variable naming, using www-data as web user

playbooks/roles/apache/templates/lms.j2

@@ -15,9 +15,9 @@ WSGIRestrictEmbedded On
 
     SetEnv SERVICE_VARIANT lms
     
-    WSGIScriptAlias / {{edx_platform_code_dir}}/lms/wsgi_apache_lms.py
+    WSGIScriptAlias / {{edxapp_code_dir}}/lms/wsgi_apache_lms.py
 
-    <Directory {{edx_platform_code_dir}}/lms>
+    <Directory {{edxapp_code_dir}}/lms>
     <Files wsgi_apache_lms.py>
         Order deny,allow
         Allow from all
@@ -39,7 +39,7 @@ WSGIRestrictEmbedded On
         require valid-user
     </Location>
 
-    WSGIDaemonProcess lms user=www-data group=adm processes=1 python-path={{edx_platform_code_dir}}:{{venv_dir}}/lib/python2.7/site-packages display-name=%{GROUP}
+    WSGIDaemonProcess lms user=www-data group=adm processes=1 python-path={{edxapp_code_dir}}:{{venv_dir}}/lib/python2.7/site-packages display-name=%{GROUP}
     WSGIProcessGroup lms
     WSGIApplicationGroup %{GLOBAL}
     

playbooks/roles/common/defaults/main.yml

@@ -15,3 +15,7 @@ common_debian_pkgs:
 common_pip_pkgs:
   - virtualenv
   - virtualenvwrapper
+
+common_web_user: www-data
+common_web_group: www-data
+common_log_user: syslog

playbooks/roles/common/tasks/main.yml

 ---
 - name: common | Add user www-data
   # This is the default user for nginx
-  user: name=www-data
+  user: name="{{ common_web_user }}"
 
 - name: common | Create common directories
   file: >

playbooks/roles/edxapp/defaults/main.yml

@@ -96,8 +96,12 @@ edxapp_data_dir: "{{ data_dir }}/edxapp"
 edxapp_app_dir: "{{ app_dir }}/edxapp"
 edxapp_log_dir: "{{ log_dir }}/edxapp"
 edxapp_venvs_dir: "{{ app_dir }}/venvs"
+edxapp_venv_dir: "{{ edxapp_venvs_dir }}/edxapp"
 edxapp_rbenvs_dir: "{{ app_dir }}/rbenvs"
+edxapp_rbenv_dir: "{{ edxapp_rbenvs_dir }}/edxapp"
 edxapp_user: edxapp
+edxapp_rbenv_root: "{{ edxapp_rbenv_dir }}/.rbenv"
+edxapp_gem_root: "{{ edxapp_rbenv_dir }}/.gem"
 
 edxapp_generic_auth_config:  &edxapp_generic_auth
   AWS_ACCESS_KEY_ID:  $EDXAPP_AWS_ACCESS_KEY_ID
@@ -242,7 +246,7 @@ lms_preview_env_config:
 
 
 # install dir for the edx-platform repo
-edx_platform_code_dir: "{{ app_dir }}/edx-platform"
+edxapp_code_dir: "{{ app_dir }}/edx-platform"
 
 
 # gunicorn ports/hosts, these shouldn't need to be overridden
@@ -285,16 +289,16 @@ edx_platform_repo: "https://{{ GIT_MIRROR }}/edx/edx-platform.git"
 # `edx_platform_commit` can be anything that git recognizes as a commit
 # reference, including a tag, a branch name, or a commit hash
 edx_platform_commit: 'release'
-local_requirements_file:  "{{ edx_platform_code_dir }}/requirements/edx/local.txt"
-pre_requirements_file:    "{{ edx_platform_code_dir }}/requirements/edx/pre.txt"
-post_requirements_file:   "{{ edx_platform_code_dir }}/requirements/edx/post.txt"
-base_requirements_file:   "{{ edx_platform_code_dir }}/requirements/edx/base.txt"
-github_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/github.txt"
-repo_requirements_file:   "{{ edx_platform_code_dir }}/requirements/edx/repo.txt"
+local_requirements_file:  "{{ edxapp_code_dir }}/requirements/edx/local.txt"
+pre_requirements_file:    "{{ edxapp_code_dir }}/requirements/edx/pre.txt"
+post_requirements_file:   "{{ edxapp_code_dir }}/requirements/edx/post.txt"
+base_requirements_file:   "{{ edxapp_code_dir }}/requirements/edx/base.txt"
+github_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/github.txt"
+repo_requirements_file:   "{{ edxapp_code_dir }}/requirements/edx/repo.txt"
 
-sandbox_base_requirements:  "{{ edx_platform_code_dir }}/requirements/edx-sandbox/base.txt"
-sandbox_local_requirements: "{{ edx_platform_code_dir }}/requirements/edx-sandbox/local.txt"
-sandbox_post_requirements:  "{{ edx_platform_code_dir }}/requirements/edx-sandbox/post.txt"
+sandbox_base_requirements:  "{{ edxapp_code_dir }}/requirements/edx-sandbox/base.txt"
+sandbox_local_requirements: "{{ edxapp_code_dir }}/requirements/edx-sandbox/local.txt"
+sandbox_post_requirements:  "{{ edxapp_code_dir }}/requirements/edx-sandbox/post.txt"
 
 #do we want to install the sandbox requirements into the regular virtual env
 install_sandbox_reqs_into_regular_venv: true
@@ -339,9 +343,9 @@ deploy_environment:
   LANG: "en_US.UTF-8"
   NO_PREREQ_INSTALL: 1
   SKIP_WS_MIGRATIONS: 1
-  RBENV_ROOT: "{{ rbenv_root }}"
-  GEM_HOME: "{{ gem_home }}"
-  PATH: "{{ venv_dir }}/bin:{{ edx_platform_code_dir }}/bin:{{ rbenv_root }}/bin:{{ rbenv_root }}/shims:{{ gem_home }}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+  RBENV_ROOT: "{{ edxapp_rbenv_root }}"
+  GEM_HOME: "{{ edxapp_gem_root }}"
+  PATH: "{{ edxapp_venv_dir }}/bin:{{ edxapp_code_dir }}/bin:{{ edxapp_rbenv_root }}/bin:{{ edxapp_rbenv_root }}/shims:{{ edxapp_gem_home }}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 
 # Worker Settings
 worker_django_settings_module: 'aws'

playbooks/roles/edxapp/meta/main.yml

 ---
 dependencies:
   - role: rbenv
-    rbenv_user: root
-    rbenv_user_home: "{{ edxapp_rbenvs_dir}}/edxapp"
+    rbenv_user: "{{ edxapp_user }}"
+    rbenv_user_home: "{{ edxapp_rbenv_dir }}"
     rbenv_ruby_version: "{{ edxapp_ruby_version }}"

playbooks/roles/edxapp/tasks/main.yml

@@ -9,8 +9,8 @@
   file: >
     path="{{ item }}"
     state=directory
-    owner=root
-    group="{{ edxapp_user }}"
+    owner="{{ edxapp_user }}"
+    group="{{ common_web_group }}"
   with_items:
     - "{{ edxapp_app_dir }}"
     - "{{ edxapp_venvs_dir }}"
@@ -19,14 +19,14 @@
   file: >
     path="{{ edxapp_log_dir }}"
     state=directory
-    owner=syslog
+    owner="{{ common_log_user }}"
   notify: common | restart logrotate
 
 - name: edxapp | create edxapp data dirs
   file: >
     path="{{ item }}"
     state=directory
-    owner="{{ edxapp_user }}"
+    owner="{{ common_web_user }}"
   with_items:
     - "{{ edxapp_data_dir }}/staticfiles"
     - "{{ edxapp_data_dir }}/data"

playbooks/roles/edxapp/templates/cms.conf.j2

@@ -10,7 +10,7 @@ respawn limit 3 30
  
 env PID=/var/tmp/cms.pid
 #env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 {% if ansible_processor|length > 0 %}
 env WORKERS={{ ansible_processor|length * worker_core_mult.cms }}
 {% else %}
@@ -22,7 +22,7 @@ env LANG=en_US.UTF-8
 env DJANGO_SETTINGS_MODULE=cms.envs.aws
 env SERVICE_VARIANT="cms"
  
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 setuid www-data
 
-exec {{venv_dir}}/bin/gunicorn_django -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} --settings=cms.envs.aws
+exec {{edxapp_venv_dir}}/bin/gunicorn_django -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} --settings=cms.envs.aws

playbooks/roles/edxapp/templates/edx-worker-cms.conf.j2

@@ -10,15 +10,15 @@ respawn
 instance edx.${SERVICE_VARIANT}.core.${QUEUE}
 
 #env NEW_RELIC_CONFIG_FILE=/opt/wwc/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 env CONCURRENCY=${CONCURRENCY}
 env LOGLEVEL=info
 env DJANGO_SETTINGS_MODULE={{worker_django_settings_module}}
-env PYTHONPATH={{edx_platform_code_dir}}
+env PYTHONPATH={{edxapp_code_dir}}
 env SERVICE_VARIANT=${SERVICE_VARIANT}
 
 setuid www-data
 
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 
-exec {{venv_dir}}/bin/python {{edx_platform_code_dir}}/manage.py $SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
+exec {{edxapp_venv_dir}}/bin/python {{edxapp_code_dir}}/manage.py $SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY

playbooks/roles/edxapp/templates/edx-worker-lms.conf.j2

@@ -10,15 +10,15 @@ respawn
 instance edx.${SERVICE_VARIANT}.core.${QUEUE}
 
 #env NEW_RELIC_CONFIG_FILE=/opt/wwc/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 env CONCURRENCY=${CONCURRENCY}
 env LOGLEVEL=info
 env DJANGO_SETTINGS_MODULE={{worker_django_settings_module}}
-env PYTHONPATH={{edx_platform_code_dir}}
+env PYTHONPATH={{edxapp_code_dir}}
 env SERVICE_VARIANT=${SERVICE_VARIANT}
 
 setuid www-data
 
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 
-exec {{venv_dir}}/bin/python {{edx_platform_code_dir}}/manage.py lms --service-variant=$SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
+exec {{edxapp_venv_dir}}/bin/python {{edxapp_code_dir}}/manage.py lms --service-variant=$SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY

playbooks/roles/edxapp/templates/lms-preview.conf.j2

@@ -11,7 +11,7 @@ respawn limit 3 30
 
 env PID=/var/tmp/lms.pid
 #env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 {% if ansible_processor|length > 0 %}
 env WORKERS={{ ansible_processor|length * worker_core_mult.lms_preview }}
 {% else %}
@@ -23,10 +23,10 @@ env LANG=en_US.UTF-8
 env DJANGO_SETTINGS_MODULE=lms.envs.aws
 env SERVICE_VARIANT="lms-preview"
   
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 setuid www-data
 
-exec {{venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} lms.wsgi
+exec {{edxapp_venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} lms.wsgi
 
 post-start script
   while true

playbooks/roles/edxapp/templates/lms.conf.j2

@@ -8,7 +8,7 @@ respawn limit 3 30
 
 env PID=/var/tmp/lms.pid
 #env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 {% if ansible_processor|length > 0 %}
 env WORKERS={{ ansible_processor|length * worker_core_mult.lms }}
 {% else %}
@@ -20,10 +20,10 @@ env LANG=en_US.UTF-8
 env DJANGO_SETTINGS_MODULE={{ edxapp_lms_env }}
 env SERVICE_VARIANT="lms"
 
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 setuid www-data
 
-exec {{venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} lms.wsgi
+exec {{edxapp_venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} lms.wsgi
 
 post-start script
   while true

playbooks/roles/edxapp/templates/rbenv.sh.j2

-export RBENV_ROOT="{{ rbenv_root }}"
-export GEM_HOME="{{ gem_home }}"
-export PATH="{{ gem_home }}/bin:$PATH"
-eval "$(rbenv init -)"

playbooks/roles/rbenv/defaults/main.yml

 ---
 
 rbenv_version: 'v0.4.0'
-rbenv_bundler_version: '1.3.2'
\ No newline at end of file
+rbenv_bundler_version: '1.3.2'
+rbenv_root: "{{ rbenv_user_home }}/.rbenv"

playbooks/roles/rbenv/tasks/main.yml

 ---
 
 # rbenv
-# 
+#
 # Dependencies:
 #
 #   * common
-# 
+#
 # Example play:
 #
 #   roles:
@@ -16,7 +16,7 @@
 #     rbenv_ruby_version: "{{ forum_ruby_version }}"
 #
 # Parameters:
-#  
+#
 #   * rbenv_user
 #   * rbenv_user_home
 #   * rbenv_ruby_version
@@ -38,14 +38,14 @@
   # workaround for the case where the parent
   # directory doesn't exist
   file: >
-    path={{ rbenv_user_home }} 
+    path={{ rbenv_user_home }}
     state=directory
 
 - name: rbenv | create rbenv user {{ rbenv_user }}
   user: >
-    name={{ rbenv_user }} 
-    state=present 
-    shell=/bin/bash 
+    name={{ rbenv_user }}
+    state=present
+    shell=/bin/bash
     home={{ rbenv_user_home }}
     createhome=yes
   tags:
@@ -56,7 +56,7 @@
   # workaround for the case where the parent
   # directory doesn't exist
   file: >
-    path={{ rbenv_user_home }} 
+    path={{ rbenv_user_home }}
     owner={{ rbenv_user }}
     group={{ rbenv_user }}
     state=directory
@@ -80,10 +80,10 @@
 
 - name: rbenv | update rbenv repo
   git: >
-    repo=https://github.com/sstephenson/rbenv.git 
-    dest={{ rbenv_user_home }}/.rbenv 
+    repo=https://github.com/sstephenson/rbenv.git
+    dest={{ rbenv_user_home }}/.rbenv
     version={{ rbenv_version }}
-  sudo: true  
+  sudo: true
   sudo_user: "{{ rbenv_user }}"
   tags:
   - ruby
@@ -91,7 +91,7 @@
 
 - name: rbenv | ensure .bashrc exists
   shell: touch {{ rbenv_user_home }}/.bashrc
-  sudo: true  
+  sudo: true
   sudo_user: "{{ rbenv_user }}"
   tags:
   - ruby
@@ -99,17 +99,17 @@
 
 - name: rbenv | drop a bash_profile
   copy: >
-    src=../../common/files/bash_profile 
-    dest={{ rbenv_user_home }}/.bash_profile 
-    owner={{ rbenv_user }} 
+    src=../../common/files/bash_profile
+    dest={{ rbenv_user_home }}/.bash_profile
+    owner={{ rbenv_user }}
     group={{ rbenv_user }}
 
 
 - name: rbenv | ensure ruby_env exists
   template: >
-    src=ruby_env.j2 
-    dest={{ rbenv_user_home }}/ruby_env 
-    owner={{ rbenv_user }} 
+    src=ruby_env.j2
+    dest={{ rbenv_user_home }}/ruby_env
+    owner={{ rbenv_user }}
     group={{ rbenv_user }}
   tags:
   - ruby
@@ -118,14 +118,14 @@
 - name: rebenv | add source of ruby_env to .bashrc
   lineinfile:
     dest="{{ rbenv_user_home }}/.bashrc"
-    regexp='. {{ rbenv_user_home }}/ruby_env'    
+    regexp='. {{ rbenv_user_home }}/ruby_env'
     line='. {{ rbenv_user_home }}/ruby_env'
 
 - name: rbenv | drop a bash_profile
   copy: >
-    src=../../common/files/bash_profile 
-    dest={{ rbenv_user_home }}/.bash_profile 
-    owner={{ rbenv_user }} 
+    src=../../common/files/bash_profile
+    dest={{ rbenv_user_home }}/.bash_profile
+    owner={{ rbenv_user }}
     group={{ rbenv_user }}
 
 - name: rbenv | check ruby-build installed
@@ -149,7 +149,7 @@
 - name: rbenv | create temporary directory
   command: mktemp -d
   register: tempdir
-  sudo: true  
+  sudo: true
   sudo_user: "{{ rbenv_user }}"
   when: rbuild_present|failed or (installable_ruby_vers is defined and rbenv_ruby_version not in installable_ruby_vers)
   tags:
@@ -160,7 +160,7 @@
   git: repo=https://github.com/sstephenson/ruby-build.git dest={{ tempdir.stdout }}/ruby-build
   when: rbuild_present|failed or (installable_ruby_vers is defined and rbenv_ruby_version not in installable_ruby_vers)
   sudo: true
-  sudo_user: "{{ rbenv_user }}" 
+  sudo_user: "{{ rbenv_user }}"
   tags:
   - ruby
   - install
@@ -183,7 +183,7 @@
   shell: "{{ rbenv_user_home }}/.rbenv/bin/rbenv versions | grep {{ rbenv_ruby_version }}"
   register: ruby_installed
   sudo: true
-  sudo_user: "{{ rbenv_user }}" 
+  sudo_user: "{{ rbenv_user }}"
   ignore_errors: yes
   tags:
   - ruby
@@ -193,7 +193,7 @@
   shell: "{{ rbenv_user_home }}/.rbenv/bin/rbenv install {{ rbenv_ruby_version }} creates={{rbenv_user_home}}/.rbenv/versions/{{rbenv_ruby_version}}"
   when: ruby_installed|failed
   sudo: true
-  sudo_user: "{{ rbenv_user }}" 
+  sudo_user: "{{ rbenv_user }}"
   tags:
   - ruby
   - install
@@ -209,7 +209,7 @@
 - name: rbenv | install bundler
   shell: "{{ rbenv_user_home }}/.rbenv/shims/gem install bundler -v {{ rbenv_bundler_version }}"
   sudo: true
-  sudo_user: "{{ rbenv_user }}" 
+  sudo_user: "{{ rbenv_user }}"
   tags:
   - ruby
   - install
@@ -217,7 +217,7 @@
 - name: rbenv | rehash
   shell: "{{rbenv_user_home}}/.rbenv/bin/rbenv rehash"
   sudo: true
-  sudo_user: "{{ rbenv_user }}" 
+  sudo_user: "{{ rbenv_user }}"
   tags:
   - ruby
   - install