michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8f3c15ddbbf9f18199a26f5b1a45a9505230746e
michaelschiemer/deployment/ansible/playbooks/README.md
Michael Schiemer 8f3c15ddbb fix(console): comprehensive TUI rendering fixes 
- Fix Enter key detection: handle multiple Enter key formats (\n, \r, \r\n)
- Reduce flickering: lower render frequency from 60 FPS to 30 FPS
- Fix menu bar visibility: re-render menu bar after content to prevent overwriting
- Fix content positioning: explicit line positioning for categories and commands
- Fix line shifting: clear lines before writing, control newlines manually
- Limit visible items: prevent overflow with maxVisibleCategories/Commands
- Improve CPU usage: increase sleep interval when no events processed

This fixes:
- Enter key not working for selection
- Strong flickering of the application
- Menu bar not visible or being overwritten
- Top half of selection list not displayed
- Lines being shifted/misaligned
2025-11-10 11:06:07 +01:00

302 lines
13 KiB
Markdown
Raw Blame History

# Ansible Playbooks - Übersicht
## Neue Struktur
Die Playbooks wurden reorganisiert in eine klare Verzeichnisstruktur:
```
playbooks/
├── setup/ # Initial Setup
│ ├── infrastructure.yml
│ ├── gitea.yml
│ └── ssl.yml
├── deploy/ # Deployment
│ ├── complete.yml
│ ├── image.yml
│ └── code.yml
├── manage/ # Management (konsolidiert)
│ ├── traefik.yml
│ ├── gitea.yml
│ └── application.yml
├── diagnose/ # Diagnose (konsolidiert)
│ ├── gitea.yml
│ ├── traefik.yml
│ └── application.yml
└── maintenance/ # Wartung
├── backup.yml
├── backup-before-redeploy.yml
├── cleanup.yml
├── rollback-redeploy.yml
└── system.yml
```
## Verfügbare Playbooks
> **Hinweis**: Die meisten Playbooks wurden in wiederverwendbare Roles refactored. Die Playbooks sind jetzt Wrapper, die die entsprechenden Role-Tasks aufrufen. Dies verbessert Wiederverwendbarkeit, Wartbarkeit und folgt Ansible Best Practices.
### Setup (Initial Setup)
- **`setup/infrastructure.yml`** - Deployed alle Stacks (Traefik, PostgreSQL, Redis, Registry, Gitea, Monitoring, Production)
- **`setup/gitea.yml`** - Setup Gitea Initial Configuration (Wrapper für `gitea` Role, `tasks_from: setup`)
- **`setup/ssl.yml`** - SSL Certificate Setup (Wrapper für `traefik` Role, `tasks_from: ssl`)
- **`setup/redeploy-traefik-gitea-clean.yml`** - Clean redeployment of Traefik and Gitea stacks
- **`setup/REDEPLOY_GUIDE.md`** - Step-by-step guide for redeployment
### Deployment
- **`deploy/complete.yml`** - Complete deployment (code + image + dependencies)
- **`deploy/image.yml`** - Docker Image Deployment (wird von CI/CD Workflows verwendet)
- **`deploy/code.yml`** - Deploy Application Code via Git (Wrapper für `application` Role, `tasks_from: deploy_code`)
### Management (Konsolidiert)
#### Traefik Management
- **`manage/traefik.yml`** - Consolidated Traefik management
- `--tags stabilize`: Fix acme.json, ensure running, monitor stability
- `--tags disable-auto-restart`: Check and document auto-restart mechanisms
- **`restart-traefik.yml`** - Restart Traefik Container (Wrapper für `traefik` Role, `tasks_from: restart`)
- **`recreate-traefik.yml`** - Recreate Traefik Container (Wrapper für `traefik` Role, `tasks_from: restart` mit `traefik_restart_action: recreate`)
