https://github.com/hazemdotcom/barq-lite-deployment

Automated deployment and management of BARQ Lite Java application using Ansible and Bash scripts
https://github.com/hazemdotcom/barq-lite-deployment

ansible ansible-playbook ansible-role deploy deployment deployment-automation docker docker-image dockerfile idempotency idempotent inventory jar java yaml

Last synced: about 1 month ago
JSON representation

Automated deployment and management of BARQ Lite Java application using Ansible and Bash scripts

• Host: GitHub
• URL: https://github.com/hazemdotcom/barq-lite-deployment
• Owner: hazemdotcom
• Created: 2025-08-24T14:16:38.000Z (about 1 month ago)
• Default Branch: main
• Last Pushed: 2025-08-24T14:49:51.000Z (about 1 month ago)
• Last Synced: 2025-08-24T19:43:31.352Z (about 1 month ago)
• Topics: ansible, ansible-playbook, ansible-role, deploy, deployment, deployment-automation, docker, docker-image, dockerfile, idempotency, idempotent, inventory, jar, java, yaml
• Homepage:
• Size: 14.6 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          

# BARQ Lite – Two-Server Ops Project

## Overview / Description

The **BARQ Lite – Two-Server Ops Project** automates the deployment and operational management of a small Java-based application across two Linux servers (`s1` and `s2`).  

The project achieves the following:

- Sets up necessary directories and log files for the application.

- Deploys a prebuilt Java JAR (`barq-lite.jar`) to both servers using Ansible.

- Configures a systemd service to ensure the application runs at boot and logs to `/var/log/barq/barq.log`.

- Automates log compression and retention using a Bash script scheduled via cron.

- Automates TLS certificate reporting with a Bash script and cron job.

- Ensures tasks are idempotent and can be re-run without causing unintended changes.

> **Note:** The optional Docker deployment for the Java application is not included in this setup.

## Project Scope / Scenario

This project is designed to set up and automate operational tasks for the **BARQ Lite** Java application on two Linux servers, `s1` and `s2`.  

**Scenario:**

- **Servers:** Two Linux servers with no initial application files, logs, or TLS certificates.  

- **Application:** A prebuilt Java application (`barq-lite.jar`) that writes logs to `/var/log/barq/barq.log`.  

- **Tasks:**

  - Create necessary directories for logs and releases.

  - Deploy the Java application to `/opt/barq/releases//`.

  - Update `/opt/barq/current` symlink to point to the latest release.

  - Configure a systemd service (`barq.service`) to run the application on boot.

  - Automate log management via a Bash script (`log-lite.sh`) scheduled with cron.

  - Automate TLS certificate reporting via a Bash script (`cert-lite.sh`) scheduled with cron.

- **Automation Tools:** Bash for scripting, Ansible for deployment and orchestration.

- **Goal:** Ensure the Java application runs reliably, logs are properly managed, and TLS certificates are monitored automatically across both servers.

## Prerequisites

Before running the playbooks and scripts, ensure the following prerequisites are met on both servers (`s1` and `s2`):

### Operating System

- Linux-based server (Ubuntu 20.04/22.04, Debian 10/11, or CentOS 7/8)

### Packages and Tools

- **Java JDK** (required to run `barq-lite.jar`)  

  ```bash

  java -version

## Environment Setup

Before deploying the application, the following resources are created on both servers:

### 1. Application Logs

- Directory: `/var/log/barq/`

- Two initial log files are created:

  - One with **yesterday's date** in the filename

  - One with **today's date** in the filename

- These logs are used by the Java application and for automated log compression.

### 2. Java Application Release

- The prebuilt JAR file `barq-lite.jar` is deployed to: 

`/opt/barq/releases//`

- A symbolic link `/opt/barq/current` points to the latest release, ensuring easy rollback and deployment management.

- Logs generated by the application are written to `/var/log/barq/barq.log`.

### 3. TLS Certificate Folder

- Directory: `/etc/ssl/patrol/`

- At least one short-lived self-signed certificate is generated for testing purposes.

- Certificates are later scanned and reported via a Bash script (`cert-lite.sh`) scheduled in cron.

> All directories and files are created in an idempotent manner using Ansible, so re-running the playbooks does not overwrite existing resources unnecessarily.

## Bash Scripts & Cron Jobs

Two Bash scripts are implemented to automate operational tasks on the servers.

### 1. `log-lite.sh` – Log Compression & Retention

- **Purpose:** 

Compresses all log files from yesterday in `/var/log/barq/` and deletes compressed logs older than 7 days.  

- **Location:** 

`/usr/local/bin/log-lite.sh`  

- **Cron Schedule:** 

Runs daily at **01:10**  

  ```cron

  10 1 * * * /usr/local/bin/log-lite.sh

### 2. `cert-lite.sh` – TLS Certificate Report

- **Purpose:**  

  Automates the scanning of TLS certificates in `/etc/ssl/patrol/` and generates a report containing the certificate name, expiration date, and remaining days until expiry.

