tivdzualubem · tivdzualubem · Jun 23, 2026 · Jun 23, 2026 · Jun 23, 2026 · Jun 23, 2026
diff --git a/ansible/files/quicknotes b/ansible/files/quicknotes
diff --git a/ansible/files/seed.json b/ansible/files/seed.json
@@ -0,0 +1,26 @@
+[
+  {
+    "id": 1,
+    "title": "Welcome to QuickNotes",
+    "body": "This is the project you'll containerize, deploy, monitor, and harden across all 10 labs.",
+    "created_at": "2026-01-15T10:00:00Z"
+  },
+  {
+    "id": 2,
+    "title": "Read app/main.go first",
+    "body": "Start by understanding the entry point — env vars, signal handling, graceful shutdown.",
+    "created_at": "2026-01-15T10:05:00Z"
+  },
+  {
+    "id": 3,
+    "title": "DevOps mantra",
+    "body": "If it hurts, do it more often.",
+    "created_at": "2026-01-15T10:10:00Z"
+  },
+  {
+    "id": 4,
+    "title": "Endpoint cheat-sheet",
+    "body": "GET /notes  GET /notes/{id}  POST /notes  DELETE /notes/{id}  GET /health  GET /metrics",
+    "created_at": "2026-01-15T10:15:00Z"
+  }
+]
diff --git a/ansible/inventory-local.ini b/ansible/inventory-local.ini
@@ -0,0 +1,2 @@
+[quicknotes_vm]
+ubuntu-jammy ansible_host=127.0.0.1 ansible_connection=local ansible_python_interpreter=/usr/bin/python3
diff --git a/ansible/inventory.ini b/ansible/inventory.ini
@@ -0,0 +1,9 @@
+[quicknotes_vm]
+quicknotes-vm ansible_host=192.168.240.1
+
+[quicknotes_vm:vars]
+ansible_port=2200
+ansible_user=vagrant
+ansible_ssh_private_key_file=~/.ssh/lab5_vagrant_rsa
+ansible_python_interpreter=/usr/bin/python3.10
+ansible_ssh_common_args='-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o PubkeyAcceptedKeyTypes=+ssh-rsa'
diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml
@@ -0,0 +1,142 @@
+---
+- name: Deploy QuickNotes to the Lab 5 VM
+  hosts: quicknotes_vm
+  become: true
+  gather_facts: false
+
+  vars:
+    quicknotes_user: quicknotes
+    quicknotes_group: quicknotes
+    quicknotes_data_dir: /var/lib/quicknotes
+    quicknotes_binary_path: /usr/local/bin/quicknotes
+    quicknotes_unit_path: /etc/systemd/system/quicknotes.service
+    quicknotes_listen_addr: ":8080"
+    quicknotes_data_path: /var/lib/quicknotes/notes.json
+    quicknotes_seed_path: /var/lib/quicknotes/seed.json
+    quicknotes_restart_delay: 6s
+
+    ansible_pull_checkout: /var/lib/ansible-pull
+    ansible_pull_repo_url: https://github.com/tivdzualubem/DevOps-Intro.git
+    ansible_pull_branch: feature/lab7
+
+  tasks:
+    - name: Ensure the QuickNotes system group exists
+      ansible.builtin.group:
+        name: "{{ quicknotes_group }}"
+        system: true
+        state: present
+
+    - name: Ensure the QuickNotes system user exists
+      ansible.builtin.user:
+        name: "{{ quicknotes_user }}"
+        group: "{{ quicknotes_group }}"
+        system: true
+        create_home: false
+        shell: /usr/sbin/nologin
+        state: present
+
+    - name: Ensure the QuickNotes data directory exists
+      ansible.builtin.file:
+        path: "{{ quicknotes_data_dir }}"
+        state: directory
+        owner: "{{ quicknotes_user }}"
+        group: "{{ quicknotes_group }}"
+        mode: "0750"
+
+    - name: Copy the QuickNotes binary
+      ansible.builtin.copy:
+        src: files/quicknotes
+        dest: "{{ quicknotes_binary_path }}"
+        owner: root
+        group: root
+        mode: "0755"
+      notify: Restart QuickNotes
+
+    - name: Copy the QuickNotes seed data
+      ansible.builtin.copy:
+        src: files/seed.json
+        dest: "{{ quicknotes_seed_path }}"
+        owner: "{{ quicknotes_user }}"
+        group: "{{ quicknotes_group }}"
+        mode: "0640"
+
+    - name: Render the QuickNotes systemd unit
+      ansible.builtin.template:
+        src: templates/quicknotes.service.j2
+        dest: "{{ quicknotes_unit_path }}"
+        owner: root
