From 8988e78e394da41c757ed154721f2c7f3d4805f3 Mon Sep 17 00:00:00 2001
From: Asara <amarpreet@minhas.io>
Date: Fri, 21 Aug 2020 00:26:07 -0400
Subject: [PATCH] Wrap up basic consul server

---
 ansible/host_vars/fatman.minhas.io/main.yml   |  3 +
 ansible/host_vars/ivyking.minhas.io/main.yml  |  3 +
 ansible/host_vars/sedan.minhas.io/main.yml    |  3 +
 .../roles/consul_server/files/consul.service  | 15 +++++
 ansible/roles/consul_server/handlers/main.yml | 14 +++++
 ansible/roles/consul_server/tasks/Debian.yml  | 56 +++++++++++++++++-
 ansible/roles/consul_server/tasks/FreeBSD.yml | 57 +++++++++++++++----
 .../consul_server/templates/consul.hcl.j2     | 14 +++++
 8 files changed, 152 insertions(+), 13 deletions(-)
 create mode 100644 ansible/host_vars/fatman.minhas.io/main.yml
 create mode 100644 ansible/host_vars/ivyking.minhas.io/main.yml
 create mode 100644 ansible/host_vars/sedan.minhas.io/main.yml
 create mode 100644 ansible/roles/consul_server/files/consul.service
 create mode 100644 ansible/roles/consul_server/handlers/main.yml
 create mode 100644 ansible/roles/consul_server/templates/consul.hcl.j2

diff --git a/ansible/host_vars/fatman.minhas.io/main.yml b/ansible/host_vars/fatman.minhas.io/main.yml
new file mode 100644
index 0000000..c310f7a
--- /dev/null
+++ b/ansible/host_vars/fatman.minhas.io/main.yml
@@ -0,0 +1,3 @@
+---
+consul_dc: columbia
+...
diff --git a/ansible/host_vars/ivyking.minhas.io/main.yml b/ansible/host_vars/ivyking.minhas.io/main.yml
new file mode 100644
index 0000000..c310f7a
--- /dev/null
+++ b/ansible/host_vars/ivyking.minhas.io/main.yml
@@ -0,0 +1,3 @@
+---
+consul_dc: columbia
+...
diff --git a/ansible/host_vars/sedan.minhas.io/main.yml b/ansible/host_vars/sedan.minhas.io/main.yml
new file mode 100644
index 0000000..c310f7a
--- /dev/null
+++ b/ansible/host_vars/sedan.minhas.io/main.yml
@@ -0,0 +1,3 @@
+---
+consul_dc: columbia
+...
diff --git a/ansible/roles/consul_server/files/consul.service b/ansible/roles/consul_server/files/consul.service
new file mode 100644
index 0000000..71b78f8
--- /dev/null
+++ b/ansible/roles/consul_server/files/consul.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Consul Service Discovery Agent
+After=network-online.target
+
+[Service]
+Type=simple
+Restart=on-failure
+User=consul
+Group=consul
+RestartSec=3
+StateDirectory=consul
+ExecStart=/usr/local/bin/consul agent -config-dir /etc/consul.d/
+
+[Install]
+WantedBy=multi-user.target
diff --git a/ansible/roles/consul_server/handlers/main.yml b/ansible/roles/consul_server/handlers/main.yml
new file mode 100644
index 0000000..0c9cfcd
--- /dev/null
+++ b/ansible/roles/consul_server/handlers/main.yml
@@ -0,0 +1,14 @@
+---
+- name: daemon_reload
+  systemd:
+    daemon_reload: True
+
+- name: restart_consul_debian
+  systemd:
+    name: consul
+    state: restarted
+
+- name: restart_consul_fbsd
+  service:
+    name: consul
+    state: restarted
diff --git a/ansible/roles/consul_server/tasks/Debian.yml b/ansible/roles/consul_server/tasks/Debian.yml
index 42d3804..99b6c04 100644
--- a/ansible/roles/consul_server/tasks/Debian.yml
+++ b/ansible/roles/consul_server/tasks/Debian.yml
@@ -1,4 +1,33 @@
 ---
+- name: ensure consul group
+  group:
+    name: consul
+    state: present
+    system: True
+
+- name: ensure consul user
+  user:
+    name: consul
+    state: present
+    group: consul
+    system: True
+
+- name: ensure consul config dir
+  file:
+    path: /etc/consul.d/
+    state: directory
+    owner: consul
+    group: consul
+    mode: 0755
+
+- name: ensure consul data dir
+  file:
+    path: /opt/consul
+    state: directory
+    owner: consul
+    group: consul
+    mode: 0755
+
 - name: check consul version
   shell:
     cmd: "consul --version | head -1 | cut -d'v' -f2"
@@ -6,6 +35,7 @@
     executable: /bin/bash
   changed_when: False
   register: installed_consul_version
+  check_mode: false
 
