adding testing scenarions

and fixes because of testing
wzzrd · Feb 16, 2024 · a2e32a9 · a2e32a9
1 parent 255fc51
commit a2e32a9
Show file tree

Hide file tree

Showing 20 changed files with 328 additions and 0 deletions.
diff --git a/roles/atuin_client/handlers/main.yml b/roles/atuin_client/handlers/main.yml
@@ -1,2 +1,10 @@
 ---
 # handlers file for atuin_client
+- name: Gather service facts
+  ansible.builtin.service_facts:
+
+- name: Restart atuin service
+  ansible.builtin.service:
+    name: atuin
+    state: restarted
+  when: ansible_facts.services["atuin.service"] is defined
diff --git a/roles/atuin_client/molecule/podman/molecule.yml b/roles/atuin_client/molecule/podman/molecule.yml
@@ -33,6 +33,7 @@ provisioner:
 verifier:
   name: ansible
 driver:
+  name: podman
   options:
     managed: true
     login_cmd_template: "podman exec -ti {instance} bash"

diff --git a/roles/atuin_client/tasks/main.yml b/roles/atuin_client/tasks/main.yml
@@ -69,6 +69,9 @@
         owner: root
         group: root
         mode: "0755"
+      notify:
+        - Gather service facts
+        - Restart atuin service
 
     - name: Remove download directory
       ansible.builtin.file:

