7. Create a Workflow Template to join the 3 jobs

by Jan Bachelor
  • The final state of files in Gitea should look like this:
Screenshot from AWX adding a workfow template.
Create a workflow template in AWX
  • We can now join the provisioning and the configuration jobs together. Once the VPS is provisioned in Hetzner, it will then be configured with the S2S VPN details as well as garbd config.
  • In AWX, go to Templates → click on the Add button and choose ‘Add workflow template’ from the drop-down button.
    • Name: H0 - Workflow - Provision + Configure Galera Witness
    • Description: Executed on Hetzner - a VPS is created and set up
    • Inventory: Hetzner
  • Then you will be taken to the Visualizer.
    • Add the jobs from H1, H2 to H3.
    • Chain them with the condition for the next step to be triggered only ‘on success’ after the previous job finished.
A screenshot from AWX workflow visualizer
The complete workflow with 3 templates
  • If you got back to Templates, it may look something like these four below:
Screenshot from the overview of templates in AWX
Overview of templates in AWX
  • Then finally, LAUNCH the workflow template!
  • The second template will take the longest time to run (about 3 minutes) because it waits for the first one to finish running the cloud-init template before proceeding further.
Screenshot from a running set of templates from our defined workflow.
Workflow launched – templates being executed in an order
  • Once the third template runs, you can start checking for the Uptimekuma service on http://public_ip:3001 . If you would like to go fancy and have it set up with HTTPS, let me know in the comments and I can update the steps. Upon logging in, if not done already, I would recommend you to set up 2FA, since this service is exposed to the world.
  • Tell me, is it not absolutely beautiful to deploy a VPS with a click of a button and have it set up with all required services and monitoring? Note the reported cluster size in the Message filed. Isn’t that neat? Anything smaller than 5 will result in an alert about the cluster being down. With all nodes being up, the cluster size should read 9 (4x on Site 1 + 2x on Site 2 + 1x Witness on Site 3).
Uptimekuma being successfully restored and running.
Our end result with Uptime Kuma being fully restored and running
  • Lastly, I recommend verifying that fail2ban for Uptime Kuma works as expected. What you can do is to SSH in and run the following commands while trying to login in repeatedly using bogus credentials.
# Watch the logs as you try logging in with bogus credentials:
sudo tail -f /var/log/syslog | grep uptimekuma

# Once you are jailed, you should be able to see it on the status page:
sudo fail2ban-client status uptimekuma

# Unban your public IP address:
sudo fail2ban-client set uptimekuma unbanip 1.2.3.4

This concludes are rather extensive guide. Hopefully there was something new an interesting in there for you to learn without being overwhelming? In case you are missing some required parts in your infrastructure to make it happen, check out my other Tutorials!

Let me know in the comments below how your journey with Ansible and multi-site deployment of Galera in a hybrid infrastructure environment went 😇

Go back to course overview: Set up a Galera Witness on Hetzner VPS using Terraform + Ansible (AWX)

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.