add coseeing (#22)

* Add coseeing-fe

* Update

* Fix typo

* Update

* Update

* Update env

Author: AnsonShie

.github/workflows/ansible.yml

@@ -19,6 +19,8 @@ on:
         options:
           - a11yvillage-be
           - a11yvillage-fe
+          - coseeing-fe
+          - coseeing-be
 
 jobs:
   deploy:

ansible_yaml/coseeing-be-playbook.yml

@@ -0,0 +1,189 @@
+- name: Show Docker Compose Running Status
+  hosts: all
+  become: true
+  become_user: root
+  vars:
+    deploy_tag: ${{ github.event.inputs.deployTag }}
+    docker_compose_dir: /data/coseeing-server
+    secret_name: prod/rdsuser/coseeing
+    secret_region: ap-northeast-1
+    webroot_path: '/var/www/html'  # the root path of your site
+    certbot_source_directory: /usr/local/certbot-src
+    certbot_executable_path: "{{ certbot_source_directory }}/venv/bin/certbot"
+    domain: api.coseeing.org
+    email: tsengwoody@coseeing.org
+    ecr_location: 622913514517.dkr.ecr.ap-northeast-1.amazonaws.com
+    image_name: "{{ ecr_location }}/coseeing-be:{{ deploy_tag }}"
+  collections:
+    - community.docker
+    - community.aws
+  tasks:
+
+    - name: Set ansible_python_interpreter to use the installed Python
+      set_fact:
+        ansible_python_interpreter: /usr/bin/python3
+
+    - name: Update apt repo and cache on all Debian/Ubuntu boxes
+      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
+      become: true
+
+    - name: Upgrade all apt packages
+      apt: upgrade=yes force_apt_get=yes
+      become: true
+
+    - name: Install Python pip
+      apt: name={{ item }} update_cache=true state=present force_apt_get=yes
+      with_items:
+        - python3-pip
+      become: true
+
+    - name: Install Python packages using apt
+      apt:
+        name:
+          - python3-docker
+          - python3-boto3
+          - python3-botocore
+          - python3-venv
+          - gcc
+          - libaugeas0
+          - libssl-dev
+          - libffi-dev
+          - ca-certificates
+          - openssl
+          - git
+        state: present
+        update_cache: yes
+      become: true
+
+    - name: Get info from AWS secret manager
+      set_fact:
+        secret_data: "{{ lookup('amazon.aws.aws_secret', secret_name, region=secret_region) | from_json }}"
+
+    - name: Set fact from secret_json 
+      set_fact:
+        SECRET_KEY: "{{ secret_data.SECRET_KEY }}"
+        MARIADB_USER: "{{ secret_data.username }}"
+        MARIADB_PASSWORD: "{{ secret_data.password }}"
+        MARIADB_HOST: "{{ secret_data.host }}"
+        MARIADB_PORT: "{{ secret_data.port }}"
+        MARIADB_DATABASE: "{{ secret_data.database }}"
+
+    - name: Ensure docker compose directory exists
+      file:
+        path: "{{ docker_compose_dir }}"
+        state: directory
+        mode: '0755'
+      become: true
+
+    - name: Ensure docker compose directory exists
+      file:
+        path: "{{ docker_compose_dir }}/data"
+        state: directory
+        mode: '0755'
+      become: true
+
+    - name: Create .env file
+      copy:
+        dest: "{{ docker_compose_dir }}/.env"
+        content: |
+          SECRET_KEY={{ SECRET_KEY }}
+          MARIADB_USER={{ MARIADB_USER }}
+          MARIADB_PASSWORD={{ MARIADB_PASSWORD }}
+          MARIADB_HOST={{ MARIADB_HOST }}
+          MARIADB_PORT={{ MARIADB_PORT }}
+          MARIADB_DATABASE={{ MARIADB_DATABASE }}
+          ALLOWED_HOSTS=*
+          HOST=https://coseeing.org
+
+    - name: Copy docker-compose.yml Document
+      copy:
+        dest: "{{ docker_compose_dir }}/docker-compose.yml"
+        content: |
+          services:
+            coseeing-server:
+              container_name: coseeing-server
+              image: {{ image_name }}
+              restart: always
+              volumes:
+                - my-volume:/app/data
+              networks:
+                - default
+                - entry
+              labels:
+                - "traefik.enable=true"
+                - "traefik.http.routers.api-coseeing.rule=Host(`api.coseeing.org`)"
+                - "traefik.http.routers.api-coseeing.entrypoints=websecure"
+                - "traefik.http.routers.api-coseeing.tls.certresolver=api-coseeing"
+                - "traefik.docker.network=entry"
+              deploy:
+                resources:
+                  limits:
+                    cpus: '0.20'
+                    memory: 0.3G
+              command: ["sh", "-c", "python manage.py runserver 0.0.0.0:8000"]
+              environment:
+                - SECRET_KEY=${SECRET_KEY}
+                - MARIADB_USER=${MARIADB_USER}
+                - MARIADB_PASSWORD=${MARIADB_PASSWORD}
+                - MARIADB_HOST=${MARIADB_HOST}
+                - MARIADB_PORT=${MARIADB_PORT}
+                - MARIADB_DATABASE=${MARIADB_DATABASE}
+                - ALLOWED_HOSTS=${ALLOWED_HOSTS}
+                - HOST=${HOST}
+
+          volumes:
+            my-volume:
+              driver: local
+              driver_opts:
+                type: none
+                device: data
+                o: bind
+
+          networks:
+            entry:
+              driver: bridge
+              name: entry
+
+    - name: Update the repository cache and update package "unzip" to latest version using default
+      apt:
+        name: unzip
+        state: latest
+        update_cache: yes
+
+    - name: Install AWS CLI v2
+      shell: |
+        curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/tmp/awscliv2.zip"
+        unzip /tmp/awscliv2.zip -d /tmp
+        sudo /tmp/aws/install
+        rm -f /tmp/awscliv2.zip
+        rm -rf /tmp/aws
+      args:
+        creates: /usr/local/bin/aws
+
+    - name: Login ECR using AWS CLI
+      shell: |
+        aws ecr get-login-password --region ap-northeast-1 | docker login --username AWS --password-stdin {{ ecr_location }}
+      register: ecr_login
+      no_log: false
+
+    - name: Check if image exists
+      docker_image_info:
+        name: "{{ image_name }}"
+      register: image_info
+
+    - name: Untag existing image if it exists
+      docker_image:
+        name: "{{ image_name }}"
+        state: absent
+        force_absent: true
+      when: image_info.images | length > 0
+
+    - name: Run
+      docker_compose_v2:
+        project_src: "{{ docker_compose_dir }}"
+        state: present
+      register: compose_result
+
+    - name: Show compose_result Detail info
+      debug:
+        var: compose_result

ansible_yaml/coseeing-fe-playbook.yml

@@ -0,0 +1,140 @@
+- name: Show Docker Compose Running Status
+  hosts: all
+  become: true
+  become_user: root
+  vars:
+    deploy_tag: ${{ github.event.inputs.deployTag }}
+    docker_compose_dir: /data/coseeing-web
+    secret_name: prod/rdsuser/coseeing
+    secret_region: ap-northeast-1
+    webroot_path: '/var/www/html'  # the root path of your site
+    certbot_source_directory: /usr/local/certbot-src
+    certbot_executable_path: "{{ certbot_source_directory }}/venv/bin/certbot"
+    domain: coseeing.org
+    email: tsengwoody@coseeing.org
+    ecr_location: 622913514517.dkr.ecr.ap-northeast-1.amazonaws.com
+    image_name: "{{ ecr_location }}/coseeing-fe:{{ deploy_tag }}"
+  collections:
+    - community.docker
+    - community.aws
+  tasks:
+
+    - name: Set ansible_python_interpreter to use the installed Python
+      set_fact:
+        ansible_python_interpreter: /usr/bin/python3
+
+    - name: Update apt repo and cache on all Debian/Ubuntu boxes
+      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600
+      become: true
+
+    - name: Upgrade all apt packages
+      apt: upgrade=yes force_apt_get=yes
+      become: true
+
+    - name: Install Python pip
+      apt: name={{ item }} update_cache=true state=present force_apt_get=yes
+      with_items:
+        - python3-pip
+      become: true
+
+    - name: Install Python packages using apt
+      apt:
+        name:
+          - python3-docker
+          - python3-boto3
+          - python3-botocore
+          - python3-venv
+          - gcc
+          - libaugeas0
+          - libssl-dev
+          - libffi-dev
+          - ca-certificates
+          - openssl
+          - git
+        state: present
+        update_cache: yes
+      become: true
+
+    - name: Ensure docker compose directory exists
+      file:
+        path: "{{ docker_compose_dir }}"
+        state: directory
+        mode: '0755'
+      become: true
+
+    - name: Copy docker-compose.yml Document
+      copy:
+        dest: "{{ docker_compose_dir }}/docker-compose.yml"
+        content: |
+          version: "3.7"
+          services:
+            coseeing-web:
+              container_name: coseeing-web
+              image: {{ image_name }}
+              restart: always
+              deploy:
+                resources:
+                  limits:
+                    cpus: '0.70'
+                    memory: 1G
+              labels:
+                - "traefik.enable=true"
+                - "traefik.http.routers.coseeing.rule=Host(`coseeing.org`)"
+                - "traefik.http.routers.coseeing.entrypoints=websecure"
+                - "traefik.http.routers.coseeing.tls.certresolver=coseeing"
+                - "traefik.docker.network=entry"
+              networks:
+                - default
+                - entry
+              environment:
+                - NEXT_PUBLIC_BASE_URL=https://api.coseeing.org/about/api
+                - NEXT_PUBLIC_GOOGLE_TAG_MANAGER_ID=GTM-NQQ79V67
+
+          networks:
+            entry:
+              driver: bridge
+              name: entry
+
+    - name: Update the repository cache and update package "unzip" to latest version using default
+      apt:
+        name: unzip
+        state: latest
+        update_cache: yes
+
+    - name: Install AWS CLI v2
+      shell: |
+        curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/tmp/awscliv2.zip"
+        unzip /tmp/awscliv2.zip -d /tmp
+        sudo /tmp/aws/install
+        rm -f /tmp/awscliv2.zip
+        rm -rf /tmp/aws
+      args:
+        creates: /usr/local/bin/aws
+
+    - name: Login ECR using AWS CLI
+      shell: |
+        aws ecr get-login-password --region ap-northeast-1 | docker login --username AWS --password-stdin {{ ecr_location }}
+      register: ecr_login
+      no_log: false
+
+    - name: Check if image exists
+      docker_image_info:
+        name: "{{ image_name }}"
+      register: image_info
+
+    - name: Untag existing image if it exists
+      docker_image:
+        name: "{{ image_name }}"
+        state: absent
+        force_absent: true
+      when: image_info.images | length > 0
+
+    - name: Run
+      docker_compose_v2:
+        project_src: "{{ docker_compose_dir }}"
+        state: present
+      register: compose_result
+
+    - name: Show compose_result Detail info
+      debug:
+        var: compose_result