- name: Writing supervisor script
template:
src: xserver.conf.j2
dest: "{{ supervisor_available_dir }}/xserver.conf"
owner: "{{ supervisor_user }}"
group: "{{ common_web_user }}"
mode: "0644"
- name: Enable supervisor script
file:
src: "{{ supervisor_available_dir }}/xserver.conf"
dest: "{{ supervisor_cfg_dir }}/xserver.conf"
owner: "{{ supervisor_user }}"
group: "{{ common_web_user }}"
mode: "0644"
state: link
force: yes
when: not disable_edx_services
- name: Add gunicorn configuration file
template:
src: xserver_gunicorn.py.j2
dest: "{{ xserver_app_dir }}/xserver_gunicorn.py"
owner: "{{ supervisor_user }}"
group: "{{ common_web_user }}"
mode: "0644"
notify:
- restart xserver
- name: Checkout code
git:
dest: "{{ xserver_code_dir }}"
repo: "{{ xserver_source_repo }}"
version: "{{xserver_version}}"
accept_hostkey: yes
become_user: "{{ xserver_user }}"
register: xserver_checkout
notify:
- restart xserver
- name: Install requirements
pip:
requirements: "{{ xserver_requirements_file }}"
virtualenv: "{{ xserver_venv_dir }}"
state: present
extra_args: "-i {{ COMMON_PYPI_MIRROR_URL }}"
become_user: "{{ xserver_user }}"
notify:
- restart xserver
- name: Install sandbox requirements
pip:
requirements: "{{ xserver_requirements_file }}"
virtualenv: "{{ xserver_venv_sandbox_dir }}"
state: present
extra_args: "-i {{ COMMON_PYPI_MIRROR_URL }}"
become_user: "{{ xserver_user }}"
notify:
- restart xserver
- name: Create xserver application config
template:
src: xserver.env.json.j2
dest: "{{ xserver_app_dir }}/env.json"
become_user: "{{ xserver_user }}"
notify:
- restart xserver
- name: Install read-only ssh key for the content repo that is required for grading
copy:
content: "{{ XSERVER_GIT_IDENTITY }}"
dest: "{{ xserver_git_identity }}"
owner: "{{ xserver_user }}"
group: "{{ xserver_user }}"
mode: "0600"
notify:
- restart xserver
- name: Upload ssh script
template:
src: git_ssh.sh.j2
dest: "/tmp/git_ssh.sh"
owner: "{{ xserver_user }}"
mode: "0750"
notify:
- restart xserver
- name: Checkout grader code
git:
dest: "{{ XSERVER_GRADER_DIR }}"
repo: "{{ XSERVER_GRADER_SOURCE }}"
version: "{{ xserver_grader_version }}"
accept_hostkey: yes
environment:
GIT_SSH: "/tmp/git_ssh.sh"
notify:
- restart xserver
register: xserver_grader_checkout
become_user: "{{ xserver_user }}"
- name: Remove read-only ssh key for the content repo
file:
path: "{{ xserver_git_identity }}"
state: absent
notify:
- restart xserver
# call supervisorctl update. this reloads
# the supervisorctl config and restarts
# the services if any of the configurations
# have changed.
#
- name: Update supervisor configuration
shell: "{{ supervisor_ctl }} -c {{ supervisor_cfg }} update"
register: supervisor_update
changed_when: supervisor_update.stdout is defined and supervisor_update.stdout != ""
when: not disable_edx_services
- name: Ensure xserver is started
supervisorctl:
name: xserver
supervisorctl_path: "{{ supervisor_ctl }}"
config: "{{ supervisor_cfg }}"
state: started
when: not disable_edx_services
- name: Create a symlink for venv python
file:
src: "{{ xserver_venv_bin }}/{{ item }}"
dest: "{{ COMMON_BIN_DIR }}/{{ item }}.xserver"
state: link
with_items:
- python
- pip
- name: Enforce app-armor rules
command: "aa-enforce {{ xserver_venv_sandbox_dir }}"
- include: ec2.yml
when: COMMON_TAG_EC2_INSTANCE
tags:
- deploy