configure a mongodb container on the host

Signed-off-by: Jakub Sokołowski <jakub@status.im>

ansible/group_vars/mongodb.yml

@@ -0,0 +1,4 @@
+---
+mongo_db_name: dev-dap-ps
+mongo_db_user: '{{lookup("passwordstore", "service/mongodb/user")}}'
+mongo_db_pass: '{{lookup("passwordstore", "service/mongodb/pass")}}'

ansible/inventory/default

@@ -3,6 +3,9 @@
 [all]
 node-01.us-east-1a.mongodb.test hostname=node-01.us-east-1a.mongodb.test ansible_host=3.88.159.109 env=dapps stage=default data_center=us-east-1a region=us-east-1a dns_entry=node-01.us-east-1a.mongodb.test.hosts.dap.ps
 
+[mongodb]
+node-01.us-east-1a.mongodb.test
+
 [dap-ps-dev]
 node-01.us-east-1a.mongodb.test
 

ansible/main.yml

@@ -0,0 +1,10 @@
+---
+- name: Configure MongoDB
+  hosts: mongodb
+  roles:
+    - role: mongodb
+  post_tasks:
+    - name: Here's the MongoDB URI string
+      debug:
+        msg: 'mongodb://{{ mongo_db_user }}:{{ mongo_db_pass }}@{{ dns_entry }}:{{ mongo_cont_port }}/{{ mongo_db_name }}'
+

ansible/roles/mongodb/README.md

@@ -0,0 +1,11 @@
+# Description
+
+This role configures a [MongoDB](https://www.mongodb.com/) container using the [`mongo`](ttps://hub.docker.com/_/mongo) Docker image.
+
+# Configuration
+
+__TODO__
+
+# Known Issues
+
+__TODO__

ansible/roles/mongodb/defaults/main.yml

@@ -0,0 +1,18 @@
+---
+mongo_cont_name: mongodb
+# https://hub.docker.com/_/mongo
+mongo_cont_tag: '4.1.13-bionic'
+mongo_cont_image: 'mongo:{{ mongo_cont_tag }}'
+mongo_cont_vol: '/docker/{{ mongo_cont_name }}'
+mongo_cont_uid: 999
+mongo_host_uid: '{{ 100000 + mongo_cont_uid - 1 | int }}'
+mongo_cont_port: 27017
+
+mongo_db_name: ~
+mongo_db_user: ~
+mongo_db_pass: ~
+
+# general container config
+cont_state: started
+cont_recreate: false
+cont_restart: false

ansible/roles/mongodb/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: Save iptables rules
+  shell: iptables-save > /etc/iptables/rules.v4

ansible/roles/mongodb/tasks/container.yml

@@ -0,0 +1,26 @@
+---
+- name: Create data directory
+  file:
+    path: '{{ mongo_cont_vol }}/data'
+    state: directory
+    owner: '{{ mongo_host_uid }}'
+    group: docker
+    recurse: true
+
+- name: Start the MongoDB container
+  docker_container:
+    name: '{{ mongo_cont_name }}'
+    image: '{{ mongo_cont_image }}'
+    pull: true
+    restart_policy: always
+    state: '{{ cont_state }}'
+    recreate: '{{ cont_recreate }}'
+    restart: '{{ cont_restart }}'
+    env:
+      ONGO_INITDB_DATABASE: '{{ mongo_db_name | mandatory }}'
+      MONGO_INITDB_ROOT_USERNAME: '{{ mongo_db_user | mandatory }}'
+      MONGO_INITDB_ROOT_PASSWORD: '{{ mongo_db_pass | mandatory }}'
+    ports:
+      - '0.0.0.0:{{ mongo_cont_port }}:{{ mongo_cont_port }}/tcp'
+    volumes:
+      - '{{ mongo_cont_vol }}/data:/data/db'

ansible/roles/mongodb/tasks/firewall.yml

@@ -0,0 +1,12 @@
+---
+- name: Enable MongoDB port
+  iptables:
+    comment: '{{ mongo_cont_name }}'
+    action: insert
+    chain: DOCKER-USER
+    jump: ACCEPT
+    source: '0.0.0.0/0'
+    protocol: 'tcp'
+    destination_port: '{{ mongo_cont_port }}'
+  notify:
+    - Save iptables rules

ansible/roles/mongodb/tasks/main.yml

@@ -0,0 +1,3 @@
+---
+- import_tasks: container.yml
+- import_tasks: firewall.yml

db.tf

@@ -59,7 +59,7 @@ resource "aws_instance" "mongodb" {
       }
       groups   = ["${var.group}"]
       extra_vars = {
-        hostname         = "node-01.${var.zone}.${var.env}.test"
+        hostname         = "node-01.${var.zone}.mongodb.test"
         ansible_ssh_user = "${var.ssh_user}"
         data_center      = "${var.zone}"
         stage            = "${terraform.workspace}"
@@ -79,7 +79,7 @@ resource "gandi_zonerecord" "mongodb" {
 
 resource "ansible_host" "main" {
   inventory_hostname = "${aws_instance.mongodb.tags.Name}"
-  groups = ["${var.group}", "${var.zone}"]
+  groups = ["mongodb", "${var.group}", "${var.zone}"]
   vars {
     ansible_host = "${aws_instance.mongodb.public_ip}"
     hostname     = "${aws_instance.mongodb.tags.Name}"