feat(Deployment): Integrate Ansible deployment via PHP deployment pipeline

- Create AnsibleDeployStage using framework's Process module for secure command execution - Integrate AnsibleDeployStage into DeploymentPipelineCommands for production deployments - Add force_deploy flag support in Ansible playbook to override stale locks - Use PHP deployment module as orchestrator (php console.php deploy:production) - Fix ErrorAggregationInitializer to use Environment class instead of $_ENV superglobal Architecture: - BuildStage → AnsibleDeployStage → HealthCheckStage for production - Process module provides timeout, error handling, and output capture - Ansible playbook supports rollback via rollback-git-based.yml - Zero-downtime deployments with health checks
2025-10-26 14:08:07 +01:00
parent a90263d3be
commit 3b623e7afb
170 changed files with 19888 additions and 575 deletions
--- a/deployment/infrastructure/playbooks/setup-docker.yml
+++ b/deployment/infrastructure/playbooks/setup-docker.yml
@@ -0,0 +1,170 @@
+---
+# Docker Setup Playbook
+# Ensures Docker and Docker Compose are installed and configured
+#
+# Usage:
+#   ansible-playbook -i inventories/production/hosts.yml playbooks/setup-docker.yml
+
+- name: Setup Docker for Production
+  hosts: web_servers
+  become: true
+
+  vars:
+    app_user: deploy
+    docker_compose_version: "2.24.0"
+
+  tasks:
+    # ==========================================
+    # 1. Verify Docker Installation
+    # ==========================================
+
+    - name: Check if Docker is installed
+      command: docker --version
+      register: docker_check
+      changed_when: false
+      failed_when: false
+
+    - name: Display Docker version
+      debug:
+        msg: "Docker is already installed: {{ docker_check.stdout }}"
+      when: docker_check.rc == 0
+
+    - name: Install Docker if not present
+      block:
+        - name: Update apt cache
+          apt:
+            update_cache: yes
+
+        - name: Install prerequisites
+          apt:
+            name:
+              - apt-transport-https
+              - ca-certificates
+              - curl
+              - gnupg
+              - lsb-release
+            state: present
+
+        - name: Add Docker GPG key
+          apt_key:
+            url: https://download.docker.com/linux/ubuntu/gpg
+            state: present
+
+        - name: Add Docker repository
+          apt_repository:
+            repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
+            state: present
+
+        - name: Install Docker
+          apt:
+            name:
+              - docker-ce
+              - docker-ce-cli
+              - containerd.io
+            state: present
+            update_cache: yes
+      when: docker_check.rc != 0
+
+    # ==========================================
+    # 2. Configure Docker
+    # ==========================================
+
+    - name: Add deploy user to docker group
+      user:
+        name: "{{ app_user }}"
+        groups: docker
+        append: yes
+
+    - name: Ensure Docker service is enabled and started
+      systemd:
+        name: docker
+        enabled: yes
+        state: started
+
+    # ==========================================
+    # 3. Install Docker Compose Plugin
+    # ==========================================
+
+    - name: Check if Docker Compose plugin is installed
+      command: docker compose version
+      register: compose_check
+      changed_when: false
+      failed_when: false
+
+    - name: Display Docker Compose version
+      debug:
+        msg: "Docker Compose is already installed: {{ compose_check.stdout }}"
+      when: compose_check.rc == 0
+
+    # ==========================================
+    # 4. Configure Docker Daemon
+    # ==========================================
+
+    - name: Create Docker daemon configuration
+      copy:
+        dest: /etc/docker/daemon.json
+        content: |
+          {
+            "log-driver": "json-file",
+            "log-opts": {
+              "max-size": "10m",
+              "max-file": "3"
+            },
+            "live-restore": true
+          }
+        owner: root
+        group: root
+        mode: '0644'
+      notify: Restart Docker
+
+    # ==========================================
+    # 5. Firewall Configuration
+    # ==========================================
+
+    - name: Allow HTTP traffic
+      ufw:
+        rule: allow
+        port: '80'
+        proto: tcp
+
+    - name: Allow HTTPS traffic
+      ufw:
+        rule: allow
+        port: '443'
+        proto: tcp
+
+    # ==========================================
+    # 6. Verification
+    # ==========================================
+
+    - name: Get Docker info
+      command: docker info
+      register: docker_info
+      changed_when: false
+
+    - name: Get Docker Compose version
+      command: docker compose version
+      register: compose_version
+      changed_when: false
+
+    - name: Display setup summary
+      debug:
+        msg:
+          - "=========================================="
+          - "Docker Setup Complete"
+          - "=========================================="
+          - "Docker Version: {{ docker_check.stdout }}"
+          - "Docker Compose: {{ compose_version.stdout }}"
+          - "User '{{ app_user }}' added to docker group"
+          - "Firewall: HTTP (80) and HTTPS (443) allowed"
+          - "=========================================="
+          - ""
+          - "Next Steps:"
+          - "1. Log out and back in for docker group to take effect"
+          - "2. Run deployment playbook to start containers"
+
+  handlers:
+    - name: Restart Docker
+      systemd:
+        name: docker
+        state: restarted