commit db315f41d84845b2dd9c2e68c171671488197793
parent 4ec01b51d045be8a115b1d5a019e36c7aa42108f
Author: Leah Thein <leah@toaster.fritz.box>
Date: Sat, 5 Dec 2020 13:37:48 +0100
parent 4ec01b51d045be8a115b1d5a019e36c7aa42108f
Author: Leah Thein <leah@toaster.fritz.box>
Date: Sat, 5 Dec 2020 13:37:48 +0100
oeffisearch/oeffi-web: run multiple instances and loadbalance them
7 files changed, 165 insertions(+), 9 deletions(-)
diff --git a/readme.md b/readme.md @@ -31,7 +31,7 @@ i'm using alpine linux on all my servers. | Port | tcp | udp | Service | Protocol | Description | Firewalled | |:------:|:---:|:---:|-------------------|------------|----------------|:----------:| | 22 | x | | sshd | ssh | | no | -| 25 | x | | maddy | submission | | no | +| 25 | x | | maddy | smtp | | no | | 53 | x | x | bind | dns | | no | | 80 | x | | acme-redirect | http | | no | | 143 | x | | maddy | imaps | | no | @@ -44,14 +44,20 @@ i'm using alpine linux on all my servers. | 3000 | x | | grafana | http | | yes | | 4000 | x | | pleroma | http | | yes | | 4369 | ? | ? | epmd | ? | ? | yes | -| 5000 | x | | oeffi-web | http | | yes | +| 5001 | x | | oeffi-web | http | instance1 | yes | +| 5002 | x | | oeffi-web | http | instance2 | yes | +| 5003 | x | | oeffi-web | http | instance3 | yes | +| 5004 | x | | oeffi-web | http | instance4 | yes | | 5050 | x | | frps | frp | | no | | 5232 | x | | radicale | http | | yes | | 5432 | x | | postgres | postgresql | | yes | | 8008 | x | | synapse | http | | yes | | 8001 | x | | fcgiwrap (cgit) | ? | | yes | -| 8081 | x | | oeffisearch | http | | yes | -| 8088 | x | | frps | http | isa nuc | yes | +| 8081 | x | | oeffisearch | http | instance1 | yes | +| 8082 | x | | oeffisearch | http | instance2 | yes | +| 8083 | x | | oeffisearch | http | instance3 | yes | +| 8084 | x | | oeffisearch | http | instance4 | yes | +| 8088 | x | | frps | http | vhost | yes | | 8142 | x | | chartsrv | http | | yes | | 9090 | x | | prometheus | http | | yes | | 9100 | x | | node_exporter | http | | yes |
diff --git a/roles/oeffi-web/tasks/main.yml b/roles/oeffi-web/tasks/main.yml @@ -6,6 +6,39 @@ state: present update_cache: yes +- name: copy service files to destination host + template: + src: oeffi-web.initd.j2 + dest: "/etc/init.d/oeffi-web{{item}}" + mode: 0755 + loop: + - 1 + - 2 + - 3 + - 4 + +- name: create logfiles + file: + path: "/var/log/oeffi-web" + mode: 0755 + state: directory + loop: + - 1 + - 2 + - 3 + - 4 + +- name: create logfiles + file: + path: "/var/log/oeffi-web/{{item}}.log" + mode: 0777 + state: touch + loop: + - 1 + - 2 + - 3 + - 4 + - name: copy nginx-vhost for oeffi-web to destination host template: src: oeffi-web-vhost.conf.j2 @@ -14,11 +47,16 @@ owner: nginx group: nginx -- name: "Enable and restart service: oeffi-web" +- name: "Enable and restart services: oeffi-web" service: - name: oeffi-web + name: "oeffi-web{{item}}" enabled: yes state: restarted + loop: + - 1 + - 2 + - 3 + - 4 - name: "Restart service: nginx" service:
diff --git a/roles/oeffi-web/templates/oeffi-web-vhost.conf.j2 b/roles/oeffi-web/templates/oeffi-web-vhost.conf.j2 @@ -1,3 +1,11 @@ +upstream oeffiweb { + least_conn; + server 127.0.0.1:5001; + server 127.0.0.1:5002; + server 127.0.0.1:5003; + server 127.0.0.1:5004; +} + server { listen 443 ssl; listen [::]:443 ssl; @@ -9,7 +17,7 @@ server { server_name {{oeffi_web.domain}}; location / { - proxy_pass http://127.0.0.1:5000; + proxy_pass http://oeffiweb; } location /assets {
diff --git a/roles/oeffi-web/templates/oeffi-web.initd.j2 b/roles/oeffi-web/templates/oeffi-web.initd.j2 @@ -0,0 +1,28 @@ +#!/sbin/openrc-run +supervisor=supervise-daemon + +name="oeffi-web" +description="fast and simple tripplanner for the web" + +PORT=500{{item}} +PID_FILE=/run/oeffi-web/{{item}} +CACHE_PATH=/var/lib/oeffisearch + +export PORT +export CACHE_PATH + +command="/usr/bin/oeffi-web" +command_user=oeffisearch:oeffisearch +command_background=true +pidfile=/run/oeffi-web/{{item}} +directory="/usr/share/oeffi-web" +output_log="/var/log/oeffi-web/{{item}}.log" + +depend() { + need net localmount + after firewall +} + +start_pre() { + checkpath -d -o oeffisearch:oeffisearch /run/oeffi-web +}+ \ No newline at end of file
diff --git a/roles/oeffisearch/tasks/main.yml b/roles/oeffisearch/tasks/main.yml @@ -6,6 +6,39 @@ state: present update_cache: yes +- name: copy service files to destination host + template: + src: oeffisearch.initd.j2 + dest: "/etc/init.d/oeffisearch{{item}}" + mode: 0755 + loop: + - 1 + - 2 + - 3 + - 4 + +- name: create logfiles + file: + path: "/var/log/oeffisearch" + mode: 0755 + state: directory + loop: + - 1 + - 2 + - 3 + - 4 + +- name: create logfiles + file: + path: "/var/log/oeffisearch/{{item}}.log" + mode: 0777 + state: touch + loop: + - 1 + - 2 + - 3 + - 4 + - name: copy nginx-vhost for oeffisearch to destination host template: src: oeffisearch-vhost.conf.j2 @@ -16,9 +49,14 @@ - name: "Enable and restart service: oeffisearch" service: - name: oeffisearch + name: "oeffisearch{{item}}" enabled: yes state: restarted + loop: + - 1 + - 2 + - 3 + - 4 - name: "Restart service: nginx" service:
diff --git a/roles/oeffisearch/templates/oeffisearch-vhost.conf.j2 b/roles/oeffisearch/templates/oeffisearch-vhost.conf.j2 @@ -1,3 +1,11 @@ +upstream oeffisearch { + least_conn; + server 127.0.0.1:8081; + server 127.0.0.1:8082; + server 127.0.0.1:8083; + server 127.0.0.1:8084; +} + server { listen 443 ssl; listen [::]:443 ssl; @@ -14,6 +22,6 @@ server { } location @api { - proxy_pass http://127.0.0.1:8081; + proxy_pass http://oeffisearch; } }
diff --git a/roles/oeffisearch/templates/oeffisearch.initd.j2 b/roles/oeffisearch/templates/oeffisearch.initd.j2 @@ -0,0 +1,28 @@ +#!/sbin/openrc-run +supervisor=supervise-daemon + +name="oeffisearch" +description="fast and simple tripplanner for the web" + +PORT=808{{item}} +PID_FILE=/run/oeffisearch/{{item}} +CACHE_PATH=/var/lib/oeffisearch + +export PORT +export CACHE_PATH + +command="/usr/bin/oeffisearch" +command_user="oeffisearch:oeffisearch" +command_background=true +pidfile=/run/oeffisearch/{{item}} +directory="/var/lib/oeffisearch" +output_log="/var/log/oeffisearch/{{item}}.log" + +depend() { + need net localmount + after firewall +} + +start_pre() { + checkpath -d -o oeffisearch:oeffisearch /run/oeffisearch +}+ \ No newline at end of file