From 18ddd445161e1570e60758febbb04684932c6887 Mon Sep 17 00:00:00 2001 From: John Jarvis <john@jarv.org> Date: Sat, 26 Oct 2013 14:26:37 -0400 Subject: [PATCH] formatting updates, upstart bash wrapper for forum --- playbooks/edx-east/edx_continuous_integration.yml | 43 ++++++++++++++++++++----------------------- playbooks/group_vars/all | 1 - playbooks/roles/common/tasks/main.yml | 19 +++++++++---------- playbooks/roles/discern/tasks/main.yml | 14 ++++++++------ playbooks/roles/edxapp/tasks/main.yml | 43 ++++++++++++++++++------------------------- playbooks/roles/forum/tasks/main.yml | 33 +++++++++++++++++++++------------ playbooks/roles/forum/templates/forum-supervisor.sh.j2 | 4 ++++ playbooks/roles/forum/templates/forum.conf.j2 | 1 - playbooks/roles/gh_users/tasks/main.yml | 10 +++------- playbooks/roles/mongo/tasks/main.yml | 19 ++++++++++--------- playbooks/roles/nginx/tasks/main.yml | 69 +++++++++++++++++++++++++++------------------------------------------ playbooks/roles/nginx/templates/basic-auth.j2 | 1 - playbooks/roles/notifier/tasks/main.yml | 113 ++++++++++++++++++++++------------------------------------------------------------------------------------------- playbooks/roles/ora/tasks/main.yml | 15 +++++---------- playbooks/roles/oraclejdk/tasks/main.yml | 28 ++++++++-------------------- playbooks/roles/rabbitmq/tasks/main.yml | 41 +++++++++++++++++++++++------------------ playbooks/roles/rbenv/tasks/main.yml | 15 +++++---------- playbooks/roles/supervisor/defaults/main.yml | 2 +- playbooks/roles/supervisor/handlers/main.yml | 3 +++ playbooks/roles/supervisor/tasks/main.yml | 18 ++++++++++++++---- 20 files changed, 201 insertions(+), 291 deletions(-) create mode 100644 playbooks/roles/forum/templates/forum-supervisor.sh.j2 diff --git a/playbooks/edx-east/edx_continuous_integration.yml b/playbooks/edx-east/edx_continuous_integration.yml index 707f72e..74cfd41 100644 --- a/playbooks/edx-east/edx_continuous_integration.yml +++ b/playbooks/edx-east/edx_continuous_integration.yml @@ -8,27 +8,24 @@ openid_workaround: True roles: - common -# - role: nginx -# nginx_sites: -# - cms -# - lms -# - lms-preview -# - ora -# - xqueue -# - xserver -# - edxlocal -# - role: supervisor -# supervisor_servers: -# - forum -# - lms -# - mongo -# - edxapp -# - { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' } -# - { role: 'edxapp', celery_worker: True } -# - oraclejdk -# - elasticsearch -# - forum -# - { role: "xqueue", update_users: True } -# - xserver -# - ora + - role: nginx + nginx_sites: + - cms + - lms + - lms-preview + - ora + - xqueue + - xserver + - edxlocal + - supervisor + - mongo + - edxapp + - { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' } + - { role: 'edxapp', celery_worker: True } + - oraclejdk + - elasticsearch + - forum + - { role: "xqueue", update_users: True } + - xserver + - ora - discern diff --git a/playbooks/group_vars/all b/playbooks/group_vars/all index 5ca0021..2f99445 100644 --- a/playbooks/group_vars/all +++ b/playbooks/group_vars/all @@ -5,7 +5,6 @@ data_dir: /edx/var app_dir: /edx/app log_dir: "{{ data_dir }}/log" -venvs_dir: "{{ app_dir }}/venvs" bin_dir: /edx/bin cfg_dir: /edx/etc diff --git a/playbooks/roles/common/tasks/main.yml b/playbooks/roles/common/tasks/main.yml index f06fab3..48f8212 100644 --- a/playbooks/roles/common/tasks/main.yml +++ b/playbooks/roles/common/tasks/main.yml @@ -7,30 +7,29 @@ - name: common | Create common directories file: > - path={{ item }} - state=directory - owner=root - group=root - mode=0755 + path={{ item }} state=directory owner=root + group=root mode=0755 with_items: - "{{ data_dir }}" - "{{ app_dir }}" - "{{ log_dir }}" - - "{{ venvs_dir }}" - "{{ bin_dir }}" - "{{ cfg_dir }}" - name: common | Install role-independent useful system packages # do this