- **`deploy-traefik-config.yml`** - Deploy Traefik Configuration Files (Wrapper für `traefik` Role, `tasks_from: config`)
- **`check-traefik-acme-logs.yml`** - Check Traefik ACME Challenge Logs (Wrapper für `traefik` Role, `tasks_from: logs`)
#### Gitea Management
- **`manage/gitea.yml`** - Consolidated Gitea management
- `--tags restart`: Restart Gitea container
- `--tags fix-timeouts`: Restart Gitea and Traefik to fix timeouts
- `--tags fix-ssl`: Fix SSL/routing issues
- `--tags fix-servers-transport`: Update ServersTransport configuration
- `--tags complete`: Complete fix (stop runner, restart services, verify)
- **`check-and-restart-gitea.yml`** - Check and Restart Gitea if Unhealthy (Wrapper für `gitea` Role, `tasks_from: restart`)
- **`fix-gitea-runner-config.yml`** - Fix Gitea Runner Configuration (Wrapper für `gitea` Role, `tasks_from: runner` mit `gitea_runner_action: fix`)
- **`register-gitea-runner.yml`** - Register Gitea Runner (Wrapper für `gitea` Role, `tasks_from: runner` mit `gitea_runner_action: register`)
- **`update-gitea-config.yml`** - Update Gitea Configuration (Wrapper für `gitea` Role, `tasks_from: config`)
- **`setup-gitea-repository.yml`** - Setup Gitea Repository (Wrapper für `gitea` Role, `tasks_from: repository`)
#### Application Management
- **`manage/application.yml`** - Consolidated application management (to be created)
- **`sync-application-code.yml`** - Synchronize Application Code via Rsync (Wrapper für `application` Role, `tasks_from: deploy_code` mit `application_deployment_method: rsync`)
- **`install-composer-dependencies.yml`** - Install Composer Dependencies (Wrapper für `application` Role, `tasks_from: composer`)
- **`check-container-status.yml`** - Check Container Status (Wrapper für `application` Role, `tasks_from: health_check`)
- **`check-container-logs.yml`** - Check Container Logs (Wrapper für `application` Role, `tasks_from: logs`)
- **`check-worker-logs.yml`** - Check Worker and Scheduler Logs (Wrapper für `application` Role, `tasks_from: logs` mit `application_logs_check_vendor: true`)
- **`check-final-status.yml`** - Check Final Container Status (Wrapper für `application` Role, `tasks_from: health_check` mit `application_health_check_final: true`)
- **`fix-container-issues.yml`** - Fix Container Issues (Wrapper für `application` Role, `tasks_from: containers` mit `application_container_action: fix`)
- **`fix-web-container.yml`** - Fix Web Container Permissions (Wrapper für `application` Role, `tasks_from: containers` mit `application_container_action: fix-web`)
- **`recreate-containers-with-env.yml`** - Recreate Containers with Environment Variables (Wrapper für `application` Role, `tasks_from: containers` mit `application_container_action: recreate-with-env`)
- **`sync-and-recreate-containers.yml`** - Sync and Recreate Containers (Wrapper für `application` Role, `tasks_from: containers` mit `application_container_action: sync-recreate`)
### Diagnose (Konsolidiert)
#### Gitea Diagnose
- **`diagnose/gitea.yml`** - Consolidated Gitea diagnosis
- Basic checks (always): Container status, health endpoints, network connectivity, service discovery
- `--tags deep`: Resource usage, multiple connection tests, log analysis
- `--tags complete`: All checks including app.ini, ServersTransport, etc.
