feat: install and test mCaptcha/cache

This commit is contained in:
Aravinth Manivannan 2023-10-13 19:19:46 +05:30
parent 4186f1eb47
commit 2b23534250
Signed by: realaravinth
GPG key ID: F8F50389936984FF
5 changed files with 134 additions and 1 deletions

18
ansible/artifacts/cache/cache.service vendored Normal file
View file

@ -0,0 +1,18 @@
[Unit]
Description=Redis instance with mCaptcha cache module
After=network.target
Documentation=https://github.com/mCaptcha/cache
[Service]
Type=notify
ExecStart=/usr/bin/redis-server /etc/redis/redis.conf --supervised systemd --daemonize no
PIDFile=/run/redis/redis-server.pid
TimeoutStopSec=0
Restart=always
User=redis
Group=redis
RuntimeDirectory=redis
RuntimeDirectoryMode=2755
UMask=007
PrivateTmp=true

2
ansible/artifacts/cache/redis.conf vendored Normal file
View file

@ -0,0 +1,2 @@
loadmodule /usr/lib/redis/modules/libcache.so
bind 0.0.0.0

91
ansible/cache.yml Normal file
View file

@ -0,0 +1,91 @@
# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Base configuration
ansible.builtin.import_playbook: base.yml
- name: Install redis cache
hosts: mcaptcha_demo_server
remote_user: atm
pre_tasks:
- name: Ensure all VMs are reachable
ansible.builtin.ping:
tasks:
- name: Install redis-server
become: true
ansible.builtin.apt:
update_cache: true
pkg:
- redis-server
- name: Create Redis plugins dir
become: true
ansible.builtin.file:
path: /usr/lib/redis/modules
owner: redis
group: redis
state: directory
mode: "0755"
- name: Copy custom Redis configuration
become: true
ansible.builtin.copy:
src: ./artifacts/cache/redis.conf
dest: /etc/redis/
owner: redis
group: redis
force: true
mode: "0640"
- name: Create download dir
ansible.builtin.file:
path: /tmp/cache-lib
state: directory
mode: "0755"
- name: Download plugin
ansible.builtin.get_url:
url: https://dl.mcaptcha.org/mcaptcha/cache/master/cache-master-linux-amd64.tar.gz
dest: /tmp/cache-lib/
checksum: sha256:https://dl.mcaptcha.org/mcaptcha/cache/master/cache-master-linux-amd64.tar.gz.sha256
- name: Extract cache-master-linux-amd64.tar.gz into /var/lib/foo
ansible.builtin.unarchive:
src: /tmp/cache-lib/cache-master-linux-amd64.tar.gz
remote_src: true
dest: /tmp/cache-lib/
- name: Copy custom Redis configuration
become: true
notify: restart redis
ansible.builtin.copy:
src: /tmp/cache-lib/cache-master-linux-amd64/libcache.so
remote_src: true
dest: /usr/lib/redis/modules/
owner: redis
group: redis
force: true
mode: "0755"
# - name: Delete download dir
# ansible.builtin.file:
# path: /tmp/cache-lib
# state: absent
- name: Allow port 6379 for redis
become: true
community.general.ufw:
state: enabled
rule: allow
proto: tcp
port: "6379"
handlers:
- name: Restart redis
listen: restart redis
ansible.builtin.service:
name: redis
enabled: true
state: restarted

22
tests/cache/base.py vendored Normal file
View file

@ -0,0 +1,22 @@
# SPDX-FileCopyrightText: 2023 Aravinth Manivannan <realaravinth@batsense.net>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
import os
def test_redis_is_listening(host):
socket = host.socket(f"tcp://0.0.0.0:6379")
assert socket.is_listening
def test_redis_config_exists(host):
config = host.file("/etc/redis/redis.conf")
assert config.exists
assert config.is_file
def test_redis_service_running_and_enabled(host):
service = host.service("redis")
assert service.is_running
assert service.is_enabled