diff options
Diffstat (limited to 'roles/apps/node-red/instance')
-rw-r--r-- | roles/apps/node-red/instance/tasks/main.yml | 54 | ||||
-rw-r--r-- | roles/apps/node-red/instance/templates/pod-spec.yml.j2 | 21 |
2 files changed, 75 insertions, 0 deletions
diff --git a/roles/apps/node-red/instance/tasks/main.yml b/roles/apps/node-red/instance/tasks/main.yml new file mode 100644 index 00000000..ec9b9dff --- /dev/null +++ b/roles/apps/node-red/instance/tasks/main.yml @@ -0,0 +1,54 @@ +--- +## TODO: add storage handling! +- set_fact: + node_red_instance_basepath: "/srv/node-red/{{ node_red_instance }}" +## + +## TODO: custom user + +- name: create instance directories + loop: + - data + - tls + file: + path: "{{ node_red_instance_basepath }}/{{ item }}" + state: directory + owner: 1000 + mode: 0700 + +- name: generate/install/fetch TLS certificate + when: "'mqtt_tls' in node_red_instances[node_red_instance]" + vars: + x509_certificate_name: "node-red-{{ node_red_instance }}_mqtt" + x509_certificate_hostnames: [] + x509_certificate_config: "{{ node_red_instances[node_red_instance].mqtt_tls.certificate_config }}" + x509_certificate_renewal: + install: + - dest: "{{ node_red_instance_basepath }}/tls/mqtt-crt.pem" + src: + - fullchain + owner: root + group: 1000 + mode: "0644" + - dest: "{{ node_red_instance_basepath }}/tls/mqtt-key.pem" + src: + - key + owner: root + group: 1000 + mode: "0640" + - dest: "{{ node_red_instance_basepath }}/tls/mqtt-ca-crt.pem" + src: + - ca_cert + owner: root + group: 1000 + mode: "0644" + include_role: + name: "x509/{{ node_red_instances[node_red_instance].mqtt_tls.certificate_provider }}/cert" + +- name: install pod manifest + vars: + kubernetes_standalone_pod: + name: "node-red-{{ node_red_instance }}" + spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" + include_role: + name: kubernetes/standalone/pod diff --git a/roles/apps/node-red/instance/templates/pod-spec.yml.j2 b/roles/apps/node-red/instance/templates/pod-spec.yml.j2 new file mode 100644 index 00000000..29f2161a --- /dev/null +++ b/roles/apps/node-red/instance/templates/pod-spec.yml.j2 @@ -0,0 +1,21 @@ +containers: +- name: node-red + image: "nodered/node-red:{{ node_red_instances[node_red_instance].version }}-debian" + volumeMounts: + - name: tls + mountPath: /tls + readOnly: true + - name: data + mountPath: /data + ports: + - containerPort: 1880 + hostPort: {{ node_red_instances[node_red_instance].port }} +volumes: +- name: tls + hostPath: + path: "{{ node_red_instance_basepath }}/tls" + type: Directory +- name: data + hostPath: + path: "{{ node_red_instance_basepath }}/data" + type: Directory |