#### Traefik Diagnose
- **`diagnose/traefik.yml`** - Consolidated Traefik diagnosis
- Basic checks (always): Container status, restart count, recent logs
- `--tags restart-source`: Find source of restart loops (cronjobs, systemd, scripts)
- `--tags monitor`: Monitor for restarts over time
### Maintenance
- **`maintenance/backup.yml`** - Erstellt Backups von PostgreSQL, Application Data, Gitea, Registry
- **`maintenance/backup-before-redeploy.yml`** - Backup before redeploy (Gitea data, SSL certificates, configurations)
- **`maintenance/rollback-redeploy.yml`** - Rollback from redeploy backup
- **`maintenance/cleanup.yml`** - Stoppt und entfernt alle Container, bereinigt Netzwerke und Volumes (für vollständigen Server-Reset)
- **`maintenance/system.yml`** - System-Updates, Unattended-Upgrades, Docker-Pruning
- **`rollback.yml`** - Rollback zu vorheriger Version
### WireGuard
- **`generate-wireguard-client.yml`** - Generiert WireGuard Client-Config
- **`wireguard-routing.yml`** - Konfiguriert WireGuard Routing
- **`setup-wireguard-host.yml`** - WireGuard VPN Setup
### Initial Deployment
- **`build-initial-image.yml`** - Build und Push des initialen Docker Images (für erstes Deployment)
### CI/CD & Development
- **`setup-gitea-runner-ci.yml`** - Gitea Runner CI Setup
- **`install-docker.yml`** - Docker Installation auf Server
## Entfernte/Konsolidierte Playbooks
Die folgenden Playbooks wurden konsolidiert oder entfernt:
### Konsolidiert in `diagnose/gitea.yml`:
- ~~`diagnose-gitea-timeouts.yml`~~
- ~~`diagnose-gitea-timeout-deep.yml`~~
- ~~`diagnose-gitea-timeout-live.yml`~~
- ~~`diagnose-gitea-timeouts-complete.yml`~~
- ~~`comprehensive-gitea-diagnosis.yml`~~
### Konsolidiert in `manage/gitea.yml`:
- ~~`fix-gitea-timeouts.yml`~~
- ~~`fix-gitea-traefik-connection.yml`~~
- ~~`fix-gitea-ssl-routing.yml`~~
- ~~`fix-gitea-servers-transport.yml`~~
- ~~`fix-gitea-complete.yml`~~
- ~~`restart-gitea-complete.yml`~~
- ~~`restart-gitea-with-cache.yml`~~
### Konsolidiert in `diagnose/traefik.yml`:
- ~~`diagnose-traefik-restarts.yml`~~
- ~~`find-traefik-restart-source.yml`~~
- ~~`monitor-traefik-restarts.yml`~~
- ~~`monitor-traefik-continuously.yml`~~
- ~~`verify-traefik-fix.yml`~~
### Konsolidiert in `manage/traefik.yml`:
- ~~`stabilize-traefik.yml`~~
- ~~`disable-traefik-auto-restarts.yml`~~
### Entfernt (veraltet/redundant):
- ~~`update-gitea-traefik-service.yml`~~ - Deprecated (wie in Code dokumentiert)
- ~~`ensure-gitea-traefik-discovery.yml`~~ - Redundant
- ~~`test-gitea-after-fix.yml`~~ - Temporär
- ~~`find-ansible-automation-source.yml`~~ - Temporär
### Verschoben:
- `setup-infrastructure.yml``setup/infrastructure.yml`
- `deploy-complete.yml``deploy/complete.yml`
- `deploy-image.yml``deploy/image.yml`
- `deploy-application-code.yml``deploy/code.yml`
- `setup-ssl-certificates.yml``setup/ssl.yml`
- `setup-gitea-initial-config.yml``setup/gitea.yml`
- `cleanup-all-containers.yml``maintenance/cleanup.yml`
## Verwendung
### Standard-Verwendung
```bash
cd deployment/ansible
ansible-playbook -i inventory/production.yml playbooks/<playbook>.yml --vault-password-file secrets/.vault_pass
```
### Konsolidierte Playbooks mit Tags
**Gitea Diagnose:**
```bash
# Basic diagnosis (default)
ansible-playbook -i inventory/production.yml playbooks/diagnose/gitea.yml --vault-password-file secrets/.vault_pass
# Deep diagnosis
ansible-playbook -i inventory/production.yml playbooks/diagnose/gitea.yml --tags deep --vault-password-file secrets/.vault_pass
# Complete diagnosis
ansible-playbook -i inventory/production.yml playbooks/diagnose/gitea.yml --tags complete --vault-password-file secrets/.vault_pass
```
**Gitea Management:**
```bash
# Restart Gitea
ansible-playbook -i inventory/production.yml playbooks/manage/gitea.yml --tags restart --vault-password-file secrets/.vault_pass
