Add documentation

2 years ago · a6b9ef6e9b
4 changed files with 124 additions and 16 deletions
--- a/ansible/playbooks/.vscode/settings.json
+++ b/ansible/playbooks/.vscode/settings.json
--- a/ansible/README.MD
+++ b/ansible/README.MD
@ -0,0 +1,109 @@
+# Installation on RHEL 9 Automatisation
+
+Ansible Playbook allowing to create ostree images for edge using Ansible.
+
+## Pre-requisites
+
+RHEL 9 pre-requisites :
+
+- RHEL 9 is installed
+- The Red Hat repositories **baseos** and **appstream** are reachable
+
+Microshift pre-requisites :
+
+- RHEL 9.2 or 9.3
+- LVM volume group (VG) with unused space
+
+## Install Pre-requisites
+
+```sh
+sudo subscription-manager register --username $RHN_LOGIN --auto-attach
+sudo subscription-manager attach --pool=$RHN_POOL_ID
+sudo dnf install -y osbuild-composer composer-cli cockpit-composer git firewalld python3-toml
+sudo systemctl enable --now osbuild-composer.socket
+sudo systemctl enable --now firewalld
+sudo systemctl enable --now cockpit.socket
+sudo systemctl restart osbuild-composer
+sudo usermod -a -G weldr "$(id -un)"
+```
+
+Check that **os-composer** is working.
+
+```
+$ source /etc/bash_completion.d/composer-cli
+$ composer-cli status show
+API server status:
+    Database version:   0
+    Database supported: true
+    Schema version:     0
+    API version:        1
+    Backend:            osbuild-composer
+    Build:              NEVRA:osbuild-composer-88.3-1.el9_3.x86_64
+
+$ composer-cli sources list
+appstream
+baseos
+```
+
+## Clone this repository
+
+```sh
+git clone https://github.com/ePietry/red-hat-kiosk.git
+cd red-hat-kiosk
+export GIT_REPO_CLONE="$PWD"
+```
+
+## Create the container image
+
+Install podman and buildah.
+
+```sh
+sudo dnf install -y podman buildah
+```
+
+Define the target image properties.
+
+```sh
+REGISTRY="quay.io"
+IMAGE_NAME="nmasse_itix/kiosk-app"
+IMAGE_TAG="latest"
+```
+
+Build and push the image to the registry.
+
+```sh
+cd "$GIT_REPO_CLONE/application"
+podman build -t localhost/kiosk-app:latest .
+podman login "$REGISTRY"
+podman tag localhost/kiosk-app:latest "$REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
+podman push "$REGISTRY/$IMAGE_NAME:$IMAGE_TAG"
+```
+
+## Nginx configuration
+
+Install and configure nginx.
+
+```sh
+sudo dnf install -y nginx
+sudo systemctl enable --now nginx.service
+sudo firewall-cmd --permanent --add-port={80/tcp,443/tcp}
+sudo firewall-cmd --reload
+sudo mkdir -p /var/www
+sudo restorecon -Rv /var/www
+sudo sed -i.${EPOCHREALTIME:-bak} 's|/usr/share/nginx/html|/var/www|g' /etc/nginx/nginx.conf
+sudo systemctl restart nginx.service
+```
+
+Find the IP address of the current server.
+
+```sh
+MYIP="$(ip -4 -br addr show scope global | awk 'NR == 1 { split($3, parts, "/"); print parts[1]; }')"
+```
+
+## Create the initial ostree repo
+
+Create a `inventory.yaml` file inside the Ansible folder or define the inventory path inside the `ansible.cfg` file
+
+Add blueprint file into the blueprint folder or use the `example_blueprint.toml`
+
+Create the initial ostree repo using...
--- a/ansible/playbooks-test.yaml
+++ b/ansible/playbooks-test.yaml
@ -1,6 +0,0 @@
---
- - name: ping all inventory
-   hosts: all
-   tasks:
-     - name: ping
-       ansible.builtin.ping:
--- a/ansible/playbooks/initial_ostree.yaml
+++ b/ansible/playbooks/initial_ostree.yaml
@ -9,19 +9,10 @@
        name: "{{ ansible_user_id }}"
        groups: weldr
        append: true
-        #    - name: Create a blueprint
-        #      infra.osbuild.create_blueprint:
-        #        dest: "/home/epietryk/blueprint/blueprint.toml"
-        #        name: "rhel-edge-blueprint"
-        #        description: "{{ builder_blueprint_description }}"
-        #        distro: "{{ builder_blueprint_distro }}"
-        #        groups: "{{ builder_blueprint_groups }}"
-        #        packages: "{{ builder_blueprint_packages }}"
-        #          customizations: "{{ builder_blueprint_customizations }}"
    - name: Push a blueprint
      infra.osbuild.push_blueprint:
        src: "/home/epietryk/blueprint/blueprint.toml"
-    - name: Start ostree compose with idempotent transaction
+    - name: Start ostree compose
      infra.osbuild.start_compose:
        blueprint: rhel-edge-blueprint
        allow_duplicate: true
@ -42,3 +33,17 @@
      infra.osbuild.export_compose: # noqa only-builtins
        compose_id: "{{ builder_compose_start_out['result']['body']['build_id'] }}"
        dest: /tmp/images/{{ builder_compose_start_out['result']['body']['build_id'] }}.tar
+    - name: Recursively remove directory /var/www/repo
+      ansible.builtin.file:
+        path: /var/www/repo
+        state: absent
+        #    - name: Create empty file /var/www/repo
+        #      ansible.builtin.file:
+        #        path: /var/www/repo
+        #        state: directory
+        #        mode: '0755'
+    - name: Extract compose artifact into /var/www/repo
+      ansible.builtin.unarchive:
+        src: /tmp/images/{{ builder_compose_start_out['result']['body']['build_id'] }}.tar
+        dest: /var/www/
+        remote_src: true