Commit 68c462bd by John Jarvis

variable naming, using www-data as web user

parent a4d8458f
......@@ -15,9 +15,9 @@ WSGIRestrictEmbedded On
SetEnv SERVICE_VARIANT lms
WSGIScriptAlias / {{edx_platform_code_dir}}/lms/wsgi_apache_lms.py
WSGIScriptAlias / {{edxapp_code_dir}}/lms/wsgi_apache_lms.py
<Directory {{edx_platform_code_dir}}/lms>
<Directory {{edxapp_code_dir}}/lms>
<Files wsgi_apache_lms.py>
Order deny,allow
Allow from all
......@@ -39,7 +39,7 @@ WSGIRestrictEmbedded On
require valid-user
</Location>
WSGIDaemonProcess lms user=www-data group=adm processes=1 python-path={{edx_platform_code_dir}}:{{venv_dir}}/lib/python2.7/site-packages display-name=%{GROUP}
WSGIDaemonProcess lms user=www-data group=adm processes=1 python-path={{edxapp_code_dir}}:{{venv_dir}}/lib/python2.7/site-packages display-name=%{GROUP}
WSGIProcessGroup lms
WSGIApplicationGroup %{GLOBAL}
......
......@@ -15,3 +15,7 @@ common_debian_pkgs:
common_pip_pkgs:
- virtualenv
- virtualenvwrapper
common_web_user: www-data
common_web_group: www-data
common_log_user: syslog
---
- name: common | Add user www-data
# This is the default user for nginx
user: name=www-data
user: name="{{ common_web_user }}"
- name: common | Create common directories
file: >
......
......@@ -96,8 +96,12 @@ edxapp_data_dir: "{{ data_dir }}/edxapp"
edxapp_app_dir: "{{ app_dir }}/edxapp"
edxapp_log_dir: "{{ log_dir }}/edxapp"
edxapp_venvs_dir: "{{ app_dir }}/venvs"
edxapp_venv_dir: "{{ edxapp_venvs_dir }}/edxapp"
edxapp_rbenvs_dir: "{{ app_dir }}/rbenvs"
edxapp_rbenv_dir: "{{ edxapp_rbenvs_dir }}/edxapp"
edxapp_user: edxapp
edxapp_rbenv_root: "{{ edxapp_rbenv_dir }}/.rbenv"
edxapp_gem_root: "{{ edxapp_rbenv_dir }}/.gem"
edxapp_generic_auth_config: &edxapp_generic_auth
AWS_ACCESS_KEY_ID: $EDXAPP_AWS_ACCESS_KEY_ID
......@@ -242,7 +246,7 @@ lms_preview_env_config:
# install dir for the edx-platform repo
edx_platform_code_dir: "{{ app_dir }}/edx-platform"
edxapp_code_dir: "{{ app_dir }}/edx-platform"
# gunicorn ports/hosts, these shouldn't need to be overridden
......@@ -285,16 +289,16 @@ edx_platform_repo: "https://{{ GIT_MIRROR }}/edx/edx-platform.git"
# `edx_platform_commit` can be anything that git recognizes as a commit
# reference, including a tag, a branch name, or a commit hash
edx_platform_commit: 'release'
local_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/local.txt"
pre_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/pre.txt"
post_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/post.txt"
base_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/base.txt"
github_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/github.txt"
repo_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/repo.txt"
local_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/local.txt"
pre_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/pre.txt"
post_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/post.txt"
base_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/base.txt"
github_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/github.txt"
repo_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/repo.txt"
sandbox_base_requirements: "{{ edx_platform_code_dir }}/requirements/edx-sandbox/base.txt"
sandbox_local_requirements: "{{ edx_platform_code_dir }}/requirements/edx-sandbox/local.txt"
sandbox_post_requirements: "{{ edx_platform_code_dir }}/requirements/edx-sandbox/post.txt"
sandbox_base_requirements: "{{ edxapp_code_dir }}/requirements/edx-sandbox/base.txt"
sandbox_local_requirements: "{{ edxapp_code_dir }}/requirements/edx-sandbox/local.txt"
sandbox_post_requirements: "{{ edxapp_code_dir }}/requirements/edx-sandbox/post.txt"
#do we want to install the sandbox requirements into the regular virtual env
install_sandbox_reqs_into_regular_venv: true
......@@ -339,9 +343,9 @@ deploy_environment:
LANG: "en_US.UTF-8"
NO_PREREQ_INSTALL: 1
SKIP_WS_MIGRATIONS: 1
RBENV_ROOT: "{{ rbenv_root }}"
GEM_HOME: "{{ gem_home }}"
PATH: "{{ venv_dir }}/bin:{{ edx_platform_code_dir }}/bin:{{ rbenv_root }}/bin:{{ rbenv_root }}/shims:{{ gem_home }}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
RBENV_ROOT: "{{ edxapp_rbenv_root }}"
GEM_HOME: "{{ edxapp_gem_root }}"
PATH: "{{ edxapp_venv_dir }}/bin:{{ edxapp_code_dir }}/bin:{{ edxapp_rbenv_root }}/bin:{{ edxapp_rbenv_root }}/shims:{{ edxapp_gem_home }}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Worker Settings
worker_django_settings_module: 'aws'
---
dependencies:
- role: rbenv
rbenv_user: root
rbenv_user_home: "{{ edxapp_rbenvs_dir}}/edxapp"
rbenv_user: "{{ edxapp_user }}"
rbenv_user_home: "{{ edxapp_rbenv_dir }}"
rbenv_ruby_version: "{{ edxapp_ruby_version }}"
......@@ -9,8 +9,8 @@
file: >
path="{{ item }}"
state=directory
owner=root
group="{{ edxapp_user }}"
owner="{{ edxapp_user }}"
group="{{ common_web_group }}"
with_items:
- "{{ edxapp_app_dir }}"
- "{{ edxapp_venvs_dir }}"
......@@ -19,14 +19,14 @@
file: >
path="{{ edxapp_log_dir }}"
state=directory
owner=syslog
owner="{{ common_log_user }}"
notify: common | restart logrotate
- name: edxapp | create edxapp data dirs
file: >
path="{{ item }}"
state=directory
owner="{{ edxapp_user }}"
owner="{{ common_web_user }}"
with_items:
- "{{ edxapp_data_dir }}/staticfiles"
- "{{ edxapp_data_dir }}/data"
......
......@@ -10,7 +10,7 @@ respawn limit 3 30
env PID=/var/tmp/cms.pid
#env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
{% if ansible_processor|length > 0 %}
env WORKERS={{ ansible_processor|length * worker_core_mult.cms }}
{% else %}
......@@ -22,7 +22,7 @@ env LANG=en_US.UTF-8
env DJANGO_SETTINGS_MODULE=cms.envs.aws
env SERVICE_VARIANT="cms"
chdir {{edx_platform_code_dir}}
chdir {{edxapp_code_dir}}
setuid www-data
exec {{venv_dir}}/bin/gunicorn_django -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} --settings=cms.envs.aws
exec {{edxapp_venv_dir}}/bin/gunicorn_django -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} --settings=cms.envs.aws
......@@ -10,15 +10,15 @@ respawn
instance edx.${SERVICE_VARIANT}.core.${QUEUE}
#env NEW_RELIC_CONFIG_FILE=/opt/wwc/newrelic.ini
#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
env CONCURRENCY=${CONCURRENCY}
env LOGLEVEL=info
env DJANGO_SETTINGS_MODULE={{worker_django_settings_module}}
env PYTHONPATH={{edx_platform_code_dir}}
env PYTHONPATH={{edxapp_code_dir}}
env SERVICE_VARIANT=${SERVICE_VARIANT}
setuid www-data
chdir {{edx_platform_code_dir}}
chdir {{edxapp_code_dir}}
exec {{venv_dir}}/bin/python {{edx_platform_code_dir}}/manage.py $SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