# Fix timeouts
ansible-playbook -i inventory/production.yml playbooks/manage/gitea.yml --tags fix-timeouts --vault-password-file secrets/.vault_pass
# Complete fix
ansible-playbook -i inventory/production.yml playbooks/manage/gitea.yml --tags complete --vault-password-file secrets/.vault_pass
```
**Traefik Diagnose:**
```bash
# Basic diagnosis
ansible-playbook -i inventory/production.yml playbooks/diagnose/traefik.yml --vault-password-file secrets/.vault_pass
# Find restart source
ansible-playbook -i inventory/production.yml playbooks/diagnose/traefik.yml --tags restart-source --vault-password-file secrets/.vault_pass
# Monitor restarts
ansible-playbook -i inventory/production.yml playbooks/diagnose/traefik.yml --tags monitor --vault-password-file secrets/.vault_pass
```
**Traefik Management:**
```bash
# Stabilize Traefik
ansible-playbook -i inventory/production.yml playbooks/manage/traefik.yml --tags stabilize --vault-password-file secrets/.vault_pass
```
**Redeploy:**
```bash
# With automatic backup
ansible-playbook -i inventory/production.yml playbooks/setup/redeploy-traefik-gitea-clean.yml --vault-password-file secrets/.vault_pass
# With existing backup
ansible-playbook -i inventory/production.yml playbooks/setup/redeploy-traefik-gitea-clean.yml \
--vault-password-file secrets/.vault_pass \
-e "backup_name=redeploy-backup-1234567890" \
-e "skip_backup=true"
```
**Rollback:**
```bash
ansible-playbook -i inventory/production.yml playbooks/maintenance/rollback-redeploy.yml \
--vault-password-file secrets/.vault_pass \
-e "backup_name=redeploy-backup-1234567890"
```
### Role-basierte Playbooks
Die meisten Playbooks sind jetzt Wrapper, die Roles verwenden. Die Funktionalität bleibt gleich, aber die Implementierung ist jetzt in wiederverwendbaren Roles organisiert:
**Beispiel: Traefik Restart**
```bash
# Alte Methode (funktioniert noch, ruft jetzt aber die Role auf):
ansible-playbook -i inventory/production.yml playbooks/restart-traefik.yml --vault-password-file secrets/.vault_pass
# Direkte Role-Verwendung (alternative Methode):
ansible-playbook -i inventory/production.yml -e "traefik_restart_action=restart" -e "traefik_show_status=true" playbooks/restart-traefik.yml
```
**Beispiel: Gitea Runner Fix**
```bash
ansible-playbook -i inventory/production.yml playbooks/fix-gitea-runner-config.yml --vault-password-file secrets/.vault_pass
```
**Beispiel: Application Code Deployment**
```bash
# Git-basiert (Standard):
ansible-playbook -i inventory/production.yml playbooks/deploy/code.yml \
-e "deployment_environment=staging" \
-e "git_branch=staging" \
--vault-password-file secrets/.vault_pass
# Rsync-basiert (für Initial Deployment):
ansible-playbook -i inventory/production.yml playbooks/sync-application-code.yml \
--vault-password-file secrets/.vault_pass
```
## Role-Struktur
Die Playbooks verwenden jetzt folgende Roles:
### `traefik` Role
- **Tasks**: `restart`, `config`, `logs`, `ssl`
- **Location**: `roles/traefik/tasks/`
- **Defaults**: `roles/traefik/defaults/main.yml`
### `gitea` Role
- **Tasks**: `restart`, `runner`, `config`, `setup`, `repository`
- **Location**: `roles/gitea/tasks/`
- **Defaults**: `roles/gitea/defaults/main.yml`
### `application` Role
- **Tasks**: `deploy_code`, `composer`, `containers`, `health_check`, `logs`, `deploy`
- **Location**: `roles/application/tasks/`
- **Defaults**: `roles/application/defaults/main.yml`
## Vorteile der neuen Struktur
1. **Klarheit**: Klare Verzeichnisstruktur nach Funktion
2. **Konsolidierung**: Redundante Playbooks zusammengeführt
3. **Tags**: Selektive Ausführung mit Tags
4. **Wiederverwendbarkeit**: Tasks können in mehreren Playbooks genutzt werden
5. **Wartbarkeit**: Änderungen zentral in Roles
6. **Best Practices**: Folgt Ansible-Empfehlungen
Reference in New Issue View Git Blame Copy Permalink