Merge pull request #321 from edx/e0d/merge-problem

E0d/merge problem

playbooks/roles/analytics/defaults/main.yml

+---
+#
+# edX Configuration
+#
+# github:     https://github.com/edx/configuration
+# wiki:       https://github.com/edx/configuration/wiki
+# code style: https://github.com/edx/configuration/wiki/Ansible-Coding-Conventions
+# license:    https://github.com/edx/configuration/blob/master/LICENSE.TXT
+#
+#
+# Vars for role analytics
+# vars are namespace with the module name.
+#
+
+ANALYTICS_DB_ANALYTICS_PASSWORD: 'CHANGEME!'
+ANALYTICS_DB_ANALYTICS_USER: 'analytics001'
+ANALYTICS_DB_ANALYTICS_HOST: 'localhost'
+ANALYTICS_SERVER_PORT: '9000'
+ANALYTICS_ENV_LANG: 'en_US.UTF-8'
+ANALYTICS_LOG_LEVEL: 'INFO'
+ANALYTICS_WORKERS: '4'
+
+DATABASES:
+  default: &databases_default
+    ENGINE: 'django.db.backends.mysql'
+    NAME: 'wwc'
+    USER: 'analytics001'
+    PASSWORD: 'CHANGEME!'
+    HOST: 'CHANGEME'
+    PORT: 3306
+
+analytics_auth_config:
+  DATABASES:
+    analytics:
+      <<: *databases_default
+      USER: $ANALYTICS_DB_ANALYTICS_USER
+      PASSWORD: $ANALYTICS_DB_ANALYTICS_PASSWORD
+      HOST: $ANALYTICS_DB_ANALYTICS_HOST
+  ANALYTICS_API_KEY: $ANALYTICS_API_KEY
+  ANALYTICS_RESULTS_DB:
+    MONGO_URI: $ANALYTICS_DB_RESULTS_URL
+    MONGO_DB: $ANALYTICS_DB_RESULTS_DB
+    MONGO_STORED_QUERIES_COLLECTION: $ANALYTICS_DB_RESULTS_COLLECTION
+
+analytics_role_name: "analytics"
+analytics_user: "analytics" 
+analytics_home: "/opt/wwc/analytics"
+analytics_venv_dir: "{{ analytics_home }}/virtualenvs/analytics"
+analytics_source_repo: "git@github.com:edx/analytics-server.git"
+analytics_code_dir: "{{ analytics_home }}/src"
+analytics_version: "master"
+analytics_git_identity_path: "{{ secure_dir }}/files/git-identity"
+analytics_git_identity_dest: "/etc/{{ analytics_role_name }}.git-identity"
+analytics_git_ssh: "/tmp/{{ analytics_role_name }}.git_ssh.sh"
+analytics_requirements_file: "{{ analytics_code_dir }}/requirements.txt"
+analytics_rsyslog_enabled: "yes"
+analytics_web_user: "www-data"
+analytics_env: "analytics_env"
+analytics_service_variant: 'analytics'
+analytics_django_settings: 'anserv.settings'
+
+analytics_env_vars:
+  ANALYTICS_LOG_LEVEL: "{{ ANALYTICS_LOG_LEVEL }}"
+
+#
+# Used by the included role, automated.
+# See meta/main.yml
+#
+analytics_automated_rbash_links:
+  - /usr/bin/sudo
+  - /usr/bin/scp
+
+#
+# OS packages
+#
+
+analytics_debian_pkgs:
+  - mongodb-clients
+  - zip
+  - libmysqlclient-dev
+
+analytics_redhat_pkgs:
+  - zip
+  - community-mysql-libs
+
+#
+# Installed via pip to get the IAM role feature.
+#
+analytics_pip_pkgs:
+  - git+https://github.com/s3tools/s3cmd.git#egg=s3cmd
\ No newline at end of file

playbooks/roles/analytics/handlers/main.yml

+---
+#
+# edX Configuration
+#
+# github:     https://github.com/edx/configuration
+# wiki:       https://github.com/edx/configuration/wiki
+# code style: https://github.com/edx/configuration/wiki/Ansible-Coding-Conventions
+# license:    https://github.com/edx/configuration/blob/master/LICENSE.TXT
+#
+#
+#
+# Handlers for role analytics
+# 
+# Overview:
+# 
+#
+
+- name: analytics | stop the analytics service
+  service: name=analytics state=stopped
+
+- name: analytics | start the analytics service
+  service: name=analytics state=started

