#423 -- Update Ansible compliance, build uninstaller and migrator scripts (#442)

The cumulative results of improvements to the Ansible deployment scripts that will facilitate both cleaner traditional installs and updates, full uninstallations of the traditional codebase, and a Traditional-to-Docker migration process.

Vagrantfile

@@ -1,44 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
-VAGRANTFILE_API_VERSION = "2"
-
-Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-
-  config.vm.box = "bento/ubuntu-16.04"
-  config.ssh.insert_key = false
-
-  # Support for Parallels provider for Vagrant
-  # See: http://parallels.github.io/vagrant-parallels/docs/
-  config.vm.provider "parallels" do |v, override|
-    # v.update_guest_tools = true
-    v.memory = 1024
-  end
-
-  # Customization for Virtualbox (default provider)
-  config.vm.provider :virtualbox do |vb|
-    vb.memory = 1024
-    vb.customize [
-      'modifyvm', :id,
-      '--natdnshostresolver1', 'on',
-    ]
-  end
-
-  # Disabled for Windows 10 + VirtualBox
-  config.vm.network "private_network",  ip: "192.168.23.100"
-
-  config.vm.synced_folder ".", "/var/azuracast/www", create: true, user: "azuracast", group: "www-data"
-  config.vm.synced_folder ".", "/vagrant"
-
-  config.vm.provision "shell" do |s|
-    s.path = "util/ansible_setup.sh"
-  end
-
-  config.vm.provision "ansible_local" do |ansible|
-    ansible.provisioning_path = "/var/azuracast/www"
-    ansible.tmp_path = "/var/azuracast/www/ansible/tmp"
-    ansible.playbook = "util/ansible/deploy.yml"
-  end
-
-end

docker-compose.migrate.yml

@@ -0,0 +1,21 @@
+version: '2'
+
+services:
+  migrate_influx:
+    image: influxdb:alpine
+    volumes:
+      - influx_data:/var/lib/influxdb
+      - ../migration:/tmp/migration
+    command: sh -c "influxd restore -metadir /var/lib/influxdb/meta /tmp/migration && influxd restore -database stations -datadir /var/lib/influxdb/data /tmp/migration"
+
+  migrate_stations:
+    image: alpine:latest
+    volumes:
+      - ../stations:/tmp/source
+      - station_data:/tmp/dest
+    working_dir: /tmp/source
+    command: sh -c "mv ./* /tmp/dest/"
+
+  web:
+    volumes:
+      - ./util/fixtures/01_docker_migration.sql:/var/azuracast/www/util/fixtures/01_docker_migration.sql

