Commit e5189d62 by Joe Blaylock

Stanford incremental updates

* Making newly merged release branch get closer to working
parent b0051518
../ansible.cfg
\ No newline at end of file
../ansible.cfg
\ No newline at end of file
#- hosts: tag_environment_stage:&tag_function_webserver
- hosts: ~tag_Name_app10_stage
#- hosts: ~tag_Name_app10_stage
- hosts: ~tag_Name_app1_stage
sudo: True
vars_prompt:
- name: "migrate_db"
......
# this gets all running stage util machines
- hosts: tag_environment_stage:&tag_function_util
# or we can get subsets of them by name
#- hosts: ~tag_Name_util(1|2)_stage
- name: Basic util setup on all hosts
#- hosts: tag_environment_stage:&tag_function_util
hosts: ~tag_Name_util1_stage
sudo: True
gather_facts: True
vars:
# this indicates the path to site-specific (with precedence)
# things like nginx template files
secure_dir: ../../../edx-secret/ansible
local_dir: "{{secure_dir}}/local"
migrate_db: "no"
......@@ -17,39 +15,41 @@
roles:
- common
- supervisor
- { role: 'edxapp', celery_worker: True }
- role: 'edxapp'
celery_worker: True
tags: celery
- role: xqueue
tags: xqueue
- datadog
#- splunkforwarder
# run the notifier on the first util machine only
- hosts: ~tag_Name_util10_stage
- name: Deploy certs, notifier only to first util machine
hosts: ~tag_Name_util1_stage
sudo: True
gather_facts: True
vars:
secure_dir: '../../../configuration-secure/ansible'
local_dir: "{{secure_dir}}/local"
migrate_db: "no"
vars_files:
- "{{ secure_dir }}/vars/edxapp_stage_vars.yml"
- "{{ secure_dir }}/vars/notifier_stage_vars.yml"
roles:
- role: virtualenv
virtualenv_user: "notifier"
virtualenv_user_home: "/opt/wwc/notifier"
virtualenv_name: "notifier"
- certs
- notifier
# run the certificate agent on the first util machine only
- hosts: ~tag_Name_util10_stage
sudo: True
vars:
secure_dir: '../../../configuration-secure/ansible'
migrate_db: "no"
vars_files:
- "{{ secure_dir }}/vars/edxapp_stage_vars.yml"
- "{{ secure_dir }}/vars/certifier_stage_vars.yml"
roles:
- common
- role: virtualenv
virtualenv_user: "certifier"
virtualenv_name: "certifier"
virtualenv_user_home: "/opt/wwc/certifier"
- certificates
#- name: Deploy certs to first util machine
# hosts: ~tag_Name_util1_stage
# sudo: True
# vars:
# secure_dir: '../../../configuration-secure/ansible'
# migrate_db: "no"
# vars_files:
# - "{{ secure_dir }}/vars/edxapp_stage_vars.yml"
# - "{{ secure_dir }}/vars/certifier_stage_vars.yml"
# roles:
# - common
# - role: virtualenv
# virtualenv_user: "certifier"
# virtualenv_name: "certifier"
# virtualenv_user_home: "/opt/wwc/certifier"
# - certificates
......@@ -183,8 +183,7 @@
- "{{ sandbox_base_requirements }}"
- "{{ sandbox_local_requirements }}"
- "{{ sandbox_post_requirements }}"
#when: not EDXAPP_PYTHON_SANDBOX
when: install_sandbox_reqs_into_regular_venv
when: not EDXAPP_PYTHON_SANDBOX
sudo_user: "{{ edxapp_user }}"
when: not inst.stat.exists or new.stat.md5 != inst.stat.md5
notify:
......@@ -206,7 +205,7 @@
- name: Install sandbox requirements into sandbox venv
shell: >
cd {{ edx_platform_code_dir }} &&
cd {{ edxapp_app_dir }} &&
{{ EDXAPP_SANDBOX_VENV_DIR }}/bin/pip install -i {{ PYPI_MIRROR_URL }} --exists-action w --use-mirrors
--upgrade --no-deps -r {{ item }}
with_items:
......
......@@ -13,6 +13,7 @@
user: >
name="{{ edxapp_user }}" home="{{ edxapp_app_dir }}"
createhome=no shell=/bin/false
ignore_errors: True
notify:
- "edxapp | restart edxapp"
- "edxapp | restart edxapp_workers"
......@@ -143,8 +144,6 @@
tags:
- edxapp-sandbox
- include: npm.yml
- include: ruby.yml
- include: deploy.yml
- name: edxapp | create a symlink for venv python
......
......@@ -4,7 +4,7 @@
#include <abstractions/base>
{{ EDXAPP_SANDBOX_VENV_DIR }}/** mr,
{{ edx_platform_code_dir }}/common/lib/sandbox-packages/** r,
{{ edxapp_code_dir }}/common/lib/sandbox-packages/** r,
/tmp/codejail-*/ rix,
/tmp/codejail-*/** rix,
......@@ -25,4 +25,4 @@
#
/proc/*/mounts r,
}
\ No newline at end of file
}
......@@ -49,13 +49,7 @@
notify: nginx | reload nginx
- name: nginx | Copying nginx configs for {{ nginx_sites }}
<<<<<<< HEAD
template: src={{nginx_template_directory}}{{ item }}.j2 dest=/etc/nginx/sites-available/{{ item }} owner=root group=root mode=0600
=======
template: >
src={{ item }}.j2 dest={{ nginx_sites_available_dir }}/{{ item }}
owner=root group={{ common_web_user }} mode=0640
>>>>>>> origin/release
notify: nginx | reload nginx
with_items: nginx_sites
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment