apiservers.yml

# file: apiservers.yml
#
---
- name: Deploy API servers
  hosts: api
  roles:
    - role: geerlingguy.nodejs
      become: true
    - role: Oefenweb.yarn
      become: true
  vars:
    nodejs_version: "10.x"
    nodejs_npm_global_packages:
      - bunyan
      - pm2
    rciam_api:
      name: vomembers-api
      port: 8080
      path: /srv/comanage-registry-simple-membership-api/VoMembers/v1
      repo_url: https://github.com/grnet/comanage-registry-simple-membership-api.git
      repo_version: devel
      user:
        name: rciam-comanage-registry-api
        group: rciam-comanage-registry-api
        gecos: "RCIAM COmanage Registry API Server,,,"
        shell: /bin/bash
        home: /srv/comanage-registry-simple-membership-api

  tasks:
    - name: Ensure RCIAM API dependencies are installed
      become: true
      ansible.builtin.apt:
        name: git
        state: present
        install_recommends: false
        update_cache: true
        cache_valid_time: 86400


    - name: Ensure RCIAM COmanage Registry API group exists
      become: true
      ansible.builtin.group:
        name: "{{ rciam_api.user.group }}"
        system: true

    - name: Ensure RCIAM COmanage Registry API user exists
      become: true
      ansible.builtin.user:
        name: "{{ rciam_api.user.name }}"
        groups: "{{ rciam_api.user.group }}"
        comment: "{{ rciam_api.user.gecos }}"
        shell: "{{ rciam_api.user.shell }}"
        home: "{{ rciam_api.user.home }}"
        system: true
        create_home: true
        skeleton: "/empty"


    - name: Ensure RCIAM COmanage Registry API code checkout directory exists
      become: true
      ansible.builtin.file:
        path: "{{ rciam_api.path }}"
        owner: "{{ rciam_api.user.name }}"
        group: "{{ rciam_api.user.group }}"
        state: directory
        mode: "0775"


    - name: Ensure RCIAM COmanage Registry API code checkout is up-to-date
      become: true
      become_user: "{{ rciam_api.user.name }}"
      ansible.builtin.git:
        repo: "{{ rciam_api.repo_url }}"
        dest: "{{ rciam_api.path }}"
        version: "{{ rciam_api.repo_version }}"
      notify: Restart RCIAM COmanage Registry API processes

    # TODO- name: Ensure RCIAM COmanage Registry API current symlink to code checkout directory exists
    #  file:
    #    src: "{{ rciam_api.path }}"
    #    path: "{{ rciam_api.path }}/current"
    #    owner: "{{ rciam_api.user.name }}"
    #    group: "{{ rciam_api.user.group }}"
    #    state: link
    #  become: yes

    - name: Ensure RCIAM COmanage Registry API is configured
      become: true
      ansible.builtin.template:
        src: "{{ playbook_dir }}/templates/comanage-registry-simple-membership-api/settings.js.j2"
        dest: "{{ rciam_api.path }}/settings.js"
        owner: "{{ rciam_api.user.name }}"
        group: "{{ rciam_api.user.group }}"
        mode: "0400"
        backup: true
      notify: Restart RCIAM COmanage Registry API processes

    - name: Ensure RCIAM COmanage Registry API packages are installed
      become: true
      become_user: "{{ rciam_api.user.name }}"
      community.general.yarn:
        path: "{{ rciam_api.path }}"
        production: true

  handlers:
    - name: Delete existing RCIAM COmanage Registry API pm2 processes if running
      become: true
      become_user: "{{ rciam_api.user.name }}"
      ansible.builtin.command: # noqa: no-changed-when
        cmd: "/usr/local/lib/npm/bin/pm2 delete {{ rciam_api.name }}"
        chdir: "{{ rciam_api.path }}"
      ignore_errors: true  # noqa: ignore-errors
      # failed_when: # Add acceptable failure conditions
      listen: Restart RCIAM COmanage Registry API processes

    - name: Ensure RCIAM COmanage Registry API pm2 processes are running
      become: true
      become_user: "{{ rciam_api.user.name }}"
      ansible.builtin.command: # noqa: no-changed-when
        cmd: "/usr/local/lib/npm/bin/pm2 start server.js -i 2 --name {{ rciam_api.name }}"
        chdir: "{{ rciam_api.path }}"
      # changed_when: # Add acceptable change conditions to ensure idempotency
      listen: Restart RCIAM COmanage Registry API processes

    - name: Ensure RCIAM COmanage Registry API init script exists
      become: true
      ansible.builtin.command: # noqa: no-changed-when
        cmd: "/usr/local/lib/npm/lib/node_modules/pm2/bin/pm2 startup systemd -u {{ rciam_api.user.name }} --hp {{ rciam_api.user.home }}"
      # changed_when: # Add acceptable change conditions to ensure idempotency
      listen: Restart RCIAM COmanage Registry API processes

    - name: Ensure RCIAM COmanage Registry API process list is saved
      become: true
      become_user: "{{ rciam_api.user.name }}"
      ansible.builtin.command: # noqa: no-changed-when
        cmd: "/usr/local/lib/npm/lib/node_modules/pm2/bin/pm2 save"
        chdir: "{{ rciam_api.path }}"
      listen: Restart RCIAM COmanage Registry API processes
      # changed_when: # Add acceptable change conditions to ensure idempotency