docker-migrate.sh

@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+
+if [[ $EUID -ne 0 ]]; then
+   echo "This script must be run as root"
+   exit 1
+fi
+
+# Run system update first
+chmod a+x update.sh
+./update.sh
+
+# Dump MySQL data into fixtures folder
+MYSQL_USERNAME=`awk -F "=" '/db_username/ {print $2}' app/env.ini | tr -d ' '`
+MYSQL_PASSWORD=`awk -F "=" '/db_password/ {print $2}' app/env.ini | tr -d ' '`
+
+mysqldump --add-drop-table -u$MYSQL_USERNAME -p$MYSQL_PASSWORD azuracast > util/fixtures/01_docker_migration.sql
+
+read -n 1 -s -r -p "MySQL exported. Press any key to continue (Export InfluxDB)..."
+
+# Dump InfluxDB data
+mkdir -p /var/azuracast/migration
+
+influxd backup /var/azuracast/migration
+influxd backup -database stations /var/azuracast/migration
+
+read -n 1 -s -r -p "InfluxDB exported. Press any key to continue (Install Docker)..."
+
+# Install Docker
+wget -qO- https://get.docker.com/ | sh
+
+COMPOSE_VERSION=`git ls-remote https://github.com/docker/compose | grep refs/tags | grep -oP "[0-9]+\.[0-9][0-9]+\.[0-9]+$" | tail -n 1`
+sudo sh -c "curl -L https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose"
+sudo chmod +x /usr/local/bin/docker-compose
+sudo sh -c "curl -L https://raw.githubusercontent.com/docker/compose/${COMPOSE_VERSION}/contrib/completion/bash/docker-compose > /etc/bash_completion.d/docker-compose"
+
+# Pull Docker images
+docker-compose pull
+
+docker-compose -f docker-compose.yml -f docker-compose.migrate.yml run --rm migrate_influx
+
+read -n 1 -s -r -p "InfluxDB data migrated to Docker. Press any key to continue (Uninstall Traditional AzuraCast)..."
+
+# Run traditional uninstaller
+chmod a+x uninstall.sh
+./uninstall.sh
+
+read -n 1 -s -r -p "Uninstall complete. Press any key to continue (Install AzuraCast in Docker)..."
+
+# Run Docker AzuraCast-specific installer
+docker-compose -f docker-compose.yml -f docker-compose.migrate.yml run --rm migrate_stations
+docker-compose -f docker-compose.yml -f docker-compose.migrate.yml run --rm cli azuracast_install
+
+# Spin up Docker
+docker-compose up -d
+
+# Docker cleanup
+docker-compose rm -f
+
+docker volume prune -f
+docker rmi $(docker images | grep "none" | awk '/ / { print $3 }')

uninstall.sh

@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+APP_ENV="${APP_ENV:-production}"
+
+read -p "WARNING: This operation is destructive and will uninstall software on this server. Continue? [y/N] " -n 1 -r
+echo
+
+if [[ $REPLY =~ ^[Yy]$ ]]; then
+
+    echo "Uninstalling AzuraCast..."
+    ansible-playbook util/ansible/uninstall.yml --inventory=util/ansible/hosts --extra-vars "app_env=$APP_ENV"
+
+    echo " "
+    echo "Uninstallation complete. Some components were not removed."
+    echo " "
+    echo "To automatically remove unnecessary packages, run:"
+    echo "  apt-get autoremove"
+    echo " "
+    echo "To remove MariaDB data, run:"
+    echo "  rm -rfv /etc/mysql /var/lib/mysql"
+    echo " "
+    echo "To remove AzuraCast station data, run:"
+    echo "  rm -rf /var/azuracast/stations"
+    echo " "
+    echo "If moving to Docker, you can remove every file in this folder except docker-compose.yml."
+    echo "Thanks for using AzuraCast!"
+    echo " "
+
+fi

update.sh

@@ -27,6 +27,9 @@ if [ "" == "$PKG_OK" ]; then
     sudo apt-add-repository ppa:ansible/ansible
     sudo apt-get update
     sudo apt-get install -q -y ansible python-mysqldb
+else
+    sudo apt-get update
+    sudo apt-get install -q -y ansible python-mysqldb
 fi
 
 APP_ENV="${APP_ENV:-production}"

util/ansible/deploy.yml

@@ -6,7 +6,7 @@
     www_base: "{{ util_base | dirname }}"
     app_base: "{{ www_base | dirname }}"
     tmp_base: "{{ app_base }}/www_tmp"
-    app_env: "development"
+    app_env: "production"
     testing_mode: false
 
     dev_azuracast_user_password: "azuracast"
@@ -28,5 +28,4 @@
     - composer
     - services
     - azuracast-db
-    - { role: azuracast-cron, when: testing_mode == false }
-    - { role: azuracast-build, when: testing_mode == false and app_env == 'development' }
+    - { role: azuracast-cron, when: testing_mode == false }