before log dir setup; rsyslog package guarantees syslog user present - apt: pkg={{','.join(common_debian_pkgs)}} install_recommends=yes state=present update_cache=yes + apt: > + pkg={{','.join(common_debian_pkgs)}} install_recommends=yes + state=present update_cache=yes - name: common | upload sudo config for key forwarding as root - copy: src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward validate='visudo -c -f %s' owner=root group=root mode=0440 + copy: > + src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward + validate='visudo -c -f %s' owner=root group=root mode=0440 - name: common | pip install virtualenv pip: > - name="{{ item }}" - state=present + name="{{ item }}" state=present extra_args="-i {{ PYPI_MIRROR_URL }}" with_items: common_pip_pkgs diff --git a/playbooks/roles/discern/tasks/main.yml b/playbooks/roles/discern/tasks/main.yml index 28b77af..c2851d3 100644 --- a/playbooks/roles/discern/tasks/main.yml +++ b/playbooks/roles/discern/tasks/main.yml @@ -26,19 +26,21 @@ with_items: discern_ease_debian_pkgs - name: discern | render celery service from template - template: src=celery.conf.j2 dest=/etc/init/celery.conf + template: > + src=celery.conf.j2 dest=/etc/init/celery.conf + owner=root group=root notify: discern | restart celery - name: discern | render discern service from template - template: src=discern.conf.j2 dest=/etc/init/discern.conf + template: > + src=discern.conf.j2 dest=/etc/init/discern.conf + owner=root group=root notify: discern | restart discern - name: discern | copy sudoers file for discern copy: > - src=sudoers-discern - dest=/etc/sudoers.d/discern - mode=0440 - validate='visudo -cf %s' + src=sudoers-discern dest=/etc/sudoers.d/discern + mode=0440 validate='visudo -cf %s' owner=root group=root #Needed if using redis to prevent memory issues - name: discern | change memory commit settings -- needed for redis diff --git a/playbooks/roles/edxapp/tasks/main.yml b/playbooks/roles/edxapp/tasks/main.yml index 678e98c..02fa4ea 100644 --- a/playbooks/roles/edxapp/tasks/main.yml +++ b/playbooks/roles/edxapp/tasks/main.yml @@ -9,33 +9,26 @@ - name: edxapp | create application user user: > - name="{{ edxapp_user }}" - home="{{ edxapp_app_dir }}" - createhome=no - shell=/bin/false + name="{{ edxapp_user }}" home="{{ edxapp_app_dir }}" + createhome=no shell=/bin/false - name: edxapp | create edxapp app dir file: > - path="{{ item }}" - state=directory - owner="{{ edxapp_user }}" - group="{{ common_web_group }}" + path="{{ item }}" state=directory + owner="{{ edxapp_user }}" group="{{ common_web_group }}" with_items: - "{{ edxapp_app_dir }}" - "{{ edxapp_venvs_dir }}" - name: edxapp | create edxapp log dir file: > - path="{{ edxapp_log_dir }}" - state=directory - owner="{{ common_log_user }}" - group="{{ common_log_user }}" + path="{{ edxapp_log_dir }}" state=directory + owner="{{ common_log_user }}" group="{{ common_log_user }}" - name: edxapp | create edxapp writable dirs file: > - path="{{ item }}" - state=directory - owner="{{ edxapp_user }}" + path="{{ item }}" state=directory + owner="{{ edxapp_user }}" group="{{ edxapp_user }}" with_items: - "{{ edxapp_staticfile_dir }}" - "{{ edxapp_theme_dir }}" @@ -43,10 +36,8 @@ - name: edxapp | create web-writable edxapp data dirs file: > - path="{{ item }}" - state=directory - owner="{{ common_web_user }}" - group="{{ edxapp_user }}" + path="{{ item }}" state=directory + owner="{{ common_web_user }}" group="{{ edxapp_user }}" mode="0775" with_items: - "{{ edxapp_course_data_dir }}" @@ -57,19 +48,21 @@ - name: edxapp | creating edxapp upstart script sudo: True - template: src=edxapp.conf.j2 dest=/etc/init/edxapp.conf owner=root group=root + template: > + src=edxapp.conf.j2 dest=/etc/init/edxapp.conf + owner=root group=root when: "celery_worker is not defined" - name: edxapp | create edx-workers upstart script - template: src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf owner=root group=root + template: > + src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf + owner=root group=root when: "celery_worker is defined" - name: edxapp | create log directories for service variants file: > - path={{ edxapp_log_dir }}/{{ item }} - state=directory - owner={{ common_log_user }} - group={{ common_log_user }} + path={{ edxapp_log_dir }}/{{ item }} state=directory + owner={{ common_log_user }} group={{ common_log_user }} mode=0750 with_items: - lms diff --git a/playbooks/roles/forum/tasks/main.yml b/playbooks/roles/forum/tasks/main.yml index 6121965..ae1adca 100644 --- a/playbooks/roles/forum/tasks/main.yml +++ b/playbooks/roles/forum/tasks/main.yml @@ -23,28 +23,37 @@ - name: forum | create application user user: > - name="{{ forum_user }}" - home="{{ forum_app_dir }}" + name="{{ forum_user }}" home="{{ forum_app_dir }}" createhome=no shell=/bin/false - name: forum | create forum app dir file: > - path="{{ forum_app_dir }}" - state=directory - owner="{{ forum_user }}" - group="{{ common_web_group }}" + path="{{ forum_app_dir }}" state=directory + owner="{{ forum_user }}" group="{{ common_web_group }}" - name: forum | setup the forum env - template: src=forum_env.j2 dest={{ forum_app_dir }}/forum_env - sudo_user: "{{ forum_user }}" + template: > + src=forum_env.j2 dest={{ forum_app_dir }}/forum_env + owner={{ forum_user }} group={{ forum_user }} notify: - forum | restart the forum service +- name: forum | create the supervisor config + template: > + src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf + owner={{ common_web_user }} group={{ supervisor_user }} + register: forum_supervisor + - include: deploy.yml -- name: forum | create the supervisor config - template: src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf - notify: - - forum | restart the forum service +# Reload supervisor right away when the configuration +# changes, this happens after deploy.yml tasks so +# that the application is installed + +- name: forum | reload supervisor + shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload" + when: forum_supervisor.changed + - include: test.yml + diff --git a/playbooks/roles/forum/templates/forum-supervisor.sh.j2 b/playbooks/roles/forum/templates/forum-supervisor.sh.j2 new file mode 100644 index 0000000..529c767 --- /dev/null +++ b/playbooks/roles/forum/templates/forum-supervisor.sh.j2 @@ -0,0 +1,4 @@ +#!/bin/bash +source {{ forum_app_dir }}/forum_env +cd {{ forum_code_dir }} +{{ forum_rbenv_shims }}/ruby app.rb diff --git a/playbooks/roles/forum/templates/forum.conf.j2 b/playbooks/roles/forum/templates/forum.conf.j2 index 0865c56..4019efc 100644 --- a/playbooks/roles/forum/templates/forum.conf.j2 +++ b/playbooks/roles/forum/templates/forum.conf.j2 @@ -5,6 +5,5 @@ user={{ common_web_user }} startsecs=10 stdout_logfile={{ supervisor_log_dir }}/%(program_name)-stdout.log stderr_logfile={{ supervisor_log_dir }}/%(program_name)-stderr.log -stderr_logfile_maxbytes=1MB killasgroup=true stopasgroup=true diff --git a/playbooks/roles/gh_users/tasks/main.yml b/playbooks/roles/gh_users/tasks/main.yml index e90f6d5..82e78b1 100644 --- a/playbooks/roles/gh_users/tasks/main.yml +++ b/playbooks/roles/gh_users/tasks/main.yml @@ -22,16 +22,12 @@ - name: gh_users | grant full sudo access to gh group copy: > content="%adm ALL=(ALL) NOPASSWD:ALL" - dest=/etc/sudoers.d/gh - owner=root - group=root - mode=0440 - validate='visudo -cf %s' + dest=/etc/sudoers.d/gh owner=root group=root + mode=0440 validate='visudo -cf %s' - name: gh_users | create github users user: - name={{ item }} - group=gh + name={{ item }} group=gh shell=/bin/bash with_items: gh_users diff --git a/playbooks/roles/mongo/tasks/main.yml b/playbooks/roles/mongo/tasks/main.yml index d8154b5..612dba2 100644 --- a/playbooks/roles/mongo/tasks/main.yml +++ b/playbooks/roles/mongo/tasks/main.yml @@ -3,10 +3,8 @@ - name: mongo | install python pymongo for mongo_user ansible module pip: > - name=pymongo - state=present - version=2.6.3 - extra_args="-i {{ PYPI_MIRROR_URL }}" + name=pymongo state=present + version=2.6.3 extra_args="-i {{ PYPI_MIRROR_URL }}" - name: mongo | add the mongodb signing key apt_key: > @@ -22,15 +20,18 @@ - name: mongo | install mongo server and recommends apt: > pkg=mongodb-10gen={{ mongo_version }} - state=present - install_recommends=yes + state=present install_recommends=yes update_cache=yes -- name: mongo | create mongo data dir +- name: mongo | create mongo dirs file: > - path="{{ mongo_data_dir }}" - state=directory + path="{{ item }}" state=directory owner="{{ mongo_user }}" + group="{{ mongo_user }}" + with_items: + - "{{ mongo_data_dir }}" + - "{{ mongo_dbpath }}" + - "{{ mongo_app_dir }}" - name: mongo | stop mongo service service: name=mongodb state=stopped diff --git a/playbooks/roles/nginx/tasks/main.yml b/playbooks/roles/nginx/tasks/main.yml index f46aa1e..d3fabf2 100644 --- a/playbooks/roles/nginx/tasks/main.yml +++ b/playbooks/roles/nginx/tasks/main.yml @@ -4,85 +4,70 @@ - name: nginx | Install nginx apt: pkg=nginx state={{ pkgs.nginx.state }} notify: nginx | restart nginx - tags: - - nginx - - install - name: nginx | Server configuration file - copy: src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf owner=root group=root mode=0644 + copy: > + src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf + owner=root group=root mode=0644 when: nginx_conf is defined notify: nginx | reload nginx - tags: - - nginx - - install - name: nginx | Creating common nginx configuration - template: src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release owner=root group=root mode=0600 + template: > + src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release + owner=root group=root mode=0600 notify: nginx | reload nginx - tags: - - nginx - name: nginx | Creating link for common nginx configuration - file: src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release state=link owner=root group=root + file: > + src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release + state=link owner=root group=root notify: nginx | reload nginx - tags: - - nginx - name: nginx | Copying nginx configs for {{ nginx_sites }} - template: src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }} owner=root group=root mode=0600 + template: > + src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }} + owner=root group=root mode=0600 notify: nginx | reload nginx with_items: nginx_sites - tags: - - nginx - name: nginx | Creating nginx config links for {{ nginx_sites }} - file: src=/etc/nginx/sites-available/{{ item }} dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root + file: > + src=/etc/nginx/sites-available/{{ item }} + dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root notify: nginx | reload nginx with_items: nginx_sites - tags: - - nginx - name: nginx | Write out default htpasswd file - copy: content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd owner=www-data group=www-data mode=0600 - tags: - - nginx - - update + copy: > + content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd + owner=www-data group=www-data mode=0600 - name: nginx | Create nginx log file location (just in case) - file: path={{log_dir}}/nginx state=directory owner=syslog group=syslog mode=2770 recurse=yes - tags: - - nginx - - logging - - update + file: > + path={{log_dir}}/nginx state=directory + owner=syslog group=syslog mode=2770 recurse=yes # removing default link - name: nginx | Removing default nginx config and restart (enabled) file: path=/etc/nginx/sites-enabled/default state=absent notify: nginx | reload nginx - tags: - - nginx - - update # Note that nginx logs to /var/log until it reads its configuration, so /etc/logrotate.d/nginx is still good - name: nginx | Set up nginx access log rotation - template: dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2 owner=root group=root mode=644 - tags: - - logging - - update + template: > + dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2 + owner=root group=root mode=644 - name: nginx | Set up nginx access log rotation - template: dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2 owner=root group=root mode=644 - tags: - - logging - - update + template: > + dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2 + owner=root group=root mode=644 - name: nginx | Removing default nginx config (available) file: path=/etc/nginx/sites-available/default state=absent notify: nginx | reload nginx - tags: - - nginx - - update # If tasks that notify restart nginx don't change the state of the remote system # their corresponding notifications don't get run. If nginx has been stopped for diff --git a/playbooks/roles/nginx/templates/basic-auth.j2 b/playbooks/roles/nginx/templates/basic-auth.j2 index 88d81c6..61ec721 100644 --- a/playbooks/roles/nginx/templates/basic-auth.j2 +++ b/playbooks/roles/nginx/templates/basic-auth.j2 @@ -1,5 +1,4 @@ auth_basic "Restricted"; auth_basic_user_file /etc/nginx/nginx.htpasswd; - root {{ nginx_app_dir }}/main_static; index index.html proxy_set_header X-Forwarded-Proto https; diff --git a/playbooks/roles/notifier/tasks/main.yml b/playbooks/roles/notifier/tasks/main.yml index 7c52d84..76e797b 100644 --- a/playbooks/roles/notifier/tasks/main.yml +++ b/playbooks/roles/notifier/tasks/main.yml @@ -2,16 +2,16 @@ # # notifier -# +# # Overview: -# -# Provides the edX notifier service, a service for sending +# +# Provides the edX notifier service, a service for sending # notifications over messaging protocols. # # Dependencies: # # * common -# +# # Example play: # roles: # - common @@ -19,153 +19,84 @@ # - name: notifier | install notifier specific system packages apt: pkg={{','.join(notifier_debian_pkgs)}} state=present - tags: - - notifier - - install - - update - name: notifier | check if incommon ca is installed command: test -e /usr/share/ca-certificates/incommon/InCommonServerCA.crt register: incommon_present ignore_errors: yes - tags: - - notifier - - install - - update - name: common | create incommon ca directory - file: + file: path="/usr/share/ca-certificates/incommon" mode=2775 state=directory when: incommon_present|failed - tags: - - notifier - - install - - update - - ubuntu - name: common | retrieve incommon server CA shell: curl https://www.incommon.org/cert/repository/InCommonServerCA.txt -o /usr/share/ca-certificates/incommon/InCommonServerCA.crt when: incommon_present|failed - tags: - - notifier - - install - - update - - ubuntu - name: common | add InCommon ca cert lineinfile: dest=/etc/ca-certificates.conf - regexp='incommon/InCommonServerCA.crt' + regexp='incommon/InCommonServerCA.crt' line='incommon/InCommonServerCA.crt' - tags: - - notifier - - install - - update - - ubuntu - name: common | update ca certs globally shell: update-ca-certificates - tags: - - notifier - - install - - update - - ubuntu - name: notifier | create notifier user {{ NOTIFIER_USER }} - user: - name={{ NOTIFIER_USER }} state=present shell=/bin/bash + user: + name={{ NOTIFIER_USER }} state=present shell=/bin/bash home={{ NOTIFIER_HOME }} createhome=yes - tags: - - notifier - - install - - update - name: notifier | setup the notifier env - template: - src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env + template: + src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env owner="{{ NOTIFIER_USER }}" group="{{ NOTIFIER_USER }}" - tags: - - notifier - - install - - update - name: notifier | drop a bash_profile copy: > - src=../../common/files/bash_profile - dest={{ NOTIFIER_HOME }}/.bash_profile - owner={{ NOTIFIER_USER }} + src=../../common/files/bash_profile + dest={{ NOTIFIER_HOME }}/.bash_profile + owner={{ NOTIFIER_USER }} group={{ NOTIFIER_USER }} - name: notifier | ensure .bashrc exists shell: touch {{ NOTIFIER_HOME }}/.bashrc - sudo: true + sudo: true sudo_user: "{{ NOTIFIER_USER }}" - tags: - - notifier - - install - - update - name: notifier | add source of notifier_env to .bashrc lineinfile: dest={{ NOTIFIER_HOME }}/.bashrc - regexp='. {{ NOTIFIER_HOME }}/notifier_env' + regexp='. {{ NOTIFIER_HOME }}/notifier_env' line='. {{ NOTIFIER_HOME }}/notifier_env' - tags: - - notifier - - install - - update - name: notifier | add source venv to .bashrc lineinfile: dest={{ NOTIFIER_HOME }}/.bashrc - regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate' + regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate' line='. {{ NOTIFIER_VENV_DIR }}/bin/activate' - tags: - - notifier - - install - - update - name: notifier | create notifier DB directory file: path="{{ NOTIFIER_DB_DIR }}" mode=2775 state=directory - tags: - - notifier - - install - - update - name: notifier | create notifier/bin directory - file: + file: path="{{ NOTIFIER_HOME }}/bin" mode=2775 state=directory - tags: - - notifier - - install - - update - name: common | create supervisor log directoy - file: + file: path={{NOTIFIER_SUPERVISOR_LOG_DEST }} mode=2750 state=directory - tags: - - notifier - - install - - update - - ubuntu - name: notifier | supervisord config for celery workers - template: - src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf + template: + src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf notify: notifier | restart notifier-celery-workers - tags: - - notifier - - install - - update - name: notifier | supervisord config for scheduler - template: - src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf + template: + src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf notify: notifier | restart notifier-scheduler - tags: - - notifier - - install - - update - include: deploy.yml diff --git a/playbooks/roles/ora/tasks/main.yml b/playbooks/roles/ora/tasks/main.yml index e74122e..6cf2688 100644 --- a/playbooks/roles/ora/tasks/main.yml +++ b/playbooks/roles/ora/tasks/main.yml @@ -5,17 +5,13 @@ - name: ora | create application user user: > - name="{{ ora_user }}" - home="{{ ora_app_dir }}" - createhome=no - shell=/bin/false + name="{{ ora_user }}" home="{{ ora_app_dir }}" + createhome=no shell=/bin/false - name: ora | create ora app and data dir file: > - path="{{ item }}" - state=directory - owner="{{ ora_user }}" - group="{{ common_web_group }}" + path="{{ item }}" state=directory + owner="{{ ora_user }}" group="{{ common_web_group }}" with_items: - "{{ ora_venvs_dir }}" - "{{ ora_app_dir }}" @@ -35,5 +31,4 @@ - name: ora | create a symlink for venv python file: > src="{{ ora_venv_bin }}/python" - dest={{ cfg_dir }}/python.ora - state=link + dest={{ cfg_dir }}/python.ora state=link diff --git a/playbooks/roles/oraclejdk/tasks/main.yml b/playbooks/roles/oraclejdk/tasks/main.yml index d550cd9..7edd1cc 100644 --- a/playbooks/roles/oraclejdk/tasks/main.yml +++ b/playbooks/roles/oraclejdk/tasks/main.yml @@ -1,11 +1,11 @@ --- # oraclejdk -# +# # Dependencies: # # * common -# +# # Example play: # # roles: @@ -16,40 +16,28 @@ command: test -d /usr/lib/jvm/{{ oraclejdk_base }} ignore_errors: true register: oraclejdk_present - tags: - - oraclejdk - - install - name: oraclejdk | download Oracle Java shell: > - curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }} - executable=/bin/bash - chdir=/var/tmp - creates=/var/tmp/{{ oraclejdk_file }} + curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }} + executable=/bin/bash + chdir=/var/tmp + creates=/var/tmp/{{ oraclejdk_file }} when: oraclejdk_present|failed - name: oraclejdk | install Oracle Java shell: > - mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }} + mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }} creates=/usr/lib/jvm/{{ oraclejdk_base }} - executable=/bin/bash + executable=/bin/bash sudo: true when: oraclejdk_present|failed - tags: - - oraclejdk - - install - name: oraclejdk | create symlink expected by elasticsearch file: src=/usr/lib/jvm/{{ oraclejdk_base }} dest={{ oraclejdk_link }} state=link when: oraclejdk_present|failed - tags: - - oraclejdk - - install - name: oraclejdk | add JAVA_HOME for Oracle Java template: src=java.sh.j2 dest=/etc/profile.d/java.sh owner=root group=root mode=0755 when: oraclejdk_present|failed - tags: - - oraclejdk - - install diff --git a/playbooks/roles/rabbitmq/tasks/main.yml b/playbooks/roles/rabbitmq/tasks/main.yml index 691526f..7385959 100644 --- a/playbooks/roles/rabbitmq/tasks/main.yml +++ b/playbooks/roles/rabbitmq/tasks/main.yml @@ -20,26 +20,35 @@ # Defaulting to /var/lib/rabbitmq - name: rabbitmq | create cookie directory - file: path={{rabbitmq_cookie_dir}} owner=rabbitmq group=rabbitmq mode=0755 state=directory - + file: > + path={{rabbitmq_cookie_dir}} + owner=rabbitmq group=rabbitmq mode=0755 state=directory - name: rabbitmq | add rabbitmq erlang cookie - template: src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}} owner=rabbitmq group=rabbitmq mode=0400 + template: > + src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}} + owner=rabbitmq group=rabbitmq mode=0400 register: erlang_cookie # Defaulting to /etc/rabbitmq - name: rabbitmq | create rabbitmq config directory - file: path={{rabbitmq_config_dir}} owner=root group=root mode=0755 state=directory - + file: > + path={{rabbitmq_config_dir}} + owner=root group=root mode=0755 state=directory + - name: rabbitmq | add rabbitmq environment configuration - template: src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf owner=root group=root mode=0644 + template: > + src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf + owner=root group=root mode=0644 - name: rabbitmq | add rabbitmq cluster configuration - template: src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config owner=root group=root mode=0644 + template: > + src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config + owner=root group=root mode=0644 register: cluster_configuration - name: rabbitmq | install plugins - rabbitmq_plugin: + rabbitmq_plugin: names={{",".join(rabbitmq_plugins)}} state=enabled # When rabbitmq starts up it creates a folder of metadata at '/var/lib/rabbitmq/mnesia'. @@ -60,13 +69,9 @@ - name: rabbitmq | add admin users rabbitmq_user: > - user='{{item.name}}' - password='{{item.password}}' - read_priv='.*' - write_priv='.*' - configure_priv='.*' - tags="administrator" - state=present + user='{{item.name}}' password='{{item.password}}' + read_priv='.*' write_priv='.*' + configure_priv='.*' tags="administrator" state=present with_items: rabbitmq_auth_config.admins when: "'admins' in rabbitmq_auth_config" @@ -74,11 +79,11 @@ # Depends upon the management plugin # - name: rabbitmq | install admin tools - get_url: + get_url: > url=http://localhost:{{ rabbitmq_management_port }}/cli/rabbitmqadmin dest=/usr/local/bin/rabbitmqadmin - name: rabbitmq | ensure rabbitmqadmin attributes - file: - path=/usr/local/bin/rabbitmqadmin owner=root + file: > + path=/usr/local/bin/rabbitmqadmin owner=root group=root mode=0655 diff --git a/playbooks/roles/rbenv/tasks/main.yml b/playbooks/roles/rbenv/tasks/main.yml index 21c03aa..2124a87 100644 --- a/playbooks/roles/rbenv/tasks/main.yml +++ b/playbooks/roles/rbenv/tasks/main.yml @@ -36,16 +36,13 @@ - name: rbenv | create rbenv user {{ rbenv_user }} user: > - name={{ rbenv_user }} - home={{ rbenv_dir }} - shell=/bin/false - createhome=no + name={{ rbenv_user }} home={{ rbenv_dir }} + shell=/bin/false createhome=no when: rbenv_user != common_web_user - name: rbenv | create rbenv dir if it does not exist file: > - path="{{ rbenv_dir }}" - owner="{{ rbenv_user }}" + path="{{ rbenv_dir }}" owner="{{ rbenv_user }}" state=directory - name: rbenv | install build depends @@ -55,14 +52,12 @@ - name: rbenv | update rbenv repo git: > repo=https://github.com/sstephenson/rbenv.git - dest={{ rbenv_dir }}/.rbenv - version={{ rbenv_version }} + dest={{ rbenv_dir }}/.rbenv version={{ rbenv_version }} sudo_user: "{{ rbenv_user }}" - name: rbenv | ensure ruby_env exists template: > - src=ruby_env.j2 - dest={{ rbenv_dir }}/ruby_env + src=ruby_env.j2 dest={{ rbenv_dir }}/ruby_env sudo_user: "{{ rbenv_user }}" - name: rbenv | check ruby-build installed diff --git a/playbooks/roles/supervisor/defaults/main.yml b/playbooks/roles/supervisor/defaults/main.yml index 150e429..7395eef 100644 --- a/playbooks/roles/supervisor/defaults/main.yml +++ b/playbooks/roles/supervisor/defaults/main.yml @@ -14,7 +14,7 @@ supervisor_app_dir: "{{ app_dir }}/supervisor" supervisor_cfg_dir: "{{ supervisor_app_dir }}/conf.d" supervisor_data_dir: "{{ data_dir }}/supervisor" -supervisor_venvs_dir: "{{ venvs_dir }}/supervisor" +supervisor_venvs_dir: "{{ supervisor_app_dir }}/venvs" supervisor_venv_dir: "{{ supervisor_venvs_dir }}/supervisor" supervisor_venv_bin: "{{ supervisor_venv_dir }}/bin" supervisor_ctl: "{{ supervisor_venv_bin }}/supervisorctl" diff --git a/playbooks/roles/supervisor/handlers/main.yml b/playbooks/roles/supervisor/handlers/main.yml index a3f68cb..e2b99b8 100644 --- a/playbooks/roles/supervisor/handlers/main.yml +++ b/playbooks/roles/supervisor/handlers/main.yml @@ -2,3 +2,6 @@ service: > name=supervisor state=restarted + +- name: supervisor | reload supervisor + shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload" diff --git a/playbooks/roles/supervisor/tasks/main.yml b/playbooks/roles/supervisor/tasks/main.yml index b42716e..fd7d3b6 100644 --- a/playbooks/roles/supervisor/tasks/main.yml +++ b/playbooks/roles/supervisor/tasks/main.yml @@ -38,7 +38,6 @@ group={{ common_web_user }} with_items: - "{{ supervisor_app_dir }}" - - "{{ supervisor_cfg_dir }}" - "{{ supervisor_venvs_dir }}" - name: supervisor | create supervisor directories @@ -48,6 +47,7 @@ owner={{ common_web_user }} group={{ supervisor_user }} with_items: + - "{{ supervisor_cfg_dir }}" - "{{ supervisor_data_dir }}" - "{{ supervisor_log_dir }}" @@ -58,12 +58,15 @@ notify: supervisor | restart supervisor - name: supervisor | create supervisor upstart job - template: src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf + template: > + src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf + owner=root group=root notify: supervisor | restart supervisor - name: supervisor | create supervisor master config - template: src=supervisord.conf.j2 dest={{ supervisor_cfg }} - sudo_user: "{{ supervisor_user }}" + template: > + src=supervisord.conf.j2 dest={{ supervisor_cfg }} + owner={{ supervisor_user }} notify: supervisor | restart supervisor - name: supervisor | create a symlink for supervisortctl @@ -78,5 +81,12 @@ dest={{ cfg_dir }}/{{ supervisor_cfg|basename }} state=link +- name: supervisor | create a symlink for supervisor cfg + file: > + src={{ supervisor_cfg_dir }} + dest={{ cfg_dir }}/supervisor.{{ supervisor_cfg_dir|basename }} + state=link + + - name: supervisor | ensure supervisor is started service: name=supervisor state=started -- libgit2 0.26.0