diff --git a/roles/atuin_server/README.md b/roles/atuin_server/README.md
@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).
diff --git a/roles/atuin_server/defaults/main.yml b/roles/atuin_server/defaults/main.yml
@@ -0,0 +1,17 @@
+---
+# defaults file for atuin_server
+atuin_server_user: atuin
+atuin_server_group: atuin
+atuin_server_home: /home/atuin
+atuin_server_host: "{{ ansible_default_ipv4.address }}"
+atuin_server_port: 8888
+atuin_server_open_registration: false
+atuin_server_max_history_length: 8192
+atuin_server_max_record_size: 1073741824
+atuin_server_page_size: 1100
+atuin_server_enable_metrics: false
+atuin_server_metrics_host: 127.0.0.1
+atuin_server_metrics_port: 9001
+atuin_server_enable_tls: false
+atuin_server_cert_path: ""
+atuin_server_pkey_path: ""
diff --git a/roles/atuin_server/handlers/main.yml b/roles/atuin_server/handlers/main.yml
@@ -0,0 +1,9 @@
+---
+- name: "Restart atuin"
+  ansible.builtin.service:
+    name: atuin
+    state: restarted
+
+- name: "Reload systemd"
+  ansible.builtin.systemd:
+    daemon_reload: true
diff --git a/roles/atuin_server/meta/main.yml b/roles/atuin_server/meta/main.yml
@@ -0,0 +1,22 @@
+galaxy_info:
+  author: Maxim Burgerhout
+  description: Role to deploy the atuin shell history tool, server component
+  company: None
+
+  issue_tracker_url: https://github.com/wzzrd/ansible-collection-atuin/issues
+
+  license: BSD-3-Clause
+
+  min_ansible_version: "2.15"
+
+  platforms:
+    - name: EL
+      versions:
+        - "8"
+        - "9"
+
+  galaxy_tags:
+    - atuin
+
+dependencies:
+  - role: wzzrd.atuin.atuin_client
diff --git a/roles/atuin_server/molecule/default/converge.yml b/roles/atuin_server/molecule/default/converge.yml
@@ -0,0 +1,20 @@
+- name: Converge server
+  hosts: all
+  # We disable gather facts because it would fail due to our container not
+  # having python installed. This will not prevent use from running 'raw'
+  # commands. Most molecule users are expected to use containers that already
+  # have python installed in order to avoid notable delays installing it.
+  gather_facts: false
+  vars:
+    atuin_client_version: 18.0.1
+    atuin_server_db_uri: "postgres://atuin:atuin@{{ atuin_server_host }}/atuin"
+
+  pre_tasks:
+    - name: Gather required subset of facts
+      ansible.builtin.setup:
+        gather_subset:
+          - '!all'
+          - default_ipv4
+
+  roles:
+    - role: atuin_server
diff --git a/roles/atuin_server/molecule/default/molecule.yml b/roles/atuin_server/molecule/default/molecule.yml
@@ -0,0 +1,41 @@
+---
+dependency:
+  name: galaxy
+  options:
+    requirements-file: requirements.yml
+platforms:
+  - name: ubi8
+    image: ubi8/ubi-init
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    command: "/usr/sbin/init"
+    extra_opts:
+      - --arch=x86_64
+  - name: ubi9
+    image: ubi9/ubi-init
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    command: "/usr/sbin/init"
+    extra_opts:
+      - --arch=x86_64
+provisioner:
+  name: ansible
+  inventory:
+    host_vars:
+      ubi8:
+        atuin_client_libc_variant: "musl"
+      ubi9:
+        atuin_client_libc_variant: "gnu"
+verifier:
+  name: ansible
+driver:
+  name: podman
+  options:
+    managed: true
+    login_cmd_template: "podman exec -ti {instance} bash"
+    ansible_connection_options:
+      ansible_connection: podman
diff --git a/roles/atuin_server/molecule/default/prepare.yml b/roles/atuin_server/molecule/default/prepare.yml
@@ -0,0 +1,10 @@
+- name: Prepare containers for molecule tests
+  hosts: ubi8
+  gather_facts: false
+  tasks:
+    - name: Install packages for during tests
+      ansible.builtin.package:
+        name: "{{ item }}"
+        state: present
+      loop:
+        - iproute
diff --git a/roles/atuin_server/molecule/default/requirements.yml b/roles/atuin_server/molecule/default/requirements.yml
@@ -0,0 +1,2 @@
+collections:
+  - containers.podman
diff --git a/roles/atuin_server/molecule/default/verify.yml b/roles/atuin_server/molecule/default/verify.yml
@@ -0,0 +1,30 @@
+- name: Verify
+  hosts: all
+  # We disable gather facts because it would fail due to our container not
+  # having python installed. This will not prevent use from running 'raw'
+  # commands. Most molecule users are expected to use containers that already
+  # have python installed in order to avoid notable delays installing it.
+  gather_facts: false
+
+  tasks:
+    - name: Check if atuin server config exists
+      block:
+        - name: Check for existence of server configuration file
+          ansible.builtin.stat:
+            path: "{{ atuin_server_home }}/.config/atuin/server.toml"
+          register: atuin_server_config_stat_result
+
+        - name: Verify result of previous task
+          ansible.builtin.assert:
+            that:
+              - atuin_server_config_stat_result.stat.exists
+
+        - name: Check for existence of systemd unit file
+          ansible.builtin.stat:
+            path: /etc/systemd/system/atuin.service
+          register: atuin_server_unit_stat_result
+
+        - name: Verify result of previous task
+          ansible.builtin.assert:
+            that:
+              - atuin_server_unit_stat_result.stat.exists
diff --git a/roles/atuin_server/tasks/create_user.yml b/roles/atuin_server/tasks/create_user.yml
@@ -0,0 +1,15 @@
+---
+- name: "Create atuin group"
+  ansible.builtin.group:
+    name: "{{ atuin_server_group }}"
+    system: true
+    state: "present"
+
+- name: "Create atuin user"
+  ansible.builtin.user:
+    name: "{{ atuin_server_user }}"
+    comment: "atuin server user"
+    group: "{{ atuin_server_group }}"
+    home: "{{ atuin_server_home }}"
+    shell: /sbin/nologin
+    system: true
diff --git a/roles/atuin_server/tasks/main.yml b/roles/atuin_server/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+# tasks file for atuin_server
+- name: Include user creation tasks
+  ansible.builtin.include_tasks: create_user.yml
+
+- name: "Create atuin home directory"
+  ansible.builtin.file:
+    path: "{{ atuin_server_home }}"
+    state: directory
+    owner: "{{ atuin_server_user }}"
+    group: "{{ atuin_server_group }}"
+    mode: '0755'
+
+- name: Include systemd unit file tasks
+  ansible.builtin.include_tasks: systemd_unit.yml
+
+- name: "Create atuin config directory"
+  ansible.builtin.file:
+    path: "{{ atuin_server_home }}/.config/atuin"
+    state: directory
+    owner: "{{ atuin_server_user }}"
+    group: "{{ atuin_server_group }}"
+    mode: "0750"
+
+- name: "Configure atuin"
+  ansible.builtin.template:
+    src: server.toml.j2
+    dest: "{{ atuin_server_home }}/.config/atuin/server.toml"
+    owner: "{{ atuin_server_user }}"
+    group: "{{ atuin_server_group }}"
+    mode: "0600"
+  notify: "Restart atuin"
+
+- name: "Service atuin"
+  ansible.builtin.service:
+    name: atuin
+    state: started
+    enabled: true
diff --git a/roles/atuin_server/tasks/systemd_unit.yml b/roles/atuin_server/tasks/systemd_unit.yml
@@ -0,0 +1,15 @@
+---
+- name: "Setup systemd service"
+  ansible.builtin.template:
+    src: atuin.service.j2
+    dest: /etc/systemd/system/atuin.service
+    owner: root
+    group: root
+    mode: "0644"
+  notify:
+    - "Reload systemd"
+    - "Restart atuin"
+
+- name: "Reload systemd"
+  ansible.builtin.systemd:
+    daemon_reload: true
diff --git a/roles/atuin_server/templates/atuin.service.j2 b/roles/atuin_server/templates/atuin.service.j2
@@ -0,0 +1,14 @@
+# {{ ansible_managed }}
+[Unit]
+Description=Atuin server
+After=network.target
+
+[Service]
+User={{ atuin_server_user }}
+Group={{ atuin_server_group }}
+ExecStart=/usr/local/bin/atuin server start
+Restart=on-failure
+WorkingDirectory={{ atuin_server_home }}
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/atuin_server/templates/server.toml.j2 b/roles/atuin_server/templates/server.toml.j2
@@ -0,0 +1,36 @@
+## {{ ansible_managed }}
+
+## host to bind, can also be passed via CLI args
+host = "{{ atuin_server_host }}"
+
+## port to bind, can also be passed via CLI args
+port = "{{ atuin_server_port }}"
+
+## whether to allow anyone to register an account
+open_registration = {{ atuin_server_open_registration | string | lower }}
+
+## URI for postgres (using development creds here)
+db_uri="{{ atuin_server_db_uri }}"
+
+## Maximum size for one history entry
+max_history_length = {{ atuin_server_max_history_length }}
+
+## Maximum size for one record entry
+## 1024 * 1024 * 1024
+max_record_size = {{ atuin_server_max_record_size }}
+
+## Webhook to be called when user registers on the servers
+# register_webhook_username = ""
+
+## Default page size for requests
+page_size = {{ atuin_server_page_size }}
+
+[metrics]
+enable = {{ atuin_server_enable_metrics | string | lower }}
+host = "{{ atuin_server_metrics_host }}"
+port = "{{ atuin_server_metrics_port }}"
+
+[tls]
+enable = {{ atuin_server_enable_tls | string | lower }}
+cert_path = "{{ atuin_server_cert_path }}"
+pkey_path = "{{ atuin_server_pkey_path }}"
diff --git a/roles/atuin_server/tests/inventory b/roles/atuin_server/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/atuin_server/tests/test.yml b/roles/atuin_server/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - atuin_server
diff --git a/roles/atuin_server/vars/main.yml b/roles/atuin_server/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for atuin_server