util/ansible/roles/azuracast-build/tasks/main.yml

@@ -1,40 +0,0 @@
----
-  - name: Install Node
-    become: true
-    apt:  pkg="{{ item }}" state=latest
-    with_items:
-     - nodejs
-     - npm
-
-  - name: Symlink Nodejs Binary
-    become: true
-    file: src=/usr/bin/nodejs dest=/usr/bin/node state=link
-
-  - name: Create build directory
-    file: path="{{ app_base }}/build" state=directory owner=azuracast group=www-data mode=0777
-
-  - name: Symlink Nodejs Binary
-    become: true
-    file: src="{{ www_base }}/web/static/{{ item }}" dest="{{ app_base }}/build/{{ item }}" state=link
-    with_items:
-     - gruntfile.js
-     - package.json
-
-  - name: Install Node global packages
-    shell: "npm install -g {{ item }} --loglevel warn"
-    with_items:
-     - bower
-     - grunt
-
-  - name: Install Node packages
-    shell: "npm install --loglevel warn"
-    args:
-      chdir: "{{ app_base }}/build"
-
-  - name: Install Developer Tools
-    become: true
-    apt:  pkg="{{ item }}" state=latest
-    with_items:
-     - php7.0-xdebug
-     - vim
-     - gettext

util/ansible/roles/azuracast-config/tasks/main.yml

@@ -23,8 +23,4 @@
      - "{{ app_base }}/stations"
      - "{{ app_base }}/servers"
      - "{{ app_base }}/servers/shoutcast2"
-     - "{{ app_base }}/servers/icecast2"
-
-  - name: Make App Directory Writeable (Testing Mode Only)
-    file: path="{{ app_base }}" state=directory owner=azuracast group=www-data mode=0777 recurse=true
-    when: testing_mode|bool == true
+     - "{{ app_base }}/servers/icecast2"

util/ansible/roles/azuracast-radio/tasks/main.yml

@@ -1,8 +1,6 @@
 ---
-  - include: x86.yml
-    dynamic: no
+  - include_tasks: x86.yml
     when: ansible_architecture == 'x86_64' or ansible_architecture == 'i386'
 
-  - include: armhf.yml
-    dynamic: no
+  - include_tasks: armhf.yml
     when: ansible_architecture != 'x86_64' and ansible_architecture != 'i386'

util/ansible/roles/azuracast-user/handlers/main.yml

@@ -1,4 +1,4 @@
 ---
 - name: send user notification
   debug:
-    msg: "A user account named 'azuracast' has been created. The password associated with this account is: {{ azuracast_user_password }}"
+    msg: "A user account named 'azuracast' has been created. The password associated with this account is: {{ prod_azuracast_user_password.stdout }}"

util/ansible/roles/azuracast-user/tasks/main.yml

@@ -1,8 +1,7 @@
 ---
-  - name: (Prod) Generate AzuraCast Password
+  - name: Generate AzuraCast Password
     command: pwgen 8 -sn 1
     register: prod_azuracast_user_password
-    when: app_env == "production"
 
   - name: Create Groups
     become: true
@@ -11,10 +10,6 @@
      - www-data
      - admin
 
-  - name: Assign User Password
-    set_fact:
-      azuracast_user_password: "{{ prod_azuracast_user_password.stdout if app_env == 'production' else dev_azuracast_user_password }}"
-
   - name: Create AzuraCast User
     become: true
     user:
@@ -23,24 +18,9 @@
       comment: "AzuraCast"
       shell: /bin/bash
       groups: 'sudo,admin,www-data'
-      password: "{{ azuracast_user_password|password_hash('sha512') }}"
+      password: "{{ prod_azuracast_user_password.stdout|password_hash('sha512') }}"
     notify: send user notification
 
   - name: Modify www-data User
     become: true
-    user: name=www-data groups="azuracast" append=yes
-
-  - name: (Dev) Modify vagrant User
-    become: true
-    user: name=vagrant groups="www-data" append=yes
-    when: app_env == "development"
-
-  - name: (Dev) Modify www-data User
-    become: true
-    user: name=www-data groups="vagrant" append=yes
-    when: app_env == "development"
-
-  - name: (Dev) Add azuracast User to vagrant Group
-    become: true
-    user: name=azuracast groups="vagrant" append=yes
-    when: app_env == "development"
+    user: name=www-data groups="azuracast" append=yes

util/ansible/roles/php/tasks/main.yml

@@ -49,13 +49,6 @@
      - php7.2-intl        # Localization
      - php7.2-redis       # Cache
 
-  - name: Install xdebug for testing
-    become: true
-    apt: package="{{ item }}" state=latest
-    with_items:
-     - php7.2-xdebug
-    when: testing_mode|bool == true
-
   - name: List locales
     shell: "cd {{ www_base }}/app/locale/; for i in $(ls -d */); do echo ${i%%/}; done"
     register: locale_list

util/ansible/roles/uninstall/tasks/main.yml

@@ -0,0 +1,108 @@
+---
+  - debug:
+      msg: "Running Ansible on {{ inventory_hostname }} with OS {{ ansible_distribution }} {{ ansible_distribution_release }} {{ ansible_distribution_version }} {{ ansible_architecture }} ({{ app_env }})"
+
+  - name: Shut down all services
+    service:
+      name: "{{ item }}"
+      state: stopped
+    with_items:
+     - influxdb
+     - mysql
+     - php7.2-fpm
+     - nginx
+     - redis-server
+     - supervisor
+    ignore_errors: True
+
+  - name: Kill all processes owned by AzuraCast user
+    become: true
+    command: pkill -9 -u azuracast
+    ignore_errors: true
+
+  - name: Update apt
+    become: true
+    apt:
+      update_cache: yes
+
+  - name: Remove AzuraCast User
+    become: true
+    user:
+      name: azuracast
+      state: absent
+
+  - name: Remove AzuraCast folders
+    file: path="{{ item }}" state=absent
+    with_items:
+     - "{{ tmp_base }}"
+     - "{{ app_base }}/servers"
+
+  - name: Remove PPAs
+    become: true
+    apt_repository: repo="{{ item }}" state=absent
+    with_items:
+      - ppa:avsm/ppa
+
+  - name: UFW - Turn off Firewall
+    ufw:
+      state: disabled
+    ignore_errors: True
+
+  - name: Remove software
+    become: true
+    apt: pkg="{{ item }}" state=absent force=yes purge=yes
+    with_items:
+      # Radio software
+      - icecast2
+      - liquidsoap
+      - liquidsoap-plugin-*
+      - libxml2
+      - libxslt1-dev
+      - libvorbis-dev
+      - libssl-dev
+      - libcurl4-openssl-dev
+      - opam
+      - libpcre3-dev
+      - libfdk-aac-dev
+      - libmad0-dev
+      - libmp3lame-dev
+      - libtag1-dev
+      - libfaad-dev
+      - libflac-dev
+      - libogg-dev
+      - libopus-dev
+      - m4
+      - aspcud
+      - camlp4
+
+      # Supervisord
+      - supervisor
+
+      # InfluxDB
+      - influxdb
+
+      # Nginx
+      - nginx
+      - nginx-*
+
+      # PHP 7.2
+      - php7.2-*
+
+      # MariaDB
+      - mariadb-*
+
+      # Redis
+      - redis-server
+
+      # UFW Firewall
+      - ufw
+
+      # Ansible itself
+      - python2.7
+      - python-pip
+      - python-mysqldb
+      - ansible
+
+      # System packages
+      - pwgen
+      - lnav

util/ansible/uninstall.yml

@@ -0,0 +1,14 @@
+---
+- hosts: all
+  become: true
+  vars:
+    util_base: "{{ playbook_dir | dirname }}"
+    www_base: "{{ util_base | dirname }}"
+    app_base: "{{ www_base | dirname }}"
+    tmp_base: "{{ app_base }}/www_tmp"
+    app_env: "production"
+    testing_mode: false
+    update_revision: 1
+
+  roles:
+    - uninstall