From af8fab14f21a7080a4f6feab8eb8cffbd0f5fb4a Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Tue, 29 Oct 2024 00:48:04 +0900
Subject: [PATCH 1/8] Reverse Proxy for Jenkins-deb on docker-compose

---
 .../compose/jenkins-deb/docker-compose.yml    | 18 ++++++++++
 .../compose/reverseproxy/docker-compose.yml   | 17 ++++++++++
 .../hayato/compose/reverseproxy/nginx.conf    | 34 +++++++++++++++++++
 3 files changed, 69 insertions(+)
 create mode 100644 tasks/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml
 create mode 100644 tasks/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml
 create mode 100644 tasks/dockerservice/home/hayato/compose/reverseproxy/nginx.conf

diff --git a/tasks/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml b/tasks/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml
new file mode 100644
index 0000000..4071311
--- /dev/null
+++ b/tasks/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml
@@ -0,0 +1,18 @@
+services:
+  jenkins-deb-container:
+    container_name: jenkins-deb-container
+    image: nginx:latest
+    restart: always
+    stdin_open: true
+    tty: true
+    networks:
+      - reverse-proxy
+    volumes:
+      - jenkins_deb:/usr/share/nginx/html
+
+volumes:
+  jenkins_deb:
+
+networks:
+  reverse-proxy:
+    external: true
diff --git a/tasks/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml b/tasks/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml
new file mode 100644
index 0000000..eba07a6
--- /dev/null
+++ b/tasks/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml
@@ -0,0 +1,17 @@
+services:
+  reverseProxy:
+    container_name: reverse-proxy
+    image: nginx:latest
+    restart: always
+    stdin_open: true
+    tty: true
+    ports:
+      - 80:80
+    volumes:
+      - ./nginx.conf:/etc/nginx/nginx.conf:ro
+    networks:
+      - reverse-proxy
+
+networks:
+  reverse-proxy:
+    external: true
diff --git a/tasks/dockerservice/home/hayato/compose/reverseproxy/nginx.conf b/tasks/dockerservice/home/hayato/compose/reverseproxy/nginx.conf
new file mode 100644
index 0000000..d0b96aa
--- /dev/null
+++ b/tasks/dockerservice/home/hayato/compose/reverseproxy/nginx.conf
@@ -0,0 +1,34 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    keepalive_timeout  65;
+
+  server {
+    server_name jenkins-deb.hayaworld.home;
+    proxy_set_header Host $host;
+    listen 80;
+    location / {
+      proxy_pass http://jenkins-deb-container/;
+    }
+  }
+}

From 04d8607672b97b61b4be296431b7860b7584a3db Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Tue, 29 Oct 2024 00:55:53 +0900
Subject: [PATCH 2/8] Move docker compose files correctly path

---
 .../home/hayato/compose/jenkins-deb/docker-compose.yml            | 0
 .../home/hayato/compose/reverseproxy/docker-compose.yml           | 0
 .../dockerservice/home/hayato/compose/reverseproxy/nginx.conf     | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename {tasks => templates}/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml (100%)
 rename {tasks => templates}/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml (100%)
 rename {tasks => templates}/dockerservice/home/hayato/compose/reverseproxy/nginx.conf (100%)

diff --git a/tasks/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml b/templates/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml
similarity index 100%
rename from tasks/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml
rename to templates/dockerservice/home/hayato/compose/jenkins-deb/docker-compose.yml
diff --git a/tasks/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml b/templates/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml
similarity index 100%
rename from tasks/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml
rename to templates/dockerservice/home/hayato/compose/reverseproxy/docker-compose.yml
diff --git a/tasks/dockerservice/home/hayato/compose/reverseproxy/nginx.conf b/templates/dockerservice/home/hayato/compose/reverseproxy/nginx.conf
similarity index 100%
rename from tasks/dockerservice/home/hayato/compose/reverseproxy/nginx.conf
rename to templates/dockerservice/home/hayato/compose/reverseproxy/nginx.conf

From 4e689ddffd2a23d67b897ef4f4b3d3cc9f872112 Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Tue, 29 Oct 2024 00:57:07 +0900
Subject: [PATCH 3/8] Ignore docker-compose.yml as ansible-lint

---
 .ansible-lint | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .ansible-lint

diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 0000000..777d4c0
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,3 @@
+exclude_paths:
+  - templates/
+  - .ansible-lint

From f0b29d0ccea86ae60d4a7ed6292ae5120d27bccb Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Wed, 30 Oct 2024 15:14:00 +0900
Subject: [PATCH 4/8] Add CNAME mechanism for rui

