From 517ecbf0d15c855f29165a8b01a64623e8e3d6fb Mon Sep 17 00:00:00 2001 From: Michael Collins Date: Wed, 18 Aug 2021 21:07:44 +0800 Subject: [PATCH] move delete-subscription to deploy --- .../matrix-awx/tasks/delete_awx_templates.yml | 308 ++++++++++++++++++ roles/matrix-awx/tasks/delete_mailgun.yml | 14 + roles/matrix-awx/tasks/delete_server.yml | 42 +++ .../tasks/delete_server_directory.yml | 5 + roles/matrix-awx/tasks/main.yml | 38 ++- 5 files changed, 406 insertions(+), 1 deletion(-) create mode 100755 roles/matrix-awx/tasks/delete_awx_templates.yml create mode 100644 roles/matrix-awx/tasks/delete_mailgun.yml create mode 100755 roles/matrix-awx/tasks/delete_server.yml create mode 100755 roles/matrix-awx/tasks/delete_server_directory.yml diff --git a/roles/matrix-awx/tasks/delete_awx_templates.yml b/roles/matrix-awx/tasks/delete_awx_templates.yml new file mode 100755 index 00000000..11784dac --- /dev/null +++ b/roles/matrix-awx/tasks/delete_awx_templates.yml @@ -0,0 +1,308 @@ + +- name: Install jq in AWX + delegate_to: 127.0.0.1 + yum: + name: jq + state: latest + +- name: Collect AWX admin token the hard way! + delegate_to: 127.0.0.1 + shell: | + curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g' + register: tower_token + no_log: True + +- name: Remove original 'Provision Server' job template + awx.awx.tower_job_template: + name: "0 - {{ subscription_id }} - Provision a New Server" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + +- name: Remove 'Provision Wireguard Server' job template + awx.awx.tower_job_template: + name: "0 - {{ subscription_id }} - Provision Wireguard Server" + job_type: run + project: "Ansible Create Delete Subscription Membership" + playbook: setup_wireguard_server.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + +- name: Remove schedule for 'Deploy a New Server' job template + awx.awx.tower_schedule: + name: "{{ matrix_domain }} - 0 - Update Server Schedule" + enabled: yes + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Backup Server' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 0 - Backup Server" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Export Server' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 0 - Export Server" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Deploy/Update a Server' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 0 - Deploy/Update a Server" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Self-Check' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 0 - Self-Check" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Start/Restart all Services' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 0 - Start/Restart all Services" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Stop all Services' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 0 - Stop all Services" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Corporal (Advanced)' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Corporal (Advanced)" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Dimension' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Dimension" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Element' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Element" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Element Subdomain' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Element Subdomain" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Email Relay' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Email Relay" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Jitsi' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Jitsi" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure ma1sd (Advanced)' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure ma1sd (Advanced)" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Synapse' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Synapse" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Synapse Admin' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Synapse Admin" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Access Export' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Access Export" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Configure Website + Access Export' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 1 - Configure Website + Access Export" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Create User' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 2 - Create User" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Purge Media (Advanced)' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 2 - Purge Media (Advanced)" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove 'Purge Database (Advanced)' job template + awx.awx.tower_job_template: + name: "{{ matrix_domain }} - 2 - Purge Database (Advanced)" + job_type: run + project: "{{ member_id }} - Matrix Docker Ansible Deploy" + playbook: setup.yml + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove Matrix server from organisations inventory + awx.awx.tower_host: + name: "matrix.