playbooks/roles/analytics/tasks/deploy.yml

+#
+# TODO: Needed while this repo is private
+#
+- name: analytics | upload ssh script
+  template: 
+    src=tmp/{{ analytics_role_name }}.git_ssh.sh.j2 dest={{ analytics_git_ssh }}
+    force=yes owner=root group=adm mode=750
+  tags:
+  - analytics
+  - deploy
+  - install
+  - update
+
+#
+# TODO: Needed while this repo is private
+#
+- name: analytics | install read-only ssh key required for checkout
+  copy: 
+    src={{ analytics_git_identity_path }} dest={{ analytics_git_identity_dest }}
+    force=yes owner=ubuntu group=adm mode=0600
+  tags:
+  - analytics
+  - deploy
+  - install
+  - update
+
+- name: analytics | checkout code
+  git: 
+    dest={{ analytics_code_dir }} repo={{ analytics_source_repo }} 
+    version={{ analytics_version }} force=true
+  environment:
+    GIT_SSH: $analytics_git_ssh
+    notify: analytics | restart the analytics service
+  notify: analytics | start the analytics service
+  tags:
+    - analytics
+    - deploy
+    - install
+    - update
+
+#
+# TODO: Needed while this repo is private
+#
+- name: analytics | update src permissions
+  file: 
+    path={{ analytics_code_dir }} state=directory owner={{ analytics_user }} 
+    group={{ analytics_web_user }} mode=2750 recurse=yes
+  tags:
+  - analytics
+  - deploy
+  - install
+  - update
+
+#
+# TODO: Needed while this repo is private
+#
+- name: analytics | remove read-only ssh key for the content repo
+  file: path={{ analytics_git_identity_dest }} state=absent
+  tags:
+  - analytics
+  - deploy
+  - install
+  - update
+
+#
+# TODO: Needed while this repo is private
+#
+- name: analytics | remove ssh script
+  file: path={{ analytics_git_ssh }} state=absent
+  tags:
+  - analytics
+  - deploy
+  - install
+  - update
+
+- name: analytics | install application requirements
+  pip: 
+    requirements={{ analytics_requirements_file }}
+    virtualenv={{ analytics_venv_dir }} state=present
+  sudo: true  
+  sudo_user: "{{ analytics_user }}"
+  notify: analytics | start the analytics service  
+  tags:
+  - analytics
+  - deploy
+  - install
+  - update

playbooks/roles/analytics/templates/etc/init/analytics.conf.j2

+# {{ ansible_managed }}
+
+description "Analytics gunicorn"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+respawn
+respawn limit 3 30
+
+env SERVICE_VARIANT={{ analytics_service_variant }}
+env PID=/var/tmp/analytics.pid
+env WORKERS={{ ANALYTICS_WORKERS }}
+env PORT={{ ANALYTICS_SERVER_PORT }}
+env LANG={{ ANALYTICS_ENV_LANG }}
+env DJANGO_SETTINGS_MODULE={{ analytics_django_settings }}
+
+chdir {{ analytics_code_dir }}
+setuid {{ analytics_web_user }}
+
+exec {{ analytics_venv_dir }}/bin/gunicorn -b 0.0.0.0:$PORT -w $WORKERS --pythonpath={{ analytics_code_dir }}/anserv anserv.wsgi

playbooks/roles/analytics/templates/opt/wwc/analytics.auth.json.j2

+{{ analytics_auth_config | to_nice_json }}

playbooks/roles/analytics/templates/opt/wwc/analytics/analytics_env.j2

+# {{ ansible_managed }}
+
+{% for name,value in analytics_env_vars.items() %}
+{% if value %}
+export {{ name }}="{{ value }}"
+{% endif %}		 
+{% endfor %}

playbooks/roles/analytics/templates/tmp/analytics.git_ssh.sh.j2

+#!/bin/sh
+exec /usr/bin/ssh -o StrictHostKeyChecking=no -i {{ analytics_git_identity_dest }} "$@"

playbooks/roles/automated/defaults/main.yml

@@ -18,7 +18,10 @@ automated_role_name: automated
 automated_user: "automator"
 automated_home: "/home/automator"
 automated_rbash_links: !!null
-#
+automated_sudoers_template: !!null
+automated_sudoers_file: !!null
+  
+  #
 # OS packages
 #
 

playbooks/roles/automated/tasks/main.yml

@@ -68,10 +68,10 @@
 
 - name: automated | create sudoers file from file
   copy:
-    dest=/etc/sudoers.d/{{ automated_sudoers_file.split('/').pop() }}
+    dest=/etc/sudoers.d/{{ automated_sudoers_dest }}
     src={{ automated_sudoers_file }} owner="root"
     group="root" mode=0440 validate='visudo -cf %s'
-  when: automated_sudoers_file is defined
+  when: automated_sudoers_file
   tags:
   - automated
   - install
@@ -79,10 +79,10 @@
 
 - name: automated | create sudoers file from template
   template:
-    dest=/etc/sudoers.d/{{ automated_sudoers_file.split('/').pop() }}
+    dest=/etc/sudoers.d/{{ automated_sudoers_dest }}
     src={{ automated_sudoers_template }} owner="root"
     group="root" mode=0440 validate='visudo -cf %s'
-  when: automated_sudoers_template is defined
+  when: automated_sudoers_template
   tags:
   - automated
   - install