variable naming, using www-data as web user

68c462bd · John Jarvis · a4d8458f · 68c462bd · 68c462bd · 68c462bd
Commit 68c462bd authored Oct 17, 2013 by John Jarvis
15 changed files
--- a/playbooks/roles/apache/templates/lms.j2
+++ b/playbooks/roles/apache/templates/lms.j2
@@ -15,9 +15,9 @@ WSGIRestrictEmbedded On
    SetEnv SERVICE_VARIANT lms
-    WSGIScriptAlias / {{edx_platform_code_dir}}/lms/wsgi_apache_lms.py
+    WSGIScriptAlias / {{edxapp_code_dir}}/lms/wsgi_apache_lms.py
-    <Directory {{edx_platform_code_dir}}/lms>
+    <Directory {{edxapp_code_dir}}/lms>
    <Files wsgi_apache_lms.py>
        Order deny,allow
        Allow from all
@@ -39,7 +39,7 @@ WSGIRestrictEmbedded On
        require valid-user
    </Location>
-    WSGIDaemonProcess lms user=www-data group=adm processes=1 python-path={{edx_platform_code_dir}}:{{venv_dir}}/lib/python2.7/site-packages display-name=%{GROUP}
+    WSGIDaemonProcess lms user=www-data group=adm processes=1 python-path={{edxapp_code_dir}}:{{venv_dir}}/lib/python2.7/site-packages display-name=%{GROUP}
    WSGIProcessGroup lms
    WSGIApplicationGroup %{GLOBAL}

--- a/playbooks/roles/common/defaults/main.yml
+++ b/playbooks/roles/common/defaults/main.yml
@@ -15,3 +15,7 @@ common_debian_pkgs:
 common_pip_pkgs:
  - virtualenv
  - virtualenvwrapper
+common_web_user: www-data
+common_web_group: www-data
+common_log_user: syslog
--- a/playbooks/roles/common/tasks/main.yml
+++ b/playbooks/roles/common/tasks/main.yml
 ---
 - name: common | Add user www-data
  # This is the default user for nginx
-  user: name=www-data
+  user: name="{{ common_web_user }}"
 - name: common | Create common directories
  file: >

