docker_deployment__deploy_user_name }}" + become: yes + tags: + - files + - teamcity.server + +- name: TEAMCITY.SERVER | Run deployment + docker_service: + restarted: "yes" + project_src: "{{ docker_deployment__deploy_path }}" + become: yes + become_user: "{{ docker_deployment__deploy_user_name }}" + tags: + - run + - teamcity.server diff --git a/teamcity.server/templates/docker-compose.yml.j2 b/teamcity.server/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..2e60d35 --- /dev/null +++ b/teamcity.server/templates/docker-compose.yml.j2 @@ -0,0 +1,32 @@ +version: "3.7" + +services: + teamcity-server: + container_name: teamcity-server + image: "{{ teamcity_server__image }}" + restart: unless-stopped + networks: {{ teamcity_server.docker.networks | default([]) | to_json }} + labels: {{ teamcity_server.docker.labels | default(teamcity_server__default_labels) | to_json }} +{% if teamcity_server.port is defined %} + ports: + - "{{ teamcity_server.port }}:8111" +{% endif %} + logging: + driver: json-file + options: + max-file: "1" + max-size: "50m" + environment: + TEAMCITY_SERVER_MEM_OPTS: "" + volumes: + - "{{ docker_deployment__volume_path }}:/data/teamcity_server/datadir" + - "./ldap-mapping.xml:/data/teamcity_server/datadir/config/ldap-mapping.xml" + - "./ldap-config.properties:/data/teamcity_server/datadir/config/ldap-config.properties" + +{% if teamcity_server.docker.networks is defined %} +networks: + {% for network in teamcity_server.docker.networks %} +{{ network | indent(width=2) }}: + external: true + {% endfor %} +{% endif %} diff --git a/teamcity.server/templates/ldap-config.properties.j2 b/teamcity.server/templates/ldap-config.properties.j2 new file mode 100644 index 0000000..9a0b85c --- /dev/null +++ b/teamcity.server/templates/ldap-config.properties.j2 @@ -0,0 +1,20 @@ +java.naming.provider.url=ldap://{{ ldap__host }}/{{ ldap__base_dn }} +java.naming.security.principal={{ ldap__binddn }} +java.naming.security.credentials={{ ldap__bindpw }} + +teamcity.options.users.synchronize=true +teamcity.options.groups.synchronize=true + +teamcity.users.login.filter=(&(uid=$capturedLogin$)(objectClass=inetOrgPerson)(|(memberOf={{ ldap_groups.services }})(memberOf={{ ldap_groups.services_external }}))) + +teamcity.users.base=ou=users +teamcity.users.filter=(&(objectClass=inetOrgPerson)(|(memberOf={{ ldap_groups.services }})(memberOf={{ ldap_groups.services_external }}))) + +teamcity.users.username=uid +teamcity.users.property.displayName=cn +teamcity.users.property.email=mail + +teamcity.groups.base=ou=groups +teamcity.groups.filter=(objectClass=groupOfNames) + +teamcity.groups.property.member=member diff --git a/teamcity.server/templates/ldap-mapping.xml.j2 b/teamcity.server/templates/ldap-mapping.xml.j2 new file mode 100644 index 0000000..037208c --- /dev/null +++ b/teamcity.server/templates/ldap-mapping.xml.j2 @@ -0,0 +1,5 @@ + + + + +