veza/ansible/deploy-veza.sh

#!/bin/bash
# Veza V5 Ultra Deployment Script
# Deploys Veza using Ansible + Incus/OVN + HAProxy-in-container + Let's Encrypt

set -euo pipefail

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color

# Configuration
INVENTORY="ansible/inventory/prod/hosts.yml"
DOMAIN="veza.talas.fr"
ACME_EMAIL="ops@talas.fr"
TARGET_HOST="192.168.0.12"

# Functions
log_info() {
    echo -e "${BLUE}[INFO]${NC} $1"
}

log_success() {
    echo -e "${GREEN}[SUCCESS]${NC} $1"
}

log_warning() {
    echo -e "${YELLOW}[WARNING]${NC} $1"
}

log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

check_prerequisites() {
    log_info "Checking prerequisites..."
    
    # Check if ansible is installed
    if ! command -v ansible-playbook &> /dev/null; then
        log_error "ansible-playbook is not installed. Please install Ansible first."
        exit 1
    fi
    
    # Check if inventory file exists
    if [[ ! -f "$INVENTORY" ]]; then
        log_error "Inventory file $INVENTORY not found!"
        exit 1
    fi
    
    # Check if playbooks exist
    for playbook in ansible/playbooks/00-bootstrap-remote.yml ansible/playbooks/10-incus-ovn.yml ansible/playbooks/20-incus-containers.yml ansible/playbooks/30-haproxy-in-container.yml ansible/playbooks/40-veza-apps.yml ansible/playbooks/50-smoke.yml; do
        if [[ ! -f "$playbook" ]]; then
            log_error "Playbook $playbook not found!"
            exit 1
        fi
    done
    
    # Check SSH connectivity
    log_info "Testing SSH connectivity to $TARGET_HOST..."
    if ! ssh -o ConnectTimeout=10 -o BatchMode=yes senke@$TARGET_HOST "echo 'SSH connection successful'" &> /dev/null; then
        log_error "Cannot connect to $TARGET_HOST via SSH. Please check your SSH key and connectivity."
        exit 1
    fi
    
    log_success "Prerequisites check passed!"
}

run_playbook() {
    local playbook="$1"
    local description="$2"
    local extra_vars="$3"
    
    log_info "Running: $description"
    log_info "Playbook: $playbook"
    
    if [[ -n "$extra_vars" ]]; then
        log_info "Extra vars: $extra_vars"
        ansible-playbook -i "$INVENTORY" "$playbook" -e "$extra_vars" -v
    else
        ansible-playbook -i "$INVENTORY" "$playbook" -v
    fi
    
    if [[ $? -eq 0 ]]; then
        log_success "$description completed successfully!"
    else
        log_error "$description failed!"
        exit 1
    fi
}

deploy_veza() {
    log_info "Starting Veza V5 Ultra deployment..."
    log_info "Target host: $TARGET_HOST"
    log_info "Domain: $DOMAIN"
    log_info "ACME Email: $ACME_EMAIL"
    echo
    
    # Step 1: Bootstrap remote host
    run_playbook "ansible/playbooks/00-bootstrap-remote.yml" "Bootstrap Debian host"
    echo
    
    # Step 2: Install Incus + OVN
    run_playbook "ansible/playbooks/10-incus-ovn.yml" "Install Incus + OVN single-host"
    echo
    
    # Step 3: Create containers
    run_playbook "ansible/playbooks/20-incus-containers.yml" "Create Incus containers"
    echo
    
    # Step 4: Configure HAProxy + ACME
    run_playbook "ansible/playbooks/30-haproxy-in-container.yml" "Configure HAProxy + ACME" "domain=$DOMAIN acme_email=$ACME_EMAIL"
    echo
    