 - name: get consul
   unarchive:
@@ -14,5 +44,29 @@
     mode: 0755
     owner: root
     group: root
-    remote_src: yes
+    remote_src: True
   when: installed_consul_version.stdout != consul_version
+
+- name: copy consul unit file
+  copy:
+    src: files/consul.service
+    dest: /etc/systemd/system/consul.service
+    mode: 0755
+    owner: root
+    group: root
+  notify: daemon_reload
+
+- name: template consul config
+  template:
+    src: templates/consul.hcl.j2
+    dest: /etc/consul.d/consul.hcl
+    owner: root
+    group: root
+    mode: 0755
+  notify: restart_consul_debian
+
+- name: ensure consul is started and enabled
+  systemd:
+    name: consul
+    state: started
+    enabled: True
diff --git a/ansible/roles/consul_server/tasks/FreeBSD.yml b/ansible/roles/consul_server/tasks/FreeBSD.yml
index e7c1922..0520e87 100644
--- a/ansible/roles/consul_server/tasks/FreeBSD.yml
+++ b/ansible/roles/consul_server/tasks/FreeBSD.yml
@@ -1,4 +1,33 @@
 ---
+- name: ensure consul group
+  group:
+    name: consul
+    state: present
+    system: True
+
+- name: ensure consul user
+  user:
+    name: consul
+    state: present
+    group: consul
+    system: True
+
+- name: ensure consul config dir
+  file:
+    path: /usr/local/etc/consul.d/
+    state: directory
+    owner: consul
+    group: consul
+    mode: 0755
+
+- name: ensure consul data dir
+  file:
+    path: /opt/consul
+    state: directory
+    owner: consul
+    group: consul
+    mode: 0755
+
 - name: check consul version
   shell:
     cmd: "consul --version | head -1 | cut -d'v' -f2"
@@ -7,20 +36,24 @@
   changed_when: False
   failed_when: False
   register: installed_consul_version
+  check_mode: false
 
 - name: get consul
-  get_url:
-    url: "https://releases.hashicorp.com/consul/{{ consul_version }}/consul_{{ consul_version }}_freebsd_amd64.zip"
-    dest: /tmp/consul.zip
-  when: ("No such file" not in installed_consul_version.msg) or (installed_consul_version.msg != consul_version)
-  register: get_consul
+  pkgng:
+    name: consul-{{ consul_version }}
+    state: present
 
-- name: get consul
-  unarchive:
-    src: /tmp/consul.zip
-    dest: /usr/local/bin/
-    remote_src: True
-    mode: 0755
+- name: template consul config
+  template:
+    src: templates/consul.hcl.j2
+    dest: /usr/local/etc/consul.d/consul.hcl
     owner: root
     group: staff
-  when: get_consul.changed
+    mode: 0755
+  notify: restart_consul_fbsd
+
+- name: enable and start consul
+  service:
+    name: consul
+    state: started
+    enabled: yes
diff --git a/ansible/roles/consul_server/templates/consul.hcl.j2 b/ansible/roles/consul_server/templates/consul.hcl.j2
new file mode 100644
index 0000000..703ed2d
--- /dev/null
+++ b/ansible/roles/consul_server/templates/consul.hcl.j2
@@ -0,0 +1,14 @@
+datacenter          = "{{ consul_dc }}"
+bind_addr           = "{{ ansible_default_ipv4.address }}"
+start_join          = ["{{ groups['consul_server'] | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | join('","') }}"]
+data_dir            = "/opt/consul"
+log_level           = "INFO"
+server              = true
+bootstrap_expect    = 3
+ui                  = true
+addresses {
+ http = "0.0.0.0"
+}
+performance {
+  raft_multiplier = 1
+}