---
 inventories/host_vars/rui/CNAME.yml       | 4 ++++
 rui.yml                                   | 1 +
 tasks/rui/dnsmasq.yml                     | 9 +++++++++
 templates/rui/etc/dnsmasq.d/cname.conf.j2 | 3 +++
 4 files changed, 17 insertions(+)
 create mode 100644 inventories/host_vars/rui/CNAME.yml
 create mode 100644 templates/rui/etc/dnsmasq.d/cname.conf.j2

diff --git a/inventories/host_vars/rui/CNAME.yml b/inventories/host_vars/rui/CNAME.yml
new file mode 100644
index 0000000..51a4865
--- /dev/null
+++ b/inventories/host_vars/rui/CNAME.yml
@@ -0,0 +1,4 @@
+---
+cname:
+  - name: jenkins-deb.hayaworld.home
+    real: dockerservice.hayaworld.home
diff --git a/rui.yml b/rui.yml
index 3555a88..8fc2f57 100644
--- a/rui.yml
+++ b/rui.yml
@@ -7,6 +7,7 @@
 
   vars_files:
     - inventories/host_vars/rui/NXDOMAIN.yml
+    - inventories/host_vars/rui/CNAME.yml
     - inventories/host_vars/rui.yml
     - inventories/host_vars/networks.yml
 
diff --git a/tasks/rui/dnsmasq.yml b/tasks/rui/dnsmasq.yml
index 5107ed6..5ad240e 100644
--- a/tasks/rui/dnsmasq.yml
+++ b/tasks/rui/dnsmasq.yml
@@ -26,6 +26,15 @@
     mode: '0644'
   notify: "Restart dnsmasq"
 
+- name: Add CNAME config
+  ansible.builtin.template:
+    src: templates/rui/etc/dnsmasq.d/cname.conf.j2
+    dest: /etc/dnsmasq.d/cname.conf.j2
+    owner: root
+    group: root
+    mode: '0644'
+  notify: "Restart dnsmasq"
+
 - name: Add hosts(5)
   ansible.builtin.template:
     src: templates/rui/etc/hosts.j2
diff --git a/templates/rui/etc/dnsmasq.d/cname.conf.j2 b/templates/rui/etc/dnsmasq.d/cname.conf.j2
new file mode 100644
index 0000000..057eb8e
--- /dev/null
+++ b/templates/rui/etc/dnsmasq.d/cname.conf.j2
@@ -0,0 +1,3 @@
+{% for item in cname %}
+cname={{ item.name }},{{ item.real }}
+{% endfor %}

From 60733681bdf474f44a5f532e239cf4c341878119 Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Wed, 30 Oct 2024 16:00:26 +0900
Subject: [PATCH 5/8] Docker network range fixed on dockerservice

---
 dockerservice.yml                                     | 11 ++++++++++-
 .../{docker_service.yml => dockerservice.yml}         |  4 ++++
 templates/dockerservice/etc/docker/daemon.json.j2     |  8 ++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)
 rename inventories/host_vars/{docker_service.yml => dockerservice.yml} (93%)
 create mode 100644 templates/dockerservice/etc/docker/daemon.json.j2

diff --git a/dockerservice.yml b/dockerservice.yml
index 8f5da6e..9a7d4b3 100644
--- a/dockerservice.yml
+++ b/dockerservice.yml
@@ -6,7 +6,7 @@
   become: true
 
   vars_files:
-    - inventories/host_vars/docker_service.yml
+    - inventories/host_vars/dockerservice.yml
     - inventories/host_vars/networks.yml
 
   handlers:
@@ -34,6 +34,15 @@
         docker_users:
           - hayato
 
+    - name: Put Docker config
+      ansible.builtin.template:
+        src: templates/dockerservice/etc/docker/daemon.json.j2
+        dest: /etc/docker/daemon.json
+        owner: root
+        group: root
+        mode: '0644'
+      notify: "Restart docker"
+
     - name: Mount skylark
       ansible.builtin.import_tasks:
         file: tasks/dockerservice/mount_docker.yml
diff --git a/inventories/host_vars/docker_service.yml b/inventories/host_vars/dockerservice.yml
similarity index 93%
rename from inventories/host_vars/docker_service.yml
rename to inventories/host_vars/dockerservice.yml
index b074468..7a16456 100644
--- a/inventories/host_vars/docker_service.yml
+++ b/inventories/host_vars/dockerservice.yml
@@ -22,6 +22,10 @@ services_start:
 dockerdir:
   UUID: "6db90b73-6dbd-4c00-9b13-724f0cb4e636"
 
+docker_network:
+  base: "172.18.0.0/12"
+  size: "24"
+
 firewall:
   policy: deny
   allow_rules:
diff --git a/templates/dockerservice/etc/docker/daemon.json.j2 b/templates/dockerservice/etc/docker/daemon.json.j2
new file mode 100644
index 0000000..428b219
--- /dev/null
+++ b/templates/dockerservice/etc/docker/daemon.json.j2
@@ -0,0 +1,8 @@
+{
+  "default-address-pools" : [
+    {
+      "base" : "{{ docker_network.base }}",
+      "size" : {{ docker_network.size }}
+    }
+  ]
+}
\ No newline at end of file