+        group: root
+        mode: "0644"
+      notify: Restart QuickNotes
+
+    - name: Enable and start QuickNotes
+      ansible.builtin.systemd:
+        name: quicknotes
+        enabled: true
+        state: started
+        daemon_reload: true
+      when: not ansible_check_mode
+
+    - name: Enable the Ubuntu Universe repository
+      ansible.builtin.apt_repository:
+        repo: "deb http://archive.ubuntu.com/ubuntu jammy universe"
+        filename: universe
+        state: present
+
+    - name: Install Ansible pull prerequisites from Ubuntu packages
+      ansible.builtin.apt:
+        name:
+          - ansible
+          - git
+        state: present
+        update_cache: true
+        cache_valid_time: 3600
+
+    - name: Ensure the Ansible pull checkout directory exists
+      ansible.builtin.file:
+        path: "{{ ansible_pull_checkout }}"
+        state: directory
+        owner: root
+        group: root
+        mode: "0755"
+
+    - name: Render the Ansible pull service
+      ansible.builtin.template:
+        src: templates/ansible-pull.service.j2
+        dest: /etc/systemd/system/ansible-pull.service
+        owner: root
+        group: root
+        mode: "0644"
+      notify: Restart Ansible pull timer
+
+    - name: Render the Ansible pull timer
+      ansible.builtin.template:
+        src: templates/ansible-pull.timer.j2
+        dest: /etc/systemd/system/ansible-pull.timer
+        owner: root
+        group: root
+        mode: "0644"
+      notify: Restart Ansible pull timer
+
+    - name: Enable and start the Ansible pull timer
+      ansible.builtin.systemd:
+        name: ansible-pull.timer
+        enabled: true
+        state: started
+        daemon_reload: true
+      when: not ansible_check_mode
+
+  handlers:
+    - name: Restart QuickNotes
+      ansible.builtin.systemd:
+        name: quicknotes
+        state: restarted
+        daemon_reload: true
+      when: not ansible_check_mode
+
+    - name: Restart Ansible pull timer
+      ansible.builtin.systemd:
+        name: ansible-pull.timer
+        state: restarted
+        daemon_reload: true
+      when: not ansible_check_mode
diff --git a/ansible/templates/ansible-pull.service.j2 b/ansible/templates/ansible-pull.service.j2
@@ -0,0 +1,12 @@
+[Unit]
+Description=Apply QuickNotes configuration from Git
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Type=oneshot
+User=root
+Group=root
+WorkingDirectory={{ ansible_pull_checkout }}
+Environment="ANSIBLE_NOCOLOR=1"
+ExecStart=/usr/bin/ansible-pull -U {{ ansible_pull_repo_url }} -C {{ ansible_pull_branch }} -d {{ ansible_pull_checkout }} -i {{ ansible_pull_checkout }}/ansible/inventory-local.ini {{ ansible_pull_checkout }}/ansible/playbook.yaml
diff --git a/ansible/templates/ansible-pull.timer.j2 b/ansible/templates/ansible-pull.timer.j2
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run Ansible Pull every five minutes
+
+[Timer]
+OnBootSec=1min
+OnUnitActiveSec=5min
+Persistent=true
+Unit=ansible-pull.service
+
+[Install]
+WantedBy=timers.target
diff --git a/ansible/templates/quicknotes.service.j2 b/ansible/templates/quicknotes.service.j2
@@ -0,0 +1,19 @@
+[Unit]
+Description=QuickNotes API
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+Type=simple
+User={{ quicknotes_user }}
+Group={{ quicknotes_group }}
+WorkingDirectory={{ quicknotes_data_dir }}
+Environment="ADDR={{ quicknotes_listen_addr }}"
+Environment="DATA_PATH={{ quicknotes_data_path }}"
+Environment="SEED_PATH={{ quicknotes_seed_path }}"
+ExecStart={{ quicknotes_binary_path }}
+Restart=on-failure
+RestartSec={{ quicknotes_restart_delay }}
+
+[Install]
+WantedBy=multi-user.target
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		[quicknotes_vm]
		ubuntu-jammy ansible_host=127.0.0.1 ansible_connection=local ansible_python_interpreter=/usr/bin/python3