--- a/playbooks/roles/edxapp/defaults/main.yml
+++ b/playbooks/roles/edxapp/defaults/main.yml
@@ -96,8 +96,12 @@ edxapp_data_dir: "{{ data_dir }}/edxapp"
 edxapp_app_dir: "{{ app_dir }}/edxapp"
 edxapp_log_dir: "{{ log_dir }}/edxapp"
 edxapp_venvs_dir: "{{ app_dir }}/venvs"
+edxapp_venv_dir: "{{ edxapp_venvs_dir }}/edxapp"
 edxapp_rbenvs_dir: "{{ app_dir }}/rbenvs"
+edxapp_rbenv_dir: "{{ edxapp_rbenvs_dir }}/edxapp"
 edxapp_user: edxapp
+edxapp_rbenv_root: "{{ edxapp_rbenv_dir }}/.rbenv"
+edxapp_gem_root: "{{ edxapp_rbenv_dir }}/.gem"
 edxapp_generic_auth_config:  &edxapp_generic_auth
  AWS_ACCESS_KEY_ID:  $EDXAPP_AWS_ACCESS_KEY_ID
@@ -242,7 +246,7 @@ lms_preview_env_config:
 # install dir for the edx-platform repo
-edx_platform_code_dir: "{{ app_dir }}/edx-platform"
+edxapp_code_dir: "{{ app_dir }}/edx-platform"
 # gunicorn ports/hosts, these shouldn't need to be overridden
@@ -285,16 +289,16 @@ edx_platform_repo: "https://{{ GIT_MIRROR }}/edx/edx-platform.git"
 # `edx_platform_commit` can be anything that git recognizes as a commit
 # reference, including a tag, a branch name, or a commit hash
 edx_platform_commit: 'release'
-local_requirements_file:  "{{ edx_platform_code_dir }}/requirements/edx/local.txt"
+local_requirements_file:  "{{ edxapp_code_dir }}/requirements/edx/local.txt"
-pre_requirements_file:    "{{ edx_platform_code_dir }}/requirements/edx/pre.txt"
+pre_requirements_file:    "{{ edxapp_code_dir }}/requirements/edx/pre.txt"
-post_requirements_file:   "{{ edx_platform_code_dir }}/requirements/edx/post.txt"
+post_requirements_file:   "{{ edxapp_code_dir }}/requirements/edx/post.txt"
-base_requirements_file:   "{{ edx_platform_code_dir }}/requirements/edx/base.txt"
+base_requirements_file:   "{{ edxapp_code_dir }}/requirements/edx/base.txt"
-github_requirements_file: "{{ edx_platform_code_dir }}/requirements/edx/github.txt"
+github_requirements_file: "{{ edxapp_code_dir }}/requirements/edx/github.txt"
-repo_requirements_file:   "{{ edx_platform_code_dir }}/requirements/edx/repo.txt"
+repo_requirements_file:   "{{ edxapp_code_dir }}/requirements/edx/repo.txt"
-sandbox_base_requirements:  "{{ edx_platform_code_dir }}/requirements/edx-sandbox/base.txt"
+sandbox_base_requirements:  "{{ edxapp_code_dir }}/requirements/edx-sandbox/base.txt"
-sandbox_local_requirements: "{{ edx_platform_code_dir }}/requirements/edx-sandbox/local.txt"
+sandbox_local_requirements: "{{ edxapp_code_dir }}/requirements/edx-sandbox/local.txt"
-sandbox_post_requirements:  "{{ edx_platform_code_dir }}/requirements/edx-sandbox/post.txt"
+sandbox_post_requirements:  "{{ edxapp_code_dir }}/requirements/edx-sandbox/post.txt"
 #do we want to install the sandbox requirements into the regular virtual env
 install_sandbox_reqs_into_regular_venv: true
@@ -339,9 +343,9 @@ deploy_environment:
  LANG: "en_US.UTF-8"
  NO_PREREQ_INSTALL: 1
  SKIP_WS_MIGRATIONS: 1
-  RBENV_ROOT: "{{ rbenv_root }}"
+  RBENV_ROOT: "{{ edxapp_rbenv_root }}"
-  GEM_HOME: "{{ gem_home }}"
+  GEM_HOME: "{{ edxapp_gem_root }}"
-  PATH: "{{ venv_dir }}/bin:{{ edx_platform_code_dir }}/bin:{{ rbenv_root }}/bin:{{ rbenv_root }}/shims:{{ gem_home }}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+  PATH: "{{ edxapp_venv_dir }}/bin:{{ edxapp_code_dir }}/bin:{{ edxapp_rbenv_root }}/bin:{{ edxapp_rbenv_root }}/shims:{{ edxapp_gem_home }}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 # Worker Settings
 worker_django_settings_module: 'aws'
--- a/playbooks/roles/edxapp/meta/main.yml
+++ b/playbooks/roles/edxapp/meta/main.yml
 ---
 dependencies:
  - role: rbenv
-    rbenv_user: root
+    rbenv_user: "{{ edxapp_user }}"
-    rbenv_user_home: "{{ edxapp_rbenvs_dir}}/edxapp"
+    rbenv_user_home: "{{ edxapp_rbenv_dir }}"
    rbenv_ruby_version: "{{ edxapp_ruby_version }}"
--- a/playbooks/roles/edxapp/tasks/deploy.yml
+++ b/playbooks/roles/edxapp/tasks/deploy.yml
--- a/playbooks/roles/edxapp/tasks/main.yml
+++ b/playbooks/roles/edxapp/tasks/main.yml
@@ -9,8 +9,8 @@
  file: >
    path="{{ item }}"
    state=directory
-    owner=root
+    owner="{{ edxapp_user }}"
-    group="{{ edxapp_user }}"
+    group="{{ common_web_group }}"
  with_items:
    - "{{ edxapp_app_dir }}"
    - "{{ edxapp_venvs_dir }}"
@@ -19,14 +19,14 @@
  file: >
    path="{{ edxapp_log_dir }}"
    state=directory
-    owner=syslog
+    owner="{{ common_log_user }}"
  notify: common | restart logrotate
 - name: edxapp | create edxapp data dirs
  file: >
    path="{{ item }}"
    state=directory
-    owner="{{ edxapp_user }}"
+    owner="{{ common_web_user }}"
  with_items:
    - "{{ edxapp_data_dir }}/staticfiles"
    - "{{ edxapp_data_dir }}/data"

--- a/playbooks/roles/edxapp/templates/cms.conf.j2
+++ b/playbooks/roles/edxapp/templates/cms.conf.j2
@@ -10,7 +10,7 @@ respawn limit 3 30
 env PID=/var/tmp/cms.pid
 #env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 {% if ansible_processor|length > 0 %}
 env WORKERS={{ ansible_processor|length * worker_core_mult.cms }}
 {% else %}
@@ -22,7 +22,7 @@ env LANG=en_US.UTF-8
 env DJANGO_SETTINGS_MODULE=cms.envs.aws
 env SERVICE_VARIANT="cms"
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 setuid www-data
-exec {{venv_dir}}/bin/gunicorn_django -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} --settings=cms.envs.aws
+exec {{edxapp_venv_dir}}/bin/gunicorn_django -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} --settings=cms.envs.aws
--- a/playbooks/roles/edxapp/templates/edx-worker-cms.conf.j2
+++ b/playbooks/roles/edxapp/templates/edx-worker-cms.conf.j2
@@ -10,15 +10,15 @@ respawn
 instance edx.${SERVICE_VARIANT}.core.${QUEUE}
 #env NEW_RELIC_CONFIG_FILE=/opt/wwc/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 env CONCURRENCY=${CONCURRENCY}
 env LOGLEVEL=info
 env DJANGO_SETTINGS_MODULE={{worker_django_settings_module}}
-env PYTHONPATH={{edx_platform_code_dir}}
+env PYTHONPATH={{edxapp_code_dir}}
 env SERVICE_VARIANT=${SERVICE_VARIANT}
 setuid www-data
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
-exec {{venv_dir}}/bin/python {{edx_platform_code_dir}}/manage.py $SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
+exec {{edxapp_venv_dir}}/bin/python {{edxapp_code_dir}}/manage.py $SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
--- a/playbooks/roles/edxapp/templates/edx-worker-lms.conf.j2
+++ b/playbooks/roles/edxapp/templates/edx-worker-lms.conf.j2
@@ -10,15 +10,15 @@ respawn
 instance edx.${SERVICE_VARIANT}.core.${QUEUE}
 #env NEW_RELIC_CONFIG_FILE=/opt/wwc/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 env CONCURRENCY=${CONCURRENCY}
 env LOGLEVEL=info
 env DJANGO_SETTINGS_MODULE={{worker_django_settings_module}}
-env PYTHONPATH={{edx_platform_code_dir}}
+env PYTHONPATH={{edxapp_code_dir}}
 env SERVICE_VARIANT=${SERVICE_VARIANT}
 setuid www-data
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
-exec {{venv_dir}}/bin/python {{edx_platform_code_dir}}/manage.py lms --service-variant=$SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
+exec {{edxapp_venv_dir}}/bin/python {{edxapp_code_dir}}/manage.py lms --service-variant=$SERVICE_VARIANT --settings=$DJANGO_SETTINGS_MODULE celery worker --loglevel=$LOGLEVEL --queues=edx.${SERVICE_VARIANT}.core.${QUEUE} --hostname=edx.${SERVICE_VARIANT}.core.${QUEUE}.`hostname` --concurrency=$CONCURRENCY
--- a/playbooks/roles/edxapp/templates/lms-preview.conf.j2
+++ b/playbooks/roles/edxapp/templates/lms-preview.conf.j2
@@ -11,7 +11,7 @@ respawn limit 3 30
 env PID=/var/tmp/lms.pid
 #env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 {% if ansible_processor|length > 0 %}
 env WORKERS={{ ansible_processor|length * worker_core_mult.lms_preview }}
 {% else %}
@@ -23,10 +23,10 @@ env LANG=en_US.UTF-8
 env DJANGO_SETTINGS_MODULE=lms.envs.aws
 env SERVICE_VARIANT="lms-preview"
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 setuid www-data
-exec {{venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} lms.wsgi
+exec {{edxapp_venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} lms.wsgi
 post-start script
  while true

--- a/playbooks/roles/edxapp/templates/lms.conf.j2
+++ b/playbooks/roles/edxapp/templates/lms.conf.j2
@@ -8,7 +8,7 @@ respawn limit 3 30
 env PID=/var/tmp/lms.pid
 #env NEW_RELIC_CONFIG_FILE={{app_dir}}/newrelic.ini
-#env NEWRELIC={{venv_dir}}/bin/newrelic-admin
+#env NEWRELIC={{edxapp_venv_dir}}/bin/newrelic-admin
 {% if ansible_processor|length > 0 %}
 env WORKERS={{ ansible_processor|length * worker_core_mult.lms }}
 {% else %}
@@ -20,10 +20,10 @@ env LANG=en_US.UTF-8
 env DJANGO_SETTINGS_MODULE={{ edxapp_lms_env }}
 env SERVICE_VARIANT="lms"
-chdir {{edx_platform_code_dir}}
+chdir {{edxapp_code_dir}}
 setuid www-data
-exec {{venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edx_platform_code_dir}} lms.wsgi
+exec {{edxapp_venv_dir}}/bin/gunicorn --preload -b $ADDRESS:$PORT -w $WORKERS --timeout=300 --pythonpath={{edxapp_code_dir}} lms.wsgi
 post-start script
  while true

--- a/playbooks/roles/edxapp/templates/rbenv.sh.j2
+++ b/playbooks/roles/edxapp/templates/rbenv.sh.j2
-export RBENV_ROOT="{{ rbenv_root }}"
-export GEM_HOME="{{ gem_home }}"
-export PATH="{{ gem_home }}/bin:$PATH"
-eval "$(rbenv init -)"
--- a/playbooks/roles/rbenv/defaults/main.yml
+++ b/playbooks/roles/rbenv/defaults/main.yml
@@ -2,3 +2,4 @@
 rbenv_version: 'v0.4.0'
 rbenv_bundler_version: '1.3.2'
+rbenv_root: "{{ rbenv_user_home }}/.rbenv"
--- a/playbooks/roles/rbenv/tasks/main.yml
+++ b/playbooks/roles/rbenv/tasks/main.yml