From 18ddd445161e1570e60758febbb04684932c6887 Mon Sep 17 00:00:00 2001
From: John Jarvis <john@jarv.org>
Date: Sat, 26 Oct 2013 14:26:37 -0400
Subject: [PATCH] formatting updates, upstart bash wrapper for forum
---
playbooks/edx-east/edx_continuous_integration.yml | 43 ++++++++++++++++++++-----------------------
playbooks/group_vars/all | 1 -
playbooks/roles/common/tasks/main.yml | 19 +++++++++----------
playbooks/roles/discern/tasks/main.yml | 14 ++++++++------
playbooks/roles/edxapp/tasks/main.yml | 43 ++++++++++++++++++-------------------------
playbooks/roles/forum/tasks/main.yml | 33 +++++++++++++++++++++------------
playbooks/roles/forum/templates/forum-supervisor.sh.j2 | 4 ++++
playbooks/roles/forum/templates/forum.conf.j2 | 1 -
playbooks/roles/gh_users/tasks/main.yml | 10 +++-------
playbooks/roles/mongo/tasks/main.yml | 19 ++++++++++---------
playbooks/roles/nginx/tasks/main.yml | 69 +++++++++++++++++++++++++++------------------------------------------
playbooks/roles/nginx/templates/basic-auth.j2 | 1 -
playbooks/roles/notifier/tasks/main.yml | 113 ++++++++++++++++++++++-------------------------------------------------------------------------------------------
playbooks/roles/ora/tasks/main.yml | 15 +++++----------
playbooks/roles/oraclejdk/tasks/main.yml | 28 ++++++++--------------------
playbooks/roles/rabbitmq/tasks/main.yml | 41 +++++++++++++++++++++++------------------
playbooks/roles/rbenv/tasks/main.yml | 15 +++++----------
playbooks/roles/supervisor/defaults/main.yml | 2 +-
playbooks/roles/supervisor/handlers/main.yml | 3 +++
playbooks/roles/supervisor/tasks/main.yml | 18 ++++++++++++++----
20 files changed, 201 insertions(+), 291 deletions(-)
create mode 100644 playbooks/roles/forum/templates/forum-supervisor.sh.j2
diff --git a/playbooks/edx-east/edx_continuous_integration.yml b/playbooks/edx-east/edx_continuous_integration.yml
index 707f72e..74cfd41 100644
--- a/playbooks/edx-east/edx_continuous_integration.yml
+++ b/playbooks/edx-east/edx_continuous_integration.yml
@@ -8,27 +8,24 @@
openid_workaround: True
roles:
- common
-# - role: nginx
-# nginx_sites:
-# - cms
-# - lms
-# - lms-preview
-# - ora
-# - xqueue
-# - xserver
-# - edxlocal
-# - role: supervisor
-# supervisor_servers:
-# - forum
-# - lms
-# - mongo
-# - edxapp
-# - { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' }
-# - { role: 'edxapp', celery_worker: True }
-# - oraclejdk
-# - elasticsearch
-# - forum
-# - { role: "xqueue", update_users: True }
-# - xserver
-# - ora
+ - role: nginx
+ nginx_sites:
+ - cms
+ - lms
+ - lms-preview
+ - ora
+ - xqueue
+ - xserver
+ - edxlocal
+ - supervisor
+ - mongo
+ - edxapp
+ - { role: 'rabbitmq', rabbitmq_ip: '127.0.0.1' }
+ - { role: 'edxapp', celery_worker: True }
+ - oraclejdk
+ - elasticsearch
+ - forum
+ - { role: "xqueue", update_users: True }
+ - xserver
+ - ora
- discern
diff --git a/playbooks/group_vars/all b/playbooks/group_vars/all
index 5ca0021..2f99445 100644
--- a/playbooks/group_vars/all
+++ b/playbooks/group_vars/all
@@ -5,7 +5,6 @@
data_dir: /edx/var
app_dir: /edx/app
log_dir: "{{ data_dir }}/log"
-venvs_dir: "{{ app_dir }}/venvs"
bin_dir: /edx/bin
cfg_dir: /edx/etc
diff --git a/playbooks/roles/common/tasks/main.yml b/playbooks/roles/common/tasks/main.yml
index f06fab3..48f8212 100644
--- a/playbooks/roles/common/tasks/main.yml
+++ b/playbooks/roles/common/tasks/main.yml
@@ -7,30 +7,29 @@
- name: common | Create common directories
file: >
- path={{ item }}
- state=directory
- owner=root
- group=root
- mode=0755
+ path={{ item }} state=directory owner=root
+ group=root mode=0755
with_items:
- "{{ data_dir }}"
- "{{ app_dir }}"
- "{{ log_dir }}"
- - "{{ venvs_dir }}"
- "{{ bin_dir }}"
- "{{ cfg_dir }}"
- name: common | Install role-independent useful system packages
# do this before log dir setup; rsyslog package guarantees syslog user present
- apt: pkg={{','.join(common_debian_pkgs)}} install_recommends=yes state=present update_cache=yes
+ apt: >
+ pkg={{','.join(common_debian_pkgs)}} install_recommends=yes
+ state=present update_cache=yes
- name: common | upload sudo config for key forwarding as root
- copy: src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward validate='visudo -c -f %s' owner=root group=root mode=0440
+ copy: >
+ src=ssh_key_forward dest=/etc/sudoers.d/ssh_key_forward
+ validate='visudo -c -f %s' owner=root group=root mode=0440
- name: common | pip install virtualenv
pip: >
- name="{{ item }}"
- state=present
+ name="{{ item }}" state=present
extra_args="-i {{ PYPI_MIRROR_URL }}"
with_items: common_pip_pkgs
diff --git a/playbooks/roles/discern/tasks/main.yml b/playbooks/roles/discern/tasks/main.yml
index 28b77af..c2851d3 100644
--- a/playbooks/roles/discern/tasks/main.yml
+++ b/playbooks/roles/discern/tasks/main.yml
@@ -26,19 +26,21 @@
with_items: discern_ease_debian_pkgs
- name: discern | render celery service from template
- template: src=celery.conf.j2 dest=/etc/init/celery.conf
+ template: >
+ src=celery.conf.j2 dest=/etc/init/celery.conf
+ owner=root group=root
notify: discern | restart celery
- name: discern | render discern service from template
- template: src=discern.conf.j2 dest=/etc/init/discern.conf
+ template: >
+ src=discern.conf.j2 dest=/etc/init/discern.conf
+ owner=root group=root
notify: discern | restart discern
- name: discern | copy sudoers file for discern
copy: >
- src=sudoers-discern
- dest=/etc/sudoers.d/discern
- mode=0440
- validate='visudo -cf %s'
+ src=sudoers-discern dest=/etc/sudoers.d/discern
+ mode=0440 validate='visudo -cf %s' owner=root group=root
#Needed if using redis to prevent memory issues
- name: discern | change memory commit settings -- needed for redis
diff --git a/playbooks/roles/edxapp/tasks/main.yml b/playbooks/roles/edxapp/tasks/main.yml
index 678e98c..02fa4ea 100644
--- a/playbooks/roles/edxapp/tasks/main.yml
+++ b/playbooks/roles/edxapp/tasks/main.yml
@@ -9,33 +9,26 @@
- name: edxapp | create application user
user: >
- name="{{ edxapp_user }}"
- home="{{ edxapp_app_dir }}"
- createhome=no
- shell=/bin/false
+ name="{{ edxapp_user }}" home="{{ edxapp_app_dir }}"
+ createhome=no shell=/bin/false
- name: edxapp | create edxapp app dir
file: >
- path="{{ item }}"
- state=directory
- owner="{{ edxapp_user }}"
- group="{{ common_web_group }}"
+ path="{{ item }}" state=directory
+ owner="{{ edxapp_user }}" group="{{ common_web_group }}"
with_items:
- "{{ edxapp_app_dir }}"
- "{{ edxapp_venvs_dir }}"
- name: edxapp | create edxapp log dir
file: >
- path="{{ edxapp_log_dir }}"
- state=directory
- owner="{{ common_log_user }}"
- group="{{ common_log_user }}"
+ path="{{ edxapp_log_dir }}" state=directory
+ owner="{{ common_log_user }}" group="{{ common_log_user }}"
- name: edxapp | create edxapp writable dirs
file: >
- path="{{ item }}"
- state=directory
- owner="{{ edxapp_user }}"
+ path="{{ item }}" state=directory
+ owner="{{ edxapp_user }}" group="{{ edxapp_user }}"
with_items:
- "{{ edxapp_staticfile_dir }}"
- "{{ edxapp_theme_dir }}"
@@ -43,10 +36,8 @@
- name: edxapp | create web-writable edxapp data dirs
file: >
- path="{{ item }}"
- state=directory
- owner="{{ common_web_user }}"
- group="{{ edxapp_user }}"
+ path="{{ item }}" state=directory
+ owner="{{ common_web_user }}" group="{{ edxapp_user }}"
mode="0775"
with_items:
- "{{ edxapp_course_data_dir }}"
@@ -57,19 +48,21 @@
- name: edxapp | creating edxapp upstart script
sudo: True
- template: src=edxapp.conf.j2 dest=/etc/init/edxapp.conf owner=root group=root
+ template: >
+ src=edxapp.conf.j2 dest=/etc/init/edxapp.conf
+ owner=root group=root
when: "celery_worker is not defined"
- name: edxapp | create edx-workers upstart script