{{ matrix_domain }}" + description: "{{ matrix_domain }} Matrix Server" + inventory: "{{ member_id }}" + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + +- name: Remove Wireguard Server from organisations inventory + awx.awx.tower_host: + name: "wireguard.{{ matrix_domain }}" + description: "{{ matrix_domain }} Wireguard Proxy" + inventory: "{{ member_id }}" + state: absent + tower_host: "https://{{ tower_host }}" + tower_oauthtoken: "{{ tower_token.stdout }}" + validate_certs: yes + when: matrix_domain is defined + diff --git a/roles/matrix-awx/tasks/delete_mailgun.yml b/roles/matrix-awx/tasks/delete_mailgun.yml new file mode 100644 index 00000000..465bbede --- /dev/null +++ b/roles/matrix-awx/tasks/delete_mailgun.yml @@ -0,0 +1,14 @@ + +- name: Include matrix server variables from matrix_vars.yml + include_vars: "{{ item }}" + with_first_found: + - files: + - /var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml + skip: true + no_log: True + +- name: Delete MailGun SMTP login + shell: | + curl -s --user 'api:{{ mg_private_api_key }}' -X DELETE https://{{ mg_api_url }}/v3/domains/{{ mg_sender_domain }}/credentials/{{ matrix_domain }} + when: matrix_domain is defined + no_log: True diff --git a/roles/matrix-awx/tasks/delete_server.yml b/roles/matrix-awx/tasks/delete_server.yml new file mode 100755 index 00000000..63e21541 --- /dev/null +++ b/roles/matrix-awx/tasks/delete_server.yml @@ -0,0 +1,42 @@ + + +- name: Include hosting vars of digital_ocean.yml + include_vars: + file: /var/lib/awx/projects/hosting/hosting_vars.yml + no_log: True + +- name: Load vars from organisation.yml + include_vars: + file: '/var/lib/awx/projects/clients/{{ member_id }}/organisation.yml' + +- name: Load vars from server_vars.yml + include_vars: + file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/server_vars.yml' + ignore_errors: yes + +- name: Remove existing Digital Ocean Droplet + community.digitalocean.digital_ocean_droplet: + # needs ansible 2.8+ (AWX uses 2.9.10 at ) + state: absent + id: '{{ do_droplet_id }}' + name: '{{ matrix_domain }}' + oauth_token: '{{ do_api_token }}' + size: '{{ slug_size }}' + region: '{{ do_droplet_region }}' + image: '{{ do_image }}' + wait: yes + unique_name: yes + register: deleted_server_info + when: do_droplet_id is defined + +- debug: + msg: "{{ deleted_server_info }}" + when: do_droplet_id is defined + +#- name: Delete fake DNS record for faster testing +# delegate_to: 127.0.0.1 +# shell: | +# sed -i -c '/{{ matrix_domain }}/d' /etc/hosts + +# Doesn't allow letsencrypt to generate certs :S + diff --git a/roles/matrix-awx/tasks/delete_server_directory.yml b/roles/matrix-awx/tasks/delete_server_directory.yml new file mode 100755 index 00000000..f7145b50 --- /dev/null +++ b/roles/matrix-awx/tasks/delete_server_directory.yml @@ -0,0 +1,5 @@ + +- name: Delete the servers directory on AWX + file: + path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/' + state: absent diff --git a/roles/matrix-awx/tasks/main.yml b/roles/matrix-awx/tasks/main.yml index 6e192ce0..8f34fab5 100755 --- a/roles/matrix-awx/tasks/main.yml +++ b/roles/matrix-awx/tasks/main.yml @@ -25,7 +25,43 @@ when: run_setup|bool and matrix_awx_enabled|bool tags: - backup-server - + +# Delete DigitalOcean Droplet/Space +- include_tasks: + file: "delete_server.yml" + apply: + tags: delete-subscription + when: run_setup|bool and matrix_awx_enabled|bool + tags: + - delete-subscription + +# Delete MailGun SMTP Account +- include_tasks: + file: "delete_mailgun.yml" + apply: + tags: delete-subscription + when: run_setup|bool and matrix_awx_enabled|bool + tags: + - delete-subscription + +# Delete AWX Job Templates for Server +- include_tasks: + file: "delete_awx_templates.yml" + apply: + tags: delete-subscription + when: run_setup|bool and matrix_awx_enabled|bool + tags: + - delete-subscription + +# Delete Organisation Directories +- include_tasks: + file: "delete_server_directory.yml" + apply: + tags: delete-subscription + when: run_setup|bool and matrix_awx_enabled|bool + tags: + - delete-subscription + # Perform a export of the server - include_tasks: file: "export_server.yml"