- **Location:**  

  `/usr/local/bin/cert-lite.sh`

- **Report format:**

    ```

    cert_name | NotAfter_date | days_remaining

    ```

- **Cron Schedule:**  

  Runs automatically every day at **07:00**

  ```cron

  0 7 * * * /usr/local/bin/cert-lite.sh

## Ansible Deployment

The BARQ Lite Java application is deployed and managed using Ansible to ensure a consistent and automated setup across both servers.

### 1. Inventory

The Ansible inventory defines the servers that will be managed:

```ini

[barq]

s1 ansible_host=192.168.1.10 ansible_user=hazem

s2 ansible_host=192.168.1.11 ansible_user=hazem

```

### 2. Roles and Playbooks

The deployment is modularized using roles and orchestrated via playbooks.

**Roles:**

- `barq_logs` – Creates log directories and initial log files

- `barq_app` – Uploads the Java JAR, creates release directories, updates the symlink

- `barq_service` – Configures systemd service for the Java application

**Playbooks:**

- `deploy-app.yaml` – Main playbook that executes the roles in a serial deployment (one server at a time)

**Running the Playbooks**

Follow these steps to deploy BARQ Lite Java Application on both servers (`s1` and `s2`):

1. **Ensure prerequisites are installed on the control node:**

   - Ansible

   - SSH access to the target servers

   - Sudo privileges on the target servers

2. **Run the main deployment playbook:**

```bash

ansible-playbook -i inventory.txt deploy-app.yaml -K --ask-pass

```

-   `-i inventory.txt` → specifies the inventory file

    

-   `-K` → prompts for the sudo (become) password if required

### 3. Java Application Deployment

- The prebuilt Java JAR (`barq-lite.jar`) is uploaded to:

`/opt/barq/releases//`

- A symbolic link `/opt/barq/current` points to the latest release.

- Ensures easy rollback by updating the symlink.

- Deployment is performed serially to avoid simultaneous changes on multiple servers.

### 4. Systemd Service Setup

A systemd service (`barq.service`) is configured to run the Java application at boot:

```ini

[Unit]

Description=BARQ Lite Java App

After=network.target

[Service]

User=root

ExecStart=/usr/bin/java -jar /opt/barq/current/barq-lite.jar

StandardOutput=file:/var/log/barq/barq.log

StandardError=file:/var/log/barq/barq.log

Restart=always

[Install]

WantedBy=multi-user.target 

```

-   Service is enabled and started automatically.

    

-   Logs are written to `/var/log/barq/barq.log`.

### **5. Idempotency**

All Ansible tasks are designed to be idempotent, meaning they can be executed multiple times without causing unintended changes.

Examples:

- Directories are created only if they do not exist.

- Files are copied only if they differ from the target.

- Systemd service state is checked before applying changes.

This ensures safe re-execution of playbooks for maintenance or updates.

## Directory / File Structure

The project is organized as follows:

```

ansible/  

	├── deploy-app.yaml

	├── inventory.txt 

	├── barq-lite.jar

	├── roles/

		├── barq_logs/  

		│ └── tasks/main.yml  

		├── barq_app/  

		│ └── tasks/main.yml  

		├── barq_service/  

		│ └── tasks/main.yml  

```

## Conclusion

This project automates the deployment and management of the BARQ Lite Java application across multiple servers.  

Key achievements:

- Automated creation of application directories, log files, and TLS certificate folders.

- Bash scripts for log compression and TLS certificate reporting with scheduled cron jobs.

- Java application deployment using Ansible with release management and symbolic linking.

- Systemd service setup for automatic startup and log handling.

- Idempotent Ansible tasks allowing safe re-execution for updates or maintenance.

- Optional Docker packaging can containerize the application for future deployment enhancements.

All playbooks and scripts are modular, maintainable, and designed for easy extension or scaling to additional servers.

## Contact

For any questions, issues, or feedback regarding this project, you can reach me at:

**Hazem Bakr**  

- Email: hazem.a.m.bakr@gmail.com

- GitHub: [hazemdotcom](https://github.com/hazemdotcom)  

- LinkedIn: [hazembakr](https://www.linkedin.com/in/hazembakr)