- template: src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf owner=root group=root
+ template: >
+ src=edx-workers.conf.j2 dest=/etc/init/edx-workers.conf
+ owner=root group=root
when: "celery_worker is defined"
- name: edxapp | create log directories for service variants
file: >
- path={{ edxapp_log_dir }}/{{ item }}
- state=directory
- owner={{ common_log_user }}
- group={{ common_log_user }}
+ path={{ edxapp_log_dir }}/{{ item }} state=directory
+ owner={{ common_log_user }} group={{ common_log_user }}
mode=0750
with_items:
- lms
diff --git a/playbooks/roles/forum/tasks/main.yml b/playbooks/roles/forum/tasks/main.yml
index 6121965..ae1adca 100644
--- a/playbooks/roles/forum/tasks/main.yml
+++ b/playbooks/roles/forum/tasks/main.yml
@@ -23,28 +23,37 @@
- name: forum | create application user
user: >
- name="{{ forum_user }}"
- home="{{ forum_app_dir }}"
+ name="{{ forum_user }}" home="{{ forum_app_dir }}"
createhome=no
shell=/bin/false
- name: forum | create forum app dir
file: >
- path="{{ forum_app_dir }}"
- state=directory
- owner="{{ forum_user }}"
- group="{{ common_web_group }}"
+ path="{{ forum_app_dir }}" state=directory
+ owner="{{ forum_user }}" group="{{ common_web_group }}"
- name: forum | setup the forum env
- template: src=forum_env.j2 dest={{ forum_app_dir }}/forum_env
- sudo_user: "{{ forum_user }}"
+ template: >
+ src=forum_env.j2 dest={{ forum_app_dir }}/forum_env
+ owner={{ forum_user }} group={{ forum_user }}
notify:
- forum | restart the forum service
+- name: forum | create the supervisor config
+ template: >
+ src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf
+ owner={{ common_web_user }} group={{ supervisor_user }}
+ register: forum_supervisor
+
- include: deploy.yml
-- name: forum | create the supervisor config
- template: src=forum.conf.j2 dest={{ supervisor_cfg_dir }}/forum.conf
- notify:
- - forum | restart the forum service
+# Reload supervisor right away when the configuration
+# changes, this happens after deploy.yml tasks so
+# that the application is installed
+
+- name: forum | reload supervisor
+ shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload"
+ when: forum_supervisor.changed
+
- include: test.yml
+
diff --git a/playbooks/roles/forum/templates/forum-supervisor.sh.j2 b/playbooks/roles/forum/templates/forum-supervisor.sh.j2
new file mode 100644
index 0000000..529c767
--- /dev/null
+++ b/playbooks/roles/forum/templates/forum-supervisor.sh.j2
@@ -0,0 +1,4 @@
+#!/bin/bash
+source {{ forum_app_dir }}/forum_env
+cd {{ forum_code_dir }}
+{{ forum_rbenv_shims }}/ruby app.rb
diff --git a/playbooks/roles/forum/templates/forum.conf.j2 b/playbooks/roles/forum/templates/forum.conf.j2
index 0865c56..4019efc 100644
--- a/playbooks/roles/forum/templates/forum.conf.j2
+++ b/playbooks/roles/forum/templates/forum.conf.j2
@@ -5,6 +5,5 @@ user={{ common_web_user }}
startsecs=10
stdout_logfile={{ supervisor_log_dir }}/%(program_name)-stdout.log
stderr_logfile={{ supervisor_log_dir }}/%(program_name)-stderr.log
-stderr_logfile_maxbytes=1MB
killasgroup=true
stopasgroup=true
diff --git a/playbooks/roles/gh_users/tasks/main.yml b/playbooks/roles/gh_users/tasks/main.yml
index e90f6d5..82e78b1 100644
--- a/playbooks/roles/gh_users/tasks/main.yml
+++ b/playbooks/roles/gh_users/tasks/main.yml
@@ -22,16 +22,12 @@
- name: gh_users | grant full sudo access to gh group
copy: >
content="%adm ALL=(ALL) NOPASSWD:ALL"
- dest=/etc/sudoers.d/gh
- owner=root
- group=root
- mode=0440
- validate='visudo -cf %s'
+ dest=/etc/sudoers.d/gh owner=root group=root
+ mode=0440 validate='visudo -cf %s'
- name: gh_users | create github users
user:
- name={{ item }}
- group=gh
+ name={{ item }} group=gh
shell=/bin/bash
with_items: gh_users
diff --git a/playbooks/roles/mongo/tasks/main.yml b/playbooks/roles/mongo/tasks/main.yml
index d8154b5..612dba2 100644
