staticfiles changes

playbooks/roles/nginx/templates/edx/app/nginx/sites-available/pipeline.j2

-#
-# {{ ansible_managed }}
-#
-
-# Author: Muhammad Ammar
-
-{% if "video_pipeline" in nginx_default_sites %}
-  {% set default_site = "default_server" %}
-{% else %}
-  {% set default_site = "" %}
-{% endif %}
-
-upstream video_pipeline_app_server {
-{% for host in NGINX_VIDEO_PIPELINE_GUNICORN_HOSTS %}
-    server {{ host }}:{{ video_pipeline_gunicorn_port }} fail_timeout=0;
-{% endfor %}
-}
-
-server {
-  server_name {{ VIDEO_PIPELINE_HOSTNAME }};
-
-  {% if NGINX_ENABLE_SSL %}
-
-  listen {{ VIDEO_PIPELINE_NGINX_PORT }} {{ default_site }};
-  listen {{ VIDEO_PIPELINE_SSL_NGINX_PORT }} ssl;
-
-  {% include "common-settings.j2" %}
-
-  ssl_certificate /etc/ssl/certs/{{ NGINX_SSL_CERTIFICATE|basename }};
-  ssl_certificate_key /etc/ssl/private/{{ NGINX_SSL_KEY|basename }};
-  # request the browser to use SSL for all connections
-  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
-
-  {% else %}
-  listen {{ VIDEO_PIPELINE_NGINX_PORT }} {{ default_site }};
-  {% endif %}
-
-  # Prevent invalid display courseware in IE 10+ with high privacy settings
-  add_header P3P '{{ NGINX_P3P_MESSAGE }}';
-
-  location ~ ^/static/(?P<file>.*) {
-    root {{ COMMON_DATA_DIR }}/{{ video_pipeline_service_name }};
-    try_files /staticfiles/$file =404;
-  }
-
-  location / {
-    try_files $uri @proxy_to_app;
-  }
-
-  {% include "robots.j2" %}
-
-location @proxy_to_app {
-    {% if NGINX_SET_X_FORWARDED_HEADERS %}
-    proxy_set_header X-Forwarded-Proto $scheme;
-    proxy_set_header X-Forwarded-Port $server_port;
-    proxy_set_header X-Forwarded-For $remote_addr;
-    {% else %}
-    proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
-    proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
-    proxy_set_header X-Forwarded-For $http_x_forwarded_for;
-    {% endif %}
-
-    # newrelic-specific header records the time when nginx handles a request.
-    proxy_set_header X-Queue-Start "t=${msec}";
-
-    proxy_set_header Host $http_host;
-
-    proxy_redirect off;
-    proxy_pass http://video_pipeline_app_server;
-  }
-  # Nginx does not support nested condition or or conditions so
-  # there is an unfortunate mix of conditonals here.
-  {% if NGINX_REDIRECT_TO_HTTPS %}
-     {% if NGINX_HTTPS_REDIRECT_STRATEGY == "scheme" %}
-  # Redirect http to https over single instance
-  if ($scheme != "https")
-  {
-   set $do_redirect_to_https "true";
-  }
-
-    {% elif NGINX_HTTPS_REDIRECT_STRATEGY == "forward_for_proto" %}
-
-  # Forward to HTTPS if we're an HTTP request... and the server is behind ELB
-  if ($http_x_forwarded_proto = "http")
-  {
-   set $do_redirect_to_https "true";
-  }
-     {% endif %}
-
-  # Execute the actual redirect
-  if ($do_redirect_to_https = "true")
-  {
-  return 301 https://$host$request_uri;
-  }
-  {% endif %}
-}

playbooks/roles/video_pipeline/defaults/main.yml

@@ -88,6 +88,10 @@ VIDEO_PIPELINE_EXTRA_APPS: []
 # See edx_django_service_automated_users for an example of what this should be
 VIDEO_PIPELINE_AUTOMATED_USERS: {}
 
+# static files settings
+VIDEO_PIPELINE_DATA_DIR: '{{ COMMON_DATA_DIR }}/{{ video_pipeline_service_name }}'
+VIDEO_PIPELINE_STATIC_ROOT: '{{ VIDEO_PIPELINE_DATA_DIR }}/staticfiles'
+
 # instance_config.yaml variable overrides
 
 VIDEO_PIPELINE_EDX_CLOUDFRONT_PREFIX: "SET-ME-PLEASE"

playbooks/roles/video_pipeline/templates/instance_config.yaml.j2

@@ -18,6 +18,9 @@ django_secret_key: '{{ VIDEO_PIPELINE_SECRET_KEY }}'
 # (set to false in prod)
 debug: false
 
+# django staticfile settings
+STATIC_ROOT_PATH: '{{ VIDEO_PIPELINE_STATIC_ROOT }}'
+
 # ---
 # AWS Buckets, Prefixes
 # ---