From 98337573da40f8d7fc580536bb22606f7f5acd7e Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Wed, 30 Oct 2024 16:13:40 +0900
Subject: [PATCH 6/8] Fix mounting docker mount timing

---
 dockerservice.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/dockerservice.yml b/dockerservice.yml
index 9a7d4b3..16385b9 100644
--- a/dockerservice.yml
+++ b/dockerservice.yml
@@ -21,6 +21,10 @@
       ansible.builtin.import_tasks:
         file: tasks/all/main.yml
 
+    - name: Mount docker
+      ansible.builtin.import_tasks:
+        file: tasks/dockerservice/mount_docker.yml
+
     - name: Install Docker(ce)
       ansible.builtin.import_role:
         name: geerlingguy.docker
@@ -43,10 +47,6 @@
         mode: '0644'
       notify: "Restart docker"
 
-    - name: Mount skylark
-      ansible.builtin.import_tasks:
-        file: tasks/dockerservice/mount_docker.yml
-
     - name: Install/Config Zramswap
       ansible.builtin.import_tasks:
         file: tasks/zram.yml

From f7d3c94c50d32afb83f92f0a9262637939a982c6 Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Wed, 30 Oct 2024 16:34:05 +0900
Subject: [PATCH 7/8] Running reverse proxy and jenkins deb store nginx

---
 dockerservice.yml                           |  6 +++++
 requirements.yml                            |  1 +
 tasks/dockerservice/docker_compose_exec.yml | 27 +++++++++++++++++++++
 3 files changed, 34 insertions(+)
 create mode 100644 tasks/dockerservice/docker_compose_exec.yml

diff --git a/dockerservice.yml b/dockerservice.yml
index 16385b9..20414e5 100644
--- a/dockerservice.yml
+++ b/dockerservice.yml
@@ -47,6 +47,12 @@
         mode: '0644'
       notify: "Restart docker"
 
+    - name: "Predefined docker-compose up"
+      ansible.builtin.import_tasks:
+        file: tasks/dockerservice/docker_compose_exec.yml
+      tags:
+        - docker
+
     - name: Install/Config Zramswap
       ansible.builtin.import_tasks:
         file: tasks/zram.yml
diff --git a/requirements.yml b/requirements.yml
index e2da767..dbb9096 100644
--- a/requirements.yml
+++ b/requirements.yml
@@ -10,4 +10,5 @@ roles:
 
 collections:
   - name: ansible.posix
+  - name: community.docker
   - name: community.general
diff --git a/tasks/dockerservice/docker_compose_exec.yml b/tasks/dockerservice/docker_compose_exec.yml
new file mode 100644
index 0000000..1d3ab25
--- /dev/null
+++ b/tasks/dockerservice/docker_compose_exec.yml
@@ -0,0 +1,27 @@
+---
+- name: "Install docker python module"
+  ansible.builtin.pip:
+    name: "docker"
+    break_system_packages: true
+    extra_args: "--upgrade"
+
+- name: "Copy docker-compose.yml to homedir"
+  ansible.builtin.copy:
+    src: templates/dockerservice/home/hayato/compose
+    dest: /home/hayato/
+    owner: hayato
+    group: hayato
+    directory_mode: '0755'
+    mode: '0644'
+
+- name: "Create a reverse-proxy network"
+  community.docker.docker_network:
+    name: reverse-proxy
+
+- name: "Up Jenkins deb repository containers"
+  community.docker.docker_compose_v2:
+    project_src: "/home/hayato/compose/jenkins-deb/"
+
+- name: "Up Reverse Proxy containers"
+  community.docker.docker_compose_v2:
+    project_src: "/home/hayato/compose/reverseproxy/"

From 4dd5da553e40931dcb7a484c4b0d75ad840ae71f Mon Sep 17 00:00:00 2001
From: Hayato <falcon.int50m@gmail.com>
Date: Wed, 30 Oct 2024 16:44:10 +0900
Subject: [PATCH 8/8] Change Jenkins mirror site to local dockerservice

---
 inventories/host_vars/jenkins.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inventories/host_vars/jenkins.yml b/inventories/host_vars/jenkins.yml
index 3902830..4357e34 100644
--- a/inventories/host_vars/jenkins.yml
+++ b/inventories/host_vars/jenkins.yml
@@ -33,7 +33,7 @@ jenkins:
   hostname: jenkins.hayaworld.home
   http_port: 8080
   java_options: "-Djenkins.install.runSetupWizard=false"
-  pkg_url: "https://ftp.yz.yamagata-u.ac.jp/pub/misc/jenkins/debian"
+  pkg_url: "http://jenkins-deb.hayaworld.home/"
   plugins:
     - build-timeout
     - discord-notifier