    # Step 5: Deploy applications
    run_playbook "ansible/playbooks/40-veza-apps.yml" "Deploy Veza applications"
    echo
    
    # Step 6: Run smoke tests
    run_playbook "ansible/playbooks/50-smoke.yml" "Run smoke tests"
    echo
    
    log_success "Veza V5 Ultra deployment completed successfully!"
    echo
    log_info "Next steps:"
    log_info "1. Point DNS A record for $DOMAIN to $TARGET_HOST"
    log_info "2. Re-run HAProxy playbook to get Let's Encrypt certificate:"
    log_info "   ansible-playbook -i $INVENTORY ansible/playbooks/30-haproxy-in-container.yml -e domain=$DOMAIN -e acme_email=$ACME_EMAIL"
    log_info "3. Test full functionality with real domain"
    echo
    log_info "Access URLs:"
    log_info "- HTTP:  http://$TARGET_HOST/"
    log_info "- HTTPS: https://$TARGET_HOST/ (self-signed cert until DNS is configured)"
    log_info "- API:   https://$TARGET_HOST/api/"
    log_info "- WS:    wss://$TARGET_HOST/ws/"
    log_info "- Stream: https://$TARGET_HOST/stream/"
}

show_help() {
    echo "Veza V5 Ultra Deployment Script"
    echo
    echo "Usage: $0 [OPTIONS]"
    echo
    echo "Options:"
    echo "  -h, --help              Show this help message"
    echo "  -d, --domain DOMAIN     Set domain (default: $DOMAIN)"
    echo "  -e, --email EMAIL       Set ACME email (default: $ACME_EMAIL)"
    echo "  -t, --target HOST       Set target host (default: $TARGET_HOST)"
    echo "  --bootstrap-only        Run only bootstrap playbook"
    echo "  --infra-only            Run bootstrap + infrastructure playbooks"
    echo "  --apps-only             Run only applications playbook"
    echo "  --test-only             Run only smoke tests"
    echo
    echo "Examples:"
    echo "  $0                                    # Full deployment"
    echo "  $0 -d myapp.example.com -e admin@example.com  # Custom domain and email"
    echo "  $0 --bootstrap-only                   # Only bootstrap the host"
    echo "  $0 --infra-only                       # Only setup infrastructure"
}

# Parse command line arguments
BOOTSTRAP_ONLY=false
INFRA_ONLY=false
APPS_ONLY=false
TEST_ONLY=false

while [[ $# -gt 0 ]]; do
    case $1 in
        -h|--help)
            show_help
            exit 0
            ;;
        -d|--domain)
            DOMAIN="$2"
            shift 2
            ;;
        -e|--email)
            ACME_EMAIL="$2"
            shift 2
            ;;
        -t|--target)
            TARGET_HOST="$2"
            shift 2
            ;;
        --bootstrap-only)
            BOOTSTRAP_ONLY=true
            shift
            ;;
        --infra-only)
            INFRA_ONLY=true
            shift
            ;;
        --apps-only)
            APPS_ONLY=true
            shift
            ;;
        --test-only)
            TEST_ONLY=true
            shift
            ;;
        *)
            log_error "Unknown option: $1"
            show_help
            exit 1
            ;;
    esac
done

# Main execution
main() {
    log_info "Veza V5 Ultra Deployment Script"
    log_info "================================"
    echo
    
    check_prerequisites
    
    if [[ "$BOOTSTRAP_ONLY" == true ]]; then
        run_playbook "ansible/playbooks/00-bootstrap-remote.yml" "Bootstrap Debian host"
    elif [[ "$INFRA_ONLY" == true ]]; then
        run_playbook "ansible/playbooks/00-bootstrap-remote.yml" "Bootstrap Debian host"
        run_playbook "ansible/playbooks/10-incus-ovn.yml" "Install Incus + OVN single-host"
        run_playbook "ansible/playbooks/20-incus-containers.yml" "Create Incus containers"
        run_playbook "ansible/playbooks/30-haproxy-in-container.yml" "Configure HAProxy + ACME" "domain=$DOMAIN acme_email=$ACME_EMAIL"
    elif [[ "$APPS_ONLY" == true ]]; then
        run_playbook "ansible/playbooks/40-veza-apps.yml" "Deploy Veza applications"
    elif [[ "$TEST_ONLY" == true ]]; then
        run_playbook "ansible/playbooks/50-smoke.yml" "Run smoke tests"
    else
        deploy_veza
    fi
}

# Run main function
main "$@"