Skip to content

C
configuration
Commit aaae8ec6 by John Jarvis
Options

Merge pull request #830 from edx/jarv/automator-updates 

Jarv/automator updates
parents b02f1abd fbba8fd4
Showing with 28 additions and 8 deletions
playbooks/roles/edx_ansible/tasks/deploy.yml
......@@ -29,3 +29,9 @@
src={{ edx_ansible_venv_bin }}/ansible-playbook
dest={{ COMMON_BIN_DIR }}/ansible-playbook
state=link
- name: create a symlink for the playbooks dir
file: >
src={{ edx_ansible_code_dir }}/playbooks
dest={{ COMMON_CFG_DIR }}/playbooks
state=link
playbooks/roles/edxapp/defaults/main.yml
......@@ -127,12 +127,18 @@ EDXAPP_SANDBOX_ENFORCE: true
# role.
EDXAPP_AUTOMATOR_NAME: automator
EDXAPP_AUTOMATOR_AUTHORIZED_KEYS: []
# These are the commands allowed by the automator role.
# The --settings parameter must be set at the end so that
# is caught by the glob.
# Example: sudo -u www-data /edx/bin/python.edxapp /edx/bin/manage.edxapp lms migrate --settings=aws
EDXAPP_AUTOMATOR_SUDO_CMDS:
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ edxapp_venv_dir }}/bin/django-admin.py migrate *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ edxapp_venv_dir }}/bin/django-admin.py seed_permissions_roles *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ edxapp_venv_dir }}/bin/django-admin.py set_staff *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ edxapp_venv_dir }}/bin/django-admin.py transfer_students *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp lms migrate *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp cms migrate *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp lms syncdb *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp cms syncdb *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp lms seed_permissions_roles *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp lms set_staff *"
- "ALL=({{ common_web_user }}) NOPASSWD:SETENV:{{ COMMON_BIN_DIR }}/python.edxapp {{ COMMON_BIN_DIR }}/manage.edxapp lms transfer_students *"
EDXAPP_USE_GIT_IDENTITY: false
# Example: "{{ secure_dir }}/files/git-identity"
......
playbooks/roles/edxapp/tasks/deploy.yml
......@@ -322,14 +322,22 @@
with_items: edxapp_workers
sudo_user: "{{ supervisor_service_user }}"
- name: create a symlink for venv python
- name: create symlinks from the venv bin dir
file: >
src="{{ edxapp_venv_bin }}/{{ item }}"
dest={{ COMMON_BIN_DIR }}/{{ item }}.edxapp
dest={{ COMMON_BIN_DIR }}/{{ item.split('.')[0] }}.edxapp
state=link
with_items:
- python
- pip
- django-admin.py
- name: create symlinks from the repo dir
file: >
src="{{ edxapp_code_dir }}/{{ item }}"
dest={{ COMMON_BIN_DIR }}/{{ item.split('.')[0] }}.edxapp
state=link
with_items:
- manage.py
- set_fact: edxapp_installed=true
playbooks/roles/user/tasks/main.yml
......@@ -154,7 +154,7 @@
- name: create sudoers file from template
template:
dest=/etc/sudoers.d/restricted.sudoers.conf
dest=/etc/sudoers.d/99-restricted
src=restricted.sudoers.conf.j2 owner="root"
group="root" mode=0440 validate='visudo -cf %s'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment