Make mitx git checkout to /opt/wwc work

* create_users creates an 'edx' group * create_users task edited to put all admin users in adm and edx groups, * create_users assigns all users a shell * lms installs ssh keys for mitx checkout, creates target dir in /opt/wwc, and checks out the mitx source

Make mitx git checkout to /opt/wwc work
* create_users creates an 'edx' group * create_users task edited to put all admin users in adm and edx groups, * create_users assigns all users a shell * lms installs ssh keys for mitx checkout, creates target dir in /opt/wwc, and checks out the mitx source
901de639 · Joe Blaylock · 0fec6229 · 901de639 · 901de639 · 901de639
Commit 901de639 authored Apr 25, 2013 by Joe Blaylock
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 4 deletions

playbooks/roles/common/tasks/create_users.yml
+5 -2

playbooks/roles/lms/tasks/main.yml
+23 -2

playbooks/vars/secure/users.yml
+2 -0

No files found.
--- a/playbooks/roles/common/tasks/create_users.yml
+++ b/playbooks/roles/common/tasks/create_users.yml
 ---
+- name: Create 'edx' users group
+  group: name=edx state=present
+  sudo: True
 - name: Creating admin users
-  user: name={{ item.user }} groups={{ ",".join(item.groups) }}
+  user: name={{ item.user }} append=yes groups={{ "adm,edx,"+",".join(item.groups) }} shell=/bin/bash
  sudo: True
  with_items: admin_users
 - name: Copying ssh keys for admin users
@@ -8,7 +11,7 @@
  sudo: True
  with_items: admin_keys
 - name: Creating env users
-  user: name={{ item.user }} groups={{ ",".join(item.groups) }}
+  user: name={{ item.user }} groups={{ ",".join(item.groups) }} shell=/bin/bash
  sudo: True
  with_items: env_users
 - name: Copying ssh keys for env users

--- a/playbooks/roles/lms/tasks/main.yml
+++ b/playbooks/roles/lms/tasks/main.yml
@@ -3,10 +3,31 @@
 #  - nginx/tasks/main.yml
 ---
 - name: create lms application config
-  template: src=env.json.j2 dest=/opt/wwc/lms.env.json
+  template: src=env.json.j2 dest=/opt/wwc/lms-env.json
  sudo: True
 - name: create lms auth file
-  template: src=auth.json.j2 dest=/opt/wwc/lms.auth.json
+  template: src=auth.json.j2 dest=/opt/wwc/lms-auth.json
  sudo: True
 - include: ../../nginx/tasks/nginx_site.yml state=link site_name=lms
 - include: ../../nginx/tasks/nginx_site.yml state=link site_name=lms-backend
+# Install ssh keys for ubuntu account to be able to check out from mitx
+- name: install read-only ssh key for mitx repo (private)
+  copy: src=secure/mitx_readonly_key dest=/home/ubuntu/.ssh/id_rsa force=yes owner=ubuntu group=ubuntu mode=600
+- name: install read-only ssh key for mitx repo (public)
+  copy: src=secure/mitx_readonly_key.pub dest=/home/ubuntu/.ssh/id_rsa.pub force=yes owner=ubuntu group=ubuntu mode=644
+- name: install read-only ssh key for mitx repo (host github known)
+  copy: src=secure/known_hosts dest=/home/ubuntu/.ssh/known_hosts force=yes owner=ubuntu group=ubuntu mode=600
+# Check out mitx repo to /opt/wwc
+- name: set permissions on /opt/wwc sgid for edx
+  file: path=/opt/wwc owner=root group=edx mode=2775 state=directory
+  file: path=/opt/wwc/mitx owner=ubuntu group=edx mode=2775 state=directory
+  sudo: True
+- name: install git and its recommends
+  apt: pkg=git state=installed install_recommends=yes 
+  sudo: True
+- name: git checkout mitx repo into /opt/wwc
+  git: dest=/opt/wwc/mitx repo=git@github.com:MITx/mitx.git
--- a/playbooks/vars/secure/users.yml
+++ b/playbooks/vars/secure/users.yml
 # administrator accounts, added to all roles
+# The create_users role task automatically adds all these users to the 
+# 'adm' and 'edx' system groups
 admin_users:
 - user: joe
  email: joe@example.com