--- a/playbooks/roles/mongo/tasks/main.yml
+++ b/playbooks/roles/mongo/tasks/main.yml
@@ -3,10 +3,8 @@
- name: mongo | install python pymongo for mongo_user ansible module
pip: >
- name=pymongo
- state=present
- version=2.6.3
- extra_args="-i {{ PYPI_MIRROR_URL }}"
+ name=pymongo state=present
+ version=2.6.3 extra_args="-i {{ PYPI_MIRROR_URL }}"
- name: mongo | add the mongodb signing key
apt_key: >
@@ -22,15 +20,18 @@
- name: mongo | install mongo server and recommends
apt: >
pkg=mongodb-10gen={{ mongo_version }}
- state=present
- install_recommends=yes
+ state=present install_recommends=yes
update_cache=yes
-- name: mongo | create mongo data dir
+- name: mongo | create mongo dirs
file: >
- path="{{ mongo_data_dir }}"
- state=directory
+ path="{{ item }}" state=directory
owner="{{ mongo_user }}"
+ group="{{ mongo_user }}"
+ with_items:
+ - "{{ mongo_data_dir }}"
+ - "{{ mongo_dbpath }}"
+ - "{{ mongo_app_dir }}"
- name: mongo | stop mongo service
service: name=mongodb state=stopped
diff --git a/playbooks/roles/nginx/tasks/main.yml b/playbooks/roles/nginx/tasks/main.yml
index f46aa1e..d3fabf2 100644
--- a/playbooks/roles/nginx/tasks/main.yml
+++ b/playbooks/roles/nginx/tasks/main.yml
@@ -4,85 +4,70 @@
- name: nginx | Install nginx
apt: pkg=nginx state={{ pkgs.nginx.state }}
notify: nginx | restart nginx
- tags:
- - nginx
- - install
- name: nginx | Server configuration file
- copy: src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf owner=root group=root mode=0644
+ copy: >
+ src={{secure_dir}}/files/nginx.conf dest=/etc/nginx/nginx.conf
+ owner=root group=root mode=0644
when: nginx_conf is defined
notify: nginx | reload nginx
- tags:
- - nginx
- - install
- name: nginx | Creating common nginx configuration
- template: src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release owner=root group=root mode=0600
+ template: >
+ src=edx-release.j2 dest=/etc/nginx/sites-available/edx-release
+ owner=root group=root mode=0600
notify: nginx | reload nginx
- tags:
- - nginx
- name: nginx | Creating link for common nginx configuration
- file: src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release state=link owner=root group=root
+ file: >
+ src=/etc/nginx/sites-available/edx-release dest=/etc/nginx/sites-enabled/edx-release
+ state=link owner=root group=root
notify: nginx | reload nginx
- tags:
- - nginx
- name: nginx | Copying nginx configs for {{ nginx_sites }}
- template: src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }} owner=root group=root mode=0600
+ template: >
+ src={{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }}
+ owner=root group=root mode=0600
notify: nginx | reload nginx
with_items: nginx_sites
- tags:
- - nginx
- name: nginx | Creating nginx config links for {{ nginx_sites }}
- file: src=/etc/nginx/sites-available/{{ item }} dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root
+ file: >
+ src=/etc/nginx/sites-available/{{ item }}
+ dest=/etc/nginx/sites-enabled/{{ item }} state=link owner=root group=root
notify: nginx | reload nginx
with_items: nginx_sites
- tags:
- - nginx
- name: nginx | Write out default htpasswd file
- copy: content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd owner=www-data group=www-data mode=0600
- tags:
- - nginx
- - update
+ copy: >
+ content={{ nginx_cfg.htpasswd }} dest=/etc/nginx/nginx.htpasswd
+ owner=www-data group=www-data mode=0600
- name: nginx | Create nginx log file location (just in case)
- file: path={{log_dir}}/nginx state=directory owner=syslog group=syslog mode=2770 recurse=yes
- tags:
- - nginx
- - logging
- - update
+ file: >
+ path={{log_dir}}/nginx state=directory
+ owner=syslog group=syslog mode=2770 recurse=yes
# removing default link
- name: nginx | Removing default nginx config and restart (enabled)
file: path=/etc/nginx/sites-enabled/default state=absent
notify: nginx | reload nginx
- tags:
- - nginx
- - update
# Note that nginx logs to /var/log until it reads its configuration, so /etc/logrotate.d/nginx is still good
- name: nginx | Set up nginx access log rotation
- template: dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2 owner=root group=root mode=644
- tags:
- - logging
- - update
+ template: >
+ dest=/etc/logrotate.d/nginx-access src=edx_logrotate_nginx_access.j2
+ owner=root group=root mode=644
- name: nginx | Set up nginx access log rotation
- template: dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2 owner=root group=root mode=644
- tags:
- - logging
- - update
+ template: >
+ dest=/etc/logrotate.d/nginx-error src=edx_logrotate_nginx_error.j2
+ owner=root group=root mode=644
- name: nginx | Removing default nginx config (available)
file: path=/etc/nginx/sites-available/default state=absent
notify: nginx | reload nginx
- tags:
- - nginx
- - update
# If tasks that notify restart nginx don't change the state of the remote system
# their corresponding notifications don't get run. If nginx has been stopped for
diff --git a/playbooks/roles/nginx/templates/basic-auth.j2 b/playbooks/roles/nginx/templates/basic-auth.j2
index 88d81c6..61ec721 100644
--- a/playbooks/roles/nginx/templates/basic-auth.j2
+++ b/playbooks/roles/nginx/templates/basic-auth.j2
@@ -1,5 +1,4 @@
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/nginx.htpasswd;
- root {{ nginx_app_dir }}/main_static;
index index.html
proxy_set_header X-Forwarded-Proto https;
diff --git a/playbooks/roles/notifier/tasks/main.yml b/playbooks/roles/notifier/tasks/main.yml
index 7c52d84..76e797b 100644
--- a/playbooks/roles/notifier/tasks/main.yml
+++ b/playbooks/roles/notifier/tasks/main.yml
@@ -2,16 +2,16 @@
#
# notifier
-#
+#
# Overview:
-#
-# Provides the edX notifier service, a service for sending
+#
+# Provides the edX notifier service, a service for sending
# notifications over messaging protocols.
#
# Dependencies:
#
# * common
-#
+#
# Example play:
# roles:
# - common
@@ -19,153 +19,84 @@
#
- name: notifier | install notifier specific system packages
apt: pkg={{','.join(notifier_debian_pkgs)}} state=present
- tags:
- - notifier
- - install
- - update
- name: notifier | check if incommon ca is installed
command: test -e /usr/share/ca-certificates/incommon/InCommonServerCA.crt
register: incommon_present
ignore_errors: yes
- tags:
- - notifier
- - install
- - update
- name: common | create incommon ca directory
- file:
+ file:
path="/usr/share/ca-certificates/incommon" mode=2775 state=directory
when: incommon_present|failed
- tags:
- - notifier
- - install
- - update
- - ubuntu
- name: common | retrieve incommon server CA
shell: curl https://www.incommon.org/cert/repository/InCommonServerCA.txt -o /usr/share/ca-certificates/incommon/InCommonServerCA.crt
when: incommon_present|failed
- tags:
- - notifier
- - install
- - update
- - ubuntu
- name: common | add InCommon ca cert
lineinfile:
dest=/etc/ca-certificates.conf
- regexp='incommon/InCommonServerCA.crt'
+ regexp='incommon/InCommonServerCA.crt'
line='incommon/InCommonServerCA.crt'
- tags:
- - notifier
- - install
- - update
- - ubuntu
- name: common | update ca certs globally
shell: update-ca-certificates
- tags:
- - notifier
- - install
- - update
- - ubuntu
- name: notifier | create notifier user {{ NOTIFIER_USER }}
- user:
- name={{ NOTIFIER_USER }} state=present shell=/bin/bash
+ user:
+ name={{ NOTIFIER_USER }} state=present shell=/bin/bash
home={{ NOTIFIER_HOME }} createhome=yes
- tags:
- - notifier
- - install
- - update
- name: notifier | setup the notifier env
- template:
- src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env
+ template:
+ src=notifier_env.j2 dest={{ NOTIFIER_HOME }}/notifier_env
owner="{{ NOTIFIER_USER }}" group="{{ NOTIFIER_USER }}"
- tags:
- - notifier
- - install
- - update
- name: notifier | drop a bash_profile
copy: >
- src=../../common/files/bash_profile
- dest={{ NOTIFIER_HOME }}/.bash_profile
- owner={{ NOTIFIER_USER }}
+ src=../../common/files/bash_profile
+ dest={{ NOTIFIER_HOME }}/.bash_profile
+ owner={{ NOTIFIER_USER }}
group={{ NOTIFIER_USER }}
- name: notifier | ensure .bashrc exists
shell: touch {{ NOTIFIER_HOME }}/.bashrc
- sudo: true
+ sudo: true
sudo_user: "{{ NOTIFIER_USER }}"
- tags:
- - notifier
- - install
- - update
- name: notifier | add source of notifier_env to .bashrc
lineinfile:
dest={{ NOTIFIER_HOME }}/.bashrc
- regexp='. {{ NOTIFIER_HOME }}/notifier_env'
+ regexp='. {{ NOTIFIER_HOME }}/notifier_env'
line='. {{ NOTIFIER_HOME }}/notifier_env'
- tags:
- - notifier
- - install
- - update
- name: notifier | add source venv to .bashrc
lineinfile:
dest={{ NOTIFIER_HOME }}/.bashrc
- regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
+ regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
line='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
- tags:
- - notifier
- - install
- - update
- name: notifier | create notifier DB directory
file:
path="{{ NOTIFIER_DB_DIR }}" mode=2775 state=directory
- tags:
- - notifier
- - install
- - update
- name: notifier | create notifier/bin directory
- file:
+ file:
path="{{ NOTIFIER_HOME }}/bin" mode=2775 state=directory
- tags:
- - notifier
- - install
- - update
- name: common | create supervisor log directoy
- file:
+ file:
path={{NOTIFIER_SUPERVISOR_LOG_DEST }} mode=2750 state=directory
- tags:
- - notifier
- - install
- - update
- - ubuntu
- name: notifier | supervisord config for celery workers
- template:
- src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf
+ template:
+ src=etc/supervisor/conf.d/notifier-celery-workers.conf.j2 dest=/etc/supervisor/conf.d/notifier-celery-workers.conf
notify: notifier | restart notifier-celery-workers
- tags:
- - notifier
- - install
- - update
- name: notifier | supervisord config for scheduler
- template:
- src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf
+ template:
+ src=etc/supervisor/conf.d/notifier-scheduler.conf.j2 dest=/etc/supervisor/conf.d/notifier-scheduler.conf
notify: notifier | restart notifier-scheduler
- tags:
- - notifier
- - install
- - update
- include: deploy.yml
diff --git a/playbooks/roles/ora/tasks/main.yml b/playbooks/roles/ora/tasks/main.yml
index e74122e..6cf2688 100644
--- a/playbooks/roles/ora/tasks/main.yml
+++ b/playbooks/roles/ora/tasks/main.yml
@@ -5,17 +5,13 @@
- name: ora | create application user
user: >
- name="{{ ora_user }}"
- home="{{ ora_app_dir }}"
- createhome=no
- shell=/bin/false
+ name="{{ ora_user }}" home="{{ ora_app_dir }}"
+ createhome=no shell=/bin/false
- name: ora | create ora app and data dir
file: >
- path="{{ item }}"
- state=directory
- owner="{{ ora_user }}"
- group="{{ common_web_group }}"
+ path="{{ item }}" state=directory
+ owner="{{ ora_user }}" group="{{ common_web_group }}"
with_items:
- "{{ ora_venvs_dir }}"
- "{{ ora_app_dir }}"
@@ -35,5 +31,4 @@
- name: ora | create a symlink for venv python
file: >
src="{{ ora_venv_bin }}/python"
- dest={{ cfg_dir }}/python.ora
- state=link
+ dest={{ cfg_dir }}/python.ora state=link
diff --git a/playbooks/roles/oraclejdk/tasks/main.yml b/playbooks/roles/oraclejdk/tasks/main.yml
index d550cd9..7edd1cc 100644
--- a/playbooks/roles/oraclejdk/tasks/main.yml
+++ b/playbooks/roles/oraclejdk/tasks/main.yml
@@ -1,11 +1,11 @@
---
# oraclejdk
-#
+#
# Dependencies:
#
# * common
-#
+#
# Example play:
#
# roles:
@@ -16,40 +16,28 @@
command: test -d /usr/lib/jvm/{{ oraclejdk_base }}
ignore_errors: true
register: oraclejdk_present
- tags:
- - oraclejdk
- - install
- name: oraclejdk | download Oracle Java
shell: >
- curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }}
- executable=/bin/bash
- chdir=/var/tmp
- creates=/var/tmp/{{ oraclejdk_file }}
+ curl -b gpw_e24=http%3A%2F%2Fwww.oracle.com -O -L {{ oraclejdk_url }}
+ executable=/bin/bash
+ chdir=/var/tmp
+ creates=/var/tmp/{{ oraclejdk_file }}
when: oraclejdk_present|failed
- name: oraclejdk | install Oracle Java
shell: >
- mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }}
+ mkdir -p /usr/lib/jvm && tar -C /usr/lib/jvm -zxvf /var/tmp/{{ oraclejdk_file }}
creates=/usr/lib/jvm/{{ oraclejdk_base }}
- executable=/bin/bash
+ executable=/bin/bash
sudo: true
when: oraclejdk_present|failed
- tags:
- - oraclejdk
- - install
- name: oraclejdk | create symlink expected by elasticsearch
file: src=/usr/lib/jvm/{{ oraclejdk_base }} dest={{ oraclejdk_link }} state=link
when: oraclejdk_present|failed
- tags:
- - oraclejdk
- - install
- name: oraclejdk | add JAVA_HOME for Oracle Java
template: src=java.sh.j2 dest=/etc/profile.d/java.sh owner=root group=root mode=0755
when: oraclejdk_present|failed
- tags:
- - oraclejdk
- - install
diff --git a/playbooks/roles/rabbitmq/tasks/main.yml b/playbooks/roles/rabbitmq/tasks/main.yml
index 691526f..7385959 100644
--- a/playbooks/roles/rabbitmq/tasks/main.yml
+++ b/playbooks/roles/rabbitmq/tasks/main.yml
@@ -20,26 +20,35 @@
# Defaulting to /var/lib/rabbitmq
- name: rabbitmq | create cookie directory
- file: path={{rabbitmq_cookie_dir}} owner=rabbitmq group=rabbitmq mode=0755 state=directory
-
+ file: >
+ path={{rabbitmq_cookie_dir}}
+ owner=rabbitmq group=rabbitmq mode=0755 state=directory
- name: rabbitmq | add rabbitmq erlang cookie
- template: src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}} owner=rabbitmq group=rabbitmq mode=0400
+ template: >
+ src=erlang.cookie.j2 dest={{rabbitmq_cookie_location}}
+ owner=rabbitmq group=rabbitmq mode=0400
register: erlang_cookie
# Defaulting to /etc/rabbitmq
- name: rabbitmq | create rabbitmq config directory
- file: path={{rabbitmq_config_dir}} owner=root group=root mode=0755 state=directory
-
+ file: >
+ path={{rabbitmq_config_dir}}
+ owner=root group=root mode=0755 state=directory
+
- name: rabbitmq | add rabbitmq environment configuration
- template: src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf owner=root group=root mode=0644
+ template: >
+ src=rabbitmq-env.conf.j2 dest={{rabbitmq_config_dir}}/rabbitmq-env.conf
+ owner=root group=root mode=0644
- name: rabbitmq | add rabbitmq cluster configuration
- template: src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config owner=root group=root mode=0644
+ template: >
+ src=rabbitmq.config.j2 dest={{rabbitmq_config_dir}}/rabbitmq.config
+ owner=root group=root mode=0644
register: cluster_configuration
- name: rabbitmq | install plugins
- rabbitmq_plugin:
+ rabbitmq_plugin:
names={{",".join(rabbitmq_plugins)}} state=enabled
# When rabbitmq starts up it creates a folder of metadata at '/var/lib/rabbitmq/mnesia'.
@@ -60,13 +69,9 @@
- name: rabbitmq | add admin users
rabbitmq_user: >
- user='{{item.name}}'
- password='{{item.password}}'
- read_priv='.*'
- write_priv='.*'
- configure_priv='.*'
- tags="administrator"
- state=present
+ user='{{item.name}}' password='{{item.password}}'
+ read_priv='.*' write_priv='.*'
+ configure_priv='.*' tags="administrator" state=present
with_items: rabbitmq_auth_config.admins
when: "'admins' in rabbitmq_auth_config"
@@ -74,11 +79,11 @@
# Depends upon the management plugin
#
- name: rabbitmq | install admin tools
- get_url:
+ get_url: >
url=http://localhost:{{ rabbitmq_management_port }}/cli/rabbitmqadmin
dest=/usr/local/bin/rabbitmqadmin
- name: rabbitmq | ensure rabbitmqadmin attributes
- file:
- path=/usr/local/bin/rabbitmqadmin owner=root
+ file: >
+ path=/usr/local/bin/rabbitmqadmin owner=root
group=root mode=0655
diff --git a/playbooks/roles/rbenv/tasks/main.yml b/playbooks/roles/rbenv/tasks/main.yml
index 21c03aa..2124a87 100644
--- a/playbooks/roles/rbenv/tasks/main.yml
+++ b/playbooks/roles/rbenv/tasks/main.yml
@@ -36,16 +36,13 @@
- name: rbenv | create rbenv user {{ rbenv_user }}
user: >
- name={{ rbenv_user }}
- home={{ rbenv_dir }}
- shell=/bin/false
- createhome=no
+ name={{ rbenv_user }} home={{ rbenv_dir }}
+ shell=/bin/false createhome=no
when: rbenv_user != common_web_user
- name: rbenv | create rbenv dir if it does not exist
file: >
- path="{{ rbenv_dir }}"
- owner="{{ rbenv_user }}"
+ path="{{ rbenv_dir }}" owner="{{ rbenv_user }}"
state=directory
- name: rbenv | install build depends
@@ -55,14 +52,12 @@
- name: rbenv | update rbenv repo
git: >
repo=https://github.com/sstephenson/rbenv.git
- dest={{ rbenv_dir }}/.rbenv
- version={{ rbenv_version }}
+ dest={{ rbenv_dir }}/.rbenv version={{ rbenv_version }}
sudo_user: "{{ rbenv_user }}"
- name: rbenv | ensure ruby_env exists
template: >
- src=ruby_env.j2
- dest={{ rbenv_dir }}/ruby_env
+ src=ruby_env.j2 dest={{ rbenv_dir }}/ruby_env
sudo_user: "{{ rbenv_user }}"
- name: rbenv | check ruby-build installed
diff --git a/playbooks/roles/supervisor/defaults/main.yml b/playbooks/roles/supervisor/defaults/main.yml
index 150e429..7395eef 100644
--- a/playbooks/roles/supervisor/defaults/main.yml
+++ b/playbooks/roles/supervisor/defaults/main.yml
@@ -14,7 +14,7 @@
supervisor_app_dir: "{{ app_dir }}/supervisor"
supervisor_cfg_dir: "{{ supervisor_app_dir }}/conf.d"
supervisor_data_dir: "{{ data_dir }}/supervisor"
-supervisor_venvs_dir: "{{ venvs_dir }}/supervisor"
+supervisor_venvs_dir: "{{ supervisor_app_dir }}/venvs"
supervisor_venv_dir: "{{ supervisor_venvs_dir }}/supervisor"
supervisor_venv_bin: "{{ supervisor_venv_dir }}/bin"
supervisor_ctl: "{{ supervisor_venv_bin }}/supervisorctl"
diff --git a/playbooks/roles/supervisor/handlers/main.yml b/playbooks/roles/supervisor/handlers/main.yml
index a3f68cb..e2b99b8 100644
--- a/playbooks/roles/supervisor/handlers/main.yml
+++ b/playbooks/roles/supervisor/handlers/main.yml
@@ -2,3 +2,6 @@
service: >
name=supervisor
state=restarted
+
+- name: supervisor | reload supervisor
+ shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} reload"
diff --git a/playbooks/roles/supervisor/tasks/main.yml b/playbooks/roles/supervisor/tasks/main.yml
index b42716e..fd7d3b6 100644
--- a/playbooks/roles/supervisor/tasks/main.yml
+++ b/playbooks/roles/supervisor/tasks/main.yml
@@ -38,7 +38,6 @@
group={{ common_web_user }}
with_items:
- "{{ supervisor_app_dir }}"
- - "{{ supervisor_cfg_dir }}"
- "{{ supervisor_venvs_dir }}"
- name: supervisor | create supervisor directories
@@ -48,6 +47,7 @@
owner={{ common_web_user }}
group={{ supervisor_user }}
with_items:
+ - "{{ supervisor_cfg_dir }}"
- "{{ supervisor_data_dir }}"
- "{{ supervisor_log_dir }}"
@@ -58,12 +58,15 @@
notify: supervisor | restart supervisor
- name: supervisor | create supervisor upstart job
- template: src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf
+ template: >
+ src=supervisor-upstart.conf.j2 dest=/etc/init/supervisor.conf
+ owner=root group=root
notify: supervisor | restart supervisor
- name: supervisor | create supervisor master config
- template: src=supervisord.conf.j2 dest={{ supervisor_cfg }}
- sudo_user: "{{ supervisor_user }}"
+ template: >
+ src=supervisord.conf.j2 dest={{ supervisor_cfg }}
+ owner={{ supervisor_user }}
notify: supervisor | restart supervisor
- name: supervisor | create a symlink for supervisortctl
@@ -78,5 +81,12 @@
dest={{ cfg_dir }}/{{ supervisor_cfg|basename }}
state=link
+- name: supervisor | create a symlink for supervisor cfg
+ file: >
+ src={{ supervisor_cfg_dir }}
+ dest={{ cfg_dir }}/supervisor.{{ supervisor_cfg_dir|basename }}
+ state=link
+
+
- name: supervisor | ensure supervisor is started
service: name=supervisor state=started
--
libgit2 0.26.0