exec {{edxapp_venv_dir}}/bin/python {{edxapp_code_dir}}/manage.py $SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
......@@ -10,15 +10,15 @@ respawn
instance edx.${SERVICE_VARIANT}.core.${QUEUE}
#env NEW_RELIC_CONFIG_FILE=/opt/wwc/newrelic.ini
#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
env CONCURRENCY=${CONCURRENCY}
env LOGLEVEL=info
env DJANGO_SETTINGS_MODULE={{worker_django_settings_module}}
env PYTHONPATH={{edx_platform_code_dir}}
env PYTHONPATH={{edxapp_code_dir}}
env SERVICE_VARIANT=${SERVICE_VARIANT}
setuid www-data
chdir {{edx_platform_code_dir}}
chdir {{edxapp_code_dir}}
exec {{venv_dir}}/bin/python {{edx_platform_code_dir}}/manage.py lms --service-variant=$SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
exec {{edxapp_venv_dir}}/bin/python {{edxapp_code_dir}}/manage.py lms --service-variant=$SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
......@@ -11,7 +11,7 @@ respawn limit 3 30
env PID=/var/tmp/lms.pid
#env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
{% if ansible_processor|length > 0 %}
env WORKERS={{ ansible_processor|length * worker_core_mult.lms_preview }}
{% else %}
......@@ -23,10 +23,10 @@ env LANG=en_US.UTF-8
env DJANGO_SETTINGS_MODULE=lms.envs.aws
env SERVICE_VARIANT="lms-preview"
chdir {{edx_platform_code_dir}}
chdir {{edxapp_code_dir}}
setuid www-data
exec {{venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} lms.wsgi
exec {{edxapp_venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} lms.wsgi
post-start script
while true
......
......@@ -8,7 +8,7 @@ respawn limit 3 30
env PID=/var/tmp/lms.pid
#env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
{% if ansible_processor|length > 0 %}
env WORKERS={{ ansible_processor|length * worker_core_mult.lms }}
{% else %}
......@@ -20,10 +20,10 @@ env LANG=en_US.UTF-8
env DJANGO_SETTINGS_MODULE={{ edxapp_lms_env }}
env SERVICE_VARIANT="lms"
chdir {{edx_platform_code_dir}}
chdir {{edxapp_code_dir}}
setuid www-data
exec {{venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} lms.wsgi
exec {{edxapp_venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} lms.wsgi
post-start script
while true
......
export RBENV_ROOT="{{ rbenv_root }}"
export GEM_HOME="{{ gem_home }}"
export PATH="{{ gem_home }}/bin:$PATH"
eval "$(rbenv init -)"
---
rbenv_version: 'v0.4.0'
rbenv_bundler_version: '1.3.2'
\ No newline at end of file
rbenv_bundler_version: '1.3.2'
rbenv_root: "{{ rbenv_user_home }}/.rbenv"
---
# rbenv
#
#
# Dependencies:
#
# * common
#
#
# Example play:
#
# roles:
......@@ -16,7 +16,7 @@
# rbenv_ruby_version: "{{ forum_ruby_version }}"
#
# Parameters:
#
#
# * rbenv_user
# * rbenv_user_home
# * rbenv_ruby_version
......@@ -38,14 +38,14 @@
# workaround for the case where the parent
# directory doesn't exist
file: >
path={{ rbenv_user_home }}
path={{ rbenv_user_home }}
state=directory
- name: rbenv | create rbenv user {{ rbenv_user }}
user: >
name={{ rbenv_user }}
state=present
shell=/bin/bash
name={{ rbenv_user }}
state=present
shell=/bin/bash
home={{ rbenv_user_home }}
createhome=yes
tags:
......@@ -56,7 +56,7 @@
# workaround for the case where the parent
# directory doesn't exist
file: >
path={{ rbenv_user_home }}
path={{ rbenv_user_home }}
owner={{ rbenv_user }}
group={{ rbenv_user }}
state=directory
......@@ -80,10 +80,10 @@
- name: rbenv | update rbenv repo
git: >
repo=https://github.com/sstephenson/rbenv.git
dest={{ rbenv_user_home }}/.rbenv
repo=https://github.com/sstephenson/rbenv.git
dest={{ rbenv_user_home }}/.rbenv
version={{ rbenv_version }}
sudo: true
sudo: true
sudo_user: "{{ rbenv_user }}"
tags:
- ruby
......@@ -91,7 +91,7 @@
- name: rbenv | ensure .bashrc exists
shell: touch {{ rbenv_user_home }}/.bashrc
sudo: true
sudo: true
sudo_user: "{{ rbenv_user }}"
tags:
- ruby
......@@ -99,17 +99,17 @@
- name: rbenv | drop a bash_profile
copy: >
src=../../common/files/bash_profile
dest={{ rbenv_user_home }}/.bash_profile
owner={{ rbenv_user }}
src=../../common/files/bash_profile
dest={{ rbenv_user_home }}/.bash_profile
owner={{ rbenv_user }}
group={{ rbenv_user }}
- name: rbenv | ensure ruby_env exists
template: >
src=ruby_env.j2
dest={{ rbenv_user_home }}/ruby_env
owner={{ rbenv_user }}
src=ruby_env.j2
dest={{ rbenv_user_home }}/ruby_env
owner={{ rbenv_user }}
group={{ rbenv_user }}
tags:
- ruby
......@@ -118,14 +118,14 @@
- name: rebenv | add source of ruby_env to .bashrc
lineinfile:
dest="{{ rbenv_user_home }}/.bashrc"
regexp='. {{ rbenv_user_home }}/ruby_env'
regexp='. {{ rbenv_user_home }}/ruby_env'
line='. {{ rbenv_user_home }}/ruby_env'
- name: rbenv | drop a bash_profile
copy: >
src=../../common/files/bash_profile
dest={{ rbenv_user_home }}/.bash_profile
owner={{ rbenv_user }}
src=../../common/files/bash_profile
dest={{ rbenv_user_home }}/.bash_profile
owner={{ rbenv_user }}
group={{ rbenv_user }}
- name: rbenv | check ruby-build installed
......@@ -149,7 +149,7 @@
- name: rbenv | create temporary directory
command: mktemp -d
register: tempdir
sudo: true
sudo: true
sudo_user: "{{ rbenv_user }}"
when: rbuild_present|failed or (installable_ruby_vers is defined and rbenv_ruby_version not in installable_ruby_vers)
tags:
......@@ -160,7 +160,7 @@
git: repo=https://github.com/sstephenson/ruby-build.git dest={{ tempdir.stdout }}/ruby-build
when: rbuild_present|failed or (installable_ruby_vers is defined and rbenv_ruby_version not in installable_ruby_vers)
sudo: true
sudo_user: "{{ rbenv_user }}"
sudo_user: "{{ rbenv_user }}"
tags:
- ruby
- install
......@@ -183,7 +183,7 @@
shell: "{{ rbenv_user_home }}/.rbenv/bin/rbenv versions | grep {{ rbenv_ruby_version }}"
register: ruby_installed
sudo: true
sudo_user: "{{ rbenv_user }}"
sudo_user: "{{ rbenv_user }}"
ignore_errors: yes
tags:
- ruby
......@@ -193,7 +193,7 @@
shell: "{{ rbenv_user_home }}/.rbenv/bin/rbenv install {{ rbenv_ruby_version }} creates={{rbenv_user_home}}/.rbenv/versions/{{rbenv_ruby_version}}"
when: ruby_installed|failed
sudo: true
sudo_user: "{{ rbenv_user }}"
sudo_user: "{{ rbenv_user }}"
tags:
- ruby
- install
......@@ -209,7 +209,7 @@
- name: rbenv | install bundler
shell: "{{ rbenv_user_home }}/.rbenv/shims/gem install bundler -v {{ rbenv_bundler_version }}"
sudo: true
sudo_user: "{{ rbenv_user }}"
sudo_user: "{{ rbenv_user }}"
tags:
- ruby
- install
......@@ -217,7 +217,7 @@
- name: rbenv | rehash
shell: "{{rbenv_user_home}}/.rbenv/bin/rbenv rehash"
sudo: true
sudo_user: "{{ rbenv_user }}"
sudo_user: "{{ rbenv_user }}"
tags:
- ruby
- install
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment